I've been using the rock5 multihack (which was amazing) for years but it doesn't seem to be updating properly after the latest update. I still need swimhack so had to make my own. I dunno about guidelines or whatever on attaching exe files so here is the method I use. Bear in mind that I filtered pointers only several times, pretty lazy actually got down to like 600 results. I recall that it was once a simple change in value on playerstate and you were done but I am pretty drunk. Now you do that but you need to nop the call to change back and forth aswell.
nop 6 bytes here this will stop the playerchar switching between states.
Client.exe+4DAC7 - 89 83 B4000000 - mov [ebx+000000B4],eax
then and this is the sketchy part but works for me so far. The address at the end of this pointer is your playerstate. 0 is normal, 3 is swim.
client.exe(400000)+4BD98C + 204 + 5A8 + EC + 74 + B4
enjoy
Swimhack
- Administrator
- Site Admin
- Posts: 5307
- Joined: Sat Jan 05, 2008 4:21 pm
Re: Swimhack
Very nice info. Thank you very much.
Were you able to get this to work as a Cheat Engine script, or did you custom-write a program to modify the memory?
Were you able to get this to work as a Cheat Engine script, or did you custom-write a program to modify the memory?
Re: Swimhack
Never done a cheat engine script before lol. Here is simple program in vb(source).
Code: Select all
Public Class Form1
Dim toggle As Boolean = False
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
If toggle = False Then
toggle = True
writebytes(&H4DAC7, &H90, 1)
writebytes(&H4DAC8, &H90, 1)
writebytes(&H4DAC9, &H90, 1)
writebytes(&H4DACA, &H90, 1)
writebytes(&H4DACB, &H90, 1)
writebytes(&H4DACC, &H90, 1)
WritePointer(3, &H4BD98C, {&H204, &H5A8, &HEC, &H74, &HB4})
Me.Text = "on"
Else
toggle = False
writebytes(&H4DAC7, &H89, 1)
writebytes(&H4DAC8, &H83, 1)
writebytes(&H4DAC9, &HB4, 4)
Me.Text = "off"
End If
End Sub
End Class
Code: Select all
Module bleh
Private Declare Function OpenProcess Lib "kernel32" Alias "OpenProcess" (ByVal dwDesiredAccess As Integer, ByVal bInheritHandle As Integer, ByVal dwProcessId As Integer) As Integer
Private Declare Function ReadProcessMemory Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
Private Declare Function WriteProcessMemory Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandle" (ByVal hObject As Integer) As Integer
Public RBuff1 As Long
Dim baseaddr As Long = &H400000
Public Function writebytes(ByVal Address As Integer, value As Long, bytecount As Integer)
Dim Proc As Process() = Process.GetProcessesByName("Client")
If Proc.Length = 0 Then
End
End If
baseaddr = Proc(0).MainModule.BaseAddress.ToInt32()
Dim processHandle As IntPtr = OpenProcess(&H1F0FFF, 0, Proc(0).Id)
WriteProcessMemory(processHandle, baseaddr + Address, value, bytecount, Nothing)
CloseHandle(processHandle)
Return Nothing
End Function
Public Function WritePointer(ByVal Value As Long,
ByVal Base As Integer,
ByVal ParamArray Offsets As Short())
Dim fullAddress As Long
Dim Proc As Process() = Process.GetProcessesByName("Client")
If Proc.Length = 0 Then
Return 0
End If
Dim processHandle As IntPtr = OpenProcess(&H1F0FFF, 0, Proc(0).Id)
baseaddr = Proc(0).MainModule.BaseAddress.ToInt32()
ReadProcessMemory(processHandle, baseaddr + Base, RBuff1, 4, Nothing)
For i = 0 To Offsets.Count - 1
ReadProcessMemory(processHandle, fullAddress, RBuff1, 4, Nothing)
fullAddress = RBuff1 + Offsets(i)
Next i
WriteProcessMemory(processHandle, fullAddress, Value, 4, Nothing)
CloseHandle(processHandle)
End Function
End Module
Who is online
Users browsing this forum: Ahrefs [Bot] and 3 guests