Add prototypes for future hooks to be developed

DataModel::createDataModel and Http::httpGetPostWinInet

PolygonClientUtilities/Classes.h

@@ -9,6 +9,16 @@ struct DataModel
 	std::string jobId;
 };
 
+struct Http
+{
+	void* padding1[1];
+	std::string alternateUrl;
+	void* padding2[4];
+	std::string url;
+};
+
+// const auto DataModel__createDataModel = (void * (__thiscall*)(int a1, char a2))ADDRESS_DATAMODEL__CREATEDATAMODEL;
+
 struct Packet
 {
 	void* padding1[7];

PolygonClientUtilities/Config.h

@@ -1,8 +1,8 @@
 #pragma once
 
-#define PLAYER2012
+#define MFC2010
 #define PLAYERBUILD
-// #define ARBITERBUILD
+#define ARBITERBUILD
 
 // #define DEBUG_SERVERREPLICATOR__PROCESSPACKET
 
@@ -23,12 +23,15 @@
 
 #define ADDRESS_DATAMODEL__GETJOBID                0x005CACC0
 #define ADDRESS_STANDARDOUT__PRINT                 0x0059F340
-#define ADDRESS_NETWORK__RAKNETADDRESSTOSTRING     0x004FC1A0
+// #define ADDRESS_NETWORK__RAKNETADDRESSTOSTRING     0x004FC1A0
 #define ADDRESS_HTTP__TRUSTCHECK                   0x005A2680
 #define ADDRESS_CRYPT__VERIFYSIGNATUREBASE64       0x0079ECF0
 #define ADDRESS_SERVERREPLICATOR__SENDTOP          0x00506910
 #define ADDRESS_SERVERREPLICATOR__PROCESSPACKET    0x00507420
 #define ADDRESS_SERVERREPLICATOR__PROCESSTICKET    0x0
+#define ADDRESS_DATAMODEL__CREATEDATAMODEL         0x005DC150
+#define ADDRESS_GAME__CONSTRUCT                    0x0047DBF0
+#define ADDRESS_HTTP_HTTPGETPOSTWININET            0x006A9210
 
 // MFC specific definitions
 #define CLASSLOCATION_CROBLOXAPP                   0x00BFF898

PolygonClientUtilities/DebugDatamodel.cpp

@@ -0,0 +1,22 @@
+#include "pch.h"
+#include "DebugDatamodel.h"
+
+DataModel__createDataModel_t DataModel__createDataModel = (DataModel__createDataModel_t)0; // ADDRESS_DATAMODEL__CREATEDATAMODEL;
+
+int  __fastcall DataModel__createDataModel_hook(int, int, int, bool startHeartbeat)
+{
+	printf("DataModel::createDataModel called\n");
+
+	printf("Value of startHeartbeat: %#010x\n", startHeartbeat);
+
+	return DataModel__createDataModel(startHeartbeat);
+}
+
+/* DataModel__createDataModel_t DataModel__createDataModel = (DataModel__createDataModel_t)ADDRESS_GAME__CONSTRUCT;
+
+int __fastcall DataModel__createDataModel_hook(int _this)
+{
+	printf("Game::Game called\n");
+	printf("Value of _this: %#010X\n", _this);
+	return DataModel__createDataModel(_this);
+} */

PolygonClientUtilities/DebugDatamodel.h

@@ -0,0 +1,12 @@
+#pragma once
+
+#include "Classes.h"
+
+typedef int (__thiscall* DataModel__createDataModel_t)(bool startHeartbeat);
+int __fastcall DataModel__createDataModel_hook(int, int, int, bool startHeartbeat);
+extern DataModel__createDataModel_t DataModel__createDataModel;
+
+// Game::Game
+/* typedef int(__thiscall* DataModel__createDataModel_t)(int _this);
+int __fastcall DataModel__createDataModel_hook(int _this);
+extern DataModel__createDataModel_t DataModel__createDataModel; */

PolygonClientUtilities/MFCCommandLine.cpp

@@ -24,6 +24,12 @@ BOOL __fastcall CRobloxApp__InitInstance_hook(CRobloxApp* _this)
         CApp__RobloxAuthenticate(app, nullptr, authenticationUrl.c_str(), authenticationTicket.c_str());
     }
 
+    // DataModel* datamodel = reinterpret_cast<DataModel*>(CLASSLOCATION_CAPP);
+
+    // printf("Attempting to create DataModel...\n");
+    // char* v27;
+    // DataModel__createDataModel((int)&v27, 1);
+
 #ifdef PLAYERBUILD
     if (hasJoinArg && !joinScriptUrl.empty())
     {

PolygonClientUtilities/PolygonClientUtilities.vcxproj

@@ -161,10 +161,12 @@
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClInclude Include="Config.h" />
+    <ClInclude Include="DebugDatamodel.h" />
     <ClInclude Include="MFCCommandLine.h" />
     <ClInclude Include="PlayerCommandLine.h" />
     <ClInclude Include="RCCOutput.h" />
     <ClInclude Include="ReplicatorSecurity.h" />
+    <ClInclude Include="TestHttpGetPost.h" />
     <ClInclude Include="TrustCheck.h" />
     <ClInclude Include="LUrlParser.h" />
     <ClInclude Include="Patches.h" />
@@ -175,6 +177,7 @@
     <ClInclude Include="VerifySignatureBase64.h" />
   </ItemGroup>
   <ItemGroup>
+    <ClCompile Include="DebugDatamodel.cpp" />
     <ClCompile Include="dllmain.cpp" />
     <ClCompile Include="MFCCommandLine.cpp" />
     <ClCompile Include="LUrlParser.cpp">
@@ -192,6 +195,7 @@
     <ClCompile Include="RCCOutput.cpp" />
     <ClCompile Include="ReplicatorSecurity.cpp" />
     <ClCompile Include="Hooks.cpp" />
+    <ClCompile Include="TestHttpGetPost.cpp" />
     <ClCompile Include="TrustCheck.cpp" />
     <ClCompile Include="Util.cpp" />
     <ClCompile Include="VerifySignatureBase64.cpp" />

PolygonClientUtilities/PolygonClientUtilities.vcxproj.filters

@@ -60,6 +60,12 @@
     <ClInclude Include="RCCOutput.h">
       <Filter>Header Files\Hooks</Filter>
     </ClInclude>
+    <ClInclude Include="DebugDatamodel.h">
+      <Filter>Header Files\Hooks</Filter>
+    </ClInclude>
+    <ClInclude Include="TestHttpGetPost.h">
+      <Filter>Header Files\Hooks</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="dllmain.cpp">
@@ -98,5 +104,11 @@
     <ClCompile Include="RCCOutput.cpp">
       <Filter>Source Files\Hooks</Filter>
     </ClCompile>
+    <ClCompile Include="DebugDatamodel.cpp">
+      <Filter>Source Files\Hooks</Filter>
+    </ClCompile>
+    <ClCompile Include="TestHttpGetPost.cpp">
+      <Filter>Source Files\Hooks</Filter>
+    </ClCompile>
   </ItemGroup>
 </Project>

PolygonClientUtilities/TestHttpGetPost.cpp

@@ -0,0 +1,58 @@
+#include "pch.h"
+#include "TestHttpGetPost.h"
+#include "Util.h"
+#include "LUrlParser.h"
+
+Http_httpGetPostWinInet_t Http_httpGetPostWinInet = (Http_httpGetPostWinInet_t)ADDRESS_HTTP_HTTPGETPOSTWININET;
+
+void __fastcall Http_httpGetPostWinInet_hook(Http* _this, void*, bool isPost, int a3, bool compressData, LPCSTR additionalHeaders, int a6)
+{
+	printf("Http::httpGetPostWinInet called\n");
+	// printf("Value of isPost: %d\n", isPost);
+	// printf("Value of compressData: %d\n", compressData);
+	// printf("Value of additionalHeaders: %s\n", additionalHeaders);
+	// throw std::runtime_error("Jay coleman detected");
+
+	/* printf("Length of url: %d\n", *(int*)((int)_this + 60));
+	printf("Length of url 2: %d\n", _this->url.size());
+	printf("Length of alternateUrl: %d\n", _this->alternateUrl.size());
+
+	printf("\n");
+
+	printf("Location of _this+20: %08X\n", (int)_this);
+	printf("Location of _this->alternateUrl: %p\n", &_this->alternateUrl);
+
+	printf("\n");
+
+	printf("Location of _this+40: %08X\n", (int)_this + 40);
+	printf("Location of _this->url: %p\n", &_this->url);
+
+	printf("\n"); */
+
+	printf("Requested url: %s\n", _this->url.c_str());
+
+	LUrlParser::ParseURL parsedUrl = LUrlParser::ParseURL::parseURL(_this->url);
+	std::string urlPath = Util::toLower(parsedUrl.path_);
+	
+	if (parsedUrl.host_ == "roblox.com" || parsedUrl.host_ == "www.roblox.com")
+	{
+		if (urlPath == "asset" || urlPath == "asset/" || urlPath == "asset/default.ashx")
+		{
+			std::string assetUrl = "https://assetdelivery.roblox.com/v1/asset/?" + parsedUrl.query_;
+			printf("Should swap URL with: %s\n", assetUrl.c_str());
+
+			// yep... same access violation i got in polygonutil.dll..........
+			// yaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaayyyyyyyyyyyyyyyyyyyyyy
+			_this->url = assetUrl;
+		}
+	}
+
+	// printf("Host: %s\n", parsedUrl.host_.c_str());
+	// printf("Path: %s\n", parsedUrl.path_.c_str());
+	// printf("Query: %s\n", parsedUrl.query_.c_str());
+	// printf("Fragment: %s\n", parsedUrl.fragment_.c_str());
+
+	printf("\n");
+
+	Http_httpGetPostWinInet(_this, isPost, a3, compressData, additionalHeaders, a6);
+}

PolygonClientUtilities/TestHttpGetPost.h

@@ -0,0 +1,7 @@
+#pragma once
+
+#include "Classes.h"
+
+typedef void (__thiscall* Http_httpGetPostWinInet_t)(Http* _this, bool isPost, int a3, bool compressData, LPCSTR additionalHeaders, int a6);
+void __fastcall Http_httpGetPostWinInet_hook(Http* _this, void*, bool isPost, int a3, bool compressData, LPCSTR additionalHeaders, int a6);
+extern Http_httpGetPostWinInet_t Http_httpGetPostWinInet;

PolygonClientUtilities/Util.cpp

@@ -61,4 +61,11 @@ bool Util::isASCII(const std::string& s)
     return !std::any_of(s.begin(), s.end(), [](char c) {
         return static_cast<unsigned char>(c) > 127;
     });
+}
+
+// https://stackoverflow.com/questions/313970/how-to-convert-an-instance-of-stdstring-to-lower-case
+std::string Util::toLower(std::string s)
+{
+    std::transform(s.begin(), s.end(), s.begin(), [](unsigned char c) { return std::tolower(c); });
+    return s;
 }

PolygonClientUtilities/Util.h

@@ -11,4 +11,5 @@ public:
     static std::vector<std::string> split(std::string s, std::string delimiter);
     static std::map<std::string, std::string> parseArgs(std::string args);
     static bool isASCII(const std::string& s);
+    static std::string toLower(std::string s);
 };

PolygonClientUtilities/dllmain.cpp

@@ -1,8 +1,10 @@
 #include "pch.h"
 #include "Config.h"
 #include "Patches.h"
-// #include "RobloxMFCHooks.h"
+//#include "RobloxMFCHooks.h"
 
+// #include "DebugDatamodel.h"
+// #include "TestHttpGetPost.h"
 #include "TrustCheck.h"
 #include "VerifySignatureBase64.h"
 
@@ -23,6 +25,9 @@
 #endif
 
 START_PATCH_LIST()
+// ADD_PATCH(Http_httpGetPostWinInet, Http_httpGetPostWinInet_hook)
+// ADD_PATCH(DataModel__createDataModel, DataModel__createDataModel_hook)
+
 ADD_PATCH(Http__trustCheck, Http__trustCheck_hook)
 ADD_PATCH(Crypt__verifySignatureBase64, Crypt__verifySignatureBase64_hook)