Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jfmaes/TrustJack

Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows
https://github.com/jfmaes/TrustJack

Last synced: 22 days ago
JSON representation

Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows

Awesome Lists containing this project

README

        

# TrustJack
Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows

Blogpost: https://redteamer.tips/?p=108

To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL.
check the list in wietze's site to check how you should call your dll.

will automatically create c:\Windows \System32 and drop your dll and chosen binary in there, followed by execution.
Clean up after yourself by running trustjack again with the -c flag.

**You migh be missing fody 2.0, run nuget package restore to fix (right click Solution 'TrustJacker' and select 'restore NuGet packages')**

```
_______ _ _ _
|__ __| | | | | | |
| |_ __ _ _ ___| |_ | | __ _ ___| | __
| | '__| | | / __| __| | |/ _` |/ __| |/ /
| | | | |_| \__ \ || |__| | (_| | (__| <
|_|_| \__,_|___/\__\____/ \__,_|\___|_|\_\

V1.0.0 by https://twitter.com/Jean_Maes_1994
Usage:
--dllpath=VALUE Path to the dll on the computer
--binary=VALUE The binary name to pop the shell
-c, --clean, --cleanup Cleanup the fake folder and it's contents
-h, -?, --help show this help menu.

```
![Alt Text](https://redteamer.tips/wp-content/uploads/2020/07/TrustJack.gif)