250 lines
No EOL
7 KiB
C++
250 lines
No EOL
7 KiB
C++
#include <iostream>
|
||
#include <windows.h>
|
||
#include <shellapi.h>
|
||
#include <cstdio>
|
||
#include <cstring>
|
||
#include <string>
|
||
|
||
std::string GetExeDirectory()
|
||
{
|
||
wchar_t path[MAX_PATH] = { 0 };
|
||
GetModuleFileNameW(nullptr, path, MAX_PATH);
|
||
|
||
std::wstring wpath(path);
|
||
size_t pos = wpath.rfind(L'\\');
|
||
if (pos != std::wstring::npos) {
|
||
wpath.resize(pos + 1);
|
||
}
|
||
else {
|
||
wpath.clear();
|
||
}
|
||
|
||
int size = WideCharToMultiByte(CP_UTF8, 0, wpath.c_str(), -1, nullptr, 0, nullptr, nullptr);
|
||
std::string result(size - 1, 0);
|
||
WideCharToMultiByte(CP_UTF8, 0, wpath.c_str(), -1, result.data(), size, nullptr, nullptr);
|
||
return result;
|
||
}
|
||
|
||
static std::wstring Utf8ToW(const std::string& s)
|
||
{
|
||
if (s.empty()) return {};
|
||
int n = MultiByteToWideChar(CP_UTF8, 0, s.c_str(), -1, nullptr, 0);
|
||
if (n == 0) return {};
|
||
std::wstring w(n - 1, L'\0');
|
||
MultiByteToWideChar(CP_UTF8, 0, s.c_str(), -1, w.data(), n);
|
||
return w;
|
||
}
|
||
|
||
bool isProcessRunning(const std::string& processName) {
|
||
std::string command = "tasklist | findstr " + processName;
|
||
|
||
FILE* pipe = _popen(command.c_str(), "r");
|
||
if (!pipe) {
|
||
std::cerr << "Failed to run command\n";
|
||
return false;
|
||
}
|
||
|
||
char buffer[128];
|
||
bool found = false;
|
||
while (fgets(buffer, sizeof(buffer), pipe)) {
|
||
if (strstr(buffer, processName.c_str())) {
|
||
found = true;
|
||
break;
|
||
}
|
||
}
|
||
|
||
_pclose(pipe);
|
||
|
||
return found;
|
||
}
|
||
|
||
BOOL IsRunAsAdministrator()
|
||
{
|
||
BOOL fIsRunAsAdmin = FALSE;
|
||
PSID pAdministratorsGroup = NULL;
|
||
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
|
||
|
||
if (!AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
|
||
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pAdministratorsGroup))
|
||
{
|
||
return FALSE;
|
||
}
|
||
|
||
if (!CheckTokenMembership(NULL, pAdministratorsGroup, &fIsRunAsAdmin))
|
||
{
|
||
FreeSid(pAdministratorsGroup);
|
||
return FALSE;
|
||
}
|
||
|
||
FreeSid(pAdministratorsGroup);
|
||
return fIsRunAsAdmin;
|
||
}
|
||
|
||
BOOL ElevateNow()
|
||
{
|
||
if (IsRunAsAdministrator())
|
||
return true;
|
||
|
||
WCHAR szPath[MAX_PATH];
|
||
if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
|
||
return false;
|
||
|
||
SHELLEXECUTEINFO sei = { sizeof(sei) };
|
||
sei.lpVerb = L"runas";
|
||
sei.lpFile = szPath;
|
||
sei.hwnd = NULL;
|
||
sei.nShow = SW_SHOWDEFAULT;
|
||
|
||
if (ShellExecuteEx(&sei))
|
||
exit(1);
|
||
|
||
DWORD dwError = GetLastError();
|
||
if (dwError == ERROR_CANCELLED)
|
||
return false;
|
||
|
||
return true;
|
||
}
|
||
|
||
static bool WaitForServiceDeletion(SC_HANDLE scm, const std::wstring& svcName, DWORD timeoutMs = 10000)
|
||
{
|
||
const DWORD interval = 500;
|
||
DWORD waited = 0;
|
||
std::cout << "Waiting for service deletion";
|
||
while (waited < timeoutMs) {
|
||
std::cout << ".";
|
||
SC_HANDLE h = OpenServiceW(scm, svcName.c_str(), SERVICE_QUERY_STATUS);
|
||
if (!h) {
|
||
DWORD err = GetLastError();
|
||
if (err == ERROR_SERVICE_DOES_NOT_EXIST)
|
||
return true;
|
||
}
|
||
else {
|
||
CloseServiceHandle(h);
|
||
}
|
||
Sleep(interval);
|
||
waited += interval;
|
||
}
|
||
std::cout << std::endl;
|
||
return false;
|
||
}
|
||
|
||
void verifyServiceDeletion(const std::wstring& svcName)
|
||
{
|
||
SC_HANDLE scm = OpenSCManagerW(nullptr, nullptr, SC_MANAGER_CONNECT | SC_MANAGER_CREATE_SERVICE);
|
||
if (!scm) {
|
||
std::cerr << "OpenSCManager failed: " << GetLastError() << std::endl;
|
||
exit(-1);
|
||
}
|
||
|
||
SC_HANDLE hExisting = OpenServiceW(scm, svcName.c_str(), SERVICE_STOP | DELETE | SERVICE_QUERY_STATUS | SERVICE_ENUMERATE_DEPENDENTS);
|
||
if (!hExisting)
|
||
return;
|
||
|
||
SERVICE_STATUS status{};
|
||
if (ControlService(hExisting, SERVICE_CONTROL_STOP, &status)) {
|
||
DWORD start = GetTickCount();
|
||
std::cout << "Waiting for BEService to stop";
|
||
while (status.dwCurrentState != SERVICE_STOPPED && GetTickCount() - start < 10000) {
|
||
Sleep(500);
|
||
std::cout << ".";
|
||
if (!QueryServiceStatus(hExisting, &status)) break;
|
||
}
|
||
std::cout << std::endl;
|
||
}
|
||
|
||
if (!DeleteService(hExisting)) {
|
||
DWORD err = GetLastError();
|
||
std::cerr << "DeleteService failed: " << err << std::endl;
|
||
}
|
||
CloseServiceHandle(hExisting);
|
||
|
||
if (!WaitForServiceDeletion(scm, svcName, 10000)) {
|
||
std::cerr << "Service still marked for deletion after waiting. Error 1072 may occur if you try to recreate it immediately.\n";
|
||
CloseServiceHandle(scm);
|
||
exit(-2);
|
||
}
|
||
}
|
||
|
||
|
||
int main()
|
||
{
|
||
std::cout << "EFT PvE Operator for il2cpp\n\n"
|
||
<< "Credits:\nBEService bypass - rqhz\nbattleyen't for il2cpp - Suchi96\n\n"
|
||
<< "This cheat is free on UnknownCheats.me . If you payed for it, you've been scammed!\n"
|
||
<< "此作弊程序在UnknownCheats.me上免费发布。如果您付费购买此作弊程序,您被骗了。请检举卖家。\n";
|
||
while (!ElevateNow())
|
||
{
|
||
std::cout << "This cheat requires administrator permissions to work. Press Enter to try again or close this window and run operator as administrator.\n";
|
||
system("pause");
|
||
}
|
||
Sleep(2000);
|
||
|
||
std::cout << "\nSetting up services.\n";
|
||
system("taskkill /f /im service.exe");
|
||
system("sc stop BEService");
|
||
system("sc delete BEService");
|
||
system("sc stop BEDaisy");
|
||
system("sc delete BEDaisy");
|
||
|
||
std::string exeDir = GetExeDirectory();
|
||
std::wstring svcName = L"BEService";
|
||
std::wstring svcDisplay = L"BattlEye Service";
|
||
std::wstring svcExePathW = Utf8ToW(exeDir) + L"service.exe";
|
||
|
||
verifyServiceDeletion(svcName);
|
||
|
||
SC_HANDLE scm = OpenSCManagerW(nullptr, nullptr, SC_MANAGER_CONNECT | SC_MANAGER_CREATE_SERVICE);
|
||
if (!scm) {
|
||
std::cerr << "OpenSCManager failed: " << GetLastError() << std::endl;
|
||
exit(-1);
|
||
}
|
||
SC_HANDLE hNew = CreateServiceW(
|
||
scm,
|
||
svcName.c_str(),
|
||
svcDisplay.c_str(),
|
||
SERVICE_ALL_ACCESS,
|
||
SERVICE_WIN32_OWN_PROCESS,
|
||
SERVICE_AUTO_START,
|
||
SERVICE_ERROR_NORMAL,
|
||
svcExePathW.c_str(),
|
||
nullptr,
|
||
nullptr,
|
||
nullptr,
|
||
nullptr,
|
||
nullptr);
|
||
|
||
if (!hNew) {
|
||
DWORD err = GetLastError();
|
||
std::cerr << "CreateServiceW failed: " << err << std::endl;
|
||
CloseServiceHandle(scm);
|
||
return -3;
|
||
}
|
||
|
||
if (!StartServiceW(hNew, 0, nullptr)) {
|
||
DWORD err = GetLastError();
|
||
if (err != ERROR_SERVICE_ALREADY_RUNNING) {
|
||
std::cerr << "StartServiceW failed: " << err << std::endl;
|
||
}
|
||
}
|
||
|
||
CloseServiceHandle(hNew);
|
||
CloseServiceHandle(scm);
|
||
|
||
std::cout << std::endl;
|
||
std::cout << "Spinning up Battleyen't.\n";
|
||
char* path = _strdup(GetExeDirectory().c_str());
|
||
size_t path_buf_size = strlen(path) + strlen("battleyent.exe") + 1;
|
||
path = (char*)realloc(path, path_buf_size);
|
||
if (strcat_s(path, path_buf_size, "battleyent.exe") == 0) {
|
||
system(path);
|
||
}
|
||
free(path);
|
||
|
||
std::cout << "Waiting for the game to start";
|
||
while (!isProcessRunning("EscapeFromTarkov.exe"))
|
||
{
|
||
std::cout << ".";
|
||
Sleep(500);
|
||
}
|
||
return 0;
|
||
} |