Skip to content

W4ZM/TLSReveal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
cmake
cmake
 
 
dll
dll
 
 
src
src
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

TLSReveal

Automatically Launch and debug an executable, specifically targeting the UnsealMessage function in sspicli.dll to monitor TLS protocol buffer data recieved from a server, and includes a manual DLL mapper to inject custom Dll into the target process.

Features

  • Process Debugging: Launches and attaches to any 64-bit executable under the control of the Windows Debug API.
  • Targeted Memory Inspection: Sets a breakpoint on sspicli!UnsealMessage and automatically parses the SecBufferDesc and SecBuffer structures to extract and display the pvBuffer data upon execution.
  • Manual DLL Mapping: by manually mapping a 64-bit DLL into the target process's address space, bypassing standard LoadLibrary calls.
  • Cmake Script: Includes a .cmake script to automatically build and generate hex bytes from the dll and include them via header file in the project before it builds.

Building from Source

  1. Clone the repository git clone https://github.com/W4ZM/TLSReveal.git

  2. Build

    cd TLSReveal\

mkdir build\ && cd build\

cmake ..
cmake --build . --config Release

Usage

Change the #define EXE_NAME "target.exe" in src\main.cpp to the name of target executable. Launch The Loader.exe in the same folder with the target exe.
video

About

Loader + dll manual mapper

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages