aboutsummaryrefslogtreecommitdiff
path: root/NorthstarDedicatedTest
diff options
context:
space:
mode:
Diffstat (limited to 'NorthstarDedicatedTest')
-rw-r--r--NorthstarDedicatedTest/ExploitFixes.cpp8
-rw-r--r--NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters3
-rw-r--r--NorthstarDedicatedTest/dedicated.cpp144
-rw-r--r--NorthstarDedicatedTest/dedicatedmaterialsystem.cpp8
-rw-r--r--NorthstarDedicatedTest/host.cpp3
-rw-r--r--NorthstarDedicatedTest/miscserverfixes.cpp8
-rw-r--r--NorthstarDedicatedTest/serverauthentication.cpp115
7 files changed, 113 insertions, 176 deletions
diff --git a/NorthstarDedicatedTest/ExploitFixes.cpp b/NorthstarDedicatedTest/ExploitFixes.cpp
index 3250f3b8..935e3f63 100644
--- a/NorthstarDedicatedTest/ExploitFixes.cpp
+++ b/NorthstarDedicatedTest/ExploitFixes.cpp
@@ -365,13 +365,6 @@ void DoBytePatches()
NSMem::BytePatch(engineBase + 0x4FB65, "EB 11");
NSMem::BytePatch(engineBase + 0x4FBAC, "EB 16");
- // disconnect concommand
- {
- uintptr_t addr = engineBase + 0x5ADA2D;
- int val = *(int*)addr | FCVAR_SERVER_CAN_EXECUTE;
- NSMem::BytePatch(addr, (BYTE*)&val, sizeof(int));
- }
-
{ // Dumb ANTITAMPER patches (they negatively impact performance and security)
constexpr const char* ANTITAMPER_EXPORTS[] = {
@@ -393,7 +386,6 @@ void DoBytePatches()
{
// Just return, none of them have any args or are userpurge
NSMem::BytePatch(address, "C3");
-
spdlog::info("Patched AntiTamper function export \"{}\"", exportName);
}
}
diff --git a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters
index cfd9c5ef..0dc606d2 100644
--- a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters
+++ b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters
@@ -139,6 +139,9 @@
<Filter Include="Source Files\Client\Scripted">
<UniqueIdentifier>{51910ba0-2ff8-461d-9f67-8d7907b57d22}</UniqueIdentifier>
</Filter>
+ <Filter Include="Source Files\Shared\Console">
+ <UniqueIdentifier>{04fd662a-6e70-494c-b720-c694a5cc2fb1}</UniqueIdentifier>
+ </Filter>
</ItemGroup>
<ItemGroup>
<ClInclude Include="pch.h">
diff --git a/NorthstarDedicatedTest/dedicated.cpp b/NorthstarDedicatedTest/dedicated.cpp
index 646439ab..280a9889 100644
--- a/NorthstarDedicatedTest/dedicated.cpp
+++ b/NorthstarDedicatedTest/dedicated.cpp
@@ -138,113 +138,79 @@ ON_DLL_LOAD_DEDI("engine.dll", DedicatedServer, [](HMODULE engineAddress)
uintptr_t ea = (uintptr_t)engineAddress;
- {
- // Host_Init
- // prevent a particle init that relies on client dll
- NSMem::NOP(ea + 0x156799, 5);
- }
+ // Host_Init
+ // prevent a particle init that relies on client dll
+ NSMem::NOP(ea + 0x156799, 5);
- {
- // Host_Init
- // don't call Key_Init to avoid loading some extra rsons from rpak (will be necessary to boot if we ever wanna disable rpaks entirely)
- NSMem::NOP(ea + 0x1565B0, 5);
- }
+ // Host_Init
+ // don't call Key_Init to avoid loading some extra rsons from rpak (will be necessary to boot if we ever wanna disable rpaks entirely)
+ NSMem::NOP(ea + 0x1565B0, 5);
- {
- // CModAppSystemGroup::Create
- // force the engine into dedicated mode by changing the first comparison to IsServerOnly to an assignment
- auto ptr = ea + 0x1C4EBD;
- // cmp => mov
- NSMem::BytePatch(ptr + 1, "C6 87");
+ // CModAppSystemGroup::Create
+ // force the engine into dedicated mode by changing the first comparison to IsServerOnly to an assignment
+ auto ptr = ea + 0x1C4EBD;
- // 00 => 01
- NSMem::BytePatch(ptr + 7, "01");
- }
+ // cmp => mov
+ NSMem::BytePatch(ptr + 1, "C6 87");
- {
- // Some init that i'm not sure of that crashes
- // nop the call to it
- NSMem::NOP(ea + 0x156A63, 5);
- }
+ // 00 => 01
+ NSMem::BytePatch(ptr + 7, "01");
- {
- // runframeserver
- // nop some access violations
- NSMem::NOP(ea + 0x159819, 17);
- }
+ // Some init that i'm not sure of that crashes
+ // nop the call to it
+ NSMem::NOP(ea + 0x156A63, 5);
- {
- NSMem::NOP(ea + 0x156B4C, 7);
+ // runframeserver
+ // nop some access violations
+ NSMem::NOP(ea + 0x159819, 17);
- // previously patched these, took me a couple weeks to figure out they were the issue
- // removing these will mess up register state when this function is over, so we'll write HS_RUN to the wrong address
- // so uhh, don't do that
- // NSMem::NOP(ea + 0x156B4C + 7, 8);
+ NSMem::NOP(ea + 0x156B4C, 7);
- NSMem::NOP(ea + 0x156B4C + 15, 9);
- }
+ // previously patched these, took me a couple weeks to figure out they were the issue
+ // removing these will mess up register state when this function is over, so we'll write HS_RUN to the wrong address
+ // so uhh, don't do that
+ // NSMem::NOP(ea + 0x156B4C + 7, 8);
- {
- // HostState_State_NewGame
- // nop an access violation
- NSMem::NOP(ea + 0xB934C, 9);
- }
+ NSMem::NOP(ea + 0x156B4C + 15, 9);
- {
- // CEngineAPI::Connect
- // remove call to Shader_Connect
- NSMem::NOP(ea + 0x1C4D7D, 5);
- }
+ // HostState_State_NewGame
+ // nop an access violation
+ NSMem::NOP(ea + 0xB934C, 9);
- // currently does not work, crashes stuff, likely gotta keep this here
- //{
- // // CEngineAPI::Connect
- // // remove calls to register ui rpak asset types
- // NSMem::NOP(ea + 0x1C4E07, 5);
- //}
+ // CEngineAPI::Connect
+ // remove call to Shader_Connect
+ NSMem::NOP(ea + 0x1C4D7D, 5);
- {
- // Host_Init
- // remove call to ui loading stuff
- NSMem::NOP(ea + 0x156595, 5);
- }
+ // Host_Init
+ // remove call to ui loading stuff
+ NSMem::NOP(ea + 0x156595, 5);
- {
- // some function that gets called from RunFrameServer
- // nop a function that makes requests to stryder, this will eventually access violation if left alone and isn't necessary anyway
- NSMem::NOP(ea + 0x15A0BB, 5);
- }
+ // some function that gets called from RunFrameServer
+ // nop a function that makes requests to stryder, this will eventually access violation if left alone and isn't necessary anyway
+ NSMem::NOP(ea + 0x15A0BB, 5);
- {
- // RunFrameServer
- // nop a function that access violations
- NSMem::NOP(ea + 0x159BF3, 5);
- }
+ // RunFrameServer
+ // nop a function that access violations
+ NSMem::NOP(ea + 0x159BF3, 5);
- {
- // func that checks if origin is inited
- // always return 1
- NSMem::BytePatch(
- ea + 0x183B70,
- {
- 0xB0,
- 0x01, // mov al,01
- 0xC3 // ret
- });
- }
+ // func that checks if origin is inited
+ // always return 1
+ NSMem::BytePatch(
+ ea + 0x183B70,
+ {
+ 0xB0,
+ 0x01, // mov al,01
+ 0xC3 // ret
+ });
- {
- // HostState_State_ChangeLevel
- // nop clientinterface call
- NSMem::NOP(ea + 0x1552ED, 16);
- }
+ // HostState_State_ChangeLevel
+ // nop clientinterface call
+ NSMem::NOP(ea + 0x1552ED, 16);
- {
- // HostState_State_ChangeLevel
- // nop clientinterface call
- NSMem::NOP(ea + 0x155363, 16);
- }
+ // HostState_State_ChangeLevel
+ // nop clientinterface call
+ NSMem::NOP(ea + 0x155363, 16);
// note: previously had DisableDedicatedWindowCreation patches here, but removing those rn since they're all shit and unstable and bad
// and such check commit history if any are needed for reimplementation
diff --git a/NorthstarDedicatedTest/dedicatedmaterialsystem.cpp b/NorthstarDedicatedTest/dedicatedmaterialsystem.cpp
index e83f9dfb..13416b08 100644
--- a/NorthstarDedicatedTest/dedicatedmaterialsystem.cpp
+++ b/NorthstarDedicatedTest/dedicatedmaterialsystem.cpp
@@ -76,11 +76,9 @@ ON_DLL_LOAD_DEDI("materialsystem_dx11.dll", DedicatedServerMaterialSystem, [](HM
// *ptr = (char)0xC3;
//}
- {
- // CMaterialSystem::FindMaterial
- // make the game always use the error material
- NSMem::BytePatch((uintptr_t)baseAddress + 0x5F0F1, {0xE9, 0x34, 0x03, 0x00});
- }
+ // CMaterialSystem::FindMaterial
+ // make the game always use the error material
+ NSMem::BytePatch((uintptr_t)baseAddress + 0x5F0F1, {0xE9, 0x34, 0x03, 0x00});
// previously had DisableDedicatedWindowCreation stuff here, removing for now since shit and unstable
// check commit history if needed
diff --git a/NorthstarDedicatedTest/host.cpp b/NorthstarDedicatedTest/host.cpp
index 6d57f585..5f56be4e 100644
--- a/NorthstarDedicatedTest/host.cpp
+++ b/NorthstarDedicatedTest/host.cpp
@@ -43,6 +43,9 @@ void Host_InitHook(bool bDedicated)
spdlog::info("Removed {} hidden/devonly cvar flags", iCvarsAltered);
+ // make servers able to run disconnect on clients
+ g_pCVar->FindCommand("disconnect")->m_nFlags |= FCVAR_SERVER_CAN_EXECUTE;
+
// run client autoexec if on client
if (!bDedicated)
Cbuf_AddText(Cbuf_GetCurrentPlayer(), "exec autoexec_ns_client", cmd_source_t::kCommandSrcCode);
diff --git a/NorthstarDedicatedTest/miscserverfixes.cpp b/NorthstarDedicatedTest/miscserverfixes.cpp
index 139ae0c0..2e646e84 100644
--- a/NorthstarDedicatedTest/miscserverfixes.cpp
+++ b/NorthstarDedicatedTest/miscserverfixes.cpp
@@ -10,13 +10,9 @@ ON_DLL_LOAD("server.dll", MiscServerFixes, [](HMODULE baseAddress)
uintptr_t ba = (uintptr_t)baseAddress;
// nop out call to VGUI shutdown since it crashes the game when quitting from the console
- {
- NSMem::NOP(ba + 0x154A96, 5);
- }
+ NSMem::NOP(ba + 0x154A96, 5);
// ret at the start of CServerGameClients::ClientCommandKeyValues as it has no benefit and is forwarded to client (i.e. security issue)
// this prevents the attack vector of client=>server=>client, however server=>client also has clientside patches
- {
- NSMem::BytePatch(ba + 0x153920, "C3");
- }
+ NSMem::BytePatch(ba + 0x153920, "C3");
}) \ No newline at end of file
diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp
index 9ac20653..a0902f4e 100644
--- a/NorthstarDedicatedTest/serverauthentication.cpp
+++ b/NorthstarDedicatedTest/serverauthentication.cpp
@@ -23,54 +23,6 @@ using namespace Tier0;
const char* AUTHSERVER_VERIFY_STRING = "I am a northstar server!";
-// hook types
-
-typedef void* (*CBaseServer__ConnectClientType)(
- void* server,
- void* a2,
- void* a3,
- uint32_t a4,
- uint32_t a5,
- int32_t a6,
- void* a7,
- void* a8,
- char* serverFilter,
- void* a10,
- char a11,
- void* a12,
- char a13,
- char a14,
- int64_t uid,
- uint32_t a16,
- uint32_t a17);
-CBaseServer__ConnectClientType CBaseServer__ConnectClient;
-
-typedef bool (*CBaseClient__ConnectType)(
- void* self, char* name, __int64 netchan_ptr_arg, char b_fake_player_arg, __int64 a5, char* Buffer, void* a7);
-CBaseClient__ConnectType CBaseClient__Connect;
-
-typedef void (*CBaseClient__ActivatePlayerType)(void* self);
-CBaseClient__ActivatePlayerType CBaseClient__ActivatePlayer;
-
-CBaseClient__DisconnectType CBaseClient__Disconnect;
-
-typedef char (*CGameClient__ExecuteStringCommandType)(void* self, uint32_t unknown, const char* pCommandString);
-CGameClient__ExecuteStringCommandType CGameClient__ExecuteStringCommand;
-
-typedef char (*__fastcall CNetChan___ProcessMessagesType)(void* self, void* buf);
-CNetChan___ProcessMessagesType CNetChan___ProcessMessages;
-
-typedef char (*CBaseClient__SendServerInfoType)(void* self);
-CBaseClient__SendServerInfoType CBaseClient__SendServerInfo;
-
-typedef bool (*ProcessConnectionlessPacketType)(void* a1, netpacket_t* packet);
-ProcessConnectionlessPacketType ProcessConnectionlessPacket;
-
-typedef void (*CServerGameDLL__OnReceivedSayTextMessageType)(void* self, unsigned int senderClientIndex, const char* message, char unknown);
-CServerGameDLL__OnReceivedSayTextMessageType CServerGameDLL__OnReceivedSayTextMessage;
-
-typedef void (*ConCommand__DispatchType)(ConCommand* command, const CCommand& args, void* a3);
-ConCommand__DispatchType ConCommand__Dispatch;
// global vars
ServerAuthenticationManager* g_ServerAuthenticationManager;
@@ -334,6 +286,25 @@ bool ServerAuthenticationManager::CheckPlayerChatRatelimit(void* player)
char* nextPlayerToken;
uint64_t nextPlayerUid;
+typedef void* (*CBaseServer__ConnectClientType)(
+ void* server,
+ void* a2,
+ void* a3,
+ uint32_t a4,
+ uint32_t a5,
+ int32_t a6,
+ void* a7,
+ void* a8,
+ char* serverFilter,
+ void* a10,
+ char a11,
+ void* a12,
+ char a13,
+ char a14,
+ int64_t uid,
+ uint32_t a16,
+ uint32_t a17);
+CBaseServer__ConnectClientType CBaseServer__ConnectClient;
void* CBaseServer__ConnectClientHook(
void* server,
void* a2,
@@ -360,6 +331,9 @@ void* CBaseServer__ConnectClientHook(
return CBaseServer__ConnectClient(server, a2, a3, a4, a5, a6, a7, a8, serverFilter, a10, a11, a12, a13, a14, uid, a16, a17);
}
+typedef bool (*CBaseClient__ConnectType)(
+ void* self, char* name, __int64 netchan_ptr_arg, char b_fake_player_arg, __int64 a5, char* Buffer, void* a7);
+CBaseClient__ConnectType CBaseClient__Connect;
bool CBaseClient__ConnectHook(void* self, char* name, __int64 netchan_ptr_arg, char b_fake_player_arg, __int64 a5, char* Buffer, void* a7)
{
// try changing name before all else
@@ -397,6 +371,8 @@ bool CBaseClient__ConnectHook(void* self, char* name, __int64 netchan_ptr_arg, c
return ret;
}
+typedef void (*CBaseClient__ActivatePlayerType)(void* self);
+CBaseClient__ActivatePlayerType CBaseClient__ActivatePlayer;
void CBaseClient__ActivatePlayerHook(void* self)
{
// if we're authed, write our persistent data
@@ -412,6 +388,7 @@ void CBaseClient__ActivatePlayerHook(void* self)
CBaseClient__ActivatePlayer(self);
}
+CBaseClient__DisconnectType CBaseClient__Disconnect;
void CBaseClient__DisconnectHook(void* self, uint32_t unknownButAlways1, const char* reason, ...)
{
// have to manually format message because can't pass varargs to original func
@@ -446,6 +423,8 @@ void CBaseClient__DisconnectHook(void* self, uint32_t unknownButAlways1, const c
typedef bool (*CCommand__TokenizeType)(CCommand& self, const char* pCommandString, cmd_source_t commandSource);
CCommand__TokenizeType CCommand__Tokenize;
+typedef char (*CGameClient__ExecuteStringCommandType)(void* self, uint32_t unknown, const char* pCommandString);
+CGameClient__ExecuteStringCommandType CGameClient__ExecuteStringCommand;
char CGameClient__ExecuteStringCommandHook(void* self, uint32_t unknown, const char* pCommandString)
{
if (CVar_sv_quota_stringcmdspersecond->GetInt() != -1)
@@ -494,6 +473,8 @@ char CGameClient__ExecuteStringCommandHook(void* self, uint32_t unknown, const c
return CGameClient__ExecuteStringCommand(self, unknown, pCommandString);
}
+typedef char (*__fastcall CNetChan___ProcessMessagesType)(void* self, void* buf);
+CNetChan___ProcessMessagesType CNetChan___ProcessMessages;
char __fastcall CNetChan___ProcessMessagesHook(void* self, void* buf)
{
double startTime = Plat_FloatTime();
@@ -543,6 +524,8 @@ char __fastcall CNetChan___ProcessMessagesHook(void* self, void* buf)
bool bWasWritingStringTableSuccessful;
+typedef char (*CBaseClient__SendServerInfoType)(void* self);
+CBaseClient__SendServerInfoType CBaseClient__SendServerInfo;
void CBaseClient__SendServerInfoHook(void* self)
{
bWasWritingStringTableSuccessful = true;
@@ -552,6 +535,8 @@ void CBaseClient__SendServerInfoHook(void* self)
self, 1, "Overflowed CNetworkStringTableContainer::WriteBaselines, try restarting your client and reconnecting");
}
+typedef bool (*ProcessConnectionlessPacketType)(void* a1, netpacket_t* packet);
+ProcessConnectionlessPacketType ProcessConnectionlessPacket;
bool ProcessConnectionlessPacketHook(void* a1, netpacket_t* packet)
{
if (packet->adr.type == NA_IP &&
@@ -674,28 +659,22 @@ ON_DLL_LOAD_RELIESON("engine.dll", ServerAuthentication, ConCommand, [](HMODULE
uintptr_t ba = (uintptr_t)baseAddress;
// patch to disable kicking based on incorrect serverfilter in connectclient, since we repurpose it for use as an auth token
- {
- NSMem::BytePatch(
- ba + 0x114655,
- "EB" // jz => jmp
- );
- }
-
+ NSMem::BytePatch(
+ ba + 0x114655,
+ "EB" // jz => jmp
+ );
+
// patch to disable fairfight marking players as cheaters and kicking them
- {
- NSMem::BytePatch(
- ba + 0x101012,
- "E9 90 00" // jz => jmp
- );
- }
-
+ NSMem::BytePatch(
+ ba + 0x101012,
+ "E9 90 00" // jz => jmp
+ );
+
// patch to allow same of multiple account
- {
- NSMem::BytePatch(
- ba + 0x114510,
- "EB" // jz => jmp
- );
- }
+ NSMem::BytePatch(
+ ba + 0x114510,
+ "EB" // jz => jmp
+ );
// patch to set bWasWritingStringTableSuccessful in CNetworkStringTableContainer::WriteBaselines if it fails
{