#include
using namespace std;
#include
#include
DWORD GetProcId(const wchar_t* procName)
{
DWORD procId = 0;
HANDLE hproc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hproc != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 procEntry;
procEntry.dwSize = sizeof(procEntry);
if (Process32First(hproc, &procEntry))
{
do
{
if (!_wcsicmp(procEntry.szExeFile, procName))
{
procId = procEntry.th32ProcessID;
break;
}
} while (Process32Next(hproc, &procEntry));
}
}
CloseHandle(hproc);
return procId;
}
uintptr_t GetModuleBaseAddress(DWORD procId, const wchar_t* modName)
{
uintptr_t modBaseAddr = 0;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, procId);
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 modEntry;
modEntry.dwSize = sizeof(modEntry);
if (Module32First(hSnap, &modEntry))
{
do
{
if (!_wcsicmp(modEntry.szModule, modName))
{
modBaseAddr = (uintptr_t)modEntry.modBaseAddr;
break;
}
} while (Module32Next(hSnap, &modEntry));
}
}
CloseHandle(hSnap);
return modBaseAddr;
}
//Function that writes memory
void WriteMem(char* dst, char* src, int size)
{
HANDLE hSnap = OpenProcess(PROCESS_ALL_ACCESS, NULL, GetProcId(L"PRBF2.exe"));
DWORD oldprotect;
VirtualProtectEx(hSnap, dst, size, PAGE_EXECUTE_READWRITE, &oldprotect);
WriteProcessMemory(hSnap, dst, src, size, NULL);
VirtualProtectEx(hSnap, dst, size, oldprotect, &oldprotect);
}
/*
CHEATS START HERE!
*/
//===============================================================================================MAPHACK===============================================================================================
void MapHackOn(uintptr_t PRBF2Base) {
WriteMem((char*)(PRBF2Base + 0x3786D7), (char*)"\x39\xDB", 2); //mm1
WriteMem((char*)(PRBF2Base + 0x3786FD), (char*)"\x39\xF6", 2); //mm2
//PatchEx((char*)(PRBF2Base + 0x378723), (char*)"\x39\xDB", 2); //mm3
WriteMem((char*)(PRBF2Base + 0x3787B3), (char*)"\x39\xDB", 2); //mm4
WriteMem((char*)(PRBF2Base + 0x3787D9), (char*)"\x39\xF6", 2); //mm5
//PatchEx((char*)(PRBF2Base + 0x3787FC), (char*)"\x39\xDB", 2); //mm6
WriteMem((char*)(PRBF2Base + 0x378816), (char*)"\x85\xD8", 2); //mm7
WriteMem((char*)(PRBF2Base + 0x3836F7), (char*)"\x39\xDB", 2); //mm8
}
void MapHackOff(uintptr_t PRBF2Base) {
WriteMem((char*)(PRBF2Base + 0x3786D7), (char*)"\x3B\xDF", 2); //mm1
WriteMem((char*)(PRBF2Base + 0x3786FD), (char*)"\x3B\xF0", 2); //mm2
//PatchEx((char*)(PRBF2Base + 0x378723), (char*)"\x39\xDB", 2); //mm3
WriteMem((char*)(PRBF2Base + 0x3787B3), (char*)"\x3B\xDF", 2); //mm4
WriteMem((char*)(PRBF2Base + 0x3787D9), (char*)"\x3B\xF0", 2); //mm5
//PatchEx((char*)(PRBF2Base + 0x3787FC), (char*)"\x39\xDB", 2); //mm6
WriteMem((char*)(PRBF2Base + 0x378816), (char*)"\x85\xC0", 2); //mm7
WriteMem((char*)(PRBF2Base + 0x3836F7), (char*)"\x3B\xC3", 2); //mm8
}
//===============================================================================================RENDDX9DLL===============================================================================================
//UNDERGROWTH
void UndergrowthOff(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30C80), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x306B1), (char*)"\x01", 1);
}
void UndergrowthOn(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30C80), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x306B1), (char*)"\x00", 1);
}
//POSTPRODUCTION - Replaced by Shellshock and TV Interference
void PostProductionOff(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30731), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30F09), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x3104F), (char*)"\x01", 1);
}
void PostProductionOn(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30731), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30F09), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x3104F), (char*)"\x00", 1);
}
//SUNFLARE
void SunFlareOff(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30D58), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30EF0), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x3113A), (char*)"\x01", 1);
}
void SunFlareOn(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30D58), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30EF0), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x3113A), (char*)"\x00", 1);
}
//PARTICLES
void DrawParticlesOff(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30679), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x3069A), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x306E4), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x307BB), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30E02), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30E8F), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30EC1), (char*)"\x01", 1);
WriteMem((char*)(RendDX9Base + 0x30ED9), (char*)"\x01", 1);
//WriteMem((char*)(RendDX9Base + 0x30FA1), (char*)"\x01", 1); //This acuses crashes
WriteMem((char*)(RendDX9Base + 0x31463), (char*)"\x01", 1);
}
void DrawParticlesOn(uintptr_t RendDX9Base)
{
WriteMem((char*)(RendDX9Base + 0x30679), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x3069A), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x306E4), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x307BB), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30E02), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30E8F), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30EC1), (char*)"\x00", 1);
WriteMem((char*)(RendDX9Base + 0x30ED9), (char*)"\x00", 1);
//WriteMem((char*)(RendDX9Base + 0x30FA1), (char*)"\x00", 1); //This acuses crashes
WriteMem((char*)(RendDX9Base + 0x31463), (char*)"\x00", 1);
}
//SHELLSHOCK
void ShellShockOff(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x4F918), (char*)"\x00", 1);
}
void ShellShockOn(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x4F918), (char*)"\x0D", 1);
}
//TV INTERFERENCE
void TVInterferenceOff(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x583AA), (char*)"\x90\x90", 2);
}
void TVInterferenceOn(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x583AA), (char*)"\x8B\x11", 2);
}
//FOG1 - REMOVE
void FOG1Off(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x50710), (char*)"\xD9\x45\x06", 3); //last byte to 06
}
void FOG1On(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x50710), (char*)"\xD9\x45\x08", 3);
}
//FOG2 - REMOVE
void FOG2Off(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x50727), (char*)"\xD9\x45\x06", 3); //last byte to 06
}
void FOG2On(uintptr_t RendDX9Base) {
WriteMem((char*)(RendDX9Base + 0x50727), (char*)"\xD9\x45\x08", 3);
}
//==========================================================================================INSTRUCTIONS====================================================================================================
void InstructionCout()
{
std::cout << R"(
_ ____ _____ ______ _____ ________ ____ _____ _________
/ \ |_ \|_ _|.' ___ ||_ _||_ __ ||_ \|_ _|| _ _ |
/ _ \ | \ | | / .' \_| | | | |_ \_| | \ | | |_/ | | \_|
/ ___ \ | |\ \| | | | | | | _| _ | |\ \| | | |
_/ / \ \_ _| |_\ |_\ `.___.'\ _| |_ _| |__/ | _| |_\ |_ _| |_
|____| |____||_____|\____|`.____ .'|_____||________||_____|\____| |_____|
______ _____ _____ ____ ____ ________ _______ ______ _ ______ ___ ____
.' ____ \ |_ _||_ _||_ _| |_ _||_ __ ||_ __ \ |_ _ \ / \ .' ___ ||_ ||_ _|
| (___ \_| | | | | \ \ / / | |_ \_| | |__) | | |_) | / _ \ / .' \_| | |_/ /
_.____`. | | | | _ \ \ / / | _| _ | __ / | __'. / ___ \ | | | __'.
| \____) | _| |_ _| |__/ | \ ' / _| |__/ | _| | \ \_ _| |__) |_/ / \ \_\ `.___.'\ _| | \ \_
\______.'|_____||________| \_/ |________||____| |___||_______/|____| |____|`.____ .'|____||____|
)";
std::cout << R"(
___ _ _ ___ _____ ___ _ _ ___ _____ ___ ___ _ _ ___
|_ _| \| / __|_ _| _ \ | | |/ __|_ _|_ _/ _ \| \| / __|
| || .` \__ \ | | | / |_| | (__ | | | | (_) | .` \__ \
|___|_|\_|___/ |_| |_|_\\___/ \___| |_| |___\___/|_|\_|___/
)";
std::cout << "\n";
std::cout << "Pess F9 to toggle Maphack" << std::endl;
std::cout << "Pess F10 to toggle RendDX9 Tweaks" << std::endl;
std::cout << "Pess F11 to toggle RendDX9 Tweaks - Particles" << std::endl;
std::cout << "Pess F12 to toggle FOG1" << std::endl;
std::cout << "Pess DELETE to toggle FOG2" << std::endl;
}
//=========================================================================================================MAIN=========================================================================================================
{
int i
cin >> i;
uintptr_t RendDX9BaseAddr = GetModuleBaseAddress(PrProcID, L"RendDX9.dll");
uintptr_t PRBF2BaseAddr = GetModuleBaseAddress(PrProcID, L"PRBF2.exe");
bool B_MapHackOn = false;
bool B_RendDX9TweaksOn = false;
bool B_NoFogOn = false;
bool B_RendDX9TweaksOnParticles = false;
if
{
std::cout << "PR is not open! You need to open it first and then run the program fat.";
}
{
std::cout << "PRBF2 Proccess ID: " << PrProcID << std::endl;
}
InstructionCout();
while (true)
{
//Maphack
if (GetAsyncKeyState(VK_F9) & 1)
{
B_MapHackOn = !B_MapHackOn;
MapHackOff(PRBF2BaseAddr);
}
if (B_MapHackOn)
{
MapHackOn(PRBF2BaseAddr);
}
//RendDX9Tweaks
if (GetAsyncKeyState(VK_F10) & 1)
{
B_RendDX9TweaksOn = !B_RendDX9TweaksOn;
UndergrowthOn(RendDX9BaseAddr);
ShellShockOn(RendDX9BaseAddr);
TVInterferenceOn(RendDX9BaseAddr);
}
if (B_RendDX9TweaksOn)
{
UndergrowthOff(RendDX9BaseAddr);
ShellShockOff(RendDX9BaseAddr);
TVInterferenceOff(RendDX9BaseAddr);
}
//RendDX9Tweaks - Particles
if (GetAsyncKeyState(VK_F11) & 1)
{
B_RendDX9TweaksOnParticles = !B_RendDX9TweaksOnParticles;
DrawParticlesOn(RendDX9BaseAddr);
}
if (B_RendDX9TweaksOnParticles)
{
DrawParticlesOff(RendDX9BaseAddr);
}
//FOG1 - REMOVE
if (GetAsyncKeyState(VK_F12) & 1)
{
B_NoFogOn = !B_NoFogOn;
FOG1On(RendDX9BaseAddr);
}
if (B_NoFogOn)
{
FOG1Off(RendDX9BaseAddr);
}
//FOG2 - REMOVE
if (GetAsyncKeyState(VK_DELETE) & 1)
{
B_NoFogOn = !B_NoFogOn;
FOG2On(RendDX9BaseAddr);
}
if (B_NoFogOn)
{
FOG2Off(RendDX9BaseAddr);
}
}
Sleep(5);
return 0;