Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Read more

1. Underground Hacker Sites
2. Hacking Tools For Beginners
3. Pentest Tools Android
4. Hack Tool Apk No Root
5. Pentest Tools For Mac
6. Growth Hacker Tools
7. Hack Tools Download
8. Hacker Hardware Tools
9. Bluetooth Hacking Tools Kali
10. What Are Hacking Tools
11. Hacker
12. Usb Pentest Tools
13. Pentest Tools Url Fuzzer
14. Pentest Tools Find Subdomains
15. Hacker Tools Free Download
16. Game Hacking
17. Hacker Tools Apk
18. Pentest Tools List
19. New Hacker Tools
20. Hacking Tools Windows 10
21. Hacking Tools Kit
22. Hacker Tools
23. Pentest Box Tools Download
24. Hacker Tools For Windows
25. Pentest Tools Windows
26. Hacker Tools For Windows
27. Hacking Tools Free Download
28. Hacker Security Tools
29. Install Pentest Tools Ubuntu
30. Hacker Tools For Pc
31. New Hacker Tools
32. Hacker Search Tools
33. Pentest Tools Free
34. Hacking Tools Pc
35. Kik Hack Tools
36. Hack Tool Apk
37. Hack Tools
38. Pentest Tools Website Vulnerability
39. Pentest Recon Tools
40. Hackers Toolbox
41. Pentest Automation Tools
42. Hacking Tools Kit
43. Tools 4 Hack
44. Hack Tools 2019
45. Pentest Tools For Mac
46. Blackhat Hacker Tools
47. Wifi Hacker Tools For Windows
48. Hacker Tools Mac
49. Underground Hacker Sites
50. Pentest Tools Open Source
51. Top Pentest Tools
52. Hacker Tools 2020
53. Hacker Search Tools
54. Physical Pentest Tools
55. Blackhat Hacker Tools
56. Pentest Tools List
57. Termux Hacking Tools 2019
58. Pentest Tools Tcp Port Scanner
59. Tools For Hacker
60. Hacking Tools Name
61. Hack Tools Github
62. Pentest Tools Framework
63. Hacking Tools Software
64. Nsa Hack Tools
65. Hacking Tools Windows 10
66. Hacker Tools Software
67. Hack Tools For Games
68. Hacking Tools Online
69. Hack Tool Apk No Root
70. Hak5 Tools
71. Pentest Tools
72. Pentest Tools Bluekeep
73. Blackhat Hacker Tools
74. Black Hat Hacker Tools
75. Hacker Tools Free Download
76. Hack Tool Apk
77. Hak5 Tools
78. Hack Website Online Tool
79. Hacking Tools And Software
80. Pentest Automation Tools
81. Black Hat Hacker Tools
82. Hack Tools For Ubuntu
83. Hacking Tools Software
84. Growth Hacker Tools
85. Pentest Tools Framework
86. Pentest Tools Apk
87. Pentest Tools For Windows
88. Hacking Tools Usb
89. Pentest Tools Free
90. What Are Hacking Tools
91. Hacking Tools Download
92. Growth Hacker Tools
93. Termux Hacking Tools 2019
94. Hacking Tools Usb
95. Hacking Tools Mac
96. Hacking Tools
97. Hacking Tools Online
98. Hacking Tools For Kali Linux
99. Hack Tools Mac
100. Hack Website Online Tool
101. Hacking Tools For Windows
102. World No 1 Hacker Software
103. Hacking Tools Free Download
104. Hack Tools
105. Black Hat Hacker Tools
106. Hacker Tools Online
107. Hacking Tools Hardware
108. Hacker Tools Windows
109. Usb Pentest Tools
110. Pentest Tools Port Scanner
111. What Is Hacking Tools
112. Hack Tools For Mac
113. Hacker Tools List
114. Hacking App
115. Hacking Tools 2019
116. New Hack Tools
117. Hack Tools Download
118. Pentest Tools For Android
119. Pentest Tools Website
120. Hacking Tools Free Download
121. Top Pentest Tools
122. Hack Tools For Games
123. Hacking Tools For Pc
124. Hacker Techniques Tools And Incident Handling
125. Hacker Tools Free Download
126. Pentest Tools Kali Linux
127. Nsa Hacker Tools
128. Best Hacking Tools 2020
129. Hacker Tools
130. Hacker Tools For Pc
131. Android Hack Tools Github
132. Game Hacking
133. Pentest Tools Framework
134. Hacking Tools Windows
135. What Are Hacking Tools
136. Pentest Tools Website Vulnerability
137. Hack Tools Mac