diff options
| author | boris <wzn@moneybot.cc> | 2018-12-28 21:35:18 +1300 |
|---|---|---|
| committer | boris <wzn@moneybot.cc> | 2018-12-28 21:35:18 +1300 |
| commit | 81a3987fc17f99d2092018ac266882f4533cc27e (patch) | |
| tree | f351344ee454f081d97ce2ed55bce7d2698c62ef /csgo-loader/csgo-client/Client.cpp | |
| parent | c486baddbe064c0c78d9ea45361adf917f3c6842 (diff) | |
aaaaaaaaaaaaaaaaaaaaa
Diffstat (limited to 'csgo-loader/csgo-client/Client.cpp')
| -rw-r--r-- | csgo-loader/csgo-client/Client.cpp | 51 |
1 files changed, 35 insertions, 16 deletions
diff --git a/csgo-loader/csgo-client/Client.cpp b/csgo-loader/csgo-client/Client.cpp index 0f29f29..38bc273 100644 --- a/csgo-loader/csgo-client/Client.cpp +++ b/csgo-loader/csgo-client/Client.cpp @@ -1,12 +1,44 @@ #include <Client.hpp>
+/*
+ TODO:
+ - Finish off security on client:
+ - Hook OpenProcess, ExitProcess, WSARecv, WSASend and check if function is OOB.
+ - Use VM check that Nave gave me.
+ - Run a thread to check for blacklisted drivers periodically (also blacklist VBox)
+ - Run a thread to check if there is more than X threads running in the loader.
+ - Add dump protection (closes csgo.exe if a handle is detected, probably explorer shellcode)
+ - Add HWID generation
+ - Hook DbgBreakPoint and DbgUiRemoteBreakin (instead of bytepatching, some debuggers will check that)
+ - If the hook is triggered, ban the user.
+ - Don't forget about the security callback; leave implementation up to Nave.
+
+ - Apply Themida macros inside important functions:
+ - Apply mutation on Security hooks and main function.
+ - Apply fast VM on syscall manager, process functions
+ - Apply robust VM on TCP, login
+ - Apply heavy VM on Encryption, recv/send wrappers.
+
+ - Finish off shellcode execution wrapper:
+ - The shellcode can be executed via two ways
+ - Either the code is mapped and called via CreateRemoteThread (allows custom param)
+ - or the code is mapped and called via DX9 (does not allow custom param)
+ - This will probably be the easiest thing to do.
+
+ - Finish off injection wrapper:
+ - Everything is already laid out, tbh.
+
+ - Have the loader inject a .DLL :^)
+
+ TODO (Nave):
+ - Make the UI look nice.
+ - Adapt the server to work with your backend.
+*/
+
int __stdcall WinMain(HINSTANCE inst, HINSTANCE prev, char* str, int cmdshow)
{
WRAP_IF_DEBUG(Utils::OpenConsole());
- WRAP_IF_RELEASE(VM_DOLPHIN_BLACK_START);
- WRAP_IF_RELEASE(STR_ENCRYPT_START);
-
// Initialize the runtime protection system.
if(!Protection->Start())
ERROR_ASSERT("[000F:00001A00] Failed to initialize. Please contact an administrator.");
@@ -15,38 +47,25 @@ int __stdcall WinMain(HINSTANCE inst, HINSTANCE prev, char* str, int cmdshow) if(!Syscalls->Start())
ERROR_ASSERT("[000F:00001A00] Failed to initialize. Please contact an administrator.");
- WRAP_IF_RELEASE(STR_ENCRYPT_END);
- WRAP_IF_RELEASE(VM_DOLPHIN_BLACK_END);
-
// Wait for connection.
UserInterface->m_Data.m_ExecutionState = UserExperience::EXECUTION_WAITING;
// Create a thread to handle UI.
std::thread WindowThread([]
{
- WRAP_IF_RELEASE(VM_SHARK_BLACK_START);
- WRAP_IF_RELEASE(STR_ENCRYPT_START);
-
// Create a window, initialise DirectX context.
if(!UserInterface->Start())
ERROR_ASSERT("[000F:00001B00] Failed to initialize. Please contact an administrator.");
- WRAP_IF_RELEASE(STR_ENCRYPT_END);
- WRAP_IF_RELEASE(VM_SHARK_BLACK_END);
-
// Create a loop to draw our UI.
UserInterface->RunUiFrame();
}); WindowThread.detach();
- WRAP_IF_RELEASE(VM_EAGLE_BLACK_START);
-
// Attempt to connect to the remote server.
Networking::TCPClient Client;
if(!Client.Start(LOCAL_IP, SERVER_PORT))
ERROR_ASSERT("[000F:0002A000] Server did not accept the connection.");
- WRAP_IF_RELEASE(VM_EAGLE_BLACK_END);
-
// Allow the user to input their log-in data.
UserInterface->m_Data.m_ExecutionState = UserExperience::EXECUTION_LOG_IN;
|