#include "Utils.h" bool start_allowed = false; void InstallHooks(); BYTE firstPrologue[5]; BYTE secondPrologue[6]; BYTE thirdPrologue[5]; BYTE fourPrologue[6]; bool NoAFK = false; bool SkipAllowed = false; void EmulateKeyPress(WORD vk_key, bool press); typedef bool(__thiscall* ptrSendPacket)(void* ECX, unsigned char ucPacketID, void* bitStream, int packetPriority, int packetReliability, int packetOrdering); ptrSendPacket callSendPacket = nullptr; bool __fastcall SendPacket(void* ECX, void* EDX, unsigned char ucPacketID, void* bitStream, int packetPriority, int packetReliability, int packetOrdering) { RestorePrologue((DWORD)callSendPacket, firstPrologue, 5); if (ucPacketID == 91) { MakeJump((DWORD)callSendPacket, (DWORD)&SendPacket, firstPrologue, 5); return true; // shout up anticheat } bool rslt = callSendPacket(ECX, ucPacketID, bitStream, packetPriority, packetReliability, packetOrdering); MakeJump((DWORD)callSendPacket, (DWORD)&SendPacket, firstPrologue, 5); return rslt; } void lua_register(void* L, const char* func_name, lua_CFunction f) { call_pushcclosure(L, (f), 1); call_setfield(L, LUA_GLOBALSINDEX, (func_name)); } int __cdecl isLuaCodeAvailable(void* luaVM) { call_pushboolean(luaVM, HackInjectAvailable); return 1; } int __cdecl luaGetCode(void* luaVM) { HackInjectAvailable = false; call_pushstring(luaVM, gLuaCode.c_str()); return 1; } int __cdecl luaGetArgument(void* luaVM) { call_pushstring(luaVM, gLuaArg.c_str()); return 1; } int __cdecl setDbgHook(void* luaVM) { int dbg = callAddDebugHook(luaVM); call_pushboolean(luaVM, dbg); return dbg; } int __cdecl aimPosition(void* luaVM) { aimWrapper(luaVM); return 1; } int __cdecl setAliveStatus(void* luaVM) { isLuaAlive = call_toboolean(luaVM, 1); return 1; } typedef int(__cdecl* t_LuaLoadBuffer)(void* L, const char* buff, size_t sz, const char* name); t_LuaLoadBuffer callLuaLoadBuffer = nullptr; int __cdecl hkLuaLoadBuffer(void* L, char* buff, size_t sz, const char* name) { RestorePrologue((DWORD)callLuaLoadBuffer, fourPrologue, 6); std::string code = R"STUB( local aimEnabled = false local isAiming = false local targetBone = nil local targetPlayer = nil local fovRadius = 300 local Smooth = 5.0 local scale_coeff = 5 local debug_mode = false local draw_fov = false local friendly_fire = false local targetLocked = false local isBeingSpectated = false local pName = "" local headshot = true function checkForSpectating() local x, y, z = getElementPosition(localPlayer) isBeingSpectated = false for _, player in ipairs(getElementsByType("player")) do if player ~= localPlayer and isPedDead(player) == false then local xh, xy, xz = getElementPosition(player) local distance = getDistanceBetweenPoints3D(x, y, z, xh, xy, xz) local alpha = getElementAlpha(player) local mydim = getElementDimension(localPlayer) local pdim = getElementDimension(player) local dlimit = 10 local veh = getPedOccupiedVehicle(localPlayer) if veh then dlimit = 50 end if alpha < 255 and distance <= dlimit and pdim == mydim then isBeingSpectated = true pName = getPlayerNametagText(player) break end end end end function renderSpectateWarning() -- Ukraine gta: detection of admin spectating to you if isBeingSpectated then local screenW, screenH = guiGetScreenSize() local text = "РђРґРјС–РЅ " .. pName .. " стежить Р·Р° вами!" local scale = 3.0 local font = "default-bold" local color = tocolor(255, 0, 0, 125) local textWidth = dxGetTextWidth(text, scale, font) local textHeight = dxGetFontHeight(scale, font) local x = (screenW - textWidth) / 2 local y = (screenH - textHeight) / 2 - 30 dxDrawText(text, x, y, x + textWidth, y + textHeight, color, scale, font, "center", "center", false, false, true) end end addEventHandler("onClientRender", root, renderSpectateWarning) setTimer(checkForSpectating, 