Closed marysandwich closed 4 years ago
It looks like now we need to bypass their upcoming DLL checker.
nothing changes except for LoadLibrary, manual mapping will work as before
nothing changes except for LoadLibrary, manual mapping will work as before
It'd best to enroll in Beta and test Manual Mapping.
Manual Mapping works fine. From what I've seen they do something with NtOpenFile
function inside csgo.exe (maybe hook).
So most injectors will continue to bypass valves new system?
So most injectors will continue to bypass valves new system?
Hopefully
Manual Mapping works fine. From what I've seen they do something with
NtOpenFile
function inside csgo.exe (maybe hook).
can u make a new injector source for that? one that has the .dll inside the loader itself to make it look nice XD
Manual Mapping works fine. From what I've seen they do something with
NtOpenFile
function inside csgo.exe (maybe hook).
Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo
Manual Mapping works fine. From what I've seen they do something with
NtOpenFile
function inside csgo.exe (maybe hook).Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo
the injector is 3 years old.
Manual Mapping works fine. From what I've seen they do something with
NtOpenFile
function inside csgo.exe (maybe hook).Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo https://i.imgur.com/GiOmDVQ.jpg
the injector is 3 years old.
It may be 3 years old, but it is undetectable and works well with the current CSGO version. It doesn't work with the beta, and I published it because maybe Daniel can later make a modification to keep it working
I doubt Valve are THAT dumb. Manual mapping doesn't change whether the module shows in CSGO or not. Volvo can just enumerate the module list and easily find Osiris.
EDIT: OK, Valve are that dumb. lol They are just hooking LoadLibrary funcs
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open
the script gives me an error
File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open
the script gives me an error
File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax
Try
import pymem
import re
pm = pymem.Pymem('csgo.exe')
csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe')
csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage)
address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start()
pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74)
pm.close_process()
Yes, you should be in CS:GO while running the Python script.
Also, you need Pymem, if you don't already have, pip install Pymem
into CMD.
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
can you implement this inside an injector?
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open
the script gives me an error
File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax
Try
import pymem
import re
pm = pymem.Pymem('csgo.exe')
csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe')
csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage)
address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start()
pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74)
pm.close_process()
Yes, you should be in CS:GO while running the Python script.
Also, you need Pymem, if you don't already have,
pip install Pymem
into CMD.
Now is OK! Thanks!
Now I just have to try how to add the source code in C ++ of the bypass in https://github.com/danielkrupinski/curiuminjector-csgo
// Restore original NtOpenFile from external process LPVOID ntOpenFile = GetProcAddress(LoadLibraryW(L"ntdll"), "NtOpenFile"); if (ntOpenFile) { char originalBytes[5]; memcpy(originalBytes, ntOpenFile, 5); WriteProcessMemory(csgoProcessHandle, ntOpenFile, originalBytes, 5, NULL); }
I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.
when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open
the script gives me an error
File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax
Try
import pymem
import re
pm = pymem.Pymem('csgo.exe')
csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe')
csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage)
address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start()
pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74)
pm.close_process()
Yes, you should be in CS:GO while running the Python script. Also, you need Pymem, if you don't already have,pip install Pymem
into CMD.Now is OK! Thanks!
Now I just have to try how to add the source code in C ++ of the bypass in https://github.com/danielkrupinski/curiuminjector-csgo
// Restore original NtOpenFile from external process LPVOID ntOpenFile = GetProcAddress(LoadLibraryW(L"ntdll"), "NtOpenFile"); if (ntOpenFile) { char originalBytes[5]; memcpy(originalBytes, ntOpenFile, 5); WriteProcessMemory(csgoProcessHandle, ntOpenFile, originalBytes, 5, NULL); }
https://gist.github.com/aljawary/273f75ba831adac1e5a054eafda9966d
To implement OneByteLdr
inside a C/ C++
injector, in an easy way, you can simply ..
C/ C++ [Add To The Injector's Source]
::system("python \"C:\\Path\\To\\OneByteLdr.py\"");
::Sleep(128);
Before the injector's code that's meant to inject Osiris.dll
.
Python needs to be installed on the computer. Same Pymem
. Type pip install Pymem
into CMD
to install Pymem
.
To implement
OneByteLdr
inside aC/ C++
injector, in an easy way, you can simply ..C/ C++ [Add To The Injector's Source]
::system("python \"C:\\Path\\To\\OneByteLdr.py\"");
::Sleep(128);
Before the injector's code that's meant to inject
Osiris.dll
.Python needs to be installed on the computer. Same
Pymem
. Typepip install Pymem
intoCMD
to installPymem
.This is just an idea of using OneByteLdr, I am not saying that this is the best way or a better way.
No, because the idea is to make an injector where the user may or may not have python on his system. In any case, I already solved it with the pyTOexe program, making an executable .exe with everything included without the user necessarily having python installed.
Thank you
https://blog.counter-strike.net/index.php/2020/06/30683/
It is the end of CS:GO internal cheats?