This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.
This project is comprised of the following elements:
- Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
- Functions.dll: The "real" library which exposes valid functionality to the harness
- Theif.dll: The "evil" library which is attempting to gain execution
- NetClone.exe: A C# application which will clone exports from one DLL to another
- PyClone.py: A python 3 script which mimics NetClone functionality
The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.
- Stc-Forward: Forwards export names during the build process using linker comments
- Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
- Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
- Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying
The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.
Prepare a hijack scenario with an obviously incorrect DLL
> copy C:\windows\system32\whoami.exe .\whoami.exe
1 file(s) copied.
> copy C:\windows\system32\kernel32.dll .\wkscli.dll
1 file(s) copied.
Executing in the current configuration should result in an error
> whoami.exe
"Entry Point Not Found"
Convert kernel32 to proxy functionality for wkscli
> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.
> whoami.exe
COMPUTER\User
- Nsa Hack Tools Download
- What Is Hacking Tools
- Hacking Tools For Windows 7
- Hacking Tools For Beginners
- Pentest Tools Online
- Hack Tools
- Pentest Tools Github
- Pentest Tools Url Fuzzer
- Hacker Tools For Pc
- Hacker Tools Hardware
- Termux Hacking Tools 2019
- Hacker Security Tools
- New Hacker Tools
- Hacking Tools Mac
- Hacker Tools Linux
- Pentest Tools Tcp Port Scanner
- Hacker Tools For Windows
- Kik Hack Tools
- New Hack Tools
- Best Hacking Tools 2020
- Install Pentest Tools Ubuntu
- Hack Tools Github
- Hacking Tools 2020
- Pentest Tools Bluekeep
- Pentest Tools Website
- Pentest Tools Windows
- Hacks And Tools
- Hack Tools For Games
- Top Pentest Tools
- Hacking Tools For Games
- Pentest Tools Android
- New Hack Tools
- How To Hack
- Pentest Tools Download
- Android Hack Tools Github
- Pentest Reporting Tools
- Hacker Search Tools
- Hacker Security Tools
- Hack Tools For Ubuntu
- Pentest Tools Linux
- Black Hat Hacker Tools
- Computer Hacker
- Hack Tools Download
- Usb Pentest Tools
- Hacking Tools Hardware
- Pentest Tools Url Fuzzer
- Hacker Tools 2020
- Termux Hacking Tools 2019
- Hack Tool Apk
- Hacker Tools For Pc
- Hack Tool Apk No Root
- Pentest Tools List
- Hacker Tools For Pc
- Hacking Tools And Software
- Hack App
- New Hacker Tools
- Hacking Tools Mac
- Hacking Tools Name
- World No 1 Hacker Software
- Hack Tools
- Hack Tools For Windows
- Game Hacking
- Hacking Tools Online
- Github Hacking Tools
- Tools For Hacker
- Pentest Tools Online
- Hacker Tool Kit
- Hacker Tools Hardware
- Pentest Tools Port Scanner
- World No 1 Hacker Software
- Pentest Tools Linux
- Game Hacking
- Tools Used For Hacking
- Hacking Tools Windows 10
- Hacker Tools List
- Bluetooth Hacking Tools Kali
- Hacking Tools Download
- Hack Tools For Games
- Hacker Tools For Mac
- Hacker Tools Github
- Hacking Tools Pc
- Hack App
- Hacker Tools Online
- Hacking Tools For Beginners
- Pentest Tools Subdomain
- Hacking Tools
- Android Hack Tools Github
- Pentest Tools Framework
- Pentest Tools Kali Linux
- Hacking Tools Free Download
- Hack Tools
- Hacking Tools Usb
- Hacking App
- Pentest Tools Online
- Hack Tools For Pc
- Pentest Tools Open Source
- Tools For Hacker
- Hacking Tools 2020
- Hacking Tools For Mac
- Hacking Tools Github
- Hack App
- What Is Hacking Tools
- Beginner Hacker Tools
- Pentest Tools For Android
- Hacker Tools Apk
- Hacker Tools Mac
- Nsa Hacker Tools
- Nsa Hacker Tools
- Hacking Tools For Windows
- World No 1 Hacker Software
- Pentest Box Tools Download
- Hack Tools For Ubuntu
- Hacking Tools Software
- Hacker Tools Mac
- Hacking Tools Usb
- Best Hacking Tools 2020
- Hacker Tools
- How To Install Pentest Tools In Ubuntu
- Hacking Tools Software
- Hacker Tools List
- Pentest Tools Open Source
- Pentest Tools For Windows
- Growth Hacker Tools
- Hacking Tools Name
- Pentest Tools For Ubuntu
- Hacker Tools For Ios
- Hacking Tools Windows
- Hacking App
- Pentest Tools Windows
- Hacking Tools For Beginners
- Hack Tools
- Hack Tools Github
- Hackrf Tools
- Hacking Tools Windows 10
- New Hack Tools
- Hack Rom Tools
- Black Hat Hacker Tools
- Hacker Tools List
- Hack Tools For Ubuntu
- Hack Tools For Ubuntu
- Pentest Tools Apk
- Easy Hack Tools
- Hackrf Tools
- Hacker Tools Online
- Hacker Tools Software
- Hack Tool Apk No Root
- Pentest Tools Url Fuzzer
- How To Make Hacking Tools
- Hacking App
- Computer Hacker
- Ethical Hacker Tools
Geen opmerkings nie:
Plaas 'n opmerking