* Rewrote injector in CSharp, it also now can access exported functions of the DLL to call shutdown on old injection & initialize the new one with data (in this case, path to the injector directory). This should also fix false positive issues with Windows Defender.

* Added very basic serialization of the custom json path. Config data stored in injector directory. Default json path is now the injector directory.

* Rewrote the dump function to now use structs instead of mlp_groupUpdateAddress. Now gets more data, including info on all the variants in a custom game and all the maps in each variant.

* Renamed many classes to follow the same naming convention

Author: Burnt-o

CSInjector/CSInjector - Backup.csproj

@@ -0,0 +1,12 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <BaseOutputPath>$(SolutionDir)$(Platform)\$(Configuration)\</BaseOutputPath>
+    <PlatformTarget>x64</PlatformTarget>
+  </PropertyGroup>
+
+</Project>

CSInjector/CSInjector.csproj

@@ -0,0 +1,13 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <BaseOutputPath>$(SolutionDir)x64\</BaseOutputPath>
+    <PlatformTarget>x64</PlatformTarget>
+    <AllowUnsafeBlocks>True</AllowUnsafeBlocks>
+  </PropertyGroup>
+
+</Project>

CSInjector/InitializationParameter.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace CSInjector
+{
+    // Important - the injected DLL must have a definition of this same struct that has the exact same order and size of struct members
+    // Any types that are stored as pointers will not work either, so strings are out
+
+
+    [StructLayout(LayoutKind.Sequential)]
+    public unsafe struct InitializationParameter
+    {
+        [MarshalAs(UnmanagedType.ByValTStr, SizeConst = PInvoke.MAX_PATH)]
+        public string InjectorPath;
+    }
+}
+
+

CSInjector/PInvoke.cs

@@ -0,0 +1,333 @@
+using System.Runtime.InteropServices;
+
+namespace CSInjector
+{
+    public static class PInvoke
+    {
+        [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
+        public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
+
+        [DllImport("kernel32.dll")]
+        public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, bool bInheritHandle, int dwProcessId);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern bool CloseHandle(IntPtr hThread);
+
+        [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
+        public static extern IntPtr GetModuleHandle(string lpModuleName);
+
+        [DllImport("kernel32.dll")]
+        public static extern IntPtr CreateRemoteThread(IntPtr hProcess,
+        IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
+
+        [DllImport("kernel32.dll")]
+        public static extern uint GetLastError();
+
+        [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
+        public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress,
+int dwSize, uint flAllocationType, uint flProtect);
+
+        [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
+        public static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr lpAddress,
+int dwSize, AllocationType dwFreeType);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, int dwSize, out int lpNumberOfBytesWritten);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern bool ReadProcessMemory(
+    IntPtr hProcess,
+    IntPtr lpBaseAddress,
+    [Out] byte[] lpBuffer,
+    int dwSize,
+    out IntPtr lpNumberOfBytesRead);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern bool VirtualProtectEx(IntPtr hProcess, IntPtr lpAddress,
+int dwSize, uint flNewProtect, out uint lpflOldProtect);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern UInt32 WaitForSingleObject(IntPtr hHandle, UInt32 dwMilliseconds);
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        public static extern bool GetExitCodeThread(IntPtr hThread, out uint lpExitCode);
+
+        [Flags]
+        public enum ProcessAccessFlags : uint
+        {
+            All = 0x001F0FFF,
+            Terminate = 0x00000001,
+            CreateThread = 0x00000002,
+            VirtualMemoryOperation = 0x00000008,
+            VirtualMemoryRead = 0x00000010,
+            VirtualMemoryWrite = 0x00000020,
+            DuplicateHandle = 0x00000040,
+            CreateProcess = 0x000000080,
+            SetQuota = 0x00000100,
+            SetInformation = 0x00000200,
+            QueryInformation = 0x00000400,
+            QueryLimitedInformation = 0x00001000,
+            Synchronize = 0x00100000
+        }
+
+
+        // used for memory allocation
+        public struct ALLOC_FLAGS
+        {
+            public const uint MEM_COMMIT = 0x00001000;
+            public const uint MEM_RESERVE = 0x00002000;
+            public const uint PAGE_READWRITE = 4;
+            public const uint PAGE_EXECUTE_READWRITE = 0x40;
+        }
+
+        [Flags]
+        public enum AllocationType
+        {
+            Commit = 0x1000,
+            Reserve = 0x2000,
+            Decommit = 0x4000,
+            Release = 0x8000,
+            Reset = 0x80000,
+            Physical = 0x400000,
+            TopDown = 0x100000,
+            WriteWatch = 0x200000,
+            LargePages = 0x20000000
+        }
+
+
+        public const int PAGE_READWRITE = 0x40;
+
+        public const int MAX_PATH = 260; // Max string length of a file path
+
+
+
+        [StructLayout(LayoutKind.Sequential)]
+        public struct IMAGE_DOS_HEADER
+        {
+            [MarshalAs(UnmanagedType.ByValArray, SizeConst = 2)]
+            public char[] e_magic;       // Magic number
+            public UInt16 e_cblp;    // Bytes on last page of file
+            public UInt16 e_cp;      // Pages in file
+            public UInt16 e_crlc;    // Relocations
+            public UInt16 e_cparhdr;     // Size of header in paragraphs
+            public UInt16 e_minalloc;    // Minimum extra paragraphs needed
+            public UInt16 e_maxalloc;    // Maximum extra paragraphs needed
+            public UInt16 e_ss;      // Initial (relative) SS value
+            public UInt16 e_sp;      // Initial SP value
+            public UInt16 e_csum;    // Checksum
+            public UInt16 e_ip;      // Initial IP value
+            public UInt16 e_cs;      // Initial (relative) CS value
+            public UInt16 e_lfarlc;      // File address of relocation table
+            public UInt16 e_ovno;    // Overlay number
+            [MarshalAs(UnmanagedType.ByValArray, SizeConst = 4)]
+            public UInt16[] e_res1;    // Reserved words
+            public UInt16 e_oemid;       // OEM identifier (for e_oeminfo)
+            public UInt16 e_oeminfo;     // OEM information; e_oemid specific
+            [MarshalAs(UnmanagedType.ByValArray, SizeConst = 10)]
+            public UInt16[] e_res2;    // Reserved words
+            public Int32 e_lfanew;      // File address of new exe header
+
+            private string _e_magic
+            {
+                get { return new string(e_magic); }
+            }
+
+            public bool isValid
+            {
+                get { return _e_magic == "MZ"; }
+            }
+        }
+
+        [StructLayout(LayoutKind.Sequential)]
+        public struct IMAGE_FILE_HEADER
+        {
+            public ushort Machine;
+            public ushort NumberOfSections;
+            public uint TimeDateStamp;
+            public uint PointerToSymbolTable;
+            public uint NumberOfSymbols;
+            public ushort SizeOfOptionalHeader;
+            public ushort Characteristics;
+        }
+
+        [StructLayout(LayoutKind.Sequential)]
+        public struct IMAGE_DATA_DIRECTORY
+        {
+            public uint VirtualAddress;
+            public uint Size;
+        }
+
+        [StructLayout(LayoutKind.Explicit)]
+        public struct IMAGE_OPTIONAL_HEADER64
+        {
+            [FieldOffset(0)]
+            public ushort Magic;
+
+            [FieldOffset(2)]
+            public byte MajorLinkerVersion;
+
+            [FieldOffset(3)]
+            public byte MinorLinkerVersion;
+
+            [FieldOffset(4)]
+            public uint SizeOfCode;
+
+            [FieldOffset(8)]
+            public uint SizeOfInitializedData;
+
+            [FieldOffset(12)]
+            public uint SizeOfUninitializedData;
+
+            [FieldOffset(16)]
+            public uint AddressOfEntryPoint;
+
+            [FieldOffset(20)]
+            public uint BaseOfCode;
+
+            [FieldOffset(24)]
+            public ulong ImageBase;
+
+            [FieldOffset(32)]
+            public uint SectionAlignment;
+
+            [FieldOffset(36)]
+            public uint FileAlignment;
+
+            [FieldOffset(40)]
+            public ushort MajorOperatingSystemVersion;
+
+            [FieldOffset(42)]
+            public ushort MinorOperatingSystemVersion;
+
+            [FieldOffset(44)]
+            public ushort MajorImageVersion;
+
+            [FieldOffset(46)]
+            public ushort MinorImageVersion;
+
+            [FieldOffset(48)]
+            public ushort MajorSubsystemVersion;
+
+            [FieldOffset(50)]
+            public ushort MinorSubsystemVersion;
+
+            [FieldOffset(52)]
+            public uint Win32VersionValue;
+
+            [FieldOffset(56)]
+            public uint SizeOfImage;
+
+            [FieldOffset(60)]
+            public uint SizeOfHeaders;
+
+            [FieldOffset(64)]
+            public uint CheckSum;
+
+            [FieldOffset(68)]
+            public ushort Subsystem;
+
+            [FieldOffset(70)]
+            public ushort DllCharacteristics;
+
+            [FieldOffset(72)]
+            public ulong SizeOfStackReserve;
+
+            [FieldOffset(80)]
+            public ulong SizeOfStackCommit;
+
+            [FieldOffset(88)]
+            public ulong SizeOfHeapReserve;
+
+            [FieldOffset(96)]
+            public ulong SizeOfHeapCommit;
+
+            [FieldOffset(104)]
+            public uint LoaderFlags;
+
+            [FieldOffset(108)]
+            public uint NumberOfRvaAndSizes;
+
+            [FieldOffset(112)]
+            public IMAGE_DATA_DIRECTORY ExportTable;
+
+            [FieldOffset(120)]
+            public IMAGE_DATA_DIRECTORY ImportTable;
+
+            [FieldOffset(128)]
+            public IMAGE_DATA_DIRECTORY ResourceTable;
+
+            [FieldOffset(136)]
+            public IMAGE_DATA_DIRECTORY ExceptionTable;
+
+            [FieldOffset(144)]
+            public IMAGE_DATA_DIRECTORY CertificateTable;
+
+            [FieldOffset(152)]
+            public IMAGE_DATA_DIRECTORY BaseRelocationTable;
+
+            [FieldOffset(160)]
+            public IMAGE_DATA_DIRECTORY Debug;
+
+            [FieldOffset(168)]
+            public IMAGE_DATA_DIRECTORY Architecture;
+
+            [FieldOffset(176)]
+            public IMAGE_DATA_DIRECTORY GlobalPtr;
+
+            [FieldOffset(184)]
+            public IMAGE_DATA_DIRECTORY TLSTable;
+
+            [FieldOffset(192)]
+            public IMAGE_DATA_DIRECTORY LoadConfigTable;
+
+            [FieldOffset(200)]
+            public IMAGE_DATA_DIRECTORY BoundImport;
+
+            [FieldOffset(208)]
+            public IMAGE_DATA_DIRECTORY IAT;
+
+            [FieldOffset(216)]
+            public IMAGE_DATA_DIRECTORY DelayImportDescriptor;
+
+            [FieldOffset(224)]
+            public IMAGE_DATA_DIRECTORY CLRRuntimeHeader;
+
+            [FieldOffset(232)]
+            public IMAGE_DATA_DIRECTORY Reserved;
+        }
+
+        [StructLayout(LayoutKind.Explicit)]
+        public struct IMAGE_NT_HEADERS64
+        {
+            [FieldOffset(0)]
+            public uint Signature;
+
+            [FieldOffset(4)]
+            public IMAGE_FILE_HEADER FileHeader;
+
+            [FieldOffset(24)]
+            public IMAGE_OPTIONAL_HEADER64 OptionalHeader;
+
+        
+        }
+
+        [StructLayout(LayoutKind.Sequential)]
+        public struct IMAGE_EXPORT_DIRECTORY
+        {
+            public uint Characteristics;
+            public uint TimeDateStamp;
+            public ushort MajorVersion;
+            public ushort MinorVersion;
+            public uint Name;
+            public uint Base;
+            public uint NumberOfFunctions;
+            public uint NumberOfNames;
+            public uint AddressOfFunctions;     // RVA from base of image
+            public uint AddressOfNames;     // RVA from base of image
+            public uint AddressOfNameOrdinals;  // RVA from base of image
+        }
+
+        public const uint IMAGE_NT_SIGNATURE = 0x00004550;
+
+    }
+}