├── README.md ├── bin ├── Cube2Hack.jar └── GHTools.jar ├── res ├── Aimbot&ESP.gif ├── Aimbot.gif ├── ESP.gif ├── Godmode.gif ├── Rake.gif └── sauerbraten.CT └── src ├── AimbotMode.java ├── AimbotThread.java ├── Enemy.java ├── EspMode.java ├── EspThread.java ├── GameMode.java ├── GodMode.java ├── Helper.java ├── Player.java ├── Position.java ├── Position2D.java ├── RakeMode.java ├── RakeThread.java ├── Rotation.java ├── SauerbratenHack.java ├── com └── guidedhacking │ ├── GHArchitecture.java │ ├── GHInput.java │ ├── GHMemory.java │ ├── GHPointer.java │ ├── GHTools.java │ └── ObjectSizeFetcher.java └── rake.png /README.md: -------------------------------------------------------------------------------- 1 | # Sauerbraten Hack ([**Video**](https://youtu.be/NnCIeuDxbm0)) 2 | 3 | This hack is an example on how to use and what you can do with the Game Hacking Library `GHTools` 4 | 5 | It's made to be understandable and easy to adapt to other games. 6 | 7 | ## Features 8 | 9 | #### Overlay 10 | The hack makes use of JavaFx to overlay things like a menu over the Game. 11 | 12 | I used this method because it's simple and can be used on any Game to display a lot of different things. 13 | 14 | You can find some examples below. 15 | 16 | #### Godmode 17 | For the Campaign i made a simple Godmod Toggle with the following features: 18 | - Unlimited Ammo 19 | - Take No Damage 20 | - No Recoil 21 | - Ultra Rapid Fire 22 | - Deal Insane Damage 23 | 24 | ![Godmode](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/res/Godmode.gif) 25 | 26 | This is an examaple on how to do basic memory editing like reading and writing from or to memory. 27 | 28 | But this also demonstrates how to change opcodes of the binary in memory at runtime. 29 | 30 | #### Aimbot 31 | ![Aimbot](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/res/Aimbot.gif) 32 | 33 | Demonstrates how one could implement an Aimbot. 34 | 35 | #### ESP 36 | ![ESP](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/res/ESP.gif) 37 | 38 | Demonstrates how one could implement an ESP hack using the `GHTools`. 39 | 40 | The calculations are specific to OpenGL! 41 | 42 | The main point of this was to demonstrate how to draw the ESP Boxes to the JavaFX Overlay. 43 | 44 | #### Rake Mode 45 | ![Rake](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/res/Rake.gif) 46 | 47 | Since we are using JavaFX we can display all kinds of stuff to the screen. 48 | 49 | To demonstrate this i used this opportunity to honor [**Rake**](https://guidedhacking.com/members/rake.26782/). 50 | 51 | #### Multi-threaded 52 | The whole hack is object oriented and multi-threaded so one can only make use of the pieces one needs or activate different modes at the same Time. 53 | 54 | ![Aimbot&ESP](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/res/Aimbot%26ESP.gif) 55 | 56 | In this example i made a seperate mode that activates the ESP and Aimbot at the same time. 57 | 58 | ## Download 59 | If you just want to use this hack you can download a pre-compiled jar executable [**here**](https://github.com/Erarnitox/java-sauerbraten-hack/raw/master/bin/Cube2Hack.jar). 60 | 61 | # GHTools 62 | **Note:** the new repo for the Tools can be found [**here**](https://github.com/Erarnitox/GH_Tools). 63 | 64 | `GHTools` is a wrapper around [**JNA**](https://github.com/java-native-access) makes it easier to use and provides some new functionality for game hacking as well. 65 | 66 | ### Installing 67 | 68 | - To use `GHTools` you can either download it from [**here**](https://github.com/Erarnitox/java-sauerbraten-hack/raw/master/bin/GHTools.jar) and import in in your project. 69 | 70 | - Or get the source for it [**here**](https://github.com/Erarnitox/java-sauerbraten-hack/tree/master/src/com/guidedhacking). 71 | 72 | If you want to use the source you need to download and import these in your project first: 73 | 1. [**JNA**](http://repo1.maven.org/maven2/net/java/dev/jna/jna/5.1.0/jna-5.1.0.jar) 74 | 2. [**JNA Platform**](http://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.1.0/jna-platform-5.1.0.jar) 75 | 76 | For the JavaFX Overlay make sure to use `Java 1.8` or download the current version of JavaFX and import in in your project from [**here**](https://github.com/javafxports/openjdk-jfx/releases) 77 | 78 | 79 | ### Usage 80 | #### Package Overview 81 | All Classes can be found in the package `com.guidedhacking`. In this Overview we will have a brief look at its classes and their most often used methods. 82 | 83 | ##### GHArchitecture 84 | Is a pure Enum type with the following Options: 85 | - ###### Win32 86 | - ###### Win64 87 | 88 | ##### GHInput 89 | Unlike build in methods these will also work when the program is out of focus. 90 | 91 | **Methods:** 92 | 93 | - ###### boolean getKeyDown(int key) 94 | returns `true` if the key is pressed and `false` otherwise. 95 | 96 | - ###### void sendKeyPress(int key) 97 | simulate a full key press and release. 98 | 99 | - ###### void sendKeyDown(int key) 100 | simulate a key press. 101 | 102 | - ###### void sendKeyUp(int key) 103 | simulate a key release. 104 | 105 | - ###### void SetCursor(int x, int y) 106 | set the position of the cursor to the specified position. 107 | 108 | - ###### int[] getCursorPos() 109 | returns an int array whit 2 elements. where the first element is the x-coordinate and the second value is the y-coordinate of the cursor. 110 | 111 | ##### GHMemory 112 | Used to access the memory of another process. 113 | 114 | **Methods:** 115 | 116 | - ###### boolean openProcess(String windowName) 117 | Open a handle to the process with this window name to be able to access its memory. Returns `true` if it was successful and `false` otherwise. 118 | 119 | - ###### void setArchitecture(GHArchitecture architecture) 120 | Used to set the architecture to the architecture of the game to use the correct pointer size. 121 | 122 | - ###### long getObjectAddress(GHPointer staticMultiLevelPointer) 123 | calculates the runtime address from the static pointer provided. 124 | 125 | - ###### void close() 126 | Close the handle you have opened to the game. 127 | 128 | - ###### boolean isConnected() 129 | Checks if the handle to the game is still open. Will return `true` if the handle is still open and `false` if its closed. 130 | 131 | - ###### boolean readBit(long address, int position) 132 | Used to read a single bit from memory. Return `true` if its 1 or `false` if its 0. 133 | 134 | - ###### byte readByte(long address) 135 | Returns the byte that can be found at the provided address in the memory. 136 | 137 | - ###### short readShort(long address) 138 | Returns the short that can be found at the provided address in the memory. 139 | 140 | - ###### char readChar(long address) 141 | Returns the char that can be found at the provided address in the memory. 142 | 143 | - ###### int readInt(long address) 144 | Returns the int that can be found at the provided address in the memory. 145 | 146 | - ###### long readLong(long address) 147 | Returns the long that can be found at the provided address in the memory. 148 | 149 | - ###### float readFloat(long address) 150 | Returns the float that can be found at the provided address in the memory. 151 | 152 | - ###### double readDouble(long address) 153 | Returns the double that can be found at the provided address in the memory. 154 | 155 | - ###### readString(long address , int bytestoread) 156 | Returns the String that can be found at the provided address in the memory. 157 | 158 | - ###### byte[] readByteArray(long address, int bytesToRead) 159 | Returns the byte[] that starts at the provided address with the provided length. 160 | 161 | - ###### boolean writeBit(boolean data, long address, int position) 162 | Write a single bit to memory (`true` for 1 and `false` for 0) to the specified position in the byte that can be found at the specified address. 163 | Will `return` true if successful and `false` otherwise. 164 | 165 | - ###### boolean writeByte(byte data, long address) 166 | Write a single byte to the specified address in memory. 167 | Will `return` true if successful and `false` otherwise. 168 | 169 | - ###### boolean writeShort(short data, long address) 170 | Write a short to the specified address in memory. 171 | Will `return` true if successful and `false` otherwise. 172 | 173 | - ###### boolean writeChar(char data, long address) 174 | Write a single char to the specified address in memory. 175 | Will `return` true if successful and `false` otherwise. 176 | 177 | - ###### boolean writeInt(int data, long address) 178 | Write an int to the specified address in memory. 179 | Will `return` true if successful and `false` otherwise. 180 | 181 | - ###### boolean writeLong(long data, long address) 182 | Write a long to the specified address in memory. 183 | Will `return` true if successful and `false` otherwise. 184 | 185 | - ###### boolean writeFloat(float data, long address) 186 | Write a float to the specified address in memory. 187 | Will `return` true if successful and `false` otherwise. 188 | 189 | - ###### boolean writeDouble(double data, long address) 190 | Write a double to the specified address in memory. 191 | Will `return` true if successful and `false` otherwise. 192 | 193 | - ###### boolean writeString(long address,String string) 194 | Write a String to the specified address in memory. 195 | Will `return` true if successful and `false` otherwise. 196 | 197 | - ###### boolean write(byte[] data, long address) 198 | Write a byte[] to memory starting at the provided address. 199 | Will `return` true if successful and `false` otherwise. 200 | 201 | this class also provides some methods for working with objects in memory. If you are interested in them check the source of this class [here](https://github.com/Erarnitox/java-sauerbraten-hack/blob/master/src/com/guidedhacking/GHMemory.java). Please note that these methods are not tested! 202 | 203 | ##### GHPointer 204 | Used to hold information about the static pointer and the offsets of a value. 205 | 206 | **Constructor:** 207 | 208 | - ###### GHPointer(long staticPointer, int ... offsets) 209 | 210 | **Methods:** 211 | 212 | - ###### long getStaticPointer() 213 | - ###### int[] getOffsets() 214 | 215 | ##### GHTools 216 | 217 | **Methods:** 218 | 219 | - ###### boolean sleep(int time) 220 | Sleep method with exception handeling. 221 | 222 | - ###### int getGamePID() 223 | Returns the process ID of the currently opened process. 224 | 225 | - ###### boolean isGameVisible() 226 | Return `true` if the game window is visible and `false` otherwise. 227 | 228 | - ###### int getGameHeight() 229 | Returns the height of the game window in pixels. 230 | 231 | - ###### int getGameWidth() 232 | Returns the width of the game window in pixels. 233 | 234 | - ###### int getGameXPos() 235 | Returns the x-position of the upper left corner of the game window on the sreeen. 236 | 237 | - ###### int getGameYPos() 238 | Returns the y-position of the upper left corner of the game window on the sreeen. 239 | 240 | ### Getting started 241 | 242 | Once you have downloaded and imported [**GHTools**](https://github.com/Erarnitox/java-sauerbraten-hack/raw/master/bin/GHTools.jar) into your project you can get started coding your first hack for a game. 243 | 244 | here is a very simple example on how to use `GHTools` 245 | 246 | ``` 247 | //import everything from the GHTools: 248 | import com.guidedhacking.*; 249 | 250 | public class Example { 251 | 252 | //create a new pointer with the static address and offsets: 253 | private static GHPointer healthPtr = new GHPointer(0x2DEAD,0x13); 254 | 255 | public static void main(String[] args){ 256 | 257 | //try to open a handle to the game process: 258 | if(GHMemory.openProcess("Game Window Title")) { 259 | 260 | //select the architecture of the game: 261 | GHMemory.setArchitecture(GHArchitecture.Win32); 262 | 263 | //calculate the runtime address of the health value from the pointer: 264 | long healthAddy = GHMemory.getObjectAddress(healthPtr); 265 | 266 | //read the health value from the games memory: 267 | int healthValue = GHMemory.readInt(healthAddy); 268 | 269 | //increase the health value by 1: 270 | healthValue++; 271 | 272 | //write the new health value back to memory: 273 | GHMemory.writeInt(healthValue,healthAddy); 274 | 275 | }else{ //if creating a handle to the game failed 276 | System.out.println("Can not open Game!"); 277 | } 278 | } 279 | } 280 | ``` 281 | 282 | for a more in depth example please have a look at the example hack i have provided. 283 | 284 | ## Built With 285 | 286 | * [JNA](https://github.com/java-native-access) - Java Native Access 287 | 288 | ## Acknowledgments 289 | 290 | * [**Rake**](https://guidedhacking.com/members/rake.26782/) - for running [guidedhacking.com](https://guidedhacking.com/) and his great tutorials. Without him this repo would probably not exist. 291 | -------------------------------------------------------------------------------- /bin/Cube2Hack.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/bin/Cube2Hack.jar -------------------------------------------------------------------------------- /bin/GHTools.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/bin/GHTools.jar -------------------------------------------------------------------------------- /res/Aimbot&ESP.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/res/Aimbot&ESP.gif -------------------------------------------------------------------------------- /res/Aimbot.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/res/Aimbot.gif -------------------------------------------------------------------------------- /res/ESP.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/res/ESP.gif -------------------------------------------------------------------------------- /res/Godmode.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/res/Godmode.gif -------------------------------------------------------------------------------- /res/Rake.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/res/Rake.gif -------------------------------------------------------------------------------- /src/AimbotMode.java: -------------------------------------------------------------------------------- 1 | public class AimbotMode { 2 | private static boolean active = false; 3 | private static AimbotThread aimbot; 4 | 5 | public static void startAimbot(GameMode gm) { 6 | if(!active) { 7 | active = true; 8 | aimbot = new AimbotThread(gm); 9 | aimbot.start(); 10 | } 11 | } 12 | 13 | public static void stopAimbot() { 14 | if(active) { 15 | active = false; 16 | aimbot.stopAimbot(); 17 | } 18 | 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/AimbotThread.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHMemory; 2 | import com.guidedhacking.GHPointer; 3 | 4 | public class AimbotThread extends Thread{ 5 | private boolean stop = false; 6 | private GameMode gm; 7 | private final int moduleBase = Helper.moduleBase; 8 | 9 | public AimbotThread(GameMode gm) { 10 | this.gm = gm; 11 | } 12 | 13 | public void run() { 14 | while(!stop) { 15 | try { 16 | Enemy[] players = new Enemy[GHMemory.readInt(moduleBase+0x29CD3C)-1]; 17 | Player myPlayer = new Player(); 18 | GHPointer cooldownPtr = new GHPointer(moduleBase+0x216454, 0x174); 19 | GHPointer listPointer = new GHPointer(moduleBase+0x29CD34,0x4); 20 | long cooldownObj = GHMemory.getObjectAddress(cooldownPtr); 21 | long playerList = GHMemory.getObjectAddress(listPointer); 22 | boolean hasShot = false; 23 | int n= 0; 24 | 25 | float xRot; 26 | float yRot; 27 | float dist; 28 | Position enemyPos; 29 | Position playerPos; 30 | 31 | for(int i=0; i < players.length; i++) { 32 | players[i] = new Enemy((int)playerList+(i*4)); 33 | } 34 | 35 | 36 | while(players.length == (GHMemory.readInt(moduleBase+0x29CD3C)-1) && !stop) { 37 | for(int i=0; i < players.length; i++) { 38 | if(players[i].canBeSeen() && players[i].isAlive()) { 39 | if(!gm.isTeamMode || myPlayer.isEnemy(players[i])) { 40 | enemyPos = players[i].getPosition(); 41 | playerPos = myPlayer.getPosition(); 42 | 43 | while(!(hasShot || ++n > 10) && !stop){ 44 | Thread.sleep(5); 45 | //calcute x and y rotation to aim at enemy: 46 | yRot = (float) (-Math.atan2(enemyPos.x-playerPos.x,enemyPos.y-playerPos.y)/ Math.PI * 180); 47 | dist = (float) (Math.sqrt(Math.pow((enemyPos.x-playerPos.x),2)+ Math.pow((enemyPos.y-playerPos.y),2) + Math.pow((enemyPos.z-playerPos.z),2))); 48 | xRot = (float) (Math.asin((enemyPos.z - playerPos.z) / dist) * 180.0F / Math.PI); 49 | 50 | //rotate player to point at enemy: 51 | myPlayer.setRotation(xRot, yRot); 52 | 53 | //is enemy in crosshair 54 | if(GHMemory.readByte(moduleBase+0x1E587B) != (byte)90) { 55 | //shoot: 56 | myPlayer.shoot(); 57 | Thread.sleep(50); 58 | myPlayer.stopShooting(); 59 | Thread.sleep(GHMemory.readInt(cooldownObj)+50); 60 | hasShot = true; 61 | } 62 | } 63 | n = 0; 64 | hasShot = false; 65 | } 66 | } 67 | } 68 | } 69 | 70 | }catch(InterruptedException e) { 71 | //return; 72 | } 73 | } 74 | } 75 | 76 | public void stopAimbot() { 77 | stop = true; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /src/Enemy.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHMemory; 2 | import com.guidedhacking.GHPointer; 3 | 4 | public class Enemy { 5 | private GHPointer healthPtr; 6 | private GHPointer posYPtr; 7 | private GHPointer posXPtr; 8 | private GHPointer posZPtr; 9 | private GHPointer canBeSeenPtr; 10 | private GHPointer teamPtr; 11 | private int canBeSeen; 12 | private String name; 13 | 14 | public Enemy(int enemyPointer) { 15 | healthPtr = new GHPointer(enemyPointer,0x15c); 16 | posXPtr = new GHPointer(enemyPointer,0x30); 17 | posYPtr = new GHPointer(enemyPointer,0x34); 18 | posZPtr = new GHPointer(enemyPointer,0x38); 19 | canBeSeenPtr = new GHPointer(enemyPointer,0x570); 20 | teamPtr = new GHPointer(enemyPointer,0x354); 21 | canBeSeen = (int)GHMemory.getObjectAddress(canBeSeenPtr); 22 | GHPointer namePtr = new GHPointer(enemyPointer,0x458); 23 | name = GHMemory.readString(GHMemory.getObjectAddress(namePtr), 4); 24 | } 25 | 26 | public Position getPosition() { 27 | float x = GHMemory.readFloat(GHMemory.getObjectAddress(posXPtr)); 28 | float y = GHMemory.readFloat(GHMemory.getObjectAddress(posYPtr)); 29 | float z = GHMemory.readFloat(GHMemory.getObjectAddress(posZPtr)); 30 | 31 | return new Position(x,y,z); 32 | } 33 | 34 | public void setPosition(Position pos) { 35 | setPosition(pos.x, pos.y, pos.z); 36 | } 37 | 38 | public void setPosition(float x, float y, float z) { 39 | GHMemory.writeFloat(x,GHMemory.getObjectAddress(posXPtr)); 40 | GHMemory.writeFloat(y,GHMemory.getObjectAddress(posYPtr)); 41 | GHMemory.writeFloat(z,GHMemory.getObjectAddress(posZPtr)); 42 | } 43 | 44 | public int getHealth() { 45 | return GHMemory.readInt(GHMemory.getObjectAddress(healthPtr)); 46 | } 47 | public boolean isAlive() { 48 | return (getHealth()>0 && getHealth()<1000); 49 | } 50 | 51 | public boolean canBeSeen() { 52 | return (GHMemory.readByte(canBeSeen)> 0); 53 | } 54 | 55 | public String getTeam() { 56 | return GHMemory.readString(GHMemory.getObjectAddress(teamPtr),5); 57 | } 58 | public String getName() { 59 | return name; 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /src/EspMode.java: -------------------------------------------------------------------------------- 1 | public class EspMode { 2 | private static boolean active = false; 3 | private static EspThread esp; 4 | 5 | public static void startEsp(GameMode gm) { 6 | if(!active) { 7 | active = true; 8 | esp = new EspThread(gm); 9 | esp.start(); 10 | } 11 | } 12 | 13 | public static void stopEsp() { 14 | if(active) { 15 | active = false; 16 | esp.stopEsp(); 17 | } 18 | 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/EspThread.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHMemory; 2 | import com.guidedhacking.GHPointer; 3 | import com.guidedhacking.GHTools; 4 | import javafx.animation.AnimationTimer; 5 | import javafx.scene.layout.Pane; 6 | import javafx.scene.paint.Color; 7 | import javafx.scene.shape.Rectangle; 8 | 9 | public class EspThread extends AnimationTimer { 10 | private GameMode gm; 11 | private boolean stop = false; 12 | private static Pane EspOverlay; 13 | private boolean initialized = false; 14 | private Enemy[] players; 15 | private final int moduleBase = Helper.moduleBase; 16 | 17 | Rectangle[] EspBoxes; 18 | GHPointer listPointer; 19 | long playerList; 20 | Player myPlayer; 21 | Position enemyWorldPos; 22 | Position2D enemyScreenPos; 23 | 24 | public EspThread(GameMode gm) { 25 | this.gm = gm; 26 | } 27 | 28 | public void stopEsp() { 29 | stop = true; 30 | for(Rectangle r : EspBoxes){ 31 | if(r != null) 32 | r.setVisible(false); 33 | } 34 | } 35 | 36 | @Override 37 | public void handle(long now) { 38 | if(!stop) { 39 | try { 40 | if(!initialized){ 41 | EspOverlay = SauerbratenHack.pane; 42 | //EspOverlay.getChildren().add(new Rectangle (25, 25, Color.RED)); 43 | players = new Enemy[GHMemory.readInt(moduleBase+0x29CD3C)-1]; 44 | EspBoxes = new Rectangle[players.length]; 45 | 46 | listPointer = new GHPointer(moduleBase+0x29CD34,0x4); 47 | playerList = GHMemory.getObjectAddress(listPointer); 48 | myPlayer = new Player(); 49 | enemyScreenPos = new Position2D(0,0); 50 | 51 | for(int i=0; i < players.length; i++) { 52 | players[i] = new Enemy((int)playerList+(i*4)); 53 | if(!gm.isTeamMode || myPlayer.isEnemy(players[i])) { 54 | EspBoxes[i] = new Rectangle (25, 25, Color.TRANSPARENT); 55 | EspBoxes[i].setStroke(Color.RED); 56 | EspOverlay.getChildren().add(EspBoxes[i]); 57 | } 58 | } 59 | initialized = true; 60 | } 61 | 62 | if(players.length == (GHMemory.readInt(moduleBase+0x29CD3C)-1) && !stop) { 63 | for(int i=0; i < players.length; i++) { 64 | if(stop) { 65 | break; 66 | } 67 | 68 | if(!gm.isTeamMode || myPlayer.isEnemy(players[i])) { 69 | enemyWorldPos = players[i].getPosition(); 70 | enemyWorldPos.z -= 8; 71 | 72 | if(players[i].isAlive() && Helper.WorldToScreen(enemyWorldPos, enemyScreenPos, GHTools.getGameWidth(), GHTools.getGameHeight()) && !stop){ 73 | if(enemyScreenPos.x > 0 && enemyScreenPos.y > 0) { 74 | EspBoxes[i].setVisible(true); 75 | float dist = myPlayer.getDistance(enemyWorldPos); 76 | EspBoxes[i].setHeight(8000/dist); 77 | EspBoxes[i].setWidth(5000/dist); 78 | EspBoxes[i].setX(enemyScreenPos.x-(EspBoxes[i].getWidth()/2)); 79 | EspBoxes[i].setY(enemyScreenPos.y-(EspBoxes[i].getHeight()/2)); 80 | } 81 | }else{ 82 | EspBoxes[i].setVisible(false); 83 | } 84 | } 85 | 86 | } 87 | } 88 | } 89 | catch(Exception e) { 90 | //exception handeling 91 | } 92 | } 93 | } 94 | } 95 | -------------------------------------------------------------------------------- /src/GameMode.java: -------------------------------------------------------------------------------- 1 | public enum GameMode { 2 | FFA((byte)0,false),CoopEdit((byte)1,false),TeamPlay((byte)2,true),Instagib((byte)3,false),InstagibTeam((byte)4,true),Efficiency((byte)5,false),EfficiencyTeam((byte)6,true), 3 | Tactics((byte)7,false), TacticsTeam((byte)8,true), Capture((byte)9,false), RegenCapture((byte)10,true), CTF((byte)11,true), InstaCTF((byte)12,true), EfficencyCTF((byte)17,true), 4 | Protect((byte)13,true), InstaProtect((byte)14,true), EfficiencyProtect((byte)18,true), Hold((byte)15,true), InstaHold((byte)16,true), EfficiencyHold((byte)19,true), 5 | Collect((byte)20, true), InstaCollect((byte)21, true), EfficiencyCollect((byte)22, true), MainMenu((byte)255, false), Invasion((byte)254, false), Campaign((byte)253, false); 6 | 7 | public final byte value; 8 | public final boolean isTeamMode; 9 | 10 | GameMode(byte value, boolean teamMode){ 11 | this.value = value; 12 | this.isTeamMode = teamMode; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/GodMode.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.*; 2 | 3 | public class GodMode { 4 | private static final int moduleBase = Helper.moduleBase; 5 | private static Player player = new Player(); 6 | private static int bkpHealth; 7 | private static int bkpPistolAmmo; 8 | private static int bkpRifleAmmo; 9 | private static int bkpRPGAmmo; 10 | private static int bkpChainSawAmmo; 11 | private static int bkpShotgunAmmo; 12 | private static int bkpGrenadeAmmo; 13 | private static int bkpMinigunAmmo; 14 | private static byte bkpAmmoDecOpcode; 15 | private static byte[] bkpHealthDecOpcodes; 16 | private static byte[] bkpCooldownOpcodes; 17 | private static byte[] bkpQuadOpcodes; 18 | private static byte[] bkpDamageOpcodes; 19 | 20 | private static boolean active = false; 21 | 22 | public static void activateGodMode() { 23 | if(!active) { 24 | active = true; 25 | 26 | //back up values: 27 | bkpHealth = player.getHealth(); 28 | 29 | bkpRifleAmmo = player.getRifleAmmo(); 30 | bkpPistolAmmo = player.getPistolAmmo(); 31 | bkpRPGAmmo = player.getRPGAmmo(); 32 | bkpShotgunAmmo = player.getShotgunAmmo(); 33 | bkpGrenadeAmmo = player.getGrenadeAmmo(); 34 | bkpMinigunAmmo = player.getMinigunAmmo(); 35 | bkpChainSawAmmo = player.getChainsawAmmo(); 36 | 37 | //set new values: 38 | player.setChainsawAmmo(69); 39 | player.setHealth(666); 40 | player.setMinigunAmmo(1337); 41 | player.setPistolAmmo(88); 42 | player.setShotgunAmmo(42); 43 | player.setGrenadeAmmo(1997); 44 | player.setRifleAmmo(80085); 45 | player.setRPGAmmo(31337); 46 | 47 | //set other: 48 | player.activateQuadDamage(); 49 | player.setShieldValue(101); 50 | 51 | //back opcodes: 52 | bkpAmmoDecOpcode = GHMemory.readByte(moduleBase+0x18EAD6); 53 | bkpDamageOpcodes = GHMemory.readByteArray(moduleBase+0x858B1, 7); 54 | bkpHealthDecOpcodes = GHMemory.readByteArray(moduleBase+0x17EE51, 6); 55 | bkpCooldownOpcodes = GHMemory.readByteArray(moduleBase+0x18EE37, 6); 56 | bkpQuadOpcodes = GHMemory.readByteArray(moduleBase+0x17CE9F, 6); 57 | 58 | 59 | //set new opcodes 60 | GHMemory.writeByte((byte)0x90, moduleBase+0x18EAD6);//ammo dec 61 | GHMemory.write(new byte[] {(byte)0xBE,(byte)0x39,(byte)0x05,(byte)0x09,(byte)0x00,(byte)0x90,(byte)0x90}, moduleBase+0x858B1);//leet damage 62 | GHMemory.write(new byte[] {(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90}, moduleBase+0x18EE37); //ultra