Post: Addresses, Structs, Scrips & Tutorials 1.11
Options
10-31-2014, 11:57 PM
#1
Swaqq
Professional Thanker
Welcome to my Thread.
This has C# Scripts, and Tutorials, and some structures.
//I don't have time to update the addresses, I've made a tutorial provided below.
Here are Some Addresses for 1.11: You must login or register to view this content. and You must login or register to view this content.
Tutorials:
Basic Addresses(FPS/Cbuff_AddText/G_Spawn/G_LocalizedString) //Tut by Me
Porting Addresses from Older Updates:
Structures
Stats: //Swiss + Eddie Mac + br0wniiez
StatEntry = 0x2AC7E6C, //Thanks to LeBigKilleur :3
Score = StatEntry + 0xE2,
Name = 0x0298fbe8,
Prestige = StatEntry + 0x9,
Kills = StatEntry + 0xBA,
Deaths = StatEntry + 0x91,
Wins = StatEntry + 0x10E,
Losses = StatEntry + 0xC1,
Xp = StatEntry + 0xA5,
TimePlayed = StatEntry + 0xFE,
Games_played = StatEntry + 0xA9,
UnlockAll = StatEntry + 0x573C,
CustomClass = StatEntry + 0x4DE5,
Headshots = StatEntry + 0x8A2F,
Saviors = StatEntry + 0x8A3F,
LongShots = StatEntry + 0x8A43,
OneShots = StatEntry + 0x8AA7,
FirstBloods = StatEntry + 0x8A97,
Stabs = StatEntry + 0x8AD7,
Confirms = StatEntry + 0x8402,
Denies = StatEntry + 0x8406,
Uplinks = StatEntry + 0x83EA, // also Captures and hardpoint Caps
Returns = StatEntry + 0x83EE,
Plants = StatEntry + 0x83F6,
Defuses = StatEntry + 0x83FA,
SnR_Caps = StatEntry + 0x8402,
SnR_Rescue = StatEntry + 0x8406,
Defends = StatEntry + 0x83F2,
Weapon_Kills = StatEntry + 0x69A, // 0x1AC for next weapon [url=https://pastebin.com/AmKmBnaT]found by brOwniiez **SCORESTREAK EARN/KILLS** EARNED UAV 0x29D661F War - Pastebin.com[/url] for details
Killstreaks_Earned = StatEntry + 0x89BB,
Killstreak_Warbird_Kills = StatEntry + 0x898B,
Killstreak_Paladin_Kills = StatEntry + 0x898F,
Killstreak_Vulcan_Kills = StatEntry + 0x8993,
Killstreak_Goliath_Kills = StatEntry + 0x8997,
Killstreak_MissleStrike_Kills = StatEntry + 0x89A3,
Killstreak_RemoteTurret_Kills = StatEntry + 0x89A7,
Killstreak_BombingRun_Kills = StatEntry + 0x89AB,
Killstreak_AssultDrone_Kills = StatEntry + 0x89AF,
G_Client //Thanks to xCSBKx and RatchetBooty
G_Client = 0x1A75C00,
Client Interval: 0x3900
Buttons = Addresses.G_Client + 0x3DBE
Red Boxes: G_Client + 0x5F On: 0x10 Off: 0x00
Heat Vision: G_Client + 0x5F On: 0x1C Off: 0x00
Invisibility: G_Client + 0x5B On: 0xF3 Off: 0x00
Ping: G_Client + 0x58 On: 0x01 Off: 0x00
Primary Akimbo: G_Client + 0x3E5 On: 0x01 Off: 0x00
Secondary Akimbo: G_Client + 0x3AD On: 0x90 Off: 0x00
Laser: G_Client + 0x59 On: 0x01 Off: 0x00
Red Laser: G_Client + 0xD On: 0x00
Yellow Laser Color: G_Client + 0xD On: 0x01
Blue Laser Color: G_Client + 0xD On: 0x04
Scrambler: G_Client + 0x59 On: 0x40 Off: 0x00
mFlag: G_Client + 0x3DAF Normal: 0x00 No Clip: 0x01 UFO Mode: 0x02 Freeze: 0x04
System Hack: G_Client + 0x38C9 On: 0x01 Off: 0x00
Third Person: G_Client + 0x5F On: 0x07 Off: 0x00
Heat Chams: G_Client + 0x5F On: 0x1F Off: 0x00
Player Speed: G_Client + 0x3ADC Normal: 0x3F, 0x88 Fast: 0x3F, 0xFF Slow: 0x3F, 0x00
No Friction (Skate Mod): G_Client + 0x56 On: 0x01 Off: 0x00
In-Game Name: G_Client + 0x3B3C
In-Game Clan Tag: G_Client + 0x3BA0
Advanced UAV: G_Client + 0x3C2F On: 0x01 G_Client + 0x3C3F On: 0x00 Off: 0x01
Infinite Ammo:
G_Client + 0x58F On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x5A6 On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x65A On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x642 On: 0xFF, 0xFF Off: 0x00, 0x00
Exo Cloak: G_Client + 0x58 On: 0x11 Off: 0x00
Kill Client: G_Client + 0x3ADC Kill: 0xFF, 0xFF
Fake Lag: G_Client + 0x3A1B On: 0x00 Off: 0x02
Kick Client: G_Client + 0x5A Kick: 0x3F
Invisible Gun: G_Client + 0x3AE1 On: 0x01 Off: 0x00
Exo Screen: G_Client + 0x3880 On: 0x01 Off: 0x00
Instant Drop: G_Client + 0x54 On: 0x01 Off: 0x00
Injured Breathing: G_Client + 0x3AC9 On: 0x01 Off: 0x00
Exo Stim: G_Client + 0x323 On: 0x01 Off: 0x02
Gun View: G_Client + 0x563 Default: 0x00 Launcher: 0x02
Rabbit Man: G_Client + 0x3ADC On: 0x2F, 0x88 Off: 0x3F 0x88
Fake Blood: G_Client + 0x1F3 On: 0xFF Off: 0x64
Stuck in Mud: G_Client + 0x3ADC On: 0x3D, 0x88 Off: 0x3F, 0x88
UAV: G_Client + 0x3948 On: 0x01 Off: 0x00
Border Screen: G_Client + 0x3850 On: 0x01 Off: 0x00
Missile Vision: G_Client + 0x380B On: 0x01 Off: 0x00
Goliath Vision: G_Client + 0x38E8 On: 0x01 Off: 0x02
In-Game Leaderboard spoof: Prestige: G_Client + 0x30C3 Rank: G_Client + 0x30BF Kills: G_Client + 0x3C1B Deaths: G_Client + 0x3C1D Objective: G_Client + 0x3C21 Defends: G_Client + 0x3C23 Score: G_Client + 0x3C19 Assists: G_Client + 0x3C1F
G_Entity :
G_Entity = 0x1985C00,//Thanks to LeBigKilleur
Size = 0x280 //Thanks to xCSBKx
0x158 = Pointer to G_Client // Thanks to Shark
0x1AC = Health
Scripts
Super ForceHost: //Creds to me
public void ForceHostON()
{
Cbuf_AddText("ds_serverConnectTimeout 1000");
Cbuf_AddText("ds_serverConnectTimeout 1");
Cbuf_AddText("party_minplayers 1");
Cbuf_AddText("party_maxplayers 16");
}
//Addresses thanks to RachetBooty 
party_minplayers: 0x02624F84
party_maxplayers: 0x02624FCC
ds_serverConnectTimeout : 0x0262BBCC
BTW: The length is 4 bytes, add 0x3 to each address and then change it's value.
RPC: //Credit to Choco, and Shark for fixing it
public class RPC
{
static uint function_address = Addresses.R_SetFrameFog; // R_SetFrameFog
public static int Init()
{
if (function_address == 0) return -1;
Enable_RPC();
return 0;
}
public static void Enable_RPC()
{
PS3.SetMemory(function_address, new byte[] { 0x4E, 0x80, 0x00, 0x20 });
System.Threading.Thread.Sleep(20);
byte[] func = new byte[] { 0x7C, 0x08, 0x02, 0xA6, 0xF8, 0x01, 0x00, 0x80, 0x3C, 0x60, 0x10, 0x05, 0x81, 0x83, 0x00, 0x4C, 0x2C, 0x0C, 0x00, 0x00, 0x41, 0x82, 0x00, 0x64, 0x80, 0x83, 0x00, 0x04, 0x80, 0xA3, 0x00, 0x08, 0x80, 0xC3, 0x00, 0x0C, 0x80, 0xE3, 0x00, 0x10, 0x81, 0x03, 0x00, 0x14, 0x81, 0x23, 0x00, 0x18, 0x81, 0x43, 0x00, 0x1C, 0x81, 0x63, 0x00, 0x20, 0xC0, 0x23, 0x00, 0x24, 0xC0, 0x43, 0x00, 0x28, 0xC0, 0x63, 0x00, 0x2C, 0xC0, 0x83, 0x00, 0x30, 0xC0, 0xA3, 0x00, 0x34, 0xC0, 0xC3, 0x00, 0x38, 0xC0, 0xE3, 0x00, 0x3C, 0xC1, 0x03, 0x00, 0x40, 0xC1, 0x23, 0x00, 0x48, 0x80, 0x63, 0x00, 0x00, 0x7D, 0x89, 0x03, 0xA6, 0x4E, 0x80, 0x04, 0x21, 0x3C, 0x80, 0x10, 0x05, 0x38, 0xA0, 0x00, 0x00, 0x90, 0xA4, 0x00, 0x4C, 0x90, 0x64, 0x00, 0x50, 0xE8, 0x01, 0x00, 0x80, 0x7C, 0x08, 0x03, 0xA6, 0x38, 0x21, 0x00, 0x70, 0x4E, 0x80, 0x00, 0x20 };
PS3.SetMemory(function_address + 0x4, func);
PS3.SetMemory(0x10050000, new byte[0x2854]);
PS3.SetMemory(function_address, new byte[] { 0xF8, 0x21, 0xFF, 0x91 });
}
public static int Call(uint func_address, params object[] parameters)
{
int num_params = parameters.Length;
uint num_floats = 0;
for (uint i = 0; i < num_params; i++)
{
if (parameters[i] is int)
{
byte[] val = BitConverter.GetBytes((int)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, val);
}
else if (parameters[i] is uint)
{
byte[] val = BitConverter.GetBytes((uint)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, val);
}
else if (parameters[i] is string)
{
byte[] str = Encoding.UTF8.GetBytes(Convert.ToString(parameters[i]) + "\0");
PS3.SetMemory(0x10050054 + i * 0x400, str);
uint addr = 0x10050054 + i * 0x400;
byte[] address = BitConverter.GetBytes(addr);
Array.Reverse(address);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, address);
}
else if (parameters[i] is float)
{
num_floats++;
byte[] val = BitConverter.GetBytes((float)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050024 + ((num_floats - 1) * 0x4), val);
}
}
byte[] fadd = BitConverter.GetBytes(func_address);
Array.Reverse(fadd);
PS3.SetMemory(0x1005004C, fadd);
System.Threading.Thread.Sleep(20);
byte[] ret = PS3.Extension.ReadBytes(0x10050050, 4);
Array.Reverse(ret);
return BitConverter.ToInt32(ret, 0);
}
}
All Clients Button Monitering: //Thanks to Me and iTnDm
public class Buttons
{
public static class Buttonz
{
public static Int32
Cross = 67108864,
Crouch = 33557732,
Prone = 16777216,
Start = 128,
L1 = 134217736,
L2 = -2147483648,
L3 = 537001984,
R1 = 65536,
R2 = 1107296256,
R3 = 33817600;
}
}
public static bool ButtonPressed(int client, int Buttons)
{
if (PS3.Extension.ReadInt32(Offsets.Buttons + ((uint)client * 0x4180)) == Buttons)
return true;
else return false;
}
Jetpack: //Thanks again to Black Panther
public void JetPack(int client)
{
float jH = PS3.Extension.ReadFloat(G_Client + ((uint)client * 0x4180));
jH += 100;
PS3.Extension.WriteFloat(G_Client + ((uint)client * 0x4180), jH);
}
//How to use it in a timer or backgroundworker
if(ButtonPressed(0, Buttons.Cross))
{
JetPack(0);
}
Unlock All Trophies: //Thanks to SC58
{
string[] Achievements = new string[50];
Achievements[0] = "4 CARMA";
Achievements[1] = "4 CAMPAIGN_COMPLETE";
Achievements[2] = "4 CAMPAIGN_HARDENED";
Achievements[3] = "4 CAMPAIGN_VETERAN";
Achievements[4] = "4 BOOST_DASH_STOMP";
Achievements[5] = "4 GRENADE_DODGE";
Achievements[6] = "4 SONIC_KILL";
Achievements[7] = "4 OVERDRIVE_KILL";
Achievements[8] = "4 SMART_GRENADE_KILL";
Achievements[9] = "4 THREAT_GRENADE_KILL";
Achievements[10] = "4 EMP_DRONE";
Achievements[11] = "4 EMP_AST";
Achievements[12] = "4 INTEL_HALF";
Achievements[13] = "4 INTEL_ALL";
Achievements[14] = "4 COVER_DRONE_KILL";
Achievements[15] = "4 EXO_UPGRADE";
Achievements[16] = "4 EXO_UPGRADE_10";
Achievements[17] = "4 EXO_UPGRADE_20";
Achievements[18] = "4 EXO_UPGRADE_FULL";
Achievements[19] = "4 LEVEL_1";
Achievements[20] = "4 LEVEL_1A";
Achievements[21] = "4 LEVEL_2A";
Achievements[22] = "4 LEVEL_2B";
Achievements[23] = "4 LEVEL_2";
Achievements[24] = "4 LEVEL_3A";
Achievements[25] = "4 LEVEL_3";
Achievements[26] = "4 LEVEL_4A";
Achievements[27] = "4 LEVEL_4";
Achievements[28] = "4 LEVEL_5";
Achievements[29] = "4 LEVEL_5A";
Achievements[30] = "4 LEVEL_6A";
Achievements[31] = "4 LEVEL_6";
Achievements[32] = "4 LEVEL_7";
Achievements[33] = "4 LEVEL_8A";
Achievements[34] = "4 LEVEL_8";
Achievements[35] = "4 LEVEL_9";
Achievements[36] = "4 LEVEL_10A";
Achievements[37] = "4 LEVEL_10";
Achievements[38] = "4 LEVEL_11";
Achievements[39] = "4 LEVEL_12A";
Achievements[40] = "4 LEVEL_12";
Achievements[41] = "4 LEVEL_13A";
Achievements[42] = "4 LEVEL_13";
Achievements[43] = "4 LEVEL_14A";
Achievements[44] = "4 LEVEL_14";
Achievements[45] = "4 COOP_VETERAN";
Achievements[46] = "4 COOP_WARFARE";
Achievements[47] = "4 COOP_UNDEAD_SURVIVOR";
Achievements[48] = "4 COOP_EXO_SURVIVOR";
Achievements[49] = "4 COOP_FLIP_FLOP";
for (int i = 0; i < 50; i++)
{
RPC.Call(Addresses.SV_GameSendServerCommand, -1, 1, Achievements[i]);
System.Threading.Thread.Sleep(25);
RPC.Call(Addresses.SV_GameSendServerCommand, -1, 1, Achievements[i]);
}
}
SV_GameSendServerCommand // Credits to me
public void SV_GameSendServerCommand(int client, string command)
{
RPC.Call(Addresses.SV_GameSendServerCommand, client, 0, command + "\"");
}
iPrintln Funcs: //Credits to Me
iPrintlnBold(Center Screen)
public void iPrintlnBold(int client, string text)
{
SV_GameSendServerCommand(client, "c \"" + text + "\"");
}
iPrintln(Killfeed)
public void iPrintln(int client, string text)
{
SV_GameSendServerCommand(client, "e \"" + text + "\"");
}
CBuf_AddText // Ported from BO2(Shark's)
public void Cbuf_AddText(string CMD)
{
RPC.Call(Addresses.Cbuf_AddText, 0, Command);
}
Hud Elements: //Thanks to Shark for the struct, BLB for making setShader and setText, Mega for fixing it somehow, and me for MoveOverTime
https://pastebin.com/D7yj9N1u
Aimbot: // Thanks to Bee el Bee (1.04)
https://pastebin.com/YTnXukEu
Spawning Entities: //Thanks to xReaperV3 (1.04)
public static float[] getPlayerOrigin(int clientIndex)
{
return RPC.ReadSingle(G_Client(clientIndex, 0x7
, 3);
}
public static float[] getPlayerAngles(int clientIndex)
{
return RPC.ReadSingle(G_Client(clientIndex, 0x1B4), 3);
}
public static uint spawnEntity(string ModelName, float[] Origin, float[] Angles)
{
uint Entity = (uint)RPC.Call(0x3669B0);
RPC.WriteSingle(Entity + 0x138, Origin);
RPC.WriteSingle(Entity + 0x148, Angles);
RPC.Call(0x365738, Entity, ModelName);
RPC.Call(0x35B6C4, Entity);
return Entity;
}
Clone Player: //Thanks to xReaperV3
public static void ClonePlayer(int clientIndex)
{
RPC.Call(Addresses.PlayerCMD_ClonePlayer, new object[] { clientIndex });
}
Keyboard: // Thanks to iTnDM (1.04)
uint kb_Result = 0x03080E22;
uint kb_cb = 0x988F98;
uint keyboardPrompt = 0x498828;
uint kb_active = 0x0099E42C;
string runKeyboard(string title = "Your title", string presetText = "text here", int maxLength = 20)
{
RPC.Call(keyboardPrompt, new object[] { 0, title, presetText, maxLength, 0, 0, kb_cb });
System.Threading.Thread.Sleep(10);
while (PS3.Extension.ReadInt32(kb_active) == 0) { }
return PS3.Extension.ReadString(kb_Result);
}
Unlock All: //Thanks to RachetBooty
byte[] buffer = new byte[0x1770];
for (int i = 0; i < 0x1770; i++)
{
buffer[i] = 0xFE;
}
PS3.SetMemory(Addresses.UnlockAll, buffer);
The following 48 users say thank you to Swaqq for this useful post:
@XM7MD_VX, One, ALI ALHILFI, Antonio96C, Azus, BISOON, Boliberrys, CoLsh2R, Confusing, Creepzoid 0___0, dolby1, Drughi, FusionIsDaName, G-T-A-5, Hunter926, ImAzazel, Items, Welsh, Krypton, Kryptus, LcGamingHD, Marco_Legend, MODZ4FUN420, ModzIsCoot, NotALegitPlayer, OLDSCHOOLMODZHD, Prom1ses, RTE, SaberNGU, Smoky420, SONYS✮NIGHTMARE, Stunz, Synergy, top_top, TotalModzHD, tyronS, Laser, xCLS, xDebugKiller, xKrazy SicknesS, XM7MD_VX, xSlinkeyy, xso1id, Xx-GIPPI-xX, yomen9, zAlbanianModder, zRayz-
02-28-2015, 06:19 AM
#434
hacking247
Hurah!
Originally posted by br0wniiez
Why you keep posting things that have been posted.
1.08 Non Host is exactly the same for 1.09.
1.08 Non Host is exactly the same for 1.09.
well i found them with ida so i posted them to help out lmfao. why do you post a rte tool with a encryption that makes it have more infections than it would with out be encrypted cough cough trying to hide something much . dont say to hide your theme that is a over used theme and you didn't even make it your self lmfao
02-28-2015, 08:28 AM
#435
SONYS✮NIGHTMARE
League Champion
Originally posted by hacking247
i found these if you want you can add these here
V-SAT
RTM: 0x193D6C
EBOOT:0x183D6C
ON:0x00
OFF:0x01
RedBoxes:
RTM: 0x19C33B
EBOOT:0x18C33B
ON:0x01
OFF:0x00
cg_laserforceon:
RTM: 0x2067C3
EBOOT:0x1F67C3
ON:0x01
OFF:0x00
V-SAT
RTM: 0x193D6C
EBOOT:0x183D6C
ON:0x00
OFF:0x01
RedBoxes:
RTM: 0x19C33B
EBOOT:0x18C33B
ON:0x01
OFF:0x00
cg_laserforceon:
RTM: 0x2067C3
EBOOT:0x1F67C3
ON:0x01
OFF:0x00
You didn't found this this is from promises eboot builder lmao
The following 2 users say thank you to SONYS✮NIGHTMARE for this useful post:
02-28-2015, 08:36 AM
#436
hacking247
Hurah!
Originally posted by NIGHTMARE
You didn't found this this is from promises eboot builder lmao
No I found them and its not from his eboot builder as I make my own eboots lmfao
Edit: he released the 1.5 source which his tool is 1.08 and i have had these for since 1.09 when i open the elf with ida and found them but if this is to hard for you to understand then think of this
he has other offsets that would of been great to put in my eboot which i released if i somehow had his need source which i dont
like:
Perk check
no recoil
which i don't have so ( i have these as i just found them but that doesn't change my point)
not everyone is a lazy leech and im not one
The following user thanked hacking247 for this useful post:
02-28-2015, 10:16 AM
#437
br0wniiez
Yung Chico
Originally posted by hacking247
well i found them with ida so i posted them to help out lmfao. why do you post a rte tool with a encryption that makes it have more infections than it would with out be encrypted cough cough trying to hide something much . dont say to hide your theme that is a over used theme and you didn't even make it your self lmfao
You found them? Lol It's not hard to look in the thread, test the 1.08 address.
You must be butthurt to speak about my tool and then sound stupid lol, shows you know nothing about encryption, but you're right, I shouldn't encrypt it, I should just let people like you unpack it and make the same thing over and over... Totally the best thing for this community, right? Let's all just copy & paste like we did on Black Ops II, Ghosts lmao.
Anyway, why don't you go find some more addresses that are already posted? lol is it that hard to find Disable Perk Protection? Just wait for somebody to post it like you would do.
02-28-2015, 10:26 AM
#438
Unknauwn
Do a barrel roll!
Originally posted by SC58
Thats function is not it.
BG_GetWeaponDef was remove after mw2 for IW/SH games, they will have the dword in the function called bg_weaponDefs and that address for that is 0xC8E8F4 i think, if not find it yourself
You must login or register to view this content.
this is from cod4 pdb but the function is removed on mw3,ghosts,aw but bg_weaponDefs is still in the game 4 them 3 cods, so u can still do stuff u just have to make your own return function to do anything with it
BG_GetWeaponDef was remove after mw2 for IW/SH games, they will have the dword in the function called bg_weaponDefs and that address for that is 0xC8E8F4 i think, if not find it yourself
You must login or register to view this content.
this is from cod4 pdb but the function is removed on mw3,ghosts,aw but bg_weaponDefs is still in the game 4 them 3 cods, so u can still do stuff u just have to make your own return function to do anything with it
Thanks you man, now i know how to do : )
02-28-2015, 10:51 AM
#439
hacking247
Hurah!
Originally posted by br0wniiez
You found them? Lol It's not hard to look in the thread, test the 1.08 address.
You must be butthurt to speak about my tool and then sound stupid lol, shows you know nothing about encryption, but you're right, I shouldn't encrypt it, I should just let people like you unpack it and make the same thing over and over... Totally the best thing for this community, right? Let's all just copy & paste like we did on Black Ops II, Ghosts lmao.
Anyway, why don't you go find some more addresses that are already posted? lol is it that hard to find Disable Perk Protection? Just wait for somebody to post it like you would do.
You must be butthurt to speak about my tool and then sound stupid lol, shows you know nothing about encryption, but you're right, I shouldn't encrypt it, I should just let people like you unpack it and make the same thing over and over... Totally the best thing for this community, right? Let's all just copy & paste like we did on Black Ops II, Ghosts lmao.
Anyway, why don't you go find some more addresses that are already posted? lol is it that hard to find Disable Perk Protection? Just wait for somebody to post it like you would do.
As always I love people amazing reading skills, I have both perkcheck and norecoil and I didnt use the forums as stated I used ida pro . I said ida on my post on the sixth word. People like you make other not post the thing because you people think you know everything! I would give credit to the person if they found it but they didn't as I just posted what I found. This is a community and I'm just trying to help. He may have found those but I did use anything from him or any other person. On your tool yes I would release it open source if I would make it as all my tool have been open source. Lmfao making it from scratch ha you use a theme that is released I make my themes from scratch and tools from scratch but I used to use that dot net shit lol .
02-28-2015, 10:56 AM
#440
br0wniiez
Yung Chico
Originally posted by hacking247
As always I love people amazing reading skills, I have both perkcheck and norecoil and I didnt use the forums as stated I used ida pro . I said ida on my post on the sixth word. People like you make other not post the thing because you people think you know everything! I would give credit to the person if they found it but they didn't as I just posted what I found. This is a community and I'm just trying to help. He may have found those but I did use anything from him or any other person. On your tool yes I would release it open source if I would make it as all my tool have been open source. Lmfao making it from scratch ha you use a theme that is released I make my themes from scratch and tools from scratch but I used to use that dot net shit lol .
From scratch meaning the code, meaning finding addresses/offsets myself, anyway if you did find them then cool, I'm just giving you a heads up that they were ALREADY posted, so you kinda wasted time searching.
Yeah your tool would be open source cause it will just be a tool probably copy and pasted, so nothing is new... My tool has unreleased stuff for this game.. duh. Show me different.
02-28-2015, 11:53 AM
#441
SC58
Former Staff
Originally posted by br0wniiez
From scratch meaning the code, meaning finding addresses/offsets myself, anyway if you did find them then cool, I'm just giving you a heads up that they were ALREADY posted, so you kinda wasted time searching.
Yeah your tool would be open source cause it will just be a tool probably copy and pasted, so nothing is new... My tool has unreleased stuff for this game.. duh. Show me different.
Yeah your tool would be open source cause it will just be a tool probably copy and pasted, so nothing is new... My tool has unreleased stuff for this game.. duh. Show me different.
Originally posted by hacking247
As always I love people amazing reading skills, I have both perkcheck and norecoil and I didnt use the forums as stated I used ida pro . I said ida on my post on the sixth word. People like you make other not post the thing because you people think you know everything! I would give credit to the person if they found it but they didn't as I just posted what I found. This is a community and I'm just trying to help. He may have found those but I did use anything from him or any other person. On your tool yes I would release it open source if I would make it as all my tool have been open source. Lmfao making it from scratch ha you use a theme that is released I make my themes from scratch and tools from scratch but I used to use that dot net shit lol .
Is all of this really needed? if so take it to private messages. :p
02-28-2015, 03:57 PM
#442
iTпDM
Vault dweller
Originally posted by Swaqq
Hello Guys!
Welcome to my Thread.
This has C# Scripts, and Tutorials, and some structures.
//I don't have time to update the addresses, I've made a tutorial provided below.
Tutorials:
Basic Addresses(FPS/Cbuff_AddText/G_Spawn/G_LocalizedString) //Tut by Me
Porting Addresses from Older Updates:
Structures
Stats: //Swiss + Eddie Mac + br0wniiez
G_Client //Thanks to xCSBKx and RatchetBooty
G_Entity :
Scripts
Super ForceHost: //Creds to me
RPC: //Credit to Shark
All Clients Button Monitering: //Thanks to Me
Jetpack: //Thanks again to Black Panther
Unlock All Trophies: //Thanks to SC58
SV_GameSendServerCommand // Credits to me
iPrintln Funcs: //Credits to Me
iPrintlnBold(Center Screen)
iPrintln(Killfeed)
CBuf_AddText // Ported from BO2(Shark's)
Hud Elements: //Thanks to Shark for the struct, BLB for making setShader and setText, Mega for fixing it somehow, and me for MoveOverTime
Aimbot: // Thanks to Bee el Bee (1.04)
Spawning Entities: //Thanks to xReaperV3 (1.04)
Clone Player: //Thanks to xReaperV3
Keyboard: // Thanks to iTnDM (1.04)
Unlock All: //Thanks to RachetBooty
Welcome to my Thread.
This has C# Scripts, and Tutorials, and some structures.
//I don't have time to update the addresses, I've made a tutorial provided below.
