Home › Forum › MultiPlayer Game Hacks & Cheats › CrossFire Hacks & Cheats › CrossFire Hack Coding / Programming / Source Code › cPlayerInfo 2025
cPlayerInfo 2025
cPlayerInfo 2025
Hello, I just got back from Crossfire, currently working in Brazil.
My problem is that access to the player list has changed (I can now access it normally), but it seems they removed team verification (at least I couldn't find it).
Crossfire now appears to access a single address (Pointer) for all players in the match (including the local player), but you need to add some verification to determine which player is you.
Anyway, the big question in this thread is how to find my team verification.
Another big issue: I noticed that GetNodeTransform doesn't work anymore (sending error report), yes my address is correct!
My problem is that access to the player list has changed (I can now access it normally), but it seems they removed team verification (at least I couldn't find it).
Crossfire now appears to access a single address (Pointer) for all players in the match (including the local player), but you need to add some verification to determine which player is you.
Anyway, the big question in this thread is how to find my team verification.
Another big issue: I noticed that GetNodeTransform doesn't work anymore (sending error report), yes my address is correct!
Code:
uint64_t m_CPlayerObjectFn = 0x197C460; uint64_t m_CPlayerCharacterFxFn = 0x197FE70; uint64_t m_CPlayerIndex = 0x20; uint64_t m_CPlayerTeam = 0x11; uint64_t m_CPlayerName = 0x12; uint64_t m_CPlayerC4 = 0x28; uint64_t m_CPlayerHealth = 0x44;
Code:
ModelInstance* CPlayer::_Object()
{
if (!this->IsValidBaseAddress())
return NULL;
if (!NetVars::get()->Expression.m_CPlayerObjectFn)
return NULL;
if (!NetVars::get()->Pointer.m_LTClientShell)
return NULL;
typedef ModelInstance* (__fastcall* CPlayerObjectFn)(void*, CPlayer*);
CPlayerObjectFn fn = (CPlayerObjectFn)(NetVars::get()->Expression.m_CPlayerObjectFn);
if (!fn)
return NULL;
auto g_pCLTClientShell = *(uint64_t*)(NetVars::get()->Pointer.m_LTClientShell);
if (!g_pCLTClientShell)
return NULL;
return spoof_call((void*)NetVars::get()->Expression.m_SpoofReturnAddress, fn, (void*)g_pCLTClientShell, this);
}
Originally Posted by MemoryThePast
Code:
uint64_t m_CPlayerObjectFn = 0x197C460; uint64_t m_CPlayerCharacterFxFn = 0x197FE70; uint64_t m_CPlayerIndex = 0x20; uint64_t m_CPlayerTeam = 0x11; uint64_t m_CPlayerName = 0x12; uint64_t m_CPlayerC4 = 0x28; uint64_t m_CPlayerHealth = 0x44;
Code:
ModelInstance* CPlayer::_Object()
{
if (!this->IsValidBaseAddress())
return NULL;
if (!NetVars::get()->Expression.m_CPlayerObjectFn)
return NULL;
if (!NetVars::get()->Pointer.m_LTClientShell)
return NULL;
typedef ModelInstance* (__fastcall* CPlayerObjectFn)(void*, CPlayer*);
CPlayerObjectFn fn = (CPlayerObjectFn)(NetVars::get()->Expression.m_CPlayerObjectFn);
if (!fn)
return NULL;
auto g_pCLTClientShell = *(uint64_t*)(NetVars::get()->Pointer.m_LTClientShell);
if (!g_pCLTClientShell)
return NULL;
return spoof_call((void*)NetVars::get()->Expression.m_SpoofReturnAddress, fn, (void*)g_pCLTClientShell, this);
}
Code:
BoneArray* ModelInstance::GetBoneArray()
{
if (!this->IsValidBaseAddress())
return NULL;
if (!NetVars::get()->Offset.m_BoneArray)
return NULL;
auto g_pBoneArray = *(uint64_t*)((uintptr_t)this + NetVars::get()->Offset.m_BoneArray);
if (!g_pBoneArray)
return NULL;
return (BoneArray*)(g_pBoneArray);
}
Originally Posted by MemoryThePast
Code:
BoneArray* ModelInstance::GetBoneArray()
{
if (!this->IsValidBaseAddress())
return NULL;
if (!NetVars::get()->Offset.m_BoneArray)
return NULL;
auto g_pBoneArray = *(uint64_t*)((uintptr_t)this + NetVars::get()->Offset.m_BoneArray);
if (!g_pBoneArray)
return NULL;
return (BoneArray*)(g_pBoneArray);
}
Originally Posted by dream_ripper
Hi, i tried to write/read but it bans me almost in instant how do you bypass it
Originally Posted by MemoryThePast
I don't have bypass. I only use features that was not detected by Codehunter. Example I did not modify any bytes in cshell and crossfire.
Originally Posted by dream_ripper
can you give me an example code? cuz i tried to read only but got detected
Code:
auto vTargetBoneHead = vTargetObject->GetBonePositionObject(::_M_Bone_Head); if (vTargetBoneHead.x == 0.0f || vTargetBoneHead.y == 0.0f || vTargetBoneHead.z == 0.0f) continue;
Originally Posted by MemoryThePast
I don't have bypass. I only use features that was not detected by Codehunter. Example I did not modify any bytes in cshell and crossfire.
Originally Posted by MemoryThePast
Code:
auto vTargetBoneHead = vTargetObject->GetBonePositionObject(::_M_Bone_Head); if (vTargetBoneHead.x == 0.0f || vTargetBoneHead.y == 0.0f || vTargetBoneHead.z == 0.0f) continue;
Originally Posted by dream_ripper
Thanks, so this means features like speedhack will get you banned, how about wallhacks? do you need bypass?
Bonus Tip: I'm not using any bypass so my features are limited and I can't modify bytes and I can't use SendToServer because for some reason it's still giving me DC fake without ban if I spoof the return address stack
Originally Posted by MemoryThePast
basicplayerinfo still safe but if you want speedhack use playerclient much safer. Also wallhacks isn't safe they have check on renderstate, well it might depends on your method but if you use DIP its a big red flag. You can use a normal wallhack but not chams you will get client error 18_0/18_1 there is array check on cshell its bypassable but that only works if you can bypass CRC first.
Bonus Tip: I'm not using any bypass so my features are limited and I can't modify bytes and I can't use SendToServer because for some reason it's still giving me DC fake without ban if I spoof the return address stack
Bonus Tip: I'm not using any bypass so my features are limited and I can't modify bytes and I can't use SendToServer because for some reason it's still giving me DC fake without ban if I spoof the return address stack
Originally Posted by MemoryThePast
basicplayerinfo still safe but if you want speedhack use playerclient much safer. Also wallhacks isn't safe they have check on renderstate, well it might depends on your method but if you use DIP its a big red flag. You can use a normal wallhack but not chams you will get client error 18_0/18_1 there is array check on cshell its bypassable but that only works if you can bypass CRC first.
Bonus Tip: I'm not using any bypass so my features are limited and I can't modify bytes and I can't use SendToServer because for some reason it's still giving me DC fake without ban if I spoof the return address stack
Bonus Tip: I'm not using any bypass so my features are limited and I can't modify bytes and I can't use SendToServer because for some reason it's still giving me DC fake without ban if I spoof the return address stack
Crossfire has been updated again, and now the classes have crazy names like "AVCPlayerInfo3rd_50:AVCPlayerInfo3rdBase."
And the addresses we have inside the player classes aren't real, like Index, Name, Team, Health, etc.
Originally Posted by Baza2k22
Crossfire has been updated again, and now the classes have crazy names like "AVCPlayerInfo3rd_50:AVCPlayerInfo3rdBase."
And the addresses we have inside the player classes aren't real, like Index, Name, Team, Health, etc.
And the addresses we have inside the player classes aren't real, like Index, Name, Team, Health, etc.
hello sir
Originally Posted by MemoryThePast
maybe we play CF in different region? I play on CFPH. So, I can't tell the difference. I just comment what I only know or what was happening here in CFPH and I don't know if CFPH, CFBR, CFNA have different code structure now. But one of my friends still coding at CFPH and CFNA. So, I don't know, I can't just say something that I don't know
The player pointer I found now is 0x187065.
I also found the view matrix.
May I know my coordinates, too?
Similar Threads
- 10Last post
- 12Last post
- 25Last post