From c5168cdba6a3b2d7dd8d79c8ac9583d3ace6a504 Mon Sep 17 00:00:00 2001
From: mattifestation <mattgraeber@gmail.com>
Date: Mon, 3 Feb 2014 17:13:35 -0500
Subject: Removed mimikatz.

This doesn't need to reside in PowerSploit. Those that are truly
paranoid should validate that the embedded executable in
Invoke-Mimikatz.ps1 is indeed mimikatz.

This was causing AV to flag upon downloading PowerSploit.
---
 Exfiltration/mimikatz-1.0/modules/mod_text.h | 31 ----------------------------
 1 file changed, 31 deletions(-)
 delete mode 100644 Exfiltration/mimikatz-1.0/modules/mod_text.h

(limited to 'Exfiltration/mimikatz-1.0/modules/mod_text.h')

diff --git a/Exfiltration/mimikatz-1.0/modules/mod_text.h b/Exfiltration/mimikatz-1.0/modules/mod_text.h
deleted file mode 100644
index aeadd95..0000000
--- a/Exfiltration/mimikatz-1.0/modules/mod_text.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*	Benjamin DELPY `gentilkiwi`
-	http://blog.gentilkiwi.com
-	benjamin@gentilkiwi.com
-	Licence : http://creativecommons.org/licenses/by/3.0/fr/
-*/
-#pragma once
-#include "globdefs.h"
-#include <sstream>
-#include <iomanip>
-
-using namespace std;
-
-class mod_text
-{
-public:
-	static PRTL_INIT_STRING RtlInitString;
-	static PRTL_INIT_UNICODESTRING RtlInitUnicodeString;
-
-	static wstring stringOfHex(const BYTE monTab[], DWORD maTaille, DWORD longueur = 0);
-	static wstring stringOrHex(const BYTE monTab[], DWORD maTaille, DWORD longueur = 32, bool ligne = true);
-	static void wstringHexToByte(wstring &maChaine, BYTE monTab[]);
-	
-	static wstring stringOfSTRING(UNICODE_STRING maString);
-	static string stringOfSTRING(STRING maString);
-
-	static bool wstr_ends_with(const wchar_t * str, const wchar_t * suffix);
-	static bool wstr_ends_with(const wchar_t * str, size_t str_len, const wchar_t * suffix, size_t suffix_len);
-
-	static void InitLsaStringToBuffer(LSA_UNICODE_STRING * LsaString, wstring &maDonnee, wchar_t monBuffer[]);
-	static LUID wstringsToLUID(wstring &highPart, wstring &lowPart);
-};
-- 
cgit v1.2.3