Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Related links

1. Hacking Tools Pc
2. Hacking Tools Kit
3. Growth Hacker Tools
4. Hacker Tools 2020
5. Physical Pentest Tools
6. Nsa Hacker Tools
7. Physical Pentest Tools
8. Pentest Tools
9. Hacks And Tools
10. Pentest Tools Website
11. Hack Tools For Mac
12. Nsa Hack Tools Download
13. Hacking Tools Pc
14. Hacking Tools For Windows Free Download
15. Hacks And Tools
16. Pentest Tools Apk
17. Pentest Tools For Android
18. Game Hacking
19. Hacking Tools Kit
20. Best Hacking Tools 2019
21. Pentest Tools Subdomain
22. Physical Pentest Tools
23. Hacker Tools 2019
24. Hacking Tools Mac
25. Hacker Tools For Pc
26. Pentest Tools Download
27. Pentest Tools Windows
28. Computer Hacker
29. Hack Tool Apk No Root
30. Underground Hacker Sites
31. Hack Tools For Mac
32. Hacking Tools For Games
33. Hacking Tools Pc
34. Hack Tools For Mac
35. Hacker Tools List
36. Blackhat Hacker Tools
37. Underground Hacker Sites
38. Hacking Tools 2020
39. Hacking Tools 2019
40. Github Hacking Tools
41. Hacker
42. World No 1 Hacker Software
43. Hacker Search Tools
44. Hack Tools 2019
45. Hack Tools
46. Hacking Tools For Windows
47. Hacker Tools List
48. Hackrf Tools
49. Hack Tool Apk
50. Nsa Hack Tools
51. Best Hacking Tools 2020
52. Nsa Hack Tools
53. Hacker Tools Linux
54. Hacking Tools 2020
55. Pentest Tools Subdomain
56. Pentest Tools Website Vulnerability
57. Hack App
58. Tools 4 Hack
59. Hack Tools
60. Free Pentest Tools For Windows
61. Hack Tools For Ubuntu
62. Pentest Tools Android
63. Hacker Tools For Windows
64. Pentest Tools Download
65. What Are Hacking Tools
66. Pentest Reporting Tools
67. Android Hack Tools Github
68. Hacker
69. Android Hack Tools Github
70. Pentest Tools Nmap
71. Nsa Hack Tools
72. Tools 4 Hack
73. Hacker Tools For Mac
74. Nsa Hack Tools
75. Pentest Tools Download
76. Pentest Tools
77. New Hacker Tools
78. Hacking Tools Kit
79. Hack Tools For Windows
80. New Hack Tools
81. Pentest Tools Download
82. Usb Pentest Tools
83. Pentest Tools Apk
84. Hacking Tools Name
85. Wifi Hacker Tools For Windows
86. Hacker Hardware Tools
87. Termux Hacking Tools 2019
88. Hacking Tools
89. Hacking Tools For Kali Linux
90. Hacking Tools 2019
91. Pentest Tools Windows
92. Hack App
93. Hacker Tools For Windows
94. Hacker Tools Software
95. Hack Tools For Windows
96. Hacking Apps
97. Pentest Tools Alternative
98. Android Hack Tools Github
99. What Is Hacking Tools
100. Hacking Tools For Windows 7
101. Hacker Tools Github
102. Pentest Tools Kali Linux
103. Pentest Tools Tcp Port Scanner
104. World No 1 Hacker Software
105. Pentest Tools Apk
106. Nsa Hack Tools
107. Hacker Tools Windows
108. Pentest Tools Windows
109. Pentest Recon Tools
110. Hacking Tools And Software
111. Hack Tools
112. New Hacker Tools
113. New Hack Tools
114. Hacking Apps
115. Hack Tool Apk No Root
116. Install Pentest Tools Ubuntu
117. Hacker Tools Mac
118. How To Hack
119. Hacking Tools For Windows
120. Hacking Tools Pc
121. Hacking Tools For Windows 7
122. Pentest Tools Open Source
123. Hacker Tools Apk
124. New Hacker Tools
125. Nsa Hacker Tools
126. Pentest Tools Review
127. Hacker Techniques Tools And Incident Handling
128. Hacking Tools Online
129. Hacker
130. Hacking Tools For Windows
131. Easy Hack Tools
132. Hacking Tools Windows 10
133. Pentest Tools List
134. Hack Tools For Mac
135. Hack Tools
136. Hacking Tools Download
137. Hacking Tools Windows
138. Hacking Tools Windows
139. Pentest Tools Subdomain
140. Hacker Tools For Windows
141. Hacking Tools Free Download
142. Pentest Reporting Tools
143. Hacker Tools Free Download
144. Nsa Hacker Tools
145. Hacker Tools Linux
146. Pentest Tools Free
147. Hacking Tools For Windows 7
148. Hacker
149. Pentest Recon Tools
150. Hacking Tools Download
151. Easy Hack Tools
152. Hacking Tools For Beginners
153. Hack Tools Github
154. Hackers Toolbox
155. Tools Used For Hacking