Hello Again

[italoseara]

I've been working on some things since yesterday, and i need help with some stuff. You don't need to give me the answer to the problem, just pointing to the direction i need to go will be more than enough for me to google it and understand.

1. Drawing on the screen
   • i believe i'll need to create an overlay for that, but i don't really know how to do it, if you could link something about it, it would be great
2. Hooking functions and change behaviour
   • I was thinking of doing something when some function is called, like the spy function, when an admin tries to take a screen shot of your screen, is it possible to change the behaviour of the function? (inject code)
3. Getting classes outside Assembly-CSharp
   • I was trying to get the steam id of the player, i saw in dnSpy that the SteamPlayerID Class had a property called _steamID that was of type Steamworks.CSteamID, the strange thing is that when i get the pointer that _steamID is pointing to, it doesn't seem quite right, it's way too far from the other pointers, and the content inside of it and the neighbours are just a bunch of 0xCCCCCCCC.

My current code is in my UCheat repo. I'd appreciate if you could help me with these topics.

[Coopyy]

1. theres a lot of ways to draw to screen and that's kinda up to you, some more detected ways than others. common methods are creating a new overlay window, or hijacking another overlay like discord, nvidia etc.

   • https://github.com/3r4y/imgui-external-overlay
   • https://github.com/Calvin-LLC/nvidia-overlay-hijack

2. externally hooking functions is possible, but not trivial. you'd want to probably write your hook over an unused function so its executable. here's a nice example from csgo but the same concept applies

   • https://github.com/bananasss00/Perfect-Visible-Check-External-

3. the CSteamID class is in the com.rlabrecque.steamworks.net assembly. you'd access it like you do with assembly csharp in unturned.hpp Mono::find_class("com.rlabrecque.steamworks.net", "Steamworks.CSteamID")

[italoseara]

Thank you for answering. I'll come back after i read about the first 2 questions i asked, but about the third question: I had a strange behaviour, on dnSpy, it shows that _steamID is of type CSteamID, but just now realized that the value that was supposed to be the pointer to the CSteamID object is exactly the steam Id of the player, that's why i couldn't get it to work on the first time. Do you know why this could happen?

Using CSteamID (didn't work): https://github.com/italoseara/UCheat/commit/791d4b66d88ce31794b28cb7c3c4ce4e0e26fc49 Without CSteamID: https://github.com/italoseara/UCheat/commit/9cd92a24e81bad5d6ccd55fcaa7f115c320a3aae

[Coopyy]

thats because CSteamID is a struct which is a value type, and is stored in place, not a pointer to an instance of it. another example of that would be Vector3

[italoseara]

thats because CSteamID is a struct which is a value type, and is stored directly, not a pointer to an instance of it. another example of that would be Vector3

public struct CSteamID : IEquatable<CSteamID>, IComparable<CSteamID> That explains a lot

[italoseara]

I'm very much a newbie on this area. i still got a lot to learn, you are being very helpful, i hope i'm not bothering you too much

[Coopyy]

no problem, i like to see new people learning

[italoseara]

Hey, it's me again, i'm trying to understand how the arrays in c# are stored in memory, because although i know they are stored in contiguous memory locations, i'd like to know how to get the length of them like in Array.Length. If you have some tool that could help me understand the way things are stored in memory that you could recomend, that will be helpful.

edit: More specifically, i'm trying to get ZombieManager._regions that is of type ZombieRegion[], so i can get the position of all the zombies loaded in the map.

[italoseara]

I messed arround with reclass, as you mentioned in the other issue, and got it working. I made a class for it:

template <typename T>
class Array
{
public:
    uint32_t length()
    {
        return Memory::read<uint32_t>(THISPTR + 0x18);
    }

    T get(uint32_t index)
    {
        return Memory::read<T>(THISPTR + 0x20 + (index * sizeof(T)));
    }

    vector<T> to_vector()
    {
        uint32_t len = length();
        vector<T> vec(len);
        auto buffer = make_unique<T[]>(len);
        ReadProcessMemory(Memory::proc_handle, (LPVOID)(THISPTR + 0x20), buffer.get(), len * sizeof(T), NULL);
        memcpy(vec.data(), buffer.get(), len * sizeof(T));
        return vec;
    }
};

[italoseara]

Hey, not really sure what i'm doing wrong, i'd like some light here. I'm trying to grab the eye position of a zombie, the Zombie class has a property private Transform eyes;, i tried grabbing as any other property, and use the Unity::Transform you made. I saw that the results werent right, and going through the reclass i wasn't able to find the local position.

Zombie::eyes       = GET_OFFSET(Classes::Zombie, "eyes");

class Zombie
{
public:
    ...
    FIELD_DEF(Unity::Transform*, eyes, Offsets::Zombie::eyes);
        ...
};

the output of zombie->eyes()->local_position() is some random numbers like: (-837499295367168.000000, 0.000000, 0.000000)

[Coopyy]

here's some info on transforms as well as a class i made https://www.unknowncheats.me/forum/escape-from-tarkov/618045-rebuilt-transform-methods.html

[italoseara]

I compared the addresses of both transforms localPosition methods and they return different addresses with different values, with the one that i'm using right now being the correct one.

auto player_transform = local_player->game_object()->transform();
auto internal_transform = TransformInternal((uint32_t)player_transform);

auto pos1 = player_transform->local_position();
auto pos2 = internal_transform.localPosition();

log("My Transform: %p - %f %f %f", pos1, pos1.x, pos1.y, pos1.z);
log("Internal Transform: %p - %f %f %f", pos2, pos2.x, pos2.y, pos2.z);

I'm trying my best to understand why that specific case that i told you wasn't working, but it's a stiff learning curve.

[Coopyy]

that's my fault as the "transform" in this base is misleading and not the actual internal transform.

to fix this, i think just remove the 0x38 read in transform() I need to replace the transform in this code sometime

[italoseara]

i changed this->transformAccess = Memory::read<TransformAccess>(address + 0x38); to this->transformAccess = Memory::read<TransformAccess>(address);, but there is still a difference of 0x30 (same as before) between the 2 addresses. I tried changing some values without a success

[Coopyy]

not that, i meant in the GameObject class that way you can do something like this

namespace Unity
{
    TransformInternal GameObject::transform()
    {
        auto components = read<uintptr_t>(THISPTR + 0x30);
        return TransformInternal(read<uintptr_t>(components + 0x8));
    }
}

i just pushed to the repo with this

[italoseara]

not that, i meant in the GameObject class that way you can do something like this

namespace Unity
{
  TransformInternal GameObject::transform()
  {
      auto components = read<uintptr_t>(THISPTR + 0x30);
      return TransformInternal(read<uintptr_t>(components + 0x8));
  }
}

i just pushed to the repo with this

it worked :DDDDDDD

[italoseara]

Hey, since yesterday i made an overlay and added some things, but i need your help with one thing. I dont really know how to get the field of view of the camera, it's a bit different than the other variables:

public extern float fieldOfView { [MethodImpl(MethodImplOptions.InternalCall)] get; [MethodImpl(MethodImplOptions.InternalCall)] set; }

I tried finding the offset in reclass but without success. Can you give me a hand on this one?

[italoseara]

I was able to get the fov from the settings, but it doesn't account for fov changes like running or opening a scope