OldSchoolHack

Registrieren /

Neue Beiträge Erweiterte Suche

Xenos

Sa 14. Dez 2013, 01:23	Xenos	#1
KN4CK3R Administrator Anmeldungsdatum: Aug 2007 Beiträge: 8643 Benutzer-Bewertung: 199 positiv 33 negativ	Kategorie: Tools Entwickler: Ton Beschreibung: Features: - Supports x86 and x64 processes and modules - Injection of pure managed images without proxy dll(code was partially stolen from _Mike@OC) - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those that only have ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process(read more in Additional notes section) - Image manual mapping Supported OS - Win7 - Win8.1 x64. Should also work on x86 OS versions but I haven't tested it much. Additional notes: Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 processes; x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is. Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case (especially in windows 7). Restrictions: - You can't inject 32 bit image into x64 process - Use x86 version to manually map 32 bit images and x86 version to map 64 bit images - You can't manually map pure managed images, only native injection is supported for them - May not work properly on x86 OS versions Screenshots: Download: Xenos __________________ Hallo
KN4CK3R ist offline

Do 18. Sep 2014, 15:08		#2
KN4CK3R Administrator Anmeldungsdatum: Aug 2007 Beiträge: 8643 Benutzer-Bewertung: 199 positiv 33 negativ	Kategorie: Tools Entwickler: DarthTon Beschreibung: Features: - Supports x86 and x64 processes and modules - Kernel injection (no process handle required) - Injection of pure managed images without proxy dll(code was partially stolen from _Mike@OC) - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those that only have ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process(read more in Additional notes section) - Image manual mapping Changelog + V1.2.1 - ManuapMap: 'Hide mapped memory region' flag - Manual map of system drivers - Self-protection option (Tools -> Protect self) - Improved injection into suspended process - 'Close after injection' flag V1.2.0 - Kernel injection methods - Various bug fixes V1.1.2 - Save/load last programm configuration - Added command line for process launcher - ManualMap: Discardable sections aren't mapped now (e.g. ".reloc") V1.1.0 - Added module view - Module unloading V1.0.1: - Fixed bug with remote memory deallocation after manual mapping - Exception handler aren't created now if process has DEP turned off. Supported OS - Win7 - Win8.1 x64. Should also work on x86 OS versions but I haven't tested it much. Screenshots: Download: Xenos 1.2.1 __________________ Hallo
KN4CK3R ist offline

Fr 30. Jan 2015, 11:20		#3
KN4CK3R Administrator Anmeldungsdatum: Aug 2007 Beiträge: 8643 Benutzer-Bewertung: 199 positiv 33 negativ	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 tech preview x64 V2.1.2 - Fixed BSOD under win7 and win8.1 systems - Major kernel manual map bug fixes - Kernel logs Screenshots: Download: Xenos 2.1.2 __________________ Hallo
KN4CK3R ist offline

Mi 18. Mär 2015, 16:05		#4
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 tech preview x64 Changelog +V2.1.3 - Win10 build 9926 support - Win8.1 bug fixes Screenshots: Download: Xenos 2.1.3
System ist offline

Sa 21. Mär 2015, 15:02		#5
AlBundy Anmeldungsdatum: Jan 2015 Beiträge: 4	hallo geht der noch ,nach dem BE update von gestern??? Mfg
AlBundy ist offline

Sa 15. Aug 2015, 15:29		#6
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 tech preview x64 Changelog +V2.1.4 - VS 2015 runtime - Win10 RTM support Restrictions: - You can't inject 32 bit image into x64 process - Use x86 version to manually map 32 bit images and x86 version to map 64 bit images - You can't manually map pure managed images, only native injection is supported for them - May not work properly on x86 OS versions - Kernel injection is only supported on x64 OSes and requires Driver Test signing mode. Screenshots: Download: Xenos 2.1.4
System ist offline

Do 20. Aug 2015, 23:41		#7
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 x64 V2.2.0 - Command line options - Separate x86/x64 profiles - Pure IL exe manual mapping Screenshots: Download: Xenos 2.2.0
System ist offline

Fr 22. Jan 2016, 16:50		#8
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 x64 Changelog: +V2.2.1 - Win 10 10586 driver compatibility - Minor GUI usability fixes - Create process: working dir changed Screenshots: Download: Xenos 2.2.1
System ist offline

Mi 6. Apr 2016, 17:55		#9
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 x64 Changelog: +V2.2.2 - Bug fixes, stability improvements Screenshots: Download: Xenos 2.2.2
System ist offline

So 24. Apr 2016, 12:17		#10
LennyPenny Anmeldungsdatum: Okt 2011 Beiträge: 1	Trying to load the kernel mode driver in test mode gives me this: Also are you willing to share the source code?
LennyPenny ist offline

Sa 11. Nov 2017, 12:46		#11
System Anmeldungsdatum: Aug 2007 Beiträge: 1957	Kategorie: Tools Entwickler: DarthTon Beschreibung: - Supports x86 and x64 processes and modules - Kernel-mode injection feature (driver required) - Manual map of kernel drivers (driver required) - Injection of pure managed images without proxy dll - Windows 7 cross-session and cross-desktop injection - Injection into native processes (those having only ntdll loaded) - Calling custom initialization routine after injection - Unlinking module after injection - Injection using thread hijacking - Injection of x64 images into WOW64 process - Image manual mapping - Injection profiles Manual map features: - Relocations, import, delayed import, bound import - Static TLS and TLS callbacks - Security cookie - Image manifests and SxS - Make module visible to GetModuleHandle, GetProcAddress, etc. - Support for exceptions in private memory under DEP - C++/CLI images are supported (use 'Add loader reference' in this case) Kernel manual map features are mostly identical to user-mode with few exceptions: - No C++ exception handling support for x64 images (only SEH) - No static TLS - No native loader compatibility - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory Supported OS: Win7 - Win10 x64 Changelog: +V2.3.1 - Win10 Fall Creators update support - STATUS_UNSUCCESSFUL codes refactored - Bug fixes Screenshots: Download: Xenos 2.3.1
System ist offline