Describe the feature request or bug
The results of the command "Mimikatz privilege::debug sekurlsa::logonpasswords" will display stored credentials, which are then stored within the data field. If the password contains a colon character ':', only characters preceding this will be stored within Data->Credentials.
To Reproduce
Steps to reproduce the behavior:
Create an account with a password containing a colon character on the target machine
On a grunt, run the command Mimikatz privilege::debug sekurlsa::logonpasswords
Click on 'Data'
Click on 'Credentials'
See that the credentials have been captured with an incorrect password stored
Expected behavior
The full password should be stored within
Covenant Server Information:
Linux
Docker
Browser Information:
Chrome
Version [e.g. 22]
Target Information (System that implant is running on):
Bug
Describe the feature request or bug The results of the command "Mimikatz privilege::debug sekurlsa::logonpasswords" will display stored credentials, which are then stored within the data field. If the password contains a colon character ':', only characters preceding this will be stored within Data->Credentials.
To Reproduce Steps to reproduce the behavior:
Expected behavior The full password should be stored within Covenant Server Information:
Browser Information:
Target Information (System that implant is running on):
Other Information: The offending code appears to be in line 128 @ https://github.com/cobbr/Covenant/blob/dev/Covenant/Models/Covenant/CapturedCredential.cs