diff options
| -rw-r--r-- | CMD/CMD.cpp | 227 | ||||
| -rw-r--r-- | CMD/CMD.vcxproj | 183 | ||||
| -rw-r--r-- | CMD/CMD.vcxproj.filters | 30 | ||||
| -rw-r--r-- | CMD/pch.cpp | 5 | ||||
| -rw-r--r-- | CMD/pch.h | 14 | ||||
| -rw-r--r-- | CSGO/CSGO.vcxproj | 1 | ||||
| -rw-r--r-- | Hunted/Hunted.cpp | 54 | ||||
| -rw-r--r-- | KMemDriver.sln | 10 |
8 files changed, 504 insertions, 20 deletions
diff --git a/CMD/CMD.cpp b/CMD/CMD.cpp new file mode 100644 index 0000000..580bc51 --- /dev/null +++ b/CMD/CMD.cpp @@ -0,0 +1,227 @@ +#include "pch.h" +#include "KMemDriver.h" +#include "KInterface.h" + +#include <iostream> +#include <iomanip> +#include <chrono> +#include <thread> +#include <windows.h> + +static BOOL running = false; +static const wchar_t *wName = L"Counter-Strike: Global Offensive"; + +typedef struct player_info_s +{ + __int64 unknown; //0x0000 + union + { + __int64 steamID64; //0x0008 - SteamID64 + struct + { + __int32 xuid_low; + __int32 xuid_high; + }; + }; + char szName[128]; //0x0010 - Player Name + int userId; //0x0090 - Unique Server Identifier + char szSteamID[20]; //0x0094 - STEAM_X:Y:Z + char pad_0x00A8[0x10]; //0x00A8 + unsigned long iSteamID; //0x00B8 - SteamID + char szFriendsName[128]; + bool fakeplayer; + bool ishltv; + unsigned int customfiles[4]; + unsigned char filesdownloaded; +} player_info_t; + + +static bool consoleHandler(int signal) { + if (signal == CTRL_C_EVENT) { + if (!running) + exit(EXIT_FAILURE); + running = false; + std::wcout << L"Waiting for graceful shutdown .." << std::endl; + } + return true; +} + +static BOOL CALLBACK enumWindowsProc(HWND hWnd, LPARAM lParam) +{ + int length = GetWindowTextLength(hWnd); + TCHAR* buffer; + buffer = new TCHAR[length + 1]; + memset(buffer, 0, (length + 1) * sizeof(TCHAR)); + GetWindowText(hWnd, buffer, length + 1); + //wprintf(L"Window: '%ls'\n", buffer); + if (!wcscmp(buffer, wName)) + *(HWND *)lParam = hWnd; + delete[] buffer; + return TRUE; +} + +int wmain(int argc, wchar_t **argv) +{ + HANDLE targetPID = 0; + PVOID buf; + HANDLE kevent; + HANDLE uevent; + + KInterface &ki = KInterface::getInstance(); + std::vector<MEMORY_BASIC_INFORMATION> pages; + std::vector<MODULE_DATA> modules; + + std::wcout << L"Waiting for window title: '" << wName << L"'" << std::endl; + + HWND targetHWND = NULL; + while (1) { + if (!EnumWindows(enumWindowsProc, (LPARAM)&targetHWND)) { + return 1; + } + if (targetHWND) { + std::wcout << L"Found window '" << wName << L"' with Handle 0x" + << std::hex << targetHWND << std::endl; + break; + } + Sleep(1000); + } + GetWindowThreadProcessId(targetHWND, (LPDWORD)&targetPID); + + SetConsoleCtrlHandler((PHANDLER_ROUTINE)consoleHandler, TRUE); + + if (!ki.Init()) { + std::wcout << L"Kernel Interface Init() failed" << std::endl; + return 1; + } + + try { + buf = ki.getBuffer(); + kevent = ki.getKHandle(); + uevent = ki.getUHandle(); + } + catch (std::runtime_error& err) { + std::wcout << err.what() << std::endl; + return 1; + } + + std::wcout << L"Buffer.: " << buf << std::endl; + std::wcout << L"KHandle: " << kevent << std::endl; + std::wcout << L"UHandle: " << uevent << std::endl; + + if (!ki.Handshake()) { + std::wcout << L"Kernel Interface Handshake() failed" << std::endl; + return 1; + } + + if (!ki.Modules(targetPID, modules)) + std::wcout << L"Kernel Interface Modules() failed with 0x" + << std::hex << ki.getLastNtStatus() << std::endl; + else std::wcout << L"Got " << std::dec << modules.size() << L" modules for pid 0x" + << std::hex << targetPID << std::endl; +#if 0 + if (!ki.Pages(targetPID, pages)) + std::wcout << L"Kernel Interface Pages() failed with 0x" + << std::hex << ki.getLastNtStatus() << std::endl; + else std::wcout << L"Got " << std::dec << pages.size() << L" mapped pages for pid 0x" + << std::hex << targetPID << std::endl; +#endif + + MODULE_DATA *engineDLL = NULL; + MODULE_DATA *clientDLL = NULL; + for (MODULE_DATA& md : modules) { + if (strncmp(md.BaseDllName, "engine.dll", sizeof md.BaseDllName) == 0) { + std::wcout << L"FOUND ENGINE DLL at " << std::hex << md.DllBase << "!!!" << std::endl; + engineDLL = &md; + } + if (strncmp(md.BaseDllName, "client_panorama.dll", sizeof md.BaseDllName) == 0) { + std::wcout << L"FOUND CLIENT DLL at " << std::hex << md.DllBase << "!!!" << std::endl; + clientDLL = &md; + } + } + + running = TRUE; + do { + if (engineDLL) { + /* unused */ + } + + if (clientDLL) { + DWORD dwLocalPlayer = 13580876; + PVOID localPlayerPtr = (PVOID)((ULONG_PTR)clientDLL->DllBase + dwLocalPlayer); + localPlayerPtr = (PVOID)((ULONG_PTR)KMemory::Rpm<DWORD>(targetPID, localPlayerPtr)); + std::wcout << L"localPlayerPtr..................: " << std::hex << localPlayerPtr << std::endl; + + DWORD dwEntityList = 80763620; + PVOID entityListPtr = (PVOID)((ULONG_PTR)clientDLL->DllBase + dwEntityList); + std::wcout << L"client_panorama.dll+dwEntityList: " << std::hex << entityListPtr << std::endl; + + for (size_t i = 0; i < 32; ++i) { + PVOID entityPtr = (PVOID)((ULONG_PTR)entityListPtr + (i * 0x10)); + try { + entityPtr = (PVOID)((ULONG_PTR)KMemory::Rpm<DWORD>(targetPID, entityPtr)); + if (!entityPtr) { + continue; + } + } + catch (std::runtime_error &) { + continue; + } + + DWORD dwHealth = 256; + PVOID healthPtr = (PVOID)((ULONG_PTR)entityPtr + dwHealth); + DWORD health; + try { + health = KMemory::Rpm<DWORD>(targetPID, healthPtr); + } + catch (std::runtime_error &) { + continue; + } + + std::wcout << L"entityPtr.......................: " << std::hex << entityPtr << " -> " << std::dec << health << std::endl; + + DWORD dwSpotted = 2365; + PVOID spottedPtr = (PVOID)((ULONG_PTR)entityPtr + dwSpotted); + DWORD spotted = KMemory::Rpm<DWORD>(targetPID, spottedPtr); + DWORD dwSpottedBy = 2432; + PVOID spottedByPtr = (PVOID)((ULONG_PTR)entityPtr + dwSpottedBy); + DWORD spottedBy = KMemory::Rpm<DWORD>(targetPID, spottedByPtr); + if (spotted) { + spotted = 0; + } + else { + spotted = 1; + spottedBy |= 0xFF; + KMemory::Wpm<DWORD>(targetPID, spottedByPtr, &spottedBy); + } + KMemory::Wpm<DWORD>(targetPID, spottedPtr, &spotted); + //std::wcout << L"Sp: " << spotted << std::endl; + } + + std::this_thread::sleep_for(std::chrono::microseconds(250000)); + } + else + + if (ki.RecvWait() == SRR_TIMEOUT) { + std::wcout << L"Ping -> "; + if (!ki.Ping()) { + std::wcout << L"Got no valid PONG, abort!" << std::endl; + running = FALSE; + } + else std::wcout << L"PONG!" << std::endl; + } + + if (!running) + break; + + try { + if (targetPID) { + } + } + catch (std::runtime_error& err) { + std::wcout << err.what() << std::endl; + } + } while (running); + + std::wcout << L"Driver shutdown .." << std::endl; + ki.Exit(); +}
\ No newline at end of file diff --git a/CMD/CMD.vcxproj b/CMD/CMD.vcxproj new file mode 100644 index 0000000..a9e5514 --- /dev/null +++ b/CMD/CMD.vcxproj @@ -0,0 +1,183 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <ItemGroup Label="ProjectConfigurations"> + <ProjectConfiguration Include="Debug|Win32"> + <Configuration>Debug</Configuration> + <Platform>Win32</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Release|Win32"> + <Configuration>Release</Configuration> + <Platform>Win32</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Debug|x64"> + <Configuration>Debug</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Release|x64"> + <Configuration>Release</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + </ItemGroup> + <PropertyGroup Label="Globals"> + <VCProjectVersion>15.0</VCProjectVersion> + <ProjectGuid>{231929F8-2FBF-45D9-91B8-AD835ED166A6}</ProjectGuid> + <Keyword>Win32Proj</Keyword> + <RootNamespace>CMD</RootNamespace> + <WindowsTargetPlatformVersion>10.0.17763.0</WindowsTargetPlatformVersion> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <WholeProgramOptimization>true</WholeProgramOptimization> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <CharacterSet>Unicode</CharacterSet> + <SpectreMitigation>false</SpectreMitigation> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <WholeProgramOptimization>true</WholeProgramOptimization> + <CharacterSet>Unicode</CharacterSet> + <SpectreMitigation>false</SpectreMitigation> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> + <ImportGroup Label="ExtensionSettings"> + </ImportGroup> + <ImportGroup Label="Shared"> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <PropertyGroup Label="UserMacros" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <LinkIncremental>true</LinkIncremental> + <TargetName>$(ProjectName)-kmem</TargetName> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <LinkIncremental>true</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <LinkIncremental>false</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <LinkIncremental>false</LinkIncremental> + <TargetName>$(ProjectName)-kmem</TargetName> + </PropertyGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>Disabled</Optimization> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary> + <AdditionalIncludeDirectories>$(SolutionDir)include</AdditionalIncludeDirectories> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + <AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\x64;$(OutputPath);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> + <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;MemDriverLib.lib;%(AdditionalDependencies)</AdditionalDependencies> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>Disabled</Optimization> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>MaxSpeed</Optimization> + <FunctionLevelLinking>true</FunctionLevelLinking> + <IntrinsicFunctions>true</IntrinsicFunctions> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <EnableCOMDATFolding>true</EnableCOMDATFolding> + <OptimizeReferences>true</OptimizeReferences> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>MaxSpeed</Optimization> + <FunctionLevelLinking>true</FunctionLevelLinking> + <IntrinsicFunctions>true</IntrinsicFunctions> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary> + <AdditionalIncludeDirectories>$(SolutionDir)include</AdditionalIncludeDirectories> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <EnableCOMDATFolding>true</EnableCOMDATFolding> + <OptimizeReferences>true</OptimizeReferences> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemGroup> + <ClInclude Include="pch.h" /> + </ItemGroup> + <ItemGroup> + <ClCompile Include="CMD.cpp" /> + <ClCompile Include="pch.cpp"> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader> + </ClCompile> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\MemDriverLib\MemDriverLib.vcxproj"> + <Project>{b6790a97-6995-46b6-ad73-ac5bc4ac76db}</Project> + </ProjectReference> + </ItemGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> + <ImportGroup Label="ExtensionTargets"> + </ImportGroup> +</Project>
\ No newline at end of file diff --git a/CMD/CMD.vcxproj.filters b/CMD/CMD.vcxproj.filters new file mode 100644 index 0000000..60b713e --- /dev/null +++ b/CMD/CMD.vcxproj.filters @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <ItemGroup> + <Filter Include="Source Files"> + <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier> + <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions> + </Filter> + <Filter Include="Header Files"> + <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier> + <Extensions>h;hh;hpp;hxx;hm;inl;inc;ipp;xsd</Extensions> + </Filter> + <Filter Include="Resource Files"> + <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier> + <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions> + </Filter> + </ItemGroup> + <ItemGroup> + <ClInclude Include="pch.h"> + <Filter>Header Files</Filter> + </ClInclude> + </ItemGroup> + <ItemGroup> + <ClCompile Include="pch.cpp"> + <Filter>Source Files</Filter> + </ClCompile> + <ClCompile Include="CMD.cpp"> + <Filter>Source Files</Filter> + </ClCompile> + </ItemGroup> +</Project>
\ No newline at end of file diff --git a/CMD/pch.cpp b/CMD/pch.cpp new file mode 100644 index 0000000..3a3d12b --- /dev/null +++ b/CMD/pch.cpp @@ -0,0 +1,5 @@ +// pch.cpp: source file corresponding to pre-compiled header; necessary for compilation to succeed + +#include "pch.h" + +// In general, ignore this file, but keep it around if you are using pre-compiled headers. diff --git a/CMD/pch.h b/CMD/pch.h new file mode 100644 index 0000000..b04e71e --- /dev/null +++ b/CMD/pch.h @@ -0,0 +1,14 @@ +// Tips for Getting Started: +// 1. Use the Solution Explorer window to add/manage files +// 2. Use the Team Explorer window to connect to source control +// 3. Use the Output window to see build output and other messages +// 4. Use the Error List window to view errors +// 5. Go to Project > Add New Item to create new code files, or Project > Add Existing Item to add existing code files to the project +// 6. In the future, to open this project again, go to File > Open > Project and select the .sln file + +#ifndef PCH_H +#define PCH_H + +// TODO: add headers that you want to pre-compile here + +#endif //PCH_H diff --git a/CSGO/CSGO.vcxproj b/CSGO/CSGO.vcxproj index d1dcef5..b25bf31 100644 --- a/CSGO/CSGO.vcxproj +++ b/CSGO/CSGO.vcxproj @@ -85,6 +85,7 @@ </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> <LinkIncremental>false</LinkIncremental> + <TargetName>$(ProjectName)-kmem</TargetName> </PropertyGroup> <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> <ClCompile> diff --git a/Hunted/Hunted.cpp b/Hunted/Hunted.cpp index 6e4ad3e..77c2d6b 100644 --- a/Hunted/Hunted.cpp +++ b/Hunted/Hunted.cpp @@ -138,6 +138,8 @@ int wmain(int argc, wchar_t **argv) sizeof md.BaseDllName)) { std::wcout << L"CrySystem.dll.......: 0x" << WHEXOUT << md.DllBase << std::endl; + UINT32 tmp = 0xDEADBEEF; + KMemory::Wpm<UINT32>(targetPID, (PVOID)((UINT64)md.DllBase + 0x563000), &tmp); } else if (!strncmp(md.BaseDllName, "CryEntitySystem.dll", @@ -292,6 +294,7 @@ class Vec3_tpl<float> size(12): std::wcout << L"m_maxUsedEntityIndex: 0x" << WHEXOUT << m_maxUsedEntityIndex << std::endl; UINT64 startOffsetMaxUsedEntities = (m_maxUsedEntityIndex < m_freeListStartIndex ? m_maxUsedEntityIndex : m_freeListStartIndex) * sizeof(PVOID); + startOffsetMaxUsedEntities -= 50 * sizeof(PVOID); std::array<PVOID, 1024> entities; if (KInterface::getInstance().RPM(targetPID, (PVOID)((UINT64)g_pEnv + 112 + 262140 + 12 + startOffsetMaxUsedEntities), (BYTE*)&entities, sizeof entities, NULL)) { for (PVOID ent : entities) { @@ -299,29 +302,40 @@ class Vec3_tpl<float> size(12): continue; } - const UINT64 additional_offset = 4; + const UINT64 additional_offset = 14; BYTE entity[412]; //std::cout << "Got Entity: " << std::hex << ent << ", "; if (KInterface::getInstance().RPM(targetPID, ent, (BYTE*)&entity[0], sizeof entity, NULL)) { - PVOID name_str = &entity[16]; - UINT32 id = *(UINT32 *)&entity[260]; - UINT32 flags = *(UINT32 *)&entity[268]; - UINT8 extended = *(UINT8 *)&entity[272]; - UINT16 keepAlive = *(UINT16 *)&entity[368]; - float pos_x = *(UINT16 *)&entity[274]; - float pos_y = *(UINT16 *)&entity[278]; - float pos_z = *(UINT16 *)&entity[282]; + PVOID name_str = &entity[16 + additional_offset]; + UINT32 id = *(UINT32 *)&entity[260 + additional_offset]; + UINT32 flags = *(UINT32 *)&entity[268 + additional_offset]; + UINT8 extended = *(UINT8 *)&entity[272 + additional_offset]; + UINT16 keepAlive = *(UINT16 *)&entity[368 + additional_offset]; + float pos_x = *(float *)&entity[274 + additional_offset]; + float pos_y = *(float *)&entity[278 + additional_offset]; + float pos_z = *(float *)&entity[282 + additional_offset]; + + if (keepAlive == 0 || id == 0) { + continue; + } //if ((flags & 0x2000 /* ENTITY_FLAG_HAS_AI */) == 0 && (flags & 0x8000 /* ENTITY_FLAG_CAMERA_SOURCE */) == 0) { +#if 0 std::cout << "Name Ptr: " << std::hex << name_str - << ", id: " << std::hex << id - << ", flags: " << std::hex << flags - //<< ", extended: " << std::hex << extended - //<< ", keepAlive: " << keepAlive - << ", pos_x: " << (float)pos_x << ", pos_y: " << (float)pos_y << ", pos_z: " << (float)pos_z + << ", id: " << std::setw(8) << std::hex << (UINT32)id + << ", flags: " << std::setw(8) << std::hex << (UINT32)flags + << ", extended: " << std::setw(8) << std::hex << (UINT32)extended + << ", keepAlive: " << std::setw(8) << std::hex << (UINT16)keepAlive + << ", pos_x: " << std::setw(8) << (float)pos_x + << ", pos_y: " << std::setw(8) << (float)pos_y + << ", pos_z: " << std::setw(8) << (float)pos_z << std::endl; +#endif //} + + printBuf(entity, sizeof entity, 32); + //break; } else std::wcerr << "Get Entity failed" << std::endl; } @@ -394,7 +408,7 @@ class Vec3_tpl<float> size(12): << L": "; printBuf((UCHAR *)((ULONG_PTR)(diff.current_buffer) + e.first), e.second, e.second); } - } + } #endif #if 0 #if 1 @@ -421,7 +435,7 @@ class Vec3_tpl<float> size(12): printf("\nGot %llu entities ..\n", i); #endif } - } + } #endif #endif } @@ -435,7 +449,7 @@ class Vec3_tpl<float> size(12): (PVOID)((ULONGLONG)md.DllBase + /* 0x19F0F0 */ 0x5EA9DC)); std::wcout << L"Display.........: " << std::dec << displayWidth << " x " << displayHeight << std::endl; - } + } #endif #if 0 else if (!strncmp(md.BaseDllName, "ntdll.dll", @@ -465,10 +479,10 @@ class Vec3_tpl<float> size(12): */ } } - } + } #endif - } -} + } + } } catch (std::runtime_error& err) { std::wcout << err.what() << std::endl; diff --git a/KMemDriver.sln b/KMemDriver.sln index 3f5b63f..576ad4f 100644 --- a/KMemDriver.sln +++ b/KMemDriver.sln @@ -16,6 +16,8 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MemDriverWeb", "MemDriverWe EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "CSGO", "CSGO\CSGO.vcxproj", "{65C081C2-3A90-470C-BF06-AFF2EEB00C25}" EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "CMD", "CMD\CMD.vcxproj", "{231929F8-2FBF-45D9-91B8-AD835ED166A6}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|x64 = Debug|x64 @@ -68,6 +70,14 @@ Global {65C081C2-3A90-470C-BF06-AFF2EEB00C25}.Release|x64.Build.0 = Release|x64 {65C081C2-3A90-470C-BF06-AFF2EEB00C25}.Release|x86.ActiveCfg = Release|Win32 {65C081C2-3A90-470C-BF06-AFF2EEB00C25}.Release|x86.Build.0 = Release|Win32 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Debug|x64.ActiveCfg = Debug|x64 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Debug|x64.Build.0 = Debug|x64 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Debug|x86.ActiveCfg = Debug|Win32 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Debug|x86.Build.0 = Debug|Win32 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Release|x64.ActiveCfg = Release|x64 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Release|x64.Build.0 = Release|x64 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Release|x86.ActiveCfg = Release|Win32 + {231929F8-2FBF-45D9-91B8-AD835ED166A6}.Release|x86.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE |