Вопрос Dota 2 netvar manager

Un1xCr3w · 2 Авг 2024

hey guys, thanks a lot for visiting this post,
i have a lot of questions and i have been trying to implement this for really long time
What I want to achieve is:
i wanna create a netvar manager then use the offsets that is being sniffed by the netvar manager
and use createinterface to call the getentities and then getheroes then use the netvar for example the m_iHealth to print the health for each hero

Un1xCr3w · 2 Авг 2024

IClientEntityList* ClientEntityList = (IClientEntityList*)GetInterface("engine2.dll", "Source2EngineToClient001");

class IClientEntityList
{
public:
// Get IClientNetworkable interface for specified entity
virtual void* GetClientNetworkable(int entnum) = 0;
virtual void* GetClientNetworkableFromHandle(unsigned long hEnt) = 0;
virtual void* GetClientUnknownFromHandle(unsigned long hEnt) = 0;

// NOTE: This function is only a convenience wrapper.
// It returns GetClientNetworkable( entnum )->GetIClientEntity().
virtual CEntity* GetClientEntity(int entnum) = 0;
virtual CEntity* GetClientEntityFromHandle(unsigned long hEnt) = 0;

// Returns number of entities currently in use
virtual int NumberOfEntities(bool bIncludeNonNetworkable) = 0;

// Returns highest index actually used
virtual int GetHighestEntityIndex(void) = 0;

// Sizes entity list to specified size
virtual void SetMaxEntities(int maxents) = 0;
virtual int GetMaxEntities() = 0;
} ;

i know this is wrong but i need help regarding this thing related to get all heroes hp ,
thanks.

Liberalist · 2 Авг 2024

Un1xCr3w написал(а):
hey guys, thanks a lot for visiting this post,
i have a lot of questions and i have been trying to implement this for really long time
What I want to achieve is:
i wanna create a netvar manager then use the offsets that is being sniffed by the netvar manager
and use createinterface to call the getentities and then getheroes then use the netvar for example the m_iHealth to print the health for each hero

entitylist isn't directly CreateInterface-able in source 2. you can, however, get interface "GameResourceServiceClientV001" from engine2.dll, and it contains the entity system pointer @ 0x58(don't forget that the pointer may be nullptr(so check before using it), for example when the game is still loading and entity system isn't constructed yet)
for obtaining netvar offsets, see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Dota 2 SDK

Типичное сдк, который сделан на основе схемы срс2, что-то примерно как у @Liberalist , ток без дампов интерфейсов, геймсистем (Лень впиливать). Эта ветка чисто дотавская, постараюсь её держать up2date для доты, но мб будет лень, посмотрим. https://github.com/neverlosecc/source2sdk/tree/dota...

yougame.biz

for checking entity type(hero/creep/player/tower/whatever), see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Как понять, что энтити герой(Поиск TeamID)?

День добрый! Решил ради интереса написать на Python External для Доты, разобрался с поиском по спискам энтити и всё довольно стабильно работает. Через CE нашел следующие оффсеты: m_iHealth = 0x32C m_iMana = 0xC7C dwEntityList = "client.dll"+0x3A757C0 Однако не могу додумать, как понять, что...

yougame.biz

for getting players(players are not heroes. players control heroes couriers summons etc) you can just get entities by index from 1 to 64(like in source 1)(players are C_DOTAPlayerController). they have

C++:

    CHandle< C_BaseEntity > m_hAssignedHero(offset 0x7e4, size 0x4, align 0x4)
        ^MNetworkEnable

CHandle is a 32-bit group(int, basically) where high 17 bits are serial number, low 15 bits are entity index(AND(&) by 0b111111111111111 or 0x7FFF to get low 15 bits)
for getting entity by index, see

Как получить указатель на здоровье? (дамп source2gen)

Получил это 👆 И что получается дальше? Мне надо создать на основе этого файла указатель? Если да, то как? Я не до конца понимаю как работать с дотой Прочекал почти все треды на форуме в разделе с дотой, там какие-то RVAшки(Relative Virtual Address), сигсканы через IDA Не до конца понятно...

yougame.biz

Un1xCr3w · 3 Авг 2024

Liberalist написал(а):
entitylist isn't directly CreateInterface-able in source 2. you can, however, get interface "GameResourceServiceClientV001" from engine2.dll, and it contains the entity system pointer @ 0x50(don't forget that the pointer may be nullptr(so check before using it), for example when the game is still loading and entity system isn't constructed yet)
for obtaining netvar offsets, see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Dota 2 SDK

Типичное сдк, который сделан на основе схемы срс2, что-то примерно как у @Liberalist , ток без дампов интерфейсов, геймсистем (Лень впиливать). Эта ветка чисто дотавская, постараюсь её держать up2date для доты, но мб будет лень, посмотрим. https://github.com/neverlosecc/source2sdk/tree/dota...

yougame.biz

for checking entity type(hero/creep/player/tower/whatever), see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Как понять, что энтити герой(Поиск TeamID)?

День добрый! Решил ради интереса написать на Python External для Доты, разобрался с поиском по спискам энтити и всё довольно стабильно работает. Через CE нашел следующие оффсеты: m_iHealth = 0x32C m_iMana = 0xC7C dwEntityList = "client.dll"+0x3A757C0 Однако не могу додумать, как понять, что...

yougame.biz

for getting players(players are not heroes. players control heroes couriers summons etc) you can just get entities by index from 1 to 64(like in source 1)(players are C_DOTAPlayerController). they have

C++:

CHandle< C_BaseEntity > m_hAssignedHero(offset 0x7e4, size 0x4, align 0x4) ^MNetworkEnable

CHandle is a 32-bit group(int, basically) where high 17 bits are serial number, low 15 bits are entity index(AND(&) by 0b111111111111111 or 0x7FFF to get low 15 bits)
for getting entity by index, see

Как получить указатель на здоровье? (дамп source2gen)

Получил это 👆 И что получается дальше? Мне надо создать на основе этого файла указатель? Если да, то как? Я не до конца понимаю как работать с дотой Прочекал почти все треды на форуме в разделе с дотой, там какие-то RVAшки(Relative Virtual Address), сигсканы через IDA Не до конца понятно...

yougame.biz

thanks a lot for this kind reply i have been following ur posts , thanks a lot for this posts , and 1 more thing to ask if u have any source code that puts this things all together ? i just wanna understand the full picture behind it

Un1xCr3w · 3 Авг 2024

Liberalist написал(а):
entitylist isn't directly CreateInterface-able in source 2. you can, however, get interface "GameResourceServiceClientV001" from engine2.dll, and it contains the entity system pointer @ 0x50(don't forget that the pointer may be nullptr(so check before using it), for example when the game is still loading and entity system isn't constructed yet)
for obtaining netvar offsets, see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Dota 2 SDK

Типичное сдк, который сделан на основе схемы срс2, что-то примерно как у @Liberalist , ток без дампов интерфейсов, геймсистем (Лень впиливать). Эта ветка чисто дотавская, постараюсь её держать up2date для доты, но мб будет лень, посмотрим. https://github.com/neverlosecc/source2sdk/tree/dota...

yougame.biz

for checking entity type(hero/creep/player/tower/whatever), see

Продолжение серии. шема(оффсеты)+локал игрок

вторая часть. читаем http://praydog.com/index.php/2015/06/24/an-analysis-of-the-source-2-engine-part-1-the-schema-system/ для IDA качаем плагины class informer и function string associate заходим в IDA берем...

yougame.biz

Как понять, что энтити герой(Поиск TeamID)?

День добрый! Решил ради интереса написать на Python External для Доты, разобрался с поиском по спискам энтити и всё довольно стабильно работает. Через CE нашел следующие оффсеты: m_iHealth = 0x32C m_iMana = 0xC7C dwEntityList = "client.dll"+0x3A757C0 Однако не могу додумать, как понять, что...

yougame.biz

for getting players(players are not heroes. players control heroes couriers summons etc) you can just get entities by index from 1 to 64(like in source 1)(players are C_DOTAPlayerController). they have

C++:

CHandle< C_BaseEntity > m_hAssignedHero(offset 0x7e4, size 0x4, align 0x4) ^MNetworkEnable

CHandle is a 32-bit group(int, basically) where high 17 bits are serial number, low 15 bits are entity index(AND(&) by 0b111111111111111 or 0x7FFF to get low 15 bits)
for getting entity by index, see

Как получить указатель на здоровье? (дамп source2gen)

Получил это 👆 И что получается дальше? Мне надо создать на основе этого файла указатель? Если да, то как? Я не до конца понимаю как работать с дотой Прочекал почти все треды на форуме в разделе с дотой, там какие-то RVAшки(Relative Virtual Address), сигсканы через IDA Не до конца понятно...

yougame.biz

i used the function called GameResourceServiceClientV001 inside the engine2.dll like so
const auto Engine = GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
and i got 0x7FF975256850 after opening this 0x7FF975256850 on reclass or cheatengine structure i found that there is no such pointer on 0x50 but there is a good pointer on 0x58 and inside the 0x58 there is something like this

and inside the 0x10 i get C_DOTAPlayerController at 0x78 but i cant find the hero inside it

iam really freaking glade cuz of ur replies thanks a lot mate and iam looking forward to hear more from u.

Liberalist · 3 Авг 2024

Un1xCr3w написал(а):
i used the function called GameResourceServiceClientV001 inside the engine2.dll like so
const auto Engine = GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
and i got 0x7FF975256850 after opening this 0x7FF975256850 on reclass or cheatengine structure i found that there is no such pointer on 0x50 but there is a good pointer on 0x58 and inside the 0x58 there is something like this

it is 0x58, sorry, typo.

Un1xCr3w написал(а):
and inside the 0x10 i get C_DOTAPlayerController at 0x78 but i cant find the hero inside it

read

Как получить указатель на здоровье? (дамп source2gen)

Получил это 👆 И что получается дальше? Мне надо создать на основе этого файла указатель? Если да, то как? Я не до конца понимаю как работать с дотой Прочекал почти все треды на форуме в разделе с дотой, там какие-то RVAшки(Relative Virtual Address), сигсканы через IDA Не до конца понятно...

yougame.biz

entitysystem at 0x10 has an array of 64 pointers(at 0x10 first pointer, at 0x18 second pointer etc), or in other words there are 64 entity lists(512 entities each)
those lists don't store entities they store their identities(helper structure)( CEntityIdentity, 0x78 size ). those identities have at offset 0x0 a pointer to entity
players are index 1-64 inclusive(once again see the link for how indices work)
reference shitcode

Не могу найти оффсеты на Dota 2 через ida

Пытаюсь найти оффсеты на доту 2(предположим оффсет m_iHealth), делаю всё по гайду: гружу ддлку, генерирую строки, через jump to xref пытаюсь найти оффсет и тут у меня нет нужных строк как у всех в гайдах(скрин), хелп плиз 1 скрин (мой) 2 скрин(как у чела из одного гайда)

yougame.biz

Un1xCr3w · 3 Авг 2024

Liberalist написал(а):
it is 0x58, sorry, typo.

read

Как получить указатель на здоровье? (дамп source2gen)

Получил это 👆 И что получается дальше? Мне надо создать на основе этого файла указатель? Если да, то как? Я не до конца понимаю как работать с дотой Прочекал почти все треды на форуме в разделе с дотой, там какие-то RVAшки(Relative Virtual Address), сигсканы через IDA Не до конца понятно...

yougame.biz

entitysystem at 0x10 has an array of 64 pointers(at 0x10 first pointer, at 0x18 second pointer etc), or in other words there are 64 entity lists(512 entities each)
those lists don't store entities they store their identities(helper structure)( CEntityIdentity, 0x78 size ). those identities have at offset 0x0 a pointer to entity
players are index 1-64 inclusive(once again see the link for how indices work)
reference shitcode

Не могу найти оффсеты на Dota 2 через ida

Пытаюсь найти оффсеты на доту 2(предположим оффсет m_iHealth), делаю всё по гайду: гружу ддлку, генерирую строки, через jump to xref пытаюсь найти оффсет и тут у меня нет нужных строк как у всех в гайдах(скрин), хелп плиз 1 скрин (мой) 2 скрин(как у чела из одного гайда)

yougame.biz

hey thanks a lot for ur reponse but about the CGameEntitySystem can u simplifiy it more ? after reading the whole thing i didnt understand at all
if u can simplify it i would be really greatful.

Liberalist · 3 Авг 2024

Un1xCr3w написал(а):
hey thanks a lot for ur reponse but about the CGameEntitySystem can u simplifiy it more ? after reading the whole thing i didnt understand at all
if u can simplify it i would be really greatful.

check this out

Un1xCr3w · 3 Авг 2024

Liberalist написал(а):
check this out
Посмотреть вложение 282662

yeah but the first part on the left how can i get it ?

is it the GameResourceServiceClient ?

Liberalist · 3 Авг 2024

Un1xCr3w написал(а):
yeah but the first part on the left how can i get it ?

is it the GameResourceServiceClient ?

it says "CGameEntitySystem" in case you didn't notice.
you sent a screenshot yourself where you already have it(ptr at GameResourceServiceClient + 0x58; dont forget to check for nullptr)

Un1xCr3w · 4 Авг 2024

Liberalist написал(а):
it says "CGameEntitySystem" in case you didn't notice.
you sent a screenshot yourself where you already have it(ptr at GameResourceServiceClient + 0x58; dont forget to check for nullptr)
Посмотреть вложение 282667

i have 5 entities in the game right now so i have to find pointers on 0010 , 0018 , 0020 etc .... which i cant find even the 0010 which the first ent in the game has no health in the 324 offset iam 100% sure that iam doing something really wrong :(

Liberalist · 4 Авг 2024

Un1xCr3w написал(а):
Посмотреть вложение 282670
i have 5 entities in the game right now so i have to find pointers on 0010 , 0018 , 0020 etc .... which i cant find even the 0010 which the first ent in the game has no health in the 324 offset iam 100% sure that iam doing something really wrong :(

10 18 20 etc are LISTS(512 entities each). in demo mode you'd usually just have only 1 list at 0x10. each list contains 512 IDENTITIES(0x78 size struct, it has entity ptr at offset 0).1st entity(index 0) is always world and you shoudn't really check its health because why do that
did you not see my screenshot?

Un1xCr3w · 4 Авг 2024

Liberalist написал(а):
10 18 20 etc are LISTS(512 entities each). in demo mode you'd usually just have only 1 list at 0x10. each list contains 512 IDENTITIES(0x78 size struct, it has entity ptr at offset 0).1st entity(index 0) is always world and you shoudn't really check its health because why do that
did you not see my screenshot?

tanks a lot <3 i got all entities now but how can i know that this entity is a hero or a creep or tower and hero names , items etc ...

Liberalist · 4 Авг 2024

Un1xCr3w написал(а):
tanks a lot <3 i got all entities now but how can i know that this entity is a hero or a creep or tower and hero names , items etc ...

see my first reply

C++:

class CEntityIdentity(size: 0x78 bytes, project "entity2", scope "client.dll")
| SCHEMA_CF1_MODULE_LOCAL_TYPE_SCOPE
| SCHEMA_CF1_INFO_TAG_MNetworkAssumeNotNetworkable
^MNetworkVarNames "m_nameStringableIndex int32"

-----members of class CEntityIdentity-----
    C_BaseEntity* m_pEntity(offset 0x0, size 0x8, align 0x8)
    CEntityClass* m_pClass(offset 0x8, size 0x8, align 0x8)
    CHandle<C_BaseEntity> m_hEntityHandle(offset 0x10, size 0x4, align 0x4)
    int32 m_nameStringableIndex(offset 0x14, size 0x4, align 0x4)
        ^MNetworkEnable
        ^MNetworkChangeCallback "entityIdentityNameChanged"
    CUtlSymbolLarge m_name(offset 0x18, size 0x8, align 0x8)
    CUtlSymbolLarge m_designerName(offset 0x20, size 0x8, align 0x8)
    uint8_t[8] unaccounted(offset 0x28)
    uint32 m_flags(offset 0x30, size 0x4, align 0x4)
    uint8_t[4] unaccounted(offset 0x34)
    WorldGroupId_t m_worldGroupId(offset 0x38, size 0x4, align 0x4)
        ^MNetworkDisable
    uint32 m_fDataObjectTypes(offset 0x3c, size 0x4, align 0x4)
    ChangeAccessorFieldPathIndex_t m_PathIndex(offset 0x40, size 0x2, align 0x0)
        ^MNetworkDisable
        ^MNetworkChangeAccessorFieldPathIndex
    uint8_t[22] unaccounted(offset 0x42)
    CEntityIdentity* m_pPrev(offset 0x58, size 0x8, align 0x8)
    CEntityIdentity* m_pNext(offset 0x60, size 0x8, align 0x8)
    CEntityIdentity* m_pPrevByClass(offset 0x68, size 0x8, align 0x8)
    CEntityIdentity* m_pNextByClass(offset 0x70, size 0x8, align 0x8)

just check by name/classname/etc.

Un1xCr3w · 10 Авг 2024

hey again iam sorry seems like the entities i got wasnt correct so here is another attempt , iam so sorry iam asking really dumb question for u

but here is my current attmept

const auto Engine = GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
const auto CGameEntitySystem = reinterpret_cast<uintptr_t>(Engine) + 0x58;
const auto Identity1 = CGameEntitySystem + 0x10;
const auto Controller1 = Identity1 + 0x78;
std::cout << "CGameResourceService: " << Engine << std::endl;
std::cout << "CGameEntitySystem: " << std::hex << CGameEntitySystem << std::endl;
std::cout << "Identity1: " << std::hex << Identity1 << std::endl;
std::cout << "Controller1: " << std::hex << Controller1 << std::endl;

i used the screen shot u sent before to start this attempt
but i still cant get the entity nor the health for the 2 unit iam having in the game
please take in mind that iam not using demo hero iam using custom lobby
Thanks in advance.

Un1xCr3w · 10 Авг 2024

i even tried to find the first entity in the identity list but it didnt work as expected.

Liberalist · 10 Авг 2024

Un1xCr3w написал(а):
hey again iam sorry seems like the entities i got wasnt correct so here is another attempt , iam so sorry iam asking really dumb question for u

but here is my current attmept

const auto Engine = GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
const auto CGameEntitySystem = reinterpret_cast<uintptr_t>(Engine) + 0x58;
const auto Identity1 = CGameEntitySystem + 0x10;
const auto Controller1 = Identity1 + 0x78;
std::cout << "CGameResourceService: " << Engine << std::endl;
std::cout << "CGameEntitySystem: " << std::hex << CGameEntitySystem << std::endl;
std::cout << "Identity1: " << std::hex << Identity1 << std::endl;
std::cout << "Controller1: " << std::hex << Controller1 << std::endl;

i used the screen shot u sent before to start this attempt
but i still cant get the entity nor the health for the 2 unit iam having in the game
please take in mind that iam not using demo hero iam using custom lobby
Thanks in advance.

first of all you might want to check Engine for nullptr before adding 0x58.
second of all you're not even reading any memory at all... you're just adding numbers. and then adding other numbers on top of those numbers. 0 reads.
you might want to learn C(++) a little bit first(pointers etc)
smth like this(also keep in mind that players(controllers) aren't heroes(they're their "owners" that control them, and also couriers, summons etc.) don't expect them to have sensible health values)

C++:

uintptr_t GameResourceServiceClient = (uintptr_t)GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
if(!GameResourceServiceClient) error something...
void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58);//add, then read 8 bytes(void*(generic pointer) is 8 bytes on x64)
void* Identity0 = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + 0 * sizeof(void*)/*0th list(there are 64 lists don't forget)*/);//pointer arithmetic uses special rules don't add to pointers, make them into numbers first then cast back afterwards
//^ a more appropriate name would be List0
void* Identity1 = (void*)((uintptr_t)Identity0 + 0x78);
std::cout << "CGameResourceServiceClient: " << (void*)GameResourceServiceClient << std::endl;
std::cout << "CGameEntitySystem: " << CGameEntitySystem << std::endl;
std::cout << "Identity0: " << Identity0 << std::endl;
std::cout << "Identity1: " << Identity1 << std::endl;

also, technically, for entity at index 1, you don't want 0th list, you want 1 div 512(which happens to be 0), and you don't want 1st identity, you want 1 mod 512(which happens to be 1)
so it would actually be

C++:

uintptr_t GameResourceServiceClient = (uintptr_t)GetInterface<void>("GameResourceServiceClientV001", "engine2.dll");
if(!GameResourceServiceClient) error something...
void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58);
constexpr auto IndexWeNeed = 1;
constexpr auto sizeof_CEntityIdentity = 0x78;
void* List = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + (IndexWeNeed / 512) * sizeof(void*));
if(!List) error something...(no entity at index IndexWeNeed)
void* Identity = (void*)((uintptr_t)List + (IndexWeNeed % 512) * sizeof_CEntityIdentity);
std::cout << "CGameResourceServiceClient: " << (void*)GameResourceServiceClient << std::endl;
std::cout << "CGameEntitySystem: " << CGameEntitySystem << std::endl;
std::cout << "List: " << List << std::endl;
std::cout << "Identity: " << Identity << std::endl;

Un1xCr3w · 10 Авг 2024

Liberalist написал(а):
first of all you might want to check Engine for nullptr before adding 0x58.
second of all you're not even reading any memory at all... you're just adding numbers. and then adding other numbers on top of those numbers. 0 reads.
you might want to learn C(++) a little bit first(pointers etc)
smth like this(also keep in mind that players(controllers) aren't heroes(they're their "owners" that control them, and also couriers, summons etc.) don't expect them to have sensible health values)

C++:

uintptr_t GameResourceServiceClient = (uintptr_t)GetInterface<void>("GameResourceServiceClientV001", "engine2.dll"); if(!GameResourceServiceClient) error something... void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58);//add, then read 8 bytes(void*(generic pointer) is 8 bytes on x64) void* Identity0 = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + 0 * sizeof(void*)/*0th list(there are 64 lists don't forget)*/);//pointer arithmetic uses special rules don't add to pointers, make them into numbers first then cast back afterwards //^ a more appropriate name would be List0 void* Identity1 = (void*)((uintptr_t)Identity0 + 0x78); std::cout << "CGameResourceServiceClient: " << (void*)GameResourceServiceClient << std::endl; std::cout << "CGameEntitySystem: " << CGameEntitySystem << std::endl; std::cout << "Identity0: " << Identity0 << std::endl; std::cout << "Identity1: " << Identity1 << std::endl;

also, technically, for entity at index 1, you don't want 0th list, you want 1 div 512(which happens to be 0), and you don't want 1st identity, you want 1 mod 512(which happens to be 1)
so it would actually be

C++:

uintptr_t GameResourceServiceClient = (uintptr_t)GetInterface<void>("GameResourceServiceClientV001", "engine2.dll"); if(!GameResourceServiceClient) error something... void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58); constexpr auto IndexWeNeed = 1; constexpr auto sizeof_CEntityIdentity = 0x78; void* List = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + (IndexWeNeed / 512) * sizeof(void*)); if(!List) error something...(no entity at index IndexWeNeed) void* Identity = (void*)((uintptr_t)List + (IndexWeNeed % 512) * sizeof_CEntityIdentity); std::cout << "CGameResourceServiceClient: " << (void*)GameResourceServiceClient << std::endl; std::cout << "CGameEntitySystem: " << CGameEntitySystem << std::endl; std::cout << "List: " << List << std::endl; std::cout << "Identity: " << Identity << std::endl;

yeah thanks a lot but still i cant get pass the controller no entity object no hero object i tested the list pointer and the identity pointers bother are wrong.

Liberalist · 10 Авг 2024

Un1xCr3w написал(а):
yeah thanks a lot but still i cant get pass the controller no entity object no hero object i tested the list pointer and the identity pointers bother are wrong.

wdym wrong.
identity is identity, it's not entity.
entitylists contains identities, identities have a pointer to entity as their first member(i.e. offset 0). you can think of identities as "passports" of entities - it's got name,index,serial number, flags, etc, as well as the address of the entity itself
you take list at index (entityIndex div 512) and that list's entry at index (entityIndex mod 512), you get the identity. you read first 8 bytes(void*) and you get address of the entity. you then do whatever you want with it.
you want entities indexed from 1 to 64 inclusive(i.e. players), from players you get their selected heroes(m_hAssignedHero netvar)

C++:

auto GameResourceServiceClient =
    ((uintptr_t(*)(const char*, void*))GetProcAddress(GetModuleHandleA("engine2.dll"),
        "CreateInterface"))("GameResourceServiceClientV001", nullptr);
void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58);
for (std::size_t index = 1; index <= 64; ++index)
{
    constexpr auto sizeof_CEntityIdentity = 0x78;
    void* List = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + (index / 512) * sizeof(void*));
    if (List)
    {
        void* Identity = (void*)((uintptr_t)List + (index % 512) * sizeof_CEntityIdentity);
        void* Entity = *(void**)Identity;
        if (Entity)
        {
            constexpr auto offset_m_iszPlayerName = 0x628;
            constexpr auto offset_m_hAssignedHero = 0x7e4;
            constexpr auto high_17_bits = 0b11111111111111111000000000000000;
            constexpr auto low_15_bits = 0b00000000000000000111111111111111;
            struct CHandle
            {
                int value;
                int serial() const noexcept
                {
                    return value & high_17_bits;
                }
                int index() const noexcept
                {
                    return value & low_15_bits;
                }
                bool is_valid() const noexcept
                {
                    return value != -1;
                }
            };
            OutputDebugStringA(std::format("player {}({}) controls hero indexed {}\n",
                (char*)((uintptr_t)Entity + offset_m_iszPlayerName),
                Entity, ((*(CHandle*)((uintptr_t)Entity + offset_m_hAssignedHero)).index())).data());
        }
    }
}

DebugString: "player unnamed(0x13dac701c00) controls hero indexed 157"
DebugString: "player Kat(0x13d4dab1c00) controls hero indexed 209"
DebugString: "player Kjetil(0x13cc7e42a00) controls hero indexed 256"
DebugString: "player Борис(0x13cca980000) controls hero indexed 304"
DebugString: "player Julia(0x13c78d80000) controls hero indexed 351"
DebugString: "player Jéssica(0x13d34276200) controls hero indexed 399"
DebugString: "player Anne(0x13d38564600) controls hero indexed 447"
DebugString: "player Bjørn(0x13d34274600) controls hero indexed 495"
DebugString: "player กิตติ(0x13d38b50000) controls hero indexed 542"
DebugString: "player Zhang(0x13d2e8a5400) controls hero indexed 590"

Un1xCr3w · 10 Авг 2024

Liberalist написал(а):
wdym wrong.
identity is identity, it's not entity.
entitylists contains identities, identities have a pointer to entity as their first member(ie offset 0). you can think of identities as "passports" of entities - it's got name,index,serial number, flags, etc, as well as the address of the entity itself
you take list at index (entityIndex div 512) and that list's entry at index (entityIndex mod 512), you get the identity. you read first 8 bytes(void*) and you get address of the entity. you then do whatever you want with it.
you want entities indexed from 1 to 64 inclusive(ie players), from players you get their selected heroes(m_hAssignedHero netvar)

C++:

auto GameResourceServiceClient = ((uintptr_t(*)(const char*, void*))GetProcAddress(GetModuleHandleA("engine2.dll"), "CreateInterface"))("GameResourceServiceClientV001", nullptr); void* CGameEntitySystem = *(void**)(GameResourceServiceClient + 0x58); for (std::size_t index = 1; index <= 64; ++index) { constexpr auto sizeof_CEntityIdentity = 0x78; void* List = *(void**)((uintptr_t)CGameEntitySystem + 0x10 + (index / 512) * sizeof(void*)); if (List) { void* Identity = (void*)((uintptr_t)List + (index % 512) * sizeof_CEntityIdentity); void* Entity = *(void**)Identity; if (Entity) { constexpr auto offset_m_iszPlayerName = 0x628; constexpr auto offset_m_hAssignedHero = 0x7e4; constexpr auto high_17_bits = 0b1111111111111111111000000000000000; constexpr auto low_15_bits = 0b0000000000000000000111111111111111; struct CHandle { int value; int serial() const noexcept { return value & high_17_bits; } int index() const noexcept { return value & low_15_bits; } bool is_valid() const noexcept { return value != -1; } }; OutputDebugStringA(std::format("player {}({}) controls hero indexed {}\n", (char*)((uintptr_t)Entity + offset_m_iszPlayerName), Entity, ((*(CHandle*)((uintptr_t)Entity + offset_m_hAssignedHero)).index())).data()); } } }

DebugString: "player unnamed(0x13dac701c00) controls hero indexed 157"
DebugString: "player Kat(0x13d4dab1c00) controls hero indexed 209"
DebugString: "player Kjetil(0x13cc7e42a00) controls hero indexed 256"
DebugString: "player Boris(0x13cca980000) controls hero indexed 304"
DebugString: "player Julia(0x13c78d80000) controls hero indexed 351"
DebugString: "player Jéssica(0x13d34276200) controls hero indexed 399"
DebugString: "player Anne(0x13d38564600) controls hero indexed 447"
DebugString: "player Bjørn(0x13d34274600) controls hero indexed 495"
DebugString: "player กิตติ(0x13d38b50000) controls hero indexed 542"
DebugString: "player Zhang(0x13d2e8a5400) controls hero indexed 590"

thanks a lot for that i was doing something wrong made me think that this was wrong
thanks a lot mate for all the help ur providing but i still cant find the hero entity itself even in the dissect structure

Вопрос Dota 2 netvar manager

Вложения