rapid fire 63 | GHMemory.write(new byte[] {(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90}, moduleBase+0x17EE51); //health dec 64 | GHMemory.write(new byte[] {(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90,(byte)0x90}, moduleBase+0x17CE9F); //quad dec 65 | GHMemory.writeByte((byte)0x14, moduleBase+0x18EB7C);//load addy with 0 in kickback 66 | } 67 | } 68 | 69 | public static void deActivateGodMode() { 70 | if(active) { 71 | active = false; 72 | //reset old values: 73 | player.setChainsawAmmo(bkpChainSawAmmo); 74 | player.setHealth(bkpHealth); 75 | player.setMinigunAmmo(bkpMinigunAmmo); 76 | player.setPistolAmmo(bkpPistolAmmo); 77 | player.setShotgunAmmo(bkpShotgunAmmo); 78 | player.setGrenadeAmmo(bkpGrenadeAmmo); 79 | player.setRifleAmmo(bkpRifleAmmo); 80 | player.setRPGAmmo(bkpRPGAmmo); 81 | 82 | //set other: 83 | player.deActivateQuadDamage(); 84 | player.setShieldValue(0); 85 | 86 | //reset old opcodes 87 | GHMemory.writeByte(bkpAmmoDecOpcode, moduleBase+0x18EAD6);//ammo 88 | GHMemory.write(bkpDamageOpcodes, moduleBase+0x858B1); //damage 89 | GHMemory.write(bkpCooldownOpcodes, moduleBase+0x18EE37); //ultra rapid fire 90 | GHMemory.write(bkpHealthDecOpcodes, moduleBase+0x17EE51); //health dec 91 | GHMemory.write(bkpQuadOpcodes, moduleBase+0x17CE9F); //quad dec 92 | GHMemory.writeByte((byte)0x10, moduleBase+0x18EB7C); //load addy with kickback force 93 | } 94 | } 95 | 96 | } 97 | -------------------------------------------------------------------------------- /src/Helper.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHMemory; 2 | 3 | public class Helper { 4 | public static final int moduleBase = 0x1330000; 5 | public static boolean WorldToScreen(Position worldPos, Position2D screenPos, int windowWidth, int windowHeight) { 6 | float[] matrix = new float[16]; 7 | 8 | //load in view matrix: 9 | for(int i=0; i<16; i++) { 10 | matrix[i] = GHMemory.readFloat(moduleBase+0x297AF0+(i*0x4)); 11 | } 12 | 13 | float x = worldPos.x*matrix[0] + worldPos.y*matrix[4] + worldPos.z*matrix[8] + matrix[12]; 14 | float y = worldPos.x*matrix[1] + worldPos.y*matrix[5] + worldPos.z*matrix[9] + matrix[13]; 15 | float w = worldPos.x*matrix[3] + worldPos.y*matrix[7] + worldPos.z*matrix[11] + matrix[15]; 16 | 17 | if (w < 0.1f) { 18 | return false; 19 | } 20 | 21 | else { 22 | x /= w; 23 | y /= w; 24 | screenPos.x = (windowWidth / 2 * x) + (x + windowWidth / 2); 25 | screenPos.y = -(windowHeight / 2 * y) + (y + windowHeight / 2); 26 | return true; 27 | } 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/Player.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.*; 2 | 3 | public class Player{ 4 | 5 | private final int moduleBase = Helper.moduleBase; 6 | 7 | //General Info: 8 | private GHPointer teamPtr = new GHPointer(moduleBase+0x216454,0x354); 9 | private GHPointer healthPtr = new GHPointer(moduleBase+0x216454,0x15c); 10 | 11 | private GHPointer shieldOnePtr = new GHPointer(moduleBase+0x216454,0x168); 12 | private GHPointer shieldTwoPtr = new GHPointer(moduleBase+0x216454,0x164); 13 | private GHPointer shieldThreePtr = new GHPointer(moduleBase+0x216454,0x160); 14 | 15 | private GHPointer posXPtr = new GHPointer(moduleBase+0x216454,0x30); 16 | private GHPointer posYPtr = new GHPointer(moduleBase+0x216454,0x34); 17 | private GHPointer posZPtr = new GHPointer(moduleBase+0x216454,0x38); 18 | 19 | private GHPointer rotXPtr = new GHPointer(moduleBase+0x216454, 0x40); 20 | private GHPointer rotYPtr = new GHPointer(moduleBase+0x216454, 0x3c); 21 | 22 | //Weapon Ammo: 23 | private GHPointer chainSawAmmoPtr = new GHPointer(moduleBase+0x216454,0x178); 24 | private GHPointer shotGunAmmoPtr = new GHPointer(moduleBase+0x216454,0x17C); 25 | private GHPointer miniGunAmmoPtr = new GHPointer(moduleBase+0x216454,0x180); 26 | private GHPointer rpgAmmoPtr = new GHPointer(moduleBase+0x216454,0x184); 27 | private GHPointer huntingRifleAmmoPtr = new GHPointer(moduleBase+0x216454,0x188); 28 | private GHPointer grenadeAmmoPtr = new GHPointer(moduleBase+0x216454,0x18C); 29 | private GHPointer pistolAmmoPtr = new GHPointer(moduleBase+0x216454,0x190); 30 | 31 | //Misc: 32 | private GHPointer weaponCooldownPtr = new GHPointer(moduleBase+0x216454,0x174); 33 | private GHPointer quadDamagePtr = new GHPointer(moduleBase+0x216454,0x16C); 34 | private GHPointer isShooting = new GHPointer(moduleBase+0x216454,0x1E0); 35 | 36 | 37 | public Position getPosition() { 38 | float x = GHMemory.readFloat(GHMemory.getObjectAddress(posXPtr)); 39 | float y = GHMemory.readFloat(GHMemory.getObjectAddress(posYPtr)); 40 | float z = GHMemory.readFloat(GHMemory.getObjectAddress(posZPtr)); 41 | 42 | return new Position(x,y,z); 43 | } 44 | 45 | public float getDistance(Position x){ 46 | Position here = this.getPosition(); 47 | return (float) Math.sqrt(Math.pow((here.x-x.x),2) + Math.pow((here.y-x.y),2) + Math.pow((here.z-x.z),2)); 48 | } 49 | 50 | public void setPosition(Position pos) { 51 | setPosition(pos.x, pos.y, pos.z); 52 | } 53 | 54 | public void setPosition(float x, float y, float z) { 55 | GHMemory.writeFloat(x,GHMemory.getObjectAddress(posXPtr)); 56 | GHMemory.writeFloat(y,GHMemory.getObjectAddress(posYPtr)); 57 | GHMemory.writeFloat(z,GHMemory.getObjectAddress(posZPtr)); 58 | } 59 | 60 | public Rotation getRotation() { 61 | float x = GHMemory.readFloat(GHMemory.getObjectAddress(rotXPtr)); 62 | float y = GHMemory.readFloat(GHMemory.getObjectAddress(rotYPtr)); 63 | 64 | return new Rotation(x,y); 65 | } 66 | 67 | public void setRotation(Rotation rot) { 68 | setRotation(rot.x, rot.y); 69 | } 70 | 71 | public void setRotation(float x, float y) { 72 | GHMemory.writeFloat(x,GHMemory.getObjectAddress(rotXPtr)); 73 | GHMemory.writeFloat(y,GHMemory.getObjectAddress(rotYPtr)); 74 | } 75 | 76 | public int getHealth() { 77 | return GHMemory.readInt(GHMemory.getObjectAddress(healthPtr)); 78 | } 79 | 80 | public void setHealth(int health) { 81 | GHMemory.writeInt(health,GHMemory.getObjectAddress(healthPtr)); 82 | } 83 | 84 | public int getPistolAmmo() { 85 | return GHMemory.readInt(GHMemory.getObjectAddress(pistolAmmoPtr)); 86 | } 87 | 88 | public int getRPGAmmo() { 89 | return GHMemory.readInt(GHMemory.getObjectAddress(rpgAmmoPtr)); 90 | } 91 | 92 | public int getChainsawAmmo() { 93 | return GHMemory.readInt(GHMemory.getObjectAddress(chainSawAmmoPtr)); 94 | } 95 | 96 | public int getRifleAmmo() { 97 | return GHMemory.readInt(GHMemory.getObjectAddress(huntingRifleAmmoPtr)); 98 | } 99 | 100 | public int getShotgunAmmo() { 101 | return GHMemory.readInt(GHMemory.getObjectAddress(shotGunAmmoPtr)); 102 | } 103 | 104 | public int getMinigunAmmo() { 105 | return GHMemory.readInt(GHMemory.getObjectAddress(miniGunAmmoPtr)); 106 | } 107 | 108 | public int getGrenadeAmmo() { 109 | return GHMemory.readInt(GHMemory.getObjectAddress(grenadeAmmoPtr)); 110 | } 111 | 112 | public void setPistolAmmo(int ammo) { 113 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(pistolAmmoPtr)); 114 | } 115 | 116 | public void setRPGAmmo(int ammo) { 117 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(rpgAmmoPtr)); 118 | } 119 | 120 | public void setChainsawAmmo(int ammo) { 121 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(chainSawAmmoPtr)); 122 | } 123 | 124 | public void setRifleAmmo(int ammo) { 125 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(huntingRifleAmmoPtr)); 126 | } 127 | 128 | public void setShotgunAmmo(int ammo) { 129 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(shotGunAmmoPtr)); 130 | } 131 | 132 | public void setMinigunAmmo(int ammo) { 133 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(miniGunAmmoPtr)); 134 | } 135 | 136 | public void setGrenadeAmmo(int ammo) { 137 | GHMemory.writeInt(ammo,GHMemory.getObjectAddress(grenadeAmmoPtr)); 138 | } 139 | 140 | public void resetCooldwon() { 141 | GHMemory.writeInt(0,GHMemory.getObjectAddress(weaponCooldownPtr)); 142 | } 143 | 144 | public void activateQuadDamage() { 145 | GHMemory.writeInt(Integer.MAX_VALUE,GHMemory.getObjectAddress(quadDamagePtr)); 146 | } 147 | 148 | public void deActivateQuadDamage() { 149 | GHMemory.writeInt(0,GHMemory.getObjectAddress(quadDamagePtr)); 150 | } 151 | 152 | public void shoot() { 153 | GHMemory.writeByte((byte)1, GHMemory.getObjectAddress(isShooting)); 154 | } 155 | 156 | public void stopShooting() { 157 | GHMemory.writeByte((byte)0, GHMemory.getObjectAddress(isShooting)); 158 | } 159 | 160 | public void setShieldValue(int shield) { 161 | GHMemory.writeInt(shield,GHMemory.getObjectAddress(shieldOnePtr)); 162 | GHMemory.writeInt(shield,GHMemory.getObjectAddress(shieldTwoPtr)); 163 | GHMemory.writeInt(shield,GHMemory.getObjectAddress(shieldThreePtr)); 164 | } 165 | 166 | public String getTeam() { 167 | return GHMemory.readString(GHMemory.getObjectAddress(teamPtr),5); 168 | } 169 | 170 | public boolean isEnemy(Enemy player) { 171 | return !