LuaHackKit - aimbot for cs:s (will work after offset update)

1. -------------------------------------------------------------------------------------------------
2. --DOWNLOAD LUA HACK KIT AT: http://b0mbnet.info/files/luahackkit.zip
3. --FOR MORE INFO VISIT: http://b0mbnet.info/blog/2012/08/lua-hack-kit-you-put-a-what-in-my-what/
4. -------------------------------------------------------------------------------------------------
5.  
6. SetDebugPrivileges()
7.  
8. local hwnd = 0
9. while (hwnd == 0) do
10.     hwnd = FindWindow("Counter-Strike Source")
11. end
12.  
13. local procID = GetProcessId(hwnd)
14. WriteConsole("Process ID: " .. tostring(procID) .. "\n")
15. local procHandle = OpenProcess(PROCESS_ALL_ACCESS, procID)
16. WriteConsole("Process Handle: " .. tostring(procHandle) .. " [" .. tostring(PROCESS_ALL_ACCESS) .. "]\n")
17.  
18. local engine = GetBaseAddress(procHandle, "engine.dll")
19. local client = GetBaseAddress(procHandle, "client.dll")
20.  
21. local r_drawothermodels = client + 0x72F508
22. --sigscan for \x89\x54\x24\x2C\x89\x44\x24\x30\xE8
23. --then add 0xF to address found
24. --resulting value = ptr to ptr to entity table
25. local etbl = ReadInt(procHandle, engine + 0x3C6C88)
26. WriteConsole("Entity Table @ " .. tostring(etbl) .. "\n");
27.  
28. local GetEntity = function(idx)
29.     return ReadInt(procHandle, etbl + (40+(8*idx)))
30. end
31.  
32. local C_CSPlayer = {
33.     deadflag = function(base) return ReadInt(procHandle, base + 0x87) end,
34.     m_iHealth = function(base) return ReadInt(procHandle, base + 0x88) end,
35.     m_iTeamNum = function(base) return ReadInt(procHandle, base + 0x90) end,
36.     m_vecMins = function(base) return ReadFloat(procHandle, base + 0x168),
37.         ReadFloat(procHandle, base + 0x16C), ReadFloat(procHandle, base + 0x170) end,
38.     m_vecMaxs = function(base) return ReadFloat(procHandle, base + 0x174),
39.         ReadFloat(procHandle, base + 0x178), ReadFloat(procHandle, base + 0x17C) end,
40.     m_vecAbsOrigin = function(base) return ReadFloat(procHandle, base + 0x1F4),
41.         ReadFloat(procHandle, base + 0x1F8), ReadFloat(procHandle, base + 0x1FC) end,
42.     m_angAbsRotation = function(base) return ReadFloat(procHandle, base + 0x200),
43.         ReadFloat(procHandle, base + 0x204), ReadFloat(procHandle, base + 0x208) end,
44.     m_vecNetworkOrigin = function(base) return ReadFloat(procHandle, base + 0x20C),
45.         ReadFloat(procHandle, base + 0x210), ReadFloat(procHandle, base + 0x214) end,
46.     m_angNetworkAngles = function(base) return ReadFloat(procHandle, base + 0x218),
47.         ReadFloat(procHandle, base + 0x21C), ReadFloat(procHandle, base + 0x220) end,
48.     m_fFlags = function(base) return ReadInt(procHandle, base + 0x2DC) end,
49.     m_flFOVStart = function(base) return ReadFloat(procHandle, base + 0xF2C) end,
50.     m_bDucked = function(base) return ReadByte(procHandle, base + 0xD60) end,
51.     m_bDucking = function(base) return ReadByte(procHandle, base + 0xD61) end,
52.     m_flDucktime = function(base) return ReadFloat(procHandle, base + 0xD64) end,
53.     m_flFallVelocity = function(base) return ReadFloat(procHandle, base + 0xD74) end,
54.     m_nOldButtons = function(base) return ReadFloat(procHandle, base + 0xD78) end,
55.     m_vecPunchAngle = function(base) return ReadFloat(procHandle, base + 0xD88),
56.         ReadFloat(procHandle, base + 0xD8C), ReadFloat(procHandle, base + 0xD90) end,
57.     m_szLastPlaceName = function(base) return ReadStr(procHandle, base + 0x11A8, 20) end,
58.     m_flStamina = function(base) return ReadFloat(procHandle, base + 0x1380) end,
59. }
60.  
61. local o_EyeP = engine + 0x3E80A0
62. local o_EyeYaw = engine + 0x3E80A4
63. local o_EyeR = engine + 0x3E80A8
64.  
65. WriteConsole("ACTIVATED\n");
66.  
67. local function AngleToTarget(pX,pY,pZ, tX,tY,tZ)
68.     deltaX = pX - tX
69.     deltaY = pY - tY
70.     deltaZ = pZ - tZ
71.     hpy = math.sqrt((deltaX*deltaX) + (deltaY*deltaY))
72.     angP = math.deg(math.atan(deltaZ / hyp))
73.     angY = math.deg(math.atan(deltaY / deltaX))
74.     angR = 0
75.     if (deltaX >= 0) then deltaY += 180 end
76.     return angP,angY,angR
77. end
78.  
79. local tmp = 0
80. local aimbot = false
81. local abot_backup = 0
82. while (IsKeyDown(VK_END) == 0) do --END
83.     if (IsKeyDown(VK_F11) == 1) then
84.         if (ReadInt(procHandle, r_drawothermodels) == 1) then
85.             WriteInt(procHandle, r_drawothermodels, 2)
86.             WriteConsole("wallhack on\n")
87.         else
88.             WriteInt(procHandle, r_drawothermodels, 1)
89.             WriteConsole("wallhack off\n")
90.         end
91.     end
92.    
93.     if (IsKeyDown(VK_F10) == 1) then
94.         aimbot = not aimbot
95.         if (aimbot) then WriteConsole("Aimbot on\n")
96.         else WriteConsole("Aimbot off\n") end
97.     end
98.    
99.     if (aimbot) then
100.         local Me = GetEntity(1)
101.         local EyeX, EyeY, EyeZ = C_CSPlayer.m_vecNetworkOrigin(Me)
102.         WriteConsole("Local Pos: " .. tostring(EyeX) .. ", "
103.             .. tostring(EyeY) .. ", " .. tostring(EyeZ) .. "\n")
104.        
105.         local Nme = GetEntity(2)
106.         local NmeX, NmeY, NmeZ = C_CSPlayer.m_vecNetworkOrigin(Nme)
107.         if (C_CSPlayer.m_bDucked(Nme) == 1) then
108.             NmeZ = NmeZ + 32 else NmeZ = NmeZ + 65 end
109.         WriteConsole("Enemy Pos: " .. tostring(NmeX) .. ", "
110.             .. tostring(NmeY) .. ", " .. tostring(NmeZ) .. "\n")
111.        
112.         local pitch, yaw, roll = AngleToTarget(EyeX,EyeY,EyeZ, NmeX,NmeY,NmeZ)
113.         WriteConsole("Angle to target: " .. tostring(pitch) .. ", "
114.             .. tostring(yaw) .. ", " .. tostring(roll) .. "\n")
115.         WriteFloat(procHandle, o_EyeP, math.NormalizeAngle(pitch))
116.         WriteFloat(procHandle, o_EyeYaw, math.NormalizeAngle(yaw))
117.     end
118.    
119.     Sleep(100)
120. end
121.  
122. CloseHandle(procHandle)