search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
946 stars 194 forks source link

Embedding GUIs #320

Closed mesidex closed 1 year ago

mesidex commented 1 year ago

Hello,

I've been using frida-il2cpp for a while now with a very positive experience, and have recently come across a question: would it be possible to embed or add any kind of GUI that is able to directly modify hooked functions implemented using this package? E.g. a local WebView that will be included in the final Frida Gadget library with overlay permissions and the ability to modify values of user-defined hooked functions similar to how LGL Mod Menu has achieved?

One problem I would see is how the user would grant overlay permission (if it is necessary) since to my knowledge, Objection doesn't have arguments to specify adding permissions to the final AndroidManifest.xml file during the compilation process.

This question is mostly general in terms of Frida and Objection, but having a unified solution to deliver platform-independent mod interfaces would drastically cut time needed to implement these interfaces with all the added benefits of Frida rather than having to repeatedly (re)compile utilities like the aforementioned Mod Menu. :)

vfsfitvnm commented 1 year ago

Hi,

I have no experience in Unity APIs, but as long as they provide a windowing/overlay mechanism, it should be possible to implement a cross platform menu.

By the way, I did a similar thing in the past (on Android): my application used frida-inject to attach the script to the target application; then, my application showed a floating window and the whole IPC was done by using intents and broadcast receivers (snippet).

mesidex commented 1 year ago

Hey,

Thank you for your swift response - I'm glad to hear that there has been success in implementing such features. One thing I'm concerned about is Unity versions and the possible disappearance of uGUI in favour of the newer UI Toolkit system. Unity games tend to differ a lot in terms of versions and I have no idea whether or not the full uGUI API is included in games exclusively using UI Toolkit. Guess I'll have to find out 😅

My application used frida-inject to attach the script to the target application; then, my application showed a floating window

Interesting. Did you use APIs that were already provided inside the target APK, or did you use another means of loading/injecting GUI?

vfsfitvnm commented 1 year ago

Interesting. Did you use APIs that were already provided inside the target APK, or did you use another means of loading/injecting GUI?

There was no GUI injection/loading at all.

The floating window was displayed by my application (i.e. outside the target application process). Hence, there were no problems with the overlay permission (well, you are doing repackaging, it wouldn't be a problem anyway, but still).

That's why I needed IPC: the user interacted with my application, then the commands were forwarded to the target application using intents with broadcast receivers.

mesidex commented 1 year ago

Oh, now I get it. Thanks for the clarification - it gave me some new ideas!

vfsfitvnm commented 1 year ago

Closing; feel free to reopen if needed.