From 59cd18360764af6e6133ad11ec9cd8295372e587 Mon Sep 17 00:00:00 2001
From: clymb3r <bialek.joseph@gmail.com>
Date: Tue, 1 Oct 2013 09:47:05 -0700
Subject: Adding Invoke-Mimikatz and Invoke-Ninjacopy

---
 Exfiltration/mimikatz-1.0/modules/mod_windows.cpp | 26 +++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 Exfiltration/mimikatz-1.0/modules/mod_windows.cpp

(limited to 'Exfiltration/mimikatz-1.0/modules/mod_windows.cpp')

diff --git a/Exfiltration/mimikatz-1.0/modules/mod_windows.cpp b/Exfiltration/mimikatz-1.0/modules/mod_windows.cpp
new file mode 100644
index 0000000..a54c5b7
--- /dev/null
+++ b/Exfiltration/mimikatz-1.0/modules/mod_windows.cpp
@@ -0,0 +1,26 @@
+/*	Benjamin DELPY `gentilkiwi`
+	http://blog.gentilkiwi.com
+	benjamin@gentilkiwi.com
+	Licence : http://creativecommons.org/licenses/by/3.0/fr/
+*/
+#include "mod_windows.h"
+
+BOOL WINAPI mod_windows::enumHWNDCallback(HWND hwnd,  pair<DWORD, vector<mod_windows::KIWI_HWND_ENTRY> *>  * mesHWNDS)
+{
+	DWORD processId = 0;
+	if(DWORD threadId = GetWindowThreadProcessId(hwnd, &processId))
+	{
+		if((mesHWNDS->first == 0) || (processId == mesHWNDS->first))
+		{
+			KIWI_HWND_ENTRY monEntree = {hwnd, processId, threadId};
+			mesHWNDS->second->push_back(monEntree);
+		}
+	}
+	return TRUE;
+}
+
+
+bool mod_windows::getHWNDsFromProcessId(vector<mod_windows::KIWI_HWND_ENTRY> * mesHWNDS, DWORD processId)
+{
+	return (EnumWindows(reinterpret_cast<WNDENUMPROC>(enumHWNDCallback), reinterpret_cast<LPARAM>(&make_pair<DWORD, vector<mod_windows::KIWI_HWND_ENTRY> *>(processId, mesHWNDS))) != FALSE);
+}
\ No newline at end of file
-- 
cgit v1.2.3