RUST Fix magic bullet for source kitekat

Забаненный
Статус
Оффлайн
Регистрация
4 Авг 2021
Сообщения
22
Реакции[?]
7
Поинты[?]
0
Обратите внимание, пользователь заблокирован на форуме. Не рекомендуется проводить сделки.
Код:
uint64_t empty_object_manager = pattern("\x56\x8B\xF1\x8B\x86\xBC\x00\x00\x00\xC1\xE8\x1B\xA8\x01\x0F\x85\x9A\x00\x00\x00"
    "\x8B\x16\xFF\x92\xF0\x00\x00\x00\x80\x7C\x24\x0C\x00\x74\x08\x84\xC0\x0F\x84\x83"
    "\x00\x00\x00\x3C\x01\x75\x20\x80\x7C\x24\x14\x00\x75\x19\x8B\xCE\xE8\x83\x1A\x01"
    "\x00\x85\xC0\x74\x0E\x8B\x10\x8B\xC8\xFF\x92\x08\x05\x00\x00\x84\xC0\x74\x5F\x57"
    "\x6A\x01\x56\xE8\x48\xEA\x07\x00\x8B\xF8\x83\xC4\x08\x85\xFF\x74\x3D\x8B\x44\x24"
    "\x0C\x50\x8B\xCF\xE8\x83\xE5\x07\x00\x68\x00\x00\x00\x08\x8B\xCE");
DWORD64 findentity(std::string arg1) {

    return safe_read(empty_object_manager + 0x53F1A65 + 0x3FD1AF4 + 0x1E56D39 + 0x44 + 0x0, DWORD64);
}
void DMWsection(DWORD64 arg1,UINT64 arg2,DWORD64 arg3) {
    DWORD64 x3 = safe_read(arg1 + 0x3 + 0x1 + 0x54823F3,DWORD64);
    DWORD64 x6 = safe_read(x3 + arg2 + arg3 + 0x55 + 0x11481733 + 0x4 + 0x11481733, DWORD64);
    DWORD64 x8 = safe_read(x6 + 0x0, DWORD64);
    DWORD64 x11 = safe_read(x8 + 0x63 + 0x433, DWORD64);
    DWORD64 x63 = safe_read(x11 + 0x3, DWORD64);
    __asm
    {
        fistp qword ptr[esp - 8]
        mov   edx, [esp - 4]
        mov   eax, [esp - 8]
        ret
    }
    __asm
    {
        fistp dword ptr[esp - 4]
        mov   eax, [esp - 4]
        ret
    }
    __asm
    {
        ;
        ; Handle shifts of 64 or more bits(all get 0)
            ;
        cmp     cl, 64
            jae     short RETZERO

            ;
        ; Handle shifts of between 0 and 31 bits
            ;
        cmp     cl, 32
            jae     short MORE32
            shld    edx, eax, cl
            shl     eax, cl
            ret

            ;
        ; Handle shifts of between 32 and 63 bits
            ;
    MORE32:
        mov     edx, eax
            xor eax, eax
            and cl, 31
            shl     edx, cl
            ret

            ;
        ; return 0 in edx : eax
            ;
    RETZERO:
        xor eax, eax
            xor edx, edx
            ret
    }
}

DWORD64 findclass(std::string arg1) {
    int class_manager[4] = {
    0x3, 0x01,        /* mov bl, 01 */
    0x0, 0x70        /* jmp class + 0xDB */
    };
    
    int finded_protect[] = {
        0x48, 0xB8, 0x00, 0x00, 0x3E, 0x00, 0x00, 0x00, 0x00, 0x00,        /* mov rax, 0x3E0000 */
        0x90,                                                            /* nop */
    };
    return safe_read(sizeof(class_manager) + sizeof(finded_protect) + empty_object_manager + sizeof(arg1), DWORD64);
}
DWORD64 findfirstclass(std::string arg1) {
    DWORD64 find_class = safe_read(gBase + 0x411, DWORD64);
    DWORD64 read_class = safe_read(find_class + 0x18 + 0x3 + 0x11 + 0x97 + 0x15, DWORD64);

    return findclass(arg1);
}
void exploitcmd(DWORD64 arg1,std::string arg2,std::string arg3,std::string arg4, std::string arg5) {
    // dm me to get function source xariz#7728 shmiga#5700
}
void sethightvelocity(float scale) {
    DWORD64 projectile_mono = findfirstclass("Bullet_prefab_velocity.properties"); // using short
    DWORD64 prefab_mono_velocity_start_pos = safe_read(projectile_mono + 0x9CC501C, DWORD64);
    DWORD64 prefab_mono_velocity_end_pos = safe_read(prefab_mono_velocity_start_pos + 0x36E5CAAF, DWORD64);
    safe_write(prefab_mono_velocity_start_pos, scale, DWORD64);
    safe_write(prefab_mono_velocity_end_pos, scale, DWORD64);
}
void setthickness(float scale) {
    DWORD64 projectile_mono = findfirstclass("Bullet_prefab_thc.properties"); // using short
    DWORD64 mono_dmg = safe_read(projectile_mono + 0x2570C73E + 164633236, DWORD64);
    safe_write(mono_dmg, scale, DWORD64);
}
void setdamage(float scale) {
    DWORD64 projectile_mono = findfirstclass("Bullet_prefab_damage.properties"); // using short
    DWORD64 prefab_struct_dmg = safe_read(projectile_mono + 0x38D013F344D3,DWORD64);
    safe_write(prefab_struct_dmg, scale, DWORD64);
}
    int otherclass(int arg1) {// нужно обновить
        DWORD64 arg2 = 0x581;
        DWORD64 projectile_unk1 = safe_read(arg2 + 0x33 + 0x0,DWORD64);
        DWORD64 projectile_unk2 = safe_read(projectile_unk1 + arg2 + 0x0 + 0x0 + 0x33 + 0x11 + 0x10,DWORD64);
        DWORD64 projectile_struct = safe_read(projectile_unk1 + projectile_unk2, DWORD64);
        return sizeof(projectile_struct);
    }
void *******magicbullet(Projectile* monkey, BasePlayer* player) {

    int bullet_list = safe_read(gBase + 0x00B74490, int);
    for (int i = 0; i < bullet_list; i++)
    {
        auto expammo = findfirstclass("Explosion");
        
        auto all_shit = monkey->otherclass(i);
        DMWsection(expammo, GetHeldItem(Player2), findentity("01.rfap"));
        exploitcmd(findfirstclass("ServerRpc_"), "ItemModification", "Projectile", "GameObject_", "Bullet_");
        float scale = 3000.f;
        sethightvelocity(scale);
        setthickness(scale);
        setdamage(scale);
    }

}
оффсет искать в CE удачи
 
Сверху Снизу