Dragnmove
Infect Shared Files In Memory for Lateral Movement
Install / Use
/learn @OccamsXor/DragnmoveREADME
Dragnmove
Dragnmove is a post-exploitaition tool that infects files shared between users in order to move from one system to another. Dragnmove can detect actions like dropping a file into the browser window or attaching a file to an email client. After Dragnmove detects the action, it hooks CreateFile API calls to modify handles.
Usage
- WORK IN PROGRESS!!!
- Change TARGETWINDOW and PAYLOADFILE according to your environment
- Compile Dragnmove with VS2019-VS2022.
- Inject Dragnmove DLL into target process.
TODO
- Stabilize tool for different applications
- Create BOF version
- Implement auto infection mechanism
Related Skills
node-connect
347.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
107.8kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
347.0kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
347.0kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
