Update to Incognito v2

README.md

@@ -9,37 +9,22 @@ This is the new repository for the Meterpreter [source], which was originally in
 Building - Windows
 ==================
 
-Meterpreter is now being built with [Visual Studio 2012 Express for Desktop][vs_express] or any
-paid version of [Visual Studio 2012][vs_paid]. Earlier toolsets on Windows are no longer
-supported.
+Meterpreter is now being built with [Visual Studio 2013 Express for Desktop][vs_express] or any
+paid version of [Visual Studio 2013][vs_paid]. Earlier toolsets on Windows are no longer
+supported. Make sure that the version that you download is
+`Visual Studio Express 2013 for Windows Desktop`.
 
-Visual Studio 2012 requires .NET 4.5 in order to run, and as a result isn't compatible
+Visual Studio 2013 requires .NET 4.5.1 in order to run, and as a result isn't compatible
 with Windows XP due to the fact that .NET 4.5 will not run on Windows XP. However, this
 does not mean that Metepreter itself will not run on Windows XP, it just means that it's
 not possible to _build_ it on Windows XP.
 
-Visual Studio 2012 Express
---------------------------
-
-In order to build successfully with this version of Visual Studio you must first make sure
-that the most recent updates have been applied. At the time of writing, the latest known
-update is **Update 3**. Without this update you won't be able to build.
-
-To make sure you have the appropriate updates applied:
-
-1. Open Visual Studio 2012.
-1. Open the `Tools` menu and select `Extensions and Updates`
-1. Select the `Updates` item on the left side of the dialog box.
-1. Follow the prompts to install any updates that are found.
-
-With those updates applied you should be ready to build Meterpreeter.
-
 Running the Build
 -----------------
 
-Open up a Visual Studio command prompt by selecting `Developer Command Prompt for VS2012`
+Open up a Visual Studio command prompt by selecting `Developer Command Prompt for VS2013`
 from the Start menu. Alternatively you can run `vcvars32.bat` from an existing command
-line prompt, just make sure it's the VS2012 one if you have multiple versions of VS
+line prompt, just make sure it's the VS2013 one if you have multiple versions of VS
 installed on your machine.
 
 Once you have your environment variables set up, change to the root folder where the
@@ -133,7 +118,7 @@ project going by doing the following:
 1. Create a new folder called `source/extensions/splat`.
 1. Copy `source/extensions/bare/bare.c` to `source/extensions/splat/splat.c`
 1. Copy `source/extensions/bare/bare.h` to `source/extensions/splat/splat.h`
-1. Open `workspace/meterpreter.sln` in Visual Studio 2012.
+1. Open `workspace/meterpreter.sln` in Visual Studio 2013.
 1. Right-click on the solution item called `Solution 'meterpreter'` and
    select `Add`, then `Existing Project...`.
 1. Browse to your new project's location at `workspace/ext_server_splat`
@@ -168,8 +153,8 @@ Things to Remember
 
 Good luck!
 
-  [vs_express]: http://www.microsoft.com/visualstudio/eng/downloads#d-2012-express
-  [vs_paid]: http://www.microsoft.com/visualstudio/eng/downloads#d-2012-editions
+  [vs_express]: http://www.microsoft.com/visualstudio/eng/downloads#d-2013-express
+  [vs_paid]: http://www.microsoft.com/visualstudio/eng/downloads#d-2013-editions
   [source]: https://github.com/rapid7/meterpreter
   [framework]: https://github.com/rapid7/metasploit-framework
   [build_icon]: https://ci.metasploit.com/buildStatus/icon?job=MeterpreterWin

make.bat

@@ -1,24 +1,7 @@
 @ECHO OFF
 IF "%1"=="clean" GOTO CLEAN
 IF "%1"=="docs" GOTO DOCS
-IF "%VCINSTALLDIR%" == "" (
-  ECHO "VC++ Environment not found, attempting to locate..."
-  REM Attempt to load up the dev env variables if they're not
-  REM set, saves people doing it manually
-  SET SETUP="Microsoft Visual Studio 11.0\Common7\Tools\vsvars32.bat"
-  IF EXIST "%ProgramFiles%\%SETUP%" (
-    ECHO "Found at '%ProgramFiles%\%SETUP%'"
-    "%ProgramFiles%\%SETUP%"
-  )
-
-  IF EXIST "%ProgramFiles(x86)%\%SETUP%" (
-    ECHO "Found at '%ProgramFiles(x86)%\%SETUP%'"
-    "%ProgramFiles(x86)%\%SETUP%"
-  )
-
-  REM If we still don't have what we need, then throw an error
-  IF "%VCINSTALLDIR%" == "" GOTO NEED_VS
-)
+IF "%VCINSTALLDIR%" == "" GOTO NEED_VS
 
 SET PREF=
 IF EXIST "..\pssdk\" SET PREF=r7_
@@ -62,6 +45,6 @@ GOTO :END
 
 :NEED_VS
 ECHO "This command must be executed from within a Visual Studio Command prompt."
-ECHO "This can be found under Microsoft Visual Studio 2012 -> Visual Studio Tools"
+ECHO "This can be found under Microsoft Visual Studio 2013 -> Visual Studio Tools"
 
 :END

source/extensions/incognito/hash_stealer.c

@@ -21,6 +21,7 @@ DWORD request_incognito_snarf_hashes(Remote *remote, Packet *packet)
 	SavedToken *token_list = NULL;
 	NETRESOURCEA nr;
 	HANDLE saved_token;
+	TOKEN_PRIVS token_privs;
 	char conn_string[BUF_SIZE] = "", domain_name[BUF_SIZE] = "", *smb_sniffer_ip = NULL,
 		return_value[BUF_SIZE] = "", temp[BUF_SIZE] = "";
 
@@ -39,7 +40,7 @@ DWORD request_incognito_snarf_hashes(Remote *remote, Packet *packet)
 	if (!OpenThreadToken(GetCurrentThread(), TOKEN_ALL_ACCESS, TRUE, &saved_token))
 		saved_token = INVALID_HANDLE_VALUE;
 
-	token_list = get_token_list(&num_tokens);
+	token_list = get_token_list(&num_tokens, &token_privs);
 	if (!token_list)
 	{
 		packet_transmit_response(GetLastError(), remote, response);

source/extensions/incognito/incognito.c

@@ -36,6 +36,7 @@ DWORD request_incognito_list_tokens(Remote *remote, Packet *packet)
 	SavedToken *token_list = NULL;
 	BOOL bTokensAvailable = FALSE;
 	TOKEN_ORDER token_order;
+	TOKEN_PRIVS token_privs;
 	char *delegation_tokens = calloc(sizeof(char), BUF_SIZE), 
 		*impersonation_tokens = calloc(sizeof(char), BUF_SIZE),
 		temp[BUF_SIZE] = "";
@@ -44,7 +45,7 @@ DWORD request_incognito_list_tokens(Remote *remote, Packet *packet)
 	token_order = packet_get_tlv_value_uint(packet, TLV_TYPE_INCOGNITO_LIST_TOKENS_TOKEN_ORDER);
 
 	// Enumerate tokens
-	token_list = get_token_list(&num_tokens);
+	token_list = get_token_list(&num_tokens, &token_privs);
 
 	if (!token_list)
 	{
@@ -109,12 +110,13 @@ DWORD request_incognito_impersonate_token(Remote *remote, Packet *packet)
 	BOOL bTokensAvailable = FALSE, delegation_available = FALSE;
 	char temp[BUF_SIZE] = "", *requested_username, return_value[BUF_SIZE] = "";
 	HANDLE xtoken;
+	TOKEN_PRIVS token_privs;
 
 	Packet *response = packet_create_response(packet);
 	requested_username = packet_get_tlv_value_string(packet, TLV_TYPE_INCOGNITO_IMPERSONATE_TOKEN);
 
 	// Enumerate tokens
-	token_list = get_token_list(&num_tokens);
+	token_list = get_token_list(&num_tokens, &token_privs);
 
 	if (!token_list)
 	{