From e1f048c8f922613aec1f63791c2191e55cbd5132 Mon Sep 17 00:00:00 2001 From: boris Date: Thu, 3 Jan 2019 16:51:40 +1300 Subject: ricardo milos :DDDD::D:D:D: --- .../csgo-server/RemoteCode/RemoteCodeServer.cpp | 6 -- .../csgo-server/RemoteCode/RemoteCodeServer.hpp | 15 ----- .../RemoteCode/RemoteInjectionServer.hpp | 68 +++++++++------------- 3 files changed, 27 insertions(+), 62 deletions(-) delete mode 100644 csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp delete mode 100644 csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp (limited to 'csgo-loader/csgo-server/RemoteCode') diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp deleted file mode 100644 index 65a4306..0000000 --- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp +++ /dev/null @@ -1,6 +0,0 @@ -#include - -namespace RemoteCode -{ - -} \ No newline at end of file diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp deleted file mode 100644 index 3a31cb4..0000000 --- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once - -#include -#include -#include - -using ByteArray = std::vector; - -namespace RemoteCode -{ - class RemoteCodeServer - { - - }; -} \ No newline at end of file diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp index fe6da09..b8659ff 100644 --- a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp +++ b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp @@ -8,56 +8,42 @@ using ByteArray = std::vector; namespace RemoteCode { - // What the server sends to the client upon transaction start. - struct RemoteServerHeader - { - // Does the cheat support the DirectX thread execution exploit? - bool m_ThreadExploitSupported; - - // This will be used for allocating the remote memory. - uintptr_t m_SizeOfImage; - - // OPTIONAL: The cheat might be using the DllMain function - // to do injection. Make sure to call that. - uintptr_t m_EntryPoint; - - // OPTIONAL: The cheat might be using TLS callbacks to - // do injection. Make sure to call that. - uintptr_t m_TlsCallbackDirectory; - }; + // Used for TransactionStart + using ImportedModule = char[64]; + using ImportList = std::vector; - // Requests supported by the server. - // These are stored in a vector and later looked up. - struct RemoteServerRequest + // Used for TransactionContinue + struct ExportedFunction { - // Hash to look up requests by. - uint64_t m_LookupHash; - - // Name printed on the console when a user injects. - char m_DebugName[128]; - - // File name that's used to load the DLL server-side. - char m_FileName[260]; - - // Does the cheat support the DirectX exploit for creating threads? - bool m_ThreadExploitSupported; + // I've never seen modules / functions with names + // that were larger than 64 characters. + char m_Module[64]; + char m_Function[64]; + + // Address of exported module / function + uintptr_t m_ModuleAddress; + uintptr_t m_FunctionAddress; }; - // The initial header we receive from the client. - struct RemoteClientRequest + using ExportList = std::vector; + + // Used for TransactionCommit + struct RemoteInjectionHeader { - uint64_t m_LookupHash; + // Used to decrypt the cheat header (first 1000 bytes of image sent back). + uint8_t m_HeaderKey; + + // Used to call entrypoint/TLS callbacks. + uintptr_t m_EntryPoint; + uintptr_t m_TlsDirectory; }; - // The response we receive from the client upon transaction start. - struct RemoteClientHeader + struct RemoteInjectionCode { - // Address of remote allocation. - uintptr_t m_RemoteAddress; + RemoteInjectionHeader m_Header; - // Up to six remote modules. - // NOTE: Stop iterating once a module is NULL. - uintptr_t m_RemoteModules[6]; + // Actual injection code. + ByteArray m_Code; }; class RemoteInjectionServer -- cgit v1.2.3