Benjamin DELPY
|
e15b0ca68a
|
Some DPAPI stuff
- [new] vault module now handles more Vault types, Attributes and Properties (with /attributes)
- [new] misc::compressme to create a compressed version of mimikatz
- [new] dpapi::cred now handles legacy (NT5) multiple credentials
- [new] dpapi::wifi & dpapi::wwan to deal with network profiles
- [internal] kuhl_m_vault: vault::list now deals with SID / credentials attributes (with one incorrect align.)
- [internal] kull_m_string: removed unused kull_m_string_suspectUnicodeStringStructure
- [internal] kull_m_string: added kull_m_string_printSuspectUnicodeString
- [internal] kull_m_string: added dirty kull_m_string_quickxml_simplefind
- [internal] kull_m_memory: quick compress & decompress routines
- [internal] kull_m_dpapi: added blob flags descriptions
- [internal] kull_m_dpapi: fixed blob protection flags description for system
- [internal] kull_m_dpapi: removed unused kull_m_dpapi_unprotect_backupkey_with_secret
- [internal] kull_m_cred: added legacy (NT5) credentials structures & routines
|
2016-02-08 01:41:26 +01:00 |
|
Benjamin DELPY
|
8b8eaf0201
|
Global licence update, credits to Vincent LE TOUX for DCSync, and lsadump::hash moved to crypto::hash
|
2015-08-25 11:19:01 +02:00 |
|
Benjamin DELPY
|
c00b9cfab3
|
DPAPI vault IV for @dfirfpi
|
2015-07-21 04:11:25 +02:00 |
|
Benjamin DELPY
|
5084e9d803
|
Thanks to @dfirfpi new samples, some cool adaptations!
|
2015-07-16 01:19:48 +02:00 |
|
Benjamin DELPY
|
3172c1dc23
|
DPAPI credentials (legacy & vault)
|
2015-07-15 01:13:21 +02:00 |