• 2 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[BO/MP] Offsets // latest version in the last post
#1
PHP Code:
ENTITY_SIZE        0x328
CLIENT_SIZE        0x5C8
CG_OFFSET        0x2AB98100 
CLIENT_OFFSET        0x2ABF70E8 
ENTITY_OFFSET           0x2AC840DC 
REFDEF_OFFSET        0x2ABDAFC0 
VIEW_OFFSET        0xE40708 

PHP Code:
Trace             0x53C630;
DrawStretchPic         0x6EA690;
RegisterFont         0x6E90B0;
RegisterShader         0x6CDF40;
DrawEngineText         0x6EABC0
SendConsoleCommand    0x44DE80;
RegisterTag        0x6B1E70;
GetTagPos        0x426CA0;
GetWeaponOffset        0x4585D0

PHP Code:
void __declspec(nakednWallhack()
{
    
__asm pushad
    __asm cmp DWORD PTR 
[esp+0x20], 0x514C98
    __asm je doWallhack
    __asm cmp DWORD PTR 
[esp+0x20], 0x7C8646
    __asm je doWallhack
    __asm cmp DWORD PTR 
[esp+0x20], 0x7C89B6 
    __asm je doWallhack
    __asm jmp doJmp    
doWallhack
:
    
__asm mov [esp+0x30], 0x12
doJmp
:
    
__asm popad
    __asm jmp
[pWallhack]
}

detour at 0x6D7240 

refdefviewangles
PHP Code:
class CRefdef
{
public:
    
Vec3 refdefViewAngles//0000    
    
char unknown0[332];
    
__int32 x//0158
    
__int32 y//015C
    
__int32 width//0160
    
__int32 height//0164
    
float FovX//0168
    
float FovY//016C
    
float TotalFov//0170
    
Vec3 vOrigin//0174    
    
char unknown1[4];
    
Vec3 vAxis[3]; //0184
};

0x2ABDAFC0 0x158 0x2ABDAE68 


Credits:
cardoow UC
  Reply
#2
updated to new version

PHP Code:
// Functions
CG_Trace0x438A60
CG_Console
0x632210
CG_DrawString
0x6EB610
CG_RegisterTag
0x51A280
CG_RegisterFont
0x6E9880
CG_GetPlayerTag
0x4E2620
CG_GetPlayerMesh
0x5322E0
CG_RegisterShader
0x6CE930
CG_DrawStrectedPic
0x6EB0E0

// Classes
#define ENTITY_SIZE 0x328
#define CLIENT_SIZE 0x5C8
#define CLIENT_BASE 0x2ABF70E8
#define ENTITY_BASE 0x2AC840DC 


PHP Code:
ClientFrame Offset 0x00570020  
 RenderScene Offset 0x006E01D0  
 SendCommandToConsole Offset 0x00632210   
 DrawStretchPic Offset 0x006EB0E0  
 R_RegisterFont Offset 0x006E97E0  
 R_RegisterShader Offset 0x006CE930  
 R_RegisterTag Offset 0x0051A280  
 R_DrawEngineText Offset 0x006EB610  
 CG_Trace Offset 0x0050D310  
 GetTagPosition Offset 0x0063B240 
 GetWeaponInfo Offset 0x0050F140  
  
 weapon_t Pointer 0x2AC720DC   Pointer
0x00C9D784
 cg_t Offset 0x2AB98100  Pointer
0x00D2C790
 centity_t Offset 0x2AC840DC  Pointer
0x00D2F970
 clientInfo_t Offset 0x2ABF70E8  
 refdef_t Offset 0x2ABDAFDC  
 viewMatrix_t Offset 0x00E4378C  
 mouseInfo_t Offset 0x041C2154  
 playerSnap_t Offset 0x00E40FA0  
 dog_t Offset 0x00C76038 
 heli_t Offset 0x00C76AB8  
 rcxd_plane_t
0x00C75E78  
 renderer_t Offset
0x050C4B2C 
 ViewAngleX Offset
0x00E43808  
 ViewAngleY Offset
0x00E43804  
  
 Mouse On
/Off Byte0x04469C7D 

PHP Code:
ENTITY_SIZE        0x328
CLIENT_SIZE        0x5C8

DRAWSTRETCHPIC_OFFSET 0x6eb0e0
DRAWTEXT_OFFSET 0x6eb610
GETTAG_OFFSET 0x63b240
GETLPTAG_OFFSET 0x5322e0
REGISTERFONT_OFFSET 0x6e9880
REGISTERSHADER_OFFSET 0x6ce930
REGISTERTAG_OFFSET 0x51a280
TRACE_OFFSET 0x50d310
GETWEAPON_OFFSET 0x50f140
WEAPONNAME_OFFSET 0xc9d784
WALLHACK_OFFSET 0x6d7a30
PLAYERRETURN_OFFSET 0x61d2b8
PICKUPRETURN_OFFSET 0x7c8b06
EXPLOSIVERETURN_OFFSET 0x7c8e76

ENTITY_OFFSET 0x2ac840dc
CLIENT_OFFSET 0x2abf70e8
CG_OFFSET 0x2ab98100
REFDEF_OFFSET 0x2abdae68
CAMERA_OFFSET 0xe43790
VEHICLE_OFFSET 0x2abd8598
DOGS_OFFSET 0xc76038
HELI_OFFSET 0xc76ab8
RCXD_OFFSET 0xc75e78
SENTRY_OFFSET 0xc759f8 

thx to cyberdwak & K@N@VEL & cardoow
  Reply
#3
1.05 updates

[Image: offetsv53.png]
cardoow

PHP Code:
[php]MouseInfo_t*    MouseInfo = (MouseInfo_t*)0x48DAC58;
PlayerSnap_t*    PlayerSnap = (PlayerSnap_t*)0xE3FFA0
PHP Code:
weapon_t*  (__cdecl *GetWeapon)(int num) = (weapon_t* (__cdecl *)(int))0x53E1C0;//dword_C5C218
weapon_2_t*  (__cdecl *GetWeapon_2)(int num) = (weapon_2_t* (__cdecl *)(int))0x527170;//dword_C5C218 +8 
PHP Code:
RegisterTag0x00547470
GetPlayerMesh
0x00430410
GetPlayerTag
0x004670C0 
PHP Code:
void (__cdecl *CG_DrawStretchPicTheater)(Float2Style,  float xfloat yfloat wfloat hint a6int a7vec4_t colorqhandle_t shader) = (void (__cdecl *)(Float2*, floatfloatfloatfloatintintvec4_tqhandle_t ))0x005CFFB0
PHP Code:
void (*CG_Trace)(TraceTracevec3_t Startvec3_t Endint skipNumberint maskint a6int a7) = (void (__cdecl *)(Trace* , vec3_t vec3_t int int int int ))0x005FBBF0
PHP Code:
*(int *)0xE3FEA0 0x10;//show mouse cursor 
PHP Code:
void  (__cdecl *SendToConsole)( int flagchartext ) = (void (__cdecl *)( intchar* ))0x005BAAD0
PHP Code:
int  (__cdecl *k_AttackOn)() = (int (__cdecl *)())0x7FD580;
int  (__cdecl *k_AttackOff)() = (int (__cdecl *)())0x7FD650;

int  (__cdecl *k_KnifeOn)() = (int (__cdecl *)())0x7FD900;
int  (__cdecl *k_KnifeOff)() = (int (__cdecl *)())0x7FD910
PHP Code:
bool (*CG_EspIsVisible)( int noIdeaEntity *cent ) = (bool (__cdecl *)( intEntity *  ))0x00589550
PHP Code:
CG_RegisterFont:0x005C5220
CG_DrawString
:0x00530140 

king-orgy

PHP Code:
ViewAngleX 0xE4280C
ViewAngleY 
0xE42808

RenderDevice 
0x57DD680
ClientInfo 
0xD2B798
Entity 
0xD2E98C 

raiders
  Reply
#4
updated

Entities

Code:
/*
00903DA7  |. 69C0 2C030000  |IMUL EAX,EAX,32C - Size
00903DAD  |. 8D8408 0450F3F>|LEA EAX,DWORD PTR DS:[EAX+ECX+FFF35004]
00903DB4  |. EB 0F          |JMP SHORT BlackOps.00903DC5
00903DB6  |> 8B5424 18      |MOV EDX,DWORD PTR SS:[ESP+18]
00903DBA  |. 8B0495 8CF9D20>|MOV EAX,DWORD PTR DS:[EDX*4+D2F98C] Entity
00903DC1  |. 034424 1C      |ADD EAX,DWORD PTR SS:[ESP+1C]
*/
ClientInfo


Weapon

Code:
weapon_t*  (__cdecl *GetWeapon)(int num) = (weapon_t* (__cdecl *)(int))0x00434EB0;//dword_C5C218
weapon_2_t*  (__cdecl *GetWeapon_2)(int num) = (weapon_2_t* (__cdecl *)(int))0x00562C00;//dword_C5C218 +8
States

Code:
MouseInfo_t*    MouseInfo = (MouseInfo_t*)0x48DD0D8;
PlayerSnap_t*    PlayerSnap = (PlayerSnap_t*)0xE40FA0;
PlayerState_t*    PlayerState = (PlayerState_t*)0x352DA10;//finding   memset(&dword_352C9E0, 0, 9948u);  sub_40BEE0(14, "Delta from invalid frame (not supposed to happen!).\n");
Commands

Code:
int  (__cdecl *k_AttackOn)() = (int (__cdecl *)())0x7FE320;
int  (__cdecl *k_AttackOff)() = (int (__cdecl *)())0x7FE3F0;

int  (__cdecl *k_KnifeOn)() = (int (__cdecl *)())0x7FE6A0;
int  (__cdecl *k_KnifeOff)() = (int (__cdecl *)())0x7FE6B0;
others
Code:
int *                ping                = (int *)            0xE41020;
float *ViewAngleX = (float *)0xE4380C;
float *ViewAngleY = (float *)0xE43808;
Drawing

Code:
Media_t *    Media        = (Media_t *) 0xD2C7A8;
CG_DrawStretchPicTheater = 0x00606110
RegisterFont = 0x005AE450
CG_DrawString = 0x00602140

thanks to King-OrgY
  Reply
#5
1.07/7.0.90

Code:
D3DRenderer: 0x590D808
Game: 0xD4E1D4
Entity: 0xD513D0
GetWeapon (+0x8): 0x453530
Trace: 0x58A650
RegisterTag: 0x5C8070
PlayerMesh: 0x46B6D0
GetBone: 0x638310
ViewAngleX: 0xE653D0
ViewAngleY: 0xE653CC

And now for the fun part!

ClientInfo Class Size: 0x5D0
EntityInfo Class Size: 0x328
ClientInfo = (Game) + 0x5F228
RefDef = (Game) + 0x43100

by raiders
  Reply
#6
Quote:D3DRenderer: 0x590D808
Game: 0xD4E1D4
Entity:0xD513D0
GetWeapon: 0x6B2100
Trace: 0x4358D0
RegisterTag: 0x40DB20
PlayerMesh: 0x6962F0
GetBone: 0x5A0C20
StartAttack: 0x808590
StopAttack: 0x808660
StartKnife: 0x808910
StopKnife: 0x808920

Nothing else changed... that I use.

Edit: I guess ill throw up the other offsets that didnt change for those among us that are lazy.

ViewAngleX: 0xE653D0
ViewAngleY: 0xE653CC
ClientInfo Class Size: 0x5D0
EntityInfo Class Size: 0x328
ClientInfo = (Game) + 0x5F228
RefDef = (Game) + 0x43100

thx for sharing raiders
  Reply
#7
patch 1.09 updated sigs and patterns

Code:
#ifndef _BO_OFFSETS
#define _BO_OFFSETS

#define BO_MP_BASE         0x400000
#define BO_MP_SIZE         0x4FA4000
#define BO_MP_GAME         0x2BF97B80

#define CLASS_CENTITY      0x2C083EFC
#define CLASS_CG           0x2BF97B80
#define CLASS_CGS          0x2C009500
#define CLASS_CLIENTINFO   0x2BFF6DA8
#define CLASS_REFDEF       0x2BFDAB2C (with refdefViewAngles) - 0x2BFDAC80 (without)
#define CLASS_MEDIA        0xD50E80
#define CLASS_MATRIX       0xE687CC
#define CLASS_DOGS         0xC99D78
#define CLASS_HELI         0xC9A7F8
#define CLASS_RCXD         0xC99BB8
#define CLASS_SENTRY       0xC99738

#define CENTITY_SIZE       0x328
#define CLIENTINFO_SIZE    0x5D0

#define VIEW_X             0xE68850
#define VIEW_Y             0xE6884C

#define Trace              0x557760
#define AttackOn           0x808F80
#define AttackOff          0x809050
#define KnifeOn            0x809300
#define KnifeOff           0x809310

thx to king-orgy :)

#endif

Code:
D3DRenderer: 0x469E308
ClientInfo: 0xD50E74
Entity: 0xD54070
GetWeapon (+0x8): 0x5658F0
Trace: 0x557760
RegisterTag: 0x6B0500
PlayerMesh: 0x63D1F0
GetBone: 0x51D9B0
ViewAngleX: 0xE68850
ViewAngleY: 0xE6884C
+attack: 0x808F80
-attack: 0x809050
+melee: 0x809300
-melee: 0x809310

SIGS:

Code:
Entity/CG Struct:
Sig: \xe8\x00\x00\x00\x00\x8b\x15\x00\x00\x00\x00\x52\x57\xe8\x00\x00\x00\x00\x83\xc4\x20
Mask: x????xx????xxx????xxx
Entity struct pointer: *(DWORD*)(RetAddr+0x2F+0x2)
CG struct pointer: *(DWORD*)(RetAddr+0x17+0x2)


DrawEngineText:
Sig: \x55\x8b\x6c\x24\x08\x80\x7d\x00\x00\x56\x57\x0f\x84\x00\x00\x00\x00\x8b\xc5\x8d\x50\x01
Mask: xxxxxxxxxxxxx????xxxxx

DrawStretchPic:
Sig: \x8b\x44\x24\x28\xd9\x44\x24\x20\x8b\x4c\x24\x24\x50\x51\x83\xec\x24\xd9\x5c\x24\x20
Mask: xxxxxxxxxxxxxxxxxxxxx


EspVisible:
Sig: \x83\xec\x30\x56\x8b\x35\x00\x00\x00\x00\xe8\x00\x00\x00\x00\x84\xc0
Mask: xxxxxx????x????xx


RegisterTag:
Sig: \x8b\x44\x24\x04\x6a\x00\x6a\x01\x50\xe8\x00\x00\x00\x00\x83\xc4\x0c\xc3
Mask: xxxxxxxxxx????xxxx


RegisterFont:
Sig: \x8b\x44\x24\x04\x6a\xff\x6a\x01\x50\x6a\x14\xe8\x00\x00\x00\x00\x83\xc4\x10
Mask: xxxxxxxxxxxx????xxx


RegisterShader:
Sig: \x8b\x4c\x24\x04\x80\x39\x00\x75\x00\xa1\x00\x00\x00\x00\xc3
Mask: xxxxxxxx?x????x


GetTagPos:
Sig: \xd9\x46\x10\x8b\x44\x24\x1c\xd9\x18\x5f\xd9\x46\x14\xd9\x58\x04\xd9\x46\x18\x5e\xd9\x58\x08\xb8\x00\x00\x00\x00\x59\xc3
Mask: xxxxxxxxxxxxxxxxxxxxxxxx????xx
RetAddr-=0x52


ViewAngles:
Sig: \x56\xe8\x00\x00\x00\x00\x83\xc4\x04\x6a\x0c\x68\x00\x00\x00\x00
Mask: xx????xxxxxx????
*(DWORD*)(RetAddr+0xB+0x1)

Code:
Functions:
bool bDataCompare(const BYTE* pData,const BYTE* bMask,const char* pszMask)
{
    for(;*pszMask;++pszMask,++pData,++bMask)
        if(*pszMask=='x' && *pData!=*bMask)
            return false;
    return (*pszMask)==0;
}

DWORD dwFindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char *pszMask)
{
    for(DWORD i=0;i<dwLen;i++)
        if(bDataCompare((BYTE*)(dwAddress+i),bMask,pszMask))
            return (DWORD)(dwAddress+i);
    return 0;
}

Usage:
RetAddr=dwFindPatter(StartAddr,Length,Sig,Mask);





Thanks to
King Orgy
CypherPresents
raiders
godly
dom1n1k - FindPattern
and all people at UC/GD
  Reply
#8
Code:
D3DRenderer: 0x46A3C88
ClientInfo: 0xD52EF4
Entity: 0xD560F0
GetWeapon (+0x8): 0x5827A0
Trace: 0x6764D0
RegisterTag: 0x5A4C60
PlayerMesh: 0x533F90
GetBone: 0x553380
ViewAngleX: 0xE6E1D0
ViewAngleY: 0xE6E1CC
+attack: 0x80A540
-attack: 0x80A610
+melee: 0x80A8C0
-melee: 0x80A8D0

Credits:
king-orgy
cardoow
raiders
CypherPresents
UC&GD
  Reply
#9
Code:
D3DRenderer: 0x46AC208
ClientInfo: 0xD52EF4
Entity: 0xD560F0
GetWeapon (+0x8): 0x54BB40
Trace: 0x64A4E0
RegisterTag: 0x69F970
PlayerMesh: 0x5606C0
GetBone: 0x540150
ViewAngleX: 0xE6E250
ViewAngleY: 0xE6E24C
+attack: 0x80A7E0
-attack: 0x80A8B0
+melee: 0x80AB60
-melee: 0x80AB70
byteScoped: 0xE6BA00

Code:
dword_D52EF4 = (void *)sub_5DC2F0(a1, 465280 * a2, 128, "cgArray");
  dword_D52EC4 = (void *)sub_5DC2F0(a1, 12744 * a2, 8, "cgsArray");
  dword_CC57B0 = sub_5DC2F0(a1, 415744 * a2, 4, "cg_fakeEntitiesArray");
  result = sub_5DC2F0(a1, 52 * a2, 4, "cg_viewModelArray");
  v3 = 0;
  for ( dword_CC3540 = result; v3 < a2; ++v3 )
  {
    *(&dword_CC3544 + v3) = (void *)sub_5DC2F0(a1, 73728, 4, "cg_weaponsArray");
    *(&dword_D560F0 + v3) = (void *)sub_5DC2F0(a1, 827392, 4, "cg_entitiesArray");
    dword_D56390[v3] = sub_5DC2F0(a1, 18432, 4, "cg_entityOriginArray");
    *(&dword_39ED130 + v3) = (void *)sub_5DC2F0(a1, 24768, 4, "cg_destructibles");
    v4 = (void *)sub_5DC2F0(a1, 118272, 16, "ikStatesArray");
    dword_D5614C[v3] = (int)v4;
    memset(v4, 0, 0x1CE00u);
    result = sub_5F2760(dword_D5614C[v3], v3);
  }
  return result;
}

Code:
Structures:
CG: 0xD52EF4
Ent: 0xD560F0
ViewMatrix: 0xE6E1CC
Sentrys: 0xC9B7B8
Choppers: 0xC9C878
Dogs: 0xC9BDF8
RCXDs: 0xC9BC38
Media: 0xD52F00
MouseInfo: 0x37708F8
PlayerSnap: 0xE6B9C0

Functions:
AttackON/OFF: 0x80A7E0/0x80A8B0
MeleeON/OFF: 0x80AB60/0x80AB70
DrawEngineText: 0x6F7B40
DrawStretchPic: 0x6F7610
Draw2D_Debug_Line: 0x40B720
Draw3D_Debug_Line: 0x5442F0
CG_DrawNameTags: 0x4DF570
IsESPVisible: 0x6C20E0
CG_Trace: 0x56E0A0
GetTagPos: 0x540150
Set_Weapon_CL_Trace: 0x64A4E0
RegisterTag: 0x55F730
RegisterFont: 0x6F5AA0
RegisterShader: 0x6DA9C0

Other:
ViewAngles: 0xE6E24C
SetZoom: 0xE6BA00

Possible vars:
Primary Ammo1: 0xE6BE28
Primary Ammo2: 0xE6BDB0
Secondary Ammo1: 0xE6BE20
Secondary Ammo2: 0xE6BDA8
Lethal Ammo: 0xE6BE30
Tactical Ammo: 0xE6BE38
Equipment Ammo: 0xE6BE40

Credits:
godly
raiders
King-Orgy
UC&GD
  Reply
#10
I'm sorry but what exactly are these for ? Out of curiosity.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  MW3 Server Version superg1973 7 12,028 10-28-2013, 01:15
Last Post: kotyra972
  [Release] LF's BO2 Trainer (Latest Version) LegitFlash 3 4,529 06-11-2013, 18:14
Last Post: surtek
  Server Version 1.9.463 Hallla 7 9,070 05-09-2013, 20:27
Last Post: hillbilly
  Last version of Addon .sepultura. 2 3,148 05-01-2013, 19:13
Last Post: .sepultura.
  [Request] Addon Version 1.318 Bandarigoda123 2 2,997 04-20-2013, 07:41
Last Post: Bandarigoda123
  [Tutorial] How to install plugin in a MW3 4d1 B3 version ?? lansingrama 2 3,862 04-06-2013, 02:27
Last Post: DidUknowiPwn
Tongue [Release] Mw3 Server Offsets Updater! barata 28 17,154 02-13-2013, 21:19
Last Post: 99IRock
  Post your trolls! (top 10 will be listed) 99IRock 28 11,777 01-28-2013, 12:01
Last Post: JariZ
  [Release] Sprint Disable Plugin for version 1.9.446 blueberry9 5 4,067 01-21-2013, 22:00
Last Post: thanatos
  [News] MW3 VERSION UPDATE hillbilly 11 9,076 12-21-2012, 14:02
Last Post: blueberry9

Forum Jump:


Users browsing this thread: 1 Guest(s)