fix: variable name

feat: use random str for CA
fix: pass 0 instead of NULL
2026-04-11 13:42:03 -03:00 · 2026-04-11 13:41:55 -03:00 · 2026-04-11 13:41:33 -03:00 · 2026-04-11 13:41:18 -03:00 · 2026-04-11 13:38:51 -03:00 · 2026-04-11 13:08:25 -03:00
17 changed files with 1703 additions and 1314 deletions
@@ -22,36 +22,31 @@ jobs:
      if: ${{ github.event_name == 'push' }}
      shell: bash
      run: |
-        git fetch --tags || true
+        git fetch --tags --force
        
-        # Determine last tag and log range
-        if git describe --tags --abbrev=0 >/dev/null 2>&1; then
-            LAST_TAG=$(git describe --tags --abbrev=0)
+        if LAST_TAG=$(git describe --tags --abbrev=0 2>/dev/null); then
            RANGE="${LAST_TAG}..HEAD"
        else
            LAST_TAG="v0.1.9"
            RANGE="HEAD"
        fi
        
-        # Calculate next version
        IFS='.' read -r major minor patch <<< "${LAST_TAG#v}"
        NEW_VERSION="$major.$minor.$((patch + 1))"
-        NEW_TAG="v$NEW_VERSION"
        
-        # Log commits
        CHANGELOG=$(git log $RANGE --oneline | sed 's/^/* /')
-        [ -z "$CHANGELOG" ] && CHANGELOG="Maintenance build."
+        if [ -z "$CHANGELOG" ]; then
+          CHANGELOG="Re-run of version $NEW_VERSION or maintenance build."
+        fi
        
-        # Tag and push back to Gitea
-        git tag $NEW_TAG
-        git push origin $NEW_TAG
-        
-        # Set outputs for next steps
        echo "version-string=$NEW_VERSION" >> $GITHUB_OUTPUT
-        echo "changelog<<EOF" >> $GITHUB_OUTPUT
-        echo "## What's Changed" >> $GITHUB_OUTPUT
-        echo "$CHANGELOG" >> $GITHUB_OUTPUT
-        echo "EOF" >> $GITHUB_OUTPUT
+        echo "new-tag=v$NEW_VERSION" >> $GITHUB_OUTPUT
+        {
+          echo "changelog<<EOF"
+          echo "## What's Changed"
+          echo "$CHANGELOG"
+          echo "EOF"
+        } >> $GITHUB_OUTPUT

    - name: Setup Tools Cache
      id: tools-cache
@@ -124,11 +119,18 @@ jobs:
        name: unlocker-build
        path: unlocker.zip

+    - name: Finalize Version and Push Tag
+      if: ${{ github.event_name == 'push' && success() }}
+      run: |
+        git tag ${{ steps.calculate-version.outputs.new-tag }}
+        git push origin ${{ steps.calculate-version.outputs.new-tag }}
+
    - name: Create Gitea Release
-      if: ${{ github.event_name == 'push' }}
+      if: ${{ github.event_name == 'push' && success() }}
      uses: akkuman/gitea-release-action@v1
      with:
        files: unlocker.zip
-        tag_name: v${{ steps.calculate-version.outputs.version-string }}
-        name: Release v${{ steps.calculate-version.outputs.version-string }}
+        tag_name: ${{ steps.calculate-version.outputs.new-tag }}
+        name: Release ${{ steps.calculate-version.outputs.new-tag }}
        body: ${{ steps.calculate-version.outputs.changelog }}
+        
@@ -8,3 +8,4 @@ for /r "src" %%f in (*.cpp *.h *.cs) do (

 echo done
 pause
+    
@@ -1,111 +1,107 @@
 {
-  "Camper": {
-    "Items": [
-      "Father_Key_Card",
-      "FireflyLantern",
-      "Item_Camper_AlexsToolbox",
-      "Item_Camper_AnniversaryToolbox",
-      "Item_Camper_BeigeMap",
-      "Item_Camper_BrokenKey",
-      "Item_Camper_CommodiousToolbox",
-      "Item_Camper_ContaminationSerum",
-      "Item_Camper_DullKey",
-      "Item_Camper_EngineerToolbox",
-      "Item_Camper_FadedMap",
-      "Item_Camper_Firecracker_Anniversary2019",
-      "Item_Camper_Firecracker_Chinese",
-      "Item_Camper_Firecracker_Flashbang",
-      "Item_Camper_Firecracker_WinterEvent",
-      "Item_Camper_Flashlight",
-      "Item_Camper_Flashlight_Anniversary2020",
-      "Item_Camper_Flashlight_Anniversary2022",
-      "Item_Camper_Flashlight_Random",
-      "Item_Camper_Flashlight02",
-      "Item_Camper_Flashlight03",
-      "Item_Camper_Flashlight04",
-      "Item_Camper_JerryCan_Spring2025",
-      "Item_Camper_K29InfectionRemover",
-      "Item_Camper_K32Emp",
-      "Item_Camper_K33Turret",
-      "Item_Camper_K36MagicItem_Boots",
-      "Item_Camper_K36MagicItem_Bracers",
-      "Item_Camper_K36MagicItem_VecnaEye",
-      "Item_Camper_K36MagicItem_VecnaHand",
-      "Item_Camper_Key",
-      "Item_Camper_Key_Random",
-      "Item_Camper_LunarToolbox",
-      "Item_Camper_Map_Random",
-      "Item_Camper_Map_Spring2024",
-      "Item_Camper_MechanicsToolbox",
-      "Item_Camper_MedKit",
-      "Item_Camper_Medkit_Anniversary2020",
-      "Item_Camper_Medkit_Anniversary2022",
-      "Item_Camper_MedKit_Random",
-      "Item_Camper_MedKit02",
-      "Item_Camper_MedKit03",
-      "Item_Camper_MedKit04",
-      "Item_Camper_Medkit05",
-      "Item_Camper_OnryoTape",
-      "Item_Camper_RainbowMap",
-      "Item_Camper_Toolbox",
-      "Item_Camper_Toolbox_Anniversary2022",
-      "Item_Camper_Toolbox_Random",
-      "Item_Camper_VoidBomb_Halloween2024",
-      "Item_Camper_WornoutToolbox",
-      "Item_FragileObject",
-      "Item_LamentConfiguration",
-      "Item_Survivor_CalamariContaminationAntidote",
-      "Item_Survivor_K41Mushroom",
-      "Item_Survivor_MakeshiftFogVial",
-      "Item_Survivor_PrototypeFogVial",
-      "Item_Survivor_VigosFogVial"
-    ]
-  },
-  "Slasher": {
-    "Powers": [
-      "Item_Blighted_Serum",
-      "Item_Slasher_Beartrap",
-      "Item_Slasher_Blinker",
-      "Item_Slasher_Chainsaw",
-      "Item_Slasher_CloakBell",
-      "Item_Slasher_DreamInducer",
-      "Item_Slasher_Frenzy",
-      "Item_Slasher_GasBomb",
-      "Item_Slasher_GhostPower",
-      "Item_Slasher_HarpoonRifle",
-      "Item_Slasher_Hatchet",
-      "Item_Slasher_K21Power",
-      "Item_Slasher_K22Power",
-      "Item_Slasher_K24Power",
-      "Item_Slasher_K25Power",
-      "Item_Slasher_K26Power",
-      "Item_Slasher_K27Power",
-      "Item_Slasher_K28Power",
-      "Item_Slasher_K29Power",
-      "Item_Slasher_K30Power",
-      "Item_Slasher_K31Power",
-      "Item_Slasher_K32Power",
-      "Item_Slasher_K33Power",
-      "Item_Slasher_K34Power",
-      "Item_Slasher_K35Power",
-      "Item_Slasher_K36Power",
-      "Item_Slasher_K37Power",
-      "Item_Slasher_K38Power",
-      "Item_Slasher_K39Power",
-      "Item_Slasher_K40Power",
-      "Item_Slasher_K41Power",
-      "Item_Slasher_K42Power",
-      "Item_Slasher_Kanobo",
-      "Item_Slasher_Killer07Item",
-      "Item_Slasher_LFChainsaw",
-      "Item_Slasher_PhantomTrap",
-      "Item_Slasher_PhaseWalker",
-      "Item_Slasher_PlaguePower",
-      "Item_Slasher_QatarKillerPower",
-      "Item_Slasher_ReverseBearTrap",
-      "Item_Slasher_Stalker",
-      "Item_Slasher_ThrowingKnives",
-      "Item_Slasher_TormentMode"
-    ]
-  }
+  "Campers": [
+    "Father_Key_Card",
+    "FireflyLantern",
+    "Item_Camper_AlexsToolbox",
+    "Item_Camper_AnniversaryToolbox",
+    "Item_Camper_BeigeMap",
+    "Item_Camper_BrokenKey",
+    "Item_Camper_CommodiousToolbox",
+    "Item_Camper_ContaminationSerum",
+    "Item_Camper_DullKey",
+    "Item_Camper_EngineerToolbox",
+    "Item_Camper_FadedMap",
+    "Item_Camper_Firecracker_Anniversary2019",
+    "Item_Camper_Firecracker_Chinese",
+    "Item_Camper_Firecracker_Flashbang",
+    "Item_Camper_Firecracker_WinterEvent",
+    "Item_Camper_Flashlight",
+    "Item_Camper_Flashlight_Anniversary2020",
+    "Item_Camper_Flashlight_Anniversary2022",
+    "Item_Camper_Flashlight_Random",
+    "Item_Camper_Flashlight02",
+    "Item_Camper_Flashlight03",
+    "Item_Camper_Flashlight04",
+    "Item_Camper_JerryCan_Spring2025",
+    "Item_Camper_K29InfectionRemover",
+    "Item_Camper_K32Emp",
+    "Item_Camper_K33Turret",
+    "Item_Camper_K36MagicItem_Boots",
+    "Item_Camper_K36MagicItem_Bracers",
+    "Item_Camper_K36MagicItem_VecnaEye",
+    "Item_Camper_K36MagicItem_VecnaHand",
+    "Item_Camper_Key",
+    "Item_Camper_Key_Random",
+    "Item_Camper_LunarToolbox",
+    "Item_Camper_Map_Random",
+    "Item_Camper_Map_Spring2024",
+    "Item_Camper_MechanicsToolbox",
+    "Item_Camper_MedKit",
+    "Item_Camper_Medkit_Anniversary2020",
+    "Item_Camper_Medkit_Anniversary2022",
+    "Item_Camper_MedKit_Random",
+    "Item_Camper_MedKit02",
+    "Item_Camper_MedKit03",
+    "Item_Camper_MedKit04",
+    "Item_Camper_Medkit05",
+    "Item_Camper_OnryoTape",
+    "Item_Camper_RainbowMap",
+    "Item_Camper_Toolbox",
+    "Item_Camper_Toolbox_Anniversary2022",
+    "Item_Camper_Toolbox_Random",
+    "Item_Camper_VoidBomb_Halloween2024",
+    "Item_Camper_WornoutToolbox",
+    "Item_FragileObject",
+    "Item_LamentConfiguration",
+    "Item_Survivor_CalamariContaminationAntidote",
+    "Item_Survivor_K41Mushroom",
+    "Item_Survivor_MakeshiftFogVial",
+    "Item_Survivor_PrototypeFogVial",
+    "Item_Survivor_VigosFogVial"
+  ],
+  "Slashers": [
+    "Item_Blighted_Serum",
+    "Item_Slasher_Beartrap",
+    "Item_Slasher_Blinker",
+    "Item_Slasher_Chainsaw",
+    "Item_Slasher_CloakBell",
+    "Item_Slasher_DreamInducer",
+    "Item_Slasher_Frenzy",
+    "Item_Slasher_GasBomb",
+    "Item_Slasher_GhostPower",
+    "Item_Slasher_HarpoonRifle",
+    "Item_Slasher_Hatchet",
+    "Item_Slasher_K21Power",
+    "Item_Slasher_K22Power",
+    "Item_Slasher_K24Power",
+    "Item_Slasher_K25Power",
+    "Item_Slasher_K26Power",
+    "Item_Slasher_K27Power",
+    "Item_Slasher_K28Power",
+    "Item_Slasher_K29Power",
+    "Item_Slasher_K30Power",
+    "Item_Slasher_K31Power",
+    "Item_Slasher_K32Power",
+    "Item_Slasher_K33Power",
+    "Item_Slasher_K34Power",
+    "Item_Slasher_K35Power",
+    "Item_Slasher_K36Power",
+    "Item_Slasher_K37Power",
+    "Item_Slasher_K38Power",
+    "Item_Slasher_K39Power",
+    "Item_Slasher_K40Power",
+    "Item_Slasher_K41Power",
+    "Item_Slasher_K42Power",
+    "Item_Slasher_Kanobo",
+    "Item_Slasher_Killer07Item",
+    "Item_Slasher_LFChainsaw",
+    "Item_Slasher_PhantomTrap",
+    "Item_Slasher_PhaseWalker",
+    "Item_Slasher_PlaguePower",
+    "Item_Slasher_QatarKillerPower",
+    "Item_Slasher_ReverseBearTrap",
+    "Item_Slasher_Stalker",
+    "Item_Slasher_ThrowingKnives",
+    "Item_Slasher_TormentMode"
+  ]
 }
@@ -13,9 +13,9 @@ using Newtonsoft.Json;

 class DumpByDaylight
 {
-    private const string _pakDir = "E:\\Program Files (x86)\\Steam\\steamapps\\common\\Dead by Daylight\\DeadByDaylight\\Content\\Paks";
+    private const string _pakDir = "D:\\XboxGames\\Dead By Daylight\\Content\\DeadByDaylight\\Content\\Paks";
    private const string _aesKey = "0x22B1639B548124925CF7B9CBAA09F9AC295FCF0324586D6B37EE1D42670B39B3";
-    private const string _mappingURL = "https://github.com/Masusder/FModel-DbdMappings/raw/refs/heads/main/Mappings/9.5.0/5.4.4-3172922+++DeadByDaylight+Quiche_REL-DeadByDaylight.usmap";
+    private const string _mappingURL = "https://git.neru.rip/neru/UnlockedByDaylight/raw/branch/main/res/mappings/latest-xbox.usmap";

    public static async Task<string?> DownloadMappingFileAsync(string url, string savePath)
    {
@@ -67,7 +67,7 @@ class DumpByDaylight

        Console.WriteLine("\nProvider Initialized. Extracting Databases...");

-        var dataPak = provider.GetArchive("pakchunk4-Windows.utoc");
+        var dataPak = provider.GetArchive("pakchunk4-WinGDK.utoc");

        /*
         *  itemdb dump
@@ -104,8 +104,8 @@ class DumpByDaylight

        var itemsSerialized = new
        {
-            Camper = new { Items = camperItems.OrderBy(x => x).ToList() },
-            Slasher = new { Powers = slasherPowers.OrderBy(x => x).ToList() }
+            Campers = camperItems.OrderBy(x => x).ToList(),
+            Slashers = slasherPowers.OrderBy(x => x).ToList()
        };
        File.WriteAllText("items.json", JsonConvert.SerializeObject(itemsSerialized, Formatting.Indented));

@@ -114,7 +114,7 @@ class DumpByDaylight
         */
        searchPaths = dataPak.Files.Keys.Where(x => x.Contains($"/ItemAddonDB.uasset", StringComparison.OrdinalIgnoreCase)).ToList();
        var camperAddons = new List<string>();
-        var slaherAddons = new List<string>();
+        var slasherAddons = new List<string>();

        foreach (var path in searchPaths)
        {
@@ -135,7 +135,7 @@ class DumpByDaylight
                    }

                    if (isSlasherAddon)
-                        slaherAddons.Add(row.Key.Text);
+                        slasherAddons.Add(row.Key.Text);
                    else
                        camperAddons.Add(row.Key.Text);
                }
@@ -144,7 +144,7 @@ class DumpByDaylight

        var addonsSerialized = new
        {
-            Slashers = slaherAddons.OrderBy(x => x).ToList(),
+            Slashers = slasherAddons.OrderBy(x => x).ToList(),
            Campers = camperAddons.OrderBy(x => x).ToList()
        };
        File.WriteAllText("addons.json", JsonConvert.SerializeObject(addonsSerialized, Formatting.Indented));
@@ -1,222 +0,0 @@
-#include "cert_manager.h"
-#include <nerutils/log.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-
-#include <cstdlib>
-#include <ctime>
-
-#include <processthreadsapi.h>
-#include <cstring>
-
-std::string randomizeString(size_t length)
-{
-    const char charset[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-    std::string result;
-    result.resize(length);
-    for (size_t i = 0; i < length; ++i)
-        result[i] = charset[rand() % (sizeof(charset) - 1)];
-    return result;
-}
-
-CertManager::CertManager() : _sessionPkey(nullptr) {}
-
-CertManager::~CertManager()
-{
-    if (_caPkey) EVP_PKEY_free(_caPkey);
-    if (_caCert) X509_free(_caCert);
-    if (_sessionPkey) EVP_PKEY_free(_sessionPkey);
-
-    for (auto& pair : _hostContexts)
-        SSL_CTX_free(pair.second);
-}
-
-bool CertManager::Init()
-{
-    EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr);
-    if (pctx)
-    {
-        EVP_PKEY_keygen_init(pctx);
-        EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048);
-        EVP_PKEY_keygen(pctx, &_sessionPkey);
-        EVP_PKEY_CTX_free(pctx);
-    }
-
-    if (LoadCA())
-    {
-        Log::verbose("Loaded existing CA certificate.");
-        return true;
-    }
-
-    Log::verbose("No CA found. Generating new CA certificate.");
-    return GenerateCA();
-}
-
-bool CertManager::LoadCA()
-{
-    BIO* keyBio = BIO_new_file("ca_key.pem", "r");
-    if (!keyBio) return false;
-
-    _caPkey = PEM_read_bio_PrivateKey(keyBio, nullptr, nullptr, nullptr);
-    BIO_free(keyBio);
-
-    if (!_caPkey) return false;
-
-    BIO* certBio = BIO_new_file("ca_cert.pem", "r");
-    if (!certBio) return false;
-
-    _caCert = PEM_read_bio_X509(certBio, nullptr, nullptr, nullptr);
-    BIO_free(certBio);
-
-    if (!_caCert) return false;
-
-    return true;
-}
-
-bool CertManager::GenerateCA()
-{
-    srand(static_cast<unsigned int>(time(nullptr)));
-
-    EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr);
-    if (!pctx) return false;
-    EVP_PKEY_keygen_init(pctx);
-    EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048);
-    EVP_PKEY_keygen(pctx, &_caPkey);
-    EVP_PKEY_CTX_free(pctx);
-
-    _caCert = X509_new();
-    X509_set_version(_caCert, 2);
-    ASN1_INTEGER_set(X509_get_serialNumber(_caCert), 1);
-    X509_gmtime_adj(X509_get_notBefore(_caCert), 0);
-    X509_gmtime_adj(X509_get_notAfter(_caCert), 31536000L); // 1 year
-
-    std::string org = randomizeString(16);
-    std::string cn = randomizeString(16);
-
-    X509_NAME* name = X509_get_subject_name(_caCert);
-    X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (unsigned char*)"US", -1, -1, 0);
-    X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, (unsigned char*)org.c_str(), -1, -1, 0);
-    X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char*)cn.c_str(), -1, -1, 0);
-    X509_set_issuer_name(_caCert, name);
-    X509_set_pubkey(_caCert, _caPkey);
-
-    X509V3_CTX ctxV3;
-    X509V3_set_ctx_nodb(&ctxV3);
-    X509V3_set_ctx(&ctxV3, _caCert, _caCert, nullptr, nullptr, 0);
-    X509_EXTENSION* extCA = X509V3_EXT_conf_nid(nullptr, &ctxV3, NID_basic_constraints, "critical,CA:TRUE");
-    if (extCA)
-    {
-        X509_add_ext(_caCert, extCA, -1);
-        X509_EXTENSION_free(extCA);
-    }
-
-    X509_sign(_caCert, _caPkey, EVP_sha256());
-
-    BIO* keyBioOut = BIO_new_file("ca_key.pem", "w");
-    if (keyBioOut)
-    {
-        PEM_write_bio_PrivateKey(keyBioOut, _caPkey, nullptr, nullptr, 0, nullptr, nullptr);
-        BIO_free(keyBioOut);
-    }
-
-    BIO* certBioOut = BIO_new_file("ca_cert.pem", "w");
-    if (certBioOut)
-    {
-        PEM_write_bio_X509(certBioOut, _caCert);
-        BIO_free(certBioOut);
-    }
-
-    Log::info("Generated new CA key and certificate files. Installing to Windows Root CA store automatically...");
-
-    STARTUPINFOA si;
-    memset(&si, 0, sizeof(si));
-    si.cb = sizeof(si);
-    PROCESS_INFORMATION pi;
-    memset(&pi, 0, sizeof(pi));
-    char cmd[] = "certutil.exe -user -addstore root ca_cert.pem";
-    if (CreateProcessA(NULL, cmd, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi))
-    {
-        WaitForSingleObject(pi.hProcess, INFINITE);
-        CloseHandle(pi.hProcess);
-        CloseHandle(pi.hThread);
-    }
-
-    return true;
-}
-
-SSL_CTX* CertManager::CreateHostContext(const std::string& host)
-{
-    std::lock_guard<std::mutex> lock(_mutex);
-
-    auto it = _hostContexts.find(host);
-    if (it != _hostContexts.end())
-    {
-        return it->second;
-    }
-
-    EVP_PKEY* pkey = _sessionPkey;
-    if (!pkey) return nullptr;
-
-    X509* cert = X509_new();
-    X509_set_version(cert, 2);
-    ASN1_INTEGER_set(X509_get_serialNumber(cert), static_cast<long>(std::hash<std::string>{}(host) & 0x7FFFFFFF));
-    X509_gmtime_adj(X509_get_notBefore(cert), 0);
-    X509_gmtime_adj(X509_get_notAfter(cert), 31536000L);
-
-    std::string dynamicOrg = randomizeString(16);
-
-    X509_NAME* name = X509_get_subject_name(cert);
-    X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (unsigned char*)"US", -1, -1, 0);
-    X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, (unsigned char*)dynamicOrg.c_str(), -1, -1, 0);
-    X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char*)(host.c_str()), -1, -1, 0);
-    X509_set_issuer_name(cert, X509_get_subject_name(_caCert));
-    X509_set_pubkey(cert, pkey);
-
-    X509V3_CTX ctxV3;
-    X509V3_set_ctx_nodb(&ctxV3);
-    X509V3_set_ctx(&ctxV3, _caCert, cert, nullptr, nullptr, 0);
-    std::string san = "DNS:" + host;
-    X509_EXTENSION* extSAN = X509V3_EXT_conf_nid(nullptr, &ctxV3, NID_subject_alt_name, san.c_str());
-    if (extSAN)
-    {
-        X509_add_ext(cert, extSAN, -1);
-        X509_EXTENSION_free(extSAN);
-    }
-
-    X509_sign(cert, _caPkey, EVP_sha256());
-
-    SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
-
-    SSL_CTX_set_alpn_select_cb(
-        ctx,
-        [](SSL* /*ssl*/, const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen,
-           void* /*arg*/) -> int {
-            for (unsigned int i = 0; i < inlen;)
-            {
-                unsigned int len = in[i];
-                if (len == 8 && memcmp(&in[i + 1], "http/1.1", 8) == 0)
-                {
-                    *out = &in[i + 1];
-                    *outlen = (unsigned char)len;
-                    return SSL_TLSEXT_ERR_OK;
-                }
-                i += len + 1;
-            }
-            return SSL_TLSEXT_ERR_NOACK;
-        },
-        nullptr);
-
-    SSL_CTX_use_certificate(ctx, cert);
-    SSL_CTX_use_PrivateKey(ctx, pkey);
-
-    X509_free(cert);
-
-    _hostContexts[host] = ctx;
-    return ctx;
-}
@@ -5,46 +5,45 @@

 #include <windows.h>
 #include <wininet.h>
-//#include <fstream>
-//#include <iostream>
-//#include <string>
-//#include <string_view>
-//#include <vector>
-//#include <format>
-//#include <mutex>
-//#include <ctime>
-//#include <regex>
-//#include <unordered_set>
-//#include <simdjson.h>
+#include <ctime>

-
-bool setProxy(bool enable, const std::string& proxyAddr)
+bool setProxyAddress(bool enable, const std::string& proxyAddr)
 {
    INTERNET_PER_CONN_OPTION_LIST list;
    INTERNET_PER_CONN_OPTION options[3];
-    unsigned long listSize = sizeof(INTERNET_PER_CONN_OPTION_LIST);
+
+    ZeroMemory(&list, sizeof(list));
+    ZeroMemory(options, sizeof(options));

    options[0].dwOption = INTERNET_PER_CONN_FLAGS;
+
    if (enable)
+    {
+        if (proxyAddr.empty()) return false;
+
        options[0].Value.dwValue = PROXY_TYPE_PROXY | PROXY_TYPE_DIRECT;
+
+        options[1].dwOption = INTERNET_PER_CONN_PROXY_SERVER;
+        options[1].Value.pszValue = const_cast<char*>(proxyAddr.c_str());
+
+        options[2].dwOption = INTERNET_PER_CONN_PROXY_BYPASS;
+        options[2].Value.pszValue = (char*)"<local>";
+
+        list.dwOptionCount = 3;
+    }
    else
+    {
        options[0].Value.dwValue = PROXY_TYPE_DIRECT;
-
-    options[1].dwOption = INTERNET_PER_CONN_PROXY_SERVER;
-    options[1].Value.pszValue = const_cast<char*>(proxyAddr.c_str());
-
-    options[2].dwOption = INTERNET_PER_CONN_PROXY_BYPASS;
-    options[2].Value.pszValue = const_cast<char*>("<local>");
+        list.dwOptionCount = 1;
+    }

    list.dwSize = sizeof(INTERNET_PER_CONN_OPTION_LIST);
    list.pszConnection = NULL;
-    list.dwOptionCount = 3;
-    list.dwOptionError = 0;
    list.pOptions = options;

-    if (!InternetSetOptionA(NULL, INTERNET_OPTION_PER_CONNECTION_OPTION, &list, listSize))
+    if (!InternetSetOption(NULL, INTERNET_OPTION_PER_CONNECTION_OPTION, &list, sizeof(list)))
    {
-        Log::error("Failed to set proxy options, Err: {}", GetLastError());
+        Log::error("Failed to set proxy options - error: {}", GetLastError());
        return false;
    }

@@ -55,7 +54,7 @@ bool setProxy(bool enable, const std::string& proxyAddr)
 }

 bool running = true;
-Proxy* g_Proxy = nullptr;
+Proxy* proxy = nullptr;

 void cleanup()
 {
@@ -65,14 +64,14 @@ void cleanup()
    if (cleaned) return;
    cleaned = true;

-    if (g_Proxy)
+    Log::info("Restoring system proxy settings");
+    setProxyAddress(false, "");
+
+    if (proxy)
    {
        Log::info("Shutting down proxy");
-        g_Proxy->Shutdown();
+        proxy->shutdown();
    }
-
-    Log::info("Restoring system proxy settings");
-    setProxy(false, "");
 }

 BOOL WINAPI consoleHandler(DWORD dwType)
@@ -83,13 +82,14 @@ BOOL WINAPI consoleHandler(DWORD dwType)
        running = false;
        cleanup();
        exit(0);
-        //return TRUE;
    }
    return FALSE;
 }

 int main()
 {
+    srand(static_cast<unsigned int>(time(NULL)));
+
    Log::createConsole();
    SetConsoleCtrlHandler(consoleHandler, TRUE);
    atexit(cleanup);
@@ -100,13 +100,14 @@ int main()
        proxy setup
    */
    Log::info("Starting proxy");
-    g_Proxy = new Proxy();
-    if (!g_Proxy->Init())
+    proxy = new Proxy();
+    if (!proxy->init())
    {
        Log::error("Proxy failed to start");
        return 1;
    }
-    setProxy(true, std::format("127.0.0.1:{}", PROXY_PORT));
+    proxy->addWhitelistDomain("bhvrdbd.com");
+    setProxyAddress(true, std::format("127.0.0.1:{}", PROXY_PORT));

    /*
        Spoofer setup
@@ -114,7 +115,7 @@ int main()
    Log::info("Spoofer init");
    Spoofer* spoofer = new Spoofer();

-    spoofer->init(g_Proxy);
+    spoofer->init(proxy);

    /*
        pause
@@ -3,9 +3,13 @@
 #include <thread>
 #include <atomic>
 #include <string>
+#include <vector>
+#include <queue>
+#include <mutex>
+#include <condition_variable>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
-#include "cert_manager.h"
+#include "ssl.h"
 #include <nerutils/callback.h>

 /*
@@ -13,6 +17,7 @@
        use random port, test availability
 */
 #define PROXY_PORT 58421
+#define PROXY_THREAD_COUNT 256

 typedef unsigned __int64 SOCKET;

@@ -22,12 +27,14 @@ class Proxy
        Proxy();
        ~Proxy();

-        bool Init();
-        void Shutdown();
+        bool init();
+        void shutdown();

        CallbackEvent<std::string&, const std::string&, std::string&> OnClientRequest;
        CallbackEvent<const std::string&, std::string&, std::string&> OnServerResponse;

+        void addWhitelistDomain(const std::string& domain);
+
    private:
        void loop();
        void handleClient(SOCKET clientSocket);
@@ -39,6 +46,13 @@ class Proxy
        std::thread _workerThread;
        std::atomic<bool> _running = false;

+        std::vector<std::thread> _poolThreads;
+        std::queue<SOCKET> _clientQueue;
+        std::mutex _queueMutex;
+        std::condition_variable _queueCond;
+
        CertManager _certManager;
        SSL_CTX* _clientCtx = nullptr;
+
+        std::vector<std::string> _whitelistDomains;
 };
@@ -1,10 +1,14 @@
-#include "spoofing.h"
+#include "spoofing.h"
+#include "utils.h"

+#include <string>
 #include <fstream>
-#include <algorithm>
-#include <unordered_set>
+#include <random>
+#include <vector>
+#include <regex>
+#include <thread>

-#include <minwindef.h>
+#include <time.h>

 #include <nerutils/log.h>

@@ -12,24 +16,35 @@

 using json = nlohmann::json;

-std::string getExeDir()
+static std::random_device rd;
+static std::mt19937 gen(rd());
+
+/*
+    utils
+*/
+std::unordered_set<std::string> slasherNames = {
+    "Chuckles",  "Bob", "HillBilly", "Nurse",  "Shape",  "Witch",     "Killer07",   "Cannibal", "Bear",
+    "Nightmare", "Pig", "Clown",     "Spirit", "Plague", "Ghostface", "Demogorgon", "Oni",      "Gunslinger"};
+
+bool isSlasher(std::string name)
 {
-    char buffer[MAX_PATH];
-    GetModuleFileNameA(NULL, buffer, MAX_PATH);
-    std::string path(buffer);
-    size_t pos = path.find_last_of("\\/");
-    if (pos != std::string::npos) return path.substr(0, pos + 1);
-    return "";
+    if (slasherNames.contains(name) || (name.length() == 3 && name[0] == 'K')) return true;
+    return false;
 }

+/*
+    setup / init
+*/
 void Spoofer::init(Proxy* proxy)
 {
-    loadData();
    registerListeners(proxy);
+    loadData();
+    loadConfig();
 }

 void Spoofer::registerListeners(Proxy* proxy)
 {
+    Log::info("Registering Proxy event listeners for spoofer");
    proxy->OnServerResponse.addListener([this](const std::string& url, std::string& body, std::string& respHeaders) {
        this->serverResponseHandler(url, body, respHeaders);
    });
@@ -39,442 +54,567 @@ void Spoofer::registerListeners(Proxy* proxy)
    });
 }

+#define LOADDATA(fileName, type, camperSet, slasherSet, errorMsg)                                                      \
+    std::string path##type = utils::getExePath() + fileName;                                                           \
+    std::ifstream file##type(path##type);                                                                              \
+    if (file##type.is_open())                                                                                          \
+    {                                                                                                                  \
+        std::stringstream buff;                                                                                        \
+        buff << file##type.rdbuf();                                                                                    \
+        if (!parseStackable(buff.str(), camperSet, slasherSet))                                                        \
+            Log::error("Failed to parse {} - {}", fileName, errorMsg);                                                 \
+        else                                                                                                           \
+            Log::verbose("Loaded {} camper ids and {} slasher ids from {}", camperSet.size(), slasherSet.size(),       \
+                         fileName);                                                                                    \
+    }                                                                                                                  \
+    else                                                                                                               \
+        Log::warning("Missing {} - {}", fileName, errorMsg);
+
 void Spoofer::loadData()
 {
-    Log::info("Loading dump data");
+    Log::info("Loading data");

-    std::string catalogDumpPath = getExeDir() + "catalog.json";
-    std::ifstream catalogFile(catalogDumpPath);
+    std::string catalogPath = utils::getExePath() + "catalog.json";
+    std::ifstream catalogFile(catalogPath);
    if (catalogFile.is_open())
    {
-        std::stringstream buffer;
-        buffer << catalogFile.rdbuf();
-        parseCatalog(buffer.str());
+        std::stringstream buff;
+        buff << catalogFile.rdbuf();
+        if (!parseCatalog(buff.str())) Log::warning("Failed to parse catalog.json - Customizations won't be unlocked");
    }
    else
-        Log::warning("Missing catalog.json");
+        Log::warning("Missing catalog.json - Customizations won't be unlocked");

-    std::string itemDumpPath = getExeDir() + "items.json";
-    std::ifstream itemFile(itemDumpPath);
-    if (itemFile.is_open())
+    LOADDATA("items.json", Items, _camperItemIds, _slasherPowerIds, "Items won't be added");
+    LOADDATA("offerings.json", Offerings, _camperOfferingIds, _slasherOfferingIds, "Offerings won't be added");
+    LOADDATA("addons.json", Addons, _camperAddonIds, _slasherAddonIds, "Addons won't be added");
+    LOADDATA("perks.json", Perks, _camperPerkIds, _slasherPerkIds, "Perks won't be added");
+}
+
+void Spoofer::loadConfig()
+{
+    std::string configPath = utils::getExePath() + "config.json";
+    std::ifstream configFile(configPath);
+
+    if (configFile.is_open())
    {
        try
        {
-            std::string content((std::istreambuf_iterator<char>(itemFile)), std::istreambuf_iterator<char>());
-            json doc = json::parse(content);
-
-            if (doc.contains("Camper") && doc["Camper"].is_object())
-                if (doc["Camper"].contains("Items") && doc["Camper"]["Items"].is_array())
-                    for (const auto& item : doc["Camper"]["Items"])
-                        if (item.is_string()) _camperItemIds.insert(item.get<std::string>());
-
-            if (doc.contains("Slasher") && doc["Slasher"].is_object())
-                if (doc["Slasher"].contains("Powers") && doc["Slasher"]["Powers"].is_array())
-                    for (const auto& item : doc["Slasher"]["Powers"])
-                        if (item.is_string()) _slasherPowerIds.insert(item.get<std::string>());
+            json configJson = json::parse(configFile);
+            _config.spoofCharacterOwnership = configJson.value("spoofCharacterOwnership", false);
+            _config.spoofInventory = configJson.value("spoofInventory", true);
+            _config.spoofCustomization = configJson.value("spoofCustomization", true);
+            Log::info("Loaded config: Ownership={}, Inventory={}, Customization={}", _config.spoofCharacterOwnership,
+                      _config.spoofInventory, _config.spoofCustomization);
        }
-        catch (const json::parse_error& e)
+        catch (...)
        {
-            Log::error("JSON parse error in {}: {}", "items.json", e.what());
+            Log::error("Failed to parse config.json, using defaults");
        }
    }
    else
-        Log::warning("Missing items.json");
-
-    std::string offeringDumpPath = getExeDir() + "offerings.json";
-    std::ifstream offeringsFile(offeringDumpPath);
-    if (offeringsFile.is_open())
    {
-        try
-        {
-            std::string content((std::istreambuf_iterator<char>(offeringsFile)), std::istreambuf_iterator<char>());
-            json doc = json::parse(content);
-
-            if (doc.contains("Slashers") && doc["Slashers"].is_array())
-                for (const auto& offering : doc["Slashers"])
-                    if (offering.is_string()) _slasherOfferingIds.insert(offering.get<std::string>());
-
-            if (doc.contains("Campers") && doc["Campers"].is_array())
-                for (const auto& offering : doc["Campers"])
-                    if (offering.is_string()) _camperOfferingIds.insert(offering.get<std::string>());
-        }
-        catch (const json::parse_error& e)
-        {
-            Log::error("JSON parse error in {}: {}", "offerings.json", e.what());
-        }
+        Log::info("config.json not found, using default settings");
+        json defaultConfig = {
+            {"spoofCharacterOwnership", true}, {"spoofInventory", true}, {"spoofCustomization", true}};
+        std::ofstream out(configPath);
+        out << defaultConfig.dump(4);
    }
-    else
-        Log::warning("Missing offerings.json");
+}

-    std::string addonDumpPath = getExeDir() + "addons.json";
-    std::ifstream addonFile(addonDumpPath);
-    if (addonFile.is_open())
+/*
+    data parsing
+*/
+bool Spoofer::parseCatalog(std::string data)
+{
+    json doc = json::parse(data, nullptr, false);
+
+    if (doc.is_discarded())
    {
-        try
-        {
-            std::string content((std::istreambuf_iterator<char>(addonFile)), std::istreambuf_iterator<char>());
-            json doc = json::parse(content);
-
-            if (doc.contains("Slashers") && doc["Slashers"].is_array())
-                for (const auto& item : doc["Slashers"])
-                    if (item.is_string()) _slasherAddonIds.insert(item.get<std::string>());
-
-            if (doc.contains("Campers") && doc["Campers"].is_array())
-                for (const auto& power : doc["Campers"])
-                    if (power.is_string()) _camperAddonIds.insert(power.get<std::string>());
-        }
-        catch (const json::parse_error& e)
-        {
-            Log::error("JSON parse error in {}: {}", "addons.json", e.what());
-        }
+        Log::error("Failed to parse catalog");
+        return false;
    }
-    else
-        Log::warning("Missing addons.json");

    try
    {
-        std::string perkDumpPaths = getExeDir() + "perks.json";
-        std::ifstream perkFile(perkDumpPaths);
-        if (perkFile.is_open())
-        {
-            std::string content((std::istreambuf_iterator<char>(perkFile)), std::istreambuf_iterator<char>());
-            json doc = json::parse(content);
+        const auto& catalogData = doc.at("data");

-            if (doc.contains("Slashers") && doc["Slashers"].is_array())
-                for (const auto& item : doc["Slashers"])
-                    if (item.is_string()) _slasherPerkIds.insert(item.get<std::string>());
+        auto extractIds = [&](const std::string& key, std::unordered_set<std::string>& targetSet) {
+            if (catalogData.contains(key) && catalogData[key].contains("items"))
+                for (const auto& id : catalogData[key]["items"])
+                {
+                    if (id.is_string()) targetSet.insert(id.get<std::string>());
+                }
+            else
+                Log::warning("Catalog missing or invalid category: {}", key);
+        };

-            if (doc.contains("Campers") && doc["Campers"].is_array())
-                for (const auto& power : doc["Campers"])
-                    if (power.is_string()) _camperPerkIds.insert(power.get<std::string>());
-        }
+        extractIds("item", _catalogItemIds);
+        extractIds("outfit", _catalogOutfitIds);
+    }
+    catch (const json::exception& e)
+    {
+        Log::error("Invalid catalog format: {}", e.what());
+        return false;
+    }
+
+    Log::info("Parsed {} items and {} outfits from catalog", _catalogItemIds.size(), _catalogOutfitIds.size());
+
+    return true;
+}
+
+bool Spoofer::parseStackable(std::string data, std::unordered_set<std::string>& camperSet,
+                             std::unordered_set<std::string>& slasherSet)
+{
+    json doc = json::parse(data, nullptr, false);
+    if (doc.is_discarded())
+    {
+        Log::error("JSON parse error @ parseStackable");
+        return false;
+    }
+
+    auto populate = [&](const std::string& key, std::unordered_set<std::string>& targetSet) {
+        if (doc.contains(key) && doc[key].is_array())
+            for (const auto& item : doc[key])
+            {
+                if (item.is_string()) targetSet.insert(item.get<std::string>());
+            }
        else
-            Log::warning("Missing perks.json");
-    }
-    catch (const json::parse_error& e)
-    {
-        Log::error("JSON parse error in {}: {}", "perks.json", e.what());
-        return;
-    }
+            Log::warning("Missing stackables array ({})", key);
+    };

-    Log::info("Loaded: Camper items={}, Slasher powers={}, "
-              "Slasher addons={}, Camper addons={}, Camper perks={}, Slasher perks={}"
-              "Slasher offerings={}, Camper offerings={}",
-              _camperItemIds.size(), _slasherPowerIds.size(), _slasherAddonIds.size(), _camperAddonIds.size(),
-              _camperPerkIds.size(), _slasherPerkIds.size(), _slasherOfferingIds.size(), _camperOfferingIds.size());
+    populate("Slashers", slasherSet);
+    populate("Campers", camperSet);
+
+    return true;
 }

-void Spoofer::parseCatalog(std::string data)
+/*
+    misc functions
+*/
+std::string Spoofer::getRandomItem()
 {
-    try
-    {
-        json doc = json::parse(data);
+    std::vector<const std::unordered_set<std::string>*> allSets = {
+        &_camperItemIds,  &_slasherPowerIds, &_camperOfferingIds, &_slasherOfferingIds,
+        &_camperAddonIds, &_slasherAddonIds, &_camperPerkIds,     &_slasherPerkIds};

-        if (doc.contains("data")) doc = doc["data"];
+    std::vector<const std::unordered_set<std::string>*> validSets;
+    for (auto* s : allSets)
+        if (!s->empty()) validSets.push_back(s);

-        if (doc.contains("item") && doc["item"].contains("items") && doc["item"]["items"].is_array())
-            for (const auto& item : doc["item"]["items"])
-                if (item.is_string()) _catalogItemIds.insert(item.get<std::string>());
+    if (validSets.empty()) return "Spring2024Offering";

-        if (doc.contains("outfit") && doc["outfit"].contains("items") && doc["outfit"]["items"].is_array())
-            for (const auto& item : doc["outfit"]["items"])
-                if (item.is_string()) _catalogOutfitIds.insert(item.get<std::string>());
+    std::uniform_int_distribution<> setDist(0, static_cast<int>(validSets.size()) - 1);
+    const auto& selectedSet = *validSets[setDist(gen)];

-        Log::info("Parsed {} items and {} outfits from catalog", _catalogItemIds.size(), _catalogOutfitIds.size());
-    }
-    catch (const json::parse_error& e)
-    {
-        Log::error("JSON parse error in {}: {}", "parseCatalog", e.what());
-    }
+    std::uniform_int_distribution<> itemDist(0, static_cast<int>(selectedSet.size()) - 1);
+    auto it = selectedSet.begin();
+    std::advance(it, itemDist(gen));
+
+    return *it;
 }

-void Spoofer::parseAndDumpCatalog(std::string& data)
+int Spoofer::getRandomQuantity()
 {
-    std::string path = getExeDir() + "catalog.json";
-    std::ofstream file(path);
-    file << data;
-    file.close();
-    Log::info("Raw catalog saved to {}", path);
-
-    parseCatalog(data);
+    std::uniform_int_distribution<> dist(64, 97);
+    return dist(gen);
 }

+void Spoofer::generateBloodweb(nlohmann::json& js)
+{
+    if (!js.is_object()) js = json::object();
+
+    std::vector<std::string> paths;
+    json ringDataArray = json::array();
+
+    ringDataArray.push_back({{"nodeData", {{{"nodeId", "0"}, {"state", "Collected"}}}}});
+
+    int nodesPerRing[] = {6, 12, 12};
+    std::vector<std::string> prevRingNodes = {"0"};
+
+    for (int ring = 1; ring <= 3; ++ring)
+    {
+        json nodeDataArray = json::array();
+        std::vector<std::string> currentRingNodes;
+        int numNodes = nodesPerRing[ring - 1];
+
+        for (int i = 1; i <= numNodes; ++i)
+        {
+            std::string childId = std::to_string((ring * 100) + i);
+            currentRingNodes.push_back(childId);
+
+            int parentIndex = (i - 1) / (numNodes / static_cast<int>(prevRingNodes.size()));
+            std::string parentId = prevRingNodes[(std::min)(parentIndex, (int)prevRingNodes.size() - 1)];
+
+            paths.push_back(parentId + "_" + childId);
+
+            std::string item = getRandomItem();
+            if (item.empty()) item = "Spring2024Offering";
+
+            nodeDataArray.push_back({{"nodeId", childId}, {"state", "Collected"}, {"contentId", item}});
+        }
+        ringDataArray.push_back({{"nodeData", nodeDataArray}});
+        prevRingNodes = std::move(currentRingNodes);
+    }
+
+    js["paths"] = paths;
+    js["ringData"] = ringDataArray;
+}
+
+/*
+    data modification
+*/
 void Spoofer::modifyCharacterData(json& js)
 {
-    std::unordered_set<std::string> existingItemIds;
-    bool isSlasher = false;
-
-    if (js.contains("characterName") && js["characterName"].is_string())
+    if (!js.contains("characterName") || !js["characterName"].is_string())
    {
-        std::string name = js["characterName"];
-        if (name == "Bear" || name == "Bob" || name == "Chuckles" || (name.length() >= 2 && name[0] == 'K'))
-            isSlasher = true;
-    }
-
-    std::unordered_set<std::string> stackableIds;
-    stackableIds.insert(_camperItemIds.begin(), _camperItemIds.end());
-    stackableIds.insert(_camperOfferingIds.begin(), _camperOfferingIds.end());
-    stackableIds.insert(_camperAddonIds.begin(), _camperAddonIds.end());
-    stackableIds.insert(_slasherAddonIds.begin(), _slasherAddonIds.end());
-    stackableIds.insert(_slasherOfferingIds.begin(), _slasherOfferingIds.end());
-
-    if (js.contains("characterItems") && js["characterItems"].is_array())
-    {
-        for (auto& item : js["characterItems"])
-        {
-            if (item.contains("itemId") && item["itemId"].is_string())
-            {
-                std::string itemId = item["itemId"];
-                existingItemIds.insert(itemId);
-
-                if (_slasherPowerIds.find(itemId) != _slasherPowerIds.end())
-                    isSlasher = true;
-                else if (stackableIds.contains(itemId))
-                    item["quantity"] = 100;
-            }
-        }
-
-        if (!isSlasher)
-        {
-            for (const std::string& itemId : _camperItemIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 100}});
-            for (const std::string& itemId : _camperAddonIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 100}});
-            for (const std::string& itemId : _camperOfferingIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 100}});
-            for (const std::string& itemId : _camperPerkIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 3}});
-        }
-        else
-        {
-            for (const std::string& itemId : _slasherAddonIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 100}});
-            for (const std::string& itemId : _slasherOfferingIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 100}});
-            for (const std::string& itemId : _slasherPerkIds)
-                if (existingItemIds.find(itemId) == existingItemIds.end())
-                    js["characterItems"].push_back({{"itemId", itemId}, {"quantity", 3}});
-        }
-    }
-}
-
-void Spoofer::serverResponseHandler(const std::string& url, std::string& body, std::string& respHeaders)
-{
-#ifdef _DEBUG
-    if (url.find("bhvrdbd.com") != std::string::npos) Log::verbose("BHVR api res @ {}", url);
-#endif
-
-    if (url.find("api/v1/extensions/store/getCatalogItems") != std::string::npos) return parseAndDumpCatalog(body);
-
-    if (url.find("api/v1/dbd-inventories/all") != std::string::npos)
-    {
-        try
-        {
-            json doc = json::parse(body);
-            auto& itemsArr = doc["inventoryItems"];
-
-            std::unordered_set<std::string> foundObjects;
-            std::unordered_set<std::string> foundAddons;
-            std::unordered_set<std::string> foundPerks;
-            std::unordered_set<std::string> foundOfferings;
-            std::unordered_set<std::string> foundCatalogItems;
-
-            std::unordered_set<std::string> offeringIds;
-            offeringIds.insert(_camperOfferingIds.begin(), _camperOfferingIds.end());
-            offeringIds.insert(_slasherOfferingIds.begin(), _slasherOfferingIds.end());
-
-            std::unordered_set<std::string> catalogIds;
-            catalogIds.insert(_catalogOutfitIds.begin(), _catalogOutfitIds.end());
-            catalogIds.insert(_catalogItemIds.begin(), _catalogItemIds.end());
-
-            std::unordered_set<std::string> perkIds;
-            perkIds.insert(_slasherPerkIds.begin(), _slasherPerkIds.end());
-            perkIds.insert(_camperPerkIds.begin(), _camperPerkIds.end());
-
-            for (auto& item : itemsArr)
-            {
-                std::string objectId = item["objectId"];
-
-                if (perkIds.find(objectId) != perkIds.end())
-                {
-                    foundPerks.insert(objectId);
-                    item["quantity"] = 3;
-                    continue;
-                }
-
-                if (offeringIds.find(objectId) != offeringIds.end())
-                {
-                    foundOfferings.insert(objectId);
-                    item["quantity"] = 100;
-                    continue;
-                }
-
-                if (catalogIds.find(objectId) != catalogIds.end())
-                {
-                    foundCatalogItems.insert(objectId);
-                    continue;
-                }
-            }
-
-            for (const std::string& id : perkIds)
-            {
-                if (foundPerks.find(id) == foundPerks.end())
-                {
-                    itemsArr.push_back({
-                        {"objectId", id},
-                        {"quantity", 3},
-                        {"lastUpdateAt", std::time(nullptr)},
-                    });
-                }
-            }
-
-            for (const std::string& id : offeringIds)
-            {
-                if (foundOfferings.find(id) == foundOfferings.end())
-                {
-                    itemsArr.push_back({
-                        {"objectId", id},
-                        {"quantity", 100},
-                        {"lastUpdateAt", std::time(nullptr)},
-                    });
-                }
-            }
-
-            for (const std::string& id : catalogIds)
-            {
-                if (foundCatalogItems.find(id) == foundCatalogItems.end())
-                {
-                    itemsArr.push_back({
-                        {"objectId", id},
-                        {"quantity", 1},
-                        {"lastUpdateAt", std::time(nullptr)},
-                    });
-                }
-            }
-
-            std::string updatedJson = doc.dump();
-            body = updatedJson;
-
-            Log::verbose("Inventory updated: Items={}, Addons={}, Perks={}, Offerings={}", foundObjects.size(),
-                         foundAddons.size(), foundPerks.size(), foundOfferings.size());
-
-            return;
-        }
-        catch (const json::parse_error& e)
-        {
-            Log::error("JSON parse error in {}: {}", url, e.what());
-            return;
-        }
-
+        Log::verbose("attempted to modify invalid char");
        return;
    }

-    if (url.find("api/v1/dbd-character-data/get-all") != std::string::npos)
+    std::string name = js["characterName"];
+
+    if (_config.spoofCharacterOwnership)
    {
-        try
+        bool needsSpoofing = false;
+
+        if (js.value("isEntitled", false) == false)
        {
-            json doc = json::parse(body);
-            auto& charList = doc["list"];
-
-            for (auto& charInfo : charList)
-            {
-                if (charInfo.contains("bloodWebLevel") && charInfo.at("bloodWebLevel").get<int>() <= 15)
-                    if (!charInfo.contains("prestigeLevel") || charInfo.at("prestigeLevel").get<int>() <= 0)
-                        charInfo["bloodWebLevel"] = 15;
-
-                if (charInfo.contains("bloodWebData") && charInfo.at("bloodWebData").contains("level"))
-                    charInfo["bloodWebData"]["level"] = 1;
-
-                if (charInfo["isEntitled"] == false)
-                {
-                    charInfo["isEntitled"] = true;
-                    if (charInfo.contains("origin"))
-                    {
-                        charInfo["purchaseInfo"] = {{"quantity", 1},
-                                                    {"origin", "PlayerInventory"},
-                                                    {"reason", "Item(s) added via Purchase"},
-                                                    {"lastUpdateAt", 1770702482},
-                                                    {"objectId", charInfo["characterName"]}};
-                    }
-                }
-
-                modifyCharacterData(charInfo);
-            }
-            body = doc.dump();
+            _unownedCharacters.insert(name);
+            js["isEntitled"] = true;
+            js["purchaseInfo"] = {{"quantity", 1},
+                                  {"origin", "PlayerInventory"},
+                                  {"reason", "Item(s) added via Purchase"},
+                                  {"lastUpdateAt", std::time(nullptr)},
+                                  {"objectId", name}};
+            needsSpoofing = true;
        }
-        catch (const json::parse_error& e)
+        else if (_unownedCharacters.contains(name))
+            needsSpoofing = true;
+
+        /*
+            modifications for unowned characters (spoof level and fake bloodweb)
+        */
+        if (needsSpoofing)
        {
-            Log::error("JSON parse error in {}: {}", url, e.what());
+            if (js.contains("bloodWebLevel") && js["bloodWebLevel"].is_number() && js["bloodWebLevel"] <= 15)
+                if (!js.contains("prestigeLevel") || (js["prestigeLevel"].is_number() && js["prestigeLevel"] <= 0))
+                    js["bloodWebLevel"] = 16;
+
+            if (js.contains("bloodWebData")) generateBloodweb(js["bloodWebData"]);
        }
-        return;
+    }
+    else
+    {
+        if (js.value("isEntitled", false) == false) return;
    }

-    if (url.find("api/v1/dbd-character-data/") != std::string::npos)
+    /*
+        item spoofing
+    */
+    if (_config.spoofInventory)
    {
-        try
+        bool slasher = isSlasher(js["characterName"]);
+
+        if (js.contains("characterItems") && js["characterItems"].is_array())
        {
-            json doc = json::parse(body);
+            std::unordered_set<std::string> existingItemIds;

-            if (body.find("NotAllowedException") != std::string::npos && body.find("not owned") != std::string::npos)
+            std::unordered_set<std::string> stackableIds;
+            stackableIds.insert(_camperItemIds.begin(), _camperItemIds.end());
+            stackableIds.insert(_camperOfferingIds.begin(), _camperOfferingIds.end());
+            stackableIds.insert(_camperAddonIds.begin(), _camperAddonIds.end());
+            stackableIds.insert(_slasherAddonIds.begin(), _slasherAddonIds.end());
+            stackableIds.insert(_slasherOfferingIds.begin(), _slasherOfferingIds.end());
+
+            for (auto& item : js["characterItems"])
            {
-                Log::info("Spoofing bloodweb error error for unowned character");
-                json mock;
-                mock["bloodWebLevelChanged"] = false;
-                mock["updatedWallets"] = json::array();
-                mock["bloodWebLevel"] = 15;
-                mock["prestigeLevel"] = 0;
-                mock["bloodWebData"] = {{"ringData", json::array()}, {"paths", json::array()}};
-                mock["characterItems"] = json::array();
-                mock["characterName"] = this->_lastBloodWebChar;
-
-                modifyCharacterData(mock);
-
-                size_t firstSpace = respHeaders.find(' ');
-                if (firstSpace != std::string::npos)
+            /*
+                set existing items to rnd number
+            */
+                if (item.contains("itemId") && item["itemId"].is_string())
                {
-                    respHeaders.replace(firstSpace + 1, 3, "200");
+                    std::string itemId = item["itemId"];
+                    existingItemIds.insert(itemId);
+                    if (stackableIds.contains(itemId)) item["quantity"] = getRandomQuantity();
                }
+            }

-                body = mock.dump();
-                return;
+            auto appendItems = [&](const std::unordered_set<std::string>& idList, bool isPerk) {
+                for (const auto& itemId : idList)
+                    if (existingItemIds.find(itemId) == existingItemIds.end())
+                        js["characterItems"].push_back(
+                            {{"itemId", itemId}, {"quantity", isPerk ? 3 : getRandomQuantity()}});
+            };
+
+            if (!slasher)
+            {
+                appendItems(_camperItemIds, false);
+                appendItems(_camperAddonIds, false);
+                appendItems(_camperOfferingIds, false);
+                appendItems(_camperPerkIds, true);
            }
            else
            {
-                modifyCharacterData(doc);
-                body = doc.dump();
+                appendItems(_slasherAddonIds, false);
+                appendItems(_slasherOfferingIds, false);
+                appendItems(_slasherPerkIds, true);
            }
+        }
+    }
+
+#ifdef _DEBUG
+    Log::verbose("Spoofed data for character {}", name);
+#endif
+}
+
+/*
+    endpoint handlers
+*/
+
+void Spoofer::onGetCatalogItems(std::string& body)
+{
+    std::thread t([body]() {
+        std::string outPath = utils::getExePath() + "catalog.json";
+        std::ofstream file(outPath);
+        if (file.is_open())
+        {
+            file << body;
+            file.close();
+            Log::verbose("Raw catalog saved to {}", outPath);
+        }
+        else
+            Log::error("Unable to write to catalog.json");
+    });
+    t.detach();
+
+    parseCatalog(body);
+}
+
+void Spoofer::onGetAll(std::string& body)
+{
+    json doc = json::parse(body, nullptr, false);
+    if (doc.is_discarded()) return Log::error("JSON parse error for dbd-character-data/get-all");
+    if (!doc.contains("list") || !doc["list"].is_array())
+        return Log::error("Invalid json for dbd-character-data/get-all");
+
+    for (auto& charData : doc["list"])
+        modifyCharacterData(charData);
+
+    body = doc.dump();
+}
+
+void Spoofer::onInventoryAll(std::string& body)
+{
+    json doc = json::parse(body, nullptr, false);
+    if (doc.is_discarded()) return Log::error("JSON parse error for dbd-inventories/all");
+    if (!doc.contains("inventoryItems") || !doc["inventoryItems"].is_array())
+        return Log::error("Invalid json for JSON parse error for dbd-inventories/all");
+
+    auto& itemsArr = doc["inventoryItems"];
+    std::unordered_set<std::string> existingIds;
+    int64_t now = std::time(nullptr);
+
+    /*
+        item updates
+    */
+    struct Category
+    {
+            const std::unordered_set<std::string>& source;
+            int quantity;
+    };
+
+    std::vector<Category> categories;
+    if (_config.spoofInventory)
+    {
+        categories.push_back({_camperPerkIds, 3});
+        categories.push_back({_slasherPerkIds, 3});
+        categories.push_back({_camperOfferingIds, -1});
+        categories.push_back({_slasherOfferingIds, -1});
+
+        categories.push_back({_camperItemIds, -1});
+        categories.push_back({_camperAddonIds, -1});
+        categories.push_back({_slasherAddonIds, -1});
+    }
+
+    if (_config.spoofCustomization)
+    {
+        categories.push_back({_catalogOutfitIds, 1});
+        categories.push_back({_catalogItemIds, 1});
+    }
+
+    for (auto& item : itemsArr)
+    {
+        std::string id = item.value("objectId", "");
+        if (id.empty()) continue;
+
+        existingIds.insert(id);
+
+        for (const auto& cat : categories)
+        {
+            if (cat.source.contains(id))
+            {
+                item["quantity"] = (cat.quantity == -1) ? getRandomQuantity() : cat.quantity;
+                break;
+            }
+        }
+    }
+
+    /*
+        item inserts
+    */
+    for (const auto& cat : categories)
+    {
+        for (const std::string& id : cat.source)
+        {
+            if (!existingIds.contains(id))
+            {
+                int qty = (cat.quantity == -1) ? getRandomQuantity() : cat.quantity;
+                itemsArr.push_back({{"objectId", id}, {"quantity", qty}, {"lastUpdateAt", now}});
+                existingIds.insert(id);
+            }
+        }
+    }
+
+    body = doc.dump();
+    Log::verbose("Inventory spoofed");
+}
+
+void Spoofer::onMessageList(std::string& body)
+{
+    json doc = json::parse(body, nullptr, false);
+    if (doc.is_discarded()) return Log::error("JSON parse error for dbd-messages/listV2");
+
+    auto now = std::chrono::system_clock::now();
+    auto now_seconds = std::chrono::duration_cast<std::chrono::seconds>(now.time_since_epoch()).count();
+    auto now_milliseconds = std::chrono::duration_cast<std::chrono::milliseconds>(now.time_since_epoch()).count();
+
+    json msg;
+
+    /*
+        msg base
+    */
+    msg["allowedPlatforms"] = json::array({"egs", "grdk", "ps4", "ps5", "steam", "xbox", "xsx"});
+    msg["flag"] = "READ";
+    msg["gameSpecificData"] = {};
+    msg["read"] = false;
+    msg["tag"] = json::array({"inbox"});
+    msg["expireAt"] = now_seconds + (1337 * 24 * 60 * 60);
+    msg["received"] = now_milliseconds;
+    msg["recipientId"] = "system";
+
+    /*
+        msg content
+    */
+    json bodyContent;
+    bodyContent["sections"] = json::array();
+    bodyContent["sections"].push_back(
+        {{"type", "text"},
+         {"text", "Japan is turning footsteps into electricity!<br><br>Using piezoelectric tiles, every step "
+                  "you take generates a small amount of energy. Millions of steps together can power LED "
+                  "lights and displays in busy places like Shibuya Station.<br><br>A brilliant way to create a "
+                  "sustainable and smart city — turning movement into clean, renewable energy."}});
+
+    bodyContent["image"] = {
+        {"packagedPath", "/Game/UI/UMGAssets/Icons/ItemAddons/iconAddon_powerBulb.iconAddon_powerBulb"},
+        {"contentVersion", "ccc3f02b0a671fe19a0017d6a69293876a465fd9"},
+        {"uri", ""}};
+
+    bodyContent["sections"].push_back(
+        {{"type", "itemshowcase"},
+         {"rewards", json::array({{{"type", "inventory"}, {"id", "ADDON_flashlight_oddbulb"}, {"amount", 1}}})}});
+
+    msg["message"] = {};
+    msg["message"]["title"] = "Japan is turning footsteps into electricity";
+    msg["message"]["body"] = bodyContent.dump();
+
+    doc["messages"].push_back(msg);
+
+    body = doc.dump();
+#ifdef _DEBUG
+    Log::verbose("Spoofed message list");
+#endif
+}
+
+void Spoofer::onBloodweb(std::string& body, std::string& respHeaders)
+{
+    json doc = json::parse(body, nullptr, false);
+    if (doc.is_discarded()) return Log::error("JSON parse error for bloodweb response");
+
+    if (_config.spoofCharacterOwnership)
+    {
+        if (body.find("NotAllowedException") != std::string::npos && body.find("not owned") != std::string::npos)
+        {
+            Log::info("Spoofing bloodweb error for unowned character");
+            json mock;
+            mock["bloodWebLevelChanged"] = false;
+            mock["updatedWallets"] = json::array();
+            mock["bloodWebLevel"] = 16;
+            mock["prestigeLevel"] = 0;
+            mock["bloodWebData"] = json::object();
+            mock["characterItems"] = json::array();
+            mock["characterName"] = this->_lastBloodWebChar;
+            mock["isEntitled"] = true;
+            mock["purchaseInfo"] = {{"quantity", 1},
+                                    {"origin", "PlayerInventory"},
+                                    {"reason", "Item(s) added via Purchase"},
+                                    {"lastUpdateAt", std::time(nullptr)},
+                                    {"objectId", this->_lastBloodWebChar}};
+
+            _unownedCharacters.insert(this->_lastBloodWebChar); // probably not needed but just in case
+
+            modifyCharacterData(mock);
+
+            std::regex statusRegex(R"(HTTP\/\d\.\d\s+403)");
+            respHeaders = std::regex_replace(respHeaders, statusRegex, "HTTP/1.1 200");
+
+            body = mock.dump();
+#ifdef _DEBUG
+            Log::verbose("Spoofed bloodweb request for unowned character.");
+#endif
            return;
        }
-        catch (const json::parse_error& e)
-        {
-            Log::error("JSON parse error in {}: {}", url, e.what());
-        }
-        return;
    }
+
+    modifyCharacterData(doc);
+    body = doc.dump();
+#ifdef _DEBUG
+    Log::verbose("Spoofed bloodweb items for owned character");
+#endif
+}
+
+/*
+    event handlers
+*/
+void Spoofer::serverResponseHandler(const std::string& url, std::string& body, std::string& respHeaders)
+{
+    if (url.find("bhvrdbd.com") == std::string::npos) return;
+    std::lock_guard<std::mutex> lock(_mtx);
+
+#ifdef _DEBUG
+    Log::verbose("BHVR api res @ {}", url);
+#endif
+
+    if (url.find("api/v1/extensions/store/getCatalogItems") != std::string::npos) return onGetCatalogItems(body);
+    if (url.find("api/v1/dbd-character-data/get-all") != std::string::npos) return onGetAll(body);
+    if (url.find("api/v1/dbd-character-data/get-all") != std::string::npos) return onGetAll(body);
+    if (url.find("api/v1/dbd-inventories/all") != std::string::npos) return onInventoryAll(body);
+    if (url.find("/api/v1/messages/listV2") != std::string::npos) return onMessageList(body);
+    if (url.find("api/v1/dbd-character-data/bloodweb") != std::string::npos ||
+        url.find("api/v1/dbd-character-data/bulk-spending-bloodweb") != std::string::npos)
+        return onBloodweb(body, respHeaders);
 }

 void Spoofer::clientRequestHandler(std::string& url, const std::string& body, std::string& /*reqHeaders*/)
 {
+    if (url.find("bhvrdbd.com") == std::string::npos) return;
+    std::lock_guard<std::mutex> lock(_mtx);
+
    if (url.find("api/v1/dbd-character-data/bloodweb") != std::string::npos ||
        url.find("api/v1/dbd-character-data/bulk-spending-bloodweb") != std::string::npos)
    {
-        try
-        {
-            json req = json::parse(body);
-            if (req.contains("characterName"))
-            {
-                this->_lastBloodWebChar = req["characterName"];
-                Log::info("Detected bloodweb request for character: {}", this->_lastBloodWebChar);
-            }
-        }
-        catch (...)
-        {
-        }
+        json req = json::parse(body, nullptr, false);
+        if (req.is_discarded()) return Log::error("JSON parse error for bloodweb request handler");
+        if (req.contains("characterName")) this->_lastBloodWebChar = req["characterName"];
    }
 }
@@ -5,8 +5,17 @@
 #include <unordered_set>
 #include <string>

+#include <mutex>
+
 #include <nlohmann/json_fwd.hpp>

+struct SpooferConfig
+{
+        bool spoofCharacterOwnership = false;
+        bool spoofInventory = false;
+        bool spoofCustomization = false;
+};
+
 class Spoofer
 {
    public:
@@ -15,15 +24,29 @@ class Spoofer
    private:
        void registerListeners(Proxy* proxy);
        void loadData();
+        void loadConfig();

-        void parseCatalog(std::string data);
+        bool parseCatalog(std::string data);
+        bool parseStackable(std::string data, std::unordered_set<std::string>& camperSet,
+                            std::unordered_set<std::string>& slasherSet);

-        void parseAndDumpCatalog(std::string& data);
+        std::string getRandomItem();
+        int getRandomQuantity();
+
+        void generateBloodweb(nlohmann::json& data);
        void modifyCharacterData(nlohmann::json& js);

+        void onGetCatalogItems(std::string& body);
+        void onGetAll(std::string& body);
+        void onInventoryAll(std::string& body);
+        void onMessageList(std::string& body);
+        void onBloodweb(std::string& body, std::string& respHeaders);
+
        void serverResponseHandler(const std::string& url, std::string& body, std::string& respHeaders);
        void clientRequestHandler(std::string& url, const std::string& body, std::string& reqHeaders);

+        SpooferConfig _config;
+
        std::unordered_set<std::string> _camperItemIds;
        std::unordered_set<std::string> _slasherPowerIds;

@@ -33,11 +56,14 @@ class Spoofer
        std::unordered_set<std::string> _camperAddonIds;
        std::unordered_set<std::string> _slasherAddonIds;

-        std::unordered_set<std::string> _slasherPerkIds;
        std::unordered_set<std::string> _camperPerkIds;
+        std::unordered_set<std::string> _slasherPerkIds;

        std::unordered_set<std::string> _catalogOutfitIds;
        std::unordered_set<std::string> _catalogItemIds;

-        std::string _lastBloodWebChar = "Ace";
+        std::unordered_set<std::string> _unownedCharacters;
+
+        std::string _lastBloodWebChar = "";
+        std::mutex _mtx;
 };
@@ -0,0 +1,232 @@
+#include "ssl.h"
+#include "utils.h"
+
+#include <nerutils/log.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/ssl.h>
+
+#include <random>
+#include <cstdlib>
+#include <ctime>
+#include <cstring>
+
+#include <wincrypt.h>
+#include <processthreadsapi.h>
+
+template <typename T, void (*f)(T*)> struct Deleter
+{
+        void operator()(T* p) const { f(p); }
+};
+
+using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, Deleter<EVP_PKEY, EVP_PKEY_free>>;
+using X509_ptr = std::unique_ptr<X509, Deleter<X509, X509_free>>;
+using SSL_CTX_ptr = std::unique_ptr<SSL_CTX, Deleter<SSL_CTX, SSL_CTX_free>>;
+using BIO_ptr = std::unique_ptr<BIO, Deleter<BIO, BIO_vfree>>;
+
+CertManager::CertManager() : _caPkey(nullptr), _caCert(nullptr), _sessionPkey(nullptr) {}
+
+CertManager::~CertManager()
+{
+    if (_caPkey) EVP_PKEY_free(_caPkey);
+    if (_caCert) X509_free(_caCert);
+    if (_sessionPkey) EVP_PKEY_free(_sessionPkey);
+
+    for (auto& pair : _hostContexts)
+        SSL_CTX_free(pair.second);
+}
+
+bool CertManager::init()
+{
+    EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr);
+    if (!pctx) return false;
+
+    EVP_PKEY_keygen_init(pctx);
+    EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048);
+
+    EVP_PKEY* rawPkey = nullptr;
+    if (EVP_PKEY_keygen(pctx, &rawPkey) <= 0)
+    {
+        Log::error("Failed to generate session key");
+        EVP_PKEY_CTX_free(pctx);
+        return false;
+    }
+    _sessionPkey = rawPkey;
+    EVP_PKEY_CTX_free(pctx);
+
+    if (loadCA())
+    {
+        Log::verbose("Loaded existing CA certificate");
+        return true;
+    }
+
+    Log::verbose("No CA found, generating");
+    return generateCA();
+}
+
+bool CertManager::loadCA()
+{
+    std::string path = utils::getExePath();
+
+    BIO_ptr keyBio(BIO_new_file((path + "/key.pem").c_str(), "r"));
+    if (!keyBio) return false;
+    _caPkey = PEM_read_bio_PrivateKey(keyBio.get(), nullptr, nullptr, nullptr);
+
+    BIO_ptr certBio(BIO_new_file((path + "/cert.pem").c_str(), "r"));
+    if (!certBio) return false;
+    _caCert = PEM_read_bio_X509(certBio.get(), nullptr, nullptr, nullptr);
+
+    return (_caPkey && _caCert);
+}
+
+void CertManager::installCert(X509* cert)
+{
+    if (!cert) return;
+
+    /*
+        X509 to DER
+    */
+    int derLen = i2d_X509(cert, nullptr);
+    if (derLen < 0) return;
+
+    unsigned char* derBuf = new unsigned char[derLen];
+    unsigned char* p = derBuf;
+    i2d_X509(cert, &p);
+
+    PCCERT_CONTEXT certCtx = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, derBuf, derLen);
+    if (certCtx)
+    {
+        HCERTSTORE rootStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root");
+        if (rootStore)
+        {
+            BOOL success = CertAddCertificateContextToStore(rootStore, certCtx, CERT_STORE_ADD_REPLACE_EXISTING, NULL);
+
+            if (success)
+                Log::info("CA certificate installed");
+            else
+                Log::error("Failed to install CA certificate");
+
+            CertCloseStore(rootStore, 0);
+        }
+        CertFreeCertificateContext(certCtx);
+    }
+
+    delete[] derBuf;
+}
+
+bool CertManager::generateCA()
+{
+    std::random_device rd;
+    std::mt19937 gen(rd());
+
+    /*
+        key
+    */
+    EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr);
+    EVP_PKEY_keygen_init(pctx);
+    EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048);
+    EVP_PKEY* rawCaKey = nullptr;
+    EVP_PKEY_keygen(pctx, &rawCaKey);
+    _caPkey = rawCaKey;
+    EVP_PKEY_CTX_free(pctx);
+
+    /*
+        cert
+    */
+    X509_ptr cert(X509_new());
+    X509_set_version(cert.get(), 2);
+    ASN1_INTEGER_set(X509_get_serialNumber(cert.get()), 1);
+    X509_gmtime_adj(X509_get_notBefore(cert.get()), 0);
+    X509_gmtime_adj(X509_get_notAfter(cert.get()), 31536000L); // 1 year
+
+    X509_NAME* subjName = X509_get_subject_name(cert.get());
+    std::string randomCN = utils::randomizeString(16);
+    X509_NAME_add_entry_by_txt(subjName, "CN", MBSTRING_ASC, (unsigned char*)randomCN.c_str(), -1, -1, 0);
+    X509_set_issuer_name(cert.get(), subjName);
+    X509_set_pubkey(cert.get(), _caPkey);
+
+    /*
+        CA constraints
+    */
+    X509V3_CTX v3ctx;
+    X509V3_set_ctx(&v3ctx, cert.get(), cert.get(), nullptr, nullptr, 0);
+    X509_EXTENSION* ext = X509V3_EXT_conf_nid(nullptr, &v3ctx, NID_basic_constraints, "critical,CA:TRUE");
+    X509_add_ext(cert.get(), ext, -1);
+    X509_EXTENSION_free(ext);
+
+    if (X509_sign(cert.get(), _caPkey, EVP_sha256()) <= 0) return false;
+
+    /*
+        out   
+    */
+    std::string path = utils::getExePath();
+    BIO_ptr kOut(BIO_new_file((path + "/key.pem").c_str(), "w"));
+    PEM_write_bio_PrivateKey(kOut.get(), _caPkey, nullptr, nullptr, 0, nullptr, nullptr);
+
+    BIO_ptr cOut(BIO_new_file((path + "/cert.pem").c_str(), "w"));
+    PEM_write_bio_X509(cOut.get(), cert.get());
+
+    /*
+        install and release
+    */
+    installCert(cert.get());
+
+    _caCert = cert.release();
+
+    return true;
+}
+
+SSL_CTX* CertManager::createHostContext(const std::string& host)
+{
+    std::lock_guard<std::mutex> lock(_mutex);
+    if (_hostContexts.count(host)) return _hostContexts[host];
+
+    /*
+        cert base
+    */
+    X509_ptr cert(X509_new());
+    X509_set_version(cert.get(), 2);
+
+    ASN1_INTEGER_set(X509_get_serialNumber(cert.get()), static_cast<long>(std::hash<std::string>{}(host) & 0x7FFFFFFF));
+
+    X509_gmtime_adj(X509_get_notBefore(cert.get()), 0);
+    X509_gmtime_adj(X509_get_notAfter(cert.get()), 31536000L);
+
+    X509_NAME* subjName = X509_get_subject_name(cert.get());
+    X509_NAME_add_entry_by_txt(subjName, "CN", MBSTRING_ASC, (unsigned char*)host.c_str(), -1, -1, 0);
+    X509_set_issuer_name(cert.get(), X509_get_subject_name(_caCert));
+    X509_set_pubkey(cert.get(), _sessionPkey);
+
+    /*
+        SAN
+    */
+    X509V3_CTX v3ctx;
+    X509V3_set_ctx(&v3ctx, _caCert, cert.get(), nullptr, nullptr, 0);
+    std::string altName = "DNS:" + host;
+    X509_EXTENSION* ext = X509V3_EXT_conf_nid(nullptr, &v3ctx, NID_subject_alt_name, altName.c_str());
+    X509_add_ext(cert.get(), ext, -1);
+    X509_EXTENSION_free(ext);
+
+    /*
+        sign & ctx load
+    */
+    if (X509_sign(cert.get(), _caPkey, EVP_sha256()) <= 0) return nullptr;
+
+    SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
+    if (!ctx) return nullptr;
+
+    if (SSL_CTX_use_certificate(ctx, cert.get()) <= 0 || SSL_CTX_use_PrivateKey(ctx, _sessionPkey) <= 0)
+    {
+        SSL_CTX_free(ctx);
+        return nullptr;
+    }
+
+    _hostContexts[host] = ctx;
+    return ctx;
+}
@@ -3,7 +3,16 @@
 #include <string>
 #include <unordered_map>
 #include <mutex>
-#include <openssl/ssl.h>
+
+struct x509_st;
+struct ssl_st;
+struct ssl_ctx_st;
+struct evp_pkey_st;
+
+typedef struct x509_st X509;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+typedef struct evp_pkey_st EVP_PKEY;

 class CertManager
 {
@@ -11,12 +20,14 @@ class CertManager
        CertManager();
        ~CertManager();

-        bool Init();
-        SSL_CTX* CreateHostContext(const std::string& host);
+        bool init();
+        SSL_CTX* createHostContext(const std::string& host);

    private:
-        bool GenerateCA();
-        bool LoadCA();
+        bool generateCA();
+        bool loadCA();
+
+        void installCert(X509* cert);

        EVP_PKEY* _caPkey = nullptr;
        X509* _caCert = nullptr;
@@ -0,0 +1,24 @@
+#include "utils.h"
+
+#include <minwindef.h>
+#include <libloaderapi.h>
+
+std::string utils::getExePath()
+{
+    char buffer[MAX_PATH];
+    GetModuleFileNameA(NULL, buffer, MAX_PATH);
+    std::string path(buffer);
+    size_t pos = path.find_last_of("\\/");
+    if (pos != std::string::npos) return path.substr(0, pos + 1);
+    return "";
+}
+
+std::string utils::randomizeString(size_t length)
+{
+    const char charset[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+    std::string result;
+    result.resize(length);
+    for (size_t i = 0; i < length; ++i)
+        result[i] = charset[rand() % (sizeof(charset) - 1)];
+    return result;
+}
@@ -0,0 +1,9 @@
+#pragma once
+
+#include <string>
+
+namespace utils
+{
+    std::string getExePath();
+    std::string randomizeString(size_t length);
+} // namespace utils
Author	SHA1	Message	Date
neru	4a71bc6f1b	fix: variable name Build / build (push) Failing after 2m47s Details	2026-04-11 13:42:03 -03:00
neru	cfd52b8e05	feat: use random str for CA	2026-04-11 13:41:55 -03:00
neru	b2ca193aa4	fix: pass 0 instead of NULL	2026-04-11 13:41:33 -03:00
neru	491daebf06	fix: use definition order on initializer list	2026-04-11 13:41:18 -03:00
neru	9799c2babe	feat: set rnd seed on start	2026-04-11 13:38:51 -03:00
neru	27b8a0e497	style: run clang-format Build / build (push) Failing after 2m51s Details	2026-04-11 13:08:25 -03:00
neru	3f9409b8c6	style: variable naming	2026-04-11 13:07:45 -03:00
neru	1fdc7450cd	fix: reimplement setProxy logic	2026-04-11 13:06:47 -03:00
neru	75338b10ff	fix: increase thread count	2026-04-11 12:59:24 -03:00
neru	5e8f059c49	feat: add whitelist	2026-04-11 12:59:17 -03:00
neru	11a9447e05	fix: chunk logic	2026-04-11 12:53:06 -03:00
neru	911c4d199a	fix: SSL deadlock	2026-04-11 12:45:20 -03:00
neru	167e5ee696	fix: restore settings before shutting down proxy	2026-04-11 12:43:47 -03:00
neru	7e6797b6c7	fix: restore lock guard	2026-04-11 12:42:56 -03:00
neru	c8b3104b4b	fix: break on tunnelmode	2026-04-11 12:41:00 -03:00
neru	785d4a3ff2	feat: get status code from HttpStream and process	2026-04-11 12:40:55 -03:00
neru	c09ce8b02a	fix: move thread count to preprocessor var	2026-04-11 12:40:21 -03:00
neru	0af818fc0f	fix: remove useless mutex	2026-04-11 12:36:00 -03:00
neru	6e62bcb1dc	feat: add idle timeout	2026-04-11 12:35:00 -03:00
neru	1a05ef2742	feat: simplify removeHeader	2026-04-11 12:27:40 -03:00
neru	642c1c80fa	feat: add thread pools	2026-04-11 12:21:59 -03:00
neru	32525c1566	fix: header matching issues	2026-04-11 12:21:43 -03:00
neru	75171b4557	fix: SSL / TLS handshake trap	2026-04-11 12:21:15 -03:00
neru	fe71decd38	fix: drop invalid chunk sizes	2026-04-11 12:19:48 -03:00
neru	acfdf7b3ef	fix: update casing to reflect proxy refactor changes	2026-04-11 12:17:45 -03:00
neru	e8d387e520	feat: add randomizeString	2026-04-11 12:12:54 -03:00
neru	03a1841b8e	feat: refactor proxy	2026-04-11 12:12:49 -03:00
neru	e61c20bb5a	feat: rewrite CertManager	2026-04-11 11:38:36 -03:00
neru	105f8b6df0	fix: remove unneeded ssl include, rename for future changes	2026-04-11 11:13:18 -03:00
neru	0300ced79c	feat: add config	2026-04-11 10:41:45 -03:00
neru	83ac8615ba	style: remove non-working hotfix comment	2026-04-09 23:49:11 -03:00
neru	697bff9752	chore: make more logs dbg only Build / build (push) Successful in 3m26s Details	2026-04-09 23:27:08 -03:00
neru	0fa2e0540b	feat: add getCatalogItems listener Build / build (push) Successful in 3m32s Details	2026-04-09 23:23:10 -03:00
neru	a1a123054f	feat: move dumping to separate thread	2026-04-09 23:16:12 -03:00
neru	76d581c419	feat: add message spoofing	2026-04-09 23:12:12 -03:00
neru	4f91ab9cff	fix: prevent log spam on rel builds	2026-04-09 23:11:55 -03:00
neru	e6111f8dbd	feat: add message spoofing	2026-04-09 23:11:44 -03:00
neru	7ec6e385a0	feat: add runtime catalog dumping	2026-04-09 23:11:31 -03:00
neru	7427357bc5	fix: dangling else Build / build (push) Successful in 3m12s Details	2026-04-09 06:45:58 -03:00
neru	6b63d54eb8	build: modify tags, keep commits of failed runs Build / build (push) Failing after 2m45s Details	2026-04-09 06:41:13 -03:00
neru	a3df782245	feat: add getExePath	2026-04-09 06:40:34 -03:00
neru	d4650aac84	feat: completely refactor dumper again Build / build (push) Has been cancelled Details	2026-04-09 06:38:08 -03:00
neru	73b1c95257	chore: update items to reflect dumper changes	2026-04-09 06:37:59 -03:00
neru	93fe999249	feat: change items dump format	2026-04-09 06:37:53 -03:00
neru	393a591485	style: misc changes	2026-04-09 03:18:16 -03:00
neru	2b8cbafa19	feat: skip string scans for non bhvrdbd urls	2026-04-08 04:10:53 -03:00
neru	623542046a	feat: add fun fact Build / build (push) Successful in 3m19s Details	2026-04-07 19:43:20 -03:00
neru	90a6ab1ba8	fix: size_t to int casting Build / build (push) Successful in 3m13s Details	2026-04-07 02:47:24 -03:00
neru	2c795a335f	fix: typos Build / build (push) Failing after 2m39s Details	2026-04-07 01:39:29 -03:00
neru	015a13eb86	fix: double assignment	2026-04-07 01:39:08 -03:00
neru	b0524c0589	style: run clang-format	2026-04-07 01:37:09 -03:00
neru	abd3c18040	style: remove leftover stuff	2026-04-07 01:34:29 -03:00
neru	afb4a9c157	feat: give random item per req	2026-04-07 01:33:02 -03:00
neru	9c83499f0f	feat: spoof bloodweb items	2026-04-07 01:28:03 -03:00
neru	cd6d8df243	style: formatting	2026-04-07 01:04:20 -03:00
neru	64ded73f89	fix: spoof level on modifyCharacter to handle all requests	2026-04-07 01:04:15 -03:00
neru	022c67cab9	fix: initialize set only when used	2026-04-07 01:04:01 -03:00
neru	cc07cd139c	fix: leftover debug string	2026-04-07 01:03:43 -03:00
neru	490feb1be7	fix: killer detection logic	2026-04-07 01:03:19 -03:00
neru	b5a8477ba2	fix: nurse not detected	2026-04-07 00:43:49 -03:00
neru	e933515e45	fix: typo Build / build (push) Successful in 3m10s Details	2026-04-06 21:54:57 -03:00
neru	ff7284dfbf	fix: update dumper to use xbox game	2026-04-06 21:54:52 -03:00
neru	7a710f2e17	feat: update catalog	2026-04-06 21:54:11 -03:00
neru	b36d47a8fb	chore: update file names to reflect platform	2026-04-06 21:51:49 -03:00
neru	6e2c709426	chore: add mappings Build / build (push) Has been cancelled Details	2026-04-06 21:50:08 -03:00