cross process communication

This commit is contained in:
pozm 2024-01-30 20:20:04 +00:00
parent 48fde349b7
commit 6e5f96fd72
No known key found for this signature in database
GPG Key ID: 5AB655AFC8AAA822
4 changed files with 322 additions and 25 deletions

296
Cargo.lock generated
View File

@ -8,13 +8,22 @@ version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
[[package]]
name = "bincode"
version = "1.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad"
dependencies = [
"serde",
]
[[package]]
name = "bindgen"
version = "0.68.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "726e4313eb6ec35d2730258ad4e15b547ee75d6afaa1361a922e78e59b7d8078"
dependencies = [
"bitflags",
"bitflags 2.4.1",
"cexpr",
"clang-sys",
"lazy_static",
@ -27,7 +36,7 @@ dependencies = [
"regex",
"rustc-hash",
"shlex",
"syn",
"syn 2.0.48",
"which",
]
@ -39,9 +48,15 @@ checksum = "a26b8cea8bb6a81b75a84603b9e096f05fa86db057904ef29be1deee900532bd"
dependencies = [
"proc-macro2",
"quote",
"syn",
"syn 2.0.48",
]
[[package]]
name = "bitflags"
version = "1.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]]
name = "bitflags"
version = "2.4.1"
@ -74,6 +89,18 @@ dependencies = [
"libloading",
]
[[package]]
name = "const_panic"
version = "0.2.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6051f239ecec86fde3410901ab7860d458d160371533842974fc61f96d15879b"
[[package]]
name = "core-foundation-sys"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f"
[[package]]
name = "crossbeam"
version = "0.8.2"
@ -141,6 +168,16 @@ dependencies = [
"cfg-if",
]
[[package]]
name = "cstr"
version = "0.2.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8aa998c33a6d3271e3678950a22134cd7dd27cef86dee1b611b5b14207d1d90b"
dependencies = [
"proc-macro2",
"quote",
]
[[package]]
name = "ctor"
version = "0.2.6"
@ -148,7 +185,30 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30d2b3721e861707777e3195b0158f950ae6dc4a27e4d02ff9f67e3eb3de199e"
dependencies = [
"quote",
"syn",
"syn 2.0.48",
]
[[package]]
name = "dll-syringe"
version = "0.15.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bdc807201d54de75e9bd7ad199d0031048625059f84acfc94506bdb13c0b4f59"
dependencies = [
"bincode",
"cstr",
"goblin",
"iced-x86",
"konst",
"num_enum",
"path-absolutize",
"same-file",
"serde",
"shrinkwraprs",
"stopwatch2",
"sysinfo",
"thiserror",
"widestring",
"winapi",
]
[[package]]
@ -178,6 +238,7 @@ name = "gdke"
version = "0.1.0"
dependencies = [
"crossbeam",
"dll-syringe",
"poggers",
"windows",
]
@ -196,6 +257,17 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b"
[[package]]
name = "goblin"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d6b4de4a8eb6c46a8c77e1d3be942cb9a8bf073c22374578e5ba4b08ed0ff68"
dependencies = [
"log",
"plain",
"scroll",
]
[[package]]
name = "hashbrown"
version = "0.14.3"
@ -211,6 +283,15 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "iced-x86"
version = "1.21.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7c447cff8c7f384a7d4f741cfcff32f75f3ad02b406432e8d6c878d56b1edf6b"
dependencies = [
"lazy_static",
]
[[package]]
name = "indexmap"
version = "2.1.0"
@ -221,6 +302,35 @@ dependencies = [
"hashbrown",
]
[[package]]
name = "itertools"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f56a2d0bc861f9165be4eb3442afd3c236d8a98afd426f65d92324ae1091a484"
dependencies = [
"either",
]
[[package]]
name = "konst"
version = "0.3.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d712a8c49d4274f8d8a5cf61368cb5f3c143d149882b1a2918129e53395fdb0"
dependencies = [
"const_panic",
"konst_kernel",
"typewit",
]
[[package]]
name = "konst_kernel"
version = "0.3.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dac6ea8c376b6e208a81cf39b8e82bebf49652454d98a4829e907dac16ef1790"
dependencies = [
"typewit",
]
[[package]]
name = "lazy_static"
version = "1.4.0"
@ -308,18 +418,71 @@ dependencies = [
"minimal-lexical",
]
[[package]]
name = "ntapi"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e8a3895c6391c39d7fe7ebc444a87eb2991b2a0bc718fdabd071eec617fc68e4"
dependencies = [
"winapi",
]
[[package]]
name = "num_enum"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7a015b430d3c108a207fd776d2e2196aaf8b1cf8cf93253e3a097ff3085076a1"
dependencies = [
"num_enum_derive",
]
[[package]]
name = "num_enum_derive"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "96667db765a921f7b295ffee8b60472b686a51d4f21c2ee4ffdb94c7013b65a6"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.48",
]
[[package]]
name = "once_cell"
version = "1.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860"
[[package]]
name = "path-absolutize"
version = "3.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e4af381fe79fa195b4909485d99f73a80792331df0625188e707854f0b3383f5"
dependencies = [
"path-dedot",
]
[[package]]
name = "path-dedot"
version = "3.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "07ba0ad7e047712414213ff67533e6dd477af0a4e1d14fb52343e53d30ea9397"
dependencies = [
"once_cell",
]
[[package]]
name = "peeking_take_while"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099"
[[package]]
name = "plain"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
[[package]]
name = "poggers"
version = "1.1.6"
@ -342,7 +505,7 @@ dependencies = [
"proc-macro-crate",
"proc-macro2",
"quote",
"syn",
"syn 2.0.48",
]
[[package]]
@ -352,7 +515,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ae005bd773ab59b4725093fd7df83fd7892f7d8eafb48dbd7de6e024e4215f9d"
dependencies = [
"proc-macro2",
"syn",
"syn 2.0.48",
]
[[package]]
@ -410,25 +573,104 @@ version = "0.38.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d7db8590df6dfcd144d22afd1b83b36c21a18d7cbc1dc4bb5295a8712e9eb662"
dependencies = [
"bitflags",
"bitflags 2.4.1",
"errno",
"libc",
"linux-raw-sys",
"windows-sys 0.48.0",
]
[[package]]
name = "same-file"
version = "1.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
dependencies = [
"winapi-util",
]
[[package]]
name = "scopeguard"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
[[package]]
name = "scroll"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da"
dependencies = [
"scroll_derive",
]
[[package]]
name = "scroll_derive"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.48",
]
[[package]]
name = "serde"
version = "1.0.196"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "870026e60fa08c69f064aa766c10f10b1d62db9ccd4d0abb206472bee0ce3b32"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.196"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33c85360c95e7d137454dc81d9a4ed2b8efd8fbe19cee57357b32b9771fccb67"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.48",
]
[[package]]
name = "shlex"
version = "1.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a7cee0529a6d40f580e7a5e6c495c8fbfe21b7b52795ed4bb5e62cdf92bc6380"
[[package]]
name = "shrinkwraprs"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e63e6744142336dfb606fe2b068afa2e1cca1ee6a5d8377277a92945d81fa331"
dependencies = [
"bitflags 1.3.2",
"itertools",
"proc-macro2",
"quote",
"syn 1.0.109",
]
[[package]]
name = "stopwatch2"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "911ece10388afa48417f99e01df038460b6249a3ee0255f6446a6881b702fbb4"
[[package]]
name = "syn"
version = "1.0.109"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "syn"
version = "2.0.48"
@ -440,6 +682,20 @@ dependencies = [
"unicode-ident",
]
[[package]]
name = "sysinfo"
version = "0.29.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd727fc423c2060f6c92d9534cef765c65a6ed3f428a03d7def74a8c4348e666"
dependencies = [
"cfg-if",
"core-foundation-sys",
"libc",
"ntapi",
"once_cell",
"winapi",
]
[[package]]
name = "thiserror"
version = "1.0.56"
@ -457,7 +713,7 @@ checksum = "fa0faa943b50f3db30a20aa7e265dbc66076993efed8463e8de414e5d06d3471"
dependencies = [
"proc-macro2",
"quote",
"syn",
"syn 2.0.48",
]
[[package]]
@ -477,6 +733,21 @@ dependencies = [
"winnow",
]
[[package]]
name = "typewit"
version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c6fb9ae6a3cafaf0a5d14c2302ca525f9ae8e07a0f0e6949de88d882c37a6e24"
dependencies = [
"typewit_proc_macros",
]
[[package]]
name = "typewit_proc_macros"
version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e36a83ea2b3c704935a01b4642946aadd445cea40b10935e3f8bd8052b8193d6"
[[package]]
name = "unicode-ident"
version = "1.0.6"
@ -517,6 +788,15 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
[[package]]
name = "winapi-util"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596"
dependencies = [
"winapi",
]
[[package]]
name = "winapi-x86_64-pc-windows-gnu"
version = "0.4.0"

View File

@ -22,6 +22,9 @@ strip = false
windows = { features = [
"Win32_Foundation",
"Win32_System",
"Wdk",
"Wdk_System",
"Wdk_System_Threading",
"Win32_System_Threading",
"Win32_System_Diagnostics",
"Win32_System_Diagnostics_Debug",
@ -31,6 +34,6 @@ windows = { features = [
"Win32_System_ProcessStatus",
"Win32_Security",
], version = "0.52" }
# dll-syringe = "*"
dll-syringe = "*"
poggers = { version = "*", path = "../poggers" }
crossbeam = "0.8.2"

View File

@ -1,4 +1,12 @@
use std::{net::UdpSocket, time::Duration};
#[poggers_derive::create_entry(no_free)]
pub fn main() {
println!("hi");
let sock = UdpSocket::bind("127.0.0.1:29849").unwrap();
let mut buf = [1; 1];
sock.connect("127.0.0.1:28713").expect("uanble to connect");
println!("sending data");
std::thread::sleep(Duration::from_secs(2));
sock.send(&buf);
}

View File

@ -3,16 +3,13 @@ use std::{
error::Error,
ffi::{c_void, CStr, CString},
mem::{size_of, transmute},
net::UdpSocket,
ptr::{addr_of, null, null_mut},
time::Duration,
};
use dll_syringe::{process::OwnedProcess, Syringe};
use poggers::{structures::process::Process, traits::Mem};
use windows::Win32::System::{
Diagnostics::Debug::{GetThreadContext, CONTEXT, IMAGE_NT_HEADERS64},
Threading::{ResumeThread, SuspendThread},
};
use windows::{
core::{PCSTR, PSTR},
Win32::{
@ -21,13 +18,19 @@ use windows::{
ProcessStatus::{K32GetModuleInformation, MODULEINFO},
SystemServices::IMAGE_DOS_HEADER,
Threading::{
CreateProcessA, NtQueryInformationProcess, ProcessBasicInformation,
TerminateProcess, CREATE_SUSPENDED, PEB, PROCESS_BASIC_INFORMATION,
CreateProcessA, TerminateProcess, CREATE_SUSPENDED, PEB, PROCESS_BASIC_INFORMATION,
PROCESS_INFORMATION, STARTUPINFOA,
},
},
},
};
use windows::{
Wdk::System::Threading::{NtQueryInformationProcess, ProcessBasicInformation},
Win32::System::{
Diagnostics::Debug::{GetThreadContext, CONTEXT, IMAGE_NT_HEADERS64},
Threading::{ResumeThread, SuspendThread},
},
};
fn create_pstr(c_str: &CStr) -> PSTR {
PSTR::from_raw(c_str.as_ptr() as *mut u8)
@ -82,20 +85,23 @@ pub unsafe fn spawn_and_inject(proc: &str) {
let entry_insts: [u8; 2] = proc.read(entry).expect("failed to read entry");
let pay_load: [u8; 2] = [0xEB, 0xFE];
proc.write(entry, &pay_load);
println!("{:x?}", entry_insts);
//
// resume the thread
ResumeThread(proc_info.hThread);
// wait until trapped... and inject
{
let sock = UdpSocket::bind("127.0.0.1:28713").expect("failed to bind socket");
let target = OwnedProcess::from_pid(proc.get_pid()).unwrap();
let syrnge = Syringe::for_process(target);
let injmod = syrnge.inject("./gdkeinj.dll").unwrap();
let injmod = syrnge.inject("./target/debug/gdkeinj.dll").unwrap();
// we're done. let's kill the process.
println!("waiting 2secs ");
std::thread::sleep(Duration::from_secs(2));
println!("waited 2secs, restoring..",);
println!("{:?}", injmod.handle());
proc.write(entry, &entry_insts);
// TerminateProcess(proc_info.hProcess, 1);
println!("waiting until udp is ok ");
sock.recv(&mut [0]);
}
// we're done. let's kill the process.
println!("done, restoring..",);
proc.write(entry, &entry_insts);
TerminateProcess(proc_info.hProcess, 1);
}