hemp/CS2Cheat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

shjit

Browse Source
This commit is contained in:
Oscar
2025-07-25 22:49:56 +03:00
parent 03af6d458c
commit 860be9ac4c
470 changed files with 308020 additions and 436 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/SpoofCall.asm Normal file
View File

@@ -0,0 +1,30 @@
PUBLIC _spoofer_stub
.code
_spoofer_stub PROC
pop r11
add rsp, 8
mov rax, [rsp + 24]
mov r10, [rax]
mov [rsp], r10
mov r10, [rax + 8]
mov [rax + 8], r11
mov [rax + 16], rbx
lea rbx, fixup
mov [rax], rbx
mov rbx, rax
jmp r10
fixup:
sub rsp, 16
mov rcx, rbx
mov rbx, [rcx + 16]
jmp QWORD PTR [rcx + 8]
_spoofer_stub ENDP
END

120
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/Utils.h Normal file
View File

@@ -0,0 +1,120 @@
#include <type_traits>
namespace detail
{
extern "C" void* _spoofer_stub();
template <typename Ret, typename... Args>
static inline auto shellcode_stub_helper(
const void* shell,
Args... args
) -> Ret
{
auto fn = (Ret(*)(Args...))(shell);
return fn(args...);
}
template <std::size_t Argc, typename>
struct argument_remapper
{
// At least 5 params
template<
typename Ret,
typename First,
typename Second,
typename Third,
typename Fourth,
typename... Pack
>
static auto do_call(
const void* shell,
void* shell_param,
First first,
Second second,
Third third,
Fourth fourth,
Pack... pack
) -> Ret
{
return shellcode_stub_helper<
Ret,
First,
Second,
Third,
Fourth,
void*,
void*,
Pack...
>(
shell,
first,
second,
third,
fourth,
shell_param,
nullptr,
pack...
);
}
};
template <std::size_t Argc>
struct argument_remapper<Argc, std::enable_if_t<Argc <= 4>>
{
// 4 or less params
template<
typename Ret,
typename First = void*,
typename Second = void*,
typename Third = void*,
typename Fourth = void*
>
static auto do_call(
const void* shell,
void* shell_param,
First first = First{},
Second second = Second{},
Third third = Third{},
Fourth fourth = Fourth{}
) -> Ret
{
return shellcode_stub_helper<
Ret,
First,
Second,
Third,
Fourth,
void*,
void*
>(
shell,
first,
second,
third,
fourth,
shell_param,
nullptr
);
}
};
}
template <typename Ret, typename... Args>
static inline auto spoof_call(
const void* trampoline,
Ret(*fn)(Args...),
Args... args
) -> Ret
{
struct shell_params
{
const void* trampoline;
void* function;
void* rbx;
};
shell_params p{ trampoline, reinterpret_cast<void*>(fn) };
using mapper = detail::argument_remapper<sizeof...(Args), void>;
return mapper::template do_call<Ret, Args...>((const void*)&detail::_spoofer_stub, &p, args...);
}

0
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/callstack.cpp Normal file
View File

0
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/callstack.h Normal file
View File

0
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/callstack.hpp Normal file
View File

23
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/invoker.h Normal file
View File

@@ -0,0 +1,23 @@
#pragma once
#include <cstdint>
#include "Utils.h"
class RetSpoofInvoker {
private:
void* gadgetAddress{ 0 };
public:
void init(std::uintptr_t gadgetAddress) noexcept
{
this->gadgetAddress = reinterpret_cast<void*>(gadgetAddress);
}
template <typename ReturnType, typename... Args>
ReturnType invokeFastcall(std::uintptr_t functionAddress, Args&&... args) const noexcept
{
return detail::shellcode_stub_helper<ReturnType(Args...)>::spoof_call(this->gadgetAddress, reinterpret_cast<void*>(functionAddress), std::forward<Args>(args)...);
}
};
inline RetSpoofInvoker invoker;

723
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/lazy_importer.hpp Normal file
View File

@@ -0,0 +1,723 @@
/*
* Copyright 2018-2022 Justas Masiulis
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// === FAQ === documentation is available at https://github.com/JustasMasiulis/lazy_importer
// * Code doesn't compile with errors about pointer conversion:
// - Try using `nullptr` instead of `NULL` or call `get()` instead of using the overloaded operator()
// * Lazy importer can't find the function I want:
// - Double check that the module in which it's located in is actually loaded
// - Try #define LAZY_IMPORTER_CASE_INSENSITIVE
// This will start using case insensitive comparison globally
// - Try #define LAZY_IMPORTER_RESOLVE_FORWARDED_EXPORTS
// This will enable forwarded export resolution globally instead of needing explicit `forwarded()` calls
#ifndef LAZY_IMPORTER_HPP
#define LAZY_IMPORTER_HPP
#define LI_FN(name) ::li::detail::lazy_function<LAZY_IMPORTER_KHASH(#name), decltype(&name)>()
#define LI_FN_DEF(name) ::li::detail::lazy_function<LAZY_IMPORTER_KHASH(#name), name>()
#define LI_MODULE(name) ::li::detail::lazy_module<LAZY_IMPORTER_KHASH(name)>()
#ifndef LAZY_IMPORTER_CPP_FORWARD
#ifdef LAZY_IMPORTER_NO_CPP_FORWARD
#define LAZY_IMPORTER_CPP_FORWARD(t, v) v
#else
#include <utility>
#define LAZY_IMPORTER_CPP_FORWARD(t, v) std::forward<t>( v )
#endif
#endif
#include <intrin.h>
#ifndef LAZY_IMPORTER_NO_FORCEINLINE
#if defined(_MSC_VER)
#define LAZY_IMPORTER_FORCEINLINE __forceinline
#elif defined(__GNUC__) && __GNUC__ > 3
#define LAZY_IMPORTER_FORCEINLINE inline __attribute__((__always_inline__))
#else
#define LAZY_IMPORTER_FORCEINLINE inline
#endif
#else
#define LAZY_IMPORTER_FORCEINLINE inline
#endif
#ifdef LAZY_IMPORTER_CASE_INSENSITIVE
#define LAZY_IMPORTER_CASE_SENSITIVITY false
#else
#define LAZY_IMPORTER_CASE_SENSITIVITY true
#endif
#define LAZY_IMPORTER_STRINGIZE(x) #x
#define LAZY_IMPORTER_STRINGIZE_EXPAND(x) LAZY_IMPORTER_STRINGIZE(x)
#define LAZY_IMPORTER_KHASH(str) ::li::detail::khash(str, \
::li::detail::khash_impl( __TIME__ __DATE__ LAZY_IMPORTER_STRINGIZE_EXPAND(__LINE__) LAZY_IMPORTER_STRINGIZE_EXPAND(__COUNTER__), 2166136261 ))
namespace li { namespace detail {
namespace win {
struct LIST_ENTRY_T {
const char* Flink;
const char* Blink;
};
struct UNICODE_STRING_T {
unsigned short Length;
unsigned short MaximumLength;
wchar_t* Buffer;
};
struct PEB_LDR_DATA_T {
unsigned long Length;
unsigned long Initialized;
const char* SsHandle;
LIST_ENTRY_T InLoadOrderModuleList;
};
struct PEB_T {
unsigned char Reserved1[2];
unsigned char BeingDebugged;
unsigned char Reserved2[1];
const char* Reserved3[2];
PEB_LDR_DATA_T* Ldr;
};
struct LDR_DATA_TABLE_ENTRY_T {
LIST_ENTRY_T InLoadOrderLinks;
LIST_ENTRY_T InMemoryOrderLinks;
LIST_ENTRY_T InInitializationOrderLinks;
const char* DllBase;
const char* EntryPoint;
union {
unsigned long SizeOfImage;
const char* _dummy;
};
UNICODE_STRING_T FullDllName;
UNICODE_STRING_T BaseDllName;
LAZY_IMPORTER_FORCEINLINE const LDR_DATA_TABLE_ENTRY_T*
load_order_next() const noexcept
{
return reinterpret_cast<const LDR_DATA_TABLE_ENTRY_T*>(
InLoadOrderLinks.Flink);
}
};
struct IMAGE_DOS_HEADER { // DOS .EXE header
unsigned short e_magic; // Magic number
unsigned short e_cblp; // Bytes on last page of file
unsigned short e_cp; // Pages in file
unsigned short e_crlc; // Relocations
unsigned short e_cparhdr; // Size of header in paragraphs
unsigned short e_minalloc; // Minimum extra paragraphs needed
unsigned short e_maxalloc; // Maximum extra paragraphs needed
unsigned short e_ss; // Initial (relative) SS value
unsigned short e_sp; // Initial SP value
unsigned short e_csum; // Checksum
unsigned short e_ip; // Initial IP value
unsigned short e_cs; // Initial (relative) CS value
unsigned short e_lfarlc; // File address of relocation table
unsigned short e_ovno; // Overlay number
unsigned short e_res[4]; // Reserved words
unsigned short e_oemid; // OEM identifier (for e_oeminfo)
unsigned short e_oeminfo; // OEM information; e_oemid specific
unsigned short e_res2[10]; // Reserved words
long e_lfanew; // File address of new exe header
};
struct IMAGE_FILE_HEADER {
unsigned short Machine;
unsigned short NumberOfSections;
unsigned long TimeDateStamp;
unsigned long PointerToSymbolTable;
unsigned long NumberOfSymbols;
unsigned short SizeOfOptionalHeader;
unsigned short Characteristics;
};
struct IMAGE_EXPORT_DIRECTORY {
unsigned long Characteristics;
unsigned long TimeDateStamp;
unsigned short MajorVersion;
unsigned short MinorVersion;
unsigned long Name;
unsigned long Base;
unsigned long NumberOfFunctions;
unsigned long NumberOfNames;
unsigned long AddressOfFunctions; // RVA from base of image
unsigned long AddressOfNames; // RVA from base of image
unsigned long AddressOfNameOrdinals; // RVA from base of image
};
struct IMAGE_DATA_DIRECTORY {
unsigned long VirtualAddress;
unsigned long Size;
};
struct IMAGE_OPTIONAL_HEADER64 {
unsigned short Magic;
unsigned char MajorLinkerVersion;
unsigned char MinorLinkerVersion;
unsigned long SizeOfCode;
unsigned long SizeOfInitializedData;
unsigned long SizeOfUninitializedData;
unsigned long AddressOfEntryPoint;
unsigned long BaseOfCode;
unsigned long long ImageBase;
unsigned long SectionAlignment;
unsigned long FileAlignment;
unsigned short MajorOperatingSystemVersion;
unsigned short MinorOperatingSystemVersion;
unsigned short MajorImageVersion;
unsigned short MinorImageVersion;
unsigned short MajorSubsystemVersion;
unsigned short MinorSubsystemVersion;
unsigned long Win32VersionValue;
unsigned long SizeOfImage;
unsigned long SizeOfHeaders;
unsigned long CheckSum;
unsigned short Subsystem;
unsigned short DllCharacteristics;
unsigned long long SizeOfStackReserve;
unsigned long long SizeOfStackCommit;
unsigned long long SizeOfHeapReserve;
unsigned long long SizeOfHeapCommit;
unsigned long LoaderFlags;
unsigned long NumberOfRvaAndSizes;
IMAGE_DATA_DIRECTORY DataDirectory[16];
};
struct IMAGE_OPTIONAL_HEADER32 {
unsigned short Magic;
unsigned char MajorLinkerVersion;
unsigned char MinorLinkerVersion;
unsigned long SizeOfCode;
unsigned long SizeOfInitializedData;
unsigned long SizeOfUninitializedData;
unsigned long AddressOfEntryPoint;
unsigned long BaseOfCode;
unsigned long BaseOfData;
unsigned long ImageBase;
unsigned long SectionAlignment;
unsigned long FileAlignment;
unsigned short MajorOperatingSystemVersion;
unsigned short MinorOperatingSystemVersion;
unsigned short MajorImageVersion;
unsigned short MinorImageVersion;
unsigned short MajorSubsystemVersion;
unsigned short MinorSubsystemVersion;
unsigned long Win32VersionValue;
unsigned long SizeOfImage;
unsigned long SizeOfHeaders;
unsigned long CheckSum;
unsigned short Subsystem;
unsigned short DllCharacteristics;
unsigned long SizeOfStackReserve;
unsigned long SizeOfStackCommit;
unsigned long SizeOfHeapReserve;
unsigned long SizeOfHeapCommit;
unsigned long LoaderFlags;
unsigned long NumberOfRvaAndSizes;
IMAGE_DATA_DIRECTORY DataDirectory[16];
};
struct IMAGE_NT_HEADERS {
unsigned long Signature;
IMAGE_FILE_HEADER FileHeader;
#ifdef _WIN64
IMAGE_OPTIONAL_HEADER64 OptionalHeader;
#else
IMAGE_OPTIONAL_HEADER32 OptionalHeader;
#endif
};
} // namespace win
struct forwarded_hashes {
unsigned module_hash;
unsigned function_hash;
};
// 64 bit integer where 32 bits are used for the hash offset
// and remaining 32 bits are used for the hash computed using it
using offset_hash_pair = unsigned long long;
LAZY_IMPORTER_FORCEINLINE constexpr unsigned get_hash(offset_hash_pair pair) noexcept { return ( pair & 0xFFFFFFFF ); }
LAZY_IMPORTER_FORCEINLINE constexpr unsigned get_offset(offset_hash_pair pair) noexcept { return static_cast<unsigned>( pair >> 32 ); }
template<bool CaseSensitive = LAZY_IMPORTER_CASE_SENSITIVITY>
LAZY_IMPORTER_FORCEINLINE constexpr unsigned hash_single(unsigned value, char c) noexcept
{
return (value ^ static_cast<unsigned>((!CaseSensitive && c >= 'A' && c <= 'Z') ? (c | (1 << 5)) : c)) * 16777619;
}
LAZY_IMPORTER_FORCEINLINE constexpr unsigned
khash_impl(const char* str, unsigned value) noexcept
{
return (*str ? khash_impl(str + 1, hash_single(value, *str)) : value);
}
LAZY_IMPORTER_FORCEINLINE constexpr offset_hash_pair khash(
const char* str, unsigned offset) noexcept
{
return ((offset_hash_pair{ offset } << 32) | khash_impl(str, offset));
}
template<class CharT = char>
LAZY_IMPORTER_FORCEINLINE unsigned hash(const CharT* str, unsigned offset) noexcept
{
unsigned value = offset;
for(;;) {
char c = *str++;
if(!c)
return value;
value = hash_single(value, c);
}
}
LAZY_IMPORTER_FORCEINLINE unsigned hash(
const win::UNICODE_STRING_T& str, unsigned offset) noexcept
{
auto first = str.Buffer;
const auto last = first + (str.Length / sizeof(wchar_t));
auto value = offset;
for(; first != last; ++first)
value = hash_single(value, static_cast<char>(*first));
return value;
}
LAZY_IMPORTER_FORCEINLINE forwarded_hashes hash_forwarded(
const char* str, unsigned offset) noexcept
{
forwarded_hashes res{ offset, offset };
for(; *str != '.'; ++str)
res.module_hash = hash_single<true>(res.module_hash, *str);
++str;
for(; *str; ++str)
res.function_hash = hash_single(res.function_hash, *str);
return res;
}
// some helper functions
LAZY_IMPORTER_FORCEINLINE const win::PEB_T* peb() noexcept
{
#if defined(_M_X64) || defined(__amd64__)
#if defined(_MSC_VER)
return reinterpret_cast<const win::PEB_T*>(__readgsqword(0x60));
#else
const win::PEB_T* ptr;
__asm__ __volatile__ ("mov %%gs:0x60, %0" : "=r"(ptr));
return ptr;
#endif
#elif defined(_M_IX86) || defined(__i386__)
#if defined(_MSC_VER)
return reinterpret_cast<const win::PEB_T*>(__readfsdword(0x30));
#else
const win::PEB_T* ptr;
__asm__ __volatile__ ("mov %%fs:0x30, %0" : "=r"(ptr));
return ptr;
#endif
#elif defined(_M_ARM) || defined(__arm__)
return *reinterpret_cast<const win::PEB_T**>(_MoveFromCoprocessor(15, 0, 13, 0, 2) + 0x30);
#elif defined(_M_ARM64) || defined(__aarch64__)
return *reinterpret_cast<const win::PEB_T**>(__getReg(18) + 0x60);
#elif defined(_M_IA64) || defined(__ia64__)
return *reinterpret_cast<const win::PEB_T**>(static_cast<char*>(_rdteb()) + 0x60);
#else
#error Unsupported platform. Open an issue and Ill probably add support.
#endif
}
LAZY_IMPORTER_FORCEINLINE const win::PEB_LDR_DATA_T* ldr()
{
return reinterpret_cast<const win::PEB_LDR_DATA_T*>(peb()->Ldr);
}
LAZY_IMPORTER_FORCEINLINE const win::IMAGE_NT_HEADERS* nt_headers(
const char* base) noexcept
{
return reinterpret_cast<const win::IMAGE_NT_HEADERS*>(
base + reinterpret_cast<const win::IMAGE_DOS_HEADER*>(base)->e_lfanew);
}
LAZY_IMPORTER_FORCEINLINE const win::IMAGE_EXPORT_DIRECTORY* image_export_dir(
const char* base) noexcept
{
return reinterpret_cast<const win::IMAGE_EXPORT_DIRECTORY*>(
base + nt_headers(base)->OptionalHeader.DataDirectory->VirtualAddress);
}
LAZY_IMPORTER_FORCEINLINE const win::LDR_DATA_TABLE_ENTRY_T* ldr_data_entry() noexcept
{
return reinterpret_cast<const win::LDR_DATA_TABLE_ENTRY_T*>(
ldr()->InLoadOrderModuleList.Flink);
}
struct exports_directory {
unsigned long _ied_size;
const char* _base;
const win::IMAGE_EXPORT_DIRECTORY* _ied;
public:
using size_type = unsigned long;
LAZY_IMPORTER_FORCEINLINE
exports_directory(const char* base) noexcept : _base(base)
{
const auto ied_data_dir = nt_headers(base)->OptionalHeader.DataDirectory[0];
_ied = reinterpret_cast<const win::IMAGE_EXPORT_DIRECTORY*>(
base + ied_data_dir.VirtualAddress);
_ied_size = ied_data_dir.Size;
}
LAZY_IMPORTER_FORCEINLINE explicit operator bool() const noexcept
{
return reinterpret_cast<const char*>(_ied) != _base;
}
LAZY_IMPORTER_FORCEINLINE size_type size() const noexcept
{
return _ied->NumberOfNames;
}
LAZY_IMPORTER_FORCEINLINE const char* base() const noexcept { return _base; }
LAZY_IMPORTER_FORCEINLINE const win::IMAGE_EXPORT_DIRECTORY* ied() const noexcept
{
return _ied;
}
LAZY_IMPORTER_FORCEINLINE const char* name(size_type index) const noexcept
{
return _base + reinterpret_cast<const unsigned long*>(_base + _ied->AddressOfNames)[index];
}
LAZY_IMPORTER_FORCEINLINE const char* address(size_type index) const noexcept
{
const auto* const rva_table =
reinterpret_cast<const unsigned long*>(_base + _ied->AddressOfFunctions);
const auto* const ord_table = reinterpret_cast<const unsigned short*>(
_base + _ied->AddressOfNameOrdinals);
return _base + rva_table[ord_table[index]];
}
LAZY_IMPORTER_FORCEINLINE bool is_forwarded(
const char* export_address) const noexcept
{
const auto ui_ied = reinterpret_cast<const char*>(_ied);
return (export_address > ui_ied && export_address < ui_ied + _ied_size);
}
};
struct safe_module_enumerator {
using value_type = const detail::win::LDR_DATA_TABLE_ENTRY_T;
value_type* value;
value_type* head;
LAZY_IMPORTER_FORCEINLINE safe_module_enumerator() noexcept
: safe_module_enumerator(ldr_data_entry())
{}
LAZY_IMPORTER_FORCEINLINE
safe_module_enumerator(const detail::win::LDR_DATA_TABLE_ENTRY_T* ldr) noexcept
: value(ldr->load_order_next()), head(value)
{}
LAZY_IMPORTER_FORCEINLINE void reset() noexcept
{
value = head->load_order_next();
}
LAZY_IMPORTER_FORCEINLINE bool next() noexcept
{
value = value->load_order_next();
return value != head && value->DllBase;
}
};
struct unsafe_module_enumerator {
using value_type = const detail::win::LDR_DATA_TABLE_ENTRY_T*;
value_type value;
LAZY_IMPORTER_FORCEINLINE unsafe_module_enumerator() noexcept
: value(ldr_data_entry())
{}
LAZY_IMPORTER_FORCEINLINE void reset() noexcept { value = ldr_data_entry(); }
LAZY_IMPORTER_FORCEINLINE bool next() noexcept
{
value = value->load_order_next();
return true;
}
};
// provides the cached functions which use Derive classes methods
template<class Derived, class DefaultType = void*>
class lazy_base {
protected:
// This function is needed because every templated function
// with different args has its own static buffer
LAZY_IMPORTER_FORCEINLINE static void*& _cache() noexcept
{
static void* value = nullptr;
return value;
}
public:
template<class T = DefaultType>
LAZY_IMPORTER_FORCEINLINE static T safe() noexcept
{
return Derived::template get<T, safe_module_enumerator>();
}
template<class T = DefaultType, class Enum = unsafe_module_enumerator>
LAZY_IMPORTER_FORCEINLINE static T cached() noexcept
{
auto& cached = _cache();
if(!cached)
cached = Derived::template get<void*, Enum>();
return (T)(cached);
}
template<class T = DefaultType>
LAZY_IMPORTER_FORCEINLINE static T safe_cached() noexcept
{
return cached<T, safe_module_enumerator>();
}
};
template<offset_hash_pair OHP>
struct lazy_module : lazy_base<lazy_module<OHP>> {
template<class T = void*, class Enum = unsafe_module_enumerator>
LAZY_IMPORTER_FORCEINLINE static T get() noexcept
{
Enum e;
do {
if(hash(e.value->BaseDllName, get_offset(OHP)) == get_hash(OHP))
return (T)(e.value->DllBase);
} while(e.next());
return {};
}
template<class T = void*, class Ldr>
LAZY_IMPORTER_FORCEINLINE static T in(Ldr ldr) noexcept
{
safe_module_enumerator e(reinterpret_cast<const detail::win::LDR_DATA_TABLE_ENTRY_T*>(ldr));
do {
if(hash(e.value->BaseDllName, get_offset(OHP)) == get_hash(OHP))
return (T)(e.value->DllBase);
} while(e.next());
return {};
}
template<class T = void*, class Ldr>
LAZY_IMPORTER_FORCEINLINE static T in_cached(Ldr ldr) noexcept
{
auto& cached = lazy_base<lazy_module<OHP>>::_cache();
if(!cached)
cached = in(ldr);
return (T)(cached);
}
};
template<offset_hash_pair OHP, class T>
struct lazy_function : lazy_base<lazy_function<OHP, T>, T> {
using base_type = lazy_base<lazy_function<OHP, T>, T>;
template<class... Args>
LAZY_IMPORTER_FORCEINLINE decltype(auto) operator()(Args&&... args) const
{
#ifndef LAZY_IMPORTER_CACHE_OPERATOR_PARENS
return get()(LAZY_IMPORTER_CPP_FORWARD(Args, args)...);
#else
return this->cached()(LAZY_IMPORTER_CPP_FORWARD(Args, args)...);
#endif
}
template<class F = T, class Enum = unsafe_module_enumerator>
LAZY_IMPORTER_FORCEINLINE static F get() noexcept
{
// for backwards compatability.
// Before 2.0 it was only possible to resolve forwarded exports when
// this macro was enabled
#ifdef LAZY_IMPORTER_RESOLVE_FORWARDED_EXPORTS
return forwarded<F, Enum>();
#else
Enum e;
do {
#ifdef LAZY_IMPORTER_HARDENED_MODULE_CHECKS
if(!e.value->DllBase || !e.value->FullDllName.Length)
continue;
#endif
const exports_directory exports(e.value->DllBase);
if(exports) {
auto export_index = exports.size();
while(export_index--)
if(hash(exports.name(export_index), get_offset(OHP)) == get_hash(OHP))
return (F)(exports.address(export_index));
}
} while(e.next());
return {};
#endif
}
template<class F = T, class Enum = unsafe_module_enumerator>
LAZY_IMPORTER_FORCEINLINE static F forwarded() noexcept
{
detail::win::UNICODE_STRING_T name;
forwarded_hashes hashes{ 0, get_hash(OHP) };
Enum e;
do {
name = e.value->BaseDllName;
name.Length -= 8; // get rid of .dll extension
if(!hashes.module_hash || hash(name, get_offset(OHP)) == hashes.module_hash) {
const exports_directory exports(e.value->DllBase);
if(exports) {
auto export_index = exports.size();
while(export_index--)
if(hash(exports.name(export_index), get_offset(OHP)) == hashes.function_hash) {
const auto addr = exports.address(export_index);
if(exports.is_forwarded(addr)) {
hashes = hash_forwarded(
reinterpret_cast<const char*>(addr),
get_offset(OHP));
e.reset();
break;
}
return (F)(addr);
}
}
}
} while(e.next());
return {};
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F forwarded_safe() noexcept
{
return forwarded<F, safe_module_enumerator>();
}
template<class F = T, class Enum = unsafe_module_enumerator>
LAZY_IMPORTER_FORCEINLINE static F forwarded_cached() noexcept
{
auto& value = base_type::_cache();
if(!value)
value = forwarded<void*, Enum>();
return (F)(value);
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F forwarded_safe_cached() noexcept
{
return forwarded_cached<F, safe_module_enumerator>();
}
template<class F = T, bool IsSafe = false, class Module>
LAZY_IMPORTER_FORCEINLINE static F in(Module m) noexcept
{
if(IsSafe && !m)
return {};
const exports_directory exports((const char*)(m));
if(IsSafe && !exports)
return {};
for(unsigned long i{};; ++i) {
if(IsSafe && i == exports.size())
break;
if(hash(exports.name(i), get_offset(OHP)) == get_hash(OHP))
return (F)(exports.address(i));
}
return {};
}
template<class F = T, class Module>
LAZY_IMPORTER_FORCEINLINE static F in_safe(Module m) noexcept
{
return in<F, true>(m);
}
template<class F = T, bool IsSafe = false, class Module>
LAZY_IMPORTER_FORCEINLINE static F in_cached(Module m) noexcept
{
auto& value = base_type::_cache();
if(!value)
value = in<void*, IsSafe>(m);
return (F)(value);
}
template<class F = T, class Module>
LAZY_IMPORTER_FORCEINLINE static F in_safe_cached(Module m) noexcept
{
return in_cached<F, true>(m);
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F nt() noexcept
{
return in<F>(ldr_data_entry()->load_order_next()->DllBase);
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F nt_safe() noexcept
{
return in_safe<F>(ldr_data_entry()->load_order_next()->DllBase);
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F nt_cached() noexcept
{
return in_cached<F>(ldr_data_entry()->load_order_next()->DllBase);
}
template<class F = T>
LAZY_IMPORTER_FORCEINLINE static F nt_safe_cached() noexcept
{
return in_safe_cached<F>(ldr_data_entry()->load_order_next()->DllBase);
}
};
}} // namespace li::detail
#endif // include guard

456
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/syscall.h Normal file
View File

@@ -0,0 +1,456 @@
#pragma once
#ifndef DIRECT_SYSCALL_HPP
#define DIRECT_SYSCALL_HPP
#include <cstdint>
#include <string>
#include <windows.h>
#ifndef SYSCALL_NO_FORCEINLINE
#if defined(_MSC_VER)
#define SYSCALL_FORCEINLINE __forceinline
#endif
#else
#define SYSCALL_FORCEINLINE inline
#endif
#include <intrin.h>
#include <memory>
#include <vector>
#define SYSCALL_HASH_CT(str) \
[]() [[msvc::forceinline]] { \
constexpr uint32_t hash_out{::syscall::fnv1a::hash_ctime(str)}; \
\
return hash_out; \
}()
#define SYSCALL_HASH(str) ::syscall::fnv1a::hash_rtime(str)
#define INVOKE_LAZY_FN(type, export_name, ...) \
[&]() [[msvc::forceinline]] { \
constexpr uint32_t export_hash{::syscall::fnv1a::hash_ctime(#export_name)}; \
\
return syscall::invoke_lazy_import<type>(export_hash, __VA_ARGS__); \
}()
#define INVOKE_SYSCALL(type, export_name, ...) \
[&]() [[msvc::forceinline]] { \
constexpr uint32_t export_hash{::syscall::fnv1a::hash_ctime(#export_name)}; \
\
return syscall::invoke_syscall<type>(export_hash, __VA_ARGS__); \
}()
namespace syscall {
namespace nt {
typedef struct _PEB_LDR_DATA {
ULONG Length;
BOOLEAN Initialized;
PVOID SsHandle;
LIST_ENTRY InLoadOrderModuleList;
LIST_ENTRY InMemoryOrderModuleList;
LIST_ENTRY InInitializationOrderModuleList;
} PEB_LDR_DATA, * PPEB_LDR_DATA;
struct UNICODE_STRING {
uint16_t Length;
uint16_t MaximumLength;
wchar_t* Buffer;
};
typedef struct _LDR_MODULE {
LIST_ENTRY InLoadOrderModuleList;
LIST_ENTRY InMemoryOrderModuleList;
LIST_ENTRY InInitializationOrderModuleList;
PVOID BaseAddress;
PVOID EntryPoint;
ULONG SizeOfImage;
UNICODE_STRING FullDllName;
UNICODE_STRING BaseDllName;
ULONG Flags;
SHORT LoadCount;
SHORT TlsIndex;
LIST_ENTRY HashTableEntry;
ULONG TimeDateStamp;
} LDR_MODULE, * PLDR_MODULE;
typedef struct _PEB_FREE_BLOCK {
_PEB_FREE_BLOCK* Next;
ULONG Size;
} PEB_FREE_BLOCK, * PPEB_FREE_BLOCK;
typedef struct _LDR_DATA_TABLE_ENTRY {
LIST_ENTRY InLoadOrderLinks;
LIST_ENTRY InMemoryOrderLinks;
PVOID Reserved2[2];
PVOID DllBase;
PVOID EntryPoint;
PVOID Reserved3;
UNICODE_STRING FullDllName;
UNICODE_STRING BaseDllName;
PVOID Reserved5[3];
union {
ULONG CheckSum;
PVOID Reserved6;
};
ULONG TimeDateStamp;
} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;
typedef struct _RTL_DRIVE_LETTER_CURDIR {
USHORT Flags;
USHORT Length;
ULONG TimeStamp;
UNICODE_STRING DosPath;
} RTL_DRIVE_LETTER_CURDIR, * PRTL_DRIVE_LETTER_CURDIR;
typedef struct _RTL_USER_PROCESS_PARAMETERS {
ULONG MaximumLength;
ULONG Length;
ULONG Flags;
ULONG DebugFlags;
PVOID ConsoleHandle;
ULONG ConsoleFlags;
HANDLE StdInputHandle;
HANDLE StdOutputHandle;
HANDLE StdErrorHandle;
UNICODE_STRING CurrentDirectoryPath;
HANDLE CurrentDirectoryHandle;
UNICODE_STRING DllPath;
UNICODE_STRING ImagePathName;
UNICODE_STRING CommandLine;
PVOID Environment;
ULONG StartingPositionLeft;
ULONG StartingPositionTop;
ULONG Width;
ULONG Height;
ULONG CharWidth;
ULONG CharHeight;
ULONG ConsoleTextAttributes;
ULONG WindowFlags;
ULONG ShowWindowFlags;
UNICODE_STRING WindowTitle;
UNICODE_STRING DesktopName;
UNICODE_STRING ShellInfo;
UNICODE_STRING RuntimeData;
RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];
} RTL_USER_PROCESS_PARAMETERS, * PRTL_USER_PROCESS_PARAMETERS;
typedef struct _PEB {
BOOLEAN InheritedAddressSpace;
BOOLEAN ReadImageFileExecOptions;
BOOLEAN BeingDebugged;
BOOLEAN Spare;
HANDLE Mutant;
PVOID ImageBaseAddress;
PPEB_LDR_DATA LoaderData;
RTL_USER_PROCESS_PARAMETERS ProcessParameters;
PVOID SubSystemData;
PVOID ProcessHeap;
PVOID FastPebLock;
uintptr_t FastPebLockRoutine;
uintptr_t FastPebUnlockRoutine;
ULONG EnvironmentUpdateCount;
uintptr_t KernelCallbackTable;
PVOID EventLogSection;
PVOID EventLog;
PPEB_FREE_BLOCK FreeList;
ULONG TlsExpansionCounter;
PVOID TlsBitmap;
ULONG TlsBitmapBits[0x2];
PVOID ReadOnlySharedMemoryBase;
PVOID ReadOnlySharedMemoryHeap;
uintptr_t ReadOnlyStaticServerData;
PVOID AnsiCodePageData;
PVOID OemCodePageData;
PVOID UnicodeCaseTableData;
ULONG NumberOfProcessors;
ULONG NtGlobalFlag;
BYTE Spare2[0x4];
LARGE_INTEGER CriticalSectionTimeout;
ULONG HeapSegmentReserve;
ULONG HeapSegmentCommit;
ULONG HeapDeCommitTotalFreeThreshold;
ULONG HeapDeCommitFreeBlockThreshold;
ULONG NumberOfHeaps;
ULONG MaximumNumberOfHeaps;
uintptr_t* ProcessHeaps;
PVOID GdiSharedHandleTable;
PVOID ProcessStarterHelper;
PVOID GdiDCAttributeList;
PVOID LoaderLock;
ULONG OSMajorVersion;
ULONG OSMinorVersion;
ULONG OSBuildNumber;
ULONG OSPlatformId;
ULONG ImageSubSystem;
ULONG ImageSubSystemMajorVersion;
ULONG ImageSubSystemMinorVersion;
ULONG GdiHandleBuffer[0x22];
ULONG PostProcessInitRoutine;
ULONG TlsExpansionBitmap;
BYTE TlsExpansionBitmapBits[0x80];
ULONG SessionId;
} PEB, * PPEB;
}// namespace nt
constexpr uint32_t xor_key_1 = __TIME__[2];
constexpr uint32_t xor_key_2 = __TIME__[4];
constexpr uint32_t xor_key_offset = (xor_key_1 ^ xor_key_2);
namespace fnv1a {
constexpr uint32_t fnv_prime_value = 0x01000193;
SYSCALL_FORCEINLINE consteval uint32_t hash_ctime(const char* input, unsigned val = 0x811c9dc5 ^ ::syscall::xor_key_offset) noexcept
{
return input[0] == CS_XOR('\0') ? val : hash_ctime(input + 1, (val ^ *input) * fnv_prime_value);
}
SYSCALL_FORCEINLINE constexpr uint32_t hash_rtime(const char* input, unsigned val = 0x811c9dc5 ^ ::syscall::xor_key_offset) noexcept
{
return input[0] == CS_XOR('\0') ? val : hash_rtime(input + 1, (val ^ *input) * fnv_prime_value);
}
}// namespace fnv1a
namespace utils {
SYSCALL_FORCEINLINE std::string wide_to_string(wchar_t* buffer) noexcept
{
const auto out{ std::wstring(buffer) };
if (out.empty())
return "";
return std::string(out.begin(), out.end());
}
}// namespace utils
namespace win {
SYSCALL_FORCEINLINE nt::PEB* get_peb() noexcept
{
#if defined(_M_IX86) || defined(__i386__)
return reinterpret_cast<::syscall::nt::PEB*>(__readfsdword(0x30));
#else
return reinterpret_cast<::syscall::nt::PEB*>(__readgsqword(0x60));
#endif
}
template<typename T>
static SYSCALL_FORCEINLINE T get_module_handle_from_hash(const uint32_t& module_hash) noexcept
{
auto peb = ::syscall::win::get_peb();
if (!peb)
return NULL;
auto head = &peb->LoaderData->InLoadOrderModuleList;
for (auto it = head->Flink; it != head; it = it->Flink) {
::syscall::nt::_LDR_DATA_TABLE_ENTRY* ldr_entry = CONTAINING_RECORD(it, nt::LDR_DATA_TABLE_ENTRY,
InLoadOrderLinks);
if (!ldr_entry->BaseDllName.Buffer)
continue;
auto name = ::syscall::utils::wide_to_string(ldr_entry->BaseDllName.Buffer);
if (SYSCALL_HASH(name.data()) == module_hash)
return reinterpret_cast<T>(ldr_entry->DllBase);
}
return NULL;
}
template<typename T>
static SYSCALL_FORCEINLINE T get_module_export_from_table(uintptr_t module_address,
const uint32_t& export_hash) noexcept
{
auto dos_headers = reinterpret_cast<IMAGE_DOS_HEADER*>(module_address);
if (dos_headers->e_magic != IMAGE_DOS_SIGNATURE)
return NULL;
PIMAGE_EXPORT_DIRECTORY export_directory = nullptr;
auto nt_headers32 = reinterpret_cast<PIMAGE_NT_HEADERS32>(module_address + dos_headers->e_lfanew);
auto nt_headers64 = reinterpret_cast<PIMAGE_NT_HEADERS64>(module_address + dos_headers->e_lfanew);
PIMAGE_OPTIONAL_HEADER32 optional_header32 = &nt_headers32->OptionalHeader;
PIMAGE_OPTIONAL_HEADER64 optional_header64 = &nt_headers64->OptionalHeader;
// for 32bit modules.
if (nt_headers32->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
// does not have a export table.
if (optional_header32->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size <= 0U)
return NULL;
export_directory = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(module_address + optional_header32->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
}
// for 64bit modules.
else if (nt_headers64->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
// does not have a export table.
if (optional_header64->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size <= 0U)
return NULL;
export_directory = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(module_address + optional_header64->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
}
auto names_rva = reinterpret_cast<uint32_t*>(module_address + export_directory->AddressOfNames);
auto functions_rva = reinterpret_cast<uint32_t*>(module_address + export_directory->AddressOfFunctions);
auto name_ordinals = reinterpret_cast<unsigned short*>(module_address + export_directory->AddressOfNameOrdinals);
uint32_t number_of_names = export_directory->NumberOfNames;
for (size_t i = 0ul; i < number_of_names; i++) {
const char* export_name = reinterpret_cast<const char*>(module_address + names_rva[i]);
if (export_hash == SYSCALL_HASH(export_name))
return static_cast<T>(module_address + functions_rva[name_ordinals[i]]);
}
return NULL;
}
template<typename T>
SYSCALL_FORCEINLINE T force_find_export(const uint32_t& export_hash) noexcept
{
auto peb = ::syscall::win::get_peb();
if (!peb || !export_hash)
return NULL;
auto head = &peb->LoaderData->InLoadOrderModuleList;
for (auto it = head->Flink; it != head; it = it->Flink) {
::syscall::nt::_LDR_DATA_TABLE_ENTRY* ldr_entry = CONTAINING_RECORD(it,
nt::LDR_DATA_TABLE_ENTRY,
InLoadOrderLinks);
if (!ldr_entry->BaseDllName.Buffer)
continue;
auto name = ::syscall::utils::wide_to_string(ldr_entry->BaseDllName.Buffer);
auto export_address = ::syscall::win::get_module_export_from_table<uintptr_t>(
reinterpret_cast<uintptr_t>(ldr_entry->DllBase),
export_hash);
if (!export_address)
continue;
return static_cast<T>(export_address);
}
}
}// namespace win
SYSCALL_FORCEINLINE uint16_t get_return_code_from_export(uintptr_t export_address) noexcept
{
if (!export_address)
return NULL;
return *reinterpret_cast<int*>(static_cast<uintptr_t>(export_address + 12) + 1);
}
SYSCALL_FORCEINLINE int get_syscall_id_from_export(uintptr_t export_address) noexcept
{
if (!export_address)
return NULL;
#if defined(_M_IX86) || defined(__i386__)
return *reinterpret_cast<int*>(static_cast<uintptr_t>(export_address) + 1);
#else
return *reinterpret_cast<int*>(static_cast<uintptr_t>(export_address + 3) + 1);
#endif
}
struct create_function {
void* _allocated_memory = nullptr;
void* _function = nullptr;
uint32_t _export_hash;
public:
SYSCALL_FORCEINLINE ~create_function() noexcept
{
if (this->_allocated_memory) {
VirtualFree(this->_allocated_memory, 0, MEM_RELEASE);
this->_allocated_memory = nullptr;
}
}
SYSCALL_FORCEINLINE create_function(uint32_t export_hash) noexcept
: _export_hash(export_hash)
{
static auto exported_address = ::syscall::win::force_find_export<uintptr_t>(this->_export_hash);
static auto syscall_table_id = ::syscall::get_syscall_id_from_export(exported_address);
if (!exported_address || !syscall_table_id)
return;
std::vector<uint8_t> shellcode = {
#if defined(_M_IX86) || defined(__i386__)
0xB8, 0x00, 0x10, 0x00, 0x00, // mov eax, <syscall_id>
0x64, 0x8B, 0x15, 0xC0, 0x00, 0x00, 0x00,// mov edx, DWORD PTR fs:0xc0 (
0xFF, 0xD2, // call edx
0xC2, 0x04, 0x00 // ret 4
#else
0x49, 0x89, 0xCA, // mov r10, rcx
0xB8, 0x3F, 0x10, 0x00, 0x00, // mov eax, <syscall_id>
0x0F, 0x05, // syscall
0xC3 // ret
#endif
};
#if defined(_M_IX86) || defined(__i386__)
// required for x86 ONLY!
* reinterpret_cast<uint16_t*>(&shellcode[15]) = ::syscall::get_return_code_from_export(exported_address);
*reinterpret_cast<int*>(&shellcode[1]) = syscall_table_id;
#else
* reinterpret_cast<int*>(&shellcode[4]) = syscall_table_id;
#endif
this->_allocated_memory = VirtualAlloc(nullptr,
sizeof(shellcode),
MEM_COMMIT | MEM_RESERVE,
PAGE_EXECUTE_READWRITE);
if (!this->_allocated_memory) {
return;
}
memcpy(this->_allocated_memory, shellcode.data(), sizeof(shellcode));
*reinterpret_cast<void**>(&this->_function) = this->_allocated_memory;
}
SYSCALL_FORCEINLINE bool is_valid_address() noexcept
{
return this->_function != nullptr;
}
template<typename T, typename... Args>
SYSCALL_FORCEINLINE T invoke_call(Args... arguments) noexcept
{
return reinterpret_cast<T(__stdcall*)(Args...)>(this->_function)(arguments...);
}
};
template<typename T, typename... Args>
SYSCALL_FORCEINLINE T invoke_syscall(uint32_t export_hash, Args... arguments) noexcept
{
static auto syscall_function = ::syscall::create_function(export_hash);
if (!syscall_function.is_valid_address()) {
return NULL;
}
return syscall_function.invoke_call<T>(arguments...);
}
template<typename T, typename... Args>
SYSCALL_FORCEINLINE T invoke_lazy_import(uint32_t export_hash, Args... arguments) noexcept
{
static auto exported_function = ::syscall::win::force_find_export<uintptr_t>(export_hash);
if (exported_function)
return reinterpret_cast<T(__stdcall*)(Args...)>(exported_function)(arguments...);
}
}// namespace syscall
#endif// DIRECT_SYSCALL_HPP

1681
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/virtualization/VirtualizerSDK64.asm Normal file
View File

File diff suppressed because it is too large Load Diff

189
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/virtualization/VirtualizerSDK64.h Normal file
View File

@@ -0,0 +1,189 @@
/******************************************************************************
Header: VirtualizerSDKCustomVMsMacros.h
Description: Definition of CustomVM macros
Author/s: Oreans Technologies
(c) 2015 Oreans Technologies
--- File generated automatically from Oreans VM Generator (16/6/2015) ---
******************************************************************************/
// ****************************************************************************
// Declaration of Custom VM macros
// ****************************************************************************
#define PLATFORM_X64 1
#ifdef __cplusplus
extern "C" {
#endif
#if defined(PLATFORM_X32)
void __stdcall VIRTUALIZER_TIGER_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_TIGER_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_TIGER_RED_START_ASM32();
void __stdcall VIRTUALIZER_TIGER_RED_END_ASM32();
void __stdcall VIRTUALIZER_TIGER_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_TIGER_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_FISH_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_FISH_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_FISH_RED_START_ASM32();
void __stdcall VIRTUALIZER_FISH_RED_END_ASM32();
void __stdcall VIRTUALIZER_FISH_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_FISH_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_PUMA_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_PUMA_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_PUMA_RED_START_ASM32();
void __stdcall VIRTUALIZER_PUMA_RED_END_ASM32();
void __stdcall VIRTUALIZER_PUMA_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_PUMA_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_SHARK_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_SHARK_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_SHARK_RED_START_ASM32();
void __stdcall VIRTUALIZER_SHARK_RED_END_ASM32();
void __stdcall VIRTUALIZER_SHARK_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_SHARK_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_RED_START_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_RED_END_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_DOLPHIN_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_EAGLE_WHITE_START_ASM32();
void __stdcall VIRTUALIZER_EAGLE_WHITE_END_ASM32();
void __stdcall VIRTUALIZER_EAGLE_RED_START_ASM32();
void __stdcall VIRTUALIZER_EAGLE_RED_END_ASM32();
void __stdcall VIRTUALIZER_EAGLE_BLACK_START_ASM32();
void __stdcall VIRTUALIZER_EAGLE_BLACK_END_ASM32();
void __stdcall VIRTUALIZER_MUTATE_ONLY_START_ASM32();
void __stdcall VIRTUALIZER_MUTATE_ONLY_END_ASM32();
#define VIRTUALIZER_TIGER_WHITE_START VIRTUALIZER_TIGER_WHITE_START_ASM32();
#define VIRTUALIZER_TIGER_WHITE_END VIRTUALIZER_TIGER_WHITE_END_ASM32();
#define VIRTUALIZER_TIGER_RED_START VIRTUALIZER_TIGER_RED_START_ASM32();
#define VIRTUALIZER_TIGER_RED_END VIRTUALIZER_TIGER_RED_END_ASM32();
#define VIRTUALIZER_TIGER_BLACK_START VIRTUALIZER_TIGER_BLACK_START_ASM32();
#define VIRTUALIZER_TIGER_BLACK_END VIRTUALIZER_TIGER_BLACK_END_ASM32();
#define VIRTUALIZER_FISH_WHITE_START VIRTUALIZER_FISH_WHITE_START_ASM32();
#define VIRTUALIZER_FISH_WHITE_END VIRTUALIZER_FISH_WHITE_END_ASM32();
#define VIRTUALIZER_FISH_RED_START VIRTUALIZER_FISH_RED_START_ASM32();
#define VIRTUALIZER_FISH_RED_END VIRTUALIZER_FISH_RED_END_ASM32();
#define VIRTUALIZER_FISH_BLACK_START VIRTUALIZER_FISH_BLACK_START_ASM32();
#define VIRTUALIZER_FISH_BLACK_END VIRTUALIZER_FISH_BLACK_END_ASM32();
#define VIRTUALIZER_PUMA_WHITE_START VIRTUALIZER_PUMA_WHITE_START_ASM32();
#define VIRTUALIZER_PUMA_WHITE_END VIRTUALIZER_PUMA_WHITE_END_ASM32();
#define VIRTUALIZER_PUMA_RED_START VIRTUALIZER_PUMA_RED_START_ASM32();
#define VIRTUALIZER_PUMA_RED_END VIRTUALIZER_PUMA_RED_END_ASM32();
#define VIRTUALIZER_PUMA_BLACK_START VIRTUALIZER_PUMA_BLACK_START_ASM32();
#define VIRTUALIZER_PUMA_BLACK_END VIRTUALIZER_PUMA_BLACK_END_ASM32();
#define VIRTUALIZER_SHARK_WHITE_START VIRTUALIZER_SHARK_WHITE_START_ASM32();
#define VIRTUALIZER_SHARK_WHITE_END VIRTUALIZER_SHARK_WHITE_END_ASM32();
#define VIRTUALIZER_SHARK_RED_START VIRTUALIZER_SHARK_RED_START_ASM32();
#define VIRTUALIZER_SHARK_RED_END VIRTUALIZER_SHARK_RED_END_ASM32();
#define VIRTUALIZER_SHARK_BLACK_START VIRTUALIZER_SHARK_BLACK_START_ASM32();
#define VIRTUALIZER_SHARK_BLACK_END VIRTUALIZER_SHARK_BLACK_END_ASM32();
#define VIRTUALIZER_DOLPHIN_WHITE_START VIRTUALIZER_DOLPHIN_WHITE_START_ASM32();
#define VIRTUALIZER_DOLPHIN_WHITE_END VIRTUALIZER_DOLPHIN_WHITE_END_ASM32();
#define VIRTUALIZER_DOLPHIN_RED_START VIRTUALIZER_DOLPHIN_RED_START_ASM32();
#define VIRTUALIZER_DOLPHIN_RED_END VIRTUALIZER_DOLPHIN_RED_END_ASM32();
#define VIRTUALIZER_DOLPHIN_BLACK_START VIRTUALIZER_DOLPHIN_BLACK_START_ASM32();
#define VIRTUALIZER_DOLPHIN_BLACK_END VIRTUALIZER_DOLPHIN_BLACK_END_ASM32();
#define VIRTUALIZER_EAGLE_WHITE_START VIRTUALIZER_EAGLE_WHITE_START_ASM32();
#define VIRTUALIZER_EAGLE_WHITE_END VIRTUALIZER_EAGLE_WHITE_END_ASM32();
#define VIRTUALIZER_EAGLE_RED_START VIRTUALIZER_EAGLE_RED_START_ASM32();
#define VIRTUALIZER_EAGLE_RED_END VIRTUALIZER_EAGLE_RED_END_ASM32();
#define VIRTUALIZER_EAGLE_BLACK_START VIRTUALIZER_EAGLE_BLACK_START_ASM32();
#define VIRTUALIZER_EAGLE_BLACK_END VIRTUALIZER_EAGLE_BLACK_END_ASM32();
#define VIRTUALIZER_MUTATE_ONLY_START VIRTUALIZER_MUTATE_ONLY_START_ASM32();
#define VIRTUALIZER_MUTATE_ONLY_END VIRTUALIZER_MUTATE_ONLY_END_ASM32();
#endif
#if defined(PLATFORM_X64)
void __stdcall VIRTUALIZER_TIGER_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_TIGER_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_TIGER_RED_START_ASM64();
void __stdcall VIRTUALIZER_TIGER_RED_END_ASM64();
void __stdcall VIRTUALIZER_TIGER_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_TIGER_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_FISH_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_FISH_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_FISH_RED_START_ASM64();
void __stdcall VIRTUALIZER_FISH_RED_END_ASM64();
void __stdcall VIRTUALIZER_FISH_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_FISH_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_PUMA_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_PUMA_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_PUMA_RED_START_ASM64();
void __stdcall VIRTUALIZER_PUMA_RED_END_ASM64();
void __stdcall VIRTUALIZER_PUMA_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_PUMA_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_SHARK_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_SHARK_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_SHARK_RED_START_ASM64();
void __stdcall VIRTUALIZER_SHARK_RED_END_ASM64();
void __stdcall VIRTUALIZER_SHARK_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_SHARK_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_RED_START_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_RED_END_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_DOLPHIN_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_EAGLE_WHITE_START_ASM64();
void __stdcall VIRTUALIZER_EAGLE_WHITE_END_ASM64();
void __stdcall VIRTUALIZER_EAGLE_RED_START_ASM64();
void __stdcall VIRTUALIZER_EAGLE_RED_END_ASM64();
void __stdcall VIRTUALIZER_EAGLE_BLACK_START_ASM64();
void __stdcall VIRTUALIZER_EAGLE_BLACK_END_ASM64();
void __stdcall VIRTUALIZER_MUTATE_ONLY_START_ASM64();
void __stdcall VIRTUALIZER_MUTATE_ONLY_END_ASM64();
#define VIRTUALIZER_TIGER_WHITE_START VIRTUALIZER_TIGER_WHITE_START_ASM64();
#define VIRTUALIZER_TIGER_WHITE_END VIRTUALIZER_TIGER_WHITE_END_ASM64();
#define VIRTUALIZER_TIGER_RED_START VIRTUALIZER_TIGER_RED_START_ASM64();
#define VIRTUALIZER_TIGER_RED_END VIRTUALIZER_TIGER_RED_END_ASM64();
#define VIRTUALIZER_TIGER_BLACK_START VIRTUALIZER_TIGER_BLACK_START_ASM64();
#define VIRTUALIZER_TIGER_BLACK_END VIRTUALIZER_TIGER_BLACK_END_ASM64();
#define VIRTUALIZER_FISH_WHITE_START VIRTUALIZER_FISH_WHITE_START_ASM64();
#define VIRTUALIZER_FISH_WHITE_END VIRTUALIZER_FISH_WHITE_END_ASM64();
#define VIRTUALIZER_FISH_RED_START VIRTUALIZER_FISH_RED_START_ASM64();
#define VIRTUALIZER_FISH_RED_END VIRTUALIZER_FISH_RED_END_ASM64();
#define VIRTUALIZER_FISH_BLACK_START VIRTUALIZER_FISH_BLACK_START_ASM64();
#define VIRTUALIZER_FISH_BLACK_END VIRTUALIZER_FISH_BLACK_END_ASM64();
#define VIRTUALIZER_PUMA_WHITE_START VIRTUALIZER_PUMA_WHITE_START_ASM64();
#define VIRTUALIZER_PUMA_WHITE_END VIRTUALIZER_PUMA_WHITE_END_ASM64();
#define VIRTUALIZER_PUMA_RED_START VIRTUALIZER_PUMA_RED_START_ASM64();
#define VIRTUALIZER_PUMA_RED_END VIRTUALIZER_PUMA_RED_END_ASM64();
#define VIRTUALIZER_PUMA_BLACK_START VIRTUALIZER_PUMA_BLACK_START_ASM64();
#define VIRTUALIZER_PUMA_BLACK_END VIRTUALIZER_PUMA_BLACK_END_ASM64();
#define VIRTUALIZER_SHARK_WHITE_START VIRTUALIZER_SHARK_WHITE_START_ASM64();
#define VIRTUALIZER_SHARK_WHITE_END VIRTUALIZER_SHARK_WHITE_END_ASM64();
#define VIRTUALIZER_SHARK_RED_START VIRTUALIZER_SHARK_RED_START_ASM64();
#define VIRTUALIZER_SHARK_RED_END VIRTUALIZER_SHARK_RED_END_ASM64();
#define VIRTUALIZER_SHARK_BLACK_START VIRTUALIZER_SHARK_BLACK_START_ASM64();
#define VIRTUALIZER_SHARK_BLACK_END VIRTUALIZER_SHARK_BLACK_END_ASM64();
#define VIRTUALIZER_DOLPHIN_WHITE_START VIRTUALIZER_DOLPHIN_WHITE_START_ASM64();
#define VIRTUALIZER_DOLPHIN_WHITE_END VIRTUALIZER_DOLPHIN_WHITE_END_ASM64();
#define VIRTUALIZER_DOLPHIN_RED_START VIRTUALIZER_DOLPHIN_RED_START_ASM64();
#define VIRTUALIZER_DOLPHIN_RED_END VIRTUALIZER_DOLPHIN_RED_END_ASM64();
#define VIRTUALIZER_DOLPHIN_BLACK_START VIRTUALIZER_DOLPHIN_BLACK_START_ASM64();
#define VIRTUALIZER_DOLPHIN_BLACK_END VIRTUALIZER_DOLPHIN_BLACK_END_ASM64();
#define VIRTUALIZER_EAGLE_WHITE_START VIRTUALIZER_EAGLE_WHITE_START_ASM64();
#define VIRTUALIZER_EAGLE_WHITE_END VIRTUALIZER_EAGLE_WHITE_END_ASM64();
#define VIRTUALIZER_EAGLE_RED_START VIRTUALIZER_EAGLE_RED_START_ASM64();
#define VIRTUALIZER_EAGLE_RED_END VIRTUALIZER_EAGLE_RED_END_ASM64();
#define VIRTUALIZER_EAGLE_BLACK_START VIRTUALIZER_EAGLE_BLACK_START_ASM64();
#define VIRTUALIZER_EAGLE_BLACK_END VIRTUALIZER_EAGLE_BLACK_END_ASM64();
#define VIRTUALIZER_MUTATE_ONLY_START VIRTUALIZER_MUTATE_ONLY_START_ASM64();
#define VIRTUALIZER_MUTATE_ONLY_END VIRTUALIZER_MUTATE_ONLY_END_ASM64();
#endif
#ifdef __cplusplus
}
#endif

394
examples/Axion-CS2-RAGE-CHEAT/cstrike/core/spoofcall/virtualization/VirtualizerSDK64.inc Normal file
View File

@@ -0,0 +1,394 @@
; ******************************************************************************
; Header: VirtualizerSDK_CustomVMs_masm64.inc
; Description: MASM64 macros definitions
;
; Author/s: Oreans Technologies
; (c) 2015 Oreans Technologies
;
; --- File generated automatically from Oreans VM Generator (16/6/2015) ---
; ******************************************************************************
; ******************************************************************************
; Macros definition
; ******************************************************************************
VIRTUALIZER_TIGER_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 103
dd 0
dd 20205643h
ENDM
VIRTUALIZER_TIGER_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 503
dd 0
dd 20205643h
ENDM
VIRTUALIZER_TIGER_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 104
dd 0
dd 20205643h
ENDM
VIRTUALIZER_TIGER_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 504
dd 0
dd 20205643h
ENDM
VIRTUALIZER_TIGER_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 105
dd 0
dd 20205643h
ENDM
VIRTUALIZER_TIGER_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 505
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 107
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 507
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 109
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 509
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 111
dd 0
dd 20205643h
ENDM
VIRTUALIZER_FISH_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 511
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 113
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 513
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 115
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 515
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 117
dd 0
dd 20205643h
ENDM
VIRTUALIZER_PUMA_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 517
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 119
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 519
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 121
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 521
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 123
dd 0
dd 20205643h
ENDM
VIRTUALIZER_SHARK_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 523
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 135
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 535
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 137
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 537
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 139
dd 0
dd 20205643h
ENDM
VIRTUALIZER_DOLPHIN_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 539
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_WHITE_START MACRO
db 0ebh, 10h
dd 20205643h
dd 147
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_WHITE_END MACRO
db 0ebh, 10h
dd 20205643h
dd 547
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_RED_START MACRO
db 0ebh, 10h
dd 20205643h
dd 149
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_RED_END MACRO
db 0ebh, 10h
dd 20205643h
dd 549
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_BLACK_START MACRO
db 0ebh, 10h
dd 20205643h
dd 151
dd 0
dd 20205643h
ENDM
VIRTUALIZER_EAGLE_BLACK_END MACRO
db 0ebh, 10h
dd 20205643h
dd 551
dd 0
dd 20205643h
ENDM
VIRTUALIZER_MUTATE_ONLY_START MACRO
db 0ebh, 10h
dd 20205643h
dd 16
dd 0
dd 20205643h
ENDM
VIRTUALIZER_MUTATE_ONLY_END MACRO
db 0ebh, 10h
dd 20205643h
dd 17
dd 0
dd 20205643h
ENDM