This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.
This project is comprised of the following elements:
- Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
- Functions.dll: The "real" library which exposes valid functionality to the harness
- Theif.dll: The "evil" library which is attempting to gain execution
- NetClone.exe: A C# application which will clone exports from one DLL to another
- PyClone.py: A python 3 script which mimics NetClone functionality
The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.
- Stc-Forward: Forwards export names during the build process using linker comments
- Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
- Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
- Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying
The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.
Prepare a hijack scenario with an obviously incorrect DLL
> copy C:\windows\system32\whoami.exe .\whoami.exe
1 file(s) copied.
> copy C:\windows\system32\kernel32.dll .\wkscli.dll
1 file(s) copied.
Executing in the current configuration should result in an error
> whoami.exe
"Entry Point Not Found"
Convert kernel32 to proxy functionality for wkscli
> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.
> whoami.exe
COMPUTER\User
- New Hack Tools
- Best Pentesting Tools 2018
- Hacker Tools 2019
- Hacking Tools Download
- Bluetooth Hacking Tools Kali
- Hacker Tools Linux
- Hacker Security Tools
- Hacking Tools Kit
- Hack Tools Pc
- Hacker Tools Hardware
- Hacker Tools Windows
- Pentest Tools Framework
- Hacker Tools Free Download
- Pentest Tools Linux
- Hacker Tools Online
- Pentest Recon Tools
- Hacking Tools Kit
- Hacker Tools For Ios
- Pentest Automation Tools
- Hack Tools Mac
- Hacking Tools 2020
- Hack Tool Apk
- How To Make Hacking Tools
- Hacking Tools For Games
- Wifi Hacker Tools For Windows
- Hacking Tools Github
- Hacking Tools
- Hacker Tools For Windows
- New Hacker Tools
- New Hack Tools
- Blackhat Hacker Tools
- Hacker Tools Github
- Hacking Tools Mac
- Blackhat Hacker Tools
- Hacking Tools For Windows Free Download
- Hack Tools For Ubuntu
- Hacker Tools Github
- Hack Tools Online
- New Hack Tools
- Hacking Tools Mac
- Hacking Tools Free Download
- Hacking Tools For Beginners
- Tools 4 Hack
- Hacking Tools Usb
- Hack Tools For Windows
- Pentest Box Tools Download
- Pentest Recon Tools
- Hacker Tools Linux
- Growth Hacker Tools
- Game Hacking
- Pentest Tools Alternative
- Free Pentest Tools For Windows
- Easy Hack Tools
- Black Hat Hacker Tools
- Hackrf Tools
- Hacker Tool Kit
- Hack Tools For Pc
- Best Hacking Tools 2020
- Github Hacking Tools
- Hacking Tools Pc
- Hackers Toolbox
- Hacking Tools Download
- Pentest Tools For Mac
- Hack Tools Pc
- How To Install Pentest Tools In Ubuntu
- Hacking Tools For Windows 7
- Hacking Tools
- Easy Hack Tools
- Hack Tools Github
- Hacking Tools For Games
- Hak5 Tools
- What Is Hacking Tools
- Hacker Tools
- Hack Tools Github
- Hacker Tool Kit
- Hacker Tools Apk Download
- Termux Hacking Tools 2019
- Hacker Tool Kit
- Pentest Tools Linux
- Hacking Tools For Pc
- Hackers Toolbox
- Hacker Tools Windows
- Pentest Tools Apk
- Pentest Automation Tools
- Hacker Tools Mac
- Hacker Security Tools
- Hacker Tools For Ios
- Hacking Tools Kit
- Hack Tools Github
- Physical Pentest Tools
- Best Hacking Tools 2019
- Tools 4 Hack
- Pentest Tools Free
- Pentest Recon Tools
- Pentest Tools
- Github Hacking Tools
- Hacker Tools For Ios
- How To Make Hacking Tools
- Pentest Tools Url Fuzzer
- Hacker Tools Apk Download
- Pentest Recon Tools
- Pentest Tools For Android
- Hack Tool Apk No Root
- Hacking Tools For Mac
- Pentest Tools Review
- Hacking Tools Free Download
- Physical Pentest Tools
- Pentest Tools Kali Linux
- Install Pentest Tools Ubuntu
- Hacking Tools
- Hacking Tools Usb
- Pentest Box Tools Download
- Hack Tools For Ubuntu
- Hackrf Tools
- Hack Tools 2019
- Hacking Tools Name
- Hacker Tools Github
- Hacking Tools Usb
- How To Hack
- Hacker Tools Apk
- What Are Hacking Tools
- Hacking Tools For Beginners
- Pentest Tools Bluekeep
- Nsa Hack Tools
- Pentest Automation Tools
- Pentest Tools List
- Pentest Tools Linux
Ingen kommentarer:
Legg inn en kommentar