DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the “Trusted Directories” verification. Generate Header from CSV The python script CsvToHeader.py can be used to generate a header file. By default it will use the CSV file dll_hijacking_candidates.csv that can be found here: dll_hijacking_candidates.csv. The script will check for each portable executable(PE) the following condition: If the PE exists in the …
Tag Archives: DLL Hijacking
Koppeling : Adaptive DLL Hijacking / Dynamic Export Forwarding
Koppeling is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the “Adaptive DLL Hijacking” blog post. I recommend you start there to contextualize this code. This project is comprised of the following elements: Harness.exe: The “victim” application which is vulnerable to hijacking (static/dynamic) Functions.dll: The “real” library which exposes valid functionality to …
Continue reading “Koppeling : Adaptive DLL Hijacking / Dynamic Export Forwarding”
EvilDLL – Malicious DLL (Reverse Shell) Generator For DLL Hijacking
EvilDLL is a malicious DLL (Reverse Shell) generator for DLL hijacking. Features Reverse TCP Port Forwarding using Ngrok.io Custom Port Forwarding option (LHOST,LPORT) Example of DLL Hijacking included (Half-Life Launcher file) Tested on Win7 (7601), Windows 10 Requirements Mingw-w64 compiler: apt-get install mingw-w64 Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signup Your auth token …
Continue reading “EvilDLL – Malicious DLL (Reverse Shell) Generator For DLL Hijacking”
Robber : Tool For Finding Executables Prone To DLL Hijacking
Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. So What Is DLL Hijacking? Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path (triggering this search process), you can then place your …
Continue reading “Robber : Tool For Finding Executables Prone To DLL Hijacking”