API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 1st, 2020
187
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.86 KB | None | 0 0
raw download clone embed print report
  1. // dllmain.cpp : Definiert den Einstiegspunkt für die DLL-Anwendung.
  2. #include "pch.h"
  3. #include "il2cpp.h"
  4. #include <windows.h>
  5. #include <TlHelp32.h>
  6. #include <vector>
  7. #include <chrono>
  8. #include <thread>
  9. #include <iostream>
  10. #include "mem.h"
  11. #include <string>
  12. #include <stdio.h>
  13. #include <stdlib.h>
  14. #include <time.h>
  15. #include <inttypes.h>
  16. #include <vector>
  17. #include <random>
  18. #include <climits>
  19. #include <algorithm>
  20. #include <functional>
  21. #pragma warning(disable : 4996)
  22.  
  23. using random_bytes_engine = std::independent_bits_engine<std::default_random_engine, CHAR_BIT, unsigned int>;
  24.  
  25.  
  26. uintptr_t GetModuleBaseAddress(DWORD procId, const wchar_t* modName)
  27. {
  28. uintptr_t modBaseAddr = 0;
  29. HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, procId);
  30. if (hSnap != INVALID_HANDLE_VALUE)
  31. {
  32. MODULEENTRY32 modEntry;
  33. modEntry.dwSize = sizeof(modEntry);
  34. if (Module32First(hSnap, &modEntry))
  35. {
  36. do
  37. {
  38. if (!_wcsicmp(modEntry.szModule, modName))
  39. {
  40. modBaseAddr = (uintptr_t)modEntry.modBaseAddr;
  41. break;
  42. }
  43. } while (Module32Next(hSnap, &modEntry));
  44. }
  45. }
  46. CloseHandle(hSnap);
  47. return modBaseAddr;
  48. }
  49.  
  50. void __stdcall StartDetection() {
  51. std::cout << "StartDetection called." << std::endl;
  52. return;
  53. }
  54.  
  55.  
  56. void __stdcall StopDetection() {
  57. std::cout << "StopDetection called." << std::endl;
  58. return;
  59. }
  60.  
  61.  
  62. void __stdcall Dispose() {
  63. std::cout << "Dispose called." << std::endl;
  64. return;
  65. }
  66.  
  67.  
  68. void __stdcall ObscuredCheatingDetector() {
  69. std::cout << "ObscuredCheatingDetector called." << std::endl;
  70. return;
  71. }
  72.  
  73.  
  74. void __stdcall Awake() {
  75. std::cout << "Awake called." << std::endl;
  76. return;
  77. }
  78.  
  79.  
  80. void __stdcall OnDestroy() {
  81. std::cout << "OnDestroy called." << std::endl;
  82. return;
  83. }
  84.  
  85.  
  86. void __stdcall OnLevelWasLoadedNew() {
  87. std::cout << "OnLevelWasLoadedNew called." << std::endl;
  88. return;
  89. }
  90.  
  91.  
  92. void __stdcall OnLevelLoadedCallback() {
  93. std::cout << "OnLevelLoadedCallback called." << std::endl;
  94. return;
  95. }
  96.  
  97.  
  98. void __stdcall StartDetectionInternal() {
  99. std::cout << "StartDetectionInternal called." << std::endl;
  100. return;
  101. }
  102.  
  103.  
  104. void __stdcall StartDetectionAutomatically() {
  105. std::cout << "StartDetectionAutomatically called." << std::endl;
  106. return;
  107. }
  108.  
  109.  
  110. void __stdcall PauseDetector() {
  111. std::cout << "PauseDetector called." << std::endl;
  112. return;
  113. }
  114.  
  115.  
  116. void __stdcall ResumeDetector() {
  117. std::cout << "ResumeDetector called." << std::endl;
  118. return;
  119. }
  120.  
  121.  
  122. void __stdcall StopDetectionInternal() {
  123. std::cout << "StopDetectionInternal called." << std::endl;
  124. return;
  125. }
  126.  
