/perfect-dll-proxy

Perfect DLL Proxying using forwards with absolute paths.

Primary LanguagePythonBoost Software License 1.0BSL-1.0

Perfect DLL Proxy

A while ago I needed a proxy to perform DLL hijacking, but I did not like how existing solutions generated ASM stubs to deal with the forwarding. It turns out that there is a trick to get forwards to work with an absolute path:

#pragma comment(linker,
"/EXPORT:CredPackAuthenticationBufferA=\\\\.\\GLOBALROOT\\SystemRoot\\System32\\credui.dll.CredPackAuthenticationBufferA"
)

See the references for more information.

To automatically generate a DLL that exports everything and loads an arbitrary DLL (without intercepting functions), look at the following project: https://github.com/namazso/dll-proxy-generator

Usage

python -m pip install pefile
python perfect-dll-proxy.py credui.dll

References