Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related word

1. Hacking Tools For Beginners
2. Hack Tools For Pc
3. Hacker Tools Linux
4. What Are Hacking Tools
5. Hack Tools For Ubuntu
6. Black Hat Hacker Tools
7. Hacker Tools For Mac
8. Hacking Tools Windows 10
9. Best Pentesting Tools 2018
10. Hacker Tools List
11. Pentest Tools Linux
12. Hack Tools For Windows
13. New Hacker Tools
14. Growth Hacker Tools
15. Hacker Tools Apk
16. Pentest Automation Tools
17. Pentest Tools List
18. Hack Tools Github
19. Hacking Tools For Mac
20. Physical Pentest Tools
21. World No 1 Hacker Software
22. Hacking Tools Software
23. Pentest Tools For Windows
24. Hacking Tools Name
25. What Is Hacking Tools
26. What Are Hacking Tools
27. Pentest Tools Linux
28. Hacker Tools Online
29. Pentest Tools Framework
30. Hacker Tools List
31. Pentest Tools Website Vulnerability
32. Hacking Tools Name
33. Hack Tool Apk
34. Pentest Tools Subdomain
35. Hacking Tools Online
36. World No 1 Hacker Software
37. Hacker Tools For Mac
38. Pentest Tools List
39. Hack Tools For Pc
40. Hack Website Online Tool
41. Hack Tool Apk
42. Hacker Tools Mac
43. Pentest Tools Windows
44. Tools 4 Hack
45. Pentest Tools Online
46. Hacking Tools 2019
47. Hack Tools Mac
48. Hacking Tools Name
49. Pentest Tools Alternative
50. Hack Tools Download
51. Github Hacking Tools
52. Hack Tool Apk
53. Hack Tools For Mac
54. Hacker Techniques Tools And Incident Handling
55. Hacker Tools For Ios
56. Install Pentest Tools Ubuntu
57. Pentest Tools Linux
58. Top Pentest Tools
59. New Hack Tools
60. Hacker Security Tools
61. Hacker Tools List
62. Hacker Tools
63. Wifi Hacker Tools For Windows
64. Game Hacking
65. Computer Hacker
66. Hacking Tools For Windows Free Download
67. Hacker Tools Software
68. Hacking Tools Free Download
69. Nsa Hack Tools Download
70. Pentest Tools Windows
71. Hacking Tools For Windows
72. Hacker Tools Free
73. Tools Used For Hacking
74. Tools 4 Hack
75. Hacker Tools Online
76. Blackhat Hacker Tools
77. Easy Hack Tools
78. World No 1 Hacker Software
79. Hack Tools For Mac
80. Hacker Techniques Tools And Incident Handling
81. Hacking Apps
82. Hacker Security Tools
83. Hacking Tools Name
84. Hacking Tools Usb
85. Best Hacking Tools 2019
86. Hacking Tools For Kali Linux
87. Pentest Recon Tools
88. Hacking Tools For Pc
89. Termux Hacking Tools 2019
90. Hacking Tools Windows
91. Hacker Tools Hardware
92. Hacker Tools Software
93. Pentest Tools Website Vulnerability
94. Hacking Tools Download
95. Pentest Tools Windows
96. Hacking Tools Free Download
97. Pentest Tools Alternative
98. Hacker Tools For Mac
99. Pentest Tools Online
100. Hacking Tools Kit
101. Pentest Tools List
102. Nsa Hacker Tools
103. Hacking Tools And Software
104. World No 1 Hacker Software
105. Pentest Tools Linux
106. Top Pentest Tools
107. Hack Tools For Ubuntu
108. Hacker Tools Online
109. Computer Hacker
110. Pentest Tools Online
111. How To Hack
112. New Hack Tools
113. Best Hacking Tools 2020
114. Pentest Tools Apk
115. Termux Hacking Tools 2019
116. Hack And Tools
117. Pentest Tools Url Fuzzer
118. Best Hacking Tools 2019
119. Termux Hacking Tools 2019
120. How To Install Pentest Tools In Ubuntu
121. Hacking Tools For Beginners
122. Tools For Hacker
123. Hacker Tools Online
124. Pentest Tools Review
125. Hacker Techniques Tools And Incident Handling
126. Hacking Tools Windows
127. Pentest Automation Tools
128. Tools Used For Hacking
129. Hack Tools For Mac
130. Hack Tools
131. Hack Tools
132. Hacking Tools Free Download
133. Hack Apps
134. Kik Hack Tools
135. Top Pentest Tools