Solved ESP doesn't display

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
So I followed fleep's tutorial and adapted it to CSGO, got a bunch of errors but I'm pretty sure I've fixed them all now, I updated the offsets but still the ESP doesn't draw/display anything on screen. Any help is appreciated.

C++:
#include <Windows.h>
#include <sstream>
#include <iostream> 
#include <math.h>  
#include "HackProcess.h"
#include <vector>
#include <algorithm>   

//Proc manage
CHackProcess fProcess;  
using namespace std;  
#define F6_Key 0x75
#define RIGHT_MOUSE 0x02
int NumOfPlayers = 32;

//Declaring Offsets
const DWORD LocalPlayer = 0x91D4;
const DWORD dw_mTeamOffset = 0x98;
const DWORD dw_Health = 0x90;
const DWORD dw_Pos = 0x25C;
const DWORD EntityList = 0x4A87504;
//How far in memory is each enemy data
const DWORD EntityLoopDistance = 0x10;
//const DWORD dw_m_angRotation = 0x461A9C;
RECT m_Rect; 
//Set of initial variables
//Our desktop handle
HDC HDC_Desktop;
//Brush to paint ESP
HBRUSH EnemyBrush;
HFONT Font;

//ESP VARS
const DWORD dw_vMatrix = 0x4A79FD4;
HWND TargetWnd;
HWND Handle;
DWORD DwProcID;
COLORREF SnapLineCOLOR;
COLORREF TextCOLOR;

typedef struct
{
	float flMatrix[4][4];
}WorldToScreenMatrix_t;

float Get3dDistance(float * myCoords, float * enemyCoords)
{
	return sqrt(
		pow(double(enemyCoords[0] - myCoords[0]), 2.0) +
		pow(double(enemyCoords[1] - myCoords[1]), 2.0) +
		pow(double(enemyCoords[2] - myCoords[2]), 2.0));
}

void SetupDrawing(HDC hDesktop, HWND handle)
{
	HDC_Desktop = hDesktop;
	Handle = handle;
	EnemyBrush = CreateSolidBrush(RGB(220, 20, 20));
	//Color
	SnapLineCOLOR = RGB(20, 20, 240);
	TextCOLOR = RGB(10, 190, 50);
};

struct MyPlayer_t  
{ 
	DWORD CLocalPlayer; 
	int Team; 
	int Health; 
	WorldToScreenMatrix_t WorldToScreenMatrix;
	float Position[3]; 
	int flickerCheck;
	void ReadInformation() 
	{
		// Reading CLocalPlayer Pointer to our "CLocalPlayer" DWORD. 
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + LocalPlayer), &CLocalPlayer, sizeof(DWORD), 0);
		// Reading out our Team to our "Team" Varible. 
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_mTeamOffset), &Team, sizeof(int), 0);
		// Reading out our Health to our "Health" Varible.     
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Health), &Health, sizeof(int), 0); 
		// Reading out our Position to our "Position" Varible. 
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Pos), &Position, sizeof(float[3]), 0); 

		//Here we find how many player entities exist in our game, through this we make sure to only loop the amount of times we need
		//when grabbing player data
		//Note that this call could be even better at a regular 15 or so seconds timer but performance shouldn't vary a great deal
		//ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_PlayerCountOffs), &NumOfPlayers, sizeof(int), 0);

		//anti flicker
		//ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_antiFlick), &flickerCheck, sizeof(int), 0);
		//VMatrix
		if (flickerCheck = 0)
		{
			ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_vMatrix), &WorldToScreenMatrix, sizeof(WorldToScreenMatrix), 0);
		}
		//AntiFlicker
	}
}MyPlayer;    



//ENemy struct
struct PlayerList_t 
{
	DWORD CBaseEntity; 
	int Team; 
	int Health; 
	float Position[3]; 
	float AimbotAngle[3]; 
	char Name[39]; 

	void ReadInformation(int Player) 
	{
		// Reading CBaseEntity Pointer to our "CBaseEntity" DWORD + Current Player in the loop. 0x10 is the CBaseEntity List Size 
		//"client.dll"+00545204 //0x571A5204
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + EntityList  + (Player * EntityLoopDistance)),&CBaseEntity, sizeof(DWORD), 0);
		// Reading out our Team to our "Team" Varible. 
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_mTeamOffset), &Team, sizeof(int), 0);
		// Reading out our Health to our "Health" Varible.     
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Health), &Health, sizeof(int), 0); 
		// Reading out our Position to our "Position" Varible. 
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Pos), &Position, sizeof(float[3]), 0); 
 	}
}PlayerList[32];  

bool WorldToScreen(float * from, float * to)
{
	float w = 0.0f;

	to[0] = MyPlayer.WorldToScreenMatrix.flMatrix[0][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[0][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[0][3];
		to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
		w = to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];

		if (w < 0.01f)
			return false;

	float invw = 1.0f / w;
	to[0] *= invw;
	to[1] *= invw;
	
	int width = (int)(m_Rect.right - m_Rect.left);
	int height = (int)(m_Rect.bottom - m_Rect.top);

	float x = width / 2;
	float y = height / 2;

	x += 0.5 * to[0] * width + 0.5;
	y -= 0.5 * to[1] * height + 0.5;

	to[0] = x + m_Rect.left;
	to[1] = y + m_Rect.top;

	return true;

}

//We receive the 2-D Coordinates the colour and the device we want to use to draw those colours with
//HDC so we know where to draw and brush because we need it to draw
void DrawFilledRect(int x, int y, int w, int h)
{
	//We create our rectangle to draw on screen
	RECT rect = { x, y, x + w, y + h }; 
	//We clear that portion of the screen and display our rectangle
	FillRect(HDC_Desktop, &rect, EnemyBrush);
}


void DrawBorderBox(int x, int y, int w, int h, int thickness)
{
	//Top horiz line
	DrawFilledRect(x, y, w, thickness);
	//Left vertical line
	DrawFilledRect( x, y, thickness, h);
	//right vertical line
	DrawFilledRect((x + w), y, thickness, h);
	//bottom horiz line
	DrawFilledRect(x, y + h, w+thickness, thickness);
}


//Here is where we draw our line from point A to Point B
void DrawLine(float StartX, float StartY, float EndX, float EndY, COLORREF Pen)
{
	int a,b=0;
	HPEN hOPen;
	// penstyle, width, color
	HPEN hNPen = CreatePen(PS_SOLID, 2, Pen);
	hOPen = (HPEN)SelectObject(HDC_Desktop, hNPen);
	// starting point of line
	MoveToEx(HDC_Desktop, StartX, StartY, NULL);
	// ending point of line
	a = LineTo(HDC_Desktop, EndX, EndY);
	DeleteObject(SelectObject(HDC_Desktop, hOPen));
}

//Draw our text with this function
void DrawString(int x, int y, COLORREF color, const char* text)
{	
	SetTextAlign(HDC_Desktop,TA_CENTER|TA_NOUPDATECP);

	SetBkColor(HDC_Desktop,RGB(0,0,0));
	SetBkMode(HDC_Desktop,TRANSPARENT);

	SetTextColor(HDC_Desktop,color);

	SelectObject(HDC_Desktop,Font);

	TextOutA(HDC_Desktop,x,y,text,strlen(text));

	DeleteObject(Font);
}

void DrawESP(int x, int y, float distance)
{
	int width = 18100 / distance;
	int height = 36000 / distance;
	DrawBorderBox(x - (width / 2), y - height, width, height, 2);

	DrawLine((m_Rect.right - m_Rect.left) / 2,
		m_Rect.bottom - m_Rect.top, x, y,
		SnapLineCOLOR);

	std::stringstream ss;
	ss << (int)distance;

	char * distanceInfo = new char[ss.str().size() + 1];
	strcpy(distanceInfo, ss.str().c_str());

	DrawString(x, y, TextCOLOR, distanceInfo);
	delete[] distanceInfo;
}

void ESP()
{
	GetWindowRect(FindWindow(NULL, "Counter-Strike: Global Offensive"), &m_Rect);

	for (int i = 0; i < NumOfPlayers; i++)
	{
		PlayerList[i].ReadInformation(i);

		//Show ded peepz
		if (PlayerList[i].Health < 2)
			continue;

		//Don't show team
		//if (PlayerList[i].Team == MyPlayer.Team)
			//continue;

		float EnemyXY[3];
		if (WorldToScreen(PlayerList[i].Position, EnemyXY))
		{
			DrawESP(EnemyXY[0] - m_Rect.left, EnemyXY[1] - m_Rect.top, Get3dDistance(MyPlayer.Position, PlayerList[i].Position));

