Black Ops 3 Wallhack
Submitted on 2016-10-19 16:32:07 by Luuk

This wallhack was a way for me to experiment with memory editing/reading. The program reads information from memory like the Player position and Player Team. This information gets calculated and an overlay of the enemy’s position is drawn on top of the game minimap.

Using a tool called cheatengine I discovered the memory addresses and offsets. For example in order to get the X,Y,Z coordinate address for every player on the server you can use the following logic

First player on the server start address

X: 0x1414E5140

Y: 0x1414E5144

Z: 0x1414E5148

If we for example move 352 bytes over in memory (0x1414E5140 + 0x160 in hex) we get the X coordinate for the next player. We can do this for all players on the server (Max 18)

I also needed a way to differentiate between a friendly and enemy player which after a long search I found to be stored the same way as the player location’s with only a different offset.

Team number: 0x1526E807C + 324 (0x144 in hex)

Storing this data in array

Now that I know where to find the addresses we need to store it for later use. I used the following code for this.

 public long[][] players = new long[32][]; //Player pos

 int count = 1;

 //Start addresses

 players[0] = new long[4];//x,y,z,team

 players[0][0] = 0x1414E5140;

 players[0][1] = 0x1414E5144;

 players[0][2] = 0x1414E5148;

 players[0][3] = 0x1526E807C;//team

 while (count < 18)

    {

      players[count] = new long[4];

      players[count][0] = players[count - 1][0] + 0x160;

      players[count][1] = players[count - 1][1] + 0x160;

      players[count][2] = players[count - 1][2] + 0x160;

      players[count][3] = players[count - 1][3] + 0x144;//team

      count++;

    }

Screenshots

m6m2F3.png

A0y6l8.jpg

83D2E2.png

Source Code

using System;

using System.Collections;

using System.Collections.Generic;

using System.ComponentModel;

using System.Data;

using System.Diagnostics;

using System.Drawing;

using System.Linq;

using System.Runtime.InteropServices;

using System.Text;

using System.Threading.Tasks;

using System.Windows.Forms;

namespace Hacks

{

    public partial class Form1 : Form

    {

        int processHandle;

        public long[][] players = new long[32][]; //Player posistionsns

        public int team1Option = 0;

        public int team2Option = 0;

        public int drawlines = 1;

        Process[] p = Process.GetProcessesByName("blackops3");

        [DllImport("kernel32.dll")]

        public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

        [DllImport("kernel32.dll")]

        public static extern bool ReadProcessMemory(int hProcess, Int64 lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);

        public byte[] ReadMemory(Int64 adress, int processSize, int processHandle)

        {

            byte[] buffer = new byte[processSize];

            ReadProcessMemory(processHandle, adress, buffer, processSize, 0);

            return buffer;

        }

        public Form1()

        {

            InitializeComponent();

            uint DELETE = 0x00010000;

            uint READ_CONTROL = 0x00020000;

            uint WRITE_DAC = 0x00040000;

            uint WRITE_OWNER = 0x00080000;

            uint SYNCHRONIZE = 0x00100000;

            uint END = 0xFFF; //if you have Windows XP or Windows Server 2003 you must change this to 0xFFFF

            uint PROCESS_ALL_ACCESS = ( READ_CONTROL | SYNCHRONIZE | END);

            processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, p[0].Id);

            //Console.WriteLine(Encoding.Unicode.GetString(ReadMemory(0x1478AB564, 8, processHandle)));

           

            int count = 1;

            players[0] = new long[4];//x,y,z,team

            players[0][0] = 0x1414E5140;

            players[0][1] = 0x1414E5144;

            players[0][2] = 0x1414E5148;

            players[0][3] = 0x1526E807C;//team

            while (count < 18)

            {

                players[count] = new long[4];

                players[count][0] = players[count - 1][0] + 0x160;

                players[count][1] = players[count - 1][1] + 0x160;

                players[count][2] = players[count - 1][2] + 0x160;

                players[count][3] = players[count - 1][3] + 0x144;//team

                count++;

            }

        }

        private void Form1_Load(object sender, EventArgs e)

        {

        }

     

        private void timer1_Tick(object sender, EventArgs e)

        {

            float playerX = BitConverter.ToSingle(ReadMemory(0x14347C320, 8, processHandle), 0);

            float playerY = BitConverter.ToSingle(ReadMemory(0x14347C324, 8, processHandle), 0);

            float playerZ = BitConverter.ToSingle(ReadMemory(0x14347C328, 8, processHandle), 0);

            float mouseX = BitConverter.ToSingle(ReadMemory(0xE2DA12CFC, 8, processHandle), 0);

            float mouseY = BitConverter.ToSingle(ReadMemory(0x14793AA18, 8, processHandle), 0);

            int centerX = 220;

            int centerY = 130;

            int screenX = 960;

            int screenY = 540;

            SolidBrush myBrush = new SolidBrush(Color.DarkGray);

             Graphics formGraphics;

       

            formGraphics = CreateGraphics();

            formGraphics.Clear(Color.Black);

            //formGraphics.FillRectangle(new SolidBrush(Color.DarkGray), new Rectangle(0, 0, 400, 200));

           // formGraphics.FillRectangle(new SolidBrush(Color.BlueViolet), new Rectangle(centerX, centerY, 10, 10));

            SolidBrush brush = new SolidBrush(Color.OrangeRed);

            int count = 0;

            while (count < 12)

            {

                float player2X = BitConverter.ToSingle(ReadMemory(players[count][0], 8, processHandle), 0);

                float player2Y = BitConverter.ToSingle(ReadMemory(players[count][1], 8, processHandle), 0);

                float player2Z = BitConverter.ToSingle(ReadMemory(players[count][2], 8, processHandle), 0);

                int player2Team = BitConverter.ToInt32(ReadMemory(players[count][3], 8, processHandle),0);

               

                //if (player2X != 0 && player2Y != 0 && player2Z != 0 && player2Team == team1Option || player2Team == team2Option )

               // {

                   

                    float X = mouseX + 50;

                    double dis = getDistance(playerX, playerY, playerZ, player2X, player2Y, player2Z);

                    float angle = (float)RadianToDegree(Math.Atan2(playerY - player2Y, playerX - player2X));

                    formGraphics = CreateGraphics();

                    formGraphics.TranslateTransform(centerX, centerY);

                    formGraphics.RotateTransform(-angle + X);

                    double newX = dis / 15;

                    double newY = dis / 15;

                   

                        formGraphics.FillRectangle(new SolidBrush(Color.OrangeRed), new Rectangle((int)newX, (int)newY, 10, 10));

                    if (drawlines == 1)

                    {

                        formGraphics.DrawLine(new Pen(Color.Red), 0, 0, (int)newX, (int)newY);

                    }

                   

               // }

                count++;

            }

            myBrush.Dispose();

            formGraphics.Dispose();

        }

        private float getpos(float x, float y, float z,float mouseX, float mouseY)

        {

            int screenX = 960;

            int screenY = 540;

            float drawX = 0;

            float drawY = 0;

            return drawX;

        }

        public float MapValue(float a0, float a1, float b0, float b1, float a)

        {

            return b0 + (b1 - b0) * ((a - a0) / (a1 - a0));

        }

        public double getDistance(float x1, float y1, float z1, float x2, float y2, float z2)

        {

            //double dX = x1 - x2;

            //double dY = y1 - x2;

            //double multi = dX * dX + dY * dY;

            //double rad = Math.Round(Math.Sqrt(multi), 3);

            // return rad;

            float deltaX = x2 - x1;

            float deltaY = y2 - y1;

            float deltaZ = z2 - z1;

            float distance = (float)Math.Sqrt(deltaX * deltaX + deltaY * deltaY + deltaZ * deltaZ);

            return distance;

        }

        private double RadianToDegree(double angle)

        {

            return angle * (180.0 / Math.PI);

        }

        private void drawPlayer(float playerX, float playerY, float playerZ, float player2X, float player2Y, float player2Z, float mouseX, float mouseY)

        {

           

            // mouseY = MapValue(-80, 70, 1080, 0,mouseY);

            // mouseX = MapValue(0, 180, 0, 360, mouseX);

            //label1.Text = "" + playerX + playerY + playerZ;

           

        }

        private void label2_Click(object sender, EventArgs e)

        {

            if (team1Option == 0)

            {

                label2.Text = "Team1 [ON]";

                label2.BackColor = Color.Green;

                team1Option = 1;

            }

            else

            {

                label2.Text = "Team1 [OFF]";

                label2.BackColor = Color.Red;

                team1Option = 0;

            }

        }

        private void label3_Click(object sender, EventArgs e)

        {

            if (team2Option == 0)

            {

                label3.Text = "Team2 [ON]";

                label3.BackColor = Color.Green;

                team2Option = 2;

            }

            else

            {

                label3.Text = "Team2 [OFF]";

                label3.BackColor = Color.Red;

                team2Option = 0;

            }

        }

        private void label4_Click(object sender, EventArgs e)

        {

            if (drawlines == 0)

            {

                label4.Text = "Lines [ON]";

                label4.BackColor = Color.Green;

                drawlines = 1;

            }

            else

            {

                label4.Text = "Lines [OFF]";

                label4.BackColor = Color.Red;

                drawlines = 0;

            }

        }

    }

    }

Esselbr - Black Ops 3 Wallhack
© Esselbr.nl 2016