Description

Migrate the Mimikatz credentials collector to a plugin.#3167

Tasks

• Define config-schema.json, manifest, and options (0d) @ilija-lazoroski @ordabach
• Create pipfile for dependencies (0d) @ilija-lazoroski @ordabach
• Add A jenkins job to build the plugin (0d) @ilija-lazoroski @ordabach
  • Update the island build jobs on Jenkins to copy the artifacts from the Mimikatz plugin build job
• Add a build script for building plugins on Windows. Modify the mimikatz jenkins job as necessary. (0d) @ilija-lazoroski, @shreyamalviya
• Convert the existing mimikatz collector to a plugin (0d) @mssalvatore
  • Update ETE test configuration
  • Reimplement unit tests
• Remove the hard-coded mimikatz credentials collector plugin (0d) @mssalvatore
• Fix wmi_mimikatz and depth_1 smb mimikatz tests (see below) (0d) - @shreyamalviya
  • Remove wmi_mimikatz test
  • Modify depth_1_a to call the stolen credentials endpoint and assert that expected credentials were stolen
• Remove vulture entries
• Fix logging (leaking credentials) (0d) @ilija-lazoroski

Broken tests

This test is supposed to test that credentials are collected from mimikatz 14 and used to access mimikatz 15. It should be a depth 2 test and shouldn't include valid credentials for mimikatz 15 in the configuration.

Also check the depth_1_a test, as this has comments about mimikatz password stealing. I'm not sure how this can be properly tested with a depth 1 test.