Skip to content
This repository has been archived by the owner on Jan 21, 2021. It is now read-only.

Update Invoke-Mimikatz.ps1 #336

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Invoke-Mimikatz.ps1 #336

wants to merge 1 commit into from

Conversation

AddaxSoft
Copy link

@AddaxSoft AddaxSoft commented Oct 31, 2019
edited

updated mimikatz 2.1 to 2.2 latest (31 oct 2019)
fixed VirtualAlloc issues on Win 10 version 1903 build 18362

@AddaxSoft
Update Invoke-Mimikatz.ps1
f650520 
updated mimikatz 2.1 to 2.2 latest (31 oct 2019)
fixed VirtualAlloc issues on Win 10 build 1903
@dickens88
Copy link

@AddaxSoft it works fine under win10 1903, thank you so much, you made my life much easier!

@JFuture23
Copy link

JFuture23 commented Feb 5, 2020
edited

Hello. I am getting the following errors below when using Invoke-Mimikatz. However, I am using a newer Windows version and a newer build - Win 10 Version 1909 build 18363.592. And I am using the latest powersploit modules as I downloaded it earlier this week.

Exception calling "GetMethod" with "1" argument(s): "Ambiguous match found."
At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\PowerSploit\Exfiltration\Invoke-Mimikatz.ps1:886 char:6

  •     $GetProcAddress = $UnsafeNativeMethods.GetMethod('GetProcAddr ...

  •     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    • FullyQualifiedErrorId : AmbiguousMatchException

You cannot call a method on a null-valued expression.
At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\PowerSploit\Exfiltration\Invoke-Mimikatz.ps1:893 char:6

  •     Write-Output $GetProcAddress.Invoke($null, @([System.Runtime. ...

  •     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : InvalidOperation: (:) [], RuntimeException
    • FullyQualifiedErrorId : InvokeMethodOnNull

Cannot find an overload for "GetDelegateForFunctionPointer" and the argument count: "2".
At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\PowerSploit\Exfiltration\Invoke-Mimikatz.ps1:489 char:3

  •     $VirtualAlloc = [System.Runtime.InteropServices.Marshal]::Get ...

  •     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [], MethodException
    • FullyQualifiedErrorId : MethodCountCouldNotFindBest

VirtualAlloc failed to allocate memory for PE. If PE is not ASLR compatible, try running the script in a new PowerShell process (the new PowerShell process will have a different memory
layout, so the address the PE wants might be free).
At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\PowerSploit\Exfiltration\Invoke-Mimikatz.ps1:2285 char:4

  •         Throw "VirtualAlloc failed to allocate memory for PE. If  ...

  •         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : OperationStopped: (VirtualAlloc fa...might be free).:String) [], RuntimeException
    • FullyQualifiedErrorId : VirtualAlloc failed to allocate memory for PE. If PE is not ASLR compatible, try running the script in a new PowerShell process (the new PowerShell process wil
      l have a different memory layout, so the address the PE wants might be free).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@AddaxSoft @dickens88 @JFuture23