1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
/*
* Copyright (C) 2008-2013 TrinityCore <http://www.trinitycore.org/>
* Copyright (C) 2005-2011 MaNGOS <http://getmangos.com/>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along
* with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _WARDEN_BASE_H
#define _WARDEN_BASE_H
#include <map>
#include "Cryptography/ARC4.h"
#include "Cryptography/BigNumber.h"
#include "ByteBuffer.h"
#include "WardenCheckMgr.h"
enum WardenOpcodes
{
// Client->Server
WARDEN_CMSG_MODULE_MISSING = 0,
WARDEN_CMSG_MODULE_OK = 1,
WARDEN_CMSG_CHEAT_CHECKS_RESULT = 2,
WARDEN_CMSG_MEM_CHECKS_RESULT = 3, // only sent if MEM_CHECK bytes doesn't match
WARDEN_CMSG_HASH_RESULT = 4,
WARDEN_CMSG_MODULE_FAILED = 5, // this is sent when client failed to load uploaded module due to cache fail
// Server->Client
WARDEN_SMSG_MODULE_USE = 0,
WARDEN_SMSG_MODULE_CACHE = 1,
WARDEN_SMSG_CHEAT_CHECKS_REQUEST = 2,
WARDEN_SMSG_MODULE_INITIALIZE = 3,
WARDEN_SMSG_MEM_CHECKS_REQUEST = 4, // byte len; while (!EOF) { byte unk(1); byte index(++); string module(can be 0); int offset; byte len; byte[] bytes_to_compare[len]; }
WARDEN_SMSG_HASH_REQUEST = 5
};
enum WardenCheckType
{
MEM_CHECK = 0xF3, // 243: byte moduleNameIndex + uint Offset + byte Len (check to ensure memory isn't modified)
PAGE_CHECK_A = 0xB2, // 178: uint Seed + byte[20] SHA1 + uint Addr + byte Len (scans all pages for specified hash)
PAGE_CHECK_B = 0xBF, // 191: uint Seed + byte[20] SHA1 + uint Addr + byte Len (scans only pages starts with MZ+PE headers for specified hash)
MPQ_CHECK = 0x98, // 152: byte fileNameIndex (check to ensure MPQ file isn't modified)
LUA_STR_CHECK = 0x8B, // 139: byte luaNameIndex (check to ensure LUA string isn't used)
DRIVER_CHECK = 0x71, // 113: uint Seed + byte[20] SHA1 + byte driverNameIndex (check to ensure driver isn't loaded)
TIMING_CHECK = 0x57, // 87: empty (check to ensure GetTickCount() isn't detoured)
PROC_CHECK = 0x7E, // 126: uint Seed + byte[20] SHA1 + byte moluleNameIndex + byte procNameIndex + uint Offset + byte Len (check to ensure proc isn't detoured)
MODULE_CHECK = 0xD9 // 217: uint Seed + byte[20] SHA1 (check to ensure module isn't injected)
};
#if defined(__GNUC__)
#pragma pack(1)
#else
#pragma pack(push, 1)
#endif
struct WardenModuleUse
{
uint8 Command;
uint8 ModuleId[16];
uint8 ModuleKey[16];
uint32 Size;
};
struct WardenModuleTransfer
{
uint8 Command;
uint16 DataSize;
uint8 Data[500];
};
struct WardenHashRequest
{
uint8 Command;
uint8 Seed[16];
};
#if defined(__GNUC__)
#pragma pack()
#else
#pragma pack(pop)
#endif
struct ClientWardenModule
{
uint8 Id[16];
uint8 Key[16];
uint32 CompressedSize;
uint8* CompressedData;
};
class WorldSession;
class Warden
{
friend class WardenWin;
friend class WardenMac;
public:
Warden();
virtual ~Warden();
virtual void Init(WorldSession* session, BigNumber* k) = 0;
virtual ClientWardenModule* GetModuleForClient() = 0;
virtual void InitializeModule() = 0;
virtual void RequestHash() = 0;
virtual void HandleHashResult(ByteBuffer &buff) = 0;
virtual void RequestData() = 0;
virtual void HandleData(ByteBuffer &buff) = 0;
void SendModuleToClient();
void RequestModule();
void Update();
void DecryptData(uint8* buffer, uint32 length);
void EncryptData(uint8* buffer, uint32 length);
static bool IsValidCheckSum(uint32 checksum, const uint8 *data, const uint16 length);
static uint32 BuildChecksum(const uint8 *data, uint32 length);
// If no check is passed, the default action from config is executed
std::string Penalty(WardenCheck* check = NULL);
private:
WorldSession* _session;
uint8 _inputKey[16];
uint8 _outputKey[16];
uint8 _seed[16];
ARC4 _inputCrypto;
ARC4 _outputCrypto;
uint32 _checkTimer; // Timer for sending check requests
uint32 _clientResponseTimer; // Timer for client response delay
bool _dataSent;
uint32 _previousTimestamp;
ClientWardenModule* _module;
bool _initialized;
};
#endif
|
