Originally Posted by
ᴺᴼᴼᴮ
inb4omgnooburnowachocophaganduranoobwhodoesntknoan ything.
GetPlayerByIndex
Search "a player"
Go up 9 lines.
Call CShell.0xADDIEHERE
3715E742 |. E8 69F6FFFF CALL CShell.**3715DDB0**
3715E747 |. 85C0 TEST EAX,EAX
3715E749 |. 74 12 JE SHORT CShell.3715E75D
3715E74B |. 8378 24 10 CMP DWORD PTR DS:[EAX+24],10
3715E74F |. 72 06 JB SHORT CShell.3715E757
3715E751 |. 8B40 10 MOV EAX,DWORD PTR DS:[EAX+10]
3715E754 |. C2 0400 RETN 4
3715E757 |> 83C0 10 ADD EAX,10
3715E75A |. C2 0400 RETN 4
3715E75D |> B8 BC337137 MOV EAX,CShell.377133BC ; ASCII "a player"
LocalPlayer
Look below "a player"
**3715E770** /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0
search " ILocaleManager.Default" 48 times
It should be the third one in a stack of iLocaleManag..
3 lines up
2nd method for ClientInfo
Search "HUDDamagedRenderTime" Three times.
You should see four "ILocaleManager.Default" above.
Choose the 3rd out of four (or up two lines).
Pointer is three lines up and furthest on left.
Or search "StrafeTurnRate" 3 times
GameClientShell- search "ShowTiming" do ctrl + L 3 times
go 34 lines up.
addie is on far left
another way is to search "DOOBIC"
or 19 down.
"DOOBIC GAME" ->
"COMBAT GAME"
4 lines up
Third way:
Search these bytes- "8B90 DC000000"
Address is two lines up.
3715ED67 |. 8B0D 60808537 MOV ECX,DWORD PTR DS:[**37858060**] ; CShell.3781BEE0
3715ED6D |. 8B01 MOV EAX,DWORD PTR DS:[ECX]
3715ED6F |. 8B90 DC000000 MOV EDX,DWORD PTR DS:[EAX+DC]
fourth way:
search "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"
371AA390 . 833D 60808537 >CMP DWORD PTR DS:[>>>>>37858060<<<<<<],0
371AA397 . 53 PUSH EBX
371AA398 . 56 PUSH ESI
371AA399 . 57 PUSH EDI
371AA39A . 8BF9 MOV EDI,ECX
371AA39C . 74 69 JE SHORT CShell.371AA407
371AA39E . 66:8B5C24 14 MOV BX,WORD PTR SS:[ESP+14]
371AA3A3 . 0FB7F3 MOVZX ESI,BX
371AA3A6 . 85F6 TEST ESI,ESI
371AA3A8 . 7C 5D JL SHORT CShell.371AA407
371AA3AA . A1 64678537 MOV EAX,DWORD PTR DS:[37856764]
371AA3AF . 3BB0 C0150000 CMP ESI,DWORD PTR DS:[EAX+15C0]
371AA3B5 . 7D 50 JGE SHORT CShell.371AA407
371AA3B7 . 8B0D 58DA8537 MOV ECX,DWORD PTR DS:[3785DA58] ; CShell.3783520C
371AA3BD . 8B49 18 MOV ECX,DWORD PTR DS:[ECX+18]
371AA3C0 . E8 3BC32D00 CALL CShell.37486700
371AA3C5 . 66:3BD8 CMP BX,AX
371AA3C8 . 75 52 JNZ SHORT CShell.371AA41C
371AA3CA . 8B0D 64678537 MOV ECX,DWORD PTR DS:[37856764] ; CShell.378567E8
371AA3D0 . 56 PUSH ESI
371AA3D1 . E8 5A4C2500 CALL CShell.373FF030
371AA3D6 . 85C0 TEST EAX,EAX
371AA3D8 . 74 42 JE SHORT CShell.371AA41C
371AA3DA . 0FB64424 10 MOVZX EAX,BYTE PTR SS:[ESP+10]
371AA3DF . 66:8B5424 18 MOV DX,WORD PTR SS:[ESP+18]
371AA3E4 . 8987 90010000 MOV DWORD PTR DS:[EDI+190],EAX
371AA3EA . 66:8977 28 MOV WORD PTR DS:[EDI+28],SI
371AA3EE . 66:8957 2A MOV WORD PTR DS:[EDI+2A],DX
371AA3F2 . 8B0D 5C168737 MOV ECX,DWORD PTR DS:[3787165C] ; CShell.37832284
371AA3F8 . 8B11 MOV EDX,DWORD PTR DS:[ECX]
371AA3FA . 8B42 10 MOV EAX,DWORD PTR DS:[EDX+10]
371AA3FD . 6A 10 PUSH 10
371AA3FF . FFD0 CALL EAX
371AA401 . 5F POP EDI
371AA402 . 5E POP ESI
371AA403 . 5B POP EBX
371AA404 . C2 1000 RETN 10
371AA407 > A1 50BE8137 MOV EAX,DWORD PTR DS:[3781BE50]
371AA40C . 8B08 MOV ECX,DWORD PTR DS:[EAX]
371AA40E . 8B51 18 MOV EDX,DWORD PTR DS:[ECX+18]
371AA411 . 68 308A7137 PUSH CShell.37718A30 ; ASCII "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"
FIFTH WAY:
Search bytes: 833D 60808537
Address is in column on right.
How to get No Reload:
Right click -> Search for -> Binary string
Search "0F84 B1010000" three times.
Address is on left.
**374BB8F4** |. 0F84 B1010000 JE CShell.374BBAAB
Weapon Range:
Search "8B80C8020000" twice for first addie and again for second addie.
2.25
374BBB79 |. 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]
374BBEF9 . 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]
GAMESTATUS: ?untested
Search bytes "14597137" THREE times.
Address to interfaceMgr is on left.
Offset for gamestatus is 0xE4
SUPER BULLETS:
Search "SOUND_KEY" once.
Highlight text FROM SOUND_KEY "UP" TO %s%d.
Search bytes "0F94C0" and addie is on left.
PlayerManager:
Search "CursorHack" three times.
Address is one line below on left.
3785DA54 6C1E7437 DD CShell.37741E6C ; ASCII "CursorHack"
**3785DA58** . 0C528337 DD CShell.3783520C
Weapon Manager:
Search bytes "636F6E33" once.
37856748 . >>>636F6E33<<< DD 336E6F63
3785674C 00 DB 00
3785674D 00 DB 00
3785674E 30 DB 30 ; CHAR '0'
3785674F 00 DB 00
37856750 00 DB 00
37856751 00 DB 00
37856752 00 DB 00
37856753 00 DB 00
37856754 00 DB 00
37856755 00 DB 00
37856756 00 DB 00
37856757 00 DB 00
37856758 00 DB 00
37856759 00 DB 00
3785675A 00 DB 00
3785675B 00 DB 00
3785675C 00 DB 00
3785675D 00 DB 00
3785675E 00 DB 00
3785675F 00 DB 00
37856760 00 DB 00
37856761 00 DB 00
37856762 00 DB 00
37856763 00 DB 00
>>>37856764<<< . E8678537 DD CShell.378567E8
dis nigguh jus asking how to do somfin he be not trolling and leechin.