from json import loads from threading import Thread from time import sleep from pymem import Pymem from requests import get from win32api import GetAsyncKeyState from win32con import EM_LINEINDEX, VK_SPACE class Hack(): def __init__(self) -> None: # Loading offsets self.offsets = self._find_offsets() self.pm = self._find_process(True) self.wait_time = 0.01 self.timeout = self.wait_time * 50 def _find_offsets(self) -> dict[str, int]: hazedumper_data = get( "https://raw.githubusercontent.com/frk1/hazedumper/master/csgo.min.json") serial_data = loads(hazedumper_data.text) return serial_data["signatures"] | serial_data["netvars"] | { "entity_size": 0x10, "glow_obj_size": 0x38, "glow_R": 0x8, "glow_G": 0xC, "glow_B": 0x10, "glow_A": 0x14 } def _find_process(self, verbose: bool = False) -> Pymem: """Find game process""" process_found = False print("Looking for process...") if verbose else None pm = None while not process_found: try: pm = Pymem("csgo.exe") except: # Timeout sleep(.5) else: print("Process found!") if verbose else None process_found = True if pm: return pm exit(1) def find_module(self, module: str): """Find module address""" found = None for internal_module in list(self.pm.list_modules()): if internal_module.name == module + ".dll": found = internal_module.lpBaseOfDll if found: return found else: raise MemoryError def find_uint(self, base, offset: int) -> int: """Find integer in memory for sure""" local_element = None while not local_element: local_element = self.pm.read_uint(base + offset) sleep(self.timeout) return local_element def hack_loop(self, method): """Run the hack loop""" while True: # Reduce CPU usage sleep(self.wait_time) # Cheat method() class Cheat(Hack): def __init__(self) -> None: super().__init__() self.cheats_list = [func for func in dir(self) # Function if callable(getattr(self, func)) # User defined if not func.startswith("_") # Hack loop if not func == "hack_loop" # Utils if not func.startswith("find_")] def bhop(self) -> None: # Aliases mem = self.pm offset = self.offsets # Get client client = self.find_module("client") # Get player local_player = self.find_uint(client, offset["dwLocalPlayer"]) def cheat(): # Pressing space bar if not GetAsyncKeyState(VK_SPACE): return # Check if player is alive if not mem.read_uint(local_player + offset["m_iHealth"]): return # Check if player on ground if mem.read_uint(local_player + offset["m_fFlags"]) & (1 << 0): mem.write_uint(client + offset["dwForceJump"], 5) sleep(0.01) mem.write_uint(client + offset["dwForceJump"], 4) self.hack_loop(cheat) def radar_hack(self) -> None: # Aliases mem = self.pm offset = self.offsets # Get module address client = self.find_module("client") # Get local player local_player = self.find_uint(client, offset["dwLocalPlayer"]) # Get local team local_team = self.find_uint(local_player, offset["m_iTeamNum"]) def cheat(): # Loop all entities for i in range(1, 64): # 0 is world entity = mem.read_uint( client + offset["dwEntityList"] + i * offset["entity_size"]) # Ignore if entity doesn't exist if not entity: continue # Ignore allies if mem.read_uint(entity + offset["m_iTeamNum"]) == local_team: continue # Check if ennemy is alive if not mem.read_uint(entity + offset["m_iHealth"]): continue mem.write_bool(entity + offset["m_bSpotted"], True) self.hack_loop(cheat) def glow(self) -> None: # Aliases mem = self.pm offset = self.offsets # Get module address client = self.find_module("client") # Get local player local_player = self.find_uint(client, offset["dwLocalPlayer"]) # Get local team local_team = self.find_uint(local_player, offset["m_iTeamNum"]) # Get glow object manager glow_obj_manager = self.find_uint( client, offset["dwGlowObjectManager"]) def cheat(): # Loop all entities for i in range(1, 64): # 0 is world entity = mem.read_uint( client + offset["dwEntityList"] + i * offset["entity_size"]) # Ignore if entity doesn't exist if not entity: continue # Ignore allies if mem.read_uint(entity + offset["m_iTeamNum"]) == local_team: continue # Check if ennemy is alive if not mem.read_uint(entity + offset["m_iHealth"]): continue # Space between values i = mem.read_int( entity + offset["m_iGlowIndex"]) * offset["glow_obj_size"] # TODO: Reduce write call # Change color glow mem.write_float(glow_obj_manager + i + offset["glow_R"], 1.) mem.write_float(glow_obj_manager + i + offset["glow_G"], 0.) mem.write_float(glow_obj_manager + i + offset["glow_B"], 0.) mem.write_float(glow_obj_manager + i + offset["glow_A"], 1.) # Render when not visible mem.write_bool(glow_obj_manager + i + 0x27, True) # Render when visible mem.write_bool(glow_obj_manager + i + 0x28, True) self.hack_loop(cheat) def trigger(self) -> None: # Aliases mem = self.pm offset = self.offsets # Get module address client = self.find_module("client") # Get local player local_player = self.find_uint(client, offset["dwLocalPlayer"]) # Get local team local_team = self.find_uint(local_player, offset["m_iTeamNum"]) def cheat(): # Pressing trigger key if not GetAsyncKeyState(EM_LINEINDEX): return # Check if player is alive if not mem.read_int(local_player + offset["m_iHealth"]): return # Get crosshair info about what we aiming at crosshair_id = mem.read_int( local_player + offset["m_iCrosshairId"]) # 0 is wall, +64 isn't a player if (crosshair_id == 0) or (crosshair_id > 64): return # Get ennemy under crosshair ennemy = mem.read_uint( client + offset["dwEntityList"] + (crosshair_id - 1) * offset["entity_size"]) # Check if ennemy is alive if not mem.read_int(ennemy + offset["m_iHealth"]): return # Ignore allies if mem.read_int(ennemy + offset["m_iTeamNum"]) == local_team: return # Shoot mem.write_uint(client + offset["dwForceAttack"], 6) sleep(0.2) mem.write_uint(client + offset["dwForceAttack"], 4) self.hack_loop(cheat) def no_recoil(self) -> None: # Aliases mem = self.pm offset = self.offsets # Get module addresses client = self.find_module("client") engine = self.find_module("engine") # Get local player local_player = self.find_uint(client, offset["dwLocalPlayer"]) # Float size float_offset = 4 # Control variable self.nr__old_punch_x = 0. self.nr__old_punch_y = 0. def cheat(): # TODO: Reduce read/write call # Check if player is shooting if mem.read_int(local_player + offset["m_iShotsFired"]): client_state = mem.read_uint(engine + offset["dwClientState"]) # Where player is looking view_angles_x = mem.read_float( client_state + offset["dwClientState_ViewAngles"]) view_angles_y = mem.read_float( client_state + offset["dwClientState_ViewAngles"] + float_offset) # Server multiple punch by 2 server_mult = 2. # How much the view is modified aim_punch_x = mem.read_float( local_player + offset["m_aimPunchAngle"]) * server_mult aim_punch_y = mem.read_float( local_player + offset["m_aimPunchAngle"] + float_offset) * server_mult # New angles new_angle_x = view_angles_x + self.nr__old_punch_x - aim_punch_x new_angle_y = view_angles_y + self.nr__old_punch_y - aim_punch_y # Limit of pitch in game is ]-89; 180[ if new_angle_x > 89.: new_angle_x = 89. if new_angle_x < -89.: new_angle_x = -89 # Limit of yaw in game is ]-180; 360[ while (new_angle_y > 180.): new_angle_y -= 360. while (new_angle_y < -180.): new_angle_y += 360. # Cancel recoil mem.write_float( client_state + offset["dwClientState_ViewAngles"], new_angle_x) mem.write_float( client_state + offset["dwClientState_ViewAngles"] + float_offset, new_angle_y) self.nr__old_punch_x = aim_punch_x self.nr__old_punch_y = aim_punch_y else: # Not spraying # TODO: Reset to middle? self.nr__old_punch_x = 0. self.nr__old_punch_y = 0. self.hack_loop(cheat) def aimbot(self) -> None: def cheat(): print("WIP") exit(2) self.hack_loop(cheat) def chams(self) -> None: def cheat(): print("WIP") exit(2) self.hack_loop(cheat) if __name__ == "__main__": # Cheat c = Cheat() # # Cheat list # print("Enter 0 to exit.") # print("Available cheats:") # for idx, cheat in enumerate(c.cheats_list): # print(f"#{idx + 1} - {cheat}") # # Select cheat # c_id = None # while c_id == None: # try: # match int(input("Enter ID: #")): # case 0: # exit(0) # case i if i > len(c.cheats_list): # raise IndexError # case _ as i: # c_id = i - 1 # except KeyboardInterrupt: # print("??\nBye.") # exit(1) # except: # print("Invalid ID.") # Run cheat # getattr(c, c.cheats_list[c_id])() # Instanciate and run threads for fn in c.cheats_list: t = Thread(target=getattr(c, fn)) t.daemon = True t.start() while True: sleep(1000000)