Skip to content

Latest commit

 

History

History
34 lines (24 loc) · 873 Bytes

README.MD

File metadata and controls

34 lines (24 loc) · 873 Bytes
Raw

Logo

SideloadFinder

Description

A simple script which automates the process of discovering and exploiting DLL Hijacks in target binaries by frida hook, icon created by ERNIE Bot.

Features

  • Dynamic DLL Hijacks(use like LoadLibrary)
  • Static DLL Hijacks(DIRECTORY_ENTRY_IMPORT)

Usage:

sideload_finder.py  -i  testcase -o out.csv

{'type': 'send', 'payload': {'payload_type': 'dll', 'dll': 'wsc.dll', 'flag': 0}}
{'type': 'send', 'payload': {'payload_type': 'proc', 'proc': '_run@4'}}
ae90c0a08698d698182043ede236e528.exe,wsc.dll,0x0,_run@4

output

Reference

https://github.com/knight0x07/ImpulsiveDLLHijack