Raised This Month: $4 Target: $400
 1% 

[INC/ANY] Memory Extended 2.0 [WINAPI/Inject DLL through SourcePawn]


Post New Thread Reply   
 
Thread Tools Display Modes
Author
Rostu
Junior Member
Join Date: Feb 2019
Plugin ID:
6865
Plugin Version:
2.0
Plugin Category:
General Purpose
Plugin Game:
Any
Plugin Dependencies:
    Servers with this Plugin:
     
    Plugin Description:
    Extending opportunities for work with memory in SourcePawn
    Old 12-22-2019 , 07:04   [INC/ANY] Memory Extended 2.0 [WINAPI/Inject DLL through SourcePawn]
    Reply With Quote #1

    The first thing I would like to say - the philosophy of this library is that all manipulations are reproduced without creating and needing additional files on the server.

    From version 2.0 - added linux support

    Due to the fact that now you can work with all dynamic libraries - all the restrictions are only in your head


    Special thanks to Kailo for assistance in training ASM, working with debugger/IDA

    This "weapon" was created for convenient work with other .dll, because in SourcePawn functions you can work only with 3 => server/engine/matchmaking_ds
    What came of this? - Let's look at its structure =>

    Since version 2.0, the structure is divided by files

    1)MemoryEx/ASM_Instruction.inc - A helper file that allows you to use the most common ASM features in SourcePawn [include => MemoryEx/BaseMemory.inc]
    PHP Code:
    enum ASMRegister
    {
        
    ASMRegister_EAX,
        
    ASMRegister_ECX,
        
    ASMRegister_EDX,
        
    ASMRegister_EBX,
        
    ASMRegister_ESP,
        
    ASMRegister_EBP,
        
    ASMRegister_ESI,
        
    ASMRegister_EDI
    }

    enum struct ASMInstructions
    {
        
    BaseMemory mem;

        
    void Set(Pointer adr)
        {
            
    this.mem.pAddrBase adr;
        }
        
    Pointer Get()
        {
            return 
    this.mem.pAddrBase;
        }

        
    void PushRegister(ASMRegister reg)
        {
            
    this.mem.WriteByte(0x50 view_as<int>(reg),     _,     MemoryEx_AddAfterWrite);
        }
        
    void Push(any value)
        {
            
    this.mem.WriteByte(0x68,     _,     MemoryEx_AddAfterWrite);
            
    this.mem.WriteInt(value,    _,     MemoryEx_AddAfterWrite);
        }
        
    void PopRegister(ASMRegister reg)
        {
            
    this.mem.WriteByte(0x58 view_as<int>(reg),     _,     MemoryEx_AddAfterWrite);
        }

        
    void Call (any value)
        {
            
    this.mem.WriteWord(0x15FF,     _MemoryEx_AddAfterWrite);
            
    this.mem.WriteInt(value,    _,     MemoryEx_AddAfterWrite);
        }

        
    void Nop()
        {
            
    this.mem.WriteByte(0x90,     _,     MemoryEx_AddAfterWrite);
        }
        
    void Xchg(ASMRegister reg)
        {
            
    this.mem.WriteByte(0x90 view_as<int>(reg),     _,     MemoryEx_AddAfterWrite);
        }
        
    void Retn()
        {
            
    this.mem.WriteByte(0xC3,    _,    MemoryEx_AddAfterWrite);
        }
    }
    stock ASMInstructions g_ASM;

    #define ASM g_ASM

    #define ASMHELP_SET(%0)            g_ASM.Set(%0)
    #define ASMHELP_GET()            g_ASM.Get()
    #define PUSH_REGISTER(%0)         g_ASM.PushRegister(ASMRegister_%0)
    #define PUSH(%0)                 g_ASM.Push(%0)
    #define POP_REGISTER(%0)         g_ASM.PopRegister(ASMRegister_%0)
    #define CALL(%0)                 g_ASM.Call(%0)
    #define NOP()                     g_ASM.Nop()
    #define XCHG(%0)                 g_ASM.Xchg(ASMRegister_%0)
    #define RETN()                     g_ASM.Retn() 
    2) MemoryEx/BaseMemory.inc - Implements basic functions for more convenient work with memory
    PHP Code:
    void BaseMemory::SetAddr(any address)
    Pointer BaseMemory::GetAddr()
    void BaseMemory::Add(any iOffset)

    int BaseMemory::ReadByte(int iOffset 0)
    void BaseMemory::WriteByte(any iByteint iOffset 0,  int flags MemoryEx_NoNeedAdd)

    int BaseMemory::ReadWord(int iOffset 0)
    void BaseMemory::WriteWord(any iByteint iOffset 0,  int flags MemoryEx_NoNeedAdd)

    int BaseMemory::ReadInt(int iOffset 0)
    void BaseMemory::WriteInt(any iByteint iOffset 0,  int flags MemoryEx_NoNeedAdd)

    void BaseMemory::WriteData(const int[] dataint iSizeint flags MemoryEx_NoNeedAdd)

    int BaseMemory::ReadString(char[] sStringint iMaxLength) - Returns string length
    void BaseMemory
    ::WriteString(const char[] sStringbool bNull trueint flags MemoryEx_NoNeedAdd)
    void BaseMemory::WriteUnicodeString(const char[] sStringbool bNull trueint flags MemoryEx_NoNeedAdd)
    Pointer BaseMemory::FindPattern(Pointer baseany size, const int[] patternint iLengthint iOffset 0) - return address found address iOffset 
    3) MemoryEx/DynamicLibrary.inc - Implements functions for working with dynamic libraries
    PHP Code:
    void DynamicLibrary::Init()
    Pointer DynamicLibrary::InitModule(const char[] sNameLibrary) - exts .so/.dll you can omitInstead mem.lib.InitModule("engine.dll") => mem.lib.InitModule("engine") - inc will add the necessary extension for you :)

    Pointer DynamicLibrary::GetBaseAddress(const char[] sName)
    int DynamicLibrary::GetModuleSize(const char[] sName)
    Pointer DynamicLibrary::GetEndModule(const char[] sName)

    Pointer DynamicLibrary::GetModuleHandle(const char[] name)
    Pointer DynamicLibrary::GetProcAddress(const char[] sLibrary, const char[] sName) <<== https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-getprocaddress

    Pointer DynamicLibrary::FindPattern(const char[] sModule, const int[] sPatternint iLengthint iOffset 0)
    Pointer DynamicLibrary::FindString(const char[] sModule, const char[] sString)
    Pointer DynamicLibrary::FindUnicodeString(const char[] sModule, const char[] sString)
    Pointer DynamicLibrary::FindValue(const char[] sModuleany iValueint iNextByte 0x2A // iNextByte - to help 
    4) MemoryEx/ServerLibrary.inc - Work with the server [.so] / [.dll] - namely, getting the base address [for Windows only] (not needed for Linux) / Getting the server OS
    5) MemoryEx/LinuxFunction.inc - Helper functions for linux => loading a list of .so libraries
    6) MemoryEx/WindowsFunction.inc - Functions for Windows => Get DLL Size from PEB Header / Get Windows Version



    The most interesting feature as for me -> Pointer GetModuleHandle(const char[] name) which calls and returns the result of WINAPI GetModuleHandleW through SourcePawn

    What an interesting feature GetModuleHandle?


    Descriptions of some functions:

    GetModuleHandle/InitModule/GetBaseAddress/GetModuleSize/GetEndModule


    Examples of using

    1) Inject .dll through SourcePawn [GetProcAddress + call WINAPI LoadLibraryA]

    PHP Code:
    #include <MemoryEx>
    public void OnPluginStart()
    {
        
    MemoryEx mem;

        if(!
    mem.Init()) return;

        
    mem.InitModule("kernel32.dll");    
        
    Pointer libAddr mem.GetProcAddress("kernel32.dll""LoadLibraryA");

        
    StartPrepSDKCall(SDKCall_Static);
        
    PrepSDKCall_AddParameter(SDKType_StringSDKPass_Pointer);
        
    PrepSDKCall_SetAddress(libAddr);
        
    PrepSDKCall_SetReturnInfo(SDKType_PlainOldDataSDKPass_Plain);

        
    Handle h EndPrepSDKCall();
        
    int baseDLL SDKCall(h"D:/CSS_HOOK.dll");

        
    delete h;
        
    PrintToServer("libaddr = 0x%X Base Address DLL = 0x%X ",libAddrbaseDLL);

    Result


    What will my plugin `bypass nobots` look like if I will code it for a given library?

    Sometimes in the plugin - it is necessary to update the gamedate. Now we can just find the necessary word and "destroy it"

    PHP Code:
    #include <MemoryEx>
    public void OnPluginStart()
    {
        
    MemoryEx mem;
        
    mem.Init();
        
    Pointer pStr mem.lib.FindString("server""-nobots");
            
        if(
    pStr != nullptr)
        {
            
    mem.mem.SetAddr(pStr PTR(0x01)); // bypass `-`
            
    for(int y 06y++)    mem.mem.WriteByte(GetRandomInt(0x610x7A), y);
        }

    Another way is through MemoryEx::FindPattern

    PHP Code:
    #include <MemoryEx>

    public void OnPluginStart()
    {
        static 
    int pattern[8] = {0x2D0x6E0x6F0x620x6F0x740x730x00}; // `-nobots`;

        
    MemoryEx mem;
        
    mem.Init();

        
    ModuleInfo server;

        
    server.base mem.lib.GetBaseAddress("server");
        
    server.size mem.lib.GetModuleSize("server");

        
    Pointer pStr mem.mem.FindPattern(server.baseserver.sizepatternsizeof(pattern), 0x01); // bypass `-`

        
    if(pStr != nullptr)
        {
            
    mem.mem.SetAddr(pStr);
            for(
    int y 06y++)    mem.mem.WriteByte(GetRandomInt(0x610x7A), y);
        }

    Attached Files
    File Type: zip MemoryEx.zip (9.8 KB, 256 views)

    Last edited by Rostu; 01-26-2020 at 01:47. Reason: Upgrade to 2.0 version
    Rostu is offline
    backwards
    AlliedModders Donor
    Join Date: Feb 2014
    Location: USA
    Old 12-22-2019 , 08:07   Re: [INC/CS:GO] Memory Extended [WINAPI/Inject DLL through SourcePawn]
    Reply With Quote #2

    Nice release, very useful.
    backwards is offline
    milutinke
    AlliedModders Donor
    Join Date: Jun 2012
    Location: Serbia
    Old 12-27-2019 , 19:15   Re: [INC/CS:GO] Memory Extended [WINAPI/Inject DLL through SourcePawn]
    Reply With Quote #3

    Nice, good job
    milutinke is offline
    Send a message via Skype™ to milutinke
    Rostu
    Junior Member
    Join Date: Feb 2019
    Old 01-26-2020 , 00:59   Re: [INC/ANY] Memory Extended [WINAPI/Inject DLL through SourcePawn]
    Reply With Quote #4

    Now MemoryEx is not in one file, but in different files, which you can use separately.

    Code:
    MemoryEx.inc
        DynamicLibrary.inc
            ASM_Instruction.inc
            ServerLibrary.inc
                BaseMemory.inc
                WindowsFunction.inc
                LinuxFunction.inc
                Stocks.inc
    Linux support has been added, as well as support for all Source Games [Windows supports Only CS: GO]

    In MemoryEx/LinuxFunction.inc function LinuxParseMapsFile() - returns a StringMap that contains

    1) Library name
    2) Base Address
    3) Initialized size

    On SourcePawn - it looks like this

    PHP Code:
    enum struct ModuleInfo
    {
        
    Pointer base;
        
    int size;

    Function ModifBytes was remove - which helped to restore all changed bytes during work
    Now you can omit extension [Except DynamicLibrary::GetModuleHandle]

    Before
    PHP Code:
    mem.lib.InitModule(GetServerOS() == OS_Windows "engine.dll" "engine.so"); 
    After
    PHP Code:
    mem.lib.InitModule("engine"); 

    The GetServerOS function has been optimized - now upon its first call - the OS is determined - in the subsequent - the result is simply returned.

    Now there is no need for MemoryEx to do MemoryEx::Init to determine the base address of the server.dll / server.so library

    For Windows

    PHP Code:
    Pointer base GetServerDLLBase();
    int size GetServerDLLSize() 
    For Linux - everything in LinuxParseMapsFile

    Last edited by Rostu; 01-26-2020 at 01:29. Reason: fixed errors in the text
    Rostu is offline
    EmeraldGhost
    Junior Member
    Join Date: Oct 2015
    Old 01-30-2020 , 00:45   Re: [INC/ANY] Memory Extended 2.0 [WINAPI/Inject DLL through SourcePawn]
    Reply With Quote #5

    With this module, we may no longer update gamedata after each game update
    Nice release !!
    __________________
    aka. EmeraldGhost / eeeeeG ^^
    EmeraldGhost is offline
    Reply


    Thread Tools
    Display Modes

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off

    Forum Jump


    All times are GMT -4. The time now is 05:50.


    Powered by vBulletin®
    Copyright ©2000 - 2021, vBulletin Solutions, Inc.
    Theme made by Freecode