-5
请帮助,我的错误是“错误C2601:'BlackOps2':本地功能定义是非法的。我编辑了帖子并添加了完整的代码。请帮忙。顺便说一句,如果有人感到困惑,这只是禁止绕行的编码。这里是我的编码:错误C2601:'BlackOps2':本地功能定义是非法的
#include "stdafx.h"
#include "Config.h"
#include "Utilities.h"
#include "TitleSpecificHooks.h"
#include "SystemHooks.h"
#include "PatchData.h"
#include "Utilities.h"
#include <xbdm.h>
extern HANDLE hXam;
extern DWORD ApplyPatches(CHAR* FilePath, const VOID* DefaultPatches = NULL);
extern int applyPatchData(DWORD* patchData);
wchar_t challengeNotify[XSTL_BUFFER_CHALLENGENOTIFYLEN];
SERVER_GET_CUSTOM_RESPONCE cData;
DWORD XSecurityCreateProcessHook(DWORD dwHardwareThread)
{
return ERROR_SUCCESS;
}
VOID XSecurityCloseProcessHook(){}
VOID __cdecl APCWorker(void* Arg1, void* Arg2, void* Arg3)
{
// Call our completion routine if we have one
if(Arg2)
((LPOVERLAPPED_COMPLETION_ROUTINE)Arg2)((DWORD)Arg3, 0, (LPOVERLAPPED)Arg1);
}
DWORD XSecurityVerifyHook(DWORD dwMilliseconds, LPOVERLAPPED lpOverlapped, LPOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
// Queue our completion routine
if(lpCompletionRoutine)
NtQueueApcThread((HANDLE)-2, (PIO_APC_ROUTINE)APCWorker, lpOverlapped, (PIO_STATUS_BLOCK)lpCompletionRoutine, 0);
// All done
return ERROR_SUCCESS;
}
DWORD XSecurityGetFailureInfoHook(PXSECURITY_FAILURE_INFORMATION pFailureInformation)
{
if (pFailureInformation->dwSize != 0x18) return ERROR_NOT_ENOUGH_MEMORY;
pFailureInformation->dwBlocksChecked = 0;
pFailureInformation->dwFailedReads = 0;
pFailureInformation->dwFailedHashes = 0;
pFailureInformation->dwTotalBlocks = 0;
pFailureInformation->fComplete = TRUE;
return ERROR_SUCCESS;
}
DWORD XexGetProcedureAddressHook(HANDLE hand, DWORD dwOrdinal, PVOID* pvAddress)
{
// Check our module
if(hand == hXam)
{
switch(dwOrdinal)
{
case 0x9BB:
*pvAddress = XSecurityCreateProcessHook;
return 0;
case 0x9BC:
*pvAddress = XSecurityCloseProcessHook;
return 0;
case 0x9BD:
*pvAddress = XSecurityVerifyHook;
return 0;
case 0x9BE:
*pvAddress = XSecurityGetFailureInfoHook;
return 0;
}
}
// Call our real function if we aren't interested
return XexGetProcedureAddress(hand, dwOrdinal, pvAddress);
}
extern "C"
{
NTSYSAPI
EXPORTNUM(309)
HRESULT
NTAPI
XNetLogonGetMachineID(
IN OUT QWORD* pqwMachineID
);
}
NTSTATUS XeKeysGetKeyHook(WORD KeyId, PVOID KeyBuffer, PDWORD keyLength)
{
if(KeyId == 0x14)
{
XUSER_SIGNIN_INFO userInfo;
XamUserGetSigninInfo(0, XUSER_GET_SIGNIN_INFO_ONLINE_XUID_ONLY, &userInfo);
BYTE gamertagSha[0x10];
XeCryptSha((PBYTE)userInfo.szUserName, strlen(userInfo.szUserName), NULL, NULL, NULL, NULL, gamertagSha, 0x10);
BYTE temp=0;
for(int i=0; i<0xC; i++)
{
temp=(gamertagSha[i]&0xE)+'0';
SetMemory(&((BYTE*)(KeyBuffer))[i], &temp, 1);
}
}
else return XeKeysGetKey(KeyId, KeyBuffer, keyLength);
return STATUS_SUCCESS;
}
HRESULT XeKeysGetConsoleIDHook(PBYTE databuffer OPTIONAL, char* szBuffer OPTIONAL)
{
XE_CONSOLE_ID consoleID;
XeKeysGetConsoleID((PBYTE)&consoleID, NULL);
XUSER_SIGNIN_INFO userInfo;
XamUserGetSigninInfo(0, XUSER_GET_SIGNIN_INFO_ONLINE_XUID_ONLY, &userInfo);
BYTE gamertagSha[0x10];
XeCryptSha((PBYTE)userInfo.szUserName, strlen(userInfo.szUserName), NULL, NULL, NULL, NULL, gamertagSha, 0x10);
consoleID.MacIndex3 = gamertagSha[0];
consoleID.MacIndex4 = gamertagSha[1];
consoleID.MacIndex5 = gamertagSha[2];
SetMemory(databuffer, &consoleID, 0x5);
return ERROR_SUCCESS;
}
int NetDll_XNetXnAddrToMachineIdHook(XNCALLER_TYPE xnc, XNADDR * pxnaddr, ULONGLONG * pqwMachineId){
int rett = NetDll_XNetXnAddrToMachineId(xnc, pxnaddr, pqwMachineId);
XUSER_SIGNIN_INFO userInfo;
XamUserGetSigninInfo(0, XUSER_GET_SIGNIN_INFO_ONLINE_XUID_ONLY, &userInfo);
BYTE gamertagSha[0x10];
XeCryptSha((PBYTE)userInfo.szUserName, strlen(userInfo.szUserName), NULL, NULL, NULL, NULL, gamertagSha, 0x10);
SetMemory(pqwMachineId+5, gamertagSha, 0x3);
return rett;
}
HRESULT XNetLogonGetMachineIDHook(QWORD* machineID)
{
QWORD machID = 0;
HRESULT rett = XNetLogonGetMachineID(&machID);
XUSER_SIGNIN_INFO userInfo;
XamUserGetSigninInfo(0, XUSER_GET_SIGNIN_INFO_ONLINE_XUID_ONLY, &userInfo);
BYTE gamertagSha[0x10];
XeCryptSha((PBYTE)userInfo.szUserName, strlen(userInfo.szUserName), NULL, NULL, NULL, NULL, gamertagSha, 0x10);
SetMemory(machineID + 5, gamertagSha, 0x3);
return rett;
}
typedef HRESULT (*pXamInputGetState)(QWORD r3,QWORD r4,QWORD r5);
pXamInputGetState XamInputGetState = (pXamInputGetState)ResolveFunction(NAME_XAM, 401);
static BOOL isFrozen = FALSE;
HRESULT XamInputGetStateHook(QWORD r3,QWORD r4,QWORD r5)
{
if(isFrozen)
{
return 0;
}
HRESULT ret = XamInputGetState(r3, r4, r5);
}
BOOL isDevKit;
typedef enum _XBOX_GAMES : DWORD
{
COD_BLACK_OPS_2 = 0x415608C3,
DASHBOARD = 0xFFFE07D1,
FREESTYLEDASH = 0xF5D20000,
COD_GHOSTS = 0x415608FC,
COD_ADVANCED_WARFARE = 0x41560914
} XBOX_GAMES;
static DWORD lastTitleID = 0;
VOID InitializeTitleSpecificHooks(PLDR_DATA_TABLE_ENTRY ModuleHandle)
{
// Hook any calls to XexGetProcedureAddress
PatchModuleImport(ModuleHandle, NAME_KERNEL, 407, (DWORD)XexGetProcedureAddressHook);
// If this module tries to load more modules, this will let us get those as well
PatchModuleImport(ModuleHandle, NAME_KERNEL, 408, (DWORD)XexLoadExecutableHook);
PatchModuleImport(ModuleHandle, NAME_KERNEL, 409, (DWORD)XexLoadImageHook);
PatchModuleImport(ModuleHandle, NAME_XAM, 401, (DWORD)XamInputGetStateHook);
XEX_EXECUTION_ID* pExecutionId = (XEX_EXECUTION_ID*)RtlImageXexHeaderField(ModuleHandle->XexHeaderBase, 0x00040006);
if (pExecutionId == 0) return;
#ifdef SPOOF_MS_POINTS
if (wcscmp(ModuleHandle->BaseDllName.Buffer, L"Guide.MP.Purchase.xex") == 0)
{
ApplyPatches(NULL, PATCH_DATA_MPPURCHASE_MSPOINTS_RETAIL);
}
else
{
//wprintf(L"\r\nChecked: %s\r\n", ModuleHandle->BaseDllName);
}
#endif
VOID BlackOps2()
{
*(QWORD*)0x823C07C8 = 0x6000000038600000; //Demonware Be Gone
BYTE Data[] = { 0x60, 0x00, 0x00, 0x00 };
memcpy((BYTE*)0x8259A65C, Data, 4); // Disable challenge log check
memcpy((BYTE*)0x82497EB0, Data, 4); // Disable call to protections
memcpy((BYTE*)0x82497F30, Data, 4); // Cheat
memcpy((BYTE*)0x82497EE0, Data, 4); // Write
memcpy((BYTE*)0x82497EC8, Data, 4); // Read
memcpy((BYTE*)0x82599680, Data, 4); // Ban 1
memcpy((BYTE*)0x82599670, Data, 4); // Ban 2
memcpy((BYTE*)0x82599628, Data, 4); // Ban 3
memcpy((BYTE*)0x8259964C, Data, 4); // Ban 4
memcpy((BYTE*)0x825996AC, Data, 4); // Ban Checks
memcpy((BYTE*)0x825996B4, Data, 4); // Console Checks
memcpy((BYTE*)0x82599644, Data, 4); // XUID Check
memcpy((BYTE*)0x8259964C, Data, 4); // Other
Sleep(500);
*(int*)0x821F5B7C = 0x38600001; //Redboxes
*(int*)0x82259BC8 = 0x38600001; //No Recoil
*(int*)0x821B8FD0 = 0x2B110001; //UAV
*(int*)0x82255E1C = 0x2B110001; //Laser
*(int*)0x821FC04C = 0x38C0FFFF; //Wallhack
}
VOID BlackOps2ZM()
{
*(int*)0x8259A65C = 0x60000000; //TU18
*(int*)0x825C6070 = 0x60000000; //TU18
*(int*)0x824A7620 = 0x60000000; //TU18
}
DWORD WINAPI BO2Launch_Go(LPVOID lpParam)
{
BlackOps2();
return 0;
}
DWORD WINAPI BO2ZMLaunch_Go(LPVOID lpParam)
{
BlackOps2ZM();
return 0;
}
DWORD WINAPI GHOSTSLaunch_Go(LPVOID lpParam)
{
*(DWORD*)0x82627614 = 0x39200009;
*(DWORD*)0x82627628 = 0x38600000;
*(DWORD*)0x82627634 = 0x39600001;
*(DWORD*)0x82627650 = 0x38600002;
*(DWORD*)0x8262767C = 0x48000010;
*(DWORD*)0x826276D4 = 0x48000010;
//*(QWORD*)(0x82627684) = 0x8921005061490000;
//*(QWORD*)(0x826276DC) = 0x8921005061490000;
Sleep(500);
*(int*)0x82265384 = 0x39200001;
*(int*)0x8226D2B4 = 0x60000000;
*(int*)0x82266448 = 0x60000000;
*(int*)0x8226C874 = 0x60000000;
*(int*)0x8226BB74 = 0x60000000;
*(int*)0x82290494 = 0x38C00005;
*(int*)0x822C9344 = 0x60000000;
return 0;
}
inline __declspec() bool Live_GetConsoleDetailsSavestub(unsigned char internalIP[4], unsigned char onlineIP[4], unsigned long long *machineIDH, unsigned long long *null, unsigned long long *enet)
{
__asm
{
nop
nop
nop
nop
nop
nop
nop
blr
}
}
int XNetXnAddrToMachineIdHookBO2(XNCALLER_TYPE xnc, XNADDR *pxnaddr, unsigned long long MachineId)
{
srand((unsigned int)time(0));
MachineId = 0xFA00000000000000 | (0x2000000 | rand() % 0x7FFFFF);
return 0;
}
int XNetXnAddrToMachineIdHook(XNCALLER_TYPE xnc, XNADDR* pxnaddr, unsigned long long* qwMachineId)
{
srand((unsigned int)time(0));
*qwMachineId = 0xFA00000002000000 | (0x2000000 | rand() % 0x7FFFFF);
return 0;
}
bool Live_GetConsoleDetailsHookAW(unsigned char internalIP[4], unsigned char onlineIP[4], unsigned long long *machineIDH, unsigned long long *null, unsigned long long *enet)
{
srand(time(0));
int iTargetAddress = 0;
__asm mflr iTargetAddress
if (iTargetAddress == 0x822C9FF8 || iTargetAddress == 0x822C9908)
{
for (int i = 0; i < 4; i++)
{
internalIP[i] = rand() % 0xFF; onlineIP[i] = rand() % 0xFF;
}
*enet = 0x001DD8000000 | rand() % 0x7FFFFF;
return true;
}
return Live_GetConsoleDetailsSavestub(internalIP, onlineIP, machineIDH, null, enet);
}
unsigned long XeXGetModuleHandleHookk(char* ModuleName)
{
if (strcmp(ModuleName, "xbdm.xex") == 0)
return 0;
else
return (unsigned long)GetModuleHandle(ModuleName);
}
VOID InitializeTitleSpecificHooks(PLDR_DATA_TABLE_ENTRY ModuleHandle)
{
// Hook any calls to XexGetProcedureAddress
PatchModuleImport(ModuleHandle, NAME_KERNEL, 407, (DWORD)XexGetProcedureAddressHook);
// If this module tries to load more modules, this will let us get those as well
PatchModuleImport(ModuleHandle, NAME_KERNEL, 408, (DWORD)XexLoadExecutableHook);
PatchModuleImport(ModuleHandle, NAME_KERNEL, 409, (DWORD)XexLoadImageHook);
PatchModuleImport(ModuleHandle, NAME_XAM, 401, (DWORD)XamInputGetStateHook);
// PatchModuleImport(ModuleHandle, NAME_XAM, 0x212, (DWORD)XamUserCheckPrivHook);
XEX_EXECUTION_ID* pExecutionId = (XEX_EXECUTION_ID*)RtlImageXexHeaderField(ModuleHandle->XexHeaderBase, 0x00040006);
if (pExecutionId == 0) return;
if (pExecutionId->TitleID == BO2)
{
DWORD tu18v = 0x00001202;
if (pExecutionId->Version < tu18v){
return;
}
else if (pExecutionId->Version > tu18v){
return returnToDash(L"Puregamer62's Bypass Failed: Wrong Title Update!");
}
else if (pExecutionId->Version == tu18v && lastTitleID != BO2){
for (int i = 0; i<4; i++){
if (XamUserIsOnlineEnabled(i)){
return returnToDash(L"Puregamer62's Offline Files - Please Start Black Ops 2 Logged Out!");
}
}
}
else{
isFrozen = TRUE;
Sleep(10000);
isFrozen = FALSE;
}
// HookFunctionStart((PDWORD)LiveStats_Probation_GiveProbation, (PDWORD)LiveStats_Probation_GiveProbationSaveStub, (DWORD)LiveStats_Probation_GiveProbationHook);
if (wcscmp(ModuleHandle->BaseDllName.Buffer, L"default_mp.xex") == 0)
{
PatchInJump((PDWORD)0x8173DFA8, (DWORD)XNetXnAddrToMachineIdHookBO2, false);//Machine ID XAM 17349
PatchInJump((PDWORD)0x82844820, (DWORD)XNetXnAddrToMachineIdHookBO2, false);//TU18 Machine ID From XeX
BYTE Data[] = { 0x60, 0x00, 0x00, 0x00 };
memcpy((BYTE*)0x8259A65C, Data, 4); // Disable challenge log check
memcpy((BYTE*)0x82497EB0, Data, 4); // Disable call to protections
memcpy((BYTE*)0x82497F30, Data, 4); // Cheat
memcpy((BYTE*)0x82497EE0, Data, 4); // Write
memcpy((BYTE*)0x82497EC8, Data, 4); // Read
memcpy((BYTE*)0x82599680, Data, 4); // Ban 1
memcpy((BYTE*)0x82599670, Data, 4); // Ban 2
memcpy((BYTE*)0x82599628, Data, 4); // Ban 3
memcpy((BYTE*)0x8259964C, Data, 4); // Ban 4
memcpy((BYTE*)0x825996AC, Data, 4); // Ban Checks
memcpy((BYTE*)0x825996B4, Data, 4); // Console Checks
memcpy((BYTE*)0x82599644, Data, 4); // XUID Check
memcpy((BYTE*)0x8259964C, Data, 4); // Other
*(int*)0x824E0CD8 = 0x60000000; // XeXGetModuleHandle
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x212)), (DWORD)GoldSpoofHook, false);
