Solved Simple BHOP script on CS:GO

  • CSGO recently moved logic from 'client_panorama.dll' to 'client.dll', you must update all code that uses 'client_panorama.dll' and replace it with 'client.dll' or the code will not work.
Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Stressful

Newbie
Full Member
Dec 13, 2015
8
52
0
So i've made an attempt at making my first CS:GO external bunnyhop in c++ from scratch (Other than the ProcMem.h) and i've come across a slight problem. The program seems to run fine though it doesn't work at all as intended. I could not figure out what was wrong so I began to compare it to public bhop scripts in hopes of figuring out what the problem was in my code though to no avail. My final solution was to just copy paste the public bhop script, add cout statements in various areas so i could see what exactly was different though i found out that these public scripts didn't even seem to work properly. Could someone possibly help?


C++:
void copyPaster(){
	
#define key_space 0x20 // key_space is space button.
#define key9 0x39 // key 9 is the button 9 (Not to be confused with numpad 9)
#define key9_sc 0x0A // Scan code so we can use it in a keybd_event()
		ProcMem mem;
		 
		const DWORD localBase = 0xA6C90C; //localBase.
		const DWORD flagOffset = 0x100; // m_fFlags offset
		int FL_ONGROUND = 257; // When player is on ground this value is 257, 256 when in air.
		mem.Process("csgo.exe");
		if (!mem.Process){
			cout << "Process could not open " << endl;
			cin.get();

		};
		DWORD ClientDLL = mem.Module("client.dll");
		if (!mem.Module){
			cout << "Module not Found..." << endl;
			cin.get();
		
		};
		DWORD localPlayer = mem.Read<DWORD>(ClientDLL + localBase); //  local player. 
		int m_fFlags = mem.Read<DWORD>(localPlayer + flagOffset); // m_fFlags.
		while (1){
			Sleep(700);
			cout << "Local Player: " << localPlayer << endl;
			cout << "m_fFlags: " << m_fFlags << endl; // Added these to see if my program was detecting the right value for m_fFlags ( which should be 257 when on the ground but wasnt? )
			
		}
		
		if (GetAsyncKeyState(key_space) & 0x8000 && m_fFlags & 0x1 == 1) { /* If player is holding space, and m_fFlags is equal to 257 press space.*/
			keybd_event(key9, key9_sc, 0, 0);

			keybd_event(key9, key9_sc, KEYEVENTF_KEYUP, 0);
		}
	};
Here is the public ProcMem.h im using:
https://pastebin.com/KaQaBTZr
https://pastebin.com/rqi4mmzg

Also, isn't m_fFlags meant to be 257 when the player is on the ground? Doesn't seem to print that out though perhaps this is because its a bitmasked value?
 
Last edited:

rN'

Jr.Hacker
Meme Tier VIP
Jan 19, 2014
340
5,268
41
Why don't you just
C++:
if vKey(20) and m_fflag = FL_ONGROUND
Write(client.dll + jumpOffset, 1)
sleep(50)
Write(client.dll + jumpOffset, 0)
Why would you write +jump into the memory when you can emulate the key ^^

Stressful:
C++:
#define FL_ONGROUND (1<<0)

void copyPaster( void )
{
    ProcMem mem;
    const uint32_t localBase = 0xA6C49C;
    const uint32_t flagOffset = 0x100;

    mem.Process( "csgo.exe" );
    if( !mem.Process ) {
        cerr << "Couldn't open target process" << endl;
        return;
    }

    auto clientBase = mem.Module( "client.dll" );
    if( !clientBase ) {
        cerr << "Failed to get modulebase of client.dll" << endl;
        return;
    }

    while( true ) {
        this_thread::sleep_for( chrono::milliseconds( 1 ) );
       
        auto localPlayer = mem.Read< uintptr_t >( clientBase + localBase );
        if( localPlayer ) {
            auto m_fFlags = mem.Read< uint8_t >( localPlayer + flagOffset );

            if( m_fFlags & FL_ONGROUND ) {
                keybd_event( key9, key9_sc, 0, 0 );
                this_thread::sleep_for( chrono::milliseconds( 7 ) );
                keybd_event( key9, key9_sc, KEYEVENT_KEYUP, 0 );
            }
        }
    }
}
Also we have a new CSGO bunnyhop tutorial:

Cody's C++ CSGO Bunnyhop Tutorial Part1 External - Guided Hacking
 
Last edited by a moderator:

Alex

Sober linux neb
Dank Tier Donator
Nobleman
Nov 26, 2015
150
828
1
"The program seems to run fine though it doesn't work at all as intended"

It's really hard to "Help" you in any way since you haven't told us what your project does when you try it.
 

Stressful

Newbie
Full Member
Dec 13, 2015
8
52
0
"The program seems to run fine though it doesn't work at all as intended"

It's really hard to "Help" you in any way since you haven't told us what your project does when you try it.
Sorry about that.

When my program is run, there are no errors encountered or as such though for some reason it does not pick up that my player is on the ground when m_fFlags = 257 and should therefore press a virtual key press to jump as instructed in the if statement.
 
Last edited:

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,294
37,938
269
The flag doesn't have to be 257. what you're checking is a bitfield. where FL_ONGROUND is 1<<0

by the way you should encapsulate that, i think it may actually make a difference ( && (m_fFlags & 1) +jump else -jump
 

Alaygro

Newbie
Full Member
Dec 5, 2015
7
54
0
You didn't make this. Please stop lying.
https://www.mpqh.net/forum/showthread.php?t=915641

Also, in case you didn't know(since you didn't write this), this program(not script) is pressing 9 repeatedly if flag is == to 257 and if you're holding space. Meaning you need to bind jump to 9 in CSGO, or you need to change the VK to something you want. Can't be space, it will xxxx up.
 

d0wen

Jr.Coder
Full Member
Nobleman
Dec 26, 2012
87
473
0
Why don't you just
C++:
if vKey(20) and m_fflag = FL_ONGROUND
Write(client.dll + jumpOffset, 1)
sleep(50)
Write(client.dll + jumpOffset, 0)
 

Stressful

Newbie
Full Member
Dec 13, 2015
8
52
0
Did you not read my thread? After making my own and it not working, i copied and pasted another one to get an idea of what exactly was different from my code and the one i copied yet the one i copied didnt even seem to work. And i am aware that i had to rebind jump to 9 though the m flags value never changed from 0 to 1. Thanks for the help though.
 
Last edited:

CReCT

Newbie
Dank Tier Donator
Aug 29, 2015
13
74
0
So i've made an attempt at making my first CS:GO external bunnyhop in c++ from scratch (Other than the ProcMem.h) and i've come across a slight problem. The program seems to run fine though it doesn't work at all as intended. I could not figure out what was wrong so I began to compare it to public bhop scripts in hopes of figuring out what the problem was in my code though to no avail. My final solution was to just copy paste the public bhop script, add cout statements in various areas so i could see what exactly was different though i found out that these public scripts didn't even seem to work properly. Could someone possibly help?


C++:
void copyPaster(){
	
#define key_space 0x20 // key_space is space button.
#define key9 0x39 // key 9 is the button 9 (Not to be confused with numpad 9)
#define key9_sc 0x0A // Scan code so we can use it in a keybd_event()
		ProcMem mem;
		 
		const DWORD localBase = 0xA6C90C; //localBase.
		const DWORD flagOffset = 0x100; // m_fFlags offset
		int FL_ONGROUND = 257; // When player is on ground this value is 257, 256 when in air.
		mem.Process("csgo.exe");
		if (!mem.Process){
			cout << "Process could not open " << endl;
			cin.get();

		};
		DWORD ClientDLL = mem.Module("client.dll");
		if (!mem.Module){
			cout << "Module not Found..." << endl;
			cin.get();
		
		};
		DWORD localPlayer = mem.Read<DWORD>(ClientDLL + localBase); //  local player. 
		int m_fFlags = mem.Read<DWORD>(localPlayer + flagOffset); // m_fFlags.
		while (1){
			Sleep(700);
			cout << "Local Player: " << localPlayer << endl;
			cout << "m_fFlags: " << m_fFlags << endl; // Added these to see if my program was detecting the right value for m_fFlags ( which should be 257 when on the ground but wasnt? )
			
		}
		
		if (GetAsyncKeyState(key_space) & 0x8000 && m_fFlags & 0x1 == 1) { /* If player is holding space, and m_fFlags is equal to 257 press space.*/
			keybd_event(key9, key9_sc, 0, 0);

			keybd_event(key9, key9_sc, KEYEVENTF_KEYUP, 0);
		}
	};
Here is the public ProcMem.h im using:
https://pastebin.com/KaQaBTZr
https://pastebin.com/rqi4mmzg

Also, isn't m_fFlags meant to be 257 when the player is on the ground? Doesn't seem to print that out though perhaps this is because its a bitmasked value?
Hey Dude,

so, First, your LocalPlayer Offset is wrong, change it to: m_dwLocalPlayer: 0x00A6C49C
Try again!

GL
 

Stressful

Newbie
Full Member
Dec 13, 2015
8
52
0
Thank you very much for all these responses. Found out the only problem was my offset was wrong so the offset dumper i'm using is apparently broken...
 

CReCT

Newbie
Dank Tier Donator
Aug 29, 2015
13
74
0
Thank you very much for all these responses. Found out the only problem was my offset was wrong so the offset dumper i'm using is apparently broken...
as i said, rly obvious :)
Make a quick check that your Offsets are correct during a quick debug my friend! Just cout << yourplayerhp
Just a tipp for the future!

