From 0c194bc8046cb3ecb4e4d0577f36a1d3bde58d11 Mon Sep 17 00:00:00 2001 From: boris Date: Thu, 27 Dec 2018 22:42:05 +1300 Subject: bap --- .../csgo-client/Security/RuntimeSecurity.hpp | 88 ++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 csgo-loader/csgo-client/Security/RuntimeSecurity.hpp (limited to 'csgo-loader/csgo-client/Security/RuntimeSecurity.hpp') diff --git a/csgo-loader/csgo-client/Security/RuntimeSecurity.hpp b/csgo-loader/csgo-client/Security/RuntimeSecurity.hpp new file mode 100644 index 0000000..77ec94c --- /dev/null +++ b/csgo-loader/csgo-client/Security/RuntimeSecurity.hpp @@ -0,0 +1,88 @@ +#pragma once + +// std::unique_ptr +#include + +// Intrinsics (_ReturnAddress) +#include + +// Required for the SDK from Themida which offers multiple +// virtual machines and string encryption, as well as debug/VM checks. +#include + +// Required for MinHook. +#include +#pragma comment(lib, "MinHook.lib") + +// Used for wrapping Themida's macros along with some other things. +// e.g: WRAP_IF_RELEASE( VM_SHARK_BLACK_START ) will only trigger in Release mode. +// Likewise, WRAP_IF_DEBUG( printf( "Error: %08x", GetLastError() ) ) will only +// trigger in Debug mode. +// Just a neat little feature that I decided to implement :-) +#ifdef DEBUG + #define WRAP_IF_RELEASE( s ) + #define WRAP_IF_DEBUG( s ) { s; } +#else + #define WRAP_IF_RELEASE( s ) { s; } + #define WRAP_IF_DEBUG( s ) + + // Link against Themida's SecureEngine. + #pragma comment(lib, "SecureEngine.lib") +#endif + +namespace Security +{ + // Hardware ID structure (this is hashed and sent to server, but it's easier to use it + // this way internally) + struct HardwareIdentifier + { + // Generic CPU information. + uint16_t m_CpuArchitecture; + uint32_t m_CpuCount; + + // String-literal - contains list of CPU features. + char m_CpuFeatures[64]; + + // Hash of the hard disk serial identifier. + uint32_t m_HardDiskSerialHash; + }; + + // This class implements the runtime security system. + // In short, upon initialization, the system applies detours to numerous API functions + // which will be checked for integrity every time they are called. + // Also, a few threads are dispatched in the process in order to ensure that there are no + // forbidden programs/conditions being triggered. + // The class has an (inlined) security callback which can be used to phone home and infract/ban + // any potentially malicious actions from users. + class RuntimeSecurity + { + protected: + // Applies necessary API hooks. + void ApplyApiHooks_Internal(); + + // Patches common debugging functions to crash the program. + void PatchDebugFunctions_Internal(); + + // Dispatches security threads. + void DispatchSecurityThreads_Internal(); + + // The following functions are used in security threads to run checks. + bool CheckForVirtualMachine_Internal(); + + bool CheckForDebugger_Internal(); + + bool CheckForApiHooks_Internal(); + + public: + // Initializes the runtime security system. + bool Start(); + + // Retrieves the current Hardware ID for the system. + + }; + + // Readability + using RuntimeSecurityPtr = std::unique_ptr; +} + +extern Security::RuntimeSecurityPtr Protection; \ No newline at end of file -- cgit v1.2.3