Code:
EndFrame.................0x00580C20
BulletPentrationCheck....0x0059D080
BulletPentration.........0x0059F5A0
GetWeaponSpread..........0x004770F0
GetRandomSpread..........0x005D51A0
ChopperBoxes.............0x0059E710
DrawText.................0x00509D80
GetScreenMatrix..........0x004F8940
DrawRotatedPic...........0x004A6F00
ApplyRect................0x004FBEC0
DebugLine................0x00424650
DebugCircle..............0x004E2E20
GetPlayerTag.............0x0056A020
CG_Trace.................0x00000000
GetLocalWeapon...........0x004BE4D0
SendCommand..............0x00609540
EngineRadar..............0x004316E0
OverlayEnemy.............0x0046CCA0
OverlayFriendly..........0x004FE000
WritePacket..............0x00411900
CG_Error.................0x004B22D0
Credits: -InSaNe-, g0dly, killstreak, barata55, NightmareTX, master131, BaberZz, CyberPresents, Patcherpro , MW2Player
More offsets and code by CyberPresents
Code:
#define OFF_CG 0x7F0F78
#define OFF_CGS 0x7ED3B8
#define OFF_REFDEF 0x85B6F0
#define OFF_ENTITY_SIZE 0x204
#define OFF_ENTITY 0x8F3CA8
#define OFF_CLIENT_SIZE 0x52C
#define OFF_CLIENT 0x8E77B0
#define OFF_CAMERA 0xB2F890
#define OFF_INPUT 0xB2F8DC
#define OFF_CURRENTCMDNUM 0xB30CDC
#define CMD_MASK 0x7F
#define CMD_BACKUP 128
#define OFF_PLAYERSTATE 0x7F0F78
#define OFF_KBUTTONS 0xA1A9A8
#define OFF_PATCH_GUID 0x449A70
#define OFF_PING 0xB2F7D0
#define OFF_VIEWANGLEX 0xB2F8D4
#define OFF_VIEWANGLEY 0xB2F8D0
#define OFF_CHOPPERBOXES 0x59E710
#define OFF_BULLETPARAMS_CHECK 0x59D080
#define OFF_FIREBULLETPENETRATE 0x59F5A0
#define OFF_FX_ENABLE 0x16F0410
#define OFF_FX_DRAW 0x16F047C
#define OFF_GETWEAPONSPREAD 0x4770F0
#define OFF_RANDOMBULLETDIR 0x5D51A0
#define OFF_SPREADMULTIPLIER 0x8EE0A4
#define OFF_REGISTERTAG 0x004BC450
#define OFF_REGISTERFONT 0x505670
#define OFF_REGISTERHANDLE 0x505E60 //RegisterShader
#define OFF_DRAWENGINETEXT 0x509D80
#define OFF_DRAWSTRETCHPIC 0x509770
#define OFF_STRWIDTH 0x5056C0
#define OFF_GETPARAM 0x004C9CC0
#define OFF_GETSCREENMATRIX 0x4F8940
#define OFF_DRAWROTATEDPIC 0x004A6F00
#define OFF_APPLYRECT 0x4FBEC0
#define OFF_DEBUGLINE 0x424650
#define OFF_DEBUGCIRCLE 0x4E2E20
#define OFF_SCREENMATRIX_STATIC 0x1084378
#define OFF_GETPLAYERTAG 0x0056A020
#define OFF_TRACE 0x4B16B0
#define TRACE_MASK 0x803003
#define OFF_GETLOCALWEAPON 0x4BE4D0
#define OFF_SENDCMD 0x609540
#define OFF_LOCALINDEX 0x7F42C8
#define OFF_DRAWRADAR 0x004316E0
#define OFF_OVERLAYENEMY 0x46CCA0
#define OFF_OVERLAYFRIENDLY 0x4FE000
#define OFF_OVERLAYSENTRY 0x409110
#define OFF_OVERLAYPARTY 0x4FE000
#define OFF_OVERLAYUNK1 0x5003C0
#define OFF_OVERLAYUNK2 0x49B6F0
#define OFF_OVERLAYUNK3 0x4CD770
#define OFF_OVERLAYUNK4 0x45BD60
#define OFF_OVERLAYUNK5 0x4316E0
#define OFF_OVERLAYUNK6 0x483A30
#define OFF_WRITEPACKET 0x411900
#define OFF_OBITUARY 0x586C90
#define OFF_ERROR 0x4B22D0
#define OFF_RELIABLECMDS 0xA1E9B4
#define OFF_RELIABLECMDS_SIZE 0x400
#define MAX_RELIABLE_COMMANDS 0x80
#define OFF_SERVERCMDS 0xA3E9C0
#define OFF_SERVERCMDS_SIZE 0x400
#define OFF_CMDNUMBER 0xB30CDC
#define OFF_OUTPACKETS 0xB34CF4
#define OFF_CMDS 0xB2F8DC
#define OFF_SNAPSHOTS 0xB34E74
#define MAX_ENTITIES_IN_SNAPSHOT 768
#define OFF_INPUT 0xB2F8DC
#define OFF_USERCMD_SIZE 0x28
#define PACKET_BACKUP 32
#define PACKET_MASK 0x1F
#define CMD_MASK 0x7F
#define CMD_BACKUP 128
Classes
Code:
enum EntTypes
{
ET_GENERAL,
ET_PLAYER,
ET_PLAYER_CORPSE,
ET_ITEM,
ET_MISSILE,
ET_INVISIBLE,
ET_SCRIPTMOVER,
ET_SOUND_MOVER,
ET_FX,
ET_LOOP_FX,
ET_PRIMARY_LIGHT,
ET_TURRET,
ET_HELICOPTER,
ET_PLANE,
ET_VEHICLE,
ET_VEHICLE_COLLMAP,
ET_VEHICLE_CORPSE,
ET_VEHICLE_SPAWNER,
};
class CEntity
{
public:
char _0x0000[24];
Vec3 vOrigin; //0x0018
char _0x0024[72];
__int32 IsZooming; //0x006C
char _0x0070[12];
Vec3 vOldOrigin; //0x007C
char _0x0088[84];
__int32 clientNum; //0x00DC
__int32 eType; //0x00E0
__int32 eFlags; //0x00E4
char _0x00E8[12];
Vec3 vNewOrigin; //0x00F4
char _0x0100[108];
__int32 pickupItemID; //0x016C
__int32 clientNum2; //0x0170
char _0x0174[52];
BYTE weaponID; //0x01A8
char _0x01A9[51];
__int32 iAlive; //0x01DC
char _0x01E0[32];
__int32 clientNum3; //0x0200
};//Size=0x0204
class CClient
{
public:
__int32 IsValid; //0x0000
__int32 IsValid2; //0x0004
__int32 clientNum; //0x0008
char szName[16]; //0x000C
__int32 iTeam; //0x001C
__int32 iTeam2; //0x0020
__int32 iRank; //0x0024 rank+1
char _0x0028[4];
__int32 iPerk; //0x002C
__int32 iKills; //0x0030
__int32 iScore; //0x0034
char _0x0038[968];
Vec3 vAngles; //0x0400
char _0x040C[136];
__int32 IsShooting; //0x0494
char _0x0498[4];
__int32 IsZoomed; //0x049C
char _0x04A0[68];
__int32 weaponID; //0x04E4
char _0x04E8[24];
__int32 weaponID2; //0x0500
char _0x0504[40];
};//Size=0x052C
class CRefdef
{
public:
__int32 x; //0x0000
__int32 y; //0x0004
__int32 iWidth; //0x0008
__int32 iHeight; //0x000C
float fovX; //0x0010
float fovY; //0x0014
Vec3 vOrigin; //0x0018
Vec3 vViewAxis[3]; //0x0024
char _0x0048[4];
Vec3 vViewAngles; //0x004C
__int32 iTime; //0x0058
__int32 iMenu; //0x005C
char _0x0060[16128];
Vec3 refdefViewAngles; //0x3F60
char _0x3F6C[276];
};//Size=0x4080
class CGame
{
public:
__int32 iTime; //0x0000
char _0x0004[13132];
__int32 clientNum; //0x3350
char _0x3354[2348];
};//Size=0x3C80
class CGameState
{
public:
char _0x0000[8];
__int32 iWidth; //0x0008
__int32 iHeight; //0x000C
__int32 iScale; //0x0010
char _0x0010[4];
__int32 iTime; //0x0018
char _0x001C[4];
char szGameType[4]; //0x0020
char _0x0024[288];
__int32 iMaxPlayers; //0x0144
char _0x0148[4];
char szMap[64]; //0x014C
char _0x018C[1012];
};//Size=0x0580
class CCamera
{
public:
Vec3 vRecoil; //0x0000
Vec3 vOrigin; //0x000C
char _0x0018[12];
float ViewAngleY; //0x0024
float ViewAngleX; //0x0028
char _0x002C[84];
};//Size=0x0080
/*
class CTrace
{
public:
float fraction; //0x0000
unsigned char _padding[0x60]; //0x0004
};//Size=0x64
*/
class CTrace
{
public:
float fraction;
float normal[3];
int surfaceFlags;
int contents;
const char *material;
int hitType;
unsigned __int16 hitId;
unsigned __int16 modelIndex;
unsigned __int16 partName;
unsigned __int16 partGroup;
bool allsolid;
bool startsolid;
bool walkable;
};
class CRadarHud
{
public:
float x; //0x0000
float y; //0x0004
float w; //0x0008
float h; //0x000C
};//Size=0x0010
class CBulletTrace
{
public:
__int32 worldEntNum; //0x0000
__int32 skipNum; //0x0004
float power; //0x0008
__int32 bulletType; //0x000C
Vec3 vViewOrg; //0x0010
Vec3 start; //0x001C
Vec3 end; //0x0028
Vec3 viewDirection; //0x0034
};//Size=0x0040
class CUserCmd
{
public:
__int32 commandTime; //0x0000
__int32 buttons; //0x0004
Vec3i viewangles; //0x0008
char _0x0014[20];
};//Size=0x0028
class CInput
{
public:
CUserCmd cmds[CMD_BACKUP]; //0x0000
__int32 currentCmdNum; //0x2E40
CUserCmd* GetUserCmd( int cmdNum )
{
return &cmds[ cmdNum & CMD_MASK ];
}
};//Size=0x2E44
class CPlayerState
{
public:
__int32 commandTime;
};
class kbutton_t
{
public:
int down[2]; //0x0000
unsigned int downtime; //0x0008
unsigned int msec; //0x000C
BYTE active; //0x0010
BYTE wasPressed; //0x0011
char _0x0012[2];
};//Size=0x0014
class CButtons
{
public:
char _0x0000[280];
kbutton_t FireWeapon; //0x0118 FireWeapon
kbutton_t HoldBreath; //0x012C HoldBreath
kbutton_t ThrowPrimaryGrenade; //0x0140 ThrowPrimaryGrenade
kbutton_t ThrowSecondaryGrenade; //0x0154 ThrowSecondaryGrenade
kbutton_t Melee; //0x0168 Melee
kbutton_t Use; //0x017C Use
kbutton_t Reload; //0x0190 Reload
char _0x01A4[72];
};//Size=0x01EC
class CEntityState
{
public:
__int32 victimWeapon;
__int32 killerWeapon;
char _padding[116];
__int32 victimEntNum;
__int32 killerEntNum;
char _padding2[32];
__int32 killType;
};
Engine :
Code:
typedef void* ( * tRegisterFont )( char* szName );
tRegisterFont RegisterFont_ = ( tRegisterFont )0x505670;
typedef int ( * tRegisterShader )( char* szName, int unk );
tRegisterShader RegisterShader_ = ( tRegisterShader )0x505E60;
typedef int ( * tDrawEngineText )( char* Text, int NumOfChars, void* Font, float X, float Y, float scaleX, float scaleY, float unk1, float* Color, int unk2 );
tDrawEngineText DrawEngineText_ = ( tDrawEngineText )0x509D80;
typedef int ( * tDrawStretchPic)( float x, float y, float w, float h, float s1, float t1, float s2, float t2, float* color, int shader );
tDrawStretchPic DrawStretchPic_ = ( tDrawStretchPic )0x509770;
typedef int ( * tStrWidth )( char* Text, int unk, void* Font );
tStrWidth StrWidth_ = ( tStrWidth )0x5056C0;
typedef int* ( __cdecl* tGetParam )();
tGetParam GetParam_ = ( tGetParam )0x004C9CC0;
typedef LPVOID ( __cdecl* tGetScreenMatrix )( int a1 );
tGetScreenMatrix GetScreenMatrix_ = ( tGetScreenMatrix )0x4F8940;
typedef int ( __cdecl* tDrawRotatedPic )( CScreenPlacement* scrPlace, float x, float y, float w, float h, float horzAlign, float vertAlign, float angle, float* color, int shader );
tDrawRotatedPic DrawRotatedPic_ = ( tDrawRotatedPic )0x004A6F00;
typedef int ( __cdecl* tApplyRect )( void* scrPlace, float* x, float* y, float* w, float* h, int horzAlign, int vertAlign );
tApplyRect ApplyRect = ( tApplyRect )0x4FBEC0;
typedef void ( __cdecl* tDebugLine )( const float* start, const float* end, const float* color, int depthTest, int duration );
tDebugLine DebugLine_ = ( tDebugLine )0x424650;
typedef unsigned short ( __cdecl* tRegisterTag )( char* szName );
tRegisterTag RegisterTag_ = ( tRegisterTag )0x004BC450;
typedef void ( __cdecl *tTrace )( CTrace* tr, Vec3 start, Vec3 end, Vec3 null, int skip, int mask );
tTrace Trace_ = ( tTrace )0x4B16B0;
typedef void ( __cdecl* tDrawRadar )( int unk0, int disableRotation, int unk2, CRadarHud* radarhud, qhandle_t* shader, float* color );
tDrawRadar DrawRadar_ = ( tDrawRadar )0x004316E0;
typedef void ( __cdecl* tOverlayEnemy )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayEnemy OverlayEnemy = ( tOverlayEnemy )0x46CCA0;
typedef void ( __cdecl* tOverlayFriendly )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayFriendly OverlayFriendly = ( tOverlayFriendly )0x4FE000;
typedef void ( __cdecl* tOverlaySentry )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlaySentry OverlaySentry = ( tOverlaySentry )0x409110;
typedef void ( __cdecl* tOverlayParty )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayParty OverlayParty = ( tOverlayParty )0x4FE000;
typedef void ( __cdecl* tOverlayUnk1 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk1 OverlayUnk1 = ( tOverlayUnk1 )0x5003C0;
typedef void ( __cdecl* tOverlayUnk2 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk2 OverlayUnk2 = ( tOverlayUnk2 )0x49B6F0;
typedef void ( __cdecl* tOverlayUnk3 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk3 OverlayUnk3 = ( tOverlayUnk3 )0x4CD770;
typedef void ( __cdecl* tOverlayUnk4 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk4 OverlayUnk4 = ( tOverlayUnk4 )0x45BD60;
typedef void ( __cdecl* tOverlayUnk5 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk5 OverlayUnk5 = ( tOverlayUnk5 )0x4316E0;
typedef void ( __cdecl* tOverlayUnk6 )( int a1, int a2, int a3, CRadarHud* hud, float* color );
tOverlayUnk6 OverlayUnk6 = ( tOverlayUnk6 )0x483A30;
typedef int ( __cdecl* tGetLocalWeapon )( CGame* cg );
tGetLocalWeapon GetLocalWeapon_ = ( tGetLocalWeapon )0x4BE4D0;
typedef int ( __cdecl* tSendCmd )( int a1, int a2, char* cvar );
tSendCmd SendCmd_ = ( tSendCmd )0x609540;
DWORD GetWeapon( int weaponNum )
{
return ( DWORD )( *( DWORD* )0x7BEAA8 + ( 0x4 * weaponNum ) );
}
CEntity* GetEntity( int idx )
{
return ( CEntity* )( 0x008F3CA8 + ( 0x204 * idx ) );
}
CClient* GetClient( int idx )
{
return ( CClient* )( 0x008E77B0 + ( 0x52C * idx ) );
}
CEntity* GetLocalEntity()
{
return ( CEntity* )( 0x008F3CA8 + ( 0x204 * *(int*)0x7F42C8 ) );
}
CClient* GetLocalClient()
{
return ( CClient* )( 0x008E77B0 + ( 0x52C * *(int*)0x7F42C8 ) );
}
void SendCommand( char* cmd, ... )
{
char szBuffer[512] = { 0 };
va_list vaList;
va_start( vaList, cmd );
vsprintf( szBuffer, cmd, vaList );
va_end( vaList );
SendCmd_( 0, 0, szBuffer );
}
void ChopperBoxes()
{
DWORD dwCall = 0x59E710;
__asm push 0;
__asm call [dwCall];
__asm add esp, 0x4;
}
unsigned short RegisterTag( char* szName )
{
return RegisterTag_( szName );
}
int GetPlayerTag( unsigned short Tag, CEntity* pEnt, Vec3 vOut )
{
DWORD dwCall = 0x0056A020;
__asm movzx edi, Tag;
__asm push vOut;
__asm mov esi, pEnt;
__asm call dwCall;
__asm add esp, 0x4;
}
void Trace( CTrace* tr, Vec3 vStart, Vec3 vEnd )
{
Trace_( tr, vStart, vEnd, vNull, cg->clientNum, 0x803003 );
}
Signatures :
Code:
Scan.AddFunctionSig("EndFrame" , "\x51\xA1\x00\x00\x00\x00\x83\x78\x10\x03" , "xx????xxxx" , 0);
Scan.AddFunctionSig("BulletPentrationCheck" , "\x83\xEC\x54\x56\x8B\xF0" , "xxxxxx" , 0 );
Scan.AddFunctionSig("BulletPentration" , "\x81\xEC\x00\x00\x00\x00\x8B\x84\x24\x00\x00\x00\x00\x53\x55\x8B\xAC\x24\x00\x00\x00\x00\x56\x57" , "xx????xxx????xxxxx????xx" , 0 );
Scan.AddFunctionSig("GetWeaponSpread" , "\x8B\x4C\x24\x04\x83\xB9\x00\x00\x00\x00\x00\x8B\x54\x24\x0C" , "xxxxxx?????xxxx" , 0 );
Scan.AddFunctionSig("GetRandomSpread" , "\x83\xEC\x18\x56\xE8" , "xxxxx" , 0 );
Scan.AddClassesSig("RegisterTag" , "\x8B\x44\x24\x04\x6A\x01\x50\xE8\x00\x00\x00\x00\x83\xC4\x08\xC3" , "xxxxxxxx????xxxx" , 0 , 0);
Scan.AddClassesSig("RegisterFont" , "\x8B\x44\x24\x04\x89\x44\x24\x08\xC7\x44\x24\x00\x00\x00\x00\x00\xE9" , "xxxxxxxxxxx?????x" , 0 , 0);
Scan.AddClassesSig("RegisterShader" , " \x8B\x44\x24\x04\x80\x38\x00\x75\x06" , "xxxxxxxxx" , 0 , 0 );
Scan.AddFunctionSig("ChopperBoxes" , "\x83\xEC\x1C\x53\x8B\xD8\xA1" , "xxxxxxx" , 0 );
Scan.AddFunctionSig("DrawText" , "\x8B\x44\x24\x04\x80\x38\x00\x0F\x84\x00\x00\x00\x00\x8D\x50\x01\x8A\x08\x83\xC0\x01\x84\xC9\x75\xF7\x8B\x0D\x00\x00\x00\x00\x55\x8B\x2D\x00\x00\x00\x00\x56\x8B\x71\x08\x2B\xC2\x8B\x51\x04\x57\x8B\xF8\x2B\xF2\x8D\x47\x54\x83\xE0\xFC\x8D\xB4\x2E\x00\x00\x00\x00\x3B\xC6\x7E\x0B\x5F\x5E\xC7\x41\x00\x00\x00\x00\x00\x5D\xC3\x8B\x31\xD9\x44\x24\x1C\x03\xF2" , "xxxxxxxxx????xxxxxxxxxxxxxx????xxx????xxxxxxxxxxxxxxxxxxxxxxx????xxxxxxxx?????xxxxxxxxxx" , 0 );
Scan.AddClassesSig("StrWidth" , "\xB8\x00\x00\x00\x00\xC3" , "x????x" , 0 , 0 );
Scan.AddClassesSig("GetParam" , "\xB8\x00\x00\x00\x00\xC3" , "x????x" , 0 , 0 );
Scan.AddFunctionSig("GetScreenMatrix" , "\xA1\x00\x00\x00\x00\x83\xE8\x00\x74\x08" , "x????xxxxx" , 0 );
Scan.AddFunctionSig("DrawRotatedPic" , "\x8B\x44\x24\x1C\x8B\x4C\x24\x18\x56\x8B\x74\x24\x08" , "xxxxxxxxxxxxx" , 0 );
Scan.AddFunctionSig("ApplyRect" , "\x8B\x4C\x24\x18\xDD\x05\x00\x00\x00\x00\x83\xF9\x0A" , "xxxxxx????xxx" , 0 );
Scan.AddFunctionSig("DebugLine" , "\x8B\x44\x24\x14\x8B\x4C\x24\x10\x8B\x54\x24\x0C\x6A\x00\x50" , "xxxxxxxxxxxxxxx" , 0 );
Scan.AddFunctionSig("DebugCircle" , "\x81\xEC\x00\x00\x00\x00\x8B\x8C\x24\x00\x00\x00\x00\x53\x55\x56\x57\x8D\x44\x24\x28" , "xx????xxx????xxxxxxxx" , 0 );
Scan.AddFunctionSig("GetPlayerTag" , "\x8B\x8E\x00\x00\x00\x00\x50\x51\xE8\x00\x00\x00\x00\x83\xC4\x08\x85\xC0\x75\x01" , "xx????xxx????xxxxxxx" , 0 );
Scan.AddFunctionSig("CG_Trace" , " \x8B\x44\x24\x18\x8B\x4C\x24\x14\x8B\x54\x24\x08" , "xxxxxxxxxxxx" , 0 );
Scan.AddFunctionSig("GetLocalWeapon" , "\x8B\x44\x24\x04\xF6\x80\x00\x00\x00\x00\x00\x74\x07" , "xxxxxx?????xx" , 0 );
Scan.AddFunctionSig("SendCommand" , "\x8B\x4C\x24\x0C\xB8" , "xxxxx" , 0);
Scan.AddFunctionSig("EngineRadar" , "\x83\xEC\x2C\xA1\x00\x00\x00\x00\x53\x56" , "xxxx????xx" , 0 );
Scan.AddFunctionSig("OverlayEnemy" , "\x83\xEC\x58\x53\x56\x57\x8B\x3D" , "xxxxxxxx" , 0 );
Scan.AddFunctionSig("OverlayFriendly" , "\x81\xEC\x00\x00\x00\x00\x53\x56\x8B\x35" , "xx????xxxx" , 0 );
Scan.AddFunctionSig("WritePacket" , "\xB8\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x83\x3D" , "x????x????xx" , 0 );
Scan.AddFunctionSig("CG_Error" , "\xE8\x00\x00\x00\x00\x84\xC0\x74\x0A\xE8\x00\x00\x00\x00\xA3\x00\x00\x00\x00\x6A\x02\xE8\x00\x00\x00\x00\x83\xC4\x04\xE8\x00\x00\x00\x00\x84\xC0\x74\x05\xE8\x00\x00\x00\x00\x83\x3D" , "x????xxxxx????x????xxx????xxxx????xxxxx????xx" , 0 );