From 41ed2c759124f2d0f6c496030424c57b576c62ea Mon Sep 17 00:00:00 2001 From: navewindre Date: Thu, 3 Jan 2019 20:12:00 +0100 Subject: important note --- csgo-loader/csgo-client/Client.cpp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/csgo-loader/csgo-client/Client.cpp b/csgo-loader/csgo-client/Client.cpp index 8972410..05ceb0b 100644 --- a/csgo-loader/csgo-client/Client.cpp +++ b/csgo-loader/csgo-client/Client.cpp @@ -8,15 +8,33 @@ - or the code is mapped and called via DX9 (does not allow custom param) - This will probably be the easiest thing to do. + --nave note: + you don't need any custom params + it's entirely pointless, we can use a wiped PE header to pass all the data we need + plus passing shit via dllmain is too obvious anyway, dumb idea + - Finish off injection wrapper: - Allocate every memory page as a bunch of consecutive 4kb sections (in order to fuck with people trying to dump) - Have the loader inject a .DLL :^) + --nave note 2: + what you haven't done and what will completely fuck us up if anyone competent gets the loader: + loading the binary directly via the loader itself is completely stupid and unreasonable + this is exactly what got rifk7 detected back in the day because all valve has to do is just get the loader and sig it + + what you're supposed to do is have a dummy dll which gets downloaded after login/security checks, inject that into a random process (explorer.exe will do) + that later downloads the REAL dll from the server and then injects it + otherwise all it takes is 1 memer to send it to valve and we'll get fucked completely + TODO (Nave): - Make the UI look nice. - Adapt the server to work with your backend. - Add dump protection (closes csgo.exe if a handle is detected, probably explorer shellcode) + + --nave note 3: + dumps will happen anyway, i honestly don't even wanna focus on trying to protect shit against that other than basic exitprocess memes + people dump skeet regardless of kernel address mapping meme so what does it matter */ -- cgit v1.2.3