More integrity checks

This commit is contained in:
momo5502 2016-08-08 18:59:02 +02:00
parent 727f673069
commit 4aebdf5e96
7 changed files with 107 additions and 36 deletions

2
deps/mongoose vendored

@ -1 +1 @@
Subproject commit 7cace648c0adba4272fdf820f9ee8a471fb788fc
Subproject commit af98854ce440181a46a3a3315c1e69dcbf1e7918

2
deps/protobuf vendored

@ -1 +1 @@
Subproject commit 1102a8a7675d6b718e81b28a10173a2e073c3820
Subproject commit 32fadc0d4928c5f2d2c76fc4ddc39270673b7fa7

View File

@ -5,6 +5,7 @@ namespace Components
int AntiCheat::LastCheck = 0;
std::string AntiCheat::Hash;
Utils::Hook AntiCheat::LoadLibHook[4];
unsigned long AntiCheat::Flags = NO_FLAG;
// This function does nothing, it only adds the two passed variables and returns the value
// The only important thing it does is to clean the first parameter, and then return
@ -144,7 +145,50 @@ namespace Components
//AntiCheat::LoadLibHook[3].Initialize(LoadLibraryExW, loadLibExStub, HOOK_JUMP);
}
void AntiCheat::IntegrityCheck()
void AntiCheat::ReadIntegrityCheck()
{
static int lastCheck = Game::Sys_Milliseconds();
if ((Game::Sys_Milliseconds() - lastCheck) > 1000 * 70)
{
// TODO: Move that elsewhere
if (HANDLE h = OpenProcess(PROCESS_VM_READ, TRUE, GetCurrentProcessId()))
{
#ifdef DEBUG_DETECTIONS
OutputDebugStringA("AntiCheat: Process integrity check failed");
#endif
CloseHandle(h);
AntiCheat::Hash.append("\0", 1);
}
}
// Set the integrity flag
AntiCheat::Flags |= AntiCheat::IntergrityFlag::READ_INTEGRITY_CHECK;
}
void AntiCheat::FlagIntegrityCheck()
{
static int lastCheck = Game::Sys_Milliseconds();
if ((Game::Sys_Milliseconds() - lastCheck) > 1000 * 180)
{
lastCheck = Game::Sys_Milliseconds();
unsigned long flags = ((AntiCheat::IntergrityFlag::MAX_FLAG - 1) << 1) - 1;
if (AntiCheat::Flags != flags)
{
#ifdef DEBUG_DETECTIONS
OutputDebugStringA(Utils::String::VA("AntiCheat: Flag integrity check failed: %X", AntiCheat::Flags));
#endif
AntiCheat::CrashClient();
}
}
}
void AntiCheat::ScanIntegrityCheck()
{
static int count = 0;
int lastCheck = AntiCheat::LastCheck;
@ -165,12 +209,8 @@ namespace Components
AntiCheat::CrashClient();
}
// TODO: Move that elsewhere
if (HANDLE h = OpenProcess(PROCESS_VM_READ, TRUE, GetCurrentProcessId()))
{
CloseHandle(h);
AntiCheat::CrashClient();
}
// Set the integrity flag
AntiCheat::Flags |= AntiCheat::IntergrityFlag::SCAN_INTEGRITY_CHECK;
}
void AntiCheat::PerformCheck()
@ -195,6 +235,9 @@ namespace Components
AntiCheat::CrashClient();
}
// Set the memory scan flag
AntiCheat::Flags |= AntiCheat::IntergrityFlag::MEMORY_SCAN;
}
void AntiCheat::Frame()
@ -591,11 +634,15 @@ namespace Components
// Prevent external processes from accessing our memory
AntiCheat::ProtectProcess();
// Set the integrity flag
AntiCheat::Flags |= AntiCheat::IntergrityFlag::INITIALIZATION;
#endif
}
AntiCheat::~AntiCheat()
{
AntiCheat::Flags = NO_FLAG;
AntiCheat::EmptyHash();
for (int i = 0; i < ARRAYSIZE(AntiCheat::LoadLibHook); ++i)

View File

@ -3,7 +3,7 @@
// Log detections
// Make sure to disable that before releasig!
//#define DEBUG_DETECTIONS
#define DEBUG_DETECTIONS
namespace Components
{
@ -19,11 +19,25 @@ namespace Components
static void InitLoadLibHook();
static void IntegrityCheck();
static void ReadIntegrityCheck();
static void ScanIntegrityCheck();
static void FlagIntegrityCheck();
private:
enum IntergrityFlag
{
NO_FLAG = (0),
INITIALIZATION = (1 << 0),
MEMORY_SCAN = (1 << 1),
SCAN_INTEGRITY_CHECK = (1 << 2),
READ_INTEGRITY_CHECK = (1 << 3),
MAX_FLAG,
};
static int LastCheck;
static std::string Hash;
static unsigned long Flags;
static void Frame();
static void PerformCheck();

View File

@ -177,7 +177,7 @@ namespace Components
// This is placed here in case the anticheat has been disabled!
#ifndef DEBUG
Renderer::OnFrame(AntiCheat::IntegrityCheck);
Renderer::OnFrame(AntiCheat::ScanIntegrityCheck);
#endif
}

View File

@ -20,5 +20,10 @@ namespace Components
// remove fs_game check for moddable rawfiles - allows non-fs_game to modify rawfiles
Utils::Hook::Nop(0x61AB76, 2);
// This is placed here in case the anticheat has been disabled!
#ifndef DEBUG
Renderer::OnFrame(AntiCheat::FlagIntegrityCheck);
#endif
}
}

View File

@ -716,6 +716,11 @@ namespace Components
// Add frame callback
Renderer::OnFrame(ServerList::Frame);
// This is placed here in case the anticheat has been disabled!
#ifndef DEBUG
Renderer::OnFrame(AntiCheat::ReadIntegrityCheck);
#endif
}
ServerList::~ServerList()