CNCB5.0.50 support

Cargo.toml

@@ -4,7 +4,7 @@ version = "0.1.0"
 edition = "2021"
 
 [lib]
-name = "version"
+name = "ext"
 crate-type = ["cdylib"]
 
 [dependencies]

src/lib.rs

@@ -3,10 +3,10 @@
 use std::{sync::RwLock, time::Duration};
 
 use lazy_static::lazy_static;
-use util::try_get_base_address;
+use windows::core::PCSTR;
-use windows::Win32::Foundation::HINSTANCE;
 use windows::Win32::System::Console;
 use windows::Win32::System::SystemServices::DLL_PROCESS_ATTACH;
+use windows::Win32::{Foundation::HINSTANCE, System::LibraryLoader::GetModuleHandleA};
 
 mod interceptor;
 mod marshal;
@@ -16,7 +16,7 @@ mod util;
 use crate::modules::{Http, MhyContext, ModuleManager, Security};
 
 unsafe fn thread_func() {
-    let base = try_get_base_address("GenshinImpact.exe").unwrap();
+    let base = GetModuleHandleA(PCSTR::null()).unwrap().0 as usize;
 
     std::thread::sleep(Duration::from_secs(12));
 

src/marshal.rs

@@ -1,8 +1,8 @@
 use std::ffi::CStr;
 
-use crate::util;
+use windows::{core::PCSTR, Win32::System::LibraryLoader::GetModuleHandleA};
 
-const PTR_TO_STRING_ANSI: usize = 0x103CBB00;
+const PTR_TO_STRING_ANSI: usize = 0xF33F640;
 type MarshalPtrToStringAnsi = unsafe extern "fastcall" fn(*const u8) -> *const u8;
 
 pub unsafe fn ptr_to_string_ansi(content: &CStr) -> *const u8 {
@@ -11,5 +11,5 @@ pub unsafe fn ptr_to_string_ansi(content: &CStr) -> *const u8 {
 }
 
 unsafe fn base() -> usize {
-    util::try_get_base_address("GenshinImpact.exe").unwrap()
+    GetModuleHandleA(PCSTR::null()).unwrap().0 as usize
 }

src/modules/http.rs

@@ -5,8 +5,8 @@ use crate::marshal;
 use anyhow::Result;
 use ilhook::x64::Registers;
 
-const WEB_REQUEST_UTILS_MAKE_INITIAL_URL: usize = 0x110107A0;
+const WEB_REQUEST_UTILS_MAKE_INITIAL_URL: usize = 0xFFDA8B0;
-const BROWSER_LOAD_URL: usize = 0x10E55670;
+const BROWSER_LOAD_URL: usize = 0xFE06E40;
 
 pub struct Http;
 

src/modules/security.rs

@@ -6,9 +6,9 @@ use super::{MhyContext, MhyModule, ModuleType};
 use anyhow::Result;
 use ilhook::x64::Registers;
 
-const MHYRSA_PERFORM_CRYPTO_ACTION: usize = 0xC37F9B;
+const MHYRSA_PERFORM_CRYPTO_ACTION: usize = 0x9DD5C8;
-const KEY_SIGN_CHECK: usize = 0xC3C42D;
+const KEY_SIGN_CHECK: usize = 0x9DF4BC;
-const SDK_UTIL_RSA_ENCRYPT: usize = 0x1088E510;
+const SDK_UTIL_RSA_ENCRYPT: usize = 0xF7A73C0;
 
 const KEY_SIZE: usize = 268;
 static SERVER_PUBLIC_KEY: &[u8] = include_bytes!("../../server_public_key.bin");

src/util.rs

@@ -10,15 +10,6 @@ pub fn wide_str(value: &str) -> Vec<u16> {
     OsStr::new(value).encode_wide().chain(once(0)).collect()
 }
 
-pub unsafe fn try_get_base_address(module_name: &str) -> Option<usize> {
-    let w_module_name = wide_str(module_name);
-
-    match GetModuleHandleW(PCWSTR::from_raw(w_module_name.as_ptr())) {
-        Ok(module) => Some(module.0 as usize),
-        Err(_) => None
-    }
-}
-
 // VMProtect hooks NtProtectVirtualMemory to prevent changing protection of executable segments
 // We use this trick to remove hook
 pub unsafe fn disable_memprotect_guard() {