From 0c194bc8046cb3ecb4e4d0577f36a1d3bde58d11 Mon Sep 17 00:00:00 2001 From: boris Date: Thu, 27 Dec 2018 22:42:05 +1300 Subject: bap --- csgo-loader/to-do list.txt | 118 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100644 csgo-loader/to-do list.txt (limited to 'csgo-loader/to-do list.txt') diff --git a/csgo-loader/to-do list.txt b/csgo-loader/to-do list.txt new file mode 100644 index 0000000..00f05ef --- /dev/null +++ b/csgo-loader/to-do list.txt @@ -0,0 +1,118 @@ +// todo: +// add .text hash checking, DbgUiRemoteBreakIn, DbgBreakPoint hooks +// hook recv/send on server, check if return address is valid +// (also check commonly abused functions for hooks) +// make release mode use themida macros :^) +SecurityWrapper +{ + Start( ) // Dispatch security thread to periodically check for blacklisted processes. + Patch( ) // Bytepatch often abused functions to call ExitProcess directly. + Check( ) // Check if dummy functions have been bytepatched (OpenProcess, WriteProcessMemory, VirtualQuery) +} + +// todo: +// make shellcode jump out to custom address (pass cheat header to it) +// cheat itself will be invoked via TLS callback +RemoteCodeClient { } +RemoteCodeServer { } + + +// todo: +// get this finished off tomorrow along with HWID +RemoteInjectionServer +{ + // Receive hash of selected cheat. + // Reply with size of image to allocate. + ByteArray Start( ByteArray &Response ) + + // Receive client header, send over list of imported functions + ByteArray TransactionStart( ByteArray &Response ) + + // Receive list of modules & export addresses + ByteArray TransactionContinue +} + +RemoteInjectionClient +{ + // Select process name, prepare list of modules to load + // Send the hash of the cheat we want to load to server. + ByteArray Start( ) + + // Wait for the process to be ready, with optional timeout. + bool WaitForTransactionStart( uint32_t Timeout = UINT_MAX ) + + // Receive size of image to allocate, response is the client header. + ByteArray TransactionStart( ByteArray &Response ) + + // Receive list of imported functions to the requested DLL. + // Send over list of modules and their addresses to server + ByteArray TransactionContinue( ByteArray &Response ) + + // Receive final module to allocate. + // Write the file to the process. + bool TransactionCommit( ByteArray &Response ) + + RemoteServerHeader GetExecutionHeader() +} + +// this section will be posted on forums: +[000F:xxxxxxxx] +The following error code indicates a critical loader failure. +Please ensure that Windows Firewall is allowing the loader to communicate over the Internet, +the Operating System you're using is supported and that no anti-virus software is blocking the loader. + +[000F:00001A00] +[000F:00001B00] +Your operating system is not supported. + +Only 64-bit versions of Windows 8, 8.1 and 10 are officially supported by the loader. + +[000F:00002A00] +There was an issue connecting to the loader backend. + +This could be due to numerous reasons, most usually it would be Windows Firewall blocking the client. + +[000F:00002B00] +The server decided to drop your connection. + +Please make sure you are not running any blacklisted programs. + +[00DF:xxxxxxxx] +There was an error with accessing a process. + +Please make sure that anti-virus software is not blocking the loader. + +[00DF:00001C00] +[00DF:00002C00] +The integrity check on the process has failed. + +Please make sure that the copy of the game is up to date and that you are not running any software +that could be tampering with the game's execution flow. + +[000A:xxxxxxxx] +The following error indicated that your client is either corrupted or outdated. +The error might appear if the loader is undergoing maintenance. + +If the problem persists, please download the latest version from here. + +[0005:xxxxxxxx] +The server does not recognize your subscription as valid. + +This could be due to numerous factors including: + - You do not have a subscription. + - You have attempted to tamper with the loader. + - Your machine is infected with malware that triggered a loader integrity check. + - You have another account on the same IP address/hardware ID. + +To trouble-shoot this issue, try changing your password on the forums to force a database update. + +If the issue persists, contact an administator. + +[000C:xxxxxxxx] +The server does not recognize your credentials as valid. + +To trouble-shoot this issue, please take note of the following: + - CAPS LOCK is not parsed as valid input by the loader. + - Pressing TAB will insert a character into the text input field. + +If the issue persists, contact an administrator. \ No newline at end of file -- cgit v1.2.3