ThreadBoat : Program Uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application

ThreadBoat : Program Uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 ApplicationThreadBoat : Program Uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application

ThreadBoat program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. I developed this small project to continue my experiences of different code injection methods.

With Thread Hijacking, it allows the hijacker.exe program to susepend a thread within the target.exe program allowing us to write shellcode to a thread.

ThreadBoat Usage

int main()
{
System sys;
Interceptor incp;
Exception exp;
sys.returnVersionState();
if (sys.returnPrivilegeEscalationState())
{
std::cout << “Token Privileges Adjusted\n”;
}
if (DWORD m_procId = incp.FindWin32ProcessId((PCHAR)m_win32ProcessName))
{
incp.ExecuteWin32Shellcode(m_procId);
}
system(“PAUSE”);
return 0;
}

Also Read – Re-composer : Randomly Changes Win32/64 PE Files For ‘Safer’ Uploading To Malware & Sandbox Sites

Environment

  • Windows Vista+
  • Visual C++

Libs

  • Winapi
    • user32.dll
    • kernel32.dll
  • ntdll.dll
Download
R K

Share
Published by
R K
Tags: HijackingshellcodeThreadBoatWin32
5 years ago

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

12 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

14 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

16 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

16 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

16 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago