Skip to content

Latest commit

 

History

History
28 lines (22 loc) · 912 Bytes

README.md

File metadata and controls

28 lines (22 loc) · 912 Bytes

RustClassicDllInjection

Classic DLL injection POC in Rust leveraging Windows API hashing.

Injection approach:

  • OpenProcess for the given process ID
  • VirtualAllocEx to allocate RW memory in the target process to write the DLL path
  • WriteProcessMemory to write the DLL path into the buffer allocated by VirtualAllocEx
  • CreateRemoteThread to create a remote thread in the target process that will execute LoadLibraryW using the DLL path from the buffer as the argument

Usage:

rust_classic_dll_injection.exe [target PID] [DLL path]

Example screenshot: classicdllinjection

Build

# debug
cargo build

# release
cargo build --release

References: