[Reverse Engeenering Module 1] Advance Dll Hijacking For Blackhats And Cybersecurity Experts

Thefreedom

Thefreedom

JF-Expert Member
Jan 27, 2019
319
313
Habari za muda huu friends.
Thefreedom is back agian na leo tutadiscuss very briefly kuhusu dll hijacking katika software ambazo ziko vulnerable to gain access.

DLL-Hijacking-banner.png


lengo kuu ni kujikinga na kujifunza kwa kina ni kwa jinsi gani hawa hackers wanavyoweza kugain access kwenye most secured system via dll hijacking.

nitaenda kueleezea very short upate mwanga kisha utadownload video hapo chini ili ukae kwa mda wako ujifunze kwa kina.

NINI MAANA YA DLL HIJACKING?

DLL hijacking hii ni moja ya technique ambazo hutumiwa na wadukuzi ku gain access kwenye secured system kwa kutumia windows software ambazo hutegemea(load) system Dynamic Link Libraries.

mfano nimedownload setup ya vlc.exe , hii vlc iliiweze kurun kwenye windows os ina dll (libraries) ambazo zinakuwa searched then zikimalizika kuwa processed basi utaona setup windows ya vlc kwenye pc yako. sasa dll hijacking inakuja mfano hii software wakati wa ku load hizo required dll inahitaji dll yenye jina mfano maharage.dll kwenye desktop au windows files , huyu mdukuzi anachofanya anatengeneza backdoor.dll ambayo atairename jina sawa na ile dll ambayo inahitajika na hio VLC ili kumaliza task.

so ukirun vlc.exe basi itanyanyua ile malicious dll na kuiexecute kwenye system ya user pasipo user kufahamu kitu chochote na mwisho mdukuzi huyu ataaingia kwenye system yako silently as administrator na kufanya chochote anachotaka as normal user (ambaye ni wewe mwenye pc)

hivo basi katika huuu uziii nimetumia kaspersky na kama unahisi ndiyo antivirus best kwako basi inabidi uwe makin maana hii exploit hawajaidetect mpaka dkk hii.

na kuthibitisha hii ndo scan result ya malicious dll malicious DLL SCAN RESULTS 1/26 2020

requirements
1. virtualization knowledge
2. windows os ( 7,8,10)
3. internet connection
4. IDA pro free reverse engeenering toolkit download it IDA PRO CLEAN NO VIRUS
5. processor Hacker https://github.com/processhacker/processhacker/releases/download/v2.39/processhacker-2.39-setup.exe
6. processor monitor Process Monitor - Windows Sysinternals
7. KALI LINUX (natumia linux kde 2020.2)

download full MY demostration video HAPA

NOTE: STILL TUNAJIFUNZA SIKO PERFECT SO USITUMIE KUUUMIZA WENGINE

cc.jpg
 
Thefreedom said:
Habari za mda huu friends.
Thefreedom is back agian na leo tutadiscuss very briefly kuhusu dll hijacking katika software ambazo ziko vulnerable to gain access.

View attachment 1447758

lengo kuu ni kujikinga na kujifunza kwa kina ni kwa jinsi gani hawa hackers wanavyoweza kugain access kwenye most secured system via dll hijacking.

nitaenda kueleezea very short upate mwanga kisha utadownload video hapo chini ili ukae kwa mda wako ujifunze kwa kina.

NINI MAANA YA DLL HIJACKING?

DLL hijacking hii ni moja ya technique ambazo hutumiwa na wadukuzi ku gain access kwenye secured system kwa kutumia windows software ambazo hutegemea(load) system Dynamic Link Libraries.

mfano nimedownload setup ya vlc.exe , hii vlc iliiweze kurun kwenye windows os ina dll (libraries) ambazo zinakuwa searched then zikimalizika kuwa processed basi utaona setup windows ya vlc kwenye pc yako. sasa dll hijacking inakuja mfano hii software wakati wa ku load hizo required dll inahitaji dll yenye jina mfano maharage.dll kwenye desktop au windows files , huyu mdukuzi anachofanya anatengeneza backdoor.dll ambayo atairename jina sawa na ile dll ambayo inahitajika na hio VLC ili kumaliza task.

so ukirun vlc.exe basi itanyanyua ile malicious dll na kuiexecute kwenye system ya user pasipo user kufahamu kitu chochote na mwisho mdukuzi huyu ataaingia kwenye system yako silently as administrator na kufanya chochote anachotaka as normal user (ambaye ni wewe mwenye pc)

hivo basi katika huuu uziii nimetumia kaspersky na kama unahisi ndiyo antivirus best kwako basi inabidi uwe makin maana hii exploit hawajaidetect mpaka dkk hii.

na kuthibitisha hii ndo scan result ya malicious dll malicious DLL SCAN RESULTS 1/26 2020

requirements
1. virtualization knowledge
2. windows os ( 7,8,10)
3. internet connection
4. IDA pro free reverse engeenering toolkit download it IDA PRO CLEAN NO VIRUS
5. processor Hacker https://github.com/processhacker/processhacker/releases/download/v2.39/processhacker-2.39-setup.exe
6. processor monitor Process Monitor - Windows Sysinternals
7. KALI LINUX (natumia linux kde 2020.2)


download full MY demostration video HAPA

NOTE: STILL TUNAJIFUNZA SIKO PERFECT SO USITUMIE KUUUMIZA WENGINE

View attachment 1447764
Click to expand...
Kazi nzuri.
 
