Resolved False Positive Antivirus Alerts

Author: hotline1337

R3nzSkin_Injector/Injector.cpp

@@ -10,6 +10,7 @@
 
 #include "Injector.hpp"
 #include "R3nzUI.hpp"
+#include "xorstr.hpp"
 #include "lazy_importer.hpp"
 
 using namespace System;
@@ -18,6 +19,8 @@ using namespace System::Threading;
 using namespace System::Globalization;
 using namespace System::Net;
 
+#define xor_clrstr_w(x) msclr::interop::marshal_as<String^>(static_cast<std::wstring>(_XorStrW(x)))
+
 proclist_t WINAPI Injector::findProcesses(const std::wstring& name) noexcept
 {
 	auto process_snap{ LI_FN(CreateToolhelp32Snapshot)(TH32CS_SNAPPROCESS, 0) };
@@ -57,7 +60,7 @@ bool WINAPI Injector::isInjected(const std::uint32_t pid) noexcept
 		for (auto i{ 0u }; i < (cbNeeded / sizeof(HMODULE)); ++i) {
 			TCHAR szModName[MAX_PATH];
 			if (LI_FN(K32GetModuleBaseNameW)(hProcess, hMods[i], szModName, sizeof(szModName) / sizeof(TCHAR))) {
-				if (std::wcscmp(szModName, L"R3nzSkin.dll") == 0) {
+				if (std::wcscmp(szModName, _XorStrW(L"R3nzSkin.dll")) == 0) {
 					LI_FN(CloseHandle)(hProcess);
 					return true;
 				}
@@ -89,10 +92,10 @@ bool WINAPI Injector::inject(const std::uint32_t pid) noexcept
 	if (delta > 0)
 		std::this_thread::sleep_for(std::chrono::seconds(delta));
 
-	const auto dll_path{ std::wstring(current_dir) + L"\\R3nzSkin.dll" };
+	const auto dll_path{ std::wstring(current_dir) + _XorStrW(L"\\R3nzSkin.dll") };
 
 	if (const auto f{ std::ifstream(dll_path) }; !f.is_open()) {
-		LI_FN(MessageBoxW)(nullptr, L"R3nzSkin.dll file could not be found.\nTry reinstalling the cheat.", L"R3nzSkin", MB_ICONERROR | MB_OK);
+		LI_FN(MessageBoxW)(nullptr, _XorStrW(L"R3nzSkin.dll file could not be found.\nTry reinstalling the cheat."), _XorStrW(L"R3nzSkin"), MB_ICONERROR | MB_OK);
 		LI_FN(CloseHandle)(handle);
 		return false;
 	}
@@ -111,7 +114,7 @@ bool WINAPI Injector::inject(const std::uint32_t pid) noexcept
 	}
 
 	HANDLE thread{};
-	LI_FN(NtCreateThreadEx).nt_cached()(&thread, GENERIC_ALL, nullptr, handle, reinterpret_cast<LPTHREAD_START_ROUTINE>(LI_FN(GetProcAddress).get()(LI_FN(GetModuleHandleW).get()(L"kernel32.dll"), "LoadLibraryW")), dll_path_remote, FALSE, NULL, NULL, NULL, NULL);
+	LI_FN(NtCreateThreadEx).nt_cached()(&thread, GENERIC_ALL, nullptr, handle, reinterpret_cast<LPTHREAD_START_ROUTINE>(LI_FN(GetProcAddress).get()(LI_FN(GetModuleHandleW).get()(_XorStrW(L"kernel32.dll")), _XorStr("LoadLibraryW"))), dll_path_remote, FALSE, NULL, NULL, NULL, nullptr);
 
 	if (!thread || thread == INVALID_HANDLE_VALUE) {
 		LI_FN(VirtualFreeEx).get()(handle, dll_path_remote, 0u, MEM_RELEASE);
@@ -131,7 +134,7 @@ void WINAPI Injector::enableDebugPrivilege() noexcept
 	HANDLE token{};
 	if (OpenProcessToken(LI_FN(GetCurrentProcess).get()(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &token)) {
 		LUID value;
-		if (LookupPrivilegeValueW(nullptr, SE_DEBUG_NAME, &value)) {
+		if (LookupPrivilegeValueW(nullptr, _XorStrW(SE_DEBUG_NAME), &value)) {
 			TOKEN_PRIVILEGES tp{};
 			tp.PrivilegeCount = 1;
 			tp.Privileges[0].Luid = value;
@@ -147,58 +150,58 @@ void Injector::autoUpdate()
 	auto client = gcnew WebClient();
 	ServicePointManager::Expect100Continue = true;
 	ServicePointManager::SecurityProtocol = SecurityProtocolType::Tls12;
-	client->Headers->Add(L"User-Agent", L"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0");
+	client->Headers->Add(xor_clrstr_w(L"User-Agent"), xor_clrstr_w(L"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"));
 
 	try
 	{
-		auto json = msclr::interop::marshal_as<std::string>(client->DownloadString(L"https://api.github.com/repos/R3nzTheCodeGOD/R3nzSkin/releases/latest"));
-		std::regex tagnameRegex("\"tag_name\"\\s*:\\s*\"([^\"]+)");
-		std::regex urlRegex("\"browser_download_url\"\\s*:\\s*\"([^\"]+)");
-		std::regex dateRegex("\"created_at\"\\s*:\\s*\"([^\"]+)");
+		auto json = msclr::interop::marshal_as<std::string>(client->DownloadString(xor_clrstr_w(L"https://api.github.com/repos/R3nzTheCodeGOD/R3nzSkin/releases/latest")));
+		std::regex tagnameRegex(_XorStr("\"tag_name\"\\s*:\\s*\"([^\"]+)"));
+		std::regex urlRegex(_XorStr("\"browser_download_url\"\\s*:\\s*\"([^\"]+)"));
+		std::regex dateRegex(_XorStr("\"created_at\"\\s*:\\s*\"([^\"]+)"));
 
 		if (std::smatch tagnameMatch; std::regex_search(json, tagnameMatch, tagnameRegex))
 		{
 			auto version = gcnew String(tagnameMatch[1].str().c_str());
 			if (std::smatch dateMatch; std::regex_search(json, dateMatch, dateRegex))
 			{
-				if (!System::IO::File::Exists(L"R3nzSkin.dll"))
+				if (!System::IO::File::Exists(xor_clrstr_w(L"R3nzSkin.dll")))
 				{
-					throw gcnew Exception(L"Failed to find R3nzSkin.dll in the current directory");
+					throw gcnew Exception(xor_clrstr_w(L"Failed to find R3nzSkin.dll in the current directory"));
 				}
-				auto date_of_github_release = DateTime::ParseExact(gcnew String(dateMatch[1].str().c_str()), L"yyyy-MM-ddTHH:mm:ssZ", CultureInfo::InvariantCulture).ToString(L"dd.MM.yyyy HH:00");
-				auto date_of_current_release = System::IO::File::GetLastWriteTime(L"R3nzSkin.dll").ToString(L"dd.MM.yyyy HH:00");
+				const auto date_of_github_release = DateTime::ParseExact(gcnew String(dateMatch[1].str().c_str()), xor_clrstr_w(L"yyyy-MM-ddTHH:mm:ssZ"), CultureInfo::InvariantCulture).ToString(xor_clrstr_w(L"dd.MM.yyyy HH:00"));
+				const auto date_of_current_release = System::IO::File::GetLastWriteTime(xor_clrstr_w(L"R3nzSkin.dll")).ToString(xor_clrstr_w(L"dd.MM.yyyy HH:00"));
 				if (date_of_current_release != date_of_github_release)
 				{
-					auto date_of_github_release_class = DateTime::ParseExact(date_of_github_release, L"dd.MM.yyyy HH:00", CultureInfo::InvariantCulture);
-					auto date_of_current_release_class = DateTime::ParseExact(date_of_current_release, L"dd.MM.yyyy HH:00", CultureInfo::InvariantCulture);
+					const auto date_of_github_release_class = DateTime::ParseExact(date_of_github_release, xor_clrstr_w(L"dd.MM.yyyy HH:00"), CultureInfo::InvariantCulture);
+					const auto date_of_current_release_class = DateTime::ParseExact(date_of_current_release, xor_clrstr_w(L"dd.MM.yyyy HH:00"), CultureInfo::InvariantCulture);
 					if (date_of_current_release_class > date_of_github_release_class)
 					{
 						return;
 					}
 
-					auto result = MessageBox::Show(L"New version is available on GitHub\nWould you like to download it now?", L"R3nzSkin", MessageBoxButtons::YesNo, MessageBoxIcon::Information);
+					const auto result = MessageBox::Show(xor_clrstr_w(L"New version is available on GitHub\nWould you like to download it now?"), xor_clrstr_w(L"R3nzSkin"), MessageBoxButtons::YesNo, MessageBoxIcon::Information);
 					if (result == DialogResult::Yes)
 					{
 						if (std::smatch urlMatch; std::regex_search(json, urlMatch, urlRegex))
 						{
 							auto url = gcnew String(urlMatch[1].str().c_str());
-							auto file = String::Format(L"R3nzSkin_{0}.zip", version);
+							auto file = String::Format(xor_clrstr_w(L"R3nzSkin_{0}.zip"), version);
 							client->DownloadFile(url, file);
 
-							System::IO::Compression::ZipFile::ExtractToDirectory(file, L"R3nzSkin");
+							System::IO::Compression::ZipFile::ExtractToDirectory(file, xor_clrstr_w(L"R3nzSkin"));
 							System::IO::File::Delete(file);
-							System::IO::File::Delete(L"R3nzSkin.dll");
-							System::IO::File::Move(L"R3nzSkin\\R3nzSkin_Injector.exe", String::Format(L"R3nzSkin_Injector_{0}.exe", version));
-							System::IO::File::Move(L"R3nzSkin\\R3nzSkin.dll", L"R3nzSkin.dll");
-							System::IO::Directory::Delete(L"R3nzSkin");
+							System::IO::File::Delete(xor_clrstr_w(L"R3nzSkin.dll"));
+							System::IO::File::Move(xor_clrstr_w(L"R3nzSkin\\R3nzSkin_Injector.exe"), String::Format(xor_clrstr_w(L"R3nzSkin_Injector_{0}.exe"), version));
+							System::IO::File::Move(xor_clrstr_w(L"R3nzSkin\\R3nzSkin.dll"), xor_clrstr_w(L"R3nzSkin.dll"));
+							System::IO::Directory::Delete(xor_clrstr_w(L"R3nzSkin"));
 
 							auto process_info = gcnew System::Diagnostics::ProcessStartInfo();
-							process_info->Arguments = L"/C choice /C Y /N /D Y /T 1 & del \"" + System::Diagnostics::Process::GetCurrentProcess()->MainModule->FileName + L"\"";
+							process_info->Arguments = xor_clrstr_w(L"/C choice /C Y /N /D Y /T 1 & del \"") + System::Diagnostics::Process::GetCurrentProcess()->MainModule->FileName + xor_clrstr_w(L"\"");
 							process_info->CreateNoWindow = true;
-							process_info->FileName = L"cmd.exe";
+							process_info->FileName = xor_clrstr_w(L"cmd.exe");
 							process_info->WindowStyle = System::Diagnostics::ProcessWindowStyle::Hidden;
 							System::Diagnostics::Process::Start(process_info);
-							System::Diagnostics::Process::Start(String::Format(L"R3nzSkin_Injector_{0}.exe", version));
+							System::Diagnostics::Process::Start(String::Format(xor_clrstr_w(L"R3nzSkin_Injector_{0}.exe"), version));
 
 							Environment::Exit(0);
 						}
@@ -209,7 +212,7 @@ void Injector::autoUpdate()
 	}
 	catch (Exception^ e)
 	{
-		MessageBox::Show(String::Format(L"{0} - {1}", e->Message, e->StackTrace->Substring(5)), L"R3nzSkin", MessageBoxButtons::OK, MessageBoxIcon::Error);
+		MessageBox::Show(String::Format(xor_clrstr_w(L"{0} - {1}"), e->Message, e->StackTrace->Substring(5)), xor_clrstr_w(L"R3nzSkin"), MessageBoxButtons::OK, MessageBoxIcon::Error);
 		Environment::Exit(0);
 	}
 }
@@ -218,8 +221,8 @@ void Injector::run() noexcept
 {
 	enableDebugPrivilege();
 	while (true) {
-		const auto& league_client_processes{ Injector::findProcesses(L"LeagueClient.exe") };
-		const auto& league_processes{ Injector::findProcesses(L"League of Legends.exe") };
+		const auto& league_client_processes{ Injector::findProcesses(_XorStrW(L"LeagueClient.exe")) };
+		const auto& league_processes{ Injector::findProcesses(_XorStrW(L"League of Legends.exe")) };
 
 		R3nzSkinInjector::gameState = (league_processes.size() > 0) ? true : false;
 		R3nzSkinInjector::clientState = (league_client_processes.size() > 0) ? true : false;

R3nzSkin_Injector/R3nzSkin_Injector.vcxproj

@@ -207,6 +207,7 @@
       <FileType>CppForm</FileType>
     </ClInclude>
     <ClInclude Include="resource.h" />
+    <ClInclude Include="xorstr.hpp" />
   </ItemGroup>
   <ItemGroup>
     <ResourceCompile Include="R3nzSkin_Injector.rc" />

R3nzSkin_Injector/R3nzSkin_Injector.vcxproj.filters

@@ -35,6 +35,9 @@
     <ClInclude Include="lazy_importer.hpp">
       <Filter>Source Files</Filter>
     </ClInclude>
+    <ClInclude Include="xorstr.hpp">
+      <Filter>Source Files</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <Image Include="icon.ico">