Added DLLirant 0.5 (new version in .NET)

Author: Sh0ckFR

DLLirant.NET.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.1.32421.90
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DLLirant.NET", "DLLirant.NET\DLLirant.NET.csproj", "{AF730346-CEF0-4CC6-A1CA-7FC0F6BA4DF1}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{AF730346-CEF0-4CC6-A1CA-7FC0F6BA4DF1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AF730346-CEF0-4CC6-A1CA-7FC0F6BA4DF1}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AF730346-CEF0-4CC6-A1CA-7FC0F6BA4DF1}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AF730346-CEF0-4CC6-A1CA-7FC0F6BA4DF1}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {F41CD02F-8AF4-480E-9D6D-C85F33C686E9}
+	EndGlobalSection
+EndGlobal

DLLirant.NET/App.config

@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.2" />
+    </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="ControlzEx" publicKeyToken="69f1c32f803d307e" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Security.Cryptography.Pkcs" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-6.0.0.1" newVersion="6.0.0.1" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Runtime" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.1.2.0" newVersion="4.1.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Reflection" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.1.2.0" newVersion="4.1.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Diagnostics.Tracing" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.2.0.0" newVersion="4.2.0.0" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>

DLLirant.NET/App.xaml

@@ -0,0 +1,17 @@
+<Application x:Class="DLLirant.NET.App"
+             xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
+             xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
+             xmlns:local="clr-namespace:DLLirant.NET"
+             StartupUri="MainWindow.xaml">
+    <Application.Resources>
+        <ResourceDictionary>
+            <ResourceDictionary.MergedDictionaries>
+                <!-- MahApps.Metro resource dictionaries. Make sure that all file names are Case Sensitive! -->
+                <ResourceDictionary Source="pack://application:,,,/MahApps.Metro;component/Styles/Controls.xaml" />
+                <ResourceDictionary Source="pack://application:,,,/MahApps.Metro;component/Styles/Fonts.xaml" />
+                <!-- Theme setting -->
+                <ResourceDictionary Source="pack://application:,,,/MahApps.Metro;component/Styles/Themes/Dark.Green.xaml" />
+            </ResourceDictionary.MergedDictionaries>
+        </ResourceDictionary>
+    </Application.Resources>
+</Application>

DLLirant.NET/App.xaml.cs

@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Configuration;
+using System.Data;
+using System.Linq;
+using System.Threading.Tasks;
+using System.Windows;
+
+namespace DLLirant.NET
+{
+    /// <summary>
+    /// Interaction logic for App.xaml
+    /// </summary>
+    public partial class App : Application
+    {
+    }
+}

DLLirant.NET/Classes/CodeGenerator.cs

@@ -0,0 +1,104 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.IO;
+using System.Management;
+
+namespace DLLirant.NET.Classes
+{
+    internal class CodeGenerator
+    {
+        public void GenerateDLL(string dllmain, List<string> importedFunctions = null)
+        {
+            string code =
+                "#include <windows.h>\r\n" +
+                "#include <stdio.h>\r\n\r\n" +
+
+                "#pragma comment (lib, \"User32.lib\")\r\n\r\n" +
+                "int Main() {\r\n" +
+                    "\tFILE* fptr;\r\n" +
+                    "\tfopen_s(&fptr, \"C:\\\\DLLirant\\\\output.txt\", \"w\");\r\n" +
+                    "\tfprintf(fptr, \"%s\", \"It works !\");\r\n" +
+                    "\tfclose(fptr);\r\n" +
+                    "\tMessageBoxW(0, L\"DLL Hijack found!\", L\"DLL Hijack\", 0);\r\n" +
+                    "\treturn 1;\r\n" +
+                "}\r\n\r\n" +
+                "BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)\r\n" +
+                "{\r\n" +
+                    "\tswitch (ul_reason_for_call) {\r\n" +
+                        "\t\tcase DLL_PROCESS_ATTACH:\r\n" +
+                            "\t\t\t" + dllmain + "\r\n" +
+                            "\t\t\tbreak;\r\n" +
+                        "\t\tcase DLL_THREAD_ATTACH:\r\n" +
+                        "\t\tcase DLL_THREAD_DETACH:\r\n" +
+                        "\t\tcase DLL_PROCESS_DETACH:\r\n" +
+                            "\t\t\tbreak;\r\n" +
+                    "\t}\r\n"+
+                    "\treturn TRUE;\r\n"+
+                    "}\r\n\r\n";
+                
+            if (importedFunctions != null) { code += string.Join("\n", importedFunctions.ToArray()); };
+
+            using (StreamWriter writer = new StreamWriter("output/dllmain.cpp"))
+            {
+                writer.WriteLine(code);
+            }
+
+            ExecuteCommand("cmd.exe", "/C clang++.exe dllmain.cpp -o DLLirantDLL.dll -shared");
+        }
+
+        public bool StartExecutable(string path)
+        {
+            ExecuteCommand(path);
+
+            if (File.Exists("C:\\DLLirant\\output.txt")) {
+                return true;
+            }
+            return false;
+        }
+
+        public void ExecuteCommand(string path, string arguments = null)
+        {
+            Process process = new Process();
+            ProcessStartInfo startInfo = new ProcessStartInfo();
+            startInfo.WindowStyle = ProcessWindowStyle.Hidden;
+            startInfo.FileName = path;
+            if (arguments != null)
+            {
+                startInfo.Arguments = arguments;
+            }
+            startInfo.WorkingDirectory = $"{Directory.GetCurrentDirectory()}\\output";
+            process.StartInfo = startInfo;
+            process.Start();
+            process.WaitForExit(10000);
+            KillProcessAndChildrens(process.Id);
+        }
+
+        private static void KillProcessAndChildrens(int pid)
+        {
+            ManagementObjectSearcher processSearcher = new ManagementObjectSearcher
+              ("Select * From Win32_Process Where ParentProcessID=" + pid);
+            ManagementObjectCollection processCollection = processSearcher.Get();
+
+            // We must kill child processes first!
+            if (processCollection != null)
+            {
+                foreach (ManagementObject mo in processCollection)
+                {
+                    KillProcessAndChildrens(Convert.ToInt32(mo["ProcessID"]));
+                }
+            }
+
+            // Then kill parents.
+            try
+            {
+                Process proc = Process.GetProcessById(pid);
+                if (!proc.HasExited) proc.Kill();
+            }
+            catch (ArgumentException)
+            {
+                // Process already exited.
+            }
+        }
+    }
+}

DLLirant.NET/Classes/FileOperations.cs

@@ -0,0 +1,41 @@
+using System;
+using System.IO;
+
+namespace DLLirant.NET.Classes
+{
+    internal class FileOperations
+    {
+        public void CreateDirectory(string path)
+        {
+            if (!Directory.Exists(path))
+                Directory.CreateDirectory(path);
+        }
+
+        public void DeleteDirectory(string path)
+        {
+            if (Directory.Exists(path))
+            {
+                try
+                {
+                    Directory.Delete(path, true);
+                } catch (UnauthorizedAccessException) { }
+            }
+        }
+
+        public void CopyFile(string file)
+        {
+            if (!File.Exists($"output/{Path.GetFileName(file)}"))
+            {
+                File.Copy(file, $"output/{Path.GetFileName(file)}");
+            }
+        }
+
+        public void RenameFile(string path, string newpath)
+        {
+            if (File.Exists(path))
+            {
+                File.Move(path, newpath);
+            }
+        }
+    }
+}