public ushort[] GetIndexBuffer(Topology requestedTopology = Topology.TriangleList)
{
CheckValidity();
if (requestedTopology != Topology.TriangleList &&
requestedTopology != Topology.TriangleStrip)
{
throw new Exception("Only requestable topologies are tri strip and tri list!");
}
if (Topology != Topology.TriangleList &&
Topology != Topology.TriangleStrip)
{
return(new ushort[0]);
}
if (Topology == Topology.TriangleList &&
requestedTopology == Topology.TriangleStrip)
{
throw new Exception("Cant convert triangle strip to list yet!");
}
ushort[] indices = MemUtils.IntPtrToArray <ushort>(IndexBufferPtr, NumIndices);
if (requestedTopology == Topology)
{
return(indices);
}
else
{
return(ToTriList(indices));
}
}
public uint[] GetBoneCRCs()
{
CheckValidity();
IntPtr crcs = APIWrapper.AnimationBank_GetBoneCRCs(NativeInstance, out int numAnims);
return(MemUtils.IntPtrToArray <uint>(crcs, numAnims));
}
unsafe void MapSet(int width, int length, byte *ptr, int yStart, int yEnd, byte block)
{
int startIndex = yStart * length * width;
int endIndex = (yEnd * length + (length - 1)) * width + (width - 1);
MemUtils.memset((IntPtr)ptr, block, startIndex, endIndex - startIndex + 1);
}
/// <summary>
/// Parses a module from memory
/// </summary>
/// <param name="baseAddress">The address of the module to be parsed</param>
/// <param name="length">The size of the module to be parsed</param>
/// <param name="memUtils">MemUtils-instance that is used to dump the module</param>
/// <returns></returns>
public static PEInfo FromMemory(IntPtr baseAddress, int length, MemUtils memUtils)
{
var data = new byte[length];
memUtils.Read(baseAddress, out data, length);
return(new PEInfo(data));
}
public Field[] GetFields(uint hash = 0)
{
CheckValidity();
IntPtr fields = APIWrapper.ConfigScope_GetFields(NativeInstance, hash, true, out uint count);
return(RegisterChildren(MemUtils.IntPtrToWrapperArray <Field>(fields, (int)count)));
}
public int GetClassID(MemUtils memUtils)
{
int clientClass = GetClientClass(memUtils);
if (clientClass != -1)
return memUtils.Read<int>((IntPtr)(clientClass + 20));
return clientClass;
}
public void SetData(int level, LockFlags flags, IntPtr data, int bytes)
{
LockedRectangle rect = LockRectangle(level, flags);
MemUtils.memcpy(data, rect.DataPointer, bytes);
UnlockRectangle(level);
}
public Player(int id)
{
Id = id;
Entity = GetEntity(id);
Health = GetHealth();
//Armor = GetArmor();
Team = GetTeam();
Position = GetPosition();
IsValid = CheckForDormant() && Team != Team.None && Team != Team.Spectator;
Name = GetName();
Name = System.Text.RegularExpressions.Regex.Replace(Name, @"\s+", "");
if (LittleOverlay.LocalPlayer != null)
{
IsAlly = Team == LittleOverlay.LocalPlayer.Team;
}
Printer.PrintInfo($"NewPlayer ({Id}) [{Name}] {Entity} {Health} {Team} {MemUtils.ReadByte((IntPtr)(Entity + Signatures.m_bDormant))}");
var counter = 0;
foreach (var c in Name)
{
if (c.Equals(' '))
{
Printer.PrintInfo($"Emplty#{counter}");
}
counter++;
}
}
public static unsafe void ReadBytes(this BinaryReader reader, void *destination, long destinationSizeInBytes, long bytesToRead, ref byte[] work)
{
Contracts.AssertValue(reader);
Contracts.Assert(bytesToRead >= 0);
Contracts.Assert(destinationSizeInBytes >= bytesToRead);
Contracts.Assert(destination != null);
Contracts.AssertValueOrNull(work);
// Size our read buffer to 70KB to stay off the LOH.
const int blockSize = 70 * 1024;
int desiredWorkSize = (int)Math.Min(blockSize, bytesToRead);
EnsureSize(ref work, desiredWorkSize);
fixed(void *src = work)
{
long offset = 0;
while (offset < bytesToRead)
{
int toRead = (int)Math.Min(bytesToRead - offset, blockSize);
int read = reader.Read(work, 0, toRead);
Contracts.CheckDecode(read == toRead);
MemUtils.MemoryCopy(src, (byte *)destination + offset, destinationSizeInBytes - offset, read);
offset += read;
}
Contracts.Assert(offset == bytesToRead);
}
}
public static void ScanOffsets(MemUtils memUtils,ProcessModule client,ProcessModule engine)
{
clientDll = client;
engineDll = engine;
clientDllBase = clientDll.BaseAddress.ToInt32();
engineDllBase = engineDll.BaseAddress.ToInt32();
EntityOff(memUtils);
LocalPlayer(memUtils);
Jump(memUtils);
GameResources(memUtils);
ClientState(memUtils);
SetViewAngles(memUtils);
SignOnState(memUtils);
GlowManager(memUtils);
WeaponTable(memUtils);
EntityID(memUtils);
EntityHealth(memUtils);
EntityVecOrigin(memUtils);
PlayerTeamNum(memUtils);
PlayerBoneMatrix(memUtils);
PlayerWeaponHandle(memUtils);
vMatrix(memUtils);
clientDll = null;
engineDll = null;
clientDllBase = 0;
engineDllBase = 0;
}
private int GetWeapon(int entity)
{
var a = MemUtils.ReadInt32((IntPtr)(entity + Netvars.m_hActiveWeapon)) & 0xFFF;
var b = MemUtils.ReadInt32(LittleOverlay.Client + Signatures.dwEntityList + (a - 1) * 0x10);
return(b);
}
public void SetData(IntPtr data, int bytes, LockFlags flags)
{
IntPtr dst = Lock(0, bytes, flags);
MemUtils.memcpy(data, dst, bytes);
Unlock();
}
public override void Update()
{
Entity = MemUtils.ReadInt32(LittleOverlay.Client + Signatures.dwLocalPlayer);
if (Entity == 0)
{
return;
}
Health = GetHealth();
//Armor = GetArmor();
Team = GetTeam();
Position = GetPosition();
ViewMatrix = GetViewMatrix();
ViewAngles = GetViewAngles();
IsAlive = CheckForAlive();
if (!Program.IsTriggerBot)
{
return;
}
var id = GetEnemyInCross();
var target = LittleOverlay.Players.Find(x => x.Entity.Equals(id));
if (target != null && target.Team != Team)
{
PlayerInCrosshair = target;
}
else
{
PlayerInCrosshair = null;
}
}
public static void ScanOffsets(MemUtils memUtils, ProcessModule client, ProcessModule engine)
{
clientDll = client;
engineDll = engine;
clientDllBase = clientDll.BaseAddress.ToInt32();
engineDllBase = engineDll.BaseAddress.ToInt32();
EntityOff(memUtils);
LocalPlayer(memUtils);
Jump(memUtils);
GameResources(memUtils);
ClientState(memUtils);
SetViewAngles(memUtils);
SignOnState(memUtils);
GlowManager(memUtils);
WeaponTable(memUtils);
EntityID(memUtils);
EntityHealth(memUtils);
EntityVecOrigin(memUtils);
PlayerTeamNum(memUtils);
PlayerBoneMatrix(memUtils);
PlayerWeaponHandle(memUtils);
vMatrix(memUtils);
clientDll = null;
engineDll = null;
clientDllBase = 0;
engineDllBase = 0;
}
public string GetName()
{
var radarAddress = MemUtils.ReadInt32(LittleOverlay.Client + Signatures.dwRadarBase);
radarAddress = MemUtils.ReadInt32((IntPtr)(radarAddress + 0x74));
return(MemUtils.ReadString((IntPtr)(radarAddress + 0x168 * (Id + 1) + 0x180), 32,
Encoding.ASCII));
}
public byte[] GetBytesRGBA()
{
CheckValidity();
int length = Width * Height * 4;
return(IsConvertibleFormat ? MemUtils.IntPtrToArray <byte>(NativeRawImageData, length) : new byte[length]);
}
public void CopyFrom(BattleNet.DllPartyEvent partyEvent)
{
this.eventName = MemUtils.StringFromUtf8Ptr(partyEvent.eventName);
this.eventData = MemUtils.StringFromUtf8Ptr(partyEvent.eventData);
this.partyId = partyEvent.partyId;
this.otherMemberId = partyEvent.otherMemberId;
this.errorInfo = BnetErrorInfo.CreateFromDll(partyEvent.errorInfo);
}
public void SetData <T>(T[] data, int bytes, LockFlags flags) where T : struct
{
IntPtr src = Interop.Fixed(ref data[0]);
IntPtr dst = Lock(0, bytes, flags);
MemUtils.memcpy(src, dst, bytes);
Unlock();
}
/// <summary>
/// will return all encounters. will also recursively search base classes, if existent
/// </summary>
public bool GetProperty(string propName, out string[] propValues)
{
CheckValidity();
if (APIWrapper.Instance_GetPropertiesFromName(NativeInstance, propName, out IntPtr res, out uint count))
{
propValues = MemUtils.IntPtrToStringList(res, (int)count).ToArray();
return(true);
}
public int GetClientClass(MemUtils memUtils)
{
uint function = memUtils.Read<uint>((IntPtr)(m_iVirtualTable + 2 * 0x04));
if (function != 0xFFFFFFFF)
return memUtils.Read<int>((IntPtr)(function + 0x01));
else
return -1;
}
public CSGOWeapon GetActiveWeapon(MemUtils memUtils)
{
if (this.m_hActiveWeapon == 0xFFFFFFFF)
return new CSGOWeapon() { m_iItemDefinitionIndex = 0, m_iWeaponID = 0 };
uint handle = this.m_hActiveWeapon & 0xFFF;
int weapAddress = 0;// Program.entityAddresses[handle - 1];
return memUtils.Read<CSGOWeapon>((IntPtr)weapAddress);
}
static void ClientState(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0xC2, 0x00, 0x00, 0xCC, 0xCC, 0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x83, 0xB9 }, "x??xxxx????xxxx", engineDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.ClientState.Base = tmp - engineDllBase;
}
}
static void WeaponTable(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0xA1, 0x00, 0x00, 0x00, 0x00, 0x0F, 0xB7, 0xC9, 0x03, 0xC9, 0x8B, 0x44, 0x00, 0x0C, 0xC3 }, "x????xxxxxxx?xx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 1));
CSGOOffsets.Misc.WeaponTable = tmp - clientDllBase;
}
}
static void SetViewAngles(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8B, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x4D, 0x08, 0x8B, 0x82, 0x00, 0x00, 0x00, 0x00, 0x89, 0x01, 0x8B, 0x82, 0x00, 0x00, 0x00, 0x00, 0x89, 0x41, 0x04 }, "xx????xxxxx????xxxx????xxx", engineDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 11));
CSGOOffsets.ClientState.m_dwViewAngles = tmp;
}
}
static void GlowManager(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8D, 0x8F, 0x00, 0x00, 0x00, 0x00, 0xA1, 0x00, 0x00, 0x00, 0x00, 0xC7, 0x04, 0x02, 0x00, 0x00, 0x00, 0x00, 0x89, 0x35, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x51 }, "xx????x????xxx????xx????xx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.Misc.GlowManager = tmp - clientDllBase;
}
}
static void Jump(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x89, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x15, 0x00, 0x00, 0x00, 0x00, 0xF6, 0xC2, 0x03, 0x74, 0x03, 0x83, 0xCE, 0x08, 0xA8, 0x08, 0xBF }, "xx????xx????xxxxxxxxxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 2));
CSGOOffsets.Misc.Jump = tmp - clientDllBase;
}
}
public int GetClassId()
{
var one = MemUtils.ReadInt32((IntPtr)(Entity + 8));
var two = MemUtils.ReadInt32((IntPtr)(one + 2 * 4));
var three = MemUtils.ReadInt32((IntPtr)(two + 1));
var classId = MemUtils.ReadInt32((IntPtr)(three + 20));
return(classId);
}
static void ClientState(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0xC2, 0x00, 0x00, 0xCC, 0xCC, 0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x83, 0xB9 }, "x??xxxx????xxxx", engineDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.ClientState.Base = tmp - engineDllBase;
}
}
protected override DllInjectionResult PerformInjection(System.Diagnostics.Process proc, string dllPath)
{
this.DllPath = dllPath;
ProcUtils = new ProcUtils(proc, WinAPI.ProcessAccessFlags.CreateThread | WinAPI.ProcessAccessFlags.VirtualMemoryOperation | WinAPI.ProcessAccessFlags.VirtualMemoryRead | WinAPI.ProcessAccessFlags.VirtualMemoryWrite | WinAPI.ProcessAccessFlags.QueryInformation);
MemUtils = new MemUtils();
MemUtils.Handle = ProcUtils.Handle;
MemUtils.UseUnsafeReadWrite = true;
if (ProcUtils.Handle == IntPtr.Zero)
{
return(new DllInjectionResult("Could not open process", new Win32Exception(Marshal.GetLastWin32Error())));
}
IntPtr lpLLAddress = WinAPI.GetProcAddress(WinAPI.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
if (lpLLAddress == IntPtr.Zero)
{
return(new DllInjectionResult("Could not find address of LoadLibraryA", new Win32Exception(Marshal.GetLastWin32Error())));
}
IntPtr lpAddress = WinAPI.VirtualAllocEx(ProcUtils.Handle, (IntPtr)null, (IntPtr)dllPath.Length, (uint)WinAPI.AllocationType.Commit | (uint)WinAPI.AllocationType.Reserve, (uint)WinAPI.MemoryProtection.ExecuteReadWrite);
if (lpAddress == IntPtr.Zero)
{
return(new DllInjectionResult("Could not allocate memory for dllPath", new Win32Exception(Marshal.GetLastWin32Error())));
}
byte[] bytes = Encoding.ASCII.GetBytes(dllPath);
try
{
MemUtils.WriteString(lpAddress, dllPath, Encoding.ASCII);
}
catch (Exception ex)
{
return(new DllInjectionResult("Failed to write dllPath to memory", ex));
}
RemoteThreadResult result = this.ExecuteRemoteThread(lpLLAddress, lpAddress);
if (!result.Success)
{
return(new DllInjectionResult(result.ErrorMessage));
}
hModule = (IntPtr)result.ReturnValue;
if (hModule == IntPtr.Zero)
{
return(new DllInjectionResult("The base-address of the injected module is zero"));
}
return(new DllInjectionResult(true));
}
public string GetName(MemUtils memUtils)
{
int clientClass = GetClientClass(memUtils);
if (clientClass != -1)
{
int ptr = memUtils.Read<int>((IntPtr)(GetClassID(memUtils) + 8));
return memUtils.ReadString((IntPtr)(ptr + 8), 32, Encoding.ASCII);
}
return "none";
}
static void EntityOff(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x05, 0x00, 0x00, 0x00, 0x00, 0xC1, 0xe9, 0x00, 0x39, 0x48, 0x04 }, "x????xx?xxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 1));
byte tmp2 = memUtils.Read <byte>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.Misc.EntityList = tmp + tmp2 - clientDllBase;
}
}
static void LocalPlayer(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8D, 0x34, 0x85, 0x00, 0x00, 0x00, 0x00, 0x89, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x41, 0x08, 0x8B, 0x48 }, "xxx????xx????xxxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 3));
byte tmp2 = memUtils.Read <byte>((IntPtr)(scan.Address.ToInt32() + 18));
CSGOOffsets.Misc.LocalPlayer = tmp + tmp2 - clientDllBase;
}
}
public Config[] GetConfigs(ConfigType cfgType)
{
CheckValidity();
IntPtr ptr = APIWrapper.Level_GetConfigs(NativeInstance, (uint)cfgType, out int count);
if (ptr == IntPtr.Zero)
{
return(new Config[0]);
}
return(RegisterChildren(MemUtils.IntPtrToWrapperArray <Config>(ptr, count)));
}
static void PlayerWeaponHandle(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x0F, 0x45, 0xF7, 0x5F, 0x8B, 0x8E, 0x00, 0x00, 0x00, 0x00, 0x5E, 0x83, 0xF9, 0xFF },
"xxxxxx????xxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read <int>((IntPtr)(scan.Address.ToInt32() + 6));
CSGOOffsets.NetVars.C_CSPlayer.m_hActiveWeapon = tmp;
}
}
/// <summary>
/// Initializes a new PEInfo using the given data
/// </summary>
/// <param name="data">Byte-array containing the content of the module to parse</param>
public PEInfo(byte[] data)
{
var memUtils = new MemUtils();
DOSHeader = memUtils.BytesToT<DOSHeader>(data);
COFFHeaderAddress = DOSHeader.e_lfanew + 4;
COFFHeader = memUtils.BytesToT<COFFHeader>(data, COFFHeaderAddress);
PEOptHeaderAddress = COFFHeaderAddress + Marshal.SizeOf(typeof (COFFHeader));
PEOptHeader = memUtils.BytesToT<PEOptHeader>(data, PEOptHeaderAddress);
}
static void EntityID(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x74, 0x72, 0x80, 0x79, 0x00, 0x00, 0x8B, 0x56, 0x00, 0x89, 0x55, 0x00, 0x74, 0x17 },
"xxxx??xx?xx?xx", clientDll);
if (scan.Success)
{
byte tmp = memUtils.Read<byte>((IntPtr)(scan.Address.ToInt32() + 8));
CSGOOffsets.NetVars.C_BaseEntity.m_iID = tmp;
}
}
internal static void InstallHook()
{
HookedInstance = HookedVirtualAlloc;
OriginalInstance = Marshal.GetDelegateForFunctionPointer <VirtualAllocDelegate>(MemUtils.GetFunctionAddress("Kernel32.dll", "VirtualAlloc"));
pDetour = new Detour(MemUtils.GetFunctionAddress("Kernel32.dll", "VirtualAlloc"), Marshal.GetFunctionPointerForDelegate(HookedInstance));
pDetour.Install();
Console.WriteLine("Installed VirtualAlloc Hook");
}
static void EntityHealth(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x8B, 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B, 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B, 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B, 0x4F, 0x00, 0x83, 0xB9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7F, 0x2E },
"xx?xx?xx?xx?xx?xx?xx?xx????xxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 23));
CSGOOffsets.NetVars.C_BaseEntity.m_iHealth = tmp;
}
}
internal static void InstallHook()
{
HookedInstance = HookedCreateThread;
OriginalInstance = Marshal.GetDelegateForFunctionPointer <CreateThreadDelegate>(MemUtils.GetFunctionAddress("Kernel32.dll", "CreateThread"));
pDetour = new Detour(MemUtils.GetFunctionAddress("Kernel32.dll", "CreateThread"), Marshal.GetFunctionPointerForDelegate(HookedInstance));
pDetour.Install();
Console.WriteLine("Installed CreateThread Hook");
}
/// <summary>
/// Initializes a new PEInfo using the given baseaddress of a module
/// </summary>
/// <param name="baseAddress"></param>
/// <param name="memUtils">Instance of MemUtils to use in order to read data</param>
public PEInfo(IntPtr baseAddress, MemUtils memUtils)
{
MemUtils = memUtils;
DOSHeader = MemUtils.Read<DOSHeader>(baseAddress);
COFFHeaderAddress = new IntPtr(baseAddress.ToInt64() + DOSHeader.e_lfanew + 4);
COFFHeader = MemUtils.Read<COFFHeader>(COFFHeaderAddress);
PEOptHeaderAddress = new IntPtr(COFFHeaderAddress.ToInt64() + Marshal.SizeOf(typeof(COFFHeader)));
PEOptHeader = MemUtils.Read<PEOptHeader>(PEOptHeaderAddress);
}
protected override DllInjectionResult PerformInjection(System.Diagnostics.Process proc, string dllPath)
{
this.DllPath = dllPath;
ProcUtils = new ProcUtils(proc, WinAPI.ProcessAccessFlags.CreateThread | WinAPI.ProcessAccessFlags.VirtualMemoryOperation | WinAPI.ProcessAccessFlags.VirtualMemoryRead | WinAPI.ProcessAccessFlags.VirtualMemoryWrite | WinAPI.ProcessAccessFlags.QueryInformation);
MemUtils = new MemUtils();
MemUtils.Handle = ProcUtils.Handle;
MemUtils.UseUnsafeReadWrite = true;
if (ProcUtils.Handle == IntPtr.Zero)
{
return new DllInjectionResult("Could not open process", new Win32Exception(Marshal.GetLastWin32Error()));
}
IntPtr lpLLAddress = WinAPI.GetProcAddress(WinAPI.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
if (lpLLAddress == IntPtr.Zero)
{
return new DllInjectionResult("Could not find address of LoadLibraryA", new Win32Exception(Marshal.GetLastWin32Error()));
}
IntPtr lpAddress = WinAPI.VirtualAllocEx(ProcUtils.Handle, (IntPtr)null, (IntPtr)dllPath.Length, (uint)WinAPI.AllocationType.Commit | (uint)WinAPI.AllocationType.Reserve, (uint)WinAPI.MemoryProtection.ExecuteReadWrite);
if (lpAddress == IntPtr.Zero)
{
return new DllInjectionResult("Could not allocate memory for dllPath", new Win32Exception(Marshal.GetLastWin32Error()));
}
byte[] bytes = Encoding.ASCII.GetBytes(dllPath);
try
{
MemUtils.WriteString(lpAddress, dllPath, Encoding.ASCII);
}
catch(Exception ex)
{
return new DllInjectionResult("Failed to write dllPath to memory", ex);
}
RemoteThreadResult result = this.ExecuteRemoteThread(lpLLAddress, lpAddress);
if (!result.Success)
{
return new DllInjectionResult(result.ErrorMessage);
}
hModule = (IntPtr)result.ReturnValue;
if (hModule == IntPtr.Zero)
return new DllInjectionResult("The base-address of the injected module is zero");
return new DllInjectionResult(true);
}
private static void StartCheat()
{
//We make the config if it dosen't exist.
KeyUtils = new KeyUtils();
PrintInfo("> Waiting for CSGO to start up...");
while (!ProcUtils.ProcessIsRunning(GameProcess))
Thread.Sleep(250);
_procUtils = new ProcUtils(GameProcess,
WinAPI.ProcessAccessFlags.VirtualMemoryRead | WinAPI.ProcessAccessFlags.VirtualMemoryWrite |
WinAPI.ProcessAccessFlags.VirtualMemoryOperation);
MemUtils = new MemUtils {Handle = _procUtils.Handle};
PrintInfo("> Waiting for CSGOs window to show up...");
while ((_hWnd = WinAPI.FindWindowByCaption(_hWnd, GameTitle)) == IntPtr.Zero)
Thread.Sleep(250);
ProcessModule clientDll, engineDll;
PrintInfo("> Waiting for CSGO to load client.dll...");
while ((clientDll = _procUtils.GetModuleByName(@"bin\client.dll")) == null)
Thread.Sleep(250);
PrintInfo("> Waiting for CSGO to load engine.dll...");
while ((engineDll = _procUtils.GetModuleByName(@"engine.dll")) == null)
Thread.Sleep(250);
//will update everything we need.
Memory = new Memory(engineDll, clientDll);
_triggerBot = new TriggerBot();
_rcs = new Rcs();
_bunnyJump = new BunnyJump();
_sonar = new Sonar();
Timer1.Elapsed += Timer1Elapsed;
Timer1.Start();
PrintSuccess("Cheat is now running.");
Application.Run();
}
/// <summary>
/// Parses a module from memory
/// </summary>
/// <param name="module">The module to be parsed</param>
/// <param name="memUtils">MemUtils-instance that is used to dump the module</param>
/// <returns></returns>
public static PEInfo FromMemory(ProcessModule module, MemUtils memUtils)
{
return FromMemory(module.BaseAddress, module.ModuleMemorySize, memUtils);
}
/// <summary>
/// Parses a module from memory
/// </summary>
/// <param name="baseAddress">The address of the module to be parsed</param>
/// <param name="length">The size of the module to be parsed</param>
/// <param name="memUtils">MemUtils-instance that is used to dump the module</param>
/// <returns></returns>
public static PEInfo FromMemory(IntPtr baseAddress, int length, MemUtils memUtils)
{
byte[] data = new byte[length];
memUtils.Read(baseAddress, out data, length);
return new PEInfo(data);
}
static void vMatrix(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] {
0x53, 0x8B, 0xDC, 0x83, 0xEC, 0x08, 0x83, 0xE4,
0xF0, 0x83, 0xC4, 0x04, 0x55, 0x8B, 0x6B, 0x04,
0x89, 0x6C, 0x24, 0x04, 0x8B, 0xEC, 0xA1, 0x00,
0x00, 0x00, 0x00, 0x81, 0xEC, 0x98, 0x03, 0x00,
0x00 }, "xxxxxxxxxxxxxxxxxxxxxxx????xxxxxx", clientDll);
if (scan.Success)
{
int address = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + +0x4EE));
address -= clientDllBase;
address += 0x80;
CSGOOffsets.Misc.ViewMatrix = address;
}
}
static void WeaponTable(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0xA1, 0x00, 0x00, 0x00, 0x00, 0x0F, 0xB7, 0xC9, 0x03, 0xC9, 0x8B, 0x44, 0x00, 0x0C, 0xC3 }, "x????xxxxxxx?xx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 1));
CSGOOffsets.Misc.WeaponTable = tmp - clientDllBase;
}
}
/// <summary>
/// Initializes a new PEInfo using the given module
/// </summary>
/// <param name="module"></param>
/// <param name="memUtils">Instance of MemUtils to use in order to read data</param>
public PEInfo(ProcessModule module, MemUtils memUtils)
: this(module.BaseAddress, memUtils)
{
}
private static void GameResources(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[]{
0x89, 0x4D, 0xF4, //mov [ebp-0C],ecx
0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00, //mov ecx,[engine.dll+xxxx]
0x53, //push ebx
0x56, //push esi
0x57, //push edi
0x8B, 0x01 }, "xxxxx????xxxxx", engineDll);
if (scan.Success)
{
int address, pointer, offset;
pointer = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 5)) - engineDllBase;
scan = memUtils.PerformSignatureScan(new byte[] {
0xCC, //int 3
0xCC, //int 3
0x55, //push ebp
0x8B, 0xEC, //mov ebp,esp
0x8B, 0x45, 0x08, //mov eax,[ebp+08]
0x8B, 0x44, 0xC1, 0x00, //mov eax,[acx+eax*8+xx]
0x5D, //pop ebp
0xC2, 0x00, 0x00, //ret 0004
0xCC, //int 3
0xCC }, "xxxxxxxxxxx?xx??xx", clientDll);
if (scan.Success)
{
offset = memUtils.Read<byte>((IntPtr)(scan.Address.ToInt32() + 11));
address = memUtils.Read<int>((IntPtr)(engineDllBase + pointer));
address = address + 0x46 * 8 + offset;
address -= clientDllBase;
CSGOOffsets.GameResources.Base = address;
}
}
}
static void Main(string[] args)
{
m_bWork = true;
keyUtils = new KeyUtils();
MemUtils = new ExternalUtilsCSharp.MemUtils();
MemUtils.UseUnsafeReadWrite = true;
Thread thread = new Thread(new ThreadStart(Loop));
thread.IsBackground = true;
thread.Start();
Console.WriteLine("Press ESC to exit");
while (!m_bWork) Thread.Sleep(250);
Console.WriteLine("Waiting for thread to exit...");
thread.Join();
Console.WriteLine("Bye.");
}
static void LocalPlayer(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8D, 0x34, 0x85, 0x00, 0x00, 0x00, 0x00, 0x89, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x41, 0x08, 0x8B, 0x48 }, "xxx????xx????xxxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 3));
byte tmp2 = memUtils.Read<byte>((IntPtr)(scan.Address.ToInt32() + 18));
CSGOOffsets.Misc.LocalPlayer = tmp + tmp2 - clientDllBase;
}
}
static void GlowManager(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8D, 0x8F, 0x00, 0x00, 0x00, 0x00, 0xA1, 0x00, 0x00, 0x00, 0x00, 0xC7, 0x04, 0x02, 0x00, 0x00, 0x00, 0x00, 0x89, 0x35, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x51 }, "xx????x????xxx????xx????xx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.Misc.GlowManager = tmp - clientDllBase;
}
}
static void SignOnState(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x51, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x51, 0x00, 0x83, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7C, 0x40, 0x3B, 0xD1 },
"xx????xx?xx?????xxxx", engineDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 11));
CSGOOffsets.Misc.SignOnState = tmp;
}
}
static void PlayerBoneMatrix(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x83, 0x3C, 0xB0, 0xFF, 0x75, 0x15, 0x8B, 0x87, 0x00, 0x00, 0x00, 0x00, 0x8B, 0xCF, 0x8B, 0x17, 0x03, 0x44, 0x24, 0x0C, 0x50 },
"xxxxxxxx????xxxxxxxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 8));
CSGOOffsets.NetVars.C_CSPlayer.m_hBoneMatrix = tmp;
}
}
/// <summary>
/// Reads the name of this module from live-memory
/// </summary>
/// <param name="memUtils">MemUtils-instance that is used to read data</param>
/// <param name="ied">The _IMAGE_EXPORT_DIRECTORY of this module</param>
/// <param name="imageBase">Base-address pf this module in memory</param>
/// <returns></returns>
public string ReadName(MemUtils memUtils, _IMAGE_EXPORT_DIRECTORY ied, IntPtr imageBase)
{
return memUtils.ReadString((IntPtr)(imageBase.ToInt64() + ied.Name), 32, Encoding.ASCII);
}
static void PlayerWeaponHandle(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x0F, 0x45, 0xF7, 0x5F, 0x8B, 0x8E, 0x00, 0x00, 0x00, 0x00, 0x5E, 0x83, 0xF9, 0xFF },
"xxxxxx????xxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 6));
CSGOOffsets.NetVars.C_CSPlayer.m_hActiveWeapon = tmp;
}
}
static void EntityVecOrigin(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0x8A, 0x0E, 0x80, 0xE1, 0xFC, 0x0A, 0xC8, 0x88, 0x0E, 0xF3, 0x00, 0x00, 0x87, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87, 0x00, 0x00, 0x00, 0x00, 0x9F },
"xxxxxxxxxx??x??????x????x", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 13));
CSGOOffsets.NetVars.C_BaseEntity.m_vecOrigin = tmp;
}
}
static void EntityOff(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x05, 0x00, 0x00, 0x00, 0x00, 0xC1, 0xe9, 0x00, 0x39, 0x48, 0x04 }, "x????xx?xxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 1));
byte tmp2 = memUtils.Read<byte>((IntPtr)(scan.Address.ToInt32() + 7));
CSGOOffsets.Misc.EntityList = tmp + tmp2 - clientDllBase;
}
}
static void PlayerTeamNum(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(
new byte[] { 0xCC, 0xCC, 0xCC, 0x8B, 0x89, 0x00, 0x00, 0x00, 0x00, 0xE9, 0x00, 0x00, 0x00, 0x00, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0x8B, 0x81, 0x00, 0x00, 0x00, 0x00, 0xC3, 0xCC, 0xCC },
"xxxxx????x????xxxxxxx????xxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 5));
CSGOOffsets.NetVars.C_BaseEntity.m_iTeamNum = tmp;
}
}
static void Jump(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x89, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x15, 0x00, 0x00, 0x00, 0x00, 0xF6, 0xC2, 0x03, 0x74, 0x03, 0x83, 0xCE, 0x08, 0xA8, 0x08, 0xBF }, "xx????xx????xxxxxxxxxxx", clientDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 2));
CSGOOffsets.Misc.Jump = tmp - clientDllBase;
}
}
static void SetViewAngles(MemUtils memUtils)
{
scan = memUtils.PerformSignatureScan(new byte[] { 0x8B, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x4D, 0x08, 0x8B, 0x82, 0x00, 0x00, 0x00, 0x00, 0x89, 0x01, 0x8B, 0x82, 0x00, 0x00, 0x00, 0x00, 0x89, 0x41, 0x04 }, "xx????xxxxx????xxxx????xxx", engineDll);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 11));
CSGOOffsets.ClientState.m_dwViewAngles = tmp;
}
}