		}
	}
}

int main()
{
	fProcess.RunProcess(); 

	ShowWindow(FindWindow("ConsoleWindowClass", NULL), false);
	TargetWnd = FindWindow(0, "Counter-Strike: Global Offensive");
	HDC HDC_Desktop = GetDC(TargetWnd);
	SetupDrawing(HDC_Desktop, TargetWnd);
	
	//infinite loop
	for (;;)
	{
		MyPlayer.ReadInformation();
		ESP();
	}

	return 0;
}
 
Last edited:

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Ok... this is complicated.
Comment these lines:
C++:
for (int i = 0; i < NumOfPlayers; i++)
    {
        PlayerList[i].ReadInformation(i);
 
        //Show ded peepz
        if (PlayerList[i].Health < 2)
            continue;
 
        //Don't show team
        //if (PlayerList[i].Team == MyPlayer.Team)
            //continue;
 
        float EnemyXY[3];
        if (WorldToScreen(PlayerList[i].Position, EnemyXY))
        {
            DrawESP(EnemyXY[0] - m_Rect.left, EnemyXY[1] - m_Rect.top, Get3dDistance(MyPlayer.Position, PlayerList[i].Position));
 
        }
    }
and replace them with this:
C++:
PlayerList[1].ReadInformation(1);
float EnemyXY[3];
std::system("cls");
std::cout << "Health = " << PlayerList[1].Health << "\nIs he in view: " << WorldToScreen(PlayerList[1].Position, EnemyXY) ? "Yes" : "No" << "\n";
Now locate Player 1.
And see if the .exe correctly prints out if he is in view or not.

I'm really sorry for wasting your time and making you go through tiresome code, but afaik there is no alternative.
 

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Hi,

Change this:
C++:
if (flickerCheck = 0)
to:
C++:
if (flickerCheck == 0)
(Assuming the offset and the comparison value is correct)
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Did that and still no display, guess my offsets are wrong.

C++:
const DWORD LocalPlayer = 0x91D4;
const DWORD dw_mTeamOffset = 0x98;
const DWORD dw_Health = 0x90;
const DWORD dw_Pos = 0x25C;
const DWORD EntityList = 0x4A87504;
const DWORD EntityLoopDistance = 0x10;
const DWORD dw_vMatrix = 0x4A79FD4;
I'm getting my offsets from here - Download hazedumper CSGO offset dumper

But then when I use a dumper I get different offsets and I'm not even sure the offset names are the same for both games.
 
Last edited by a moderator:

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Hi,
The reason why your ESP isn't drawn is because the VM isn't being read.
Just change this:
C++:
if (flickerCheck = 0)
{
   ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_vMatrix), &WorldToScreenMatrix, sizeof(WorldToScreenMatrix), 0);
}
to:
C++:
ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_vMatrix), &WorldToScreenMatrix, sizeof(WorldToScreenMatrix), 0);
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Okay I did that and it massively improved the performance but still no display, thanks for your help so far. Any other ideas?
 

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Okay I did that and it massively improved the performance but still no display, thanks for your help so far. Any other ideas?
Can you check if the VM is correctly read? (try using std::cout or std::printf to output values to console and counter check them against, say, Cheat Engine)
Also what did you mean by the improved performance?
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Sorry, I have literally no idea what you just said or what to write.

Whenever I ran my solution CSGO would start stuttering but now it doesn't since removing the flicker check.
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Nope, still no display.

Edit: Alright I've tested some other public cheats with source code and they all work fine so it's not some sort of GDI bug with my system.
 
Last edited:

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Yep here you go.

C++:
#pragma once

#include <Windows.h>
#include <TlHelp32.h>

//THIS FILE SIMPLY DOES MOST OF THE BACKEND WORK FOR US, 
//FROM FINDING THE PROCESS TO SETTING UP CORRECT ACCESS FOR US 
//TO EDIT MEMORY 
//IN MOST GAMES, A SIMPLER VERSION OF THIS CAN BE USED, or if you're injecting then its often not necessary
//This file has been online for quite a while so credits should be shared but im using this from NubTIK
//So Credits to him and thanks

class CHackProcess
{
public:

	PROCESSENTRY32 __gameProcess;
	HANDLE __HandleProcess;
	HWND __HWNDCss; 
	DWORD __dwordClient;
	DWORD __dwordEngine;
	DWORD __dwordOverlay;
	DWORD __dwordVGui;
	DWORD __dwordLibCef;
	DWORD __dwordSteam; 
	DWORD FindProcessName(const char *__ProcessName, PROCESSENTRY32 *pEntry)
	{	 
		PROCESSENTRY32 __ProcessEntry;
		__ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
		HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
		if (hSnapshot == INVALID_HANDLE_VALUE) return 0;        if (!Process32First(hSnapshot, &__ProcessEntry))
		{
			CloseHandle(hSnapshot);
			return 0;
		}
		do{if (!_strcmpi(__ProcessEntry.szExeFile, __ProcessName))
		{
			memcpy((void *)pEntry, (void *)&__ProcessEntry, sizeof(PROCESSENTRY32));
			CloseHandle(hSnapshot);
			return __ProcessEntry.th32ProcessID;
		}} while (Process32Next(hSnapshot, &__ProcessEntry));
		CloseHandle(hSnapshot);
        return 0;
}


DWORD getThreadByProcess(DWORD __DwordProcess)
{	 
		THREADENTRY32 __ThreadEntry;
		__ThreadEntry.dwSize = sizeof(THREADENTRY32);
		HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
		if (hSnapshot == INVALID_HANDLE_VALUE) return 0;

		if (!Thread32First(hSnapshot, &__ThreadEntry)) {CloseHandle(hSnapshot); return 0; }

        do {if (__ThreadEntry.th32OwnerProcessID == __DwordProcess)
		{
			CloseHandle(hSnapshot);
			return __ThreadEntry.th32ThreadID;
		}} while (Thread32Next(hSnapshot, &__ThreadEntry)); 
		CloseHandle(hSnapshot);       
		return 0;
}

DWORD GetModuleNamePointer(LPSTR LPSTRModuleName, DWORD __DwordProcessId)
{ 
		MODULEENTRY32 lpModuleEntry = {0};
		HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, __DwordProcessId);
		if(!hSnapShot)
			return NULL;  
		lpModuleEntry.dwSize = sizeof(lpModuleEntry);
		BOOL __RunModule = Module32First( hSnapShot, &lpModuleEntry );
		while(__RunModule)
		{
			if(!strcmp(lpModuleEntry.szModule, LPSTRModuleName ) )
			{CloseHandle( hSnapShot );
			return (DWORD)lpModuleEntry.modBaseAddr;
			}
			__RunModule = Module32Next( hSnapShot, &lpModuleEntry );
		}
		CloseHandle( hSnapShot );
		return NULL;
}


void runSetDebugPrivs() 
{
	HANDLE __HandleProcess=GetCurrentProcess(), __HandleToken;
	TOKEN_PRIVILEGES priv;
	LUID __LUID; 
	OpenProcessToken(__HandleProcess, TOKEN_ADJUST_PRIVILEGES, &__HandleToken);
	LookupPrivilegeValue(0, "seDebugPrivilege", &__LUID);
    priv.PrivilegeCount = 1;
	priv.Privileges[0].Luid = __LUID;
	priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    AdjustTokenPrivileges(__HandleToken, false, &priv, 0, 0, 0);
	CloseHandle(__HandleToken);
	CloseHandle(__HandleProcess);
}
	
	
	
void RunProcess()
{
	//commented lines are for non steam versions of the game
	runSetDebugPrivs();
	while (!FindProcessName("csgo.exe", &__gameProcess)) Sleep(12);
	while (!(getThreadByProcess(__gameProcess.th32ProcessID))) Sleep(12);
	__HandleProcess = OpenProcess(PROCESS_ALL_ACCESS, false, __gameProcess.th32ProcessID); 
	while(__dwordClient == 0x0) __dwordClient = GetModuleNamePointer("client.dll", __gameProcess.th32ProcessID);
	while(__dwordEngine == 0x0) __dwordEngine = GetModuleNamePointer("engine.dll", __gameProcess.th32ProcessID);
	//while(__dwordOverlay == 0x0) __dwordOverlay = GetModuleNamePointer("gameoverlayrenderer.dll", __gameProcess.th32ProcessID);
	while(__dwordVGui == 0x0) __dwordVGui = GetModuleNamePointer("vguimatsurface.dll", __gameProcess.th32ProcessID);
	//while(__dwordLibCef == 0x0) __dwordLibCef = GetModuleNamePointer("libcef.dll", __gameProcess.th32ProcessID);
//	while(__dwordSteam == 0x0) __dwordSteam = GetModuleNamePointer("steam.dll", __gameProcess.th32ProcessID); 
	__HWNDCss = FindWindow(NULL, "Counter-Strike: Global Offensive"); 
}
};

extern CHackProcess fProcess;
 

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
So far the code looks good,
Change the LocalPlayer offset to: 0xAABFFC
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Done, still nothing :(

Edit: Here's both files again with all of the changes and some comments removed, might be easier for you to see what's going on.
C++:
//MAIN.CPP

#include <Windows.h>
#include <sstream>
#include <iostream>
#include <math.h>
#include "HackProcess.h"
#include <vector>
#include <algorithm>

//Proc manage
CHackProcess fProcess;
using namespace std;
#define F6_Key 0x75
#define RIGHT_MOUSE 0x02
int NumOfPlayers = 32;

//Declaring Offsets
const DWORD LocalPlayer = 0xAABFFC;
const DWORD dw_mTeamOffset = 0x98;
const DWORD dw_Health = 0x90;
const DWORD dw_Pos = 0x25C;
const DWORD EntityList = 0x4A87504;
//How far in memory is each enemy data
const DWORD EntityLoopDistance = 0x10;
//const DWORD dw_m_angRotation = 0x461A9C;
RECT m_Rect;
//Set of initial variables
//Our desktop handle
HDC HDC_Desktop;
//Brush to paint ESP
HBRUSH EnemyBrush;
HFONT Font;

//ESP VARS
const DWORD dw_vMatrix = 0x4A79FD4;
HWND TargetWnd;
HWND Handle;
DWORD DwProcID;
COLORREF SnapLineCOLOR;
COLORREF TextCOLOR;

typedef struct
{
    float flMatrix[4][4];
}WorldToScreenMatrix_t;

float Get3dDistance(float * myCoords, float * enemyCoords)
{
    return sqrt(
        pow(double(enemyCoords[0] - myCoords[0]), 2.0) +
        pow(double(enemyCoords[1] - myCoords[1]), 2.0) +
        pow(double(enemyCoords[2] - myCoords[2]), 2.0));
}

void SetupDrawing(HDC hDesktop, HWND handle)
{
    HDC_Desktop = hDesktop;
    Handle = handle;
    EnemyBrush = CreateSolidBrush(RGB(220, 20, 20));
    //Color
    SnapLineCOLOR = RGB(20, 20, 240);
    TextCOLOR = RGB(10, 190, 50);
};

struct MyPlayer_t
{
    DWORD CLocalPlayer;
    int Team;
    int Health;
    WorldToScreenMatrix_t WorldToScreenMatrix;
    float Position[3];
    int flickerCheck;
    void ReadInformation()
    {
        // Reading CLocalPlayer Pointer to our "CLocalPlayer" DWORD.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + LocalPlayer), &CLocalPlayer, sizeof(DWORD), 0);
        // Reading out our Team to our "Team" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_mTeamOffset), &Team, sizeof(int), 0);
        // Reading out our Health to our "Health" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Health), &Health, sizeof(int), 0);
        // Reading out our Position to our "Position" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Pos), &Position, sizeof(float[3]), 0);

        //Here we find how many player entities exist in our game, through this we make sure to only loop the amount of times we need
        //when grabbing player data
        //Note that this call could be even better at a regular 15 or so seconds timer but performance shouldn't vary a great deal
        //ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_PlayerCountOffs), &NumOfPlayers, sizeof(int), 0);
        //ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_antiFlick), &flickerCheck, sizeof(int), 0);
        //VMatrix
            ReadProcessMemory(fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_vMatrix), &WorldToScreenMatrix, sizeof(WorldToScreenMatrix), 0);
    }
}MyPlayer;

//ENemy struct
struct PlayerList_t
{
    DWORD CBaseEntity;
    int Team;
    int Health;
    float Position[3];
    float AimbotAngle[3];
    char Name[39];

    void ReadInformation(int Player)
    {
        // Reading CBaseEntity Pointer to our "CBaseEntity" DWORD + Current Player in the loop. 0x10 is the CBaseEntity List Size
        //"client.dll"+00545204 //0x571A5204
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + EntityList  + (Player * EntityLoopDistance)),&CBaseEntity, sizeof(DWORD), 0);
        // Reading out our Team to our "Team" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_mTeamOffset), &Team, sizeof(int), 0);
        // Reading out our Health to our "Health" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Health), &Health, sizeof(int), 0);
        // Reading out our Position to our "Position" Varible.
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Pos), &Position, sizeof(float[3]), 0);
     }
}PlayerList[32];

bool WorldToScreen(float * from, float * to)
{
    float w = 0.0f;

    to[0] = MyPlayer.WorldToScreenMatrix.flMatrix[0][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[0][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[0][3];
        to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
        w = to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];

        if (w < 0.01f)
            return false;

    float invw = 1.0f / w;
    to[0] *= invw;
    to[1] *= invw;

    int width = (int)(m_Rect.right - m_Rect.left);
    int height = (int)(m_Rect.bottom - m_Rect.top);

    float x = width / 2;
    float y = height / 2;

    x += 0.5 * to[0] * width + 0.5;
    y -= 0.5 * to[1] * height + 0.5;

    to[0] = x + m_Rect.left;
    to[1] = y + m_Rect.top;

    return true;

}

//We receive the 2-D Coordinates the colour and the device we want to use to draw those colours with
//HDC so we know where to draw and brush because we need it to draw
void DrawFilledRect(int x, int y, int w, int h)
{
    //We create our rectangle to draw on screen
    RECT rect = { x, y, x + w, y + h };
    //We clear that portion of the screen and display our rectangle
    FillRect(HDC_Desktop, &rect, EnemyBrush);
}

void DrawBorderBox(int x, int y, int w, int h, int thickness)
{
    //Top horiz line
    DrawFilledRect(x, y, w, thickness);
    //Left vertical line
    DrawFilledRect( x, y, thickness, h);
    //right vertical line
    DrawFilledRect((x + w), y, thickness, h);
    //bottom horiz line
    DrawFilledRect(x, y + h, w+thickness, thickness);
}

//Here is where we draw our line from point A to Point B
void DrawLine(float StartX, float StartY, float EndX, float EndY, COLORREF Pen)
{
    int a,b=0;
    HPEN hOPen;
    // penstyle, width, color
    HPEN hNPen = CreatePen(PS_SOLID, 2, Pen);
    hOPen = (HPEN)SelectObject(HDC_Desktop, hNPen);
    // starting point of line
    MoveToEx(HDC_Desktop, StartX, StartY, NULL);
    // ending point of line
    a = LineTo(HDC_Desktop, EndX, EndY);
    DeleteObject(SelectObject(HDC_Desktop, hOPen));
}

//Draw our text with this function
void DrawString(int x, int y, COLORREF color, const char* text)
{
    SetTextAlign(HDC_Desktop,TA_CENTER|TA_NOUPDATECP);

    SetBkColor(HDC_Desktop,RGB(0,0,0));
    SetBkMode(HDC_Desktop,TRANSPARENT);

    SetTextColor(HDC_Desktop,color);

    SelectObject(HDC_Desktop,Font);

    TextOutA(HDC_Desktop,x,y,text,strlen(text));

    DeleteObject(Font);
}

void DrawESP(int x, int y, float distance)
{
    int width = 18100 / distance;
    int height = 36000 / distance;
    DrawBorderBox(x - (width / 2), y - height, width, height, 2);

    DrawLine((m_Rect.right - m_Rect.left) / 2,
        m_Rect.bottom - m_Rect.top, x, y,
        SnapLineCOLOR);

    std::stringstream ss;
    ss << (int)distance;

    char * distanceInfo = new char[ss.str().size() + 1];
    strcpy(distanceInfo, ss.str().c_str());

    DrawString(x, y, TextCOLOR, distanceInfo);
    delete[] distanceInfo;
}

void ESP()
{
    GetWindowRect(FindWindow(NULL, "Counter-Strike: Global Offensive"), &m_Rect);

    for (int i = 0; i < NumOfPlayers; i++)
    {
        PlayerList[i].ReadInformation(i);

        //Show ded peepz
        if (PlayerList[i].Health < 2)
            continue;

        //Don't show team
        //if (PlayerList[i].Team == MyPlayer.Team)
            //continue;

        float EnemyXY[3];
        if (WorldToScreen(PlayerList[i].Position, EnemyXY))
        {
            DrawESP(EnemyXY[0] - m_Rect.left, EnemyXY[1] - m_Rect.top, Get3dDistance(MyPlayer.Position, PlayerList[i].Position));

        }
    }
}

int main()
{
    fProcess.RunProcess();

