This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.
This project is comprised of the following elements:
- Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
- Functions.dll: The "real" library which exposes valid functionality to the harness
- Theif.dll: The "evil" library which is attempting to gain execution
- NetClone.exe: A C# application which will clone exports from one DLL to another
- PyClone.py: A python 3 script which mimics NetClone functionality
The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.
- Stc-Forward: Forwards export names during the build process using linker comments
- Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
- Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
- Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying
The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.
Prepare a hijack scenario with an obviously incorrect DLL
> copy C:\windows\system32\whoami.exe .\whoami.exe
1 file(s) copied.
> copy C:\windows\system32\kernel32.dll .\wkscli.dll
1 file(s) copied.
Executing in the current configuration should result in an error
> whoami.exe
"Entry Point Not Found"
Convert kernel32 to proxy functionality for wkscli
> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.
> whoami.exe
COMPUTER\User
More info
- Pentest Tools Website Vulnerability
- Hack Tools Online
- Hack Tools Mac
- Hacker Tools Apk Download
- Kik Hack Tools
- Pentest Tools For Windows
- Hacker Tools 2019
- Hack Tools Mac
- Hack Apps
- Hacker Tools For Ios
- Termux Hacking Tools 2019
- Hacker Tools Apk Download
- Hacker Hardware Tools
- Hacking Tools For Beginners
- Hacker Search Tools
- Hacker Tools Apk Download
- Hack Tools Online
- Hacking Tools Mac
- Hacking Tools For Windows 7
- Pentest Tools Alternative
- Pentest Tools Github
- Hacking Tools For Games
- Hack Tools For Windows
- Tools Used For Hacking
- Pentest Tools Website Vulnerability
- Free Pentest Tools For Windows
- Hack Tool Apk
- Hack Tools For Games
- Hacking Tools Software
- Hacking Tools Online
- Kik Hack Tools
- Hacking Tools Pc
- Hacking Tools Online
- Hacking Tools For Windows
- Hacker Tools For Ios
- Install Pentest Tools Ubuntu
- Blackhat Hacker Tools
- Hacking Tools For Pc
- Nsa Hack Tools
- Hacker Tools Linux
- Hack Tools Online
- Pentest Tools Android
- Nsa Hack Tools
- Tools Used For Hacking
- Hacker Tools Software
- Blackhat Hacker Tools
- Hacking Tools Windows 10
- Blackhat Hacker Tools
- What Is Hacking Tools
- Pentest Reporting Tools
- Computer Hacker
- Tools Used For Hacking
- Hacker Tools
- Hack Tools 2019
- Tools For Hacker
- Pentest Tools Tcp Port Scanner
- Pentest Tools Free
- Pentest Tools Review
- World No 1 Hacker Software
- Pentest Tools Kali Linux
- Pentest Tools For Android
- Pentest Tools Subdomain
- Hacking App
- Hack Tools Mac
- Beginner Hacker Tools
- Kik Hack Tools
- Pentest Tools
- Usb Pentest Tools
- Hackers Toolbox
- Hacker Tools For Mac
- Hacking Tools 2020
- Best Hacking Tools 2019
- Hacking Tools Github
- Hack Apps
- Pentest Reporting Tools
- Hacker Tools For Mac
- Underground Hacker Sites
- Ethical Hacker Tools
- Hack Tools For Pc
- Pentest Tools List
- Github Hacking Tools
- Pentest Recon Tools
- Hacking Tools Kit
- Hacking Tools Download
- Tools 4 Hack
- Pentest Tools Android
- Pentest Tools For Android
- World No 1 Hacker Software
- Pentest Tools Open Source
- Hacker Tool Kit
- Hacker Tools Apk
- Wifi Hacker Tools For Windows
- Hack Apps
- Hack Tools For Mac
- Pentest Tools Website Vulnerability
- Hacker Tools Hardware
- Termux Hacking Tools 2019
- Hack Website Online Tool
- Nsa Hack Tools
- Hack And Tools
- Hack Apps
- Pentest Tools Review
- Pentest Tools Android
- Hacking Tools For Pc
- Computer Hacker
- Hacking Tools
- Nsa Hack Tools Download
- What Are Hacking Tools
- Hacking Tools Download
- Hacking Tools Free Download
- Hacker Tools Free
- World No 1 Hacker Software
- Hacker Tools Linux
- Github Hacking Tools
No comments:
Post a Comment