[Procmem.cpp]
Code:
#include "Process.h"
using namespace std;
#pragma region Misc Functions
ProcMem::ProcMem(){
}
ProcMem::~ProcMem(){
CloseHandle(hProcess);
}
int ProcMem::chSizeOfArray(char *chArray){
for(int iLength = 1; iLength < MAX_PATH; iLength++)
if (chArray[iLength] == '*')
return iLength;
cout << "\nLENGTH: Failed To Read Length Of Array\n";
return 0;
}
int ProcMem::iSizeOfArray(int *iArray){
for(int iLength = 1; iLength < MAX_PATH; iLength++)
if (iArray[iLength] == '*')
return iLength;
cout << "\nLENGTH: Failed To Read Length Of Array\n";
return 0;
}
bool ProcMem::iFind(int *iAry, int iVal){
for(int i = 0; i < 64; i++)
if(iVal == iAry[i] && iVal != 0)
return true;
return false;
}
#pragma endregion
#pragma region Memory Functions
void ProcMem::Process(char* ProcessName){
HANDLE hPID = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
PROCESSENTRY32 ProcEntry;
ProcEntry.dwSize = sizeof(ProcEntry);
do
if(!strcmp(ProcEntry.szExeFile, ProcessName))
{
dwPID = ProcEntry.th32ProcessID;
CloseHandle(hPID);
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID);
return;
}
while(Process32Next(hPID, &ProcEntry));
cout << "\nNigga\n";
system("pause");
exit(0);
}
void ProcMem::Patch(DWORD dwAddress, char *Patch_Bts, char *Default_Bts){
int iSize = chSizeOfArray(Default_Bts);
if (!bPOn)
for(int i = 0; i < iSize; i++)
Write<BYTE>(dwAddress + i, Patch_Bts[i]);
else
for(int i = 0; i < iSize; i++)
Write<BYTE>(dwAddress + i, Default_Bts[i]);
bPOn = !bPOn;
}
void ProcMem::Inject(DWORD dwAddress, char *Inj_Bts, char *Def_Bts, BOOL Type){
int i_ISize = chSizeOfArray(Inj_Bts);
int i_DSize = chSizeOfArray(Def_Bts);
if(!bIOn)
{
if(i_DSize > 5)
for (int i = 6; i < i_DSize; i++)
Write<BYTE>(dwAddress + i, 0x90);
else {cout << "\nINJECTION: Default Bytes Must Be More Than 5\n"; return;}
dwCaveAddress = (DWORD)VirtualAllocEx(hProcess, NULL, i_ISize + 5, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
DWORD dwRetJmp = (dwAddress + i_DSize) - dwCaveAddress - 5;
DWORD dwBaseJmp = dwCaveAddress - dwAddress - 5;
for (int i = 0; i <= i_ISize; i++)
Write<BYTE>(dwCaveAddress+i, Inj_Bts[i]);
Write<BYTE>(dwCaveAddress + i_ISize, Type ? 0xE9 : 0xE8);
Write<DWORD>(dwCaveAddress + i_ISize + 1, dwRetJmp);
Write<BYTE>(dwAddress, Type ? 0xE9 : 0xE8);
Write<DWORD>(dwAddress + 1, dwBaseJmp);
}else{
for(int i = 0; i < i_DSize; i++)
Write<BYTE>(dwAddress + i, Def_Bts[i]);
VirtualFreeEx(hProcess, (LPVOID)dwCaveAddress, i_ISize + 5, MEM_DECOMMIT);
}
bIOn = !bIOn;
}
DWORD ProcMem::AOB_Scan(DWORD dwAddress, DWORD dwEnd, char *Bytes){
int iBytesToRead = 0, iTmp = 0;
int length = chSizeOfArray(Bytes);
bool bTmp = false;
if(Bytes[0] == '?')
{
for(; iBytesToRead < MAX_PATH; iBytesToRead++)
if(Bytes[iBytesToRead] != '?')
{
iTmp = (iBytesToRead + 1);
break;
}
}
for(;dwAddress < dwEnd; dwAddress++)
{
if(iBytesToRead == length)
return dwAddress - iBytesToRead;
if(Read<BYTE>(dwAddress) == Bytes[iBytesToRead] || (bTmp && Bytes[iBytesToRead] == '?'))
{
iBytesToRead++;
bTmp = true;
}
else
{
iBytesToRead = iTmp;
bTmp = false;
}
}
cout << "\nAOB_SCAN: Failed To Find Byte Pattern\n";
return 0;
}
DWORD ProcMem::Module(LPSTR ModuleName){
HANDLE hModule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
MODULEENTRY32 mEntry;
mEntry.dwSize = sizeof(mEntry);
do
if(!strcmp(mEntry.szModule, ModuleName))
{
CloseHandle(hModule);
return (DWORD)mEntry.modBaseAddr;
}
while(Module32Next(hModule, &mEntry));
cout << "\nCouldn't find client.dll, retrying...\n";
return 0;
}
#pragma endregion
[Procmem.h]
Code:
#ifndef PROCMEM_H
#define PROCMEM_H
#define WIN32_LEAN_AND_MEAN
#pragma once
#include <windows.h>
#include <iostream>
#include <TlHelp32.h>
#include <string>
#include <sstream>
class ProcMem{
protected:
HANDLE hProcess;
DWORD dwPID, dwProtection, dwCaveAddress;
BOOL bPOn, bIOn, bProt;
public:
ProcMem();
~ProcMem();
int chSizeOfArray(char *chArray);
int iSizeOfArray(int *iArray);
bool iFind(int *iAry, int iVal);
#pragma region TEMPLATE MEMORY FUNCTIONS
template <class cData>
void Protection(DWORD dwAddress)
{
if(!bProt)
VirtualProtectEx(hProcess, (LPVOID)dwAddress, sizeof(cData), PAGE_EXECUTE_READWRITE, &dwProtection);
else
VirtualProtectEx(hProcess, (LPVOID)dwAddress, sizeof(cData), dwProtection, &dwProtection);
bProt = !bProt;
}
template <class cData>
cData Read(DWORD dwAddress)
{
cData cRead;
ReadProcessMemory(hProcess, (LPVOID)dwAddress, &cRead, sizeof(cData), NULL);
return cRead;
}
template <class cData>
cData Read(DWORD dwAddress, char *Offset, BOOL Type)
{
int iSize = iSizeOfArray(Offset) -1;
dwAddress = Read<DWORD>(dwAddress);
for (int i = 0; i < iSize; i++)
dwAddress = Read<DWORD>(dwAddress + Offset[i]);
if (!Type)
return dwAddress + Offset[iSize];
else
return Read<cData>(dwAddress + Offset[iSize]);
}
template <class cData>
void Write(DWORD dwAddress, cData Value)
{
WriteProcessMemory(hProcess, (LPVOID)dwAddress, &Value, sizeof(cData), NULL);
}
template <class cData>
void Write(DWORD dwAddress, char *Offset, cData Value)
{
Write<cData>(Read<cData>(dwAddress, Offset, false), Value);
}
virtual void Process(char* ProcessName);
virtual void Patch(DWORD dwAddress, char *chPatch_Bts, char *chDefault_Bts);
virtual void Inject(DWORD dwAddress, char *chInj_Bts, char *chDef_Bts, BOOL Type);
virtual DWORD AOB_Scan(DWORD dwAddress, DWORD dwEnd, char *chPattern);
virtual DWORD Module(LPSTR ModuleName);
#pragma endregion
};
#endif
[Triggerbot function]
Code:
/*triggerbot*/
void trigger()
{
while(true)
{
DWORD LocalBase = Mem.Read<DWORD>(ClientDll + LocalPlayer);
int localTeam = Mem.Read<int>(LocalBase + Team);
if(Trigger)
{
int enemyId = Mem.Read<int>(LocalBase + CrosshairID);
int enemyAdress = Mem.Read<int>(ClientDll + EntityList + ((enemyId - 1) * 0x10));
int enemyHealth = Mem.Read<int>(enemyAdress + m_iHealth);
int enemyTeam = Mem.Read<int>(enemyAdress + Team);
if(localTeam != enemyTeam && enemyHealth > 0)
{
mouse_event(MOUSEEVENTF_LEFTDOWN, NULL, NULL, NULL, NULL);
mouse_event(MOUSEEVENTF_LEFTUP, NULL, NULL, NULL, NULL);
}
}
Sleep(1);
}
}
[Defines/ Includes]
Code:
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
#include "ProcMem.h"
#include "offsets.h"
#include <thread>
/*define*/
#ifndef MY_GLOBALS_H
#define MY_GLOBALS_H
#endif
using namespace std;
/*void*/
void trigger();
/*bool*/
bool Trigger = false;
/*client*/
ProcMem Mem;
DWORD ClientDll;
[INT Main]
Code:
/*Main*/
int main()
{
thread t1(toggles);
thread t2(trigger);
Mem.Process("csgo.exe");
ClientDll = Mem.Module("client.dll");
t1.join();
t2.join();
}
[Toggles Function]
Code:
/*toggles*/
void toggles()
{
while (true)
{
if(GetAsyncKeyState(VK_INSERT))
{
Trigger = !Trigger;
}
Sleep(1000);
}
}
[Offsets header}
Code:
const DWORD CrosshairID = 0x2410;
const DWORD attack = 0x02E8F2C8;
const DWORD m_iHealth = 0xFC;
const DWORD Team = 0xF0;
const DWORD LocalPlayer = 0x00A7AFBC;
const DWORD EntityList = 0x04A1D3A4;
const DWORD m_fFlags = 0x100;
Use an offset dumper to dump the offsets!