Issue

[ghost]

After some digging it appears that the issue with latest update for CSGO is that writing the glow effect seems to fail. When checking the value from getEntityGlowLoopStartAddressAndCount it is returning 0 so I am assuming it cant find the glow resources or cant read the info needed to get the glow value from.

Update: Further investigation has lead me to this line auto reAddress = Utils::ReadMemAndDeAllocate<uint64_t>(task, current_task(), imgbase + glowInfoOffset, address); which seems to be causing the issues. It returns 0 which causes things to not work. I dont work this deep in stacks so im a but over my head with this one. Any ideas?

[ghost]

Maybe an internal code so, offsets don't have to always be updated. Idk how hard that is though because I don't code.

[gabsens]

The only issue is the outdated offsets.

[ghost]

Yep exactly. I dont know enough to get in there and find them I've decompiled it and started looking around and tried using byte slicer but haven't been able to found any of the offsets

[gabsens]

the GlowPointer offset is a level-two pointer, which makes quite hard to find with bitslicer... Anyway after some hours of work, here is the new glow offset: 0x5945FF0

And the new local player offset (a very easy one): 0x5136728

[ghost]

@gabsens How did you find these? I'd like to know so I can do it in the future.

[ghost]

@brendon111 Just replace line 18 in main.cpp with uint64_t glowInfoOffset = 0x5945FF0; and it will work. I didnt have to use the local playerOffset that @gabsens found to get it to work, however it seems that the glow now applies to every player on the map, not the oposing team. Am I just tripping, or was it always like that?

[ghost]

@gabsens Offset adjustments were just merged into the master repo, so you can now just pull the changes and be good to go!

[ghost]

@buzzel I only get enemy team to glow, not my team too. Idk why yours is doing that

[ghost]

What ranks are you guys :P

[ghost]

@brendon111 @brendon111 just use this:

uint64_t glowInfoOffset = 0x5945FF0; uint64_t playerBaseAddress = 0x5136728; uint64_t playerBase = 0x50b2e78;

These addresses should match yours, and if not, change them. Thanks @gabsens for finding the new addresses.

[gabsens]

Let me tell you about LocalPlayer offset.

Valve implemented a LocalPlayer class along the lines of

class LocalPlayer{ int SomeAttribute; float AnotherAttribute; ... ;int MyTeamNumber; int SomeInt; int MyHealth; ... ; }

Reversing shows that MyHealth is always 0x12C bytes away from the start of the LocalPlayer (and MyTeamNumber is therefore 0x124bytes away).

Grabbing the memory location of MyHealth is fairly easy to do with BitSlicer. Once you've found the relevant address, say 0x11454564 for the sake of the example, then 0x11454564-0x12C is where LocalPlayer starts. But the address 0x11454564-0x12C changes everytime CSGO restarts. We're looking for something static instead. Luckily, there is a static pointer that always points to the start of the LocalPlayer class.

So what you do is a pointer scan to 0x11454564-0x12C, and among the results will be the static address you're looking for. Substract client.dylib address and you got your offset.

In a similar fashion, the Glow struct can be found on hack forums.

[ghost]

Btw one important thing to note is sometimes starting and stoping the script will create multiple overlapping processes. To fix this (they may be running right now with Xcode closed and steam closed) go to Activity Monitor, search for "wall", force quit these processes with this name. This will SIGNIFICANTLY increase your fps. In only a few multi hour sessions your fps will slowly drop as these processes build up. Also a tip, if you start the script and force quit Xcode, not regular quit, the script will run in the background without the need of Xcode until you close csgo. This allows csgo to run slightly faster. Hope this info helps your fps :D

EDIT: I only a few ideas how some of the code works, so please, if you have a more elaborate explanation for a way to boost fps, please share. The script seems to significantly lower fps.

[gabsens]

@tr1kyyy To begin with I recommend rewriting the code from scratch with cleaner structures, so that you can easily implement other features such as bunnyhop or triggerbot.

Regarding performance, there's some obvious waste of CPU time at the very end of the source code. The program is telling the CPU to sleep for 100 MICROSECONDS between each call to the glow function. That's so very short of an interval, since at best, csgo servers are 128 tick, that is to say information is updated every 8 MILLISECOND AT BEST. So change usleep(100); with usleep(8000); or even usleep(15600);

[ghost]

@gabsens I changed the usleep. Isn't that the refresh rate essentially of determining player health? So I have to wait 8 seconds between a player health update from the glow feature?

[gabsens]

@tr1kyyy each iteration of the while loop refreshes everything at once: health, teamnum and glow.

usleep(8000) says "sleep for 8000 microseconds", that is to say 80 milliseconds. The refresh rate for the hack is therefore 80 milliseconds. Like I said, CSGO refresh rate is at best 1/128 = 78 milliseconds.

[ghost]

@gabsens Ahh I didn't realize the usleep was measured in mircoseconds and not miliseonds. Also, would hacks programmed in c++ for windows be easily ported to mac? For example this bhop script, if the offsets were redefined and some other small issues fixed, would it work for a mac client?: https://www.youtube.com/watch?v=q78Fh1mrOU4.

[ghost]

Also the cheats seem to randomly turn off in game every 5-10 minutes? Are the offsets changing as I play?

[ghost]

@tr1kyy Tell me if you ever get a bhop script via Xcode.

[gabsens]

@tr1kyyy bhop, triggerbot, noflash are easy to implement externally on Windows, and there's little difference on OSX. You only need to get the relevant offsets, and think about how to access process memory and run concurrent threads on a Mac.

You will encounter insane CPU and RAM usage if you don't do things carefully.

[iseekwonderful]

@gabsens thank for ur offsets, and I invite u as a Collaborators and it will be my pleasure if u can join this project. And i think the implementation of csgo in openGL is retard and we need to pay more attention to the profermance @tr1kyyy do u mean it closed or crash down? BTW, i am not a native english, so what does bhop mean?

[iseekwonderful]

And does anyone successfully hook create move in osx, i found and hook enginetrace.reaceray but failed to find the address of createmove, if anyone does, please tell me

[ghost]

@iseekwonderful Bhop is bunnyhop. Example of a bhop script: https://www.youtube.com/watch?v=NdGjkBHhf4A

[ghost]

@iseekwonderful The script stays open, but in-game they stop working, so I have to turn them off and on again. Not a huge issue. Happens roughly every 15 minutes.

[ghost]

@gabsens @iseekwonderful I know very little about c++, but by utilizing the Utils.cpp and Utils.hpp I can insert the bhop script and add the needed offsets. I have bit slicer and can find those. @gabsens @iseekwonderful Ill upload it here, mind taking a look and telling me why it's not functioning? (I have no expectations for it to work) This would be the first step I believe in building a bhop script.

[ghost]

@gabsens Any chance you can find the new offsets for tonights update?

[ghost]

@buzzel @gabsens yes that would be very awesome and convenient if you could get that done by tonight.

[ghost]

@brendon111 @gabsens You would be a hero!!

[ghost]

I'm trying to find it as well, but I dont do this sort of things so I am new to it

[ghost]

@gabsens @buzzel When looking for the MyHealth offset but I find 20 different offsets -_-. How do I find the source offset?

[ghost]

@tr1kyyy What are you searching to find that? I havent gotten that far

Update: No, I dont use Skype. I'm staying anonymous from all my personal info with this kind of stuff

[ghost]

@buzzel I'm just hurting myself, searching for new health, hurting myself, searching for new health. After 3 rounds of this you get about 20 offsets for MyHealth.

[ghost]

@tr1kyyy I mean, what are your params in Bitslicer? Send a screenshot?

[ghost]

@buzzel http://prntscr.com/bgz0xm

[ghost]

@tr1kyyy Have to wait for @gabsens. I get over 35k results

[ghost]

:(

[gabsens]

@buzzel new LocalPlayer is 0x51379F8

I'll investigate Glow when I'm home tonight, that it to say in 10 hours.

[ghost]

@gabsens Awesome, thanks so much! How do you find these so easily?

[ghost]

@gabsens What exactly is a "pointer"? Is that an offset that references another offset?

[ghost]

@tr1kyyy A pointer is a variable that essentially contains a memory address of another variable.

[ghost]

@buzzel Ohh so it does reference other offsets. But out of a bunch of similar offsets how do I determine where the pointers are referencing?

[ghost]

@iseekwonderful @gabsens Could you explain how the offsets are found. I don't know how to find the source offset out of a bunch of pointers :(.

[ghost]

There was another update for CSGO today. @gabsens If you wouldn't mind :)

Update: Tonights update didn't seem to break any of the offsets from an earlier commit 👍

[gabsens]

@tr1kyyy @buzzel Once you've scanned for your health, you're left with 20 addresses at first sight. Nevertheless, you'll notice that out of these 20, 10 are updated only when you exit or minimize the game window. You have to manually erase these addresses, and that leaves you with 10 addresses. Out of the 10 remaining ones, you have to look for addresses that correspond with the LocalPlayer struct. Left-click on each address, open the location with the Memory Viewer and make sure to see your health in hexadecimal, and 8 bytes ahead should be your team number (2 or 3). If it's not, then it's not the right struct, and not the address you're looking for.

Simply checking for the team number should eliminate 7 addresses.

You're left with 3 addresses. Last time I checked, the first one was the right one. You then go 0x12C bytes ahead and do a pointer scan.

[ghost]

@gabsens Thank you so much, I'll give this a try when I'm back from vacation.

[gabsens]

@tr1kyyy @buzzel see https://github.com/iseekwonderful/csgoGlow/issues/33