Skip to content

xpn/CloudInject

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Hooker
Hooker
 
 
Injector
Injector
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CloudInject

This is a simple tool which can be used to inject a DLL into third-party AD connectors to harvest credentials.

This tool has been tested with:

  • AzureAD Connect
  • OKTA AD Connector
  • OneLogin AD Connector

The API call hooked is LogonUserW which seems to be used by each AD Connector.

More information can be found in the blog post https://blog.xpnsec.com/identity-providers-redteamers/.

Building

To build, we can use Visual Studio, or use Mingw32 with:

x86_64-w64-mingw32-g++ Hooker/hooker.cpp -o Hooker/hooker.dll -static -shared
x86_64-w64-mingw32-g++ Injector/injector.cpp -o Injector/injector.dll -static

Usage

To use this tool, simply save hooker.dll to a location which is readable by the AD Connector service. For example, C:\Tools\hooker.dll and then run:

Injector.exe [PID] [FULL DLL PATH]

For example:

Injector.exe 6100 C:\Tools\hooker.dll

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

117 stars

Watchers

2 watching

Forks

16 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages