API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 25th, 2018
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.75 KB | None | 0 0
raw download clone embed print report
  1. #include "stdafx.h"
  2. #include <windows.h>
  3. #include <TlHelp32.h>
  4. #include <iostream>
  5.  
  6. typedef unsigned char uint8_t;
  7.  
  8. template <typename T, size_t N>
  9.  
  10. size_t countof(T(&array)[N])
  11. {
  12. return N;
  13. }
  14.  
  15. DWORD dwLocalPlayer; //will be scanned
  16. DWORD dwEntityList; //will be scanned
  17. DWORD dwGlow; //will be scanned
  18.  
  19. DWORD dwTeam = 0xF0;
  20. DWORD dwDormant = 0xE9;
  21.  
  22. struct PModule
  23. {
  24. DWORD dwBase;
  25. DWORD dwSize;
  26. };
  27.  
  28. /* Debugger/Process API implementation class */
  29. class process
  30. {
  31.  
  32. public:
  33. bool Attach(char* pName, DWORD rights)
  34. {
  35. HANDLE handle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
  36. PROCESSENTRY32 entry;
  37. entry.dwSize = sizeof(entry);
  38.  
  39. do
  40. if (!strcmp(entry.szExeFile, pName)) {
  41. pID = entry.th32ProcessID;
  42. CloseHandle(handle);
  43. _process = OpenProcess(rights, false, pID);
  44. return true;
  45. }
  46. while (Process32Next(handle, &entry));
  47. return false;
  48. }
  49. PModule GetModule(char* moduleName) {
  50. HANDLE module = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pID);
  51. MODULEENTRY32 mEntry;
  52. mEntry.dwSize = sizeof(mEntry);
  53.  
  54. do {
  55. if (!strcmp(mEntry.szModule, (LPSTR)moduleName)) {
  56. CloseHandle(module);
  57.  
  58. PModule mod = { (DWORD)mEntry.hModule, mEntry.modBaseSize };
  59. return mod;
  60. }
  61. } while (Module32Next(module, &mEntry));
  62.  
  63. PModule mod = { (DWORD)false, (DWORD)false };
  64. return mod;
  65. }
  66.  
  67. template <class T>
  68. T Read(DWORD addr) {
  69. T _read;
  70. ReadProcessMemory(_process, (LPVOID)addr, &_read, sizeof(T), NULL);
  71. return _read;
  72. }
  73. template <class T>
  74. void Write(DWORD addr, T val) {
  75. WriteProcessMemory(_process, (LPVOID)addr, &val, sizeof(T), NULL);
  76. }
  77.  
  78. DWORD FindPattern(DWORD start, DWORD size, const char* sig, const char* mask) {
  79. BYTE* data = new BYTE[size];
  80.  
  81. unsigned long bytesRead;
  82. if (!ReadProcessMemory(_process, (LPVOID)start, data, size, &bytesRead)) {
  83. return NULL;
  84. }
  85.  
  86. for (DWORD i = 0; i < size; i++) {
  87. if (DataCompare((const BYTE*)(data + i), (const BYTE*)sig, mask)) {
  88. return start + i;
  89. }
  90. }
  91. return NULL;
  92. }
  93.  
  94. DWORD FindPatternArray(DWORD start, DWORD size, const char* mask, int count, ...) {
  95. char* sig = new char[count + 1];
  96. va_list ap;
  97. va_start(ap, count);
  98. for (int i = 0; i < count; i++) {
  99. char read = va_arg(ap, char);
  100. sig[i] = read;
  101. }
  102. va_end(ap);
  103. sig[count] = '\0';
  104. return FindPattern(start, size, sig, mask);
  105. }
  106.  
  107.  
  108. private:
  109. HANDLE _process;
  110. DWORD pID;
  111. bool DataCompare(const BYTE* pData, const BYTE* pMask, const char* pszMask) {
  112. for (; *pszMask; ++pszMask, ++pData, ++pMask) {
  113. if (*pszMask == 'x' && *pData != *pMask) {
  114. return false;
  115. }
  116. }
  117. return (*pszMask == NULL);
  118. }
  119. };
  120.  
  121. /* Glow Object structure in csgo */
  122. struct glow_t
  123. {
  124. DWORD dwBase;
  125. float r;
  126. float g;
  127. float b;
  128. float a;
  129. uint8_t unk1[16];
  130. bool m_bRenderWhenOccluded;
  131. bool m_bRenderWhenUnoccluded;
  132. bool m_bFullBloom;
  133. uint8_t unk2[14];
  134. };
  135.  
  136. /* Entity structure in csgo */
  137. struct Entity
  138. {
  139. DWORD dwBase;
  140. int team;
  141. bool is_dormant;
  142. };
  143.  
  144. /* Player structure in csgo */
  145. struct Player
  146. {
  147. DWORD dwBase;
  148. bool isDormant;
  149. };
  150.  
  151. process memory;
  152. process _modClient;
  153. process* mem;
  154. PModule modClient;
  155.  
  156. int iFriendlies;
  157. int iEnemies;
  158.  
  159. Entity entEnemies[32];
  160. Entity entFriendlies[32];
  161. Entity me;
  162.  
  163. void update_entity_data(Entity* e, DWORD dwBase)
  164. {
  165. int dormant = memory.Read<int>(dwBase + dwDormant);
  166. e->dwBase = dwBase;
  167. e->team = memory.Read<int>(dwBase + dwTeam);
  168. e->is_dormant = dormant == 1;
  169. }
  170. /* Get Pointer To Client.dll*/
  171. PModule* GetClientModule() {
  172. if (modClient.dwBase == 0 && modClient.dwSize == 0) {
  173. modClient = memory.GetModule("client.dll");
  174. }
  175. return &modClient;
  176. }
  177.  
  178. Entity* GetEntityByBase(DWORD dwBase) {
  179.  
  180. for (int i = 0; i < iFriendlies; i++) {
  181. if (dwBase == entFriendlies[i].dwBase) {
  182. return &entFriendlies[i];
  183. }
  184. }
  185. for (int i = 0; i < iEnemies; i++) {
  186. if (dwBase == entEnemies[i].dwBase) {
  187. return &entEnemies[i];
  188. }
  189. }
  190. return nullptr;
  191. }
  192.  
  193. /* offset updating class, that uses patterns to find memory addresses */
  194. class offset
  195. {
  196. private:
  197. static void update_local_player() {
  198. DWORD lpStart = mem->FindPatternArray(modClient.dwBase, modClient.dwSize, "xxx????xx????xxxxx?", 19, 0x8D, 0x34, 0x85, 0x0, 0x0, 0x0, 0x0, 0x89, 0x15, 0x0, 0x0, 0x0, 0x0, 0x8B, 0x41, 0x8, 0x8B, 0x48, 0x0);
  199. DWORD lpP1 = mem->Read<DWORD>(lpStart + 3);
  200. BYTE lpP2 = mem->Read<BYTE>(lpStart + 18);
  201. dwLocalPlayer = (lpP1 + lpP2) - modClient.dwBase;
  202. }
  203.  
  204. static void update_entity_list() {
  205. DWORD elStart = mem->FindPatternArray(modClient.dwBase, modClient.dwSize, "x????xx?xxx", 11, 0x5, 0x0, 0x0, 0x0, 0x0, 0xC1, 0xE9, 0x0, 0x39, 0x48, 0x4);
  206. DWORD elP1 = mem->Read<DWORD>(elStart + 1);
  207. BYTE elP2 = mem->Read<BYTE>(elStart + 7);
  208. dwEntityList = (elP1 + elP2) - modClient.dwBase;
  209. }
  210.  
  211. static void update_glow() {
  212. DWORD gpStart = mem->FindPatternArray(modClient.dwBase, modClient.dwSize, "xxx????xxxxx????????", 20, 0x0F, 0x11, 0x05, 0x0, 0x0, 0x0, 0x0, 0x83, 0xC8, 0x01, 0xC7, 0x05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0);
  213. dwGlow = mem->Read<DWORD>(gpStart + 3) - modClient.dwBase;
  214. }
  215. public:
  216. static void get_offset(process* m) {
  217. mem = m;
  218. modClient = mem->GetModule("client.dll");
  219. update_local_player();
  220. update_entity_list();
  221. update_glow();
  222. }
  223.  
  224. //constantly scanning & updating our offsets
  225. static DWORD WINAPI scan_offsets(LPVOID PARAM)
  226. {
  227. Entity players[64];
  228. while (true) {
  229. Sleep(1);
  230. DWORD playerBase = memory.Read<DWORD>(GetClientModule()->dwBase + dwLocalPlayer);
  231. int cp = 0;
  232.  
  233. update_entity_data(&me, playerBase);
  234. for (int i = 1; i < 64; i++) {
  235. DWORD entBase = memory.Read<DWORD>((GetClientModule()->dwBase + dwEntityList) + i * 0x10);
  236.  
  237. if (entBase == NULL)
  238. continue;
  239.  
  240. update_entity_data(&players[cp], entBase);
  241.  
  242. cp++;
  243. }
  244.  
  245. int cf = 0, ce = 0;
  246.  
  247. for (int i = 0; i < cp; i++) {
  248. if (players[i].team == me.team) {
  249. entFriendlies[cf] = players[i];
  250. cf++;
  251. }
  252. else {
  253. entEnemies[ce] = players[i];
  254. ce++;
  255. }
  256. }
  257. iEnemies = ce;
  258. iFriendlies = cf;
  259. }
  260. }
  261. };
  262.  
  263.  
  264. class virtualesp
  265. {
  266. private:
  267. static void glow_player(DWORD mObj, float r, float g, float b)
  268. {
  269. memory.Write<float>(mObj + 0x4, r);
  270. memory.Write<float>(mObj + 0x8, g);
  271. memory.Write<float>(mObj + 0xC, b);
  272. memory.Write<float>(mObj + 0x10, 1.0f);
  273. memory.Write<BOOL>(mObj + 0x24, true);
  274. memory.Write<BOOL>(mObj + 0x25, false);
  275. }
  276.  
  277. static float SanitizeColor(int value)
  278. {
  279. if (value > 255) value = 255;
  280. if (value < 0) value = 0;
  281. return (float)value / 255;
  282. }
  283. public:
  284. static void start_engine() {
  285. while (!memory.Attach("csgo.exe", PROCESS_ALL_ACCESS)) {
  286. Sleep(100);
  287. }
  288. do {
  289. Sleep(1000);
  290. offset::get_offset(&memory);
  291. } while (dwLocalPlayer < 65535);
  292. CreateThread(NULL, NULL, &offset::scan_offsets, NULL, NULL, NULL);
  293. }
  294.  
  295. static unsigned long __stdcall esp_thread(void*)
  296. {
  297. int objectCount;
  298. DWORD pointerToGlow;
  299. Entity* Player = NULL;
  300. float Friend = SanitizeColor(100);
  301. float Enemy = SanitizeColor(140);
  302.  
  303. while (true)
  304. {
  305. Sleep(1);
  306. pointerToGlow = memory.Read<DWORD>(GetClientModule()->dwBase + dwGlow);
  307. objectCount = memory.Read<DWORD>(GetClientModule()->dwBase + dwGlow + 0x4);
  308. if (pointerToGlow != NULL && objectCount > 0)
  309. {
  310. for (int i = 0; i < objectCount; i++)
  311. {
  312. DWORD mObj = pointerToGlow + i * sizeof(glow_t);
  313. glow_t glowObject = memory.Read<glow_t>(mObj);
  314. Player = GetEntityByBase(glowObject.dwBase);
  315.  
  316. if (glowObject.dwBase == NULL || Player == nullptr || Player->is_dormant) {
  317. continue;
  318. }
  319. if (me.team == Player->team) {
  320. //glow_player(mObj, 0, 0, Friend);
  321. }
  322. else {
  323. glow_player(mObj, Enemy, 0, 0);
  324. }
  325. }
  326. }
  327. }
  328. return EXIT_SUCCESS;
  329. }
  330. };
  331.  
  332.  
  333. int main()
  334. {
  335. SetConsoleTitle("Example Glow");
  336. bool enabled = false;
  337. HANDLE ESP = NULL;
  338.  
  339. virtualesp::start_engine();
  340.  
  341. std::cout << "press F1 to toggle Glow!" << std::endl;
  342. while (TRUE)
  343. {
  344. Sleep(1);
  345. if (GetAsyncKeyState(VK_F1) & 1) {
  346. enabled = !enabled;
  347. if (enabled) {
  348. std::cout << "Glow: on" << std::endl;
  349. ESP = CreateThread(NULL, NULL, &virtualesp::esp_thread, NULL, NULL, NULL);
  350. }
  351. else {
  352. std::cout << "Glow: off" << std::endl;
  353. TerminateThread(ESP, 0);
  354. CloseHandle(ESP);
  355. }
  356. }
  357. }
  358. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!