Post: [C++] Explosive Bullets
Options
10-10-2017, 05:55 PM
#1
-JM-
Space Ninja
Dear script kiddies and Hackers, I present to you Explosive Bullets in C++ for SPRX.
I googled it and never found it for SPRX so here.
But before, here's a reminder.(you can skip this)
I been quite busy with life.
However, I intend to stay active. I will try to share almost everything that I know because this can be ported to various different Games and platform.
If you need help hit me up. I am very friendly and easy going if you got the skills to pay the bills. I can't really help people with RTM(C#) on the other hand I kickass at C++, PPC,IDA,etc.
I only mod Black Ops!
Now back to the Release. As I mentioned earlier I don't have much time so the code I'm sharing today is very messy and could be optimised.
I asked 01cedricv2 to take a look if he does I'll update the thread but if not you guys can pitch in too.
The code doesn't freeze and is commented on my pastebin. Enjoy
it would be cool if someone shares the other weapondef as I don't have time to dump their offsets...
bool ExplosiveBullet[18];
struct weaponParms
{
char unk[0x3C];
int weapVariantDef;
int weapDef;
};
char TESTWPJM[] = { 0x3F, 0x59, 0x20, 0x22, 0xBF, 0x07, 0x9E, 0x73, 0x39, 0xD9, 0x68, 0x88, 0xBF, 0x07, 0x9E, 0x74, 0xBF, 0x59, 0x20, 0x23, 0x80, 0x00, 0x00, 0x00, 0xB9, 0xB8, 0x64, 0xE6, 0x39, 0x66, 0x59, 0x61, 0x3F, 0x7F, 0xFF, 0xFF, 0xC4, 0xC9, 0xA4, 0xA3, 0x44, 0xF4, 0x01, 0x89, 0x44, 0x15, 0x7E, 0xB9, 0x01, 0x2A, 0xB2, 0x90, 0x00, 0x00, 0x00, 0x00, 0xD0, 0x0F, 0x4F, 0xB0, 0x01, 0x17, 0x3D, 0x4C, 0x32, 0xAC, 0x2F, 0xE4};
void SetMemory(int Address,char* bytes,int length)
{
for (int i = 0; i < length; i++)
{
*(char*)(Address + (i)) = bytes[i];
}
}
void Bullet_Fire_Stub(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
}
void Bullet_Fire_Hook(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
int client = (attacker-0x12AB290)/0x2F8;
if(client < 1
{
if(ExplosiveBullet[client] == true)
{
SetMemory((int)&TESTWPJM,(char*)wp,0x3C);
((void(*)(int, unsigned int, float,weaponParms *,const float *,int, const float *,int,int))&ParseAddr(0x37851)(0x12AB290 + (client * 0x2F,0x0665,2,(weaponParms *)TESTWPJM,(float*)0x924700,0,0,0x13950C8+(client * 0x2A3,0x13950C8+(client * 0x2A3);
}
}
Bullet_Fire_Stub(attacker, spread, wp, weaponEnt, gameTime);
}
int32_t sys_dbg_read_process_memory(uint64_t address, void *data, size_t size)
{
system_call_4(904, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template
int32_t ReadProcessMemory(uint32_t address, T data, size_t size)
{
return sys_dbg_read_process_memory(address, &data, size);
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
HookFunctionStart(0x2B8400, *(uint32_t*)Bullet_Fire_Hook, *(uint32_t*)Bullet_Fire_Stub);
here is a pastebin link where the code is commented from A to B baby
You must login or register to view this content.
From SC58 Full weapon def structure
You must login or register to view this content.
Last edited by
-JM- ; 10-12-2017 at 02:24 PM.
The following 7 users say thank you to -JM- for this useful post:
10-10-2017, 06:30 PM
#4
S63
Space Ninja
Originally posted by JM
I'm back b***es!
Dear script kiddies and Hackers, I present to you Explosive Bullets in C++ for SPRX.
I googled it and never found it for SPRX so here.
But before, here's a reminder.(you can skip this)
I been quite busy with life.
However, I intend to stay active. I will try to share almost everything that I know because this can be ported to various different Games and platform.
If you need help hit me up. I am very friendly and easy going if you got the skills to pay the bills. I can't really help people with RTM(C#) on the other hand I kickass at C++, PPC,IDA,etc.
I only mod Black Ops!
Now back to the Release. As I mentioned earlier I don't have much time so the code I'm sharing today is very messy and could be optimised.
I asked 01cedricv2 to take a look if he does I'll update the thread but if not you guys can pitch in too.
The code doesn't freeze and is commented on my pastebin. Enjoy
it would be cool if someone shares the other weapondef as I don't have time to dump their offsets...
here is a pastebin link where the code is commented from A to B baby
You must login or register to view this content.
Dear script kiddies and Hackers, I present to you Explosive Bullets in C++ for SPRX.
I googled it and never found it for SPRX so here.
But before, here's a reminder.(you can skip this)
I been quite busy with life.
However, I intend to stay active. I will try to share almost everything that I know because this can be ported to various different Games and platform.
If you need help hit me up. I am very friendly and easy going if you got the skills to pay the bills. I can't really help people with RTM(C#) on the other hand I kickass at C++, PPC,IDA,etc.
I only mod Black Ops!
Now back to the Release. As I mentioned earlier I don't have much time so the code I'm sharing today is very messy and could be optimised.
I asked 01cedricv2 to take a look if he does I'll update the thread but if not you guys can pitch in too.
The code doesn't freeze and is commented on my pastebin. Enjoy
it would be cool if someone shares the other weapondef as I don't have time to dump their offsets...
bool ExplosiveBullet[18];
struct weaponParms
{
char unk[0x3C];
int weapVariantDef;
int weapDef;
};
char TESTWPJM[] = { 0x3F, 0x59, 0x20, 0x22, 0xBF, 0x07, 0x9E, 0x73, 0x39, 0xD9, 0x68, 0x88, 0xBF, 0x07, 0x9E, 0x74, 0xBF, 0x59, 0x20, 0x23, 0x80, 0x00, 0x00, 0x00, 0xB9, 0xB8, 0x64, 0xE6, 0x39, 0x66, 0x59, 0x61, 0x3F, 0x7F, 0xFF, 0xFF, 0xC4, 0xC9, 0xA4, 0xA3, 0x44, 0xF4, 0x01, 0x89, 0x44, 0x15, 0x7E, 0xB9, 0x01, 0x2A, 0xB2, 0x90, 0x00, 0x00, 0x00, 0x00, 0xD0, 0x0F, 0x4F, 0xB0, 0x01, 0x17, 0x3D, 0x4C, 0x32, 0xAC, 0x2F, 0xE4};
void SetMemory(int Address,char* bytes,int length)
{
for (int i = 0; i < length; i++)
{
*(char*)(Address + (i)) = bytes[i];
}
}
void Bullet_Fire_Stub(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
}
void Bullet_Fire_Hook(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
int client = (attacker-0x12AB290)/0x2F8;
if(client < 1
{
if(ExplosiveBullet[client] == true)
{
SetMemory((int)&TESTWPJM,(char*)wp,0x3C);
((void(*)(int, unsigned int, float,weaponParms *,const float *,int, const float *,int,int))&ParseAddr(0x37851)(0x12AB290 + (client * 0x2F,0x0665,2,(weaponParms *)TESTWPJM,(float*)0x924700,0,0,0x13950C8+(client * 0x2A3,0x13950C8+(client * 0x2A3);
}
}
Bullet_Fire_Stub(attacker, spread, wp, weaponEnt, gameTime);
}
int32_t sys_dbg_read_process_memory(uint64_t address, void *data, size_t size)
{
system_call_4(904, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template<typename T>
int32_t ReadProcessMemory(uint32_t address, T data, size_t size)
{
return sys_dbg_read_process_memory(address, &data, size);
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template<typename T>
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
HookFunctionStart(0x2B8400, *(uint32_t*)Bullet_Fire_Hook, *(uint32_t*)Bullet_Fire_Stub);
here is a pastebin link where the code is commented from A to B baby
You must login or register to view this content.
Mr Jo
The following user thanked ExIIL for this useful post:
The following user thanked Link033 for this useful post:
10-16-2017, 04:08 AM
#9
Father Luckeyy
Retired - Lead Content Manager
Originally posted by JM
I'm back b***es!
Dear script kiddies and Hackers, I present to you Explosive Bullets in C++ for SPRX.
I googled it and never found it for SPRX so here.
But before, here's a reminder.(you can skip this)
I been quite busy with life.
However, I intend to stay active. I will try to share almost everything that I know because this can be ported to various different Games and platform.
If you need help hit me up. I am very friendly and easy going if you got the skills to pay the bills. I can't really help people with RTM(C#) on the other hand I kickass at C++, PPC,IDA,etc.
I only mod Black Ops!
Now back to the Release. As I mentioned earlier I don't have much time so the code I'm sharing today is very messy and could be optimised.
I asked 01cedricv2 to take a look if he does I'll update the thread but if not you guys can pitch in too.
The code doesn't freeze and is commented on my pastebin. Enjoy
it would be cool if someone shares the other weapondef as I don't have time to dump their offsets...
here is a pastebin link where the code is commented from A to B baby
You must login or register to view this content.
From SC58 Full weapon def structure
You must login or register to view this content.
Dear script kiddies and Hackers, I present to you Explosive Bullets in C++ for SPRX.
I googled it and never found it for SPRX so here.
But before, here's a reminder.(you can skip this)
I been quite busy with life.
However, I intend to stay active. I will try to share almost everything that I know because this can be ported to various different Games and platform.
If you need help hit me up. I am very friendly and easy going if you got the skills to pay the bills. I can't really help people with RTM(C#) on the other hand I kickass at C++, PPC,IDA,etc.
I only mod Black Ops!
Now back to the Release. As I mentioned earlier I don't have much time so the code I'm sharing today is very messy and could be optimised.
I asked 01cedricv2 to take a look if he does I'll update the thread but if not you guys can pitch in too.
The code doesn't freeze and is commented on my pastebin. Enjoy
it would be cool if someone shares the other weapondef as I don't have time to dump their offsets...
bool ExplosiveBullet[18];
struct weaponParms
{
char unk[0x3C];
int weapVariantDef;
int weapDef;
};
char TESTWPJM[] = { 0x3F, 0x59, 0x20, 0x22, 0xBF, 0x07, 0x9E, 0x73, 0x39, 0xD9, 0x68, 0x88, 0xBF, 0x07, 0x9E, 0x74, 0xBF, 0x59, 0x20, 0x23, 0x80, 0x00, 0x00, 0x00, 0xB9, 0xB8, 0x64, 0xE6, 0x39, 0x66, 0x59, 0x61, 0x3F, 0x7F, 0xFF, 0xFF, 0xC4, 0xC9, 0xA4, 0xA3, 0x44, 0xF4, 0x01, 0x89, 0x44, 0x15, 0x7E, 0xB9, 0x01, 0x2A, 0xB2, 0x90, 0x00, 0x00, 0x00, 0x00, 0xD0, 0x0F, 0x4F, 0xB0, 0x01, 0x17, 0x3D, 0x4C, 0x32, 0xAC, 0x2F, 0xE4};
void SetMemory(int Address,char* bytes,int length)
{
for (int i = 0; i < length; i++)
{
*(char*)(Address + (i)) = bytes[i];
}
}
void Bullet_Fire_Stub(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
__nop();
}
void Bullet_Fire_Hook(int attacker, float spread, weaponParms *wp, int weaponEnt, int gameTime)
{
int client = (attacker-0x12AB290)/0x2F8;
if(client < 1
{
if(ExplosiveBullet[client] == true)
{
SetMemory((int)&TESTWPJM,(char*)wp,0x3C);
((void(*)(int, unsigned int, float,weaponParms *,const float *,int, const float *,int,int))&ParseAddr(0x37851)(0x12AB290 + (client * 0x2F,0x0665,2,(weaponParms *)TESTWPJM,(float*)0x924700,0,0,0x13950C8+(client * 0x2A3,0x13950C8+(client * 0x2A3);
}
}
Bullet_Fire_Stub(attacker, spread, wp, weaponEnt, gameTime);
}
int32_t sys_dbg_read_process_memory(uint64_t address, void *data, size_t size)
{
system_call_4(904, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template
int32_t ReadProcessMemory(uint32_t address, T data, size_t size)
{
return sys_dbg_read_process_memory(address, &data, size);
}
int32_t sys_dbg_write_process_memory(uint64_t address, const void *data, size_t size)
{
system_call_4(905, (uint64_t)sys_process_getpid(), address, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
template
int32_t WriteProcessMemory(uint32_t address, const T value, size_t size)
{
return sys_dbg_write_process_memory(address, &value, size);
}
void HookFunctionStart(uint32_t functionStartAddress, uint32_t newFunction, uint32_t functionStub)
{
uint32_t normalFunctionStub[8], hookFunctionStub[4];
sys_dbg_read_process_memory(functionStartAddress, normalFunctionStub, 0x10);
normalFunctionStub[4] = 0x3D600000 + ((functionStartAddress + 0x10 >> 16) & 0xFFFF);
normalFunctionStub[5] = 0x616B0000 + (functionStartAddress + 0x10 & 0xFFFF);
normalFunctionStub[6] = 0x7D6903A6;
normalFunctionStub[7] = 0x4E800420;
sys_dbg_write_process_memory(functionStub, normalFunctionStub, 0x20);
hookFunctionStub[0] = 0x3D600000 + ((newFunction >> 16) & 0xFFFF);
hookFunctionStub[1] = 0x616B0000 + (newFunction & 0xFFFF);
hookFunctionStub[2] = 0x7D6903A6;
hookFunctionStub[3] = 0x4E800420;
sys_dbg_write_process_memory(functionStartAddress, hookFunctionStub, 0x10);
}
HookFunctionStart(0x2B8400, *(uint32_t*)Bullet_Fire_Hook, *(uint32_t*)Bullet_Fire_Stub);
here is a pastebin link where the code is commented from A to B baby
You must login or register to view this content.
From SC58 Full weapon def structure
You must login or register to view this content.
Well done on though's explosive rounds
Last edited by
Father Luckeyy ; 10-16-2017 at 04:30 AM.
10-16-2017, 04:28 AM
#10
-JM-
Space Ninja
Originally posted by Dr.
Well done on though's explosive founds
thanks dawg tho
they were found but not released that way ... This makes rockets bullets+fx+damage radius most explosive bullets don’t have the rockets because they use bullettrace and radiusdamage also this allows way more customizations... if I’m really mistaken I’d like too see the post and worst case scenario I know for a fact it wasn’t released on bo1
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
