diff options
| author | boris <wzn@moneybot.cc> | 2019-01-09 20:51:16 +1300 |
|---|---|---|
| committer | boris <wzn@moneybot.cc> | 2019-01-09 20:51:16 +1300 |
| commit | 4db29589a61f2e7cb663c5734f911c02206c7997 (patch) | |
| tree | 38ec6f25fe1b807ba76e28720badf4a70a87601c /csgo-loader/csgo-module/Module.cpp | |
| parent | 1fbe9543b16fc6edacfc1e1dca75f5938ebb08a3 (diff) | |
whole buncha shit
FIXME: loader currently corrupts heap on injection because i am retarded
Diffstat (limited to 'csgo-loader/csgo-module/Module.cpp')
| -rw-r--r-- | csgo-loader/csgo-module/Module.cpp | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/csgo-loader/csgo-module/Module.cpp b/csgo-loader/csgo-module/Module.cpp new file mode 100644 index 0000000..1fa638c --- /dev/null +++ b/csgo-loader/csgo-module/Module.cpp @@ -0,0 +1,76 @@ +#include <Module.hpp>
+
+/*
+ TODO:
+ - Finish off shellcode execution wrapper:
+ - The shellcode can be executed via two ways
+ - Either the code is mapped and called via CreateRemoteThread (allows custom param)
+ - or the code is mapped and called via DX9 (does not allow custom param)
+ - This will probably be the easiest thing to do.
+
+ - Allocate via consecutive 64kb sections (TODO: Figure out how)
+
+ - Free and wipe the module from memory once done
+ - Have the module authenticate via HWID or some shit.. idk (AAAAAAAAAAA)
+ - Do reloc/mapping stuff here
+*/
+
+DWORD ModuleThread(void *)
+{
+ //////////////////////////////////////////////////////////////////////////////////////////
+
+ // Initialize the syscall manager.
+ if(!Syscalls->Start())
+ return 0;
+
+ // Attempt to connect to the remote server.
+ WRAP_IF_DEBUG(
+ printf("[DEBUG] Server IP: %08x\n", inet_addr("35.165.60.229"));
+ );
+
+ //////////////////////////////////////////////////////////////////////////////////////////
+
+ // Connect to server.
+ Networking::TCPClientPtr Client = std::make_unique<Networking::TCPClient>();
+
+ if(!Client->Start(LOCAL_IP, SERVER_PORT))
+ return 0;
+
+ // Header for Module.
+ ByteArray Header{ 0x0A, 0x32, 0x42, 0x4D };
+ Client->SendRawBytes(Header);
+
+ //////////////////////////////////////////////////////////////////////////////////////////
+
+ return 1;
+}
+
+int __stdcall DllMain(void *, unsigned Reason, void *)
+{
+ if(Reason != 1)
+ return false;
+
+ HANDLE Thread = CreateThread(nullptr, 0, ModuleThread, nullptr, 0, nullptr);
+
+ if(Thread)
+ {
+ // Wait for thread to finish execution
+ WaitForSingleObject(Thread, INFINITE);
+
+ // Get exit code from thread.
+ DWORD ExitCode;
+ GetExitCodeThread(Thread, &ExitCode);
+
+ // If the HWND is 0, the loader will reveal that MessageBoxA was called from
+ // explorer.exe... This meme will get around that.
+ HWND Window = FindWindowA(STR("Valve001"), nullptr);
+
+ if(!Window)
+ return true;
+
+ if(!ExitCode)
+ MessageBoxA(Window, STR("[000F:00004A00] Failed to initialize. Please contact an administrator."), "", MB_ICONERROR | MB_OK);
+ }
+
+ return true;
+}
\ No newline at end of file |