From 4db29589a61f2e7cb663c5734f911c02206c7997 Mon Sep 17 00:00:00 2001 From: boris Date: Wed, 9 Jan 2019 20:51:16 +1300 Subject: whole buncha shit FIXME: loader currently corrupts heap on injection because i am retarded --- csgo-loader/csgo-module/Module.cpp | 76 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 csgo-loader/csgo-module/Module.cpp (limited to 'csgo-loader/csgo-module/Module.cpp') diff --git a/csgo-loader/csgo-module/Module.cpp b/csgo-loader/csgo-module/Module.cpp new file mode 100644 index 0000000..1fa638c --- /dev/null +++ b/csgo-loader/csgo-module/Module.cpp @@ -0,0 +1,76 @@ +#include + +/* + TODO: + - Finish off shellcode execution wrapper: + - The shellcode can be executed via two ways + - Either the code is mapped and called via CreateRemoteThread (allows custom param) + - or the code is mapped and called via DX9 (does not allow custom param) + - This will probably be the easiest thing to do. + + - Allocate via consecutive 64kb sections (TODO: Figure out how) + + - Free and wipe the module from memory once done + - Have the module authenticate via HWID or some shit.. idk (AAAAAAAAAAA) + - Do reloc/mapping stuff here +*/ + +DWORD ModuleThread(void *) +{ + ////////////////////////////////////////////////////////////////////////////////////////// + + // Initialize the syscall manager. + if(!Syscalls->Start()) + return 0; + + // Attempt to connect to the remote server. + WRAP_IF_DEBUG( + printf("[DEBUG] Server IP: %08x\n", inet_addr("35.165.60.229")); + ); + + ////////////////////////////////////////////////////////////////////////////////////////// + + // Connect to server. + Networking::TCPClientPtr Client = std::make_unique(); + + if(!Client->Start(LOCAL_IP, SERVER_PORT)) + return 0; + + // Header for Module. + ByteArray Header{ 0x0A, 0x32, 0x42, 0x4D }; + Client->SendRawBytes(Header); + + ////////////////////////////////////////////////////////////////////////////////////////// + + return 1; +} + +int __stdcall DllMain(void *, unsigned Reason, void *) +{ + if(Reason != 1) + return false; + + HANDLE Thread = CreateThread(nullptr, 0, ModuleThread, nullptr, 0, nullptr); + + if(Thread) + { + // Wait for thread to finish execution + WaitForSingleObject(Thread, INFINITE); + + // Get exit code from thread. + DWORD ExitCode; + GetExitCodeThread(Thread, &ExitCode); + + // If the HWND is 0, the loader will reveal that MessageBoxA was called from + // explorer.exe... This meme will get around that. + HWND Window = FindWindowA(STR("Valve001"), nullptr); + + if(!Window) + return true; + + if(!ExitCode) + MessageBoxA(Window, STR("[000F:00004A00] Failed to initialize. Please contact an administrator."), "", MB_ICONERROR | MB_OK); + } + + return true; +} \ No newline at end of file -- cgit v1.2.3