Update common.vm for all affected packages

packages/adconnectdump.vm/adconnectdump.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>adconnectdump.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>fox-it</authors>
     <description>This toolkit offers several ways to extract and decrypt stored Azure AD and Active Directory credentials from Azure AD Connect servers.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/amcacheparser.vm/amcacheparser.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>amcacheparser.vm</id>
-    <version>1.5.1.20231208</version>
+    <version>1.5.1.20240411</version>
     <authors>Eric Zimmerman</authors>
     <description>Amcache.hve parser with lots of extra features. Handles locked files</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
       <dependency id="dotnet-6.vm" />
     </dependencies>
   </metadata>

packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>appcompatcacheparser.vm</id>
-    <version>1.5.0.20231208</version>
+    <version>1.5.0.20240411</version>
     <authors>Eric Zimmerman</authors>
     <description>AppCompatCache aka ShimCache parser. Handles locked files</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
       <dependency id="dotnet-6.vm" />
     </dependencies>
   </metadata>

packages/asreproast.vm/asreproast.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>asreproast.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>HarmJ0y</authors>
     <description>Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/azurehound.vm/azurehound.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>azurehound.vm</id>
-    <version>2.1.8</version>
+    <version>2.1.8.20240411</version>
     <authors>BloodHoundAD</authors>
     <description>AzureHound is the BloodHound data collector for Microsoft Azure.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/blobrunner.vm/blobrunner.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>blobrunner.vm</id>
-    <version>0.0.5.20240217</version>
+    <version>0.0.5.20240411</version>
     <authors>OALabs</authors>
     <description>BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/blobrunner64.vm/blobrunner64.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>blobrunner64.vm</id>
-    <version>0.0.5.20240217</version>
+    <version>0.0.5.20240411</version>
     <authors>OALabs</authors>
     <description>BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>bloodhound-custom-queries.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>hausec</authors>
     <description>Custom Query list for the Bloodhound GUI based off my cheatsheet</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/bloodhound.vm/bloodhound.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>bloodhound.vm</id>
-    <version>4.3.1.20230713</version>
+    <version>4.3.1.20240411</version>
     <description>BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.</description>
     <authors>Andrew Robbins, Rohan Vazarkar, Will Schroeder</authors>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/bstrings.vm/bstrings.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>bstrings.vm</id>
-    <version>1.5.2.20231208</version>
+    <version>1.5.2.20240411</version>
     <authors>Eric Zimmerman</authors>
     <description>Find them strings yo. Built in regex patterns. Handles locked files</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
       <dependency id="dotnet-6.vm" />
     </dependencies>
   </metadata>

packages/c3.vm/c3.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>c3.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>WithSecureLabs</authors>
     <description>C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It's a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/capa.vm/capa.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>capa.vm</id>
-    <version>7.0.1</version>
+    <version>7.0.1.20240411</version>
     <description>capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do.</description>
     <authors>@williballenthin, @mr-tz, @Ana06, @mike-hunhoff, @mwilliams31, @MalwareMechanic</authors>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/certify.vm/certify.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>certify.vm</id>
-    <version>1.1.0.20240323</version>
+    <version>1.1.0.20240411</version>
     <authors>HarmJ0y, leechristensen</authors>
     <description>Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS).</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/chainsaw.vm/chainsaw.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>chainsaw.vm</id>
-    <version>2.8.1</version>
+    <version>2.8.1.20240411</version>
     <authors>WithSecure Labs</authors>
     <description>Chainsaw provides a powerful 'first-response' capability to quickly identify threats within Windows forensic artefacts such as Event Logs and the MFT file.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/common.vm/common.vm.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>common.vm</id>
-    <version>0.0.0.20240410</version>
+    <version>0.0.0.20240411</version>
     <description>Common libraries for VM-packages</description>
     <authors>Mandiant</authors>
   </metadata>

packages/common.vm/tools/vm.common/vm.common.psm1

@@ -225,10 +225,11 @@ function VM-Install-Raw-GitHub-Repo {
     )
     try {
         if ($withoutBinFile) {
-            VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand
+            $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand)[0]
         } else {
-            VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand
+            $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand)[0]
         }
+        return $toolDir
     } catch {
         VM-Write-Log-Exception $_
     }
@@ -320,9 +321,10 @@ function VM-Install-Shortcut{
     }
 }
 
-# This functions returns $toolDir (outputed by Install-ChocolateyZipPackage) and $executablePath
+# This functions returns $toolDir and $executablePath
 function VM-Install-From-Zip {
     [CmdletBinding()]
+    [OutputType([System.Object[]])]
     Param
     (
         [Parameter(Mandatory=$true, Position=0)]
@@ -331,7 +333,7 @@ function VM-Install-From-Zip {
         [string] $category,
         [Parameter(Mandatory=$true, Position=2)]
         [string] $zipUrl,
-        [Parameter(Mandatory=$true, Position=3)]
+        [Parameter(Mandatory=$false, Position=3)]
         [string] $zipSha256,
         [Parameter(Mandatory=$false)]
         [string] $zipUrl_64,
@@ -397,7 +399,7 @@ function VM-Install-From-Zip {
             VM-Install-Shortcut -toolName $toolName -category $category -executablePath $executablePath -consoleApp $consoleApp -arguments $arguments
             Install-BinFile -Name $toolName -Path $executablePath
         }
-        return $executablePath
+        return ,@($toolDir, $executablePath)
     } catch {
         VM-Write-Log-Exception $_
     }

packages/covenant.vm/covenant.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>covenant.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>cobbr</authors>
     <description>Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/credninja.vm/credninja.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>credninja.vm</id>
-    <version>2.3.0.20240323</version>
+    <version>2.3.0.20240411</version>
     <authors>raikiasec</authors>
     <description>This tool will tell you if the credentials you dumped are valid on the domain, and if you have local administrator access to a host.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/cryptotester.vm/cryptotester.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>cryptotester.vm</id>
-    <version>1.7.1</version>
+    <version>1.7.1.20240411</version>
     <authors>Michael Gillespie (@demonslay335)</authors>
     <description>Utility tool for performing cryptanalysis with a focus on ransomware cryptography</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/cutter.vm/cutter.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>cutter.vm</id>
-    <version>2.3.4.20240305</version>
+    <version>2.3.4.20240411</version>
     <authors>Rizin</authors>
     <description>Cutter is a FOSS dissassembler/decompiler</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
       <dependency id="vcredist140.vm" />
     </dependencies>
   </metadata>

packages/de4dot-cex.vm/de4dot-cex.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>de4dot-cex.vm</id>
-    <version>4.0.0.20230526</version>
+    <version>4.0.0.20240411</version>
     <authors>ViRb3</authors>
     <description>A de4dot fork with full support for vanilla ConfuserEx</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/dex2jar.vm/dex2jar.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>dex2jar.vm</id>
-    <version>2.3.0.20231025</version>
+    <version>2.3.0.20240411</version>
     <authors>@pxb1988</authors>
     <description>Tools to work with android .dex and java .class files.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
       <dependency id="openjdk.vm" />
     </dependencies>
   </metadata>

packages/die.vm/die.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>die.vm</id>
-    <version>3.07.20240217</version>
+    <version>3.07.0.20240411</version>
     <authors>Hellsp@wn, horsicq</authors>
     <description>Detect It Easy, or abbreviated "DIE" is a program for determining types of files.</description>
     <dependencies>
-      <dependency id="common.vm" version="0.0.0.20230925" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/dnspyex.vm/dnspyex.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>dnspyex.vm</id>
-    <version>6.5.0</version>
+    <version>6.5.0.20240411</version>
     <authors>0xd4d, ElektroKill</authors>
     <description>dnSpyEx is a unofficial continuation of the dnSpy project which is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/dotdumper.vm/dotdumper.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>dotdumper.vm</id>
-    <version>1.1</version>
+    <version>1.1.0.20240411</version>
     <authors>ThisIsLibra</authors>
     <description>An automatic unpacker and logger for DotNet Framework targeting files</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>

packages/dotnettojscript.vm/dotnettojscript.vm.nuspec

@@ -2,11 +2,11 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>dotnettojscript.vm</id>
-    <version>0.0.0.20240323</version>
+    <version>0.0.0.20240411</version>
     <authors>James Forshaw</authors>
     <description>A tool to generate a JScript which bootstraps an arbitrary .NET Assembly and class.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20240411" />
     </dependencies>
   </metadata>
 </package>