Solved Need help/tips/hints on finding the Entity array/pointer

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

louie

Newbie
Full Member
Sep 14, 2015
11
92
0
Hi, so I've been trying to make an aimbot for a game and so far I only found the local player base address, but I can't seem to find the Entity array, how can I find the Entity array? And how can I "know" if I found it already?
 

Solaire

Respected Hacker
Dank Tier VIP
Dec 15, 2013
1,051
16,353
62

Just to elaborate upon my last post, I reversed from the instruction that accesses the enemy health in assaultcube.



I had to trace back a few calls, though it probably would have been easier to trace back one, get the entity base, then do a Find Out What Accesses This to get that instruction there :p.
 
Last edited by a moderator:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,140
78,998
2,394
how can I find the Entity array? And how can I "know" if I found it already?
The entity array contains all the players entities or pointers to them, so look for that and when you find it, you will "know"
 

Solaire

Respected Hacker
Dank Tier VIP
Dec 15, 2013
1,051
16,353
62
Find enemy health, find out what accesses it, and it'll probably be something like
mov eax, new health xxxx

Then just look further upwards in the function from that, or one step outside of the function, and you'll probably find something like lea reg, [base + index * distance], or something similar.
Ie. lea ebx, [eax + ecx * 04]

Eax is going to be the base address of the entity (Or at least, the dynamic one), ecx is going to be the index of the entity in that list, and 04 is going to be the distance between those entities.


Just one method of finding the ent list, there are plenty others.
 

louie

Newbie
Full Member
Sep 14, 2015
11
92
0
Solaire, ok so I started a new game then added 1 bot then searched for its health > Find out what accesses this address then

Right click 004FFA4D > Show this address in the disassembler, I don't know if I got it right but:

That 002CDD50 keeps changing to a different address, so maybe that's the Entity/Player array?
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
Nah broski, that's the address of that instruction, you want the address held in esi. Double clicking the instruciton will pop up a second window showing an easy guess that's correct 90% of the time, otherwise just read the value of the register in the window below.
 

louie

Newbie
Full Member
Sep 14, 2015
11
92
0
Nah broski, that's the address of that instruction
Well, when I found the address of the instruction I scrolled up a little so that's how I found that:

you want the address held in esi. Double clicking the instruciton will pop up a second window showing an easy guess that's correct 90% of the time, otherwise just read the value of the register in the window below.
Ok, so I copied the address that I got there(ESI) then I searched for it then got an address:

What now? Should I put that address in the data/structure dissector?
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
Then you just continue with the endless loop of what accesses that address. Or you can trace it via asm as i think you were trying to do before but i didnt notice. Either way is fine
 

louie

Newbie
Full Member
Sep 14, 2015
11
92
0
Ok, so this time I searched for an enemies' health then Find out what accesses this address then used that value in the Dissect data/structure, I only found 1 player structure, should I also find the other player structures?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,140
78,998
2,394
Ok, so this time I searched for an enemies' health then Find out what accesses this address then used that value in the Dissect data/structure, I only found 1 player structure, should I also find the other player structures?
Yeah do the same thing with the other player's health address
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods