Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related news

1. Hacker Tools Online
2. Hacking App
3. What Is Hacking Tools
4. Easy Hack Tools
5. Kik Hack Tools
6. Pentest Tools Port Scanner
7. World No 1 Hacker Software
8. New Hacker Tools
9. Pentest Tools Port Scanner
10. New Hack Tools
11. Pentest Tools Apk
12. Black Hat Hacker Tools
13. World No 1 Hacker Software
14. Underground Hacker Sites
15. Pentest Tools Windows
16. Pentest Tools Url Fuzzer
17. Hacking Tools Free Download
18. Pentest Tools Github
19. Game Hacking
20. Pentest Tools Android
21. Hack Tools For Pc
22. Pentest Tools For Android
23. Hacker Tools Github
24. Nsa Hacker Tools
25. How To Hack
26. Hack Tools Pc
27. Hacking Tools Online
28. Hacking Tools Github
29. Hack App
30. Pentest Tools Website
31. Hack Tools For Windows
32. Pentest Tools For Android
33. Hack App
34. Pentest Recon Tools
35. Nsa Hack Tools
36. Hack Tool Apk
37. Hacking Tools Name
38. Android Hack Tools Github
39. How To Hack
40. Hacking Tools Github
41. Hacker Search Tools
42. Hacker Tools List
43. Wifi Hacker Tools For Windows
44. Pentest Tools Website Vulnerability
45. Hacker Tools Software
46. Pentest Tools For Windows
47. Hacking Tools Windows
48. Tools Used For Hacking
49. Hacker Tools Apk
50. Underground Hacker Sites
51. Hacker
52. Hacking Tools Hardware
53. Hack Tools For Mac
54. Hacker Tools For Windows
55. Pentest Tools For Ubuntu
56. Pentest Tools Nmap
57. World No 1 Hacker Software
58. Pentest Tools Framework
59. Ethical Hacker Tools
60. Hacker Hardware Tools
61. Hack Tool Apk
62. Kik Hack Tools
63. Hack Tool Apk
64. Hack Tools For Windows
65. Pentest Tools Subdomain
66. Hacking Tools Free Download
67. Kik Hack Tools
68. Tools 4 Hack
69. Hackers Toolbox
70. Hacking Tools For Windows Free Download
71. Pentest Tools Bluekeep
72. Hack Tools For Windows
73. Hacking Tools And Software
74. New Hacker Tools
75. Termux Hacking Tools 2019
76. Pentest Tools
77. Hacker Tools 2019
78. Hack Tool Apk
79. Hacking Tools And Software
80. Hack Tools Pc
81. Usb Pentest Tools
82. Pentest Tools Free
83. New Hacker Tools
84. Best Pentesting Tools 2018
85. Tools 4 Hack
86. Nsa Hack Tools
87. Hacker Tools Online
88. Hacking Tools For Windows
89. Pentest Tools Linux
90. Pentest Tools Linux
91. Hacking Tools For Pc
92. Hacker Tools For Mac
93. Pentest Tools Alternative
94. Pentest Tools Online
95. Hacking Tools And Software
96. Hacking Tools Hardware
97. Tools For Hacker
98. Pentest Tools For Android
99. Underground Hacker Sites
100. Hacker Tools Free
101. Hacker
102. Hack App
103. Pentest Automation Tools
104. Hack Tools Pc
105. New Hacker Tools
106. Hacking Tools 2020
107. Hack Apps
108. Pentest Tools Port Scanner
109. Bluetooth Hacking Tools Kali
110. Hacker Tools Mac
111. Hacker Tool Kit
112. Pentest Tools Github
113. How To Install Pentest Tools In Ubuntu
114. Pentest Recon Tools
115. Hacker Search Tools
116. Hacking Tools For Kali Linux
117. Pentest Tools Port Scanner
118. Hacking Tools And Software
119. Pentest Tools Open Source
120. Hacks And Tools
121. Pentest Tools For Ubuntu
122. Pentest Tools Open Source
123. Best Pentesting Tools 2018
124. Hacking Tools Kit
125. How To Hack
126. What Is Hacking Tools
127. Hacker Security Tools
128. Github Hacking Tools
129. Beginner Hacker Tools
130. Hack Tools For Games
131. Hack Tools Pc
132. Hack Tools Pc
133. What Are Hacking Tools
134. Hacking Tools For Mac
135. Termux Hacking Tools 2019
136. Hack Tools For Mac
137. Tools For Hacker
138. How To Install Pentest Tools In Ubuntu
139. Beginner Hacker Tools
140. Hacker Tools For Ios
141. Ethical Hacker Tools
142. Hack Rom Tools
143. Hack Tools Download
144. Hacking Tools 2019
145. Tools 4 Hack
146. Hacker Tools For Mac
147. Pentest Tools Kali Linux
148. Hak5 Tools
149. Pentest Tools Free
150. Computer Hacker