-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathBuild-Library.ps1
19 lines (19 loc) · 1.21 KB
/
Build-Library.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# Compile the 32 and 64 bits versions of a evil DLL to be used to test/exploit a DLL Hijacking vulnerability on a Windows target.
# Source: https://book.hacktricks.xyz/windows/windows-local-privilege-escalation/dll-hijacking#your-own
# See https://github.com/actions/virtual-environments/blob/main/images/win/Windows2022-Readme.md
$Env:PATH += ";C:\CygwinX64\cygwin\bin;"
$libFileName = ".\templates\dll_hijacking_lib.c"
New-Item -ItemType "directory" -Path ".\library_dist"
Write-Host "[+] Compile 32 bits version..."
i686-w64-mingw32-g++.exe $libFileName -lws2_32 -o evil_x86.dll -shared
Write-Host "[+] Compile 64 bits version..."
x86_64-w64-mingw32-g++.exe $libFileName -lws2_32 -o evil_x64.dll -shared
Write-Host "[+] Archive compiled elements..."
Copy-Item -Path ".\evil_x86.dll" -Destination "library_dist"
Copy-Item -Path ".\evil_x64.dll" -Destination "library_dist"
Write-Host "[+] Compiled file types:"
file ".\library_dist\evil_x86.dll"
file ".\library_dist\evil_x64.dll"
Write-Host "[+] Compute hash of compiled elements..."
Get-FileHash -Algorithm SHA256 ".\library_dist\*.dll" | Format-List
Get-FileHash -Algorithm SHA256 ".\library_dist\*.dll" | Format-List | Out-File -FilePath ".\library_dist\hash.txt" -Encoding "utf8"