From aef820179c40bd5a4756e73b3cd57af64a45a3a3 Mon Sep 17 00:00:00 2001
From: Diavolo <edoardo.sanguineti222@gmail.com>
Date: Fri, 27 May 2022 14:15:03 +0200
Subject: [PATCH] Remove ceg

---
 src/Components/Loader.cpp      |  1 +
 src/Components/Loader.hpp      |  1 +
 src/Components/Modules/Ceg.cpp | 47 ++++++++++++++++++++++++++++++++++
 src/Components/Modules/Ceg.hpp | 10 ++++++++
 src/Utils/Hooking.cpp          |  2 +-
 src/Utils/Hooking.hpp          |  2 +-
 6 files changed, 61 insertions(+), 2 deletions(-)
 create mode 100644 src/Components/Modules/Ceg.cpp
 create mode 100644 src/Components/Modules/Ceg.hpp

diff --git a/src/Components/Loader.cpp b/src/Components/Loader.cpp
index 912f2487..a6712c0d 100644
--- a/src/Components/Loader.cpp
+++ b/src/Components/Loader.cpp
@@ -108,6 +108,7 @@ namespace Components
 		Loader::Register(new Branding());
 		Loader::Register(new RawMouse());
 		Loader::Register(new Bullet());
+		Loader::Register(new Ceg());
 
 		Loader::Pregame = false;
 	}
diff --git a/src/Components/Loader.hpp b/src/Components/Loader.hpp
index 9851066a..dabec0e8 100644
--- a/src/Components/Loader.hpp
+++ b/src/Components/Loader.hpp
@@ -139,3 +139,4 @@ namespace Components
 #include "Modules/Branding.hpp"
 #include "Modules/RawMouse.hpp"
 #include "Modules/Bullet.hpp"
+#include "Modules/Ceg.hpp"
diff --git a/src/Components/Modules/Ceg.cpp b/src/Components/Modules/Ceg.cpp
new file mode 100644
index 00000000..136e524e
--- /dev/null
+++ b/src/Components/Modules/Ceg.cpp
@@ -0,0 +1,47 @@
+#include <STDInclude.hpp>
+
+namespace Components
+{
+	Ceg::Ceg()
+	{
+		Utils::Hook::Signature signature(0x401000, 0x740000);
+
+		// Generic killer caller.
+		signature.add({
+			"\x56\x8B\x00\x24\x0c\x85\xF6\x7F\x0E", "xx?xxxxxx", [](char* address)
+			{
+				Utils::Hook::Set<BYTE>(address, 0xC3);
+			}
+		});
+
+		signature.process();
+
+		// Some more generic obfuscation (mov al, 1; retn)
+		Utils::Hook::Set<DWORD>(0x471B20, 0xC301B0);
+		Utils::Hook::Set<DWORD>(0x43A070, 0xC301B0);
+		Utils::Hook::Set<DWORD>(0x4C8B30, 0xC301B0);
+		Utils::Hook::Set<DWORD>(0x469340, 0xC301B0);
+
+		// Other checks
+		Utils::Hook::Set<DWORD>(0x401000, 0xC301B0);
+		Utils::Hook::Set<DWORD>(0x45F8B0, 0xC301B0);
+		Utils::Hook::Set<DWORD>(0x46FAE0, 0xC301B0);
+
+		// Removed in 159 SP binaries
+		Utils::Hook::Nop(0x46B173, 9);
+		Utils::Hook::Nop(0x43CA16, 9);
+		Utils::Hook::Nop(0x505426, 9);
+
+		// Something useless that can be skipped
+		Utils::Hook::Nop(0x4BB671, 2);
+		Utils::Hook::Nop(0x40A54D, 2);
+
+		// Random checks scattered throughout the binary
+		Utils::Hook::Set<BYTE>(0x499F90, 0xC3);
+		Utils::Hook::Set<BYTE>(0x4FC700, 0xC3);
+		Utils::Hook::Set<BYTE>(0x4C4170, 0xC3);
+		Utils::Hook::Set<BYTE>(0x49E8C0, 0xC3);
+		Utils::Hook::Set<BYTE>(0x42DB00, 0xC3);
+		Utils::Hook::Set<BYTE>(0x4F4CF0, 0xC3);
+	}
+}
diff --git a/src/Components/Modules/Ceg.hpp b/src/Components/Modules/Ceg.hpp
new file mode 100644
index 00000000..de02ca7c
--- /dev/null
+++ b/src/Components/Modules/Ceg.hpp
@@ -0,0 +1,10 @@
+#pragma once
+
+namespace Components
+{
+	class Ceg : public Component
+	{
+	public:
+		Ceg();
+	};
+}
diff --git a/src/Utils/Hooking.cpp b/src/Utils/Hooking.cpp
index c814daa1..e996e4f7 100644
--- a/src/Utils/Hooking.cpp
+++ b/src/Utils/Hooking.cpp
@@ -39,7 +39,7 @@ namespace Utils
 		}
 	}
 
-	void Hook::Signature::add(Hook::Signature::Container& container)
+	void Hook::Signature::add(const Hook::Signature::Container& container)
 	{
 		Hook::Signature::signatures.push_back(container);
 	}
diff --git a/src/Utils/Hooking.hpp b/src/Utils/Hooking.hpp
index d40e25f1..7fd4143c 100644
--- a/src/Utils/Hooking.hpp
+++ b/src/Utils/Hooking.hpp
@@ -23,7 +23,7 @@ namespace Utils
 			Signature() : Signature(0x400000, 0x800000) {}
 
 			void process();
-			void add(Container& container);
+			void add(const Container& container);
 
 		private:
 			void* start;