Tickbase Manipulation

[train67]

Не регате пули но стреляет двойными. Тестил на дм.
Где я ошибаюсь.
int32_t total_new_commands = min(Globals::m_nTickbaseShift, 62); - ставил 16 и 17 не дает ходить стою как вкопанный.
Globals::m_nTickbaseShift = TIME_TO_TICKS(2.0f); так же ставил и 0,2 - 0,5 - 1,0 -11,0 оказалось 2,0 оптивмальное решение чтоб ходить и стрелять но пули не регают.

Я законопатил лишний код
как подсказалSoufiw
и посмотрел значение на

Пожалуйста, авторизуйтесь для просмотра ссылки.

bool __fastcall Hooks::hkdWriteUsercmdDeltaToBuffer(void * ecx, void *, int slot, bf_write * buf, int from, int to, bool isnewcommand)
{
    static auto ofunct = g_Hooks.pClientHook->GetOriginal <WriteUsercmdDeltaToBufferFn>(24);

    if (Globals::m_nTickbaseShift <= 0)
        return ofunct(ecx, slot, buf, from, to, isnewcommand);

    if (from != -1)
        return true;

    auto CL_SendMove = []() {
        using CL_SendMove_t = void (__fastcall*) (void);
        static CL_SendMove_t CL_SendMoveF = (CL_SendMove_t)Utils::FindSignature("engine.dll", "55 8B EC A1 ? ? ? ? 81 EC ? ? ? ? B9 ? ? ? ? 53 8B 98");

        CL_SendMoveF();
    };
    auto WriteUsercmd = [](bf_write * buf, CUserCmd * in, CUserCmd * out) {
        using WriteUsercmd_t = void (__fastcall*) (bf_write *, CUserCmd *, CUserCmd *);
        static WriteUsercmd_t WriteUsercmdF = (WriteUsercmd_t)Utils::FindSignature("client_panorama.dll", "55 8B EC 83 E4 F8 51 53 56 8B D9 8B 0D");
        WriteUsercmdF(buf, in, out);

    };
    int * pNumBackupCommands = (int *)(reinterpret_cast <uintptr_t> (buf) - 0x30);
    int * pNumNewCommands = (int *)(reinterpret_cast <uintptr_t> (buf) - 0x2C);
    auto net_channel = *reinterpret_cast <NetChannel * *> (reinterpret_cast <uintptr_t> (g_pClientState) + 0x9C);
    int32_t new_commands = *pNumNewCommands;

    /*if (!Globals::bInSendMove) {
        if (new_commands <= 0)
            return false;

        Globals::bInSendMove = true;
        Globals::bFirstSendMovePack = true;
        Globals::m_nTickbaseShift += new_commands;

        while (Globals::m_nTickbaseShift > 0) {
            CL_SendMove();
            Globals::bFirstSendMovePack = false;
        }

        Globals::bInSendMove = false;
        return false;
    }

    if (!Globals::bFirstSendMovePack) {
        int32_t loss = min(Globals::m_nTickbaseShift, 10);

        Globals::m_nTickbaseShift -= loss;
        net_channel->m_nOutSequenceNr += loss;
    }*/

    int32_t next_cmdnr = g_pClientState->m_nLastOutgoingCommand + g_pClientState->m_nChokedCommands + 1;
    int32_t total_new_commands = min(Globals::m_nTickbaseShift, 62);
    Globals::m_nTickbaseShift -= total_new_commands;

    from = -1;
    *pNumNewCommands = total_new_commands;
    *pNumBackupCommands = 0;

    for (to = next_cmdnr - new_commands + 1; to <= next_cmdnr; to++) {
        if (!ofunct(ecx, slot, buf, from, to, isnewcommand))
            return false;

        from = to;
    }

    CUserCmd * last_realCmd = g_GameInput->GetUserCmd(slot, from);
    CUserCmd fromCmd;

    if (last_realCmd)
        fromCmd = *last_realCmd;

    CUserCmd toCmd = fromCmd;
    toCmd.command_number++;
    toCmd.tick_count += 3;


    for (int i = new_commands; i <= total_new_commands; i++) {
        WriteUsercmd(buf, &toCmd, &fromCmd);
        fromCmd = toCmd;
        toCmd.command_number++;
        toCmd.tick_count++;
    }

    return true;
}

В bool __fastcall Hooks::CreateMove

    if (c_config::get().doubletap && (Globals::pCmd->buttons & IN_ATTACK))
    {
        if (Globals::nSinceUse++ < 3)
            Globals::m_nTickbaseShift = TIME_TO_TICKS(2.0f);
    }
    else {
        Globals::nSinceUse = 0;
    }

Так же нашел на еще один код манипуляции

Пожалуйста, авторизуйтесь для просмотра ссылки.

Но я не сильно понимаю как его завести в хукк

 

[gordon_lover]

https://yougame.biz/threads/115626/
мб поможет))

 

[KiRi3]

https://yougame.biz/threads/115626/
мб поможет))

Это ему не поможет, там кстати не полный код xD

 

[train67]

поискал я в интернете у кого за 19 год был реализован дабл тап и наткнулся на это, спс гугл очень похоже на правду

#include "../Hooks.h"

int g_iTickBaseShift = 0;

SOURCE_INIT
namespace Hooks
{

template<typename R, typename C, typename D, typename ...Args>
R __declspec(naked) __cdecl weirdCall(void* func, C ecx, D edx, Args... args) {
    __asm {
        push ebp
        mov ebp, esp
    }
    reinterpret_cast<R(__fastcall*)(C, D, Args...)>(func)(ecx, edx, args...);
    __asm {
        mov esp, ebp
        pop ebp
        ret
    }
}

template<typename R, typename C>
R weirdCall(void* func, C ecx) {
    return weirdCall(func, ecx, nullptr);
}

template<typename T>
struct WeirdFunc;

template<typename R, typename ...Args>
struct WeirdFunc<R(Args...)> {
    __forceinline R operator()(Args... args) {
        return weirdCall<R, Args...>(this, args...);
    }
};

bool inSendMove = false, firstSendMovePack = false;
using CL_SendMove_t = void(__fastcall*)();
using WriteUserCmd_t = void(__fastcall*)(void*, CUserCmd*, CUserCmd*); // WRONG! WriteUserCmd uses a "special convention"
//https://www.unknowncheats.me/forum/1973111-post73.html

const int MAX_USERCMD_LOSS = 10;
const int MAX_USERCMDS_SEND = 62;

void WriteUserCmd(void* buf, CUserCmd* to, CUserCmd* from)
{
    static auto WriteUserCmdFn = reinterpret_cast<WriteUserCmd_t>(Vitruvia::Offsets::WriteUserCmd);
    __asm
    {
        mov ecx, buf;
        mov edx, to;
        push from;
        call WriteUserCmdFn;
        add esp, 4h;
    }
}

bool __fastcall hk_WriteUserCmdDeltaToBuffer(IBaseClientDLL* _this, void* edx, int slot, void* buf, int from, int to, bool is_new_cmd)
{
    using namespace Vitruvia;
    if (g_iTickBaseShift <= 0)
    {
        // I don't need to shift, call the original normally
        return BaseClientTable->GetFunction<WriteUserCmdDeltaToBuffer_t>(I_WriteUserCmdDeltaToBuffer)(_this, slot, buf, from, to, is_new_cmd);
    }
    if (from != -1)
    {
        // Skip this but send it no matter what
        return true;
    }

    auto msg = reinterpret_cast<CCLCMsg_Move_t*>(getStackBase() + 0xFCC);
    auto netChan = ClientState->m_NetChannel;
    auto CL_SendMove = rcast<CL_SendMove_t>(Offsets::CL_SendMove);
    int newCommands = msg->numNewCommands;

    // Call CL_SendMove multiple times - split fake move commands between packets to bypass 62 limit
    if (!inSendMove)
    {
        if (newCommands <= 0)
            return false;
        inSendMove = true;
        firstSendMovePack = true;
        g_iTickBaseShift += newCommands;

        while (g_iTickBaseShift > 0)
        {
            CL_SendMove();
            netChan->Transmit(false);
            firstSendMovePack = false;
        }

        inSendMove = false;
        return false; // Stop current CL_SendMove from sending
    }

    // Pack 10 more ticks by faking packet loss

    if (!firstSendMovePack)
    {
        int loss = min(g_iTickBaseShift, MAX_USERCMD_LOSS);
        g_iTickBaseShift -= loss;
        netChan->m_nOutSequenceNr += loss;
    }

    // Manipulate CLC_Move

    int nextCmdNr = ClientState->m_nLastOutgoingCommand + ClientState->m_nChokedCommands + 1;
    int totalNewCommands = min(g_iTickBaseShift, MAX_USERCMDS_SEND);
    g_iTickBaseShift -= totalNewCommands;

    from = -1;
    msg->numNewCommands = totalNewCommands;
    msg->numBackupCommands = 0;

    // Write real commands

    for (to = nextCmdNr - newCommands + 1; to <= nextCmdNr; to++)
    {
        if (!BaseClientTable->GetFunction<WriteUserCmdDeltaToBuffer_t>(I_WriteUserCmdDeltaToBuffer)(_this, slot, buf, from, to, is_new_cmd))
        {
            return false;
        }
        from = to;
    }

    // Write fake commands

    CUserCmd* lastRealCmd = Input->GetUserCmd(slot, from);
    CUserCmd fromCmd;
    if (lastRealCmd)
        fromCmd = *lastRealCmd;

    CUserCmd toCmd = fromCmd;
    toCmd.command_number++;
    toCmd.tick_count += 200; // Prevent server from executing fake commands sometimes

    for (int i = newCommands; i <= totalNewCommands; i++)
    {
        WriteUserCmd(buf, &toCmd, &fromCmd);
        fromCmd = toCmd;
        toCmd.command_number++;
        toCmd.tick_count++;
    }
    return true;
}

}
SOURCE_END

 

[Infamous]

thanks looks p