Make the injector work on windows - dll proxying still behaving weird

src/injector.rs

@@ -5,51 +5,55 @@ lazy_static! {
 	static ref FRIDA: Frida = unsafe { Frida::obtain() };
 }
 
-const FRIDA_CODE: &str = env!("FRIDA_CODE", "Please set FRIDA_CODE environment variable");
-
 #[no_mangle]
-pub fn inject(pid: u32) {
-	let device_manager = DeviceManager::obtain(&FRIDA);
+pub fn attach(pid: u32) {
+	let frida_code = env!("FRIDA_CODE").to_string();
+	println!("[*] Injecting into PID: {}", pid);
 
-	if let Some(device) = device_manager.enumerate_all_devices().first() {
-		println!("[*] First device: {}", device.get_name());
+	std::thread::spawn(move || {
+		let device_manager = DeviceManager::obtain(&FRIDA);
+		println!("[*] Device Manager obtained");
 
-		let session = device.attach(pid).unwrap();
+		if let Some(device) = device_manager.enumerate_all_devices().first() {
+			println!("[*] First device: {}", device.get_name());
 
-		if !session.is_detached() {
-			println!("[*] Attached");
+			let session = device.attach(pid).unwrap();
 
-			let mut script_option = ScriptOption::new()
-				// .set_name("frida-deepfreeze-rs")
-				.set_runtime(ScriptRuntime::QJS);
-			let script = session
-				.create_script(FRIDA_CODE, &mut script_option)
-				.unwrap();
+			if !session.is_detached() {
+				println!("[*] Attached");
 
-			script.handle_message(&mut Handler).unwrap();
+				let mut script_option = ScriptOption::new()
+					.set_name("frida-deepfreeze-rs")
+					.set_runtime(ScriptRuntime::QJS);
+				println!("[*] Script {}", frida_code);
+				let script = session
+					.create_script(&frida_code, &mut script_option)
+					.unwrap();
 
-			script.load().unwrap();
-			println!("[*] Script loaded");
+				script.handle_message(&mut Handler).unwrap();
 
-			script.unload().unwrap();
-			println!("[*] Script unloaded");
-
-			session.detach().unwrap();
-			println!("[*] Session detached");
-		}
-	};
+				script.load().unwrap();
+				println!("[*] Script loaded");
+			}
+		} else {
+			println!("[!] No device found!");
+		};
+	});
 }
 
 #[no_mangle]
-pub fn inject_self() {
-	println!("[*] Attaching to self (pid 0)");
-	inject(0);
+pub fn attach_self() {
+	println!("[*] Attaching to self");
+	// #[cfg(windows)]
+	// attach(std::process::id());
+	// #[cfg(unix)]
+	attach(0);
 }
 
 struct Handler;
 
 impl ScriptHandler for Handler {
 	fn on_message(&mut self, message: &str) {
-		println!("[<] {message}");
+		eprintln!("[<] {message}");
 	}
 }

src/lib.rs

@@ -1,11 +1,38 @@
 pub mod injector;
 
-pub use injector::{inject, inject_self};
+pub use injector::{attach, attach_self};
 
+#[cfg(unix)]
 use ctor::ctor;
 
+#[cfg(unix)]
 #[ctor]
 fn _start() {
-	println!("[+] frida-deepfreeze-rs SO injected");
-	inject_self();
+	println!("[+] frida-deepfreeze-rs library injected");
+	attach_self();
+}
+
+// For some reason ctor doesn't work on Windows - it hangs the process
+// during DeviceManager::obtain. DllMain works fine though.
+#[cfg(windows)]
+use std::ffi::c_void;
+
+#[cfg(windows)]
+use winapi::um::winnt::DLL_PROCESS_ATTACH;
+
+#[cfg(windows)]
+#[no_mangle]
+#[allow(non_snake_case, unused_variables)]
+extern "system" fn DllMain(dll_module: *mut c_void, call_reason: u32, _: *mut ()) -> bool {
+	match call_reason {
+		DLL_PROCESS_ATTACH => {
+			println!("[+] frida-deepfreeze-rs DLL injected");
+			attach_self();
+
+		}
+		// Maybe we should detach? Is it useful?
+		_ => ()
+	}
+
+	true
 }

src/main.rs

@@ -1,5 +1,5 @@
 pub mod injector;
-pub use injector::inject;
+pub use injector::attach;
 
 fn main() {
 	let args: Vec<String> = std::env::args().collect();
@@ -10,5 +10,5 @@ fn main() {
 	}
 
 	let pid: u32 = args[1].parse().unwrap();
-	inject(pid);
+	attach(pid);
 }