diff options
| author | boris <wzn@moneybot.cc> | 2018-12-20 21:38:04 +1300 |
|---|---|---|
| committer | boris <wzn@moneybot.cc> | 2018-12-20 21:38:04 +1300 |
| commit | a5acd4c9a3b24c9d5af3a8f504e5af053fa7fa09 (patch) | |
| tree | 27bc30d3f35e5daaaa15ee6de066119df8d352c7 /csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp | |
| parent | 77b52da44b263df4884be2f35f885d8edccbb6fa (diff) | |
yo is this loss
Diffstat (limited to 'csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp')
| -rw-r--r-- | csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp | 118 |
1 files changed, 85 insertions, 33 deletions
diff --git a/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp index 7397c7d..969f907 100644 --- a/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp +++ b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp @@ -1,47 +1,99 @@ #include <RemoteCode/RemoteProcess.hpp>
-namespace RemoteCode {
+namespace RemoteCode
+{
// RemoteModule implementation
- RemoteModule::RemoteModule(HANDLE Module, RemoteProcess &Process) :
- m_Module(Module) {
- // Read information about module.
- MODULEINFO ModuleInfo{};
- if(!K32GetModuleInformation(Process, (HMODULE)Module, &ModuleInfo, sizeof ModuleInfo))
- return;
-
- // Read module data.
- m_ModuleData.reserve(ModuleInfo.SizeOfImage);
- Process.Read(ModuleInfo.lpBaseOfDll, m_ModuleData.data(), m_ModuleData.size());
- }
+ RemoteModule::RemoteModule(HANDLE Module) :
+ m_Module(Module) {}
- uintptr_t RemoteModule::Scan(ByteArray &Data) {
- if(m_ModuleData.empty())
- return uintptr_t{};
+ // RemoteProcess implementation
+ bool RemoteProcess::Start(const char *ProcessName)
+ {
+ void *Toolhelp = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
- // We have a valid file (?)
- uint8_t *Buffer = m_ModuleData.data();
+ if(!Toolhelp)
+ return false;
- if(!Buffer || *(uint16_t *)Buffer != IMAGE_DOS_SIGNATURE)
- return uintptr_t{};
+ PROCESSENTRY32 ProcessEntry{};
+ ProcessEntry.dwSize = sizeof PROCESSENTRY32;
- // Read PE information.
- IMAGE_DOS_HEADER *DosHeader = (IMAGE_DOS_HEADER *)Buffer;
- IMAGE_NT_HEADERS *NtHeaders = (IMAGE_NT_HEADERS *)(Buffer + DosHeader->e_lfanew);
+ if(!Process32First(Toolhelp, &ProcessEntry))
+ return false;
- if(NtHeaders->Signature != IMAGE_NT_SIGNATURE)
- return uintptr_t{};
+ while(Process32Next(Toolhelp, &ProcessEntry))
+ {
+ if(strstr(ProcessName, ProcessEntry.szExeFile))
+ {
+ CloseHandle(Toolhelp);
- // Find signature.
- ByteArray::iterator Iterator = std::search(
- m_ModuleData.begin(),
- m_ModuleData.end(),
- Data.begin(),
- Data.end()
- );
+ // swoo
+ m_ProcessId = ProcessEntry.th32ProcessID;
+ m_Process = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessEntry.th32ProcessID);
+ return true;
+ }
+ }
- return (uintptr_t)std::distance(m_ModuleData.begin(), Iterator);
+ CloseHandle(Toolhelp);
+ return false;
}
- // RemoteProcess implementation
+ void RemoteProcess::ReadMemoryWrapper_Internal(void *Address, void *Data, size_t SizeOfData)
+ {
+ static auto ZwReadVirtualMemory = Syscalls->Find<long(__stdcall *)(void *, void *, void *, size_t, void *)>(FNV("ZwReadVirtualMemory"));
+ ZwReadVirtualMemory(m_Process, Address, Data, SizeOfData, nullptr);
+ }
+
+ void RemoteProcess::WriteMemoryWrapper_Internal(void *Address, void *Data, size_t SizeOfData)
+ {
+ static auto ZwWriteVirtualMemory = Syscalls->Find<long(__stdcall *)(void *, void *, void *, size_t, void *)>(FNV("ZwWriteVirtualMemory"));
+ ZwWriteVirtualMemory(m_Process, Address, Data, SizeOfData, nullptr);
+ }
+ void *RemoteProcess::Allocate(size_t AllocationSize)
+ {
+ void *AllocationAddress = nullptr;
+ static auto ZwAllocateVirtualMemory = Syscalls->Find<long(__stdcall *)(void *, void *, uint32_t, size_t *, uint32_t, uint32_t)>(FNV("ZwAllocateVirtualMemory"));
+
+ // :b:invoke the :b:unction :b:oi
+ NTSTATUS Status = ZwAllocateVirtualMemory(
+ m_Process,
+ &AllocationAddress,
+ 0,
+ &AllocationSize,
+ MEM_COMMIT | MEM_RESERVE,
+ PAGE_EXECUTE_READWRITE
+ );
+
+ if(!NT_SUCCESS(Status))
+ return nullptr;
+
+ return AllocationAddress;
+ }
+
+ RemoteModule RemoteProcess::FindModule(const char *ModuleName)
+ {
+ void *Toolhelp = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, m_ProcessId);
+
+ if(!Toolhelp)
+ return RemoteModule{};
+
+ MODULEENTRY32 ModuleEntry{};
+ ModuleEntry.dwSize = sizeof MODULEENTRY32;
+
+ if(!Module32First(Toolhelp, &ModuleEntry))
+ return RemoteModule{};
+
+ while(Module32Next(Toolhelp, &ModuleEntry))
+ {
+ printf("%s\n", ModuleEntry.szModule);
+ if(strstr(ModuleEntry.szModule, ModuleName))
+ {
+ CloseHandle(Toolhelp);
+ return RemoteModule(ModuleEntry.hModule);
+ }
+ }
+
+ CloseHandle(Toolhelp);
+ return RemoteModule{};
+ }
}
\ No newline at end of file |