API tools faq
paste
Guest User

cw pizda materina

a guest
Aug 13th, 2021
1,019
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 7.91 KB | None | 0 0
raw download clone embed print report
  1. #include "stdafx.h"
  2. #include "types.h"
  3.  
  4. #define _PRINT_DEBUG
  5.  
  6. BOOL g_running = TRUE;
  7.  
  8. std::once_flag g_flag;
  9.  
  10. using DWGetLogonStatus_t = int (*)(int);
  11.  
  12. using MoveResponseToInventory_t = bool(__fastcall*)(LPVOID, int);
  13.  
  14. extern void Log_(const char* fmt, ...);
  15. #define LOG(fmt, ...) Log_(xorstr_(fmt), ##__VA_ARGS__)
  16.  
  17. #define LOG_ADDR(var_name)                                      \
  18.         LOG(#var_name ": 0x%llX (0x%llX)", var_name, var_name > base ? var_name - base : 0);   
  19.  
  20. #define INRANGE(x,a,b)  (x >= a && x <= b)
  21. #define getBits( x )    (INRANGE((x&(~0x20)),'A','F') ? ((x&(~0x20)) - 'A' + 0xa) : (INRANGE(x,'0','9') ? x - '0' : 0))
  22. #define getByte( x )    (getBits(x[0]) << 4 | getBits(x[1]))
  23.  
  24. void Log_(const char* fmt, ...) {
  25.     char        text[4096];
  26.     va_list     ap;
  27.     va_start(ap, fmt);
  28.     vsprintf_s(text, fmt, ap);
  29.     va_end(ap);
  30.  
  31.     std::ofstream logfile(xorstr_("log.txt"), std::ios::app);
  32.     if (logfile.is_open() && text)  logfile << text << std::endl;
  33.     logfile.close();
  34. }
  35.  
  36. __int64 find_pattern(__int64 range_start, __int64 range_end, const char* pattern) {
  37.     const char* pat = pattern;
  38.     __int64 firstMatch = NULL;
  39.     __int64 pCur = range_start;
  40.     __int64 region_end;
  41.     MEMORY_BASIC_INFORMATION mbi{};
  42.     while (sizeof(mbi) == VirtualQuery((LPCVOID)pCur, &mbi, sizeof(mbi))) {
  43.         if (pCur >= range_end - strlen(pattern))
  44.             break;
  45.         if (!(mbi.Protect & (PAGE_EXECUTE_READ | PAGE_EXECUTE_READWRITE | PAGE_READWRITE))) {
  46.             pCur += mbi.RegionSize;
  47.             continue;
  48.         }
  49.         region_end = pCur + mbi.RegionSize;
  50.         while (pCur < region_end)
  51.         {
  52.             if (!*pat)
  53.                 return firstMatch;
  54.             if (*(PBYTE)pat == '\?' || *(BYTE*)pCur == getByte(pat)) {
  55.                 if (!firstMatch)
  56.                     firstMatch = pCur;
  57.                 if (!pat[1] || !pat[2])
  58.                     return firstMatch;
  59.  
  60.                 if (*(PWORD)pat == '\?\?' || *(PBYTE)pat != '\?')
  61.                     pat += 3;
  62.                 else
  63.                     pat += 2;
  64.             }
  65.             else {
  66.                 if (firstMatch)
  67.                     pCur = firstMatch;
  68.                 pat = pattern;
  69.                 firstMatch = 0;
  70.             }
  71.             pCur++;
  72.         }
  73.     }
  74.     return NULL;
  75. }
  76.  
  77. namespace game {
  78.  
  79.     __int64 base;
  80.     __int64 lootBase;
  81.     __int64 fpGetLogonStatus;
  82.     __int64 fpMoveResponseToInventory;
  83.     __int64 fpFindStringtable;
  84.     __int64 fpStringtableGetColumnValueForRow;
  85.  
  86.     bool init() {
  87.  
  88.         base = (__int64)GetModuleHandle(NULL);
  89.         return true;
  90.     }
  91.  
  92.     bool find_sigs() {
  93.  
  94.         MODULEINFO moduleInfo;
  95.         if (!GetModuleInformation((HANDLE)-1, GetModuleHandle(NULL), &moduleInfo, sizeof(MODULEINFO)) || !moduleInfo.lpBaseOfDll) {
  96.             LOG("Couldnt GetModuleInformation");
  97.             return NULL;
  98.         }
  99.         LOG("Base: 0x%llx", moduleInfo.lpBaseOfDll);
  100.         LOG("Size: 0x%llx", moduleInfo.SizeOfImage);
  101.  
  102.         __int64 searchStart = (__int64)moduleInfo.lpBaseOfDll;
  103.         __int64 searchEnd = (__int64)moduleInfo.lpBaseOfDll + moduleInfo.SizeOfImage;
  104.  
  105.         bool result = true;
  106.  
  107.         auto resolve_jmp = [](__int64 addr) -> __int64 {
  108.             return *(int*)(addr + 1) + addr + 5;
  109.         };
  110.  
  111.         auto resolve_lea = [](__int64 addr) -> __int64 {
  112.             return *(int*)(addr + 3) + addr + 7;
  113.         };
  114.  
  115.         LOG_ADDR(fpGetLogonStatus =
  116.             find_pattern(searchStart, searchEnd, xorstr_("40 53 48 83 EC 20 48 63 C1 BA")));
  117.  
  118.         LOG_ADDR(fpFindStringtable = resolve_jmp(
  119.                 find_pattern(searchStart, searchEnd, xorstr_("E8 ? ? ? ? 48 8D 15 ? ? ? ? 8D 4B 36"))));
  120.  
  121.         LOG_ADDR(fpStringtableGetColumnValueForRow = resolve_jmp(
  122.                 find_pattern(searchStart, searchEnd, xorstr_("E8 ? ? ? ? 33 D2 48 8B C8 44 8D 42 16"))));
  123.  
  124.         LOG_ADDR(fpMoveResponseToInventory =
  125.                 find_pattern(searchStart, searchEnd, xorstr_("40 53 55 56 57 41 55 41 56 48 83 EC 28 4C")));
  126.  
  127.  
  128.         LOG_ADDR(lootBase = resolve_lea(fpMoveResponseToInventory + 17));
  129.  
  130.         return result;
  131.     }
  132.  
  133.     static void FindStringTable(const char* name, StringTable** table) {
  134.  
  135.         reinterpret_cast<void(__cdecl*)(const char*, StringTable**)>(fpFindStringtable)(name, table);
  136.     }
  137.  
  138.     static char* StringTable_GetColumnValueForRow(void* stringTable, int row, int column) {
  139.  
  140.         return reinterpret_cast<char* (__cdecl*)(void*, int, int)>(fpStringtableGetColumnValueForRow)(stringTable, row, column);
  141.     }
  142. }
  143.  
  144. MoveResponseToInventory_t fpMoveResponseOrig = NULL;
  145.  
  146. LPCSTR cwWeapons[]{
  147.     "weapon", // DLC Weapons and blueprints
  148.     "feature", // Unlock loadout option for acc lvl 1
  149.     "attachment", // attachment for CW Weapons
  150.     // Camos CW
  151.     "iw8_sn_t9standard_camos",
  152.     "iw8_sn_t9quickscope_camos",
  153.     "iw8_sn_t9precisionsemi_camos",
  154.     "iw8_sn_t9powersemi_camos",
  155.     "iw8_sn_t9damagesemi_camos",
  156.     "iw8_sn_t9crossbow_camos",
  157.     "iw8_sn_t9cannon_camos",
  158.     "iw8_sn_t9accurate_camos",
  159.     "iw8_sm_t9standard_camos",
  160.     "iw8_sm_t9spray_camos",
  161.     "iw8_sm_t9powerburst_camos",
  162.     "iw8_sm_t9nailgun_camos",
  163.     "iw8_sm_t9heavy_camos",
  164.     "iw8_sm_t9handling_camos",
  165.     "iw8_sm_t9fastfire_camos",
  166.     "iw8_sm_t9cqb_camos",
  167.     "iw8_sm_t9capacity_camos",
  168.     "iw8_sm_t9burst_camos",
  169.     "iw8_sm_t9accurate_camos",
  170.     "iw8_sh_t9semiauto_camos",
  171.     "iw8_sh_t9pump_camos",
  172.     "iw8_sh_t9fullauto_camos",
  173.     "iw8_pi_t9semiauto_camos",
  174.     "iw8_pi_t9revolver_camos",
  175.     "iw8_pi_t9fullauto_camos",
  176.     "iw8_pi_t9burst_camos",
  177.     "iw8_lm_t9slowfire_camos",
  178.     //New weapons
  179.     "iw8_sm_t9semiauto_camos",
  180.     "iw8_ar_t9british_camos",
  181.     //------
  182.     "iw8_lm_t9light_camos",
  183.     "iw8_lm_t9fastfire_camos",
  184.     "iw8_lm_t9accurate_camos",
  185.     "iw8_me_t9wakizashi_camos",
  186.     "iw8_me_t9sledgehammer_camos",
  187.     "iw8_me_t9machete_camos",
  188.     "iw8_me_t9loadout_camos",
  189.     "iw8_me_t9etool_camos",
  190.     "iw8_me_t9bat_camos",
  191.     "iw8_me_t9ballisticknife_camos",
  192.     "iw8_la_t9standard_camos",
  193.     "iw8_la_t9launcher_camos",
  194.     "iw8_la_t9freefire_camos",
  195.     "iw8_ar_t9standard_camos",
  196.     "iw8_ar_t9slowhandling_camos",
  197.     "iw8_ar_t9slowfire_camos",
  198.     "iw8_ar_t9mobility_camos",
  199.     "iw8_ar_t9longburst_camos",
  200.     "iw8_ar_t9fasthandling_camos",
  201.     "iw8_ar_t9fastfire_camos",
  202.     "iw8_ar_t9fastburst_camos",
  203.     "iw8_ar_t9damage_camos",
  204.     "iw8_ar_t9accurate_camos"
  205.  
