Jump to content


Photo
- - - - -

[Help] Help, just read

Started by mre521, Sep 24 2009 01:55 AM

  • Please log in to reply
4 replies to this topic

#1 mre521

mre521

    Senior Member

  • Members
  • 105 posts

Posted 24 September 2009 - 01:55 AM

OK, i have a 2D game that I have made an aimbot for and it works perfectly. My only problem is that i don't know how to test if the target player is behind a map polygon. Basically what I mean is i don't know how to test if i can hit them with a perfectly straight shot from where my player is. Image: Posted Image
So all i need to know is if that line intersects with the triangle.
I have found a game function that tests this but i cannot figure out how to call it even though it appears i am doing it correctly. I get access violations.
Get openSuSe Linux

Posted Image


Posted Image

#2 trouble

trouble

    Posting Well

  • Members
  • 25 posts

Posted 24 September 2009 - 05:23 AM

even though it appears i am doing it correctly. I get access violations.



How about you show us how you've called it and what this function looks like. Right now it we'd just he shooting in the dark as to what is wrong.

#3 mre521

mre521

    Senior Member

  • Members
  • 105 posts

Posted 25 September 2009 - 02:16 AM

Here is the info on that function:

function at 005070d8
ecx always is 6(unknown)
edx always is 0012FC0Ch(unknown)
eax always is 0012FC14h(unknown)
esi is the base of the target
ebx is the base of the local player
stack args are pushed as follows:
push 0012FBF0
push 000003E9
the args are also unknowns.

Here is the function ASM if anyone wants to try to guess why im failing:
005070D8  /$ 55             PUSH EBP
005070D9  |. 8BEC           MOV EBP,ESP
005070DB  |. 83C4 B4        ADD ESP,-4C
005070DE  |. 53             PUSH EBX
005070DF  |. 56             PUSH ESI
005070E0  |. 57             PUSH EDI
005070E1  |. 8BF2           MOV ESI,EDX
005070E3  |. 8D7D F0        LEA EDI,DWORD PTR SS:[EBP-10]
005070E6  |. A5             MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
005070E7  |. A5             MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
005070E8  |. 8BF0           MOV ESI,EAX
005070EA  |. 8D7D F8        LEA EDI,DWORD PTR SS:[EBP-8]
005070ED  |. A5             MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
005070EE  |. A5             MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
005070EF  |. 8BF9           MOV EDI,ECX
005070F1  |. 8B75 0C        MOV ESI,DWORD PTR SS:[EBP+C]
005070F4  |. 8B1D 78E05C00  MOV EBX,DWORD PTR DS:[5CE078]                                          ;  Soldat.005D5E30
005070FA  |. C645 EF 00     MOV BYTE PTR SS:[EBP-11],0
005070FE  |. 8D4D E0        LEA ECX,DWORD PTR SS:[EBP-20]
00507101  |. 8D55 F0        LEA EDX,DWORD PTR SS:[EBP-10]
00507104  |. 8D45 F8        LEA EAX,DWORD PTR SS:[EBP-8]
00507107  |. E8 DC52F9FF    CALL Soldat.0049C3E8
0050710C  |. 8D45 E0        LEA EAX,DWORD PTR SS:[EBP-20]
0050710F  |. E8 8052F9FF    CALL Soldat.0049C394
00507114  |. D91E           FSTP DWORD PTR DS:[ESI]
00507116  |. 9B             WAIT
00507117  |. DB45 08        FILD DWORD PTR SS:[EBP+8]
0050711A  |. D81E           FCOMP DWORD PTR DS:[ESI]
0050711C  |. DFE0           FSTSW AX
0050711E  |. 9E             SAHF
0050711F  |. 73 0F          JNB SHORT Soldat.00507130
00507121  |. C706 7F96184B  MOV DWORD PTR DS:[ESI],4B18967F
00507127  |. C645 EF 01     MOV BYTE PTR SS:[EBP-11],1
0050712B  |. E9 2E020000    JMP Soldat.0050735E
00507130  |> D906           FLD DWORD PTR DS:[ESI]
00507132  |. D81D 6C735000  FCOMP DWORD PTR DS:[50736C]
00507138  |. DFE0           FSTSW AX
0050713A  |. 9E             SAHF
0050713B  |. 73 13          JNB SHORT Soldat.00507150
0050713D  |. 897D BC        MOV DWORD PTR SS:[EBP-44],EDI
00507140  |. DB45 BC        FILD DWORD PTR SS:[EBP-44]
00507143  |. D835 70735000  FDIV DWORD PTR DS:[507370]
00507149  |. E8 36BBEFFF    CALL Soldat.00402C84
0050714E  |. 8BF8           MOV EDI,EAX
00507150  |> D906           FLD DWORD PTR DS:[ESI]
00507152  |. D81D 74735000  FCOMP DWORD PTR DS:[507374]
00507158  |. DFE0           FSTSW AX
0050715A  |. 9E             SAHF
0050715B  |. 76 13          JBE SHORT Soldat.00507170
0050715D  |. 897D BC        MOV DWORD PTR SS:[EBP-44],EDI
00507160  |. DB45 BC        FILD DWORD PTR SS:[EBP-44]
00507163  |. D80D 70735000  FMUL DWORD PTR DS:[507370]
00507169  |. E8 16BBEFFF    CALL Soldat.00402C84
0050716E  |. 8BF8           MOV EDI,EAX
00507170  |> 897D BC        MOV DWORD PTR SS:[EBP-44],EDI
00507173  |. DB45 BC        FILD DWORD PTR SS:[EBP-44]
00507176  |. D83D 78735000  FDIVR DWORD PTR DS:[507378]
0050717C  |. 83C4 FC        ADD ESP,-4
0050717F  |. D91C24         FSTP DWORD PTR SS:[ESP]                                                ; /Arg1
00507182  |. 9B             WAIT                                                                   ; |
00507183  |. 8D55 E0        LEA EDX,DWORD PTR SS:[EBP-20]                                          ; |
00507186  |. 8D45 D8        LEA EAX,DWORD PTR SS:[EBP-28]                                          ; |
00507189  |. E8 6E52F9FF    CALL Soldat.0049C3FC                                                   ; \Soldat.0049C3FC
0050718E  |. 8D45 E0        LEA EAX,DWORD PTR SS:[EBP-20]
00507191  |. 50             PUSH EAX
00507192  |. 8D45 C8        LEA EAX,DWORD PTR SS:[EBP-38]
00507195  |. 50             PUSH EAX
00507196  |. E8 7D52F9FF    CALL Soldat.0049C418                                                   ;  JMP to d3dx81ab.D3DXVec2Normalize
0050719B  |. 68 0000A041    PUSH 41A00000                                                          ; /Arg1 = 41A00000
005071A0  |. 8D55 C8        LEA EDX,DWORD PTR SS:[EBP-38]                                          ; |
005071A3  |. 8D45 C8        LEA EAX,DWORD PTR SS:[EBP-38]                                          ; |
005071A6  |. E8 5152F9FF    CALL Soldat.0049C3FC                                                   ; \Soldat.0049C3FC
005071AB  |. 8D4D B4        LEA ECX,DWORD PTR SS:[EBP-4C]
005071AE  |. 8D55 C8        LEA EDX,DWORD PTR SS:[EBP-38]
005071B1  |. 8D45 F8        LEA EAX,DWORD PTR SS:[EBP-8]
005071B4  |. E8 1B52F9FF    CALL Soldat.0049C3D4
005071B9  |. 8B45 B4        MOV EAX,DWORD PTR SS:[EBP-4C]
005071BC  |. 8945 F8        MOV DWORD PTR SS:[EBP-8],EAX
005071BF  |. 8B45 B8        MOV EAX,DWORD PTR SS:[EBP-48]
005071C2  |. 8945 FC        MOV DWORD PTR SS:[EBP-4],EAX
005071C5  |. 4F             DEC EDI
005071C6  |. 85FF           TEST EDI,EDI
005071C8  |. 0F8C 90010000  JL Soldat.0050735E
005071CE  |. 47             INC EDI
005071CF  |. 897D C4        MOV DWORD PTR SS:[EBP-3C],EDI
005071D2  |. 33FF           XOR EDI,EDI
005071D4  |> 897D BC        /MOV DWORD PTR SS:[EBP-44],EDI
005071D7  |. DB45 BC        |FILD DWORD PTR SS:[EBP-44]
005071DA  |. D84D D8        |FMUL DWORD PTR SS:[EBP-28]
005071DD  |. D845 F0        |FADD DWORD PTR SS:[EBP-10]
005071E0  |. D95D D0        |FSTP DWORD PTR SS:[EBP-30]
005071E3  |. 9B             |WAIT
005071E4  |. 897D BC        |MOV DWORD PTR SS:[EBP-44],EDI
005071E7  |. DB45 BC        |FILD DWORD PTR SS:[EBP-44]
005071EA  |. D84D DC        |FMUL DWORD PTR SS:[EBP-24]
005071ED  |. D845 F4        |FADD DWORD PTR SS:[EBP-C]
005071F0  |. D95D D4        |FSTP DWORD PTR SS:[EBP-2C]
005071F3  |. 9B             |WAIT
005071F4  |. DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
005071FA  |. D87D D0        |FDIVR DWORD PTR SS:[EBP-30]
005071FD  |. E8 82BAEFFF    |CALL Soldat.00402C84
00507202  |. 83FA FF        |CMP EDX,-1
00507205  |. 75 0B          |JNZ SHORT Soldat.00507212
00507207  |. 83F8 DD        |CMP EAX,-23
0050720A  |. 0F86 44010000  |JBE Soldat.00507354
00507210  |. EB 06          |JMP SHORT Soldat.00507218
00507212  |> 0F8E 3C010000  |JLE Soldat.00507354
00507218  |> DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
0050721E  |. D87D D0        |FDIVR DWORD PTR SS:[EBP-30]
00507221  |. E8 5EBAEFFF    |CALL Soldat.00402C84
00507226  |. 83FA 00        |CMP EDX,0
00507229  |. 75 0B          |JNZ SHORT Soldat.00507236
0050722B  |. 83F8 23        |CMP EAX,23
0050722E  |. 0F83 20010000  |JNB Soldat.00507354
00507234  |. EB 06          |JMP SHORT Soldat.0050723C
00507236  |> 0F8D 18010000  |JGE Soldat.00507354
0050723C  |> DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
00507242  |. D87D D4        |FDIVR DWORD PTR SS:[EBP-2C]
00507245  |. E8 3ABAEFFF    |CALL Soldat.00402C84
0050724A  |. 83FA FF        |CMP EDX,-1
0050724D  |. 75 0B          |JNZ SHORT Soldat.0050725A
0050724F  |. 83F8 DD        |CMP EAX,-23
00507252  |. 0F86 FC000000  |JBE Soldat.00507354
00507258  |. EB 06          |JMP SHORT Soldat.00507260
0050725A  |> 0F8E F4000000  |JLE Soldat.00507354
00507260  |> DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
00507266  |. D87D D4        |FDIVR DWORD PTR SS:[EBP-2C]
00507269  |. E8 16BAEFFF    |CALL Soldat.00402C84
0050726E  |. 83FA 00        |CMP EDX,0
00507271  |. 75 0B          |JNZ SHORT Soldat.0050727E
00507273  |. 83F8 23        |CMP EAX,23
00507276  |. 0F83 D8000000  |JNB Soldat.00507354
0050727C  |. EB 06          |JMP SHORT Soldat.00507284
0050727E  |> 0F8D D0000000  |JGE Soldat.00507354
00507284  |> DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
0050728A  |. D87D D0        |FDIVR DWORD PTR SS:[EBP-30]
0050728D  |. E8 F2B9EFFF    |CALL Soldat.00402C84
00507292  |. 6BC0 47        |IMUL EAX,EAX,47
00507295  |. 8D04C3         |LEA EAX,DWORD PTR DS:[EBX+EAX*8]
00507298  |. 50             |PUSH EAX
00507299  |. DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
0050729F  |. D87D D4        |FDIVR DWORD PTR SS:[EBP-2C]
005072A2  |. E8 DDB9EFFF    |CALL Soldat.00402C84
005072A7  |. 5A             |POP EDX
005072A8  |. 66:8BB4C2 608C>|MOV SI,WORD PTR DS:[EDX+EAX*8+88C60]
005072B0  |. 66:85F6        |TEST SI,SI
