Вопрос ClientCmd_Unrestricted

Начинающий
Статус
Оффлайн
Регистрация
23 Июл 2022
Сообщения
6
Реакции[?]
0
Поинты[?]
0
Hi, I'm trying to call ClientCmd_Unrestricted externally.
I found the CEngineClient instance, according to this:
Пожалуйста, авторизуйтесь для просмотра ссылки.

the ClientCmd_Unrestricted is the 34th function, I'm trying to call it like this:

C++:
 std::uintptr_t addr = address_of_34th_function;
    LPVOID vCommand = (LPVOID)VirtualAllocEx(Memory::pHandle, NULL, strlen(command) + 1, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
    WriteProcessMemory(Memory::pHandle, vCommand, command, strlen(command), NULL);
    HANDLE hThread = CreateRemoteThread(Memory::pHandle, NULL, NULL, (LPTHREAD_START_ROUTINE)addr, vCommand, NULL, NULL);
    WaitForSingleObject(hThread, INFINITE);
    VirtualFreeEx(Memory::pHandle, vCommand, NULL, MEM_RELEASE);
    CloseHandle(hThread);
But the game crashes.
Also, I looked at the 34th function in memory, it doesn't seem to be ClientCmd_Unrestricted ( There is no argument! Also, I tried other functions around it too )

Пожалуйста, авторизуйтесь для просмотра ссылки.
 
Участник
Статус
Оффлайн
Регистрация
23 Май 2019
Сообщения
781
Реакции[?]
331
Поинты[?]
63K
use CInputService::InsertCommand (25th func) (that's what clientcmd_unrestricted uses under the hood)
C++:
CreateInterface<VClass*>("engine2.dll", "InputService_001")->CallVFunc<25>(5, "dota_camera_distance 228", 0);
doesn't bypass sv_cheats though. "unrestricted" simply means "not restricted in the range of input", meaning that it can execute commands that are not marked as FCVAR_CLIENTCMD_CAN_EXECUTE(its "restricted" counterpart can not execute such commands)
1663143806300.png
 
Начинающий
Статус
Оффлайн
Регистрация
16 Авг 2022
Сообщения
36
Реакции[?]
4
Поинты[?]
4K
use CInputService::InsertCommand (25th func) (that's what clientcmd_unrestricted uses under the hood)
C++:
CreateInterface<VClass*>("engine2.dll", "InputService_001")->CallVFunc<25>(5, "dota_camera_distance 228", 0);
doesn't bypass sv_cheats though. "unrestricted" simply means "not restricted in the range of input", meaning that it can execute commands that are not marked as FCVAR_CLIENTCMD_CAN_EXECUTE(its "restricted" counterpart can not execute such commands)
Посмотреть вложение 220929
Good information
 
Последнее редактирование:
Начинающий
Статус
Оффлайн
Регистрация
23 Июл 2022
Сообщения
6
Реакции[?]
0
Поинты[?]
0
use CInputService::InsertCommand (25th func) (that's what clientcmd_unrestricted uses under the hood)
C++:
CreateInterface<VClass*>("engine2.dll", "InputService_001")->CallVFunc<25>(5, "dota_camera_distance 228", 0);
doesn't bypass sv_cheats though. "unrestricted" simply means "not restricted in the range of input", meaning that it can execute commands that are not marked as FCVAR_CLIENTCMD_CAN_EXECUTE(its "restricted" counterpart can not execute such commands)
Посмотреть вложение 220929

thanks,
Can you give me the full function signature? what is 5 and 0? int?
what is the problem with ClientCmd_Unrestricted?
I'm simply wanting to cast spells without using keyboard events. I'll change the camera distance by write-memory.
also calling a function with more than one parameter in external is a disaster xD
 
Участник
Статус
Оффлайн
Регистрация
23 Май 2019
Сообщения
781
Реакции[?]
331
Поинты[?]
63K
thanks,
Can you give me the full function signature? what is 5 and 0? int?
what is the problem with ClientCmd_Unrestricted?
I'm simply wanting to cast spells without using keyboard events. I'll change the camera distance by write-memory.
also calling a function with more than one parameter in external is a disaster xD
clientcmd_unrestricted may have been removed(I didn't try searching for it I'm feeling lazy, feel free to search for it yourself. maybe it still exists. I simply looked at what it does(it calls InsertCommand. also apparently appends a newline('\n') to the input so you should probably do that if you use InsertCommand) and used that) considering that recently gabe has been removing lots of source1 stuff from the game
1663164244900.png
1663163760900.png
no idea what 5 and 0 are I got those values from observing an actual invocation of that function in a debugger.
the 0, I assume(from very superficial analysis of what is happening inside InsertCommand), is nTickDelay from CCommandBuffer::AddText (which is invoked inside InsertCommand)
C++:
bool CCommandBuffer::AddText( const char *pText, int nTickDelay);
5 is some enum value idk
 
Сверху Снизу