From e1f048c8f922613aec1f63791c2191e55cbd5132 Mon Sep 17 00:00:00 2001 From: boris Date: Thu, 3 Jan 2019 16:51:40 +1300 Subject: ricardo milos :DDDD::D:D:D: --- .../RemoteCode/RemoteInjectionServer.hpp | 68 +++++++++------------- 1 file changed, 27 insertions(+), 41 deletions(-) (limited to 'csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp') diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp index fe6da09..b8659ff 100644 --- a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp +++ b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp @@ -8,56 +8,42 @@ using ByteArray = std::vector; namespace RemoteCode { - // What the server sends to the client upon transaction start. - struct RemoteServerHeader - { - // Does the cheat support the DirectX thread execution exploit? - bool m_ThreadExploitSupported; - - // This will be used for allocating the remote memory. - uintptr_t m_SizeOfImage; - - // OPTIONAL: The cheat might be using the DllMain function - // to do injection. Make sure to call that. - uintptr_t m_EntryPoint; - - // OPTIONAL: The cheat might be using TLS callbacks to - // do injection. Make sure to call that. - uintptr_t m_TlsCallbackDirectory; - }; + // Used for TransactionStart + using ImportedModule = char[64]; + using ImportList = std::vector; - // Requests supported by the server. - // These are stored in a vector and later looked up. - struct RemoteServerRequest + // Used for TransactionContinue + struct ExportedFunction { - // Hash to look up requests by. - uint64_t m_LookupHash; - - // Name printed on the console when a user injects. - char m_DebugName[128]; - - // File name that's used to load the DLL server-side. - char m_FileName[260]; - - // Does the cheat support the DirectX exploit for creating threads? - bool m_ThreadExploitSupported; + // I've never seen modules / functions with names + // that were larger than 64 characters. + char m_Module[64]; + char m_Function[64]; + + // Address of exported module / function + uintptr_t m_ModuleAddress; + uintptr_t m_FunctionAddress; }; - // The initial header we receive from the client. - struct RemoteClientRequest + using ExportList = std::vector; + + // Used for TransactionCommit + struct RemoteInjectionHeader { - uint64_t m_LookupHash; + // Used to decrypt the cheat header (first 1000 bytes of image sent back). + uint8_t m_HeaderKey; + + // Used to call entrypoint/TLS callbacks. + uintptr_t m_EntryPoint; + uintptr_t m_TlsDirectory; }; - // The response we receive from the client upon transaction start. - struct RemoteClientHeader + struct RemoteInjectionCode { - // Address of remote allocation. - uintptr_t m_RemoteAddress; + RemoteInjectionHeader m_Header; - // Up to six remote modules. - // NOTE: Stop iterating once a module is NULL. - uintptr_t m_RemoteModules[6]; + // Actual injection code. + ByteArray m_Code; }; class RemoteInjectionServer -- cgit v1.2.3