Ida pro freee iko freee google


Sent from my iPhone using JamiiForums
 
Thefreedom said:
Habari za muda huu friends.
Thefreedom is back agian na leo tutadiscuss very briefly kuhusu dll hijacking katika software ambazo ziko vulnerable to gain access.

View attachment 1447758

lengo kuu ni kujikinga na kujifunza kwa kina ni kwa jinsi gani hawa hackers wanavyoweza kugain access kwenye most secured system via dll hijacking.

nitaenda kueleezea very short upate mwanga kisha utadownload video hapo chini ili ukae kwa mda wako ujifunze kwa kina.

NINI MAANA YA DLL HIJACKING?

DLL hijacking hii ni moja ya technique ambazo hutumiwa na wadukuzi ku gain access kwenye secured system kwa kutumia windows software ambazo hutegemea(load) system Dynamic Link Libraries.

mfano nimedownload setup ya vlc.exe , hii vlc iliiweze kurun kwenye windows os ina dll (libraries) ambazo zinakuwa searched then zikimalizika kuwa processed basi utaona setup windows ya vlc kwenye pc yako. sasa dll hijacking inakuja mfano hii software wakati wa ku load hizo required dll inahitaji dll yenye jina mfano maharage.dll kwenye desktop au windows files , huyu mdukuzi anachofanya anatengeneza backdoor.dll ambayo atairename jina sawa na ile dll ambayo inahitajika na hio VLC ili kumaliza task.

so ukirun vlc.exe basi itanyanyua ile malicious dll na kuiexecute kwenye system ya user pasipo user kufahamu kitu chochote na mwisho mdukuzi huyu ataaingia kwenye system yako silently as administrator na kufanya chochote anachotaka as normal user (ambaye ni wewe mwenye pc)

hivo basi katika huuu uziii nimetumia kaspersky na kama unahisi ndiyo antivirus best kwako basi inabidi uwe makin maana hii exploit hawajaidetect mpaka dkk hii.

na kuthibitisha hii ndo scan result ya malicious dll malicious DLL SCAN RESULTS 1/26 2020

requirements
1. virtualization knowledge
2. windows os ( 7,8,10)
3. internet connection
4. IDA pro free reverse engeenering toolkit download it IDA PRO CLEAN NO VIRUS
5. processor Hacker https://github.com/processhacker/processhacker/releases/download/v2.39/processhacker-2.39-setup.exe
6. processor monitor Process Monitor - Windows Sysinternals
7. KALI LINUX (natumia linux kde 2020.2)

download full MY demostration video HAPA

NOTE: STILL TUNAJIFUNZA SIKO PERFECT SO USITUMIE KUUUMIZA WENGINE

View attachment 1447764
Click to expand...
Nimechelea kidg jamaaa... Ila niko na wewe!... Lets learn tugeza..... Asnt kwa kushare mautamu jamaa!

Sent using POSTA
 
Upepo wa Pesa said:
Mi sihitaji mengi, nimekua nikitumia kasperky muda mrefu na leo ukaniambia si nzuri.

Kwa uzoefu wako ni ipi anti virus nzuri na je hiyo kapersky unayo tumia ni premium?
Click to expand...

Sijakuambia sio nzuri nimesema kuwa makini !!

Alafu kwan unadhan kubypass ni kaziii nina backdoor za reverse base64 PE rats zinabypass iwe premium iwe freee .


Hio dll nilishatest kwenye premium scans na local scan
 
Hapo mkuu huyu backdoor atakaetengenezwa na attacker atakua part ya hii software ya vlc.exe au ni njia ipi uyo backoor atakuwepo kwny victim pc na kua executed once io installation inafanyika
 
curry_atomic said:
Hapo mkuu huyu backdoor atakaetengenezwa na attacker atakua part ya hii software ya vlc.exe au ni njia ipi uyo backoor atakuwepo kwny victim pc na kua executed once io installation inafanyika
Click to expand...

Swal zuriiii !!

Iko iviii ukijaribu kuangalia video yangu kwa makini nilianza kwanza kusearch dll ambazo ziko NAME NOT FOUND yani haziko kwenye windows system lakn by default zinakuwa called na kaspersky software iki run

Na tukaona msi.dll iko name not found ambapo hiii software iliyegemea iwepo kwenye desktop

So kilichofanika nilirename malicious.dll as msi.dll na nikaiweka sehemu nilipoooona imekuwa ikitegemewa iwepo ambapo ni kwenye desktop ya victim. THIS IS JUST AN ASSUMPTION

ila ukija kwenye serious issue tunaaangalia dll ambazo ziko called ila ni name not found inside of installation.exe (setup ya software yako)

Ndo maana cracked software unakuta ipo kwenye zip ila ukire unzip unakuta vikorokoro ving sijui keygen, mara patch.dll sasa humo humo tunaweza weka zaga so instead isearch kwenye desktop this time itasearch inside au ndani ya installation setup ya software

So user akirun ile software ita fire up ur backdoor na utapata connection

Na hii ni pale tu ambapo atafire up installation au app ambayo iko installed already

DONT WORRY NIKIPATA MDA UTANIELEWA KWENYE UZI WANGU MWINGINE nikiongelea my new project inaitwa MOTHERBOARD DIGEST yani hii single dll ila inahijack all built-in Microsoft softwares (calc.exe , notepad.exe, explorer n.k USER akifungua program yyte ile dll ina send connection kwa hacker


Sorry nimeeelezea kiupana uelewe
 
You must log in or register to reply here.

Similar Discussions

Back
Top Bottom
Forums
New posts
Post thread
Back