Simple D3D9 Aimbot
Simple D3D9 Aimbot
This is a simplified pure d3d aimbot example. Many people only use d3d for chams or for drawing text and then screw around with memory. This example shows that you can make aimbot as well for many games. A d3d aimbot is not as good as a client hook aimbot but still much better than pixel or color aimbots. The advantage of pure d3d is that you don't have to reverse anything.
There are usually 3 steps to make aimbot or esp, log the models by using a logger, convert 3d world coordinates to 2d screen coordinates (the hardest part because w2s is different in the most games) and the cycle through players and move mouse to the nearest target calculation.
download and install visual studio 2013
download and install microsoft directx sdk june 2010
download and install microsoft detours
start visual studio 2013
1. file->new project->win32 project->name your project->next->empty project->DLL->uncheck security sdl->finish
2. project->add excisting item->main.cpp
3. set debug to release
4. project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this: C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Include
5. project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this: C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Lib\x86
press F7 to compile your dll
use a dll injector to inject your dll into the game
Feel free to improve this shit, let me know if you find an easy way to filter out dead bodies.
Credits: Crypt, Citadell, Zoom, Google
There are usually 3 steps to make aimbot or esp, log the models by using a logger, convert 3d world coordinates to 2d screen coordinates (the hardest part because w2s is different in the most games) and the cycle through players and move mouse to the nearest target calculation.
How to compile:
download and install visual studio 2013
download and install microsoft directx sdk june 2010
download and install microsoft detours
start visual studio 2013
1. file->new project->win32 project->name your project->next->empty project->DLL->uncheck security sdl->finish
2. project->add excisting item->main.cpp
3. set debug to release
4. project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this: C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Include
5. project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this: C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Lib\x86
press F7 to compile your dll
use a dll injector to inject your dll into the game
Feel free to improve this shit, let me know if you find an easy way to filter out dead bodies.
Credits: Crypt, Citadell, Zoom, Google
Code:
//pure d3d aim 1.0
//simplified version
#include <Windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
//#include "detours/detours.h" //detours 1.5
#include "detours3/detours.h" //detours 3.0 (google microsoft detours)
#pragma comment (lib, "detours3/detours.lib") //detours 3.0
#include <vector>
using namespace std;
//==========================================================================================================================
signed int __stdcall hkDrawIndexedPrimitive(LPDIRECT3DDEVICE9 Device, D3DPRIMITIVETYPE Type, INT BaseVertexIndex, UINT MinIndex, UINT NumVertices, UINT StartIndex, UINT primCount);
typedef HRESULT(__stdcall* DrawIndexedPrimitive_t)(LPDIRECT3DDEVICE9, D3DPRIMITIVETYPE, INT, UINT, UINT, UINT, UINT);
DrawIndexedPrimitive_t OrigDrawIndexedPrimitive;
signed int __stdcall hkEndScene(LPDIRECT3DDEVICE9 Device);
typedef HRESULT (__stdcall* EndScene_t)(LPDIRECT3DDEVICE9);
EndScene_t OrigEndScene;
//==========================================================================================================================
// settings
DWORD aimkey=VK_SHIFT; //aimkey (google Virtual-Key Codes)
int aimfov=90; //aim fov in %
int aimheight=0; //adjust aim height, 0 = feet
int aimsmooth=2; //aim smooth (mouse accel messes with aiming)
// get stride
IDirect3DVertexBuffer9 *pStreamData;
UINT XOffset = 0;
UINT Stride = 0;
// get pshader
IDirect3DPixelShader9* pShader;
UINT psData;
//get vshader
IDirect3DVertexShader9* vShader;
UINT vsData;
//get viewport
D3DVIEWPORT9 viewport;
//models
bool MODELS;
//timer
//DWORD gametick0 = timeGetTime();
//==========================================================================================================================
void DrawPoint(LPDIRECT3DDEVICE9 Device, int baseX, int baseY, int baseW, int baseH, D3DCOLOR Cor)
{
D3DRECT BarRect = { baseX, baseY, baseX + baseW, baseY + baseH };
Device->Clear(1, &BarRect, D3DCLEAR_TARGET | D3DCLEAR_ZBUFFER, Cor, 0, 0);
}
struct ModelInfo_t
{
D3DXVECTOR3 Position2D;
D3DXVECTOR3 Position3D;
float CrosshairDistance;
};
vector<ModelInfo_t*>ModelInfo;
float GetDistance( float Xx, float Yy, float xX, float yY )
{
return sqrt( ( yY-Yy ) * ( yY-Yy ) + ( xX-Xx ) * ( xX-Xx ) );
}
//w2s for unreal engine 3 games
void AddModel(LPDIRECT3DDEVICE9 Device)
{
ModelInfo_t* pModel = new ModelInfo_t;
Device->GetViewport(&viewport);
D3DXMATRIX pProjection, pView, pWorld;
D3DXVECTOR3 vOut(0, 0, 0), vIn(0, 0, (float)aimheight);
Device->GetVertexShaderConstantF(0, pProjection, 4);
Device->GetVertexShaderConstantF(231, pView, 4);
D3DXMatrixIdentity(&pWorld);
D3DXVec3Project(&vOut, &vIn, &viewport, &pProjection, &pView, &pWorld);
if (vOut.z < 1.0f && pProjection._44 > 1.0f)
{
pModel->Position2D.x = vOut.x;
pModel->Position2D.y = vOut.y;
}
ModelInfo.push_back( pModel );
}
/*
//w2s for some shader driven games
void AddModel(LPDIRECT3DDEVICE9 Device)
{
ModelInfo_t* pModel = new ModelInfo_t;
D3DXMATRIX matrix, m1;
D3DXVECTOR4 position;
D3DXVECTOR4 input;
Device->GetViewport(&viewport);
Device->GetVertexShaderConstantF(0, matrix, 4); //many games use 0
input.y = (float)aimheight;
D3DXMatrixTranspose(&matrix, &matrix);
D3DXVec4Transform(&position, &input, &matrix);
//or this (depends on the game)
//D3DXMatrixTranspose(&m1, &matrix);
//D3DXVec4Transform(&position, &input, &m1);
position.x = input.x * matrix._11 + input.y * matrix._21 + input.z * matrix._31 + matrix._41;
position.y = input.x * matrix._12 + input.y * matrix._22 + input.z * matrix._32 + matrix._42;
position.z = input.x * matrix._13 + input.y * matrix._23 + input.z * matrix._33 + matrix._43;
position.w = input.x * matrix._14 + input.y * matrix._24 + input.z * matrix._34 + matrix._44;
pModel->Position2D.x = ((position.x / position.w) * (viewport.Width / 2)) + viewport.X + (viewport.Width / 2);
pModel->Position2D.y = viewport.Y + (viewport.Height / 2) - ((position.y / position.w) * (viewport.Height / 2));
ModelInfo.push_back(pModel);
}
//w2s for old settransform games
void AddModel(LPDIRECT3DDEVICE9 Device)
{
ModelInfo_t* pModel = new ModelInfo_t;
Device->GetViewport(&viewport);
D3DXMATRIX projection, view, world;
D3DXVECTOR3 vScreenCoord(0, 0, (float)aimheight), vWorldLocation(0, 0, 0);
Device->GetTransform(D3DTS_VIEW, &view);
Device->GetTransform(D3DTS_PROJECTION, &projection);
Device->GetTransform(D3DTS_WORLD, &world);
D3DXVec3Project(&vScreenCoord, &vWorldLocation, &viewport, &projection, &view, &world);
if (vScreenCoord.z < 1)
{
pModel->Position2D.x = vScreenCoord.x;
pModel->Position2D.y = vScreenCoord.y;
}
ModelInfo.push_back(pModel);
}
*/
HRESULT __stdcall myDrawIndexedPrimitive(LPDIRECT3DDEVICE9 Device, D3DPRIMITIVETYPE Type, INT BaseVertexIndex, UINT MinIndex, UINT nVertices, UINT sIndex, UINT pCount)
{
//get stride
if(Device->GetStreamSource(0, &pStreamData, &XOffset, &Stride) == D3D_OK)
if( pStreamData != NULL ){ pStreamData->Release(); pStreamData = NULL; }
//get psdata
if (SUCCEEDED(Device->GetPixelShader(&pShader)))
if (pShader != NULL)
if (SUCCEEDED(pShader->GetFunction(NULL, &psData)))
if (pShader != NULL){ pShader->Release(); pShader = NULL; }
//get vsdata
if (SUCCEEDED(Device->GetVertexShader(&vShader)))
if (vShader != NULL)
if (SUCCEEDED(vShader->GetFunction(NULL, &vsData)))
if (vShader != NULL){ vShader->Release(); vShader = NULL; }
//get models
if (Stride == 32) //model rec is different in every game, log it yourself
//if (Stride == 72 && psData == 4720 && vsData == 656) //fallout new vegas humans example
MODELS = true;
else MODELS = false;
//worldtoscreen
if(MODELS)
{
AddModel(Device);
}
return OrigDrawIndexedPrimitive(Device, Type, BaseVertexIndex, MinIndex, nVertices, sIndex, pCount);
}
HRESULT __stdcall myEndScene(LPDIRECT3DDEVICE9 Device)
{
//aimbot & esp
//if (timeGetTime() - gametick0 > 1) //slow it down if you only have dip bypass, put code in AddModel
//{
if (ModelInfo.size() != NULL)
{
UINT BestTarget = -1;
DOUBLE fClosestPos = 99999;
for (size_t i = 0; i < ModelInfo.size(); i += 1)
{
//drawpoint on targets (Esp)
DrawPoint(Device, (int)ModelInfo[i]->Position2D.x, (int)ModelInfo[i]->Position2D.y, 8, 8, 0xFFFF0000);
//get screen center
float ScreenCenterX = viewport.Width / 2.0f;
float ScreenCenterY = viewport.Height / 2.0f;
//int ScreenCenterX = GetSystemMetrics(0) / 2 - 1;
//int ScreenCenterY = GetSystemMetrics(1) / 2 - 1;
//aimfov
float radiusx = aimfov * (ScreenCenterX / 100);
float radiusy = aimfov * (ScreenCenterY / 100);
//get crosshairdistance
ModelInfo[i]->CrosshairDistance = GetDistance(ModelInfo[i]->Position2D.x, ModelInfo[i]->Position2D.y, ScreenCenterX, ScreenCenterY);
//if in fov
if (ModelInfo[i]->Position2D.x >= ScreenCenterX - radiusx && ModelInfo[i]->Position2D.x <= ScreenCenterX + radiusx && ModelInfo[i]->Position2D.y >= ScreenCenterY - radiusy && ModelInfo[i]->Position2D.y <= ScreenCenterY + radiusy)
//get closest/nearest target to crosshair
if (ModelInfo[i]->CrosshairDistance < fClosestPos)
{
fClosestPos = ModelInfo[i]->CrosshairDistance;
BestTarget = i;
}
}
//if nearest target to crosshair
if (BestTarget != -1)
{
double DistX = (double)ModelInfo[BestTarget]->Position2D.x - viewport.Width / 2.0f;
double DistY = (double)ModelInfo[BestTarget]->Position2D.y - viewport.Height / 2.0f;
//aimsmooth
DistX /= aimsmooth;
DistY /= aimsmooth;
//if aimkey is pressed
if ((GetAsyncKeyState(aimkey) & 0x8000))
mouse_event(MOUSEEVENTF_MOVE, (DWORD)DistX, (DWORD)DistY, NULL, NULL); //doaim, move mouse to x & y
}
ModelInfo.clear();
}
//gametick0 = timeGetTime();
//}
return OrigEndScene(Device);
}
//==========================================================================================================================
#include <Psapi.h>
#pragma comment(lib, "Psapi.lib")
bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
for(;*szMask;++szMask,++pData,++bMask)
if(*szMask=='x' && *pData!=*bMask )
return false;
return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
{
for(DWORD i=0; i < dwLen; i++)
if( bCompare( (BYTE*)( dwAddress+i ),bMask,szMask) )
return (DWORD)(dwAddress+i);
return 0;
}
void Hook()
{
DWORD *vtbl;
// wait for the d3dx dll
DWORD hD3D = 0;
do {
hD3D = (DWORD)GetModuleHandleA("d3d9.dll");
Sleep(10);
} while (!hD3D);
DWORD adre = FindPattern(hD3D, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
if (adre)
{
memcpy(&vtbl, (void*)(adre + 2), 4);
//ms detours 1.5
//OrigDrawIndexedPrimitive = (DrawIndexedPrimitive_t)DetourFunction((BYTE*)vtbl[82], (BYTE*)myDrawIndexedPrimitive);
//OrigEndScene = (EndScene_t)DetourFunction((BYTE*)vtbl[42], (BYTE*)myEndScene);
//ms detours 3.0
OrigDrawIndexedPrimitive = (HRESULT(__stdcall*)(LPDIRECT3DDEVICE9, D3DPRIMITIVETYPE, INT, UINT, UINT, UINT, UINT))vtbl[82];
OrigEndScene = (HRESULT(__stdcall*)(LPDIRECT3DDEVICE9))vtbl[42];
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)OrigDrawIndexedPrimitive, myDrawIndexedPrimitive);
DetourAttach(&(PVOID&)OrigEndScene, myEndScene);
DetourTransactionCommit();
}
}
//==========================================================================================================================
BOOL WINAPI DllMain(HINSTANCE hinstDll, DWORD Reason, LPVOID Reserved)
{
DisableThreadLibraryCalls(hinstDll);
switch(Reason)
{
case DLL_PROCESS_ATTACH:
Hook();
//CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&Hook, 0, 0, 0);
break;
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
i got error this line ->
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)OrigDrawIndexedPrimitive, myDrawIndexedPrimitive);
DetourAttach(&(PVOID&)OrigEndScene, myEndScene);
DetourTransactionCommit();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)OrigDrawIndexedPrimitive, myDrawIndexedPrimitive);
DetourAttach(&(PVOID&)OrigEndScene, myEndScene);
DetourTransactionCommit();
what is the error message? This is how you can make detours work:
Download and install microsoft detours if you haven't already.
Build detours library. In cmd.exe (it has to be running as an administrator):
cd C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\ and type vcvarsall
cd C:\Program Files (x86)\Microsoft Research\Detours Express 3.0 and type nmake to build libraries. Exit.
Then in visual studio:
project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\include
project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\lib.X86
top of your project add:
#include "detours.h"
#pragma comment (lib, "detours.lib")
Download and install microsoft detours if you haven't already.
Build detours library. In cmd.exe (it has to be running as an administrator):
cd C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\ and type vcvarsall
cd C:\Program Files (x86)\Microsoft Research\Detours Express 3.0 and type nmake to build libraries. Exit.
Then in visual studio:
project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\include
project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\lib.X86
top of your project add:
#include "detours.h"
#pragma comment (lib, "detours.lib")
Good Job! KEEP UP THE GOOD WORK!
Originally Posted by lvous
what is the error message? This is how you can make detours work:
Download and install microsoft detours if you haven't already.
Build detours library. In cmd.exe (it has to be running as an administrator):
cd C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\ and type vcvarsall
cd C:\Program Files (x86)\Microsoft Research\Detours Express 3.0 and type nmake to build libraries. Exit.
Then in visual studio:
project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\include
project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\lib.X86
top of your project add:
#include "detours.h"
#pragma comment (lib, "detours.lib")
Download and install microsoft detours if you haven't already.
Build detours library. In cmd.exe (it has to be running as an administrator):
cd C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\ and type vcvarsall
cd C:\Program Files (x86)\Microsoft Research\Detours Express 3.0 and type nmake to build libraries. Exit.
Then in visual studio:
project -> properties -> configuration properties -> c++ -> Additional Include Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\include
project -> properties -> configuration properties -> linker -> Additional Library Directories:
add this line: C:\Program Files (x86)\Microsoft Research\Detours Express 3.0\lib.X86
top of your project add:
#include "detours.h"
#pragma comment (lib, "detours.lib")
Hmm doesnt seem to work by just including the stride.
The other pixel aimbot you posted worked fine.
The other pixel aimbot you posted worked fine.
Originally Posted by dinazoe
Hmm doesnt seem to work by just including the stride.
The other pixel aimbot you posted worked fine.
The other pixel aimbot you posted worked fine.
Any game.
I used all 3 w2s functions, none of them were successful.
The pixel aimbot function you included in another thread, worked flawlessly on any game I injected it into.
Keep in mind I am using the 1.5 detours hook and removed the codeblocks that had 3.0 , due to debugging errors.
Can you confirm this works on your end?
Thanks for being active in a thread this old.
I used all 3 w2s functions, none of them were successful.
The pixel aimbot function you included in another thread, worked flawlessly on any game I injected it into.
Keep in mind I am using the 1.5 detours hook and removed the codeblocks that had 3.0 , due to debugging errors.
Can you confirm this works on your end?
Thanks for being active in a thread this old.
Originally Posted by dinazoe
Can you confirm this works on your end?
I made it work for planetside 2, duke nukem f, heroes & generals, blacklight retribution, warframe, warz, etc. Won't work in source engine games and couldn't make it work for cryengine games. The pixel aimbot works but is too slow imo. Detours shouldn't matter.
Using only stride works ? or need numvertices.. ?
Cool! ThX!
I had draw green esp on some object in CS:Source
but I can't draw green esp on Player MOD
AddModel 3 function all can't work Player MOD in CS:Source
help me ........thanks.....
int xx, yy;
D3DMATRIX matrix;
D3DXVECTOR4 position;
D3DXVECTOR4 input;
D3DVIEWPORT9 viewport;
Device->GetVertexShaderConstantF(4 , (float *)&matrix, 4);
Device->GetViewport(&viewport);
input.x = 0.0f;
input.y = 0.0f;
input.z = 0.0f;
input.w = 0.0f;
D3DXMatrixTranspose((D3DXMATRIX *)&matrix, (D3DXMATRIX *)&matrix);
position.x = input.x * matrix._11 + input.y * matrix._21 + input.z * matrix._31 + matrix._41;
position.y = input.x * matrix._12 + input.y * matrix._22 + input.z * matrix._32 + matrix._42;
position.z = input.x * matrix._13 + input.y * matrix._23 + input.z * matrix._33 + matrix._43;
position.w = input.x * matrix._14 + input.y * matrix._24 + input.z * matrix._34 + matrix._44;
xx = ((position.x / position.w) * (viewport.Width / 2)) + viewport.X + (viewport.Width / 2);
yy = viewport.Y + (viewport.Height / 2) - ((position.y / position.w) * (viewport.Height / 2));
DrawPoint(Device, xx, yy, 4, 4, 0xFF00FF00);
but I can't draw green esp on Player MOD
AddModel 3 function all can't work Player MOD in CS:Source
help me ........thanks.....
int xx, yy;
D3DMATRIX matrix;
D3DXVECTOR4 position;
D3DXVECTOR4 input;
D3DVIEWPORT9 viewport;
Device->GetVertexShaderConstantF(4 , (float *)&matrix, 4);
Device->GetViewport(&viewport);
input.x = 0.0f;
input.y = 0.0f;
input.z = 0.0f;
input.w = 0.0f;
D3DXMatrixTranspose((D3DXMATRIX *)&matrix, (D3DXMATRIX *)&matrix);
position.x = input.x * matrix._11 + input.y * matrix._21 + input.z * matrix._31 + matrix._41;
position.y = input.x * matrix._12 + input.y * matrix._22 + input.z * matrix._32 + matrix._42;
position.z = input.x * matrix._13 + input.y * matrix._23 + input.z * matrix._33 + matrix._43;
position.w = input.x * matrix._14 + input.y * matrix._24 + input.z * matrix._34 + matrix._44;
xx = ((position.x / position.w) * (viewport.Width / 2)) + viewport.X + (viewport.Width / 2);
yy = viewport.Y + (viewport.Height / 2) - ((position.y / position.w) * (viewport.Height / 2));
DrawPoint(Device, xx, yy, 4, 4, 0xFF00FF00);
Originally Posted by jacky14
I had draw green esp on some object in CS:Source..
Originally Posted by lvous
heroes & generals
Originally Posted by ves23
Could you please tell me which w2s function you used for that particular game, I'm seeing boxes all over my screen.
Logged the shader
// cbPerObjectBones c0 204
// cbSharedPerView c204 4
// cbPerObject c223 4
and then by trial and error:
Code:
D3DXMATRIX ProjMatrix, ViewMatrix, WorldMatrix;
D3DXVECTOR3 VectorMiddle(0, 0, 0), ScreenMiddle(0, 0, 0);
Device->GetVertexShaderConstantF(204, ProjMatrix, 4);
Device->GetVertexShaderConstantF(223, ViewMatrix, 4);
D3DXMatrixIdentity(&WorldMatrix);
D3DXMatrixTranspose(&ViewMatrix, &ViewMatrix);
D3DXMatrixTranspose(&ProjMatrix, &ProjMatrix);
D3DXVec3Project(&VectorMiddle, &pModel->Position3D, &Viewport, &ProjMatrix, &ViewMatrix, &WorldMatrix);
if (VectorMiddle.z < 1.0f && ProjMatrix._44 < 1.0f) //not sure
{
pModel->Position2D.x = VectorMiddle.x;
pModel->Position2D.y = VectorMiddle.y;
}
Similar Threads
- 2Last post
- 1Last post
- 8Last post
- 41Last post
- Simple aimbot source codeBy yusako in Call of Duty Modern Warfare 2 Coding / Programming / Source Code23Last post