Check if WeaponID is +1

**hoschi111** · 10-17-2012

Hello MPGH,
i tried to find a way to check the "WeaponID +1" dynamically.
I was quite successful by finding an address:

Code:

iw5mp.exe+5C7838
0x9C7838
2 Byte Int
OR
iw5mp.exe+5C7BE8
0x9C7BE8
2 Byte Int

1 = WeaponID +1
0 = WeaponID +0

BUT:
The addresses changes just after map is fully loaded.
Reading while map is loading returns an inaccurate value.

Hope I could help you.
~ hoschi111

**Kenshin13** · 10-17-2012

Why read the addresses dynamically?
Static ones are much easier. There's a weaponID byte in the Entity_T structure.
Check it out.

**hoschi111** · 10-17-2012

Oh no, i think you didn't understand me, i am sorry.
On certain maps, your WeaponID is +1.
To avoid that you've to check it on each map, i just posted the addresse which returns "1" if "+1" or "0" if "+0" for all maps.
This address is static.

**rawr im a tiger** · 10-17-2012

I had a way of doing this by checking the mapname, but this is much more elegant. Nice work.

**Kenshin13** · 10-18-2012

Pointer scan?
Try to find the main pointer(if this isn't already static, which it should'nt be if they change)
Or as the best way->Make a pattern signature so you can scan for them and refind them if they change.

**cardoow** · 10-18-2012

what do you mean with "weaponID + 1"? and what are you trying to get? the weaponname?

**hoschi111** · 10-18-2012

Example:
Map Seatown: USP = 6, (standard) (ID)
Map Dome: USP = 7, (+1) (ID)

If the address says "1", your Weapon ID is "Standard + 1".
Otherwise, if the value is "0", it is only standard (Standard + 0).

@Kenshin13
The address is STATIC, but returns your desired value regarding to the current map. That is what i've called "dynamically".
@rawr im a tiger
Thank you

**Kenshin13** · 10-18-2012

Yea I realized but as I said before make a signature for it.
The signature never changes so you'll always find it.

**cardoow** · 10-18-2012

Originally Posted by hoschi111

Example:
Map Seatown: USP = 6, (standard) (ID)
Map Dome: USP = 7, (+1) (ID)

If the address says "1", your Weapon ID is "Standard + 1".
Otherwise, if the value is "0", it is only standard (Standard + 0).

@Kenshin13
The address is STATIC, but returns your desired value regarding to the current map. That is what i've called "dynamically".
@rawr im a tiger
Thank you

Code:

char * GetWeaponName(DWORD dwNum)
{
	DWORD dwReturn = NULL;
	__asm{		
		mov eax, dwNum
		and eax, 0FFh
		add eax, eax
		add eax, eax
		mov eax,[eax+0xA011D4]
		mov dwReturn, eax		
	}
	return (char*)dwReturn;
}

you can get weapon names with this function, offset is outdated though

**Kenshin13** · 10-18-2012

Using Cardow's method, you jus add the offset...

Code:

char * GetWeaponName(DWORD dwNum)
{
	DWORD dwReturn = NULL;
	__asm{		
		mov eax, dwNum;
		and eax, 0FFh;
		add eax, eax;
		add eax, eax;
		mov eax,[eax+GetWeaponNameHERE];
		mov dwReturn, eax;
	}
	return (char*)dwReturn;
}

Offset Ver: 1.4.382 - 0x00A042D4

And this one returns the WeaponID

Code:

DWORD GetWeapon(DWORD dwNum)
{
    DWORD dwReturn = NULL; 
    __asm
   {	 
      mov eax, dwNum;
      and eax, 0FFh;
      mov eax, [eax*4+GetWeaponOffsetHERE]; 
      mov dwReturn, eax;
   } 
   return dwReturn; 
}

Offset Ver: 1.4.382 - 0x008DDB50

BTW I assumed dwNum is the client's/entity's number or weapon id...

**cardoow** · 10-19-2012

Originally Posted by Kenshin13

Using Cardow's method, you jus add the offset...

Code:

char * GetWeaponName(DWORD dwNum)
{
	DWORD dwReturn = NULL;
	__asm{		
		mov eax, dwNum;
		and eax, 0FFh;
		add eax, eax;
		add eax, eax;
		mov eax,[eax+GetWeaponNameHERE];
		mov dwReturn, eax;
	}
	return (char*)dwReturn;
}

Offset Ver: 1.4.382 - 0x00A042D4

And this one returns the WeaponID

Code:

DWORD GetWeapon(DWORD dwNum)
{
    DWORD dwReturn = NULL; 
    __asm
   {	 
      mov eax, dwNum;
      and eax, 0FFh;
      mov eax, [eax*4+GetWeaponOffsetHERE]; 
      mov dwReturn, eax;
   } 
   return dwReturn; 
}

Offset Ver: 1.4.382 - 0x008DDB50

BTW I assumed dwNum is the client's/entity's number or weapon id...

dwNum is indeed client/entity weaponid.
The second function doesnt return the weaponid, it return an offset to a weaponclass which contains local stuff
like crosshair size, spread, recoil, sway etc

**hoschi111** · 10-19-2012

There is a better address for "Weapon +1"-Check:

Code:

0x01B70234
Integer
1 = +1
0 = +0

My two addresses in the first post behaves very improper in Online-Games or after a few time.
This new address stays the same the whole map long.

**Kenshin13** · 10-19-2012

Now tell me, why even do this when you can use @cardoow's naked function and get full blown weapon names for each player:
BTW I didn't do anything other than send the entity's weapon ID.

**rawr im a tiger** · 10-19-2012

Originally Posted by Kenshin13

Now tell me, why even do this when you can use @cardoow's naked function and get full blown weapon names for each player:

Because not every hack is internal?

**cardoow** · 10-20-2012

Originally Posted by rawr im a tiger

Because not every hack is internal?

That made me lol! why do you need to be internal?

Thread: Check if WeaponID is +1

Thread Tools

Display

Check if WeaponID is +1

The Following User Says Thank You to hoschi111 For This Useful Post:

The Following User Says Thank You to hoschi111 For This Useful Post:

The Following User Says Thank You to rawr im a tiger For This Useful Post:

Similar Threads

CMG anthem, check this out FoM lovers ;)

Omg Omg Omg Check This!!

Guys check this out

Lol check out my crappy sig