Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.
This project is comprised of the following elements:
- Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
- Functions.dll: The "real" library which exposes valid functionality to the harness
- Theif.dll: The "evil" library which is attempting to gain execution
- NetClone.exe: A C# application which will clone exports from one DLL to another
- PyClone.py: A python 3 script which mimics NetClone functionality
The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.
- Stc-Forward: Forwards export names during the build process using linker comments
- Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
- Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
- Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying
The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.
Prepare a hijack scenario with an obviously incorrect DLL
> copy C:\windows\system32\whoami.exe .\whoami.exe
1 file(s) copied.
> copy C:\windows\system32\kernel32.dll .\wkscli.dll
1 file(s) copied.
Executing in the current configuration should result in an error
> whoami.exe
"Entry Point Not Found"
Convert kernel32 to proxy functionality for wkscli
> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.
> whoami.exe
COMPUTER\User
- Hacker Tools For Pc
- Termux Hacking Tools 2019
- Computer Hacker
- Pentest Tools For Mac
- Hack App
- Hacker Tools For Windows
- Hack Tools For Pc
- Hacks And Tools
- Hacker Tools Free
- Install Pentest Tools Ubuntu
- Hack Tools Online
- Best Hacking Tools 2019
- Pentest Tools Nmap
- Pentest Tools Tcp Port Scanner
- Pentest Tools Kali Linux
- Hacker Tools Github
- Pentest Tools Nmap
- Pentest Tools For Mac
- Hack Tools For Windows
- Hacker Tools
- Pentest Tools Download
- Tools 4 Hack
- Hacker Tools Windows
- Hacking Tools For Beginners
- Pentest Tools Framework
- Tools Used For Hacking
- Pentest Box Tools Download
- Hacking Tools For Kali Linux
- Hacker Tools Hardware
- Hacking Tools Hardware
- Install Pentest Tools Ubuntu
- Best Hacking Tools 2019
- Hacker Tools 2019
- Pentest Tools Linux
- Best Hacking Tools 2019
- Hack Tools For Mac
- Computer Hacker
- Hacker Tools Github
- Hack Tools For Games
- Hacker Tools Online
- Kik Hack Tools
- Hacking App
- Termux Hacking Tools 2019
- Hacker Search Tools
- Hack Tools For Ubuntu
- Hacking Tools For Games
- Pentest Tools Alternative
- Pentest Tools Open Source
- Hack Tools For Mac
- Nsa Hack Tools Download
- Android Hack Tools Github
- Hackers Toolbox
- Hacking Tools For Beginners
- Pentest Tools For Ubuntu
- Pentest Tools For Windows
- World No 1 Hacker Software
- Best Hacking Tools 2020
- What Are Hacking Tools
- Pentest Tools Android
- New Hacker Tools
- Hackers Toolbox
- Pentest Tools For Windows
- Best Hacking Tools 2019
- Install Pentest Tools Ubuntu
- Hacker Tools Github
- Hack And Tools
- Pentest Tools Find Subdomains
- Hacking Tools For Kali Linux
- Hacker Tools For Ios
- Bluetooth Hacking Tools Kali
- Hacker Tools Apk Download
- Pentest Tools Open Source
- Ethical Hacker Tools
- Best Pentesting Tools 2018
- Pentest Tools
- Physical Pentest Tools
- Hacker
- Pentest Tools Alternative
- Top Pentest Tools
- Hacking Tools Download
- Hack Tools For Games
- Hacker Tools Apk
- Hack Tools Online
- Underground Hacker Sites
- Hacking Tools Free Download
- Hacker Tools List
- Computer Hacker
- Pentest Tools Tcp Port Scanner
- Hacker
- Hacking Tools For Windows 7
- How To Hack
- Hacking Tools
- Hacks And Tools
- Hacker Tools Free
- Hack Tool Apk No Root
- Hacking Tools Usb
- World No 1 Hacker Software
- Hacking Tools For Windows
- Hacker Tools Apk Download
- How To Install Pentest Tools In Ubuntu
- Best Hacking Tools 2020
- Growth Hacker Tools
- Nsa Hacker Tools
- Android Hack Tools Github
- Nsa Hack Tools Download
- Hack Tools
- Hacker Tool Kit
- Easy Hack Tools
- Hacking Tools For Beginners
- Hacker Tools List
- Pentest Tools Nmap
- Hacker Tools Windows
- Hacking Tools For Beginners
- Hacker
- Game Hacking
- Pentest Tools Find Subdomains
- Pentest Tools For Windows
- Ethical Hacker Tools
- How To Hack
- Hackers Toolbox
- Free Pentest Tools For Windows
- Hacker Hardware Tools
- Pentest Tools Android
- Beginner Hacker Tools
- Pentest Tools Apk
- Wifi Hacker Tools For Windows
- Hacking Tools For Windows
- Pentest Tools Github
- Ethical Hacker Tools
- Nsa Hack Tools
- New Hack Tools
- Hacks And Tools
- Hack And Tools
- Hack And Tools
- Hacking Tools 2020
- Pentest Tools Framework
- Pentest Tools For Android
- Hacker Tools List
- Nsa Hack Tools Download
- Tools 4 Hack
- Hack Apps
0 留言:
訂閱:
發佈留言 (Atom)
