From 8fcc011593905b0ebf0df75d1a1056fc07e1b849 Mon Sep 17 00:00:00 2001 From: Benjamin DELPY Date: Sat, 29 Oct 2016 21:23:18 +0200 Subject: [PATCH] [new] mimikatz localtime command (from/for @OJ) [removed] mimikatz markruss command (for @Microsoft) --- mimikatz/modules/kuhl_m_standard.c | 33 +++++++++++++++++++----------- mimikatz/modules/kuhl_m_standard.h | 4 ++-- 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/mimikatz/modules/kuhl_m_standard.c b/mimikatz/modules/kuhl_m_standard.c index 7cb49b6..49da0c9 100644 --- a/mimikatz/modules/kuhl_m_standard.c +++ b/mimikatz/modules/kuhl_m_standard.c @@ -7,16 +7,17 @@ const KUHL_M_C kuhl_m_c_standard[] = { //{kuhl_m_standard_test, L"test", L"Test routine (you don\'t want to see this !)"}, - {kuhl_m_standard_exit, L"exit", L"Quit mimikatz"}, - {kuhl_m_standard_cls, L"cls", L"Clear screen (doesn\'t work with redirections, like PsExec)"}, - {kuhl_m_standard_answer, L"answer", L"Answer to the Ultimate Question of Life, the Universe, and Everything"}, - {kuhl_m_standard_coffee, L"coffee", L"Please, make me a coffee!"}, - {kuhl_m_standard_sleep, L"sleep", L"Sleep an amount of milliseconds"}, - {kuhl_m_standard_log, L"log", L"Log mimikatz input/output to file"}, - {kuhl_m_standard_base64, L"base64", L"Switch file output/base64 output"}, - {kuhl_m_standard_version, L"version", L"Display some version informations"}, - {kuhl_m_standard_cd, L"cd", L"Change or display current directory"}, - {kuhl_m_standard_markruss, L"markruss",L"Mark about PtH"}, + {kuhl_m_standard_exit, L"exit", L"Quit mimikatz"}, + {kuhl_m_standard_cls, L"cls", L"Clear screen (doesn\'t work with redirections, like PsExec)"}, + {kuhl_m_standard_answer, L"answer", L"Answer to the Ultimate Question of Life, the Universe, and Everything"}, + {kuhl_m_standard_coffee, L"coffee", L"Please, make me a coffee!"}, + {kuhl_m_standard_sleep, L"sleep", L"Sleep an amount of milliseconds"}, + {kuhl_m_standard_log, L"log", L"Log mimikatz input/output to file"}, + {kuhl_m_standard_base64, L"base64", L"Switch file output/base64 output"}, + {kuhl_m_standard_version, L"version", L"Display some version informations"}, + {kuhl_m_standard_cd, L"cd", L"Change or display current directory"}, + {kuhl_m_standard_localtime, L"localtime", L"Displays system local date and time (OJ command)"}, + }; const KUHL_M kuhl_m_standard = { L"standard", L"Standard module", L"Basic commands (does not require module name)", @@ -130,8 +131,16 @@ NTSTATUS kuhl_m_standard_cd(int argc, wchar_t * argv[]) return STATUS_SUCCESS; } -NTSTATUS kuhl_m_standard_markruss(int argc, wchar_t * argv[]) +NTSTATUS kuhl_m_standard_localtime(int argc, wchar_t * argv[]) { - kprintf(L"Sorry you guys don\'t get it.\n"); + FILETIME ft; + TIME_ZONE_INFORMATION tzi; + DWORD dwTzi; + GetSystemTimeAsFileTime(&ft); + dwTzi = GetTimeZoneInformation(&tzi); + kprintf(L"Local: "); kull_m_string_displayLocalFileTime(&ft); kprintf(L"\n"); + if(dwTzi != TIME_ZONE_ID_INVALID && dwTzi != TIME_ZONE_ID_UNKNOWN) + kprintf(L"Zone : %.32s\n", (dwTzi == TIME_ZONE_ID_STANDARD) ? tzi.StandardName : tzi.DaylightName); + kprintf(L"UTC : "); kull_m_string_displayFileTime(&ft); kprintf(L"\n"); return STATUS_SUCCESS; } \ No newline at end of file diff --git a/mimikatz/modules/kuhl_m_standard.h b/mimikatz/modules/kuhl_m_standard.h index 8181535..7efdc3d 100644 --- a/mimikatz/modules/kuhl_m_standard.h +++ b/mimikatz/modules/kuhl_m_standard.h @@ -20,5 +20,5 @@ NTSTATUS kuhl_m_standard_log(int argc, wchar_t * argv[]); NTSTATUS kuhl_m_standard_base64(int argc, wchar_t * argv[]); NTSTATUS kuhl_m_standard_version(int argc, wchar_t * argv[]); NTSTATUS kuhl_m_standard_cd(int argc, wchar_t * argv[]); -NTSTATUS kuhl_m_standard_test(int argc, wchar_t * argv[]); -NTSTATUS kuhl_m_standard_markruss(int argc, wchar_t * argv[]); \ No newline at end of file +NTSTATUS kuhl_m_standard_localtime(int argc, wchar_t * argv[]); +NTSTATUS kuhl_m_standard_test(int argc, wchar_t * argv[]); \ No newline at end of file