Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

More information

1. Hacking Tools And Software
2. World No 1 Hacker Software
3. Hacker Security Tools
4. What Is Hacking Tools
5. Hack Website Online Tool
6. Pentest Tools Open Source
7. Hacking Tools Software
8. Pentest Reporting Tools
9. Hacker Tools For Mac
10. Pentest Tools Open Source
11. Hack Tools Pc
12. Hack Tools
13. Hack Tool Apk No Root
14. Hack Tool Apk No Root
15. World No 1 Hacker Software
16. Hack Tools 2019
17. Hacking Tools For Windows 7
18. Hacking Tools Software
19. Game Hacking
20. Underground Hacker Sites
21. Pentest Tools Online
22. Hack Rom Tools
23. Hacking Tools For Games
24. Pentest Tools Website
25. Pentest Tools Windows
26. Hacking Tools Mac
27. Pentest Tools Tcp Port Scanner
28. Underground Hacker Sites
29. New Hack Tools
30. Pentest Tools Bluekeep
31. Hack Tools For Mac
32. What Are Hacking Tools
33. Hackers Toolbox
34. Hacking Tools Free Download
35. Pentest Tools Bluekeep
36. Install Pentest Tools Ubuntu
37. Hacker Search Tools
38. Hacker Tools
39. Pentest Tools Github
40. Hacker Tools For Pc
41. What Are Hacking Tools
42. What Is Hacking Tools
43. Hack Tools
44. Hack Tools Mac
45. Pentest Tools For Mac
46. Best Pentesting Tools 2018
47. Hack Tools
48. Beginner Hacker Tools
49. Hacker Tools For Windows
50. Pentest Tools Github
51. Pentest Tools Download
52. Hacks And Tools
53. Computer Hacker
54. Kik Hack Tools
55. How To Install Pentest Tools In Ubuntu
56. Hacker Tools Linux
57. Termux Hacking Tools 2019
58. Hack Apps
59. Pentest Tools Website Vulnerability
60. What Are Hacking Tools
61. Pentest Tools List
62. Pentest Box Tools Download
63. Hacker Tools Free
64. Pentest Tools Windows
65. New Hacker Tools
66. Hacking Tools Name
67. Bluetooth Hacking Tools Kali
68. Pentest Tools Nmap
69. Pentest Tools Review
70. Pentest Tools Download
71. Hack Tools Github
72. Hacking Tools Online
73. Hack Tools For Ubuntu
74. Hacking Tools Usb
75. Easy Hack Tools
76. Hacker Hardware Tools
77. Hacking Tools For Windows
78. Hack Tools
79. Pentest Tools Alternative
80. Hacking Tools For Mac
81. Computer Hacker
82. Pentest Tools Alternative
83. Pentest Tools Apk
84. Wifi Hacker Tools For Windows
85. Hacker Tools Free
86. Hacker Tools For Pc
87. Pentest Tools Website
88. Hackrf Tools
89. Tools For Hacker
90. Hacker Tools For Ios
91. Hacking Tools Free Download
92. Hacking Tools Free Download
93. Pentest Tools Windows
94. Bluetooth Hacking Tools Kali
95. Hacker Tools Free
96. Hacking Tools Hardware
97. Hak5 Tools
98. What Is Hacking Tools
99. Blackhat Hacker Tools
100. Hack App
101. Pentest Tools Website Vulnerability
102. Github Hacking Tools
103. Ethical Hacker Tools
104. Hacker Tools For Windows
105. Hacker Tools Hardware
106. Tools For Hacker
107. Hacking Tools Mac
108. Termux Hacking Tools 2019
109. Pentest Recon Tools
110. Pentest Tools Open Source
111. Kik Hack Tools
112. Bluetooth Hacking Tools Kali
113. Hack Tools Download
114. Pentest Tools Subdomain
115. New Hack Tools
116. Hacker Hardware Tools
117. Hacker Security Tools
118. Computer Hacker
119. Pentest Tools Tcp Port Scanner
120. Pentest Tools List
121. Pentest Tools Url Fuzzer
122. Pentest Tools Free
123. Hacker Techniques Tools And Incident Handling
124. Hacking Tools For Mac
125. Pentest Tools Framework
126. How To Install Pentest Tools In Ubuntu
127. What Are Hacking Tools
128. Hacking Tools Mac
129. What Is Hacking Tools
130. Hacking Tools And Software
131. Pentest Recon Tools
132. Wifi Hacker Tools For Windows
133. Hacking Tools Mac
134. How To Install Pentest Tools In Ubuntu
135. Pentest Tools For Mac
136. Hak5 Tools
137. Pentest Tools
138. Hackrf Tools
139. Hacker Security Tools
140. Nsa Hack Tools Download
141. Hak5 Tools
142. Pentest Tools Android
143. Hacker Tools Free
144. Hack Tools For Mac