Skip to main content

InjectorHandler

vmi::utils::injector

Struct InjectorHandler 

Source 
pub struct InjectorHandler<Os, Mode, T, Bridge = ()>
where
    Os: InjectorExecutionAdapter<Mode, T, Bridge>,
    Mode: ExecutionMode,
    Bridge: BridgeDispatch<Os, u64>,
{ /* private fields */ }
Available on crate features utils and injector only.
Expand description

Generic injector handler that delegates to an OS- and mode-specific implementation.

Prefer the KernelInjectorHandler and UserInjectorHandler type aliases for the common case without a bridge. When a custom BridgeDispatch is needed, use this type directly with an explicit Bridge parameter.

Implementations§

Source§

impl<Os, Mode, T, Bridge> InjectorHandler<Os, Mode, T, Bridge>
where Os: InjectorExecutionAdapter<Mode, T, Bridge>, Mode: ExecutionMode, Bridge: BridgeDispatch<Os, u64>,

Source

pub fn new( vmi: &VmiSession<'_, Os>, recipe: Recipe<Os, T>, ) -> Result<InjectorHandler<Os, Mode, T, Bridge>, VmiError>
where Bridge: Default,

Creates a new injector handler with a default (no-op) bridge.

Examples found in repository?
examples/windows-recipe-messagebox.rs (lines 95-101)
65fn main() -> Result<(), Box<dyn std::error::Error>> {
66    let (session, _profile) = common::create_vmi_session()?;
67
68    let explorer_pid = {
69        // This block is used to drop the pause guard after the PID is found.
70        // If the `session.handle()` would be called with the VM paused, no
71        // events would be triggered.
72        let _pause_guard = session.pause_guard()?;
73
74        let registers = session.registers(VcpuId(0))?;
75        let vmi = session.with_registers(&registers);
76
77        let explorer = match common::find_process(&vmi, "explorer.exe")? {
78            Some(explorer) => explorer,
79            None => {
80                tracing::error!("explorer.exe not found");
81                return Ok(());
82            }
83        };
84
85        tracing::info!(
86            pid = %explorer.id()?,
87            object = %explorer.object()?,
88            "found explorer.exe"
89        );
90
91        explorer.id()?
92    };
93
94    session.handle(|session| {
95        UserInjectorHandler::new(
96            session,
97            recipe_factory(MessageBox::new(
98                "Hello, World!",
99                "This is a message box from the VMI!",
100            )),
101        )?
102        .with_pid(explorer_pid)
103    })?;
104
105    Ok(())
106}
More examples
Hide additional examples
examples/windows-recipe-writefile.rs (lines 233-239)
203fn main() -> Result<(), Box<dyn std::error::Error>> {
204    let (session, _profile) = common::create_vmi_session()?;
205
206    let explorer_pid = {
207        // This block is used to drop the pause guard after the PID is found.
208        // If the `session.handle()` would be called with the VM paused, no
209        // events would be triggered.
210        let _pause_guard = session.pause_guard()?;
211
212        let registers = session.registers(VcpuId(0))?;
213        let vmi = session.with_registers(&registers);
214
215        let explorer = match common::find_process(&vmi, "explorer.exe")? {
216            Some(explorer) => explorer,
217            None => {
218                tracing::error!("explorer.exe not found");
219                return Ok(());
220            }
221        };
222
223        tracing::info!(
224            pid = %explorer.id()?,
225            object = %explorer.object()?,
226            "found explorer.exe"
227        );
228
229        explorer.id()?
230    };
231
232    session.handle(|session| {
233        UserInjectorHandler::new(
234            session,
235            recipe_factory(GuestFile::new(
236                "C:\\Users\\John\\Desktop\\test.txt",
237                "Hello, World!".as_bytes(),
238            )),
239        )?
240        .with_pid(explorer_pid)
241    })?;
242
243    Ok(())
244}
examples/windows-recipe-writefile-advanced.rs (lines 336-342)
301fn main() -> Result<(), Box<dyn std::error::Error>> {
302    let (session, _profile) = common::create_vmi_session()?;
303
304    let explorer_pid = {
305        // This block is used to drop the pause guard after the PID is found.
306        // If the `session.handle()` would be called with the VM paused, no
307        // events would be triggered.
308        let _pause_guard = session.pause_guard()?;
309
310        let registers = session.registers(VcpuId(0))?;
311        let vmi = session.with_registers(&registers);
312
313        let explorer = match common::find_process(&vmi, "explorer.exe")? {
314            Some(explorer) => explorer,
315            None => {
316                tracing::error!("explorer.exe not found");
317                return Ok(());
318            }
319        };
320
321        tracing::info!(
322            pid = %explorer.id()?,
323            object = %explorer.object()?,
324            "found explorer.exe"
325        );
326
327        explorer.id()?
328    };
329
330    let mut content = Vec::new();
331    for c in 'A'..='Z' {
332        content.extend((0..2049).map(|_| c as u8).collect::<Vec<_>>());
333    }
334
335    session.handle(|session| {
336        UserInjectorHandler::new(
337            session,
338            recipe_factory(GuestFile::new(
339                "C:\\Users\\John\\Desktop\\test.txt",
340                content,
341            )),
342        )?
343        .with_pid(explorer_pid)
344    })?;
345
346    Ok(())
347}
Source

pub fn with_bridge( vmi: &VmiSession<'_, Os>, bridge: Bridge, recipe: Recipe<Os, T>, ) -> Result<InjectorHandler<Os, Mode, T, Bridge>, VmiError>

Creates a new injector handler with a custom bridge for guest-host communication.

Source

pub fn with_pid( self, pid: ProcessId, ) -> Result<InjectorHandler<Os, Mode, T, Bridge>, VmiError>

Restricts injection to a specific process.

Examples found in repository?
examples/windows-recipe-messagebox.rs (line 102)
65fn main() -> Result<(), Box<dyn std::error::Error>> {
66    let (session, _profile) = common::create_vmi_session()?;
67
68    let explorer_pid = {
69        // This block is used to drop the pause guard after the PID is found.
70        // If the `session.handle()` would be called with the VM paused, no
71        // events would be triggered.
72        let _pause_guard = session.pause_guard()?;
73
74        let registers = session.registers(VcpuId(0))?;
75        let vmi = session.with_registers(&registers);
76
77        let explorer = match common::find_process(&vmi, "explorer.exe")? {
78            Some(explorer) => explorer,
79            None => {
80                tracing::error!("explorer.exe not found");
81                return Ok(());
82            }
83        };
84
85        tracing::info!(
86            pid = %explorer.id()?,
87            object = %explorer.object()?,
88            "found explorer.exe"
89        );
90
91        explorer.id()?
92    };
93
94    session.handle(|session| {
95        UserInjectorHandler::new(
96            session,
97            recipe_factory(MessageBox::new(
98                "Hello, World!",
99                "This is a message box from the VMI!",
100            )),
101        )?
102        .with_pid(explorer_pid)
103    })?;
104
105    Ok(())
106}
More examples
Hide additional examples
examples/windows-recipe-writefile.rs (line 240)
203fn main() -> Result<(), Box<dyn std::error::Error>> {
204    let (session, _profile) = common::create_vmi_session()?;
205
206    let explorer_pid = {
207        // This block is used to drop the pause guard after the PID is found.
208        // If the `session.handle()` would be called with the VM paused, no
209        // events would be triggered.
210        let _pause_guard = session.pause_guard()?;
211
212        let registers = session.registers(VcpuId(0))?;
213        let vmi = session.with_registers(&registers);
214
215        let explorer = match common::find_process(&vmi, "explorer.exe")? {
216            Some(explorer) => explorer,
217            None => {
218                tracing::error!("explorer.exe not found");
219                return Ok(());
220            }
221        };
222
223        tracing::info!(
224            pid = %explorer.id()?,
225            object = %explorer.object()?,
226            "found explorer.exe"
227        );
228
229        explorer.id()?
230    };
231
232    session.handle(|session| {
233        UserInjectorHandler::new(
234            session,
235            recipe_factory(GuestFile::new(
236                "C:\\Users\\John\\Desktop\\test.txt",
237                "Hello, World!".as_bytes(),
238            )),
239        )?
240        .with_pid(explorer_pid)
241    })?;
242
243    Ok(())
244}
examples/windows-recipe-writefile-advanced.rs (line 343)
301fn main() -> Result<(), Box<dyn std::error::Error>> {
302    let (session, _profile) = common::create_vmi_session()?;
303
304    let explorer_pid = {
305        // This block is used to drop the pause guard after the PID is found.
306        // If the `session.handle()` would be called with the VM paused, no
307        // events would be triggered.
308        let _pause_guard = session.pause_guard()?;
309
310        let registers = session.registers(VcpuId(0))?;
311        let vmi = session.with_registers(&registers);
312
313        let explorer = match common::find_process(&vmi, "explorer.exe")? {
314            Some(explorer) => explorer,
315            None => {
316                tracing::error!("explorer.exe not found");
317                return Ok(());
318            }
319        };
320
321        tracing::info!(
322            pid = %explorer.id()?,
323            object = %explorer.object()?,
324            "found explorer.exe"
325        );
326
327        explorer.id()?
328    };
329
330    let mut content = Vec::new();
331    for c in 'A'..='Z' {
332        content.extend((0..2049).map(|_| c as u8).collect::<Vec<_>>());
333    }
334
335    session.handle(|session| {
336        UserInjectorHandler::new(
337            session,
338            recipe_factory(GuestFile::new(
339                "C:\\Users\\John\\Desktop\\test.txt",
340                content,
341            )),
342        )?
343        .with_pid(explorer_pid)
344    })?;
345
346    Ok(())
347}

Trait Implementations§

Source§

impl<Os, Mode, T, Bridge> VmiHandler<Os> for InjectorHandler<Os, Mode, T, Bridge>
where Os: InjectorExecutionAdapter<Mode, T, Bridge>, Mode: ExecutionMode, Bridge: BridgeDispatch<Os, u64>,

Source§

type Output = <<Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler as VmiHandler<Os>>::Output

The output type of the handler.
Source§

fn handle_event( &mut self, vmi: VmiContext<'_, Os>, ) -> VmiEventResponse<<Os as VmiOs>::Architecture>

Called for each VMI event. Read more
Source§

fn poll( &self, ) -> Option<<InjectorHandler<Os, Mode, T, Bridge> as VmiHandler<Os>>::Output>

Checks if the handler has completed. Read more
Source§

fn handle_timeout(&mut self, _session: &VmiSession<'_, Os>)

Called when the event loop times out waiting for the next event. Read more
Source§

fn handle_interrupted(&mut self, _session: &VmiSession<'_, Os>)

Called when the event loop is interrupted by a signal. Read more
Source§

fn cleanup(&mut self, _session: &VmiSession<'_, Os>)

Called once before the session tears down monitoring. Read more

Auto Trait Implementations§

§

impl<Os, Mode, T, Bridge> Freeze for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: Freeze,

§

impl<Os, Mode, T, Bridge> RefUnwindSafe for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: RefUnwindSafe, Os: RefUnwindSafe, Mode: RefUnwindSafe, T: RefUnwindSafe, Bridge: RefUnwindSafe,

§

impl<Os, Mode, T, Bridge> Send for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: Send, Os: Send, Mode: Send, T: Send, Bridge: Send,

§

impl<Os, Mode, T, Bridge> Sync for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: Sync, Os: Sync, Mode: Sync, T: Sync, Bridge: Sync,

§

impl<Os, Mode, T, Bridge> Unpin for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: Unpin, Os: Unpin, Mode: Unpin, T: Unpin, Bridge: Unpin,

§

impl<Os, Mode, T, Bridge> UnsafeUnpin for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: UnsafeUnpin,

§

impl<Os, Mode, T, Bridge> UnwindSafe for InjectorHandler<Os, Mode, T, Bridge>
where <Os as InjectorExecutionAdapter<Mode, T, Bridge>>::Handler: UnwindSafe, Os: UnwindSafe, Mode: UnwindSafe, T: UnwindSafe, Bridge: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> ArchivePointee for T

Source§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
Source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> LayoutRaw for T

Source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
Source§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

Source§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
Source§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
Source§

impl<T> Pointee for T

Source§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more