├── LICENCE ├── README.md ├── config.cfg ├── csgo └── csgo.v ├── memory └── memory.v ├── offset └── offset.v ├── process └── process.v └── vack.v /LICENCE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 EasyHax 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Vack 2 | CSGO External hack written in V 3 | 4 | #### Pattern Scanning and updating all offsets from [hazedumper](https://github.com/frk1/hazedumper/blob/master/config.json) 5 | 6 | #### Wallhack with health related colors for teammates and opponents 7 |

8 | 9 | #### Aimbot with smooth and fov selection 10 | 11 | #### Triggerbot 12 | 13 | #### Usage 14 | 15 | * Get V [here](https://github.com/vlang/v/blob/master/README.md#installing-v-from-source) 16 | 17 | * $ **v vack.v --enable-globals**, run **vack.exe** 18 | * $ **v run vack.v --enable-globals** 19 | 20 | #### TODO 21 | 22 | * Bhop - done 23 | * Triggerbot delay - done 24 | * Multithreading - done 25 | * Optimizations 26 | * Keybinds 27 | -------------------------------------------------------------------------------- /config.cfg: -------------------------------------------------------------------------------- 1 | { 2 | "_NOTE": "{key} use VirtualKey Enum : check it here [https://docs.microsoft.com/en-us/uwp/api/windows.system.virtualkey]", 3 | 4 | "_BONES": "head: 8 body: 6 right_hand: 39 left_hand: 13 right_leg: 73 left_leg: 66 right_foot: 74 left_foot: 67", 5 | 6 | "aimbot": 7 | { 8 | "key": 86, 9 | "smooth": 10, 10 | "fov": 5, 11 | "bone": 8 12 | }, 13 | 14 | "trigger": 15 | { 16 | "key": 2, 17 | "delay": 0 18 | }, 19 | 20 | "bunnyhop": 21 | { 22 | "key": 32 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /csgo/csgo.v: -------------------------------------------------------------------------------- 1 | module csgo 2 | 3 | import memory 4 | import math 5 | 6 | __global g_csgo Csgo 7 | 8 | pub struct Csgo { 9 | pub mut: 10 | localplayer Player 11 | } 12 | 13 | // ############################################## 14 | pub fn (csgo Csgo) client() int { 15 | return g_proc.modules['client.dll'].base 16 | } 17 | 18 | pub fn (csgo Csgo) engine() int { 19 | return g_proc.modules['engine.dll'].base 20 | } 21 | 22 | pub fn (csgo Csgo) clientstate() int { 23 | return memory.read(csgo.engine() + g_sgn['dwClientState']) 24 | } 25 | 26 | pub fn (csgo Csgo) entity_list() int { 27 | return csgo.client() + g_sgn['dwEntityList'] 28 | } 29 | 30 | pub fn (csgo Csgo) glow() int { 31 | return memory.read(csgo.client() + g_sgn['dwGlowObjectManager']) 32 | } 33 | 34 | pub fn (csgo Csgo) max_players() int { 35 | return memory.read(csgo.clientstate() + g_sgn['dwClientState_MaxPlayer']) 36 | } 37 | 38 | pub fn (csgo Csgo) localplayer() Player { 39 | return Player{memory.read(csgo.client() + g_sgn['dwLocalPlayer'])} 40 | } 41 | 42 | pub fn (csgo Csgo) player_by_index(index int) Player { 43 | return Player{memory.read(csgo.entity_list() + 0x10 * index)} 44 | } 45 | 46 | pub fn (csgo Csgo) jump() { 47 | memory.write(csgo.client() + g_sgn['dwForceJump'], 6) 48 | } 49 | 50 | pub fn (csgo Csgo) get_view_angles() Vector { 51 | return memory.read(csgo.clientstate() + g_sgn['dwClientState_ViewAngles']) 52 | } 53 | 54 | pub fn (csgo Csgo) set_view_angles(vec_angles Vector) { 55 | memory.write(csgo.clientstate() + g_sgn['dwClientState_ViewAngles'], vec_angles) 56 | } 57 | 58 | pub fn (csgo Csgo) get_enemies_from(players []Player) []Player { 59 | mut enemies := []Player{} 60 | 61 | for player in players { 62 | if player.is_enemy() { 63 | enemies << player 64 | } 65 | } 66 | return enemies 67 | } 68 | 69 | pub fn (csgo Csgo) get_enemies() []Player { 70 | mut players := []Player{} 71 | 72 | for i in 0 .. csgo.max_players() { 73 | player := csgo.player_by_index(i) 74 | if player.addr == 0 { 75 | break 76 | } 77 | if player.is_alive() && player.is_enemy() { 78 | players << player 79 | } 80 | } 81 | return players 82 | } 83 | 84 | pub fn (csgo Csgo) get_players() []Player { 85 | mut players := []Player{} 86 | 87 | for i in 0 .. csgo.max_players() { 88 | player := csgo.player_by_index(i) 89 | if player.addr == 0 { 90 | break 91 | } 92 | if player.is_alive() { 93 | players << player 94 | } 95 | } 96 | return players 97 | } 98 | 99 | // ############################################## 100 | pub fn (p Player) health() int { 101 | return memory.read(p.addr + g_ntv.m_ihealth) 102 | } 103 | 104 | pub fn (p Player) is_alive() bool { 105 | return p.health() > 0 106 | } 107 | 108 | pub fn (p Player) is_spotted() bool { 109 | return memory.read(p.addr + g_ntv.m_bspottedbymask) != 0 110 | } 111 | 112 | pub fn (p Player) flag() int { 113 | return memory.read(p.addr + g_ntv.m_fflags) 114 | } 115 | 116 | pub fn (p Player) team() int { 117 | return memory.read(p.addr + g_ntv.m_iteamnum) 118 | } 119 | 120 | pub fn (p Player) glow_id() int { 121 | return memory.read(p.addr + g_ntv.m_iglowindex) 122 | } 123 | 124 | pub fn (p Player) get_glow() Glow_t { 125 | return memory.read(g_csgo.glow() + p.glow_id() * 0x38) 126 | } 127 | 128 | pub fn (p Player) set_glow(glow_t Glow_t) { 129 | memory.write(g_csgo.glow() + p.glow_id() * 0x38, glow_t) 130 | } 131 | 132 | pub fn (p Player) dormant() bool { 133 | return memory.read(p.addr + g_sgn['m_bDormant']) == 1 134 | } 135 | 136 | pub fn (p Player) is_enemy() bool { 137 | return p.team() != g_csgo.localplayer.team() 138 | } 139 | 140 | pub fn (p Player) aimpunch() Vector { 141 | return memory.read(p.addr + g_ntv.m_aimpunchangle) * Vector{2, 2, 2} 142 | } 143 | 144 | pub fn (p Player) eyepos() Vector { 145 | pos := p.pos() 146 | return Vector{ 147 | x: pos.x 148 | y: pos.y 149 | z: pos.z + p.viewof().z 150 | } 151 | } 152 | 153 | pub fn (p Player) pos() Vector { 154 | return memory.read(p.addr + g_ntv.m_vecorigin) 155 | } 156 | 157 | pub fn (p Player) viewof() Vector { 158 | return memory.read(p.addr + g_ntv.m_vecviewoffset) 159 | } 160 | 161 | pub fn (p Player) bone_matrix() int { 162 | return memory.read(p.addr + g_ntv.m_dwbonematrix) 163 | } 164 | 165 | pub fn (p Player) crosshair_id() int { 166 | return memory.read(p.addr + g_ntv.m_icrosshairid) - 1 167 | } 168 | 169 | pub fn (p Player) bone_pos(bone Bone) Vector { 170 | bone_matrix := p.bone_matrix() + 0x30 * int(bone) + 0x0C 171 | 172 | return Vector{ 173 | x: memory.read(bone_matrix + 0x00) 174 | y: memory.read(bone_matrix + 0x10) 175 | z: memory.read(bone_matrix + 0x20) 176 | } 177 | } 178 | 179 | pub struct Player { 180 | pub: 181 | addr int 182 | } 183 | 184 | // ############################################## 185 | pub fn (v1 Vector) angle_with(v2 Vector) Vector { 186 | diff := v1 - v2 187 | dist := diff.magnitude() 188 | 189 | mut vec := Vector{ 190 | x: f32(math.asin(diff.z / dist) * (180 / math.pi)) 191 | y: f32(math.atan(diff.y / diff.x) * (180 / math.pi)) 192 | z: f32(0) 193 | } 194 | 195 | vec.y = if diff.x > 0 { vec.y + 180 } else { vec.y } 196 | vec.y = if vec.y > 180 { vec.y - 360 } else { vec.y } 197 | 198 | return vec 199 | } 200 | 201 | pub fn (to Vector) smooth_from(from Vector, s f32) Vector { 202 | vec_smooth := Vector{s, s, s} 203 | return (to - from) / vec_smooth + from 204 | } 205 | 206 | pub fn (mut v Vector) clamp() { 207 | if v.x > 89.0 && v.x <= 180.0 { 208 | v.x = 89.0 209 | } 210 | for v.x > 180 { 211 | v.x -= 360 212 | } 213 | for v.x < -89.0 { 214 | v.x = -89.0 215 | } 216 | for v.y > 180 { 217 | v.y -= 360 218 | } 219 | for v.y < -180 { 220 | v.y += 360 221 | } 222 | v.z = 0 223 | } 224 | 225 | pub fn (v1 Vector) fov_with(v2 Vector) f64 { 226 | return (v1 - v2).magnitude() 227 | } 228 | 229 | pub fn (mut v Vector) abs() { 230 | v.x = f32(math.abs(v.x)) 231 | v.y = f32(math.abs(v.y)) 232 | v.z = f32(math.abs(v.z)) 233 | } 234 | 235 | pub fn (v Vector) magnitude() f32 { 236 | return math.sqrtf(math.powf(v.x, 2) + math.powf(v.y, 2) + math.powf(v.z, 2)) 237 | } 238 | 239 | fn (v2 Vector) +(v1 Vector) Vector { 240 | return Vector{v2.x + v1.x, v2.y + v1.y, v2.z + v1.z} 241 | } 242 | 243 | fn (v2 Vector) -(v1 Vector) Vector { 244 | return Vector{v2.x - v1.x, v2.y - v1.y, v2.z - v1.z} 245 | } 246 | 247 | fn (v2 Vector) *(v1 Vector) Vector { 248 | return Vector{v2.x * v1.x, v2.y * v1.y, v2.z * v1.z} 249 | } 250 | 251 | fn (v2 Vector) /(v1 Vector) Vector { 252 | return Vector{v2.x / v1.x, v2.y / v1.y, v2.z / v1.z} 253 | } 254 | 255 | pub struct Vector { 256 | pub mut: 257 | x f32 258 | y f32 259 | z f32 260 | } 261 | 262 | // ############################################## 263 | 264 | pub struct Glow_t { 265 | pub mut: 266 | pad0 [4]byte 267 | r f32 268 | g f32 269 | b f32 270 | a f32 271 | pad1 [16]byte 272 | when_occluded bool 273 | when_unoccluded bool 274 | full_bloom bool 275 | } 276 | 