/*
RELEASE : 20150813 (base dan ofset up to date)
UPDATE AUTO AIM BULLET
base source : jazzy http://www.nyit-nyit.net/threads/source-pb-hard-hack.173340/
dan google
image : http://i.imgur.com/d1DKANO.jpg
edit by Me, gosicks AKA hero
http://www.nyit-nyit.net/members/gosicks.76305/
website : www.heroich.net
contact : gosicks@ymail.com
#### WARNING ####
hanya untuk pembelajaran
jika ingin mencoba gunakan Injektor yg UNDETECT !!!
banned bukan tanggung jawab kami...
*/
#include <Windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
//#include "..\..\..\..\A_POINTBLANK\log.h"
//#include "..\..\..\..\A_POINTBLANK\XOR.h"
using namespace std;
#define heroichnet /*www.heroich.net*/XorStr<0xD5,16,0x52F2DF46>("\xA2\xA1\xA0\xF6\xB1\xBF\xA9\xB3\xB4\xBD\xB7\xCE\x8F\x87\x97"+0x52F2DF46).s
////////////////////////////////////////////////////////////////////////// BASE
#define BASECHARA 0x0BCB6C8
#define BaseHealth 0x0BCB694
////////////////////////////////////////////////////////////////////////// DECLAR
DWORD dwi3scene,dwSetEnd,keyboard;
bool BulletEnable= false;
float fX = 0x0A, fY = 0x01, fZ = 0x0A;
////////////////////////////////////////////////////////////////////////// FUNGSI
#define CT(function) CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)(function), 0, NULL, NULL)
void MakeJMP(BYTE *pAddress, DWORD dwJumpTo, DWORD dwLen)
{
DWORD dwOldProtect, dwBkup, dwRelAddr;
// give the paged memory read/write permissions
VirtualProtect(pAddress, dwLen, PAGE_EXECUTE_READWRITE, &dwOldProtect);
// calculate the distance between our address and our target location
// and subtract the 5bytes, which is the size of the jmp
// (0xE9 0xAA 0xBB 0xCC 0xDD) = 5 bytes
dwRelAddr = (DWORD) (dwJumpTo - (DWORD) pAddress) - 5;
// overwrite the byte at pAddress with the jmp opcode (0xE9)
*pAddress = 0xE9;
// overwrite the next 4 bytes (which is the size of a DWORD)
// with the dwRelAddr
*((DWORD *)(pAddress + 0x1)) = dwRelAddr;
// overwrite the remaining bytes with the NOP opcode (0x90)
// NOP opcode = No OPeration
for(DWORD x = 0x5; x < dwLen; x++) *(pAddress + x) = 0x90;
// restore the paged memory permissions saved in dwOldProtect
VirtualProtect(pAddress, dwLen, dwOldProtect, &dwBkup);
return;
}
////////////////////////////////////////////////////////////////////////// CLASS
class CBone
{
public:
D3DXMATRIX BoneMatrix;
};
class CBonesContext
{
public:
char Unk[216];
CBone* BoneData;
};
class CGameBase
{
public:
char Unk[1368];
CBonesContext* Bones;
};
struct CTeam
{
BYTE iTeam;
};
class CDeadStat
{
public:
BYTE Dead; //0x0000
};//Size=0x0001
struct CPlayers
{
float yaw;
float pitch;
D3DXVECTOR3 pos;
char unkno8[0x60];
};
struct CHealth
{
float CurHP;
};
////////////////////////////////////////////////////////////////////////// SET END HOOK
_declspec(naked)
void i3CollideeEnd()
{
_asm
{
cmp [BulletEnable], 0;
je Skip;
mov eax, [esp+4];
mov [eax], edx;
mov edx, [fX];
mov [eax+0], edx;
mov edx, [fY];
mov [eax+4],edx;
mov edx, [fZ];
mov [eax+8], edx;
mov edx, [ecx+8];
Skip:
jmp Original;
nop;
Original:
mov eax, [esp+4];
fld dword ptr [eax];
fstp dword ptr [ecx+0x18];
fld dword ptr [eax+0x04];
fstp dword ptr [ecx+0x1C];
fld dword ptr [eax+0x08];
fstp dword ptr [ecx+0x20];
fld dword ptr [ecx+0x18];
fsub dword ptr [ecx+0x0C];
fstp dword ptr [ecx+0x24];
fld dword ptr [ecx+0x1C];
fsub dword ptr [ecx+0x10];
fstp dword ptr [ecx+0x28];
fld dword ptr [ecx+0x20];
fsub dword ptr [ecx+0x14];
fstp dword ptr [ecx+0x2C];
ret 4;
}
}
int GetTeam(int MyT)
{
__try
{
if(MyT == 0 || MyT == 2 || MyT == 4 || MyT == 6 || MyT == 8 || MyT == 10|| MyT == 12|| MyT == 14)
return 1;
}__except(EXCEPTION_EXECUTE_HANDLER)
{
return 0;
}
__try
{
if(MyT == 1 || MyT == 3 || MyT == 5 || MyT == 7 || MyT == 9 || MyT == 11|| MyT == 13|| MyT == 15)
return 2;
return 0;
}__except(EXCEPTION_EXECUTE_HANDLER)
{
return 0;
}
}
BYTE GetPlayerIsDead (int idxplayer)
{
DWORD temp = *(PDWORD)(BASECHARA);
BYTE mati = *(PDWORD)((temp + 0x2C54C)+idxplayer);
return mati;
}
int GetMyCharaIndex()
{
DWORD cPlayer = *(PDWORD)(BASECHARA);
CTeam *MyTeam = (CTeam*)(cPlayer + 0x299F4);
return MyTeam->iTeam;
}
float CalcDistance(D3DXVECTOR3 VecA, D3DXVECTOR3 VecB)
{
return sqrt(((VecA.x - VecB.x) * (VecA.x - VecB.x)) + ((VecA.y - VecB.y) * (VecA.y - VecB.y)) + ((VecA.z - VecB.z) * (VecA.z - VecB.z)));
}
D3DXVECTOR3 GetUserVector(DWORD i)
{
DWORD dwBasePlayer = *(PDWORD)(BASECHARA);
CPlayers *pPlayer = (CPlayers*)((*(PDWORD)(dwBasePlayer + 0x4 * i + 0x27B24)) + 0x64);
return pPlayer->pos;
}
bool GetUserBone(D3DXVECTOR3 &Out, int BoneIdx, int Idx)
{
DWORD dwGameBase = *(PDWORD)BaseHealth;
if(dwGameBase)
{
CGameBase* GameBase = (CGameBase*)(*(PDWORD)(dwGameBase + 0x14 + (0x4 * Idx)));
if(Idx > -1)
{
if(GameBase && GameBase->Bones)
{
Out.x = GameBase->Bones->BoneData[ BoneIdx ].BoneMatrix._41;
Out.y = GameBase->Bones->BoneData[ BoneIdx ].BoneMatrix._42;
Out.z = GameBase->Bones->BoneData[ BoneIdx ].BoneMatrix._43;
return true;
}
}
}
return false;
}
////////////////////////////////////////////////////////////////////////// cek indeks player terdekat
int AutomaticTarget()
{
int Result = -1;
float NearDistance = 1000.0f;
int MyTeam = GetTeam(GetMyCharaIndex());
for(int i = 0; i<16; i++)
{
int TargetTeam = GetTeam(i);
if(TargetTeam == MyTeam)continue;
if(TargetTeam == 0)continue;
if(GetPlayerIsDead(i)== 1)continue; //Cek player hidup / mati
if(CalcDistance(GetUserVector(GetMyCharaIndex()), GetUserVector(i)) < NearDistance)
{
NearDistance = CalcDistance(GetUserVector(GetMyCharaIndex()), GetUserVector(i));
Result = i;
}
}
return Result;
}
void GetPosAimBullet ()
{
fX = NULL;
fY = NULL;
fZ = NULL;
int AimSlot = AutomaticTarget(); // cek target
if(AimSlot != -1)
{
D3DXVECTOR3 OnWorld, OnScreen;
int BoneIndexSelector = 7;//kepala
if(GetUserBone(OnWorld, 7, AimSlot))
{
//BulletEnable = true;
fX = OnWorld.x;
fY = OnWorld.y + 0.1f;//di plus biar pas kepala
fZ = OnWorld.z;
}//else BulletEnable = false;
}//else BulletEnable = false;
}
////////////////////////////////////////////////////////////////////////// CEK dalam permainan atau di loby
BYTE GetIngame ()
{
DWORD tIngame = *(PDWORD)BASECHARA;
BYTE ingame = *(PBYTE)(tIngame + 0xA80);
return ingame;
}
void HackON ()
{
while (1)
{
__try
{
if (GetIngame () == 3)
{
BulletEnable = true;
GetPosAimBullet ();
}
else
{
BulletEnable = false;
}
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
}
Sleep(20);
}
}
void StartPointerHack ()
{
do
{
dwi3scene = (DWORD)GetModuleHandle("i3SceneDx.dll");
Sleep(1000);
} while (!dwi3scene);
dwSetEnd = (DWORD)GetProcAddress((HINSTANCE)dwi3scene,"?SetEnd@i3CollideeLine@@QAEXPATVEC3D@@@Z");
MakeJMP((PBYTE)dwSetEnd,(DWORD)i3CollideeEnd,5);
//i3CollideeLine::i3CollideeLine
HackON ();
}
BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved)
{
if(dwReason == DLL_PROCESS_ATTACH)
{
DisableThreadLibraryCalls(hDll);
//CT(bypassxc);
ShellExecute(NULL,"open",heroichnet,NULL,NULL,SW_SHOWNORMAL);
CT(StartPointerHack);
}
return TRUE;
}
