Гайд Cs2 Structs, Offsets sigs etc

[I'm a weeb]

here some updated stuff feal free share any other updated stuff in this thread, always assume that people have old / outdated
no dropping your sigs and expect me test them or update them i provide updates / add more when i notice changes or get more, and add here

pls avoid hiding stuff to a specific user if related to updating a thing :), we all benefit from the info / help

"client.dll", "48 8B 3D ? ? ? ? 8B 5E"));//game_particle_manager
"rendersystemdx11.dll", "48 89 2D ? ? ? ? 48 C7 05"), 0x3, 0x7));//swap_chain
"client.dll", "4C 8B 25 ? ? ? ? 24"), 0x3, 0x0));//engine_trace
"client.dll", "48 89 15 ?? ?? ?? ?? 48 89 42"), 0x3, 0x7;//global_vars
"client.dll", "48 8B 0D ? ? ? ? 4C 8B C6 8B 10 E8"), 0x3, 0x7;//input
"client.dll", "48 8B 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 48 85 C9 74 2D"), 0x3));//game_event_manager
"client.dll", "48 8B 0D ? ? ? ? E8 ? ? ? ? 84 C0 0F 84 ? ? ? ? 49 8B 06 48 8D 4D"), 0x3));//game_rules

"materialsystem2.dll", "48 89 5C 24 ?? 48 89 6C 24 ?? 56 57 41 56 48 81 EC ?? ?? ?? ?? 48 8B 05"));//create_material
"tier0.dll", "40 53 48 83 EC ? 4C 8B 11 41 B9"));//40 53 48 83 EC ? 4C 8B 11 41 B9// set_type_key
tier0, FNV1A("?LoadKV3@@YA_NPEAVKeyValues3@@PEAVCUtlString@@PEAVCUtlBuffer@@AEBUKV3ID_t@@PEBDI@Z")));// loadkeytype sig here to //"tier0.dll", "E8 ? ? ? ? EB ? F7 43"), 0x1, 0x0));

"scenesystem.dll", "48 8B C4 53 57 41 54" //draw_object
"client.dll", "40 53 48 81 EC ? ? ? ? 49 8B C1"//get_matrix_for_view
"client.dll", "48 89 5C 24 ? 48 89 6C 24 ? 56 57 41 56 48 81 EC ? ? ? ? 4C 8B F1 48 8D 94 24" //on_render_start

"client.dll", "85 D2 0F 88 ? ? ? ? 55 56 41 55");//flashBangDraw
"client.dll", "48 89 5C 24 ? 48 89 6C 24 ? 48 89 74 24 ? 57 41 56 41 57 48 83 EC ? 48 8B 9C 24 ? ? ? ? 4D 8B F8"); //smokedraw

"4c 8b c9 81 fa fe 7f 00 00 77 47");//GameEntitySystem

bullet penetration: 48 8B C4 44 89 48 20 48 89 50 10 48
Find Hud Element: 4C 8B DC 53 48 83 EC 50 48 8B 05
set body group: 85 D2 0F 88 ? ? ? ? 53 55
get_usercmd_base: "E8 ? ? ? ? 8B 80 ? ? ? ? 48 83 C4", 1
get_usercmd: "E8 ? ? ? ? 48 8B D8 48 85 C0 75 ? 8B 97"), 1
addeconitem for inventory: E8 ? ? ? ? FF C3 3B 5D ? 72

sequence_number: + 0x59A8
get_stickers_supported_count:+ 0x168
Uses_Legacy_Model: + 0xAE

index
42U //get_schema_class_info
173U // get_eye_pos
38U // in_game
53U //get_local_player
39U // IsConnected
49U //ExecuteClientCmd
23U //GetResourceManager
24U //set_string
25U //set_wstring
162u // is weapon

typedef struct ISwapChainDx11 {
    /* 0x0000 */ MEM_PAD(0x170);
    /* 0x0170 */ IDXGISwapChain *m_DXGISwapChain;
    /* 0x0178 */ IDXGIFactory *m_IDXGIFactory;
} ISwapChainDx11;

    typedef struct CSchemaClassInfo {
        /* 0x0000 */ uintptr_t *vtable;
        /* 0x0008 */ const char *name;
        /* 0x0010 */ const char *module;
        /* 0x0018 */ int size;
        /* 0x001C */ int16_t field_count;
        /* 0x001E */ int16_t static_metadata_count;
        /* 0x0020 */ int8_t alignment;
        /* 0x0021 */ int8_t base_classes_count;
        /* 0x0022 */ int16_t multiple_inheritance_depth;
        /* 0x0024 */ int16_t single_inheritance_depth;
        /* 0x0028 */ SchemaClassFieldData *fields;
        /* 0x0030 */ SchemaBaseClassInfoData *base_classes;
        /* 0x0038 */ MEM_PAD(0x8);
        /* 0x0040 */ SchemaMetadataEntryData *static_metadata;
        /* 0x0048 */ CSchemaSystemTypeScope *scope;
        /* 0x0050 */ CSchemaType *type;
        /* 0x0058 */ eSchemaClassFlags flags;
        /* 0x005C */ MEM_PAD(0x4);
        /* 0x0060 */ void *ftable;
    } CSchemaClassInfo;

    class CSceneAnimatableObject
    {
        MEM_PAD(0xB8);
        sdk::CHandle<C_BaseEntity> hOwner;
    };

    class CMeshData
    {
    public:
        MEM_PAD(0x18); // 0x0
        CSceneAnimatableObject* SceneAnimatableObject; // 0x18
        CMaterial2* Material; // 0x20
        CMaterial2* MaterialCopy;
        MEM_PAD(0x10);
        CObjectInfo* ObjectInfo;
        Memory_pad(0x8);
        Color colValue; // 0x48
    };


struct global_vars
{
    float     RealTime;           // 0x0000
    int32_t   rameCount;          // 0x0004
    float     FrameTime;          // 0x0008
    float     FrameTime2;         // 0x000C
    int32_t   MaxClients;          // 0x0010
    std::uint8_t _pad0014[0x1C];      // 0x0014 -> 0x002F
    float     lCurrentTime;        // 0x0030
    float     FrameTime3;         // 0x0034
    float     TickFraction;       // 0x0038
    float     TickFraction2;      // 0x003C
    std::uint8_t _pad0040[0x08];      // 0x0040 -> 0x0047
    int32_t   TickCount;           // 0x0048
    std::uint8_t _pad004C[0x0C];      // 0x004C -> 0x0057
    void*     NetChannel;          // 0x0058 (CNetChan*)
    std::uint8_t _pad0060[0x118];     // 0x0060 -> 0x0177
    const char* MapName;          // 0x0178
    const char* MapNameShort;     // 0x0180
};

 

[silenthvh]

THX BRO +REP !!!!

 

[mkmkmk]

can you have usercmd?

 

[I'm a weeb]

can you have usercmd?

    c_usercmd* get_usercmd(c_csplayer_controller* local_controller)
    {
        using get_usercmd_base_t = int64_t(__fastcall*)(c_csplayer_controller*);
        static get_usercmd_base_t get_usercmd_base = reinterpret_cast<get_usercmd_base_t>(memory::get_absolute_address(memory::find_pattern(memory::client, "E8 ? ? ? ? 8B 80 ? ? ? ? 48 83 C4"), 1));
       
        if (!get_usercmd_base)
        return nullptr;
       
        int sequence_number = *reinterpret_cast<int*>(get_usercmd_base(local_controller) + 0x59A8);
        using get_usercmd_t = c_usercmd*(__fastcall*)(c_csplayer_controller*, int);
        static get_usercmd_t get_usercmd = reinterpret_cast<get_usercmd_t>(memory::get_absolute_address(memory::find_pattern(memory::client, "E8 ? ? ? ? 48 8B D8 48 85 C0 75 ? 8B 97"), 1));
       
        if (!get_usercmd)
        return nullptr;
       
        return get_usercmd(local_controller, sequence_number);
    }

"C_EconItemView::GetBasePlayerWeaponVData" ) ,"clinet.dll", "48 81 EC ? ? ? ? 48 85 C9 75 ? 33 C0 48 81 C4 ? ? ? ? C3 48 89 9C 24" , 0 , SEARCH_TYPE_NONE };

48 89 74 24 ? 57 48 83 EC ? 48 8B 05 ? ? ? ? 48 8B FA//world_to_screen

85 D2 75 ? 48 63 81//SetViewAngle

E8 ?? ?? ?? ?? 48 8B D5 48 8B CE E8 ?? ?? ?? ?? 48 8B 06 48 8B CE //PhysicsRunThink
abs 1, 0


6U//CPVS

    struct game_trace_t
    {
        void* surface;
        pawn_t* entity;
        void* hit_box_data;
        std::uint8_t pad0000[0x38];
        std::uint32_t contents;
        std::uint8_t pad0001[0x24];
        math::vec3_t start_position;
        math::vec3_t end_position;
        math::vec3_t normal;
        math::vec3_t position;
        std::uint8_t pad0002[0x4];
        float fraction;
        std::uint8_t pad0003[0x6];
        bool all_solid;
        std::uint8_t pad0004[0x4D];
    };

 

[off4zk]

 

[v1mpers]

using fnGetBaseEntity = void* (__fastcall*)(void*, int);

static auto GetBaseEntity = (fnGetBaseEntity)FIND_PATTERN(XOR("client.dll"), XOR("4C 8D 49 ? 81 FA"));

return GetBaseEntity(this, i);

GetBaseEntity, tested

 using func_t = void(__fastcall*)(sdk::network_game_client_t*, int);
 static func_t fn = (func_t)FIND_PATTERN("engine2.dll", "40 55 41 56 48 83 EC ? 80 B9 ? ? ? ? 00");
 fn(pNetworkGameClient, nPredictionReason);

and new prediction start

 

[silenthvh]

updt plz

{
using fn = std::uint64_t(__fastcall*)(const char*, unsigned int, int);
static auto find = reinterpret_cast<fn>(M::patternScan("particles", ("48 89 5C 24 ? 57 48 81 EC ? ? ? ? 33 C0 8B DA")));
return find(szName, 0x12, 0x31415926);
}
};

 

[v1mpers]

updt plz

{
using fn = std::uint64_t(__fastcall*)(const char*, unsigned int, int);
static auto find = reinterpret_cast<fn>(M::patternScan("particles", ("48 89 5C 24 ? 57 48 81 EC ? ? ? ? 33 C0 8B DA")));
return find(szName, 0x12, 0x31415926);
}
};

у тебя итак вроде рабочий

 

[silenthvh]

у тебя итак вроде рабочийПосмотреть вложение 316574

ошибку выдает

 

[I'm a weeb]

ошибку выдает

nut sure what one that is sent have not worked on particles yet, but check if your other sigs for game_particle_manager etc are correct

 

[DTXBasic]

GetEntityByIndexFunction - 81 FA ? ? ? ? 77 ? 8B C2 C1 F8 ? 83 F8 ? 77 ? 48 98 48 8B 4C C1 ? 48 85 C9 74 ? 8B C2 25 ? ? ? ? 48 6B C0 ? 48 03 C8 74 ? 8B 41 ? 25 ? ? ? ? 3B C2 75 ? 48 8B 01

GetHighestEntityIndex - 0x1510

inline auto gEntitySystem = *reinterpret_cast<CGameEntitySystem**>(schema.resolve_rip(schema.FindPattern("client.dll", "48 8B 0D ?? ?? ?? ?? 48 89 7C 24 ?? 8B FA C1 EB"), 3, 7));

correct?

