/
PlayerProxy.go
128 lines (115 loc) · 3.81 KB
/
PlayerProxy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
package main
/*
import (
"bytes"
"compress/gzip"
"context"
"crypto/tls"
"io"
"io/ioutil"
"net/http"
"os"
"regexp"
"strconv"
"strings"
"github.com/Gskartwii/roblox-dissector/peer"
)
// Requires you to patch the player with memcheck bypass and rbxsig ignoring! But it could work...
func captureFromPlayerProxy(settings *PlayerProxySettings, captureJobContext context.Context, injectPacket chan peer.RakNetPacket, packetViewer *PacketListViewer, commContext *peer.CommunicationContext) {
transport := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
mux := http.NewServeMux()
acceptNewJoinAshx := true
proxyContext, proxyContextCancel := context.WithCancel(captureJobContext)
mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
req.URL.Host = "209.206.41.230"
req.URL.Scheme = "https"
if req.URL.Path == "/Game/Join.ashx" {
println("patching join.ashx for gzip encoding")
req.Header.Set("Accept-Encoding", "none")
}
if req.URL.Path == "/Game/Join.ashx" {
println("patching join.ashx gzip")
req.Header.Set("Accept-Encoding", "none")
}
resp, err := transport.RoundTrip(req)
//fmt.Printf("Request: %s/%s %s %v\n%s %v\n", req.Host, req.URL.String(), req.Method, req.Header, resp.Status, resp.Header)
if err != nil {
println("error:", err.Error())
return
}
if resp.StatusCode == 403 { // CSRF check fail?
req.Header.Set("X-Csrf-Token", resp.Header.Get("X-Csrf-Token"))
println("Set csrftoken:", resp.Header.Get("X-Csrf-Token"))
println("retrying")
resp, err = transport.RoundTrip(req)
//fmt.Printf("Request: %s/%s %s %v\n%s %v\n", req.Host, req.URL.String(), req.Method, req.Header, resp.Status, resp.Header)
if err != nil {
println("error:", err.Error())
return
}
}
defer resp.Body.Close()
for k, vv := range resp.Header {
for _, v := range vv {
w.Header().Add(k, v)
}
}
if req.URL.Path == "/Game/Join.ashx" && acceptNewJoinAshx {
acceptNewJoinAshx = false
w.Header().Set("Content-Encoding", "gzip")
response, err := ioutil.ReadAll(resp.Body)
if err != nil {
println("joinashx err:", err.Error())
return
}
newBuffer := bytes.NewBuffer(make([]byte, 0, len(response)))
result := regexp.MustCompile(`MachineAddress":"\d+.\d+.\d+.\d+","ServerPort":\d+`).ReplaceAll(response, []byte(`MachineAddress":"127.0.0.1","ServerPort":53640`))
args := regexp.MustCompile(`MachineAddress":"(\d+.\d+.\d+.\d+)","ServerPort":(\d+)`).FindSubmatch(response)
//println("joinashx response:", string(result))
serverAddr := string(args[1]) + ":" + string(args[2])
go captureFromInjectionProxy("127.0.0.1:53640", serverAddr, proxyContext, injectPacket, packetViewer, commContext)
compressStream := gzip.NewWriter(newBuffer)
_, err = compressStream.Write(result)
if err != nil {
println("joinashx gz w err:", err.Error())
return
}
err = compressStream.Close()
if err != nil {
println("joinashx gz close err:", err.Error())
return
}
w.Header().Set("Content-Length", strconv.Itoa(newBuffer.Len()))
w.WriteHeader(resp.StatusCode)
w.Write(newBuffer.Bytes())
} else {
//println("dumping to", "dumps/" + strings.Replace(req.URL.Path, "/", "_", -1))
dumpfile, err := os.Create("dumps/" + strings.Replace(req.URL.Path, "/", "_", -1))
if err != nil {
println("fail:", err.Error())
return
}
defer dumpfile.Close()
tee := io.TeeReader(resp.Body, dumpfile)
io.Copy(w, tee)
}
})
server := &http.Server{Addr: ":443", Handler: mux}
// HTTP listener must run on its own thread!
go func() {
err := server.ListenAndServeTLS(settings.Certfile, settings.Keyfile)
if err != nil {
println("listen err:", err.Error())
return
}
}()
go func() {
<-captureJobContext.Done()
println("closing proxy server")
server.Close()
proxyContextCancel()
}()
}
*/