Solved Looping a linked list?

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

des1re

Newbie
Full Member
Sep 17, 2012
8
419
1
How would you go about looping a linked list to read information when one of the offsets leads to the next player?

The list starts at offset 44C which is a pointer to the list then 038C is the offset that leads to the next player. When you get to the bottom of the linked list (no more players available) 038C returns 0, no more pointers.

C++:
d0 - x
d4 - z
d8 - y
038C ->  d0 - x
         d4 - z
         d8 - y
         038C ->   d0 - x
                   d4 - z
                   d8 - y
                   038C -> etc etc etc
I tried to modify Fleeps entityloop in CSS, but the fail is just to much.

This is my first time encountering a linked list. The game is using the Unreal Engine 1.


EDIT: Nevermind.. I got it to work. I went to go look at games like WoW and their bots and how they managed to loop through.
 
Last edited:

des1re

Newbie
Full Member
Sep 17, 2012
8
419
1
This is how I looped through the entity linked list. I removed some parts so, this wouldn't be long. I never got to the part of checking for the closest entity cause I tragically found out the pointers used for online multiplayer and local games were different and that made my care-o-meter hit 0 so I walked away. (Damn you unreal engine!!)

C++:
#define F6_Key 0x75
#define MULTIPLY 182.0444444
#define MAX_ENEMIES 32
#define MIN_DISTANCE 100.0

struct MyPlayer_t  
{ 
	DWORD LocalPlayerPtr;
	DWORD LocalPlayerPtr1;
	DWORD LocalPlayerPtr2;
	DWORD LocalPlayerPtr3;
	DWORD LocalPlayerPtr4;
	DWORD teamPtr;

	int Health;
	int Team;

	float x;
	float z;
	float y;

	float Position[3];

	void ReadInformation() 
	{
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + 0x000E56B0), &LocalPlayerPtr, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr + 0x18), &LocalPlayerPtr1, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr1 + 0x30), &LocalPlayerPtr2, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr2 + 0xC), &LocalPlayerPtr3, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr3 + 0x8), &LocalPlayerPtr4, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr4 + 0x31C), &Health, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr4 + 0xd0), &x, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr4 + 0xd4), &z, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr4 + 0xd8), &y, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(LocalPlayerPtr4 + 0x44C), &teamPtr, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(teamPtr + 0x234), &Team, 4, 0);

                //no idea why I didnt just get them in float array (when it comes to writing code it tends to look as sloppy as possible coming from me)
		Position[0] = x;
		Position[1] = z;
		Position[2] = y;
	}
}MyPlayer;   

struct PlayerList_t 
{
	DWORD EntityBase;
	DWORD EntityBase1;
	DWORD EntityBase2;
	DWORD EntityBase3;
	DWORD FirstObject;
	DWORD NextObject;

	void ReadInformation(int Player) 
	{
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + 0x000E56B0), &EntityBase, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(EntityBase + 0x18), &EntityBase1, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(EntityBase1 + 0x30), &EntityBase2, 4, 0);
		ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(EntityBase2 + 0x64), &EntityBase3, 4, 0);
 	}
}PlayerList[32];

int main() 
{   
	fProcess.RunProcess();
	cout << "UnrealTournament Found! Running diagnostics...." << endl;  
	while (!GetAsyncKeyState(F6_Key)) // or for(;;)
	{
		//Sleep (1);
		for(int i = 0; i < 32; i ++)
		{
			PlayerList[i].ReadInformation(i);
			MyPlayer.ReadInformation(); 

			int Health;
			float X;
			float Z;
			float Y;
			float Position[3];
			int Team = 0;

			PlayerList[i].FirstObject = 0x44C; //this lead to the top of linked player list
			PlayerList[i].NextObject = 0x038C; //this holds the offset of the next player in the linked list

			DWORD firstObj = ReadDword(PlayerList[i].EntityBase3+PlayerList[i].FirstObject); //shortened ReadProcessMemory and saving the base address that leads to the first player in the linked list.
			DWORD curObj = firstObj; //saved base address to another DWORD

			while(curObj != 0)
			{
				if (curObj == MyPlayer.LocalPlayerPtr4) //skip myself from the linked player list
					break;

				// Here I did all my information reading (shortened readprocessmemory)
				Health = ReadUInt(curObj+0x31C);
				X = ReadUFloat(curObj+0xd0);
				Z = ReadUFloat(curObj+0xd4);
				Y = ReadUFloat(curObj+0xd8);
				DWORD teamPtr = ReadDword(curObj+0x44C);
				Team = ReadUInt(teamPtr+0x234);

				
				if ((int)Team == (int)MyPlayer.Team) //team check if the entity was on my team
					DWORD nextObj = ReadDword(curObj+PlayerList[i].NextObject); //skip to the next player object if they were


				//Here I did all my aimbot stuff simple calcangle from fleep and viewangle corrections with some math from RAKE

				DWORD nextObj = ReadDword(curObj+PlayerList[i].NextObject); //The rest of the code just gets the next player object.
				
				if(nextObj == curObj) //here i checked to see if next object equals current object which should never if so skip
				{
					break;
				}
				else
				{
					curObj = nextObj; //gets next object
				}
			}
		 }
	} 
}
 

HexMurder

Arcane Hacker
Dank Tier VIP
Dank Tier Donator
Jun 7, 2012
319
7,988
22
I am just spitballing here, but here is what im thinking. you could make a struct of players like so: (psuedo-ish code, dont take this verbatim)

C++:
struct enemy
{
    DWORD baseAddress;
    Vec3 position;
    int health;
}
(You would need to make an array of enemy structs the size of max players)
Then use a loop to read all of the base addresses (you will have to modify this to make it compatible for you. im not sure how you will aqquire the first players address, but this should help you get all the subsequent ones.

C++:
for(int i = 0;i<maxPlayers-1;i++)
{
    enemy[i+1].baseAddress = enemy[i].baseAddress + 0x38C;
    /*again this assumes you know enemy 0s base address already. so this will read enemy 0s address + 0x38c 
    and then assign that value to enemy 1. and so on and so forth
    */
}

EDIT:
Rip, just been informed i have no idea what i am talking about. Lmao, must have misunderstood your question. Sorry bruh.
 
Last edited:

Boboo99

Scrub
Dank Tier VIP
Fleep Tier Donator
Feb 20, 2016
468
12,178
44
C#:
using System;
using System.Collections.Generic;
using System.Runtime.Remoting.Messaging;

namespace EntityListHelp
{
    internal class Property<T>
    {
        private static Dictionary<Type, Func<IntPtr, IntPtr, int, object>> _readerDictionary =
            new Dictionary<Type, Func<IntPtr, IntPtr, int, object>>();

        public IntPtr Offset;
        public int Size;
        public T Value;

        private IntPtr _baseAdress;

        static Property()
        {
            _readerDictionary.Add(typeof(string), ((ptr, intPtr, arg3) =>
            {
                //do whatever you need ReadProcessMemory w/e.
                return ptr.ToString(); //just returning the base to see if it works
            }));

            _readerDictionary.Add(typeof(float), ((ptr, intPtr, arg3) => 999999f));
        }

        public Property(IntPtr offset, int size = 4)
        {
            Offset = offset;
            Size = size;
        }

        public void GetValue(IntPtr baseAdress)
        {
            _baseAdress = baseAdress;
            Value = (T) _readerDictionary[typeof(T)](_baseAdress, Offset, Size);
        }
    }

    internal class Entity
    {
        public Property<float> X = new Property<float>((IntPtr) 0x0);
        public Property<float> Y = new Property<float>((IntPtr) 0x4);
        public Property<float> Z = new Property<float>((IntPtr) 0x8);
        public Property<string> Name = new Property<string>((IntPtr) 0xC, 16);


        public static explicit operator Entity(IntPtr adress)
        {
            Entity entity = new Entity();
            entity.Name.GetValue(adress);
            entity.X.GetValue(adress);
            entity.Y.GetValue(adress);
            entity.Z.GetValue(adress);
            return entity;
        }
    }

    internal class Program
    {
        public static void Main(string[] args)
        {
            Entity[] entities = new Entity[18];
            for (int i = 0; i < 18; i++)
            {
                entities[i] = (Entity) (IntPtr) (0x4000 + i * 0x64); //0x4000 is da base , 0x64 da size of the entity
            }

            foreach (var entity in entities)
            {
                Console.WriteLine(entity.Name.Value);
            }
            Console.ReadKey();
        }
    }
}
I know that I am late but what about something like this :fleep:
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,073
78,998
2,371
Well thanks for sharing, I hope you get your motivation back!
 

xkhen0017

Newbie
Full Member
May 31, 2017
21
553
2
If I were to code a looping entity, I will just use structs to compress my codes... This is what I learned from other coders as well. (Bot coders)

Before I start, these are just pseudo-codes, which will not work 100% on your code because I dont really know how it works in the memory. But you can adopt this one just fix the struct.


So lets start..
C++:
//first is to make our entity
struct EntityElement{
char chunks_0x00[0xCC]; //0x00
float x; //0xD0
float z; //0xD4
float y; //0xD8
char chunks_0xdC[0x2B0]; //0xDC ,chunk bytes we dont need. 
EntityElement* next; //our next element located at 0x38C 
EntityElement* previous // just a wild guess (because most entities are like these)
}

//next is to read the first entity with your own readprocessmemory.
EntityElement *ec = ReadInformation(BASE, ioffcount, ...);

//next is to get the count of the entity in the list, it should be around it anyway. and begin our looping condition.

for (int i = 0; i < count /* entity count here */; i++){

//do whatever you want here or make some checks.
ec->x = 0; 
ec->y = 0;
ec->z = 0;

//then initialize our next entity
ec = ec->next; //you can save the first entity a memory incase you looped back to it. anyway its your choice.
}
I hope this helps you with your coding and make it easier for you. :)
 
Last edited:
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods