Home › Forum › MultiPlayer Game Hacks & Cheats › Steam Games Hacks & Cheats › Heroes & Generals Hacks & Cheats › hng external aimbot source code
hng external aimbot source code
hng external aimbot source code
win32 console program.
set "char set" to "multibyte"
set "char set" to "multibyte"
Code:
/* heroes and generals external aimbot created by lava
if you want to donate to lava:
BTC: 19X7KKkMZsu4dLC3wd93N3UHiDJdomb6Vd
*/
#include <Windows.h>
#include <tlhelp32.h>
#include <tchar.h>
#include <string>
#include <vector>
DWORD get_module(DWORD pid, std::string module_name) {
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
MODULEENTRY32 me32;
me32.dwSize = sizeof(MODULEENTRY32);
for (;;) {
Module32Next(hModuleSnap, &me32);
std::string compare = me32.szModule;
printf("\n%s", me32.szModule);
if (compare == module_name) {
printf(" <<-- found you ^^\n");
break;
}
}
return (DWORD)me32.modBaseAddr;
}
HWND hw_hng;
DWORD dw_pid;
DWORD dw_hng;
DWORD dw_player;
DWORD dw_read_addr;
DWORD dw_x_view;
HANDLE h_hng;
DWORD dx_es[500];
float x_es[500];
float y_es[500];
float z_es[500];
int sit_es[500];
int e4_es[500];
DWORD dw_me;
float mypos[3];
float degree = 0;
float degreey = 0;
int Hyp = 20;
float degreey_has_to_be = 160;
float aim_to_head_len = 35.0f; // 35 meters from local player
int from_head_has_crouch = 30;
int from_head_when_lay = 70;
int from_head_stay = 0;
int from_head = 30; // degreeses changeing
#define PI 3.14159265
std::vector<float> e_degree;
std::vector<float> e_degreey;
std::vector<float> e_H;
std::vector<float> e_degree_from_me;
std::vector<DWORD> kill_dx_es;
DWORD kill_dx = 0;
int arr_size = 0;
double closest = -1;
RECT rect;
//HDC hDC_Desktop;
//HBRUSH blueBrush;
void change_from_head(int i) {
/*
if (sit_es[i] == 4 || // bots crouch
sit_es[i] == 108580 || // palyer crouch
sit_es[i] == 1116228 || // player crouch forward
sit_es[i] == 1183876 || // player crouch back
sit_es[i] == 1183876 || // player crouch right
sit_es[i] == 1319172 // player sourch left
) from_head = 30;*/
/*
if (sit_es[i] == 0 || // just standing
sit_es[i] == 67648 || // w
sit_es[i] == 608832 || // wd
sit_es[i] == 541184 || // d
sit_es[i] == 676480 || // ds
sit_es[i] == 135296 || // s
sit_es[i] == 405888 || // sa
sit_es[i] == 270592 || // a
sit_es[i] == 338240 // aw
) from_head = 0;
else from_head = 30;
*/
if (e4_es[i] == 65664 || e4_es[i] == 65665 || e4_es[i] == 65668 || e4_es[i] == 82048) from_head = from_head_stay; // walk, sprint, aim, shot blocked/near wall
else if (e4_es[i] == 327808 || e4_es[i] == 327809 || e4_es[i] == 344192) from_head = from_head_has_crouch; // croush, aim, shot blocked/near wall
else from_head = from_head_when_lay;
}
void _thread() {
float my_x_view;
float my_y_view;
float loop_x_view;
int loop_hp;
// 0x28
// + 18 - x view between 6.283081667 and 0 or between -6.283081667 and 0
// + 1C - x view can be compared to dw_x_view .. dw_x_view can be found with pointer .. + 18 nop
// + 20 - y view between -1.396263361 and 1.396263361
for (;; Sleep(10)) {
e_degree_from_me.resize(arr_size);
e_degreey.resize(arr_size);
int e_i = 0;
for (int i = 0; i < arr_size; i++) {
if (dx_es[i] != 0) {
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i]), &x_es[i], sizeof(float), 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 4), &y_es[i], sizeof(float), 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 8), &z_es[i], sizeof(float), 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0x34), &loop_hp, sizeof(float), 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0x24), &sit_es[i], 4, 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0xE4), &e4_es[i], 4, 0);
//printf("\n%f | %f | %f", x_es[i], y_es[i], z_es[i]);
if (loop_hp <= 255 || x_es[i] == 0.0f || y_es[i] == 0.0f || z_es[i] == 0.0f || dx_es[i] == kill_dx) {
dx_es[i] = 0;
e_degree.clear();
kill_dx_es.clear();
e_H.clear();
break;
}
ReadProcessMemory(h_hng, (LPCVOID)(dw_x_view + 0x4C4), &my_x_view, sizeof(float), 0);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0x1C), &loop_x_view, sizeof(float), 0);
if (my_x_view == loop_x_view) {
// got local player from arrray
if (dx_es[i] != dw_me) {
dw_me = dx_es[i];
printf("\n0x%08x", dw_me);
}
//printf("\n%i", arr_size);
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0x18), &my_x_view, sizeof(float), 0);
//printf("\n%f", my_x_view);
if (my_x_view < 0) degree = ((360 / 6.283081667) * my_x_view * -1);
else degree = ((360 / 6.283081667) * (6.283081667 - my_x_view));
ReadProcessMemory(h_hng, (LPCVOID)(dx_es[i] + 0x20), &my_y_view, sizeof(float), 0);
degreey = (degreey_has_to_be / (1.396263361 * 2)) * (my_y_view + 1.396263361);
mypos[0] = x_es[i];
mypos[1] = y_es[i];
mypos[2] = z_es[i];
int xx = (int)(mypos[0] + 400) + rect.left;
int yy = (int)(mypos[2] + 600) + rect.top;
/*
// drawing my position to desktop
if (xx > 0 && yy > 0) {
RECT rect2 = { xx, yy, xx +2, yy +2 };
FillRect(hDC_Desktop, &rect2, blueBrush);
}*/
} else { // end if checking if it local player
if (e4_es[i] == 65664 || e4_es[i] == 65665 || e4_es[i] == 65668 || e4_es[i] == 82048) from_head = from_head_has_crouch; // walk, sprint, aim, shot blocked/near wall
else if (e4_es[i] == 327808 || e4_es[i] == 327809 || e4_es[i] == 344192) from_head = from_head_has_crouch; // croush, aim, shot blocked/near wall
else from_head = from_head_when_lay;
if (mypos[2] < z_es[i] && mypos[0] > x_es[i]) {
float adjance = (z_es[i] - mypos[2]);
float opposite = (mypos[0] - x_es[i]);
float H = (std::sqrt((adjance * adjance) + (opposite * opposite)));
float enemy_degree = (asin(opposite / H) * 180.0 / PI);
e_degree.push_back(enemy_degree);
e_degree_from_me[e_i] = (enemy_degree - degree);
e_H.push_back(H);
kill_dx_es.push_back(dx_es[i]);
if (H > aim_to_head_len && from_head != from_head_when_lay) change_from_head(i);
if (mypos[1] < y_es[i]) {
opposite = (y_es[i] - mypos[1]);
enemy_degree = (degreey_has_to_be / 2) - (asin(opposite / H) * 180.0 / PI) + (from_head / H) + (asin(opposite / H) * 180.0 / PI / H);
} else {
opposite = (mypos[1] - y_es[i]);
enemy_degree = (degreey_has_to_be / 2) + (asin(opposite / H) * 180.0 / PI) + (from_head / H) - (asin(opposite / H) * 180.0 / PI / H);
}
e_degreey[e_i] = (enemy_degree);
e_i++;
} else if (mypos[2] > z_es[i] && mypos[0] > x_es[i]) {
float adjance = (x_es[i] - mypos[0]);
float opposite = (mypos[2] - z_es[i]);
float H = (std::sqrt((adjance * adjance) + (opposite * opposite)));
float enemy_degree = (asin(opposite / H) * 180.0 / PI);
e_degree.push_back(enemy_degree + 90);
e_degree_from_me[e_i] = (enemy_degree - (degree - 90));
e_H.push_back(H);
kill_dx_es.push_back(dx_es[i]);
if (H > aim_to_head_len && from_head != from_head_when_lay) change_from_head(i);
if (mypos[1] < y_es[i]) {
opposite = (y_es[i] - mypos[1]);
enemy_degree = (degreey_has_to_be / 2) - (asin(opposite / H) * 180.0 / PI) + (from_head / H) + (asin(opposite / H) * 180.0 / PI / H);
} else {
opposite = (mypos[1] - y_es[i]);
enemy_degree = (degreey_has_to_be / 2) + (asin(opposite / H) * 180.0 / PI) + (from_head / H) - (asin(opposite / H) * 180.0 / PI / H);
}
e_degreey[e_i] = (enemy_degree);
e_i++;
} else if (mypos[2] > z_es[i] && mypos[0] < x_es[i]) {
float adjance = (mypos[2] - z_es[i]);
float opposite = (x_es[i] - mypos[0]);
float H = (std::sqrt((adjance * adjance) + (opposite * opposite)));
float enemy_degree = (asin(opposite / H) * 180.0 / PI);
e_degree.push_back(enemy_degree + 180);
e_degree_from_me[e_i] = (enemy_degree - (degree - 180));
e_H.push_back(H);
kill_dx_es.push_back(dx_es[i]);
if (H > aim_to_head_len && from_head != from_head_when_lay) change_from_head(i);
if (mypos[1] < y_es[i]) {
opposite = (y_es[i] - mypos[1]);
enemy_degree = (degreey_has_to_be / 2) - (asin(opposite / H) * 180.0 / PI) + (from_head / H) + (asin(opposite / H) * 180.0 / PI / H);
} else {
opposite = (mypos[1] - y_es[i]);
enemy_degree = (degreey_has_to_be / 2) + (asin(opposite / H) * 180.0 / PI) + (from_head / H) - (asin(opposite / H) * 180.0 / PI / H);
}
e_degreey[e_i] = (enemy_degree);
e_i++;
} else if (mypos[2] < z_es[i] && mypos[0] < x_es[i]) {
float adjance = (x_es[i] - mypos[0]);
float opposite = (z_es[i] - mypos[2]);
float H = (std::sqrt((adjance * adjance) + (opposite * opposite)));
float enemy_degree = (asin(opposite / H) * 180.0 / PI);
e_degree.push_back(enemy_degree + 270);
e_degree_from_me[e_i] = (enemy_degree - (degree - 270));
e_H.push_back(H);
kill_dx_es.push_back(dx_es[i]);
if (H > aim_to_head_len && from_head != from_head_when_lay) change_from_head(i);
if (mypos[1] < y_es[i]) {
// high
opposite = (y_es[i] - mypos[1]);
enemy_degree = (degreey_has_to_be / 2) - (asin(opposite / H) * 180.0 / PI) + (from_head / H) + (asin(opposite / H) * 180.0 / PI / H);
} else {
// low
opposite = (mypos[1] - y_es[i]);
enemy_degree = (degreey_has_to_be / 2) + (asin(opposite / H) * 180.0 / PI) + (from_head / H) - (asin(opposite / H) * 180.0 / PI / H);
}
e_degreey[e_i] = (enemy_degree);
e_i++;
} else {
//printf("\n%f | %f", mypos[2], z_es[i]);
}
} // end of looping players xyz
} // checking if array section is empty end
} // for loop end
closest = -1;
for (int j = 0; j < e_i; j++) {
//printf("2");
if (std::abs(e_degree_from_me[j]) < 15) {
//printf("1");
if (closest == -1) closest = j;
else {
if (std::abs(e_degree_from_me[closest]) + std::abs(e_degreey[closest] - degreey) > std::abs(e_degree_from_me[j]) + std::abs(e_degreey[j] - degreey)) closest = j;
}
}
}
if ((GetAsyncKeyState(0x56) & 0x8000)) {
if (closest != -1) {
//printf("2");
// writing new mouse pos
e_degree[closest] = e_degree[closest] - (11 / std::abs(e_H[closest]));
float write = ((6.283081667 / 360) * e_degree[closest]) * -1;
float write2 = (((1.396263361 * 2) / degreey_has_to_be) * (e_degreey[closest] > degreey_has_to_be ? degreey_has_to_be : e_degreey[closest])) - 1.396263361;
if (write < 6.283091667 && write > -6.283091667 && write2 < 1.396263361 && write2 > -1.396263361) {
WriteProcessMemory(h_hng, (LPVOID)(dw_x_view + 0x4C4), &write, sizeof(float), 0);
WriteProcessMemory(h_hng, (LPVOID)(dw_x_view + 0x4C8), &write2, sizeof(float), 0);
//printf("\n%f", e_H[closest]);
kill_dx = 0;
} else {
kill_dx = kill_dx_es[closest];
}
if (hw_hng == GetForegroundWindow()) {
if (GetAsyncKeyState(VK_LBUTTON) & 0x8000) {
PostMessage(hw_hng, WM_KEYDOWN, VK_LBUTTON, MapVirtualKey(VK_LBUTTON, MAPVK_VK_TO_VSC));
Sleep(2);
PostMessage(hw_hng, WM_KEYUP, VK_LBUTTON, MapVirtualKey(VK_LBUTTON, MAPVK_VK_TO_VSC));
}
}
}
} // end if checking input "v"
e_degree.clear();
kill_dx_es.clear();
e_H.clear();
} // infinite for loop end
}
int main() {
//hDC_Desktop = GetDC(0);
//blueBrush = CreateSolidBrush(RGB(0,0,255));
for (;; Sleep(100)) {
hw_hng = FindWindowA(0, "H&G");
if (hw_hng) break;
}
GetClientRect(hw_hng, &rect);
printf("found hng\n");
GetWindowThreadProcessId(hw_hng, &dw_pid);
h_hng = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, 0, dw_pid);
if (h_hng) {
printf("hng open\n");
dw_hng = get_module(dw_pid, "hng.exe");
dw_player = get_module(dw_pid, "player.dll");
dw_read_addr = dw_hng + 0x97A78;
// getting local view x pointer
ReadProcessMemory(h_hng, (LPCVOID)(dw_player + 0xC3D884), &dw_x_view, 4, 0);
// writing little code cave to read player info later
WriteProcessMemory(h_hng, (LPVOID)(dw_player + 0xB3AD), &"\xE9\xBE\xFD\xFF\xFF", 5, 0); // bypass "data corruption has been detected, please run hng sync bla bla bla.."
WriteProcessMemory(h_hng, (LPVOID)(dw_player + 0x72547B), &"\xF2\x0F\x10\x41\x28", 5, 0);
std::string addr = "\x89\x0D"; // 05 - eax, 0D - ecx
addr += LOBYTE(LOWORD(dw_read_addr));
addr += HIBYTE(LOWORD(dw_read_addr));
addr += LOBYTE(HIWORD(dw_read_addr));
addr += HIBYTE(HIWORD(dw_read_addr));
WriteProcessMemory(h_hng, (LPVOID)(dw_player + 0x72547B + 5), &addr, 6, 0);
WriteProcessMemory(h_hng, (LPVOID)(dw_player + 0x72547B + 5 + 6), &"\xE9\x5C\x94\xAB\xFF", 5, 0);
WriteProcessMemory(h_hng, (LPVOID)(dw_player + 0x1DE8E2), &"\xE9\x94\x6B\x54\x00", 5, 0);
// making dx arr clear
for (int i = 0; i < 500; i++) dx_es[i] = 0;
// aimbot thread
CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&_thread, 0, 0, 0);
// getting players info
for (;;) {
DWORD _EAX;
ReadProcessMemory(h_hng, (LPCVOID)dw_read_addr, &_EAX, 4, 0);
//printf("\n0x%08x", _EAX + 0x28);
int _HP;
ReadProcessMemory(h_hng, (LPCVOID)(_EAX + 0x28 + 0x34), &_HP, 4, 0);
float _X;
ReadProcessMemory(h_hng, (LPCVOID)(_EAX + 0x28), &_X, sizeof(float), 0);
/*float _Y;
ReadProcessMemory(h_hng, (LPCVOID)(_EAX + 0x2C), &_Y, sizeof(float), 0);
float _Z;
ReadProcessMemory(h_hng, (LPCVOID)(_EAX + 0x30), &_Z, sizeof(float), 0);*/
int free_place = 0;
for (int i = 0; i <= arr_size; i++) {
if (i == arr_size) {
if (_HP > 255 && _X != 0.0f) {
if (free_place != 0) i = free_place; // if theres free place in array then put new addr to there
else if (arr_size < 500) arr_size++; // making array bigger
else break;
// adding player info
dx_es[i] = _EAX + 0x28; // address .. later usage dx_es[i] + 0x34 = player hp <<-- example
//x_es[i] = _X;
//y_es[i] = _Y;
//z_es[i] = _Z;
}
break;
} else if ((_EAX + 0x28) == dx_es[i]) {
if (_HP <= 255 || _X == 0.0f) dx_es[i] = 0; // clering array section because player is dead or bugged out
else {
// updateing player info
//x_es[i] = _X;
//y_es[i] = _Y;
//z_es[i] = _Z;
}
break;
} else if (dx_es[i] == 0) {
free_place = i;
}
}
}
} else printf("you dont have enough power to control this pc ^^\n");
printf("press enter to exit ...");
getchar();
return 0;
}
Cool thx 
Similar Threads
- [Leeched] kokobot External Aimbot + Source codeBy MarkHC in Call of Duty 7 - Black Ops Hacks & Cheats70Last post
- 8Last post
- 19Last post
- 37Last post
- 5Last post