From a5880b5bed521022572d8966693033cb1598c86d Mon Sep 17 00:00:00 2001 From: Dimitris Zervas Date: Tue, 23 May 2023 19:41:28 +0300 Subject: [PATCH] Simplify the code (use ctor for all targets) and add a readme --- Cargo.toml | 8 +++----- README.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ build.rs | 6 +++--- src/lib.rs | 29 ----------------------------- 4 files changed, 57 insertions(+), 37 deletions(-) create mode 100644 README.md diff --git a/Cargo.toml b/Cargo.toml index 46a1ec2..5be0fa6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,13 +6,11 @@ edition = "2021" [lib] crate-type = ["cdylib"] +[[bin]] +name = "standalone" + [dependencies] frida = { version = "0.4.0", features = ["auto-download"] } frida-sys = { version = "0.4.0", features = ["auto-download", "frida-build"] } lazy_static = "1.4.0" - -# [target.'cfg(unix)'.dependencies] ctor = "0.2.0" - -# [target.'cfg(windows)'.dependencies] -# winapi = "0.3.9" diff --git a/README.md b/README.md new file mode 100644 index 0000000..3693d16 --- /dev/null +++ b/README.md @@ -0,0 +1,51 @@ +# frida-deepfreeze-rs + +Have you ever written a frida script this good, that you wanted to make it permanent? +Well, now you can! + +frida-deepfreeze-rs is a tool that allows you to convert your frida scripts into +either a standalone executable that when called with a PID injects itself and runs +the script or a shared library that can be somehow injected to a process and runs +the script. + +All desktop platforms are supported (Windows, Linux, macOS). + +## Usage + +You're gonna have to compile the tool yourself as the frida script gets embedded +at compile time. + +You only need a working cargo installation to compile it, it's quite simple. + +You can feed your script either as a string using the `FRIDA_CODE` environment +variable or as a file using the `FRIDA_CODE_FILE` environment variable. + +### Standalone executable + +```bash +git clone https://github.com/dzervas/frida-deepfreeze-rs +FRIDA_CODE='console.log("Hello world from frida-deepfreeze-rs!")' cargo run --bin standalone -- 1234 +``` + +The binary is located at `target/debug/standalone` (`.exe` for windows). + +### Shared library + +```bash +git clone https://github.com/dzervas/frida-deepfreeze-rs +FRIDA_CODE='console.log("Hello world from frida-deepfreeze-rs!")' cargo build --lib +LD_PRELOAD=target/debug/libfrida_deepfreeze_rs.so cat +# rundll32.exe target/debug/frida_deepfreeze_rs.dll,inject_self 1234 (windows equivalent) +``` + +The resulting library is located at `target/debug/libfrida_deepfreeze_rs.so` +(`.dll` for windows). You can inject it using your favorite injector. + +There are two exported functions: + +```c +void inject(uint32_t pid); // Run the frida script in the process with the given pid +void inject_self(); // Run the frida script in the process that called the function +``` + +By default, on load the library will call `inject_self()`. diff --git a/build.rs b/build.rs index 6ee3452..2ce848d 100644 --- a/build.rs +++ b/build.rs @@ -6,11 +6,11 @@ fn main() { if let Ok(code_file) = env::var("FRIDA_CODE_FILE") { env::set_var("FRIDA_CODE", &std::fs::read_to_string(&code_file).unwrap()); - eprintln!("Using code from file: {}", &code_file); + println!("cargo:warning=Using code from file: {}", &code_file); } else if env::var("FRIDA_CODE").is_ok() { - eprintln!("Using code from environment variable: FRIDA_CODE"); + println!("cargo:warning=Using code from environment variable: FRIDA_CODE"); } else { - eprintln!("Please set FRIDA_CODE or FRIDA_CODE_FILE environment variable"); + println!("cargo:error=Please set FRIDA_CODE or FRIDA_CODE_FILE environment variable"); std::process::exit(1); } } diff --git a/src/lib.rs b/src/lib.rs index c94ec00..d21dc4c 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -2,39 +2,10 @@ pub mod injector; pub use injector::{inject, inject_self}; -// #[cfg(unix)] use ctor::ctor; -// #[cfg(unix)] #[ctor] fn _start() { println!("[+] frida-deepfreeze-rs SO injected"); inject_self(); } - -/* -#[cfg(windows)] -use std::ptr; -#[cfg(windows)] -use std::ffi::c_void; -#[cfg(windows)] -use winapi::um::libloaderapi::{DllMain, DLL_PROCESS_ATTACH, DLL_PROCESS_DETACH, DLL_THREAD_ATTACH, DLL_THREAD_DETACH}; - -#[allow(non_snake_case)] -#[cfg(windows)] -#[no_mangle] -pub extern "system" fn DllMain(hinstDLL: *mut c_void, fdwReason: u32, _: *mut c_void) -> i32 { - match fdwReason { - DLL_PROCESS_ATTACH => { - println!("[+] frida-deepfreeze-rs DLL injected"); - inject_self(); - } - // DLL_PROCESS_DETACH => {} - // DLL_THREAD_ATTACH => {} - // DLL_THREAD_DETACH => {} - _ => {} - } - - 1 -} -*/