  127.  
  128. void __stdcall DisposeInternal() {
  129. std::cout << "DisposeInternal called." << std::endl;
  130. return;
  131. }
  132.  
  133.  
  134. void __stdcall InjectionDetector() {
  135. std::cout << "InjectionDetector called." << std::endl;
  136. return;
  137. }
  138.  
  139.  
  140. void __stdcall OnNewAssemblyLoaded() {
  141. std::cout << "OnNewAssemblyLoaded called." << std::endl;
  142. return;
  143. }
  144.  
  145.  
  146. void __stdcall FindInjectionInCurrentAssemblies() {
  147. std::cout << "FindInjectionInCurrentAssemblies called." << std::endl;
  148. return;
  149. }
  150.  
  151.  
  152. void __stdcall AssemblyAllowed() {
  153.  
  154. std::cout << "AssemblyAllowed called." << std::endl;
  155.  
  156.  
  157. return;
  158. }
  159.  
  160.  
  161. void __stdcall LoadAndParseAllowedAssemblies() {
  162. std::cout << "LoadAndParseAllowedAssemblies called." << std::endl;
  163. return;
  164. }
  165.  
  166.  
  167. void __stdcall GetAssemblyHash() {
  168. std::cout << "GetAssemblyHash called." << std::endl;
  169. return;
  170. }
  171.  
  172.  
  173. void __stdcall PublicKeyTokenToString() {
  174. std::cout << "PublicKeyTokenToString called." << std::endl;
  175. return;
  176. }
  177.  
  178.  
  179. void __stdcall AllowedAssembly() {
  180.  
  181. std::cout << "AllowedAssembly called." << std::endl;
  182. return;
  183. }
  184.  
  185.  
  186. void __stdcall SpeedHackDetector() {
  187. std::cout << "SpeedHackDetector called." << std::endl;
  188. return;
  189. }
  190.  
  191.  
  192. void __stdcall OnApplicationPause() {
  193. std::cout << "OnApplicationPause called." << std::endl;
  194. return;
  195. }
  196.  
  197.  
  198. void __stdcall Update() {
  199. //std::cout << "Update called." << std::endl;
  200. return;
  201. }
  202.  
  203.  
  204. void __stdcall WallHackDetector() {
  205. std::cout << "WallHackDetector called." << std::endl;
  206. return;
  207. }
  208.  
  209.  
  210. void __stdcall FixedUpdate() {
  211. std::cout << "FixedUpdate called." << std::endl;
  212. return;
  213. }
  214.  
  215.  
  216. void __stdcall UpdateServiceContainer() {
  217. std::cout << "UpdateServiceContainer called." << std::endl;
  218. return;
  219. }
  220.  
  221.  
  222. void __stdcall StartRigidModule() {
  223. std::cout << "StartRigidModule called." << std::endl;
  224. return;
  225. }
  226.  
  227.  
  228. void __stdcall StartControllerModule() {
  229. std::cout << "StartControllerModule called." << std::endl;
  230. return;
  231. }
  232.  
  233.  
  234. void __stdcall StartWireframeModule() {
  235. std::cout << "StartWireframeModule called." << std::endl;
  236. return;
  237. }
  238.  
  239.  
  240. void __stdcall ShootWireframeModule() {
  241. std::cout << "ShootWireframeModule called." << std::endl;
  242. return;
  243. }
  244.  
  245.  
  246. void __stdcall StartRaycastModule() {
  247. std::cout << "StartRaycastModule called." << std::endl;
  248. return;
  249. }
  250.  
  251.  
  252. void __stdcall ShootRaycastModule() {
  253. std::cout << "ShootRaycastModule called." << std::endl;
  254. return;
  255. }
  256.  
  257.  
  258. void __stdcall StopRigidModule() {
  259. std::cout << "StopRigidModule called." << std::endl;
  260. return;
  261. }
  262.  
  263.  
  264. void __stdcall StopControllerModule() {
  265. std::cout << "StopControllerModule called." << std::endl;
  266. return;
  267. }
  268.  
  269.  
  270. void __stdcall StopWireframeModule() {
  271. std::cout << "StopWireframeModule called." << std::endl;
  272. return;
  273. }
  274.  
  275.  
  276. void __stdcall StopRaycastModule() {
  277. std::cout << "StopRaycastModule called." << std::endl;
  278. return;
  279. }
  280.  
  281.  
  282. void __stdcall InitRigidModule() {
  283. std::cout << "InitRigidModule called." << std::endl;
  284. return;
  285. }
  286.  
  287.  
  288. void __stdcall InitControllerModule() {
  289. std::cout << "InitControllerModule called." << std::endl;
  290. return;
  291. }
  292.  
  293.  
  294. void __stdcall UninitRigidModule() {
  295. std::cout << "UninitRigidModule called." << std::endl;
  296. return;
  297. }
  298.  
  299.  
  300. void __stdcall UninitControllerModule() {
  301. std::cout << "UninitControllerModule called." << std::endl;
  302. return;
  303. }
  304.  
  305.  
  306. void __stdcall Detect() {
  307. std::cout << "Detect called." << std::endl;
  308. return;
  309. }
  310.  
  311.  
  312. void __stdcall GenerateColor() {
  313. std::cout << "GenerateColor called." << std::endl;
  314. return;
  315. }
  316.  
  317.  
  318. void __stdcall ColorsSimilar() {
  319. std::cout << "ColorsSimilar called." << std::endl;
  320. return;
  321. }
  322.  
  323.  
  324. void __stdcall MoveNext() {
  325. std::cout << "MoveNext called." << std::endl;
  326. return;
  327. }
  328.  
  329. int GetPIDfromProcName(std::wstring targetProcessName) {
  330. std::vector<DWORD> pids;
  331.  
  332. HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); //all processes
  333.  
  334. PROCESSENTRY32W entry; //current process
  335. entry.dwSize = sizeof entry;
  336.  
  337. if (!Process32FirstW(snap, &entry)) { //start with the first in snapshot
  338. return 0;
  339. }
  340.  
  341. do {
  342. if (std::wstring(entry.szExeFile) == targetProcessName) {
  343. return entry.th32ProcessID; //name matches; return
  344. }
  345. } while (Process32NextW(snap, &entry)); //keep going until end of snapshot
  346. return 0;
  347. }
  348.  
  349. typedef void(__thiscall* _SetMoney)(void* pThis, int money);
  350. typedef void func(bool money); // Creating an int function alias, replace (void) with your parameters
  351.  
  352. typedef void(__stdcall* __OnJoinRound)(int id, const char* name, const char* clanname, bool vip, int team, int deadflag, float x, float y, float z, bool zombie);
  353. typedef void(__stdcall* __hkIgnore)();
  354. typedef void(__stdcall* __hkShowItem)(LitJson_JsonData_o jsonData, int id, System_String_o* name, System_String_o* displayType, System_String_o* description, int price, System_String_o* slot, System_String_o* icon, System_String_o* iconLarge, float iconScale);
  355.  
  356. typedef void(__stdcall* __Spawn)(float x, float y, float z, float angle);
  357. typedef void(__stdcall* __CreatePlayer)(int id, System_String_o* name, System_String_o* clanname, bool vip, int team, int deadflag, float x, float y, float z, bool zombie);
  358.  
  359. __CreatePlayer _CreatePlayer;
  360. __OnJoinRound _OnJoinRound;
  361. __hkShowItem _ShowItem;
  362. __Spawn _Spawn;
  363.  
  364. void __stdcall Spawn(float x, float y, float z, float angle) {
  365. x = 1;
  366. y = 1;
  367. z = 1;
  368. return _Spawn(x, y, z, angle);
  369. }
  370.  
  371.  
  372. void __stdcall CreatePlayer(int id, System_String_o* name, System_String_o* clanname, bool vip, int team, int deadflag, float x, float y, float z, bool zombie) {
  373. std::cout << "New Player. ID: " + std::to_string(id) << std::endl;
  374. return _CreatePlayer(id,name,clanname,vip,team,deadflag,x,y,z,zombie);
  375. }
  376.  
  377.  
  378.  
  379.  
  380.  
  381. void __stdcall hkOnJoinRound(int id, const char* name, const char* clanname, bool vip, int team, int deadflag, float x, float y, float z, bool zombie) {
  382. std::cout << name << std::endl;
  383. return _OnJoinRound(id, name, clanname, vip, team, deadflag, x, y, z, zombie);
  384. }
  385.  
  386. void __stdcall hkIgnore() {
  387. //std::cout << "Anti-Cheat Call hooked." << std::endl;
  388. return;
  389. }
  390.  
  391. // f will be pointing to 0xDEADBEEF function address
  392.  
  393.  
  394. void StartCheat() {
  395. AllocConsole();
  396. freopen("CONOUT$", "w", stdout);
  397. std::cout << "Injected!" << std::endl;
  398.  
  399. int PID = GetPIDfromProcName(L"warmode.exe");
  400. uintptr_t BaseAddress = GetModuleBaseAddress((DWORD)PID, L"GameAssembly.dll");
  401. //mem::Patch((BYTE*)(BaseAddress + 0x23FCE0) + 1, (BYTE*)0xC3,1);
  402.  
  403. uintptr_t UnityBaseAddress = GetModuleBaseAddress((DWORD)PID, L"UnityPlayer.dll");
  404.  
  405. mem::TrampHook32((BYTE*)BaseAddress + 0x23FE20, (BYTE*)StartDetection, 6); // StartDetection
  406. mem::TrampHook32((BYTE*)BaseAddress + 0x23FF30, (BYTE*)StartDetection, 6); // StartDetection
  407. mem::TrampHook32((BYTE*)BaseAddress + 0x2400C0, (BYTE*)StopDetection, 6); // StopDetection
  408. mem::TrampHook32((BYTE*)BaseAddress + 0x23FAD0, (BYTE*)Dispose, 6); // Dispose
  409. mem::TrampHook32((BYTE*)BaseAddress + 0x240190, (BYTE*)ObscuredCheatingDetector, 6); // ObscuredCheatingDetector
  410. mem::TrampHook32((BYTE*)BaseAddress + 0x23F900, (BYTE*)Awake, 6); // Awake
  411. mem::TrampHook32((BYTE*)BaseAddress + 0x23FBA0, (BYTE*)OnDestroy, 6); // OnDestroy
  412. mem::TrampHook32((BYTE*)BaseAddress + 0x23FBE0, (BYTE*)OnLevelWasLoadedNew, 6); // OnLevelWasLoadedNew
  413. mem::TrampHook32((BYTE*)BaseAddress + 0x23FBE0, (BYTE*)OnLevelLoadedCallback, 6); // OnLevelLoadedCallback
  414. mem::TrampHook32((BYTE*)BaseAddress + 0x23FCE0, (BYTE*)StartDetectionInternal, 6); // StartDetectionInternal
  415. mem::TrampHook32((BYTE*)BaseAddress + 0x23FCC0, (BYTE*)StartDetectionAutomatically, 6); // StartDetectionAutomatically
  416. mem::TrampHook32((BYTE*)BaseAddress + 0x23FC90, (BYTE*)PauseDetector, 6); // PauseDetector
  417. mem::TrampHook32((BYTE*)BaseAddress + 0x23FCA0, (BYTE*)ResumeDetector, 6); // ResumeDetector
  418. mem::TrampHook32((BYTE*)BaseAddress + 0x2400A0, (BYTE*)StopDetectionInternal, 6); // StopDetectionInternal
  419. mem::TrampHook32((BYTE*)BaseAddress + 0x23F9D0, (BYTE*)DisposeInternal, 6); // DisposeInternal
  420. mem::TrampHook32((BYTE*)BaseAddress + 0x23F4C0, (BYTE*)StartDetection, 6); // StartDetection
  421. mem::TrampHook32((BYTE*)BaseAddress + 0x23F350, (BYTE*)StartDetection, 6); // StartDetection
  422. mem::TrampHook32((BYTE*)BaseAddress + 0x23F630, (BYTE*)StopDetection, 6); // StopDetection
  423. mem::TrampHook32((BYTE*)BaseAddress + 0x23E7E0, (BYTE*)Dispose, 6); // Dispose
  424. mem::TrampHook32((BYTE*)BaseAddress + 0x231780, (BYTE*)InjectionDetector, 6); // InjectionDetector
  425. mem::TrampHook32((BYTE*)BaseAddress + 0x23E610, (BYTE*)Awake, 6); // Awake
  426. mem::TrampHook32((BYTE*)BaseAddress + 0x23EE60, (BYTE*)OnDestroy, 6); // OnDestroy
  427. mem::TrampHook32((BYTE*)BaseAddress + 0x23EEA0, (BYTE*)OnLevelWasLoadedNew, 6); // OnLevelWasLoadedNew
  428. mem::TrampHook32((BYTE*)BaseAddress + 0x23EEA0, (BYTE*)OnLevelLoadedCallback, 6); // OnLevelLoadedCallback
  429. mem::TrampHook32((BYTE*)BaseAddress + 0x23F120, (BYTE*)StartDetectionInternal, 6); // StartDetectionInternal
  430. mem::TrampHook32((BYTE*)BaseAddress + 0x23F100, (BYTE*)StartDetectionAutomatically, 6); // StartDetectionAutomatically
  431. mem::TrampHook32((BYTE*)BaseAddress + 0x23EF90, (BYTE*)PauseDetector, 6); // PauseDetector
  432. mem::TrampHook32((BYTE*)BaseAddress + 0x23F080, (BYTE*)ResumeDetector, 6); // ResumeDetector
  433. mem::TrampHook32((BYTE*)BaseAddress + 0x23F5B0, (BYTE*)StopDetectionInternal, 6); // StopDetectionInternal
  434. mem::TrampHook32((BYTE*)BaseAddress + 0x23E6E0, (BYTE*)DisposeInternal, 6); // DisposeInternal
  435. mem::TrampHook32((BYTE*)BaseAddress + 0x23EF50, (BYTE*)OnNewAssemblyLoaded, 6); // OnNewAssemblyLoaded
  436. mem::TrampHook32((BYTE*)BaseAddress + 0x23E8B0, (BYTE*)FindInjectionInCurrentAssemblies, 6); // FindInjectionInCurrentAssemblies
  437. mem::TrampHook32((BYTE*)BaseAddress + 0x23E510, (BYTE*)AssemblyAllowed, 6); // AssemblyAllowed
  438. mem::TrampHook32((BYTE*)BaseAddress + 0x23EA60, (BYTE*)LoadAndParseAllowedAssemblies, 6); // LoadAndParseAllowedAssemblies
  439. mem::TrampHook32((BYTE*)BaseAddress + 0x23E940, (BYTE*)GetAssemblyHash, 6); // GetAssemblyHash
  440. mem::TrampHook32((BYTE*)BaseAddress + 0x23F000, (BYTE*)PublicKeyTokenToString, 6); // PublicKeyTokenToString
  441. //mem::TrampHook32((BYTE*)BaseAddress + 0x190580, (BYTE*)AllowedAssembly, 6); // AllowedAssembly
  442. mem::TrampHook32((BYTE*)BaseAddress + 0x243980, (BYTE*)StartDetection, 6); // StartDetection
  443. mem::TrampHook32((BYTE*)BaseAddress + 0x243850, (BYTE*)StartDetection, 6); // StartDetection
  444. mem::TrampHook32((BYTE*)BaseAddress + 0x243910, (BYTE*)StartDetection, 6); // StartDetection
  445. mem::TrampHook32((BYTE*)BaseAddress + 0x243B20, (BYTE*)StartDetection, 6); // StartDetection
  446. mem::TrampHook32((BYTE*)BaseAddress + 0x2438D0, (BYTE*)StartDetection, 6); // StartDetection
  447. mem::TrampHook32((BYTE*)BaseAddress + 0x243B70, (BYTE*)StopDetection, 6); // StopDetection
  448. mem::TrampHook32((BYTE*)BaseAddress + 0x243440, (BYTE*)Dispose, 6); // Dispose
  449. mem::TrampHook32((BYTE*)BaseAddress + 0x243E10, (BYTE*)SpeedHackDetector, 6); // SpeedHackDetector
  450. mem::TrampHook32((BYTE*)BaseAddress + 0x243270, (BYTE*)Awake, 6); // Awake
  451. mem::TrampHook32((BYTE*)BaseAddress + 0x243530, (BYTE*)OnDestroy, 6); // OnDestroy
  452. mem::TrampHook32((BYTE*)BaseAddress + 0x243570, (BYTE*)OnLevelWasLoadedNew, 6); // OnLevelWasLoadedNew
  453. mem::TrampHook32((BYTE*)BaseAddress + 0x243570, (BYTE*)OnLevelLoadedCallback, 6); // OnLevelLoadedCallback
  454. mem::TrampHook32((BYTE*)BaseAddress + 0x243510, (BYTE*)OnApplicationPause, 6); // OnApplicationPause
  455. mem::TrampHook32((BYTE*)BaseAddress + 0x243C40, (BYTE*)Update, 6); // Update
  456. mem::TrampHook32((BYTE*)BaseAddress + 0x2436F0, (BYTE*)StartDetectionInternal, 6); // StartDetectionInternal
  457. mem::TrampHook32((BYTE*)BaseAddress + 0x2436C0, (BYTE*)StartDetectionAutomatically, 6); // StartDetectionAutomatically
  458. mem::TrampHook32((BYTE*)BaseAddress + 0x23FC90, (BYTE*)PauseDetector, 6); // PauseDetector
  459. mem::TrampHook32((BYTE*)BaseAddress + 0x23FCA0, (BYTE*)ResumeDetector, 6); // ResumeDetector
  460. mem::TrampHook32((BYTE*)BaseAddress + 0x2400A0, (BYTE*)StopDetectionInternal, 6); // StopDetectionInternal
  461. mem::TrampHook32((BYTE*)BaseAddress + 0x243340, (BYTE*)DisposeInternal, 6); // DisposeInternal
  462. mem::TrampHook32((BYTE*)BaseAddress + 0x245E90, (BYTE*)StartDetection, 6); // StartDetection
  463. mem::TrampHook32((BYTE*)BaseAddress + 0x245D70, (BYTE*)StartDetection, 6); // StartDetection
  464. mem::TrampHook32((BYTE*)BaseAddress + 0x245DF0, (BYTE*)StartDetection, 6); // StartDetection
  465. mem::TrampHook32((BYTE*)BaseAddress + 0x245E50, (BYTE*)StartDetection, 6); // StartDetection
  466. mem::TrampHook32((BYTE*)BaseAddress + 0x246610, (BYTE*)StopDetection, 6); // StopDetection
  467. mem::TrampHook32((BYTE*)BaseAddress + 0x244DC0, (BYTE*)Dispose, 6); // Dispose
  468. mem::TrampHook32((BYTE*)BaseAddress + 0x247F10, (BYTE*)WallHackDetector, 6); // WallHackDetector
  469. mem::TrampHook32((BYTE*)BaseAddress + 0x244A70, (BYTE*)Awake, 6); // Awake
  470. mem::TrampHook32((BYTE*)BaseAddress + 0x2452E0, (BYTE*)OnDestroy, 6); // OnDestroy
  471. mem::TrampHook32((BYTE*)BaseAddress + 0x245460, (BYTE*)OnLevelWasLoadedNew, 6); // OnLevelWasLoadedNew
  472. mem::TrampHook32((BYTE*)BaseAddress + 0x245460, (BYTE*)OnLevelLoadedCallback, 6); // OnLevelLoadedCallback
  473. mem::TrampHook32((BYTE*)BaseAddress + 0x244E90, (BYTE*)FixedUpdate, 6); // FixedUpdate
  474. mem::TrampHook32((BYTE*)BaseAddress + 0x247D80, (BYTE*)Update, 6); // Update
  475. mem::TrampHook32((BYTE*)BaseAddress + 0x245BC0, (BYTE*)StartDetectionInternal, 6); // StartDetectionInternal
  476. mem::TrampHook32((BYTE*)BaseAddress + 0x245B90, (BYTE*)StartDetectionAutomatically, 6); // StartDetectionAutomatically
  477. mem::TrampHook32((BYTE*)BaseAddress + 0x245510, (BYTE*)PauseDetector, 6); // PauseDetector
  478. mem::TrampHook32((BYTE*)BaseAddress + 0x2455A0, (BYTE*)ResumeDetector, 6); // ResumeDetector
  479. mem::TrampHook32((BYTE*)BaseAddress + 0x2465E0, (BYTE*)StopDetectionInternal, 6); // StopDetectionInternal
  480. mem::TrampHook32((BYTE*)BaseAddress + 0x244CC0, (BYTE*)DisposeInternal, 6); // DisposeInternal
  481. mem::TrampHook32((BYTE*)BaseAddress + 0x246990, (BYTE*)UpdateServiceContainer, 6); // UpdateServiceContainer
  482. mem::TrampHook32((BYTE*)BaseAddress + 0x2460A0, (BYTE*)StartRigidModule, 6); // StartRigidModule
  483. mem::TrampHook32((BYTE*)BaseAddress + 0x245840, (BYTE*)StartControllerModule, 6); // StartControllerModule
  484. mem::TrampHook32((BYTE*)BaseAddress + 0x2464D0, (BYTE*)StartWireframeModule, 6); // StartWireframeModule
  485. mem::TrampHook32((BYTE*)BaseAddress + 0x2457A0, (BYTE*)ShootWireframeModule, 6); // ShootWireframeModule
  486. mem::TrampHook32((BYTE*)BaseAddress + 0x246010, (BYTE*)StartRaycastModule, 6); // StartRaycastModule
  487. mem::TrampHook32((BYTE*)BaseAddress + 0x245600, (BYTE*)ShootRaycastModule, 6); // ShootRaycastModule
  488. mem::TrampHook32((BYTE*)BaseAddress + 0x246720, (BYTE*)StopRigidModule, 6); // StopRigidModule
  489. mem::TrampHook32((BYTE*)BaseAddress + 0x246560, (BYTE*)StopControllerModule, 6); // StopControllerModule
  490. mem::TrampHook32((BYTE*)BaseAddress + 0x2467F0, (BYTE*)StopWireframeModule, 6); // StopWireframeModule
  491. mem::TrampHook32((BYTE*)BaseAddress + 0x2466E0, (BYTE*)StopRaycastModule, 6); // StopRaycastModule
  492. mem::TrampHook32((BYTE*)BaseAddress + 0x245180, (BYTE*)InitRigidModule, 6); // InitRigidModule
  493. mem::TrampHook32((BYTE*)BaseAddress + 0x244FD0, (BYTE*)InitControllerModule, 6); // InitControllerModule
  494. mem::TrampHook32((BYTE*)BaseAddress + 0x2468E0, (BYTE*)UninitRigidModule, 6); // UninitRigidModule
  495. mem::TrampHook32((BYTE*)BaseAddress + 0x246830, (BYTE*)UninitControllerModule, 6); // UninitControllerModule
  496. mem::TrampHook32((BYTE*)BaseAddress + 0x244C70, (BYTE*)Detect, 6); // Detect
  497. mem::TrampHook32((BYTE*)BaseAddress + 0x244F70, (BYTE*)GenerateColor, 6); // GenerateColor
  498. mem::TrampHook32((BYTE*)BaseAddress + 0x244BA0, (BYTE*)ColorsSimilar, 6); // ColorsSimilar
  499. mem::TrampHook32((BYTE*)BaseAddress + 0x66AFD0, (BYTE*)MoveNext, 6); // MoveNext
  500. mem::TrampHook32((BYTE*)BaseAddress + 0x66AA70, (BYTE*)MoveNext, 6); // MoveNext
  501. std::cout << "Defeated Anti-Cheat!" << std::endl;
  502. //war_Spawn = (__Spawn)mem::TrampHook32((BYTE*)BaseAddress + 0x1D8950, (BYTE*)Spawn, 6);
  503. //_CreatePlayer = (__CreatePlayer)mem::TrampHook32((BYTE*)BaseAddress + 0x5B3360, (BYTE*)CreatePlayer, 6);
  504.  
  505. //_OnJoinRound = (__OnJoinRound)mem::TrampHook32((BYTE*)BaseAddress + 0x5B3360, (BYTE*)hkOnJoinRound, 6);
  506. std::cout << "Hooked!" << std::endl;
  507. while (true) {
  508. uintptr_t addr;
  509. uintptr_t IsIngamePtr = mem::FindDMAAddy(UnityBaseAddress + 0x0118EE38, { 0x170 });
  510.  
  511.  
  512.  
  513. int isgame = *(int*)IsIngamePtr;
  514.  
  515. if (isgame == 1) {
  516.  
  517. addr = mem::FindDMAAddy(BaseAddress + 0x00F1C254, { 0x34, 0x5B0, 0x0, 0x7B8, 0x2D8 });
  518. if (addr == (uintptr_t)0xDEADBEEF) {
  519. continue;
  520. }
  521. if (*(bool*)addr) {
  522. FirstPersonPlayer_StaticFields* locPlayerPtr = (FirstPersonPlayer_StaticFields*)addr;
  523. FirstPersonPlayer_StaticFields locPlayer = *locPlayerPtr;
  524.  
  525. if ((int)locPlayer.debug == 1) {
  526. if ((uintptr_t)locPlayer.currweapon == (uintptr_t)nullptr) { // 2D8
  527. }
  528. else {
  529. std::string posistr;
  530. UnityEngine_Vector3_o* posiptr = (UnityEngine_Vector3_o*)mem::FindDMAAddy(UnityBaseAddress + 0x0118EDAC, { 0x314,0x4F8,0x208,0x20,0x80 });
  531. posistr = std::to_string(posiptr->x) + " / " + std::to_string(posiptr->y) + " / " + std::to_string(posiptr->z);
  532. std::cout << posistr << std::endl;
  533. locPlayer.currweapon->data->WalkAcceleration = 0.4;
  534. locPlayer.currweapon->data->RunAcceleration = 0.6;
  535. locPlayer.currweapon->clip = 1337;
  536.  
  537. }
  538.  
  539. Sleep(1000);
  540. }
  541.  
  542. }
  543. else {
  544.  
  545. }
  546.  
  547.  
  548.  
  549.  
  550. }
  551. if (GetAsyncKeyState(VK_END) & 1) {
  552. return;
  553. }
  554.  
  555. }
  556.  
  557. }
  558.  
  559. BOOL APIENTRY DllMain(HMODULE hModule,
  560. DWORD ul_reason_for_call,
  561. LPVOID lpReserved
  562. )
  563. {
  564. switch (ul_reason_for_call)
  565. {
  566. case DLL_PROCESS_ATTACH:
  567. CreateThread(0, 0, (LPTHREAD_START_ROUTINE)StartCheat, 0, 0, 0);
  568.  
  569. case DLL_THREAD_ATTACH:
  570. case DLL_THREAD_DETACH:
  571. case DLL_PROCESS_DETACH:
  572. break;
  573. }
  574. return TRUE;
  575. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!