Government Security
Network Security Resources

Jump to content

Photo

The Syringe V1.1

penetration penetration test tools
  • Please log in to reply
4 replies to this topic

#1 White Scorpion

White Scorpion

    Sergeant First Class

  • Sergeant Major
  • 674 posts

Posted 24 January 2008 - 11:41 PM

The Syringe v1.1
The Syringe is a command line tool which allows you to inject a DLL into a running process.
This program allows you to use 2 different techniques to inject your own code through a DLL into a running process.
This can be useful during penetration tests to run code under the credentials of the running process.
The two techniques available are:
# Using the CreateRemoteThread API
# By Hijacking the main thread of the target process

Both techniques have their own advantages and disadvantages. Read the README in the download for more information.


The Syringe can be downloaded here.
The path of access leads to the server of wisdom..

The Syringe - My Latest Project.
Errors, Vulnerabilities & Exploits explained.
----
www.white-scorpion.nl
www.info-sec.eu
www.info-sec.info

#2 extreme

extreme

    Specialist

  • Sergeant Major
  • 615 posts

Posted 28 March 2008 - 04:35 PM

Are you planning to release source code for this? Would be really interesting to see it..
САМО СЛОГА СРБИНА СПАСАВА

#3 Baphomet

Baphomet

    Corporal

  • Members
  • 191 posts

Posted 29 March 2008 - 02:00 PM

Source in assembly is available on request for learning purposes.


He who sacrifices freedom for security deserves neither ~ B. Franklin
You can fool all the people some of the time, and some of the people all the time, but you cannot fool all the people all the time ~ A. Lincoln

#4 White Scorpion

White Scorpion

    Sergeant First Class

  • Sergeant Major
  • 674 posts

Posted 03 April 2008 - 06:34 AM

Yep,

Usually most people won't be interested in the source anyway, so it's pretty useless adding it to the download ;)

But if you want it, let me know ;)
The path of access leads to the server of wisdom..

The Syringe - My Latest Project.
Errors, Vulnerabilities & Exploits explained.
----
www.white-scorpion.nl
www.info-sec.eu
www.info-sec.info

#5 sorzai

sorzai

    Private

  • Members
  • 4 posts

Posted 21 July 2008 - 07:09 PM

I wouldn't mind if you add the source to the package for educational usage.
Different implementations are always good for learning.





Also tagged with one or more of these keywords: penetration, penetration test, tools