Skip to content
master
Go to file
Code

Latest commit

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time

README

DLLInjector v0.2
brad.antoniewicz@foundstone.com
--------------------------------------------------

This tool aims to implement various DLL injection techniques
that work across multiple Windows versions. The user defines
a DLL, a process ID, and technique and the tool attempts to
inject the DLL into the process and execute it. 

This was built using Microsoft Visual Studio 2010

It currently supports the following methods:

	1. CreateRemoteThread()
		
	2. NtCreateThreadEx()
		The following sites were used as a reference when implementing 
		this method:
		
		http://securityxploded.com/ntcreatethreadex.php
		http://noobys-journey.blogspot.com/2010/11/injecting-shellcode-into-xpvista7.html
		
		
	3. Suspend/Inject/Resume
		The following sites were used as a reference when implementing 
		this method:
		
		http://syprog.blogspot.com/2012/05/createremotethread-bypass-windows.html
		http://www.kdsbest.com/?p=159
	
	4. RtlCreateUserThread() 
		The following sites were used as a reference when implementing 
		this method:
		
		http://syprog.blogspot.com/2012/05/createremotethread-bypass-windows.html?showComment=1338375764336#c4138436235159645886
		http://undocumented.ntinternals.net/UserMode/Undocumented%20Functions/Executable%20Images/RtlCreateUserThread.html
		
Todo:
	1. Implement SetWindowsHookEx() Method
		http://www.kdsbest.com/?p=179
	
	2. Implement QueueUserAPC() Method
		http://webcache.googleusercontent.com/search?q=cache:G8i5oxOWbDMJ:www.hackforums.net/archive/index.php/thread-2442150.html+&cd=3&hl=en&ct=clnk&gl=us&client=firefox-a
	
	3. Implement PrivEscalation as per: 
		https://github.com/rapid7/metasploit-framework/tree/master/external/source/meterpreter/source/extensions/priv/server/elevate
	


The original inspiration for this tool was from VMInjector:
	https://github.com/batistam/VMInjector
	
Lots of great info here:
	https://github.com/stephenfewer/ReflectiveDLLInjection

About

dll injection tool that implements various methods

Resources

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.