jfmaes/TrustJack jfmaes/TrustJack

  • Stars
    star
    142
  • Rank 258,495 (Top 6 %)
  • Language
    C#
  • License
    GNU General Publi...
  • Created over 4 years ago
  • Updated over 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
jfmaes/TrustJack
github

jfmaes

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows

TrustJack

Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows

Blogpost: https://redteamer.tips/?p=108

To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL. check the list in wietze's site to check how you should call your dll.

will automatically create c:\Windows \System32 and drop your dll and chosen binary in there, followed by execution. Clean up after yourself by running trustjack again with the -c flag.

You migh be missing fody 2.0, run nuget package restore to fix (right click Solution 'TrustJacker' and select 'restore NuGet packages')

 _______             _       _            _
|__   __|           | |     | |          | |
   | |_ __ _   _ ___| |_    | | __ _  ___| | __
   | | '__| | | / __| __|   | |/ _` |/ __| |/ /
   | | |  | |_| \__ \ || |__| | (_| | (__|   <
   |_|_|   \__,_|___/\__\____/ \__,_|\___|_|\_\


 V1.0.0 by https://twitter.com/Jean_Maes_1994
Usage:
      --dllpath=VALUE        Path to the dll on the computer
      --binary=VALUE         The binary name to pop the shell
  -c, --clean, --cleanup     Cleanup the fake folder and it's contents
  -h, -?, --help             show this help menu.

Alt Text

More Repositories

1

LazySign

Create fake certs for binaries using windows binaries and the power of bat files
PowerShell
543
star
2

SharpZipRunner

Executes position independent shellcode from an encrypted zip
C#
300
star
3

Invoke-DLLClone

Koppeling x Metatwin x LazySign
PowerShell
201
star
4

SharpHandler

C#
181
star
5

AmsiHooker

Hookers are cooler than patches.
C#
167
star
6

GG-AESY

Hide cool stuff in images :)
C#
144
star
7

SharpNukeEventLog

nuke that event log using some epic dinvoke fu
C#
114
star
8

SharpLNKGen-UI

UI for creating LNKs
C#
96
star
9

SharpRDPDump

Create a minidump of TermService for clear text pw extraction
C#
87
star
10

Backdoorplz

adding a backdooruser using win32api
C++
79
star
11

Red-EC2

Spin up RedTeam infrastructure on AWS via Ansible
59
star
12

DeepSleep

all credits go to @mgeeky
C
58
star
13

CSharpReflectionWorkshop

The repository that complements the From zero to hero: creating a reflective loader in C# workshop
C#
37
star
14

Clippi-B

C#
34
star
15

FunWithServerless

Python
23
star
16

Emulation-Workshop

The repository accompanying the Buer Emulation workshop
C#
23
star
17

Ansible-EmpireSuite

ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)
23
star
18

CMDLL

the most basic DLL ever to pop a cmd.
C++
22
star
19

Red-Route53-Interactive

17
star
20

talks-cons

aggregated repo for all conferences and talks I am giving
C#
17
star
21

Ansible-Cobalt-Strike

An Ansible role to install cobalt-strike
16
star
22

SharpXOR

XOR crypt/decrypt using C#
C#
12
star
23

blogposts-talks-and-tidbits

all random stuff that dont warrant a seperate repo
C
12
star
24

Parsers

parsers to make life easier
Python
12
star
25

DRegHide

fun stuff with null bytes and dinvoke
C#
8
star
26

sharpbysentinel

lol firewall
C#
7
star
27

impacket-nomulti-adcs-shadowcreds

in case clients are annoying with enforcing signing :)
Python
7
star
28

SEC565-Tools

PowerShell
5
star
29

NerveGas

messing around with ETW in C#
C#
4
star
30

x33fcon-workshop

PowerShell
3
star
31

RegFetch

Interfaces with winsockets to fetch a txt file, parses the file and changes the registry accordingly
C++
2
star
32

BeFree

get rid of pesky registry restrictions.
PowerShell
2
star
33

Get-ServiceACL

courtesey of a gist I found on github
PowerShell
1
star