Interacting with CS:GO - Githubissues

marysandwich commented 4 years ago

https://blog.counter-strike.net/index.php/2020/06/30683/

It is the end of CS:GO internal cheats?

hyperxpro commented 4 years ago

It looks like now we need to bypass their upcoming DLL checker.

psycho147 commented 4 years ago

nothing changes except for LoadLibrary, manual mapping will work as before

hyperxpro commented 4 years ago

nothing changes except for LoadLibrary, manual mapping will work as before

It'd best to enroll in Beta and test Manual Mapping.

danielkrupinski commented 4 years ago

Manual Mapping works fine. From what I've seen they do something with NtOpenFile function inside csgo.exe (maybe hook).

evandev123 commented 4 years ago

So most injectors will continue to bypass valves new system?

ghost commented 4 years ago

So most injectors will continue to bypass valves new system?

Hopefully

codsec commented 4 years ago

Manual Mapping works fine. From what I've seen they do something with NtOpenFile function inside csgo.exe (maybe hook).

can u make a new injector source for that? one that has the .dll inside the loader itself to make it look nice XD

ghost commented 4 years ago

Manual Mapping works fine. From what I've seen they do something with NtOpenFile function inside csgo.exe (maybe hook).

Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo

https://i.imgur.com/GiOmDVQ.jpg

kvetinkavole commented 4 years ago

Manual Mapping works fine. From what I've seen they do something with NtOpenFile function inside csgo.exe (maybe hook).

Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo

https://i.imgur.com/GiOmDVQ.jpg

the injector is 3 years old.

ghost commented 4 years ago

Manual Mapping works fine. From what I've seen they do something with NtOpenFile function inside csgo.exe (maybe hook).

Trying to inject osiris or any cheat with https://github.com/danielkrupinski/curiuminjector-csgo https://i.imgur.com/GiOmDVQ.jpg

the injector is 3 years old.

It may be 3 years old, but it is undetectable and works well with the current CSGO version. It doesn't work with the beta, and I published it because maybe Daniel can later make a modification to keep it working

Jimmy-Baby commented 4 years ago

I doubt Valve are THAT dumb. Manual mapping doesn't change whether the module shows in CSGO or not. Volvo can just enumerate the module list and easily find Osiris.

EDIT: OK, Valve are that dumb. lol They are just hooking LoadLibrary funcs

danielkrupinski commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

AustScar5 commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open

ghost commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open

the script gives me an error

File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax

ClaudiuHKS commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open

the script gives me an error

File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax

Try

import pymem import re

pm = pymem.Pymem('csgo.exe') csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe') csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage) address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start() pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74) pm.close_process()

Yes, you should be in CS:GO while running the Python script.

Also, you need Pymem, if you don't already have, pip install Pymem into CMD.

codsec commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

can you implement this inside an injector?

ghost commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open

the script gives me an error File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax

Try

import pymem import re

pm = pymem.Pymem('csgo.exe') csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe') csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage) address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start() pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74) pm.close_process()

Yes, you should be in CS:GO while running the Python script.

Also, you need Pymem, if you don't already have, pip install Pymem into CMD.

Now is OK! Thanks!

Now I just have to try how to add the source code in C ++ of the bypass in https://github.com/danielkrupinski/curiuminjector-csgo

// Restore original NtOpenFile from external process LPVOID ntOpenFile = GetProcAddress(LoadLibraryW(L"ntdll"), "NtOpenFile"); if (ntOpenFile) { char originalBytes[5]; memcpy(originalBytes, ntOpenFile, 5); WriteProcessMemory(csgoProcessHandle, ntOpenFile, originalBytes, 5, NULL); }

aljawary commented 4 years ago

I've created simple bypass for that, you may want to check it out https://github.com/danielkrupinski/OneByteLdr.

when are we supposed to open this,, when the game is running? is it a one time only thing or do we do it everytime the game is open

the script gives me an error File "OneByteLdr.py", line 9 address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', ^ SyntaxError: invalid syntax

Try import pymem import re pm = pymem.Pymem('csgo.exe') csgo = pymem.process.module_from_name(pm.process_handle, 'csgo.exe') csgoModule = pm.read_bytes(csgo.lpBaseOfDll, csgo.SizeOfImage) address = csgo.lpBaseOfDll + re.search(rb'.\x1A\xF6\x45\x0C\x20', csgoModule).start() pm.write_uchar(address, 0xEB if pm.read_uchar(address) == 0x74 else 0x74) pm.close_process() Yes, you should be in CS:GO while running the Python script. Also, you need Pymem, if you don't already have, pip install Pymem into CMD.

Now is OK! Thanks!

Now I just have to try how to add the source code in C ++ of the bypass in https://github.com/danielkrupinski/curiuminjector-csgo

// Restore original NtOpenFile from external process LPVOID ntOpenFile = GetProcAddress(LoadLibraryW(L"ntdll"), "NtOpenFile"); if (ntOpenFile) { char originalBytes[5]; memcpy(originalBytes, ntOpenFile, 5); WriteProcessMemory(csgoProcessHandle, ntOpenFile, originalBytes, 5, NULL); }

https://gist.github.com/aljawary/273f75ba831adac1e5a054eafda9966d

ClaudiuHKS commented 4 years ago

To implement OneByteLdr inside a C/ C++ injector, in an easy way, you can simply ..

C/ C++ [Add To The Injector's Source]

::system("python \"C:\\Path\\To\\OneByteLdr.py\""); ::Sleep(128);

Before the injector's code that's meant to inject Osiris.dll.

Python needs to be installed on the computer. Same Pymem. Type pip install Pymem into CMD to install Pymem.

This is just an idea of using OneByteLdr, I am not saying that this is the best way or a better way.

ghost commented 4 years ago

To implement OneByteLdr inside a C/ C++ injector, in an easy way, you can simply ..

C/ C++ [Add To The Injector's Source]

::system("python \"C:\\Path\\To\\OneByteLdr.py\""); ::Sleep(128);

Before the injector's code that's meant to inject Osiris.dll.

Python needs to be installed on the computer. Same Pymem. Type pip install Pymem into CMD to install Pymem.

This is just an idea of using OneByteLdr, I am not saying that this is the best way or a better way.

No, because the idea is to make an injector where the user may or may not have python on his system. In any case, I already solved it with the pyTOexe program, making an executable .exe with everything included without the user necessarily having python installed.

Thank you

danielkrupinski / Osiris

Interacting with CS:GO #1822

This is just an idea of using OneByteLdr, I am not saying that this is the best way or a better way.

This is just an idea of using OneByteLdr, I am not saying that this is the best way or a better way.