could you please explain more about how and why it works for subtracting offset from bot deaths to bot kills dynamic address to find the static bot entity pointer? I have completed it and its working but just interested on how you got that to work - really really cool.
We're assuming that the player and bot classes are structured the same in memory. If we find the offset/distance between the start of the player's class and their kills, we can use that same offset/distance to navigate memory for other entities, like bots. Since classes (or structs) in memory are stored contiguously, the order of variables in the class definition reflects their layout in memory. For example, if you have a class like class Player { int a; int b; int c; }, these variables a, b, and c will be stored sequentially in memory. Let me know if this answers your question!
at @11:08 when i create a pointer it shows up and dosnt give me a dropdown can you help me please? I've watched the video like 5 times in a row to understand it and maybe do it correct if i have made an misstake but the list you have is very simmilar to mine so i dont think i have made an misstake.
We might have different versions of ReClass. Yours might not show the dropdown for void pointers automatically. No worries! Just click the small loop symbol next to the pointer to change what it points to and in this case set the type to an array. Hope this helps!
Certainly! When I mention using the EDI register for array access, it implies an array because the addressing mode [edi + eax*4] calculates the address of an element within a contiguous block of memory. EDI is the base address of the array. EAX is the index.*4 scales the index by the size of each element (4 bytes for pointers in x86).This pattern is the most common in x86 assembly for accessing elements in arrays. Hopefully that clears things up!
For bypassing BattleEye (BE) or Easy Anti-Cheat (EAC) in Fortnite, you'll need to use kernel-level cheats. However, for VAC anti-cheat, it's a bit simpler since it's a user-mode anti-cheat, so you can get away with using an internal cheat. You'll still need to make some adjustments: mid-function hooking, encrypting strings, manually mapping the DLL, etc., and avoid writing directly to memory. Of course, there are additional measures you can take to make it safer, like using a kernel cheat, but there will always be a risk of detection.
Great video!
Great tutorial ❤
Silent aim tutorial(not for cs2 as usual, something else)
could you please explain more about how and why it works for subtracting offset from bot deaths to bot kills dynamic address to find the static bot entity pointer? I have completed it and its working but just interested on how you got that to work - really really cool.
We're assuming that the player and bot classes are structured the same in memory. If we find the offset/distance between the start of the player's class and their kills, we can use that same offset/distance to navigate memory for other entities, like bots. Since classes (or structs) in memory are stored contiguously, the order of variables in the class definition reflects their layout in memory. For example, if you have a class like class Player { int a; int b; int c; }, these variables a, b, and c will be stored sequentially in memory. Let me know if this answers your question!
at @11:08 when i create a pointer it shows up and dosnt give me a dropdown can you help me please? I've watched the video like 5 times in a row to understand it and maybe do it correct if i have made an misstake but the list you have is very simmilar to mine so i dont think i have made an misstake.
We might have different versions of ReClass. Yours might not show the dropdown for void pointers automatically. No worries! Just click the small loop symbol next to the pointer to change what it points to and in this case set the type to an array. Hope this helps!
@@MrRipperoni thank you, you really helped me to continue!
at @9:48 when you mention you want an EDI register there because it implies its an array, can you explain that a little bit more please.
Certainly! When I mention using the EDI register for array access, it implies an array because the addressing mode [edi + eax*4] calculates the address of an element within a contiguous block of memory. EDI is the base address of the array. EAX is the index.*4 scales the index by the size of each element (4 bytes for pointers in x86).This pattern is the most common in x86 assembly for accessing elements in arrays. Hopefully that clears things up!
@@MrRipperoni thanks
Would this work for something like CS2, or TF2, or Fortnite?
For Fortnite will be easy detected by anti cheat for such games you must go in kernel cheating, TF2 CS2 imo detected
Too
For bypassing BattleEye (BE) or Easy Anti-Cheat (EAC) in Fortnite, you'll need to use kernel-level cheats. However, for VAC anti-cheat, it's a bit simpler since it's a user-mode anti-cheat, so you can get away with using an internal cheat. You'll still need to make some adjustments: mid-function hooking, encrypting strings, manually mapping the DLL, etc., and avoid writing directly to memory. Of course, there are additional measures you can take to make it safer, like using a kernel cheat, but there will always be a risk of detection.
@@MrRipperoni How in the world would I get into kernel cheating lol
@@DeXorPL How in the world would I get into kernel cheating lol