1000, 0) function onPreEventHook( sourceResource, functionName, isAllowedByACL, luaFilename, luaLineNumber, ... ) local args = { ... } local resname = sourceResource and getResourceName(sourceResource) if tostring(args[1]) == 'anticheat:alert' and args[3] ~= nil then -- Ukraine GTA lua AC bypass return 'skip' end end addDebugHook('preFunction', onPreEventHook, { 'triggerServerEvent', 'triggerLatentServerEvent' }) function checkAimState() local isMouse2Down = getKeyState("mouse2") if aimEnabled and isMouse2Down then if not isAiming then isAiming = true targetLocked = false end else if isAiming then isAiming = false targetBone = nil targetPlayer = nil targetLocked = false end end end function getClosestTarget() local closestTarget = nil local closestDist = fovRadius local screenWidth, screenHeight = guiGetScreenSize() local screenX, screenY = screenWidth / 2, screenHeight / 2 local weapon = getPedWeapon(localPlayer) local maxWeaponRange = getWeaponProperty(weapon, "poor", "weapon_range") local elem_type = "player" if debug_mode == true then elem_type = "ped" end for _, player in ipairs(getElementsByType(elem_type)) do if player ~= localPlayer and isElementStreamedIn(player) then local x, y, z = getElementPosition(player) local screenPosX, screenPosY = getScreenFromWorldPosition(x, y, z + 0.5) if screenPosX and screenPosY then local dist = getDistanceBetweenPoints2D(screenX, screenY, screenPosX, screenPosY) if dist <= closestDist then local dist3D = getDistanceBetweenPoints3D(x, y, z, getElementPosition(localPlayer)) local pTeam = getPlayerTeam(player) local mTeam = getPlayerTeam(localPlayer) if isElementOnScreen(player) and dist3D <= maxWeaponRange and isPedDead(player) == false then if friendly_fire == false and pTeam == mTeam and pTeam ~= false and mTeam ~= false then return nil end closestTarget = player closestDist = dist end end end end end return closestTarget end function getAllTargetsInFOV() local targets = {} local screenWidth, screenHeight = guiGetScreenSize() local screenX, screenY = screenWidth / 2, screenHeight / 2 local elem_type = "player" if debug_mode == true then elem_type = "ped" end for _, player in ipairs(getElementsByType(elem_type)) do if player ~= localPlayer and isElementStreamedIn(player) then local x, y, z = getElementPosition(player) if isElementOnScreen(player) then table.insert(targets, player) end end end return targets end addEventHandler("onClientPreRender", root, function() checkAimState() local isMouse2Down = getKeyState("mouse2") if aimEnabled and isMouse2Down and draw_fov then local targetsInFOV = getAllTargetsInFOV() -- Получаем всех потенциальных целей for _, player in ipairs(targetsInFOV) do local boneX, boneY, boneZ = getPedBonePosition(player, 3) local screenX, screenY = getScreenFromWorldPosition(boneX, boneY, boneZ) if screenX and screenY then -- Расчет размера FOV на экране local fovEdgeX, fovEdgeY = getScreenFromWorldPosition(boneX + fovRadius, boneY, boneZ) if not fovEdgeX or not fovEdgeY then fovEdgeX, fovEdgeY = screenX + 100, screenY -- Запасной вариант, если getScreenFromWorldPosition не удался end local fovScreenRadius = getDistanceBetweenPoints2D(screenX, screenY, fovEdgeX, fovEdgeY) * 2 local segments = 100 local angleStep = 360 / segments for i = 0, segments do local startAngle = math.rad(i * angleStep) local endAngle = math.rad((i + 1) * angleStep) local startX = screenX + math.cos(startAngle) * fovScreenRadius local startY = screenY + math.sin(startAngle) * fovScreenRadius local endX = screenX + math.cos(endAngle) * fovScreenRadius local endY = screenY + math.sin(endAngle) * fovScreenRadius dxDrawLine(startX, startY, endX, endY, tocolor(0, 255, 0, 255), 2) end end end end if isAiming then if targetPlayer then if isPedDead(targetPlayer) == true then -- сброс цели, если она мертва targetPlayer = nil targetLocked = false end end if isAiming and not targetLocked then local newTarget = getClosestTarget() -- Пытаемся найти новую цель только если старая не захвачена if newTarget then targetPlayer = newTarget targetLocked = true -- Захватываем цель end end if targetPlayer and targetLocked then local priority_bone = 3 local weapon = getPedWeapon(localPlayer) if weapon == 34 and headshot == true then priority_bone = 8 end local targetElement = targetPlayer local inVehicle = getPedOccupiedVehicle(targetPlayer) if inVehicle then targetElement = inVehicle priority_bone = 8 end local muzzleX, muzzleY, muzzleZ = getPedWeaponMuzzlePosition(localPlayer) -- Получаем координаты дула оружия текущего игрока local boneX, boneY, boneZ = getPedBonePosition(targetPlayer, priority_bone) -- Текущие координаты костей local hit, _, _, _, hitElement = processLineOfSight(muzzleX, muzzleY, muzzleZ, boneX, boneY, boneZ, true, true, false, true, false, false, false, false, targetElement) if hit and inVehicle then -- сброс цели если чувак в машине имеет кость головы вне досягаемости за какой то стеной targetPlayer = nil targetLocked = false end if not inVehicle and hit and targetPlayer and targetLocked then -- Если игрок пешком и приоритетная кость не досягаема для выстрела -- Полный список ID костей local boneIDs = { 1, 2, 3, 4, 5, 6, 7, 8, 21, 22, 23, 24, 25, 26, 31, 32, 33, 34, 35, 36, 41, 42, 43, 44, 51, 52, 53, 54 } local hitBoneID = priority_bone local bone_found = false for _, boneID in ipairs(boneIDs) do local tBoneX, tBoneY, tBoneZ = getPedBonePosition(targetPlayer, boneID) muzzleX, muzzleY, muzzleZ = getPedWeaponMuzzlePosition(localPlayer) hit, _, _, _, hitElement = processLineOfSight(muzzleX, muzzleY, muzzleZ, boneX, boneY, boneZ, true, true, false, true, false, false, false, false, targetElement) if not hit then -- Если линия препятствий чиста hitBoneID = boneID -- Обновляем ID кости, по которой будем стрелять bone_found = true boneX = tBoneX boneY = tBoneY boneZ = tBoneZ break end end if bone_found == false then -- сбрасываем цель если мы не смогли найти не одной кости без препятствий targetPlayer = nil targetLocked = false end end if targetPlayer and targetLocked then local velX, velY, velZ = getElementVelocity(targetElement) -- Текущая скорость персонажа -- Перевод скорости из единиц GTA в метры в секунду local scale = scale_coeff -- Масштабный коэффициент -- Добавляем вектор скорости к текущим координатам local futureX = boneX + velX * scale local futureY = boneY + velY * scale local futureZ = boneZ + velZ * scale -- Направляем камеру на предполагаемую будущую позицию aimLock(futureX, futureY, futureZ, Smooth) end end end end) function ParseCommandsFromClient() setAliveStatus(true) local lua_hack_available = isLuaCodeAvailable() if lua_hack_available then local lua_code = tonumber(luaGetCode()) local lua_arg = luaGetArgument() if lua_code == 1044 then aimEnabled = not aimEnabled end if lua_code == 1055 then if friendly_fire == false then friendly_fire = true else friendly_fire = false end end if lua_code == 1066 then Smooth = tonumber(lua_arg) end if lua_code == 1077 then scale_coeff = tonumber(lua_arg) end if lua_code == 1088 then fovRadius = tonumber(lua_arg) end if lua_code == 1099 then if draw_fov == false then draw_fov = true else draw_fov = false end end if lua_code == 2011 then if headshot == false then headshot = true else headshot = false end end end end setTimer(ParseCommandsFromClient, 100, 0) )STUB"; int result = callLuaLoadBuffer(L, buff, sz, name); if (name != nullptr) { //if (findStringIC(utf8_to_cp1251(name), xorstr_("ugta_youtube\\Client\\UI.uagta"))) static bool first_script = false; if (!first_script) // injecting to first founded lua script { first_script = true; lua_register(L, xorstr_("luaGetCode"), luaGetCode); lua_register(L, xorstr_("isLuaCodeAvailable"), isLuaCodeAvailable); lua_register(L, xorstr_("luaGetArgument"), luaGetArgument); lua_register(L, xorstr_("setDbgHook"), setDbgHook); lua_register(L, xorstr_("aimLock"), aimPosition); lua_register(L, xorstr_("setAliveStatus"), setAliveStatus); callLuaLoadBuffer(L, cp1251_to_utf8(code.c_str()).c_str(), code.length(), name); return result; } } MakeJump((DWORD)callLuaLoadBuffer, (DWORD)&hkLuaLoadBuffer, fourPrologue, 6); return result; } void CheckHooks() { while (true) { if (!GetModuleHandleA(xorstr_("client.dll"))) continue; if (callSendPacket != nullptr) { if (*(BYTE*)callSendPacket != 0xE9) { SkipAllowed = false; InstallHooks(); Sleep(60000); } } Sleep(1000); } } void __fastcall ForceCursorVisible(void* ECX, void* EDX, bool bVisible, bool bToggleControls) { CoreECX = ECX; callForceCursorVisible(ECX, bVisible, bToggleControls); } typedef bool(__thiscall* ptrProcessMessage)(void* ECX, HWND__* hwnd, unsigned int uMsg, unsigned int wParam, int lParam); ptrProcessMessage callProcessMessage = nullptr; bool __fastcall ProcessMessage(void* ECX, void* EDX, HWND__* hwnd, unsigned int uMsg, unsigned int wParam, int lParam) { gameWnd = hwnd; CLocalGUI = ECX; ImGui_ImplWin32_WndProcHandler(hwnd, uMsg, wParam, lParam); if (ShowMenu) return true; return callProcessMessage(ECX, hwnd, uMsg, wParam, lParam); } using PresentSignature = HRESULT(__stdcall*)(IDirect3DDevice9*, const RECT*, const RECT*, HWND, const RGNDATA*); using ResetSignature = HRESULT(__stdcall*)(IDirect3DDevice9*, D3DPRESENT_PARAMETERS*); std::uintptr_t find_device(std::uint32_t Len) { static std::uintptr_t base = [](std::size_t Len) { std::string path_to(MAX_PATH, '\0'); if (auto size = GetSystemDirectoryA(path_to.data(), MAX_PATH)) { path_to.resize(size); path_to += "\\d3d9.dll"; std::uintptr_t dwObjBase = reinterpret_cast(LoadLibraryA(path_to.c_str())); while (dwObjBase++ < dwObjBase + Len) { if (*reinterpret_cast(dwObjBase + 0x00) == 0x06C7 && *reinterpret_cast(dwObjBase + 0x06) == 0x8689 && *reinterpret_cast(dwObjBase + 0x0C) == 0x8689) { dwObjBase += 2; break; } } return dwObjBase; } return std::uintptr_t(0); }(Len); return base; } void* get_function_address(int VTableIndex) { return (*reinterpret_cast(find_device(0x128000)))[VTableIndex]; } kthook::kthook_signal present_hook{ get_function_address(17) }; kthook::kthook_signal reset_hook{ get_function_address(16) }; LPDIRECT3DTEXTURE9 texture; #include "DrawMenu.h" // Render our menu std::optional on_lost(const decltype(reset_hook)& hook, IDirect3DDevice9* device_ptr, D3DPRESENT_PARAMETERS* parameters) { ImGui_ImplDX9_InvalidateDeviceObjects(); return std::nullopt; } void on_reset(const decltype(reset_hook)& hook, HRESULT& return_value, IDirect3DDevice9* device_ptr, D3DPRESENT_PARAMETERS* parameters) { } void InstallDx9Hooks() { present_hook.before += on_present; reset_hook.before += on_lost; reset_hook.after += on_reset; } void InstallHooks() { SigScan scan; while (!GetModuleHandleA(xorstr_("client.dll"))) Sleep(1000); static bool just_once = false; if (!just_once) { callSendPacket = (ptrSendPacket)scan.FindPattern(xorstr_("netc.dll"), xorstr_("\x55\x8B\xEC\x6A\xFF\x68\x00\x00\x00\x00\x64\xA1\x00\x00\x00\x00\x50\x81\xEC\x00\x00\x00\x00\xA1\x00\x00\x00\x00\x33\xC5\x89\x45\xF0\x56\x57\x50\x8D\x45\xF4\x64\xA3\x00\x00\x00\x00\x8B\xF1\x89\xB5\x00\x00\x00\x00\x8B\x7D\x0C"), xorstr_("xxxxxx????xx????xxx????x????xxxxxxxxxxxxx????xxxx????xxx")); if (callSendPacket != nullptr) { // needed for bypassing default anticheat on hp & armour but not necessary at all if u don`t need this hacks MakeJump((DWORD)callSendPacket, (DWORD)&SendPacket, firstPrologue, 5); // detected on the mta sa official - AC must be patched! } just_once = true; } if (callProcessMessage == nullptr) { callProcessMessage = (ptrProcessMessage)scan.FindPattern(xorstr_("core.dll"), xorstr_("\x55\x8B\xEC\x81\xEC\x14\x02"), xorstr_("xxxxxxx")); if (callProcessMessage != nullptr) { //LogInFile(LOG_NAME, xorstr_("[PLUGIN] Found address from signature to ProcessMessage!\n")); MH_CreateHook(callProcessMessage, &ProcessMessage, reinterpret_cast(&callProcessMessage)); MH_EnableHook(MH_ALL_HOOKS); } //else LogInFile(LOG_NAME, xorstr_("[ERROR] Can`t find a signature for ProcessMessage.\n")); } if (callForceCursorVisible == nullptr) { callForceCursorVisible = (ptrForceCursorVisible)scan.FindPattern(xorstr_("core.dll"), xorstr_("\x55\x8B\xEC\x8A\x45\x0C\xFF\x75\x08\x88\x81\x00\x00\x00\x00\x8B\x49\x0C\xE8\x00\x00\x00\x00\x5D\xC2\x08\x00"), xorstr_("xxxxxxxxxxx????xxxx????xxxx")); if (callForceCursorVisible != NULL) { //LogInFile(LOG_NAME, xorstr_("[PLUGIN] Found address from signature to ForceCursorVisible!\n")); MH_CreateHook(callForceCursorVisible, &ForceCursorVisible, reinterpret_cast(&callForceCursorVisible)); MH_EnableHook(MH_ALL_HOOKS); } //else LogInFile(LOG_NAME, xorstr_("[ERROR] Can`t find a signature for ForceCursorVisible.\n")); } callAddDebugHook = (ptrAddDebugHook)scan.FindPattern(xorstr_("client.dll"), xorstr_("\x55\x8B\xEC\x6A\xFF\x68\x00\x00\x00\x00\x64\xA1\x00\x00\x00\x00\x50\x81\xEC\xF4\x00\x00\x00\xA1\x00\x00\x00\x00\x33\xC5\x89\x45\xF0\x56\x57\x50\x8D\x45\xF4\x64\xA3\x00\x00\x00\x00\x8B\x75"), xorstr_("xxxxxx????xxxxxxxxxxxxxx????xxxxxxxxxxxxxxxxxxx")); call_pushcclosure = (lua_pushcclosure)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_pushcclosure")); call_setfield = (lua_setfield)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_setfield")); call_pushboolean = (lua_pushboolean)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_pushboolean")); call_toboolean = (lua_toboolean)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_toboolean")); call_tostring = (lua_tostring)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_tolstring")); call_pushnumber = (lua_pushnumber)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_pushnumber")); call_pushstring = (lua_pushstring)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("lua_pushstring")); callLuaLoadBuffer = (t_LuaLoadBuffer)GetProcAddress(GetModuleHandleA(xorstr_("lua5.1c.dll")), xorstr_("luaL_loadbuffer")); if (callLuaLoadBuffer != nullptr) { MakeJump((DWORD)callLuaLoadBuffer, (DWORD)&hkLuaLoadBuffer, fourPrologue, 6); } //CreateThread(0, 0, (LPTHREAD_START_ROUTINE)CheckHooks, 0, 0, 0); } void EmulateKeyPress(WORD vk_key, bool press) { static HWND hwnd = FindWindowA(NULL, xorstr_("MTA: San Andreas")); if (hwnd != nullptr) { if (press) PostMessageA(hwnd, WM_KEYDOWN, vk_key, MapVirtualKeyA(vk_key, MAPVK_VK_TO_VSC)); else PostMessageA(hwnd, WM_KEYUP, vk_key, MapVirtualKeyA(vk_key, MAPVK_VK_TO_VSC)); } } void CheatThread() { MH_Initialize(); InstallDx9Hooks(); InstallHooks(); while (true) { if (GetAsyncKeyState(VK_F10) && GetModuleHandleA(xorstr_("client.dll"))) { static bool just_once = false; if (!just_once) { LoadRegistryValues(); just_once = true; } ShowMenu ^= true; if (ShowMenu) callForceCursorVisible(CoreECX, true, true); else callForceCursorVisible(CoreECX, false, false); Sleep(1000); } Sleep(75); } } int __stdcall DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: DeleteFileA(xorstr_("texture.jpg")); DeleteFileA(xorstr_("Shrift.otf")); DropResource(xorstr_("texture.jpg"), MAKEINTRESOURCEA(IDR_RCDATA1), RT_RCDATA); DropResource(xorstr_("Shrift.otf"), MAKEINTRESOURCEA(IDR_RCDATA2), RT_RCDATA); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)CheatThread, 0, 0, 0); break; } return 1; }