Solved mPulse Help calculating ac_client.exe+0x000

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
Hi my name is mPulse I am having trouble using dwGetModuleBaseAddress to get the address of a module loaded at runtime using an external console trainer. It is for the game assault cube. I am having trouble getting my noclip hack to work because I am using a pointer that does not originate from a static address. I know I am a noob but if someone would please help me that would be awesome!

This is my code:

C++:
//Big thanks for Till helping with fly cheat ,AnomanderRake for dwGetModuleBaseAddress and other GH members 



#include <iostream>
#include <Windows.h>
#include <string>
#include <ctime>

#include <tlhelp32.h>
#include <tchar.h>




DWORD FindDmAddy(int PointerLevel, HANDLE hProcHandle, DWORD Offset[], DWORD BaseAdress);

DWORD_PTR dwGetModuleBaseAddress(DWORD dwProcID, TCHAR *szModuleName);

void WriteToMemory(HANDLE hProcHandle);

#define M_TEAMMODE (GameMode==0 || GameMode==4 || GameMode==5 || GameMode==7 || GameMode==13 || GameMode==11 || GameMode==14 || GameMode==17 || GameMode==16 || GameMode==20 || GameMode==21)
enum
{
    TEAMDEATHMATCH = 0,
    DEATHMATCH = 2,
    SURVIVOR = 3,
    TEAMSURVIVOR = 4,
    CTF = 5,
    PISTOLFRENZY = 6,
    BOTTEAMDEATHMATCH = 7,
    BOTDEATHMATCH = 8,
    LASTSWISSSTANDING = 9,
    ONESHOTONEKILL = 10,
    TEAMONESHOTONEKILL = 11,
    BOTONESHOTONEKILL = 12,
    HUNTTHEFLAG = 13,
    TEAMKEEPTHEFLAG = 14,
    KEEPTHEFLAG = 15,
    TEAMPISTOLFFRENZY = 16,
    TEAMLASTSWISSSTANDING = 17,
    BOTPISTOLFRENZY = 18,
    BOTLASTSWISSTANDING = 19,
    BOTTEAMSURVIVOR = 20,
    BOTTEAMONESHOTONKILL = 21,
};

std::string GameName = "AssaultCube";
LPCSTR LGameWindow = "AssaultCube";
std::string GameStatus;

bool IsGameAvail;
bool UpdateOnNextRun;

bool bTeamGame;
int Gamemode;

//ammo vars
bool AmmoStatus;
BYTE AmmoValue[] = {0xA3, 0x1C, 0x0, 0x0};
DWORD AmmoBaseAddress = {0x00509B74};
DWORD AmmoOffsets[] = {0x384, 0x14, 0x0};

//Health vars
bool HealthStatus;
BYTE HealthValue[] = {0x39, 0x5, 0x0, 0x0};
DWORD HealthBaseAddress = {0x0051E20C};
DWORD HealthOffsets[] = {0xF8};

//fly hack
bool FlyStatus;
BYTE FlyValue[] = {0x5};
DWORD FlyBaseAddress = {0x00509B74};
DWORD FlyOffset[] = {0x338};


//noclip ac_client.exe+110068
bool noClipStatus;
BYTE noClipValue[] = {0x1};
DWORD noClipBaseAddress = {0x00110068};
//DWORD noClipOffset[] = {0x0};


int main()
{

    EnginedllBaseAddress = dwGetModuleBaseAddress(dwProcId, _T("00400000"));

    SetConsoleTitle("Assault Cube trainer by mPulse");
    HWND hGameWindow = NULL;
    int timeSinceLastUpdate = clock();
    int GameAvailTMR = clock();
    int onPressTMR = clock();
    DWORD dwProcID = NULL;
    HANDLE hProcHandle = NULL;
    UpdateOnNextRun = true;
    std::string sAmmoStatus;
    std::string sHealthStatus;
    std::string sFlyStatus;
    std::string snoClipStatus;
    sAmmoStatus = "OFF";
    sHealthStatus = "OFF";
    sFlyStatus = "OFF";
    snoClipStatus = "OFF";

    while(!GetAsyncKeyState(VK_INSERT))
    {
        if(clock() - GameAvailTMR > 100)
        {
            GameAvailTMR = clock();
            IsGameAvail = false;

            hGameWindow = FindWindow(NULL, LGameWindow);
            if(hGameWindow)
            {
                GetWindowThreadProcessId( hGameWindow, &dwProcID);
                if(dwProcID != 0)
                {
                    hProcHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcID);
                    if(hProcHandle == INVALID_HANDLE_VALUE || hProcHandle == NULL)
                    {
                        GameStatus = "Failed to open process for valid handle";
                    }
                    else
                    {
                        GameStatus = "Assault Cube ready to hack";
                        IsGameAvail = true;
                    }
                }
                else
                {
                    GameStatus = "Failed to get process ID";
                }
            }
            else
            {
                GameStatus = "Assault Cube NOT FOUND";
            }

            if(UpdateOnNextRun || clock() - timeSinceLastUpdate > 5000)
            {
                system("cls");
                std::cout << "******************************************************" << std::endl;
                std::cout << "           AssaultCube meomery haeker " << std::endl;
                std::cout << "******************************************************" << std::endl << std::endl;
                std::cout << "Game Status: " << GameStatus << std::endl << std::endl;
                std::cout << "F1 Unlimited Ammo --> " <<sAmmoStatus << " <---" << std::endl << std::endl;
                std::cout << "F2 Unlimited HP --> " <<sHealthStatus << " <---" << std::endl << std::endl;
                std::cout << "F3 Fly Hack --> " <<sFlyStatus << " <---" << std::endl << std::endl;
                std::cout << "F4 Noclip Hack --> " <<snoClipStatus << " <---" << std::endl << std::endl;
                std::cout << "INSERT Exit" << std::endl;
                UpdateOnNextRun = false;
                timeSinceLastUpdate = clock();
                
            }
            if(IsGameAvail)
            {
                WriteToMemory(hProcHandle);
            }

        }
        if(clock() - onPressTMR > 400)
        {
            if(IsGameAvail)
            {
                //ammo
                if(GetAsyncKeyState(VK_F1))
                {
                    onPressTMR = clock();
                    AmmoStatus = !AmmoStatus;
                    UpdateOnNextRun = true;
                    if(AmmoStatus)sAmmoStatus = "ON";
                    else sAmmoStatus = "OFF";
                }
                //health
                else if(GetAsyncKeyState(VK_F2))
                {
                    onPressTMR = clock();
                    HealthStatus = !HealthStatus;
                    UpdateOnNextRun = true;
                    if(HealthStatus)sHealthStatus = "ON";
                    else sHealthStatus = "OFF";
                }
                //fly
                else if(GetAsyncKeyState(VK_F3))
                {
                    onPressTMR = clock();
                    FlyStatus = !FlyStatus;
                    UpdateOnNextRun = true;
                    if(FlyStatus)sFlyStatus = "ON";
                    else sFlyStatus = "OFF";
                }
                //noCLip
                else if(GetAsyncKeyState(VK_F4))
                {
                    onPressTMR = clock();
                    noClipStatus = !noClipStatus;
                    UpdateOnNextRun = true;
                    if(noClipStatus)snoClipStatus = "ON";
                    else snoClipStatus = "OFF";
                }
            }
        }

    }
    return ERROR_SUCCESS;
}

DWORD_PTR dwGetModuleBaseAddress(DWORD dwProcID, TCHAR *szModuleName)
{
    DWORD_PTR dwModuleBaseAddress = 0;
    HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcId);
    if(hSnapshot != INVALID_HANDLE_VALUE)
    {
        MODULEENTRY32 ModuleEntry32;
        ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
        if(Module32First(hSnapshot, &ModuleEntry32))
        {
            do
            {
                if(_tcsicmp(ModuleEntry32.szModule, szModuleName) == 0)
                {
                    dwModuleBaseAddress = (DWORD_PTR)ModuleEntry32.modBaseAddr;
                    break;
                }

            }while (Module32Next(hSnapshot, &ModuleEntry32));
        }
        CloseHandle(hSnapshot);
    }
    return dwModuleBaseAddress;
}

DWORD FindDmAddy(int PointerLevel, HANDLE hProcHandle, DWORD Offset[], DWORD BaseAdress)
{    

    DWORD pointer = BaseAdress;
    DWORD pTemp;

    DWORD pointerAddr;

    for(int i = 0; i < PointerLevel; i++)
    {
        if(i == 0)
        {
            ReadProcessMemory(hProcHandle, (LPCVOID)pointer, &pTemp, sizeof(pTemp), NULL);
        }
        pointerAddr = pTemp + Offset[i];
        ReadProcessMemory(hProcHandle, (LPCVOID)pointerAddr, &pTemp, 4, NULL);
    }
    return pointerAddr;

}
/*
int GameMode
{
    ReadProcessMemory(hProcHandle, (LPCVOID)(0x50F49C), &GameMode, 1, NULL);
    if (M_TEAMMODE)
    {
        bTeamGame = true;
    }
    else
    {
        bTeamGame = false;
    }
}
*/

void WriteToMemory(HANDLE hProcHandle)
{
    DWORD AddresToWrite;

    if(AmmoStatus)
    {
        AddresToWrite = FindDmAddy(3, hProcHandle, AmmoOffsets, AmmoBaseAddress);
        WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &AmmoValue, sizeof(AmmoValue), NULL);

    }
    if(HealthStatus)
    {
        AddresToWrite = FindDmAddy(1, hProcHandle, HealthOffsets, HealthBaseAddress);
        WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &HealthValue, sizeof(HealthValue), NULL);

    }
    AddresToWrite = FindDmAddy(1, hProcHandle, FlyOffset, FlyBaseAddress);
    if(FlyStatus)
    {
        WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &FlyValue, sizeof(FlyValue), NULL);
    }
    else
    {
        DWORD nofly=0;
         WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &nofly, sizeof(FlyValue), NULL);
    }

//noclip
    
    if(noClipStatus)
    {
        layerBasePointer = EnginedllBaseAddress + EngineOffset;
        PlayerBaseAddress = FindDmaAddy(int 3, hProcHandle, PlayerBasePointerOffsets, PlayerBasePointer)
        WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &noClipValue, sizeof(noClipValue), NULL);
    }
    else
    {
            DWORD noClip=0;
            WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &noClipValue, sizeof(noClipValue), NULL);
            PlayerBasePointer = EnginedllBaseAddress + EngineOffset;
            PlayerBaseAddress = FindDmaAddy(int 3, hProcHandle, PlayerBasePointerOffsets, PlayerBasePointer)
    }

}
Thanks in advance
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
mPulse said:
C++:
//noclip ac_client.exe+110068
bool noClipStatus;
BYTE noClipValue[] = {0x1};
DWORD noClipBaseAddress = {0x00110068};
//DWORD noClipOffset[] = {0x0};
This no clip requires calculating the address of ac_client.exe and adding 0x110068 to it to get to your noClip value's address.
I will change "DWORD noClipBaseAddress = {0x00110068};" to "DWORD noClipOffset = {0x00110068}; because you are adding an offset to the ac_client.exe module address.
So delete the above code and paste this:

C++:
bool noClipStatus;
BYTE noClipValue[] = {0x1};
DWORD noClipOffset = {0x00110068};
DWORD noClipAddress = 0;

mPulse said:
C++:
   EnginedllBaseAddress = dwGetModuleBaseAddress(dwProcId, _T("00400000"));
What you did wrong:
1) You did not give a type to EnginedllBaseAddress. It should be a DWORD value. Also You should probably label this "ac_clientModule" or something like that.
2) My thread tutorial on dwGetModuleBaseAddress may have been confusing. 00400000 is most likely the address of ac_client.exe and that is where it will be loaded in to memory 99.9% of the time. But you want to put the name of the executable in the "" quotation marks.
3) also you should put this inside the if(IsGameAvail) statement you only want it to work when the game is found and you want it to update if you restart assault cube
4) you need to declare "DWORD ac_clientModule = 0" as a global variable.
5) by using this as a global variarble you can use it for all your hacks that will be using this type of pointer



So delete that line and paste this in your if(IsGameAvail) statement:

C++:
ac_clientModule = dwGetModuleBaseAddress(dwProcId, _T("ac_client.exe"));
and place this in global namespace:
C++:
DWORD ac_clientModule = 0

mPulse said:
C++:
//noclip
if(noClipStatus)
{
layerBasePointer = EnginedllBaseAddress + EngineOffset;
PlayerBaseAddress = FindDmaAddy(int 3, hProcHandle, PlayerBasePointerOffsets, PlayerBasePointer)
WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &noClipValue, sizeof(noClipValue), NULL);
}
else
{
DWORD noClip=0;
WriteProcessMemory(hProcHandle, (BYTE*)AddresToWrite, &noClipValue, sizeof(noClipValue), NULL);
PlayerBasePointer = EnginedllBaseAddress + EngineOffset;
PlayerBaseAddress = FindDmaAddy(int 3, hProcHandle, PlayerBasePointerOffsets, PlayerBasePointer)
}
First off you forgot the P in PlayerBasePointer. You basically copy and pasted my code in here and that isn't going to work.

Change to this:

C++:
//noclip

if(noClipStatus)
{
noClipAddress = ac_clientModule + noClipOffset;
WriteProcessMemory(hProcHandle, (LPVOID)noClipAddress, &noClipValue, sizeof(noClipValue), NULL);
}
else
{
DWORD nonoClipValue=0;
noClipAddress = ac_clientModule + noClipOffset;
WriteProcessMemory(hProcHandle, (LPVOID)noClipAddress, &nonoClipValue, sizeof(noClipValue), NULL);
}
You should be able to figure the rest out from there.

do this tutorial next:
https://guidedhacking.com/threads/how-to-hack-any-game-tutorial-c-external-trainer-part-2.10897/
 
Last edited:

Solaire

Respected Hacker
Dank Tier VIP
Dec 15, 2013
1,051
16,353
62
I'll paste teh codenz into MSVS then debug it to see where the issue is. I'll post again once I've found the issue.
 

Solaire

Respected Hacker
Dank Tier VIP
Dec 15, 2013
1,051
16,353
62
mPulse Just going to lay it down pretty hard here. This code is Frankenstein C&P, and I really think you need to take a few steps back before it gets any worse. At the bottom, you're using variables that don't exist. You put int 3 into the first parameter of FindDmAddy, which tells me you really don't know enough C++ at this point. There are numerous other errors and issues in the code.

Please, PLEASE, take a few steps back and learn more C++ before this monster bites back. I get that you want to have these working features, but it's just going to get harder and harder, and more and more errors will pop up that you won't know how to fix.
 

mPulse

Coder
Full Member
Nobleman
Jun 19, 2013
106
733
0
Woot,If Im few hours away and magic happens,lol,thank you guys! ;)
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods