RepoMirrors/mimikatz
1
0
Fork 0
mirror of https://github.com/gentilkiwi/mimikatz synced 2025-01-02 19:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 3038757e69
         Update to VS2019 no warnings OJ 2020-04-14 14:20:09 +1000
  • a5088d9e57 [new] dpapi::create now deals with dpapi::cache to encrypt multiple masterkeys [new] dpapi::cache save raw keys instead of only SHA1 of them Benjamin DELPY 2020-03-08 18:41:50 +0100
  • d07283a20d [new] dpapi::create, to create (minimalist) Masterkeys file from a raw key [internal] kull_m_token to deal with own SID et check if local or domain Benjamin DELPY 2020-03-08 13:38:11 +0100
  • bbb41e854f [fix] dpapi::rdg supports XML nodes without username or domain, but only a password Benjamin DELPY 2020-02-29 11:12:37 +0100
  • cdfccf405e
         Merge pull request #268 from timhir/master Benjamin DELPY 2020-02-27 07:36:13 +0100
  • a5f843b5aa [new] lsadump::dcsync full sync filters deleted accounts by default (/deleted to get them back) [new] lsadump::dcsync full sync prints UAC (details with /uac) [fix] includes again WinDNS.h Benjamin DELPY 2020-02-26 23:40:00 +0100
  • 4af2481be7 Support for decrypting credentials protected by Credential Guard Timo Hirvonen 2020-02-25 11:15:33 +0200
  • 57b7267c30 [new] module minidump supports stream size [new] module file read with FILE_SHARE_WRITE [new] module crypto_sk for crypto with SecureKernel algorithms [new] bcrypt lib to support BCryptKeyDerivation [enhancement] LSAISO_DATA_BLOB structure & display [experimental] sekurlsa::msv1_0 normalized structure for LsaIso [experimental] sekurlsa::kerberos try to acquire session key from LsaIso [experimental] sekurlsa::dpapi key from msv1_0 when LsaIso (not encrypted) Benjamin DELPY 2020-02-24 23:52:47 +0100
  • f9922d8db7
         fix closing SAM registry key twice Youfu Zhang 2020-02-20 21:46:10 +0800
  • b098bf37cf [new] dpapi::chrome supports AES-256-GCM decryption for new Logins & Cookies [new] dpapi::cred & vault::cred now supports double DPAPI for INET & Ivanti credentials Benjamin DELPY 2020-02-08 12:42:34 +0100
  • 6972319852 [new] dpapi::masterkey now supports derivation from NTLM hash for protected user (/protected) instead of password Benjamin DELPY 2020-01-23 10:12:22 +0100
  • 60033c8e75 Removing previous SQLite3 dependencies Benjamin DELPY 2020-01-04 19:20:55 +0100
  • 421a4d2b2d lsadump & Chrome updates [new] lsadump::sam support SupplementalCredentials in local SAM (close #250) - thank you @MichaelGrafnetter [enhance] lsadump::sam with better logic in revision/flag detection (without new code), fix #99, fix #165, fix #249 [enhance] chrome::dpapi by integration of an updated SQLite3 library with less OMIT (must fix #246, no SQLITE_OMIT_AUTOINCREMENT) Benjamin DELPY 2020-01-04 19:13:16 +0100
  • c832504acd Crypto, crypto everywhere [new] crypto::capi patch DSS CSP (experimental) [new] crypto::keys export DSA, EC keys [new] crypto::kutil import PEM, DER, PKCS#8, CAPI blob & CNG blob when possible, convert it to PKCS#8, or make a PKCS#12 with a PEM or DER certificate [new] dpapi::capi & dpapi::cng export private keys in PVK format for legacy (RSA & DSA) or PKCS#8 for others (like EC) [new] crypto:: & dpapi:: keys & cert functions with more informations Benjamin DELPY 2020-01-02 19:31:05 +0100
  • 699ce3c132 [new] crypto::scauth /sha1 (RSA SHA1 signature algorithm instead of default RSA SHA256) [new] crypto::scauth /keysize:x (RSA key size instead of default 2048 bits) [new] crypto::scauth /cahash:SHA1 (to search for CA by its SHA1 instead of /caname) [new] crypto::scauth /cn:w /o:x /ou:y /c:z (to specify DN fields instead of defaults UPN, mimikatz, NULL and FR) [new] dpapi::luna (to decrypt slot password with KSP configuration) Benjamin DELPY 2019-12-23 01:00:47 +0100
  • d000484580
         Create SECURITY.md İsmail Taşdelen 2019-12-17 10:33:27 +0300
  • 2c505dd6a7 Merge tag '2.2.0-20191125' Brent Cook 2019-12-06 08:18:59 -0600
  • 3c81f16b5b New DPAPI stuff & crypto [new] dpapi::masterkey now supports SID with SYSTEM_DPAPI (for @dirkjanm services ;)) [new] dpapi::cache filter non relevant SIDs [new] dpapi::cred now supports WinInet double DPAPI [new] dpapi::blob /raw for hex input [new] dpapi::blob /ascii to force ascii output (when not unicode data) [new] crypto:: & dpapi::cng key & certificates flags from current SDK (VSM) [new] sr98::nedap module (@iceman1001 <3) [new] lsadump::mbc to dump MachineBoundCertificate Benjamin DELPY 2019-11-25 03:03:09 +0100
  • c22cc2f701
         Merge branch 'master' of https://github.com/gentilkiwi/mimikatz OJ 2019-11-17 12:37:08 +1000
  • e7ea5c0b6f
         Add encoding info to log message Francesco Soncina 2019-10-31 12:02:00 +0100
  • ca5c2044bd
         Fix x64 build Francesco Soncina 2019-10-31 11:57:44 +0100
  • 1ed49f2bbf
         Fix indentation Francesco Soncina 2019-10-30 14:51:30 +0100
  • 12b650607b
         Add support for base64 output format Francesco Soncina 2019-10-30 14:49:45 +0100
  • f234e18279
         Parse /base64 option of log command Francesco Soncina 2019-10-30 14:43:32 +0100
  • d3f370e3bd
         Include kull_m_output.h Francesco Soncina 2019-10-30 14:42:43 +0100
  • 7f13e4b962
         Add global isBase64Output Francesco Soncina 2019-10-30 14:40:37 +0100
  • 6436bbe7bc A commit to make Carlos @darkoperator happy [new] mimikatz lsadump::cache /dcc:<hash> to support pushing a previous one without knowing NTLM or password [new] mimikatz misc::lock to lock the session of current user/all users if available (privilege::debug) [fix #220] that damn wcsicmp/_wcsicmp ;) Benjamin DELPY 2019-08-14 01:42:18 +0200
  • fd9bf89bc8 Add support for pDomAccF->keys1 revision 2 Drew Noel 2019-07-26 18:36:14 -0400
  • 46bede3a8c [new] mimikatz dpapi::ps function to deal with PSCredential and SecureString XML files. [fix #214] Fis sekurlsa key import for Windows 1809 Benjamin DELPY 2019-07-20 23:04:25 +0200
  • 46a0af7bb8 [new] sr98::noralsy encoder, sr98::em4100 reader [fix] net::trust legacy flags [fix] dpapi decrypt by rpc, remove /system flag (incompatible with system key) Benjamin DELPY 2019-07-10 23:32:26 +0200
  • b4f9467b9f [fix] mimikatz sekurlsa::kerberos for Windows 1903 (build 18362) for x86 Benjamin DELPY 2019-05-13 01:38:31 +0200
  • 68ac65b426 [new] mimikatz Windows 10 1903 (build 18362) support Benjamin DELPY 2019-05-13 01:17:31 +0200
  • 90eac33ed9
         Merge ce20279fb9 into c3b4af1636 talliberman 2019-05-04 05:40:35 +0000
  • c3b4af1636 [removing] mimikatz sekurlsa module: removing a particular encryption/decryption for a Windows beta Benjamin DELPY 2019-05-04 01:57:46 +0200
  • 72b83acb29 [new] mimikatz sekurlsa module now supports minidumps from NT 5, on NT >= 6 too Benjamin DELPY 2019-05-04 01:54:38 +0200
  • 4d4d047b50 [new] mimikatz for NT5 (XP/2003) now supports DES-X-CBC and RC4 without LSASRV.DLL (thank you @NielsFerguson) Benjamin DELPY 2019-05-01 23:22:02 +0200
  • 8c4bae5fa0 [fix] mimilib subauth: even BadPasswordCount to be compatible with Kerberos pre-auth Benjamin DELPY 2019-04-28 22:12:10 +0200
  • 641a3b29ac [new] lsadump::changentlm & lsadump::setntlm are now supporting /rid instead of /user [interne] crypto::scauth try to set the signature PIN when exchange fails Benjamin DELPY 2019-04-15 02:10:47 +0200
  • 5fc3351d7a [fix #199] Allow dpapi::chrome to open DB without lock (library update to support win32-none VFS) thank you @psychomario ! [new] net::trust adds LDAP search to get objectGuid for lsadump::dcsync usage Benjamin DELPY 2019-04-12 01:25:20 +0200
  • 599a5cd3ae Add SQLITE_OPEN_URI to dpapi_chrome to allow for lockless opening Rory McNamara 2019-04-09 11:41:45 +0100
  • ac46e32d06 [update] mimidrv for 2016 up to date [interna] cosmetic Benjamin DELPY 2019-04-09 00:53:35 +0200
  • 6910c7b930 [new] mimikatz net::deleg now support /server and /dns arguments Benjamin DELPY 2019-04-04 23:47:54 +0200
  • e84c57f6cb [new] net::deleg function in mimikatz [new] owl module for Cam Benjamin DELPY 2019-03-29 03:11:00 +0100
  • b008188f9f Big update :) [new] mimikatz & mimilib **very** experimental support for ARM64 [better] code for Mifare protocol [better] code for sekurlsa WinDBG plugin (credential keys, still not good enough) [new] mimilib sub authentication package for @vletoux with 'bad password knocking' and magic password [new] mimikatz: unmarshalling usernames when marshalled [fix] mimikatz SR98/RDM/Busylight could previously crash [fix #184] again and again ;) [fix #172] swscanf_s VS ARRAYSIZE macro [fix #127] stdout/stdin/stderr vs modern Visual Studio and Windows XP support (thank you @Crypt0-M3lon) [code] refactor for defined / !defined Benjamin DELPY 2019-03-25 01:57:56 +0100
  • 76a632f3e2 Add explicit cast to let VS2017 compile correctly Philippe Pepos-Petitclerc 2019-03-20 14:32:35 -0400
  • 52e62623bb
         eventlog service patch for win8.1 (64bit) Speedi13 2019-02-11 15:53:48 +0100
  • fe6a853ec3 [new] mimikatz eventlog patch for 1803 ( for @darkoperator ) [new] mimikatz version includes maximum Windows build number tested Benjamin DELPY 2018-12-10 00:03:02 +0100
  • 637068dc4a
         Merge branch 'master' of https://github.com/gentilkiwi/mimikatz OJ 2018-12-05 12:00:57 +1000
  • 2fd09bbef0 [new] mimikatz & mimidrv full support for Windows 1809 Benjamin DELPY 2018-12-03 02:06:10 +0100
  • acb7e05832
         Update README.md George 2018-11-20 12:53:20 -0800
  • 4b1957e6b4 Use blank strings instead of NULL for fields in PKERB_VALIDATION_INFO Adam Brown 2018-10-27 17:51:44 -0400
  • 53201d022b
         Merge upstream/master 2.1.1-20180925 (Kitten for Cred Guard) OJ 2018-09-26 14:06:11 +1000
  • e380febb61 [new/fix] misc::memssp for Windows 10 1803 x64 Benjamin DELPY 2018-09-25 15:06:44 -0700
  • d7907d65c0
         Merge branch 'upstream/master' OJ 2018-08-31 07:38:54 +1000
  • b87468c1b4 [new] mimikatz dpapi::rdg to decrypt saved passwords in RDG files (Remote Desktop Connection Manager) Benjamin DELPY 2018-08-19 17:01:41 -0700
  • fc58c0ca84
         Merge 'upstream/master' (updated release 2.1.1) OJ 2018-08-17 09:24:14 +1000
  • 3134be808f [fix #166] lsadump::secrets helper for 'TBAL' secret - thanks to @jagotu research ( http://vztekoverflow.com/2018/07/31/tbal-dpapi-backdoor/ ) Benjamin DELPY 2018-08-16 15:53:38 -0700
  • 56d9db738a Vegas Edition [new] lsadump::dchadow updates (linger, new helpers, fixes) [new] ACR & PN532 module Benjamin DELPY 2018-08-14 13:13:03 -0700
  • 0eba88e940
         Added 'Binaries' description O . S . O 2018-07-31 11:22:50 +0200
  • 07a950693f
         Create appveyor.yml O . S . O 2018-07-31 11:04:31 +0200
  • 110a831ebe [new] process run with parent PID (NT6) Benjamin DELPY 2018-06-16 18:46:50 +0200
  • c0f05a5286 [fix #155] ts::multirdp for Windows 10 1803 x64 (x86 was ok) Benjamin DELPY 2018-05-27 02:45:45 +0200
  • 0798214d73 [new] dpapi::ssh from an idea of @ropnop and for Tal Be'ery [fix] sr98::raw blocks array (fix #149 - thank you @steelfly33) Benjamin DELPY 2018-05-26 01:42:20 +0200
  • 0f8620b080
         Remove check for '.' in domain name for dcsync OJ 2018-05-04 17:20:38 +1000
  • 7459703773
         Merge branch 'may-2018-update' OJ 2018-05-04 16:46:37 +1000
  • c0198895e0
         Merge changes from master up to May 2018 OJ 2018-05-04 16:43:44 +1000
  • ea736db1bc Fix console I/O with Simple DLL build Crypt0-M3lon 2018-05-03 15:00:40 +0200
  • d1c131ab46 Stop parsing commands on EOF Thomas Hebb 2018-05-02 11:44:10 -0400
  • c8cb4111d7 [fix] Windows 10 1803 (17134) support (the real one this time :)) [new] RDM(830 AL) HF reader/writer basic support Benjamin DELPY 2018-05-02 00:29:34 +0200
  • 83c1355682 removing specific HID library for Busylight a generic one will come Benjamin DELPY 2018-05-02 00:23:12 +0200
  • a0f243b335 [fix] don't ask me why, but fixing previous SVN commit Benjamin DELPY 2018-04-24 01:23:31 +0200
  • 2f66115ccd [fix] Passing the hash issue when replacing password in some Windows 10 versions [fix] kerberos & crypto FindFile issue when enumerating kirbi & certificate files in directories [fix] adding Fci.h file in includes [new] kerberos::golden can make tickets without PAC when avoiding the /sid parameters [new] crypto::sc tries to get informations with readers without cards [new] sr98:: module to deal with LF writer and T5577 cards Benjamin DELPY 2018-04-24 01:21:00 +0200
  • 62d9ea8acd [new] misc::clip to monitor text in the Clipboard Benjamin DELPY 2018-03-25 21:09:17 +0200
