Post: [Release]Anti-God Class and anti End Game by Jo-Milk
Options
02-09-2017, 11:12 PM
#1
-JM-
Space Ninja
For C++ SPRX
Anti god class
enum ddlPrimitiveTypes_e
{
DDL_BYTE_TYPE = 0x0,
DDL_SHORT_TYPE = 0x1,
DDL_INT_TYPE = 0x2,
DDL_INT64_TYPE = 0x3,
DDL_FLOAT_TYPE = 0x4,
DDL_STRING_TYPE = 0x5,
DDL_STRUCT_TYPE = 0x6,
DDL_ENUM_TYPE = 0x7,
};
struct ddlMemberDef_t
{
const char *name;
int size;
int offset;
ddlPrimitiveTypes_e type;
int externalIndex;
unsigned int min;
unsigned int max;
unsigned int serverDelta;
unsigned int clientDelta;
int arraySize;
int enumIndex;
int permission;
};
struct ddlStructDef_t
{
const char *name;
int size;
int memberCount;
ddlMemberDef_t *members;
};
struct ddlEnumDef_t
{
const char *name;
int memberCount;
const char **members;
};
struct ddlDef_t
{
int version;
int size;
ddlStructDef_t *structList;
int structCount;
ddlEnumDef_t *enumList;
int enumCount;
ddlDef_t *next;
};
struct ddlState_t
{
int absoluteOffset;
int arrayIndex;
ddlMemberDef_t *member;
ddlDef_t *ddl;
};
opd_s LiveStats_GetRootDDLState_t = { 0x69D868, TOC };
ddlState_t *(*LiveStats_GetRootDDLState)() = (ddlState_t *(*)())&LiveStats_GetRootDDLState_t;
opd_s LiveStats_GetCacDDLState_t = { 0x69D858, TOC };
ddlState_t *(*LiveStats_GetCacDDLState)() = (ddlState_t *(*)())&LiveStats_GetCacDDLState_t;
opd_s DDL_MoveTo_t = { 0x5E4E88, TOC };
int(*DDL_MoveTo)(ddlState_t *searchState, ddlState_t *resultState, int argNum, ...) = (int(*)(ddlState_t *, ddlState_t *, int, ...))&
DL_MoveTo_t;
opd_s SV_GetClientDIntStat_t = { 0x3E2700, TOC };
unsigned int(*SV_GetClientDIntStat)(int clientNum, ddlState_t *searchState) = (unsigned int(*)(int, ddlState_t *))&SV_GetClientDIntStat_t;
opd_s SV_GetClientDStringStat_t = { 0x3E2600, TOC };
const char*(*SV_GetClientDStringStat)(int clientNum, ddlState_t *searchState) = (const char*(*)(int, ddlState_t *))&SV_GetClientDStringStat_t;
opd_s SV_SetClientDIntStat_t = { 0x3E7C40, TOC };
void(*SV_SetClientDIntStat)(int clientNum, ddlState_t *searchState, unsigned int value) = (void(*)(int, ddlState_t *, unsigned int))&SV_SetClientDIntStat_t;
opd_s va_t = { 0x4DB3D8, TOC };
char *(*va)(const char *format, ...) = (char *(*)(const char *, ...))&va_t;
int GetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
else
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
}
void SetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1");
}
else
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1");
}
SV_SetClientDIntStat(clientNum, &searchState,0);
}
void ClientCommand(int clientNum)
{
gentity_s *ent = &g_entities[clientNum];
if (ent->client)
{
char cmdArgv0[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(0, cmdArgv0, MAX_STRING_CHARS);
if (CompareString(cmdArgv0, "mr"))
{
char cmdArgv3[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(3, cmdArgv3, MAX_STRING_CHARS);
char cmdArgv2[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(2, cmdArgv2, MAX_STRING_CHARS);
if(CompareString(cmdArgv2, "6"))
{
int Classnum = CheckClassTaken(cmdArgv3);
int Classnum1 = CheckClassTakenFordll(cmdArgv3);
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C
+ (Classnum * 0x23) + 0x5A7EA), 0x06, sizeof(char));
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C + (Classnum * 0x23) + 0x5A809), 0x04, sizeof(char));
SetClientPerk(clientNum,Classnum1);
Cmd_MenuResponse_f(ent);
}
else if (CompareString(cmdArgv3, "endround"))/*anti end game works bo2 also from SC58*/
{
if (IsHost(clientNum))/*get this yourself*/
Cmd_MenuResponse_f(ent);
else
{
//kick client?
}
}
else
{
Cmd_MenuResponse_f(ent);
}
}
}
}
HookFunction(0x2D6140, *(uint32_t*)ClientCommand);
extra
struct gentity_s
{
char pad0[0x144];
gclient_s *client;
char pad1[0x1B0];
};
gentity_s *g_entities = (gentity_s *)0x12AB290;
opd_s SV_Cmd_ArgvBuffer_t = { 0x3997C8, TOC };
void(*SV_Cmd_ArgvBuffer)(int arg, char *buffer, int bufferLength) = (void(*)(int, char *, int))&SV_Cmd_ArgvBuffer_t;
opd_s Cmd_MenuResponse_f_t = { 0x2D5AE8, TOC };
void(*Cmd_MenuResponse_f)(gentity_s *pEnt) = (void(*)(gentity_s *))&Cmd_MenuResponse_f_t;
bool CompareString(const char *str1, const char *str2)
{
return !strcmp(str1, str2);
}
int CheckClassTakenFordll(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 1;
else if(CompareString(Class,"custom2,0"))
return 2;
else if(CompareString(Class,"custom3,0"))
return 3;
else if(CompareString(Class,"custom4,0"))
return 4;
else if(CompareString(Class,"custom5,0"))
return 5;
else if(CompareString(Class,"prestige1,0"))
return 6;
else if(CompareString(Class,"prestige2,0"))
return 7;
else if(CompareString(Class,"prestige3,0"))
return 8;
else if(CompareString(Class,"prestige4,0"))
return 9;
else if(CompareString(Class,"prestige5,0"))
return 10;
else
return 10;
}
int CheckClassTaken(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 0;
else if(CompareString(Class,"custom2,0"))
return 1;
else if(CompareString(Class,"custom3,0"))
return 2;
else if(CompareString(Class,"custom4,0"))
return 3;
else if(CompareString(Class,"custom5,0"))
return 4;
else if(CompareString(Class,"smg_mp,0"))
return 5;
else if(CompareString(Class,"cqb_mp,0"))
return 6;
else if(CompareString(Class,"assault_mp,0"))
return 7;
else if(CompareString(Class,"lmg_mp,0"))
return 8;
else if(CompareString(Class,"sniper_mp,0"))
return 9;
else if(CompareString(Class,"prestige1,0"))
return 5;
else if(CompareString(Class,"prestige2,0"))
return 6;
else if(CompareString(Class,"prestige3,0"))
return 7;
else if(CompareString(Class,"prestige4,0"))
return 8;
else if(CompareString(Class,"prestige5,0"))
return 9;
else
return 10;
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template<typename T>
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
int32_t HookFunction(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800420;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t HookFunctionLinked(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800421;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t BranchLinkedHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000001 + (branchTo - branchFrom);
else
branch = 0x4C000001 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
int32_t BranchHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000000 + (branchTo - branchFrom);
else
branch = 0x4C000000 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
Yess you can also mod all clients stats with this but there is a limit like bo2
here my Undercover V4 teaser with remove god class for lazy people
You must login or register to view this content.
Thanks to SC58 for anti end game with some help for anti god class
and Superior for testing
and me for anti god class
Last edited by
Gryphus ; 02-09-2017 at 11:15 PM.
Reason: removed inappropriate language
The following 8 users say thank you to -JM- for this useful post:
The following user thanked Macauly for this useful post:
02-10-2017, 01:29 AM
#4
Frosty
error
Originally posted by JM
I am done with god class so here is remove god class
For C++ SPRX
Anti god class
extra
Yess you can also mod all clients stats with this but there is a limit like bo2
here my Undercover V4 teaser with remove god class for lazy people
You must login or register to view this content.
Thanks to SC58 for anti end game with some help for anti god class
and Superior for testing
and me for anti god class
For C++ SPRX
Anti god class
enum ddlPrimitiveTypes_e
{
DDL_BYTE_TYPE = 0x0,
DDL_SHORT_TYPE = 0x1,
DDL_INT_TYPE = 0x2,
DDL_INT64_TYPE = 0x3,
DDL_FLOAT_TYPE = 0x4,
DDL_STRING_TYPE = 0x5,
DDL_STRUCT_TYPE = 0x6,
DDL_ENUM_TYPE = 0x7,
};
struct ddlMemberDef_t
{
const char *name;
int size;
int offset;
ddlPrimitiveTypes_e type;
int externalIndex;
unsigned int min;
unsigned int max;
unsigned int serverDelta;
unsigned int clientDelta;
int arraySize;
int enumIndex;
int permission;
};
struct ddlStructDef_t
{
const char *name;
int size;
int memberCount;
ddlMemberDef_t *members;
};
struct ddlEnumDef_t
{
const char *name;
int memberCount;
const char **members;
};
struct ddlDef_t
{
int version;
int size;
ddlStructDef_t *structList;
int structCount;
ddlEnumDef_t *enumList;
int enumCount;
ddlDef_t *next;
};
struct ddlState_t
{
int absoluteOffset;
int arrayIndex;
ddlMemberDef_t *member;
ddlDef_t *ddl;
};
opd_s LiveStats_GetRootDDLState_t = { 0x69D868, TOC };
ddlState_t *(*LiveStats_GetRootDDLState)() = (ddlState_t *(*)())&LiveStats_GetRootDDLState_t;
opd_s LiveStats_GetCacDDLState_t = { 0x69D858, TOC };
ddlState_t *(*LiveStats_GetCacDDLState)() = (ddlState_t *(*)())&LiveStats_GetCacDDLState_t;
opd_s DDL_MoveTo_t = { 0x5E4E88, TOC };
int(*DDL_MoveTo)(ddlState_t *searchState, ddlState_t *resultState, int argNum, ...) = (int(*)(ddlState_t *, ddlState_t *, int, ...))&DL_MoveTo_t;
opd_s SV_GetClientDIntStat_t = { 0x3E2700, TOC };
unsigned int(*SV_GetClientDIntStat)(int clientNum, ddlState_t *searchState) = (unsigned int(*)(int, ddlState_t *))&SV_GetClientDIntStat_t;
opd_s SV_GetClientDStringStat_t = { 0x3E2600, TOC };
const char*(*SV_GetClientDStringStat)(int clientNum, ddlState_t *searchState) = (const char*(*)(int, ddlState_t *))&SV_GetClientDStringStat_t;
opd_s SV_SetClientDIntStat_t = { 0x3E7C40, TOC };
void(*SV_SetClientDIntStat)(int clientNum, ddlState_t *searchState, unsigned int value) = (void(*)(int, ddlState_t *, unsigned int))&SV_SetClientDIntStat_t;
opd_s va_t = { 0x4DB3D8, TOC };
char *(*va)(const char *format, ...) = (char *(*)(const char *, ...))&va_t;
int GetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
else
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
}
void SetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1");
}
else
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1");
}
SV_SetClientDIntStat(clientNum, &searchState,0);
}
void ClientCommand(int clientNum)
{
gentity_s *ent = &g_entities[clientNum];
if (ent->client)
{
char cmdArgv0[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(0, cmdArgv0, MAX_STRING_CHARS);
if (CompareString(cmdArgv0, "mr"))
{
char cmdArgv3[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(3, cmdArgv3, MAX_STRING_CHARS);
char cmdArgv2[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(2, cmdArgv2, MAX_STRING_CHARS);
if(CompareString(cmdArgv2, "6"))
{
int Classnum = CheckClassTaken(cmdArgv3);
int Classnum1 = CheckClassTakenFordll(cmdArgv3);
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C + (Classnum * 0x23) + 0x5A7EA), 0x06, sizeof(char));
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C + (Classnum * 0x23) + 0x5A809), 0x04, sizeof(char));
SetClientPerk(clientNum,Classnum1);
Cmd_MenuResponse_f(ent);
}
else if (CompareString(cmdArgv3, "endround"))/*anti end game works bo2 also from SC58*/
{
if (IsHost(clientNum))/*get this yourself*/
Cmd_MenuResponse_f(ent);
else
{
//kick client?
}
}
else
{
Cmd_MenuResponse_f(ent);
}
}
}
}
HookFunction(0x2D6140, *(uint32_t*)ClientCommand);
extra
struct gentity_s
{
char pad0[0x144];
gclient_s *client;
char pad1[0x1B0];
};
gentity_s *g_entities = (gentity_s *)0x12AB290;
opd_s SV_Cmd_ArgvBuffer_t = { 0x3997C8, TOC };
void(*SV_Cmd_ArgvBuffer)(int arg, char *buffer, int bufferLength) = (void(*)(int, char *, int))&SV_Cmd_ArgvBuffer_t;
opd_s Cmd_MenuResponse_f_t = { 0x2D5AE8, TOC };
void(*Cmd_MenuResponse_f)(gentity_s *pEnt) = (void(*)(gentity_s *))&Cmd_MenuResponse_f_t;
bool CompareString(const char *str1, const char *str2)
{
return !strcmp(str1, str2);
}
int CheckClassTakenFordll(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 1;
else if(CompareString(Class,"custom2,0"))
return 2;
else if(CompareString(Class,"custom3,0"))
return 3;
else if(CompareString(Class,"custom4,0"))
return 4;
else if(CompareString(Class,"custom5,0"))
return 5;
else if(CompareString(Class,"prestige1,0"))
return 6;
else if(CompareString(Class,"prestige2,0"))
return 7;
else if(CompareString(Class,"prestige3,0"))
return 8;
else if(CompareString(Class,"prestige4,0"))
return 9;
else if(CompareString(Class,"prestige5,0"))
return 10;
else
return 10;
}
int CheckClassTaken(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 0;
else if(CompareString(Class,"custom2,0"))
return 1;
else if(CompareString(Class,"custom3,0"))
return 2;
else if(CompareString(Class,"custom4,0"))
return 3;
else if(CompareString(Class,"custom5,0"))
return 4;
else if(CompareString(Class,"smg_mp,0"))
return 5;
else if(CompareString(Class,"cqb_mp,0"))
return 6;
else if(CompareString(Class,"assault_mp,0"))
return 7;
else if(CompareString(Class,"lmg_mp,0"))
return 8;
else if(CompareString(Class,"sniper_mp,0"))
return 9;
else if(CompareString(Class,"prestige1,0"))
return 5;
else if(CompareString(Class,"prestige2,0"))
return 6;
else if(CompareString(Class,"prestige3,0"))
return 7;
else if(CompareString(Class,"prestige4,0"))
return 8;
else if(CompareString(Class,"prestige5,0"))
return 9;
else
return 10;
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template<typename T>
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
int32_t HookFunction(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800420;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t HookFunctionLinked(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800421;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t BranchLinkedHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000001 + (branchTo - branchFrom);
else
branch = 0x4C000001 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
int32_t BranchHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000000 + (branchTo - branchFrom);
else
branch = 0x4C000000 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
Yess you can also mod all clients stats with this but there is a limit like bo2
here my Undercover V4 teaser with remove god class for lazy people
You must login or register to view this content.
Thanks to SC58 for anti end game with some help for anti god class
and Superior for testing
and me for anti god class
JM is back!
02-10-2017, 07:09 AM
#5
Father Luckeyy
Retired - Lead Content Manager
Originally posted by JM
I am done with god class so here is remove god class
For C++ SPRX
Anti god class
extra
Yess you can also mod all clients stats with this but there is a limit like bo2
here my Undercover V4 teaser with remove god class for lazy people
You must login or register to view this content.
Thanks to SC58 for anti end game with some help for anti god class
and Superior for testing
and me for anti god class
For C++ SPRX
Anti god class
enum ddlPrimitiveTypes_e
{
DDL_BYTE_TYPE = 0x0,
DDL_SHORT_TYPE = 0x1,
DDL_INT_TYPE = 0x2,
DDL_INT64_TYPE = 0x3,
DDL_FLOAT_TYPE = 0x4,
DDL_STRING_TYPE = 0x5,
DDL_STRUCT_TYPE = 0x6,
DDL_ENUM_TYPE = 0x7,
};
struct ddlMemberDef_t
{
const char *name;
int size;
int offset;
ddlPrimitiveTypes_e type;
int externalIndex;
unsigned int min;
unsigned int max;
unsigned int serverDelta;
unsigned int clientDelta;
int arraySize;
int enumIndex;
int permission;
};
struct ddlStructDef_t
{
const char *name;
int size;
int memberCount;
ddlMemberDef_t *members;
};
struct ddlEnumDef_t
{
const char *name;
int memberCount;
const char **members;
};
struct ddlDef_t
{
int version;
int size;
ddlStructDef_t *structList;
int structCount;
ddlEnumDef_t *enumList;
int enumCount;
ddlDef_t *next;
};
struct ddlState_t
{
int absoluteOffset;
int arrayIndex;
ddlMemberDef_t *member;
ddlDef_t *ddl;
};
opd_s LiveStats_GetRootDDLState_t = { 0x69D868, TOC };
ddlState_t *(*LiveStats_GetRootDDLState)() = (ddlState_t *(*)())&LiveStats_GetRootDDLState_t;
opd_s LiveStats_GetCacDDLState_t = { 0x69D858, TOC };
ddlState_t *(*LiveStats_GetCacDDLState)() = (ddlState_t *(*)())&LiveStats_GetCacDDLState_t;
opd_s DDL_MoveTo_t = { 0x5E4E88, TOC };
int(*DDL_MoveTo)(ddlState_t *searchState, ddlState_t *resultState, int argNum, ...) = (int(*)(ddlState_t *, ddlState_t *, int, ...))&DL_MoveTo_t;
opd_s SV_GetClientDIntStat_t = { 0x3E2700, TOC };
unsigned int(*SV_GetClientDIntStat)(int clientNum, ddlState_t *searchState) = (unsigned int(*)(int, ddlState_t *))&SV_GetClientDIntStat_t;
opd_s SV_GetClientDStringStat_t = { 0x3E2600, TOC };
const char*(*SV_GetClientDStringStat)(int clientNum, ddlState_t *searchState) = (const char*(*)(int, ddlState_t *))&SV_GetClientDStringStat_t;
opd_s SV_SetClientDIntStat_t = { 0x3E7C40, TOC };
void(*SV_SetClientDIntStat)(int clientNum, ddlState_t *searchState, unsigned int value) = (void(*)(int, ddlState_t *, unsigned int))&SV_SetClientDIntStat_t;
opd_s va_t = { 0x4DB3D8, TOC };
char *(*va)(const char *format, ...) = (char *(*)(const char *, ...))&va_t;
int GetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
else
{
if (DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1"))
return SV_GetClientDIntStat(clientNum, &searchState);
}
}
void SetClientPerk(int clientNum,int classnum)
{
ddlState_t searchState;
if(classnum<6)
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("customclass%i",classnum), "specialty1");
}
else
{
DDL_MoveTo(LiveStats_GetRootDDLState(), &searchState, 3, "cacLoadouts", va("prestigeclass%i",(classnum - 5)), "specialty1");
}
SV_SetClientDIntStat(clientNum, &searchState,0);
}
void ClientCommand(int clientNum)
{
gentity_s *ent = &g_entities[clientNum];
if (ent->client)
{
char cmdArgv0[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(0, cmdArgv0, MAX_STRING_CHARS);
if (CompareString(cmdArgv0, "mr"))
{
char cmdArgv3[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(3, cmdArgv3, MAX_STRING_CHARS);
char cmdArgv2[MAX_STRING_CHARS];
SV_Cmd_ArgvBuffer(2, cmdArgv2, MAX_STRING_CHARS);
if(CompareString(cmdArgv2, "6"))
{
int Classnum = CheckClassTaken(cmdArgv3);
int Classnum1 = CheckClassTakenFordll(cmdArgv3);
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C + (Classnum * 0x23) + 0x5A7EA), 0x06, sizeof(char));
WriteProcessMemory<char>((0x3639E660 + (clientNum * 0x651C + (Classnum * 0x23) + 0x5A809), 0x04, sizeof(char));
SetClientPerk(clientNum,Classnum1);
Cmd_MenuResponse_f(ent);
}
else if (CompareString(cmdArgv3, "endround"))/*anti end game works bo2 also from SC58*/
{
if (IsHost(clientNum))/*get this yourself*/
Cmd_MenuResponse_f(ent);
else
{
//kick client?
}
}
else
{
Cmd_MenuResponse_f(ent);
}
}
}
}
HookFunction(0x2D6140, *(uint32_t*)ClientCommand);
extra
struct gentity_s
{
char pad0[0x144];
gclient_s *client;
char pad1[0x1B0];
};
gentity_s *g_entities = (gentity_s *)0x12AB290;
opd_s SV_Cmd_ArgvBuffer_t = { 0x3997C8, TOC };
void(*SV_Cmd_ArgvBuffer)(int arg, char *buffer, int bufferLength) = (void(*)(int, char *, int))&SV_Cmd_ArgvBuffer_t;
opd_s Cmd_MenuResponse_f_t = { 0x2D5AE8, TOC };
void(*Cmd_MenuResponse_f)(gentity_s *pEnt) = (void(*)(gentity_s *))&Cmd_MenuResponse_f_t;
bool CompareString(const char *str1, const char *str2)
{
return !strcmp(str1, str2);
}
int CheckClassTakenFordll(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 1;
else if(CompareString(Class,"custom2,0"))
return 2;
else if(CompareString(Class,"custom3,0"))
return 3;
else if(CompareString(Class,"custom4,0"))
return 4;
else if(CompareString(Class,"custom5,0"))
return 5;
else if(CompareString(Class,"prestige1,0"))
return 6;
else if(CompareString(Class,"prestige2,0"))
return 7;
else if(CompareString(Class,"prestige3,0"))
return 8;
else if(CompareString(Class,"prestige4,0"))
return 9;
else if(CompareString(Class,"prestige5,0"))
return 10;
else
return 10;
}
int CheckClassTaken(char* Class)
{
if(CompareString(Class,"custom1,0"))
return 0;
else if(CompareString(Class,"custom2,0"))
return 1;
else if(CompareString(Class,"custom3,0"))
return 2;
else if(CompareString(Class,"custom4,0"))
return 3;
else if(CompareString(Class,"custom5,0"))
return 4;
else if(CompareString(Class,"smg_mp,0"))
return 5;
else if(CompareString(Class,"cqb_mp,0"))
return 6;
else if(CompareString(Class,"assault_mp,0"))
return 7;
else if(CompareString(Class,"lmg_mp,0"))
return 8;
else if(CompareString(Class,"sniper_mp,0"))
return 9;
else if(CompareString(Class,"prestige1,0"))
return 5;
else if(CompareString(Class,"prestige2,0"))
return 6;
else if(CompareString(Class,"prestige3,0"))
return 7;
else if(CompareString(Class,"prestige4,0"))
return 8;
else if(CompareString(Class,"prestige5,0"))
return 9;
else
return 10;
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template<typename T>
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
int32_t HookFunction(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800420;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t HookFunctionLinked(uint32_t address, uint32_t function)
{
uint32_t opcode[4];
opcode[0] = 0x3D600000 + ((function >> 16) & 0xFFFF);
opcode[1] = 0x616B0000 + (function & 0xFFFF);
opcode[2] = 0x7D6903A6;
opcode[3] = 0x4E800421;
return sys_dbg_write_process_memory(address, &opcode, 0x10);
}
int32_t BranchLinkedHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000001 + (branchTo - branchFrom);
else
branch = 0x4C000001 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
int32_t BranchHook(uint32_t branchFrom, uint32_t branchTo)
{
uint32_t branch;
if (branchTo > branchFrom)
branch = 0x48000000 + (branchTo - branchFrom);
else
branch = 0x4C000000 - (branchFrom - branchTo);
return sys_dbg_write_process_memory(branchFrom, &branch, 4);
}
Yess you can also mod all clients stats with this but there is a limit like bo2
here my Undercover V4 teaser with remove god class for lazy people
You must login or register to view this content.
Thanks to SC58 for anti end game with some help for anti god class
and Superior for testing
and me for anti god class
Nice posts on the JM!
The following 2 users say thank you to -JM- for this useful post:
02-16-2017, 05:48 PM
#10
Father Luckeyy
Retired - Lead Content Manager
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
