• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Results 1 to 2 of 2
    1. #1
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      darkfang5820's Avatar
      Join Date
      Oct 2013
      Posts
      1
      Thanks (-->)
      0
      Thanks (<--)
      0

      Garry's Mod Aimbot crash on engine.dll snapshot

      Silent VPN
      Greetings,

      I am attempting to adapt Fleep's C++ memory aimbot to Garry's Mod, which should be fairly simple since it is on the same engine. Everything seems to be working, but when I run the game crashes when HackProcess.h attempts to get the moduleBaseAddress of engine.dll. The rest of the HackProcess.h file is exactly the same, I just changed it to work with Garry's Mod:

      Code:
      #pragma once
       
      #pragma once
      
      #include <Windows.h>
      #include <TlHelp32.h>
      #include <tchar.h>
      
      //THIS FILE SIMPLY DOES MOST OF THE BACKEND WORK FOR US, 
      //FROM FINDING THE PROCESS TO SETTING UP CORRECT ACCESS FOR US 
      //TO EDIT MEMORY 
      //IN MOST GAMES, A SIMPLER VERSION OF THIS CAN BE USED, or if you're injecting then its often not necessary
      //This file has been online for quite a while so credits should be shared but im using this from NubTIK
      //So Credits to him and thanks
      
      class CHackProcess
      {
      public:
      
      	PROCESSENTRY32 __gameProcess;
      	HANDLE __HandleProcess;
      	HWND __HWNDCss; 
      	DWORD __dwordClient;
      	DWORD __dwordEngine;
      	DWORD __dwordOverlay;
      	DWORD __dwordVGui;
      	DWORD __dwordLibCef;
      	DWORD __dwordSteam; 
      	DWORD FindProcessName(const char *__ProcessName, PROCESSENTRY32 *pEntry)
      	{	 
      		PROCESSENTRY32 __ProcessEntry;
      		__ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
      		HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
      		if (hSnapshot == INVALID_HANDLE_VALUE) return 0;        if (!Process32First(hSnapshot, &__ProcessEntry))
      		{
      			CloseHandle(hSnapshot);
      			return 0;
      		}
      		do{if (!_strcmpi(__ProcessEntry.szExeFile, __ProcessName))
      		{
      			memcpy((void *)pEntry, (void *)&__ProcessEntry, sizeof(PROCESSENTRY32));
      			CloseHandle(hSnapshot);
      			return __ProcessEntry.th32ProcessID;
      		}} while (Process32Next(hSnapshot, &__ProcessEntry));
      		CloseHandle(hSnapshot);
              return 0;
      }
      
      
      DWORD getThreadByProcess(DWORD __DwordProcess)
      {	 
      		THREADENTRY32 __ThreadEntry;
      		__ThreadEntry.dwSize = sizeof(THREADENTRY32);
      		HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
      		if (hSnapshot == INVALID_HANDLE_VALUE) return 0;
      
      		if (!Thread32First(hSnapshot, &__ThreadEntry)) {CloseHandle(hSnapshot); return 0; }
      
              do {if (__ThreadEntry.th32OwnerProcessID == __DwordProcess)
      		{
      			CloseHandle(hSnapshot);
      			return __ThreadEntry.th32ThreadID;
      		}} while (Thread32Next(hSnapshot, &__ThreadEntry)); 
      		CloseHandle(hSnapshot);       
      		return 0;
      }
      
      DWORD_PTR dwGetModuleBaseAddress(DWORD dwProcessIdentifier, TCHAR *szModuleName)
      {
         DWORD_PTR dwModuleBaseAddress = 0;
         HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcessIdentifier); 
         if (hSnapshot != INVALID_HANDLE_VALUE)
         {
            MODULEENTRY32 ModuleEntry32;
            ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
            if (Module32First(hSnapshot, &ModuleEntry32))
            {
               do
               {
                  if (_tcscmp(ModuleEntry32.szModule, szModuleName) == 0)
                  {
                     dwModuleBaseAddress = (DWORD_PTR)ModuleEntry32.modBaseAddr;
                     break;
                  }
               }
               while (Module32Next(hSnapshot, &ModuleEntry32));
            }
            CloseHandle(hSnapshot);
         }
         return dwModuleBaseAddress;
      }
      
      
      void runSetDebugPrivs() 
      {
      	HANDLE __HandleProcess=GetCurrentProcess(), __HandleToken;
      	TOKEN_PRIVILEGES priv;
      	LUID __LUID; 
      	OpenProcessToken(__HandleProcess, TOKEN_ADJUST_PRIVILEGES, &__HandleToken);
      	LookupPrivilegeValue(0, "seDebugPrivilege", &__LUID);
          priv.PrivilegeCount = 1;
      	priv.Privileges[0].Luid = __LUID;
      	priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(__HandleToken, false, &priv, 0, 0, 0);
      	CloseHandle(__HandleToken);
      	CloseHandle(__HandleProcess);
      }
      	
      	
      	
      void RunProcess()
      {
      	//commented lines are for non steam versions of the game
      	runSetDebugPrivs();
      	while (!FindProcessName("hl2.exe", &__gameProcess)) Sleep(12);
      	while (!(getThreadByProcess(__gameProcess.th32ProcessID))) Sleep(12);
      	__HandleProcess = OpenProcess(PROCESS_ALL_ACCESS, false, __gameProcess.th32ProcessID); 
      	while(__dwordClient == 0x0) __dwordClient = dwGetModuleBaseAddress(__gameProcess.th32ProcessID, _T("client.dll"));
      	while(__dwordEngine == 0x0) __dwordEngine = dwGetModuleBaseAddress(__gameProcess.th32ProcessID, _T("engine.dll"));
      	while(__dwordVGui == 0x0) __dwordVGui = dwGetModuleBaseAddress(__gameProcess.th32ProcessID, _T("vguimatsurface.dll"));
      	__HWNDCss = FindWindow(NULL, "Garry's Mod"); 
      }
      };
      
      extern CHackProcess fProcess;

      Does anyone have a solution, or at least a reason, for this crash?

    2. #2
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      Silent VPN
      Open a console window and write everything to there, e.g. which address your program has found etc..

    Similar Game Hacker Threads

    1. [Source Code] New Garry's Mod Addresses
      By Teeq in forum Source Engine Hacks
      Replies: 1
      Last Post: 05-07-2016, 06:09 AM
    2. [Help] snapshot same error always
      By darknessxk in forum C/C++
      Replies: 3
      Last Post: 07-27-2015, 08:12 AM
    3. [Help] CSGO Aimbot crash
      By Xero in forum Hacking Help
      Replies: 3
      Last Post: 03-20-2015, 12:05 PM
    4. Replies: 22
      Last Post: 09-27-2014, 11:32 AM
    5. Replies: 4
      Last Post: 11-30-2012, 04:34 PM

    Tags for this Thread