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x195)), (DWORD)XeXGetModuleHandleHookk, false);
PatchInJump((PDWORD)0x81A74DB4, (DWORD)XeKeysGetKeyHook, false); //XAM 17349
Sleep(2000);
XNotifyUI(L"Puregamer62's Offline Files - BO2 Multiplayer Bypass Activated!");
}
else if (wcscmp(ModuleHandle->BaseDllName.Buffer, L"default.xex") == 0)
{
PatchInJump((PDWORD)0x8173DFA8, (DWORD)XNetXnAddrToMachineIdHookBO2, false);//Machine ID XAM 17349
PatchInJump((PDWORD)0x82844820, (DWORD)XNetXnAddrToMachineIdHookBO2, false);//TU18 Machine ID From XeX
*(int*)0x824A7CB8 = 0x60000000; // Disable challenge log check
*(int*)0x823CF858 = 0x60000000; // Disable call to protections
*(int*)0x823CF8A0 = 0x60000000; // Cheat
*(int*)0x823CF888 = 0x60000000; // Write
*(int*)0x823CF870 = 0x60000000; // Read
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x195)), (DWORD)XeXGetModuleHandleHookk, false);
PatchInJump((PDWORD)0x81A74DB4, (DWORD)XeKeysGetKeyHook, false); //XAM 17349
Sleep(2000);
XNotifyUI(L"Puregamer62's Offline Files - BO2 Zombies Bypass Activated!");
Sleep(5000);
//Notify Client About Success!
XNotifyQueueUI(XNOTIFYUI_TYPE_PREFERRED_REVIEW, 0, 2, L"Sysclla - Black Ops 2 Bypass Enabled!", NULL);
}
else if (pExecutionId->TitleID == AW)
{
HookFunctionStart((PDWORD)0x8233B018, (PDWORD)Live_GetConsoleDetailsSavestub, (DWORD)Live_GetConsoleDetailsHookAW);
PatchInJump((PDWORD)0x8173DFA8, (DWORD)XNetXnAddrToMachineIdHook, false);//Machine ID XAM 17349
PatchInJump((PDWORD)0x8219EAA8, (DWORD)XNetXnAddrToMachineId, false);//Machine ID TU17
{
DbgPrint("Puregamer62's Offline Files - Hooked MachineID!");
Sleep(1000);
*(long long*)0x822CA190 = 0x8921005060000000;
*(int*)0x822CA18C = 0x48000010;
*(int*)0x822CA184 = 0x38600000;
*(int*)0x822CA0EC = 0x3920331C;
*(PBYTE)0x8233B0E7 = 0x00;
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x212)), (DWORD)GoldSpoofHook, false);
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x195)), (DWORD)XeXGetModuleHandleHookk, false);
PatchInJump((PDWORD)0x81A74DB4, (DWORD)XeKeysGetKeyHook, false); //XAM
Sleep(5000);
XNotifyQueueUI(XNOTIFYUI_TYPE_PREFERRED_REVIEW, 0, 2, L"Puregamer62's Offline Files - Advanced Warfare Bypass Activated!", NULL);
}
}
else if (pExecutionId->TitleID == GHOSTS)
{
if (wcscmp(ModuleHandle->BaseDllName.Buffer, L"default_mp.xex") == 0)
{
DbgPrint("Puregamer62's Offline Files - Hooked MachineID!");
Sleep(1000);
*(int*)0x826276D4 = 0x48000010;
*(int*)0x826276CC = 0x38600000;
*(int*)0x82627670 = 0x3920331C;
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x212)), (DWORD)GoldSpoofHook, false);
PatchInJump((PDWORD)(ResolveFunction("xam.xex", 0x195)), (DWORD)XeXGetModuleHandleHookk, false);
PatchInJump((PDWORD)0x81A74DB4, (DWORD)XeKeysGetKeyHook, false); //XAM
Sleep(2000);
XNotifyUI(L"Puregamer62's Offline Files - Ghosts Bypass Activated!");
}
}
}
添加完整的代码后发帖 – puregamer62