From 0c194bc8046cb3ecb4e4d0577f36a1d3bde58d11 Mon Sep 17 00:00:00 2001
From: boris <wzn@moneybot.cc>
Date: Thu, 27 Dec 2018 22:42:05 +1300
Subject: bap

---
 csgo-loader/csgo-server/Login/RemoteLogin.cpp      |   8 +-
 csgo-loader/csgo-server/Login/RemoteLogin.hpp      |   3 +
 csgo-loader/csgo-server/Networking/TCPServer.cpp   |   5 +-
 .../csgo-server/RemoteCode/RemoteCodeServer.cpp    |  47 ----------
 .../csgo-server/RemoteCode/RemoteCodeServer.hpp    |  22 -----
 .../RemoteCode/RemoteInjectionServer.hpp           |  54 ++++++++++-
 csgo-loader/csgo-server/Security/FnvHash.hpp       | 100 +++++++++++++++++++++
 csgo-loader/csgo-server/Server.cpp                 |  43 +++------
 csgo-loader/csgo-server/Server.hpp                 |  34 +++++++
 csgo-loader/csgo-server/csgo-server.vcxproj        |   4 +
 .../csgo-server/csgo-server.vcxproj.filters        |  12 ++-
 11 files changed, 224 insertions(+), 108 deletions(-)
 create mode 100644 csgo-loader/csgo-server/Security/FnvHash.hpp
 create mode 100644 csgo-loader/csgo-server/Server.hpp

(limited to 'csgo-loader/csgo-server')

diff --git a/csgo-loader/csgo-server/Login/RemoteLogin.cpp b/csgo-loader/csgo-server/Login/RemoteLogin.cpp
index b9ee44b..83ab4a7 100644
--- a/csgo-loader/csgo-server/Login/RemoteLogin.cpp
+++ b/csgo-loader/csgo-server/Login/RemoteLogin.cpp
@@ -1,6 +1,8 @@
 #include <Login/RemoteLogin.hpp>
 
-#define EXPECTED_CLIENT_HEADER 0xDEADBEEF
+// Change this whenever a major server update is made.
+// NOTE: You must change this on the client as well.
+#define EXPECTED_CLIENT_HEADER 0x62746324
 
 namespace Login
 {
@@ -10,7 +12,7 @@ namespace Login
 			return false;
 
 		// Epic direct casts :---DDDD
-		m_Header = *reinterpret_cast<RemoteLoginHeader *>(&RawLoginHeader[0]);
+		m_Header = *(RemoteLoginHeader *)(&RawLoginHeader[0]);
 		return true;
 	}
 
@@ -35,7 +37,7 @@ namespace Login
 		{
 			// TODO: Shadow ban the user.
 
-			return RemoteLoginResponse::INVALID_HARDWARE;
+			return RemoteLoginResponse::INTEGRITY_FAILURE;
 		}
 
 		// TODO: Check if the HWID is present in DB.
diff --git a/csgo-loader/csgo-server/Login/RemoteLogin.hpp b/csgo-loader/csgo-server/Login/RemoteLogin.hpp
index 5b31db1..f69e588 100644
--- a/csgo-loader/csgo-server/Login/RemoteLogin.hpp
+++ b/csgo-loader/csgo-server/Login/RemoteLogin.hpp
@@ -60,6 +60,9 @@ namespace Login
 
 		ByteArray GetResponse();
 
+		// Expose the header for use with other classes.
+		RemoteLoginHeader GetHeader() { return m_Header; }
+
 		// TODO: Implement shadow banning based on IP and HWID.
 	};
 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/Networking/TCPServer.cpp b/csgo-loader/csgo-server/Networking/TCPServer.cpp
index b6bc3bd..dbd109d 100644
--- a/csgo-loader/csgo-server/Networking/TCPServer.cpp
+++ b/csgo-loader/csgo-server/Networking/TCPServer.cpp
@@ -127,7 +127,10 @@ namespace Networking
 			// Detach a thread to handle the connection.
 			std::thread thread([&]
 			{
-				m_ConnectionHandler(Connection);
+				// smol fix :^)
+				if(m_ConnectionHandler)
+					m_ConnectionHandler(Connection);
+
 				Connection.Close();
 			});
 			thread.detach();
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
index daa42ae..65a4306 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
@@ -2,52 +2,5 @@
 
 namespace RemoteCode
 {
-	ByteArray Shellcode = {
-		// TODO: Add shellcode.
-	};
 
-	bool RemoteCodeServer::Start(ByteArray &Parameters)
-	{
-		RemoteCodeParameters CodeParams = *(RemoteCodeParameters *)&Parameters[0];
-
-		// Check if the header is valid.
-		if((!CodeParams.m_EndSceneVmt || !CodeParams.m_OriginalEndScene) ||
-		   (CodeParams.m_EntryPoint || CodeParams.m_CheatHeader))
-		{
-			// TODO: Ban user (probably using fake client)
-			return false;
-		}
-
-		// Set up shellcode.
-		m_CustomCode.insert(
-			m_CustomCode.begin(),
-			Shellcode.begin(),
-			Shellcode.end()
-		);
-
-		// TODO: Set up pointers in shellcode.
-
-		return true;
-	}
-
-	uintptr_t RemoteCodeServer::GetOffsetByPattern(ByteArray &Data, ByteArray Pattern)
-	{
-		if(Data.empty())
-			return uintptr_t{};
-
-		ByteArray::iterator Position = std::search(
-			Data.begin(),
-			Data.end(),
-			Pattern.begin(),
-			Pattern.end()		
-		);
-
-		if(Position != Data.end())
-			return (uintptr_t)std::distance(Data.begin(), Position);
-		
-		return uintptr_t{};
-	}
-
-	// is this loss?
-	ByteArray RemoteCodeServer::GetShellcode() { return m_CustomCode; }
 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
index dde8b7d..3a31cb4 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
@@ -8,30 +8,8 @@ using ByteArray = std::vector<uint8_t>;
 
 namespace RemoteCode
 {
-	struct RemoteCodeParameters
-	{
-		uintptr_t m_EndSceneVmt;
-		uintptr_t m_OriginalEndScene;
-		uintptr_t m_EntryPoint;
-		uintptr_t m_CheatHeader;
-		uintptr_t m_VirtualProtect;
-	};
-
 	class RemoteCodeServer
 	{
-		ByteArray m_CustomCode;
-
-		// swoo
-		uintptr_t GetOffsetByPattern(ByteArray &Data, ByteArray Pattern);
-
-	public:
-		RemoteCodeServer() = default;
-
-		// Send client the prepared shellcode.
-		// This will also send the original and vmt address of endscene.
-		bool Start(ByteArray &Parameters);
 
-		// Get the response for the client
-		ByteArray GetShellcode();
 	};
 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
index f8f7274..3a975f7 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
@@ -1,11 +1,63 @@
 #pragma once
 
 #include <windows.h>
+#include <cstdint>
+#include <vector>
+
+using ByteArray = std::vector<uint8_t>;
 
 namespace RemoteCode
 {
-	class RemoteInjectionServer
+	// What the server sends to the client upon transaction start.
+	struct RemoteServerHeader
 	{
+		// Does the cheat support the DirectX thread execution exploit?
+		bool      m_ThreadExploitSupported;
+
+		// This will be used for allocating the remote memory.
+		uintptr_t m_SizeOfImage;
+
+		// OPTIONAL: The cheat might be using the DllMain function
+		// to do injection. Make sure to call that.
+		uintptr_t m_EntryPoint;
+
+		// OPTIONAL: The cheat might be using TLS callbacks to
+		// do injection. Make sure to call that.
+		uintptr_t m_TlsCallbackDirectory;
+	};
+
+	// Requests supported by the server.
+	// These are stored in a vector and later looked up.
+	struct RemoteServerRequest
+	{
+		// Hash to look up requests by.
+		uint64_t	m_LookupHash;
+
+		// Name printed on the console when a user injects.
+		char		m_DebugName[128];
+
+		// File name that's used to load the DLL server-side.
+		char		m_FileName[260];
 
+		// Does the cheat support the DirectX exploit for creating threads?
+		bool		m_ThreadExploitSupported;
 	};
+
+	// The initial header we receive from the client.
+	struct RemoteClientRequest
+	{
+		uint64_t m_LookupHash;
+	};
+
+	// The response we receive from the client upon transaction start.
+	struct RemoteClientHeader
+	{
+		// Address of remote allocation.
+		uintptr_t m_RemoteAddress;
+
+		// Up to six remote modules.
+		// NOTE: Stop iterating once a module is NULL.
+		uintptr_t m_RemoteModules[6];
+	};
+
 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/Security/FnvHash.hpp b/csgo-loader/csgo-server/Security/FnvHash.hpp
new file mode 100644
index 0000000..35c9ad0
--- /dev/null
+++ b/csgo-loader/csgo-server/Security/FnvHash.hpp
@@ -0,0 +1,100 @@
+#pragma once
+#include <cstdint>
+#include <type_traits>
+
+// Credits: namazso
+// Implements FNV-1a hash algorithm
+namespace detail
+{
+	template <typename Type, Type OffsetBasis, Type Prime>
+	struct SizeDependantData
+	{
+		using type = Type;
+
+		constexpr static auto k_offset_basis = OffsetBasis;
+		constexpr static auto k_prime = Prime;
+	};
+
+	template <std::size_t Bits>
+	struct SizeSelector : std::false_type {};
+
+	template <>
+	struct SizeSelector<32> : SizeDependantData<std::uint32_t, 0x811c9dc5ul, 16777619ul> {};
+
+	template <>
+	struct SizeSelector<64> : SizeDependantData<std::uint64_t, 0xcbf29ce484222325ull, 1099511628211ull> {};
+
+	template <std::size_t Size>
+	class FnvHash
+	{
+	private:
+		using data_t = SizeSelector<Size>;
+
+	public:
+		using hash = typename data_t::type;
+
+	private:
+		constexpr static auto k_offset_basis = data_t::k_offset_basis;
+		constexpr static auto k_prime = data_t::k_prime;
+
+	public:
+		static __forceinline constexpr auto hash_init(
+		) -> hash
+		{
+			return k_offset_basis;
+		}
+
+		static __forceinline constexpr auto hash_byte(
+			hash current,
+			std::uint8_t byte
+		) -> hash
+		{
+			return (current ^ byte) * k_prime;
+		}
+
+		template <std::size_t N>
+		static __forceinline constexpr auto hash_constexpr(
+			const char(&str)[N],
+			const std::size_t size = N - 1 /* do not hash the null */
+		) -> hash
+		{
+			const auto prev_hash = size == 1 ? hash_init() : hash_constexpr(str, size - 1);
+			const auto cur_hash = hash_byte(prev_hash, str[size - 1]);
+			return cur_hash;
+		}
+
+		static auto __forceinline hash_runtime_data(
+			const void* data,
+			const std::size_t sz
+		) -> hash
+		{
+			const auto bytes = static_cast<const uint8_t*>(data);
+			const auto end = bytes + sz;
+			auto result = hash_init();
+			for(auto it = bytes; it < end; ++it)
+				result = hash_byte(result, *it);
+
+			return result;
+		}
+
+		static auto __forceinline hash_runtime(
+			const char* str
+		) -> hash
+		{
+			auto result = hash_init();
+			do
+				result = hash_byte(result, *str++);
+			while(*str != '\0');
+
+			return result;
+		}
+	};
+}
+
+using fnv32 = ::detail::FnvHash<32>;
+using fnv64 = ::detail::FnvHash<64>;
+using fnv = ::detail::FnvHash<sizeof(void*) * 8>;
+
+#define FNV(str) (std::integral_constant<fnv::hash, fnv::hash_constexpr(str)>::value)
+#define FNV32(str) (std::integral_constant<fnv32::hash, fnv32::hash_constexpr(str)>::value)
+#define FNV64(str) (std::integral_constant<fnv64::hash, fnv64::hash_constexpr(str)>::value)
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/Server.cpp b/csgo-loader/csgo-server/Server.cpp
index ada748b..d71a758 100644
--- a/csgo-loader/csgo-server/Server.cpp
+++ b/csgo-loader/csgo-server/Server.cpp
@@ -1,41 +1,24 @@
-#include <Networking/TCPServer.hpp>
-#include <Login/RemoteLogin.hpp>
+#include <Server.hpp>
 
-// ik inda like penigs tbh
-void ConnectionHandler(Networking::TCPConnection &Connection)
+int __stdcall WinMain(HINSTANCE, HINSTANCE, char*, int)
 {
-	Login::RemoteLoginServer LoginServer;
+	// Open a debugging console.
+	Utils::OpenConsole();
 
-	ByteArray RawLoginHeader = Connection.ReceiveBytes();
-	LoginServer.Start(RawLoginHeader);
-
-	ByteArray RawServerResponse = LoginServer.GetResponse();
-	Connection.SendBytes(RawServerResponse);
-}
-
-
-// cIUT <Y :LIFE INOT MAPIECES
-// THJIS IS MYLEAST REAPSPONTRE
-int main()
-{
-	Networking::TCPServer Server;
 
 	// Create an instance of the TCP server.
-	if(!Server.Start(3884))
-	{
-		printf("[FAIL] Failed to initialise server. (%08lx)\n", WSAGetLastError());
-		system("pause");
-		return 1;
-	}
+	Networking::TCPServer Server;
 
-	// Add a connection handler to the server.
-	Server += ConnectionHandler;
+	bool Result = Server.Start(SERVER_PORT);
 
-	// Accept incoming connections.
-	while(true)
+	if(Result)
 	{
-		Server.AcceptConnection();
+		for(;;)
+			Server.AcceptConnection();
 	}
 
-	return 0;
+	if(!Result)
+		printf("[FAIL] Failed to initialise server. (%08lx)\n", WSAGetLastError());
+
+	system("pause");
 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/Server.hpp b/csgo-loader/csgo-server/Server.hpp
new file mode 100644
index 0000000..5a5b3f6
--- /dev/null
+++ b/csgo-loader/csgo-server/Server.hpp
@@ -0,0 +1,34 @@
+#pragma once
+
+// NOTE:
+// THE FOLLOWING MACROS ARE USED ONLY IN SERVER.CPP
+// PLEASE UPDATE THEM ACCORDINGLY.
+#define SERVER_PORT 0xF2C      // Hexadecimal representation of the server port.
+
+// Core functionality
+#include <Networking/TCPServer.hpp>
+#include <Networking/WebSocket.hpp>
+
+// Loader functionality
+#include <Login/RemoteLogin.hpp>
+
+#include <RemoteCode/FileReader.hpp>
+#include <RemoteCode/RemoteInjectionServer.hpp>
+#include <RemoteCode/RemoteCodeServer.hpp>
+
+// It looked nasty in Server.cpp, so I'm putting it here.
+namespace Utils
+{
+	inline void OpenConsole()
+	{
+		// Create instance of console.
+		AllocConsole();
+
+		// Allow console to access output stream.
+		FILE *file;
+		freopen_s(&file, "CONOUT$", "w", stdout);
+
+		// :^)
+		SetConsoleTitleA("moneyserver $");
+	}
+}
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/csgo-server.vcxproj b/csgo-loader/csgo-server/csgo-server.vcxproj
index 71fe624..268a409 100644
--- a/csgo-loader/csgo-server/csgo-server.vcxproj
+++ b/csgo-loader/csgo-server/csgo-server.vcxproj
@@ -36,6 +36,8 @@
     <ClInclude Include="RemoteCode\RemoteCodeServer.hpp" />
     <ClInclude Include="RemoteCode\RemoteInjectionServer.hpp" />
     <ClInclude Include="Security\Encryption.hpp" />
+    <ClInclude Include="Security\FnvHash.hpp" />
+    <ClInclude Include="Server.hpp" />
   </ItemGroup>
   <PropertyGroup Label="Globals">
     <VCProjectVersion>15.0</VCProjectVersion>
@@ -118,6 +120,7 @@
     </ClCompile>
     <Link>
       <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
+      <SubSystem>Windows</SubSystem>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
@@ -148,6 +151,7 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
       <OptimizeReferences>true</OptimizeReferences>
       <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
+      <SubSystem>Windows</SubSystem>
     </Link>
   </ItemDefinitionGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
diff --git a/csgo-loader/csgo-server/csgo-server.vcxproj.filters b/csgo-loader/csgo-server/csgo-server.vcxproj.filters
index 0d915d3..0adf29a 100644
--- a/csgo-loader/csgo-server/csgo-server.vcxproj.filters
+++ b/csgo-loader/csgo-server/csgo-server.vcxproj.filters
@@ -32,10 +32,10 @@
       <Filter>RemoteCode</Filter>
     </ClCompile>
     <ClCompile Include="RemoteCode\RemoteCodeServer.cpp">
-      <Filter>Networking</Filter>
+      <Filter>RemoteCode</Filter>
     </ClCompile>
     <ClCompile Include="RemoteCode\RemoteInjectionServer.cpp">
-      <Filter>Networking</Filter>
+      <Filter>RemoteCode</Filter>
     </ClCompile>
   </ItemGroup>
   <ItemGroup>
@@ -55,10 +55,14 @@
       <Filter>RemoteCode</Filter>
     </ClInclude>
     <ClInclude Include="RemoteCode\RemoteCodeServer.hpp">
-      <Filter>Networking</Filter>
+      <Filter>RemoteCode</Filter>
     </ClInclude>
     <ClInclude Include="RemoteCode\RemoteInjectionServer.hpp">
-      <Filter>Networking</Filter>
+      <Filter>RemoteCode</Filter>
+    </ClInclude>
+    <ClInclude Include="Security\FnvHash.hpp">
+      <Filter>Security</Filter>
     </ClInclude>
+    <ClInclude Include="Server.hpp" />
   </ItemGroup>
 </Project>
\ No newline at end of file
-- 
cgit v1.2.3