THREAD: How to call raw GSC Functions in an .sprx. Also, how to do waitill xD [RELEASE]
  1. 03-09-2015, 09:14 PM
    46
    Posts
    1,467
    Reputation
    May 2013
    NextGenUpdate
    Sup guys, if you don't know me, good. I'm from xbox xD. My alias is Maybe Ethernet. I'll be showing you how to call raw gsc functions in your dll/sprx.

    Ok so first we want to get our basic functions

    int Scr_SetParameters(unsigned int Num){
    return *(int*)(0x13C3140 + 0x203Cool Man (aka Tustin) = Num;
    }
    //This will set the parameter number

    struct opd_s{
    uint Sub;
    uint Toc;
    };


    opd_s ParseAddr(int Address){
    opd_s GLS = { Address, 0x724C38 };
    return GLS;
    }
    //TOC

    Next we want to get all the Scr_Add functions together
    #define Scr_AddInt(Value) ((void(*)(int))&ParseAddr(0x20C60Cool Man (aka Tustin))(Value)
    #define Scr_AddFloat(Value) ((void(*)(float))&ParseAddr(0x20C5C0))(Value)
    #define Scr_AddString(String) ((void(*)(const char*))&ParseAddr(0x20C42Cool Man (aka Tustin))(String)
    #define Scr_AddEntity(Entity) ((void(*)(int))&ParseAddr(0x1B7700))(Entity)
    #define Scr_AddVector(Vec) ((void(*)(const float*))&ParseAddr(0x20C330))(Vec)


    Now to explain how to actually use these, we're going to use GScr_Earthquake as an example which is located at 0x1A80E8.

    Here's how we do this.

    First:
    #define Scr_ClearOutParams() ((void(*)(void))&ParseAddr(0x20C19Cool Man (aka Tustin))()


    void GScr_Earthquake(float scale, float duration, float* source, float radius){
    Scr_AddFloat(radius);
    Scr_AddVector(source);
    Scr_AddFloat(duration);
    Scr_AddFloat(scale);
    Scr_SetParameters(4); //See how I set the parameter number after I finish calling the Scr_Adds?
    ((void(*)())&ParseAddr(0x1A80ECool Man (aka Tustin))(); //Call the actual function
    //((void(*)(int))&ParseAddr(0x1A80ECool Man (aka Tustin))(ClientID << 16); //Only call this one if the one above doesn't work.
    Scr_ClearOutParams();
    }


    See how I called the Scr_Adds from the last parameter to the 1st one? Well you have to do that, idk why really.

    Now on to the hook. You need somewhere to call these right? Well your answer is: VM_Resume - 0x2E69C4.

    Method to hook: hookFunctionStart - Credit to Xx jAmes t xX for porting this Smile

    void PatchInJump(int Address, int Destination){
    int FuncBytes[4];
    Destination = *(int*)Destination;
    FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
    if(Destination & 0x8000) FuncBytes[0] += 1;
    FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
    FuncBytes[2] = 0x7D6903A6;
    FuncBytes[3] = 0x4E800420;
    Memcpy((void*)Address, FuncBytes, 4*4);
    }


    void hookFunctionStart(int Address, int saveStub, int Destination){ //Works on every game
    saveStub = *(int*)saveStub;
    int BranchtoAddress = Address + (4*4);
    int StubData[8];
    StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF);
    if(BranchtoAddress & 0x8000) StubData[0] += 1;
    StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF);
    StubData[2] = 0x7D6903A6;
    Memcpy(&StubData[3], (void*)Address, 4*4);
    StubData[7] = 0x4E800420;
    Memcpy((void*)saveStub, StubData, 8*4);
    PatchInJump(Address, Destination);
    }


    Now our function hook

    void VM_ResumeStub(int TimeId){
    __asm("li %r3, 0x3");
    }


    void VM_ResumeHook(int TimeId){ // If this doesn't work, hook int VM_Execute() - 0x20CC08 with hookFunctionStart
    //You would call GScr_Earthquake here. Obv not in the loop. Make sure you implement a check in here to make it // get called once
    VM_ResumeStub(TimeId);
    }


    To call our hook we do
    hookFunctionStart(0x210A48, (int)VM_ResumeStub, (int)VM_ResumeHook);

    Make sure you call that about 2 seconds after your thread is executed.


    Now that's it. Smile Also, you can call other things like:

    PlayerCmd_ClonePlayer
    PlayerCmd_Suicide
    Player_Die
    G_RadiusDamage
    GScr_NotifyOnPlayerCommand //Someone find this for me on ghosts pls ;-;
    G_Damage
    and many more!

    Now on to waitill. Pretty easy tbh.

    First
    #define SL_ConvertToString(StringValue) ((const char*(*)(unsigned short))ParseAddr(0x200280))(StringValue)


    hookFunctionStart(0x20B7C8, (int)VM_NotifyStub, (int)VM_NotifyHook);


    void VM_NotifyStub(unsigned int self, short Stringvalue, unsigned int Paramcount){
    __asm("li %r3, 0x4");
    }


    void VM_NotifyHook(unsigned int self, short Stringvalue, unsigned int Paramcount){
    //Now if we wanted to monitor onPlayerSpawned we do
    int ClientID = ((int(*)(int))&ParseAddr(0x201F90))(self); //Scr_GetSelf
    const char* Notify = SL_ConvertToString(Stringvalue);
    if(!strcmp(Notify, "spawned_player")){
    //Executed on spawn. This monitors for ANY CLIENT THAT SPAWNS!
    GScr_Earthquake(0.6f, 2, (float*)(Playerstate() + 0x1C), 800); //Yes you can call this in V
    }
    VM_NotifyStub(self, Stringvalue, Paramcount);
    }


    That's pretty much it :P This works for all cods the same way as it works for this. Just update the offsets.
    Last edited by Ambition sG ; 03-09-2015 at 11:27 PM.

  2. The Following 20 Users Say Thank You to Ambition sG For This Useful Post:

    , , , , , , , , , , , , , , , , , , ,

  3. 03-11-2015, 06:23 PM
    105
    Posts
    1,337
    Reputation
    Nov 2012
    NextGenUpdate
    figured it all out but i get this error You must login or register to view this content. on the SL_ConvertToString
    Last edited by JLM ; 03-11-2015 at 06:27 PM.

  4. 03-11-2015, 08:07 PM
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    168
    Posts
    470
    Reputation
    Apr 2014
    NextGenUpdate
    Originally Posted by JLM View Post
    figured it all out but i get this error You must login or register to view this content. on the SL_ConvertToString

    Im having the seam Problem maybe we can help eachother add me in Skype > mw2justice
  5. 03-11-2015, 08:15 PM
    Swaqq's Avatar
    Swaqq
    Professional Thanker
    Swaqq's Avatar
    Swaqq
    Professional Thanker
    800
    Posts
    17,079
    Reputation
    Nov 2013
    NextGenUpdate
    Originally Posted by JLM View Post
    figured it all out but i get this error You must login or register to view this content. on the SL_ConvertToString



    Originally Posted by lutsch1234 View Post
    Im having the seam Problem maybe we can help eachother add me in Skype > mw2justice


    Here try this:
    opd_s SL_CTS = { 0x200280, TOC };
    const char*(*SL_ConvertToString)(unsigned short StringValue) = (const char*(*)(unsigned short))&SL_CTS;
  6. 03-11-2015, 10:05 PM
    01cedricv2's Avatar
    01cedricv2
    NGU Elite Lifetime Mermber
    01cedricv2's Avatar
    01cedricv2
    NGU Elite Lifetime Mermber
    270
    Posts
    20,426
    Reputation
    Jan 2015
    NextGenUpdate
    Originally Posted by Ambition View Post
    Sup guys, if you don't know me, good. I'm from xbox xD. My alias is Maybe Ethernet. I'll be showing you how to call raw gsc functions in your dll/sprx.

    Ok so first we want to get our basic functions

    int Scr_SetParameters(unsigned int Num){
    return *(int*)(0x13C3140 + 0x203Cool Man (aka Tustin) = Num;
    }
    //This will set the parameter number

    struct opd_s{
    uint Sub;
    uint Toc;
    };


    opd_s ParseAddr(int Address){
    opd_s GLS = { Address, 0x724C38 };
    return GLS;
    }
    //TOC

    Next we want to get all the Scr_Add functions together
    #define Scr_AddInt(Value) ((void(*)(int))&ParseAddr(0x20C60Cool Man (aka Tustin))(Value)
    #define Scr_AddFloat(Value) ((void(*)(float))&ParseAddr(0x20C5C0))(Value)
    #define Scr_AddString(String) ((void(*)(const char*))&ParseAddr(0x20C42Cool Man (aka Tustin))(String)
    #define Scr_AddEntity(Entity) ((void(*)(int))&ParseAddr(0x1B7700))(Entity)
    #define Scr_AddVector(Vec) ((void(*)(const float*))&ParseAddr(0x20C330))(Vec)


    Now to explain how to actually use these, we're going to use GScr_Earthquake as an example which is located at 0x1A80E8.

    Here's how we do this.

    First:
    #define Scr_ClearOutParams() ((void(*)(void))&ParseAddr(0x20C19Cool Man (aka Tustin))()


    void GScr_Earthquake(float scale, float duration, float* source, float radius){
    Scr_AddFloat(radius);
    Scr_AddVector(source);
    Scr_AddFloat(duration);
    Scr_AddFloat(scale);
    Scr_SetParameters(4); //See how I set the parameter number after I finish calling the Scr_Adds?
    ((void(*)())&ParseAddr(0x1A80ECool Man (aka Tustin))(); //Call the actual function
    //((void(*)(int))&ParseAddr(0x1A80ECool Man (aka Tustin))(ClientID << 16); //Only call this one if the one above doesn't work.
    Scr_ClearOutParams();
    }


    See how I called the Scr_Adds from the last parameter to the 1st one? Well you have to do that, idk why really.

    Now on to the hook. You need somewhere to call these right? Well your answer is: VM_Resume - 0x2E69C4.

    Method to hook: hookFunctionStart - Credit to Xx jAmes t xX for porting this Smile

    void PatchInJump(int Address, int Destination){
    int FuncBytes[4];
    Destination = *(int*)Destination;
    FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
    if(Destination & 0x8000) FuncBytes[0] += 1;
    FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
    FuncBytes[2] = 0x7D6903A6;
    FuncBytes[3] = 0x4E800420;
    Memcpy((void*)Address, FuncBytes, 4*4);
    }


    void hookFunctionStart(int Address, int saveStub, int Destination){ //Works on every game
    saveStub = *(int*)saveStub;
    int BranchtoAddress = Address + (4*4);
    int StubData[8];
    StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF);
    if(BranchtoAddress & 0x8000) StubData[0] += 1;
    StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF);
    StubData[2] = 0x7D6903A6;
    Memcpy(&StubData[3], (void*)Address, 4*4);
    StubData[7] = 0x4E800420;
    Memcpy((void*)saveStub, StubData, 8*4);
    PatchInJump(Address, Destination);
    }


    Now our function hook

    void VM_ResumeStub(int TimeId){
    __asm("li %r3, 0x3");
    }


    void VM_ResumeHook(int TimeId){ // If this doesn't work, hook int VM_Execute() - 0x20CC08 with hookFunctionStart
    //You would call GScr_Earthquake here. Obv not in the loop. Make sure you implement a check in here to make it // get called once
    VM_ResumeStub(TimeId);
    }


    To call our hook we do
    hookFunctionStart(0x210A48, (int)VM_ResumeStub, (int)VM_ResumeHook);

    Make sure you call that about 2 seconds after your thread is executed.


    Now that's it. Smile Also, you can call other things like:

    PlayerCmd_ClonePlayer
    PlayerCmd_Suicide
    Player_Die
    G_RadiusDamage
    GScr_NotifyOnPlayerCommand //Someone find this for me on ghosts pls ;-;
    G_Damage
    and many more!

    Now on to waitill. Pretty easy tbh.

    First
    #define SL_ConvertToString(StringValue) ((const char*(*)(unsigned short))ParseAddr(0x200280))(StringValue)


    hookFunctionStart(0x20B7C8, (int)VM_NotifyStub, (int)VM_NotifyHook);


    void VM_NotifyStub(unsigned int self, short Stringvalue, unsigned int Paramcount){
    __asm("li %r3, 0x4");
    }


    void VM_NotifyHook(unsigned int self, short Stringvalue, unsigned int Paramcount){
    //Now if we wanted to monitor onPlayerSpawned we do
    int ClientID = ((int(*)(int))&ParseAddr(0x201F90))(self); //Scr_GetSelf
    const char* Notify = SL_ConvertToString(Stringvalue);
    if(!strcmp(Notify, "spawned_player")){
    //Executed on spawn. This monitors for ANY CLIENT THAT SPAWNS!
    GScr_Earthquake(0.6f, 2, (float*)(Playerstate() + 0x1C), 800); //Yes you can call this in V
    }
    VM_NotifyStub(self, Stringvalue, Paramcount);
    }


    That's pretty much it :P This works for all cods the same way as it works for this. Just update the offsets.



    Thanks Ethernet Smile <3
  7. 03-13-2015, 11:01 PM
    105
    Posts
    1,337
    Reputation
    Nov 2012
    NextGenUpdate
    Originally Posted by Ambition View Post
    Sup guys, if you don't know me, good. I'm from xbox xD. My alias is Maybe Ethernet. I'll be showing you how to call raw gsc functions in your dll/sprx.

    Ok so first we want to get our basic functions

    int Scr_SetParameters(unsigned int Num){
    return *(int*)(0x13C3140 + 0x203Cool Man (aka Tustin) = Num;
    }
    //This will set the parameter number

    struct opd_s{
    uint Sub;
    uint Toc;
    };


    opd_s ParseAddr(int Address){
    opd_s GLS = { Address, 0x724C38 };
    return GLS;
    }
    //TOC

    Next we want to get all the Scr_Add functions together
    #define Scr_AddInt(Value) ((void(*)(int))&ParseAddr(0x20C60Cool Man (aka Tustin))(Value)
    #define Scr_AddFloat(Value) ((void(*)(float))&ParseAddr(0x20C5C0))(Value)
    #define Scr_AddString(String) ((void(*)(const char*))&ParseAddr(0x20C42Cool Man (aka Tustin))(String)
    #define Scr_AddEntity(Entity) ((void(*)(int))&ParseAddr(0x1B7700))(Entity)
    #define Scr_AddVector(Vec) ((void(*)(const float*))&ParseAddr(0x20C330))(Vec)


    Now to explain how to actually use these, we're going to use GScr_Earthquake as an example which is located at 0x1A80E8.

    Here's how we do this.

    First:
    #define Scr_ClearOutParams() ((void(*)(void))&ParseAddr(0x20C19Cool Man (aka Tustin))()


    void GScr_Earthquake(float scale, float duration, float* source, float radius){
    Scr_AddFloat(radius);
    Scr_AddVector(source);
    Scr_AddFloat(duration);
    Scr_AddFloat(scale);
    Scr_SetParameters(4); //See how I set the parameter number after I finish calling the Scr_Adds?
    ((void(*)())&ParseAddr(0x1A80ECool Man (aka Tustin))(); //Call the actual function
    //((void(*)(int))&ParseAddr(0x1A80ECool Man (aka Tustin))(ClientID << 16); //Only call this one if the one above doesn't work.
    Scr_ClearOutParams();
    }


    See how I called the Scr_Adds from the last parameter to the 1st one? Well you have to do that, idk why really.

    Now on to the hook. You need somewhere to call these right? Well your answer is: VM_Resume - 0x2E69C4.

    Method to hook: hookFunctionStart - Credit to Xx jAmes t xX for porting this Smile

    void PatchInJump(int Address, int Destination){
    int FuncBytes[4];
    Destination = *(int*)Destination;
    FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
    if(Destination & 0x8000) FuncBytes[0] += 1;
    FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
    FuncBytes[2] = 0x7D6903A6;
    FuncBytes[3] = 0x4E800420;
    Memcpy((void*)Address, FuncBytes, 4*4);
    }


    void hookFunctionStart(int Address, int saveStub, int Destination){ //Works on every game
    saveStub = *(int*)saveStub;
    int BranchtoAddress = Address + (4*4);
    int StubData[8];
    StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF);
    if(BranchtoAddress & 0x8000) StubData[0] += 1;
    StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF);
    StubData[2] = 0x7D6903A6;
    Memcpy(&StubData[3], (void*)Address, 4*4);
    StubData[7] = 0x4E800420;
    Memcpy((void*)saveStub, StubData, 8*4);
    PatchInJump(Address, Destination);
    }


    Now our function hook

    void VM_ResumeStub(int TimeId){
    __asm("li %r3, 0x3");
    }


    void VM_ResumeHook(int TimeId){ // If this doesn't work, hook int VM_Execute() - 0x20CC08 with hookFunctionStart
    //You would call GScr_Earthquake here. Obv not in the loop. Make sure you implement a check in here to make it // get called once
    VM_ResumeStub(TimeId);
    }


    To call our hook we do
    hookFunctionStart(0x210A48, (int)VM_ResumeStub, (int)VM_ResumeHook);

    Make sure you call that about 2 seconds after your thread is executed.


    Now that's it. Smile Also, you can call other things like:

    PlayerCmd_ClonePlayer
    PlayerCmd_Suicide
    Player_Die
    G_RadiusDamage
    GScr_NotifyOnPlayerCommand //Someone find this for me on ghosts pls ;-;
    G_Damage
    and many more!

    Now on to waitill. Pretty easy tbh.

    First
    #define SL_ConvertToString(StringValue) ((const char*(*)(unsigned short))ParseAddr(0x200280))(StringValue)


    hookFunctionStart(0x20B7C8, (int)VM_NotifyStub, (int)VM_NotifyHook);


    void VM_NotifyStub(unsigned int self, short Stringvalue, unsigned int Paramcount){
    __asm("li %r3, 0x4");
    }


    void VM_NotifyHook(unsigned int self, short Stringvalue, unsigned int Paramcount){
    //Now if we wanted to monitor onPlayerSpawned we do
    int ClientID = ((int(*)(int))&ParseAddr(0x201F90))(self); //Scr_GetSelf
    const char* Notify = SL_ConvertToString(Stringvalue);
    if(!strcmp(Notify, "spawned_player")){
    //Executed on spawn. This monitors for ANY CLIENT THAT SPAWNS!
    GScr_Earthquake(0.6f, 2, (float*)(Playerstate() + 0x1C), 800); //Yes you can call this in V
    }
    VM_NotifyStub(self, Stringvalue, Paramcount);
    }


    That's pretty much it :P This works for all cods the same way as it works for this. Just update the offsets.


    Originally Posted by Swaqq View Post
    Here try this:
    opd_s SL_CTS = { 0x200280, TOC };
    const char*(*SL_ConvertToString)(unsigned short StringValue) = (const char*(*)(unsigned short))&SL_CTS;


    So umm how does your gclient func return a client with out paroms?
    Last edited by JLM ; 03-13-2015 at 11:06 PM.

  8. 03-13-2015, 11:08 PM
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    168
    Posts
    470
    Reputation
    Apr 2014
    NextGenUpdate
    Originally Posted by JLM View Post
    So umm whats the playerstate() offset i can not freaking find it been looking sence i posted the first problem.
    Oh and thanks swagg

    0x14E2200 here by the way the mw2 Version is messed up atm so i dont know if you get this to work if you do could you help me to get it working for me too
  9. 03-15-2015, 03:08 PM
    Swaqq's Avatar
    Swaqq
    Professional Thanker
    Swaqq's Avatar
    Swaqq
    Professional Thanker
    800
    Posts
    17,079
    Reputation
    Nov 2013
    NextGenUpdate
    Originally Posted by JLM View Post
    So umm how does your gclient func return a client with out paroms?


    tf u talking about? SL_ConvertToString isnt supposed to return a client...
  10. 03-17-2015, 09:11 AM
    Turk_Warrior's Avatar
    Turk_Warrior
    League Champion
    Turk_Warrior's Avatar
    Turk_Warrior
    League Champion
    1,123
    Posts
    8,468
    Reputation
    Jun 2013
    NextGenUpdate
    Originally Posted by Ambition View Post
    Sup guys, if you don't know me, good. I'm from xbox xD. My alias is Maybe Ethernet. I'll be showing you how to call raw gsc functions in your dll/sprx.

    Ok so first we want to get our basic functions

    int Scr_SetParameters(unsigned int Num){
    return *(int*)(0x13C3140 + 0x203Cool Man (aka Tustin) = Num;
    }
    //This will set the parameter number

    struct opd_s{
    uint Sub;
    uint Toc;
    };


    opd_s ParseAddr(int Address){
    opd_s GLS = { Address, 0x724C38 };
    return GLS;
    }
    //TOC

    Next we want to get all the Scr_Add functions together
    #define Scr_AddInt(Value) ((void(*)(int))&ParseAddr(0x20C60Cool Man (aka Tustin))(Value)
    #define Scr_AddFloat(Value) ((void(*)(float))&ParseAddr(0x20C5C0))(Value)
    #define Scr_AddString(String) ((void(*)(const char*))&ParseAddr(0x20C42Cool Man (aka Tustin))(String)
    #define Scr_AddEntity(Entity) ((void(*)(int))&ParseAddr(0x1B7700))(Entity)
    #define Scr_AddVector(Vec) ((void(*)(const float*))&ParseAddr(0x20C330))(Vec)


    Now to explain how to actually use these, we're going to use GScr_Earthquake as an example which is located at 0x1A80E8.

    Here's how we do this.

    First:
    #define Scr_ClearOutParams() ((void(*)(void))&ParseAddr(0x20C19Cool Man (aka Tustin))()


    void GScr_Earthquake(float scale, float duration, float* source, float radius){
    Scr_AddFloat(radius);
    Scr_AddVector(source);
    Scr_AddFloat(duration);
    Scr_AddFloat(scale);
    Scr_SetParameters(4); //See how I set the parameter number after I finish calling the Scr_Adds?
    ((void(*)())&ParseAddr(0x1A80ECool Man (aka Tustin))(); //Call the actual function
    //((void(*)(int))&ParseAddr(0x1A80ECool Man (aka Tustin))(ClientID << 16); //Only call this one if the one above doesn't work.
    Scr_ClearOutParams();
    }


    See how I called the Scr_Adds from the last parameter to the 1st one? Well you have to do that, idk why really.

    Now on to the hook. You need somewhere to call these right? Well your answer is: VM_Resume - 0x2E69C4.

    Method to hook: hookFunctionStart - Credit to Xx jAmes t xX for porting this Smile

    void PatchInJump(int Address, int Destination){
    int FuncBytes[4];
    Destination = *(int*)Destination;
    FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
    if(Destination & 0x8000) FuncBytes[0] += 1;
    FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
    FuncBytes[2] = 0x7D6903A6;
    FuncBytes[3] = 0x4E800420;
    Memcpy((void*)Address, FuncBytes, 4*4);
    }


    void hookFunctionStart(int Address, int saveStub, int Destination){ //Works on every game
    saveStub = *(int*)saveStub;
    int BranchtoAddress = Address + (4*4);
    int StubData[8];
    StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF);
    if(BranchtoAddress & 0x8000) StubData[0] += 1;
    StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF);
    StubData[2] = 0x7D6903A6;
    Memcpy(&StubData[3], (void*)Address, 4*4);
    StubData[7] = 0x4E800420;
    Memcpy((void*)saveStub, StubData, 8*4);
    PatchInJump(Address, Destination);
    }


    Now our function hook

    void VM_ResumeStub(int TimeId){
    __asm("li %r3, 0x3");
    }


    void VM_ResumeHook(int TimeId){ // If this doesn't work, hook int VM_Execute() - 0x20CC08 with hookFunctionStart
    //You would call GScr_Earthquake here. Obv not in the loop. Make sure you implement a check in here to make it // get called once
    VM_ResumeStub(TimeId);
    }


    To call our hook we do
    hookFunctionStart(0x210A48, (int)VM_ResumeStub, (int)VM_ResumeHook);

    Make sure you call that about 2 seconds after your thread is executed.


    Now that's it. Smile Also, you can call other things like:

    PlayerCmd_ClonePlayer
    PlayerCmd_Suicide
    Player_Die
    G_RadiusDamage
    GScr_NotifyOnPlayerCommand //Someone find this for me on ghosts pls ;-;
    G_Damage
    and many more!

    Now on to waitill. Pretty easy tbh.

    First
    #define SL_ConvertToString(StringValue) ((const char*(*)(unsigned short))ParseAddr(0x200280))(StringValue)


    hookFunctionStart(0x20B7C8, (int)VM_NotifyStub, (int)VM_NotifyHook);


    void VM_NotifyStub(unsigned int self, short Stringvalue, unsigned int Paramcount){
    __asm("li %r3, 0x4");
    }


    void VM_NotifyHook(unsigned int self, short Stringvalue, unsigned int Paramcount){
    //Now if we wanted to monitor onPlayerSpawned we do
    int ClientID = ((int(*)(int))&ParseAddr(0x201F90))(self); //Scr_GetSelf
    const char* Notify = SL_ConvertToString(Stringvalue);
    if(!strcmp(Notify, "spawned_player")){
    //Executed on spawn. This monitors for ANY CLIENT THAT SPAWNS!
    GScr_Earthquake(0.6f, 2, (float*)(Playerstate() + 0x1C), 800); //Yes you can call this in V
    }
    VM_NotifyStub(self, Stringvalue, Paramcount);
    }


    That's pretty much it :P This works for all cods the same way as it works for this. Just update the offsets.


    So clean my mind for me so with this we can only call GSC functions BUT can we use GSC Menus

    If its like that i dont mind because this can lead to big things lol
  11. 03-17-2015, 02:15 PM
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    lutsch1234's Avatar
    lutsch1234
    Bounty hunter
    168
    Posts
    470
    Reputation
    Apr 2014
    NextGenUpdate
    Originally Posted by Warrior View Post
    So clean my mind for me so with this we can only call GSC functions BUT can we use GSC Menus

    If its like that i dont mind because this can lead to big things lol

    You can call Gscr_Addtestclient as an example so if you know the function you can call it also you can add hud elements with GScr_NewHudElem you can find These Offsets on seb his Offset and script thread