How to get real-time access to the hitbox?
at the moment I'm doing it like this:
СPlayer -> CharacterFX ->CharacterHitBox
I know the structure of CPlayer, CharacterFX,
but I do not know the structure of CharacterHitBox
I found this in some thread:
can someone give me this structure? (pHitBox[i]->Radius)Code:for (int i = 0; i < pPlayer->pCharacterFx->nBones; i++) { pPlayer->pCharacterFx->pHitBox[i]->Radius = { 150.0f, 150.0f, 150.0f }; //x y z }
and I need information on how to find in the structure of CharacterFX -> nBones
Charhitbox has it's own ModelInstance class. If you can find it, you'll see that it has ModelInstance RTTI.
Once you can loop thru it, use SetObjDims to modify the float.
tip: the pointer that holds the HitboxObject vector/ array/ loop is just a little bit below Charhitbox rtti. Also, the pointer doesn't have RTTI/class name. It looks innocent and doesn't want to call attention haha. inside that pointer, there's a lot of pointer that directs you to a another one and so on, get in that pointer then search thru pointers inside it.
tip: if you can find the Dimension Enlarger then reverse/patch function so that you can manipulate the node ID and value while it's looping.
tip: the best solution is to reverse the dimension enlarger to fully understand it (understand how the loop works) then make your own function to loop thru the pointer.
tip: Dimension Enlarger uses the float below the Charhitbox (1.0f is usually the default value and it's near the value 29 or 30.)
Also, the fn looks like this -> sub_blabla(charhitboxPointerHere, floatvalue here);
tip: Dimension Enlarger instruction has SetObjDims call. Just search the SOD function's address in cshell module.
tip: the loop structure is so much alike CAIObject (at least in my region, idk about the other versions). So if you know how CIAObject loop works then this should be a piece of cake.
goodluck!
Last edited by akbargain; 12-26-2021 at 07:15 PM.
Code:EnlargeAndSetDims Aob (x64): 48 ?? ?? ?? ?? 57 48 ?? ?? ?? 48 ?? ?? ?? 48 8B F9 0F ?? ?? ?? ?? 0F ?? ?? 48 ?? ?? 48 ?? ?? 0F 84 ?? ?? ?? ??Code:how use: target->pCharactherFx->GetCharacterHitBox()->EnlargeAndSetDims(6.0f);
My Own Hack!!!
freshall (12-28-2021)
I understand correctly that the structures should look like this:
can I learn more about the structure of the EnlargeAndSetDims?Code:struct CCharacterHitBox { //??????????? }; //Size: 0x0000 GetCharacterHitBox() = CCharacterHitBox struct cLTCharacterFX { char pad_0000[1376]; //0x0000 int8_t isDead; //0x0560 char pad_0561[31]; //0x0561 CCharacterHitBox* pCharaterHitbox; //0x0580 }; pCharactherFx = cLTCharacterFX struct CPlayer { char pad_0000[24]; //0x0000 cLTCharacterFX* pCharacFX; //0x0018 };
and how do I use the address I found using aob? ( __int64 __fastcall sub_CB8C60(__int64 a1, float a2) )
Code:struct cLTCharacterFX { char pad_0000[1376]; //0x0000 int8_t isDead; //0x0560 char pad_0561[31]; //0x0561 CCharacterHitBox* pCharaterHitbox; //0x0580 }; pCharactherFx = cLTCharacterFX struct CPlayer { char pad_0000[24]; //0x0000 cLTCharacterFX* pCharacFX; //0x0018 }; void __fastcall EnlargeAndSetDims(CCharacterHitBox* pCCharacterHitBox, float fScale) { using EnlargeAndSetDimsFn = void(__fastcall*)(CCharacterHitBox*, float); return reinterpret_cast<EnlargeAndSetDimsFn>((DWORD64)(Pointers::get()->getCShell() + ADDR_EnlargeAndSetDimsFn))(pCCharacterHitBox,fScale); } EnlargeAndSetDims(CPlayer->CharacFX->pCharacterHitBox, 6.0f);
Public Hack:Jun 2012 / Dec 2017
what address should I take?
https://prnt.sc/2559ued
note:
if I take cshell_x64.dll + 0x1233380 I get this result:
https://prnt.sc/255dxno
if I take cshell_x64.dll + 0xCB8C60 I get crash game
Naydi v telege crosscheat i svyagis so mnoy!
Code:struct CCharacterHitBox { void EnlargeAndSetDims(float fMultiplier) { typedef __int64(__fastcall* EnlargeAndSetDimsFn)(void*, float); EnlargeAndSetDimsFn((uint64_t)GetModuleHandle("CShell_x64.dll") + 0xCB8C60)(this, fMultiplier); } //??????????? }; //Size: 0x0000 struct cLTCharacterFX { char pad_0000[1376]; //0x0000 int8_t isDead; //0x0560 char pad_0561[31]; //0x0561 CCharacterHitBox* pCharaterHitbox; //0x0580 }; struct Player { PlayerModel* Object;//0x0000 int8_t clientID; //0x0008 int8_t team; //0x0009 char name[14]; //0x000A cLTCharacterFX* pCharacFX; //0x0018 int32_t iIndexOnScoreBoard; //0x0020 int32_t bIsBot; //0x0024 int32_t bHasC4; //0x0028 int32_t bIsHost; //0x002C int64_t tRankType; //0x0030 int64_t iUserID; //0x0038 int32_t bIsObserver; //0x0040 unsigned int health; //0x0044 unsigned __int8 u8Kill; //0x0048 }; // Player* pPlayer = GetPlayerByIndex(i);//(Player*)(CLT_SHELL + offsets::ENT_BEGIN + (i * offsets::PLAYER_SIZE_ENT)); pPlayer->pCharacFX->pCharaterHitbox->EnlargeAndSetDims(6.f);
Enjoy!Code:Player* me = GetPlayerByIndex(LTClientShell, gEngine->GetMyIndex()); for (int i = 0; i < 16; i++) { Player* target = GetPlayerByIndex(LTClientShell, i); if (target != me) // exclude your lcoalplayer { if (gEngine->isValidPlayer(target)) // validated first then { if (target->TeamID != me->TeamID)// exclude your team { pPlayer->pCharacFX->pCharaterHitbox->EnlargeAndSetDims(6.f); }
Last edited by Anger5K; 12-31-2021 at 11:23 AM.
My Own Hack!!!
it's not working
Earlier I said that
if I take cshell_x64.dll + 0x1233380 I get this result:
https://prnt.sc/255dxno
if I take cshell_x64.dll + 0xCB8C60 I get crash game
so I asked which address exactly should I take
https://prnt.sc/2559ued