Skip to content

Classic DLL injection POC in Rust leveraging windows API hashing

Notifications You must be signed in to change notification settings

uruwhy/RustClassicDllInjection

Repository files navigation

RustClassicDllInjection

Classic DLL injection POC in Rust leveraging Windows API hashing.

Injection approach:

  • OpenProcess for the given process ID
  • VirtualAllocEx to allocate RW memory in the target process to write the DLL path
  • WriteProcessMemory to write the DLL path into the buffer allocated by VirtualAllocEx
  • CreateRemoteThread to create a remote thread in the target process that will execute LoadLibraryW using the DLL path from the buffer as the argument

Usage:

rust_classic_dll_injection.exe [target PID] [DLL path]

Example screenshot: classicdllinjection

Build

# debug
cargo build

# release
cargo build --release

References:

About

Classic DLL injection POC in Rust leveraging windows API hashing

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages