Untitled

// BW FMA in their gay-ass teaser lmfao nice leech kids you took it from me now selling haha
#include <Windows.h>

#include <intrin.h>
#pragma  intrinsic(_ReturnAddress)

#include <detours.h>
#pragma comment(lib, "detours")

#define Padding(x) struct { unsigned char __padding##x[(x)]; };
#define FASTCALL __fastcall
#define STDCALL __stdcall

//
BOOL bFullMapAttack = FALSE;
BOOL bFullMapAttack2 = FALSE;
BOOL bItemVac = FALSE;

DWORD dwFireWizardFMA = 0x0084F3BA;
//
template<class T>
struct TSecType
{
        Padding(0x0C);
};

template <typename T>
struct ZRef
{
        Padding(0x04);
        T *data;
};

struct DROP
{
        Padding(0x40);
        BOOL bMeso;
        INT iItemId;
        Padding(0x30);
        TSecType<long> y;
        TSecType<long> x;
};

struct CDropPool
{
        Padding(0x2C);
        LPVOID z;
};

struct CUserLocal
{
        Padding(0x04);
        LPVOID z;
        Padding(0x00000604);
        INT iAnimation;
};

struct CWvsPhysicalSpace2D
{
        Padding(0x1C);
        RECT rect;
};

struct CMob
{
        Padding(0x04);
        LPVOID z;
        Padding(0x00000718);
        INT iAnimation; // ?
};

struct CMobPool
{
        Padding(0x28);
        LPVOID z;
};

DWORD getDistance(__in POINT *pp1, __in POINT *pp2)
{
        return ((pp1->x - pp2->x) * (pp1->x - pp2->x)) + ((pp1->y - pp2->y) * (pp1->y - pp2->y)); // sqrt sucks..
}

BOOL DetourFunction(BOOL fStatus, LPVOID* lppvFunction, LPVOID lpvRedirection)
{
        if (DetourTransactionBegin() != NO_ERROR)
                return FALSE;

        if (DetourUpdateThread(GetCurrentThread()) == NO_ERROR)
                if ((fStatus ? DetourAttach : DetourDetach)(lppvFunction, lpvRedirection) == NO_ERROR)
                        if (DetourTransactionCommit() == NO_ERROR)
                                return TRUE;

        DetourTransactionAbort();
        return FALSE;
}

// functions
CMobPool*(CDECL * TSingleton_CMobPool___GetInstance)() = NULL;
CWvsPhysicalSpace2D*(CDECL * TSingleton_CWvsPhysicalSpace2D___GetInstance)() = NULL;
CUserLocal*(CDECL * TSingleton_CUserLocal___GetInstance)() = NULL;
CDropPool*(CDECL * TSingleton_CDropPool___GetInstance)() = NULL;

ZRef<CMob>*(CDECL * ZList_ZRef_CMob_____GetNext)(LPVOID lpv) = NULL;
ZRef<DROP>*(CDECL * ZList_ZRef_DROP_____GetNext)(LPVOID lpv) = NULL;
DWORD(FASTCALL * TSecType_long___GetData)(LPVOID lpvEcx, LPVOID lpvEdx) = NULL;

// hooks
POINT*(FASTCALL * CMob__GetPos)(__in LPVOID lpvEcx, __in LPVOID lpvEdx, __out POINT *pos) = NULL;
POINT*(FASTCALL * CUser__GetPos)(__in LPVOID lpvEcx, __in LPVOID lpvEdx, __out POINT *pos) = NULL;

POINT* FASTCALL CUser__GetPos__Hook(LPVOID lpvEcx, LPVOID lpvEdx, __out POINT *pos)
{
        DWORD dwReturnAddress = (DWORD)_ReturnAddress();

        if (bFullMapAttack)
        {
                POINT pUserPos, pMobPos;
                CMob *Mob;

                CUser__GetPos(lpvEcx, lpvEdx, &pUserPos);
                CUser__GetPos(lpvEcx, lpvEdx, pos); // o_O for no mob

                LPVOID lpvList = TSingleton_CMobPool___GetInstance()->z;

                DWORD dwClosestDistance = 0x7FFFFFFF, dwCurrentDistance;

                while (lpvList)
                {
                        Mob = ZList_ZRef_CMob_____GetNext(&lpvList)->data;

                        if (Mob->iAnimation == 0)
                                continue;

                        CMob__GetPos(&Mob->z, 0, &pMobPos);

                        dwCurrentDistance = getDistance(&pUserPos, &pMobPos);
                        if (dwCurrentDistance < dwClosestDistance)
                        {
                                dwClosestDistance = dwCurrentDistance;

                                //
                                if (TSingleton_CUserLocal___GetInstance()->iAnimation % 2 == 0)
                                {
                                        // 右向き
                                        pMobPos.x -= 25;
                                }
                                else
                                {
                                        // 左向き
                                        pMobPos.x += 25;
                                }

                                pos->x = pMobPos.x;
                                pos->y = pMobPos.y;
                        }
                }

                return pos;
        }
        else if (bItemVac)
        {
                DROP *Drop;

                LPVOID lpvList = TSingleton_CDropPool___GetInstance()->z;

                while (lpvList)
                {
                        Drop = ZList_ZRef_DROP_____GetNext(&lpvList)->data;
                        if (Drop->iItemId)
                        {
                                pos->x = TSecType_long___GetData(&Drop->x, 0);
                                pos->y = TSecType_long___GetData(&Drop->y, 0);
                                break;
                        }
                }

                return pos;
        }

        return CUser__GetPos(lpvEcx, lpvEdx, pos);
}

BOOL(FASTCALL * CUserLocal__TryDoingShootAttack)(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24) = NULL;
BOOL FASTCALL CUserLocal__TryDoingShootAttack__Hook(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24)
{
        bFullMapAttack = TRUE;

        BOOL bRet = CUserLocal__TryDoingShootAttack(lpvEcx, lpvEdx, lpv4, lpv8, lpvC, lpv10, lpv14, lpv18, lpv1C, lpv20, lpv24);

        bFullMapAttack = FALSE;

        return bRet;
}

BOOL(FASTCALL * CUserLocal__TryDoingMagicAttack)(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24) = NULL;
BOOL FASTCALL CUserLocal__TryDoingMagicAttack__Hook(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24)
{
        bFullMapAttack = TRUE;

        BOOL bRet = CUserLocal__TryDoingMagicAttack(lpvEcx, lpvEdx, lpv4, lpv8, lpvC, lpv10, lpv14, lpv18, lpv1C, lpv20, lpv24);

        bFullMapAttack = FALSE;

        return bRet;
}

BOOL(FASTCALL * CUserLocal__TryDoingMeleeAttack)(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24, LPVOID lpv28, LPVOID lpv2C, LPVOID lpv30, LPVOID lpv34, LPVOID lpv38) = NULL;
BOOL FASTCALL CUserLocal__TryDoingMeleeAttack__Hook(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24, LPVOID lpv28, LPVOID lpv2C, LPVOID lpv30, LPVOID lpv34, LPVOID lpv38)
{
        bFullMapAttack = TRUE;

        BOOL bRet = CUserLocal__TryDoingMeleeAttack(lpvEcx, lpvEdx, lpv4, lpv8, lpvC, lpv10, lpv14, lpv18, lpv1C, lpv20, lpv24, lpv28, lpv2C, lpv30, lpv34, lpv38);

        bFullMapAttack = FALSE;

        return bRet;
}

LPVOID(FASTCALL * CUserLocal__TryDoingFWAttack)(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4) = NULL;
LPVOID FASTCALL CUserLocal__TryDoingFWAttack__Hook(LPVOID lpvEcx, LPVOID lpvEdx, LPVOID lpv4)
{
        bFullMapAttack2 = TRUE;

        LPVOID lpvRet = CUserLocal__TryDoingFWAttack(lpvEcx, lpvEdx, lpv4);

        bFullMapAttack2 = FALSE;

        return lpvRet;
}

POINT* FASTCALL CMob__GetPos__Hook(LPVOID lpvEcx, LPVOID lpvEdx, __out POINT *pos)
{
        if (bFullMapAttack2)
                return CUser__GetPos(&TSingleton_CUserLocal___GetInstance()->z, lpvEdx, pos);

        return CMob__GetPos(lpvEcx, lpvEdx, pos);
}

//
INT(FASTCALL * CMobPool__FindHitMobInRect)(LPVOID lpvEcx, LPVOID lpvEdx, RECT* rect, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24, LPVOID lpv28, LPVOID lpv2C, LPVOID lpv30, LPVOID lpv34, LPVOID lpv38) = NULL;
INT FASTCALL CMobPool__FindHitMobInRect__Hook(LPVOID lpvEcx, LPVOID lpvEdx, RECT* rect, LPVOID lpv8, LPVOID lpvC, LPVOID lpv10, LPVOID lpv14,
        LPVOID lpv18, LPVOID lpv1C, LPVOID lpv20, LPVOID lpv24, LPVOID lpv28, LPVOID lpv2C, LPVOID lpv30, LPVOID lpv34, LPVOID lpv38)
{
        DWORD dwReturnAddress = (DWORD)_ReturnAddress();

        if (dwReturnAddress == dwFireWizardFMA)
                rect = &TSingleton_CWvsPhysicalSpace2D___GetInstance()->rect;

        return CMobPool__FindHitMobInRect(lpvEcx, lpvEdx, rect, lpv8, lpvC, lpv10, lpv14, lpv18, lpv1C, lpv20, lpv24, lpv28, lpv2C, lpv30, lpv34, lpv38);
}

//
VOID(FASTCALL * CDropPool__TryPickUpDrop)(CDropPool *lpvEcx, LPVOID lpvEdx, POINT *point) = NULL;
VOID FASTCALL CDropPool__TryPickUpDrop__Hook(CDropPool *lpvEcx, LPVOID lpvEdx, POINT *point)
{
        DROP *Drop;

        LPVOID lpvList = lpvEcx->z;

        while (lpvList)
        {
                Drop = ZList_ZRef_DROP_____GetNext(&lpvList)->data;
                if (Drop->iItemId)
                {
                        point->x = TSecType_long___GetData(&Drop->x, 0);
                        point->y = TSecType_long___GetData(&Drop->y, 0);
                        break;
                }
        }

        bItemVac = TRUE;

        CDropPool__TryPickUpDrop(lpvEcx, lpvEdx, point);

        bItemVac = FALSE;
}

VOID Toggle(BOOL fEnable)
{

        *(LPVOID*)&ZList_ZRef_CMob_____GetNext = reinterpret_cast<LPVOID>(0x00A77D30); // 337.01
        *(LPVOID*)&CMob__GetPos = reinterpret_cast<LPVOID>(0x00A218F0); // 337.01
        *(LPVOID*)&CUser__GetPos = reinterpret_cast<LPVOID>(0x00625CB0); // 337.01

        // Normal FMA
        *(LPVOID*)&CUserLocal__TryDoingMeleeAttack = reinterpret_cast<LPVOID>(0x013DEF60); // 337.01
        *(LPVOID*)&CUserLocal__TryDoingShootAttack = reinterpret_cast<LPVOID>(0x013F2C80); // 337.01
        *(LPVOID*)&CUserLocal__TryDoingMagicAttack = reinterpret_cast<LPVOID>(0x013FBB70); // 337.01
        *(LPVOID*)&CUserLocal__TryDoingFWAttack = reinterpret_cast<LPVOID>(0x014170A0); // 337.01

        // TSingleton
        *(LPVOID*)&TSingleton_CMobPool___GetInstance = reinterpret_cast<LPVOID>(0x004AD7B0); // 337.01
        *(LPVOID*)&TSingleton_CWvsPhysicalSpace2D___GetInstance = reinterpret_cast<LPVOID>(0x004ADAE0); // 337.01
        *(LPVOID*)&TSingleton_CUserLocal___GetInstance = reinterpret_cast<LPVOID>(0x0049CA30); // 337.01
        *(LPVOID*)&TSingleton_CDropPool___GetInstance = reinterpret_cast<LPVOID>(0x0071CC00); // 337.01
        //
        *(LPVOID*)&CMobPool__FindHitMobInRect = reinterpret_cast<LPVOID>(0x00A79F50); // 337.01

        // ItemVac
        *(LPVOID*)&CDropPool__TryPickUpDrop = reinterpret_cast<LPVOID>(0x006C2E60); // 337.01
        *(LPVOID*)&TSecType_long___GetData = reinterpret_cast<LPVOID>(0x0047B310); // 337.01
        *(LPVOID*)&ZList_ZRef_DROP_____GetNext = reinterpret_cast<LPVOID>(0x006C0FD0); // 337.01

        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CUser__GetPos), &CUser__GetPos__Hook);
        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CMob__GetPos), &CMob__GetPos__Hook);

        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CUserLocal__TryDoingMeleeAttack), &CUserLocal__TryDoingMeleeAttack__Hook);
        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CUserLocal__TryDoingShootAttack), &CUserLocal__TryDoingShootAttack__Hook);
        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CUserLocal__TryDoingMagicAttack), &CUserLocal__TryDoingMagicAttack__Hook);
        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CUserLocal__TryDoingFWAttack), &CUserLocal__TryDoingFWAttack__Hook);

        // Fire Wizard
        DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CMobPool__FindHitMobInRect), &CMobPool__FindHitMobInRect__Hook);

        // Item Vac A/B
        // DetourFunction(fEnable, reinterpret_cast<LPVOID*>(&CDropPool__TryPickUpDrop), &CDropPool__TryPickUpDrop__Hook);
}