c8920c74b2
[clean] version, copyright & project
2021-07-14 18:57:30 +02:00
571fc8cc99
[fix] mimikatz as DLL, new console is not mandatory
2021-07-14 17:37:12 +02:00
fc7f5cc2a3
[new] mimikatz misc::printnightmare rewrited :) (more love inside)
...
[fix #359 ] internal busylight module (less memory leak ;)) - thank you @JohnLaTwC
2021-07-09 23:27:22 +02:00
baaa26116a
[new] mimikatz misc::printnightmare will normalize UNC path for library (\\ to \??\UNC\)
2021-07-07 15:14:41 +02:00
b71f27b634
[fix] mimikatz misc::printnightmare output and functions names
2021-07-06 22:44:06 +02:00
bb8ccea8d9
[new] mimikatz misc::printnightmare LPE support under certain circumstances (Point & Print / UAC)
2021-07-06 17:28:56 +02:00
8a2302ae64
[new] mimikatz misc::printnightmare added a /clean parameters to remove `mimikatz-*` drivers (admin rights needed), and list drivers if no command
2021-07-05 23:44:37 +02:00
51dc7c0363
[fix] mimikatz misc::printnightmare with @citronneur idea to avoid 'bruteforce' directories
...
[new] mimispool library (specific fail at load to avoid lock)
2021-07-05 15:02:26 +02:00
9ad02da948
[new] mimikatz misc::printnightmare now uses [ms-par] instead of [ms-rprn], thank you @cube0x0
2021-07-04 22:29:12 +02:00
c21276072b
[new] mimikatz misc::printnightmare little POC
2021-07-01 03:16:49 +02:00
6a3e43291c
[new] mimikatz dpapi::rdg now handle credentials profiles (RDCMan 2.8)
2021-06-22 21:59:27 +02:00
cfe7bffa83
Merge pull request #351 from vletoux/kcredentialprovider
...
add kcredentialprovider.c to mimilib
2021-06-15 23:50:24 +02:00
b73e83cd75
add kcredentialprovider.c
2021-06-15 23:43:50 +02:00
21840f5bf2
[fix] mimikatz ts::logonpasswords now supports rdesktop (please, use freerdp for NLA)
2021-05-31 00:08:10 +02:00
b6fbbe3eae
[new] mimikatz ts::mstsc now supports clients using mstscax.dll (RDCMan, mRemoteNG, Remote Desktop Manager, ... not only 'mstsc')
2021-05-29 15:25:31 +02:00
89ec9bb0d1
[fix] ts::logonpasswords now supports freerdp clients
2021-05-28 15:06:58 +02:00
835757ef1c
[new] mimikatz ts::mstsc to try to dump client credentials
2021-05-25 20:34:48 +02:00
c509fd4a8c
[fix] mimikatz ts::logonpasswords to dump more credentials (multiple for same segment + better pattern)
2021-05-18 17:05:42 +02:00
86679021ee
[new] mimikatz ts::logonpasswords (experimental) - try to dump passwords from Terminal Server service (8.1+/2012R2+)
2021-05-17 23:49:18 +02:00
c54f4162d5
[new] mimikatz dpapi::sccm to dump Network Accounts on endpoints
2021-05-12 22:59:46 +02:00
5e5771e03b
[fix] mimikatz project to include ODBC lib
2021-05-11 20:48:07 +02:00
734e3f0291
[new] misc:sccm to decrypt SC_UserAccount credentials when SCCM private key access
2021-05-11 20:34:56 +02:00
e10bde5b16
[fix] AppVeyor indentation
2020-11-03 15:17:58 +01:00
434e488122
[new] AppVeyor protected zip artifact
2020-11-03 15:16:37 +01:00
cc953ab7d2
[new] AppVeyor Continuous Integration documented
2020-11-02 00:13:54 +01:00
315e27e915
[update] AppVeyor configuration (v2)
2020-11-01 23:43:47 +01:00
9b455e01ff
[update] AppVeyor configuration
2020-11-01 23:40:53 +01:00
7d3417e7a7
[new] AppVeyor Continuous Integration
2020-11-01 23:30:05 +01:00
fe4e984055
[new] mimikatz lsadump::dcsync supports /user:sid and authentication parameters
...
