Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign up
README
DLLInjector v0.2 brad.antoniewicz@foundstone.com -------------------------------------------------- This tool aims to implement various DLL injection techniques that work across multiple Windows versions. The user defines a DLL, a process ID, and technique and the tool attempts to inject the DLL into the process and execute it. This was built using Microsoft Visual Studio 2010 It currently supports the following methods: 1. CreateRemoteThread() 2. NtCreateThreadEx() The following sites were used as a reference when implementing this method: http://securityxploded.com/ntcreatethreadex.php http://noobys-journey.blogspot.com/2010/11/injecting-shellcode-into-xpvista7.html 3. Suspend/Inject/Resume The following sites were used as a reference when implementing this method: http://syprog.blogspot.com/2012/05/createremotethread-bypass-windows.html http://www.kdsbest.com/?p=159 4. RtlCreateUserThread() The following sites were used as a reference when implementing this method: http://syprog.blogspot.com/2012/05/createremotethread-bypass-windows.html?showComment=1338375764336#c4138436235159645886 http://undocumented.ntinternals.net/UserMode/Undocumented%20Functions/Executable%20Images/RtlCreateUserThread.html Todo: 1. Implement SetWindowsHookEx() Method http://www.kdsbest.com/?p=179 2. Implement QueueUserAPC() Method http://webcache.googleusercontent.com/search?q=cache:G8i5oxOWbDMJ:www.hackforums.net/archive/index.php/thread-2442150.html+&cd=3&hl=en&ct=clnk&gl=us&client=firefox-a 3. Implement PrivEscalation as per: https://github.com/rapid7/metasploit-framework/tree/master/external/source/meterpreter/source/extensions/priv/server/elevate The original inspiration for this tool was from VMInjector: https://github.com/batistam/VMInjector Lots of great info here: https://github.com/stephenfewer/ReflectiveDLLInjection