Need Help With This Link Error

teir1plus2 (1)
i'm a beginner at c++ and was trying to fix errors in this script that was released but the creator left the errors on purpose so leeches can't steal it. what he said i had to do is define the functions and fix the errors. i did that so now visual studio will compile the file but when it goes to link it i get these errors:

2>xapilibd.lib(xapi0.obj) : error LNK2019: unresolved external symbol main referenced in function mainCRTStartup
2>Debug\xextest.exe : fatal error LNK1120: 1 unresolved externals

the script:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
 
#include "stdafx.h"

#define XeCryptHmacSha
#define XeCryptRc4Key
#define XeCryptRc4Ecb
#define DbgPrint
#define XBOX_KRNL
#define resolveFunct
#define HalReturnToFirmware
#define MmGetPhysicalAddress
#define XECRYPT_RC4_STATE
#define rc4
#define patchInJump

BOOL DecryptChallenge(BYTE* data, DWORD fileSize);
DWORD XeKeysExecuteHook(BYTE* chalData, DWORD size, BYTE* HVSalt, UINT64 krnlBuild, UINT64 r7, UINT64 r8);
void patchPhysicalAddr();

typedef DWORD (*XEKEYSEXECUTE)(BYTE* chalData, DWORD size, BYTE* HVSalt, UINT64 krnlBuild, UINT64 r7, UINT64 r8);
// Catching call to XeKeysExecute in XAM
// Directing it to this function instead of actual Kernel function
DWORD XeKeysExecuteHook(BYTE* chalData, DWORD size, BYTE* HVSalt, UINT64 krnlBuild, UINT64 r7, UINT64 r8)
{
                XEKEYSEXECUTE XeKeysExecute = (XEKEYSEXECUTE)resolveFunct(XBOX_KRNL 607);
            SYSTEMTIME LocalSysTime;
                GetLocalTime( &LocalSysTime );
                DbgPrint("Entering Xbox Live Challenge hook\n");
                DbgPrint("SystemTime: %d-%d-%d\t%d:%d:%d\n", LocalSysTime.wMonth, LocalSysTime.wDay,LocalSysTime.wYear, LocalSysTime.wHour, LocalSysTime.wMinute, LocalSysTime.wSecond);
                DbgPrint("r3 = 0x%08X, r4 = 0x%08X, r5 = 0x%08X\n",
                                chalData, size, HVSalt);
                DbgPrint("r6 = 0x%016I64X, r7 = 0x%016I64X, r8 = 0x%016I64X\n",
                                krnlBuild, r7, r8);

                // Decrypt the challenge data
                // Seems to share the same header as a bootloader
                // char[2] Magic
                // short Version
                // int Flags
                // int EntryPoint
                // int Size
                // byte[0x10] HMAC Hash -> RC4 Key
                DWORD dataSize = *(DWORD*)(chalData + 0xC);
                if(!DecryptChallenge(chalData, dataSize))
                {
                                DbgPrint("Error decrypting challenge  :(\n");
                                HalReturnToFirmware(6);
                }

                // Create HV Salt file
                HANDLE hvSalt = CreateFile("hdd:\\XeKeysExecute_HVSalt.bin", GENERIC_WRITE,
                FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
                if( hvSalt == INVALID_HANDLE_VALUE)
                {
                                DbgPrint("Error Creating HV Salt File\n");
                                HalReturnToFirmware(6);
                }
                DbgPrint("File Created\n");

                // Get the HV salt
                DWORD saltOut = 0;
                if (WriteFile( hvSalt, HVSalt, 0x10, &saltOut, NULL))
                                DbgPrint("Saved HV Salt\n");
                else DbgPrint("Could not save HV Salt  :(\n");

                // Close our HV Salt handle
                CloseHandle( hvSalt );

                DbgPrint("Dumping resp\n");
                // Execute the challenge
                BYTE* physSalt = (BYTE*)MmGetPhysicalAddress(HVSalt); // Do what we patched
                XeKeysExecute(chalData, size, physSalt, krnlBuild, r7, r8); // go to actual kernel function

                HANDLE chalResp = CreateFile("hdd:\\XeKeysExecute_resp.bin", GENERIC_WRITE,
                FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
                if( chalResp == INVALID_HANDLE_VALUE)
                {
                                DbgPrint("Error Creating Response File\n");
                                HalReturnToFirmware(6);
                }
                DbgPrint("Response File Created\n");

                // Save the challenge response
                DWORD respOut = 0;
                if (WriteFile( chalResp, chalData, size, &respOut, NULL))
                                DbgPrint("Saved response data\n");
                else DbgPrint("Could not save response data  :(\n");

                // Close our challange response dump
                CloseHandle( chalResp );          

                // We dumped the challange data -> reboot
                DbgPrint("Dumped Challenge - Rebooting System\n");
                HalReturnToFirmware(6);
                return (0);
}

void patchPhysicalAddr()
{
                DbgPrint("Patching MmGetPhysicalAddress in challenge function so we can grab the HV Salt\n");
                UINT32* addr = (UINT32*)(0x81677EE4); // 14719
                addr[0] = 0x60000000;
}

BOOL DecryptChallenge(BYTE* data, DWORD fileSize)
{
                DbgPrint("Decrypting XeKeysExecute Challenge Data\n");
                XECRYPT_RC4_STATE; rc4;
                BYTE* decChalData = (BYTE*)XPhysicalAlloc(fileSize, MAXULONG_PTR, 0, PAGE_READWRITE);
                memcpy(decChalData, data, fileSize);
                BYTE* rc4Key = (BYTE*)XPhysicalAlloc(0x10, MAXULONG_PTR, 0, PAGE_READWRITE);
                BYTE key[0x10] = {0xDD, 0x88, 0xAD, 0x0C, 0x9E, 0xD6, 0x69, 0xE7, 0xB5, 0x67, 0x94, 0xFB, 0x68, 0x56, 0x3E, 0xFA}; // found in HV
                XeCryptHmacSha((BYTE*)key, 0x10, decChalData + 0x10, 0x10, 0, 0, 0, 0, rc4Key, 0x10);
                XeCryptRc4Key(&rc4 rc4Key, 0x10);
                XeCryptRc4Ecb(&rc4 decChalData + 0x20, fileSize - 0x20);
                HANDLE hFile;
                DWORD size;
                hFile = CreateFile("hdd:\\XeKeysExecute_chalData_dec.bin", GENERIC_WRITE,
                                FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
                if( hFile != INVALID_HANDLE_VALUE)
                {
                                DbgPrint("Created Challenge File\n");
                                if(WriteFile(hFile, decChalData, fileSize, &size, NULL))
                                {
                                                CloseHandle(hFile);
                                                XPhysicalFree(decChalData);
                                                XPhysicalFree(rc4Key);
                                                DbgPrint("Decrypted challenge data saved\n");
                                                return true;
                                }
                                else
                                                return false;
                }
				patchPhysicalAddr();
				patchInJump((PDWORD)(0x81A30364), (DWORD)XeKeysExecuteHook, false);
}


it is for xbox by the way.
Moschops (7244)
A C++ program starts running at the function named main. You have no such function. You could compile the above as a library if you just want to be able to call these functions from your code.

Also, it's not a script. C++ programs are compiled, not interpreted.
Last edited on
Topic archived. No new replies allowed.