library DepartureLib;
uses
Windows, SysUtils;
{$R *.res}
//Have a record of patches for easier managment(Not implemented yet)
Type
TPatchRecord = Record
Address: Pointer;
NewBytes: array of Byte;
OldBytes: array of Byte;
end;
//Pointer to our record
PPatchRecord = ^TPatchRecord;
var
//Thread Handles
dwThrdHack: Dword = 0;
dwThrdMain: Dword = 0;
dwThrdKeys: Dword = 0;
//Patches On/Off
NoRecoil: Boolean = False;
NoReload: Boolean = False;
SuperBullets: Boolean = False;
GlassWall: Boolean = False;
FPS: Boolean = False;
Const
//======================= NoRecoil ================================//
//Recoil Address's
AddressNoRecoil1 = $37465A60;
AddressNoRecoil2 = $37234EB9;
AddressNoRecoil3 = $37465A74;
AddressNoRecoil4 = $37465A77;
AddressNoRecoil5 = $37465A80;
//Recoil Patches
PatchNoRecoil1 : Array[0..2] of byte = ($90,$90,$90);
PatchNoRecoil2 : Array[0..10] of byte = ($90,$90,$90,$90,$90,$90,$90,$90,$90,$90,$90);
PatchNoRecoil3 : Array[0..2] of byte = ($90,$90,$90);
PatchNoRecoil4 : Array[0..2] of byte = ($90,$90,$90);
PatchNoRecoil5 : Array[0..2] of byte = ($90,$90,$90);
//Recoil ORiginal Bytes
OriginalNoRecoil1 : Array[0..2] of byte = ($D8,$66,$54);
OriginalNoRecoil2 : Array[0..10] of byte = ($C7,$84,$24,$94,$00,$00,$00,$0F,$00,$00,$00);
OriginalNoRecoil3 : Array[0..2] of byte = ($D9,$5E,$54);
OriginalNoRecoil4 : Array[0..2] of byte = ($D9,$46,$48);
OriginalNoRecoil5 : Array[0..2] of byte = ($D9,$5E,$48);
//======================= NoReload ==============================//
AddressNoReload = $374B1824;
PatchNoReload : Array[0..5] of byte = ($90,$90,$90,$90,$90,$90);
OriginalNoReload : Array[0..5] of byte = ($0F,$84,$B1,$01,$00,$00);
//======================== SuperBullets =========================//
AddressSuperBullets = $374AC526;
PatchSuperBullets : Array[0..2] of byte = ($90,$90,$90);
OriginalSuperBullets : Array[0..2] of byte = ($0F,$94,$C0);
//======================= GlassWall =============================//
AddressGlassWall = $005725AA;
PatchGlassWall : Array[0..1] of byte = ($6A,$00);
OriginalGlassWall : Array[0..1] of byte = ($6A,$01);
//PushToConsole Methods NOT working yet
type
TRunConsoleCommand = function(cmd : pchar) : Integer; cdecl;
PRunConsoleCommand = ^TRunConsoleCommand;
lpSetConsoleVariable = procedure( console: Integer; szVal: PChar ); cdecl;
PSetConsoleVariable = ^lpSetConsoleVariable; // Pointer To lpSetConsoleVariable
SetConsoleVariable = lpSetConsoleVariable;
procedure RunConsoleCommand(Const command : String);
var
RCC : TRunConsoleCommand;
begin
RCC:= TRunConsoleCommand($00485E10);
RCC(Pchar(command));
end;
//PushToCosole Method
function PushIt(command: PChar):boolean;cdecl;
var
dwAddress: Dword;
begin
dwAddress:= $00484BC0;
asm
mov eax,command
push eax
push $08003f0
call dwAddress
add esp,8
end;
result := true;
end;
// Write Bytes to Address Method
Function WriteIt(pAddress: Pointer; Bytes: Array of Byte): Boolean;
var
dwProtect: DWord;
begin
Result:= False;
//Change address Protecting to read/write/Execute and save the original in dwProtect
if VirtualProtect(pAddress, SizeOf(Bytes), PAGE_EXECUTE_READWRITE, @dwProtect) then
begin
//Write the new bytes to addres and the length of bytes to be written
Move(Bytes, pAddress^, Length(Bytes));
//Restore original Protecting to section we have just written to.
VirtualProtect(pAddress, SizeOf(Bytes), dwProtect, @dwProtect);
Result := True
end;
end;
Function FuncKeys(const LPVOID: variant): Boolean;
begin
while (True) do
Begin
//Recoil
if (GetAsyncKeyState(VK_NUMPAD1) <> 0) then
NoRecoil:= NOT NoRecoil;
//NoReload
if (GetAsyncKeyState(VK_NUMPAD2) <> 0) then
NoReload:= NOT NoReload;
//SuperBullets
if (GetAsyncKeyState(VK_NUMPAD3) <> 0) then
SuperBullets:= NOT SuperBullets;
//GlassWall
if (GetAsyncKeyState(VK_NUMPAD4) <> 0) then
GlassWall:= NOT GlassWall;
if (GetAsyncKeyState(VK_NUMPAD5) <> 0) then
FPS:= NOT FPS;
//Turn off All Hacks "End" Key
if (GetAsyncKeyState(VK_END) <> 0) then
begin
NoRecoil:= False;
NoReload:= False;
SuperBullets:= False;
GlassWall:= False;
end;
//Have a KitKat
sleep(100);
end;
end;
function FuncMain(const LPVOID: variant): Boolean;
begin
while (True) do
begin
asm
pushad;
end;
//Write NoRecoil
if NoRecoil then
begin
WriteIt(ptr(AddressNoRecoil1),PatchNoRecoil1);
WriteIt(ptr(AddressNoRecoil2),PatchNoRecoil2);
WriteIt(ptr(AddressNoRecoil3),PatchNoRecoil3);
WriteIt(ptr(AddressNoRecoil4),PatchNoRecoil4);
WriteIt(ptr(AddressNoRecoil5),PatchNoRecoil5);
end
else
begin
WriteIt(ptr(AddressNoRecoil1),OriginalNoRecoil1);
WriteIt(ptr(AddressNoRecoil2),OriginalNoRecoil2);
WriteIt(ptr(AddressNoRecoil3),OriginalNoRecoil3);
WriteIt(ptr(AddressNoRecoil4),OriginalNoRecoil4);
WriteIt(ptr(AddressNoRecoil5),OriginalNoRecoil5);
end;
//Write NoReload
if NoReload then
WriteIt(ptr(AddressNoReload),PatchNoReload)
else
WriteIt(ptr(AddressNoReload),OriginalNoReload);
//Write SuperBullets patch
if SuperBullets then
WriteIt(ptr(AddressSuperBullets),PatchSuperBullets )
else
WriteIt(ptr(AddressSuperBullets),OriginalSuperBull ets);
//Write GlassWall patch
if GlassWall then
WriteIt(ptr(AddressGlassWall),PatchGlassWall)
else
WriteIt(ptr(AddressGlassWall),OriginalGlassWall);
//PushToConsole
if FPS then
SetConsoleVariable($00484BC0)($008003F0,Pchar('Ske lModelStencil 1'))
else
SetConsoleVariable($00484BC0)($008003F0,Pchar('Ske lModelStencil 0'));
//Have a KitKat
Sleep(100);
asm
popad;
end;
end;
end;
Function IsGameReadyForHook: Boolean;
var
null: variant;
begin
//Get base address of the following modules...
if ((GetModuleHandleA('d3d9.dll') <> null) and
(GetModuleHandleA('ClientFX.fxd') <> null) and
(GetModuleHandleA('CShell.dll') <> null)) then
begin
//Modules exsist so we can return true
Result := True;
end
else
//Otherwise Modules dont exsist yet
Result := False;
end;
Function HackThread(): Dword;
var
cHandle: Cardinal;
begin
//Call our function to check for loaded game modules
Repeat
Sleep(500);
Until ((IsGameReadyForHook = True) and (dwThrdMain = 0));
//Creat one thread for Key presses, and one for writting our patches(if = to true)
CreateThread(nil, 0, @FuncKeys, nil, 0, dwThrdKeys);
CreateThread(nil, 0, @FuncMain, nil, 0, dwThrdMain);
//Just some debugging...(Not needed)
cHandle:= GetModuleHandleA('CShell.dll');
MessageBoxA(0, Pchar(format('CShell Base Adress: %8.x', [cHandle])),Pchar('CShell Base'), MB_OK + MB_ICONINFORMATION);
//No need for thread anymore
Result := 0;
end;
procedure DllMain(reason: integer);
begin
case reason of
DLL_PROCESS_ATTACH:
begin
//Create a thread to monitor for the game modules
CreateThread(nil, 0, @HackThread, nil, 0, dwThrdHack);
end;
DLL_PROCESS_DETACH:
//When we detach make sure to clean up any threads we created
begin
if dwThrdMain <> 0 then
CloseHandle(dwThrdMain);
if dwThrdHack <> 0 then
CloseHandle(dwThrdHack);
if dwThrdKeys <> 0 then
CloseHandle(dwThrdKeys);
end;
end;
end;
begin
//Disable notifycation of attachment
DisableThreadLibraryCalls(hInstance);
DllProc := @DllMain;
DllProc(DLL_PROCESS_ATTACH);
end.