277 | pub enum Bone { 278 | head = 8 279 | body = 6 280 | right_hand = 39 281 | left_hand = 13 282 | right_leg = 73 283 | left_leg = 66 284 | right_foot = 74 285 | left_foot = 67 286 | } 287 | -------------------------------------------------------------------------------- /memory/memory.v: -------------------------------------------------------------------------------- 1 | module memory 2 | 3 | import offset 4 | 5 | fn init() int { 6 | modules_buffer = map[string][]byte{} 7 | return 1 8 | } 9 | 10 | __global g_mem Memory 11 | 12 | fn C.ReadProcessMemory (arg_1, arg_2 int, arg_3 voidptr, arg_4 int, arg_5 voidptr) int 13 | fn C.WriteProcessMemory(arg_1, arg_2 int, arg_3 voidptr, arg_4 int, arg_5 voidptr) int 14 | 15 | fn C.GetAsyncKeyState(arg_1 Vkey) int 16 | 17 | pub struct Memory { 18 | pub: 19 | handle int 20 | } 21 | 22 | pub fn read(addr int) T { 23 | unsafe { 24 | mut data := T{} 25 | C.ReadProcessMemory(g_mem.handle, addr, &data, sizeof(T), 0) 26 | return data 27 | } 28 | } 29 | 30 | pub fn read_array(addr, count int) []byte { 31 | unsafe { 32 | ptr := malloc(count) 33 | C.ReadProcessMemory(g_mem.handle, addr, ptr, count, 0) 34 | // temp hack 35 | mut data := []byte{} 36 | for i in 0 .. count { 37 | unsafe { 38 | data << *byteptr((int(ptr) + i)) 39 | } 40 | } 41 | /* 42 | data := []byte{ len: count, init: 0 } 43 | C.ReadProcessMemory( g_mem.handle, addr, &data, count, 0 ) 44 | */ 45 | return data 46 | } 47 | } 48 | 49 | /* 50 | pub fn read_array( addr, count int ) []T { 51 | unsafe { 52 | mut data := [count]T{} 53 | C.ReadProcessMemory( g_mem.handle, addr, &data, sizeof(T) * count, 0 ) 54 | return data 55 | } 56 | } 57 | */ 58 | pub fn write(addr int, data T) { 59 | unsafe { 60 | C.WriteProcessMemory(g_mem.handle, addr, &data, sizeof(T), 0) 61 | } 62 | } 63 | 64 | /* 65 | pub fn write_array( addr int, arr []T ) { 66 | unsafe { 67 | C.WriteProcessMemory( g_mem.handle, addr, &data, sizeof(T) * arr.len, 0 ) 68 | } 69 | } 70 | */ 71 | pub fn is_key_down(vkey Vkey) bool { 72 | key_state := C.GetAsyncKeyState(vkey) 73 | return key_state == 0x8000 || key_state == -0x8000 74 | } 75 | 76 | // ############################################## 77 | __global modules_buffer map[string][]byte 78 | pub fn (m Memory) sig_scan(sig offset.Sig) int { 79 | mut buffer := []byte{} 80 | mod := g_proc.modules[sig.mod_name] 81 | 82 | if mod.handle == 0 { return -1 } 83 | 84 | if modules_buffer[sig.mod_name].len == 0 { 85 | // buffer = memory.read_array( mod.base, mod.size ) 86 | buffer = read_array(mod.base, mod.size) 87 | modules_buffer[sig.mod_name] = buffer 88 | } 89 | else { buffer = modules_buffer[sig.mod_name] } 90 | 91 | mut addr := m.scan_pattern_from_buffer(buffer, sig.pattern) 92 | if addr == -1 { return addr } 93 | 94 | if sig.offsets.len != 0 { 95 | addr = read(addr + mod.base + sig.offset()) + sig.extra 96 | addr = if sig.relative { addr - mod.base } else { addr } 97 | } 98 | else { addr += sig.extra } 99 | 100 | return addr 101 | } 102 | 103 | pub fn (m Memory) scan_pattern_from_buffer(buffer []byte, signature string) int { 104 | s := signature.split(' ') 105 | mut p := []int{} 106 | for i in 0 .. s.len { 107 | if s[i].contains('?') { 108 | p << -1 109 | } else { 110 | b := '0x' + s[i] 111 | p << b.int() 112 | } 113 | } 114 | for i in 0 .. buffer.len - s.len { 115 | for j in 0 .. s.len { 116 | if buffer[i + j] != p[j] && p[j] != -1 { 117 | break 118 | } 119 | if j == s.len - 1 { 120 | return i 121 | } 122 | } 123 | } 124 | return -1 125 | } 126 | 127 | // ############################################## 128 | pub enum Vkey { 129 | leftbutton = 0x01 130 | rightbutton = 0x02 131 | cancel = 0x03 132 | middlebutton = 0x04 133 | extrabutton1 = 0x05 134 | extrabutton2 = 0x06 135 | back = 0x08 136 | tab = 0x09 137 | clear = 0x0c 138 | ret = 0x0d 139 | shift = 0x10 140 | control = 0x11 141 | menu = 0x12 142 | pause = 0x13 143 | capslock = 0x14 144 | kana = 0x15 145 | hangeul = 0x15 146 | hangul = 0x15 147 | junja = 0x17 148 | final = 0x18 149 | hanja = 0x19 150 | kanji = 0x19 151 | escape = 0x1b 152 | convert = 0x1c 153 | nonconvert = 0x1d 154 | accept = 0x1e 155 | modechange = 0x1f 156 | space = 0x20 157 | prior = 0x21 158 | next = 0x22 159 | end = 0x23 160 | home = 0x24 161 | left = 0x25 162 | up = 0x26 163 | right = 0x27 164 | down = 0x28 165 | sel = 0x29 166 | print = 0x2a 167 | execute = 0x2b 168 | snapshot = 0x2c 169 | insert = 0x2d 170 | delete = 0x2e 171 | help = 0x2f 172 | n0 = 0x30 173 | n1 = 0x31 174 | n2 = 0x32 175 | n3 = 0x33 176 | n4 = 0x34 177 | n5 = 0x35 178 | n6 = 0x36 179 | n7 = 0x37 180 | n8 = 0x38 181 | n9 = 0x39 182 | a = 0x41 183 | b = 0x42 184 | c = 0x43 185 | d = 0x44 186 | e = 0x45 187 | f = 0x46 188 | g = 0x47 189 | h = 0x48 190 | i = 0x49 191 | j = 0x4a 192 | k = 0x4b 193 | l = 0x4c 194 | m = 0x4d 195 | n = 0x4e 196 | o = 0x4f 197 | p = 0x50 198 | q = 0x51 199 | r = 0x52 200 | s = 0x53 201 | t = 0x54 202 | u = 0x55 203 | v = 0x56 204 | w = 0x57 205 | x = 0x58 206 | y = 0x59 207 | z = 0x5a 208 | leftwindows = 0x5b 209 | rightwindows = 0x5c 210 | application = 0x5d 211 | sleep = 0x5f 212 | numpad0 = 0x60 213 | numpad1 = 0x61 214 | numpad2 = 0x62 215 | numpad3 = 0x63 216 | numpad4 = 0x64 217 | numpad5 = 0x65 218 | numpad6 = 0x66 219 | numpad7 = 0x67 220 | numpad8 = 0x68 221 | numpad9 = 0x69 222 | multiply = 0x6a 223 | add = 0x6b 224 | separator = 0x6c 225 | subtract = 0x6d 226 | decimal = 0x6e 227 | divide = 0x6f 228 | f1 = 0x70 229 | f2 = 0x71 230 | f3 = 0x72 231 | f4 = 0x73 232 | f5 = 0x74 233 | f6 = 0x75 234 | f7 = 0x76 235 | f8 = 0x77 236 | f9 = 0x78 237 | f10 = 0x79 238 | f11 = 0x7a 239 | f12 = 0x7b 240 | f13 = 0x7c 241 | f14 = 0x7d 242 | f15 = 0x7e 243 | f16 = 0x7f 244 | f17 = 0x80 245 | f18 = 0x81 246 | f19 = 0x82 247 | f20 = 0x83 248 | f21 = 0x84 249 | f22 = 0x85 250 | f23 = 0x86 251 | f24 = 0x87 252 | numlock = 0x90 253 | scrolllock = 0x91 254 | nec_equal = 0x92 255 | fujitsu_jisho = 0x92 256 | fujitsu_masshou = 0x93 257 | fujitsu_touroku = 0x94 258 | fujitsu_loya = 0x95 259 | fujitsu_roya = 0x96 260 | leftshift = 0xa0 261 | rightshift = 0xa1 262 | leftcontrol = 0xa2 263 | rightcontrol = 0xa3 264 | leftmenu = 0xa4 265 | rightmenu = 0xa5 266 | browserback = 0xa6 267 | browserforward = 0xa7 268 | browserrefresh = 0xa8 269 | browserstop = 0xa9 270 | browsersearch = 0xaa 271 | browserfavorites = 0xab 272 | browserhome = 0xac 273 | volumemute = 0xad 274 | volumedown = 0xae 275 | volumeup = 0xaf 276 | medianexttrack = 0xb0 277 | mediaprevtrack = 0xb1 278 | mediastop = 0xb2 279 | mediaplaypause = 0xb3 280 | launchmail = 0xb4 281 | launchmediaselect = 0xb5 282 | launchapplication1 = 0xb6 283 | launchapplication2 = 0xb7 284 | oem1 = 0xba 285 | oemplus = 0xbb 286 | oemcomma = 0xbc 287 | oemminus = 0xbd 288 | oemperiod = 0xbe 289 | oem2 = 0xbf 290 | oem3 = 0xc0 291 | oem4 = 0xdb 292 | oem5 = 0xdc 293 | oem6 = 0xdd 294 | oem7 = 0xde 295 | oem8 = 0xdf 296 | oemax = 0xe1 297 | oem102 = 0xe2 298 | icohelp = 0xe3 299 | ico00 = 0xe4 300 | processkey = 0xe5 301 | icoclear = 0xe6 302 | packet = 0xe7 303 | oemreset = 0xe9 304 | oemjump = 0xea 305 | oempa1 = 0xeb 306 | oempa2 = 0xec 307 | oempa3 = 0xed 308 | oemwsctrl = 0xee 309 | oemcusel = 0xef 310 | oemattn = 0xf0 311 | oemfinish = 0xf1 312 | oemcopy = 0xf2 313 | oemauto = 0xf3 314 | oemenlw = 0xf4 315 | oembacktab = 0xf5 316 | attn = 0xf6 317 | crsel = 0xf7 318 | exsel = 0xf8 319 | ereof = 0xf9 320 | play = 0xfa 321 | zoom = 0xfb 322 | noname = 0xfc 323 | pa1 = 0xfd 324 | oemclear = 0xfe 325 | } 326 | -------------------------------------------------------------------------------- /offset/offset.v: -------------------------------------------------------------------------------- 1 | module offset 2 | 3 | import net.http 4 | import json 5 | 6 | __global g_sgn map[string]int 7 | __global g_ntv Netvar 8 | __global o_sgn Signature 9 | 10 | fn init() int { 11 | g_sgn = map[string]int{} 12 | return 1 13 | } 14 | 15 | struct Signature { 16 | pub: 17 | anim_overlays int [json:anim_overlays ] 18 | clientstate_choked_commands int [json:clientstate_choked_commands ] 19 | clientstate_delta_ticks int [json:clientstate_delta_ticks ] 20 | clientstate_last_outgoing_command int [json:clientstate_last_outgoing_command] 21 | clientstate_net_channel int [json:clientstate_net_channel ] 22 | convar_name_hash_table int [json:convar_name_hash_table ] 23 | dwclientstate int [json:dwClientState ] 24 | dwclientstate_getlocalplayer int [json:dwClientState_GetLocalPlayer ] 25 | dwclientstate_ishltv int [json:dwClientState_IsHLTV ] 26 | dwclientstate_map int [json:dwClientState_Map ] 27 | dwclientstate_mapdirectory int [json:dwClientState_MapDirectory ] 28 | dwclientstate_maxplayer int [json:dwClientState_MaxPlayer ] 29 | dwclientstate_playerinfo int [json:dwClientState_PlayerInfo ] 30 | dwclientstate_state int [json:dwClientState_State ] 31 | dwclientstate_viewangles int [json:dwClientState_ViewAngles ] 32 | dwentitylist int [json:dwEntityList ] 33 | dwforceattack int [json:dwForceAttack ] 34 | dwforceattack2 int [json:dwForceAttack2 ] 35 | dwforcebackward int [json:dwForceBackward ] 36 | dwforceforward int [json:dwForceForward ] 37 | dwforcejump int [json:dwForceJump ] 38 | dwforceleft int [json:dwForceLeft ] 39 | dwforceright int [json:dwForceRight ] 40 | dwgamedir int [json:dwGameDir ] 41 | dwgamerulesproxy int [json:dwGameRulesProxy ] 42 | dwgetallclasses int [json:dwGetAllClasses ] 43 | dwglobalvars int [json:dwGlobalVars ] 44 | dwglowobjectmanager int [json:dwGlowObjectManager ] 45 | dwinput int [json:dwInput ] 46 | dwinterfacelinklist int [json:dwInterfaceLinkList ] 47 | dwlocalplayer int [json:dwLocalPlayer ] 48 | dwmouseenable int [json:dwMouseEnable ] 49 | dwmouseenableptr int [json:dwMouseEnablePtr ] 50 | dwplayerresource int [json:dwPlayerResource ] 51 | dwradarbase int [json:dwRadarBase ] 52 | dwsensitivity int [json:dwSensitivity ] 53 | dwsensitivityptr int [json:dwSensitivityPtr ] 54 | dwsetclantag int [json:dwSetClanTag ] 55 | dwviewmatrix int [json:dwViewMatrix ] 56 | dwweapontable int [json:dwWeaponTable ] 57 | dwweapontableindex int [json:dwWeaponTableIndex ] 58 | dwyawptr int [json:dwYawPtr ] 59 | dwzoomsensitivityratioptr int [json:dwZoomSensitivityRatioPtr ] 60 | dwbsendpackets int [json:dwbSendPackets ] 61 | dwppdirectddevice int [json:dwppDirectDDevice ] 62 | find_hud_element int [json:find_hud_element ] 63 | force_update_spectator_glow int [json:force_update_spectator_glow ] 64 | interface_engine_cvar int [json:interface_engine_cvar ] 65 | is_c_owner int [json:is_c_owner ] 66 | m_bdormant int [json:m_bDormant ] 67 | m_flspawntime int [json:m_flSpawnTime ] 68 | m_pstudiohdr int [json:m_pStudioHdr ] 69 | m_pitchclassptr int [json:m_pitchClassPtr ] 70 | m_yawclassptr int [json:m_yawClassPtr ] 71 | model_ambient_min int [json:model_ambient_min ] 72 | set_abs_angles int [json:set_abs_angles ] 73 | set_abs_origin int [json:set_abs_origin ] 74 | } 75 | 76 | pub struct Netvar { 77 | pub: 78 | cs_gamerules_data int [json:cs_gamerules_data ] 79 | m_armorvalue int [json:m_ArmorValue ] 80 | m_collision int [json:m_Collision ] 81 | m_collisiongroup int [json:m_CollisionGroup ] 82 | m_local int [json:m_Local ] 83 | m_movetype int [json:m_MoveType ] 84 | m_originalownerxuidhigh int [json:m_OriginalOwnerXuidHigh ] 85 | m_originalownerxuidlow int [json:m_OriginalOwnerXuidLow ] 86 | m_survivalgameruledecisiontypes int [json:m_SurvivalGameRuleDecisionTypes] 87 | m_survivalrules int [json:m_SurvivalRules ] 88 | m_aimpunchangle int [json:m_aimPunchAngle ] 89 | m_aimpunchanglevel int [json:m_aimPunchAngleVel ] 90 | m_angeyeanglesx int [json:m_angEyeAnglesX ] 91 | m_angeyeanglesy int [json:m_angEyeAnglesY ] 92 | m_bbombplanted int [json:m_bBombPlanted ] 93 | m_bfreezeperiod int [json:m_bFreezePeriod ] 94 | m_bgungameimmunity int [json:m_bGunGameImmunity ] 95 | m_bhasdefuser int [json:m_bHasDefuser ] 96 | m_bhashelmet int [json:m_bHasHelmet ] 97 | m_binreload int [json:m_bInReload ] 98 | m_bisdefusing int [json:m_bIsDefusing ] 99 | m_bisqueuedmatchmaking int [json:m_bIsQueuedMatchmaking ] 100 | m_bisscoped int [json:m_bIsScoped ] 101 | m_bisvalveds int [json:m_bIsValveDS ] 102 | m_bspotted int [json:m_bSpotted ] 103 | m_bspottedbymask int [json:m_bSpottedByMask ] 104 | m_bstartedarming int [json:m_bStartedArming ] 105 | m_busecustomautoexposuremax int [json:m_bUseCustomAutoExposureMax ] 106 | m_busecustomautoexposuremin int [json:m_bUseCustomAutoExposureMin ] 107 | m_busecustombloomscale int [json:m_bUseCustomBloomScale ] 108 | m_clrrender int [json:m_clrRender ] 109 | m_dwbonematrix int [json:m_dwBoneMatrix ] 110 | m_faccuracypenalty int [json:m_fAccuracyPenalty ] 111 | m_fflags int [json:m_fFlags ] 112 | m_flcblow int [json:m_flCBlow ] 113 | m_flcustomautoexposuremax int [json:m_flCustomAutoExposureMax ] 114 | m_flcustomautoexposuremin int [json:m_flCustomAutoExposureMin ] 115 | m_flcustombloomscale int [json:m_flCustomBloomScale ] 116 | m_fldefusecountdown int [json:m_flDefuseCountDown ] 117 | m_fldefuselength int [json:m_flDefuseLength ] 118 | m_flfallbackwear int [json:m_flFallbackWear ] 119 | m_flflashduration int [json:m_flFlashDuration ] 120 | m_flflashmaxalpha int [json:m_flFlashMaxAlpha ] 121 | m_fllastbonesetuptime int [json:m_flLastBoneSetupTime ] 122 | m_fllowerbodyyawtarget int [json:m_flLowerBodyYawTarget ] 123 | m_flnextattack int [json:m_flNextAttack ] 124 | m_flnextprimaryattack int [json:m_flNextPrimaryAttack ] 125 | m_flsimulationtime int [json:m_flSimulationTime ] 126 | m_fltimerlength int [json:m_flTimerLength ] 127 | m_hactiveweapon int [json:m_hActiveWeapon ] 128 | m_hmyweapons int [json:m_hMyWeapons ] 129 | m_hobservertarget int [json:m_hObserverTarget ] 130 | m_howner int [json:m_hOwner ] 131 | m_hownerentity int [json:m_hOwnerEntity ] 132 | m_iaccountid int [json:m_iAccountID ] 133 | m_iclip int [json:m_iClip ] 134 | m_icompetitiveranking int [json:m_iCompetitiveRanking ] 135 | m_icompetitivewins int [json:m_iCompetitiveWins ] 136 | m_icrosshairid int [json:m_iCrosshairId ] 137 | m_ientityquality int [json:m_iEntityQuality ] 138 | m_ifov int [json:m_iFOV ] 139 | m_ifovstart int [json:m_iFOVStart ] 140 | m_iglowindex int [json:m_iGlowIndex ] 141 | m_ihealth int [json:m_iHealth ] 142 | m_iitemdefinitionindex int [json:m_iItemDefinitionIndex ] 143 | m_iitemidhigh int [json:m_iItemIDHigh ] 144 | m_imostrecentmodelbonecounter int [json:m_iMostRecentModelBoneCounter ] 145 | m_iobservermode int [json:m_iObserverMode ] 146 | m_ishotsfired int [json:m_iShotsFired ] 147 | m_istate int [json:m_iState ] 148 | m_iteamnum int [json:m_iTeamNum ] 149 | m_lifestate int [json:m_lifeState ] 150 | m_nfallbackpaintkit int [json:m_nFallbackPaintKit ] 151 | m_nfallbackseed int [json:m_nFallbackSeed ] 152 | m_nfallbackstattrak int [json:m_nFallbackStatTrak ] 153 | m_nforcebone int [json:m_nForceBone ] 154 | m_ntickbase int [json:m_nTickBase ] 155 | m_rgflcoordinateframe int [json:m_rgflCoordinateFrame ] 156 | m_szcustomname int [json:m_szCustomName ] 157 | m_szlastplacename int [json:m_szLastPlaceName ] 158 | m_thirdpersonviewangles int [json:m_thirdPersonViewAngles ] 159 | m_vecorigin int [json:m_vecOrigin ] 160 | m_vecvelocity int [json:m_vecVelocity ] 161 | m_vecviewoffset int [json:m_vecViewOffset ] 162 | m_viewpunchangle int [json:m_viewPunchAngle ] 163 | } 164 | 165 | struct Offset { 166 | pub: 167 | timestamp i64 168 | signatures Signature 169 | netvars Netvar 170 | } 171 | 172 | struct Sig { 173 | pub: 174 | name string 175 | extra int 176 | relative bool 177 | mod_name string [json:@module] 178 | offsets []int 179 | pattern string 180 | } 181 | 182 | pub fn (s Sig) offset() int { 183 | mut ret := 0 184 | for offset in s.offsets { 185 | ret += offset 186 | } 187 | return ret 188 | } 189 | 190 | struct Sigs { 191 | pub: 192 | executable string 193 | filename string 194 | signatures []Sig 195 | } 196 | 197 | pub fn update() { 198 | println('[~] pattern scanning signatures ..') 199 | offs_json := http.get('https://raw.githubusercontent.com/frk1/hazedumper/master/csgo.json' ) or { panic(err) } 200 | sigs_json := http.get('https://raw.githubusercontent.com/frk1/hazedumper/master/config.json') or { panic(err) } 201 | 202 | offs := json.decode(Offset, offs_json.text) or { panic(err) } 203 | sigs := json.decode(Sigs, sigs_json.text) or { panic(err) } 204 | 205 | g_ntv = offs.netvars 206 | o_sgn = offs.signatures 207 | 208 | mut count := 0 209 | needed_sigs := [ 210 | 'm_bDormant' , 211 | 'dwClientState_ViewAngles', 212 | 'dwLocalPlayer' , 213 | 'dwClientState_MaxPlayer' , 214 | 'dwGlowObjectManager' , 215 | 'dwEntityList' , 216 | 'dwClientState' , 217 | 'dwForceJump' 218 | ] 219 | 220 | for sig in sigs.signatures { 221 | for needed_sig in needed_sigs { 222 | if needed_sig == sig.name { 223 | g_sgn[sig.name] = g_mem.sig_scan(sig) 224 | if g_sgn[sig.name] != -1 { 225 | count++ 226 | } 227 | } 228 | } 229 | } 230 | println('[+] found $needed_sigs.len / $count signatures') 231 | } 232 | -------------------------------------------------------------------------------- /process/process.v: -------------------------------------------------------------------------------- 1 | module process 2 | 3 | #include "TlHelp32.h" 4 | __global g_proc Process 5 | struct C.tagPROCESSENTRY32W { 6 | dwSize u64 7 | cntUsage u64 8 | th32ProcessID u64 9 | th32DefaultHeapID voidptr 10 | th32ModuleID u64 11 | cntThreads u64 12 | th32ParentProcessID u64 13 | pcPriClassBase i64 14 | dwFlags u64 15 | szExeFile charptr 16 | } 17 | 18 | struct C.tagMODULEENTRY32W { 19 | dwSize u64 20 | th32ModuleID u64 21 | th32ProcessID u64 22 | GlblcntUsage u64 23 | ProccntUsage u64 24 | modBaseAddr byteptr 25 | modBaseSize u64 26 | hModule voidptr 27 | szModule charptr 28 | szExePath charptr 29 | } 30 | 31 | fn C.OpenProcess(arg_1, arg_2 int, arg_3 u64) int 32 | fn C.CreateToolhelp32Snapshot(arg_1, arg_2 int) voidptr 33 | 34 | fn C.Process32FirstW(arg_1, arg_2 voidptr) bool 35 | fn C.Process32NextW (arg_1, arg_2 voidptr) bool 36 | 37 | fn C.Module32FirstW(arg_1, arg_2 voidptr) bool 38 | fn C.Module32NextW (arg_1, arg_2 voidptr) bool 39 | 40 | fn C.mouse_event(arg_1, arg_2, arg_3, arg_4 u64, arg_5 voidptr) 41 | 42 | pub struct Module { 43 | pub: 44 | base int 45 | size int 46 | handle int 47 | } 48 | 49 | pub struct Process { 50 | pub mut: 51 | pid u64 52 | handle int 53 | modules map[string]Module 54 | } 55 | 56 | pub fn find_pid(name string) u64 { 57 | 58 | pe32 := C.tagPROCESSENTRY32W{dwSize: sizeof(C.tagPROCESSENTRY32W)} 59 | th32 := C.CreateToolhelp32Snapshot(C.TH32CS_SNAPPROCESS, 0) 60 | 61 | if th32 == C.INVALID_HANDLE_VALUE || !C.Process32FirstW(th32, &pe32) { 62 | panic('error copying the first entry of the process list to the buffer') 63 | } 64 | for C.Process32NextW(th32, &pe32) { 65 | pname := string_from_wide(pe32.szExeFile) 66 | if pname == name { 67 | C.CloseHandle(th32) 68 | return pe32.th32ProcessID 69 | } 70 | } 71 | 72 | panic('$name is not running') 73 | } 74 | 75 | pub fn get_module_info(pid u64, module_name string) Module { 76 | me32 := C.tagMODULEENTRY32W{dwSize: sizeof(C.tagMODULEENTRY32W)} 77 | th32 := C.CreateToolhelp32Snapshot(C.TH32CS_SNAPMODULE, pid) 78 | 79 | if th32 == -1 || !C.Module32FirstW(th32, &me32) { 80 | panic('tlhelp32 error') 81 | } 82 | 83 | for C.Module32NextW(th32, &me32) { 84 | if string_from_wide(me32.szModule) == module_name { 85 | 86 | C.CloseHandle(th32) 87 | 88 | return Module{ 89 | base: int(me32.modBaseAddr) 90 | size: int(me32.modBaseSize) 91 | handle: int(me32.hModule) 92 | } 93 | } 94 | } 95 | panic('Unable to find $module_name base address') 96 | } 97 | 98 | fn load_modules(pid u64) map[string]Module { 99 | mut mods := map[string]Module{} 100 | me32 := C.tagMODULEENTRY32W{dwSize: sizeof(C.tagMODULEENTRY32W)} 101 | th32 := C.CreateToolhelp32Snapshot(C.TH32CS_SNAPMODULE, pid) 102 | if th32 == -1 || !C.Module32FirstW(th32, &me32) { 103 | panic('tlhelp32 error') 104 | } 105 | for C.Module32NextW(th32, &me32) { 106 | mod_name := string_from_wide(me32.szModule) 107 | 108 | mods[mod_name] = Module{ 109 | base: int(me32.modBaseAddr) 110 | size: int(me32.modBaseSize) 111 | handle: int(me32.hModule) 112 | } 113 | } 114 | C.CloseHandle(th32) 115 | return mods 116 | } 117 | 118 | pub fn attach(process_name string) { 119 | g_proc = Process{} 120 | g_proc.pid = find_pid(process_name) 121 | g_proc.handle = C.OpenProcess(C.PROCESS_ALL_ACCESS, 0, g_proc.pid) 122 | g_proc.modules['engine.dll' ] = get_module_info(g_proc.pid, 'engine.dll' ) 123 | g_proc.modules['client.dll' ] = get_module_info(g_proc.pid, 'client.dll' ) 124 | g_proc.modules['vstdlib.dll' ] = get_module_info(g_proc.pid, 'vstdlib.dll' ) 125 | g_proc.modules['shaderapidx9.dll'] = get_module_info(g_proc.pid, 'shaderapidx9.dll') 126 | } 127 | 128 | pub fn left_click() { 129 | C.mouse_event(MouseEventFlags.leftdown, 0, 0, 0, 0) 130 | C.Sleep(1) 131 | C.mouse_event(MouseEventFlags.leftup, 0, 0, 0, 0) 132 | } 133 | 134 | enum MouseEventFlags { 135 | leftdown = 0x00000002 136 | leftup = 0x00000004 137 | middledown = 0x00000020 138 | middleup = 0x00000040 139 | move = 0x00000001 140 | absolute = 0x00008000 141 | rightdown = 0x00000008 142 | rightup = 0x00000010 143 | wheel = 0x00000800 144 | xdown = 0x00000080 145 | xup = 0x00000100 146 | } 147 | -------------------------------------------------------------------------------- /vack.v: -------------------------------------------------------------------------------- 1 | module main 2 | 3 | import memory 4 | import process 5 | import offset 6 | import csgo 7 | 8 | import os 9 | import json 10 | 11 | 12 | // ############################################## 13 | fn wallhack(players []csgo.Player) { 14 | 15 | for player in players { 16 | if player.dormant() { continue } 17 | 18 | mut glow_t := player.get_glow() 19 | health := f32(player.health()) 20 | 21 | if player.is_enemy() { 22 | glow_t.r = f32(1 - health / 100) 23 | glow_t.g = f32(health / 100) 24 | glow_t.b = f32(0) 25 | } else { 26 | glow_t.r = f32(0.3) 27 | glow_t.g = f32(health / 100) 28 | glow_t.b = f32(1) 29 | } 30 | glow_t.a = f32(1) 31 | glow_t.when_occluded = true 32 | glow_t.when_unoccluded = false 33 | glow_t.full_bloom = false 34 | 35 | player.set_glow(glow_t) 36 | } 37 | } 38 | 39 | // ############################################## 40 | fn bunnyhop(bunnyhop Bunnyhop) { 41 | for { 42 | if !memory.is_key_down(bunnyhop.key) { 43 | continue 44 | } 45 | 46 | if g_csgo.localplayer.flag() == 257 { 47 | g_csgo.jump() 48 | } 49 | } 50 | } 51 | 52 | // ############################################## 53 | fn trigger(trigger Triggerbot) { 54 | for { 55 | if !memory.is_key_down(trigger.key) { 56 | continue 57 | } 58 | 59 | id := g_csgo.localplayer.crosshair_id() 60 | en := g_csgo.player_by_index(id) 61 | 62 | if en.is_alive() && en.is_enemy() { 63 | C.Sleep(trigger.delay) 64 | process.left_click() 65 | } 66 | } 67 | } 68 | 69 | // ############################################## 70 | fn aimbot(players []csgo.Player, aimbot Aimbot) { 71 | if !memory.is_key_down(aimbot.key) { 72 | return 73 | } 74 | 75 | vec_view := g_csgo.get_view_angles() 76 | aimpunch := g_csgo.localplayer.aimpunch() 77 | aim_from := g_csgo.localplayer.eyepos() 78 | 79 | mut fovs := []f64{} 80 | mut vecs := []csgo.Vector{} 81 | 82 | for player in players { 83 | if !player.is_spotted() { continue } 84 | 85 | aim_to := player.bone_pos(aimbot.bone) 86 | mut angle := aim_from.angle_with(aim_to) 87 | en_fov := (vec_view + aimpunch).fov_with(angle) 88 | 89 | if en_fov < aimbot.fov { 90 | fovs << en_fov 91 | vecs << angle 92 | } 93 | } 94 | 95 | mut best_fov_index := 0 96 | mut best_fov := f64(999) 97 | 98 | for i, fov in fovs { 99 | if fov < best_fov { 100 | best_fov = fov 101 | best_fov_index = i 102 | } 103 | } 104 | if best_fov != 999 { 105 | mut angle := vecs[best_fov_index] - aimpunch 106 | mut angle = angle.smooth_from(vec_view, aimbot.smooth) 107 | 108 | angle.clamp() 109 | g_csgo.set_view_angles(angle) 110 | } 111 | } 112 | 113 | // ############################################## 114 | fn main() { 115 | 116 | init() 117 | 118 | mut raw_settings := os.read_file('config.cfg') or { panic(err) } 119 | settings := json.decode(Settings, raw_settings) or { panic(err) } 120 | 121 | process.attach('csgo.exe') 122 | 123 | g_mem = memory.Memory{handle: g_proc.handle} 124 | g_csgo = csgo.Csgo{} 125 | 126 | offset.update() 127 | 128 | go trigger (settings.trigger ) 129 | go bunnyhop(settings.bunnyhop) 130 | 131 | 132 | for !memory.is_key_down(memory.Vkey.delete) { 133 | 134 | g_csgo.localplayer = g_csgo.localplayer() 135 | 136 | players := g_csgo.get_players() 137 | enemies := g_csgo.get_enemies_from(players) 138 | 139 | wallhack(players) 140 | aimbot(enemies, settings.aimbot) 141 | 142 | C.Sleep(5) 143 | } 144 | } 145 | 146 | fn init() int { 147 | 148 | if !os.exists('config.cfg') { 149 | 150 | raw_settings := '{\n\t"_NOTE": "{key} use VirtualKey Enum : check it here [https://docs.microsoft.com/en-us/uwp/api/windows.system.virtualkey]",' + 151 | '\n\n\t"_BONES": "head: 8 body: 6 right_hand: 39 left_hand: 13 right_leg: 73 left_leg: 66 right_foot: 74 left_foot: 67",' + 152 | '\n\n\t"aimbot":\n\t{\n\t\t"key": 86,\n\t\t"smooth": 10,\n\t\t"fov": 5,\n\t\t"bone": 8\n\t},' + 153 | '\n\n\t"trigger":\n\t{\n\t\t"key": 2,\n\t\t"delay": 0\n\t},' + 154 | '\n\n\t"bunnyhop":\n\t{\n\t\t"key": 32\n\t}\n}' 155 | 156 | mut file := os.create('config.cfg') or { panic(err) } 157 | 158 | file.write(raw_settings) 159 | file.close() 160 | } 161 | return 1 162 | } 163 | 164 | struct Bunnyhop { 165 | key memory.Vkey 166 | } 167 | 168 | struct Triggerbot { 169 | key memory.Vkey 170 | delay int 171 | } 172 | 173 | struct Aimbot { 174 | key memory.Vkey 175 | smooth f32 176 | fov f64 177 | bone csgo.Bone 178 | } 179 | 180 | struct Settings { 181 | aimbot Aimbot 182 | trigger Triggerbot 183 | bunnyhop Bunnyhop 184 | } 185 | --------------------------------------------------------------------------------