From f753acfc78e1779a4e6e4908a1b66be387a30a0c Mon Sep 17 00:00:00 2001
From: HolographicHat <holographichat@outlook.com>
Date: Mon, 13 Jun 2022 12:01:50 +0800
Subject: [PATCH] packet whitelist

---
 lib/src/dllmain.cpp        | 68 ++++++++++++++++++++++++++------------
 lib/src/il2cpp-functions.h |  7 ++--
 lib/src/il2cpp-types.h     | 30 +++++++++++++----
 3 files changed, 76 insertions(+), 29 deletions(-)

diff --git a/lib/src/dllmain.cpp b/lib/src/dllmain.cpp
index 0260960..0967963 100644
--- a/lib/src/dllmain.cpp
+++ b/lib/src/dllmain.cpp
@@ -2,40 +2,65 @@
 #include "util.h"
 #include "il2cpp-init.h"
 
-using Genshin::ByteArray, std::to_string;
+using Genshin::ByteArray, Genshin::ClientKcpEvent, Genshin::KcpPacket, Genshin::KcpEventType;
+using std::to_string;
 
 HWND unityWnd = 0;
 HANDLE hPipe  = 0;
 
+std::set<UINT16> PacketWhitelist = { 109, 131, 141, 2668, 32, 17 };
+
+bool OnPacket(KcpPacket* pkt) {
+	if (pkt->data == nullptr) return true;
+	auto len = pkt->length;
+	auto data = (ByteArray*)new BYTE[len + 32];
+	data->max_length = len;
+	memcpy(data->vector, pkt->data, len);
+	Genshin::Packet_Xor(&data, len, nullptr);
+	if (ReadMapped<UINT16>(data->vector, 0) != 0x4567) {
+		delete[] data;
+		return true;
+	}
+	if (!PacketWhitelist.contains(ReadMapped<UINT16>(data->vector, 2))) {
+		#ifdef _DEBUG
+		printf("Blocked cmdid: %d\n", ReadMapped<UINT16>(data->vector, 2));
+		#endif
+		delete[] data;
+		return false;
+	}
+	if (ReadMapped<UINT16>(data->vector, 2) == 2668) {
+		auto headLength = ReadMapped<UINT16>(data->vector, 4);
+		auto dataLength = ReadMapped<UINT32>(data->vector, 6);
+		auto iStr = Genshin::Convert_ToBase64String(data, 10 + headLength, dataLength, nullptr);
+		auto cStr = IlStringToString(reinterpret_cast<Il2CppString*>(iStr)) + "\n";
+		WriteFile(hPipe, cStr.c_str(), cStr.length(), nullptr, nullptr);
+		CloseHandle(hPipe);
+		ExitProcess(0);
+	}
+	delete[] data;
+	return true;
+}
+
 namespace Hook {
 
-	std::set<UINT16> PacketWhitelist = { 109, 131, 141, 2668 };
+	int Kcp_Send(void* client, KcpPacket* pkt, void* method) {
+		return OnPacket(pkt) ? CALL_ORIGIN(Kcp_Send, client, pkt, method) : 0;
+	}
 
-	void Packet_Xor(ByteArray** src, int len, MethodInfo* m) {
-		auto data = (ByteArray*)new BYTE[len + 32];
-		data->max_length = len;
-		memcpy(data->vector, (*src)->vector, len);
-		if (ReadMapped<UINT16>(data->vector, 0) != 0x4567) {
-			CALL_ORIGIN(Packet_Xor, &data, len, m);
+	bool Kcp_Recv(void* client, ClientKcpEvent* evt, void* method) {
+		auto result = CALL_ORIGIN(Kcp_Recv, client, evt, method);
+		if (result == 0 || evt->fields.type != KcpEventType::EventRecvMsg) {
+			return result;
 		}
-		if (ReadMapped<UINT16>(data->vector, 2) == 2668) {
-			auto headLength = ReadMapped<UINT16>(data->vector, 4);
-			auto dataLength = ReadMapped<UINT32>(data->vector, 6);
-			auto iStr = Genshin::Convert_ToBase64String(data, 10 + headLength, dataLength, nullptr);
-			auto cStr = IlStringToString(reinterpret_cast<Il2CppString*>(iStr)) + "\n";
-			WriteFile(hPipe, cStr.c_str(), cStr.length(), nullptr, nullptr);
-			CloseHandle(hPipe);
-			ExitProcess(0);
-		}
-		delete[] data;
-		CALL_ORIGIN(Packet_Xor, src, len, m);
-		return;
+		return OnPacket(evt->fields.packet) ? result : false;
 	}
 }
 
 void Run(HMODULE* phModule) {
+	#ifdef _DEBUG
 	AllocConsole();
 	freopen_s((FILE**)stdout, "CONOUT$", "w", stdout);
+	#endif
 	while (
 		GetModuleHandle("UserAssembly.dll") == nullptr ||
 		(unityWnd = FindMainWindowByPID(GetCurrentProcessId())) == 0
@@ -43,7 +68,8 @@ void Run(HMODULE* phModule) {
 		Sleep(1000);
 	}
 	InitIL2CPP();
-	HookManager::install(Genshin::Packet_Xor, Hook::Packet_Xor);
+	HookManager::install(Genshin::Kcp_Send, Hook::Kcp_Send);
+	HookManager::install(Genshin::Kcp_Recv, Hook::Kcp_Recv);
 	hPipe = CreateFile(R"(\\.\pipe\YaeAchievementPipe)", GENERIC_WRITE, 0, nullptr, OPEN_EXISTING, 0, nullptr);
 	if (hPipe == INVALID_HANDLE_VALUE) {
 		Win32ErrorDialog(1001);
diff --git a/lib/src/il2cpp-functions.h b/lib/src/il2cpp-functions.h
index dc2cc47..a8c7186 100644
--- a/lib/src/il2cpp-functions.h
+++ b/lib/src/il2cpp-functions.h
@@ -1,4 +1,7 @@
 using namespace Genshin;
 
-DO_APP_FUNC(0x04E9B0A0, String*, Convert_ToBase64String, (ByteArray* value, INT32 offset, INT32 length, MethodInfo* method));
-DO_APP_FUNC(0x015913C0, void, Packet_Xor, (ByteArray** data, INT32 length, MethodInfo* method));
+DO_APP_FUNC(0x04E9B0A0, String*, Convert_ToBase64String, (ByteArray* value, int offset, int length, void* method));
+DO_APP_FUNC(0x015913C0, void, Packet_Xor, (ByteArray** data, int length, void* method));
+
+DO_APP_FUNC(0x016F70C0, int, Kcp_Send, (void* client, KcpPacket* pkt, void* method));
+DO_APP_FUNC(0x02AB08D0, bool, Kcp_Recv, (void* client, ClientKcpEvent* evt, void* method));
diff --git a/lib/src/il2cpp-types.h b/lib/src/il2cpp-types.h
index 1304fdd..fa81354 100644
--- a/lib/src/il2cpp-types.h
+++ b/lib/src/il2cpp-types.h
@@ -2358,11 +2358,29 @@ namespace Genshin {
         uint8_t vector[32];
     };
 
-    struct __declspec(align(8)) IMessage_Fields {};
-
-    struct IMessage {
-        void* klass;
-        void* monitor;
-        struct IMessage_Fields fields;
+    struct KcpPacket {
+        BYTE* data;
+        UINT32 length;
     };
+
+    enum class KcpEventType : int {
+        EventNotSet = -1,
+        EventConnect = 0,
+        EventConnectFailed = 1,
+        EventDisconnect = 2,
+        EventRecvMsg = 3,
+        EventCount = 4,
+    };
+
+    struct KcpEvent_Fields {
+        KcpEventType type;
+        UINT32 token;
+        UINT32 data;
+        struct KcpPacket* packet;
+    };
+
+    struct ClientKcpEvent {
+        struct KcpEvent_Fields fields;
+    };
+
 }