  • 9cd7e2dba7 [new] mimikatz & mimidrv support for Windows 10 build 1803 (17623) x64 [internal] structures for SAM cache Benjamin DELPY 2018-03-22 03:56:19 +0100
  • 2fa4c049d9 [fix] missing ; (common, it's C ;)) Benjamin DELPY 2018-03-20 02:04:46 +0100
  • 4b4d596b74 [fix #138] Adapted Build mask from commend and msvcrt.dll reverse + fixed version command on x86 Benjamin DELPY 2018-03-20 02:02:33 +0100
  • 0e3ddfa0b8
         Merge a27d527ad7 into 2e4edccee8 Jean-Baptiste Galet 2018-03-19 17:50:39 +0000
  • a27d527ad7
         Fix MIMIKATZ_NT_BUILD_NUMBER for RS4 (builds > 16384) Jean-Baptiste Galet 2018-03-19 18:48:14 +0100
  • 2e4edccee8 [really fix #133] casting (ULONG) FIELD_OFFSET Benjamin DELPY 2018-03-18 14:26:34 +0100
  • 696ff18f11 [new] lsadump::cache can extract NTLM hash from SmartCard local cache (cc: @asolino) [fix #133] Casting to ULONG result of the FIELD_OFFSET macro in lsasdump_dc module Benjamin DELPY 2018-03-18 00:24:05 +0100
  • 522d06ae8c
         Merge 7dc7f59188 into 448bf35019 kmanc 2018-03-02 16:51:32 +0000
  • 7dc7f59188
         Fix warnings that prevent compiling kmanc 2018-03-02 08:43:45 -0800
  • ce20279fb9
         Update README.md talliberman 2018-02-26 12:51:20 +0200
  • 448bf35019 [internal] IDL_DRSVerifyNames Benjamin DELPY 2018-02-08 02:26:36 +0100
  • 18278e3329
         Merge upstream/master (to include dcshadow code) OJ 2018-02-06 11:52:36 +1000
  • 3d8be22fff [fix] a lots of @vletoux errors checking ;) Benjamin DELPY 2018-02-06 00:16:51 +0100
  • bef58c833c [fix] lsadump::dcshadow now supports renamed domains (ms-DS-ReplicationEpoch) Benjamin DELPY 2018-02-05 02:07:47 +0100
  • 3a43901dd8 [new] lsadump::sam with LM/NTLM history [change] lsadump::dcshadow code / DC functionnal level version in text Benjamin DELPY 2018-02-03 23:29:33 +0100
  • ab18bd103a Pushing @vletoux DCShadow in current branch with some adaptations Benjamin DELPY 2018-01-27 01:37:55 +0100
  • b302d5007c
         Merge branch 'jan-2018-update' OJ 2018-01-25 09:08:00 +1000
  • f6cd9297c8
         Merge branch 'upstream/master' Jan 2018 OJ 2018-01-25 09:02:19 +1000
  • 0cba47194c First release of lsadump::dcshadow LSADump_DCShadow vletoux 2018-01-18 18:07:41 +0100
  • 78dba4ede9 [fix #118] Adding missing fltlib.lib to the solution Benjamin DELPY 2017-12-21 02:30:19 +0100
  • 508b4aaf9e [new] mimikatz::event module for Windows 10 1709 Benjamin DELPY 2017-12-20 00:16:36 +0100
  • 3876fa0614 [internal] misc::memssp for Windows 10 17xx Benjamin DELPY 2017-12-19 01:14:32 +0100
  • fa591e61a4 [new] mimidrv for Windows 10 version 1709 Benjamin DELPY 2017-12-18 03:30:40 +0100
  • 9e42ea3b28 [fix] missing fltuser* includes [fix] mimidrv version Benjamin DELPY 2017-12-10 18:12:21 +0100
  • 5e712a34d0 [new] misc::easyntlmchall [typo] Windows version 1707 -> 1703 [internal] kull_m_net_getComputerName [internal] _ReturnAddress() Benjamin DELPY 2017-12-03 21:16:28 +0100
  • 4188d55dc0 [new] misc::mflt to list minifilters Benjamin DELPY 2017-11-28 03:16:46 +0100
  • dc7661c7d0 [new] starting an internal SR98 module for chinese LF cloner [internal] MS-DRSR internal improvements Benjamin DELPY 2017-11-27 01:58:27 +0100