mimikatz/inc/globals.h

/*	Benjamin DELPY `gentilkiwi`
	http://blog.gentilkiwi.com
	benjamin@gentilkiwi.com
	Licence : https://creativecommons.org/licenses/by/4.0/
*/
#pragma once
#include <ntstatus.h>
#define WIN32_NO_STATUS
#define SECURITY_WIN32
#define CINTERFACE
#define COBJMACROS
#include <windows.h>
#include <sspi.h>
#include <sddl.h>
#include <wincred.h>
#include <ntsecapi.h>
#include <ntsecpkg.h>
#include <stdio.h>
#include <wchar.h>
#include "../modules/kull_m_output.h"
//#define KERBEROS_TOOLS
//#define SERVICE_INCONTROL
#define NET_MODULE
#define SQLITE3_OMIT
#if defined(_M_ARM64)
	#define MIMIKATZ_ARCH L"arm64"
#elif defined(_M_X64)
	#define MIMIKATZ_ARCH L"x64"
#elif defined(_M_IX86)
	#define MIMIKATZ_ARCH L"x86"
#endif

#define MIMIKATZ				L"mimikatz"
#define MIMIKATZ_VERSION		L"2.2.0"
#define MIMIKATZ_CODENAME		L"A La Vie, A L\'Amour"
#define MIMIKATZ_MAX_WINBUILD	L"17763"
#define MIMIKATZ_FULL			MIMIKATZ L" " MIMIKATZ_VERSION L" (" MIMIKATZ_ARCH L") #" MIMIKATZ_MAX_WINBUILD L" " TEXT(__DATE__) L" " TEXT(__TIME__)
#define MIMIKATZ_SECOND			L"\"" MIMIKATZ_CODENAME L"\""
#define MIMIKATZ_DEFAULT_LOG	MIMIKATZ L".log"
#define MIMIKATZ_DRIVER			L"mimidrv"
#define MIMIKATZ_KERBEROS_EXT	L"kirbi"
#define MIMIKATZ_SERVICE		MIMIKATZ L"svc"

#if defined(_WINDLL)
	#define MIMIKATZ_AUTO_COMMAND_START		0
#else
	#define MIMIKATZ_AUTO_COMMAND_START		1
#endif

#if defined(_POWERKATZ)
	#define MIMIKATZ_AUTO_COMMAND_STRING	L"powershell"
#else
	#define MIMIKATZ_AUTO_COMMAND_STRING	L"commandline"
#endif

#if !defined(NT_SUCCESS)
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
#endif

#if !defined(PRINT_ERROR)
#define PRINT_ERROR(...) (kprintf(L"ERROR " TEXT(__FUNCTION__) L" ; " __VA_ARGS__))
#endif

#if !defined(PRINT_ERROR_AUTO)
#define PRINT_ERROR_AUTO(func) (kprintf(L"ERROR " TEXT(__FUNCTION__) L" ; " func L" (0x%08x)\n", GetLastError()))
#endif

#if !defined(W00T)
#define W00T(...) (kprintf(TEXT(__FUNCTION__) L" w00t! ; " __VA_ARGS__))
#endif

DWORD MIMIKATZ_NT_MAJOR_VERSION, MIMIKATZ_NT_MINOR_VERSION, MIMIKATZ_NT_BUILD_NUMBER;

#if !defined(MS_ENH_RSA_AES_PROV_XP)
#define MS_ENH_RSA_AES_PROV_XP	L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
#endif

#if !defined(SCARD_PROVIDER_CARD_MODULE)
#define SCARD_PROVIDER_CARD_MODULE 0x80000001
#endif

#define RtlEqualGuid(L1, L2) (RtlEqualMemory(L1, L2, sizeof(GUID)))

#define SIZE_ALIGN(size, alignment)	(size + ((size % alignment) ? (alignment - (size % alignment)) : 0))
#define KIWI_NEVERTIME(filetime)	(*(PLONGLONG) filetime = MAXLONGLONG)

