noury/mirror-ac
1
0
Fork 0
mirror of https://github.com/donnaskiez/ac.git synced 2024-11-21 22:24:08 +01:00
Code Issues Projects Releases Packages Wiki Activity
mirror-ac/user/client.h

199 lines
4.1 KiB
C
Raw Normal View History

AAAAAA
2023-08-22 19:32:25 +02:00
#ifndef REPORT_H
#define REPORT_H
EPIC
2023-08-18 07:33:13 +02:00
#include <Windows.h>
AAAAAA
2023-08-22 19:32:25 +02:00
#include "threadpool.h"
#include "pipe.h"
#include <TlHelp32.h>
bed time
2023-09-07 20:47:48 +02:00
#include "common.h"
AAAAAA
2023-08-22 19:32:25 +02:00
bed time c:
2023-08-28 17:00:52 +02:00
#define REPORT_BUFFER_SIZE 8192
AAAAAA
2023-08-22 19:32:25 +02:00
#define SEND_BUFFER_SIZE 8192
#define MAX_SIGNATURE_SIZE 256
#define MODULE_VALIDATION_FAILURE_MAX_REPORT_COUNT 20
#define REPORT_CODE_MODULE_VERIFICATION 10
#define REPORT_CODE_START_ADDRESS_VERIFICATION 20
#define REPORT_PAGE_PROTECTION_VERIFICATION 30
#define REPORT_PATTERN_SCAN_FAILURE 40
#define REPORT_NMI_CALLBACK_FAILURE 50
#define REPORT_MODULE_VALIDATION_FAILURE 60
#define REPORT_ILLEGAL_HANDLE_OPERATION 70
bed time c:
2023-08-28 17:00:52 +02:00
#define REPORT_INVALID_PROCESS_ALLOCATION 80
thread validation check
2023-08-30 13:15:57 +02:00
#define REPORT_HIDDEN_SYSTEM_THREAD 90
implemented global report irp queue
2023-09-02 10:54:04 +02:00
#define REPORT_ILLEGAL_ATTACH_PROCESS 100
AAAAAA
2023-08-22 19:32:25 +02:00
e
2023-09-07 19:49:36 +02:00
#define TEST_STEAM_64_ID 123456789;
AAAAAA
2023-08-22 19:32:25 +02:00
enum REPORT_CODES
{
USERMODE_MODULE = 10,
START_ADDRESS = 20,
PAGE_PROTECTION = 30,
PATTERN_SCAN = 40,
NMI_CALLBACK = 50,
SYSTEM_MODULE = 60,
HANDLE_OPERATION = 70
};
WOO!
2023-09-08 20:41:11 +02:00
#define CLIENT_REQUEST_MODULE_INTEGRITY_CHECK 10
#define CLIENT_SEND_SYSTEM_INFORMATION 10
#define MAX_CLIENT_SEND_PACKET_SIZE 60000
AAAAAA
2023-08-22 19:32:25 +02:00
enum SERVER_SEND_CODES
{
MODULE_INTEGRITY_CHECK = 10
};
bedtime (:
2023-08-18 16:34:15 +02:00
EPIC
2023-08-18 07:33:13 +02:00
namespace global
{
class Client
{
AAAAAA
2023-08-22 19:32:25 +02:00
std::shared_ptr<global::ThreadPool> thread_pool;
std::shared_ptr<global::Pipe> pipe;
std::mutex mutex;
byte report_buffer[ REPORT_BUFFER_SIZE ];
EPIC
2023-08-18 07:33:13 +02:00
public:
bedtime (:
2023-08-18 16:34:15 +02:00
AAAAAA
2023-08-22 19:32:25 +02:00
Client( std::shared_ptr<global::ThreadPool> ThreadPool, LPTSTR PipeName );
e
2023-09-07 19:49:36 +02:00
void UpdateSystemInformation( global::headers::SYSTEM_INFORMATION* SystemInformation );
AAAAAA
2023-08-22 19:32:25 +02:00
/* lock buffer, attach header, copy report, send to service then clear buffer */
template <typename T>
void ReportViolation( T* Report )
{
mutex.lock();
global::headers::PIPE_PACKET_HEADER header;
WOO!
2023-09-08 20:41:11 +02:00
header.message_type = MESSAGE_TYPE_CLIENT_REPORT;
e
2023-09-07 19:49:36 +02:00
header.steam64_id = TEST_STEAM_64_ID;
e
2023-09-08 09:42:35 +02:00
memcpy( &this->report_buffer, &header, sizeof( global::headers::PIPE_PACKET_HEADER ) );
WOO!
2023-09-08 20:41:11 +02:00
AAAAAA
2023-08-22 19:32:25 +02:00
memcpy( PVOID( ( UINT64 )this->report_buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ), Report, sizeof( T ) );
this->pipe->WriteToPipe( this->report_buffer, sizeof(T) + sizeof( global::headers::PIPE_PACKET_HEADER ) );
RtlZeroMemory( this->report_buffer, REPORT_BUFFER_SIZE );
mutex.unlock();
}
fucking FINALLY got this BULLSHIT working
2023-09-10 12:20:35 +02:00
void ServerReceive(PVOID Buffer, SIZE_T Size);
AAAAAA
2023-08-22 19:32:25 +02:00
void ServerSend( PVOID Buffer, SIZE_T Size, INT RequestId );
EPIC
2023-08-18 07:33:13 +02:00
};
bedtime (:
2023-08-18 16:34:15 +02:00
AAAAAA
2023-08-22 19:32:25 +02:00
namespace report_structures
bedtime (:
2023-08-18 16:34:15 +02:00
{
sum smol comentz c:
2023-09-05 18:47:46 +02:00
struct PROCESS_MODULES_INTEGRITY_CHECK_FAILURE
AAAAAA
2023-08-22 19:32:25 +02:00
{
INT report_code;
UINT64 module_base_address;
UINT64 module_size;
ee
2023-09-10 19:32:12 +02:00
CHAR module_name[ 256 ];
AAAAAA
2023-08-22 19:32:25 +02:00
};
struct PROCESS_THREAD_START_FAILURE
{
INT report_code;
LONG thread_id;
UINT64 start_address;
};
struct PAGE_PROTECTION_FAILURE
{
INT report_code;
UINT64 page_base_address;
LONG allocation_protection;
LONG allocation_state;
LONG allocation_type;
};
struct PATTERN_SCAN_FAILURE
{
INT report_code;
INT signature_id;
UINT64 address;
};
struct NMI_CALLBACK_FAILURE
{
INT report_code;
INT were_nmis_disabled;
UINT64 kthread_address;
UINT64 invalid_rip;
};
struct MODULE_VALIDATION_FAILURE_HEADER
{
INT module_count;
};
struct MODULE_VALIDATION_FAILURE
{
INT report_code;
INT report_type;
UINT64 driver_base_address;
UINT64 driver_size;
CHAR driver_name[ 128 ];
};
fix up pool reporting system
2023-09-18 05:15:26 +02:00
struct REPORT_QUEUE_HEADER
AAAAAA
2023-08-22 19:32:25 +02:00
{
INT count;
};
struct OPEN_HANDLE_FAILURE_REPORT
bedtime (:
2023-08-18 16:34:15 +02:00
{
AAAAAA
2023-08-22 19:32:25 +02:00
INT report_code;
INT is_kernel_handle;
LONG process_id;
LONG thread_id;
LONG desired_access;
CHAR process_name[ 64 ];
bedtime (:
2023-08-18 16:34:15 +02:00
};
bed time c:
2023-08-28 17:00:52 +02:00
struct INVALID_PROCESS_ALLOCATION_REPORT
{
INT report_code;
CHAR process[ 4096 ];
};
thread validation check
2023-08-30 13:15:57 +02:00
/*
* No point copying data from the start address here
* since people can easily change it.
*/
struct HIDDEN_SYSTEM_THREAD_REPORT
{
INT report_code;
INT found_in_kthreadlist;
INT found_in_pspcidtable;
UINT64 thread_address;
LONG thread_id;
CHAR thread[ 4096 ];
};
implemented global report irp queue
2023-09-02 10:54:04 +02:00
struct ATTACH_PROCESS_REPORT
{
INT report_code;
e
2023-09-02 15:47:15 +02:00
UINT32 thread_id;
UINT64 thread_address;
implemented global report irp queue
2023-09-02 10:54:04 +02:00
};
fucking FINALLY got this BULLSHIT working
2023-09-10 12:20:35 +02:00
struct SYSTEM_INFORMATION_REQUEST_RESPONSE
{
INT RequestId;
INT CanUserProceed;
INT reason;
};
bedtime (:
2023-08-18 16:34:15 +02:00
}
EPIC
2023-08-18 07:33:13 +02:00
}
AAAAAA
2023-08-22 19:32:25 +02:00
#endif
Reference in a new issue Copy permalink