AW Aimbot

1. //1.04 Thanks to Bad Luck Brian
2. //Note: As you can tell, I have not updated 3 addresses. They are not important, and the aimbot will work without them all you need to do is Aimbot.Run();
3. public static class AW
4. {
5.  
6. /*general addresses*/
7. static uint RPC_func = 0x5FCBF0,//1.04
8. playerstate_s = 0x1950880,//1.04
9. gentity_s = 0x1860880,//1.04
10. button_s = playerstate_s + 0xA64,//1.04
11. redBoxes = 0x0019610b,//1.04
12. setClientViewAngles = 0x2F4530,//1.04
13. ESP = 0x05CEE74,//1.02
14. sv_hostname = 0x02555e58 + 0xC,//1.02
15. g_gamemode = 0x02555c24; //1.02
16.  
17.  
18.  
19. /*offsets related to playerstate_s*/
20. static uint origins = 0x78,
21. stance = 0x3A66,
22. team = 0x3AF0,
23. name = 0x3AA8;
24.  
25. /*offsets related to gentity_s*/
26. static uint spawned = 0x172;
27.  
28.  
29.  
30. public static class Game {
31.  
32. public enum buttons {
33. CROSS = 0x10,
34. CIRCLE = 0x18,
35. SQUARE = 0x24,
36. TRIANGLE = 0x30,
37. L1 = 0x40,
38. R1 = 0x48,
39. DPAD_UP = 0xF0,
40. DPAD_DOWN = 0xFC,
41. DPAD_LEFT = 0x108,
42. DPAD_RIGHT = 0x114
43. }
44. public enum ESPMODES {
45. OFF,
46. LOW,
47. HIGH
48.  
49. }
50.  
51. public static uint getPS(int client, uint offset = 0) { return playerstate_s + (uint)client * 0x4180 + offset; }
52. public static uint getGent(int client, uint offset = 0) { return gentity_s + (uint)client * 0x280 + offset; }
53. public static bool isPressed(buttons key) { return (PS3.ReadInt(button_s+(uint)key) == 1);}
54. public static void enableESP(ESPMODES state)
55. {
56. switch (state)
57. {
58. case ESPMODES.OFF:
59. byte[] ESP = new byte[] { 0x3B, 0xC0, 0x25, 0x00 }; PS3.SetMemory(AW.ESP, ESP, 4);
60. break;
61.  
62. case ESPMODES.LOW:
63. byte[] ESP1 = new byte[] { 0x3B, 0xC0, 0xA1, 0x05 }; PS3.SetMemory(AW.ESP, ESP1, 4);
64. break;
65.  
66. case ESPMODES.HIGH:
67. byte[] ESP2 = new byte[] { 0x3B, 0xC0, 0xA1, 0x15 }; PS3.SetMemory(AW.ESP, ESP2, 4);
68. break;
69.  
70. }
71. }
72. public static void enableWALLHACK(bool state = true){ if (state)PS3.WriteByte(AW.redBoxes, 1); else PS3.WriteByte(AW.redBoxes, 0); }
73. public static bool isAlive(int client){ return (PS3.ReadShort(getGent(client, spawned)) == 1); }
74. public static bool sameTeam(int p1, int p2){ return (PS3.ReadInt(getPS(p1, team)) == PS3.ReadInt(getPS(p2, team))); }
75. public static bool isFFA() { return (PS3.ReadString(PS3.ReadUInt(g_gamemode)) == "dm");}
76. public static int findHost() {
77. string hostname = PS3.ReadString(PS3.ReadUInt(sv_hostname));
78. for (int i = 0; i < 18; i++) {
79. if (PS3.ReadString(Game.getPS(i, name)) == hostname) {
80. return i;
81. }
82. }
83. return 0;
84. }
85. }
86.  
87. public static class RPC {
88.  
89. public static void enableRPC(){
90. byte[] RPC = new byte[] { 0x3D, 0x80, 0x02, 0x10, 0x80, 0x8C, 0x00, 0x00, 0x2C, 0x04, 0x00, 0x00, 0x41, 0x82, 0x00, 0x70, 0x80, 0x6C, 0x00, 0x04, 0x80, 0x8C, 0x00, 0x08, 0x80, 0xAC, 0x00, 0x0C, 0x80, 0xCC, 0x00, 0x10, 0x80, 0xEC, 0x00, 0x14, 0x81, 0x0C, 0x00, 0x18, 0x81, 0x2C, 0x00, 0x1C, 0x81, 0x4C, 0x00, 0x20, 0x81, 0x6C, 0x00, 0x24, 0xC0, 0x2C, 0x00, 0x28, 0xC0, 0x4C, 0x00, 0x2C, 0xC0, 0x6C, 0x00, 0x30, 0xC0, 0x8C, 0x00, 0x34, 0xC0, 0xAC, 0x00, 0x38, 0xC0, 0xCC, 0x00, 0x3C, 0xC0, 0xEC, 0x00, 0x40, 0xC1, 0x0C, 0x00, 0x44, 0xC1, 0x2C, 0x00, 0x48, 0x81, 0x8C, 0x00, 0x00, 0x7D, 0x89, 0x03, 0xA6, 0x39, 0x80, 0x00, 0x00, 0x4E, 0x80, 0x04, 0x21, 0x3C, 0x80, 0x02, 0x10, 0x90, 0x64, 0x00, 0x4C, 0x38, 0x60, 0x00, 0x00, 0x90, 0x64, 0x00, 0x00, 0x48, 0x00, 0x00, 0x04, 0xE8, 0x01, 0x05, 0x20, 0x7C, 0x08, 0x03, 0xA6, 0xCB, 0xC1, 0x05, 0x00, 0xCB, 0xE1, 0x05, 0x08, 0xEA, 0xE1, 0x04, 0xB8, 0xEB, 0x01, 0x04, 0xC0, 0xEB, 0x21, 0x04, 0xC8, 0xEB, 0x41, 0x04, 0xD0, 0xEB, 0x61, 0x04, 0xD8, 0xEB, 0x81, 0x04, 0xE0, 0xEB, 0xA1, 0x04, 0xE8, 0xEB, 0xC1, 0x04, 0xF0, 0xEB, 0xE1, 0x04, 0xF8, 0x38, 0x21, 0x05, 0x10, 0x4E, 0x80, 0x00, 0x20, 0x60, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00 };
91. byte[] PAUSE = new byte[] { 0x4E, 0x80, 0x00, 0x20 };
92. byte[] UNPAUSE = new byte[] { 0xF8, 0x21, 0xFA, 0xF1 };
93.  
94. PS3.SetMemory(RPC_func, PAUSE);
95. PS3.SetMemory(RPC_func + 0x50, RPC);
96. System.Threading.Thread.Sleep(10);
97. PS3.SetMemory(RPC_func, UNPAUSE, 4);
98. }
99. public static uint Call(uint func_address, params object[] parameters)
100. {
101. int num_params = parameters.Length;
102. uint num_floats = 0;
103. for (uint i = 0; i < num_params; i++)
104. {
105. if (parameters[i] is int)
106. {
107. PS3.WriteInt(0x2100004 + (i + num_floats) * 4, (int)parameters[i] );
108. }
109. else if (parameters[i] is uint)
110. {
111. PS3.WriteUInt(0x2100004 + (i + num_floats) * 4, (uint)parameters[i]);
112. }
113. else if (parameters[i] is string)
114. {
115. for (int ii = 0; ii < 10 * 0x400; ii += 0x400)
116. {
117. if (PS3.ReadByte(0x2101000 + (uint)ii) == 0x00)
118. {
119. PS3.WriteString(0x2101000 + (uint)ii, (string)parameters[i]);
120. PS3.WriteUInt(0x2100004 + (i + num_floats) * 4, 0x2101000 + (uint)ii);
121. }
122. else
123. {
124. byte[] eraser = new byte[0x400*10];
125. PS3.SetMemory(0x2101000, eraser);
126. PS3.WriteString(0x2101000, (string)parameters[i]);
127. PS3.WriteUInt(0x2100004 + (i + num_floats) * 4, 0x2101000);
128. }
129. }
130.  
131.  
132. }
133. else if (parameters[i] is float)
134. {
135. PS3.WriteFloat(0x2100004 + (uint)i * 0x4, (float)parameters[i]);
136. }
137. }
138.  
139. PS3.WriteUInt(0x2100000, func_address);
140. System.Threading.Thread.Sleep(10);
141. return PS3.ReadUInt(0x210004C);
142. }
143.  
144. }
145.  
146.  
147. public static class Aimbot {
148.  
149. public static int host = 0;
150.  
151. static float[] getOrigins(int client)
152. {
153. return new float[] { PS3.ReadFloat(Game.getPS(client, origins)), PS3.ReadFloat(Game.getPS(client, origins + 4)), PS3.ReadFloat(Game.getPS(client, origins + 8)) };
154. }
155. static float[] posToVec(float[] attacker, float[] victim)
156. {
157. return new float[] { (victim[0] - attacker[0]),(victim[1] - attacker[1]),(victim[2] - attacker[2])};
158. }
159. static float[] vecToAngles(float[] vec)
160. {
161. float M_PI = 3.14159265358979323846f;
162. float forward;
163. float yaw, pitch;
164.  
165. if (vec[1] == 0 && vec[0] == 0)
166. {
167. yaw = 0;
168. if (vec[2] > 0)
169. {
170. pitch = 90f;
171. }
172. else
173. {
174. pitch = 270f;
175. }
176. }
177. else
178. {
179.  
180. if (vec[0] != 0)
181. {
182. yaw = ((float)Math.Atan2(Convert.ToDouble(vec[1]), Convert.ToDouble(vec[0])) * 180f / M_PI);
183. }
184. else if (vec[1] > 0)
185. {
186. yaw = 90f;
187. }
188. else
189. {
190. yaw = 270f;
191. }
192. if (yaw < 0)
193. {
194. yaw += 360f;
195. }
196.  
197. forward = (float)Math.Sqrt(Convert.ToDouble(vec[0] * vec[0] + vec[1] * vec[1]));
198. pitch = ((float)Math.Atan2(Convert.ToDouble(vec[2]), Convert.ToDouble(forward))) * 180f / M_PI;
199. if (pitch < 0)
200. {
201. pitch += 360f;
202. }
203. }
204.  
205. return new float[] { -pitch, yaw, 0 };
206. }
207. static void doMyStance(int client, float[] vec)
208. {
209. byte stance = PS3.ReadByte(Game.getPS(client, AW.stance));
210. if (stance == 2 || stance == 0x42 || stance == 0x82 || stance == 0x0A || stance == 0x22){
211. vec[2] += 44f;
212. }
213. else if (stance == 1 || stance == 0x41 || stance == 0x81 || stance == 0x09 || stance == 0x21){
214. vec[2] += 14f;
215. }
216. else{
217. vec[2] += 0f;
218. }
219. }
220. static void doHisStance(int client, float[] vec)
221. {
222. byte stance = PS3.ReadByte(Game.getPS(client, AW.stance));
223. if (stance == 2 || stance == 0x42 || stance == 0x82 || stance == 0x0A || stance == 0x22){
224. vec[2] -= 46f;
225. }
226. else if (stance == 1 || stance == 0x41 || stance == 0x81 || stance == 0x09 || stance == 0x21){
227. vec[2] -= 18f;
228. }
229. else{
230. vec[2] -= 0f;
231. }
232. }
233. static void setclientAngles(int client, float[] angles)
234. {
235. PS3.WriteFloat(0x2100100, angles[0]);
236. PS3.WriteFloat(0x2100104, angles[1]);
237. PS3.WriteFloat(0x2100108, angles[2]);
238.  
239. RPC.Call(setClientViewAngles, new object[] { Game.getGent(client), 0x2100100 });
240.  
241. }
242. static float getDistance(float[] p1, float[] p2)
243. {
244. float xSqr = (p1[0] - p2[0]) * (p1[0] - p2[0]);
245. float ySqr = (p1[1] - p2[1]) * (p1[1] - p2[1]);
246. float zSqr = (p1[2] - p2[2]) * (p1[2] - p2[2]);
247.  
248. float mySqr = xSqr + ySqr + zSqr;
249.  
250. return (float)Math.Sqrt(Convert.ToDouble(mySqr));
251. }
252. static int getNearestPlayer(int attacker)
253. {
254. int curClient = 0;
255. float curDistance = float.MaxValue;
256. for (int i = 0; i < 18; i++)
257. {
258. if (!Game.isFFA())
259. {
260. if (attacker != i && Game.isAlive(i) && !Game.sameTeam(attacker, i))
261. {
262. float[] myOrigins = getOrigins(attacker), hisOrigins = getOrigins(i);
263.  
264. float dist = getDistance(myOrigins, hisOrigins);
265. if (dist < curDistance)
266. {
267. curDistance = dist;
268. curClient = i;
269. }
270. }
271. }
272. else {
273. if (attacker != i && Game.isAlive(i))
274. {
275. float[] myOrigins = getOrigins(attacker), hisOrigins = getOrigins(i);
276.  
277. float dist = getDistance(myOrigins, hisOrigins);
278. if (dist < curDistance)
279. {
280. curDistance = dist;
281. curClient = i;
282. }
283. }
284. }
285. }
286. return curClient;
287. }
288. public static void RUN(){
289.  
290. if (Game.isPressed(Game.buttons.L1)){
291.  
292. int vic = getNearestPlayer(host);
293. float[] vec = posToVec(getOrigins(host), getOrigins(vic));
294. doMyStance(host, vec);
295. doHisStance(vic, vec);
296.  
297. float[] angles = vecToAngles(vec);
298.  
299. setclientAngles(host, angles);
300.  
301.  
302. }
303.  
304. }
305.  
306.  
307.  
308.  
309.  
310. }
311. }