#define LM_NTLM_HASH_LENGTH	16

#define KULL_M_WIN_BUILD_XP		2600
#define KULL_M_WIN_BUILD_2K3	3790
#define KULL_M_WIN_BUILD_VISTA	6000
#define KULL_M_WIN_BUILD_7		7600
#define KULL_M_WIN_BUILD_8		9200
#define KULL_M_WIN_BUILD_BLUE	9600
#define KULL_M_WIN_BUILD_10_1507	10240
#define KULL_M_WIN_BUILD_10_1511	10586
#define KULL_M_WIN_BUILD_10_1607	14393
#define KULL_M_WIN_BUILD_10_1703	15063
#define KULL_M_WIN_BUILD_10_1709	16299
#define KULL_M_WIN_BUILD_10_1803	17134
#define KULL_M_WIN_BUILD_10_1809	17763


#define KULL_M_WIN_MIN_BUILD_XP		2500
#define KULL_M_WIN_MIN_BUILD_2K3	3000
#define KULL_M_WIN_MIN_BUILD_VISTA	5000
#define KULL_M_WIN_MIN_BUILD_7		7000
#define KULL_M_WIN_MIN_BUILD_8		8000
#define KULL_M_WIN_MIN_BUILD_BLUE	9400
#define KULL_M_WIN_MIN_BUILD_10		9800
Initial upload 2014-04-06 18:31:53 +00:00			/* Benjamin DELPY `gentilkiwi`
			`http://blog.gentilkiwi.com`
			`benjamin@gentilkiwi.com`
Global licence update, credits to Vincent LE TOUX for DCSync, and lsadump::hash moved to crypto::hash 2015-08-25 09:19:01 +00:00			`Licence : https://creativecommons.org/licenses/by/4.0/`
Initial upload 2014-04-06 18:31:53 +00:00			`*/`
			`#pragma once`
			`#include <ntstatus.h>`
			`#define WIN32_NO_STATUS`
			`#define SECURITY_WIN32`
[new] mimikatz IIS module, to deal with passwords in applicationHost.config [new/internal] tiny xml module (msxml2) [internal] mimikatz::lsadump cast fix to build on v140 2016-07-10 22:32:51 +00:00			`#define CINTERFACE`
			`#define COBJMACROS`
Initial upload 2014-04-06 18:31:53 +00:00			`#include <windows.h>`
			`#include <sspi.h>`
			`#include <sddl.h>`
			`#include <wincred.h>`
			`#include <ntsecapi.h>`
			`#include <ntsecpkg.h>`
			`#include <stdio.h>`
			`#include <wchar.h>`
			`#include "../modules/kull_m_output.h"`
			`//#define KERBEROS_TOOLS`
One PowerShell fix and better service/token functions [fix #83] mimikatz - No ExitProcess when using DLL (for PowerShell) [new] mimikatz - service::+ & service::- to install/uninstall [enhancement] token::elevate & token::run 2017-03-26 00:35:32 +00:00			`//#define SERVICE_INCONTROL`
Some cosmetic fixes (output, unicode detect, vault "pause", ...) 2014-04-25 00:03:55 +00:00			`#define NET_MODULE`
Chrome DPAPI support & optimization [new] dpapi::chrome, with custom/minimized sqlite3 included [new] kerberos::ask now supports encryption preference (des/rc4/aes128/aes256) [improvement] DRSR RPC code size minimized [improvement] dpapi::wlan && dpapi::wwan use better functions to describe blobs [internal] kull_m_string now supports q&d unicode to ascii 2016-06-23 00:16:36 +00:00			`#define SQLITE3_OMIT`
Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if defined(_M_ARM64)`
			`#define MIMIKATZ_ARCH L"arm64"`
			`#elif defined(_M_X64)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define MIMIKATZ_ARCH L"x64"`
Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#elif defined(_M_IX86)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define MIMIKATZ_ARCH L"x86"`
			`#endif`

