RepoMirrors/mimikatz
1
0
Fork 0
mirror of https://github.com/gentilkiwi/mimikatz synced 2025-02-22 04:36:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
219 Commits 2 Branches 12 Tags 20 MiB
c0f05a5286
Commit Graph

219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin DELPY
c0f05a5286 [fix #155] ts::multirdp for Windows 10 1803 x64 (x86 was ok) 2018-05-27 02:45:45 +02:00
Benjamin DELPY
0798214d73 [new] dpapi::ssh from an idea of @ropnop and for Tal Be'ery 
[fix] sr98::raw blocks array (fix #149 - thank you @steelfly33)
 2018-05-26 01:42:20 +02:00
Benjamin DELPY
c8cb4111d7 [fix] Windows 10 1803 (17134) support (the real one this time :)) 
[new] RDM(830 AL) HF reader/writer basic support
 2018-05-02 00:29:34 +02:00
Benjamin DELPY
83c1355682 removing specific HID library for Busylight 
a generic one will come
 2018-05-02 00:23:12 +02:00
Benjamin DELPY
a0f243b335 [fix] don't ask me why, but fixing previous SVN commit 2018-04-24 01:23:31 +02:00
Benjamin DELPY
2f66115ccd [fix] Passing the hash issue when replacing password in some Windows 10 versions 
[fix] kerberos & crypto FindFile issue when enumerating kirbi & certificate files in directories
[fix] adding Fci.h file in includes
[new] kerberos::golden can make tickets without PAC when avoiding the /sid parameters
[new] crypto::sc tries to get informations with readers without cards
[new] sr98:: module to deal with LF writer and T5577 cards
 2018-04-24 01:21:00 +02:00
Benjamin DELPY
62d9ea8acd [new] misc::clip to monitor text in the Clipboard 2018-03-25 21:09:17 +02:00
Benjamin DELPY
9cd7e2dba7 [new] mimikatz & mimidrv support for Windows 10 build 1803 (17623) x64 
[internal] structures for SAM cache
 2018-03-22 03:56:19 +01:00
Benjamin DELPY
2fa4c049d9 [fix] missing ; (common, it's C ;)) 2018-03-20 02:04:46 +01:00
Benjamin DELPY
4b4d596b74 [fix #138] Adapted Build mask from commend and msvcrt.dll reverse + fixed version command on x86 2018-03-20 02:02:33 +01:00
Benjamin DELPY
2e4edccee8 [really fix #133] casting (ULONG) FIELD_OFFSET 2018-03-18 14:26:34 +01:00
Benjamin DELPY
696ff18f11 [new] lsadump::cache can extract NTLM hash from SmartCard local cache (cc: @asolino) 
[fix #133] Casting to ULONG result of the FIELD_OFFSET macro in lsasdump_dc module
 2018-03-18 00:24:05 +01:00
Benjamin DELPY
448bf35019 [internal] IDL_DRSVerifyNames 2018-02-08 02:26:36 +01:00
Benjamin DELPY
3d8be22fff [fix] a lots of @vletoux errors checking ;) 2018-02-06 00:16:51 +01:00
Benjamin DELPY
bef58c833c [fix] lsadump::dcshadow now supports renamed domains (ms-DS-ReplicationEpoch) 2018-02-05 02:07:47 +01:00
Benjamin DELPY
3a43901dd8 [new] lsadump::sam with LM/NTLM history 
[change] lsadump::dcshadow code / DC functionnal level version in text
 2018-02-03 23:29:33 +01:00
Benjamin DELPY
ab18bd103a Pushing @vletoux DCShadow in current branch with some adaptations 2018-01-27 01:37:55 +01:00
Benjamin DELPY
78dba4ede9 [fix #118] Adding missing fltlib.lib to the solution 2017-12-21 02:30:19 +01:00
Benjamin DELPY
508b4aaf9e [new] mimikatz::event module for Windows 10 1709 2017-12-20 00:16:36 +01:00
Benjamin DELPY
3876fa0614 [internal] misc::memssp for Windows 10 17xx 2017-12-19 01:14:32 +01:00
Benjamin DELPY
fa591e61a4 [new] mimidrv for Windows 10 version 1709 2017-12-18 03:30:40 +01:00
Benjamin DELPY
9e42ea3b28 [fix] missing fltuser* includes 
[fix] mimidrv version
 2017-12-10 18:12:21 +01:00
Benjamin DELPY
5e712a34d0 [new] misc::easyntlmchall 
[typo] Windows version 1707 -> 1703
[internal] kull_m_net_getComputerName
[internal] _ReturnAddress()
 2017-12-03 21:16:28 +01:00
Benjamin DELPY
4188d55dc0 [new] misc::mflt to list minifilters 2017-11-28 03:16:46 +01:00
Benjamin DELPY
dc7661c7d0 [new] starting an internal SR98 module for chinese LF cloner 
[internal] MS-DRSR internal improvements
 2017-11-27 01:58:27 +01:00
Benjamin DELPY
3d6b2db4f6 [internal/new] kull_m_string_stringToFileTime 2017-11-24 01:01:43 +01:00
Benjamin DELPY
ebcecc3a10 [fix #107] remove _vscwprintf dependency with mimilove on Windows 2000 
[credits] with his work on AD, Vincent Le Toux (@vletoux) is starring as co-author :)
[internal] DRSR RPC
[fix] dcsync export as CSV without junk chars between username and NTLM hash
 2017-11-06 03:37:36 +01:00
Benjamin DELPY
773533b6e9 Merge pull request #98 from vletoux/dcsync_export_all_ntlm 
Modify lsadump::dcsync to allow the export of all NTLM of the domain
 2017-09-03 10:54:26 +02:00
vletoux
cef8891c00 Modify lsadump::dcsync to allow the export of all NTLM of the domain 2017-09-03 10:47:54 +02:00
Benjamin DELPY
0d79c441de crypto::extract now supports CAPI & BCrypt (RSA/AES/DES/3DES/DESX/RC4/RC2...) 2017-08-13 17:27:10 +02:00
Benjamin DELPY
2af06006f7 [new] crypto::extract, to try to extract MS CAPI keys from RSA/AES provider 
[fix] internal process module (NtQuerySystemInformation)
 2017-08-01 04:45:47 +02:00
Benjamin DELPY
432276f23d mimikatz as a DLL, DLL delay loading for bcrypt/ncrypt, some crypto stuff... 2017-07-20 01:33:50 +02:00
Benjamin DELPY
106ca7f7b4 Yara rule update to support recent mimikatz version (and logicaly Petya mimikatz module too) 2017-06-29 01:01:43 +02:00
Benjamin DELPY
083e528b69 Few code lines added... 
[fix] mimikatz sekurlsa::* for Windows 2003 older versions.
[new] mimikatz version try to detect Credential Guard and display files version with arg.
 2017-06-18 18:45:55 +02:00
Benjamin DELPY
9cd6a49e4c [new] lsadump::changentlm to *change* user password/hash to another password/hash 2017-06-08 00:48:55 +02:00
Benjamin DELPY
87aeb8fe2f Some new LSA stuff 
[enhancement] lsadump::lsa /inject new injected code to get password history (if any)
[new] lsadump::setnetlm (thanks to Vincent LE TOUX idea !), to set an arbitrary NTLM hash to an user
[new] net::share to enumerate remote share on a server
[new] net::serverinfo to grab remote server informations
 2017-06-07 02:37:32 +02:00
Benjamin DELPY
22eaf29e75 [new] mimilib now supports DHCP Callout, DNS Plugin, Coffee 2017-05-08 22:12:31 +02:00
Benjamin DELPY
4c70f1447e [new] support for Windows 10 RS2 - 1707 2017-04-10 00:36:29 +03:00
Benjamin DELPY
968dc29529 Token & code enhancements 2017-03-30 00:57:24 +03:00
Benjamin DELPY
f0bfb0da31 [enhancement] token: less listed (NtCompareTokens), more details in whoami 2017-03-28 04:22:57 +03:00
Benjamin DELPY
b0be118bc5 One PowerShell fix and better service/token functions 
[fix #83] mimikatz - No ExitProcess when using DLL (for PowerShell)
[new] mimikatz - service::+ & service::- to install/uninstall
[enhancement] token::elevate & token::run
 2017-03-26 03:35:32 +03:00
Benjamin DELPY
1722002956 [change] ts:: now uses only winsta API (instead of mix of wts32api and winsta) 
[new] rpc::connect support /null NTLM session for protseq ncacn_ip_tcp
 2017-03-20 04:37:36 +02:00
Benjamin DELPY
dbfebef2d7 Not needed anymore 2017-03-20 04:35:19 +02:00
Benjamin DELPY
b4f96ccb6c mimikatz 2.1.1 (rpc/service/process) 
[new] RPC support (client & server, multi users)
[new] Windows service support
[new] token::elevate can run process with impersonate token (when enough privileges and without interactions)
[new] process::run
[new] standard::hostname
 2017-03-19 17:03:54 +02:00
Benjamin DELPY
114c257679 net::tod & net::stats for remote time and 'uptime' 2017-03-05 23:48:23 +02:00
Benjamin DELPY
345db5ada5 Harmonization mimikatz<->kekeo 2017-02-27 03:18:46 +02:00
Benjamin DELPY
cf30c6396e Global update with few things 
[net] List network sessions & user sessions to a server
[internal] arguments default behavior can NULL a value
 2017-02-26 03:10:41 +02:00
Benjamin DELPY
2ca6174fc5 [new] crypto::certtohw to transfer a certificate in a smartcard/hsm 
[new] crypto::scauth to allow certificate creation in a smartcard/hsm
[new] kerberos::ptc / kerberos::clist seems to support now CCACHE 0x0503 version
 2017-01-21 01:34:34 +01:00
Benjamin DELPY
ea674c5073 [internal] ASN.1 OID encode/decode 
[internal] MS-DSRS with OID instead of standard ATT only
[internal] MS-DRSR function IDL_DRSAddEntry
 2017-01-07 03:45:34 +01:00
Benjamin DELPY
d8ee9e20ca [fix] kull_m_string _wcsicmp instead of wcsicmp 2016-12-23 00:47:33 +01:00