Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

• Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
• Functions.dll: The "real" library which exposes valid functionality to the harness
• Theif.dll: The "evil" library which is attempting to gain execution
• NetClone.exe: A C# application which will clone exports from one DLL to another
• PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

• Stc-Forward: Forwards export names during the build process using linker comments
• Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
• Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
• Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.

Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

Download Koppeling

Read more

• New Hacker Tools
• Pentest Tools Apk
• Hacker Tools
• Hacker Tools Apk
• Hacking Tools Kit
• Hacker Tools 2020
• Pentest Tools Apk
• World No 1 Hacker Software
• Hack Tools For Pc
• Usb Pentest Tools
• Usb Pentest Tools
• Pentest Tools Windows
• Best Pentesting Tools 2018
• Nsa Hacker Tools
• Pentest Tools Github
• Underground Hacker Sites
• Install Pentest Tools Ubuntu
• Pentest Tools For Ubuntu
• Pentest Tools Website
• Hacker Tools Hardware
• How To Make Hacking Tools
• Hack Tools For Mac
• Ethical Hacker Tools
• Kik Hack Tools
• Ethical Hacker Tools
• Hacker Tools List
• Bluetooth Hacking Tools Kali
• Pentest Tools Tcp Port Scanner
• Pentest Tools Free
• Growth Hacker Tools
• Underground Hacker Sites
• Nsa Hack Tools
• Hacker Tools Github
• Nsa Hacker Tools
• Github Hacking Tools
• Pentest Tools For Ubuntu
• Termux Hacking Tools 2019
• Hack Tool Apk No Root
• Hacker Tools Github
• Hack Tools For Mac
• Hacking Tools 2019
• How To Install Pentest Tools In Ubuntu
• Pentest Box Tools Download
• How To Hack
• Pentest Box Tools Download
• Pentest Tools Review
• Pentest Tools Website Vulnerability
• Tools For Hacker
• Hacker Tools Free
• Hack Apps
• Pentest Tools Bluekeep
• Hacker Security Tools
• Hacking Tools Name
• Tools For Hacker
• Pentest Tools Free
• Hacker Techniques Tools And Incident Handling
• Hacker Tools For Ios
• Hacking Tools Free Download
• Hacker Hardware Tools
• Hacking Tools 2019
• Bluetooth Hacking Tools Kali
• Nsa Hack Tools Download
• Game Hacking
• Game Hacking
• Pentest Tools For Mac
• Easy Hack Tools
• World No 1 Hacker Software
• Hacker Tool Kit
• Pentest Box Tools Download
• Pentest Tools Github
• Hacks And Tools
• Hack Tools Pc
• Hacking Tools Free Download
• Best Pentesting Tools 2018
• Hacker Techniques Tools And Incident Handling
• World No 1 Hacker Software
• Hacking Tools Hardware
• Pentest Tools Kali Linux
• Hacker Tools Linux
• Hacker
• Hacker Tools Linux
• Hak5 Tools
• Hacker Hardware Tools
• Pentest Tools Framework
• Hack Apps
• Game Hacking
• Hack Tools Pc
• Pentest Automation Tools
• Hacker Tools For Pc
• Android Hack Tools Github
• Pentest Automation Tools
• Hack Tool Apk No Root
• Pentest Automation Tools
• Hackrf Tools
• Hacker Tools Free Download
• Pentest Box Tools Download
• Hacking Tools
• Pentest Tools Online
• Bluetooth Hacking Tools Kali
• Hack Tools For Mac
• Pentest Tools Tcp Port Scanner
• Pentest Tools Tcp Port Scanner
• Pentest Tools Download
• Hacker Tools Windows
• Pentest Tools Tcp Port Scanner
• Best Hacking Tools 2019
• Nsa Hack Tools Download
• Hacking Tools Free Download
• Nsa Hack Tools
• Pentest Recon Tools
• Hackers Toolbox
• Hack Tools
• Hacker Tools Hardware
• Pentest Tools Online
• Pentest Automation Tools
• Underground Hacker Sites
• Physical Pentest Tools
• Best Hacking Tools 2020
• Pentest Recon Tools
• Hack Rom Tools
• New Hacker Tools
• Pentest Tools Url Fuzzer
• Beginner Hacker Tools
• Pentest Tools List
• Hacking App
• Install Pentest Tools Ubuntu
• Hack Tools
• Hack Tools
• Hacker Tools Apk
• Hack Tool Apk No Root
• Pentest Tools
• Pentest Tools For Ubuntu
• Hack Tools Online
• Hack Tools Pc
• Hack Tools For Windows
• Pentest Tools For Android
• Pentest Tools For Windows
• Pentest Tools Framework
• Kik Hack Tools
• Hacker Tools 2020
• Hack Tools Pc
• Pentest Recon Tools
• Github Hacking Tools
• Hacking Tools Hardware
• Pentest Tools Subdomain
• Hack Tools Online
• Pentest Tools Port Scanner
• Best Pentesting Tools 2018
• Black Hat Hacker Tools
• Github Hacking Tools
• Hack Tools For Games
• Hacking Tools Free Download