OldSchoolHack

Register / Login English

Xenos

  • Category: Tools
  • Developer:
  • Uploaded by: KN4CK3R
  • Uploaded at:
  • System: Windows
Download (414.68 KB)

VirusTotal Result: 1/49

virustotal

Description

Features:
- Supports x86 and x64 processes and modules
- Injection of pure managed images without proxy dll(code was partially stolen from _Mike@OC)
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those that only have ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process(read more in Additional notes section)
- Image manual mapping

Supported OS - Win7 - Win8.1 x64. Should also work on x86 OS versions but I haven't tested it much.

Additional notes:
Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 processes; x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is.

Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case (especially in windows 7).

Restrictions:
- You can't inject 32 bit image into x64 process
- Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
- You can't manually map pure managed images, only native injection is supported for them
- May not work properly on x86 OS versions

Download Xenos
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory


Supported OS: Win7 - Win10 x64

Changelog:
+V2.3.1
- Win10 Fall Creators update support
- STATUS_UNSUCCESSFUL codes refactored
- Bug fixes

Screenshots:
/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.3.1
post
Trying to load the kernel mode driver in test mode gives me this: 

http://i.imgur.com/rWiICwT.png

Also are you willing to share the source code? 
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory


Supported OS: Win7 - Win10 x64

Changelog:
+V2.2.2
- Bug fixes, stability improvements

Screenshots:
/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.2.2
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory

Supported OS: Win7 - Win10 x64

Changelog:
+V2.2.1
- Win 10 10586 driver compatibility
- Minor GUI usability fixes
- Create process: working dir changed

Screenshots:
/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.2.1
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory

Supported OS: Win7 - Win10 x64

V2.2.0
- Command line options
- Separate x86/x64 profiles
- Pure IL exe manual mapping

Screenshots:
https://www.oldschoolhack.me/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.2.0
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory


Supported OS: Win7 - Win10 tech preview x64

Changelog

+V2.1.4
- VS 2015 runtime
- Win10 RTM support

Restrictions:
- You can't inject 32 bit image into x64 process
- Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
- You can't manually map pure managed images, only native injection is supported for them
- May not work properly on x86 OS versions
- Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.

Screenshots:
https://www.oldschoolhack.me/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.1.4
post
hallo
geht der noch ,nach dem BE update von gestern???

Mfg
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory


Supported OS: Win7 - Win10 tech preview x64

Changelog

+V2.1.3
- Win10 build 9926 support
- Win8.1 bug fixes

Screenshots:
https://www.oldschoolhack.me/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.1.3
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles

Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)

Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory

Supported OS: Win7 - Win10 tech preview x64

V2.1.2
- Fixed BSOD under win7 and win8.1 systems
- Major kernel manual map bug fixes
- Kernel logs

Screenshots:
https://www.oldschoolhack.me/hackdata/screenshot/thumb/f15d1569a9be33a62b9fe7b3e0134620.jpg

Download:
Xenos 2.1.2
post
Kategorie: Tools
Entwickler: DarthTon

Beschreibung:
Features:
- Supports x86 and x64 processes and modules
- Kernel injection (no process handle required)
- Injection of pure managed images without proxy dll(code was partially stolen from _Mike@OC)
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those that only have ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process(read more in Additional notes section)
- Image manual mapping

Changelog

+ V1.2.1
- ManuapMap: 'Hide mapped memory region' flag
- Manual map of system drivers
- Self-protection option (Tools -> Protect self)
- Improved injection into suspended process
- 'Close after injection' flag

V1.2.0
- Kernel injection methods
- Various bug fixes

V1.1.2
- Save/load last programm configuration
- Added command line for process launcher
- ManualMap: Discardable sections aren't mapped now (e.g. ".reloc")

V1.1.0
- Added module view
- Module unloading

V1.0.1:
- Fixed bug with remote memory deallocation after manual mapping
- Exception handler aren't created now if process has DEP turned off.

Supported OS - Win7 - Win8.1 x64. Should also work on x86 OS versions but I haven't tested it much.

Screenshots:
https://www.oldschoolhack.me/hackdata/screenshot/thumb/98cb1621657847504c5b28a31260852b.jpg

Download:
Xenos 1.2.1