Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

PluginOK(牛插)中间件是一个实现网页浏览器(Web Browser)与本地程序(Local App)之间进行双向调用的低成本、强兼容、安全可控、轻量级、易集成、可扩展、跨浏览器的原生小程序系统。通过此中间件可实现网页前端JS脚本无障碍操作本地电脑各种硬件、调用本地系统API及相关组件功能，可彻底解决DLL模块、ActiveX控件及自动化程序(如微软Office、金山WPS、AutoCAD等)在Chrome、Edge、360、FireFox、IE、Opera、QQ、搜狗等浏览器各版本中的嵌入使用问题，媲美原Java Applet的效果

Stars: ✭ 391 (-1.26%)

Mutual labels: dll

Processinjection

Some ways to inject a DLL into a alive process

Stars: ✭ 255 (-35.61%)

Mutual labels: dll

Dependencies

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

Stars: ✭ 4,391 (+1008.84%)

Mutual labels: dll

qt mysql driver

Typical symptom: QMYSQL driver not loaded -> get pre-built Qt SQL driver plug-in required to connect QSqlDatabase to MySQL / MariaDB with QSqlDatabase::addDatabase("QMYSQL"). Download qsqlmysql.dll binaries built from official Qt source code

Stars: ✭ 102 (-74.24%)

Mutual labels: dll

CSwift

C Module for Swift, Swift Script and Dynamic Library Call;Swift中直接调用C语言源程序的展示程序

Stars: ✭ 46 (-88.38%)

Mutual labels: dll

Dotnet Sdk

百度AI开放平台 .Net SDK

Stars: ✭ 312 (-21.21%)

Mutual labels: dll

VARGEN

Сheat for CS:GO. Based on Osiris - https://github.com/danielkrupinski/Osiris

Stars: ✭ 12 (-96.97%)

Mutual labels: dll

C Cpp Notes

Notes about modern C++, C++11, C++14 and C++17, Boost Libraries, ABI, foreign function interface and reference cards.

Stars: ✭ 363 (-8.33%)

Mutual labels: dll

vue-cli-plugin-dll

Vue CLI 3 plugin for Webpack DllPlugin/DllReferencePlugin

Stars: ✭ 77 (-80.56%)

Mutual labels: dll

Melonloader

The World's First Universal Mod Loader for Unity Games that is Compatible with both Il2Cpp and Mono

Stars: ✭ 306 (-22.73%)

Mutual labels: dll

Process Inject

在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入

Stars: ✭ 395 (-0.25%)

Mutual labels: dll

Dokany

User mode file system library for windows with FUSE Wrapper

Stars: ✭ 4,055 (+923.99%)

Mutual labels: dll

Rcrl

Read-Compile-Run-Loop: tiny and powerful interactive C++ compiler (REPL)

Stars: ✭ 332 (-16.16%)

Mutual labels: dll

View All Similar Projects ➔

Introduction

By Chris Le Roy (@brompwnie) [email protected]

Rattler is a tool that automates the identification of DLL's which can be used for DLL preloading attacks. More information can be found in this blogpost https://sensepost.com/blog/2016/rattleridentifying-and-exploiting-dll-preloading-vulnerabilities/.

Rattler's associated research was presented @bsides Cape Town and the talk can be found here, https://www.youtube.com/watch?v=xvluwoPM8v8.

What does it do?

Rattler automatically enumerates an applications DLL's to identify and exploit DLL's which can be hijacked via a DLL preloading attack.

Getting the code

Firstly get the code:

git clone https://github.com/sensepost/rattler.git

Building the code

Rattler was developed using C++ with Microsoft Visual Studio 2015 using the default console application project settings.

Getting the binaries

Rattler compiled binaries can be found in the Releases section, https://github.com/sensepost/rattler/releases.

Usage

Depending on the target executable location, Rattler may need to be run with elevated permissions.

ratter_32.exe "c:\path\to\target\application.exe" 1

"c:\path\to\target\application.exe" =path to the executable you want to enumerate.
1 = Enumeration mode, only one at this point.

C:\Users\User\Desktop>Rattler_32.exe "C:\Users\User\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe"  1
[+] RATTLER
[*] TARGET APPLICATION: C:\Users\User\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
[+] STARTING UP...
[*] TARGET PROCESS ID: 3504
[+] IMPLEMENTING EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\SYSTEM32\CRYPTSP.dll
[*] INFO: DLL IS VULNERABLE TO EXECUTABLE TEST-> C:\Windows\SYSTEM32\CRYPTSP.dll

[*] TARGETING DLL-> C:\Windows\system32\rsaenh.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\SYSTEM32\ntmarta.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\SYSTEM32\feclient.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\system32\uxtheme.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\System32\MSCTF.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[*] TARGETING DLL-> C:\Windows\system32\dwmapi.dll
[*] TARGET DLL IS NOT VULNERABLE TO EXECUTABLE TEST

[+] EXECUTABLE TEST TOTAL DLL's IDENTIFIED: 43
[+] EXECUTABLE TEST TOTAL VULN COUNT: 1
[*] EXECUTABLE TEST VULNERABLE DLL-> C:\Windows\SYSTEM32\CRYPTSP.dll

Information

Rattler was developed using C++ using Microsoft Visual Studio 2015. Rattler can be used to test 64 and 32 bit applications. Rattler's default "payload" is a DLL (payload.dll) which invokes calc.exe. The default payload is 32bit. A 64bit payload can be used in conjunction with the 64bit executable to enumerate 64bit executables.

License

Rattler is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (http://creativecommons.org/licenses/by-nc-sa/4.0) Permissions beyond the scope of this license may be available at http://sensepost.com/contact.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 396

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (3) 🔗