Git Product home page Git Product logo

memn0ps_rdi-rs's Introduction

Reflective Loader in Rust (4KB in size)

A small reflective loader PoC in Rust. I remade this from my old project (https://github.com/memN0ps/arsenal-rs/tree/main/rdi-rs), which is almost the same but has a smaller file size, thanks to this repo: https://github.com/johnthagen/min-sized-rust

Features

More coming soon, maybe or maybe I'll modify the Shellcode Reflective DLL Injection project to work better: https://github.com/memN0ps/srdi-rs

Example

Bring your own injector (BYOI) or the simple injector in this PoC for testing.

  1. Open notepad.exe

  2. Build the reflective_loader project in release.

PS C:\Users\developer\Documents\GitHub\rdi-rs\reflective_loader> cargo build --release
   Compiling reflective_loader v0.1.0 (C:\Users\developer\Documents\GitHub\rdi-rs\reflective_loader)
    Finished release [optimized] target(s) in 0.48s
PS C:\Users\developer\Documents\GitHub\rdi-rs\reflective_loader>
  1. Set the Powershell environment variable for debugging and cargo run
C:\Users\developer\Documents\GitHub\rdi-rs\inject> $Env:RUST_LOG="info"

PS C:\Users\developer\Documents\GitHub\rdi-rs\inject> cargo run

[2023-03-21T09:29:31Z INFO  inject] [+] Process ID: 3028
[2023-03-21T09:29:31Z INFO  inject] [+] IMAGE_DOS_HEADER: 0x7ff72e8080d0
[2023-03-21T09:29:31Z INFO  inject] [+] IMAGE_NT_HEADERS: 0x7ff72e8081a8
[2023-03-21T09:29:31Z INFO  inject] [+] Process handle: 244
[2023-03-21T09:29:31Z INFO  inject] [+] Remote allocated memory region for the dll: 0x19162c10000
[2023-03-21T09:29:31Z INFO  inject] [+] Local Reflective Loader Address/offset: 0x7ff72e8084d0
[2023-03-21T09:29:31Z INFO  inject] [+] Remote Reflective Loader Address/offset: 0x19162c10400
[2023-03-21T09:29:31Z INFO  inject] [+] entry_point: 0x19162c1151b
[2023-03-21T09:29:31Z INFO  inject] [+] Injection Completed
  1. You should see the following

poc

  1. File size

size

size

Note: This is just a PoC, and there is still some OPSEC to worry about. I'll leave that as an exercise for the user. I have included the references below for you to check out to weaponize this for red team engagements.

Credits / References / Motivation / Thanks

memn0ps_rdi-rs's People

Contributors

memn0ps avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.