			`#define MIMIKATZ L"mimikatz"`
Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#define MIMIKATZ_VERSION L"2.2.0"`
MSV & Kerberos fixes, LSA and Privilege enhancements - [fix] sekurlsa::msv & mimilib for Windows 10 build 10586 - [fix #20] sekurlsa::tickets (display & export) for NT 6 != Windows 10 - [close #16] kerberos::golden now with ~NetBios name in LogonDomainName field of the PAC - [new] privilege module shortcuts (driver, security, tcb, backup, restore) and functions (by id or name) - [new] lsadump::dcsync and lsadump::lsa /inject 'NTLM-Strong-NTOWF' in Supplemental Credentials structures (Windows 2016 TP 4) - [internal] NtSetSystemInformation can now be used in code 2016-01-06 01:46:28 +00:00			`#define MIMIKATZ_CODENAME L"A La Vie, A L\'Amour"`
[new] mimikatz eventlog patch for 1803 ( for @darkoperator ) [new] mimikatz version includes maximum Windows build number tested 2018-12-09 23:03:02 +00:00			`#define MIMIKATZ_MAX_WINBUILD L"17763"`
			`#define MIMIKATZ_FULL MIMIKATZ L" " MIMIKATZ_VERSION L" (" MIMIKATZ_ARCH L") #" MIMIKATZ_MAX_WINBUILD L" " TEXT(__DATE__) L" " TEXT(__TIME__)`
[fix #65] mimikatz sekurlsa::* for old 2012r2 version [fix #66] mimikatz sekurlsa::kerberos CSP/Pin data for Windows 10 1607 2016-10-05 18:37:29 +00:00			`#define MIMIKATZ_SECOND L"\"" MIMIKATZ_CODENAME L"\""`
Code cleaning & Base64 output 2014-04-23 20:00:29 +00:00			`#define MIMIKATZ_DEFAULT_LOG MIMIKATZ L".log"`
Initial upload 2014-04-06 18:31:53 +00:00			`#define MIMIKATZ_DRIVER L"mimidrv"`
			`#define MIMIKATZ_KERBEROS_EXT L"kirbi"`
mimikatz 2.1.1 (rpc/service/process) [new] RPC support (client & server, multi users) [new] Windows service support [new] token::elevate can run process with impersonate token (when enough privileges and without interactions) [new] process::run [new] standard::hostname 2017-03-19 15:03:54 +00:00			`#define MIMIKATZ_SERVICE MIMIKATZ L"svc"`
Initial upload 2014-04-06 18:31:53 +00:00
Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if defined(_WINDLL)`
Pass-The-Hash enhancements, 'powerkatz', Kerberos keys better ouptut 2014-05-04 23:24:54 +00:00			`#define MIMIKATZ_AUTO_COMMAND_START 0`
			`#else`
			`#define MIMIKATZ_AUTO_COMMAND_START 1`
mimikatz as a DLL, DLL delay loading for bcrypt/ncrypt, some crypto stuff... 2017-07-19 23:33:50 +00:00			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if defined(_POWERKATZ)`
mimikatz as a DLL, DLL delay loading for bcrypt/ncrypt, some crypto stuff... 2017-07-19 23:33:50 +00:00			`#define MIMIKATZ_AUTO_COMMAND_STRING L"powershell"`
			`#else`
Pass-The-Hash enhancements, 'powerkatz', Kerberos keys better ouptut 2014-05-04 23:24:54 +00:00			`#define MIMIKATZ_AUTO_COMMAND_STRING L"commandline"`
			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(NT_SUCCESS)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)`
			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(PRINT_ERROR)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define PRINT_ERROR(...) (kprintf(L"ERROR " TEXT(__FUNCTION__) L" ; " __VA_ARGS__))`
			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(PRINT_ERROR_AUTO)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define PRINT_ERROR_AUTO(func) (kprintf(L"ERROR " TEXT(__FUNCTION__) L" ; " func L" (0x%08x)\n", GetLastError()))`
			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(W00T)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define W00T(...) (kprintf(TEXT(__FUNCTION__) L" w00t! ; " __VA_ARGS__))`
			`#endif`

			`DWORD MIMIKATZ_NT_MAJOR_VERSION, MIMIKATZ_NT_MINOR_VERSION, MIMIKATZ_NT_BUILD_NUMBER;`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(MS_ENH_RSA_AES_PROV_XP)`
Initial upload 2014-04-06 18:31:53 +00:00			`#define MS_ENH_RSA_AES_PROV_XP L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"`
			`#endif`

Big update :) [new] mimikatz & mimilib very experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined 2019-03-25 00:57:56 +00:00			`#if !defined(SCARD_PROVIDER_CARD_MODULE)`
[new] mimilib now supports DHCP Callout, DNS Plugin, Coffee 2017-05-08 20:12:31 +00:00			`#define SCARD_PROVIDER_CARD_MODULE 0x80000001`
			`#endif`

Initial upload 2014-04-06 18:31:53 +00:00			`#define RtlEqualGuid(L1, L2) (RtlEqualMemory(L1, L2, sizeof(GUID)))`
Crypto and DPAPI cleaning 2015-06-03 00:13:43 +00:00
[internal] modules RPC directory & cleaning 2016-07-19 15:48:55 +00:00			`#define SIZE_ALIGN(size, alignment) (size + ((size % alignment) ? (alignment - (size % alignment)) : 0))`
Global update with few things [net] List network sessions & user sessions to a server [internal] arguments default behavior can NULL a value 2017-02-26 01:10:41 +00:00			`#define KIWI_NEVERTIME(filetime) (*(PLONGLONG) filetime = MAXLONGLONG)`
[internal] modules RPC directory & cleaning 2016-07-19 15:48:55 +00:00
Initial upload 2014-04-06 18:31:53 +00:00			`#define LM_NTLM_HASH_LENGTH 16`

			`#define KULL_M_WIN_BUILD_XP 2600`
			`#define KULL_M_WIN_BUILD_2K3 3790`
			`#define KULL_M_WIN_BUILD_VISTA 6000`
			`#define KULL_M_WIN_BUILD_7 7600`
			`#define KULL_M_WIN_BUILD_8 9200`
			`#define KULL_M_WIN_BUILD_BLUE 9600`
[new] mimikatz & mimidrv full support for Windows 1809 2018-12-03 01:06:10 +00:00			`#define KULL_M_WIN_BUILD_10_1507 10240`
			`#define KULL_M_WIN_BUILD_10_1511 10586`
			`#define KULL_M_WIN_BUILD_10_1607 14393`
			`#define KULL_M_WIN_BUILD_10_1703 15063`
			`#define KULL_M_WIN_BUILD_10_1709 16299`
			`#define KULL_M_WIN_BUILD_10_1803 17134`
			`#define KULL_M_WIN_BUILD_10_1809 17763`
[new] mimikatz & mimidrv support for Windows 10 build 1803 (17623) x64 [internal] structures for SAM cache 2018-03-22 02:56:19 +00:00
Initial upload 2014-04-06 18:31:53 +00:00
			`#define KULL_M_WIN_MIN_BUILD_XP 2500`
			`#define KULL_M_WIN_MIN_BUILD_2K3 3000`
minor file function change 2015-01-13 21:08:23 +00:00			`#define KULL_M_WIN_MIN_BUILD_VISTA 5000`
Initial upload 2014-04-06 18:31:53 +00:00			`#define KULL_M_WIN_MIN_BUILD_7 7000`
			`#define KULL_M_WIN_MIN_BUILD_8 8000`
Microsoft BlueHat edition Windows 10 Technical Preview inside, but some kernel parts are missing 2014-10-10 08:53:03 +00:00			`#define KULL_M_WIN_MIN_BUILD_BLUE 9400`
			`#define KULL_M_WIN_MIN_BUILD_10 9800`