[Tutorial] Reversing the Client (EP. 2)

[Cyrex']

[ Hey. In this episode I'm gonna give you some hints
to make a pretty decent aimbot + esp (world2screen). ]

First you need to have a basic understanding of computer graphics and how game engines work. I will try to explain the most fundamental things.
Even tho I will explain very in-depth I will NOT teach you trigonometry or projection stuff. In maths you should educate yourself.

Let's start with the aimbot, assuming we already reversed everything we need; for an aimbot you just loop thru every entity(i.e. an enemy player) and save the distance from your local position vector to the enemy vector -> "pythagorean theorem" for 3d vectors (google that if you dont know).
Now we should have the closest entity saved by ptr or index. We can now calculate the angle between our view vector and the enemy vector. It's much easier if the enemy vector is relative to our vector so just subtract the enemy vector from our vector.


(pic stolen from some other forum [credits @])

Yaw: arccot(deltaX / deltaY)
Pitch: arccot(hyp, deltaZ)

Actually, it's very easy if you watched out in school.
We can now just set our viewangles whereever they are stored :P

I'm away now. The reversal of these things + ESP & WorldToScreen will come later in this thread. Cya

for you guys that can't wait and want to reverse themselves:

PHP Code:

  v94 / v92 / v90 = sub_20240E0();
  v13 = *(float *)((*(int (__thiscall **)(int))(*(_DWORD *)v94 + 76))(v94) + 8);
  v14 = *(float *)((*(int (__thiscall **)(int))(*(_DWORD *)v92 + 76))(v92) + 4);
  v15 = *(float *)(*(int (__thiscall **)(int))(*(_DWORD *)v90 + 76))(v90); 


will be stored in sse registers; v15 is x, v14 y, v13 z.
that means v90 = some class, *v90 some class's vtable.
vtable + 0x4C = GetCameraPositionXYZ function (returns a struct[ptr]).

[Cyrex']

#reserved

edit: sooo...

In the previous post I showed you how to get the camera position of a specified entity.
We now need our viewangles(yaw and pitch[roll is not used in most fps). S4 provides the camera directions in vectors.

PHP Code:

v55 = sub_20240E0();
v67 = sub_20240E0();
v53 = sub_20240E0();
v10 = *(float *)(v55 + 516); // z
v11 = *(float *)(v67 + 512); // y
v12 = *(float *)(v53 + 508); // x 


just grab them. now you can just leave them as unit vectors or you can convert them to "real" angles. For w2s you will just need the unit vectors in a matrix. Coming back soon.

I ripped this function to convert unit vectors to angles from the source engine sdk - because math.. fuck it.

PHP Code:

void VectorAngles(Vector forward, QAngle angles)
{
    Assert(s_bMathlibInitialized);
    float    tmp, yaw, pitch;
 
    if (forward[1] == 0 && forward[0] == 0)
    {
        yaw = 0;
        if (forward[2] > 0)
            pitch = 270;
        else
            pitch = 90;
    }
    else
    {
        yaw = (atan2(forward[1], forward[0]) * 180 / M_PI);
        if (yaw < 0)
            yaw += 360;
 
        tmp = sqrt(forward[0] * forward[0] + forward[1] * forward[1]);
        pitch = (atan2(-forward[2], tmp) * 180 / M_PI);
        if (pitch < 0)
            pitch += 360;
    }
 
    angles[0] = pitch;
    angles[1] = yaw;
    angles[2] = 0;
} 


ps: forward vector is mostly 'z' or '-z' component. You may need to omit the clamping and
reorienting to s4's coordinate system.