RepoMirrors/mimikatz
1
0
Fork 0
mirror of https://github.com/gentilkiwi/mimikatz synced 2025-02-20 11:46:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
233 Commits 2 Branches 12 Tags 20 MiB
8c4bae5fa0
Commit Graph

233 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin DELPY
8c4bae5fa0 [fix] mimilib subauth: even BadPasswordCount to be compatible with Kerberos pre-auth 2019-04-28 22:12:10 +02:00
Benjamin DELPY
641a3b29ac [new] lsadump::changentlm & lsadump::setntlm are now supporting /rid instead of /user 
[interne] crypto::scauth try to set the signature PIN when exchange fails
 2019-04-15 02:10:47 +02:00
Benjamin DELPY
5fc3351d7a [fix #199] Allow dpapi::chrome to open DB without lock (library update to support win32-none VFS) thank you @psychomario ! 
[new] net::trust adds LDAP search to get objectGuid for lsadump::dcsync usage
 2019-04-12 01:25:20 +02:00
Benjamin DELPY
ac46e32d06 [update] mimidrv for 2016 up to date 
[interna] cosmetic
 2019-04-09 00:53:35 +02:00
Benjamin DELPY
6910c7b930 [new] mimikatz net::deleg now support /server and /dns arguments 2019-04-04 23:47:54 +02:00
Benjamin DELPY
e84c57f6cb [new] net::deleg function in mimikatz 
[new] owl module for Cam
 2019-03-29 03:11:00 +01:00
Benjamin DELPY
b008188f9f Big update :) 
[new] mimikatz & mimilib **very** experimental support for ARM64
[better] code for Mifare protocol
[better] code for sekurlsa WinDBG plugin (credential keys, still not good enough)
[new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password
[new] mimikatz: unmarshalling usernames when marshalled
[fix] mimikatz SR98/RDM/Busylight could previously crash
[fix #184] again and again ;)
[fix #172] swscanf_s VS ARRAYSIZE macro
[fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon)
[code] refactor for defined / !defined
 2019-03-25 01:57:56 +01:00
Benjamin DELPY
fe6a853ec3 [new] mimikatz eventlog patch for 1803 ( for @darkoperator ) 
[new] mimikatz version includes maximum Windows build number tested
 2018-12-10 00:03:02 +01:00
Benjamin DELPY
2fd09bbef0 [new] mimikatz & mimidrv full support for Windows 1809 2018-12-03 02:06:10 +01:00
Benjamin DELPY
e380febb61 [new/fix] misc::memssp for Windows 10 1803 x64 2018-09-25 15:06:44 -07:00
Benjamin DELPY
b87468c1b4 [new] mimikatz dpapi::rdg to decrypt saved passwords in RDG files (Remote Desktop Connection Manager) 2018-08-19 17:01:41 -07:00
Benjamin DELPY
3134be808f [fix #166] lsadump::secrets helper for 'TBAL' secret - thanks to @jagotu research ( http://vztekoverflow.com/2018/07/31/tbal-dpapi-backdoor/ ) 2018-08-16 15:53:38 -07:00
Benjamin DELPY
56d9db738a Vegas Edition 
[new] lsadump::dchadow updates (linger, new helpers, fixes)
[new] ACR & PN532 module
 2018-08-14 13:13:03 -07:00
Benjamin DELPY
110a831ebe [new] process run with parent PID (NT6) 2018-06-16 18:46:50 +02:00
Benjamin DELPY
c0f05a5286 [fix #155] ts::multirdp for Windows 10 1803 x64 (x86 was ok) 2018-05-27 02:45:45 +02:00
Benjamin DELPY
0798214d73 [new] dpapi::ssh from an idea of @ropnop and for Tal Be'ery 
[fix] sr98::raw blocks array (fix #149 - thank you @steelfly33)
 2018-05-26 01:42:20 +02:00
Benjamin DELPY
c8cb4111d7 [fix] Windows 10 1803 (17134) support (the real one this time :)) 
[new] RDM(830 AL) HF reader/writer basic support
 2018-05-02 00:29:34 +02:00
Benjamin DELPY
83c1355682 removing specific HID library for Busylight 
a generic one will come
 2018-05-02 00:23:12 +02:00
Benjamin DELPY
a0f243b335 [fix] don't ask me why, but fixing previous SVN commit 2018-04-24 01:23:31 +02:00
Benjamin DELPY
2f66115ccd [fix] Passing the hash issue when replacing password in some Windows 10 versions 
[fix] kerberos & crypto FindFile issue when enumerating kirbi & certificate files in directories
[fix] adding Fci.h file in includes
[new] kerberos::golden can make tickets without PAC when avoiding the /sid parameters
[new] crypto::sc tries to get informations with readers without cards
[new] sr98:: module to deal with LF writer and T5577 cards
 2018-04-24 01:21:00 +02:00
Benjamin DELPY
62d9ea8acd [new] misc::clip to monitor text in the Clipboard 2018-03-25 21:09:17 +02:00
Benjamin DELPY
9cd7e2dba7 [new] mimikatz & mimidrv support for Windows 10 build 1803 (17623) x64 
[internal] structures for SAM cache
 2018-03-22 03:56:19 +01:00
Benjamin DELPY
2fa4c049d9 [fix] missing ; (common, it's C ;)) 2018-03-20 02:04:46 +01:00
Benjamin DELPY
4b4d596b74 [fix #138] Adapted Build mask from commend and msvcrt.dll reverse + fixed version command on x86 2018-03-20 02:02:33 +01:00
Benjamin DELPY
2e4edccee8 [really fix #133] casting (ULONG) FIELD_OFFSET 2018-03-18 14:26:34 +01:00
Benjamin DELPY
696ff18f11 [new] lsadump::cache can extract NTLM hash from SmartCard local cache (cc: @asolino) 
[fix #133] Casting to ULONG result of the FIELD_OFFSET macro in lsasdump_dc module
 2018-03-18 00:24:05 +01:00
Benjamin DELPY
448bf35019 [internal] IDL_DRSVerifyNames 2018-02-08 02:26:36 +01:00
Benjamin DELPY
3d8be22fff [fix] a lots of @vletoux errors checking ;) 2018-02-06 00:16:51 +01:00
Benjamin DELPY
bef58c833c [fix] lsadump::dcshadow now supports renamed domains (ms-DS-ReplicationEpoch) 2018-02-05 02:07:47 +01:00
Benjamin DELPY
3a43901dd8 [new] lsadump::sam with LM/NTLM history 
[change] lsadump::dcshadow code / DC functionnal level version in text
 2018-02-03 23:29:33 +01:00
Benjamin DELPY
ab18bd103a Pushing @vletoux DCShadow in current branch with some adaptations 2018-01-27 01:37:55 +01:00
Benjamin DELPY
78dba4ede9 [fix #118] Adding missing fltlib.lib to the solution 2017-12-21 02:30:19 +01:00
Benjamin DELPY
508b4aaf9e [new] mimikatz::event module for Windows 10 1709 2017-12-20 00:16:36 +01:00
Benjamin DELPY
3876fa0614 [internal] misc::memssp for Windows 10 17xx 2017-12-19 01:14:32 +01:00
Benjamin DELPY
fa591e61a4 [new] mimidrv for Windows 10 version 1709 2017-12-18 03:30:40 +01:00
Benjamin DELPY
9e42ea3b28 [fix] missing fltuser* includes 
[fix] mimidrv version
 2017-12-10 18:12:21 +01:00
Benjamin DELPY
5e712a34d0 [new] misc::easyntlmchall 
[typo] Windows version 1707 -> 1703
[internal] kull_m_net_getComputerName
[internal] _ReturnAddress()
 2017-12-03 21:16:28 +01:00
Benjamin DELPY
4188d55dc0 [new] misc::mflt to list minifilters 2017-11-28 03:16:46 +01:00
Benjamin DELPY
dc7661c7d0 [new] starting an internal SR98 module for chinese LF cloner 
[internal] MS-DRSR internal improvements
 2017-11-27 01:58:27 +01:00
Benjamin DELPY
3d6b2db4f6 [internal/new] kull_m_string_stringToFileTime 2017-11-24 01:01:43 +01:00
Benjamin DELPY
ebcecc3a10 [fix #107] remove _vscwprintf dependency with mimilove on Windows 2000 
[credits] with his work on AD, Vincent Le Toux (@vletoux) is starring as co-author :)
[internal] DRSR RPC
[fix] dcsync export as CSV without junk chars between username and NTLM hash
 2017-11-06 03:37:36 +01:00
Benjamin DELPY
773533b6e9 Merge pull request #98 from vletoux/dcsync_export_all_ntlm 
Modify lsadump::dcsync to allow the export of all NTLM of the domain
 2017-09-03 10:54:26 +02:00
vletoux
cef8891c00 Modify lsadump::dcsync to allow the export of all NTLM of the domain 2017-09-03 10:47:54 +02:00
Benjamin DELPY
0d79c441de crypto::extract now supports CAPI & BCrypt (RSA/AES/DES/3DES/DESX/RC4/RC2...) 2017-08-13 17:27:10 +02:00
Benjamin DELPY
2af06006f7 [new] crypto::extract, to try to extract MS CAPI keys from RSA/AES provider 
[fix] internal process module (NtQuerySystemInformation)
 2017-08-01 04:45:47 +02:00
Benjamin DELPY
432276f23d mimikatz as a DLL, DLL delay loading for bcrypt/ncrypt, some crypto stuff... 2017-07-20 01:33:50 +02:00
Benjamin DELPY
106ca7f7b4 Yara rule update to support recent mimikatz version (and logicaly Petya mimikatz module too) 2017-06-29 01:01:43 +02:00
Benjamin DELPY
083e528b69 Few code lines added... 
[fix] mimikatz sekurlsa::* for Windows 2003 older versions.
[new] mimikatz version try to detect Credential Guard and display files version with arg.
 2017-06-18 18:45:55 +02:00
Benjamin DELPY
9cd6a49e4c [new] lsadump::changentlm to *change* user password/hash to another password/hash 2017-06-08 00:48:55 +02:00
Benjamin DELPY
87aeb8fe2f Some new LSA stuff 
[enhancement] lsadump::lsa /inject new injected code to get password history (if any)
[new] lsadump::setnetlm (thanks to Vincent LE TOUX idea !), to set an arbitrary NTLM hash to an user
[new] net::share to enumerate remote share on a server
[new] net::serverinfo to grab remote server informations
 2017-06-07 02:37:32 +02:00