Tutorials:
Basic Addresses(FPS/Cbuff_AddText/G_Spawn/G_LocalizedString) //Tut by Me
Porting Addresses from Older Updates:
Structures
Stats: //Swiss + Eddie Mac + br0wniiez
Score = StatEntry + 0xE2,
Name = 0x0298fbe8,
Prestige = StatEntry + 0x9,
Kills = StatEntry + 0xBA,
Deaths = StatEntry + 0x91,
Wins = StatEntry + 0x10E,
Losses = StatEntry + 0xC1,
Xp = StatEntry + 0xA5,
TimePlayed = StatEntry + 0xFE,
Games_played = StatEntry + 0xA9,
UnlockAll = StatEntry + 0x573C,
CustomClass = StatEntry + 0x4DE5,
Headshots = StatEntry + 0x8A2F,
Saviors = StatEntry + 0x8A3F,
LongShots = StatEntry + 0x8A43,
OneShots = StatEntry + 0x8AA7,
FirstBloods = StatEntry + 0x8A97,
Stabs = StatEntry + 0x8AD7,
Confirms = StatEntry + 0x8402,
Denies = StatEntry + 0x8406,
Uplinks = StatEntry + 0x83EA, // also Captures and hardpoint Caps
Returns = StatEntry + 0x83EE,
Plants = StatEntry + 0x83F6,
Defuses = StatEntry + 0x83FA,
SnR_Caps = StatEntry + 0x8402,
SnR_Rescue = StatEntry + 0x8406,
Defends = StatEntry + 0x83F2,
Weapon_Kills = StatEntry + 0x69A, // 0x1AC for next weapon [url=https://pastebin.com/AmKmBnaT]found by brOwniiez **SCORESTREAK EARN/KILLS** EARNED UAV 0x29D661F War - Pastebin.com[/url] for details
Killstreaks_Earned = StatEntry + 0x89BB,
Killstreak_Warbird_Kills = StatEntry + 0x898B,
Killstreak_Paladin_Kills = StatEntry + 0x898F,
Killstreak_Vulcan_Kills = StatEntry + 0x8993,
Killstreak_Goliath_Kills = StatEntry + 0x8997,
Killstreak_MissleStrike_Kills = StatEntry + 0x89A3,
Killstreak_RemoteTurret_Kills = StatEntry + 0x89A7,
Killstreak_BombingRun_Kills = StatEntry + 0x89AB,
Killstreak_AssultDrone_Kills = StatEntry + 0x89AF,
G_Client //Thanks to xCSBKx and RatchetBooty
Client Interval: 0x4180
Buttons = Addresses.G_Client + 0x3DBE
Red Boxes: G_Client + 0x5F On: 0x10 Off: 0x00
Heat Vision: G_Client + 0x5F On: 0x1C Off: 0x00
Invisibility: G_Client + 0x5B On: 0xF3 Off: 0x00
Ping: G_Client + 0x58 On: 0x01 Off: 0x00
Primary Akimbo: G_Client + 0x3E5 On: 0x01 Off: 0x00
Secondary Akimbo: G_Client + 0x3AD On: 0x90 Off: 0x00
Laser: G_Client + 0x59 On: 0x01 Off: 0x00
Red Laser: G_Client + 0xD On: 0x00
Yellow Laser Color: G_Client + 0xD On: 0x01
Blue Laser Color: G_Client + 0xD On: 0x04
Scrambler: G_Client + 0x59 On: 0x40 Off: 0x00
mFlag: G_Client + 0x3DAF Normal: 0x00 No Clip: 0x01 UFO Mode: 0x02 Freeze: 0x04
System Hack: G_Client + 0x38C9 On: 0x01 Off: 0x00
Third Person: G_Client + 0x5F On: 0x07 Off: 0x00
Heat Chams: G_Client + 0x5F On: 0x1F Off: 0x00
Player Speed: G_Client + 0x3ADC Normal: 0x3F, 0x88 Fast: 0x3F, 0xFF Slow: 0x3F, 0x00
No Friction (Skate Mod): G_Client + 0x56 On: 0x01 Off: 0x00
In-Game Name: G_Client + 0x3B3C
In-Game Clan Tag: G_Client + 0x3BA0
Advanced UAV: G_Client + 0x3C2F On: 0x01 G_Client + 0x3C3F On: 0x00 Off: 0x01
Infinite Ammo:
G_Client + 0x58F On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x5A6 On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x65A On: 0xFF, 0xFF Off: 0x00, 0x00
G_Client + 0x642 On: 0xFF, 0xFF Off: 0x00, 0x00
Exo Cloak: G_Client + 0x58 On: 0x11 Off: 0x00
Kill Client: G_Client + 0x3ADC Kill: 0xFF, 0xFF
Fake Lag: G_Client + 0x3A1B On: 0x00 Off: 0x02
Kick Client: G_Client + 0x5A Kick: 0x3F
Invisible Gun: G_Client + 0x3AE1 On: 0x01 Off: 0x00
Exo Screen: G_Client + 0x3880 On: 0x01 Off: 0x00
Instant Drop: G_Client + 0x54 On: 0x01 Off: 0x00
Injured Breathing: G_Client + 0x3AC9 On: 0x01 Off: 0x00
Exo Stim: G_Client + 0x323 On: 0x01 Off: 0x02
Gun View: G_Client + 0x563 Default: 0x00 Launcher: 0x02
Rabbit Man: G_Client + 0x3ADC On: 0x2F, 0x88 Off: 0x3F 0x88
Fake Blood: G_Client + 0x1F3 On: 0xFF Off: 0x64
Stuck in Mud: G_Client + 0x3ADC On: 0x3D, 0x88 Off: 0x3F, 0x88
UAV: G_Client + 0x3948 On: 0x01 Off: 0x00
Border Screen: G_Client + 0x3850 On: 0x01 Off: 0x00
Missile Vision: G_Client + 0x380B On: 0x01 Off: 0x00
Goliath Vision: G_Client + 0x38E8 On: 0x01 Off: 0x02
In-Game Leaderboard spoof: Prestige: G_Client + 0x30C3 Rank: G_Client + 0x30BF Kills: G_Client + 0x3C1B Deaths: G_Client + 0x3C1D Objective: G_Client + 0x3C21 Defends: G_Client + 0x3C23 Score: G_Client + 0x3C19 Assists: G_Client + 0x3C1F
G_Entity :
Size = 0x280 //Thanks to xCSBKx
0x158 = Pointer to G_Client // Thanks to Shark
0x1AC = Health
Scripts
Super ForceHost: //Creds to me
public void ForceHostON()
{
Cbuf_AddText("ds_serverConnectTimeout 1000");
Cbuf_AddText("ds_serverConnectTimeout 1");
Cbuf_AddText("party_minplayers 1");
Cbuf_AddText("party_maxplayers 16");
}
//Addresses thanks to RachetBooty
party_minplayers: 0x02624F84
party_maxplayers: 0x02624FCC
ds_serverConnectTimeout : 0x0262BBCC
BTW: The length is 4 bytes, add 0x3 to each address and then change it's value.
RPC: //Credit to Shark
public class RPC
{
static uint function_address = Addresses.R_SetFrameFog; // R_SetFrameFog
public static int Init()
{
if (function_address == 0) return -1;
Enable_RPC();
return 0;
}
public static void Enable_RPC()
{
PS3.SetMemory(function_address, new byte[] { 0x4E, 0x80, 0x00, 0x20 });
System.Threading.Thread.Sleep(20);
byte[] func = new byte[] { 0x7C, 0x08, 0x02, 0xA6, 0xF8, 0x01, 0x00, 0x80, 0x3C, 0x60, 0x10, 0x05, 0x81, 0x83, 0x00, 0x4C, 0x2C, 0x0C, 0x00, 0x00, 0x41, 0x82, 0x00, 0x64, 0x80, 0x83, 0x00, 0x04, 0x80, 0xA3, 0x00, 0x08, 0x80, 0xC3, 0x00, 0x0C, 0x80, 0xE3, 0x00, 0x10, 0x81, 0x03, 0x00, 0x14, 0x81, 0x23, 0x00, 0x18, 0x81, 0x43, 0x00, 0x1C, 0x81, 0x63, 0x00, 0x20, 0xC0, 0x23, 0x00, 0x24, 0xC0, 0x43, 0x00, 0x28, 0xC0, 0x63, 0x00, 0x2C, 0xC0, 0x83, 0x00, 0x30, 0xC0, 0xA3, 0x00, 0x34, 0xC0, 0xC3, 0x00, 0x38, 0xC0, 0xE3, 0x00, 0x3C, 0xC1, 0x03, 0x00, 0x40, 0xC1, 0x23, 0x00, 0x48, 0x80, 0x63, 0x00, 0x00, 0x7D, 0x89, 0x03, 0xA6, 0x4E, 0x80, 0x04, 0x21, 0x3C, 0x80, 0x10, 0x05, 0x38, 0xA0, 0x00, 0x00, 0x90, 0xA4, 0x00, 0x4C, 0x90, 0x64, 0x00, 0x50, 0xE8, 0x01, 0x00, 0x80, 0x7C, 0x08, 0x03, 0xA6, 0x38, 0x21, 0x00, 0x70, 0x4E, 0x80, 0x00, 0x20 };
PS3.SetMemory(function_address + 0x4, func);
PS3.SetMemory(0x10050000, new byte[0x2854]);
PS3.SetMemory(function_address, new byte[] { 0xF8, 0x21, 0xFF, 0x91 });
}
public static int Call(uint func_address, params object[] parameters)
{
int num_params = parameters.Length;
uint num_floats = 0;
for (uint i = 0; i < num_params; i++)
{
if (parameters[i] is int)
{
byte[] val = BitConverter.GetBytes((int)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, val);
}
else if (parameters[i] is uint)
{
byte[] val = BitConverter.GetBytes((uint)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, val);
}
else if (parameters[i] is string)
{
byte[] str = Encoding.UTF8.GetBytes(Convert.ToString(parameters[i]) + "\0");
PS3.SetMemory(0x10050054 + i * 0x400, str);
uint addr = 0x10050054 + i * 0x400;
byte[] address = BitConverter.GetBytes(addr);
Array.Reverse(address);
PS3.SetMemory(0x10050000 + (i + num_floats) * 4, address);
}
else if (parameters[i] is float)
{
num_floats++;
byte[] val = BitConverter.GetBytes((float)parameters[i]);
Array.Reverse(val);
PS3.SetMemory(0x10050024 + ((num_floats - 1) * 0x4), val);
}
}
byte[] fadd = BitConverter.GetBytes(func_address);
Array.Reverse(fadd);
PS3.SetMemory(0x1005004C, fadd);
System.Threading.Thread.Sleep(20);
byte[] ret = PS3.Extension.ReadBytes(0x10050050, 4);
Array.Reverse(ret);
return BitConverter.ToInt32(ret, 0);
}
}
All Clients Button Monitering: //Thanks to Me
public class Buttons
{
public static class Buttonz
{
public static Int32
Cross = 67108864,
Crouch = 33557732,
Prone = 16777216,
Start = 128,
L1 = 134217736,
L2 = -2147483648,
L3 = 537001984,
R1 = 65536,
R2 = 1107296256,
R3 = 33817600;
}
}
public static bool ButtonPressed(int client, int Buttons)
{
if (PS3.Extension.ReadInt32(Offsets.Buttons + ((uint)client * 0x4180)) == Buttons)
return true;
else return false;
}
Jetpack: //Thanks again to Black Panther
public void JetPack(int client)
{
float jH = PS3.Extension.ReadFloat(G_Client + ((uint)client * 0x4180));
jH += 100;
PS3.Extension.WriteFloat(G_Client + ((uint)client * 0x4180), jH);
}
//How to use it in a timer or backgroundworker
if(ButtonPressed(0, Buttons.Cross))
{
JetPack(0);
}
Unlock All Trophies: //Thanks to SC58
{
string[] Achievements = new string[50];
Achievements[0] = "4 CARMA";
Achievements[1] = "4 CAMPAIGN_COMPLETE";
Achievements[2] = "4 CAMPAIGN_HARDENED";
Achievements[3] = "4 CAMPAIGN_VETERAN";
Achievements[4] = "4 BOOST_DASH_STOMP";
Achievements[5] = "4 GRENADE_DODGE";
Achievements[6] = "4 SONIC_KILL";
Achievements[7] = "4 OVERDRIVE_KILL";
Achievements[8] = "4 SMART_GRENADE_KILL";
Achievements[9] = "4 THREAT_GRENADE_KILL";
Achievements[10] = "4 EMP_DRONE";
Achievements[11] = "4 EMP_AST";
Achievements[12] = "4 INTEL_HALF";
Achievements[13] = "4 INTEL_ALL";
Achievements[14] = "4 COVER_DRONE_KILL";
Achievements[15] = "4 EXO_UPGRADE";
Achievements[16] = "4 EXO_UPGRADE_10";
Achievements[17] = "4 EXO_UPGRADE_20";
Achievements[18] = "4 EXO_UPGRADE_FULL";
Achievements[19] = "4 LEVEL_1";
Achievements[20] = "4 LEVEL_1A";
Achievements[21] = "4 LEVEL_2A";
Achievements[22] = "4 LEVEL_2B";
Achievements[23] = "4 LEVEL_2";
Achievements[24] = "4 LEVEL_3A";
Achievements[25] = "4 LEVEL_3";
Achievements[26] = "4 LEVEL_4A";
Achievements[27] = "4 LEVEL_4";
Achievements[28] = "4 LEVEL_5";
Achievements[29] = "4 LEVEL_5A";
Achievements[30] = "4 LEVEL_6A";
Achievements[31] = "4 LEVEL_6";
Achievements[32] = "4 LEVEL_7";
Achievements[33] = "4 LEVEL_8A";
Achievements[34] = "4 LEVEL_8";
Achievements[35] = "4 LEVEL_9";
Achievements[36] = "4 LEVEL_10A";
Achievements[37] = "4 LEVEL_10";
Achievements[38] = "4 LEVEL_11";
Achievements[39] = "4 LEVEL_12A";
Achievements[40] = "4 LEVEL_12";
Achievements[41] = "4 LEVEL_13A";
Achievements[42] = "4 LEVEL_13";
Achievements[43] = "4 LEVEL_14A";
Achievements[44] = "4 LEVEL_14";
Achievements[45] = "4 COOP_VETERAN";
Achievements[46] = "4 COOP_WARFARE";
Achievements[47] = "4 COOP_UNDEAD_SURVIVOR";
Achievements[48] = "4 COOP_EXO_SURVIVOR";
Achievements[49] = "4 COOP_FLIP_FLOP";
for (int i = 0; i < 50; i++)
{
RPC.Call(Addresses.SV_GameSendServerCommand, -1, 1, Achievements[i]);
System.Threading.Thread.Sleep(25);
RPC.Call(Addresses.SV_GameSendServerCommand, -1, 1, Achievements[i]);
}
}
SV_GameSendServerCommand // Credits to me
public void SV_GameSendServerCommand(int client, string command)
{
RPC.Call(Addresses.SV_GameSendServerCommand, client, 0, command + "\"");
}
iPrintln Funcs: //Credits to Me
iPrintlnBold(Center Screen)
public void iPrintlnBold(int client, string text)
{
SV_GameSendServerCommand(client, "c \"" + text + "\"");
}
iPrintln(Killfeed)
public void iPrintln(int client, string text)
{
SV_GameSendServerCommand(client, "e \"" + text + "\"");
}
CBuf_AddText // Ported from BO2(Shark's)
public void Cbuf_AddText(string CMD)
{
RPC.Call(Addresses.Cbuf_AddText, 0, Command);
}
Hud Elements: //Thanks to Shark for the struct, BLB for making setShader and setText, Mega for fixing it somehow, and me for MoveOverTime
https://pastebin.com/D7yj9N1u
Aimbot: // Thanks to Bee el Bee (1.04)
https://pastebin.com/YTnXukEu
Spawning Entities: //Thanks to xReaperV3 (1.04)
public static float[] getPlayerOrigin(int clientIndex)
{
return RPC.ReadSingle(G_Client(clientIndex, 0x7, 3);
}
public static float[] getPlayerAngles(int clientIndex)
{
return RPC.ReadSingle(G_Client(clientIndex, 0x1B4), 3);
}
public static uint spawnEntity(string ModelName, float[] Origin, float[] Angles)
{
uint Entity = (uint)RPC.Call(0x3669B0);
RPC.WriteSingle(Entity + 0x138, Origin);
RPC.WriteSingle(Entity + 0x148, Angles);
RPC.Call(0x365738, Entity, ModelName);
RPC.Call(0x35B6C4, Entity);
return Entity;
}
Clone Player: //Thanks to xReaperV3
public static void ClonePlayer(int clientIndex)
{
RPC.Call(Addresses.PlayerCMD_ClonePlayer, new object[] { clientIndex });
}
Keyboard: // Thanks to iTnDM (1.04)
uint kb_Result = 0x03080E22;
uint kb_cb = 0x988F98;
uint keyboardPrompt = 0x498828;
uint kb_active = 0x0099E42C;
string runKeyboard(string title = "Your title", string presetText = "text here", int maxLength = 20)
{
RPC.Call(keyboardPrompt, new object[] { 0, title, presetText, maxLength, 0, 0, kb_cb });
System.Threading.Thread.Sleep(10);
while (PS3.Extension.ReadInt32(kb_active) == 0) { }
return PS3.Extension.ReadString(kb_Result);
}
Unlock All: //Thanks to RachetBooty
byte[] buffer = new byte[0x1770];
for (int i = 0; i < 0x1770; i++)
{
buffer[i] = 0xFE;
}
PS3.SetMemory(Addresses.UnlockAll, buffer);
RPC Credit to Choco not for Shark or anyone Update the R_SetFrameFog we give him Credit for RPC ??
Original RPC Credit to Choco for anyway
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
