RepoMirrors/mimikatz
1
0
Fork 0
mirror of https://github.com/gentilkiwi/mimikatz synced 2025-03-03 09:07:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
347 Commits 2 Branches 12 Tags 20 MiB
master
Commit Graph

43 Commits

Author SHA1 Message Date
Benjamin DELPY
746e2116d1 [legacy] Backport djoin parser & citrix SSO password extractor 2022-09-19 14:57:55 +02:00
Benjamin DELPY
14bbd5cb3a [new] lsadump::dcsync try to support /laps 
[internal] ldap supports authentication
[internal] rpc cleanup for EFS
[internal] sekurlsa skeleton for 11/2022
 2021-09-07 00:19:15 +02:00
Gabriele Gristina
293910419f Dump Bitlocker Recovery Information with DCSync 2021-09-04 20:37:32 +02:00
Benjamin DELPY
dc1e3347a5 [new] mimikatz misc::efs to play with [MS-EFSR], inspired by @topotam work on PetitPotam 2021-07-23 01:26:49 +02:00
Benjamin DELPY
fc7f5cc2a3 [new] mimikatz misc::printnightmare rewrited :) (more love inside) 
[fix #359] internal busylight module (less memory leak ;)) - thank you @JohnLaTwC
 2021-07-09 23:27:22 +02:00
Benjamin DELPY
bb8ccea8d9 [new] mimikatz misc::printnightmare LPE support under certain circumstances (Point & Print / UAC) 2021-07-06 17:28:56 +02:00
Benjamin DELPY
8a2302ae64 [new] mimikatz misc::printnightmare added a /clean parameters to remove mimikatz-* drivers (admin rights needed), and list drivers if no command 2021-07-05 23:44:37 +02:00
Benjamin DELPY
9ad02da948 [new] mimikatz misc::printnightmare now uses [ms-par] instead of [ms-rprn], thank you @cube0x0 2021-07-04 22:29:12 +02:00
Benjamin DELPY
c21276072b [new] mimikatz misc::printnightmare little POC 2021-07-01 03:16:49 +02:00
Benjamin DELPY
734e3f0291 [new] misc:sccm to decrypt SC_UserAccount credentials when SCCM private key access 2021-05-11 20:34:56 +02:00
Benjamin DELPY
fe4e984055 [new] mimikatz lsadump::dcsync supports /user:sid and authentication parameters 
[internal] use of real internal function name Rtl* for crypto system
 2020-09-28 00:04:20 +02:00
Benjamin DELPY
460717fd36 [new] mimikatz misc::spooler 2020-09-25 22:52:24 +02:00
Benjamin DELPY
09fb1f62ab [new] mimikatz lsadump::zerologon encrypted with better arguments 2020-09-18 19:23:17 +02:00
Benjamin DELPY
fa42ed93aa [new] mimikatz lsadump::postzerologon, to reinit DC password both in local store and AD 
[change] https instead of http for blog :)
 2020-09-17 03:17:11 +02:00
Benjamin DELPY
880c15994c [new] mimikatz lsadump::zerologon (CVE-2020-1472 @SecuraBV @djrevmoon) 
[new] mimikatz lsadump::dcsync now supports NTLM auth and explicit credentials
[internal] netlogon RPC instead of NETAPI32.dll (support ncap_ip_tcp instead of ncap_np)
 2020-09-16 12:16:07 +02:00
Benjamin DELPY
44ca2e648a [new] dpapi::tpm to decrypt TPM blob (no secret !) 
[new] net::if (@vletoux / https://github.com/vletoux/OxidBindings )
[internal] exit functions support exiting thread instead of process
 2020-05-02 20:59:56 +02:00
Benjamin DELPY
a5088d9e57 [new] dpapi::create now deals with dpapi::cache to encrypt multiple masterkeys 
[new] dpapi::cache save raw keys instead of only SHA1 of them
 2020-03-08 18:41:50 +01:00
Benjamin DELPY
a5f843b5aa [new] lsadump::dcsync full sync filters deleted accounts by default (/deleted to get them back) 
[new] lsadump::dcsync full sync prints UAC (details with /uac)
[fix] includes again WinDNS.h
 2020-02-26 23:40:00 +01:00
Benjamin DELPY
b008188f9f Big update :) 
[new] mimikatz & mimilib **very** experimental support for ARM64
[better] code for Mifare protocol
[better] code for sekurlsa WinDBG plugin (credential keys, still not good enough)
[new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password
[new] mimikatz: unmarshalling usernames when marshalled
[fix] mimikatz SR98/RDM/Busylight could previously crash
[fix #184] again and again ;)
[fix #172] swscanf_s VS ARRAYSIZE macro
[fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon)
[code] refactor for defined / !defined
 2019-03-25 01:57:56 +01:00
Benjamin DELPY
56d9db738a Vegas Edition 
[new] lsadump::dchadow updates (linger, new helpers, fixes)
[new] ACR & PN532 module
 2018-08-14 13:13:03 -07:00
Benjamin DELPY
0798214d73 [new] dpapi::ssh from an idea of @ropnop and for Tal Be'ery 
[fix] sr98::raw blocks array (fix #149 - thank you @steelfly33)
 2018-05-26 01:42:20 +02:00
Benjamin DELPY
696ff18f11 [new] lsadump::cache can extract NTLM hash from SmartCard local cache (cc: @asolino) 
[fix #133] Casting to ULONG result of the FIELD_OFFSET macro in lsasdump_dc module
 2018-03-18 00:24:05 +01:00
Benjamin DELPY
448bf35019 [internal] IDL_DRSVerifyNames 2018-02-08 02:26:36 +01:00
Benjamin DELPY
3d8be22fff [fix] a lots of @vletoux errors checking ;) 2018-02-06 00:16:51 +01:00
Benjamin DELPY
bef58c833c [fix] lsadump::dcshadow now supports renamed domains (ms-DS-ReplicationEpoch) 2018-02-05 02:07:47 +01:00
Benjamin DELPY
3a43901dd8 [new] lsadump::sam with LM/NTLM history 
[change] lsadump::dcshadow code / DC functionnal level version in text
 2018-02-03 23:29:33 +01:00
Benjamin DELPY
ab18bd103a Pushing @vletoux DCShadow in current branch with some adaptations 2018-01-27 01:37:55 +01:00
Benjamin DELPY
dc7661c7d0 [new] starting an internal SR98 module for chinese LF cloner 
[internal] MS-DRSR internal improvements
 2017-11-27 01:58:27 +01:00
Benjamin DELPY
ebcecc3a10 [fix #107] remove _vscwprintf dependency with mimilove on Windows 2000 
[credits] with his work on AD, Vincent Le Toux (@vletoux) is starring as co-author :)
[internal] DRSR RPC
[fix] dcsync export as CSV without junk chars between username and NTLM hash
 2017-11-06 03:37:36 +01:00
vletoux
cef8891c00 Modify lsadump::dcsync to allow the export of all NTLM of the domain 2017-09-03 10:47:54 +02:00
Benjamin DELPY
4c70f1447e [new] support for Windows 10 RS2 - 1707 2017-04-10 00:36:29 +03:00
Benjamin DELPY
968dc29529 Token & code enhancements 2017-03-30 00:57:24 +03:00
Benjamin DELPY
1722002956 [change] ts:: now uses only winsta API (instead of mix of wts32api and winsta) 
[new] rpc::connect support /null NTLM session for protseq ncacn_ip_tcp
 2017-03-20 04:37:36 +02:00
Benjamin DELPY
b4f96ccb6c mimikatz 2.1.1 (rpc/service/process) 
[new] RPC support (client & server, multi users)
[new] Windows service support
[new] token::elevate can run process with impersonate token (when enough privileges and without interactions)
[new] process::run
[new] standard::hostname
 2017-03-19 17:03:54 +02:00
Benjamin DELPY
345db5ada5 Harmonization mimikatz<->kekeo 2017-02-27 03:18:46 +02:00
Benjamin DELPY
cf30c6396e Global update with few things 
[net] List network sessions & user sessions to a server
[internal] arguments default behavior can NULL a value
 2017-02-26 03:10:41 +02:00
Benjamin DELPY
ea674c5073 [internal] ASN.1 OID encode/decode 
[internal] MS-DSRS with OID instead of standard ATT only
[internal] MS-DRSR function IDL_DRSAddEntry
 2017-01-07 03:45:34 +01:00
Benjamin DELPY
8268f37387 [fix #58] mimikatz sekurlsa::* / mimilib - deal with Windows 10 1607 Remote Credential Guard 
[new] mimikatz kerberos::golden now supports "Claims"
 2016-08-22 01:02:27 +02:00
Benjamin DELPY
abaa6ca9b1 [new] dpapi::cache can now be saved/loaded/flushed 
[new] net::group & net::alias
 2016-08-02 01:02:57 +02:00
Benjamin DELPY
6498084fba [mimikatz/mimilib] RPC cleaning, new CredentialKeys format string 2016-07-31 02:02:19 +02:00
Benjamin DELPY
b2f09cf903 [internal] RPC modules no more needed 2016-07-29 20:18:26 +02:00
Benjamin DELPY
3193ab06db [internal] RPC for LSA CredentialKeys & cleaning 2016-07-29 20:04:05 +02:00
Benjamin DELPY
4ed563f925 [internal] modules RPC directory & cleaning 2016-07-19 17:48:55 +02:00