diff options
| author | KittenPopo <Pokeberry123@gmail.com> | 2022-03-23 13:03:56 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-23 20:03:56 +0000 |
| commit | de7deafc7e6ba53deec8dd3c05d2ea5e7cf42264 (patch) | |
| tree | 5bc5c82c9b720adbf02cdaeb505f46b48a02178f /NorthstarDedicatedTest/serverauthentication.cpp | |
| parent | 5893c7700653e5f3d51c4f7eba7f6f25a2fe5be7 (diff) | |
| download | NorthstarLauncher-de7deafc7e6ba53deec8dd3c05d2ea5e7cf42264.tar.gz NorthstarLauncher-de7deafc7e6ba53deec8dd3c05d2ea5e7cf42264.zip | |
Implement KittenPopo exploit fixes (and sanity changes) (#112)
* Added main exploit fixes
* Fixed typo in sigscanning.cpp
* Fully implemented
* Added proper includes for new files
* Update README.md
* typo
* spare me my sanity (fixed ridiculous code)
* Added rest of KittenMemUtils
* Rename KittenMemUtils
* Removed all messy memory edits, implemented NSMem instead
* Update NorthstarDedicatedTest.vcxproj
* [1] Move everything from securitypatches to ExploitFixes
* [2] Move everything from securitypatches to ExploitFixes
* Fixed module offsets in stack trace
* Fixed UTF8 Parsing (Multiplayer Crash)
* Implemented UT8 fix
* Update NorthstarDedicatedTest.vcxproj
* Update hookutils.cpp
* Small fixes
* all my homies hate clang-format
* Temporarily restore README.md
Diffstat (limited to 'NorthstarDedicatedTest/serverauthentication.cpp')
| -rw-r--r-- | NorthstarDedicatedTest/serverauthentication.cpp | 49 |
1 files changed, 21 insertions, 28 deletions
diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp index 26352675..4581e4b6 100644 --- a/NorthstarDedicatedTest/serverauthentication.cpp +++ b/NorthstarDedicatedTest/serverauthentication.cpp @@ -14,6 +14,7 @@ #include <filesystem> #include <thread> #include "configurables.h" +#include "NSMem.h" const char* AUTHSERVER_VERIFY_STRING = "I am a northstar server!"; @@ -623,47 +624,39 @@ void InitialiseServerAuthentication(HMODULE baseAddress) CCommand__Tokenize = (CCommand__TokenizeType)((char*)baseAddress + 0x418380); + uintptr_t ba = (uintptr_t)baseAddress; + // patch to disable kicking based on incorrect serverfilter in connectclient, since we repurpose it for use as an auth token { - void* ptr = (char*)baseAddress + 0x114655; - TempReadWrite rw(ptr); - *((char*)ptr) = (char)0xEB; // jz => jmp + NSMem::BytePatch(ba + 0x114655, { + 0xEB // jz => jmp + }); } // patch to disable fairfight marking players as cheaters and kicking them { - void* ptr = (char*)baseAddress + 0x101012; - TempReadWrite rw(ptr); - *((char*)ptr) = (char)0xE9; // jz => jmp - *((char*)ptr + 1) = (char)0x90; - *((char*)ptr + 2) = (char)0x0; + NSMem::BytePatch(ba + 0x101012, { + 0xE9, // jz => jmp + 0x90, + 0x0 + }); } // patch to allow same of multiple account { - void* ptr = (char*)baseAddress + 0x114510; - TempReadWrite rw(ptr); - *((char*)ptr) = (char)0xEB; // jz => jmp + NSMem::BytePatch(ba + 0x114510, { + 0xEB, // jz => jmp + }); } // patch to set bWasWritingStringTableSuccessful in CNetworkStringTableContainer::WriteBaselines if it fails { - bool* writeAddress = (bool*)(&bWasWritingStringTableSuccessful - ((bool*)baseAddress + 0x234EDC)); - - void* ptr = (char*)baseAddress + 0x234ED2; - TempReadWrite rw(ptr); - *((char*)ptr) = (char)0xC7; - *((char*)ptr + 1) = (char)0x05; - *(int*)((char*)ptr + 2) = (int)writeAddress; - *((char*)ptr + 6) = (char)0x00; - *((char*)ptr + 7) = (char)0x00; - *((char*)ptr + 8) = (char)0x00; - *((char*)ptr + 9) = (char)0x00; - - *((char*)ptr + 10) = (char)0x90; - *((char*)ptr + 11) = (char)0x90; - *((char*)ptr + 12) = (char)0x90; - *((char*)ptr + 13) = (char)0x90; - *((char*)ptr + 14) = (char)0x90; + uintptr_t writeAddress = (uintptr_t)(&bWasWritingStringTableSuccessful - (ba + 0x234EDC)); + + auto addr = ba + 0x234ED2; + NSMem::BytePatch(addr, { 0xC7, 0x05 }); + NSMem::BytePatch(addr + 2, (BYTE*)&writeAddress, sizeof(writeAddress)); + NSMem::BytePatch(addr + 6, {0, 0, 0, 0}); + NSMem::NOP(addr + 10, 5); } } |