Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

More information

• Hacking Tools Windows
• Hack Website Online Tool
• Pentest Tools Port Scanner
• Hacking Tools Windows
• Pentest Tools For Android
• What Is Hacking Tools
• Pentest Tools Online
• Pentest Tools Kali Linux
• Hack Tools For Mac
• Hack Tools Pc
• Nsa Hacker Tools
• Hacker Tools List
• Ethical Hacker Tools
• Hack Tools Mac
• Pentest Tools Online
• Hack Tools Download
• Hacking Tools Download
• Pentest Tools Apk
• Hack Tools 2019
• Growth Hacker Tools
• Pentest Tools Online
• Hacker Tools Windows
• Hacker Tools Apk
• Hacker Tool Kit
• Hacking Tools Kit
• Pentest Tools Windows
• Best Hacking Tools 2019
• Hacking Tools For Windows
• Blackhat Hacker Tools
• Hacking Tools For Pc
• Hack Website Online Tool
• Pentest Tools Port Scanner
• Hack Tools Online
• Hack Rom Tools
• What Is Hacking Tools
• Pentest Tools Url Fuzzer
• Free Pentest Tools For Windows
• Usb Pentest Tools
• Pentest Tools Port Scanner
• Pentest Tools Framework
• Pentest Tools For Mac
• Hacker Tools Online
• Hacking Tools
• Hacker Tools Free
• Pentest Tools For Ubuntu
• Hacker Tools 2019
• Pentest Box Tools Download
• Android Hack Tools Github
• Hacking Tools For Kali Linux
• Hacker Techniques Tools And Incident Handling
• Wifi Hacker Tools For Windows
• Hack Tools 2019
• Pentest Tools Online
• Hacking Tools Software
• Hack Website Online Tool
• Top Pentest Tools
• Install Pentest Tools Ubuntu
• Hak5 Tools
• Hack Website Online Tool
• What Are Hacking Tools
• Hacker Tools For Pc
• Best Hacking Tools 2019
• Hacker Tools Free Download
• What Is Hacking Tools
• Best Pentesting Tools 2018
• Ethical Hacker Tools
• Nsa Hack Tools Download
• Pentest Tools Apk
• Hacking Tools For Mac
• Hacker Tools List
• Hacker Hardware Tools
• Hacking Tools For Pc
• Hack Tool Apk
• How To Make Hacking Tools
• Hack Tools For Ubuntu
• Hacking Tools Usb
• How To Make Hacking Tools
• Hacker Tools Free Download
• Hacker Tools Apk
• Hacker Tools Hardware
• Hacking App
• Pentest Tools For Windows
• Hacking Tools For Beginners
• Hacking Apps
• Tools For Hacker
• Hacking Tools 2019
• Pentest Recon Tools
• Usb Pentest Tools
• Hack Tools For Games
• Pentest Box Tools Download
• Pentest Tools Website Vulnerability
• Hacking App
• How To Install Pentest Tools In Ubuntu
• Hacking Tools 2020
• Growth Hacker Tools
• Hacker Tools Linux
• Pentest Tools For Windows
• Hack Tools Mac
• Hacking Tools Windows
• Tools 4 Hack
• Hack Tools
• Hacking Tools Usb
• Pentest Box Tools Download
• Usb Pentest Tools
• Pentest Tools For Windows
• Hacker Hardware Tools
• Pentest Tools Tcp Port Scanner
• Nsa Hacker Tools
• Hacking Tools For Beginners
• Hacker Tools For Ios
• Nsa Hack Tools Download
• Hacker Tools 2020
• Hacker Tools Free Download
• Pentest Tools For Windows
• Hack Tools Github
• Best Hacking Tools 2020
• Pentest Tools For Mac
• Hack Tools For Pc
• Pentest Automation Tools
• Hacker Techniques Tools And Incident Handling
• How To Hack
• Best Hacking Tools 2020
• Hacking Tools For Games
• Pentest Tools Kali Linux
• Termux Hacking Tools 2019
• Computer Hacker
• Hacking App
• Pentest Tools Review
• Hacking Tools Usb
• Best Hacking Tools 2020
• Tools For Hacker
• Pentest Tools Tcp Port Scanner
• Hacking Tools Windows 10
• Pentest Tools Bluekeep
• Pentest Tools Website
• Hacking Tools Download
• Hacker Tools 2020
• Pentest Reporting Tools
• Hacker Tools Mac
• Hacker Tools Online
• Tools 4 Hack
• Ethical Hacker Tools