diff options
| author | boris <wzn@moneybot.cc> | 2019-01-03 16:51:40 +1300 |
|---|---|---|
| committer | boris <wzn@moneybot.cc> | 2019-01-03 16:51:40 +1300 |
| commit | e1f048c8f922613aec1f63791c2191e55cbd5132 (patch) | |
| tree | 887f57c58673e775bff8c1df3f23943ef8ddd6cd /csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp | |
| parent | c0f1354a301ce2a2fc867a89fafdde4571c07c02 (diff) | |
ricardo milos :DDDD::D:D:D:
Diffstat (limited to 'csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp')
| -rw-r--r-- | csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp | 68 |
1 files changed, 27 insertions, 41 deletions
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp index fe6da09..b8659ff 100644 --- a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp +++ b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp @@ -8,56 +8,42 @@ using ByteArray = std::vector<uint8_t>; namespace RemoteCode
{
- // What the server sends to the client upon transaction start.
- struct RemoteServerHeader
- {
- // Does the cheat support the DirectX thread execution exploit?
- bool m_ThreadExploitSupported;
-
- // This will be used for allocating the remote memory.
- uintptr_t m_SizeOfImage;
-
- // OPTIONAL: The cheat might be using the DllMain function
- // to do injection. Make sure to call that.
- uintptr_t m_EntryPoint;
-
- // OPTIONAL: The cheat might be using TLS callbacks to
- // do injection. Make sure to call that.
- uintptr_t m_TlsCallbackDirectory;
- };
+ // Used for TransactionStart
+ using ImportedModule = char[64];
+ using ImportList = std::vector<ImportedModule>;
- // Requests supported by the server.
- // These are stored in a vector and later looked up.
- struct RemoteServerRequest
+ // Used for TransactionContinue
+ struct ExportedFunction
{
- // Hash to look up requests by.
- uint64_t m_LookupHash;
-
- // Name printed on the console when a user injects.
- char m_DebugName[128];
-
- // File name that's used to load the DLL server-side.
- char m_FileName[260];
-
- // Does the cheat support the DirectX exploit for creating threads?
- bool m_ThreadExploitSupported;
+ // I've never seen modules / functions with names
+ // that were larger than 64 characters.
+ char m_Module[64];
+ char m_Function[64];
+
+ // Address of exported module / function
+ uintptr_t m_ModuleAddress;
+ uintptr_t m_FunctionAddress;
};
- // The initial header we receive from the client.
- struct RemoteClientRequest
+ using ExportList = std::vector<ExportedFunction>;
+
+ // Used for TransactionCommit
+ struct RemoteInjectionHeader
{
- uint64_t m_LookupHash;
+ // Used to decrypt the cheat header (first 1000 bytes of image sent back).
+ uint8_t m_HeaderKey;
+
+ // Used to call entrypoint/TLS callbacks.
+ uintptr_t m_EntryPoint;
+ uintptr_t m_TlsDirectory;
};
- // The response we receive from the client upon transaction start.
- struct RemoteClientHeader
+ struct RemoteInjectionCode
{
- // Address of remote allocation.
- uintptr_t m_RemoteAddress;
+ RemoteInjectionHeader m_Header;
- // Up to six remote modules.
- // NOTE: Stop iterating once a module is NULL.
- uintptr_t m_RemoteModules[6];
+ // Actual injection code.
+ ByteArray m_Code;
};
class RemoteInjectionServer
|