Wish you all the best.

P.S. A short "Thanks" here on Board Feature below my post would be perfect :)
 

Stressful

Newbie
Full Member
Dec 13, 2015
8
52
0
One quick question, would using public header files such as ProcMem.h for reading and writing to processes cause my programs to be detected by VAC?
 

CReCT

Newbie
Dank Tier Donator
Aug 29, 2015
13
74
0
One quick question, would using public header files such as ProcMem.h for reading and writing to processes cause my programs to be detected by VAC?
What i know, no!
Your Signature is your whole "exe". A Signature in simple words is like your identifier. There are many components in it! If you cp a full cheat, with structures with the main.cpp etc. I would say yes, dangerous.
But so far, i never heard that someone received a vac bann for using a public ProcMem.h.
I recommend you for coding, buy a smurf with lvl3, and test it. Dont be shy bro ;-)
If I'm wrong, other board members can correct me. But so far from my experience, go ahead :)
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,294
37,938
269
What i know, no!
Your Signature is your whole "exe". A Signature in simple words is like your identifier. There are many components in it! If you cp a full cheat, with structures with the main.cpp etc. I would say yes, dangerous.
But so far, i never heard that someone received a vac bann for using a public ProcMem.h.
I recommend you for coding, buy a smurf with lvl3, and test it. Dont be shy bro ;-)
If I'm wrong, other board members can correct me. But so far from my experience, go ahead :)
A sig is not always an entire exe.
A sig can be as small as a byte ( a xxxxty sig. ) as long as an entire program ( also a xxxxty sig. unless its for a publicly distributed cheat. )

An example of a good sig to detect cheats would be a pdb link. Most people don't strip debug information from their binaries, so should they release multiple cheats, someone from vac could for instance just sig every binary injected for "C:\DankCheats\Myxxxx\Projects" and have all your cheats banned without needing to find them all.

But a simple header, depending on its size shouldn't get you banned, though its always preferred to #RollYourOwn
 

d0wen

Jr.Coder
Full Member
Nobleman
Dec 26, 2012
87
473
0
Why would you write +jump into the memory when you can emulate the key ^^

Stressful:
C++:
#define FL_ONGROUND (1<<0)

void copyPaster( void )
{
	ProcMem mem;
	const uint32_t localBase = 0xA6C49C;
	const uint32_t flagOffset = 0x100;

	mem.Process( "csgo.exe" );
	if( !mem.Process ) {
		cerr << "Couldn't open target process" << endl;
		return;
	}

	auto clientBase = mem.Module( "client.dll" );
	if( !clientBase ) {
		cerr << "Failed to get modulebase of client.dll" << endl;
		return;
	}

	while( true ) {
		this_thread::sleep_for( chrono::milliseconds( 1 ) );
		
		auto localPlayer = mem.Read< uintptr_t >( clientBase + localBase );
		if( localPlayer ) {
			auto m_fFlags = mem.Read< uint8_t >( localPlayer + flagOffset );

			if( m_fFlags & FL_ONGROUND ) {
				keybd_event( key9, key9_sc, 0, 0 );
				this_thread::sleep_for( chrono::milliseconds( 7 ) );
				keybd_event( key9, key9_sc, KEYEVENT_KEYUP, 0 );
			}
		}
	}
}
Why emulate key presses when it's not needed?
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,294
37,938
269
Why emulate key presses when it's not needed?
Well, for example, if you wanted to hack on something like FaceIT it'd be safer to emulate a key press vs directly accessing memory, same goes for aimbot methodology ( with some added stuff )

It's also easier because you don't need to find the memory address of +jump
 

d0wen

Jr.Coder
Full Member
Nobleman
Dec 26, 2012
87
473
0
Well, for example, if you wanted to hack on something like FaceIT it'd be safer to emulate a key press vs directly accessing memory, same goes for aimbot methodology ( with some added stuff )

It's also easier because you don't need to find the memory address of +jump
Are you actually implying that emulating key strokes is a part of getting around FaceIT's serversided private version of smac? Really? Now I've heard it all.
Easier? I mean if you're not using FindPattern it's in the same file as the rest of them when using a dumper.
 
Last edited:

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,294
37,938
269
Are you actually implying that emulating key strokes is a part of getting around FaceIT's serversided private version of smac? Really? Now I've heard it all.
Easier? I mean if you're not using FindPattern it's in the same file as the rest of them when using a dumper.
I'm implying that it could be handy mate, same methodology works for aimbots and auto bhops.
It's definitely easier, finding the memory address, finding a sig, or using a dumper vs just emulating a jump.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods