jueves, 1 de junio de 2023

Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding


This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

  • Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
  • Functions.dll: The "real" library which exposes valid functionality to the harness
  • Theif.dll: The "evil" library which is attempting to gain execution
  • NetClone.exe: A C# application which will clone exports from one DLL to another
  • PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

  • Stc-Forward: Forwards export names during the build process using linker comments
  • Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
  • Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
  • Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.


Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User



More info


  1. Hack Tools Online
  2. Hack Tools
  3. Hacker Tools Mac
  4. Hacking Tools Pc
  5. Hack Tools Mac
  6. Blackhat Hacker Tools
  7. Pentest Tools Subdomain
  8. Hacking Tools For Pc
  9. How To Make Hacking Tools
  10. Pentest Recon Tools
  11. How To Hack
  12. Pentest Tools Framework
  13. Hacker Tools Free Download
  14. Hacks And Tools
  15. Pentest Tools Bluekeep
  16. Pentest Tools Linux
  17. Hacking Tools Mac
  18. Pentest Tools Bluekeep
  19. Pentest Tools Website Vulnerability
  20. Hak5 Tools
  21. Pentest Tools Url Fuzzer
  22. Hacker Tools For Pc
  23. Hacker Tools Apk
  24. Best Pentesting Tools 2018
  25. Hacks And Tools
  26. Pentest Tools Alternative
  27. Beginner Hacker Tools
  28. Growth Hacker Tools
  29. Hacker Tools Hardware
  30. Hack Tools Download
  31. Hack App
  32. Pentest Tools Android
  33. Hacking Tools
  34. Hacking Tools 2019
  35. Hacking Tools Github
  36. Hacking Tools For Windows 7
  37. Beginner Hacker Tools
  38. What Are Hacking Tools
  39. Hacker Tools Apk
  40. Hack Tools For Ubuntu
  41. New Hack Tools
  42. Hacking Tools Download
  43. Hacking Tools For Pc
  44. Underground Hacker Sites
  45. Pentest Tools Website Vulnerability
  46. Hacking Tools Windows
  47. Pentest Tools Review
  48. Hacker Tools For Ios
  49. Beginner Hacker Tools
  50. Beginner Hacker Tools
  51. How To Hack
  52. Best Hacking Tools 2019
  53. Hacking App
  54. Hacking Tools 2020
  55. Hack Tools
  56. Best Hacking Tools 2020
  57. Hacker Tools For Mac
  58. Hack Tools Pc
  59. Kik Hack Tools
  60. Pentest Tools Website
  61. Underground Hacker Sites
  62. Kik Hack Tools
  63. Pentest Box Tools Download
  64. New Hack Tools
  65. Hacking Tools For Windows Free Download
  66. Hack Apps
  67. Pentest Tools Website Vulnerability
  68. Android Hack Tools Github
  69. Hacking Tools Name
  70. Pentest Tools Download
  71. Underground Hacker Sites
  72. Hacker
  73. Kik Hack Tools
  74. How To Make Hacking Tools
  75. Hack Tools For Games
  76. Hacker Tools For Ios
  77. Nsa Hack Tools
  78. Pentest Tools Free
  79. Nsa Hacker Tools
  80. Nsa Hack Tools Download
  81. Pentest Tools Review
  82. Pentest Tools Url Fuzzer
  83. Hack Tools For Ubuntu
  84. Tools Used For Hacking
  85. Hacking Tools Free Download
  86. Hacker Security Tools
  87. Hacking Tools Github
  88. Pentest Tools Bluekeep
  89. World No 1 Hacker Software
  90. Hacking Tools Free Download
  91. Hacking Tools For Kali Linux
  92. Growth Hacker Tools
  93. Pentest Tools Free
  94. Free Pentest Tools For Windows
  95. Pentest Tools Windows
  96. Hacking Tools Github
  97. Pentest Tools Apk
  98. Ethical Hacker Tools
  99. Hacker Hardware Tools
  100. Hacking Tools For Pc
  101. Pentest Tools Review
  102. Hacking Apps
  103. Hacking Tools Kit
  104. Usb Pentest Tools
  105. Hacking Tools Windows
  106. Tools 4 Hack
  107. Pentest Tools For Ubuntu
  108. Nsa Hacker Tools
  109. Kik Hack Tools
  110. Hacker Tools
  111. Hacking Tools Free Download
  112. Pentest Tools Kali Linux
  113. Hacker Tools 2020
  114. Growth Hacker Tools
  115. Hacking Tools Software
  116. Pentest Tools Apk
  117. Hacker
  118. Pentest Tools Url Fuzzer
  119. Hacking Tools Name
  120. Pentest Tools Find Subdomains
  121. Kik Hack Tools
  122. Hacking Tools For Pc
  123. Hack Tools For Ubuntu
  124. Hacker Tool Kit
  125. Computer Hacker
  126. What Is Hacking Tools
  127. Pentest Tools Url Fuzzer
  128. Hacker Tools Free Download
  129. Hacker Tools Free
  130. Hacking Tools Github
  131. Beginner Hacker Tools
  132. Hack Website Online Tool
  133. Hacking Tools Name
  134. Hacking Tools For Windows Free Download
  135. Usb Pentest Tools
  136. New Hacker Tools
  137. Pentest Recon Tools
  138. Pentest Tools Subdomain
  139. Pentest Tools List
  140. Hacking Tools Mac
  141. Hacking Apps
  142. Hack Tools 2019
  143. Hack Apps
  144. Pentest Tools Alternative
  145. Hack Tools Github
  146. Hacking Tools Usb
  147. Pentest Tools For Windows
  148. Pentest Tools
  149. Nsa Hack Tools Download
  150. Hacking Tools Software
  151. How To Hack
  152. Pentest Tools Alternative
  153. Wifi Hacker Tools For Windows
  154. Hacking Tools For Windows 7
  155. Android Hack Tools Github
  156. Hacker Tools Free
  157. Hacking Tools
  158. New Hacker Tools
  159. Pentest Tools Url Fuzzer
  160. Hacker Tools
  161. Hacking Tools Windows 10
  162. Pentest Tools Framework

No hay comentarios: