https://pastein.ru/t/EJ8
Загрузка данных
import pymem
import pymem.process
import ctypes
import time
import math
user32 = ctypes.windll.user32
gdi32 = ctypes.windll.gdi32
# === ВАШИ ОФФСЕТЫ (из скриншота) ===
OFFSET_VIEW_MATRIX = 0x12EAF0 # Client + 0x12EAF0
OFFSET_ENTITY_LIST = 0x12043C8 # Engine + 0x12043C8
OFFSET_IN_CROSS = 0x125314 # Client + 0x125314 (для триггера)
OFFSET_RECOIL = 0x122E324 # Engine + 0x122E324
OFFSET_ON_GROUND = 0x122E2D4 # Engine + 0x122E2D4
OFFSET_MOVE_TYPE = 0x100A0B8 # Engine + 0x100A0B8
OFFSET_ON_LADDER = 0x136D8C # Client + 0x136D8C
OFFSET_IS_CHATTING = 0x64429C # Engine + 0x64429C
OFFSET_IN_MENU = 0x6C3AB0 # Engine + 0x6C3AB0
# Стандартные смещения внутри структуры PlayerInfo
OFFSET_HEALTH = 0xF8 # m_iHealth
OFFSET_TEAM = 0xF0 # m_iTeamNum
OFFSET_ORIGIN = 0x130 # m_vecOrigin
ESP_ENABLED = True
ESP_COLOR = 0x0000FF # Красный
BOX_SIZE = 20
def get_window_size():
hwnd = user32.FindWindowW(None, "Counter-Strike")
rect = ctypes.wintypes.RECT()
user32.GetWindowRect(hwnd, ctypes.byref(rect))
return rect.right - rect.left, rect.bottom - rect.top
def world_to_screen(x, y, z, view_matrix, sw, sh):
w = view_matrix[12]*x + view_matrix[13]*y + view_matrix[14]*z + view_matrix[15]
if w < 0.01:
return None
sx = view_matrix[0]*x + view_matrix[1]*y + view_matrix[2]*z + view_matrix[3]
sy = view_matrix[4]*x + view_matrix[5]*y + view_matrix[6]*z + view_matrix[7]
sx = (sw / 2) * (1 + sx / w)
sy = (sh / 2) * (1 - sy / w)
return (sx, sy)
def draw_rect(dc, x, y, w, h, color):
brush = gdi32.CreateSolidBrush(color)
gdi32.SelectObject(dc, brush)
gdi32.Rectangle(dc, int(x - w/2), int(y - h/2), int(x + w/2), int(y + h/2))
gdi32.DeleteObject(brush)
def main():
SCREEN_W, SCREEN_H = get_window_size()
print("=== CS 1.6 ESP (с вашими оффсетами) ===")
print("Rutube: https://rutube.ru/channel/43805541")
print("Telegram: hackeriks")
print()
try:
pm = pymem.Pymem("hl.exe")
print("[+] hl.exe найден")
except:
print("[-] CS 1.6 не запущена")
return
# Получаем базы модулей
engine = pymem.process.module_from_name(pm.process_handle, "hw.dll")
client = pymem.process.module_from_name(pm.process_handle, "client.dll")
engine_base = engine.lpBaseOfDll
client_base = client.lpBaseOfDll
print(f"[+] Engine (hw.dll) base: {hex(engine_base)}")
print(f"[+] Client (client.dll) base: {hex(client_base)}")
# Абсолютные адреса
view_matrix_addr = client_base + OFFSET_VIEW_MATRIX
entity_list_addr = engine_base + OFFSET_ENTITY_LIST
print(f"[+] ViewMatrix: {hex(view_matrix_addr)}")
print(f"[+] EntityList: {hex(entity_list_addr)}")
# Получаем дескриптор окна для рисования
hwnd = user32.FindWindowW(None, "Counter-Strike")
dc = user32.GetDC(hwnd)
print("[*] ESP активен. F1 - вкл/выкл, F2 - выход")
global ESP_ENABLED
running = True
while running:
# Управление
if user32.GetAsyncKeyState(0x70) & 1: # F1
ESP_ENABLED = not ESP_ENABLED
print(f"ESP: {'ON' if ESP_ENABLED else 'OFF'}")
time.sleep(0.2)
if user32.GetAsyncKeyState(0x71) & 1: # F2
running = False
break
if not ESP_ENABLED:
time.sleep(0.05)
continue
# Очищаем экран
brush = gdi32.CreateSolidBrush(0x000000)
gdi32.SelectObject(dc, brush)
gdi32.Rectangle(dc, 0, 0, SCREEN_W, SCREEN_H)
gdi32.DeleteObject(brush)
try:
# Читаем матрицу вида
view_matrix = []
for i in range(16):
view_matrix.append(pm.read_float(view_matrix_addr + i*4))
# Читаем EntityList (указатель на первый объект)
entity_list = pm.read_int(entity_list_addr)
if not entity_list:
continue
# Перебираем игроков (1-32)
for i in range(1, 33):
entity = pm.read_int(entity_list + i * 4)
if not entity:
continue
# Команда и здоровье
team = pm.read_int(entity + OFFSET_TEAM)
health = pm.read_int(entity + OFFSET_HEALTH)
if health <= 0:
continue
# Координаты
x = pm.read_float(entity + OFFSET_ORIGIN)
y = pm.read_float(entity + OFFSET_ORIGIN + 4)
z = pm.read_float(entity + OFFSET_ORIGIN + 8)
# Рисуем рамку над головой
screen = world_to_screen(x, y, z + 60, view_matrix, SCREEN_W, SCREEN_H)
if screen:
# Разный цвет для врагов и союзников
if team == 2:
draw_rect(dc, screen[0], screen[1], BOX_SIZE, BOX_SIZE, 0x0000FF) # CT - синий
elif team == 1:
draw_rect(dc, screen[0], screen[1], BOX_SIZE, BOX_SIZE, 0x00FF00) # T - зелёный
else:
draw_rect(dc, screen[0], screen[1], BOX_SIZE, BOX_SIZE, 0xFFFFFF) # Неизвестно - белый
except Exception as e:
pass
time.sleep(0.03)
user32.ReleaseDC(hwnd, dc)
print("ESP остановлен.")
if __name__ == "__main__":
main()