/// <summary> /// Interacts with the object, loot, target etc. /// </summary> public void Interact() { if (this.ObjectPointer != 0) { try { ThreadManager.suspendMainThread(objectList.getProcessId()); uint codecave = this.Memory.AllocateMemory(); this.Memory.Asm.Clear(); this.Memory.Asm.AddLine("fs mov eax, [0x2C]"); this.Memory.Asm.AddLine("mov eax, [eax]"); this.Memory.Asm.AddLine("add eax, 8"); this.Memory.Asm.AddLine("mov eax, {0}", new object[] { this.VirtualMethodTable }); this.Memory.Asm.AddLine("mov ecx, {0}", new object[] { this.ObjectPointer }); this.Memory.Asm.AddLine("mov edx, " + (0x005D9A10).ToString("X") + "h"); this.Memory.Asm.AddLine("call {0}", new object[] { this.Memory.ReadUInt(this.VirtualMethodTable + VMT_INTERACT) }); this.Memory.Asm.AddLine("retn"); this.Memory.Asm.InjectAndExecute(codecave); Thread.Sleep(10); //this.Memory.FreeMemory(codecave); ThreadManager.resumeMainThread(objectList.getProcessId()); } catch { } } }
/// <summary> /// Target an player/mob usefull for friendly players and bg peps. /// </summary> public void Target() { try { uint CodeLocation = 0x0725AA0; uint codeCave = Memory.AllocateMemory(0x108); ThreadManager.suspendMainThread(objectList.getProcessId()); Memory.WriteUInt64(codeCave + 0x100, GUID); Memory.Asm.Clear(); Memory.Asm.AddLine("MOV EAX,[0x{0}]", (codeCave + 0x100 + 0x4).ToString("X")); Memory.Asm.AddLine("PUSH EAX"); Memory.Asm.AddLine("MOV EAX,[0x{0}]", (codeCave + 0x100 + 0x0).ToString("X")); Memory.Asm.AddLine("PUSH EAX"); Memory.Asm.AddLine("CALL 0x{0}", CodeLocation.ToString("X")); Memory.Asm.AddLine("ADD ESP, 0x08"); Memory.Asm.AddLine("RETN"); Memory.Asm.InjectAndExecute(codeCave); Memory.FreeMemory(codeCave); Thread.Sleep(50); ThreadManager.resumeMainThread(objectList.getProcessId()); objectList.DoString("TargetUnit(\"playertarget\")"); } catch { }; }
public void HookEndScene() { ThreadManager.suspendMainThread(this.getProcessId()); uint pDevice = Memory.ReadUInt(0x00BB672C); uint pEnd = Memory.ReadUInt(pDevice + 0x397C); uint pScene = Memory.ReadUInt(pEnd); uint pEndScene = Memory.ReadUInt(pScene + 0xA8); SendConsole("EndScene Offset : " + pEndScene.ToString("X"), ConsoleLvl.Debug); if (Memory.ReadByte(pEndScene) != 0xe9) // check if not already hooked { codeCave = Memory.AllocateMemory(0x2048); Memory.Asm.Clear(); //Demerdation de laddresse de endscene mon amour :))) byte[] Backup = Memory.ReadBytes(pEndScene, 25); int size = Memory.Asm.GetMemorySize(); Memory.Asm.AddLine("pushad"); Memory.Asm.AddLine("pushfd"); Memory.Asm.AddLine("mov esi, " + (codeCave + 256).ToString("X") + "h"); Memory.Asm.AddLine("cmp dword [esi], 0"); Memory.Asm.AddLine("je " + (codeCave + 0x1D).ToString("X") + "h"); //DO STRING Memory.Asm.AddLine("push {0}", 0); Memory.Asm.AddLine("mov eax, {0}", codeCave + 0x1024); Memory.Asm.AddLine("push eax"); Memory.Asm.AddLine("push eax"); Memory.Asm.AddLine("call {0}", (uint)0x004B32B0); Memory.Asm.AddLine("add esp, 0xC"); //EXIT Memory.Asm.AddLine("mov dword[" + (codeCave + 256).ToString("X") + "h], 0"); Memory.Asm.AddLine("popfd"); Memory.Asm.AddLine("popad"); Memory.Asm.Inject(codeCave); Memory.WriteBytes(codeCave + 0x29, Backup); Memory.Asm.Clear(); Memory.Asm.AddLine("jmp " + (pEndScene + 25).ToString("X") + "h"); //REMPLACEMENT POUR NOBUG Memory.Asm.Inject(codeCave + 0x29 + 25); // Okay on a le pointeur , que les choses serieuses commencent : YOUMEW EN MODE EXTRA BOUISSINCE Memory.Asm.Clear(); Memory.Asm.AddLine("jmp " + codeCave.ToString("X") + "h"); Memory.Asm.Inject(pEndScene); } else { codeCave = Memory.ReadUInt(pEndScene + 1) + 4 + pEndScene - 0xffffffff; } ThreadManager.resumeMainThread(this.getProcessId()); // ENDSCENE IS NOW HOOKED // HOOK BY LMEW // LA BOUISINCE A LETAT PURE }