zoukankan      html  css  js  c++  java
  • Overwatch AimBot 1.29.0.51948

    [Code]

    [Enable]
    alloc(VisibleHook2,2048,"Overwatch.exe"+777F3D)
    registersymbol(VisibleHook2)
    alloc(MouseHook,2048,"Overwatch.exe"+4E96D3)
    registersymbol(MouseHook)
    alloc(SpeedUpHook2,2048,"Overwatch.exe"+7768FA)
    registersymbol(SpeedUpHook2)
    Define(SpeedUpEnd,Overwatch.exe+7768FA)
    Define(MouseFunc,Overwatch.exe+4E96D3)
    Define(Filter,Overwatch.exe+777F3D)
    registersymbol(SpeedUpEnd)
    registersymbol(MouseFunc)
    registersymbol(Filter)
     
    //label(return3)
    //EIP > SpeedUpEnd -> SpeedUpHook2
    //EIP > MouseFunc -> MouseHook
    //EIP > Filter -> VisibleHook2
     
     
    Alloc(MouseExist,16)
    Alloc(CurrentMouse,32)
     
    GlobalAlloc(Switch,4)
    Switch:
    dd 1
     
    globalalloc(adjust,16)
    adjust:
    dd (float)0.0
    dd (float)-0.01
    dd (float)0.0
     
    globalalloc(LeftTrigger,8)
    LeftTrigger:
    dd 0
     
    globalalloc(MiddleTrigger,8)
    MiddleTrigger:
    dd 1
     
    globalalloc(RightTrigger,8)
    RightTrigger:
    dd 0
     
    globalalloc(comp_cos,4)
    comp_cos:
    dd (float)0.93969262078590838405410927732473
     
    alloc(init_cos,4)
    init_cos:
    dd (float)-2.0
     
    alloc(save_cos,4)
    save_cos:
    dd (float)-2.0
     
    alloc(EnemyExist,8)
    alloc(final_vector,60)
    alloc(temp_vector,60)
     
    label(LeftNext)
    label(RightNext)
    Alloc(IsTriggered,1024)
    IsTriggered:
    //mouse trigger
    push rcx
    push rdx
    xor rdx,rdx
     
    cmp [LeftTrigger],0
    je LeftNext
    mov rcx,1      //mouse left
    call getasynckeystate
    or rdx,rax
     
    LeftNext:
    cmp [RightTrigger],0
    je RightNext
    mov rcx,2      //mouse right
    call getasynckeystate
    or rdx,rax
     
    RightNext:
    cmp [MiddleTrigger],0
    je MiddleNext
    mov rcx,4      //mouse middle
    call getasynckeystate
    or rdx,rax
     
    MiddleNext:
    xor rax,rax
    and rdx,8000
    test rdx,rdx
    pop rdx
    pop rcx
    je Disabled
    inc rax
    Disabled:
    ret
     
     
    alloc(save_r13,8)
    label(CompareEnd)
    label(SpeedUpHook2Original)
    //process+1663d30
    SpeedUpHook2:
    push rax
    mov rax,[rsp+8]
    cmp [rax+3],00000360         //lea rcx,[rbp+08]
    jne SpeedUpHook2Original
     
    //filter Enemy
    mov rax,r12
    cmp byte ptr [rax+81],0
    mov byte ptr [rax+81],0
    je CompareSkip
     
    //MouseCheck
    cmp [MouseExist],0
    je CompareSkip
     
    movups xmm0,[rbp+00000350]    //enemy
    movups xmm1,[rbp+00000360]    //me
    subps xmm0,xmm1               //dir = enemy - me
    movups xmm1,[adjust]          //adjust
    addps xmm0,xmm1               //dir = dir + adjust
    movups xmm1,xmm0              //copy dir to xmm1
                                  //xmm1 = (x, y, z)
    //dpps xmm1,xmm1,ff
    db 66 0f 3a 40 c9 ff          //xmm1 = (x^2+y^2+z^2, x^2+y^2+z^2, x^2+y^2+z^2)
     
    rsqrtps xmm1,xmm1             //xmm1 = 1 / root(xmm1)
    mulps xmm0,xmm1               //xmm0 = xmm0 * xmm1
    //xmm0 has been normalized
     
    movups xmm1,[CurrentMouse]    //mouse
    //dpps xmm1,xmm0,ff
    db 66 0f 3a 40 c8 ff          //xmm1 = xmm0 * xmm1 (dot product)
     
    sub esp, 4
    movss [esp],xmm1
    fld [esp]
    add esp, 4
     
    fld [comp_cos]
    //if comp_cos >= curr_cos then jump to next
    fcomip st(0),st(1)
    jnb CompareSkip
     
    fld [save_cos]
    //if save_cos >= curr_cos then jump to next
    fcomip st(0),st(1)
    jnb CompareSkip
     
    //save curr_cos
    fst [save_cos]
    //save directon vector
    movups [temp_vector],xmm0
     
    CompareSkip:
    //pop curr_cos
    fstp st(0)
     
    mov eax,[r13+78]
    cmp [r13+80],eax
    jmp CompareEnd
    CompareEnd:
    mov [EnemyExist],0
    mov [MouseExist],0
     
    //No enemy to shot
    mov eax,[save_cos]
    cmp eax,[init_cos]
    je Init
     
    //Switch offed
    cmp [Switch],1
    jne Init
     
    //apply vector
    mov [EnemyExist],1
    movups xmm0,[temp_vector]
    movups [final_vector],xmm0
     
    Init:
    mov eax,[init_cos]
    mov [save_cos],eax
     
    SpeedUpHook2Original:
    pop rax
    ret
     
     
     
     
     
    label(MouseNext)
    label(MouseEnd)
     
     
    MouseHook: //process+1426ba7
    push rax
    //return address check
    mov rax,[rsp+8]
    cmp [rax+d],000001A0
    jne MouseEnd
     
    call IsTriggered
    test rax,rax
    je MouseNext
     
    cmp [EnemyExist],0
    je MouseNext
     
    mov [EnemyExist],0
    movaps xmm0,[final_vector]
    movaps [rbp+60],xmm0
     
    MouseNext:
    //original code
    movaps xmm0,[rbp+60]
    movaps [CurrentMouse],xmm0
    mov [MouseExist],1
     
    MouseEnd:
    pop rax
    ret
     
     
     
    label(VisibleHook2Next)
    VisibleHook2:          //process+1665edd
    cmp byte ptr [rax+80],0
    mov byte ptr [rax+81],0
    je VisibleHook2Next
    mov byte ptr [rax+81],1
    VisibleHook2Next:
    jmp Overwatch.exe+777F44
    [disable]
    
  • 相关阅读:
    Python3爬虫系列:理论+实验+爬取妹子图实战
    虚机安装后无网卡、网卡驱动
    Linux运维工程师面试题整理
    睡眠或者重启windows,无法ssh连接或者pingVMware的虚机
    W10: Warning: Changing a readonly file使用vi/vim报错问题解决
    keyboard-interactive authentication with the ssh2 server failed 的SecureCRT报错解决
    公网访问内网实现(内网穿透)
    Linux内网时钟同步问题(ntp和chrony)
    xshell的快捷复制粘贴设置
    Linux中shell去除空行的几种方法
  • 原文地址:https://www.cnblogs.com/L1079991001/p/10459119.html
Copyright © 2011-2022 走看看