#include "stdafx.h"
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
#include <string>
using namespace std;
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ)
ULONG Client;
ULONG GameOverlayRenderer;
ULONG VGUIMatSurface;
ULONG Engine;
HANDLE hl2handle;
ULONG hl2Process;
bool IsOnLadder();
bool IsInWater();
bool IsOnGround();
bool IsInChat();
void PlayerJump();
float GetXAngle();
void PrintHelp();
DWORD IDThread;
DWORD WINAPI Ground(LPVOID vpParam);
DWORD WINAPI Water(LPVOID vpParam);
DWORD WINAPI Ladder(LPVOID vpParam);
HANDLE hThread[3];
HANDLE GetProcessHandle(const char *ProcessName, DWORD& ProcessID);
ULONG GetModuleAddress(const char *szModuleName, const ULONG dwProcessId);
void PressKey(unsigned short KeyCode, int SleepTime, int SleepTime2);
int OnLadderPointer = 0x556234; //Pointer to base address for OnLadderOffset
int OnLadderOffset = 0x16C; //On Ladder
int ChatOffset = 0x1349A4; //Chat
int SteamOverlayOffset = 0x7CF84; //Steam Overlay
int OnGroundOffset = 0x5769F8; //On ground
int JumpUpOffset = 0x5654A4; //Jump
int InWaterOffset = 0x5746CC; //In water
int main()
{
hl2handle = GetProcessHandle("hl2.exe", hl2Process);
Client = GetModuleAddress("client.dll", hl2Process);
GameOverlayRenderer = GetModuleAddress("gameoverlayrenderer.dll", hl2Process);
VGUIMatSurface = GetModuleAddress("vguimatsurface.dll", hl2Process);
Engine = GetModuleAddress("engine.dll", hl2Process);
if(hl2handle)
{
SetConsoleTitle("Blacky's bhop hack");
short FunctionKey = VK_F1;
string sFunctionKeys[2] = {"Off", "On"};
short iFunctionKey = 0;
cout << "Bunnyhop (F1): Off" << endl;
PrintHelp();
while(1)
{
if((GetKeyState(FunctionKey) & 1) != iFunctionKey)
{
system("CLS");
iFunctionKey = !iFunctionKey;
cout << "Bunnyhop (F1): " << sFunctionKeys[iFunctionKey] << endl;
PrintHelp();
}
if(GetKeyState(VK_F1) & 1)
if(GetKeyState(VK_SPACE) & (1 << 15))
if(!IsInChat())
if(IsOnGround() || IsInWater() || IsOnLadder())
PlayerJump();
Sleep(1);
}
}
else
{
cout << "Could not find game or could not access it." << endl;
}
cin.get();
return 0;
}
bool IsOnLadder()
{
int OnLadder = 0;
ReadProcessMemory(hl2handle, LPCVOID(Client + OnLadderPointer), &OnLadder, sizeof(OnLadder), NULL);
ReadProcessMemory(hl2handle, LPCVOID(OnLadder + OnLadderOffset), &OnLadder, sizeof(OnLadder), NULL);
if(OnLadder == 9)
return true;
return false;
}
bool IsInWater()
{
int InWater = 0;
ReadProcessMemory(hl2handle, LPCVOID(Client + InWaterOffset), &InWater, sizeof(InWater), NULL);
if(InWater != 0)
return true;
return false;
}
bool IsOnGround()
{
int OnGround = 0;
ReadProcessMemory(hl2handle, LPCVOID(Client + OnGroundOffset), &OnGround, sizeof(OnGround), NULL);
if(OnGround != -1)
return true;
return false;
}
bool IsInChat()
{
int InChat = 0, InChat2 = 0;
ReadProcessMemory(hl2handle, LPCVOID(GameOverlayRenderer + SteamOverlayOffset), &InChat, sizeof(InChat), NULL);
ReadProcessMemory(hl2handle, LPCVOID(VGUIMatSurface + ChatOffset), &InChat2, sizeof(InChat2), NULL);
if (InChat || !InChat2)
return true;
return false;
}
void PlayerJump()
{
HWND hWnd = GetForegroundWindow();
int nLen = GetWindowTextLength(hWnd) + 1;
char *szTitle = (char*)malloc(nLen + 1);
GetWindowText(hWnd, szTitle, nLen);
if(strcmp(szTitle, "Counter-Strike Source") == 0)
{
int Jump = 5;
WriteProcessMemory(hl2handle, LPVOID(Client + JumpUpOffset), &Jump, sizeof(Jump), NULL);
Sleep(20);
Jump = 4;
WriteProcessMemory(hl2handle, LPVOID(Client + JumpUpOffset), &Jump, sizeof(Jump), NULL);
Sleep(20);
}
}
HANDLE GetProcessHandle(const char *ProcessName, DWORD& ProcessID)
{
PROCESSENTRY32 entry;
entry.dwSize = sizeof(PROCESSENTRY32);
HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
if (Process32First(snapshot, &entry) == TRUE)
{
while (Process32Next(snapshot, &entry) == TRUE)
{
if (strcmp(entry.szExeFile, ProcessName) == 0)
{
ProcessID=entry.th32ProcessID;
CloseHandle(snapshot);
return OpenProcess(CREATE_THREAD_ACCESS, FALSE, entry.th32ProcessID);
}
}
}
CloseHandle(snapshot);
return 0;
}
ULONG GetModuleAddress(const char *szModuleName, const ULONG dwProcessId)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if (hSnap == INVALID_HANDLE_VALUE)
return 0;
MODULEENTRY32 me;
me.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnap, &me))
{
while (Module32Next(hSnap, &me))
{
if (strcmp(reinterpret_cast<const char*>(me.szModule), szModuleName)==0)
{
CloseHandle(hSnap);
return (ULONG)me.modBaseAddr;
}
}
}
CloseHandle(hSnap);
return 0;
}
void PressKey(unsigned short KeyCode, int SleepTime, int SleepTime2)
{
INPUT InputData;
InputData.type = INPUT_KEYBOARD;
InputData.ki.wScan = KeyCode;
InputData.ki.time = (NULL);
InputData.ki.dwExtraInfo = 0;
InputData.ki.dwFlags = 0;
SendInput(1, &InputData, sizeof(InputData));
Sleep(SleepTime);
InputData.ki.dwFlags = KEYEVENTF_KEYUP;
SendInput(1, &InputData, sizeof(InputData));
Sleep(SleepTime2);
}
void PrintHelp()
{
printf("\n\nIn console put \"unbind space\" and use space to jump.\nF1 will toggle it on and off.\n\n");
}