[internal] use of real internal function name Rtl* for crypto system
2020-09-28 00:04:20 +02:00
460717fd36
[new] mimikatz misc::spooler
2020-09-25 22:52:24 +02:00
09fb1f62ab
[new] mimikatz lsadump::zerologon encrypted with better arguments
2020-09-18 19:23:17 +02:00
6191b5a8ea
[fix] logic condition in lsadump::postzerologon arguments parsing
2020-09-17 03:39:28 +02:00
fa42ed93aa
[new] mimikatz lsadump::postzerologon, to reinit DC password both in local store and AD
...
[change] https instead of http for blog :)
2020-09-17 03:17:11 +02:00
880c15994c
[new] mimikatz lsadump::zerologon (CVE-2020-1472 @SecuraBV @djrevmoon)
...
[new] mimikatz lsadump::dcsync now supports NTLM auth and explicit credentials
[internal] netlogon RPC instead of NETAPI32.dll (support ncap_ip_tcp instead of ncap_np)
2020-09-16 12:16:07 +02:00
ba8d11ebe1
[new] ngc::pin for software keys, ngc::decrypt for passwords, etc.
2020-08-24 06:11:42 +02:00
2d54a1a978
[ fix #301 ] Not using _time32() anymore, not in XP msvcrt
2020-08-16 10:37:36 +02:00
a2a25cc9f5
[new] mimikatz dpapi::cloudapreg to get some decrypted RefreshToken from the registry (thank you DPAPI) - not AzureAd joined
...
[new] mimikatz misc::ngcsign to play with signature even if you don't have access to the real key (NgcSignWithSymmetricPopKey)
2020-08-09 22:55:49 +02:00
755505b6f4
[new] dpapi::cloudapkd can now sign a new JWT from the Primary and various keys / context
...
[new] misc::aadcookie to get a new JWT for the current user
2020-08-07 02:28:29 +02:00
3c497ec667
[update] dpapi::cloudapkd now supports opaquekeyblob for TPM without prior DPAPI encryption for transport (TPM key still DPAPI encrypted ;))
2020-08-05 10:37:41 +02:00
29cfd68a0f
[fix] undo fix typo
2020-08-05 01:22:50 +02:00
769c648a04
[fix] typo
2020-08-05 01:17:50 +02:00
37bc5ce8d0
[new] dpapi::cloudapkd to get a derived key from PRT associated key (software or TPM)
2020-08-05 00:49:55 +02:00
ff13496b33
[new] sekurlsa::cloudap to dump Azure PRT, session keys and DPAPI keys
...
[new] ngc::logondata to dump authentication slot pin and various data (kiwi use only - 2004 up to date)
[new] token::elevate option to impersonate special users
[internal] file reading support reading with backup privilege
2020-08-04 14:06:21 +02:00
cf8f9f3ee4
[typo] mimilib knp nIndex
2020-07-15 16:36:17 +02:00
adbcdfa0ad
[new] mimilib NPLogonNotify (thank you @gtworek)
2020-07-15 16:29:30 +02:00
e10ec9aa5b
[fix] freeing memory with CredFree when using CredUnmarshalCredential
...
[fix #289 ] casting FIELD_OFFSET to DWORD, like each time I commit ;)
2020-06-14 12:52:08 +02:00
4dd27c0a64
[new] mimikatz & mimidrv support for Windows 10 2004 (build 19041)
2020-05-19 00:56:24 +02:00
0ac5221a87
Merge pull request #267 from zhangyoufu/patch-1
...
fix closing SAM registry key twice
2020-05-19 00:44:46 +02:00
125c58b7e5
[ fix #284 ] remove previous TPM header dependency
2020-05-03 13:30:54 +02:00
44ca2e648a
[new] dpapi::tpm to decrypt TPM blob (no secret !)
...
[new] net::if (@vletoux / https://github.com/vletoux/OxidBindings )
[internal] exit functions support exiting thread instead of process
2020-05-02 20:59:56 +02:00
Benjamin DELPY
Vincent LE TOUX