RepoMirrors/mimikatz
1
0
Fork 0
mirror of https://github.com/gentilkiwi/mimikatz synced 2025-02-17 18:06:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
321 Commits 2 Branches 12 Tags 20 MiB
14bbd5cb3a
Commit Graph

321 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin DELPY
14bbd5cb3a [new] lsadump::dcsync try to support /laps 
[internal] ldap supports authentication
[internal] rpc cleanup for EFS
[internal] sekurlsa skeleton for 11/2022
 2021-09-07 00:19:15 +02:00
Benjamin DELPY
17669a9d5d
Merge pull request #371 from matrix/dcsync_bitlocker 
Dump ms-FVE-RecoveryInformation (Bitlocker Recovery Information) with DCSync
 2021-09-05 19:28:59 +02:00
Benjamin DELPY
0581c93cb2
Update kuhl_m_lsadump_dc.c 
More in `mimikatz` C coding style, otherwise seems good :)
 2021-09-05 17:51:04 +02:00
Gabriele Gristina
293910419f Dump Bitlocker Recovery Information with DCSync 2021-09-04 20:37:32 +02:00
Benjamin DELPY
57bad57f81
Update README.md 2021-08-12 19:34:30 +02:00
Benjamin DELPY
7f02230226 [fix] mimikatz ts::logonpassword removed junk data after credentials 2021-08-10 17:21:25 +02:00
Benjamin DELPY
d05fa5d43f [fix] mimikatz ts::logonpasswords search routines for Web credentials, thank you Lawrence Abrams (@Bleeping) 2021-08-10 01:59:35 +02:00
Benjamin DELPY
8c125e9636 [new] mimikatz ts::logonpasswords now tries to get credentials from Web RDS (HTLM 5) connections 2021-08-07 23:30:17 +02:00
Benjamin DELPY
b5efa87e43 [update] mimispool PowerShell commands to use only one printer, from Microsoft 2021-07-30 23:18:04 +02:00
Benjamin DELPY
b109ff64da
Create README.md 2021-07-30 01:42:02 +02:00
Benjamin DELPY
e93375dc8a [fix] adding advapi32.lib to link against modern version of MSVC 2021-07-29 11:30:10 +02:00
Benjamin DELPY
247da32854 [new] mimispool module to support PrintNightmare 2.x and 4.x 
[new] mimispool module now try to pop SYSTEM cmd on all active desktops
[new] mimikatz misc::printnightmare try to clean temporary printer driver (not available by default on remote ones)
 2021-07-29 11:23:38 +02:00
Benjamin DELPY
2a5b839224 [enhancement] misc::spooler now supports transport authentication (SMB named pipe) 2021-07-25 00:49:52 +02:00
Benjamin DELPY
dc1e3347a5 [new] mimikatz misc::efs to play with [MS-EFSR], inspired by @topotam work on PetitPotam 2021-07-23 01:26:49 +02:00
Benjamin DELPY
ba3c2c66f6 [new] mimikatz misc::shadowcopies (to display some properties without admin rights) 
[new] mimikatz mimispool module includes some functions for printnigtmare v3/v4 (must be recompiled after adjust)
[internal] new ntdll.min.lib to call NtOpenDirectoryObject/NtQueryDirectoryObject
 2021-07-21 23:50:54 +02:00
Benjamin DELPY
c8920c74b2 [clean] version, copyright & project 2021-07-14 18:57:30 +02:00
Benjamin DELPY
571fc8cc99 [fix] mimikatz as DLL, new console is not mandatory 2021-07-14 17:37:12 +02:00
Benjamin DELPY
fc7f5cc2a3 [new] mimikatz misc::printnightmare rewrited :) (more love inside) 
[fix #359] internal busylight module (less memory leak ;)) - thank you @JohnLaTwC
 2021-07-09 23:27:22 +02:00
Benjamin DELPY
baaa26116a [new] mimikatz misc::printnightmare will normalize UNC path for library (\\ to \??\UNC\) 2021-07-07 15:14:41 +02:00
Benjamin DELPY
b71f27b634 [fix] mimikatz misc::printnightmare output and functions names 2021-07-06 22:44:06 +02:00
Benjamin DELPY
bb8ccea8d9 [new] mimikatz misc::printnightmare LPE support under certain circumstances (Point & Print / UAC) 2021-07-06 17:28:56 +02:00
Benjamin DELPY
8a2302ae64 [new] mimikatz misc::printnightmare added a /clean parameters to remove mimikatz-* drivers (admin rights needed), and list drivers if no command 2021-07-05 23:44:37 +02:00
Benjamin DELPY
