Update mimikatz (the kiwi extension) #490
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Requires rapid7/mimikatz#5.
This updates the kiwi extension to pull in the latest changes from the upstream mimikatz project. Notably this adds the features in the
ts
module like thets::logonpasswords
command.Submodule Setup
The submodule needs to be pointing to the changes I made in rapid7/mimikatz#5. If there's an issue, go into the submodule directory
c/meterpreter/source/extensions/kiwi/mimikatz
and use git to checkout the PR branch.Testing
make meterpreter-ext-kiwi-x86
command from a Linux host with the build environment)make meterpreter-ext-kiwi-x64
command from a Linux host with the build environment)~/.msf4/payloads/meterpreter
(make that folder if it does not already exist)load kiwi
kiwi_cmd privilege::debug ts::logonpasswords
If the new extension was loaded, the output from the new
ts::logonpasswords
command should be "!!! Warning: false positives can be listed !!!". If something is wrong then there will be an error saying: