From 0bd42559b53e1a0d210b0542803d76d5f8803070 Mon Sep 17 00:00:00 2001 From: Barnaby <22575741+barnabwhy@users.noreply.github.com> Date: Fri, 13 May 2022 00:49:43 +0100 Subject: Compare uid from connect on activate (#175) * Compare UID from connect on activate * only set uid on first time i think --- NorthstarDedicatedTest/serverauthentication.cpp | 17 +++++++++++++++++ NorthstarDedicatedTest/serverauthentication.h | 4 +++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp index 19253fdb..b116c6e3 100644 --- a/NorthstarDedicatedTest/serverauthentication.cpp +++ b/NorthstarDedicatedTest/serverauthentication.cpp @@ -387,6 +387,8 @@ bool CBaseClient__ConnectHook(void* self, char* name, __int64 netchan_ptr_arg, c additionalData.usingLocalPdata = *((char*)self + 0x4a0) == (char)0x3; g_ServerAuthenticationManager->m_additionalPlayerData.insert(std::make_pair(self, additionalData)); + + g_ServerAuthenticationManager->m_additionalPlayerData[self].uid = nextPlayerUid; } return ret; @@ -394,6 +396,21 @@ bool CBaseClient__ConnectHook(void* self, char* name, __int64 netchan_ptr_arg, c void CBaseClient__ActivatePlayerHook(void* self) { + bool uidMatches = false; + if (g_ServerAuthenticationManager->m_additionalPlayerData.count(self)) + { + std::string strUid = std::to_string(g_ServerAuthenticationManager->m_additionalPlayerData[self].uid); + if (!strcmp(strUid.c_str(), (char*)self + 0xF500)) // connecting client's uid is the same as auth's uid + { + uidMatches = true; + } + } + if (!uidMatches) + { + CBaseClient__Disconnect(self, 1, "Authentication Failed"); + return; + } + // if we're authed, write our persistent data // RemovePlayerAuthData returns true if it removed successfully, i.e. on first call only, and we only want to write on >= second call // (since this func is called on map loads) diff --git a/NorthstarDedicatedTest/serverauthentication.h b/NorthstarDedicatedTest/serverauthentication.h index 41e771b8..e79577e6 100644 --- a/NorthstarDedicatedTest/serverauthentication.h +++ b/NorthstarDedicatedTest/serverauthentication.h @@ -28,6 +28,8 @@ struct AdditionalPlayerData double lastSayTextLimitStart = -1.0; int sayTextLimitCount = 0; + + uint64_t uid; }; #pragma once @@ -107,4 +109,4 @@ extern CBaseClient__DisconnectType CBaseClient__Disconnect; void InitialiseServerAuthentication(HMODULE baseAddress); extern ServerAuthenticationManager* g_ServerAuthenticationManager; -extern ConVar* Cvar_ns_player_auth_port; \ No newline at end of file +extern ConVar* Cvar_ns_player_auth_port; -- cgit v1.2.3 From 0c8994686185fe04e6a6748e5808df17aa9214a4 Mon Sep 17 00:00:00 2001 From: GeckoEidechse <40122905+GeckoEidechse@users.noreply.github.com> Date: Fri, 13 May 2022 01:50:20 +0200 Subject: Log UID in a variety of places during auth process (#174) * Log UID in a variety of places during auth process * Log UID in CBaseClient__ActivatePlayerHook --- NorthstarDedicatedTest/serverauthentication.cpp | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp index b116c6e3..f00f5129 100644 --- a/NorthstarDedicatedTest/serverauthentication.cpp +++ b/NorthstarDedicatedTest/serverauthentication.cpp @@ -129,6 +129,12 @@ void ServerAuthenticationManager::StartPlayerAuthServer() return; } + // Log playername and UID from request + spdlog::info( + "Player \"{}\" with UID \"{}\" requested to join", + request.get_param_value("username").c_str(), + request.get_param_value("id").c_str()); + AuthData newAuthData {}; strncpy(newAuthData.uid, request.get_param_value("id").c_str(), sizeof(newAuthData.uid)); newAuthData.uid[sizeof(newAuthData.uid) - 1] = 0; @@ -196,6 +202,9 @@ bool ServerAuthenticationManager::AuthenticatePlayer(void* player, int64_t uid, // use stored auth data AuthData authData = m_authData[authToken]; + // Log playnername and UID from request + spdlog::info("Comparing connecting UID \"{}\" against stored UID from ms auth reguest \"{}\"", strUid.c_str(), authData.uid); + if (!strcmp(strUid.c_str(), authData.uid)) // connecting client's uid is the same as auth's uid { authFail = false; @@ -280,6 +289,8 @@ bool ServerAuthenticationManager::RemovePlayerAuthData(void* player) { if (!strcmp((char*)player + 0xF500, auth.second.uid)) { + // Log UID + spdlog::info("Erasing auth data from UID \"{}\"", auth.second.uid); // pretty sure this is fine, since we don't iterate after the erase // i think if we iterated after it'd be undefined behaviour tho std::lock_guard guard(m_authDataMutex); @@ -352,6 +363,9 @@ void* CBaseServer__ConnectClientHook( nextPlayerToken = serverFilter; nextPlayerUid = uid; + // Random UID log + spdlog::info("CBaseServer__ConnectClientHook says UID \"{}\"", uid); + return CBaseServer__ConnectClient(server, a2, a3, a4, a5, a6, a7, a8, serverFilter, a10, a11, a12, a13, a14, uid, a16, a17); } @@ -364,6 +378,9 @@ bool CBaseClient__ConnectHook(void* self, char* name, __int64 netchan_ptr_arg, c // we connect irregardless of auth, because returning bad from this function can fuck client state p bad bool ret = CBaseClient__Connect(self, name, netchan_ptr_arg, b_fake_player_arg, a5, Buffer, a7); + // Another UID log + spdlog::info("CBaseClient__ConnectHook says UID \"{}\"", nextPlayerUid); + if (!ret) return ret; @@ -420,6 +437,8 @@ void CBaseClient__ActivatePlayerHook(void* self) g_ServerAuthenticationManager->WritePersistentData(self); g_MasterServerManager->UpdateServerPlayerCount(g_ServerAuthenticationManager->m_additionalPlayerData.size()); } + // Log UID + spdlog::info("In CBaseClient__ActivatePlayerHook, activating UID \"{}\"", (char*)self + 0xF500); CBaseClient__ActivatePlayer(self); } -- cgit v1.2.3 From d333eabc1bc7f8f29c3e5ccd13b62997235285c4 Mon Sep 17 00:00:00 2001 From: Emma Miler <27428383+emma-miler@users.noreply.github.com> Date: Fri, 13 May 2022 01:53:22 +0200 Subject: Block `emit` command when sv_cheats is disabled (#170) --- .../NorthstarDedicatedTest.vcxproj | 2 ++ .../NorthstarDedicatedTest.vcxproj.filters | 21 ++++++++++++----- NorthstarDedicatedTest/dllmain.cpp | 2 ++ NorthstarDedicatedTest/emit_blocker.cpp | 26 ++++++++++++++++++++++ NorthstarDedicatedTest/emit_blocker.h | 3 +++ 5 files changed, 48 insertions(+), 6 deletions(-) create mode 100644 NorthstarDedicatedTest/emit_blocker.cpp create mode 100644 NorthstarDedicatedTest/emit_blocker.h diff --git a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj index ea9ccbb3..cddbd3a7 100644 --- a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj +++ b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj @@ -117,6 +117,7 @@ + @@ -586,6 +587,7 @@ + diff --git a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters index da8f064e..8e429c9f 100644 --- a/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters +++ b/NorthstarDedicatedTest/NorthstarDedicatedTest.vcxproj.filters @@ -133,6 +133,9 @@ {b30e08b1-b962-4264-8cbb-a0a31924b93e} + + {7f609cee-d2c0-46a2-b06e-83b9f0511915} + @@ -1494,12 +1497,6 @@ Header Files\Client - - Source Files\Shared\Exploit Fixes - - - Source Files\Shared\Exploit Fixes - Source Files\Shared\Exploit Fixes\UTF8Parser @@ -1512,6 +1509,15 @@ Header Files + + Header Files\Shared\ExploitFixes + + + Header Files\Shared\ExploitFixes + + + Header Files\Shared\ExploitFixes + @@ -1679,6 +1685,9 @@ Source Files\Client + + Source Files\Shared\Exploit Fixes + diff --git a/NorthstarDedicatedTest/dllmain.cpp b/NorthstarDedicatedTest/dllmain.cpp index fc403e95..62094b4e 100644 --- a/NorthstarDedicatedTest/dllmain.cpp +++ b/NorthstarDedicatedTest/dllmain.cpp @@ -51,6 +51,7 @@ #include "rapidjson/writer.h" #include "rapidjson/error/en.h" #include "ExploitFixes.h" +#include "emit_blocker.h" typedef void (*initPluginFuncPtr)(void* getPluginObject); @@ -287,6 +288,7 @@ bool InitialiseNorthstar() // activate exploit fixes AddDllLoadCallback("server.dll", ExploitFixes::LoadCallback); + AddDllLoadCallback("server.dll", InitialiseServerEmit_Blocker); // run callbacks for any libraries that are already loaded by now CallAllPendingDLLLoadCallbacks(); diff --git a/NorthstarDedicatedTest/emit_blocker.cpp b/NorthstarDedicatedTest/emit_blocker.cpp new file mode 100644 index 00000000..3f996c69 --- /dev/null +++ b/NorthstarDedicatedTest/emit_blocker.cpp @@ -0,0 +1,26 @@ +#include "pch.h" +#include "cvar.h" + +ConVar* sv_cheats; + +typedef char(__fastcall* function_containing_emit_t)(uint64_t a1, uint64_t a2); +function_containing_emit_t function_containing_emit; + +char function_containing_emit_hook(uint64_t unknown_value, uint64_t command_ptr) +{ + char* command_string = *(char**)(command_ptr + 1040); // From decompile + if (!sv_cheats->m_Value.m_nValue && !strncmp(command_string, "emit", 5)) + { + spdlog::info("Blocking command \"emit\" because sv_cheats was 0"); + return 1; + } + return function_containing_emit(unknown_value, command_ptr); +} + +void InitialiseServerEmit_Blocker(HMODULE baseAddress) +{ + HookEnabler hook; + sv_cheats = g_pCVar->FindVar("sv_cheats"); + ENABLER_CREATEHOOK( + hook, (char*)baseAddress + 0x5889A0, &function_containing_emit_hook, reinterpret_cast(&function_containing_emit)); +} \ No newline at end of file diff --git a/NorthstarDedicatedTest/emit_blocker.h b/NorthstarDedicatedTest/emit_blocker.h new file mode 100644 index 00000000..43991927 --- /dev/null +++ b/NorthstarDedicatedTest/emit_blocker.h @@ -0,0 +1,3 @@ +#pragma once + +void InitialiseServerEmit_Blocker(HMODULE baseAddress); \ No newline at end of file -- cgit v1.2.3 From 25579c16ca530197a8246ad3812c220961c7daf0 Mon Sep 17 00:00:00 2001 From: BobTheBob <32057864+BobTheBob9@users.noreply.github.com> Date: Fri, 13 May 2022 00:55:47 +0100 Subject: Update serverauthentication.cpp (#161) --- NorthstarDedicatedTest/serverauthentication.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp index f00f5129..9a295f98 100644 --- a/NorthstarDedicatedTest/serverauthentication.cpp +++ b/NorthstarDedicatedTest/serverauthentication.cpp @@ -720,6 +720,7 @@ void InitialiseServerAuthentication(HMODULE baseAddress) } // patch to allow same of multiple account + if (CommandLine()->CheckParm("-allowdupeaccounts")) { NSMem::BytePatch( ba + 0x114510, -- cgit v1.2.3 From acedd15c538977a2b58a0ce4f5ba52a8584a9340 Mon Sep 17 00:00:00 2001 From: Barnaby <22575741+barnabwhy@users.noreply.github.com> Date: Fri, 13 May 2022 01:36:30 +0100 Subject: Fix typo in UID logs (#176) --- NorthstarDedicatedTest/serverauthentication.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp index 9a295f98..09ed41d3 100644 --- a/NorthstarDedicatedTest/serverauthentication.cpp +++ b/NorthstarDedicatedTest/serverauthentication.cpp @@ -203,7 +203,7 @@ bool ServerAuthenticationManager::AuthenticatePlayer(void* player, int64_t uid, AuthData authData = m_authData[authToken]; // Log playnername and UID from request - spdlog::info("Comparing connecting UID \"{}\" against stored UID from ms auth reguest \"{}\"", strUid.c_str(), authData.uid); + spdlog::info("Comparing connecting UID \"{}\" against stored UID from ms auth request \"{}\"", strUid.c_str(), authData.uid); if (!strcmp(strUid.c_str(), authData.uid)) // connecting client's uid is the same as auth's uid { -- cgit v1.2.3