QRouland/injectionforge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Start working on dll proxying

Browse Source
This commit is contained in:
Dimitris Zervas 2023-05-25 17:48:18 +03:00
parent a5880b5bed
commit 4928bd9684
No known key found for this signature in database
GPG Key ID: 5C27D7C9D1901A30
4 changed files with 97 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
Cargo.lock generated
View File

@ -227,6 +227,7 @@ dependencies = [
"ctor", "ctor",
"frida", "frida",
"frida-sys", "frida-sys",
"goblin",
"lazy_static", "lazy_static",
] ]
@ -294,6 +295,17 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b"
[[package]]
name = "goblin"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d6b4de4a8eb6c46a8c77e1d3be942cb9a8bf073c22374578e5ba4b08ed0ff68"
dependencies = [
"log",
"plain",
"scroll",
]
[[package]] [[package]]
name = "h2" name = "h2"
version = "0.3.19" version = "0.3.19"
@ -668,6 +680,12 @@ version = "0.3.27"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964"
[[package]]
name = "plain"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
[[package]] [[package]]
name = "proc-macro2" name = "proc-macro2"
version = "1.0.58" version = "1.0.58"
@ -791,6 +809,26 @@ dependencies = [
"windows-sys 0.42.0", "windows-sys 0.42.0",
] ]
[[package]]
name = "scroll"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da"
dependencies = [
"scroll_derive",
]
[[package]]
name = "scroll_derive"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bdbda6ac5cd1321e724fa9cee216f3a61885889b896f073b8f82322789c5250e"
dependencies = [
"proc-macro2",
"quote",
"syn 1.0.109",
]
[[package]] [[package]]
name = "security-framework" name = "security-framework"
version = "2.9.1" version = "2.9.1"

8
Cargo.toml
View File

@ -8,9 +8,17 @@ crate-type = ["cdylib"]
[[bin]] [[bin]]
name = "standalone" name = "standalone"
path = "src/main.rs"
[dependencies] [dependencies]
frida = { version = "0.4.0", features = ["auto-download"] } frida = { version = "0.4.0", features = ["auto-download"] }
frida-sys = { version = "0.4.0", features = ["auto-download", "frida-build"] } frida-sys = { version = "0.4.0", features = ["auto-download", "frida-build"] }
lazy_static = "1.4.0" lazy_static = "1.4.0"
ctor = "0.2.0" ctor = "0.2.0"
# [target.'cfg(unix)'.build-dependencies]
# [target.'cfg(windows)'.build-dependencies]
# pelite = "0.10.0"
[build-dependencies]
goblin = "0.6.1"

54
build.rs
View File

@ -1,16 +1,62 @@
use std::env; use std::env;
fn main() { fn main() {
// Set the environment variable
env::set_var("MY_STRING", "Hello, world!");
if let Ok(code_file) = env::var("FRIDA_CODE_FILE") { if let Ok(code_file) = env::var("FRIDA_CODE_FILE") {
env::set_var("FRIDA_CODE", &std::fs::read_to_string(&code_file).unwrap()); env::set_var("FRIDA_CODE", &std::fs::read_to_string(&code_file).unwrap());
println!("cargo:warning=Using code from file: {}", &code_file); println!("cargo:warning=Using code from file: {}", &code_file);
} else if env::var("FRIDA_CODE").is_ok() { } else if env::var("FRIDA_CODE").is_ok() {
println!("cargo:warning=Using code from environment variable: FRIDA_CODE"); println!("cargo:warning=Using code from environment variable: FRIDA_CODE");
} else { } else {
println!("cargo:error=Please set FRIDA_CODE or FRIDA_CODE_FILE environment variable"); println!("Please set FRIDA_CODE or FRIDA_CODE_FILE environment variable");
std::process::exit(1); std::process::exit(1);
} }
if let Ok(lib_path) = env::var("LIB_PROXY") {
// let mut exports = Vec::new();
// let mut dllsystem: &str;
// let mut pragma: Vec<String> = Vec::new();
use goblin::Object::{self, Elf, PE, Mach, Archive, Unknown};
// use goblin::mach::{MultiArch, MachO};
// #[cfg(windows)]
// use pelite::{FileMap, PeFile, Wrap};
// #[cfg(windows)]
// match PeFile::from_bytes(&file_map) {
// Ok(Wrap::T32(file)) => {
// exports = dump_export32(file);
// dllsystem = "x86";
// }
// Ok(Wrap::T64(file)) => {
// exports = dump_export64(file);
// dllsystem = "amd64";
// }
// Err(err) => {
// println!("Error: {}", err);
// std::process::exit(1);
// }
// }
let path = std::path::Path::new(&lib_path);
let lib_name = path.file_name().unwrap().to_str().unwrap();
let lib_bytes = std::fs::read(path).expect(format!("Failed to open given library file {}", &lib_name).as_str());
let object = Object::parse(&lib_bytes).expect(format!("Failed to parse given libary file {}", &lib_name).as_str());
let exports: Vec<&str> = match object {
// Elf(o) => { o.dynsyms.iter().map(|e| e.st_name.clone()).collect() },
PE(o) => { o.exports.iter().map(|e| e.name.unwrap().clone()).collect() },
Mach(_o) => { println!("Mach binaries are not supported yet"); std::process::exit(1); },
Archive(_o) => { println!("Archive files are not supported"); std::process::exit(1); },
_ => { println!("Unknown file format"); std::process::exit(1); },
};
for e in exports.iter() {
println!("cargo:warning=Exported function: {}", e);
println!("cargo:rustc-link-lib=dylib=orig.{}", lib_name);
println!("cargo:rustc-link-arg=/EXPORT:{}=orig.{}.{}", e, lib_name, e);
}
}
} }

2
src/injector.rs
View File

@ -42,7 +42,7 @@ pub fn inject(pid: u32) {
#[no_mangle] #[no_mangle]
pub fn inject_self() { pub fn inject_self() {
println!("[*] Attaching to self self"); println!("[*] Attaching to self (pid 0)");
inject(0); inject(0);
} }