RC4-ADAssessment.psd1
|
# # Module manifest for module 'RC4-ADAssessment' # # Generated by: Jan Tiedemann # # Generated on: 3/27/2026 # @{ # Script module or binary module file associated with this manifest. RootModule = 'RC4-ADAssessment.psm1' # Version number of this module. ModuleVersion = '4.14.0' # Supported PSEditions # CompatiblePSEditions = @() # ID used to uniquely identify this module GUID = 'b8e7c5a2-3f1d-4e6b-9a0c-2d5f8e1b4c7a' # Author of this module Author = 'Jan Tiedemann' # Company or vendor of this module CompanyName = 'Community' # Copyright statement for this module Copyright = '(c) Jan Tiedemann. All rights reserved.' # Description of the functionality provided by this module Description = 'PowerShell toolkit for assessing DES and RC4 Kerberos encryption usage in Active Directory. Discovers RC4/DES dependencies across DC encryption, trusts, KRBTGT, service accounts, KDC registry, KDCSVC events, and Security event logs — with inline remediation commands and assessment comparison for tracking progress toward the July 2026 RC4 removal deadline.' # Minimum version of the PowerShell engine required by this module PowerShellVersion = '5.1' # Name of the PowerShell host required by this module # PowerShellHostName = '' # Minimum version of the PowerShell host required by this module # PowerShellHostVersion = '' # Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only. # DotNetFrameworkVersion = '' # Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only. # ClrVersion = '' # Processor architecture (None, X86, Amd64) required by this module # ProcessorArchitecture = '' # Modules that must be imported into the global environment prior to importing this module # RequiredModules = @() # Assemblies that must be loaded prior to importing this module # RequiredAssemblies = @() # Script files (.ps1) that are run in the caller's environment prior to importing this module. # ScriptsToProcess = @() # Type files (.ps1xml) to be loaded when importing this module # TypesToProcess = @() # Format files (.ps1xml) to be loaded when importing this module # FormatsToProcess = @() # Modules to import as nested modules of the module specified in RootModule/ModuleToProcess # NestedModules = @() # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. FunctionsToExport = @('Invoke-RC4Assessment','Invoke-RC4AssessmentComparison','Invoke-RC4ForestAssessment') # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() # Variables to export from this module # VariablesToExport = @() # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. AliasesToExport = @() # DSC resources to export from this module # DscResourcesToExport = @() # List of all modules packaged with this module # ModuleList = @() # List of all files packaged with this module # FileList = @() # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. PrivateData = @{ PSData = @{ Tags = @('ActiveDirectory', 'Kerberos', 'RC4', 'DES', 'AES', 'Encryption', 'Security', 'Assessment', 'Remediation') # A URL to the license for this module. LicenseUri = 'https://github.com/BetaHydri/RC4-ADAssessment/blob/main/LICENSE' # A URL to the main website for this project. ProjectUri = 'https://github.com/BetaHydri/RC4-ADAssessment' # A URL to an icon representing this module. # IconUri = '' ReleaseNotes = '## [4.14.0-preview0001] - 2026-04-27 ### Added - Context-aware `Get-EncryptionTypeString` with `-Context` parameter (`msds`, `ddset`, `gpo`) — same bitmask is now decoded differently per context (#30) - AES256-HMAC-SK (bit `0x20`) decoding in `Get-EncryptionTypeString` (#25) - Feature flag decoding (bits 16-19: FAST, Compound-Identity, Claims, Resource-SID-Compression) for `msds` context - Enforcement block detection (`TicketEncryptionType = 0xFFFFFFFF`) in `Get-TicketEncryptionType` and `Get-EventLogEncryptionAnalysis` with per-DC counter and affected-account tracking (#27) ### Changed - `Get-KdcRegistryAssessment` reads `RC4DefaultDisablementPhase` from the correct Policies registry path instead of `Services\Kdc` (#23) - `Get-AccountEncryptionAssessment` RODC group lookup uses well-known RID 521 instead of English display name — works on non-English DCs (#24) - `RC4DefaultDisablementPhase` assessment messages updated for post-April 2026 semantics: `not set` = implicit enforcement, Phase 0/1 = rollback states (#28) - Phase 1 description clarifies per-request KDCSVC event logging (#29) - GPO encryption type callers pass `-Context gpo`, DDSET callers pass `-Context ddset` for accurate bitmask decoding ### Fixed - `Get-EncryptionTypeString` no longer labels bit 31 as "Future" universally — "Future encryption types" at the GPO level is bits 5-30 (`0x7FFFFFE0`), not bit 31 (#30) - README/FAQ/QUICK_START: "No reboot required" corrected to "KDC restart required" for `RC4DefaultDisablementPhase` (#26) - README/FAQ: Phase value table updated — `not set` is now enforcement (not same as 0) after April 2026 CU (#28) - QUICK_START: Registry path in remediation snippet corrected to Policies path (#23) ' Prerelease = 'preview0001' # Flag to indicate whether the module requires explicit user acceptance for install/update/save # RequireLicenseAcceptance = $false # External dependent modules of this module # ExternalModuleDependencies = @() } # End of PSData hashtable } # End of PrivateData hashtable # HelpInfo URI of this module # HelpInfoURI = '' # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. # DefaultCommandPrefix = '' } |