Results 1 to 6 of 6
  1. 11-06-2015 #1
    hkKenshin
    hkKenshin is offline
    Dual-Keyboard Member
    MPGH Member
    hkKenshin's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    301
    Reputation
    28
    Thanks
    340
    Send a message via Birdie™ to hkKenshin Afghanistan

    Let's Get Started

    Functions

    Code:
    Com_Error - 0x1405C5710
MSG_Init - 0x1405CEC50
MSG_WriteByte - 0x1405D1290
MSG_WriteLong - 0x1405D6CC0
MSG_WriteBits - 0x1405D11C0
MSG_WriteString - 0x1405D1CF0
MSG_WriteDeltaUserCmd - 0x1405D66E0
Com_HashKey - 0x140642480
CL_ReadyToSendPacket - 0x1401A3880
CL_WritePacket - 0x1401B19E0
CL_SendCmd - 0x1401A39A0
CL_NetChan_Transmit - 0x1405D9FE0
CL_AddReliableCommand - 0x1401BC010
Dvar_GetIntValue - 0x14064B460
Com_RegisterTag - 0x14030EBA0
CachedTag_GetTagPos - 0x1400FB620
    Other Stuff:

    Code:
    LocalClientCUIFlag - 0x14318BBE0
ClientState->RealTime - 0x1431C146C
Client_IsDemoPlaying - 0x14073B8D0
GetLocalXUID - 0x1405BF440

  2. The Following 6 Users Say Thank You to hkKenshin For This Useful Post:

    akim14 (11-06-2015),alphakenny1 (11-06-2015),Carlosboll (11-07-2015),IBelieveInCake (11-06-2015),Necktof87 (11-08-2015),Z-Nation (11-06-2015)
  3. 11-08-2015 #2
    hkKenshin
    hkKenshin is offline
    Threadstarter
    Dual-Keyboard Member
    MPGH Member
    hkKenshin's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    301
    Reputation
    28
    Thanks
    340
    Send a message via Birdie™ to hkKenshin Afghanistan
    Just FYI guys:

    Code:
    dvar_t* __fastcall Dvar_FindVarFromHash(int hash)
{
  int dvar_hash;
  dvar_t* dvar_ptr;

  dvar_hash = hash;
  _InterlockedIncrement(&DVAR_LOCK);
  while ( dword_154451A44 )                     // Some fucking lock valve
  {
    v1570AF328(0i64, _ptr);
  }
  dvar_ptr = hash_table[(unsigned __int64)(dvar_hash & 0x3FF)];
  if ( dvar_ptr )
  {
    while ( *(_DWORD *)dvar_ptr != dvar_hash )
    {
      dvar_ptr = *(_QWORD *)(dvar_ptr + 0x78);  // dvar->next
      if ( !dvar_ptr )
        goto NOT_FOUND;
    }
    _InterlockedDecrement(&DVAR_LOCK);
  }
  else
  {
NOT_FOUND:
    _InterlockedDecrement(&DVAR_LOCK);
    dvar_ptr = 0i64;
  }
  return dvar_ptr;
}
    From this you can clearly see that dvars are stored similarly to Advanced Warfare: In a hash table.
    There's a max of 0x400 dvars ( Or 1024 ) each occupying a specific node in the root hash table.
    If any duplicates are found, ( In collision cases ) dvar->next ( +0x78 ) points to the next node of that particular hash.
    So now you know how to dump your dvars :3

    Also I found the needed infoz to make an external console as I did in Advanced Warfare ( here )

    I'd release a new one for you but since even my friend recently got a C&D from T/A, I'm gonna quietly sit my ass down and do nuffin :3
    Last edited by hkKenshin; 11-08-2015 at 08:15 AM.

  4. The Following 3 Users Say Thank You to hkKenshin For This Useful Post:

    akim14 (11-08-2015),cra0 (11-11-2015),Taylor Suewift (11-08-2015)
  5. 11-10-2015 #3
    hkKenshin
    hkKenshin is offline
    Threadstarter
    Dual-Keyboard Member
    MPGH Member
    hkKenshin's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    301
    Reputation
    28
    Thanks
    340
    Send a message via Birdie™ to hkKenshin Afghanistan
    I love how no one here's skilled enough to use this information.
    Nevertheless.

    Code:
    enum EntityType
{
	ET_GENERAL,
	ET_PLAYER,
	ET_PLAYER_CORPSE,
	ET_ITEM,
	ET_MISSILE,
	ET_PLAYER_INVISIBLE,
	ET_SCRIPTMOVER,
	ET_SOUND_BLEND,
	ET_FX,
	ET_LOOP_FX,
	ET_PRIMARY_LIGHT,
	ET_LENSFLARE,
	ET_REFLECTION_PROBE,
	ET_HELICOPTER,
	ET_PLANE,
	ET_VEHICLE,
	ET_VEHICLE_SPAWNER,
	ET_VEHICLE_CORPSE,
	ET_ACTOR,
	ET_ACTOR_SPAWNER,
	ET_ACTOR_CORPSE,
	ET_STREAMER_HINT,
	ET_ZBARRIER,
	ET_TRIGGER,
	ET_NONE
}

#define BUTTON_BIT( x )			static_cast< uint64_t >( 1 << static_cast< uint_t >( Buttons::x ) )

enum Buttons
{
	INVALID,
	ATTACK,
	SPRINT,
	MELEE,
	ACTIVATE,
	RELOAD,
	USE_RELOAD,
	LEAN_LEFT,
	LEAN_RIGHT,
	PRONE,
	CROUCH,
	JUMP,
	WALKING,
	TEMP_STANCE,
	BREATH,
	FRAG,
	OFF_HAND_SECONDARY,
	CONFIRM_LOCATION,
	CANCEL_LOCATION,
	GAS,
	REVERSE,
	HANDBREAK,
	THROW,
	CAMERA_LOCK,
	GESTURE_SHIFT,
	LOOK_SPRING,
	CHANGE_SEAT,
	TALK,
	RED,
	GREEN,
	BLUE,
	YELLOW,
	VEHICLE_ATTACK,
	VEHICLE_ATTACK2,
	VEHICLE_MOVE_UP,
	VEHICLE_MOVE_DOWN,
	JAM,
	SLIDE,
	DIVE_TO_PRONE,
	ACTIONSLOT_1,
	ACTIONSLOT_2,
	ACTIONSLOT_3,
	ACTIONSLOT_4,
	OFFHAND_CANCEL,
	USE_DOUBLE_TAP,
	AIR_BURST,
	LASTING,
	INVENTORY,
	NUNCHUCK_SCOPE,
	NUNCHUCK_TURRET,
	ACTIONSLOT_CAROUSEL,
	WEAPON_PICKUP,
	WEAPON_PICKUP_ENABLED,
	DOUBLETAPJUMP,
	CCP_SHIFT_GRENADE,
	STANCE,
	VEHICLE_BOOST,
	ACTION,
	DOUBLE_JUMP,
	JUKE,
	SWIM_UP,
	SWIM_DOWN,
	PLANT_SHIELD,
	OFFHAND_SPECIAL,
	SWITCH_WEAPON
}

auto cmd = cg->input::GetCmd( cg->input.cmdNum );
cmd->button |= BUTTON_BIT( ATTACK );
  6. 11-12-2015 #4
    cra0
    cra0 is offline
    New Member
    MPGH Member
    cra0's Avatar
    Join Date
    Oct 2012
    Gender
    male
    Location
    0xFFFFFFFF
    Posts
    12
    Reputation
    10
    Thanks
    3
    Send a message via Birdie™ to cra0 Australia
    They encrypting functions I found CG_GETENTITY but theres some xor coupled with some unknown cipher
    puu(DOT)sh/ldM0D.png

    ^ debug symbols for some functions too but couldn't find the viewmatrix :/
  7. 11-12-2015 #5
    hkKenshin
    hkKenshin is offline
    Threadstarter
    Dual-Keyboard Member
    MPGH Member
    hkKenshin's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    301
    Reputation
    28
    Thanks
    340
    Send a message via Birdie™ to hkKenshin Afghanistan
    Aff i'm jealous :'(
    Will look into the matrix stuff later for you.

    Also saw they got some RTTI and noticed those xor's too.
  8. 11-12-2015 #6
    nignogger
    nignogger is offline
    New Member
    nignogger's Avatar
    Join Date
    May 2013
    Gender
    male
    Posts
    1
    Reputation
    10
    Thanks
    2
    Send a message via Birdie™ to nignogger Albania
    maestro1994 you look more and more clueless by every post...
    Anyway viewinfo (reclass yo self):
    Code:
    ViewInfo *vInfo = (ViewInfo*)(0xE24F1258C);
	__int32 iWidth; //0x0000 
	__int32 iHeight; //0x0004 
	float flFOVX; //0x006C 
	float flFOVY; //0x0070 
	float flFOVZ; //0x0074 
	float flFOV; //0x0078 
        Vector ViewOrg; //0x007C 
	Vector ViewAxes[3]; //0x0098
    Last edited by nignogger; 11-12-2015 at 11:29 AM.

  9. The Following User Says Thank You to nignogger For This Useful Post:

    hkKenshin (11-12-2015)
« Previous Thread | Next Thread »

Similar Threads

  1. [WTS] Let's get started
    By Dr.FapaTon in forum Vindictus Selling / Trading / Buying
    Replies: 35
    Last Post: 03-06-2013, 09:19 AM
  2. [Release] Lets get started !
    By Narsha in forum CrossFire Discussions
    Replies: 19
    Last Post: 11-18-2012, 06:33 PM
  3. How do you get rid of hacks? New patch wont let my game start!
    By Kohnatum in forum Combat Arms Hacks & Cheats
    Replies: 3
    Last Post: 01-17-2009, 10:25 AM
  4. Got VB 6, I see new Adress thread, how to get started?
    By soulbind4 in forum WarRock - International Hacks
    Replies: 10
    Last Post: 01-24-2008, 07:38 PM