You are viewing our Forum Archives. To view or take place in current topics click here.
Advanced Warfare TU4 Offsets + Patch.s Ready to patch.
Posted:
Advanced Warfare TU4 Offsets + Patch.s Ready to patch.Posted:
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
TU4 was released at 2:21 am : Posted at 5:51 am
This is the last time I'm updating these, Stop selling friggen tools!
Multiplayer
EntryStats (not smart to use this)
Credit to: SC58 for original Release | me for updating.
Aimbot (offhost)
Credit to: Kyza
Load DLL in memory
Patch.s | Supports TU0 - TU4
Hudelems
SetOrigin
Other
FPS [Frames Per second]
Index's
Model Stuff
Main Functions
Dvar Retrieving
Dvar_GetBool - 0x8238C5C8
Ammo
Recoil
Key_isDown
Structs
Fun Mods
Now the good stuff
Regarding Chams Stored in: CG_Player
Offhost Functions
Setting Player Angles
Weapon Giving
Warning: There's an issue here, they changed the structure for BG_GetWeaponIndexForName into a branch.
This is the last time I'm updating these, Stop selling friggen tools!
Multiplayer
EntryStats (not smart to use this)
0x83A66374
Credit to: SC58 for original Release | me for updating.
Aimbot (offhost)
0x82B6B494 - clientActive_t
0x82318FD0 - CL_SetViewAngles(int localClientNum, const float *angles)
clientActive_t + 0x3D68
CEntity_ClientOrgins - 0x82B1C1D4 + 0x14
Next Client - 0x20C
Credit to: Kyza
Load DLL in memory
.set DLLLoaderHook, 0x8213AAF0
.set LoadLibraryA, 0x8213AFD8
.set DLLLoaderString, 0x82088D11 /*did'n't change*/
Patch.s | Supports TU0 - TU4
#The command I use for xepatcher (so i can ctrl+c+v)
#xepatcher -p defaultdllpatches.s -x default_mp.xex
#Game: Advanced Warfare TU: 0 through 4 Supported
#Author: Nicholasbroo
#How To find the functions required: DLLHook: 60 00 00 00 7D 08 43 78 7D 08 43 78 3D 20 84 | LoadLibraryA: 7D 88 02 A6 91 81 FF F8 94 21 FF A0 38 C1 00 50 | DLLLoaderString: 61 74 65 3A 20 6F 62 6A 65 63 74 69 76 65 6E 75 (Go to SV_)
.globl _start
_start:
#Simply remove the # for the 3 lines under the TU you are patching.
#That way I won't have to have 2 .S files...
#####################
#### TU4 Patches ####
#####################
.set DLLLoaderHook, 0x8213AAF0
.set LoadLibraryA, 0x8213AFD8
.set DLLLoaderString, 0x82088D11
#####################
#### TU3 Patches ####
#####################
#.set DLLLoaderHook, 0x8213ABA0
#.set LoadLibraryA, 0x8213B088
#.set DLLLoaderString, 0x82088D11
#####################
#### TU2 Patches ####
#####################
#.set DLLLoaderHook, 0x8213ABA8
#.set LoadLibraryA, 0x8213B090
#.set DLLLoaderString, 0x82088D35
#####################
#### TU1 Patches ####
#####################
#.set DLLLoaderHook, 0x8213ABA0
#.set LoadLibraryA, 0x8213B088
#.set DLLLoaderString, 0x82088E45
#####################
#### TU0 Patches ####
#####################
#.set DLLLoaderHook, 0x8213A6E0
#.set LoadLibraryA, 0x8213ABC8
#.set DLLLoaderString, 0x8208718D
.long DLLLoaderString
.long (9f-0f)/4
0:
.string "game:\\dll_load.dll"
.align 1
9:
.long DLLLoaderHook
.long (9f-0f)/4
0:
lis %r11, DLLLoaderString@h
ori %r3, %r11, DLLLoaderString@l
bl (LoadLibraryA - (DLLLoaderHook + 0x8))
9:
# =======================================================
# End Patches
# =======================================================
.long 0xFFFFFFFF
Hudelems
g_hudelem_s - 0x83685D00
void __cdecl BG_LerpHudColors(int elem, int time, int toColor) - 0x826E7B88
Requirement: - 0x838180C0
void __cdecl BG_LerpHudFont(int elem, int time, int fontscale) - 0x826E7D10
int __cdecl HudElem_Alloc(int clientNum, int teamNum) - 0x825295D8
void __cdecl Scr_AddHudElem(int hud) - 0x824D8538
SetOrigin
G_SetOrigin(gentity_s *ent, const float *origin) - 0x824D31A8
Other
XamInputGetState - 0x8285A084
(DWORD) Level_Locals_t - 0x83817C00
game_va - 0x82385150
SP_trigger_radius - 0x821E9AB8
G_TempEntity - 0x824D3EF0
g_enableEarthquake - 0x8370D63C
Visionmass - 0x820066A0
FPS [Frames Per second]
FPS = 0x823B0A3C
FPS_Text = 0x820987E0
FpsPosition1Offset = 0x82062F1C /*(up&down)*/
FpsPosition2Offset = 0x82063234 /*(Left&Right)*/
Index's
G_SoundAliasIndex_t - 0x8283FC40
G_FindConfigstringIndex - 0x8281E630
Model Stuff
SetModel = 0x
Main Functions
Force Host = 0x0x82617AE0
SV_ExecuteClientCommand(client_s *cl, const char *s, int clientOK) - 0x8241DBA8
SV_GameSendServerCommand(int clientNum, int type, const char *text) - 0x8241A8F8
SV_SendClientStatMessage(void) - 0x82411720
ClientCommand - 0x8252FF50
SV_AddServerCommand- 0x824118B8
SV_SendServerCommand - 0x82411E90
Cbuff_addText = 0x824B41C8
Dvar Retrieving
Dvar_GetBool - 0x8238C5C8
Ammo
0x8281A144
Recoil
0x82640B24
Key_isDown
0x8261B270
Structs
playerState_s - 0x837E6A00 - additive - same
gentity_s -0x8381CA00 - additive - same
client_s - 0x83E8FA80 - additive - same
mFlags - same
Fun Mods
Jump - 0x8206331C
Now the good stuff
Regarding Chams Stored in: CG_Player
0x8267732C
Offhost Functions
onhost Redboxes: 0x826A422C | offhost Redboxes: 0x826A422C + 0x01
Setting Player Angles
void __cdecl SetTestClientViewAngle(int ent, const float *angles) - 0x8244C6E8
void __cdecl SetClientViewAngle(int ent, const float *angles) - 0x8252CED8
Weapon Giving
Warning: There's an issue here, they changed the structure for BG_GetWeaponIndexForName into a branch.
GivePlayerWeapon - 0x824D0CA8
GetWeaponIndexForName - 0x826C2AC8, 0x824D02A8, or 0x824D06A0
G_InitializeAmmo - 0x82526DE0
#2. Posted:
Status: Offline
Joined: Nov 10, 20149Year Member
Posts: 9
Reputation Power: 0
Status: Offline
Joined: Nov 10, 20149Year Member
Posts: 9
Reputation Power: 0
Can you call the Aimbot function by RTE or do you have to call it using c++ and a dashlaunch plugin?
- 0useful
- 0not useful
#3. Posted:
Status: Offline
Joined: Jun 17, 201311Year Member
Posts: 496
Reputation Power: 20
Status: Offline
Joined: Jun 17, 201311Year Member
Posts: 496
Reputation Power: 20
Thanks again for making a newer version of this post!
- 0useful
- 0not useful
#4. Posted:
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
NextGenGamer wrote Can you call the Aimbot function by RTE or do you have to call it using c++ and a dashlaunch plugin?
I will not be 'supplying' any details as this destroys the game.
I will however say: You can use C# but you will crash, all the time. Use C++.
MRMURK4G3 wrote Thanks again for making a newer version of this post!
You're very welcome. If anyone want's updates from now on PM me and leave your Skype | aim.
- 0useful
- 0not useful
#5. Posted:
Status: Offline
Joined: Sep 26, 201014Year Member
Posts: 512
Reputation Power: 63
Nicholasbroo wroteNextGenGamer wrote Can you call the Aimbot function by RTE or do you have to call it using c++ and a dashlaunch plugin?
I will not be 'supplying' any details as this destroys the game.
I will however say: You can use C# but you will crash, all the time. Use C++.
MRMURK4G3 wrote Thanks again for making a newer version of this post!
You're very welcome. If anyone want's updates from now on PM me and leave your Skype | aim.
As long as you are wired, you'll be fine. I am anyway.
- 0useful
- 0not useful
#6. Posted:
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
Status: Offline
Joined: Feb 20, 201014Year Member
Posts: 670
Reputation Power: 35
Atomic_Jamie wroteNicholasbroo wroteNextGenGamer wrote Can you call the Aimbot function by RTE or do you have to call it using c++ and a dashlaunch plugin?
I will not be 'supplying' any details as this destroys the game.
I will however say: You can use C# but you will crash, all the time. Use C++.
MRMURK4G3 wrote Thanks again for making a newer version of this post!
You're very welcome. If anyone want's updates from now on PM me and leave your Skype | aim.
As long as you are wired, you'll be fine. I am anyway.
haha, what's that supposed to mean?
- 0useful
- 0not useful
You are viewing our Forum Archives. To view or take place in current topics click here.