Simple WH Source - 2D Boxes

[MarkHC]

Well, first of all, this wasn't found by me.. cardoow reversed this a long ago. I just found the new offset...

Anyways.. it's pretty simple. You know those boxes the are shown on enemies when you're on the Reaper, Osprey, etc.? Now you can draw them all the time.

Code:

void FixBlindEye() {

	CClientInfo * pLocal = GetLocalClient(); //Get the Local Client (You)

	for(int i=0; i< 18; i++) {

		CClientInfo * pClient = GetClientByIndex(i);

		if(pClient != pLocal) //If the player is not you...
			if(pClient->Perk & 0x20) //Does the player has Blind Eye on?
				pClient->Perk = 0x0; //Yes? Then, turn it off.
	}
}

void DrawBoxes(){
	DWORD dwCall = 0x5C3760; //Offset for 1.9.453

        //Since this function is called by the game to draw the chopper boxes,
        //by default, it wouldn't draw on players with Blind Eye.. we have to fix that
	FixBlindEye();
	
       //Call our function
	__asm{
		push 0x0
		call [dwCall]
		add esp, 0x4
	}
}

If you want to find the offset for a different version, just search for All References of Client_t+0x38 (Client Perk) on IDA or Olly... and you'll be lead to the function.
Example: On 1.9.453:
Client_t = 0x00AD69F8
0x00AD69F8 + 0x38 = 0xAD6A30 (Search for AD6A30)

PS: You need to hook some render function for this to work, otherwise it'll just crash.

[superleecherz]

What address does GetLocalClient use? I've been trying to figure out a way to get the local player since it's not always the first one even if you're the host.

Also, I got an access violation at dwCall when I tried to use this. I tried using VirtualProtect as well.

"Unhandled exception at 0x005c3760 in test.exe: 0xC0000005: Access violation."

[rawr im a tiger]

Or set the flag on IsInGame.

[MarkHC]

What address does GetLocalClient use? I've been trying to figure out a way to get the local player since it's not always the first one even if you're the host.

Also, I got an access violation at dwCall when I tried to use this. I tried using VirtualProtect as well.

"Unhandled exception at 0x005c3760 in test.exe: 0xC0000005: Access violation."

Clients[CG->ClientNum] is the local client. that's what the function returns. And you don't need VirtualProtect. You just need to make sure it isn't callled when you're on the main menu or whatever.. if(IsInGame != 0) Do you stuff...

[reloe]

Nice , bro

[superleecherz]

Clients[CG->ClientNum] is the local client. that's what the function returns. And you don't need VirtualProtect. You just need to make sure it isn't callled when you're on the main menu or whatever.. if(IsInGame != 0) Do you stuff...

Now the game is crashing after the function gets called like 10 times.

Box flickers for a few seconds in game and crashes.

[cardoow]

just some more info, if(pClient->Perk & 0x20 || pClient->Perk & 0x40)
you also need to use 0x40 cause thats another perks which makes you invisible(forgot the name)

Now the game is crashing after the function gets called like 10 times.

Box flickers for a few seconds in game and crashes.

you need to call it on a renderthread

[Horror]

just some more info, if(pClient->Perk & 0x20 || pClient->Perk & 0x40)
you also need to use 0x40 cause thats another perks which makes you invisible(forgot the name)

This is a killstreak ... Blind Eye is the only one wich keeps u invisible from Killstreaks ...
Assassin is for UAV

[MarkHC]

This is a killstreak ... Blind Eye is the only one wich keeps u invisible from Killstreaks ...
Assassin is for UAV

It's the Spawn protection perk I believe.. just after the enemies spawn, they doesn't have the Box for a few seconds... Its sort of a invisible perk...

EDIT: NVm.. its isn't... not sure what the other perk is either...

[luizimloko]

@-InSaNe-

you have the GetPlayerByIndex and GetLocalPlayer Function ?

what the name of this adrr ?

Code:

DWORD dwCall = 0x5C3760

[MarkHC]

@-InSaNe-

you have the GetPlayerByIndex and GetLocalPlayer Function ?

what the name of this adrr ?

Code:

DWORD dwCall = 0x5C3760

You don't need those function actually.. they're just wrappers... here's how I do it:

Code:

client_t* Clients = ( client_t* )  Offsets.ClientInfo_OFFS;
void cESP::FixBlindEye() { 
	client_t* Local = Clients[CG->ClientNum];

	for(int i = 0; i < 18; i++) {
		if(&Clients[i] != Local) { 
			if(Clients[i].Perk & 0x20 || Clients[i].Perk & 0x40) 
				Clients[i].Perk = 0x0; 
		} 
	} 
}

And I'm not sure about the function name.. but it is the one that draw the boxes when you're on some killstreak...

[luizimloko]

You don't need those function actually.. they're just wrappers... here's how I do it:

Code:

client_t* Clients = ( client_t* )  Offsets.ClientInfo_OFFS;
void cESP::FixBlindEye() { 
	client_t* Local = Clients[CG->ClientNum];

	for(int i = 0; i < 18; i++) {
		if(&Clients[i] != Local) { 
			if(Clients[i].Perk & 0x20 || Clients[i].Perk & 0x40) 
				Clients[i].Perk = 0x0; 
		} 
	} 
}

And I'm not sure about the function name.. but it is the one that draw the boxes when you're on some killstreak...

i need of the name of adrr because i updating this for teknogoods

[MarkHC]

i need of the name of adrr because i updating this for teknogoods

I already explained how to find the function for other version...

On IDA:

Search->Text->Find All Occurences And type the client_t address + 0x38

You'll probably get only one result.. that's the function.

Tip: On Tekno the offset starts with 05Axxxxxx

[cardoow]

I already explained how to find the function for other version...

On IDA:

Search->Text->Find All Occurences And type the client_t address + 0x38

You'll probably get only one result.. that's the function.

Tip: On Tekno the offset starts with 05Axxxxxx

Youll get one result and thats the actual function which draws them. I always call a wrapper function

Code:

text:0048CA7A                 push    esi
.text:0048CA7B                 call    sub_5051F0
.text:0048CA80                 add     esp, 4

[barata55]

Tip: On Tekno the offset starts with 05Axxxxxx

You mean: 0x5AA470, .

Thanks Barata...