Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related news

1. Hacker Tools Software
2. Pentest Tools Android
3. Pentest Tools Nmap
4. Hacker Tools For Mac
5. Pentest Tools Free
6. Blackhat Hacker Tools
7. Best Hacking Tools 2019
8. Hacking Tools For Mac
9. Pentest Tools Url Fuzzer
10. Hacking Tools Kit
11. Physical Pentest Tools
12. Hacker Tools 2020
13. Pentest Tools Find Subdomains
14. Hacker Tools 2019
15. Hack App
16. Black Hat Hacker Tools
17. Hacking Tools For Pc
18. Hack Tools Pc
19. Hacking Tools 2020
20. Hack Tool Apk No Root
21. Hacker Tools For Windows
22. Hack Tools Mac
23. Hack Rom Tools
24. Hack Rom Tools
25. Hacks And Tools
26. Pentest Recon Tools
27. Pentest Tools List
28. New Hacker Tools
29. Tools 4 Hack
30. Hacker Tools List
31. Best Pentesting Tools 2018
32. Best Hacking Tools 2020
33. Top Pentest Tools
34. Hacker Tools Apk Download
35. Hacking Tools For Kali Linux
36. Black Hat Hacker Tools
37. Hacker Techniques Tools And Incident Handling
38. Pentest Tools Android
39. Hacking Tools For Windows 7
40. Pentest Tools Apk
41. Hackers Toolbox
42. Pentest Tools Alternative
43. Hack Tools For Windows
44. Hacker Tools Free
45. Hacker Tools Linux
46. Pentest Automation Tools
47. Hacker Tools For Mac
48. Computer Hacker
49. Easy Hack Tools
50. Hacking Tools For Windows 7
51. Tools For Hacker
52. Hack Website Online Tool
53. Hacker Techniques Tools And Incident Handling
54. Hack Tool Apk No Root
55. Blackhat Hacker Tools
56. Pentest Tools Download
57. Pentest Tools For Mac
58. Termux Hacking Tools 2019
59. Pentest Automation Tools
60. Hacker Tools Mac
61. Hack Tools For Mac
62. Hackrf Tools
63. Pentest Tools For Windows
64. Hacking Tools Usb
65. Hack And Tools
66. Hacking Tools Online
67. Nsa Hacker Tools
68. Pentest Tools Alternative
69. Hack Tools For Mac
70. Growth Hacker Tools
71. Pentest Tools For Android
72. Hacker Hardware Tools
73. Hack Tools For Games
74. Hacking Tools For Windows 7
75. Hack App
76. Growth Hacker Tools
77. Hacker Tools 2019
78. Hack Tools For Pc
79. Hack Tools Download
80. Free Pentest Tools For Windows
81. Pentest Tools Linux
82. Hacker Tools For Mac
83. Hacker
84. Hackers Toolbox
85. Hacker Tools 2020
86. Black Hat Hacker Tools
87. Pentest Tools
88. Hacking Tools For Windows Free Download
89. Hacker Tools For Windows
90. Hacking Tools For Kali Linux
91. Hacker Tools For Mac
92. Nsa Hacker Tools
93. Hacking Tools 2020
94. Hacker Tools List
95. Hacks And Tools
96. Hack Website Online Tool
97. Hacking Tools Free Download
98. Hacking App
99. Hack App
100. Hacking Tools Software
101. Hacker Tools
102. Pentest Tools For Android
103. Hacker Tools Free Download
104. Hacker Tools Hardware
105. Hacking Tools And Software
106. Pentest Tools For Android
107. Best Hacking Tools 2020
108. Hacking Tools Kit
109. Hacker Tools Windows
110. How To Make Hacking Tools
111. Hacking Tools Hardware
112. Hacking Tools Hardware
113. Android Hack Tools Github
114. Wifi Hacker Tools For Windows
115. Hacker Tools Apk
116. Hack Tool Apk
117. Nsa Hacker Tools
118. Hacking Tools Hardware
119. Game Hacking
120. Android Hack Tools Github
121. World No 1 Hacker Software
122. Pentest Tools Website Vulnerability
123. Nsa Hacker Tools
124. Tools 4 Hack
125. Nsa Hacker Tools
126. Hack Tools For Ubuntu
127. Hacker Tools Software
128. Hacker Tools For Pc
129. Hacking Tools Pc
130. Pentest Tools For Android
131. Nsa Hack Tools
132. Pentest Tools Download
133. Pentest Tools List
134. Pentest Box Tools Download
135. Hack Apps
136. Hacking Tools Hardware
137. Pentest Tools Online
138. Hacking Tools For Kali Linux
139. Hacker Tools Free
140. Termux Hacking Tools 2019
141. Nsa Hack Tools Download
142. Hack Tools 2019
143. Hack Tool Apk
144. How To Make Hacking Tools
145. Hacking Tools 2019
146. Tools Used For Hacking
147. Hackrf Tools
148. World No 1 Hacker Software
149. Pentest Tools Open Source
150. Hacking Tools For Pc
151. Tools For Hacker
152. Hacking Tools Name
153. Hacker
154. Hack Tools For Pc