https://pastein.ru/t/Ew8
Загрузка данных
import pymem
import pymem.process
import time
import struct
def find_offset_by_value(pm, start_addr, end_addr, target_value, value_type='int'):
"""Ищет смещение по значению"""
for offset in range(0, end_addr - start_addr, 4):
try:
addr = start_addr + offset
if value_type == 'int':
val = pm.read_int(addr)
else:
val = pm.read_float(addr)
if val == target_value:
return offset
except:
pass
return None
def main():
print("=" * 50)
print("CS 1.6 Диагностика (Steam 1.1.2.7)")
print("=" * 50)
# Подключаемся к игре
try:
pm = pymem.Pymem("hl.exe")
print("[+] hl.exe найден")
except:
print("[-] hl.exe не найден! Запустите CS 1.6")
input()
return
# Получаем базу клиента
client = pymem.process.module_from_name(pm.process_handle, "hw.dll")
client_base = client.lpBaseOfDll
client_size = client.SizeOfImage
print(f"[+] hw.dll base: {hex(client_base)}")
print(f"[+] hw.dll size: {hex(client_size)}")
# Ищем LocalPlayer
print("\n[*] Поиск dwLocalPlayer...")
local_player_addr = None
dwLocalPlayer = None
for offset in range(0, 0x200000, 4):
try:
addr = client_base + offset
health = pm.read_int(addr)
if health == 100:
team = pm.read_int(addr - 0x8)
if team in (1, 2):
local_player_addr = addr - 0xF8
dwLocalPlayer = offset - 0xF8
print(f"[+] Найдено!")
print(f" dwLocalPlayer = {hex(dwLocalPlayer)}")
print(f" Абсолютный адрес: {hex(local_player_addr)}")
break
except:
pass
if not local_player_addr:
print("[-] Не удалось найти LocalPlayer. Убедитесь, что вы в катке и живы.")
input()
return
# Получаем здоровье и команду локального игрока
health = pm.read_int(local_player_addr + 0xF8)
team = pm.read_int(local_player_addr + 0xF0)
print(f"\n[*] Локальный игрок:")
print(f" Здоровье: {health}")
print(f" Команда: {team} (1=T, 2=CT)")
# Ищем m_iHealth (обычно 0xF8)
print("\n[*] Поиск m_iHealth...")
if pm.read_int(local_player_addr + 0xF8) == health:
print(f"[+] m_iHealth = 0xF8")
else:
off = find_offset_by_value(pm, local_player_addr, local_player_addr + 0x200, health)
if off:
print(f"[+] m_iHealth = {hex(off)}")
else:
print("[-] m_iHealth не найден")
# Ищем m_iTeamNum (обычно 0xF0)
print("\n[*] Поиск m_iTeamNum...")
if pm.read_int(local_player_addr + 0xF0) == team:
print(f"[+] m_iTeamNum = 0xF0")
else:
off = find_offset_by_value(pm, local_player_addr, local_player_addr + 0x200, team)
if off:
print(f"[+] m_iTeamNum = {hex(off)}")
else:
print("[-] m_iTeamNum не найден")
# Ищем m_vecOrigin (координаты)
print("\n[*] Поиск m_vecOrigin...")
origin_found = False
for offset in range(0, 0x200, 4):
try:
x = pm.read_float(local_player_addr + offset)
y = pm.read_float(local_player_addr + offset + 4)
z = pm.read_float(local_player_addr + offset + 8)
if -5000 < x < 5000 and -5000 < y < 5000 and -5000 < z < 5000:
if x != 0 or y != 0:
print(f"[+] m_vecOrigin = {hex(offset)}")
print(f" Координаты: ({x:.1f}, {y:.1f}, {z:.1f})")
origin_found = True
break
except:
pass
if not origin_found:
print("[-] m_vecOrigin не найден")
# Ищем m_angRotation (углы)
print("\n[*] Поиск m_angRotation...")
angles_found = False
for offset in range(0x100, 0x200, 4):
try:
pitch = pm.read_float(local_player_addr + offset)
yaw = pm.read_float(local_player_addr + offset + 4)
if -180 <= pitch <= 180 and -180 <= yaw <= 180:
print(f"[+] m_angRotation = {hex(offset)}")
print(f" Углы: ({pitch:.1f}, {yaw:.1f})")
angles_found = True
break
except:
pass
if not angles_found:
print("[-] m_angRotation не найден")
# Ищем dwEntityList
print("\n[*] Поиск dwEntityList...")
dwEntityList = dwLocalPlayer + 0xC0
print(f"[+] Предположительно dwEntityList = {hex(dwEntityList)}")
# Проверяем entity list
entity_addr = pm.read_int(client_base + dwEntityList)
if entity_addr:
print(f"[+] Первый энтити по адресу {hex(entity_addr)}")
else:
print("[-] Проверьте dwEntityList, возможно смещение другое")
# Ищем m_iCrosshairId
print("\n[*] Поиск m_iCrosshairId...")
crosshair_found = False
for offset in range(0x220, 0x240, 4):
try:
val = pm.read_int(local_player_addr + offset)
if 0 < val <= 32:
print(f"[+] m_iCrosshairId = {hex(offset)} (текущее значение: {val})")
crosshair_found = True
break
except:
pass
if not crosshair_found:
print("[-] m_iCrosshairId не найден (наведите прицел на врага и перезапустите)")
# Ищем dwForceAttack
print("\n[*] Поиск dwForceAttack...")
for offset in range(0x1B8000, 0x1B9000, 4):
try:
addr = client_base + offset
val = pm.read_int(addr)
if val == 0 or val == 4 or val == 5:
print(f"[+] Возможный dwForceAttack = {hex(offset)} (значение: {val})")
except:
pass
# Итоговый отчёт
print("\n" + "=" * 50)
print("ИТОГОВЫЕ СМЕЩЕНИЯ ДЛЯ ВАШЕЙ ВЕРСИИ:")
print("=" * 50)
print(f"dwLocalPlayer = {hex(dwLocalPlayer)}")
print(f"dwEntityList = {hex(dwEntityList)}")
print(f"m_iHealth = 0xF8")
print(f"m_iTeamNum = 0xF0")
print(f"m_vecOrigin = 0x130")
print("=" * 50)
input("\nНажмите Enter для выхода...")
if __name__ == "__main__":
main()