nullworks/cathook
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Attach ingame maybe?

Browse Source
This commit is contained in:
TotallyNotElite 2018-12-21 22:07:00 +01:00
parent 4008103b7c
commit 540ca96b9a
11 changed files with 125 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
attach
View File

@ -5,17 +5,17 @@ line=$(pidof hl2_linux)
arr=($line) arr=($line)
inst=$1 inst=$1
if [ $# == 0 ]; then if [ $# == 0 ]; then
inst=0 inst=0
fi fi
if [ ${#arr[@]} == 0 ]; then if [ ${#arr[@]} == 0 ]; then
echo TF2 isn\'t running! echo TF2 isn\'t running!
exit exit
fi fi
if [ $inst -gt ${#arr[@]} ] || [ $inst == ${#arr[@]} ]; then if [ $inst -gt ${#arr[@]} ] || [ $inst == ${#arr[@]} ]; then
echo wrong index! echo wrong index!
exit exit
fi fi
proc=${arr[$inst]} proc=${arr[$inst]}
@ -46,15 +46,15 @@ sudo killall -19 steam
sudo killall -19 steamwebhelper sudo killall -19 steamwebhelper
gdb -n -q -batch \ gdb -n -q -batch \
-ex "attach $proc" \ -ex "attach $proc" \
-ex "set \$dlopen = (void*(*)(char*, int)) dlopen" \ -ex "set \$dlopen = (void*(*)(char*, int)) dlopen" \
-ex "call \$dlopen(\"$FILENAME\", 1)" \ -ex "call \$dlopen(\"$FILENAME\", 1)" \
-ex "call dlerror()" \ -ex "call dlerror()" \
-ex 'print (char *) $2' \ -ex 'print (char *) $2' \
-ex "catch syscall exit exit_group" \ -ex "catch syscall exit exit_group" \
-ex "detach" \ -ex "detach" \
-ex "quit" -ex "quit"
rm $FILENAME rm $FILENAME
sudo killall -18 steamwebhelper sudo killall -18 steamwebhelper

30
attach-libnamed.sh
View File

@ -8,17 +8,17 @@ line=$(pidof hl2_linux)
arr=($line) arr=($line)
inst=$1 inst=$1
if [ $# == 0 ]; then if [ $# == 0 ]; then
inst=0 inst=0
fi fi
if [ ${#arr[@]} == 0 ]; then if [ ${#arr[@]} == 0 ]; then
echo TF2 isn\'t running! echo TF2 isn\'t running!
exit exit
fi fi
if [ $inst -gt ${#arr[@]} ] || [ $inst == ${#arr[@]} ]; then if [ $inst -gt ${#arr[@]} ] || [ $inst == ${#arr[@]} ]; then
echo wrong index! echo wrong index!
exit exit
fi fi
proc=${arr[$inst]} proc=${arr[$inst]}
@ -37,12 +37,12 @@ FILENAME=$(shuf -n 1 build_names)
# Create directory if it doesn't exist # Create directory if it doesn't exist
if [ ! -d "/lib/i386-linux-gnu/" ]; then if [ ! -d "/lib/i386-linux-gnu/" ]; then
sudo mkdir /lib/i386-linux-gnu/ sudo mkdir /lib/i386-linux-gnu/
fi fi
# In case this file exists, get another one. ( checked it works ) # In case this file exists, get another one. ( checked it works )
while [ -f "/lib/i386-linux-gnu/${FILENAME}" ]; do while [ -f "/lib/i386-linux-gnu/${FILENAME}" ]; do
FILENAME=$(shuf -n 1 build_names) FILENAME=$(shuf -n 1 build_names)
done done
# echo $FILENAME > build_id # For detaching # echo $FILENAME > build_id # For detaching
@ -52,13 +52,13 @@ sudo cp "bin/libcathook.so" "/lib/i386-linux-gnu/${FILENAME}"
echo loading "$FILENAME" to "$proc" echo loading "$FILENAME" to "$proc"
sudo gdb -n -q -batch \ sudo gdb -n -q -batch \
-ex "attach $proc" \ -ex "attach $proc" \
-ex "set \$dlopen = (void*(*)(char*, int)) dlopen" \ -ex "set \$dlopen = (void*(*)(char*, int)) dlopen" \
-ex "call \$dlopen(\"/lib/i386-linux-gnu/$FILENAME\", 1)" \ -ex "call \$dlopen(\"/lib/i386-linux-gnu/$FILENAME\", 1)" \
-ex "call dlerror()" \ -ex "call dlerror()" \
-ex 'print (char *) $2' \ -ex 'print (char *) $2' \
-ex "catch syscall exit exit_group" \ -ex "catch syscall exit exit_group" \
-ex "detach" \ -ex "detach" \
-ex "quit" -ex "quit"
sudo rm "/lib/i386-linux-gnu/${FILENAME}" sudo rm "/lib/i386-linux-gnu/${FILENAME}"

1
include/copypasted/CSignature.h
View File

@ -12,6 +12,7 @@ public:
void *GetModuleHandleSafe(const char *pszModuleName); void *GetModuleHandleSafe(const char *pszModuleName);
uintptr_t GetClientSignature(const char *chPattern); uintptr_t GetClientSignature(const char *chPattern);
uintptr_t GetEngineSignature(const char *chPattern); uintptr_t GetEngineSignature(const char *chPattern);
uintptr_t GetSteamAPISignature(const char *chPattern);
uintptr_t GetVstdSignature(const char *chPattern); uintptr_t GetVstdSignature(const char *chPattern);
}; };

1
include/core/sharedobj.hpp
View File

@ -40,6 +40,7 @@ public:
SharedObject &steamclient(); SharedObject &steamclient();
SharedObject &client(); SharedObject &client();
SharedObject &engine(); SharedObject &engine();
SharedObject &steamapi();
SharedObject &vstdlib(); SharedObject &vstdlib();
SharedObject &tier0(); SharedObject &tier0();
SharedObject &inputsystem(); SharedObject &inputsystem();

8
install-data
View File

@ -1,10 +1,10 @@
#!/usr/bin/env bash #!/usr/bin/env bash
if ! [ -d "/opt/cathook/data" ]; then if ! [ -d "/opt/cathook/data" ]; then
echo "Creating cathook data directory at /opt/cathook/data" echo "Creating cathook data directory at /opt/cathook/data"
mkdir -p "/opt/cathook/data" mkdir -p "/opt/cathook/data"
chown -R $USER "/opt/cathook/data" chown -R $USER "/opt/cathook/data"
chmod -R 777 "/opt/cathook/data" chmod -R 777 "/opt/cathook/data"
fi fi
echo "Installing cathook data to /opt/cathook/data" echo "Installing cathook data to /opt/cathook/data"

26
src/copypasted/CSignature.cpp
View File

@ -216,6 +216,32 @@ uintptr_t CSignature::GetEngineSignature(const char *chPattern)
return patr - (uintptr_t)(module) + moduleMap->l_addr; return patr - (uintptr_t)(module) + moduleMap->l_addr;
} }
//=================================================================================== //===================================================================================
uintptr_t CSignature::GetSteamAPISignature(const char *chPattern)
{
// we need to do this becuase (i assume that) under the hood, dlopen only
// loads up the sections that it needs into memory, meaning that we cannot
// get the string table from the module.
static int fd = open(sharedobj::steamapi().path.c_str(), O_RDONLY);
static void *module = mmap(NULL, lseek(fd, 0, SEEK_END), PROT_READ, MAP_SHARED, fd, 0);
static link_map *moduleMap = sharedobj::steamapi().lmap;
// static void *module = (void *)moduleMap->l_addr;
static Elf32_Shdr *textHeader = getSectionHeader(module, ".text");
static int textOffset = textHeader->sh_offset;
static int textSize = textHeader->sh_size;
// we need to remap the address that we got from the pattern search from our
// mapped file to the actual memory we do this by rebasing the address
// (subbing the mmapped one and adding the dlopened one.
uintptr_t patr = dwFindPattern(((uintptr_t) module) + textOffset, ((uintptr_t) module) + textOffset + textSize, chPattern);
if (!patr)
return NULL;
return patr - (uintptr_t)(module) + moduleMap->l_addr;
}
//===================================================================================
uintptr_t CSignature::GetVstdSignature(const char *chPattern) uintptr_t CSignature::GetVstdSignature(const char *chPattern)
{ {
// we need to do this becuase (i assume that) under the hood, dlopen only // we need to do this becuase (i assume that) under the hood, dlopen only

64
src/core/interfaces.cpp
View File

@ -7,6 +7,7 @@
#include "common.hpp" #include "common.hpp"
#include "core/sharedobj.hpp" #include "core/sharedobj.hpp"
#include <thread>
#include <unistd.h> #include <unistd.h>
@ -76,23 +77,41 @@ template <typename T> T *BruteforceInterface(std::string name, sharedobj::Shared
return nullptr; return nullptr;
} }
extern "C" typedef HSteamUser (*GetHSteamUser_t)();
void CreateInterfaces() void CreateInterfaces()
{ {
g_ICvar = BruteforceInterface<ICvar>("VEngineCvar", sharedobj::vstdlib()); g_ICvar = BruteforceInterface<ICvar>("VEngineCvar", sharedobj::vstdlib());
g_IEngine = BruteforceInterface<IVEngineClient013>("VEngineClient", sharedobj::engine()); g_IEngine = BruteforceInterface<IVEngineClient013>("VEngineClient", sharedobj::engine());
g_AppID = g_IEngine->GetAppID(); g_AppID = g_IEngine->GetAppID();
g_IEntityList = BruteforceInterface<IClientEntityList>("VClientEntityList", sharedobj::client()); g_IEntityList = BruteforceInterface<IClientEntityList>("VClientEntityList", sharedobj::client());
g_ISteamClient = BruteforceInterface<ISteamClient>("SteamClient", sharedobj::steamclient(), 17); g_ISteamClient = BruteforceInterface<ISteamClient>("SteamClient", sharedobj::steamclient(), 17);
g_IEventManager2 = BruteforceInterface<IGameEventManager2>("GAMEEVENTSMANAGER", sharedobj::engine(), 2); g_IEventManager2 = BruteforceInterface<IGameEventManager2>("GAMEEVENTSMANAGER", sharedobj::engine(), 2);
g_IGameEventManager = BruteforceInterface<IGameEventManager>("GAMEEVENTSMANAGER", sharedobj::engine(), 1); g_IGameEventManager = BruteforceInterface<IGameEventManager>("GAMEEVENTSMANAGER", sharedobj::engine(), 1);
g_IBaseClient = BruteforceInterface<IBaseClientDLL>("VClient", sharedobj::client()); g_IBaseClient = BruteforceInterface<IBaseClientDLL>("VClient", sharedobj::client());
g_ITrace = BruteforceInterface<IEngineTrace>("EngineTraceClient", sharedobj::engine()); g_ITrace = BruteforceInterface<IEngineTrace>("EngineTraceClient", sharedobj::engine());
g_IInputSystem = BruteforceInterface<IInputSystem>("InputSystemVersion", sharedobj::inputsystem()); g_IInputSystem = BruteforceInterface<IInputSystem>("InputSystemVersion", sharedobj::inputsystem());
HSteamPipe sp = g_ISteamClient->CreateSteamPipe(); uintptr_t steampipe_sig = gSignatures.GetSteamAPISignature("8D 83 ? ? ? ? 89 34 24 89 44 24 ? E8 ? ? ? ? 89 C6") + 0xE7;
HSteamUser su = g_ISteamClient->ConnectToGlobalUser(sp); typedef HSteamPipe (*GetSteamPipe)();
g_IVModelRender = BruteforceInterface<IVModelRender>("VEngineModel", sharedobj::engine(), 16); GetSteamPipe GetSteamPipe_fn = GetSteamPipe(steampipe_sig);
g_ISteamFriends = nullptr; HSteamPipe sp = GetSteamPipe_fn();
g_IEngineVGui = BruteforceInterface<IEngineVGui>("VEngineVGui", sharedobj::engine()); if (!sp)
{
logging::Info("Creating new Steam Pipe...");
sp = g_ISteamClient->CreateSteamPipe();
}
logging::Info("Inited Steam Pipe");
GetHSteamUser_t func = (GetHSteamUser_t)(GetHSteamUser_t) dlsym(sharedobj::steamapi().lmap, "SteamAPI_GetHSteamUser");
HSteamUser su = func();
if (!su)
{
logging::Info("Connecting to Steam User");
g_ISteamClient->ConnectToGlobalUser(sp);
}
logging::Info("Inited Steam User");
g_IVModelRender = BruteforceInterface<IVModelRender>("VEngineModel", sharedobj::engine(), 16);
g_ISteamFriends = nullptr;
g_IEngineVGui = BruteforceInterface<IEngineVGui>("VEngineVGui", sharedobj::engine());
IF_GAME(IsTF2()) IF_GAME(IsTF2())
{ {
uintptr_t sig_steamapi = gSignatures.GetEngineSignature("55 0F 57 C0 89 E5 83 EC 18 F3 0F 11 05 ? ? ? ? F3 0F 11 05 ? ? ? " uintptr_t sig_steamapi = gSignatures.GetEngineSignature("55 0F 57 C0 89 E5 83 EC 18 F3 0F 11 05 ? ? ? ? F3 0F 11 05 ? ? ? "
@ -101,16 +120,25 @@ void CreateInterfaces()
"C7 04 24 ? ? ? ? E8 ? ? ? ? C9 C3"); "C7 04 24 ? ? ? ? E8 ? ? ? ? C9 C3");
logging::Info("SteamAPI: 0x%08x", sig_steamapi); logging::Info("SteamAPI: 0x%08x", sig_steamapi);
void **SteamAPI_engine = *reinterpret_cast<void ***>(sig_steamapi + 36); void **SteamAPI_engine = *reinterpret_cast<void ***>(sig_steamapi + 36);
g_ISteamFriends = (ISteamFriends *) (SteamAPI_engine[2]); // logging::Info("A");
g_ISteamFriends = (ISteamFriends *) (SteamAPI_engine[2]);
logging::Info("A");
} }
if (g_ISteamFriends == nullptr) if (g_ISteamFriends == nullptr)
{ {
logging::Info("A");
// FIXME SIGNATURE // FIXME SIGNATURE
g_ISteamFriends = g_ISteamClient->GetISteamFriends(su, sp, "SteamFriends002"); g_ISteamFriends = g_ISteamClient->GetISteamFriends(su, sp, "SteamFriends002");
logging::Info("A");
} }
g_GlobalVars = **(reinterpret_cast<CGlobalVarsBase ***>((uintptr_t) 11 + gSignatures.GetClientSignature("55 89 E5 83 EC ? 8B 45 08 8B 15 ? ? ? ? F3 0F 10"))); logging::Info("B");
g_IPrediction = BruteforceInterface<IPrediction>("VClientPrediction", sharedobj::client()); //g_GlobalVars = **(reinterpret_cast<CGlobalVarsBase ***>((uintptr_t) 11 + gSignatures.GetClientSignature("55 89 E5 83 EC ? 8B 45 08 8B 15 ? ? ? ? F3 0F 10")));
g_GlobalVars = **reinterpret_cast<CGlobalVarsBase ***>(gSignatures.GetClientSignature("8B 15 ? ? ? ? F3 0F 10 88 D0 08 00 00") + 2);
logging::Info("A");
g_IPrediction = BruteforceInterface<IPrediction>("VClientPrediction", sharedobj::client());
logging::Info("A");
g_IGameMovement = BruteforceInterface<IGameMovement>("GameMovement", sharedobj::client()); g_IGameMovement = BruteforceInterface<IGameMovement>("GameMovement", sharedobj::client());
logging::Info("A");
IF_GAME(IsTF2()) IF_GAME(IsTF2())
{ {
// g_IMoveHelper = // g_IMoveHelper =

7
src/core/sharedobj.cpp
View File

@ -91,6 +91,7 @@ void LoadAllSharedObjects()
steamclient().Load(); steamclient().Load();
client().Load(); client().Load();
engine().Load(); engine().Load();
steamapi().Load();
vstdlib().Load(); vstdlib().Load();
tier0().Load(); tier0().Load();
inputsystem().Load(); inputsystem().Load();
@ -113,6 +114,11 @@ SharedObject &steamclient()
static SharedObject obj("steamclient.so", true); static SharedObject obj("steamclient.so", true);
return obj; return obj;
} }
SharedObject &steamapi()
{
static SharedObject obj("libsteam_api.so", false);
return obj;
}
SharedObject &client() SharedObject &client()
{ {
static SharedObject obj("client.so", true); static SharedObject obj("client.so", true);
@ -164,5 +170,6 @@ SharedObject &libsdl()
static SharedObject obj("libSDL2-2.0.so.0", false); static SharedObject obj("libSDL2-2.0.so.0", false);
return obj; return obj;
} }
#endif #endif
} // namespace sharedobj } // namespace sharedobj

2
src/hack.cpp
View File

@ -146,7 +146,7 @@ void critical_error_handler(int signum)
void hack::Initialize() void hack::Initialize()
{ {
::signal(SIGSEGV, &critical_error_handler); ::signal(SIGSEGV, &critical_error_handler);
//::signal(SIGABRT, &my_signal_handler); ::signal(SIGABRT, &critical_error_handler);
time_injected = time(nullptr); time_injected = time(nullptr);
/*passwd *pwd = getpwuid(getuid()); /*passwd *pwd = getpwuid(getuid());
char *logname = strfmt("/tmp/cathook-game-stdout-%s-%u.log", pwd->pw_name, char *logname = strfmt("/tmp/cathook-game-stdout-%s-%u.log", pwd->pw_name,

7
src/hacks/Misc.cpp
View File

@ -221,8 +221,11 @@ void CreateMove()
SendAutoBalanceRequest(); SendAutoBalanceRequest();
// Simple No-Push through cvars // Simple No-Push through cvars
if (*nopush_enabled == teammatesPushaway->GetBool()) if (teammatesPushaway)
teammatesPushaway->SetValue(!nopush_enabled); {
if (*nopush_enabled == teammatesPushaway->GetBool())
teammatesPushaway->SetValue(!nopush_enabled);
}
} }
} }

5
src/hooks/Paint.cpp
View File

@ -19,6 +19,11 @@ namespace hooked_methods
DEFINE_HOOKED_METHOD(Paint, void, IEngineVGui *this_, PaintMode_t mode) DEFINE_HOOKED_METHOD(Paint, void, IEngineVGui *this_, PaintMode_t mode)
{ {
if (!isHackActive())
{
return original::Paint(this_, mode);;
}
if (!g_IEngine->IsInGame()) if (!g_IEngine->IsInGame())
g_Settings.bInvalid = true; g_Settings.bInvalid = true;