Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related news

1. Hacking Tools Kit
2. Underground Hacker Sites
3. Hacking Tools 2019
4. Pentest Tools For Mac
5. Growth Hacker Tools
6. Hack App
7. Nsa Hack Tools Download
8. Free Pentest Tools For Windows
9. Pentest Tools Tcp Port Scanner
10. Hacker Tools 2019
11. Pentest Tools For Ubuntu
12. Pentest Tools Android
13. Pentest Tools Subdomain
14. Kik Hack Tools
15. Pentest Tools Online
16. Hacking Tools For Pc
17. Beginner Hacker Tools
18. Pentest Tools Find Subdomains
19. Hack Tools 2019
20. Android Hack Tools Github
21. Hack Tools For Pc
22. Beginner Hacker Tools
23. Tools Used For Hacking
24. What Is Hacking Tools
25. Tools 4 Hack
26. Hacker Tools For Ios
27. Hacker Tools Linux
28. Hacking Tools Mac
29. Hacker Tools Free Download
30. Hacker Tools Github
31. Pentest Tools Bluekeep
32. Hacker Tool Kit
33. Nsa Hack Tools
34. Pentest Tools Free
35. Hack Tools For Mac
36. Pentest Tools Bluekeep
37. Pentest Tools Download
38. Android Hack Tools Github
39. How To Hack
40. Hacking App
41. Hack Tools Pc
42. Install Pentest Tools Ubuntu
43. Pentest Tools
44. Best Hacking Tools 2019
45. What Are Hacking Tools
46. Hack App
47. Hacker Tools 2020
48. Hack Tools For Games
49. Pentest Tools Tcp Port Scanner
50. Hacker Tools 2019
51. Hacking Apps
52. Hacker Hardware Tools
53. Hak5 Tools
54. Hacking Tools For Windows 7
55. Pentest Tools Online
56. Hackers Toolbox
57. New Hack Tools
58. Hacking Tools For Kali Linux
59. New Hack Tools
60. Top Pentest Tools
61. Hacker Tools Apk Download
62. Hacking Tools Hardware
63. Hacking Tools For Windows
64. Hacker Tool Kit
65. How To Install Pentest Tools In Ubuntu
66. Hacking Tools For Windows 7
67. Hak5 Tools
68. Game Hacking
69. Hack Tools For Mac
70. Hack Tool Apk
71. Hack Tools
72. Pentest Reporting Tools
73. Pentest Tools Website Vulnerability
74. Pentest Reporting Tools
75. Hacker Tools Linux
76. Hacker Tools Free
77. Hackrf Tools
78. Hacker Tools Github
79. How To Hack
80. Hacker Tools
81. Hacker Tools Free Download
82. Hacking Tools Pc
83. Hacking Tools Windows
84. Hacking Tools Free Download
85. Hack Tool Apk
86. Hacker Tools For Mac
87. Hack Tools Github
88. How To Make Hacking Tools
89. Blackhat Hacker Tools
90. Termux Hacking Tools 2019
91. Hacker Tools Hardware
92. Hacker Tools Linux
93. Tools 4 Hack
94. Pentest Tools Website Vulnerability
95. Free Pentest Tools For Windows
96. Hack Tool Apk No Root
97. Hak5 Tools
98. Hacking Tools For Windows
99. Hack Tools
100. What Is Hacking Tools
101. Pentest Tools Download
102. Hacking Tools
103. Underground Hacker Sites
104. How To Hack
105. Hacking Tools 2020
106. Hacking Tools Free Download
107. Hacking Tools For Pc
108. Pentest Tools Free
109. Hacker Hardware Tools
110. How To Hack
111. Hacking Tools For Pc
112. Top Pentest Tools
113. Pentest Tools Website Vulnerability
114. Hacker Tools For Pc
115. Pentest Tools For Mac
116. Ethical Hacker Tools
117. Blackhat Hacker Tools
118. Hack Tools Mac
119. Pentest Tools Nmap
120. Easy Hack Tools
121. Black Hat Hacker Tools
122. Install Pentest Tools Ubuntu
123. Pentest Reporting Tools
124. Hacker Tools Online
125. Hack Tools 2019
126. Top Pentest Tools
127. Hacking Tools Software
128. What Are Hacking Tools
129. Hacker Tools List
130. Pentest Tools Linux
131. Nsa Hack Tools
132. Hacker Tools Github
133. Best Hacking Tools 2019
134. Wifi Hacker Tools For Windows
135. Hack App
136. Hack Website Online Tool
137. Hacker Tools 2020
138. Hack Tool Apk No Root
139. Top Pentest Tools
140. Nsa Hack Tools
141. Pentest Tools Download
142. Bluetooth Hacking Tools Kali
143. Black Hat Hacker Tools
144. Nsa Hack Tools
145. Hacker
146. Pentest Tools For Android
147. Hacking Tools For Pc