Compare commits

...

13 commits

10 changed files with 273 additions and 150 deletions

3
.gitignore vendored
View file

@ -1,2 +1,3 @@
/target
/build
**.zip

69
Cargo.lock generated
View file

@ -41,6 +41,14 @@ dependencies = [
"windows-sys",
]
[[package]]
name = "interceptor-rs"
version = "0.1.0"
source = "git+https://git.xeondev.com/xavo95/interceptor-rs.git#282da6f98b8e4a4e9844422343d4ce11606c9de6"
dependencies = [
"ilhook",
]
[[package]]
name = "lazy_static"
version = "1.5.0"
@ -49,9 +57,9 @@ checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
[[package]]
name = "libc"
version = "0.2.158"
version = "0.2.159"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439"
checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5"
[[package]]
name = "memchr"
@ -61,9 +69,9 @@ checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3"
[[package]]
name = "proc-macro2"
version = "1.0.86"
version = "1.0.87"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77"
checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a"
dependencies = [
"unicode-ident",
]
@ -79,9 +87,9 @@ dependencies = [
[[package]]
name = "regex"
version = "1.10.6"
version = "1.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619"
checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191"
dependencies = [
"aho-corasick",
"memchr",
@ -91,9 +99,9 @@ dependencies = [
[[package]]
name = "regex-automata"
version = "0.4.7"
version = "0.4.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df"
checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3"
dependencies = [
"aho-corasick",
"memchr",
@ -102,23 +110,15 @@ dependencies = [
[[package]]
name = "regex-syntax"
version = "0.8.4"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b"
[[package]]
name = "shorekeeper-patch"
version = "0.1.0"
dependencies = [
"ilhook",
"windows",
]
checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
[[package]]
name = "syn"
version = "2.0.76"
version = "2.0.79"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "578e081a14e0cefc3279b0472138c513f37b41a08d5a3cca9b6e4e8ceb6cd525"
checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590"
dependencies = [
"proc-macro2",
"quote",
@ -127,18 +127,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.63"
version = "1.0.64"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724"
checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.63"
version = "1.0.64"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261"
checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3"
dependencies = [
"proc-macro2",
"quote",
@ -147,9 +147,26 @@ dependencies = [
[[package]]
name = "unicode-ident"
version = "1.0.12"
version = "1.0.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b"
checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe"
[[package]]
name = "wicked-waifus-win-patch"
version = "0.1.0"
dependencies = [
"ilhook",
"interceptor-rs",
"regex",
"widestring",
"windows",
]
[[package]]
name = "widestring"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7219d36b6eac893fa81e84ebe06485e7dcbb616177469b142df14f1f4deb1311"
[[package]]
name = "windows"

View file

@ -1,18 +1,26 @@
[package]
name = "shorekeeper-patch"
name = "wicked-waifus-win-patch"
version = "0.1.0"
edition = "2021"
[lib]
name = "shorekeeper"
name = "wicked_waifus_win"
crate-type = ["cdylib"]
[features]
cn_beta_1_4_0 = []
cn_beta_1_3_0 = []
cn_live_1_3_0 = []
os_live_1_3_0 = []
enable-sdk = []
only-sig-bypass = []
regular = ["dep:regex", "dep:widestring"]
[dependencies]
ilhook = "2.1.1"
interceptor-rs = { git = "https://git.xeondev.com/xavo95/interceptor-rs.git" }
regex = {version = "1.11.1", optional = true}
widestring = {version = "1.1.0", optional = true}
windows = { version = "0.58.0", features = [
"Win32_Foundation",
"Win32_System_LibraryLoader",

View file

@ -1,6 +1,6 @@
# shorekeeper-patch
# wicked-waifus-win-patch
PAK files signature check bypass for Wuthering Waves 1.3 beta
PAK files signature check bypass for the PC version of a certain game.
### How to use
Just inject it at early startup.

View file

@ -1,4 +1,37 @@
: Build for cn_beta_1_3_0
cargo build --release --no-default-features -F cn_beta_1_3_0
: Build for os_live_1_3_0
cargo build --release --no-default-features -F os_live_1_3_0
GOTO:MAIN
:cargoReleaseBuild
SETLOCAL ENABLEDELAYEDEXPANSION
cargo clean
cargo build --release --no-default-features -F %~1
set features=%~1
set cleaned_features=%features:,=-%
COPY target\release\wicked_waifus_win.dll build\%~2\wicked-waifus-win-%cleaned_features%.dll
cargo clean
ENDLOCAL
EXIT /B 0
:buildAllVariants
SETLOCAL ENABLEDELAYEDEXPANSION
: Build for cn_beta_1_4_0
call:cargoReleaseBuild "cn_beta_1_4_0,%~1" %~1
: Build for cn_beta_1_3_0
call:cargoReleaseBuild "cn_beta_1_3_0,%~1" %~1
: Build for cn_live_1_3_0
call:cargoReleaseBuild "cn_live_1_3_0,%~1" %~1
: Build for os_live_1_3_0
call:cargoReleaseBuild "os_live_1_3_0,%~1" %~1
ENDLOCAL
EXIT /B 0
:MAIN
if exist "build" rd /q /s "build"
mkdir build
mkdir build\regular
mkdir build\only-sig-bypass
cargo clean
call:buildAllVariants regular
call:buildAllVariants only-sig-bypass
tar -acvf wicked-waifus-win-patch-win64.zip -C build .

63
src/extras.rs Normal file
View file

@ -0,0 +1,63 @@
#![cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
use std::sync::OnceLock;
use std::thread;
use std::time::Duration;
use ilhook::x64::Registers;
use windows::core::{PCSTR, PCWSTR};
use windows::Win32::System::LibraryLoader::GetModuleHandleA;
use crate::offsets::CONFIG;
use crate::replacer::{GenericReplacer, Replacer};
static CFG_SERVER_REPLACER: OnceLock<GenericReplacer> = OnceLock::new();
pub(crate) fn configure_extras(interceptor: &mut interceptor_rs::Interceptor) {
let module = unsafe { GetModuleHandleA(PCSTR::null()) }.unwrap();
println!("Game base: {:X}", module.0 as usize);
interceptor
.attach((module.0 as usize) + CONFIG.kuro_http_get, on_kurohttp_get)
.unwrap();
let krsdk_ex = loop {
match unsafe { GetModuleHandleA(CONFIG.disable_sdk.sdk_dll) } {
Ok(handle) => break handle,
Err(_) => thread::sleep(Duration::from_millis(1)),
}
};
interceptor
.replace((krsdk_ex.0 as usize) + CONFIG.disable_sdk.eula_accept, dummy)
.unwrap();
interceptor
.replace((krsdk_ex.0 as usize) + CONFIG.disable_sdk.sdk_go_away, dummy)
.unwrap();
}
unsafe extern "win64" fn on_kurohttp_get(reg: *mut Registers, _: usize) {
let wstr = *((*reg).rcx as *const usize) as *mut u16;
let url = PCWSTR::from_raw(wstr).to_string().unwrap();
println!("HTTP GET: {url}");
let replacer = CFG_SERVER_REPLACER.get_or_init(|| {
GenericReplacer {
regex: regex::Regex::new(r#"^(?:https|http)://.*/([a-zA-Z0-9]{32}/index\.json)$"#).unwrap(),
replacement: std::env::var("CFG_SERVER_URL").unwrap_or("127.0.0.1:10001".to_string()),
scheme: std::env::var("CFG_SERVER_SCHEME").unwrap_or("http".to_string()),
}
});
if let Some(result) = replacer.replace(url.as_str()) {
println!("Redirecting to: {result}");
// TODO: Track https://doc.rust-lang.org/nightly/unstable-book/library-features/str-from-utf16-endian.html to replace widestring when stabilized
let new_url = widestring::U16CString::from_str(result.as_str()).unwrap();
let new_wstr = PCWSTR::from_raw(new_url.as_ptr());
std::ptr::copy_nonoverlapping(new_wstr.as_ptr(), wstr, new_wstr.as_wide().len() + 2);
};
}
unsafe extern "win64" fn dummy(_: *mut Registers, _: usize, _: usize) -> usize {
1
}

View file

@ -1,50 +0,0 @@
use ilhook::x64::{
CallbackOption, HookFlags, HookPoint, HookType, Hooker, JmpBackRoutine, RetnRoutine,
};
pub struct Interceptor {
pub hooks: Vec<HookPoint>,
}
impl Interceptor {
pub const fn new() -> Self {
Self { hooks: Vec::new() }
}
#[allow(dead_code)]
pub unsafe fn attach(
&mut self,
addr: usize,
routine: JmpBackRoutine,
) -> Result<(), ilhook::HookError> {
let hooker = Hooker::new(
addr,
HookType::JmpBack(routine),
CallbackOption::None,
0,
HookFlags::empty(),
);
let hook_point = hooker.hook()?;
self.hooks.push(hook_point);
Ok(())
}
pub unsafe fn replace(
&mut self,
addr: usize,
routine: RetnRoutine,
) -> Result<(), ilhook::HookError> {
let hooker = Hooker::new(
addr,
HookType::Retn(routine),
CallbackOption::None,
0,
HookFlags::empty(),
);
let hook_point = hooker.hook()?;
self.hooks.push(hook_point);
Ok(())
}
}

View file

@ -2,72 +2,50 @@ use std::thread;
use std::time::Duration;
use ilhook::x64::Registers;
use interceptor::Interceptor;
use windows::core::{w, PCSTR, PCWSTR};
use interceptor_rs::Interceptor;
use windows::core::{PCSTR, PCWSTR};
use windows::Win32::Foundation::HINSTANCE;
use windows::Win32::System::Console;
use windows::Win32::System::LibraryLoader::GetModuleHandleA;
use windows::Win32::System::SystemServices::DLL_PROCESS_ATTACH;
use windows::Win32::{Foundation::HINSTANCE, System::LibraryLoader::GetModuleHandleA};
mod interceptor;
use offsets::CONFIG;
mod offsets;
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
mod replacer;
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
mod extras;
#[cfg(feature = "cn_beta_1_3_0")]
use offsets::CN_BETA_1_3_0_CONFIG as CONFIG;
#[cfg(feature = "os_live_1_3_0")]
use offsets::OS_LIVE_1_3_0_CONFIG as CONFIG;
unsafe fn thread_func() {
Console::AllocConsole().unwrap();
println!("Wuthering Waves signature check bypass");
fn thread_func() {
unsafe { Console::AllocConsole() }.unwrap();
println!("Wuthering Waves essential binary patcher");
println!("Don't forget to visit https://discord.gg/reversedrooms");
let module = GetModuleHandleA(PCSTR::null()).unwrap();
println!("Base: {:X}", module.0 as usize);
println!("Waiting for ACE init");
let module = unsafe { GetModuleHandleA(PCSTR::null()) }.unwrap();
let pak_file_offset = ((module.0 as usize) + CONFIG.f_pak_file_check) as *const u64;
loop {
if unsafe { std::ptr::read(pak_file_offset) } == CONFIG.f_pak_file_check_preamble {
println!("ACE Initialization finished");
break;
}
thread::sleep(Duration::from_millis(1))
}
let mut interceptor = Interceptor::new();
interceptor
.replace(
(module.0 as usize) + CONFIG.f_pak_file_check,
fpakfile_check_replacement,
)
.replace((module.0 as usize) + CONFIG.f_pak_file_check, fpakfile_check_replacement)
.unwrap();
interceptor
.attach((module.0 as usize) + CONFIG.kuro_http_get, on_kurohttp_get)
.unwrap();
let krsdk_ex = loop {
match GetModuleHandleA(CONFIG.sdk_dll) {
Ok(handle) => break handle,
Err(_) => thread::sleep(Duration::from_millis(1)),
}
};
interceptor
.replace((krsdk_ex.0 as usize) + CONFIG.eula_accept, dummy)
.unwrap();
interceptor
.replace((krsdk_ex.0 as usize) + CONFIG.sdk_go_away, dummy)
.unwrap();
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
extras::configure_extras(&mut interceptor);
println!("Successfully initialized!");
thread::sleep(Duration::from_secs(u64::MAX));
}
unsafe extern "win64" fn on_kurohttp_get(reg: *mut Registers, _: usize) {
let wstr = *((*reg).rcx as *const usize) as *mut u16;
let url = PCWSTR::from_raw(wstr).to_string().unwrap();
println!("HTTP GET: {url}");
if url.ends_with("/index.json") {
println!("index.json requested, redirecting");
let new_wstr = w!("http://127.0.0.1:10001/index.json");
std::ptr::copy_nonoverlapping(new_wstr.as_ptr(), wstr, new_wstr.as_wide().len() + 2);
}
}
unsafe extern "win64" fn fpakfile_check_replacement(
reg: *mut Registers,
_: usize,
@ -80,10 +58,6 @@ unsafe extern "win64" fn fpakfile_check_replacement(
1
}
unsafe extern "win64" fn dummy(_: *mut Registers, _: usize, _: usize) -> usize {
1
}
#[no_mangle]
unsafe extern "system" fn DllMain(_: HINSTANCE, call_reason: u32, _: *mut ()) -> bool {
if call_reason == DLL_PROCESS_ATTACH {
@ -91,4 +65,4 @@ unsafe extern "system" fn DllMain(_: HINSTANCE, call_reason: u32, _: *mut ()) ->
}
true
}
}

View file

@ -1,27 +1,74 @@
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
use windows::core::{PCSTR, s};
pub(crate) struct InjectConfiguration {
pub(crate) f_pak_file_check: usize,
pub(crate) kuro_http_get: usize,
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
pub(crate) struct DisableSdkConfiguration {
pub(crate) sdk_dll: PCSTR,
pub(crate) eula_accept: usize,
pub(crate) sdk_go_away: usize,
}
pub(crate) struct InjectConfiguration {
pub(crate) f_pak_file_check: usize,
pub(crate) f_pak_file_check_preamble: u64,
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
pub(crate) kuro_http_get: usize,
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
pub(crate) disable_sdk: DisableSdkConfiguration,
}
#[cfg(feature = "cn_beta_1_4_0")]
pub(crate) const CONFIG: InjectConfiguration = InjectConfiguration {
f_pak_file_check: 0x3E37D90, // 0x3E37D90
f_pak_file_check_preamble: 0x8148574157565340,
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
kuro_http_get: 0xFE9E00,
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
disable_sdk: DisableSdkConfiguration{
sdk_dll: s!("KRSDKEx.dll"),
eula_accept: 0x4A6D0,
sdk_go_away: 0x8BB40,
}
};
#[cfg(feature = "cn_beta_1_3_0")]
pub(crate) const CN_BETA_1_3_0_CONFIG: InjectConfiguration = InjectConfiguration {
pub(crate) const CONFIG: InjectConfiguration = InjectConfiguration {
f_pak_file_check: 0x3D2F460,
f_pak_file_check_preamble: 0x8148574157565340,
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
kuro_http_get: 0xFC8CF0,
sdk_dll: s!("KRSDKEx.dll"),
eula_accept: 0x4A690,
sdk_go_away: 0x8BB80
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
disable_sdk: DisableSdkConfiguration{
sdk_dll: s!("KRSDKEx.dll"),
eula_accept: 0x4A690,
sdk_go_away: 0x8BB80,
}
};
#[cfg(feature = "cn_live_1_3_0")]
pub(crate) const CONFIG: InjectConfiguration = InjectConfiguration {
f_pak_file_check: 0x3D35DF0,
f_pak_file_check_preamble: 0x8148574157565340,
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
kuro_http_get: 0xFC9900,
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
disable_sdk: DisableSdkConfiguration{
sdk_dll: s!("KRSDKEx.dll"),
eula_accept: 0x4A690,
sdk_go_away: 0x8B9F0,
}
};
#[cfg(feature = "os_live_1_3_0")]
pub(crate) const OS_LIVE_1_3_0_CONFIG: InjectConfiguration = InjectConfiguration {
pub(crate) const CONFIG: InjectConfiguration = InjectConfiguration {
f_pak_file_check: 0x3CDC430,
f_pak_file_check_preamble: 0x8148574157565340,
#[cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
kuro_http_get: 0xFC6C20,
sdk_dll: s!("KRSDK.dll"),
eula_accept: 0x94710,
sdk_go_away: 0x9FE10
#[cfg(all(not(feature = "enable-sdk"), not(feature = "only-sig-bypass"), feature = "regular"))]
disable_sdk: DisableSdkConfiguration{
sdk_dll: s!("KRSDK.dll"),
eula_accept: 0x95440,
sdk_go_away: 0xA1280
}
};

30
src/replacer.rs Normal file
View file

@ -0,0 +1,30 @@
#![cfg(all(not(feature = "only-sig-bypass"), feature = "regular"))]
pub(crate) trait Replacer {
fn replace(&self, original: &str) -> Option<String>;
}
pub(crate) struct GenericReplacer {
pub(crate) regex: regex::Regex,
pub(crate) replacement: String,
pub(crate) scheme: String,
}
impl Replacer for GenericReplacer {
fn replace(&self, original: &str) -> Option<String> {
// Prepare output array
let mut results: Vec<String> = vec![];
// Perform the capture over input
for (_, [path]) in self.regex.captures_iter(original).map(|c| c.extract()) {
results.push(format!("{}://{}/{}", self.scheme, self.replacement, path));
}
// We are supposed to only parse one entry from text
if 1 == results.len() {
return Some(results.remove(0));
} else if results.is_empty() {
println!("No valid url match found so returning original url");
} else {
println!("Invalid number of entries parsed, expected 1, obtained {:?}", results.len());
}
None
}
}