Adding Invoke-Mimikatz and Invoke-Ninjacopy

23 files changed, 205 insertions, 0 deletions

diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.read.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.read.1.tlog
new file mode 100644
index 0000000..d6e37a7
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.read.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.write.1.tlog
new file mode 100644
index 0000000..93f65cf
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/CL.write.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/cl.command.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/cl.command.1.tlog
new file mode 100644
index 0000000..bd72d30
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/cl.command.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.dll.intermediate.manifest b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.dll.intermediate.manifest
new file mode 100644
index 0000000..ecea6f7
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.dll.intermediate.manifest
@@ -0,0 +1,10 @@
+<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
+<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
+  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
+    <security>
+      <requestedPrivileges>
+        <requestedExecutionLevel level='asInvoker' uiAccess='false' />
+      </requestedPrivileges>
+    </security>
+  </trustInfo>
+</assembly>
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.lastbuildstate b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.lastbuildstate
new file mode 100644
index 0000000..4d28193
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.lastbuildstate
@@ -0,0 +1,2 @@
+#v4.0:v100
+Release|Win32|C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\|
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.res b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.res
new file mode 100644
index 0000000..f3f1c55
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.res
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.write.1.tlog
new file mode 100644
index 0000000..17139b5
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/kelloworld.write.1.tlog
@@ -0,0 +1,5 @@
+^C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\librairies\kelloworld\kelloworld.vcxproj
+C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\Win32\kelloworld.lib
+C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\Win32\kelloworld.lib
+C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\Win32\kelloworld.exp
+C:\Github\PowerShellExperimental\Invoke-Mimikatz\mimikatz-1.0\Win32\kelloworld.exp
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.read.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.read.1.tlog
new file mode 100644
index 0000000..46b134b
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.read.1.tlog
@@ -0,0 +1 @@
+ÿþ
\ No newline at end of file
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.write.1.tlog
new file mode 100644
index 0000000..46b134b
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link-cvtres.write.1.tlog
@@ -0,0 +1 @@
+ÿþ
\ No newline at end of file
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.command.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.command.1.tlog
new file mode 100644
index 0000000..41cc4a2
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.command.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.read.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.read.1.tlog
new file mode 100644
index 0000000..da4e714
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.read.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.write.1.tlog
new file mode 100644
index 0000000..6d0be40
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/link.write.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.command.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.command.1.tlog
new file mode 100644
index 0000000..bbb2100
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.command.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.read.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.read.1.tlog
new file mode 100644
index 0000000..b7cc267
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.read.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.write.1.tlog
new file mode 100644
index 0000000..1ff82f2
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/mt.write.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.command.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.command.1.tlog
new file mode 100644
index 0000000..fb31489
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.command.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.read.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.read.1.tlog
new file mode 100644
index 0000000..811b6f9
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.read.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.write.1.tlog b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.write.1.tlog
new file mode 100644
index 0000000..30d54de
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/Win32/rc.write.1.tlog
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.cpp b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.cpp
new file mode 100644
index 0000000..d49a183
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.cpp
@@ -0,0 +1,12 @@
+/*	Benjamin DELPY `gentilkiwi`
+	http://blog.gentilkiwi.com
+	benjamin@gentilkiwi.com
+	Licence : http://creativecommons.org/licenses/by/3.0/fr/
+*/
+#include "kelloworld.h"
+
+__kextdll bool __cdecl helloworld(mod_pipe * monPipe, vector<wstring> * mesArguments)
+{
+	MessageBox(NULL, L"Hello World!", MIMIKATZ_FULL, MB_ICONINFORMATION | MB_OK);
+	return true;
+}
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.h b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.h
new file mode 100644
index 0000000..daa8973
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.h
@@ -0,0 +1,9 @@
+/*	Benjamin DELPY `gentilkiwi`
+	http://blog.gentilkiwi.com
+	benjamin@gentilkiwi.com
+	Licence : http://creativecommons.org/licenses/by/3.0/fr/
+*/
+#pragma once
+#include "kmodel.h"
+
+__kextdll bool __cdecl helloworld(mod_pipe * monPipe, vector<wstring> * mesArguments);
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.rc b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.rc
new file mode 100644
index 0000000..312b232
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.rc
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj
new file mode 100644
index 0000000..b0b3674
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{D0ABA26B-0C4F-41F0-8F3C-7F5EFE3C50C6}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>kelloworld</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+    <UseOfMfc>Static</UseOfMfc>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+    <UseOfMfc>Static</UseOfMfc>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <OutDir>$(SolutionDir)$(Platform)\</OutDir>
+    <IntDir>$(Platform)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <OutDir>$(SolutionDir)$(Platform)\</OutDir>
+    <IntDir>$(Platform)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <Optimization>Full</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;KELLOWORLD_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(SolutionDir)/commun;$(SolutionDir)/modules;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
+      <StringPooling>true</StringPooling>
+      <ExceptionHandling>false</ExceptionHandling>
+      <FloatingPointModel>Fast</FloatingPointModel>
+      <FloatingPointExceptions>false</FloatingPointExceptions>
+      <CreateHotpatchableImage>false</CreateHotpatchableImage>
+      <ErrorReporting>None</ErrorReporting>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalDependencies>user32.lib</AdditionalDependencies>
+      <LinkErrorReporting>NoErrorReport</LinkErrorReporting>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <Optimization>Full</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;KELLOWORLD_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(SolutionDir)/commun;$(SolutionDir)/modules;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
+      <StringPooling>true</StringPooling>
+      <ExceptionHandling>false</ExceptionHandling>
+      <FloatingPointModel>Fast</FloatingPointModel>
+      <FloatingPointExceptions>false</FloatingPointExceptions>
+      <CreateHotpatchableImage>false</CreateHotpatchableImage>
+      <ErrorReporting>None</ErrorReporting>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalDependencies>user32.lib</AdditionalDependencies>
+      <LinkErrorReporting>NoErrorReport</LinkErrorReporting>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\commun\kmodel.cpp" />
+    <ClCompile Include="..\..\modules\mod_parseur.cpp" />
+    <ClCompile Include="..\..\modules\mod_pipe.cpp" />
+    <ClCompile Include="kelloworld.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="..\..\commun\kmodel.h" />
+    <ClInclude Include="..\..\modules\mod_parseur.h" />
+    <ClInclude Include="..\..\modules\mod_pipe.h" />
+    <ClInclude Include="kelloworld.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="kelloworld.rc" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj.filters b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj.filters
new file mode 100644
index 0000000..4271331
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/librairies/kelloworld/kelloworld.vcxproj.filters
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <ClCompile Include="kelloworld.cpp" />
+    <ClCompile Include="..\..\modules\mod_pipe.cpp">
+      <Filter>Modules Communs\Communication</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\modules\mod_parseur.cpp">
+      <Filter>Modules Communs\Parseur</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\commun\kmodel.cpp">
+      <Filter>Modules Communs\Librairie Modèle</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="kelloworld.h" />
+    <ClInclude Include="..\..\modules\mod_pipe.h">
+      <Filter>Modules Communs\Communication</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\modules\mod_parseur.h">
+      <Filter>Modules Communs\Parseur</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\commun\kmodel.h">
+      <Filter>Modules Communs\Librairie Modèle</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <Filter Include="Modules Communs">
+      <UniqueIdentifier>{78bbda7e-d41f-4f1c-8aab-9b9471b30a56}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Modules Communs\Communication">
+      <UniqueIdentifier>{314aff70-fe34-4afa-9341-0ad0a9a9a735}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Modules Communs\Parseur">
+      <UniqueIdentifier>{86a68fa7-1f11-48c7-9821-f5c8bf8b6724}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Modules Communs\Librairie Modèle">
+      <UniqueIdentifier>{7790e784-5bb7-405d-8bc7-0a3f5351245b}</UniqueIdentifier>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="kelloworld.rc" />
+  </ItemGroup>
+</Project>
\ No newline at end of file