Update mimikatz (the kiwi extension)

[zeroSteiner]

Requires rapid7/mimikatz#5.

This updates the kiwi extension to pull in the latest changes from the upstream mimikatz project. Notably this adds the features in the ts module like the ts::logonpasswords command.

Submodule Setup

The submodule needs to be pointing to the changes I made in rapid7/mimikatz#5. If there's an issue, go into the submodule directory c/meterpreter/source/extensions/kiwi/mimikatz and use git to checkout the PR branch.

git remote add zeroSteiner https://github.com/zeroSteiner/mimikatz
git fetch zeroSteiner
git checkout feat/update zeroSteiner/feat/update

Testing

• Make sure everything builds correctly, with no errors
  • x86 in Visual Studio
  • x64 in Visual Studio
  • x86 in MinGW (run the make meterpreter-ext-kiwi-x86 command from a Linux host with the build environment)
  • x64 in MinGW (run the make meterpreter-ext-kiwi-x64 command from a Linux host with the build environment)
• Test the Visual Studio binaries (those are the ones that ship with the Framework), for both the x86 and x64 extensions
  • Copy the built extension files from Visual Studio into the local directory at ~/.msf4/payloads/meterpreter (make that folder if it does not already exist)
  • Open a Metepreter session for the architecture you're testing
  • Load the extension by running load kiwi
    • You should see a warning that a local file is being used
  • Run a new command to see that it's available by running kiwi_cmd privilege::debug ts::logonpasswords

If the new extension was loaded, the output from the new ts::logonpasswords command should be "!!! Warning: false positives can be listed !!!". If something is wrong then there will be an error saying:

ERROR mimikatz_doLocal ; "logonpasswords" command of "ts" module not found !

Module :	ts
Full name :	Terminal Server module

        multirdp  -  [experimental] patch Terminal Server service to allow multiples users
        sessions
          remote

[jmartin-tech]

Automation build failure:

13:56:30 "C:\Users\vagrant\metasploit-payloads\c\meterpreter\workspace\make.msbuild" (r7_all target) (1) ->
13:56:30 "C:\Users\vagrant\metasploit-payloads\c\meterpreter\workspace\meterpreter.sln" (Clean;Rebuild target) (2) ->
13:56:30 "C:\Users\vagrant\metasploit-payloads\c\meterpreter\workspace\ext_server_kiwi\ext_server_kiwi.vcxproj" (Rebuild target) (8:2) ->
13:56:30 (ClCompile target) -> 
13:56:30   c:\users\vagrant\metasploit-payloads\c\meterpreter\source\extensions\kiwi\mimikatz\modules\sqlite3.c(30935): error C2220: warning treated as error - no 'object' file generated [C:\Users\vagrant\metasploit-payloads\c\meterpreter\workspace\ext_server_kiwi\ext_server_kiwi.vcxproj]
13:56:30 
13:56:30     16 Warning(s)
13:56:30     1 Error(s)