[Release]Name tag hack / Unlimited Ammo / Unlimited Energy

**hooch** · 03-09-2011

Inject it into game using any injectior. I prefer WinJect.

This is for EA updated version.

F4 - Freez Ammo / No reload / Unlimited Ammo / Press second time to disable.
F3 - Name tag hack / Press second time for name hack / press third tome to disable
F2 - Unlimited energy press again to disable.
F1 - NoClip Sometimes it takes few seconds to activate / Deactivate. You have to croutch and stand up to activate it.

You should hear beep after hack activation.
Tested on Windows 7 x64.

Code:

#include <Windows.h>
#include <wchar.h>

#define ThreadMake(x) CreateThread(NULL,0, (LPTHREAD_START_ROUTINE)&x,NULL,0,NULL); 
#define ThreadMakeParam(x, param) CreateThread(NULL,0, (LPTHREAD_START_ROUTINE)&x,param,0,NULL);

#define BEEP_ACTIVATED Beep(2000, 500);
#define BEEP_DEACTIVATED Beep(1000, 500);

void Initialize();
void ToggleAmmo();
void TogglePower();
void ToggleNoClip();
void ToggleTagHack();
void Write2Asm(void*, BYTE*, int);
DWORD pAmmo;
DWORD pTagHack;
DWORD pPower, pPower2, pPowerCave;
DWORD pNoClip;

void Hotkeys()
{
	while(true)
	{
		if (GetAsyncKeyState(VK_F4))
		{
			ToggleAmmo();
		}

		if (GetAsyncKeyState(VK_F3))
		{
			ToggleTagHack();
		}

		if (GetAsyncKeyState(VK_F2))
		{
			TogglePower();
		}
		
		if (GetAsyncKeyState(VK_F1))
		{
			ToggleNoClip();
		}
		Sleep(500);
	}
}

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
					 )
{
	switch (ul_reason_for_call)
	{
	case DLL_PROCESS_ATTACH:
		Beep(5000, 1000);
		Initialize();
		ThreadMake(Hotkeys);
	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}

void Initialize()
{
	DWORD CrysisBase = (DWORD)GetModuleHandle(L"CryGameCrysis2");
	pAmmo = (CrysisBase + 0x428B8);
	pTagHack = (CrysisBase + 0xF5134);
	pPower = (CrysisBase + 0x2A662A);
	pPower2 = (CrysisBase + 0x2A657E);
	pPowerCave = 0x400290;

	DWORD CryPhysicsBase = (DWORD)GetModuleHandle(L"CryPhysics");
    pNoClip = (CryPhysicsBase + 0x2C91F);

	//WCHAR tempChar[64];
	//swprintf(tempChar, 256, L"0x%X", pPowerCave);
	//MessageBox(NULL, tempChar,  L"Info", MB_OK | MB_ICONASTERISK);
}

void ToggleAmmo()
{
	static bool hack_activated = false;

	if(hack_activated)
	{
		Write2Asm((void*)pAmmo,(PBYTE)"\x89\x70\x04",3);
		hack_activated = false;
		BEEP_DEACTIVATED
	} 
	else
	{
		Write2Asm((void*)pAmmo,(PBYTE)"\x90\x90\x90",3);
		hack_activated = true;
		BEEP_ACTIVATED
	}
}

void TogglePower()
{
	static bool hack_activated = false;

	if(hack_activated)
	{
		Write2Asm((void*)pPower,(PBYTE)"\xDD\x05\xE8\x71\xEE\x04",6);
		Write2Asm((void*)pPower2,(PBYTE)"\xDD\x05\xE8\x71\xEE\x04",6);
		Write2Asm((void*)pPowerCave,(PBYTE)"\x00\x00\x00\x00\x00\x00\x00\x00",8);
		hack_activated = false;
		BEEP_DEACTIVATED
	} 
	else
	{
		Write2Asm((void*)pPowerCave,(PBYTE)"\x00\x00\x00\x00\x00\x00\xF0\x3F",8);
		Write2Asm((void*)pPower2,(PBYTE)"\xDD\x05\x90\x02\x40\x00",6);
		Write2Asm((void*)pPower,(PBYTE)"\xDD\x05\x90\x02\x40\x00",6);
		hack_activated = true;
		BEEP_ACTIVATED
	}
}

void ToggleNoClip()
{
	static bool hack_activated = false;

	if(hack_activated)
	{
		Write2Asm((void*)pNoClip,(PBYTE)"\xF3\x0F\x11\x40\x08\xF3\x0F",7);
		hack_activated = false;
		BEEP_DEACTIVATED
	} 
	else
	{
		Write2Asm((void*)pNoClip,(PBYTE)"\xC7\x40\x08\x00\x00\xF0\x41",7);
		hack_activated = true;
		BEEP_ACTIVATED
	}
}

void ToggleTagHack()
{
	static int hack_state = 0;
	
	switch(hack_state)
	{
		case 0:
			Write2Asm((void*)pTagHack,(PBYTE)"\xB3\x01",2);			
			hack_state++;
			BEEP_ACTIVATED
			break;	
		case 1:
			Write2Asm((void*)pTagHack,(PBYTE)"\xB3\x02",2);			
			hack_state++;
			BEEP_ACTIVATED
			break;	
		case 2:
			Write2Asm((void*)pTagHack,(PBYTE)"\x8A\xD8",2);			
			hack_state = 0;
			BEEP_DEACTIVATED
			break;	
	}

}
void Write2Asm(void* pxAddress, BYTE * MyBytes,  int size)
{
	unsigned long Protection;
	VirtualProtect((void*)pxAddress, size, PAGE_READWRITE, &Protection);
	memcpy((void*)pxAddress, (const void*)MyBytes, size);
	VirtualProtect((void*)pxAddress, size, Protection, 0);
}

Screenshot by Z_k

Scan1
Scan2

Press Thanks button if you like new version.

**fuckingterorist** · 03-09-2011

xD please compile dll

**hooch** · 03-09-2011

Originally Posted by fuckingterorist

xD please compile dll

Do it on your own.

**exti** · 03-09-2011

"fatal error LNK1169: one or more multiply defined symbols found"

any idea what's wrong?

**Roxter** · 03-09-2011

Originally Posted by exti

"fatal error LNK1169: one or more multiply defined symbols found"

any idea what's wrong?

delete dllmain.h
leave stdafx and your source.

**amit132** · 03-09-2011

how i download it?

**Sentrax82** · 03-09-2011

Originally Posted by amit132

how i download it?

Wait for approving...

**hooch** · 03-09-2011

Originally Posted by Roxter

delete dllmain.h
leave stdafx and your source.

Create empty project. You don't need any additional files. just this one.

**Roxter** · 03-09-2011

Originally Posted by hooch

Create empty project. You don't need any additional files. just this one.

Hooch, mind you updating your source, someone found no-clip?

Originally Posted by sylerthegreat

thanks mate. sounds like a fair trade to me.

no-clip hack:

Code:

  DWORD CryPhysics = (DWORD)GetModuleHandle("CryPhysics");
    pRunover = (CryPhysics + 0x2C91F);

        Write2Asm((void*)pRunover,(PBYTE)"\xC7\x40\x08\x00\x00\xf0\x41",7); // C7 40 08 00 00 F0 41

vide of my no-clip hack in action:

[YOUTUBE_ID]NEdxo6SHA_E[/YOUTUBE_ID]

**Roxter** · 03-09-2011

Originally Posted by mymurat

download link plss

Shut up, you should be perma-banned. Why don't you retards read? It's not been APPROVED, and even SO HE STILL gave you the CODE. Why are you still ALIVE?