Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

More info

1. Hack Tools Online
2. Hack Tools
3. Hacker Tools Mac
4. Hacking Tools Pc
5. Hack Tools Mac
6. Blackhat Hacker Tools
7. Pentest Tools Subdomain
8. Hacking Tools For Pc
9. How To Make Hacking Tools
10. Pentest Recon Tools
11. How To Hack
12. Pentest Tools Framework
13. Hacker Tools Free Download
14. Hacks And Tools
15. Pentest Tools Bluekeep
16. Pentest Tools Linux
17. Hacking Tools Mac
18. Pentest Tools Bluekeep
19. Pentest Tools Website Vulnerability
20. Hak5 Tools
21. Pentest Tools Url Fuzzer
22. Hacker Tools For Pc
23. Hacker Tools Apk
24. Best Pentesting Tools 2018
25. Hacks And Tools
26. Pentest Tools Alternative
27. Beginner Hacker Tools
28. Growth Hacker Tools
29. Hacker Tools Hardware
30. Hack Tools Download
31. Hack App
32. Pentest Tools Android
33. Hacking Tools
34. Hacking Tools 2019
35. Hacking Tools Github
36. Hacking Tools For Windows 7
37. Beginner Hacker Tools
38. What Are Hacking Tools
39. Hacker Tools Apk
40. Hack Tools For Ubuntu
41. New Hack Tools
42. Hacking Tools Download
43. Hacking Tools For Pc
44. Underground Hacker Sites
45. Pentest Tools Website Vulnerability
46. Hacking Tools Windows
47. Pentest Tools Review
48. Hacker Tools For Ios
49. Beginner Hacker Tools
50. Beginner Hacker Tools
51. How To Hack
52. Best Hacking Tools 2019
53. Hacking App
54. Hacking Tools 2020
55. Hack Tools
56. Best Hacking Tools 2020
57. Hacker Tools For Mac
58. Hack Tools Pc
59. Kik Hack Tools
60. Pentest Tools Website
61. Underground Hacker Sites
62. Kik Hack Tools
63. Pentest Box Tools Download
64. New Hack Tools
65. Hacking Tools For Windows Free Download
66. Hack Apps
67. Pentest Tools Website Vulnerability
68. Android Hack Tools Github
69. Hacking Tools Name
70. Pentest Tools Download
71. Underground Hacker Sites
72. Hacker
73. Kik Hack Tools
74. How To Make Hacking Tools
75. Hack Tools For Games
76. Hacker Tools For Ios
77. Nsa Hack Tools
78. Pentest Tools Free
79. Nsa Hacker Tools
80. Nsa Hack Tools Download
81. Pentest Tools Review
82. Pentest Tools Url Fuzzer
83. Hack Tools For Ubuntu
84. Tools Used For Hacking
85. Hacking Tools Free Download
86. Hacker Security Tools
87. Hacking Tools Github
88. Pentest Tools Bluekeep
89. World No 1 Hacker Software
90. Hacking Tools Free Download
91. Hacking Tools For Kali Linux
92. Growth Hacker Tools
93. Pentest Tools Free
94. Free Pentest Tools For Windows
95. Pentest Tools Windows
96. Hacking Tools Github
97. Pentest Tools Apk
98. Ethical Hacker Tools
99. Hacker Hardware Tools
100. Hacking Tools For Pc
101. Pentest Tools Review
102. Hacking Apps
103. Hacking Tools Kit
104. Usb Pentest Tools
105. Hacking Tools Windows
106. Tools 4 Hack
107. Pentest Tools For Ubuntu
108. Nsa Hacker Tools
109. Kik Hack Tools
110. Hacker Tools
111. Hacking Tools Free Download
112. Pentest Tools Kali Linux
113. Hacker Tools 2020
114. Growth Hacker Tools
115. Hacking Tools Software
116. Pentest Tools Apk
117. Hacker
118. Pentest Tools Url Fuzzer
119. Hacking Tools Name
120. Pentest Tools Find Subdomains
121. Kik Hack Tools
122. Hacking Tools For Pc
123. Hack Tools For Ubuntu
124. Hacker Tool Kit
125. Computer Hacker
126. What Is Hacking Tools
127. Pentest Tools Url Fuzzer
128. Hacker Tools Free Download
129. Hacker Tools Free
130. Hacking Tools Github
131. Beginner Hacker Tools
132. Hack Website Online Tool
133. Hacking Tools Name
134. Hacking Tools For Windows Free Download
135. Usb Pentest Tools
136. New Hacker Tools
137. Pentest Recon Tools
138. Pentest Tools Subdomain
139. Pentest Tools List
140. Hacking Tools Mac
141. Hacking Apps
142. Hack Tools 2019
143. Hack Apps
144. Pentest Tools Alternative
145. Hack Tools Github
146. Hacking Tools Usb
147. Pentest Tools For Windows
148. Pentest Tools
149. Nsa Hack Tools Download
150. Hacking Tools Software
151. How To Hack
152. Pentest Tools Alternative
153. Wifi Hacker Tools For Windows
154. Hacking Tools For Windows 7
155. Android Hack Tools Github
156. Hacker Tools Free
157. Hacking Tools
158. New Hacker Tools
159. Pentest Tools Url Fuzzer
160. Hacker Tools
161. Hacking Tools Windows 10
162. Pentest Tools Framework