Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related posts

1. Hacking Tools For Pc
2. Pentest Tools Url Fuzzer
3. Black Hat Hacker Tools
4. Pentest Tools Framework
5. Tools Used For Hacking
6. How To Hack
7. How To Install Pentest Tools In Ubuntu
8. Beginner Hacker Tools
9. Hacking Tools Usb
10. Termux Hacking Tools 2019
11. Hacker Hardware Tools
12. Hack Tools Mac
13. Pentest Tools Kali Linux
14. Hak5 Tools
15. Hacker Tools For Windows
16. Hacker
17. Hacking Tools For Windows 7
18. Hak5 Tools
19. Github Hacking Tools
20. Pentest Tools Alternative
21. Beginner Hacker Tools
22. Pentest Tools For Mac
23. Pentest Tools For Ubuntu
24. Hacker Tools For Mac
25. Hacking Tools And Software
26. Hacker Search Tools
27. Pentest Reporting Tools
28. Hacking Tools Name
29. Pentest Tools Port Scanner
30. Hacker Tools For Ios
31. Tools Used For Hacking
32. Hacking App
33. Pentest Tools Open Source
34. Ethical Hacker Tools
35. Hack Tools For Games
36. Pentest Tools Android
37. Pentest Tools Github
38. Hacking Tools 2019
39. Bluetooth Hacking Tools Kali
40. Hackers Toolbox
41. Hacking Tools Hardware
42. Hacking Tools 2020
43. Pentest Tools Url Fuzzer
44. Underground Hacker Sites
45. Pentest Tools
46. Pentest Tools Kali Linux
47. Tools 4 Hack
48. How To Hack
49. Hack Tools For Pc
50. Hacker Tools Linux
51. Best Hacking Tools 2020
52. Nsa Hack Tools
53. Hack App
54. Pentest Tools
55. Hacking Tools Windows
56. Hacking Tools Free Download
57. Install Pentest Tools Ubuntu
58. Easy Hack Tools
59. Hacker Tools Linux
60. Hacker Tools Mac
61. Termux Hacking Tools 2019
62. Hack Tools Download
63. Tools 4 Hack
64. Pentest Tools Free
65. Hacker Tools Free Download
66. Hacking Tools Windows 10
67. Hacker Tools For Ios
68. Tools 4 Hack
69. Hack Tool Apk No Root
70. Underground Hacker Sites
71. Hacker Tools For Ios
72. Hacking Tools Pc
73. Pentest Tools Android
74. Pentest Tools Port Scanner
75. Hacker Security Tools
76. Hacking Tools For Windows
77. Pentest Tools Download
78. Tools Used For Hacking
79. Hacking Tools For Mac
80. Hacker Tools Apk Download
81. Best Hacking Tools 2020
82. Hacker Tools Software
83. Wifi Hacker Tools For Windows
84. Hacker Tools Linux
85. Free Pentest Tools For Windows
86. Hack Tool Apk No Root
87. What Are Hacking Tools
88. Android Hack Tools Github
89. Free Pentest Tools For Windows
90. Pentest Tools Kali Linux
91. Pentest Tools Kali Linux
92. Hacker Tools For Windows
93. Hacking Tools For Pc
94. Hacking Tools Pc
95. How To Hack
96. Hacker Techniques Tools And Incident Handling
97. Pentest Tools Framework
98. Hackers Toolbox
99. Hack Tools For Mac
100. Pentest Tools Android
101. Underground Hacker Sites
102. Hacker Tools Free
103. Computer Hacker
104. Hacker Tools Software
105. Hacker Tools For Pc
106. Termux Hacking Tools 2019
107. Hack Tools
108. Hack Tools
109. Best Pentesting Tools 2018
110. Hacker Hardware Tools
111. Hacking Tools Free Download
112. Hacking Tools For Beginners
113. Pentest Tools
114. Blackhat Hacker Tools
115. Ethical Hacker Tools
116. Nsa Hack Tools
117. Hacking Tools Pc
118. How To Hack
119. Hackers Toolbox
120. Hack App
121. Hack Tools Mac
122. Hack Tool Apk No Root
123. Hacking Tools Software
124. Easy Hack Tools
125. Android Hack Tools Github
126. Pentest Tools Github
127. Top Pentest Tools
128. Hacker Tools List
129. Pentest Tools For Android
130. Hack Tools For Mac
131. Pentest Tools Open Source
132. Usb Pentest Tools
133. Hacker Tools Linux
134. Pentest Tools Url Fuzzer
135. Pentest Tools Tcp Port Scanner
136. Pentest Recon Tools
137. Hack Website Online Tool
138. Pentest Tools Website
139. Hacker Tools List
140. Ethical Hacker Tools
141. Hacker Tools Apk Download
142. Growth Hacker Tools
143. Hack Tools For Windows
144. Hacking Tools 2020
145. Pentest Tools Find Subdomains
146. Bluetooth Hacking Tools Kali
147. Pentest Tools Open Source
148. Hacking Tools For Games
149. Pentest Recon Tools
150. Computer Hacker
151. Pentest Tools Url Fuzzer
152. Hack Tools For Windows
153. Hack Tool Apk
154. New Hack Tools
155. Hacker Hardware Tools
156. Hacker Tools Github
157. Hacking Tools Software
158. Pentest Tools Tcp Port Scanner
159. Pentest Tools For Mac