From 458b3d75f5f8552ebbe8f88f41d64e1a11690594 Mon Sep 17 00:00:00 2001
From: xeon <xeon@xeondev.com>
Date: Sat, 31 Aug 2024 11:10:50 +0300
Subject: [PATCH] Block query_security_file

Fixed 'the client is damaged' error popup, which appeared due to remote anticheat config update from hoyo
---
 src/lib.rs                 |  9 ++++++---
 src/modules/ccp_blocker.rs | 38 ++++++++++++++++++++++++++++++++++++++
 src/modules/mod.rs         |  3 +++
 3 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 src/modules/ccp_blocker.rs

diff --git a/src/lib.rs b/src/lib.rs
index ef3298f..08494f7 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -3,7 +3,7 @@
 use std::{sync::RwLock, time::Duration};
 
 use lazy_static::lazy_static;
-use modules::Misc;
+use modules::{CcpBlocker, Misc};
 use windows::core::PCSTR;
 use windows::Win32::System::Console;
 use windows::Win32::System::SystemServices::DLL_PROCESS_ATTACH;
@@ -18,8 +18,12 @@ use crate::modules::{Http, MhyContext, ModuleManager, Security};
 
 unsafe fn thread_func() {
     let base = GetModuleHandleA(PCSTR::null()).unwrap().0 as usize;
+    let mut module_manager = MODULE_MANAGER.write().unwrap();
 
-    std::thread::sleep(Duration::from_secs(12));
+    // Block query_security_file ASAP
+    module_manager.enable(MhyContext::<CcpBlocker>::new(base));
+
+    std::thread::sleep(Duration::from_secs(14));
 
     util::disable_memprotect_guard();
     Console::AllocConsole().unwrap();
@@ -27,7 +31,6 @@ unsafe fn thread_func() {
     println!("Genshin Impact encryption patch\nMade by xeondev\nTo work with XilonenImpact: git.xeondev.com/reversedrooms/XilonenImpact");
     println!("Base: {:X}", base);
 
-    let mut module_manager = MODULE_MANAGER.write().unwrap();
     module_manager.enable(MhyContext::<Http>::new(base));
     module_manager.enable(MhyContext::<Security>::new(base));
     module_manager.enable(MhyContext::<Misc>::new(base));
diff --git a/src/modules/ccp_blocker.rs b/src/modules/ccp_blocker.rs
new file mode 100644
index 0000000..dc5a57e
--- /dev/null
+++ b/src/modules/ccp_blocker.rs
@@ -0,0 +1,38 @@
+use std::ffi::CStr;
+
+use super::{MhyContext, MhyModule, ModuleType};
+use anyhow::Result;
+use ilhook::x64::Registers;
+use windows::{
+    core::s,
+    Win32::System::LibraryLoader::{GetModuleHandleA, GetProcAddress},
+};
+
+pub struct CcpBlocker;
+
+impl MhyModule for MhyContext<CcpBlocker> {
+    unsafe fn init(&mut self) -> Result<()> {
+        let winsock2 = GetModuleHandleA(s!("Ws2_32.dll")).unwrap();
+        let getaddrinfo = GetProcAddress(winsock2, s!("getaddrinfo")).unwrap();
+
+        self.interceptor
+            .attach(getaddrinfo as usize, on_getaddrinfo)
+    }
+
+    unsafe fn de_init(&mut self) -> Result<()> {
+        Ok(())
+    }
+
+    fn get_module_type(&self) -> super::ModuleType {
+        ModuleType::CcpBlocker
+    }
+}
+
+unsafe extern "win64" fn on_getaddrinfo(reg: *mut Registers, _: usize) {
+    let host_ptr = (*reg).rcx as *const i8;
+    let host = CStr::from_ptr(host_ptr);
+
+    if host.to_string_lossy() == "dispatchcnglobal.yuanshen.com" {
+        std::ptr::copy_nonoverlapping(c"0.0.0.0".as_ptr(), (*reg).rcx as *mut i8, 9);
+    }
+}
diff --git a/src/modules/mod.rs b/src/modules/mod.rs
index 68332ca..03c8d3e 100644
--- a/src/modules/mod.rs
+++ b/src/modules/mod.rs
@@ -4,10 +4,12 @@ use anyhow::Result;
 
 use crate::interceptor::Interceptor;
 
+mod ccp_blocker;
 mod http;
 mod misc;
 mod security;
 
+pub use ccp_blocker::CcpBlocker;
 pub use http::Http;
 pub use misc::Misc;
 pub use security::Security;
@@ -41,6 +43,7 @@ pub enum ModuleType {
     Http,
     Security,
     Misc,
+    CcpBlocker,
 }
 
 pub trait MhyModule {