Video Tutorial How to Hack Any Game Tutorial C++ Trainer #2 - External v2

Hexui Undetected CSGO Cheats PUBG Accounts

l33tz0r

Full Member
Mar 3, 2020
1
102
0
Nice tutorial! I am also new to game hacking i did this tutorial.
For those who want to make the similar but with a different task i did a knife rapid attack as an exercise for myself.

For the guys who also want to try it here are the steps:
- Find Knife Time Pointer
- Find the area where the pointer is writing
- Nop this section
- Write a thread with a bind which spams left clicks

Code:
If Statement in the cheat loop
C++:
if (GetAsyncKeyState(VK_NUMPAD4) && 1) {
            bRapidKnife = !bRapidKnife;

            if (bRapidKnife) {
                mem::NopEx((BYTE*)(moduleBase + 0x64514), 2, hProcess);
            }
            else {
                mem::PatchEx((BYTE*)(moduleBase + 0x64514), (BYTE*)"\x89\x0A", 2, hProcess); 
            }

        }
Starting the thread function
C++:
std::thread t1(mouseTask);
The thread function, the bind for the rapid attack is "F", activating the hack is NUMPAD4
C++:
#define KeyDown(Key) (GetAsyncKeyState(Key) & 0x8000)
void mouseTask() {
            POINT p;
            for (; KeyDown(VK_NUMPAD5) == NULL; Sleep(5))
            {
                if (KeyDown(0x46))
                {
                    GetCursorPos(&p);
                    mouse_event(MOUSEEVENTF_LEFTDOWN, p.x, p.y, 0, NULL);
                    Sleep(50);
                    mouse_event(MOUSEEVENTF_LEFTUP, p.x, p.y, 0, 0);
                    Sleep(50);
                }
            }
}
i got this for loop of another tutorial

I did keep it simple so to upgrade it you could code a deactivator and starter bind for the thread. At this moment i started it before the cheat loop and it will end by NUMPAD5 and can't started in this session anymore

Heyo, I'm new here, anyways, tried to take your code to the next level but I'm having an issue.

I tried to make a nuke function which will TP to everyone, and knife them using your knife script.

Here's the raw pseudo-code I wrote (actual code is a bit different but this was my guide), nothing too interesting
Code:
- for ent in entity List
    - if team == enemyT
        - while enemy alive
            - change my xyz to enemy xyz
            - lock onto, slash
        - no ents left?
            - break loop

And here's my ugly ass function, I'm pretty new to game hacking so don't internet-murder me please
C++:
        if (GetAsyncKeyState(VK_NUMPAD5) & 1) 
        {
            bNuke = !bNuke;
            printMenu();

            if (bNuke)
            {
                int myTeam;
                uintptr_t myTeamAddr = FindDMAAddy(hProcess, localPlayerPtr, { 0x32c });
                ReadProcessMemory(hProcess, (BYTE*)myTeamAddr, &myTeam, sizeof(myTeam), nullptr);

                int entity = FindDMAAddy(hProcess, localEntPtr, { 0x4 });
                for (int entCount = 0; entCount < numberOfEnts; ++entCount, entity += 0x4)
                {
                    /*int team = 2;
                    uintptr_t teamAddr = FindDMAAddy(hProcess, entity, { 0x32c });
                    ReadProcessMemory(hProcess, (BYTE*)teamAddr, &team, sizeof(team), nullptr);
                    if (team != 1 && team != 0)
                        break;
                    if (team == 1)
                        continue; //this is trash, ignore */

                    int entTeam = 0;
                    uintptr_t entTeamAddr = FindDMAAddy(hProcess, entity, { 0x32c });
                    ReadProcessMemory(hProcess, (BYTE*)entTeamAddr, &entTeam, sizeof(entTeam), nullptr);

                    //if (entTeam == myTeam)
                        //continue; //this works on TDM

                    int enemyHp = 0;
                    uintptr_t enemyHpAddr = FindDMAAddy(hProcess, entity, { 0xf8 });
                    ReadProcessMemory(hProcess, (BYTE*)enemyHpAddr, &enemyHp, sizeof(enemyHp), nullptr);
                    std::cout << "\nEnt number: " << entCount + 1 << std::endl;
                    std::cout << "entity hp: " << enemyHp << std::endl;

                    if (enemyHp <= 0 || enemyHp > 100)
                    {
                        std::cout << "\nNo alive entities." << std::endl;
                        bNuke = !bNuke;
                        Sleep(1500);
                        printMenu();
                        break;
                    }


                    uintptr_t playerX, playerY, playerZ;
                    float actualX, actualY, actualZ;

                    playerX = FindDMAAddy(hProcess, localPlayerPtr, { 0x34 });
                    ReadProcessMemory(hProcess, (BYTE*)playerX, &actualX, sizeof(actualX), nullptr);

                    playerY = FindDMAAddy(hProcess, localPlayerPtr, { 0x38 });
                    ReadProcessMemory(hProcess, (BYTE*)playerY, &actualY, sizeof(actualY), nullptr);

                    playerZ = FindDMAAddy(hProcess, localPlayerPtr, { 0x3C });
                    ReadProcessMemory(hProcess, (BYTE*)playerZ, &actualZ, sizeof(actualZ), nullptr);

                    std::cout << "player X Y Z: " << actualX << " " << actualY << " " << actualZ << std::endl;


                    uintptr_t enemyX, enemyY, enemyZ;
                    float enemyActualX, enemyActualY, enemyActualZ;

                    enemyX = FindDMAAddy(hProcess, entity, { 0x34 });
                    ReadProcessMemory(hProcess, (BYTE*)enemyX, &enemyActualX, sizeof(enemyActualX), nullptr);

                    enemyY = FindDMAAddy(hProcess, entity, { 0x38 });
                    ReadProcessMemory(hProcess, (BYTE*)enemyY, &enemyActualY, sizeof(enemyActualY), nullptr);

                    enemyZ = FindDMAAddy(hProcess, entity, { 0x3C });
                    ReadProcessMemory(hProcess, (BYTE*)enemyZ, &enemyActualZ, sizeof(enemyActualZ), nullptr);

                    std::cout << "enemy X Y Z: " << enemyActualX << " " << enemyActualY << " " << enemyActualZ << std::endl;
                    
                    if (actualX == enemyActualX && actualY == enemyActualY && actualZ == enemyActualZ)
                    {
                        std::cout << "\nEnts in current game (excluding us): " << entCount << std::endl;
                        std::cout << "reached end of ent list" << std::endl;
                        break; // this is the end of ents, we break
                    }
                    
                    // if everything passes we tp to enemy
                    WriteProcessMemory(hProcess, (BYTE*)playerX, &enemyActualX, sizeof(enemyActualX), nullptr);
                    WriteProcessMemory(hProcess, (BYTE*)playerY, &enemyActualY, sizeof(enemyActualY), nullptr);
                    WriteProcessMemory(hProcess, (BYTE*)playerZ, &enemyActualZ, sizeof(enemyActualZ), nullptr);

                    Sleep(200);

                }
            }
        }

So I am yet to implement the mouse spam thread, I just did the knifing manually so far, but I'm having issues with the team variable.
On Team Deathmatch the function works, but on Free-for-All it seems entities are skipped, since the team number seems randomized.

I was thinking of finding like a game mode variable or something else that is unique to entities on Free-for-All but I couldn't seem to find anything.

But yeah this would be my first external trainer built on top a few of the guides from here, so
all in all, thanks for the teaching.

I'm proud of my shit code that's yet to evolve :)
 

Amir

Dank Tier Donator
Jun 13, 2020
8
208
0
Thanks for great work :) just I have question about how if I want at the same destination , jump to another allocated piece of memory (for example to make a comparison to check dec health belong to player or enemy ) . Thanks again really for great tutorials .
 

Rake

I'm not your friend
Administrator
Jan 21, 2014
13,337
79,068
2,487
Thanks for great work :) just I have question about how if I want at the same destination , jump to another allocated piece of memory (for example to make a comparison to check dec health belong to player or enemy ) . Thanks again really for great tutorials .
This is chapter 14 of the GHB, you learn detouring in chapter 19
 
  • Like
Reactions: Amir

Phytes

Trump Tier Donator
Jul 12, 2020
6
318
0
Hi, I've been cruising through these tutorials and just applied a health hack for Dungeon Siege. I just wanted to say that these tutorials have been a great deal of fun and just altering the code to another game has been very helpful to my learning experience. I'm looking forward to continuing the tutorials and just wanted to show some appreciation. Keep up the great work.
 
  • Like
Reactions: Rake

Boriis

Dank Tier Donator
Full Member
Apr 29, 2020
9
318
0
Hello, I have came across the need to ask a question, don't know if it will be dumb or not, or was I deaf thru the video?? If it was then bomb me but I think this wasn't so much explained.. maybe it was but in that case I'm dumb, so how exactly did you know that FF 06 is equal to inc [esi] and FF 0E equal to dec [esi] ? I have one solution to this which I think may work and is to look in the CE disassembler but is there any other way where I can learn this? The online assemblers/disassemblers say otherwise than those bytes along with the reference unless I don't know how to use those... Can you please explain it to me along with some good resources and references where I can learn more about this and more about assembly in general? Sorry for bumping this thread...
 

Rake

I'm not your friend
Administrator
Jan 21, 2014
13,337
79,068
2,487
@Boriis you aren't supposed to memorize every single op code, that's why disassemblers exist: they disassemble bytes into instructions. CE is a disassembler.

You don't need to go in depth on assembly yet, that is covered in this guide: Guide - GHB2 - Beginners Guide To Reverse Engineering

you will read there "how to learn assembly" with links

Just do the GHB in order from beginning to end and you will become an expert.
 
  • Like
Reactions: Boriis

Boriis

Dank Tier Donator
Full Member
Apr 29, 2020
9
318
0
@Boriis you aren't supposed to memorize every single op code, that's why disassemblers exist: they disassemble bytes into instructions. CE is a disassembler.

You don't need to go in depth on assembly yet, that is covered in this guide: Guide - GHB2 - Beginners Guide To Reverse Engineering

you will read there "how to learn assembly" with links

Just do the GHB in order from beginning to end and you will become an expert.
Oh wow just went to give that a quick peek and see what's coming when I finish GHB1, seems like lots of good and fun stuff! So far as I've made it to here all the tutorials I've came across here and on your channel were awesome and I learned a lot from them and I appreciate the work you do! Will try to save up and beg my parents off for that 50euro donation (not 18 yet) because all the stuff I learn here will bring me a lot in the future and 50 euros would be nothing for the work you did here! For now till I donate, I'll stick to thank you.
 
  • Like
Reactions: Petko123 and Rake

NexXxO

Learner
Trump Tier Donator
Jan 22, 2021
1
322
0
Hi, I'm noob. This is actually my first post. I've been following your GH Bible and have a question.
When I access the "Current Weapon Ammo" I can do it with this two options:
Offsets:
0, 14, 374 150
1614002495977.png
1614002551354.png

I got the second one by using Reclass on the "Player" object.

Questions: ¿What's the difference? ¿Which should I use? ¿Why are there two possible pointers?

Thanks a lot!

PD: Could I get a small tip to find recoil address for upcoming tutorials?
 
Community Mods