VeraCryptThief by itself is a standalone DLL that when injected in the VeraCrypt.exe process, will perform API hooking via Detours, extract the clear-text credentials and save them to a file.
An injector program makes use of sRDI technique to generate a reflective DLL shellcode and inject it into the target process with the help of D/Invoke API.
DISCLAIMER. All information contained in this repository is provided for educational and research purposes only. The author is not responsible for any illegal use of this tool.
- SEKTOR7 Institute (@SEKTOR7net) for the RED TEAM Operator: Malware Development Intermediate Course.
- @0x09AL for RdpThief.
- @monoxgas for sRDI.
- @TheWover and @FuzzySecurity for DInvoke.