Rim/t7x
Rim/t7x
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Fix destruction behaviour

Browse Source
This commit is contained in:
momo5502 2022-09-17 12:19:59 +02:00
parent 190da1d44d
commit 65187f401e
4 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/client/component/arxan.cpp
View File

@ -211,7 +211,7 @@ namespace arxan
if (NT_SUCCESS(status)) if (NT_SUCCESS(status))
{ {
if (system_information_class == SystemProcessInformation) if (system_information_class == SystemProcessInformation && !utils::nt::is_shutdown_in_progress())
{ {
bool injected_steam = false; bool injected_steam = false;
auto addr = static_cast<uint8_t*>(system_information); auto addr = static_cast<uint8_t*>(system_information);
@ -429,7 +429,8 @@ namespace arxan
if (!context) if (!context)
{ {
MessageBoxA(nullptr, utils::string::va("No frame offset for: %llX", handler_address), "Error", MB_ICONERROR); MessageBoxA(nullptr, utils::string::va("No frame offset for: %llX", handler_address), "Error",
MB_ICONERROR);
TerminateProcess(GetCurrentProcess(), 0xBAD); TerminateProcess(GetCurrentProcess(), 0xBAD);
return current_checksum; return current_checksum;
} }
@ -706,20 +707,6 @@ namespace arxan
//restore_debug_functions(); //restore_debug_functions();
} }
void pre_destroy() override
{
utils::hook::copy(GetWindowTextA, this->window_text_buffer_, sizeof(this->window_text_buffer_));
nt_query_system_information_hook.clear();
nt_query_information_process_hook.clear();
nt_close_hook.clear();
create_mutex_ex_a_hook.clear();
create_thread_hook.clear();
open_process_hook.clear();
get_thread_context_hook.clear();
zw_terminate_process_hook.clear();
get_proc_address_hook.clear();
}
int priority() override int priority() override
{ {
return 9999; return 9999;

4
src/client/main.cpp
View File

@ -13,10 +13,10 @@ namespace
{ {
std::pair<void**, void*> g_original_import{}; std::pair<void**, void*> g_original_import{};
DECLSPEC_NORETURN void WINAPI exit_hook(const int code) DECLSPEC_NORETURN void WINAPI exit_hook(const uint32_t code)
{ {
component_loader::pre_destroy(); component_loader::pre_destroy();
exit(code); ExitProcess(code);
} }
std::pair<void**, void*> patch_steam_import(const std::string& func, void* function) std::pair<void**, void*> patch_steam_import(const std::string& func, void* function)

36
src/common/utils/nt.cpp
View File

@ -12,10 +12,11 @@ namespace utils::nt
return library::load(path.generic_string()); return library::load(path.generic_string());
} }
library library::get_by_address(void* address) library library::get_by_address(const void* address)
{ {
HMODULE handle = nullptr; HMODULE handle = nullptr;
GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, static_cast<LPCSTR>(address), &handle); GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,
static_cast<LPCSTR>(address), &handle);
return library(handle); return library(handle);
} }
@ -183,18 +184,20 @@ namespace utils::nt
while (original_thunk_data->u1.AddressOfData) while (original_thunk_data->u1.AddressOfData)
{ {
if(thunk_data->u1.Function == (uint64_t)target_function) { if (thunk_data->u1.Function == (uint64_t)target_function)
return reinterpret_cast<void**>(&thunk_data->u1.Function); {
} return reinterpret_cast<void**>(&thunk_data->u1.Function);
}
const size_t ordinal_number = original_thunk_data->u1.AddressOfData & 0xFFFFFFF; const size_t ordinal_number = original_thunk_data->u1.AddressOfData & 0xFFFFFFF;
if (ordinal_number <= 0xFFFF) { if (ordinal_number <= 0xFFFF)
if (GetProcAddress(other_module.module_, reinterpret_cast<char*>(ordinal_number)) == {
target_function) if (GetProcAddress(other_module.module_, reinterpret_cast<char*>(ordinal_number)) ==
{ target_function)
return reinterpret_cast<void**>(&thunk_data->u1.Function); {
} return reinterpret_cast<void**>(&thunk_data->u1.Function);
}
} }
++original_thunk_data; ++original_thunk_data;
@ -210,6 +213,17 @@ namespace utils::nt
return nullptr; return nullptr;
} }
bool is_shutdown_in_progress()
{
static auto* shutdown_in_progress = []
{
const library ntdll("ntdll.dll");
return ntdll.get_proc<BOOLEAN(*)()>("RtlDllShutdownInProgress");
}();
return shutdown_in_progress();
}
void raise_hard_exception() void raise_hard_exception()
{ {
int data = false; int data = false;

4
src/common/utils/nt.hpp
View File

@ -23,7 +23,7 @@ namespace utils::nt
public: public:
static library load(const std::string& name); static library load(const std::string& name);
static library load(const std::filesystem::path& path); static library load(const std::filesystem::path& path);
static library get_by_address(void* address); static library get_by_address(const void* address);
library(); library();
explicit library(const std::string& name); explicit library(const std::string& name);
@ -165,6 +165,8 @@ namespace utils::nt
HANDLE handle_{InvalidHandle}; HANDLE handle_{InvalidHandle};
}; };
bool is_shutdown_in_progress();
__declspec(noreturn) void raise_hard_exception(); __declspec(noreturn) void raise_hard_exception();
std::string load_resource(int id); std::string load_resource(int id);