Add base for skipping amauthd, not functional yet

BroGamer4256 · Sep 15, 2022 · 6f998ad · 6f998ad
1 parent 3576c04
commit 6f998ad
Show file tree

Hide file tree

Showing 7 changed files with 396 additions and 9 deletions.
diff --git a/dist/config.toml b/dist/config.toml
@@ -2,6 +2,8 @@
 drumMax = 20000
 drumMin = 10000
 
+server = "vsapi.taiko-p.jp"
+
 accessCode1 = 1
 chipId1 = 1
 

diff --git a/patches/8.18/dllmain.c b/patches/8.18/dllmain.c
@@ -8,11 +8,10 @@ HOOK_DYNAMIC (u8, __fastcall, qrReadFromCOM1, u64 a1) {
 	return 1;
 }
 
-i32 __stdcall DllMain (HMODULE mod, DWORD cause, void *ctx) {
-	if (cause != DLL_PROCESS_ATTACH) return 1;
-
+void
+PreInit () {
 	toml_table_t *config = openConfig (configPath ("plugins/patches.toml"));
-	if (!config) return 1;
+	if (!config) return;
 	void *handle = GetModuleHandle (0);
 	WRITE_MEMORY (ASLR (0x1400239C0, handle), u8, 0xC3);                                                          // Stop error
 	if (readConfigBool (config, "unlock_songs", true)) WRITE_MEMORY (ASLR (0x140314E8D, handle), u8, 0xB0, 0x01); // Unlock songs
@@ -39,6 +38,4 @@ i32 __stdcall DllMain (HMODULE mod, DWORD cause, void *ctx) {
 
 	INSTALL_HOOK_DYNAMIC (qrVtable1, amHandle + 0x1BA00);
 	INSTALL_HOOK_DYNAMIC (qrReadFromCOM1, amHandle + 0x1BC20);
-
-	return 1;
 }
diff --git a/patches/what_the_fuck/Makefile b/patches/what_the_fuck/Makefile
@@ -0,0 +1,31 @@
+OUT = what_the_fuck
+CXX := x86_64-w64-mingw32-g++
+TARGET := x86_64-pc-windows-gnu
+SRC = dllmain.cpp
+OBJ = ${addprefix ../../${TARGET}/patches/what_the_fuck/,${SRC:.cpp=.o}}
+EXTERN_SRC = src/helpers.c tomlc99/toml.c minhook/src/buffer.c minhook/src/hook.c minhook/src/trampoline.c minhook/src/hde/hde32.c minhook/src/hde/hde64.c
+EXTERN_OBJ = ${addprefix ../../${TARGET}/,${EXTERN_SRC:.c=.o}}
+CXXFLAGS = -std=c++11 -I../../src -I../../minhook/include -I../../tomlc99 -Wall -Ofast -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=_WIN32_WINNT_WIN7
+LDFLAGS := -shared -static -static-libgcc -s
+LIBS := -lmingw32 -luuid -lgdi32 -lwinmm -limm32 -lole32 -loleaut32 -lsetupapi -lversion -pthread
+
+all: options ${OUT}
+
+.PHONY: dirs
+dirs:
+	@mkdir -p ../../${TARGET}/patches/what_the_fuck
+
+.PHONY: options
+options:
+	@echo "CFLAGS	= ${CFLAGS}"
+	@echo "LDFLAGS	= ${LDFLAGS}"
+	@echo "CXX	= ${CXX}"
+
+../../${TARGET}/patches/what_the_fuck/%.o: %.cpp
+	@echo BUILD $@
+	@${CXX} -c ${CXXFLAGS} $< -o $@
+
+.PHONY: ${OUT}
+${OUT}: dirs ${OBJ}
+	@echo LINK $@
+	@${CXX} ${CXXFLAGS} -o ../../${TARGET}/$@.dll ${OBJ} ${EXTERN_OBJ} ${LDFLAGS} ${LIBS}
diff --git a/patches/what_the_fuck/dllmain.cpp b/patches/what_the_fuck/dllmain.cpp
@@ -0,0 +1,280 @@
+// Here be lions
+#include <chrono>
+#include <combaseapi.h>
+#include <thread>
+#include <unknwn.h>
+#include <winerror.h>
+#include <winnt.h>
+// Needs to be after for DEFINE_GUID
+#include "helpers.h"
+
+extern "C" {
+
+DWORD reg = 0;
+
+DEFINE_GUID (IID_CAuthFactory, 0x4603BB03, 0x058D, 0x43D9, 0xB9, 0x6F, 0x63, 0x9B, 0xE9, 0x08, 0xC1, 0xED);
+DEFINE_GUID (IID_CAuth, 0x045A5150, 0xD2B3, 0x4590, 0xA3, 0x8B, 0xC1, 0x15, 0x86, 0x78, 0xE1, 0xAC);
+
+class CAuth : public IUnknown {
+  public:
+	STDMETHODIMP
+	QueryInterface (REFIID riid, LPVOID *ppvObj) {
+		wchar_t *iid_str;
+		StringFromCLSID (riid, &iid_str);
+		printf ("QueryInterface %ls\n", iid_str);
+
+		if (riid == IID_IUnknown || riid == IID_CAuth) {
+			*ppvObj = this;
+			this->AddRef ();
+			return 0;
+		} else {
+			*ppvObj = 0;
+			return E_NOINTERFACE;
+		}
+	}
+	STDMETHODIMP_ (ULONG) AddRef () { return this->refCount++; }
+	STDMETHODIMP_ (ULONG) Release () {
+		this->refCount--;
+		if (this->refCount <= 0) {
+			delete this;
+			return 0;
+		}
+		return this->refCount;
+	}
+
+	// Seems to verify that local network is valid?
+	virtual i64
+	Unk3 (u32 a1) {
+		return 1;
+	}
+	virtual i64
+	Unk4 () {
+		return 1;
+	}
+	// Seems to check a config field, something to do with server/client
+	virtual i32
+	Unk5 () {
+		return 0;
+	}
+	// Seems to check that some config field is valid
+	virtual i64
+	Unk6 () {
+		return 1;
+	}
+	// Sets a random global to 1
+	virtual i32
+	Unk7 () {
+		return 0;
+	}
+	// Set some global vars
+	virtual i32
+	Unk8 () {
+		return 0;
+	}
+	// Puts some globals into a1
+	virtual i32
+	Unk9 (i32 *a1) {
+		printf ("Unk9\n");
+		a1[0x28] = 0;
+		a1[1]    = 1;
+		a1[7]    = 1;
+		a1[0x2C] = 1;
+		a1[0x2A] = 1;
+		a1[0x2E] = 1;
+		a1[0x31] = 0x11;
+		a1[0x30] = 1;
+		a1[0x2F] = 1;
+		return 0;
+	}
+	// Copies from a global to a1
+	virtual i32
+	Unk10 (void *a1) {
+		printf ("Unk10\n");
+		memset (a1, 0, 0xA8);
+		return 0;
+	}
+	// Lotsa fancy stuff here
+	virtual i32
+	Unk11 (char *a1) {
+		printf ("Unk11\n");
+		memset (a1, 0, 0x13C);
+		strncpy_s (a1, 4, "1", 3);
+		strncpy_s (a1 + 4, 0x10, "ALLNET", 0xF);
+		strncpy_s (a1 + 20, 8, "SWBY", 7);
+		strncpy_s (a1 + 28, 8, "12.00", 7);
+		strncpy_s (a1 + 36, 8, "S121", 7);
+		strncpy_s (a1 + 44, 8, "08.18", 7);
+		strncpy_s (a1 + 52, 4, "0", 3);
+		strncpy_s (a1 + 56, 4, "PCB", 3);
+		strncpy_s (a1 + 60, 0x100, "https://v402-front.mucha-prd.nbgi-amnet.jp:10122/mucha_front/", 0xFF);
+		return 0;
+	}
+	// Some config stuff, unsure if true or false wanted
+	virtual i32
+	Unk12 () {
+		return 1;
+	}
+	virtual i32
+	Unk13 () {
+		return 1;
+	}
+	// Seems to be some kind of copy? Can return E_FAIL and E_ACCESSDENIED
+	virtual i32
+	Unk14 (void *a1) {
+		printf ("Unk14\n");
+		memset (a1, 0, 0x8A2);
+		return 0;
+	}
+	// Can return E_FAIL E_ABORT E_UNEXPECTED
+	virtual i32
+	Unk15 () {
+		return 0;
+	}
+	// Config stuff
+	virtual i32
+	Unk16 () {
+		return 0;
+	}
+	virtual i32
+	Unk17 () {
+		return 0;
+	}
+	// Seems to be some kind of copy? Can return E_FAIL and E_ACCESSDENIED
+	virtual i32
+	Unk18 (void *a1) {
+		printf ("Unk18\n");
+		return 0;
+	}
+	// Fancy stuff happening here
+	virtual i32
+	Unk19 (void *a1) {
+		printf ("Unk19\n");
+		return 0;
+	}
+	// Can return E_FAIL E_ABORT E_UNEXPECTED E_NOTIMPL
+	// Something to do with MH
+	virtual i32
+	Unk20 () {
+		printf ("Unk20\n");
+		return 0;
+	}
+	// Can return E_FAIL E_ABORT E_UNEXPECTED E_NOTIMPL
+	// Something to do with a list<T>
+	// Maybe an init function
+	virtual i32
+	Unk21 () {
+		return 1;
+	}
+	virtual i32
+	Unk22 () {
+		return 0;
+	}
+	virtual i32
+	Unk23 () {
+		return 0;
+	}
+	// E_FAIL E_NOTIMPL
+	virtual i32
+	Unk24 () {
+		return 0;
+	}
+	// E_FAIL E_UNEXPECTED E_NOTIMPL
+	virtual i32
+	Unk25 () {
+		return 1;
+	}
+	// E_FAIL E_NOTIMPL
+	virtual i32
+	Unk26 () {
+		return 0;
+	}
+	// E_FAIL E_UNEXPECTED E_NOTIMPL
+	virtual i32
+	Unk27 () {
+		return 1;
+	}
+	// E_FAIL E_NOTIMPL
+	virtual i32
+	Unk28 () {
+		return 0;
+	}
+	// E_FAIL E_ACCESSDENIED
+	virtual i32
+	Unk29 () {
+		return 0;
+	}
+	virtual i32
+	Unk30 () {
+		return 0;
+	}
+	// nothing special
+	virtual i32
+	PrintDebugInfo () {
+		return 0;
+	}
+	virtual i32
+	Unk32 (void *a1) {
+		return 0;
+	}
+	virtual void
+	Unk33 () {}
+
+  public:
+	CAuth () { printf ("CAuth\n"); }
+	virtual ~CAuth () {}
+
+  private:
+	i32 refCount = 0;
+};
+
+class CAuthFactory : public IClassFactory {
+  public:
+	STDMETHODIMP
+	QueryInterface (REFIID riid, LPVOID *ppvObj) {
+		wchar_t *iid_str;
+		StringFromCLSID (riid, &iid_str);
+		printf ("QueryInterface %ls\n", iid_str);
+
+		if (riid == IID_IUnknown || riid == IID_IClassFactory || riid == IID_CAuthFactory) {
+			*ppvObj = this;
+			this->AddRef ();
+			return 0;
+		} else {
+			*ppvObj = 0;
+			return E_NOINTERFACE;
+		}
+	}
+	STDMETHODIMP_ (ULONG) AddRef () { return 2; }
+	STDMETHODIMP_ (ULONG) Release () { return 1; }
+	virtual HRESULT
+	CreateInstance (IUnknown *outer, REFIID riid, void **object) {
+		if (outer != 0) return CLASS_E_NOAGGREGATION;
+		wchar_t *iid_str;
+		StringFromCLSID (riid, &iid_str);
+		printf ("CreateInstance %ls\n", iid_str);
+		if (riid == IID_CAuth) {
+			CAuth *auth = new CAuth ();
+			return auth->QueryInterface (riid, object);
+		} else {
+			*object = 0;
+			return E_NOINTERFACE;
+		}
+	}
+	virtual HRESULT
+	LockServer (i32 lock) {
+		return 0;
+	}
+};
+
+void
+Init () {
+	CoInitializeEx (0, 0);
+	CoRegisterClassObject (IID_CAuthFactory, (IUnknown *)new CAuthFactory (), 4, 1, &reg);
+}
+
+void
+Exit () {
+	CoRevokeClassObject (reg);
+	CoUninitialize ();
+}
+}
diff --git a/src/boilerplate.c b/src/boilerplate.c
@@ -14,7 +14,6 @@ HOOK_DYNAMIC (u32, __stdcall, XinputGetCapabilites, u32 index, u32 flags, void *
 
 // bnusio stuff
 RETURN_FALSE (i64, __stdcall, bnusio_ClearSram);
-RETURN_FALSE (i64, __stdcall, bnusio_Close);
 RETURN_FALSE (i64, __fastcall, bnusio_Communication, i32 a1);
 RETURN_FALSE (i64, __fastcall, bnusio_DecService, i32 a1, u16 a2);
 RETURN_FALSE (void *, __fastcall, bnusio_GetBuffer, u16 a1, i64 a2, i16 a3);
@@ -67,7 +66,6 @@ HOOK_DYNAMIC (void, __stdcall, bngrw_fin) { return; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_GetFwVersion) { return 0; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_GetStationID) { return 0; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_GetRetryCount) { return 0; }
-HOOK_DYNAMIC (u64, __stdcall, bngrw_Init) { return 0; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_IsCmdExec) { return 0xFFFFFFFF; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_ReqAction) { return 1; }
 HOOK_DYNAMIC (u64, __stdcall, bngrw_ReqAiccAuth) { return 1; }
@@ -100,7 +98,6 @@ init_boilerplate () {
 	INSTALL_HOOK_DYNAMIC (bngrw_GetFwVersion, PROC_ADDRESS ("bngrw.dll", "BngRwGetFwVersion"));
 	INSTALL_HOOK_DYNAMIC (bngrw_GetStationID, PROC_ADDRESS ("bngrw.dll", "BngRwGetStationID"));
 	INSTALL_HOOK_DYNAMIC (bngrw_GetRetryCount, PROC_ADDRESS ("bngrw.dll", "BngRwGetTotalRetryCount"));
-	INSTALL_HOOK_DYNAMIC (bngrw_Init, PROC_ADDRESS ("bngrw.dll", "BngRwInit"));
 	INSTALL_HOOK_DYNAMIC (bngrw_IsCmdExec, PROC_ADDRESS ("bngrw.dll", "BngRwIsCmdExec"));
 	INSTALL_HOOK_DYNAMIC (bngrw_ReqAction, PROC_ADDRESS ("bngrw.dll", "BngRwReqAction"));
 	INSTALL_HOOK_DYNAMIC (bngrw_ReqAiccAuth, PROC_ADDRESS ("bngrw.dll", "BngRwReqAiccAuth"));