005072B3  |. 0F86 9B000000  |JBE Soldat.00507354
005072B9  |. DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
005072BF  |. D87D D0        |FDIVR DWORD PTR SS:[EBP-30]
005072C2  |. E8 BDB9EFFF    |CALL Soldat.00402C84
005072C7  |. 6BC0 47        |IMUL EAX,EAX,47
005072CA  |. 8D04C3         |LEA EAX,DWORD PTR DS:[EBX+EAX*8]
005072CD  |. 50             |PUSH EAX
005072CE  |. DB83 24DB0800  |FILD DWORD PTR DS:[EBX+8DB24]
005072D4  |. D87D D4        |FDIVR DWORD PTR SS:[EBP-2C]
005072D7  |. E8 A8B9EFFF    |CALL Soldat.00402C84
005072DC  |. 5A             |POP EDX
005072DD  |. 0FB7C6         |MOVZX EAX,SI
005072E0  |. 85C0           |TEST EAX,EAX
005072E2  |. 7E 70          |JLE SHORT Soldat.00507354
005072E4  |. 8945 C0        |MOV DWORD PTR SS:[EBP-40],EAX
005072E7  |. C745 E8 010000>|MOV DWORD PTR SS:[EBP-18],1
005072EE  |> DB83 24DB0800  |/FILD DWORD PTR DS:[EBX+8DB24]
005072F4  |. D87D D0        ||FDIVR DWORD PTR SS:[EBP-30]
005072F7  |. E8 88B9EFFF    ||CALL Soldat.00402C84
005072FC  |. 6BC0 47        ||IMUL EAX,EAX,47
005072FF  |. 8D04C3         ||LEA EAX,DWORD PTR DS:[EBX+EAX*8]
00507302  |. 50             ||PUSH EAX
00507303  |. DB83 24DB0800  ||FILD DWORD PTR DS:[EBX+8DB24]
00507309  |. D87D D4        ||FDIVR DWORD PTR SS:[EBP-2C]
0050730C  |. E8 73B9EFFF    ||CALL Soldat.00402C84
00507311  |. 5A             ||POP EDX
00507312  |. 8B84C2 5C8C080>||MOV EAX,DWORD PTR DS:[EDX+EAX*8+88C5C]
00507319  |. 8B55 E8        ||MOV EDX,DWORD PTR SS:[EBP-18]
0050731C  |. 0FB73450       ||MOVZX ESI,WORD PTR DS:[EAX+EDX*2]
00507320  |. 8A8433 7FDC080>||MOV AL,BYTE PTR DS:[EBX+ESI+8DC7F]
00507327  |. 3C 03          ||CMP AL,3
00507329  |. 74 21          ||JE SHORT Soldat.0050734C
0050732B  |. 3C 01          ||CMP AL,1
0050732D  |. 74 1D          ||JE SHORT Soldat.0050734C
0050732F  |. 3C 02          ||CMP AL,2
00507331  |. 74 19          ||JE SHORT Soldat.0050734C
00507333  |. FF75 D0        ||PUSH DWORD PTR SS:[EBP-30]                                           ; /Arg2
00507336  |. FF75 D4        ||PUSH DWORD PTR SS:[EBP-2C]                                           ; |Arg1
00507339  |. 8BC3           ||MOV EAX,EBX                                                          ; |
0050733B  |. 8BD6           ||MOV EDX,ESI                                                          ; |
0050733D  |. E8 0A220400    ||CALL Soldat.0054954C                                                 ; \Soldat.0054954C
00507342  |. 84C0           ||TEST AL,AL
00507344  |. 74 06          ||JE SHORT Soldat.0050734C
00507346  |. C645 EF 01     ||MOV BYTE PTR SS:[EBP-11],1
0050734A  |. EB 12          ||JMP SHORT Soldat.0050735E
0050734C  |> FF45 E8        ||INC DWORD PTR SS:[EBP-18]
0050734F  |. FF4D C0        ||DEC DWORD PTR SS:[EBP-40]
00507352  |.^75 9A          |\JNZ SHORT Soldat.005072EE
00507354  |> 47             |INC EDI
00507355  |. FF4D C4        |DEC DWORD PTR SS:[EBP-3C]
00507358  |.^0F85 76FEFFFF  \JNZ Soldat.005071D4
0050735E  |> 8A45 EF        MOV AL,BYTE PTR SS:[EBP-11]
00507361  |. 5F             POP EDI
00507362  |. 5E             POP ESI
00507363  |. 5B             POP EBX
00507364  |. 8BE5           MOV ESP,EBP
00507366  |. 5D             POP EBP
00507367  \. C2 0800        RETN 8

Get openSuSe Linux

Posted Image


Posted Image

#4 L. Spiro

L. Spiro

    Global Moderator

  • Moderators
  • 327 posts
  • LocationTokyo, Japan

Posted 25 September 2009 - 04:54 AM

If all you want to do is test for intersection against a polygon, why not write your own?

In the meantime, you can test how to call the function easily via MHS, which can call any function in your game with no risk of crashing the game.


L. Spiro

#5 mre521

mre521

    Senior Member

  • Members
  • 105 posts

Posted 25 September 2009 - 11:47 PM

Well, my original problem is that i don't know the maths to test for the polygon intersection. I will try using mhs though.
Get openSuSe Linux

Posted Image


Posted Image
Back to D3D Programing


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. World Of Gamehacking and home of CES
  2. Programming
  3. General subjects
  4. D3D Programing
  5. Privacy Policy