51dc7c0363 [fix] mimikatz misc::printnightmare with @citronneur idea to avoid 'bruteforce' directories 
[new] mimispool library (specific fail at load to avoid lock)
 2021-07-05 15:02:26 +02:00
Benjamin DELPY
9ad02da948 [new] mimikatz misc::printnightmare now uses [ms-par] instead of [ms-rprn], thank you @cube0x0 2021-07-04 22:29:12 +02:00
Benjamin DELPY
c21276072b [new] mimikatz misc::printnightmare little POC 2021-07-01 03:16:49 +02:00
Benjamin DELPY
6a3e43291c [new] mimikatz dpapi::rdg now handle credentials profiles (RDCMan 2.8) 2021-06-22 21:59:27 +02:00
Benjamin DELPY
cfe7bffa83
Merge pull request #351 from vletoux/kcredentialprovider 
add kcredentialprovider.c to mimilib
 2021-06-15 23:50:24 +02:00
Vincent LE TOUX
b73e83cd75 add kcredentialprovider.c 2021-06-15 23:43:50 +02:00
Benjamin DELPY
21840f5bf2 [fix] mimikatz ts::logonpasswords now supports rdesktop (please, use freerdp for NLA) 2021-05-31 00:08:10 +02:00
Benjamin DELPY
b6fbbe3eae [new] mimikatz ts::mstsc now supports clients using mstscax.dll (RDCMan, mRemoteNG, Remote Desktop Manager, ... not only 'mstsc') 2021-05-29 15:25:31 +02:00
Benjamin DELPY
89ec9bb0d1 [fix] ts::logonpasswords now supports freerdp clients 2021-05-28 15:06:58 +02:00
Benjamin DELPY
835757ef1c [new] mimikatz ts::mstsc to try to dump client credentials 2021-05-25 20:34:48 +02:00
Benjamin DELPY
c509fd4a8c [fix] mimikatz ts::logonpasswords to dump more credentials (multiple for same segment + better pattern) 2021-05-18 17:05:42 +02:00
Benjamin DELPY
86679021ee [new] mimikatz ts::logonpasswords (experimental) - try to dump passwords from Terminal Server service (8.1+/2012R2+) 2021-05-17 23:49:18 +02:00
Benjamin DELPY
c54f4162d5 [new] mimikatz dpapi::sccm to dump Network Accounts on endpoints 2021-05-12 22:59:46 +02:00
Benjamin DELPY
5e5771e03b [fix] mimikatz project to include ODBC lib 2021-05-11 20:48:07 +02:00
Benjamin DELPY
734e3f0291 [new] misc:sccm to decrypt SC_UserAccount credentials when SCCM private key access 2021-05-11 20:34:56 +02:00
Benjamin DELPY
e10bde5b16 [fix] AppVeyor indentation 2020-11-03 15:17:58 +01:00
Benjamin DELPY
434e488122 [new] AppVeyor protected zip artifact 2020-11-03 15:16:37 +01:00
Benjamin DELPY
cc953ab7d2 [new] AppVeyor Continuous Integration documented 2020-11-02 00:13:54 +01:00
Benjamin DELPY
315e27e915 [update] AppVeyor configuration (v2) 2020-11-01 23:43:47 +01:00
Benjamin DELPY
9b455e01ff [update] AppVeyor configuration 2020-11-01 23:40:53 +01:00
Benjamin DELPY
7d3417e7a7 [new] AppVeyor Continuous Integration 2020-11-01 23:30:05 +01:00
Benjamin DELPY
fe4e984055 [new] mimikatz lsadump::dcsync supports /user:sid and authentication parameters 
[internal] use of real internal function name Rtl* for crypto system
 2020-09-28 00:04:20 +02:00
Benjamin DELPY
460717fd36 [new] mimikatz misc::spooler 2020-09-25 22:52:24 +02:00
Benjamin DELPY
09fb1f62ab [new] mimikatz lsadump::zerologon encrypted with better arguments 2020-09-18 19:23:17 +02:00
Benjamin DELPY
6191b5a8ea [fix] logic condition in lsadump::postzerologon arguments parsing 2020-09-17 03:39:28 +02:00
Benjamin DELPY
fa42ed93aa [new] mimikatz lsadump::postzerologon, to reinit DC password both in local store and AD 
[change] https instead of http for blog :)
 2020-09-17 03:17:11 +02:00
Benjamin DELPY
880c15994c [new] mimikatz lsadump::zerologon (CVE-2020-1472 @SecuraBV @djrevmoon) 
[new] mimikatz lsadump::dcsync now supports NTLM auth and explicit credentials
[internal] netlogon RPC instead of NETAPI32.dll (support ncap_ip_tcp instead of ncap_np)
 2020-09-16 12:16:07 +02:00
Benjamin DELPY
ba8d11ebe1 [new] ngc::pin for software keys, ngc::decrypt for passwords, etc. 2020-08-24 06:11:42 +02:00