    ShowWindow(FindWindow("ConsoleWindowClass", NULL), false);
    TargetWnd = FindWindow(0, "Counter-Strike: Global Offensive");
    HDC HDC_Desktop = GetDC(TargetWnd);
    SetupDrawing(HDC_Desktop, TargetWnd);

    //infinite loop
    for (;;)
    {
        MyPlayer.ReadInformation();
        ESP();
    }

    return 0;
}

//HACKPROCESS.H

#pragma once

#include <Windows.h>
#include <TlHelp32.h>

class CHackProcess
{
public:

    PROCESSENTRY32 __gameProcess;
    HANDLE __HandleProcess;
    HWND __HWNDCss;
    DWORD __dwordClient;
    DWORD __dwordEngine;
    DWORD __dwordOverlay;
    DWORD __dwordVGui;
    DWORD __dwordLibCef;
    DWORD __dwordSteam;
    DWORD FindProcessName(const char *__ProcessName, PROCESSENTRY32 *pEntry)
    {
        PROCESSENTRY32 __ProcessEntry;
        __ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
        HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
        if (hSnapshot == INVALID_HANDLE_VALUE) return 0;        if (!Process32First(hSnapshot, &__ProcessEntry))
        {
            CloseHandle(hSnapshot);
            return 0;
        }
        do{if (!_strcmpi(__ProcessEntry.szExeFile, __ProcessName))
        {
            memcpy((void *)pEntry, (void *)&__ProcessEntry, sizeof(PROCESSENTRY32));
            CloseHandle(hSnapshot);
            return __ProcessEntry.th32ProcessID;
        }} while (Process32Next(hSnapshot, &__ProcessEntry));
        CloseHandle(hSnapshot);
        return 0;
}

DWORD getThreadByProcess(DWORD __DwordProcess)
{
        THREADENTRY32 __ThreadEntry;
        __ThreadEntry.dwSize = sizeof(THREADENTRY32);
        HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
        if (hSnapshot == INVALID_HANDLE_VALUE) return 0;

        if (!Thread32First(hSnapshot, &__ThreadEntry)) {CloseHandle(hSnapshot); return 0; }

        do {if (__ThreadEntry.th32OwnerProcessID == __DwordProcess)
        {
            CloseHandle(hSnapshot);
            return __ThreadEntry.th32ThreadID;
        }} while (Thread32Next(hSnapshot, &__ThreadEntry));
        CloseHandle(hSnapshot);
        return 0;
}

DWORD GetModuleNamePointer(LPSTR LPSTRModuleName, DWORD __DwordProcessId)
{
        MODULEENTRY32 lpModuleEntry = {0};
        HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, __DwordProcessId);
        if(!hSnapShot)
            return NULL;
        lpModuleEntry.dwSize = sizeof(lpModuleEntry);
        BOOL __RunModule = Module32First( hSnapShot, &lpModuleEntry );
        while(__RunModule)
        {
            if(!strcmp(lpModuleEntry.szModule, LPSTRModuleName ) )
            {CloseHandle( hSnapShot );
            return (DWORD)lpModuleEntry.modBaseAddr;
            }
            __RunModule = Module32Next( hSnapShot, &lpModuleEntry );
        }
        CloseHandle( hSnapShot );
        return NULL;
}

void runSetDebugPrivs()
{
    HANDLE __HandleProcess=GetCurrentProcess(), __HandleToken;
    TOKEN_PRIVILEGES priv;
    LUID __LUID;
    OpenProcessToken(__HandleProcess, TOKEN_ADJUST_PRIVILEGES, &__HandleToken);
    LookupPrivilegeValue(0, "seDebugPrivilege", &__LUID);
    priv.PrivilegeCount = 1;
    priv.Privileges[0].Luid = __LUID;
    priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    AdjustTokenPrivileges(__HandleToken, false, &priv, 0, 0, 0);
    CloseHandle(__HandleToken);
    CloseHandle(__HandleProcess);
}

void RunProcess()
{
    //commented lines are for non steam versions of the game
    runSetDebugPrivs();
    while (!FindProcessName("csgo.exe", &__gameProcess)) Sleep(12);
    while (!(getThreadByProcess(__gameProcess.th32ProcessID))) Sleep(12);
    __HandleProcess = OpenProcess(PROCESS_ALL_ACCESS, false, __gameProcess.th32ProcessID);
    while(__dwordClient == 0x0) __dwordClient = GetModuleNamePointer("client.dll", __gameProcess.th32ProcessID);
    while(__dwordEngine == 0x0) __dwordEngine = GetModuleNamePointer("engine.dll", __gameProcess.th32ProcessID);
    //while(__dwordOverlay == 0x0) __dwordOverlay = GetModuleNamePointer("gameoverlayrenderer.dll", __gameProcess.th32ProcessID);
    while(__dwordVGui == 0x0) __dwordVGui = GetModuleNamePointer("vguimatsurface.dll", __gameProcess.th32ProcessID);
    //while(__dwordLibCef == 0x0) __dwordLibCef = GetModuleNamePointer("libcef.dll", __gameProcess.th32ProcessID);
//    while(__dwordSteam == 0x0) __dwordSteam = GetModuleNamePointer("steam.dll", __gameProcess.th32ProcessID);
    __HWNDCss = FindWindow(NULL, "Counter-Strike: Global Offensive");
}
};

extern CHackProcess fProcess;
 
Last edited by a moderator:

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Hmmm.... I honestly don't know what's wrong.
I'm afraid you're going to need an offset dumper to check the offsets but the good news is that there're plenty of them on the web.
I can't link them though, sorry. (Site rules)

EDIT: I noticed that the WorldToScreen function is all wrong, but it shouldn't stop the drawing
 
Last edited:

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Done, still nothing :(

Edit: Here's both files again with all of the changes and some comments removed, might be easier for you to see what's going on.

https://pastebin.com/cnPX7ZnN
Ok, your WorldToScreen function is incorrect.
Change the following lines:
C++:
to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
and
C++:
w = to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];
to:
C++:
to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[1][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
and
C++:
w = MyPlayer.WorldToScreenMatrix.flMatrix[3][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Okay my world to screen section is now this but still no dice.

C++:
	to[0] = MyPlayer.WorldToScreenMatrix.flMatrix[0][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[0][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[0][3];
	to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[1][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
	w = to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[3][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];
btw, the cmd window that opens closes automatically is that normal?
 
Last edited:

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
Ok.
Now it's time for debugging.

in your main function. Do something like this:
C++:
int main()
{
    fProcess.RunProcess();
 
    // ShowWindow(FindWindow("ConsoleWindowClass", NULL), false);
    TargetWnd = FindWindow(0, "Counter-Strike: Global Offensive");
    HDC HDC_Desktop = GetDC(TargetWnd);
    SetupDrawing(HDC_Desktop, TargetWnd);
   
    //infinite loop
    for (;;)
    {
        MyPlayer.ReadInformation();
        std::system("cls");
        std::cout << "View matrix:\n" << MyPlayer.WorldToScreenMatrix.flMatrix[0][0] << " " << MyPlayer.WorldToScreenMatrix.flMatrix[0][1] << " " << MyPlayer.WorldToScreenMatrix.flMatrix[0][2] << " " << MyPlayer.WorldToScreenMatrix.flMatrix[0][3] << "\n";
        ESP();
    }
 
    return 0;
}

Now run this code when you're in a LOCAL 4 PLAYER (OR 2 PLAYER; IF IT EXISTS) BOT game.
This time a console will appear which says: "View Matrix"
Now move your mouse and tell me if the values change and what they are like (e.g in-between -1 and 1 or such)
 
Last edited:

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
YES, okay cmd stays open and says view matrix but the numbers stay at 0 0 0 0 despite movement in-game.
 

idx[0]

Jr.Coder
Full Member
Nobleman
Mar 24, 2016
55
523
1
The view matrix offset is incorrect. (I say this with 75% confidence)
If you want to confirm the suspicion, add these lines:
C++:
std::cout << "\nMyPlayer\nHealth = " << MyPlayer.health << "\nPos = (" << MyPlayer.Position[0] << ", " << MyPlayer.Position[1] << ", " << MyPlayer.Position[2] << ") << "\n";
after the std::cout (ViewMatrix) part.
 

CubanHill

Newbie
Full Member
Mar 17, 2017
23
338
0
Okay I fixed it, you're right the offset was wrong, at least now I know how to figure that out.

So now the view matrix numbers are working but still no display.

Here's what I'm getting - https://i.imgur.com/FbrWjjr.jpg

Don't be confused by the window, it's just a theme pack, this is Windows 7.
 
Last edited:
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods