View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002353||Kali Linux||[All Projects] New Tool Requests||public||2015-06-22 09:09||2018-01-29 15:16|
|Target Version||Fixed in Version|
|Summary||0002353: TLS Injector. Injecting shellcodes through TLS callbacks|
|Description||TlsInjector.py is a script in python that lets you inject a shellcode in a binary to be executed through TLS callbacks. |
As far as I know there isn't any tool that let's you backdoor a binary using this method in an automated way. The fact of using a TLS callback instead of the usual injection techniques has some added advantages; for example, you don’t need to modify the entry point to jump/call to the code cave and then redirect the execution flow to the original program. Another key advantage is that a TLS callback runs the code before the entry point is reached.
The script will accept the shellcode you want to inject and the target binary. The script also includes a payload that let's you inject (though LoadLibrary) an evil DLL. You only need to use the -l option and feed it with the DLL path as a parameter.
More payloads will be included as needed.
The tools is available in Github:
|Steps To Reproduce||$ python tlsInjector.py -h|
Inject a shellcode into a binary and run it through a TLS callback
-s <file> - Shellcode to be executed by the TLS callback
-f <file> - Target binary
-o <file> - Output file (default: tls_injected.exe)
-t - Create a new section (no code caves search)
-r - Set basereloc directory to 0x0
-l <path dll> - Loadlibrary payload: the shellcode will load the DLL supplied
-h - Help
python tlsInjector.py -s reverse_tcp.bin -f putty.exe -r
python tlsInjector.py -f putty.exe -l evil.dll -t
We need to do the following:
apt-get install python-pefile
Before you use this python script for the first time.
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool?
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [How to install] - How do you compile it?
- [How to use] - What are some basic commands/functions to demonstrate it?