So, i see too many "How to make hacks", " Please help me" so, i decided to make a tutorial for newbies how to make their hack;
Requirements to start making hacks:
---Programming Knowledge...
---Brain.exe...
---Visual Studio / a good C++ compiler...
---Optional is a C#/VB Compiler but you will need a CLR Injector...
---Math Knowledge...
you MUST:
-Already know how to make a DLL in C++
-have C++ knowledge
So lets Start
░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒ ▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█ ▓▒░
CShell (short)
CShell.Dll is the Main module that actually handles the Game Engine...
Everything (Weapons, Player Data, etc) is stored by the CShell.dll in the operative memory, so the required pointers are inside CShell.dll, also points into that module...
So, if you use a pointer like the Weapon Manager Pointer (WeaponMgr / WeaponPtr) you must use this formula:
Code:
C++:
DWORD CShell = GetModuleHandle("CShell.dll");
CShell + WeaponPtr;
C#:
uint CShell = GetModuleHandle("CShell.dll");
CShell + WeaponPtr;
1; Weapon Hacks
What is this?
Weapon hacks where you modify the weapon table, so you can edit each weapon's properties, like Damage, Range, Recoil, Reload....
Keep in mind, that some properties are server sided like: Ammo count i nthe mag, and all ammo...
Also some of them is patched like WeaponRange...
---------------------------------------
To start making Weapon hacks, you MUST know, how crossfire handles weapons...
The weapons are stored in array, but you have to find where it is in the memory...
You could hear that "WeaponPtr" or "WeaponMgr"... That is the start address of the Pointer table, which pont to each weapon in the memory...
How it looks like ?
Each 4 bytes colored to the same color represents 1 number, which is a Memory Address...
Our weapon is stored on that Memory Address...
So, to edit the weapons, you must use this table to find them...
The easiest way to do it, you need a loop...
Code:
for (int i = 0; i < 1000; i++)
{
CurrentWeapon = *(DWORD*)(CShell + WeaponPtr + (i * 4)); //i * 4 because each DWORD is 4 byte length...
if (CurrentWeapon) //Check if this is a real pointer... If it equals with "0" it means an invalid pointer...
{
//Hacking
}
}
But how it works ?
if you read out a DWORD from (CShell + WeaponPtr + (4 * i)) you will gain a number...
This number is a start location (in the memory) for the weapon...
That means:
Code:
Weapon1 = *(DWORD*)(CShell + WeaponPtr + 0); //the first 4 bytes since DWORD is 4 byte length (0,1,2,3)
Weapon2 = *(DWORD*)(CShell + WeaponPtr + 4); //the second 4 bytes for the second DWORD (4,5,6,7)
Weapon 1 will be (example) 54;
Weapon 2 is (example) 90;
54 and 90 are also start addresses for a "struct"...
From this point we use "Offsets" each offset represent the location of each item(value) INSIDE the struct...
like:
Code:
(Address) + (Offset)
54 + 4 is the Ammo...
54 + 10 is the Damage...
Since they are also inside the CShell you must use:
*([data type]*)(CShell + Address + Offset);
each value has their own data type... The most used is the "float" but you can find some "int", "byte" or even a string...
So... If you has enough Brain.exe at this point you should understand how crossfire handles the weapons...
So here is a full source (short) to explain this:
Code:
DWORD WeaponPtr = 0x424243;
int Damage = 0x456;
DWORD CShell = GetModuleHandle("CShell.dll");
for (int i = 0; i < 1000; i++)
{
DWORD ActualWeapon = *(DWORD*)(CShell + WeaponPtr + (4 * i));
if (CurrentWeapon)
{
*(float*)(ActualWeapon + Damage) = 1000;
}
}
with the logic, you can make another weapon type hacks too...
BasicPlayerInfo
Basic plyer info contains data about the Characters, but global datas, like Crounch Speed, Walk Speed, and visibility as ghost...
It is just a simple struct, don't require hard logic, as you learnt from the previous pahargraph:
CShell + BasicPlayerInfo + [Offset];
like
Code:
DWORD VasicPlayerInfo = 0x424243;
int CharacterHiddenAlpha = 0x456; //Visibility as ghost
DWORD CShell = GetModuleHandle("CShell.dll");
DWORD BasicPlayerInfoPtr = CShell + BasicPlayerInfo;
if (BasicPlayerInfoPtr) //if valid
{
*(float*)(BasicPlayerInfoPtr + CharacterHiddenAlpha) = 1;
}
BasicPlayerInfo
This is a bit tricky part...
PlayerPtr contains the data about the current game session...
But remember: PlayerPtr is always "0" when you are NOT In-game (in menu, inventory, store, etc...)
To reference for PlayerPtr you must use the "CShellPtr" or "ClientShell" we use several names for it...
with the "PlayerPtr" offset, addy logs often contains them...
so:
Code:
DWORD ClientShell = 0x42423432;
int PlayerPtr = 0x30;
int Gravity = 0x50;
DWORD pPlayerPtr = *(DWORD*)(CShell + ClientShell + PlayerPtr);
if (pPlayerPtr) //If not null = if you are in-game session
{
*(float*)(pPlayerPtr + Gravity) = 0;
}
Hack Logic:
When you inject a hack, it will hold the main thread of crossfire, that means you must create a new thread, and then do your nasty things inside your own thread...
That requires your own knowledge, how to start a new thread...
Well that should be enough to start making your hacks...
░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒ ▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░▒▓█ ▓▒░