  206. };
  207. bool __fastcall MoveResponseToInventory_Hooked(LPVOID a1, int a2) {
  208.  
  209.     fpMoveResponseOrig(a1, a2);
  210.  
  211.     auto pLootBase = game::lootBase;// signature 48 8D 0D ? ? ? ? 48 8D 44 24 ? C7 44 (LEA rcx, pLootBase)
  212.  
  213.     auto pInventory = (LootItem*)((uintptr_t)pLootBase + 64);
  214.  
  215.     auto pNumItems = (uint32_t*)((uintptr_t)pLootBase + 240064);
  216.  
  217.     int curCount = *pNumItems;
  218.  
  219.     auto updateOrAddItem = [&](int itemId, int quantity) {
  220.  
  221.         bool bFound = false;
  222.  
  223.         for (int i = 0; i < 30000; i++) {
  224.             if (pInventory[i].m_itemId == itemId && pInventory[i].m_itemQuantity < 1) {
  225.                 pInventory[i].m_itemQuantity++;
  226.                 bFound = true;
  227.                 break;
  228.             }
  229.         }
  230.  
  231.         if (!bFound) {
  232.             pInventory[curCount].m_itemId = itemId;
  233.             pInventory[curCount].m_itemQuantity = 1;
  234.  
  235.             curCount++;
  236.             (*pNumItems)++;
  237.  
  238.             *(BYTE*)((uintptr_t)pLootBase + 240072) = 0;
  239.         }
  240.     }; 
  241.  
  242.     char buf[1024];
  243.  
  244.     for (int i = 0; i < ARRAYSIZE(cwWeapons); i++)
  245.     {
  246.         sprintf_s(buf, "loot/%s_ids.csv", cwWeapons[i]);
  247.  
  248.         StringTable* string_table = nullptr;
  249.  
  250.         game::FindStringTable(buf, &string_table);
  251.  
  252.         for (int s = 0; s < string_table->rowCount; s++) {
  253.  
  254.             updateOrAddItem(atoi(game::StringTable_GetColumnValueForRow(string_table, s, 0)), 1);
  255.         }
  256.  
  257.     }
  258.     MH_RemoveHook((LPVOID)game::fpMoveResponseToInventory);
  259.  
  260.     return false;
  261. }
  262.  
  263. void on_attach() {
  264.  
  265.     game::init();
  266.  
  267.     if (!game::find_sigs())
  268.         return;
  269. }
  270.  
  271. void on_detach() {
  272.  
  273.     g_running = FALSE;
  274. }
  275.  
  276. DWORD WINAPI thread_proc(LPVOID) {
  277.  
  278.     std::call_once(g_flag, on_attach);
  279.  
  280.     while (((DWGetLogonStatus_t)game::fpGetLogonStatus)(0) != 2)
  281.     {
  282.         std::this_thread::sleep_for(
  283.             std::chrono::milliseconds(0));
  284.     }
  285.  
  286.     if (MH_Initialize() != MH_OK)
  287.         return ERROR_API_UNAVAILABLE;
  288.  
  289.     if (MH_CreateHook((LPVOID)game::fpMoveResponseToInventory, MoveResponseToInventory_Hooked,
  290.         reinterpret_cast<LPVOID*>(&fpMoveResponseOrig)) == MH_OK) {
  291.  
  292.         MH_EnableHook((LPVOID)game::fpMoveResponseToInventory);
  293.     }
  294.  
  295.     return ERROR_SUCCESS;
  296. }
  297.  
  298. BOOL APIENTRY DllMain(HMODULE hModule,
  299.     DWORD  ul_reason_for_call,
  300.     LPVOID lpReserved) {
  301.  
  302.     switch (ul_reason_for_call) {
  303.     case DLL_PROCESS_ATTACH: {
  304.  
  305.         I_beginthreadex(0, 0, (_beginthreadex_proc_type)thread_proc, 0, 0, 0);
  306.     }
  307.                            break;
  308.     case DLL_PROCESS_DETACH:
  309.         on_detach();
  310.         break;
  311.     }
  312.     return TRUE;
  313. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!