Skip to content
/ SSN_Finder Public

Custom implementation of the HellsGate algorithm for SSN search.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pard0p/SSN_Finder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Assembly.asm
Assembly.asm
 
 
Compiler.bat
Compiler.bat
 
 
Main.cpp
Main.cpp
 
 
PEB.h
PEB.h
 
 
README.md
README.md
 
 

Repository files navigation

SSN_Finder

This is my implementation of the HellsGate algorithm for SSN lookup. It works as follows:

  1. I get the base address of the NTDLL in memory using the PBE.
  2. I get the address of the NTDLL export table.
  3. I look up the address of the corresponding function by its name.
  4. I extract the SSN using a simple Assembly routine.

This is the simplest way I could design. It should work perfectly for all versions of Windows.

To compile:

nasm -f win64 .\Assembly.asm -o .\Assembly.obj
g++ -o malicious.exe main.cpp Assembly.obj

Resources

https://unprotect.it/media/archive/2023/04/02/HellsGate.pdf

https://redops.at/en/blog/exploring-hells-gate

About

Custom implementation of the HellsGate algorithm for SSN search.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages