From c895ce4d62f8cc09e76f32cacf6e9a827113fc43 Mon Sep 17 00:00:00 2001 From: Zoe Date: Fri, 22 Oct 2021 08:55:06 +0800 Subject: [PATCH] :tada: change example to examples; add demo picture --- .cargo/config | 2 +- Cargo.toml | 6 +++++- README.md | 21 ++++++++++++++++++++- example/.cargo/config | 2 -- example/Cargo.toml | 13 ------------- example/src/lib.rs => examples/hellobox.rs | 2 +- hello-box-demo.png | Bin 0 -> 4049 bytes 7 files changed, 27 insertions(+), 19 deletions(-) delete mode 100644 example/.cargo/config delete mode 100644 example/Cargo.toml rename example/src/lib.rs => examples/hellobox.rs (92%) create mode 100644 hello-box-demo.png diff --git a/.cargo/config b/.cargo/config index ccc4a6c..3a249ae 100644 --- a/.cargo/config +++ b/.cargo/config @@ -1,2 +1,2 @@ [build] -target = "x86_64-pc-windows-msvc" \ No newline at end of file +target = "i686-pc-windows-msvc" \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml index 79c8103..e11ba31 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "injrs" -version = "0.1.1" +version = "0.1.2" description = "DLL injector library and tool written in Rust. Rust 实现的DLL注入工具/库。" authors = ["Zoe "] license = "Apache-2.0" @@ -8,6 +8,9 @@ edition = "2018" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html +[[example]] +name = "hellobox" +crate-type = ["cdylib"] [dependencies.winapi] @@ -16,6 +19,7 @@ features = [ "memoryapi", "minwindef", "ntdef", + "winuser", "tlhelp32", "psapi", "securitybaseapi", diff --git a/README.md b/README.md index 6fd9c10..b8f74fd 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@
+Hello Box Demo + # `injrs` **DLL injector library and tool written in Rust. Rust 实现的DLL注入工具/库** @@ -42,7 +44,24 @@ EXAMPLES: $ injrs 1888 test.dll demo.dll ``` -The code in [example](./example) is a simple message box dll for testing injector. +## DLL Demo + +The code in [examples/hellobox](./examples/hellobox) is a simple message box dll for testing injector. + +You can build with command: +```bash +cargo build --release --example hellobox +``` + +Build target will locate in: +```bash +target/i686-pc-windows-msvc/release/examples/hellobox.dll +``` + +Try to inject the demo dll to your target process: +```bash +injrs PID/PNAME target/i686-pc-windows-msvc/release/examples/hellobox.dll +``` ## Usage as library diff --git a/example/.cargo/config b/example/.cargo/config deleted file mode 100644 index ccc4a6c..0000000 --- a/example/.cargo/config +++ /dev/null @@ -1,2 +0,0 @@ -[build] -target = "x86_64-pc-windows-msvc" \ No newline at end of file diff --git a/example/Cargo.toml b/example/Cargo.toml deleted file mode 100644 index 49a768d..0000000 --- a/example/Cargo.toml +++ /dev/null @@ -1,13 +0,0 @@ -[package] -name = "example" -version = "0.1.0" -edition = "2018" - -# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html - -[lib] -crate-type = ["cdylib"] - -[dependencies] -winapi = { version = "0.3.9", features = [ "minwindef", "winnt", "libloaderapi", "winuser" ] } - diff --git a/example/src/lib.rs b/examples/hellobox.rs similarity index 92% rename from example/src/lib.rs rename to examples/hellobox.rs index 6e734a1..569c93a 100644 --- a/example/src/lib.rs +++ b/examples/hellobox.rs @@ -33,7 +33,7 @@ fn show_message_box(caption: &str, text: &str) { // define dllmain to handle the init action #[no_mangle] #[allow(non_snake_case)] -pub extern "stdcall" fn DllMain(hinst: HINSTANCE, reason: DWORD, _reserved: LPVOID) -> BOOL { +unsafe extern "system" fn DllMain(hinst: HINSTANCE, reason: DWORD, _reserved: LPVOID) -> BOOL { match reason { DLL_PROCESS_DETACH => { println!("Remove from main process."); diff --git a/hello-box-demo.png b/hello-box-demo.png new file mode 100644 index 0000000000000000000000000000000000000000..c47855072e139fb8224efa29cccfbbfe97837e15 GIT binary patch literal 4049 zcmc&%={wtL+fL97Aw;XKU1)1aOO0AeEQtoGqGGLmO$Ajd2*$1|9kqvA#u`-Y`@W2J zYKfLosuHR*wxMWij|y+vd5`DI^9MX1?%#df$9?|J^SZA4`fy&4%}fm;U{Npt0D#=Y zpv~F)ID0j6gV^6$JGdBo0}{*)^#HY_;;ZZfmnX^u1pqXp@E*CIVxM{ZF}4H%fd9q! z1swFN@Bjb=?%qVBEJK_&a&HAQ2HwTbFsE5vB8hfeW-5Tai9T%zN;1}<*tEc|^~_-K zkP-O+{FUw4=knLrY7L${2pZkQ* zBWTvnIyR(|ez$G~Ly@_M>R{~TSGAMvFbbm>O|OYn(m`NorX9Zf2!+KQVb?5XpFg%tqA0=xbAak>`#l`FPPC=F(=HG zLSesGp}kv2OUx(AR}6EU7c-@QyAS_1%1r)-VgmajS)vO`49{1dW1bV9s za5V;!Mv!bs{Z)ZP2Pl)CgmVtPSm2@W`cRDnTE|G@uo$RVi}Viv*Lou0CB zjt-(lMEM$^+KAV!l z-F*Q|Q0j}dZa^42@n1IQKTc9G8I<7{V6zoeY;;#aG)q>F#e)5FezrDPlskTf0BYBb0@+o#GPN>1viAP5D z11QZ(+Mbt6_J$%K9%d;&3(BZ7Xw_*<0^wBa3?yYZR~=w$m3nKXn$^_bLBJneZTIJl z#B6dQR8gix7v65#Iw>q}s4}&X<~4#v$o`-qE(|0!6Q23{Ul3&hj<~OfTYAPFEx=%-zT{N_XOlyt5cjDc-0JOPb71z>iyw)+IEzGqlh@Px&iV zpS*VdT%vhMRIUa+RkWcD+c%5I6AGh_LxaBUZK#Mf$~!iz{Z<~xj#l37MYl5A*Fqyr z;rZ0f?^02Gc?oz+$6l3+N1=@dPpfX-0yc<{OdrL0rv|wNGAA4=DDES?q^xllC5%tD z+Um9ZrfPDB&vb3sryW?Ed_HSVZk{?KZ9bq5N>fxLRfB_29#K*gC&p$Pb5^8fPOZ&p z7k_H!y1Bx8MJDHE9#U4?^W&%!<_WY^zp&+IPFL8jchL6o>t;psbE;)c5KxtY2AbA{ zYNnBExl6*~&ysm$uyq|3wAE2P^5#m6NSkVPan7zugs)ypZZzIjzrLC?we*!^N5Cat zMZ8++6>pf(fc&vJ=#BohZjgNxuV-Zy#IbC)cu#_0n`zZD~= z{S0z@XZn+MR2gl1vMU#_cOH7KNDtp=QbeXJ6T`wZ=N!z=wHUB7^(7iYS{ zd$uG|R4$$4Sv?c{k@It0PTy#`69+}`?{Y1r+}5(E9D}jiK%eT`Jzt08$Zb}hn$6{! zk?0EPI8Vpui@43Vw{=aRUTUR|ZheZ%B=Stn4RT$=j-z94s27#k-tF<}2 z9wR-*7A}DWD8#RGcLai3rRJ(AQLcHPTh(~dg8w0-;)dSox87P&KhKr!tJtj#ZF%Hl zMLJjGB|H6XjY6Tqanr%A0_Za3=$*HHPF6_r2f6Uq1k*>r>x8lZIw(UzWJ&NJ?GP6 z$zB(%Qnh3HebA|{SqQVM==)ntAOM1TCacAb+@~YT30Y^M(w1^Cy$UnrL$l&&?qWTl zpk6$O%tP=gH1}CB2?`hbp99ot#<4BB@9UBcGWLD#_PUeSN<|;-Pkwb}U9~erk{53T z3Ua7cChz?;<-cTFa30+mX$C1*482~BXx-o;rAJqY%Me+^^`h%iQ#}rb$enXY%ahXy z8Gusx>3U5~dZCtUQ1WQL)`J)G&3-;xcE!04O}ZxjP%WP}K_sy+kaZJ0v*YmT24na5 z!2eEL3!tPUGMQ8R6G0*Wn)>FwE61!w1fOnRv){gWfy(^g{O3)!=oZwN%%Q|PK5W+K zfVe#!s6Dkyk1rOKBNilgeN6Gj5AKUQ>lT)+d(8z$bQXSck1eek(`nx9?Yv8G-DEfp z2cCqyN=K-3DT^^qL7|saZzx%vi#E7!7d6vc)9onre8!XN82{cLqRz2C)xH1xlbFP$ zc9(SO&L3Z<R=TKywsyeS`9yD?if7y=+L}R_JW8~T+kJ~pp;OJEo zZ^OZo`)YM#n+@DD8T2|=(Kg7xQ1wUnaH;d%85fAjeTF@fMp7R8_q%iu1&8zC@z_1t z{lu88#s{);N5s^9*R7ey*4gf>2M$YJFpiSaD_rHh?7ril_Apu$Gl|F+PZ=%zoe>(ybOd-e}( z56+N2xRS1Lx4%N}B-_Y1+=UBf%JG4mUL(<$o}Vf|jeY#w<>M3|+OlNs%c^S&(O*1j zIU?K)vd3Tb_Maw&Y$Nm~aNL6rIy%CZaWTvyO&vrH|Nc<}s)ZP$spIV5vEZw7y`b;5 zGe`zLo)zvOVGJKz{RpTc7oijpYIKhQj7M?BfcwtJ3H^=%sMULY6#3sN^0Y z#)u1T-^QAtAa~qRDluh`R*NFFKR71B#}8(knM%~_U0i~hBqJfv!qJ9{mu1e^uW`eH zCN5rUYBd-IpJ$87zF)RgpxDR$F;sT7l!QZ6*)edR|F=RhHrM`hMnV2acjs`S-;NXc}a^RqmC=;{fY+9V*Ug}DucJ&&-@ z=?Yjf3S!%twavLM`9!*9$l;DxE=`_7^X5uxtWgV#!>GTW)?X{qtlFXi0fL(h+U!)7 zO;w({pEcX=-9ivrCC$&$+S)Q*&psr?VAM!_7w23A(eMm-4!n?l7AP~@mZ`zWc^fu# zdub=NZP$!HP1zSJf&^jzd=!c!p(_&PawnJ)nm>a1_IKjdi7<>sN4Sk*E-jQ4ewHqb z2Bo7)lh^J_mV_HUGyTL<1azHkvx;9&sgArMO{bqj(;8vstu{HdVRmxmu|ws7)=87t zAiLWDh~Bn2#E4+IkzFzAJzDv)Fc{k`!TdTXWg``_gWdfrLCS6R%TH3_N-Yu=)?^W! zp@?}_tz%c#R+;YBWrCv^*w>_)lcp?ktJ{#Tl3nT`aQrBBB08$*h$*kUhHvrOsRQgzpyd=_#N^T8MIMsUN-SG z_Ca2zAWlE$7k~04?b1^zcXgSXa`R~;Rc2SAA{Y>sD}8A1t)@Uah=LL^7OenXDN+fE zqy51SG3yM@fbHtFv}oDDNwp*k>kH9ZXq|6@V#_VCttq^1>W<2rBFoHxY|DH;xj68G zn!PEzAU`Jaq&{bJl&-LuZK z;e(Ya%ICieTq9js83A0Z<4TM1XkLaYaNOk8bk5|H6(FPHA3RmK3QF!@s7g_8<1P}H z8EN?mlbrpLHqwNEY~Tg|>aCEFduRGNJ=hc3q!_ywH0!|_L1WPW z^JEo@7g(_;u<+K19QaPLNqCiI7zc>%hmy7^+4P}2VElJo2jw>}` i$Wz;`cvXGs1W>vgutwQ9Tg)EA0XOwc(Y1OmvHu60vT@S@ literal 0 HcmV?d00001