CSGO项目

#include <Windows.h>
#include <sstream>
#include <iostream> 
#include <math.h>  
#include "HackProcess.h"
#include <vector>
#include <algorithm>   

CHackProcess fProcess;  
using namespace std;  

#define F6_Key 0x75

#define RIGHT_MOUSE 0x02

int NumOfPlayers = 32;

const DWORD dw_PlayerCountOffs = 0x7994E0;//Engine.dll


//自己人物模块偏移
const DWORD Player_Base = 0x4C5B3B4;//client_panorama.dll

//阵营
const DWORD dw_mTeamOffset = 0xE8;//client_panorama.dll
//血量
const DWORD dw_Health = 0xF4;//client_panorama.dll

//人物坐标偏移
const DWORD dw_Pos = 0x12C;//client_panorama.dll

//敌人地址
const DWORD EntityPlayer_Base = 0x4c5b3bc;//client_panorama.dll

//敌人结构偏移
const DWORD EntityLoopDistance = 0x8;

//鼠标指针
const DWORD dw_m_angRotation = 0x461A9C;
RECT m_Rect; 

HDC HDC_Desktop;

HBRUSH EnemyBrush;
HFONT Font; 

//矩阵地址
const DWORD dw_vMatrix = 0x4C2CD04 + 0xb0;
const DWORD dw_antiFlick = 0x58C2B8;


HWND TargetWnd;
HWND Handle;
DWORD DwProcId;

COLORREF SnapLineCOLOR;
COLORREF TextCOLOR; 

typedef struct
{
    float flMatrix [4][4];
}WorldToScreenMatrix_t;

float Get3dDistance(float * myCoords, float * enemyCoords)
{
    return sqrt(
        pow(double(enemyCoords[0] - myCoords[0]), 2.0) +
        pow(double(enemyCoords[1] - myCoords[1]), 2.0) +
        pow(double(enemyCoords[2] - myCoords[2]), 2.0));

}


void SetupDrawing(HDC hDesktop, HWND handle)
{
    HDC_Desktop =hDesktop;
    Handle = handle;
    EnemyBrush = CreateSolidBrush(RGB(255, 0, 0));
    //Color
    SnapLineCOLOR = RGB(0, 0, 255);
    TextCOLOR = RGB(0, 255, 0);
}
struct MyPlayer_t  
{ 
    DWORD CLocalPlayer; 
    int Team; 
    int Health; 
    WorldToScreenMatrix_t WorldToScreenMatrix;
    float Position[3]; 
    int flickerCheck;
    void ReadInformation() 
    {
        // 读自己地址
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + Player_Base), &CLocalPlayer, sizeof(DWORD), 0);
        // 读阵营
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_mTeamOffset), &Team, sizeof(int), 0);
        // 读血量   
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Health), &Health, sizeof(int), 0); 
        // 读坐标
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CLocalPlayer + dw_Pos), &Position, sizeof(float[3]), 0); 

        //读房间人数
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordEngine + dw_PlayerCountOffs), &NumOfPlayers, sizeof(int), 0); 



        //anti flicker
        //ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordEngine + dw_antiFlick), &flickerCheck, sizeof(int), 0); 
        //VMATRIX
        //if(flickerCheck == 0)
        //{

        //读矩阵
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + dw_vMatrix), &WorldToScreenMatrix, sizeof(WorldToScreenMatrix), 0);
        //}
        //-1A4 = ANTI FLICKER
        //Engine.dll+0x58C45C
    }
}MyPlayer;    






//ENemy struct
struct PlayerList_t 
{
    DWORD CBaseEntity; 
    int Team; 
    int Health; 
    float Position[3]; 
    float AimbotAngle[3]; 
    char Name[39]; 

    void ReadInformation(int Player) 
    {
        // 读敌人地址
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(fProcess.__dwordClient + EntityPlayer_Base  + (Player * EntityLoopDistance)),&CBaseEntity, sizeof(DWORD), 0);
        // 读阵营 
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_mTeamOffset), &Team, sizeof(int), 0);
        // 读血量    
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Health), &Health, sizeof(int), 0); 
        // 读坐标
        ReadProcessMemory (fProcess.__HandleProcess, (PBYTE*)(CBaseEntity + dw_Pos), &Position, sizeof(float[3]), 0); 
     }
}PlayerList[32];  


bool WorldToScreen(float * from, float * to)
{
    float w = 0.0f;

    to[0] = MyPlayer.WorldToScreenMatrix.flMatrix[0][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[0][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[0][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[0][3];
    to[1] = MyPlayer.WorldToScreenMatrix.flMatrix[1][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[1][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[1][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[1][3];
    w = MyPlayer.WorldToScreenMatrix.flMatrix[3][0] * from[0] + MyPlayer.WorldToScreenMatrix.flMatrix[3][1] * from[1] + MyPlayer.WorldToScreenMatrix.flMatrix[3][2] * from[2] + MyPlayer.WorldToScreenMatrix.flMatrix[3][3];

    if(w < 0.01f)
        return false;

    float invw = 1.0f / w;
    to[0] *= invw;
    to[1] *= invw;

    int width = (int)(m_Rect.right - m_Rect.left);
    int height = (int)(m_Rect.bottom - m_Rect.top);

    float x = width/2;
    float y = height/2;

    x += 0.5 * to[0] * width + 0.5;
    y -= 0.5 * to[1] * height + 0.5;

    to[0] = x+ m_Rect.left;
    to[1] = y+ m_Rect.top ;

    return true;
}









void DrawFilledRect(int x, int y, int w, int h)
{

    RECT rect = { x, y, x + w, y + h }; 

    FillRect(HDC_Desktop, &rect, EnemyBrush);
}


void DrawBorderBox(int x, int y, int w, int h, int thickness)
{
    //Top horiz line
    DrawFilledRect(x, y, w, thickness);
    //Left vertical line
    DrawFilledRect( x, y, thickness, h);
    //right vertical line
    DrawFilledRect((x + w), y, thickness, h);
    //bottom horiz line
    DrawFilledRect(x, y + h, w+thickness, thickness);
}



void DrawLine(float StartX, float StartY, float EndX, float EndY, COLORREF Pen)
{
    int a,b=0;
    HPEN hOPen;
    HPEN hNPen = CreatePen(PS_SOLID, 2, Pen);
    hOPen = (HPEN)SelectObject(HDC_Desktop, hNPen);
    MoveToEx(HDC_Desktop, StartX, StartY, NULL);
    a = LineTo(HDC_Desktop, EndX, EndY);
    DeleteObject(SelectObject(HDC_Desktop, hOPen));
}

void DrawString(int x, int y, COLORREF color, const char* text)
{    
    SetTextAlign(HDC_Desktop,TA_CENTER|TA_NOUPDATECP);

    SetBkColor(HDC_Desktop,RGB(0,0,0));
    SetBkMode(HDC_Desktop,TRANSPARENT);

    SetTextColor(HDC_Desktop,color);

    SelectObject(HDC_Desktop,Font);

    TextOutA(HDC_Desktop,x,y,text,strlen(text));

    DeleteObject(Font);
}


void DrawESP(int x, int y, float distance)
{
    int width = 18100/distance;
    int height = 36000/distance;
    DrawBorderBox(x-(width/2), y-height, width, height, 1);

    DrawLine((m_Rect.right - m_Rect.left)/2,
            m_Rect.bottom - m_Rect.top, x, y, 
            SnapLineCOLOR);


    std::stringstream ss;
    ss << (int)distance;

    char * distanceInfo = new char[ss.str().size()+1];
    strcpy(distanceInfo, ss.str().c_str());

    DrawString(x, y, TextCOLOR, distanceInfo);

    delete [] distanceInfo;
}

void ESP()
{
    GetWindowRect(FindWindow(NULL, "Counter-Strike: Global Offensive"), &m_Rect);

    for(int i = 0; i < NumOfPlayers; i ++)
    {
        PlayerList[i].ReadInformation(i);

        if(PlayerList[i].Health < 2)
            continue;

        if(PlayerList[i].Team == MyPlayer.Team)
            continue;

        float EnemyXY[3];
        if(WorldToScreen(PlayerList[i].Position, EnemyXY))
        {
            DrawESP(EnemyXY[0] - m_Rect.left, EnemyXY[1] - m_Rect.top, Get3dDistance(MyPlayer.Position, PlayerList[i].Position));
        }

    }




}


int main()
{
    fProcess.RunProcess(); 

    ShowWindow(FindWindowA("ConsoleWindowClass", NULL), false);
    TargetWnd = FindWindow(0, "Counter-Strike: Global Offensive");
    HDC HDC_Desktop = GetDC(TargetWnd);
    SetupDrawing(HDC_Desktop, TargetWnd);

    for(;;)
    {
        MyPlayer.ReadInformation();

        ESP();

    }


    return 0;
}

#pragma once

#include <Windows.h>
#include <TlHelp32.h>

//THIS FILE SIMPLY DOES MOST OF THE BACKEND WORK FOR US, 
//FROM FINDING THE PROCESS TO SETTING UP CORRECT ACCESS FOR US 
//TO EDIT MEMORY 
//IN MOST GAMES, A SIMPLER VERSION OF THIS CAN BE USED, or if you're injecting then its often not necessary
//This file has been online for quite a while so credits should be shared but im using this from NubTIK
//So Credits to him and thanks

class CHackProcess
{
public:

    PROCESSENTRY32 __gameProcess;
    HANDLE __HandleProcess;
    HWND __HWNDCss; 
    DWORD __dwordClient;
    DWORD __dwordEngine;
    DWORD __dwordOverlay;
    DWORD __dwordVGui;
    DWORD __dwordLibCef;
    DWORD __dwordSteam; 
    DWORD FindProcessName(const char *__ProcessName, PROCESSENTRY32 *pEntry)
    {     
        PROCESSENTRY32 __ProcessEntry;
        __ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
        HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
        if (hSnapshot == INVALID_HANDLE_VALUE) return 0;        if (!Process32First(hSnapshot, &__ProcessEntry))
        {
            CloseHandle(hSnapshot);
            return 0;
        }
        do{if (!_strcmpi(__ProcessEntry.szExeFile, __ProcessName))
        {
            memcpy((void *)pEntry, (void *)&__ProcessEntry, sizeof(PROCESSENTRY32));
            CloseHandle(hSnapshot);
            return __ProcessEntry.th32ProcessID;
        }} while (Process32Next(hSnapshot, &__ProcessEntry));
        CloseHandle(hSnapshot);
        return 0;
}


DWORD getThreadByProcess(DWORD __DwordProcess)
{     
        THREADENTRY32 __ThreadEntry;
        __ThreadEntry.dwSize = sizeof(THREADENTRY32);
        HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
        if (hSnapshot == INVALID_HANDLE_VALUE) return 0;

        if (!Thread32First(hSnapshot, &__ThreadEntry)) {CloseHandle(hSnapshot); return 0; }

        do {if (__ThreadEntry.th32OwnerProcessID == __DwordProcess)
        {
            CloseHandle(hSnapshot);
            return __ThreadEntry.th32ThreadID;
        }} while (Thread32Next(hSnapshot, &__ThreadEntry)); 
        CloseHandle(hSnapshot);       
        return 0;
}

DWORD GetModuleNamePointer(LPSTR LPSTRModuleName, DWORD __DwordProcessId)
{ 
        MODULEENTRY32 lpModuleEntry = {0};
        HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, __DwordProcessId);
        if(!hSnapShot)
            return NULL;  
        lpModuleEntry.dwSize = sizeof(lpModuleEntry);
        BOOL __RunModule = Module32First( hSnapShot, &lpModuleEntry );
        while(__RunModule)
        {
            if(!strcmp(lpModuleEntry.szModule, LPSTRModuleName ) )
            {CloseHandle( hSnapShot );
            return (DWORD)lpModuleEntry.modBaseAddr;
            }
            __RunModule = Module32Next( hSnapShot, &lpModuleEntry );
        }
        CloseHandle( hSnapShot );
        return NULL;
}


void runSetDebugPrivs() 
{
    HANDLE __HandleProcess=GetCurrentProcess(), __HandleToken;
    TOKEN_PRIVILEGES priv;
    LUID __LUID; 
    OpenProcessToken(__HandleProcess, TOKEN_ADJUST_PRIVILEGES, &__HandleToken);
    LookupPrivilegeValue(0, "seDebugPrivilege", &__LUID);
    priv.PrivilegeCount = 1;
    priv.Privileges[0].Luid = __LUID;
    priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    AdjustTokenPrivileges(__HandleToken, false, &priv, 0, 0, 0);
    CloseHandle(__HandleToken);
    CloseHandle(__HandleProcess);
}
    
    
    
void RunProcess()
{
    //commented lines are for non steam versions of the game
    runSetDebugPrivs();
    while (!FindProcessName("csgo.exe", &__gameProcess)) Sleep(12);
    while (!(getThreadByProcess(__gameProcess.th32ProcessID))) Sleep(12);
    __HandleProcess = OpenProcess(PROCESS_ALL_ACCESS, false, __gameProcess.th32ProcessID); 

    while(__dwordClient == 0x0) __dwordClient = GetModuleNamePointer("client_panorama.dll", __gameProcess.th32ProcessID);

    while(__dwordEngine == 0x0) __dwordEngine = GetModuleNamePointer("engine.dll", __gameProcess.th32ProcessID);

    //while(__dwordOverlay == 0x0) __dwordOverlay = GetModuleNamePointer("gameoverlayrenderer.dll", __gameProcess.th32ProcessID);
    //while(__dwordVGui == 0x0) __dwordVGui = GetModuleNamePointer("vguimatsurface.dll", __gameProcess.th32ProcessID);
    //while(__dwordLibCef == 0x0) __dwordLibCef = GetModuleNamePointer("libcef.dll", __gameProcess.th32ProcessID);
//    while(__dwordSteam == 0x0) __dwordSteam = GetModuleNamePointer("steam.dll", __gameProcess.th32ProcessID); 
    __HWNDCss = FindWindow(NULL, "Counter-Strike: Global Offensive"); 
}
};

extern CHackProcess fProcess;