From 77b52da44b263df4884be2f35f885d8edccbb6fa Mon Sep 17 00:00:00 2001 From: boris Date: Wed, 19 Dec 2018 00:13:24 +1300 Subject: added new loader project :) merry christmas --- .../csgo-client/RemoteCode/RemoteProcess.cpp | 47 +++++++++++ .../csgo-client/RemoteCode/RemoteProcess.hpp | 91 ++++++++++++++++++++++ 2 files changed, 138 insertions(+) create mode 100644 csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp create mode 100644 csgo-loader/csgo-client/RemoteCode/RemoteProcess.hpp (limited to 'csgo-loader/csgo-client/RemoteCode') diff --git a/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp new file mode 100644 index 0000000..7397c7d --- /dev/null +++ b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.cpp @@ -0,0 +1,47 @@ +#include + +namespace RemoteCode { + // RemoteModule implementation + RemoteModule::RemoteModule(HANDLE Module, RemoteProcess &Process) : + m_Module(Module) { + // Read information about module. + MODULEINFO ModuleInfo{}; + if(!K32GetModuleInformation(Process, (HMODULE)Module, &ModuleInfo, sizeof ModuleInfo)) + return; + + // Read module data. + m_ModuleData.reserve(ModuleInfo.SizeOfImage); + Process.Read(ModuleInfo.lpBaseOfDll, m_ModuleData.data(), m_ModuleData.size()); + } + + uintptr_t RemoteModule::Scan(ByteArray &Data) { + if(m_ModuleData.empty()) + return uintptr_t{}; + + // We have a valid file (?) + uint8_t *Buffer = m_ModuleData.data(); + + if(!Buffer || *(uint16_t *)Buffer != IMAGE_DOS_SIGNATURE) + return uintptr_t{}; + + // Read PE information. + IMAGE_DOS_HEADER *DosHeader = (IMAGE_DOS_HEADER *)Buffer; + IMAGE_NT_HEADERS *NtHeaders = (IMAGE_NT_HEADERS *)(Buffer + DosHeader->e_lfanew); + + if(NtHeaders->Signature != IMAGE_NT_SIGNATURE) + return uintptr_t{}; + + // Find signature. + ByteArray::iterator Iterator = std::search( + m_ModuleData.begin(), + m_ModuleData.end(), + Data.begin(), + Data.end() + ); + + return (uintptr_t)std::distance(m_ModuleData.begin(), Iterator); + } + + // RemoteProcess implementation + +} \ No newline at end of file diff --git a/csgo-loader/csgo-client/RemoteCode/RemoteProcess.hpp b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.hpp new file mode 100644 index 0000000..b1c716b --- /dev/null +++ b/csgo-loader/csgo-client/RemoteCode/RemoteProcess.hpp @@ -0,0 +1,91 @@ +#pragma once + +#include +#include + +#include +#include + +namespace RemoteCode { + // The module wrapper. + class RemoteProcess; + class RemoteModule { + HANDLE m_Module; + int32_t m_SizeOfModule; + + // All the module data will be read upon class initialisation. + ByteArray m_ModuleData; + + public: + // The constructor (reads all module data into m_ModuleData). + RemoteModule(HANDLE Module, RemoteProcess &Process); + + // TODO: Add support for wild-cards (not currently implemented) + uintptr_t Scan(ByteArray &Pattern); + + // Allow us to access the module by just passing the + // handle as a parameter. + operator HANDLE() { return m_Module; } + operator HINSTANCE() { return (HINSTANCE)m_Module; } + }; + + // The process wrapper. + class RemoteProcess { + HANDLE m_Process; + int32_t m_ProcessId; + + // Exposing the syscalls in a convenient way to use with templating. + void ReadMemoryWrapper_Internal(void *Address, void *Data, size_t SizeOfData); + void WriteMemoryWrapper_Internal(void *Address, void *Data, size_t SizeOfData); + + public: + RemoteProcess() = default; + + // For portability, will ignore exceptions. + RemoteProcess(const char *ProcessName) { + Start(ProcessName); + } + + // Release the handle when the process goes out of scope. + ~RemoteProcess() { + if(m_Process) + CloseHandle(m_Process); + } + + // Find the process ID and initialise the process. + bool Start(const char *ProcessName); + + // Writes to the process memory. + template + void Write(void *Address, T Data) { + WriteMemoryWrapper_Internal(Address, (void *)&Data, sizeof T); + } + + void Write(void *Address, uint8_t *Data, size_t SizeOfData) { + WriteMemoryWrapper_Internal(Address, (void *)Data, SizeOfData); + } + + // Reads from the process memory. + template + T Read(void *Address) { + T Buffer{}; + ReadMemoryWrapper_Internal(Address, (void *)&Buffer, sizeof T); + + return Buffer; + } + + void Read(void *Address, uint8_t *Data, size_t SizeOfData) { + ReadMemoryWrapper_Internal(Address, (void *)Data, SizeOfData); + } + + // Allocates a memory region in the process. + void *Allocate(size_t AllocationSize); + + // Finds a module in the process. + RemoteModule FindModule(const char *ModuleName); + + // Allow us to access the process by just passing the + // handle as a parameter. + operator HANDLE() { return m_Process; } + }; +} \ No newline at end of file -- cgit v1.2.3