 

[TheXSVV]

GetHighestEntityIndex - 0x1510

incorrect, 0x20F0

GetEntityByIndexFunction - 81 FA ? ? ? ? 77 ? 8B C2 C1 F8 ? 83 F8 ? 77 ? 48 98 48 8B 4C C1 ? 48 85 C9 74 ? 8B C2 25 ? ? ? ? 48 6B C0 ? 48 03 C8 74 ? 8B 41 ? 25 ? ? ? ? 3B C2 75 ? 48 8B 01

how can it be true if it's simply not being looked for? you should at least check it yourself

 

[DTXBasic]

Посмотреть вложение 316584
incorrect, 0x20F0


Посмотреть вложение 316585
how can it be true if it's simply not being looked for? you should at least check it yourself

If call inline auto gEntitySystem = *reinterpret_cast<CGameEntitySystem**>(schema.FindPattern("client.dll", "4C 8B C9 81 FA"));
gEntitySystem->GetBaseEntity() = nullptr

void* GetEntityByIndexFunction(int Index)
{
SCHEMA schema;
using fnGetBaseEntity = void* (__thiscall*)(void*, int);
static auto GetBaseEntity = reinterpret_cast<fnGetBaseEntity>(schema.FindPattern("client.dll", "4C 8D 49 ? 81 FA"));
return GetBaseEntity(this, Index);
}

GetLocalPlayerIndex = 53

C_CSPlayerController* C_CSPlayerController::GetLocalPlayerController() {
const int nIndex = engine_interface->GetLocalPlayerIndex();
return (C_CSPlayerController*)gEntitySystem->GetEntity<C_CSPlayerController>(nIndex);
}

This is where the problem.
You have any ideas why that problem give me nullptr??

 

[TheXSVV]

You have any ideas why that problem give me nullptr??

because gEntitySystem signature is 48 8B 0D ? ? ? ? 0F 28 DE 4C 89 6C 24 ? 4C 8B C0 4C 89 6C 24 ? 49 8B D6

 

[DTXBasic]

because gEntitySystem signature is 48 8B 0D ? ? ? ? 0F 28 DE 4C 89 6C 24 ? 4C 8B C0 4C 89 6C 24 ? 49 8B D6

An exception was thrown at 0x00007FFD9E387B29 (client.dll) in cs2.exe: 0xC0000005: Access violation reading from 0xFFFFFFFFFFFFFFFF.

C_CSPlayerController* C_CSPlayerController::GetLocalPlayerController() {
const int nIndex = engine_interface->GetLocalPlayerIndex();
return (C_CSPlayerController*)gEntitySystem->GetEntity<C_CSPlayerController>(nIndex);
}

engineinterface = Source2EngineToClient001

inline auto gEntitySystem = *reinterpret_cast<CGameEntitySystem**>(schema.FindPattern("client.dll", "48 8B 0D ? ? ? ? 0F 28 DE 4C 89 6C 24 ? 4C 8B C0 4C 89 6C 24 ? 49 8B D6"));

 

[TheXSVV]

If call inline auto gEntitySystem = *reinterpret_cast<CGameEntitySystem**>(schema.FindPattern("client.dll", "4C 8B C9 81 FA"));
gEntitySystem->GetBaseEntity() = nullptr

void* GetEntityByIndexFunction(int Index)
{
SCHEMA schema;
using fnGetBaseEntity = void* (__thiscall*)(void*, int);
static auto GetBaseEntity = reinterpret_cast<fnGetBaseEntity>(schema.FindPattern("client.dll", "4C 8D 49 ? 81 FA"));
return GetBaseEntity(this, Index);
}

GetLocalPlayerIndex = 53

C_CSPlayerController* C_CSPlayerController::GetLocalPlayerController() {
const int nIndex = engine_interface->GetLocalPlayerIndex();
return (C_CSPlayerController*)gEntitySystem->GetEntity<C_CSPlayerController>(nIndex);
}

This is where the problem.
You have any ideas why that problem give me nullptr??

I have no idea what you're doing wrong. This signature works for me on the latest version of the game. No one will reverse it for you. You'll have to figure it out on your own. You can use this repository to study the issue (the signatures are included in the code):

Пожалуйста, авторизуйтесь для просмотра ссылки.

 

[verteich]

hello, u know new offset to get_model_name for skinchanger?
old

const char* get_model_name() {
  return *reinterpret_cast<const char**>((uintptr_t)(this) + 0xD8);
}

 

[I'm a weeb]

hello, u know new offset to get_model_name for skinchanger?
old

const char* get_model_name() {
  return *reinterpret_cast<const char**>((uintptr_t)(this) + 0xD8);
}

not sure this is it have not worked on skinchanger

const char* get_model_name() {
return *reinterpret_cast<const char**>((uintptr_t)(this) + 0x148);
}

 

[verteich]

not sure this is it have not worked on skinchanger

const char* get_model_name() {
return *reinterpret_cast<const char**>((uintptr_t)(this) + 0x148);
}

ty, its work

 

[Arbuz Arbuz]

here some updated stuff feal free share any other updated stuff in this thread, always assume that people have old / outdated
no dropping your sigs and expect me test them or update them i provide updates / add more when i notice changes or get more, and add here

"client.dll", "48 8B 3D ? ? ? ? 8B 5E"));//game_particle_manager
"rendersystemdx11.dll", "48 89 2D ? ? ? ? 48 C7 05"), 0x3, 0x7));//swap_chain
"client.dll", "4C 8B 25 ? ? ? ? 24"), 0x3, 0x0));//engine_trace
"client.dll", "48 89 15 ?? ?? ?? ?? 48 89 42"), 0x3, 0x7;//global_vars
"client.dll", "48 8B 0D ? ? ? ? 4C 8B C6 8B 10 E8"), 0x3, 0x7;//input
"client.dll", "48 8B 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 48 85 C9 74 2D"), 0x3));//game_event_manager
"client.dll", "48 8B 0D ? ? ? ? E8 ? ? ? ? 84 C0 0F 84 ? ? ? ? 49 8B 06 48 8D 4D"), 0x3));//game_rules

"materialsystem2.dll", "48 89 5C 24 ?? 48 89 6C 24 ?? 56 57 41 56 48 81 EC ?? ?? ?? ?? 48 8B 05"));//create_material
"tier0.dll", "40 53 48 83 EC ? 4C 8B 11 41 B9"));//40 53 48 83 EC ? 4C 8B 11 41 B9// set_type_key
tier0, FNV1A("?LoadKV3@@YA_NPEAVKeyValues3@@PEAVCUtlString@@PEAVCUtlBuffer@@AEBUKV3ID_t@@PEBDI@Z")));// loadkeytype sig here to //"tier0.dll", "E8 ? ? ? ? EB ? F7 43"), 0x1, 0x0));

"scenesystem.dll", "48 8B C4 53 57 41 54" //draw_object
"client.dll", "40 53 48 81 EC ? ? ? ? 49 8B C1"//get_matrix_for_view
"client.dll", "48 89 5C 24 ? 48 89 6C 24 ? 56 57 41 56 48 81 EC ? ? ? ? 4C 8B F1 48 8D 94 24" //on_render_start

"client.dll", "85 D2 0F 88 ? ? ? ? 55 56 41 55");//flashBangDraw
"client.dll", "48 89 5C 24 ? 48 89 6C 24 ? 48 89 74 24 ? 57 41 56 41 57 48 83 EC ? 48 8B 9C 24 ? ? ? ? 4D 8B F8"); //smokedraw

"4c 8b c9 81 fa fe 7f 00 00 77 47");//GameEntitySystem

bullet penetration: 48 8B C4 44 89 48 20 48 89 50 10 48
Find Hud Element: 4C 8B DC 53 48 83 EC 50 48 8B 05
set body group: 85 D2 0F 88 ? ? ? ? 53 55
get_usercmd_base: "E8 ? ? ? ? 8B 80 ? ? ? ? 48 83 C4", 1
get_usercmd: "E8 ? ? ? ? 48 8B D8 48 85 C0 75 ? 8B 97"), 1
addeconitem for inventory: E8 ? ? ? ? FF C3 3B 5D ? 72

sequence_number: + 0x59A8
get_stickers_supported_count:+ 0x168
Uses_Legacy_Model: + 0xAE

index
42U //get_schema_class_info
173U // get_eye_pos
38U // in_game
53U //get_local_player
39U // IsConnected
49U //ExecuteClientCmd
23U //GetResourceManager
24U //set_string
25U //set_wstring
162u // is weapon

typedef struct ISwapChainDx11 {
    /* 0x0000 */ MEM_PAD(0x170);
    /* 0x0170 */ IDXGISwapChain *m_DXGISwapChain;
    /* 0x0178 */ IDXGIFactory *m_IDXGIFactory;
} ISwapChainDx11;

    typedef struct CSchemaClassInfo {
        /* 0x0000 */ uintptr_t *vtable;
        /* 0x0008 */ const char *name;
        /* 0x0010 */ const char *module;
        /* 0x0018 */ int size;
        /* 0x001C */ int16_t field_count;
        /* 0x001E */ int16_t static_metadata_count;
        /* 0x0020 */ int8_t alignment;
        /* 0x0021 */ int8_t base_classes_count;
        /* 0x0022 */ int16_t multiple_inheritance_depth;
        /* 0x0024 */ int16_t single_inheritance_depth;
        /* 0x0028 */ SchemaClassFieldData *fields;
        /* 0x0030 */ SchemaBaseClassInfoData *base_classes;
        /* 0x0038 */ MEM_PAD(0x8);
        /* 0x0040 */ SchemaMetadataEntryData *static_metadata;
        /* 0x0048 */ CSchemaSystemTypeScope *scope;
        /* 0x0050 */ CSchemaType *type;
        /* 0x0058 */ eSchemaClassFlags flags;
        /* 0x005C */ MEM_PAD(0x4);
        /* 0x0060 */ void *ftable;
    } CSchemaClassInfo;

    class CSceneAnimatableObject
    {
        MEM_PAD(0xB8);
        sdk::CHandle<C_BaseEntity> hOwner;
    };

    class CMeshData
    {
    public:
        MEM_PAD(0x18); // 0x0
        CSceneAnimatableObject* SceneAnimatableObject; // 0x18
        CMaterial2* Material; // 0x20
        CMaterial2* MaterialCopy;
        MEM_PAD(0x10);
        CObjectInfo* ObjectInfo;
        Memory_pad(0x8);
        Color colValue; // 0x48
    };


struct global_vars
{
    float     RealTime;           // 0x0000
    int32_t   rameCount;          // 0x0004
    float     FrameTime;          // 0x0008
    float     FrameTime2;         // 0x000C
    int32_t   MaxClients;          // 0x0010
    std::uint8_t _pad0014[0x1C];      // 0x0014 -> 0x002F
    float     lCurrentTime;        // 0x0030
    float     FrameTime3;         // 0x0034
    float     TickFraction;       // 0x0038
    float     TickFraction2;      // 0x003C
    std::uint8_t _pad0040[0x08];      // 0x0040 -> 0x0047
    int32_t   TickCount;           // 0x0048
    std::uint8_t _pad004C[0x0C];      // 0x004C -> 0x0057
    void*     NetChannel;          // 0x0058 (CNetChan*)
    std::uint8_t _pad0060[0x118];     // 0x0060 -> 0x0177
    const char* MapName;          // 0x0178
    const char* MapNameShort;     // 0x0180
};

can u give me new struct a networked_client please

class c_networked_client_info
{
public:
    int32_t unk; //0x0000
    int32_t m_render_tick; //0x0004
    float m_render_tick_fraction; //0x0008
    int32_t m_player_tick_count; //0x000C
    float m_player_tick_fraction; //0x0010
    char pad_0014[4]; //0x0014
    c_local_data* m_local_data; //0x0018
    char pad_0020[32]; //0x0020
}; //Size: 0x0040