From ace9ae2117175dfe5e14b259db2e0536f8ec7a8a Mon Sep 17 00:00:00 2001 From: boris Date: Mon, 24 Dec 2018 20:39:09 +1300 Subject: fffffffff --- .../csgo-client/RemoteCode/RemoteCodeClient.cpp | 42 ++++++++++++++++++++++ 1 file changed, 42 insertions(+) (limited to 'csgo-loader/csgo-client/RemoteCode/RemoteCodeClient.cpp') diff --git a/csgo-loader/csgo-client/RemoteCode/RemoteCodeClient.cpp b/csgo-loader/csgo-client/RemoteCode/RemoteCodeClient.cpp index 7e6575b..c62812b 100644 --- a/csgo-loader/csgo-client/RemoteCode/RemoteCodeClient.cpp +++ b/csgo-loader/csgo-client/RemoteCode/RemoteCodeClient.cpp @@ -1 +1,43 @@ #include + +// i kinda stopped caring at this point + +namespace RemoteCode +{ + RemoteCodeParameters RemoteCodeClient::Start(RemoteProcess &Process) + { + // Copy over process. + m_Process = Process; + + // PSA: If the loader crashes CS:GO, this is most definitely the reason. + HANDLE ShaderApi = Process.FindModule("shaderapidx9.dll"); + void *D3D_DevicePtr = (void *)((uintptr_t)ShaderApi + 0xA3FC0); + + // Read the VTable. + // TODO: Check if process is 32-bit or 64-bit.... nah fuck that lol + void *D3D_VtablePtr = Process.Read(D3D_DevicePtr); + m_DirectX = Process.Read((void *)((uintptr_t)D3D_VtablePtr + 42 * 4)); + + RemoteCodeParameters Parameters{ + (uintptr_t)D3D_VtablePtr, + m_DirectX, + 0x00000000, + 0x00000000, + (uintptr_t)VirtualProtect + }; + + m_DirectX = (uintptr_t)D3D_VtablePtr; + + return Parameters; + } + + void RemoteCodeClient::Dispatch(ByteArray &Shellcode) + { + // Allocate and set-up shellcode. + void *AllocationBase = m_Process.Allocate(Shellcode.size()); + m_Process.Write(AllocationBase, Shellcode.data(), Shellcode.size()); + + // Hijack D3D thread. + m_Process.Write((void *)(m_DirectX + 42 * 4), (uintptr_t)AllocationBase); + } +} \ No newline at end of file -- cgit v1.2.3