Hacking News server_switch_sides

Published on December 31st, 2017 | Post Views: 3,296  Hits Post Views

TeamViewer Permissions Hook: injectable C++ dll to change TeamViewer permissions

A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions.

Features

  • As the Server – Enables extra menu item options on the right side pop-up menu. Most useful so far to enable the “switch sides” feature which is normally only active after you have already authenticated control with the client, and initiated a change of control/sides.
  • As the Client – Allows for control of the mouse with disregard to servers current control settings and permissions.

Install

Requirements

  • Your favorite Manual Mapper, PE Loader, DLL Injector, inject into – “TeamViewer.exe”
  • This version was Built on Windows 10, for TeamViewer x86 Version 13.0.5058 – (Other versions of TeamViewer have not been tested but with more robust signatures it may work, Linux not supported)

Download

git clone https://github.com/gellin/TeamViewer_Permissions_Hook_V1.git

Usage

▼Advertisements

As the Server

 

Client

 

Rundown

  • Utilizes signature/pattern scanning to dynamically locate key parts in the code at which the assembly registers hold pointers to interesting classes. Applies inline naked hooks a.k.a code caves, to hi-jack the pointers to use for modification via direct memory access to their reversed classes.
  • Inject and follow the steps

Disclaimer

  • Developed for educational purposes as a proof of concept for testing. I do not condone the or support the use of this software for unethical or illicit purposes. No responsibility is held or accepted for misuse.

Credit

@timse93” class=”wp-links-icon”>@timse93 – Research and Testing

Source: https://github.com/gellin

 












Leave a Reply

Back to Top ↑

Read previous post:
Phone-PIN
Malicious Apps Could Guess Your Phone’s PIN Using Sensors Data

Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts...

Close