Download Console Trainer Framework

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Alrighty folks.
So I thought it was about time I release this. Just about finished everything I wanted to do for the 1.0.
Anyways, my framework basically facilitates the creation of external console trainers with little to no work.

It handles all of the logic for:
Finding and opening the process, hotkeys, pattern scanning, code injection with automated code cave scanning... The lazy bastard inside of me is quite proud of that last one :p
You can basically do your typical nop (patch) hacks, your pointer value "freeze" hacks (frozen in a sep. thread ofc.), write arbitrary bytes to the process and yea...

I haven't tested it for x64 but it should work fine for the most part... lol

The trainer will reinitialize if the game crashes or if you shut it down and reopen it. You don't have to reopen the trainer, it figures itself out.
I added a menu that auto-populates and has colors :smile:

Link to where I got the colors.

It look like dis

Code for that trainer there looks like dis:

C++:
#include "Traxo.h"


void TrainerInitializer(Trainer * tn);

int main()
{	
	Trainer * tn = &trainer;
	Menu menu(*tn, "Traxo's Awesome Haxo");
	menu.Init();
	TrainerInitializer(tn);
	menu.Update();
	while (true)
	{
		if (tn->Update()) //If you toggle a hack it returns true.
			menu.Update();
		if (!tn->IsRunning())
		{
			menu.Update();
			tn->ReInit();
			menu.Update();
		}
	}

	system("pause");
	return 0;
}

void TrainerInitializer(Trainer * tn)
{
	//Initialize the trainer.
	tn->Init(L"ac_client.exe");

	//Create hack, set hotkey, add it to trainer.
	static Hack InfAmmo = tn->make.MakePatchHack(L"Inf Ammo", 0x4637E9, 2);
	InfAmmo.SetHotkey(VK_NUMPAD1);
	tn->AddOption(InfAmmo);

	Pointer pHealth = Pointer(0x50f4f4, std::vector<UINT>{0x358, 0x48, 0x1e8, 0x8, 0xf8});
	static Hack InfHealth = tn->make.MakeFreezePtrHack(L"Inf Health", pHealth, 150);
	InfHealth.SetHotkey(VK_NUMPAD2);
	tn->AddOption(InfHealth);
}

I haven't tested it extensively but.. we should be aight lol.

Credits and words are in Traxo.h.

Here's the repo for the framework.

Here's the repo for an example with one hit kill! (code injection example included basically)

I might make a tutorial on how to make code injection hacks with this framework if people ask for it... It's not the most intuitive but it really is extremely easy.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Thanks homie, I actually just pushed a pretty important bug-fix, did some dumb shit and just noticed it now.
Also testing it on a 64-bit game atm, working like a charm so far :)
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,185
78,998
2,399
Very nice! Everyone should be building a framework and go pro!
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Rake;46704 said:
Very nice! Everyone should be building a framework and go pro!
Hell yea, plus it was great practice to just build some shit off the top of head and then come back to it the day after trying to figure out where the fuck you left off lol.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Just pushed a couple of pretty important bug-fixes onto the git.
Fixed code injection across 32/64 bit targets.
Cleaned the source a tad bit, moved some shit around.
 

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
Just pushed a couple of pretty important bug-fixes onto the git.
Fixed code injection across 32/64 bit targets.
Cleaned the source a tad bit, moved some shit around.
I used one of your source ELTraxo/TCTF-AC on 64-bit game.

I found out that it uses so much CPU % usage (from 14% and jumped to 60% randomly after a few minutes) and caused crashes a lot. Any idea how to fix this? I tried put sleep(); at below but didn't help:

Code:
while (true)
    {
        if (tn->Update()) //If you toggle a hack it returns true.
            menu.Update();

        if (!tn->IsRunning())
        {
            menu.Update();
            tn->ReInit();
            menu.Update();
        }
        Sleep(1);
    }
I added at least 14 hacks from source below (copy/paste except the address/value) inside the trainer, maybe your source cant handle this much?

Code:
Pointer pGrenade = Pointer(0x138012064, std::vector<UINT>{0xC00});
    static Hack InfNade = tn->make.MakeFreezePtrHack(L"Mov Speed", pGrenade, 999);
    InfNade.SetHotkey(VK_INSERT);
    tn->AddOption(InfNade );
//There are 14 of these
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
I used one of your source ELTraxo/TCTF-AC on 64-bit game.

I found out that it uses so much CPU % usage (from 14% and jumped to 60% randomly after a few minutes) and caused crashes a lot. Any idea how to fix this? I tried put sleep(); at below but didn't help:

Code:
while (true)
    {
        if (tn->Update()) //If you toggle a hack it returns true.
            menu.Update();

        if (!tn->IsRunning())
        {
            menu.Update();
            tn->ReInit();
            menu.Update();
        }
        Sleep(1);
    }
I added at least 14 hacks from source below (copy/paste except the address/value) inside the trainer, maybe your source cant handle this much?

Code:
Pointer pGrenade = Pointer(0x138012064, std::vector<UINT>{0xC00});
    static Hack InfNade = tn->make.MakeFreezePtrHack(L"Mov Speed", pGrenade, 999);
    InfNade.SetHotkey(VK_INSERT);
    tn->AddOption(InfNade );
//There are 14 of these

Code runs slower than you think it should? Uses more memory than you think it should?

Beginners Guide to Performance Profiling
 

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
Code runs slower than you think it should? Uses more memory than you think it should?

Beginners Guide to Performance Profiling
Sorry, it didnt help at all.

Just pushed a couple of pretty important bug-fixes onto the git.
Fixed code injection across 32/64 bit targets.
Cleaned the source a tad bit, moved some shit around.
I put the sleep at 200, it seems cooling down the CPU usage now and keep it stays at 15-18% for hours. Anyway, i hope you can improve the framework source codes in future. Thanks.
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
Sorry, it didnt help at all.



I put the sleep at 200, it seems cooling down the CPU usage now and keep it stays at 15-18% for hours. Anyway, i hope you can improve the framework source codes in future. Thanks.
did you do the steps shown in the link..? it tells you specifically what takes up the most of the programs time
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,185
78,998
2,399
Sorry, it didnt help at all.
Bro. I ran the profiler and it instantly told me that the FreezeThread was using the most CPU, and that makes sense because it has to change the value of an address very rapidly to make it seem "Frozen" in the game. If you have 14 FreezeThreads then yeah that will cause a problem, stop using Freezes and do NOP hacks instead to modify the assembly, or at least change the freeze interval from 0.01f to something a bit longer.
 

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
Bro. I ran the profiler and it instantly told me that the FreezeThread was using the most CPU, and that makes sense because it has to change the value of an address very rapidly to make it seem "Frozen" in the game. If you have 14 FreezeThreads then yeah that will cause a problem, stop using Freezes and do NOP hacks instead to modify the assembly, or at least change the freeze interval from 0.01f to something a bit longer.
I changed the 0.01f in freeza.h to both 0.1f or 1.0f, also replaced the MakeFreezePtrHack with MakeWriteValPtrHack. it still show same result or cpu still overload randomly. Like i said, it didnt help at all.

What you mean by NOP? Change the bytes to 90 90 90 or no operation? But most my hacks require specific values, if i NOP all, it wont work.

I'm still learning ASM, but seriously how am i suppose to change the bytes below to 120000 value?



Edit: I remove all hacks and leave one, compile it in x64 and still CPU overload after a few minutes. @Rake Please test it yourself the source code. Btw, when Traxin will be online?

My computer spec:
Core i7 7700K (4.2G/8M)
DDR4 2400 C17 Kingston 16GB
MSI GTX1070 ARMOR 8GB
Samsung 860 Pro 512GB
Seagate Barracuda /7200rpm 2TB
Windows 10 Exterprise 64Bit
 
Last edited:

Teuvin

now I am become Death
Dank Tier VIP
Trump Tier Donator
Dec 8, 2016
403
10,388
65
I replaced the MakeFreezePtrHack with MakeWriteValPtrHack and changed the 0.01f in freeza.h to both 0.1f or 1.0f, it still show same result or cpu still overload randomly. Like i said, it didnt help at all.

Also, what you mean by NOP? Change the bytes to 90 90 90 or no operation? But most my hacks require specific values, if i NOP all, it wont work.
Like i said, it didnt help at all.
bNYqAXh.png
It's up to you to use the profiler and find what is using the most CPU, rake already gave you a hint and a possible solution, if it didn't work now it's your time to adapt the code and try and find another solution, we are here to help not to baby feed you, sorry man

In computer science, a NOP, no-op, or NOOP (pronounced "no op"; short for no operation) is an assembly language instruction, programming language statement, or computer protocol command that does nothing.
Yes, change the byte to 0x90, you don't have to NOP it all, you only need to NOP the instruction you need, we have a bunch of assault cube source codes where they use nop maybe you could take a look at them


You may/definately want to optimize the FreezeThread function, the for each loop is really the problem, you may need to find a way to cache it all
 
Last edited:

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
It's up to you to use the profiler and find what is using the most CPU, rake already gave you a hint and a possible solution, if it didn't work now it's your time to adapt the code and try and find another solution, we are here to help not to baby feed you, sorry man
Seriously, what's up with that baby feeding picture? I spent half day edit this and that Traxin's source trying to fix the cpu problem, so dont come here make post and tell me i didnt do anything and just begging for easy answer.

I already said it didnt work. This is your Traxin's source that's why i make this thread here and asking him what cause of this cpu overload in case he knew it, it's like student asking problem to his teacher. Am i asking too much??

Yes, change the byte to 0x90, you don't have to NOP it all, you only need to NOP the instruction you need, we have a bunch of assault cube source codes where they use nop maybe you could take a look at them
You mean this?

Code:
void RapidFire_H()
{
    if (bRapidFire)
    {
        AOBHack("\x89\x0A\x8B\x76\x14\xFF\x0E\x57\x8B\x7C\x24\x14", "xxxxxxxxxxxx", "ac_client.exe", true, "\x90\x90\x8B\x76\x14\xFF\x0E\x57\x8B\x7C\x24\x14", 12, 0);
    }
    else
    {
        AOBHack("\x90\x90\x8B\x76\x14\xFF\x0E\x57\x8B\x7C\x24\x14", "xxxxxxxxxxxx", "ac_client.exe", true, "\x89\x0A\x8B\x76\x14\xFF\x0E\x57\x8B\x7C\x24\x14", 12, 0);
    }
}

void NoRecoil_H()
{
    if (bNoRecoil)
    {
        AOBHack("\x8B\x16\x8B\x52\x14\x50\x8D\x4C\x24\x1C\x51\x8B\xCE\xFF\xD2\x8B\x46\x08", "xxxxxxxxxxxxxxxxxx", "ac_client.exe", true, "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x8B\x46\x08", 18, 0);
        //MessageBoxA(NULL,"No Recoil : ON" , "", NULL);
    }
    else
    {
        AOBHack("\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x8B\x46\x08", "xxxxxxxxxxxxxxxxxx", "ac_client.exe", true, "\x8B\x16\x8B\x52\x14\x50\x8D\x4C\x24\x1C\x51\x8B\xCE\xFF\xD2\x8B\x46\x08", 18, 0);
        //MessageBoxA(NULL,"No Recoil : OFF" , "", NULL);
    }
}
I just want to change value of a pointer, why i need go for the byte? Give me an example from 0x14285CB68 + BA4 because i'm completely lost:

 
Last edited:

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
This is your source
no its not


Anyways, if you were to look at freeze thread...

C#:
void FreezeThread(Memory & mem)
{
    static auto tpDelay = std::chrono::steady_clock::now();
    auto tpNow = std::chrono::steady_clock::now();

    while (!mem.GetProcDeathVar())
    {
        tpNow = std::chrono::steady_clock::now();
        std::chrono::duration<float> check = tpNow - tpDelay;
        if (check.count() >= 0.01f)
        {
            if (!GHackVec.empty())
            {
                for each(Hack hack in GHackVec)
                {
                    hack.WriteValue();
                }
            }
        }
    }
}
You can see where it checks for time, but it never sets tpDelay to an updated value, so once it fires, it will continue firing every tick.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,185
78,998
2,399
I just want to change value of a pointer, why i need go for the byte? Give me an example from 0x14285CB68 + BA4 because i'm completely lost:

Attack speed is a DATA variable, not code. You're viewing it in the disassembler which is for code. to find the code that accesses this data variable you do "find what writes to" on the attack speed address and then it gives you the list of instructions. You will have to find the instruction you need to modify from this list.

Instead of freezing or nopping, if you want a specific value, change the assembly, lets say you wanted it to be 0x1337, you would change the assembly to:

mov ValueAddress, 1337

instead of something that might look like

mov ValueAddress, [eax]

Now if this is shared opcode, a function that modifies multiple objects, not just the local player, than you have to do code injection and do a comparison/conditional checking for your player's object.

Do you have 14 freeze hacks in your trainer? This is most likely your problem.
 
Last edited:

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
no its not

Anyways, if you were to look at freeze thread...

You can see where it checks for time, but it never sets tpDelay to an updated value, so once it fires, it will continue firing every tick.
Are you Traxin?

Yes, i know that........


Attack speed is a DATA variable, not code. You're viewing it in the disassembler which is for code. to find the code that accesses this data variable you do "find what writes to" on the attack speed address and then it gives you the list of instructions. You will have to find the instruction you need to modify from this list.

Instead of freezing or nopping, if you want a specific value, change the assembly, lets say you wanted it to be 0x1337, you would change the assembly to:

mov ValueAddress, 1337

instead of something that might look like

mov ValueAddress, [eax]

Now if this is shared opcode, a function that modifies multiple objects, not just the local player, than you have to do code injection and do a comparison/conditional checking for your player's object.

Do you have 14 freeze hacks in your trainer? This is most likely your problem.
I made ASM version but i'm clueless how to put it in C++:

Code:
[ENABLE]

aobscanmodule(playerbasestats,*********.exe,8B 81 A0 0B 00 00) // should be unique
alloc(newmem,$1000,"********.exe"+856BD6)

globalalloc(characterstats,4)

label(code)
label(return)

newmem:

code:
  mov [characterstats],rcx
  mov eax,[rcx+00000BA4]
  jmp return

playerbasestats:
  jmp newmem
  nop
return:
registersymbol(playerbasestats)

[DISABLE]

playerbasestats:
  db 8B 81 A0 0B 00 00

unregistersymbol(playerbasestats)
dealloc(newmem)
Then In address list:
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,185
78,998
2,399
Here's a tutorial on mid function hooking/code injection
Video Tutorial - C++ Mid Function Hooking Codecaving Tutorial DIFFICULTY [6/10]

Also I looked at the trainer source again, and it does use 50% of CPU regardless of it the hacks are even enabled so yes that's a bit of a problem. I put a Sleep(200) in the main() and it brought it down to like 25-30%. I know 2-3 ways to make this code more efficient, but idk if I'm gonna take the time to make changes to it, maybe if I'm bored. Main thing is the only functions that need to run continuously in the loop are the key press detection routine and the freeze thread, everything else can be executed on demand but it is currently not coded like that. Freeze hacks are gay, everyone agrees, that is the source of all the problems because if there was no freeze function then you could do all the other hacks on demand
 

arifin

Newbie
Full Member
Oct 17, 2017
6
34
0
Here's a tutorial on mid function hooking/code injection
Video Tutorial - C++ Mid Function Hooking Codecaving Tutorial DIFFICULTY [6/10]

Also I looked at the trainer source again, and it does use 50% of CPU regardless of it the hacks are even enabled so yes that's a bit of a problem. I put a Sleep(200) in the main() and it brought it down to like 25-30%. I know 2-3 ways to make this code more efficient, but idk if I'm gonna take the time to make changes to it, maybe if I'm bored. Main thing is the only functions that need to run continuously in the loop are the key press detection routine and the freeze thread, everything else can be executed on demand but it is currently not coded like that. Freeze hacks are gay, everyone agrees, that is the source of all the problems because if there was no freeze function then you could do all the other hacks on demand
Yeah the source obviously need improvement/tweak but overall it's very great source for a console menu that supports 32/64bit. Anyway thanks for your replies, i really appreciate it. I'll take a look the video. Again thanks.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Shit code, sorry ya'll :p

Mambda has identified one of the many bugs littered throughout the code. tpDelay isn't updated and therefore that loop fires off every tick.
Copying the tpDelay line into the loop, after the check if the delay is long enough, should help a bit.

Like Rake said too, you can place a Sleep into the main loop and it should help bring it down quite a bit as well.

Also, the code constantly checks to see if the process is alive. This was another error on my part, instead of using error checking from read/write calls to determine when to check if the process is alive, I had decided to constantly check if the proc was alive via the usual "find process" loop. This was a shitty lapse of judgement on my part.

The code is just generally not that efficient, as it was made to make the process of making a quick simple trainer really easy.

Either way, implementing quick dirty fixes to these issues dropped CPU usage from around 50% to about 20% :\

You're more then welcome to try and fix my mess, the most I can do is kind of just identify some of the issues.
Currently way too busy with school and shit to be able to fix all this right now.

Best of luck broski :)
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods