Results 1 to 1 of 1
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    [Delphi] Combat Arms Hack Lib

    • Number Pad 1 = on/off No recoil (stops the gun from moving around when firing)
    • Number Pad 2 = on/off No Reload (no need to waste valuable time reloading, this has saved me alot)
    • Number Pad 3 = on/off SuperBullets (Bullets that shoot through Anything, walls ect..)
    • Number Pad 4 = on/off GlassWalls (see through walls like it was glass, easy to spot the enemy)
    • End Key = Turn off All hacks (this is needed before you start a new game as the engine detects
    the byte changes, turn the hacks back on once your ingame)

    Now for the PushToConsole Information...
    Either one of these 2 snippets work in C++ but I could'nt translate them to Delphi
    //In Globals 
    typedef void (__cdecl *lpSetConsoleVariable)(unsigned long console,char* szVal);
    lpSetConsoleVariable SetConsoleVariable;

    //In Present or Endscene
    void cBase::RenderFrame(LPDIRECT3DDEVICE9 pDevice)
    {
    SetConsoleVariable = (lpSetConsoleVariable)(0x0484BC0);

    if(GetAsyncKeyState(VK_INSERT)&1){
    ptc =! ptc;
    }
    if(ptc){
    SetConsoleVariable(0x8003F0,"ShowFps 1");
    } else {
    SetConsoleVariable(0x8003F0,"ShowFps 0");
    }
    }

    or
    //In Globals
    typedef int (__cdecl* RunConsoleCommand_t)(char* cmd);
    RunConsoleCommand_t pRunConsoleCommand = (RunConsoleCommand_t)0x00485E10;

    //In Present or Endscene
    void cBase::RenderFrame(LPDIRECT3DDEVICE9 pDevice)
    {
    if(GetAsyncKeyState(VK_INSERT)&1){
    ptc =! ptc;
    }
    if(ptc){
    pRunConsoleCommand("ShowFPS 1");
    } else {
    pRunConsoleCommand("ShowFPS 0");
    }
    }

    If you can translate one these and get it working you can add more hacks to this Library...


    Now for the Delphi source, you can see the PushToConsole Methods I have been trying and have left them in this library for others to give it a go..
    library DepartureLib;

    uses
    Windows, SysUtils;

    {$R *.res}

    //Have a record of patches for easier managment(Not implemented yet)
    Type
    TPatchRecord = Record
    Address: Pointer;
    NewBytes: array of Byte;
    OldBytes: array of Byte;
    end;
    //Pointer to our record
    PPatchRecord = ^TPatchRecord;

    var
    //Thread Handles
    dwThrdHack: Dword = 0;
    dwThrdMain: Dword = 0;
    dwThrdKeys: Dword = 0;
    //Patches On/Off
    NoRecoil: Boolean = False;
    NoReload: Boolean = False;
    SuperBullets: Boolean = False;
    GlassWall: Boolean = False;
    FPS: Boolean = False;
    Const
    //======================= NoRecoil ================================//
    //Recoil Address's
    AddressNoRecoil1 = $37465A60;
    AddressNoRecoil2 = $37234EB9;
    AddressNoRecoil3 = $37465A74;
    AddressNoRecoil4 = $37465A77;
    AddressNoRecoil5 = $37465A80;
    //Recoil Patches
    PatchNoRecoil1 : Array[0..2] of byte = ($90,$90,$90);
    PatchNoRecoil2 : Array[0..10] of byte = ($90,$90,$90,$90,$90,$90,$90,$90,$90,$90,$90);
    PatchNoRecoil3 : Array[0..2] of byte = ($90,$90,$90);
    PatchNoRecoil4 : Array[0..2] of byte = ($90,$90,$90);
    PatchNoRecoil5 : Array[0..2] of byte = ($90,$90,$90);
    //Recoil ORiginal Bytes
    OriginalNoRecoil1 : Array[0..2] of byte = ($D8,$66,$54);
    OriginalNoRecoil2 : Array[0..10] of byte = ($C7,$84,$24,$94,$00,$00,$00,$0F,$00,$00,$00);
    OriginalNoRecoil3 : Array[0..2] of byte = ($D9,$5E,$54);
    OriginalNoRecoil4 : Array[0..2] of byte = ($D9,$46,$48);
    OriginalNoRecoil5 : Array[0..2] of byte = ($D9,$5E,$48);
    //======================= NoReload ==============================//
    AddressNoReload = $374B1824;
    PatchNoReload : Array[0..5] of byte = ($90,$90,$90,$90,$90,$90);
    OriginalNoReload : Array[0..5] of byte = ($0F,$84,$B1,$01,$00,$00);
    //======================== SuperBullets =========================//
    AddressSuperBullets = $374AC526;
    PatchSuperBullets : Array[0..2] of byte = ($90,$90,$90);
    OriginalSuperBullets : Array[0..2] of byte = ($0F,$94,$C0);
    //======================= GlassWall =============================//
    AddressGlassWall = $005725AA;
    PatchGlassWall : Array[0..1] of byte = ($6A,$00);
    OriginalGlassWall : Array[0..1] of byte = ($6A,$01);

    //PushToConsole Methods NOT working yet
    type
    TRunConsoleCommand = function(cmd : pchar) : Integer; cdecl;
    PRunConsoleCommand = ^TRunConsoleCommand;

    lpSetConsoleVariable = procedure( console: Integer; szVal: PChar ); cdecl;
    PSetConsoleVariable = ^lpSetConsoleVariable; // Pointer To lpSetConsoleVariable
    SetConsoleVariable = lpSetConsoleVariable;

    procedure RunConsoleCommand(Const command : String);
    var
    RCC : TRunConsoleCommand;
    begin
    RCC:= TRunConsoleCommand($00485E10);
    RCC(Pchar(command));
    end;

    //PushToCosole Method
    function PushIt(command: PChar):boolean;cdecl;
    var
    dwAddress: Dword;
    begin
    dwAddress:= $00484BC0;
    asm
    mov eax,command
    push eax
    push $08003f0
    call dwAddress
    add esp,8
    end;
    result := true;
    end;

    // Write Bytes to Address Method
    Function WriteIt(pAddress: Pointer; Bytes: Array of Byte): Boolean;
    var
    dwProtect: DWord;
    begin
    Result:= False;
    //Change address Protecting to read/write/Execute and save the original in dwProtect
    if VirtualProtect(pAddress, SizeOf(Bytes), PAGE_EXECUTE_READWRITE, @dwProtect) then
    begin
    //Write the new bytes to addres and the length of bytes to be written
    Move(Bytes, pAddress^, Length(Bytes));
    //Restore original Protecting to section we have just written to.
    VirtualProtect(pAddress, SizeOf(Bytes), dwProtect, @dwProtect);
    Result := True
    end;
    end;

    Function FuncKeys(const LPVOID: variant): Boolean;
    begin
    while (True) do
    Begin
    //Recoil
    if (GetAsyncKeyState(VK_NUMPAD1) <> 0) then
    NoRecoil:= NOT NoRecoil;


    //NoReload
    if (GetAsyncKeyState(VK_NUMPAD2) <> 0) then
    NoReload:= NOT NoReload;

    //SuperBullets
    if (GetAsyncKeyState(VK_NUMPAD3) <> 0) then
    SuperBullets:= NOT SuperBullets;

    //GlassWall
    if (GetAsyncKeyState(VK_NUMPAD4) <> 0) then
    GlassWall:= NOT GlassWall;

    if (GetAsyncKeyState(VK_NUMPAD5) <> 0) then
    FPS:= NOT FPS;

    //Turn off All Hacks "End" Key
    if (GetAsyncKeyState(VK_END) <> 0) then
    begin
    NoRecoil:= False;
    NoReload:= False;
    SuperBullets:= False;
    GlassWall:= False;
    end;
    //Have a KitKat
    sleep(100);
    end;
    end;


    function FuncMain(const LPVOID: variant): Boolean;
    begin
    while (True) do
    begin
    asm
    pushad;
    end;

    //Write NoRecoil
    if NoRecoil then
    begin
    WriteIt(ptr(AddressNoRecoil1),PatchNoRecoil1);
    WriteIt(ptr(AddressNoRecoil2),PatchNoRecoil2);
    WriteIt(ptr(AddressNoRecoil3),PatchNoRecoil3);
    WriteIt(ptr(AddressNoRecoil4),PatchNoRecoil4);
    WriteIt(ptr(AddressNoRecoil5),PatchNoRecoil5);
    end
    else
    begin
    WriteIt(ptr(AddressNoRecoil1),OriginalNoRecoil1);
    WriteIt(ptr(AddressNoRecoil2),OriginalNoRecoil2);
    WriteIt(ptr(AddressNoRecoil3),OriginalNoRecoil3);
    WriteIt(ptr(AddressNoRecoil4),OriginalNoRecoil4);
    WriteIt(ptr(AddressNoRecoil5),OriginalNoRecoil5);
    end;

    //Write NoReload
    if NoReload then
    WriteIt(ptr(AddressNoReload),PatchNoReload)
    else
    WriteIt(ptr(AddressNoReload),OriginalNoReload);

    //Write SuperBullets patch
    if SuperBullets then
    WriteIt(ptr(AddressSuperBullets),PatchSuperBullets )
    else
    WriteIt(ptr(AddressSuperBullets),OriginalSuperBull ets);

    //Write GlassWall patch
    if GlassWall then
    WriteIt(ptr(AddressGlassWall),PatchGlassWall)
    else
    WriteIt(ptr(AddressGlassWall),OriginalGlassWall);

    //PushToConsole
    if FPS then
    SetConsoleVariable($00484BC0)($008003F0,Pchar('Ske lModelStencil 1'))
    else
    SetConsoleVariable($00484BC0)($008003F0,Pchar('Ske lModelStencil 0'));


    //Have a KitKat
    Sleep(100);
    asm
    popad;
    end;
    end;
    end;

    Function IsGameReadyForHook: Boolean;
    var
    null: variant;
    begin
    //Get base address of the following modules...
    if ((GetModuleHandleA('d3d9.dll') <> null) and
    (GetModuleHandleA('ClientFX.fxd') <> null) and
    (GetModuleHandleA('CShell.dll') <> null)) then
    begin
    //Modules exsist so we can return true
    Result := True;
    end
    else
    //Otherwise Modules dont exsist yet
    Result := False;
    end;

    Function HackThread(): Dword;
    var
    cHandle: Cardinal;
    begin
    //Call our function to check for loaded game modules
    Repeat
    Sleep(500);
    Until ((IsGameReadyForHook = True) and (dwThrdMain = 0));

    //Creat one thread for Key presses, and one for writting our patches(if = to true)
    CreateThread(nil, 0, @FuncKeys, nil, 0, dwThrdKeys);
    CreateThread(nil, 0, @FuncMain, nil, 0, dwThrdMain);
    //Just some debugging...(Not needed)
    cHandle:= GetModuleHandleA('CShell.dll');
    MessageBoxA(0, Pchar(format('CShell Base Adress: %8.x', [cHandle])),Pchar('CShell Base'), MB_OK + MB_ICONINFORMATION);

    //No need for thread anymore
    Result := 0;
    end;

    procedure DllMain(reason: integer);
    begin
    case reason of
    DLL_PROCESS_ATTACH:
    begin
    //Create a thread to monitor for the game modules
    CreateThread(nil, 0, @HackThread, nil, 0, dwThrdHack);
    end;
    DLL_PROCESS_DETACH:
    //When we detach make sure to clean up any threads we created
    begin
    if dwThrdMain <> 0 then
    CloseHandle(dwThrdMain);
    if dwThrdHack <> 0 then
    CloseHandle(dwThrdHack);
    if dwThrdKeys <> 0 then
    CloseHandle(dwThrdKeys);
    end;
    end;
    end;

    begin
    //Disable notifycation of attachment
    DisableThreadLibraryCalls(hInstance);
    DllProc := @DllMain;
    DllProc(DLL_PROCESS_ATTACH);
    end.

    Just inject it into Engine.exe
    by Departure
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •