Really Dunno Maybe u Should Ask @~FALLEN~ or @giniyat101 ?
Hello,
I want to know if 1 of u could help me finding Patterns Signatures,i want to make a auto update hack.
Please,help me .
Regards,
EDIT: I Find Signatures,But i cant get it working,Some Help?
Code:#include <windows.h> DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask); //On Globals #define Ptr 0xAAC3D0 bool reload = true; void Base() { DWORD CShell = *(DWORD*)GetModuleHandleA("CShell"); DWORD NoReload = (FindPattern((DWORD)GetModuleHandleA("CShell.dll"), 0xFFFF, (PBYTE)"\xD9\x98\xA4\x26\x00\x00" ,"xxxx??")); DWORD pWeaponMgr = *(DWORD*)(CShell + Ptr); if(reload) { if (pWeaponMgr) { for(int i=0; i<601; i++) { DWORD pWeapon = *(DWORD*)(pWeaponMgr+4*i); if(pWeapon != NULL) *(float*)((*(DWORD*)((*(DWORD*)(CShell+Ptr))+(4*i))) + NoReload) = 100; } } } } bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask) { for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask) return 0; return (*szMask) == NULL; } DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask) { for(DWORD i=0; i<dwLen; i++) if (bCompare((BYTE*)(dwAddress+i),bMask,szMask)) return (DWORD)(dwAddress+i); return 0; }
Last edited by darlwis; 04-15-2012 at 09:31 AM.
Really Dunno Maybe u Should Ask @~FALLEN~ or @giniyat101 ?
Need Any Help in C++/CrossFire? Just Pm me.
My FB : Www.FaceBook.com/FaDiAtefAhlawy
My Yahoo : Dodo_CrazyChat@yahoo.com
My Hotmail : Dodo_CrazyChat@hotmail.com
you search first 0xFFFF bytes only.. try increasing to 0x20000 or something
EDIT: you are searching a pattern including the offset 0x26A4 itself, the fuck?
Last edited by giniyat101; 04-14-2012 at 01:46 PM.
[img]https://i43.photobucke*****m/albums/e367/DeteSting/Steam-update.gif[/img]
So:
??Code:DWORD NoReload = (FindPattern((DWORD)GetModuleHandleA("CShell.dll"), 0x20000, (PBYTE)"\xD9\x98\xA4\x26\x00\x00","xxxx??"));
@giniyat101
I Will Test it.
@darlwis
I believe findpattern is detected... i suggest u to learn anti-cheat bypass (xtrap) & disable it.
Try this, but i'm not sure it will work like said above.
edit: ops.. small mistake cause i c+p your noreload's codes to this post without check it first.Code:#include <windows.h> #define WeaponMgr 0xAAC3D0 BYTE NoReloadArray[] = { 0xD9, 0x98, 0xA4, 0x26, 0x00, 0x00 }; void Base() { DWORD pNoReload; DWORD CShell = NULL; do { CShell = (DWORD)GetModuleHandleA("CShell.dll"); } while (!CShell); pNoReload = FindPattern(CShell, 0xFFFF, NoReloadArray,"xxxx??"); While(1) { DWORD NoReload = *(DWORD*)(CShell + WeaponMgr); if(NoReload) { for(int i=0; i<601; i++) { DWORD Weapon = *(DWORD*)(NoReload+4*i); if(Weapon != NULL) *(float*)((*(DWORD*)((*(DWORD*)(CShell+WeaponMgr))+(4*i))) + pNoReload ) = 100; } } } }
Last edited by Genkidesu; 04-14-2012 at 03:00 PM.
OMFGDUDE (04-17-2012)
Try putting Sleep(10); after GetModuleHandleA("CShell.dll"); .
You didn't conside that CShell uses Themida and it takes time until it is unpacked.
Put the FindPattern into a loop which ends when the pattern is found with Sleep(10); at the end.
FindPattern isn't detected, there is something else XTrap detects. It is easy to find out what.
Maybe you should search for the string, then for the PUSH and search the pattern because this opcode could also be before the opcode for setting the reload time in CShell and then you got the wrong one. The region should begin after the PUSH.
Last edited by derh.acker; 04-15-2012 at 03:07 AM.
OMFGDUDE (04-15-2012)
Yes,I was thinking how the patterns get the address if the normal CShell is Packed.
Then i think,if i rename my unpack CShell it will get it?
But,Then i think if a patch surge i have to unpack it again and there is no auto update then.
Look This:
Then My Code is:Code:1013E778 68 6C083010 PUSH _CShell.1030086C ; ASCII "ReloadAnimRatio" 1013E77D D998 A4260000//Here are the Signatures for ---> FSTP DWORD PTR DS:[EAX+26A4] 1013E783 55 PUSH EBP
But when i do GetModuleHandleA i Get Xtrap,But when i use a Extern _stdcall like:Code:void Base() { DWORD CShell; while(!(CShell = (DWORD)GetModuleHandle(L"CShell.dll"))) Sleep(10); DWORD pWeaponMgr = *(DWORD*)(CShell + WeaponMgr); DWORD pReload = (FindPattern((DWORD)GetModuleHandle(L"CShell.dll"), 0x20000, (PBYTE)"\xD9\x98\xA4\x26\x00\x00","xxxx??")); Sleep(10); if(NoReload) { if(pWeaponMgr) { for(int i=0; i<601; i++) { DWORD Weapon = *(DWORD*)(pWeaponMgr+4*i); if(Weapon != NULL) *(float*)(Weapon + pReload) = 35; } } } }
GetModuleHandle(L"CShell"); No problem with XTrap.
Too i have to Define on Globals:
To get no errors when i debug it.Code://Globals DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask); bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask);
Regards,
Edit:
I Get the Patterns work but i give me a super lag,
Look my source:
Code:#include "stdafx.h" #include <windows.h> #include <stdio.h> #include "Pattern.h" #define Ptr 0xAAC3D0 #define NoRecoil1 0x051C #define NoRecoil2 0x0684 #define NoRecoil3 0x1938 #define NoRecoil4 0x1B14 #define NoRecoil5 0x1FA0 #define NoRecoil6 0x2108 #define NoRecoil7 0x2270 #define NoRecoil8 0x2790 bool reload = true; bool NoRecoil = true; void Base() { dwStartAddress = 0x400000; do { dwStartAddress = (DWORD)GetModuleHandle(L"CShell.dll"); Sleep(10); } while(!dwStartAddress); dwSize = 0x500000; DWORD CShell = (DWORD)GetModuleHandleW(L"CShell.dll"); DWORD pWeaponMgr = *(DWORD*)(CShell + Ptr); DWORD FastAmmo = FindPattern((PBYTE)"\xD9\x98\xA4\x26\x00\x00","xxxx??",2,true); if(NoRecoil) { if (pWeaponMgr) { for(int i=0; i<601; i++) { if((*(DWORD*)((*(DWORD*)(CShell+Ptr))+(4*i)) ) != NULL) { DWORD pNoRecoil = *(DWORD*)(pWeaponMgr + (4*i)); for(int y=0; y<9; y++) { if(pNoRecoil) { *(float*)(pNoRecoil + (NoRecoil1 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil2 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil3 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil4 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil5 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil6 + (4*y))) = 0.0f; *(float*)(pNoRecoil + (NoRecoil7 + (4*y))) = 0.0f; } } } } } } if(reload) { if (pWeaponMgr) { for(int i=0; i<601; i++) { DWORD pWeapon = *(DWORD*)(pWeaponMgr+4*i); if(pWeapon != NULL) *(float*)((*(DWORD*)((*(DWORD*)(CShell+Ptr))+(4*i))) + FastAmmo) = 100; } } } } int Wait() { Base(); return true; } BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved) { if (dwReason == DLL_PROCESS_ATTACH) { DisableThreadLibraryCalls(hDll); SetTimer(0,99,80,(TIMERPROC)Base); } return TRUE; }
Last edited by darlwis; 04-15-2012 at 03:51 PM.
OMFGDUDE (04-17-2012)
OMFGDUDE (04-17-2012)
OMFGDUDE (04-17-2012)
Yes,i note it,is my pc problem,
Can some body same a way to get them works with a Slow PC?
finally i got the findpattern working but my codes a bit different from @darlwis, took me almost 3 hours to figure it out my mistakes... @derh.acker you're right about it, it's not detected.
@darlwis this signature once cf updates, it wont work anymore (if the offset not changed).
here's the signature for noreload:Code:\xD9\x98\xA4\x26\x00\x00 xxxx??
Code:0xd65000 \xD9\x98\x00\x00\x00\x00\x55\xE8\x00\x00\x00\x00\x83\xC4\x08 xx????xx????xxx
OMFGDUDE (04-18-2012)