Results 1 to 14 of 14
  1. #1
    Martin4435's Avatar
    Join Date
    Sep 2014
    Gender
    male
    Posts
    12
    Reputation
    10
    Thanks
    25

    Post How to find DVAR offsets and Write them in C++ (Internal)

    First start IDA and load the iw5mp.exe





    Press SHIFT & F12 to Generate a Stringlist



    Press STRG & F and search for your dvar , I choose cg_fov



    Click on DATA XREF : sub_



    Press F5 to activate Pseudocode





    dword_B0A7A8 is the pointeroffset




    Code:
    Teknomw3 Pointer Offsets
    |
    dword_B1C9D4 = sub_4A5CF0((int)"cg_gun_x", 0.0, -3.4028235e38, 3.4028235e38, 4);
    dword_B1C9B0 = sub_4A5CF0((int)"cg_gun_y", 0.0, -3.4028235e38, 3.4028235e38, 4);
    dword_B1C9C0 = sub_4A5CF0((int)"cg_gun_z", 0.0, -3.4028235e38, 3.4028235e38, 4);
    dword_8FAB60 = sub_4A3300("cg_drawGun", 1, 4);
    dword_B0A7DC = sub_50C760("cg_cursorHints", 4, 0, 4, 1);
    dword_8FAA90 = sub_4A3300("cg_weaponHintsCoD1Style", 1, 64);
    dword_B0A7BC = sub_50C760("cg_hintFadeTime", 100, 0, 2147483647, 1);
    dword_B0A7A8 = sub_4A5CF0((int)"cg_fov", 65.0, 65.0, 80.0, 68);
    dword_B04638 = sub_4A5CF0((int)"cg_fovScale", 1.0, 0.2, 2.0, 4);
    dword_8FAA58 = sub_4A5CF0((int)"cg_fovMin", 1.0, 1.0, 160.0, 4);
    dword_8FAB28 = sub_4A5CF0((int)"cg_viewVehicleInfluence", 1.0, 0.0, 1.0, 68);
    dword_8FAB3C = sub_4A3300("cg_draw2D", 1, 4);
    dword_8FAA88 = sub_4A3300("cg_drawHealth", 0, 4);
    dword_8FAA5C = sub_4A3300("cg_drawBreathHint", 1, 1);
    dword_B04748 = sub_4A3300("cg_drawMantleHint", 1, 1);
    dword_8FAB70 = sub_4A3300("cg_drawStatsSource", 0, 1);
    dword_8FAA74 = sub_4D9310("cg_drawFPS", &off_8AE300, 0, 0);
    dword_8F87B8 = sub_4A3300("cg_drawViewpos", 0, 1);
    dword_8FAAA0 = sub_4A3300("cg_drawEffectNum", 0, 4);
    dword_B04770 = sub_4A3300("cg_drawFPSLabels", 1, 1);
    dword_B04710 = sub_4D9310("snd_drawInfo", off_8AE2EC, 0, 0);
    dword_B04688 = sub_4A3300("cg_drawScriptUsage", 0, 0);
    dword_B04704 = sub_4D9310("cg_drawMaterial", &off_8AE324, 0, 4);
    dword_8FAAF4 = sub_4A3300("cg_drawSnapshot", 0, 1);
    dword_8FAA9C = sub_4A3300("cg_drawCrosshair", 1, 4);
    dword_8FAAE8 = sub_4A3300("cg_drawTurretCrosshair", 1, 1);
    dword_B046A4 = sub_4A3300("cg_drawCrosshairNames", 1, 4);
    dword_8FAB94 = sub_50C760("cg_drawCrosshairNamesPosX", 300, 0, 640, 0);
    dword_B04760 = sub_50C760("cg_drawCrosshairNamesPosY", 180, 0, 480, 0);
    dword_B0475C = sub_4A3300("cg_drawDamageFlash", 0, 4);
    dword_8FF0F4 = sub_4A3300("cg_drawDamageDirection", 1, 4);
    dword_18A06A4 = sub_4A3300("fx_enable", 1, 4);
    dword_18A0720 = sub_4A3300("fx_draw", 1, 4);
    dword_18A06E4 = sub_4A3300("fx_draw_spotLight", 1, 4);
    dword_18A06C8 = sub_4A3300("fx_draw_omniLight", 1, 4);
    dword_18A072C = sub_4A3300("fx_cull_elem_spawn", 1, 0);
    dword_18A06DC = sub_4A3300("fx_cull_elem_draw", 1, 0);
    dword_18A0710 = sub_4A3300("fx_marks", 1, 1);
    dword_18A069C = sub_4A3300("fx_marks_smodels", 1, 1);
    dword_18A0730 = -6.8056469e38;
    dword_18A06F0 = sub_4A3300("fx_freeze", 0, 4);
    dword_18A06F4 = sub_4A5CF0((int)"fx_debugBolt", 0.0, 0.0, 1000.0, 4);
    dword_18A06F8 = sub_4A3300("fx_count", 0, 4);
    dword_18A0700 = sub_4A5CF0((int)"fx_visMinTraceDist", 80.0, 0.0, 1000.0, 4);
    dword_18A06CC = sub_4D9310("fx_profileSort", off_8B042C, 0, 4);
    dword_18A0728 = sub_50C760("fx_profileSkip", 0, 0, 1000, 4);
    dword_18A06BC = sub_4157E0("fx_profileFilter", &byte_7E0A2B, 4);
    dword_18A0724 = sub_50C760("fx_profile", 0, 0, 1, 4);
    dword_18A0698 = sub_50C760("fx_mark_profile", 0, 0, 1, 4);
    dword_18A0704 = sub_4A3300("fx_drawClouds", 1, 4);
    dword_18A0718 = sub_4A3300("fx_deferelem", 1, 4);
    dword_18A0734 = sub_4A3300("fx_draw_simd", 1, 4);
    dword_18A0738 = sub_4A3300("fx_killEffectOnRewind", 0, 4);
    dword_18A06B4 = sub_50C760("fx_alphaThreshold", 0, 0, 256, 68);
    dword_5F96C1C = sub_50C760("r_imageQuality", 1, 0, 4, 3);
    dword_5F96B34 = sub_4A3300("r_detail", 1, 0);
    dword_5F96BBC = sub_4A3300("r_normal", 1, 0);
    dword_5F969BC = sub_4A3300("r_specular", 1, 1);
    dword_5F96B38 = sub_4D9310("r_lightMap", off_8B77A4, 1, 4);
    dword_5F96BE8 = sub_4D9310("r_colorMap", off_8B77A4, 1, 4);
    dword_5F969C4 = sub_4D9310("r_detailMap", off_8B77B8, 1, 4);
    dword_5F96C4C = sub_4D9310("r_normalMap", off_8B77C4, 1, 4);
    dword_5F96B18 = sub_4D9310("r_specularMap", off_8B77A4, 1, 4);
    dword_5F96A48 = sub_4A3300("r_drawSun", 1, 1);
    dword_5F96C18 = sub_4A3300("r_drawDecals", 1, 4);
    dword_5F96B14 = sub_50C760("r_dlightLimit", 4, 0, 4, 64);
    dword_5F96AD4 = sub_4A3300("r_spotLightShadows", 1, 4);
    dword_5F96BA0 = sub_4A3300("r_spotLightEntityShadows", 1, 4);
    dword_5F96BDC = sub_4A3300("r_drawWater", 1, 1);
    dword_5F96B30 = sub_4A3300("r_lockPvs", 0, 4);
    dword_5F96BD4 = sub_4A3300("r_skipPvs", 0, 4);
    dword_1060198 = sub_50C760("cl_maxpackets", 30, 15, 100, 0);
    dword_1060190 = sub_50C760("cl_packetdup", 2, 0, 5, 1);
    dword_8DAF48 = sub_4A5CF0((int)"bg_weaponBobAmplitudeBase", 0.16, 0.0, 1.0, 0);
    dword_8DD834 = sub_48AFE0((int)"bg_weaponBobAmplitudeSprinting", 0.02, 0.014, 0.0, 1.0, 140);
    dword_8DD8FC = sub_48AFE0((int)"bg_weaponBobAmplitudeStanding", 0.055, 0.025, 0.0, 1.0, 204);
    dword_8DAF30 = sub_48AFE0((int)"bg_weaponBobAmplitudeDucked", 0.045000002, 0.025, 0.0, 1.0, 140);
    dword_8DB0C8 = sub_48AFE0((int)"bg_weaponBobAmplitudeProne", 0.02, 0.0049999999, 0.0, 1.0, 140);
    dword_8DD8A8 = sub_4A5CF0((int)"bg_weaponBobAmplitudeRoll", 1.5, 0.0, 90.0, 140);
    dword_8DAF5C = sub_4A5CF0((int)"bg_weaponBobMax", 8.0, 0.0, 36.0, 140);
    dword_8DD908 = sub_4A5CF0((int)"bg_weaponBobLag", 0.25, -1.0, 1.0, 140);
    dword_1CE77A4 = sub_50C760("com_maxfps", 85, 0, 100, 0);
    C++ Code
    Code:
    template <class Value>
    void WritePointer(DWORD pointer, DWORD pointerofs, Value value)
    {
    
    	DWORD dwPointer = *(DWORD*)pointer;
    	*(Value*)(dwPointer + pointerofs) = value;
    	
    }
    Example
    Code:
    #include <Windows.h>
    #include <iostream>
    using namespace std;
    
    
    
    
    template <class Value>
    void WritePointer(DWORD pointer, DWORD pointerofs, Value value)
    {
    
    	DWORD dwPointer = *(DWORD*)pointer;
    	*(Value*)(dwPointer + pointerofs) = value;
    
    }
    
    void Writing()
    {
    	//GUN X
    	WritePointer<float>(0xB1C9D4, 0xC, 0);
    	// GUN Y
    	WritePointer<float>(0xB1C9B0, 0xC, 12.f);
    	// GUN Z
    	WritePointer<float>(0xB1C9C0, 0xC, 0);
    
    	//FOV
    	WritePointer<float>(0xB0A7A8, 0xC, 120.f);
    
    	//Draw Gun
    	WritePointer<int>(0x8FAB60, 0xC, 1);
    
    }
    
    BOOL APIENTRY DllMain(HMODULE hdll, DWORD  reason, LPVOID lpReserved) {
    	if (reason == DLL_PROCESS_ATTACH) {
    
    		Writing();
    
    
    	}
    	return TRUE;
    }
    Last edited by Martin4435; 02-23-2016 at 07:28 AM.

  2. The Following 5 Users Say Thank You to Martin4435 For This Useful Post:

    AuT03x3C (02-22-2016),gogogokitty (09-20-2016),oschigamer (02-24-2016),shryder (02-29-2016),[MPGH]Silent (05-05-2016)

  3. #2
    COD3RIN's Avatar
    Join Date
    May 2013
    Gender
    male
    Location
    Posts
    4,989
    Reputation
    315
    Thanks
    23,211
    My Mood
    Busy
    Nice tutorial...��


    Love you.
    ~Kenshit13
    Quote Originally Posted by cheaterman26 View Post
    COD3RIN PUT A BACKDOOR ON HIS OWN CHEAT HE HACK MY COMPUTER AND MY STEAM, DON'T TRUST THIS GUYS !

  4. #3
    shryder's Avatar
    Join Date
    Jul 2015
    Gender
    male
    Location
    Nuketown
    Posts
    30
    Reputation
    10
    Thanks
    13
    My Mood
    Cool
    Peeeeeeerfect , Just perfect .. its a so good tutorial for beginners , i honestly understand so much stuff from it thank you so much!

  5. #4
    Smoke's Avatar
    Join Date
    Nov 2014
    Gender
    male
    Posts
    8,460
    Reputation
    2094
    Thanks
    3,755
    My Mood
    Amazed
    This is an interesting tutorial.

    Nice job man!


    CLICK TO BUY NOW!!


    MY ONLY SKYPE IS "SMOKE.MPGH" PRIVATE MESSAGE ME BEFORE TRADING BUYING/SELLING ANYTHING INVOLVING ME
    Quote Originally Posted by Liz View Post
    This is my first vouch, ever. Rapidgator account worked perfectly. Would buy in the future.

  6. #5
    Clxrk's Avatar
    Join Date
    May 2016
    Gender
    male
    Location
    127.0.01
    Posts
    34
    Reputation
    10
    Thanks
    20
    Very good tutorial for!

  7. #6
    Poddzhh's Avatar
    Join Date
    Apr 2016
    Gender
    male
    Posts
    4
    Reputation
    10
    Thanks
    0
    If i press F5 the code start with "off_" why?

  8. #7
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Posts
    2,835
    Reputation
    716
    Thanks
    5,713
    My Mood
    Bitchy
    Quote Originally Posted by Poddzhh View Post
    If i press F5 the code start with "off_" why?
    That doesn't make sence.

    Sweater Beats & KAMAU - Hey Ya

    My GitHub





     

    Member - 01/31/2015
    Premium - 09/12/2016
    Call of Duty minion - 11/05/2016
    BattleOn minion - 02/28/2017
    Battlefield minion - 5/30/2017
    Other Semi-Popular First Person Shooter Hacks - 9/21/2017






  9. #8
    Poddzhh's Avatar
    Join Date
    Apr 2016
    Gender
    male
    Posts
    4
    Reputation
    10
    Thanks
    0
    How I can find the ClientInfo ?

  10. #9
    flexarrr's Avatar
    Join Date
    Mar 2014
    Gender
    male
    Posts
    7
    Reputation
    10
    Thanks
    0
    When i press p5, the pseudo code looks nothing like yours. What am i doing wrong?


    This is my pseudo output -> gyazo . com / 117c3ac563093e3236b10346eb23bdbd

  11. #10
    flexarrr's Avatar
    Join Date
    Mar 2014
    Gender
    male
    Posts
    7
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by Eithan1231 View Post


    That doesn't make sence.
    why does my pseudocode look nothing like OP's?
    Am i doing something wrong

  12. #11
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Posts
    2,835
    Reputation
    716
    Thanks
    5,713
    My Mood
    Bitchy
    Quote Originally Posted by flexarrr View Post
    why does my pseudocode look nothing like OP's?
    Am i doing something wrong
    You dump the process?

    Sweater Beats & KAMAU - Hey Ya

    My GitHub





     

    Member - 01/31/2015
    Premium - 09/12/2016
    Call of Duty minion - 11/05/2016
    BattleOn minion - 02/28/2017
    Battlefield minion - 5/30/2017
    Other Semi-Popular First Person Shooter Hacks - 9/21/2017






  13. #12
    flexarrr's Avatar
    Join Date
    Mar 2014
    Gender
    male
    Posts
    7
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by Eithan1231 View Post


    You dump the process?
    Yeah, i dumped iw5mp.exe with x32dbg

  14. #13
    s842891905's Avatar
    Join Date
    Mar 2012
    Gender
    male
    Posts
    2
    Reputation
    10
    Thanks
    0

    what's going on?? i've got this and i cannot activate pseudocode then
    help!!!!!!!!!!!
    Attached Thumbnails Attached Thumbnails
    20161230233358.png  


  15. #14
    flexarrr's Avatar
    Join Date
    Mar 2014
    Gender
    male
    Posts
    7
    Reputation
    10
    Thanks
    0
    Yeah same, can't do the pseudocode thing

Similar Threads

  1. [Tutorial] BOII how to find DVARS /w OllyDBG and CE
    By [NEWACCOUNT]Yano in forum Call of Duty Black Ops 2 Tutorials
    Replies: 7
    Last Post: 11-05-2015, 12:24 PM
  2. [Help Request] MW3 - Ollydbg explanation how to find certain Address and use them
    By Nordiii in forum Call of Duty Modern Warfare 3 Coding, Programming & Source Code
    Replies: 10
    Last Post: 07-06-2014, 03:33 PM
  3. [Help] how to find this offset in pointBlank please tell it here
    By pronten in forum Piercing Blow Hack Coding/Source Code
    Replies: 8
    Last Post: 08-16-2011, 12:17 PM
  4. How to find a NoRecoil and NoSpread in Warrock PH
    By gbjhet23 in forum WarRock Philippines Help & Discussions
    Replies: 0
    Last Post: 08-03-2011, 10:29 AM
  5. [TuT]How to find no recoil and no spread
    By Twisted_scream in forum WarRock - International Hacks
    Replies: 10
    Last Post: 06-23-2008, 11:59 AM