(getTeam().contains(player.getTeam())); 172 | } 173 | 174 | } 175 | -------------------------------------------------------------------------------- /src/Position.java: -------------------------------------------------------------------------------- 1 | public class Position { 2 | public float x; 3 | public float y; 4 | public float z; 5 | 6 | public Position(float x, float y, float z) { 7 | this.x = x; 8 | this.y = y; 9 | this.z = z; 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/Position2D.java: -------------------------------------------------------------------------------- 1 | public class Position2D { 2 | public float x; 3 | public float y; 4 | 5 | public Position2D(float x, float y) { 6 | this.x = x; 7 | this.y = y; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/RakeMode.java: -------------------------------------------------------------------------------- 1 | public class RakeMode { 2 | private static boolean active = false; 3 | private static RakeThread rake; 4 | 5 | public static void startRake() { 6 | if(!active) { 7 | active = true; 8 | rake = new RakeThread(); 9 | rake.start(); 10 | } 11 | } 12 | 13 | public static void stopRake() { 14 | if(active) { 15 | active = false; 16 | rake.stopRake(); 17 | } 18 | 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/RakeThread.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHMemory; 2 | import com.guidedhacking.GHPointer; 3 | import com.guidedhacking.GHTools; 4 | import javafx.animation.AnimationTimer; 5 | import javafx.scene.image.Image; 6 | import javafx.scene.image.ImageView; 7 | import javafx.scene.layout.Pane; 8 | 9 | public class RakeThread extends AnimationTimer { 10 | private boolean stop = false; 11 | private static Pane EspOverlay; 12 | private boolean initialized = false; 13 | private Enemy[] players; 14 | private final int moduleBase = 0x1330000; 15 | private int[] c; 16 | 17 | ImageView[] RakeFaces; 18 | GHPointer listPointer; 19 | long playerList; 20 | Player myPlayer; 21 | Position enemyWorldPos; 22 | Position2D enemyScreenPos; 23 | 24 | public void stopRake() { 25 | stop = true; 26 | for(ImageView i : RakeFaces){ 27 | if(i != null) 28 | i.setVisible(false); 29 | } 30 | } 31 | 32 | @Override 33 | public void handle(long now) { 34 | if(!stop) { 35 | try { 36 | if(!initialized){ 37 | EspOverlay = SauerbratenHack.pane; 38 | Image rakeFace = new Image("rake.png"); 39 | players = new Enemy[GHMemory.readInt(moduleBase+0x29CD3C)-1]; 40 | RakeFaces = new ImageView[players.length]; 41 | 42 | listPointer = new GHPointer(moduleBase+0x29CD34,0x4); 43 | playerList = GHMemory.getObjectAddress(listPointer); 44 | myPlayer = new Player(); 45 | enemyScreenPos = new Position2D(0,0); 46 | c = new int[players.length]; 47 | 48 | for(int i=0; i < players.length; i++) { 49 | players[i] = new Enemy((int)playerList+(i*4)); 50 | c[i] = 50; 51 | 52 | RakeFaces[i] = new ImageView (rakeFace); 53 | EspOverlay.getChildren().add(RakeFaces[i]); 54 | 55 | } 56 | initialized = true; 57 | } 58 | 59 | if(players.length == (GHMemory.readInt(moduleBase+0x29CD3C)-1) && !stop) { 60 | for(int i=0; i < players.length; i++) { 61 | if(stop) { 62 | break; 63 | } 64 | 65 | if(players[i].canBeSeen()) { 66 | c[i]=0; 67 | enemyWorldPos = players[i].getPosition(); 68 | enemyWorldPos.z -= 3; 69 | 70 | if(players[i].isAlive() && Helper.WorldToScreen(enemyWorldPos, enemyScreenPos, GHTools.getGameWidth(), GHTools.getGameHeight()) && !stop){ 71 | if(enemyScreenPos.x > 0 && enemyScreenPos.y > 0) { 72 | RakeFaces[i].setVisible(true); 73 | float dist = myPlayer.getDistance(enemyWorldPos); 74 | RakeFaces[i].setFitHeight(2000/dist); 75 | RakeFaces[i].setFitWidth(2000/dist); 76 | RakeFaces[i].setX(enemyScreenPos.x-(RakeFaces[i].getFitWidth()/2)); 77 | RakeFaces[i].setY(enemyScreenPos.y-(RakeFaces[i].getFitHeight()/2)); 78 | } 79 | }else{ 80 | RakeFaces[i].setVisible(false); 81 | } 82 | }else{ 83 | c[i]++; 84 | if(c[i] > 50){ 85 | RakeFaces[i].setVisible(false); 86 | c[i]=0; 87 | } 88 | } 89 | } 90 | } 91 | } 92 | catch(Exception e) { 93 | //exception handeling 94 | } 95 | } 96 | } 97 | } 98 | -------------------------------------------------------------------------------- /src/Rotation.java: -------------------------------------------------------------------------------- 1 | public class Rotation { 2 | public float x; 3 | public float y; 4 | 5 | public Rotation(float x, float y) { 6 | this.x = x; 7 | this.y = y; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/SauerbratenHack.java: -------------------------------------------------------------------------------- 1 | import com.guidedhacking.GHArchitecture; 2 | import com.guidedhacking.GHInput; 3 | import com.guidedhacking.GHMemory; 4 | import com.guidedhacking.GHTools; 5 | import com.sun.glass.events.KeyEvent; 6 | 7 | import javafx.animation.AnimationTimer; 8 | import javafx.application.Application; 9 | import javafx.application.Platform; 10 | import javafx.scene.Scene; 11 | import javafx.scene.control.Label; 12 | import javafx.scene.layout.Pane; 13 | import javafx.scene.paint.Color; 14 | import javafx.stage.Stage; 15 | import javafx.stage.StageStyle; 16 | 17 | 18 | public class SauerbratenHack extends Application{ 19 | private static boolean redraw = true; 20 | private static byte gmValue = 99; 21 | private static GameMode gameMode; 22 | private final int moduleBase = Helper.moduleBase; 23 | 24 | private static boolean godmode = false; 25 | private static boolean esp = false; 26 | private static boolean aimbot = false; 27 | private static boolean rakeMode = false; 28 | 29 | private static Label header; 30 | private static Label line1; 31 | private static Label line2; 32 | private static Label exit; 33 | private static Label mode; 34 | 35 | private static boolean attached = false; 36 | static Stage stage; 37 | protected static Pane pane; 38 | 39 | public static void main(String[] args){ 40 | try{ 41 | if(GHMemory.openProcess("Cube 2: Sauerbraten")) { 42 | attached = true; 43 | GHMemory.setArchitecture(GHArchitecture.Win32); 44 | launch(args); 45 | } 46 | } catch(Exception e){ 47 | 48 | } 49 | } 50 | 51 | //deactivate all cheats 52 | public static void deactivate() { 53 | if(godmode) { 54 | godmode = false; 55 | GodMode.deActivateGodMode(); 56 | } 57 | 58 | if(aimbot) { 59 | aimbot = false; 60 | AimbotMode.stopAimbot(); 61 | } 62 | 63 | if(esp) { 64 | esp = false; 65 | EspMode.stopEsp(); 66 | } 67 | 68 | if(rakeMode) { 69 | rakeMode = false; 70 | RakeMode.stopRake(); 71 | } 72 | } 73 | 74 | @Override 75 | public void stop(){ 76 | //clean up: 77 | deactivate(); 78 | GHMemory.close(); 79 | stage.close(); 80 | System.exit(0); 81 | } 82 | 83 | @SuppressWarnings("static-access") 84 | @Override 85 | public void start(Stage primaryStage) throws Exception { 86 | if(attached){ 87 | this.stage = primaryStage; 88 | pane = new Pane(); 89 | Scene scene = new Scene(pane, GHTools.getGameWidth(), GHTools.getGameHeight()); 90 | System.out.println((GHTools.getGameWidth()-6)+"x"+(GHTools.getGameHeight()-31)); 91 | primaryStage.setTitle("MENU_OVERLAY"); 92 | 93 | primaryStage.initStyle(StageStyle.TRANSPARENT); 94 | scene.setFill(Color.TRANSPARENT); 95 | pane.setStyle("-fx-background-color: rgba(255, 255, 255, 0);"); 96 | primaryStage.setAlwaysOnTop(true); 97 | 98 | 99 | header = new Label("<>"); 100 | line1 = new Label("visit us:"); 101 | line2 = new Label("guidedhacking.com"); 102 | exit = new Label("Exit [X]"); 103 | mode = new Label("MODE: NORMAL"); 104 | 105 | pane.getChildren().add(header); 106 | pane.getChildren().add(line1); 107 | pane.getChildren().add(line2); 108 | pane.getChildren().add(exit); 109 | pane.getChildren().add(mode); 110 | 111 | header.setLayoutX(30); 112 | line1.setLayoutX(30); 113 | line2.setLayoutX(30); 114 | exit.setLayoutX(30); 115 | mode.setLayoutX(30); 116 | 117 | header.setLayoutY(30); 118 | line1.setLayoutY(60); 119 | line2.setLayoutY(90); 120 | exit.setLayoutY(120); 121 | mode.setLayoutY(150); 122 | 123 | header.setTextFill(Color.ALICEBLUE); 124 | line1.setTextFill(Color.ORANGE); 125 | line2.setTextFill(Color.ORANGE); 126 | exit.setTextFill(Color.RED); 127 | mode.setTextFill(Color.GREEN); 128 | 129 | primaryStage.setX(GHTools.getGameXPos()); 130 | primaryStage.setY(GHTools.getGameYPos()); 131 | primaryStage.setScene(scene); 132 | primaryStage.sizeToScene(); 133 | primaryStage.show(); 134 | 135 | AnimationTimer updater = new AnimationTimer(){ 136 | @Override 137 | public void handle(long arg0) { 138 | if(attached) { 139 | //check if Game Mode changed: 140 | if(gmValue != GHMemory.readByte(moduleBase+0x1E5C38) && gmValue != GHMemory.readByte(moduleBase+0x1E5C28)) { 141 | gmValue = GHMemory.readByte(moduleBase+0x1E5C28); 142 | mode.setText("MODE: NORMAL"); 143 | deactivate(); 144 | redraw = true; 145 | } 146 | 147 | 148 | stage.setX(GHTools.getGameXPos()); 149 | stage.setY(GHTools.getGameYPos()); 150 | 151 | //Update: 152 | if(redraw) { 153 | //check the GameMode: 154 | switch(gmValue) { 155 | case (byte)255: 156 | gameMode = GameMode.MainMenu; 157 | header.setText("<>"); 158 | line1.setText("visit us:"); 159 | line2.setText("guidedhacking.com"); 160 | break; 161 | case (byte)254: 162 | gameMode = GameMode.Invasion; 163 | header.setText("Invasion Menu:"); 164 | line1.setText("God Mode [V]"); 165 | line2.setText("Reset [C]"); 166 | break; 167 | case (byte)253: 168 | gameMode = GameMode.Campaign; 169 | header.setText("Campaign Menu:"); 170 | line1.setText("God Mode [V]"); 171 | line2.setText("Reset [C]"); 172 | break; 173 | case (byte)22: 174 | gameMode = GameMode.EfficiencyCollect; 175 | header.setText("Efficiency Collect:"); 176 | line1.setText("Rake Mode [V]"); 177 | line2.setText("Reset [C]"); 178 | break; 179 | case (byte)21: 180 | gameMode = GameMode.InstaCollect; 181 | header.setText("InstaCollect:"); 182 | line1.setText("Aimbot[V]"); 183 | line2.setText("Reset [C]"); 184 | break; 185 | case (byte)20: 186 | gameMode = GameMode.Collect; 187 | header.setText("Collect:"); 188 | line1.setText("Aimbot[V]"); 189 | line2.setText("Reset [C]"); 190 | break; 191 | case (byte)19: 192 | gameMode = GameMode.EfficiencyHold; 193 | header.setText("EfficiencyHold:"); 194 | line1.setText("Aimbot[V]"); 195 | line2.setText("Reset [C]"); 196 | break; 197 | case (byte)18: 198 | gameMode = GameMode.EfficiencyCollect; 199 | header.setText("EfficenecyCollect:"); 200 | line1.setText("Aimbot[V]"); 201 | line2.setText("Reset [C]"); 202 | break; 203 | case (byte)17: 204 | gameMode = GameMode.EfficencyCTF; 205 | header.setText("EfficiencyCTF:"); 206 | line1.setText("Aimbot[V]"); 207 | line2.setText("Reset [C]"); 208 | break; 209 | case (byte)16: 210 | gameMode = GameMode.InstaHold; 211 | header.setText("InstaHODL!:"); 212 | line1.setText("ESP[V]"); 213 | line2.setText("Reset [C]"); 214 | break; 215 | case (byte)15: 216 | gameMode = GameMode.Hold; 217 | header.setText("Hold:"); 218 | line1.setText("Aimbot[V]"); 219 | line2.setText("Reset [C]"); 220 | break; 221 | case (byte)14: 222 | gameMode = GameMode.InstaProtect; 223 | header.setText("InstaProtect:"); 224 | line1.setText("Aimbot[V]"); 225 | line2.setText("Reset [C]"); 226 | break; 227 | case (byte)13: 228 | gameMode = GameMode.Protect; 229 | header.setText("Protect:"); 230 | line1.setText("Aimbot[V]"); 231 | line2.setText("Reset [C]"); 232 | break; 233 | case (byte)12: 234 | gameMode = GameMode.InstaCTF; 235 | header.setText("InstaCTF"); 236 | line1.setText("Aimbot & ESP[V]"); 237 | line2.setText("Reset [C]"); 238 | break; 239 | case (byte)11: 240 | gameMode = GameMode.CTF; 241 | header.setText("CTF:"); 242 | line1.setText("Aimbot & ESP[V]"); 243 | line2.setText("Return to Home [C]"); 244 | break; 245 | case (byte)10: 246 | gameMode = GameMode.RegenCapture; 247 | header.setText("RegenCapture"); 248 | line1.setText("Aimbot & ESP[V]"); 249 | line2.setText("Return to Home [C]"); 250 | break; 251 | case (byte)9: 252 | gameMode = GameMode.Capture; 253 | header.setText("Capture:"); 254 | line1.setText("Aimbot & ESPx[V]"); 255 | line2.setText("Return to Home [C]"); 256 | break; 257 | case (byte)8: 258 | gameMode = GameMode.TacticsTeam; 259 | header.setText("TactictsTeam:"); 260 | line1.setText("Aimbot[V]"); 261 | line2.setText("Reset [C]"); 262 | break; 263 | case (byte)7: 264 | gameMode = GameMode.Tactics; 265 | header.setText("Tactics:"); 266 | line1.setText("Aimbot[V]"); 267 | line2.setText("Reset [C]"); 268 | break; 269 | case (byte)6: 270 | gameMode = GameMode.EfficiencyTeam; 271 | header.setText("EfficencyTeam:"); 272 | line1.setText("Aimbot[V]"); 273 | line2.setText("Reset [C]"); 274 | break; 275 | case (byte)5: 276 | gameMode = GameMode.Efficiency; 277 | header.setText("Efficiency:"); 278 | line1.setText("Aimbot[V]"); 279 | line2.setText("Reset [C]"); 280 | break; 281 | case (byte)4: 282 | gameMode = GameMode.InstagibTeam; 283 | header.setText("Instagib Team:"); 284 | line1.setText("Aimbot[V]"); 285 | line2.setText("Reset [C]"); 286 | break; 287 | case (byte)3: 288 | gameMode = GameMode.Instagib; 289 | header.setText("Instagib:"); 290 | line1.setText("Aimbot & ESP[V]"); 291 | line2.setText("Reset [C]"); 292 | break; 293 | case (byte)2: 294 | gameMode = GameMode.TeamPlay; 295 | header.setText("Instagib Team:"); 296 | line1.setText("Aimbot[V]"); 297 | line2.setText("Reset [C]"); 298 | break; 299 | case (byte)1: 300 | gameMode = GameMode.CoopEdit; 301 | header.setText("Noob Edit:"); 302 | line1.setText("Dont make me"); 303 | line2.setText("watch this!!"); 304 | exit.setText("PLEASE[X]"); 305 | 306 | break; 307 | case (byte)0: 308 | gameMode = GameMode.FFA; 309 | header.setText("FFA:"); 310 | line1.setText("Aimbot[V]"); 311 | line2.setText("Reset [C]"); 312 | break; 313 | 314 | } 315 | 316 | if(gameMode != GameMode.CoopEdit) { 317 | exit.setText("Exit [x]"); 318 | } 319 | redraw = false; 320 | } 321 | 322 | if(GHInput.getKeyDown(KeyEvent.VK_V)) { 323 | switch(gameMode) { 324 | case CoopEdit: 325 | case MainMenu: 326 | header.setText("Made by Erarnitox"); 327 | line1.setText("join the 31337:"); 328 | line2.setText("guidedhacking.com"); 329 | break; 330 | 331 | case Invasion: 332 | case Campaign: 333 | if(!godmode) { 334 | godmode = true; 335 | mode.setText("MODE: GOD"); 336 | GodMode.activateGodMode(); 337 | } 338 | break; 339 | 340 | case EfficiencyCollect: 341 | if(!rakeMode) { 342 | rakeMode = true; 343 | mode.setText("MODE: RAKE"); 344 | RakeMode.startRake(); 345 | } 346 | break; 347 | case InstaHold: 348 | case Hold: 349 | if(!esp) { 350 | esp = true; 351 | EspMode.startEsp(gameMode); 352 | mode.setText("MODE: ESP"); 353 | } 354 | break; 355 | 356 | case RegenCapture: 357 | case Capture: 358 | case CTF: 359 | case Instagib: 360 | case InstaCTF: 361 | if(!aimbot) { 362 | aimbot = true; 363 | AimbotMode.startAimbot(gameMode); 364 | } 365 | if(!esp) { 366 | esp = true; 367 | EspMode.startEsp(gameMode); 368 | } 369 | mode.setText("MODE: AIMBOT & ESP"); 370 | break; 371 | 372 | default: 373 | if(!aimbot) { 374 | aimbot = true; 375 | mode.setText("MODE: AIMBOT"); 376 | AimbotMode.startAimbot(gameMode); 377 | } 378 | break; 379 | } 380 | } 381 | 382 | if(GHInput.getKeyDown(KeyEvent.VK_C)) { 383 | switch(gameMode) { 384 | case CoopEdit: 385 | case MainMenu: 386 | header.setText("The cake"); 387 | line1.setText("really IS"); 388 | line2.setText("a LIE"); 389 | break; 390 | 391 | case Invasion: 392 | case Campaign: 393 | if(godmode) { 394 | godmode = false; 395 | mode.setText("MODE: NORMAL"); 396 | GodMode.deActivateGodMode(); 397 | } 398 | break; 399 | 400 | case EfficiencyCollect: 401 | if(rakeMode) { 402 | rakeMode = false; 403 | RakeMode.stopRake(); 404 | mode.setText("MODE: NORMAL"); 405 | } 406 | break; 407 | 408 | case InstaHold: 409 | case Hold: 410 | if(esp) { 411 | esp = false; 412 | EspMode.stopEsp(); 413 | mode.setText("MODE: NORMAL"); 414 | } 415 | break; 416 | 417 | case CTF: 418 | case RegenCapture: 419 | case Capture: 420 | case Instagib: 421 | case InstaCTF: 422 | if(aimbot) { 423 | aimbot = false; 424 | AimbotMode.stopAimbot(); 425 | } 426 | if(esp) { 427 | esp = false; 428 | EspMode.stopEsp(); 429 | } 430 | mode.setText("MODE: NORMAL"); 431 | break; 432 | 433 | default: 434 | if(aimbot) { 435 | aimbot = false; 436 | mode.setText("MODE: NORMAL"); 437 | AimbotMode.stopAimbot(); 438 | } 439 | break; 440 | } 441 | } 442 | 443 | //Safety escape: 444 | if(GHInput.getKeyDown(KeyEvent.VK_X)) { 445 | attached = false; 446 | } 447 | }else{ 448 | Platform.exit(); 449 | } 450 | } 451 | }; 452 | updater.start(); 453 | } 454 | } 455 | } 456 | 457 | -------------------------------------------------------------------------------- /src/com/guidedhacking/GHArchitecture.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | public enum GHArchitecture { 4 | Win32, Win64 5 | } 6 | -------------------------------------------------------------------------------- /src/com/guidedhacking/GHInput.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | import com.sun.jna.platform.KeyboardUtils; 4 | import com.sun.jna.platform.win32.BaseTSD.ULONG_PTR; 5 | import com.sun.jna.platform.win32.User32; 6 | import com.sun.jna.platform.win32.WinDef.DWORD; 7 | import com.sun.jna.platform.win32.WinDef.POINT; 8 | import com.sun.jna.platform.win32.WinDef.WORD; 9 | import com.sun.jna.platform.win32.WinUser.INPUT; 10 | 11 | public class GHInput { 12 | 13 | //checks if button is pressed 14 | public static boolean getKeyDown(int key) { 15 | return KeyboardUtils.isPressed(key); 16 | } 17 | 18 | //sends key input 19 | public static void sendKeyPress(int key) { 20 | INPUT input = new INPUT(); 21 | input.type = new DWORD(INPUT.INPUT_KEYBOARD); 22 | input.input.setType("ki"); 23 | input.input.ki.wScan = new WORD(0); 24 | input.input.ki.time = new DWORD(0); 25 | input.input.ki.dwExtraInfo = new ULONG_PTR(0); 26 | input.input.ki.wVk = new WORD(key); 27 | input.input.ki.dwFlags = new DWORD(0); 28 | User32.INSTANCE.SendInput(new DWORD(1), (INPUT[]) input.toArray(1), input.size()); 29 | input.input.ki.wVk = new WORD(key); 30 | input.input.ki.dwFlags = new DWORD(2); 31 | User32.INSTANCE.SendInput(new DWORD(1), (INPUT[]) input.toArray(1), input.size()); 32 | } 33 | 34 | //press key down input 35 | public static void sendKeyDown(int key) { 36 | INPUT input = new INPUT(); 37 | input.type = new DWORD(INPUT.INPUT_KEYBOARD); 38 | input.input.setType("ki"); 39 | input.input.ki.wScan = new WORD(0); 40 | input.input.ki.time = new DWORD(0); 41 | input.input.ki.dwExtraInfo = new ULONG_PTR(0); 42 | input.input.ki.wVk = new WORD(key); 43 | input.input.ki.dwFlags = new DWORD(0); 44 | User32.INSTANCE.SendInput(new DWORD(1), (INPUT[]) input.toArray(1), input.size()); 45 | } 46 | 47 | //let key up input 48 | public static void sendKeyUp(int key) { 49 | INPUT input = new INPUT(); 50 | input.type = new DWORD(INPUT.INPUT_KEYBOARD); 51 | input.input.setType("ki"); 52 | input.input.ki.wScan = new WORD(0); 53 | input.input.ki.time = new DWORD(0); 54 | input.input.ki.dwExtraInfo = new ULONG_PTR(0); 55 | input.input.ki.wVk = new WORD(key); 56 | input.input.ki.dwFlags = new DWORD(2); 57 | User32.INSTANCE.SendInput(new DWORD(1), (INPUT[]) input.toArray(1), input.size()); 58 | } 59 | 60 | //set cursor position to point somewhere 61 | public void SetCursor(int x, int y){ 62 | User32.INSTANCE.SetCursorPos(x, y); 63 | } 64 | 65 | //where does the cursor currently point to? 66 | public int[] getCursorPos(){ 67 | POINT p = new POINT(); 68 | User32.INSTANCE.GetCursorPos(p); 69 | return new int[]{p.x,p.y}; 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /src/com/guidedhacking/GHMemory.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | import java.io.ByteArrayInputStream; 4 | import java.io.ByteArrayOutputStream; 5 | import java.io.ObjectInputStream; 6 | import java.io.ObjectOutputStream; 7 | import java.util.ArrayList; 8 | 9 | import com.sun.jna.Memory; 10 | import com.sun.jna.Native; 11 | import com.sun.jna.Pointer; 12 | import com.sun.jna.platform.win32.Kernel32; 13 | import com.sun.jna.platform.win32.User32; 14 | import com.sun.jna.platform.win32.WinDef.HWND; 15 | import com.sun.jna.platform.win32.WinNT; 16 | import com.sun.jna.platform.win32.WinNT.HANDLE; 17 | import com.sun.jna.ptr.IntByReference; 18 | import com.sun.jna.platform.win32.WinDef.DWORD; 19 | 20 | public class GHMemory { 21 | 22 | private static HWND handle; 23 | private static HANDLE hProcess; 24 | public static final long ALL_ACCESS = WinNT.PROCESS_QUERY_INFORMATION | WinNT.PROCESS_VM_READ | WinNT.PROCESS_VM_WRITE | WinNT.PROCESS_VM_OPERATION; 25 | private static final HANDLE INVALID_HANDLE_VALUE = new HANDLE(Pointer.createConstant(0xFFFFFFFFL)); 26 | private static GHArchitecture arch = GHArchitecture.Win32; 27 | 28 | //call openProcess with only the window name 29 | public static boolean openProcess(String windowName) { 30 | try{ 31 | return openProcess(getWinHwnd(windowName).get(0)); 32 | }catch(Exception e){ 33 | return false; 34 | } 35 | } 36 | 37 | //get a handle to the process of the window: 38 | public static boolean openProcess(HWND window) { 39 | 40 | //if a handle is already open, we need to close it first 41 | if(hProcess != null) { 42 | if (!Kernel32.INSTANCE.CloseHandle(hProcess)) { 43 | //closing handle failed so we can't open a new one 44 | return false; 45 | } 46 | } 47 | handle = window; 48 | int pid = getWindowPID(window); 49 | hProcess = Kernel32.INSTANCE.OpenProcess(new DWORD(ALL_ACCESS).intValue(), false, new DWORD(pid).intValue()); 50 | 51 | if(hProcess == null){ 52 | return false; //no handle was opened 53 | }else{ 54 | return true; //handle was opened 55 | } 56 | } 57 | 58 | //is the game still running are we connected 59 | public static boolean isConnected() { 60 | return !(hProcess.equals(null) || User32.INSTANCE.IsWindow(handle)|| hProcess.equals(INVALID_HANDLE_VALUE)); 61 | } 62 | 63 | //set architecture to use correct pointers etc. 64 | public static void setArchitecture(GHArchitecture architecture) { 65 | arch = architecture; 66 | } 67 | 68 | //read bit from memory 69 | public static boolean readBit(long address, int position) { 70 | Memory mem = readMemory(hProcess, address, 1); 71 | boolean value = ((mem.getByte(0) >> position) & 1) == 1; 72 | return value; 73 | } 74 | 75 | //read byte from memory 76 | public static byte readByte(long address) { 77 | Memory mem = readMemory(hProcess, address, 1); 78 | byte value = mem.getByte(0); 79 | return value; 80 | } 81 | 82 | //read short from memory 83 | public static short readShort(long address) { 84 | Memory mem = readMemory(hProcess, address, 2); 85 | short value = mem.getShort(0); 86 | return value; 87 | } 88 | 89 | //read char from memory 90 | public static char readChar(long address) { 91 | Memory mem = readMemory(hProcess, address, 2); 92 | char value = mem.getChar(0); 93 | return value; 94 | } 95 | 96 | //read char from memory 97 | public static int readInt(long address) { 98 | Memory mem = readMemory(hProcess, address, 4); 99 | int value = mem.getInt(0); 100 | return value; 101 | } 102 | 103 | //read long from memory 104 | public static long readLong(long address) { 105 | Memory mem = readMemory(hProcess, address, 8); 106 | long value = mem.getLong(0); 107 | return value; 108 | } 109 | 110 | //read float from memory 111 | public static float readFloat(long address) { 112 | Memory mem = readMemory(hProcess, address, 4); 113 | float value = mem.getFloat(0); 114 | return value; 115 | } 116 | 117 | //read double from memory 118 | public static double readDouble(long address) { 119 | Memory mem = readMemory(hProcess, address, 8); 120 | double value = mem.getDouble(0); 121 | return value; 122 | } 123 | 124 | //read string from memory 125 | public static String readString(long address , int bytestoread){ 126 | Memory mem = readMemory(hProcess, address, bytestoread); 127 | String value = mem.getString(0); 128 | return value; 129 | } 130 | 131 | //read other objects from memory 132 | public static T read(long address , int bytesToRead) throws ClassNotFoundException{ 133 | Memory mem = readMemory(hProcess, address, bytesToRead); 134 | T value = deserialize(mem.getByteArray(0, bytesToRead)); 135 | return value; 136 | } 137 | 138 | //read byte array from memory 139 | public static byte[] readByteArray(long address, int bytesToRead) { 140 | Memory mem = readMemory(hProcess, address, bytesToRead); 141 | byte[] value = mem.getByteArray(0, bytesToRead); 142 | return value; 143 | } 144 | 145 | //helper method to read data from memory 146 | public static Memory readMemory(HANDLE proccess,long address,int bytesToRead){ 147 | IntByReference bytesRead = new IntByReference(0); 148 | Memory output = new Memory(bytesToRead); 149 | Kernel32.INSTANCE.ReadProcessMemory(proccess, new Pointer(address), output, bytesToRead, bytesRead); 150 | return output; 151 | } 152 | 153 | //write bit back to memory 154 | public static boolean writeBit(boolean data, long address, int position) { 155 | Memory mem = readMemory(hProcess, address, 1); 156 | byte writeBack; 157 | 158 | if(data) { 159 | writeBack = (byte) (mem.getByte(0) | (1 << position)); 160 | } 161 | else { 162 | writeBack = (byte) (mem.getByte(0) & ~(1 << position)); 163 | } 164 | 165 | mem.setByte(0, writeBack); 166 | return writeMemory(hProcess, address, mem, 1); 167 | } 168 | 169 | //write byte back to memory 170 | public static boolean writeByte(byte data, long address) { 171 | Memory mem = new Memory(1); 172 | mem.setByte(0, data); 173 | return writeMemory(hProcess, address, mem, 1); 174 | } 175 | 176 | //write short back to memory 177 | public static boolean writeShort(short data, long address) { 178 | Memory mem = new Memory(2); 179 | mem.setShort(0, data); 180 | return writeMemory(hProcess, address, mem, 2); 181 | } 182 | 183 | //write char back to memory 184 | public static boolean writeChar(char data, long address) { 185 | Memory mem = new Memory(2); 186 | mem.setChar(0, data); 187 | return writeMemory(hProcess, address, mem, 2); 188 | } 189 | 190 | //write byte int to memory 191 | public static boolean writeInt(int data, long address) { 192 | Memory mem = new Memory(4); 193 | mem.setInt(0, data); 194 | return writeMemory(hProcess, address, mem, 4); 195 | } 196 | 197 | //write long back to memory 198 | public static boolean writeLong(long data, long address) { 199 | Memory mem = new Memory(8); 200 | mem.setLong(0, data); 201 | return writeMemory(hProcess, address, mem, 8); 202 | } 203 | 204 | //write float back to memory 205 | public static boolean writeFloat(float data, long address) { 206 | Memory mem = new Memory(4); 207 | mem.setFloat(0, data); 208 | return writeMemory(hProcess, address, mem, 4); 209 | } 210 | 211 | //write double back to memory 212 | public static boolean writeDouble(double data, long address) { 213 | Memory mem = new Memory(8); 214 | mem.setDouble(0, data); 215 | return writeMemory(hProcess, address, mem, 8); 216 | } 217 | 218 | //write string back to memory 219 | public boolean writeString(long address,String string){ 220 | Memory mem = new Memory(string.getBytes().length); 221 | mem.setString(0, string); 222 | return writeMemory(hProcess, address, mem, string.getBytes().length); 223 | } 224 | 225 | //write byte array back to memory 226 | public static boolean write(byte[] data, long address){ 227 | Memory mem = new Memory(data.length); 228 | 229 | for(int i=0; i boolean write(T data, long address) { 237 | Memory mem = new Memory(ObjectSizeFetcher.getObjectSize(data)); 238 | byte[] dataBytes = serialize(data); 239 | 240 | for(int i=0; i T deserialize(byte[] data) { 275 | ByteArrayInputStream in = new ByteArrayInputStream(data); 276 | 277 | try { 278 | ObjectInputStream is = new ObjectInputStream(in); 279 | return (T) is.readObject(); 280 | } 281 | catch(Exception e) { 282 | return null; 283 | } 284 | } 285 | 286 | //access handle to process 287 | public static HWND getHandle() { 288 | return handle; 289 | } 290 | 291 | //get handle to window by title 292 | private static ArrayList getWinHwnd(final String startOfWindowName) { 293 | final ArrayList hWndC = new ArrayList(); 294 | User32.INSTANCE.EnumWindows(new User32.WNDENUMPROC() { 295 | @Override 296 | public boolean callback(HWND hWnd, Pointer userData) { 297 | char[] windowText = new char[512]; 298 | User32.INSTANCE.GetWindowText(hWnd, windowText, 512); 299 | String wText = Native.toString(windowText).trim(); 300 | 301 | if (!wText.isEmpty() && wText.startsWith(startOfWindowName)) { 302 | hWndC.add(hWnd); 303 | } 304 | return true; 305 | } 306 | }, null); 307 | return hWndC; 308 | } 309 | 310 | //get the dynamic Object address from its static Pointer 311 | public static long getObjectAddress(GHPointer staticMultiLevelPointer) { 312 | 313 | long objectPointer = staticMultiLevelPointer.getStaticPointer(); 314 | 315 | Memory mem = null; 316 | 317 | if(arch == GHArchitecture.Win32) { 318 | for(int i=0; i < staticMultiLevelPointer.getOffsets().length; i++) { 319 | mem = readMemory(hProcess, objectPointer, 4); 320 | objectPointer = (mem.getInt(0) + staticMultiLevelPointer.getOffsets()[i]); 321 | 322 | } 323 | } 324 | 325 | else if(arch == GHArchitecture.Win64) { 326 | for(int i=0; i < staticMultiLevelPointer.getOffsets().length; i++) { 327 | mem = readMemory(hProcess, objectPointer, 8); 328 | objectPointer = (mem.getLong(0)+ staticMultiLevelPointer.getOffsets()[i]); 329 | 330 | } 331 | } 332 | return (objectPointer); 333 | } 334 | 335 | //close handle to process 336 | public static void close(){ 337 | Kernel32.INSTANCE.CloseHandle(hProcess); 338 | } 339 | } 340 | -------------------------------------------------------------------------------- /src/com/guidedhacking/GHPointer.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | public class GHPointer { 4 | final private long staticPointer; 5 | final private int[] offsets; 6 | 7 | public GHPointer(long staticPointer, int ... offsets) { 8 | this.staticPointer = staticPointer; 9 | this.offsets = offsets; 10 | } 11 | 12 | public long getStaticPointer() { 13 | return staticPointer; 14 | } 15 | 16 | public int[] getOffsets() { 17 | return offsets; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/com/guidedhacking/GHTools.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | import com.sun.jna.platform.win32.Advapi32; 4 | import com.sun.jna.platform.win32.Kernel32; 5 | import com.sun.jna.platform.win32.User32; 6 | import com.sun.jna.platform.win32.WinDef.DWORD; 7 | import com.sun.jna.platform.win32.WinDef.RECT; 8 | import com.sun.jna.platform.win32.WinNT; 9 | import com.sun.jna.platform.win32.WinNT.HANDLE; 10 | import com.sun.jna.platform.win32.WinNT.HANDLEByReference; 11 | import com.sun.jna.platform.win32.WinNT.TOKEN_PRIVILEGES; 12 | import com.sun.jna.ptr.IntByReference; 13 | 14 | public class GHTools { 15 | 16 | //normal sleep with error handeling 17 | public static boolean sleep(int time){ 18 | try { 19 | Thread.sleep(time); 20 | return true; 21 | } catch (InterruptedException e) { 22 | e.printStackTrace(); 23 | return false; 24 | } 25 | } 26 | 27 | //get PID of window: 28 | public static int getGamePID(){ 29 | IntByReference PID = new IntByReference(0); 30 | User32.INSTANCE.GetWindowThreadProcessId(GHMemory.getHandle(), PID); 31 | return PID.getValue(); 32 | } 33 | 34 | //enable debug privelege 35 | public static boolean enableProcessDebug() { 36 | boolean result = false; 37 | HANDLEByReference hToken = new HANDLEByReference(); 38 | HANDLE hProcess = Kernel32.INSTANCE.GetCurrentProcess(); 39 | 40 | if(!Advapi32.INSTANCE.OpenProcessToken(hProcess, 41 | WinNT.TOKEN_ADJUST_PRIVILEGES | WinNT.TOKEN_QUERY, hToken)){ 42 | return false; 43 | } 44 | 45 | 46 | TOKEN_PRIVILEGES tkp = new TOKEN_PRIVILEGES(1024); 47 | IntByReference returnLength = new IntByReference(); 48 | if(Advapi32.INSTANCE.GetTokenInformation(hToken.getValue(), WinNT.TOKEN_INFORMATION_CLASS.TokenPrivileges, tkp, tkp.size(), returnLength)){ 49 | if(tkp.PrivilegeCount.intValue() < 1){ 50 | return false; 51 | } 52 | 53 | WinNT.LUID luid = null; 54 | 55 | for (int i=0; i 0) { 57 | luid = tkp.Privileges[i].Luid; 58 | } 59 | } 60 | if(luid == null){ 61 | return false; 62 | } 63 | if(!Advapi32.INSTANCE.LookupPrivilegeValue(null, WinNT.SE_DEBUG_NAME, luid)){ 64 | return false; 65 | } 66 | 67 | tkp = new WinNT.TOKEN_PRIVILEGES(1); 68 | tkp.Privileges[0] = new WinNT.LUID_AND_ATTRIBUTES(luid,new DWORD(WinNT.SE_PRIVILEGE_ENABLED)); 69 | if(Advapi32.INSTANCE.AdjustTokenPrivileges(hToken.getValue(), false, tkp, 0, null, null)){ 70 | Kernel32.INSTANCE.CloseHandle(hToken.getValue()); 71 | return true; 72 | } 73 | 74 | 75 | } 76 | return result; 77 | } 78 | 79 | //return if game window is visible or not 80 | public static boolean isGameVisible() { 81 | return User32.INSTANCE.IsWindowVisible(GHMemory.getHandle()); 82 | } 83 | 84 | //get height of the Game Window 85 | public static int getGameHeight() { 86 | //rect of GameWindow: 87 | RECT rect = new RECT(); 88 | boolean res = User32.INSTANCE.GetWindowRect(GHMemory.getHandle(), rect); 89 | 90 | if(res) { 91 | return rect.bottom-rect.top; 92 | } 93 | return -1; 94 | } 95 | 96 | public static int getGameXPos() { 97 | //rect of GameWindow: 98 | RECT rect = new RECT(); 99 | boolean res = User32.INSTANCE.GetWindowRect(GHMemory.getHandle(), rect); 100 | 101 | if(res) { 102 | return rect.left; 103 | } 104 | return -1; 105 | } 106 | 107 | public static int getGameYPos() { 108 | //rect of GameWindow: 109 | RECT rect = new RECT(); 110 | boolean res = User32.INSTANCE.GetWindowRect(GHMemory.getHandle(), rect); 111 | 112 | if(res) { 113 | return rect.top; 114 | } 115 | return -1; 116 | } 117 | 118 | public static int getGameWidth() { 119 | //rect of GameWindow: 120 | RECT rect = new RECT(); 121 | boolean res = User32.INSTANCE.GetWindowRect(GHMemory.getHandle(), rect); 122 | 123 | if(res) { 124 | return rect.right-rect.left; 125 | } 126 | return -1; 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /src/com/guidedhacking/ObjectSizeFetcher.java: -------------------------------------------------------------------------------- 1 | package com.guidedhacking; 2 | 3 | import java.lang.instrument.Instrumentation; 4 | 5 | class ObjectSizeFetcher { 6 | private static Instrumentation instrumentation; 7 | 8 | public static void premain(String args, Instrumentation inst) { 9 | instrumentation = inst; 10 | } 11 | 12 | public static int getObjectSize(Object o) { 13 | return (int) instrumentation.getObjectSize(o); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/rake.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Erarnitox/java-game-hacking/66e415a9e3550376424c3b00f524c6f393856624/src/rake.png --------------------------------------------------------------------------------