Quake 3 Engine Related Development (Non-Game Specific)
Sticky Threads
Recently c0re made a post ( http://forum.gamedeception.net/showthread.php?t=18794 ) that mentioned getting the address of a function in the QVM *after* it's been compiled to native code. I feel I should explain more about what this is and what it can do. The Quake VM allows a developer to...
today i messed around with the engine again.. and see what i found well i haven't believed it first time but see it looks very cool not even needed a w2s since the function has already that and it don't even lags. don't ask me how i found it exactly some reverences inside the function...
Hooking events in the Q3 Engine We will hook Q3 Events, which can be used for HealthESP, and lots of other things. I'm not sure how others hook it, but I wrote this from scratch, and there are other ways of hooking the events also ;D. This tutorial uses ET as an example. CG_EntityEvent is the...
int * numModels = (int *) 0xC4EB50; char ** models = (char **) 0xC4DB50; char *get_R_GetModelByHandle( qhandle_t index ) { char *mod; if ( index < 1 || index >= *numModels ) { return models; }
funny shit because none are server sided . luls typedef struct { float Recoil_1; //0x0000 float Recoil_2; //0x0004 float Recoil_3; //0x0008 float Recoil_4; //0x000C float Recoil_5; //0x0010 float Recoil_6; //0x0014 } WeaponRecoil_t;//Size=0x0018(24)
QvmKanker is a Quake3 Qvm disassembler. Copyright © 2007 - *nixCoders team - http://www.nixcoders.org/ Release under the GPL License === Features === - Disassemble all Qvm opcode. - GUI and console version. - Support Qvm version 2 (Jump table target). - Cross references for:
If your poking around the smokingguns sdk you can find this in CG_Init: // clear everything memset( &cgs, 0, sizeof( cgs ) ); memset( &cg, 0, sizeof( cg ) ); memset( cg_entities, 0, sizeof(cg_entities) ); memset( cg_weapons, 0, sizeof(cg_weapons) ); memset( cg_items, 0,...
Maybe this will be helpful for someone. To find the clientActive_t struct (for viewangles and such) in q3 based games you can search through the disassembly for "r_uiFullScreen" which resides in the CL_Disconnect function in cl_main.c. The function just before that is: /*...
My first QVM disassembler sucked, so I made this one. I had a lot of fun writing it. Written in Python and relies on sys, os, struct, and re modules. I'm not sure of the minimum Python version required. I know it works on 2.5.1. Command list... asys <num> <name> - Add system...
what is URT? urban terror(URT) is a free game based on the q3 engine this game is not dead, many people still play it. There is no SDK released for this game yet. (m#therFu#kers) #define snprintf _snprintf #define vsnprintf _vsnprintf void DebugLog ( char* cSection, char* cText, ... ) {
Quake 3 engine games send checksums of each PK3 file in their directory to the server, when they connect. The string format is: "cp xxxxxxxxx xxxxxxxxx xxxxxxxxx ..........." With 'xxxxxxxxx' being each PK3's checksum. I'm pretty sure the packet then gets encrypted, before it gets sent to...
ok, first of all i want to thank ghetto pato for the great idea! :) spycam in the quake3 engine is way easier than it is in the half-life engine. if you are familar with the engine you know that the syscall CG_R_RENDERSCENE... erm renders the scene... ;D the only parameter passed through it...
I came across this accidentally while experimenting with a few things. This is for Smokin' Guns. I was seeing what I could do with the GetUserCmd import just by simply logging a few things and what I could benefit from it. I got kinda frustrated because I'm on a new pc and I hooked up my old hd...
drawtools /* __asm { fild dword_301D5A28 fmul ds:flt_3006B9FC fstp flt_301D5A44 fild dword_301D5A2C fmul ds:flt_3006B9F8 fstp flt_301D5A48 } */ //cgs_t static float * screenXScale = (float *) 0x301D5A44;
This was a project I was working on for ET a long time ago I never finished but it is very easily convertable to any Q3 game What's better about this gl hook than others? - Uses my TLS hooking class (stealthy, undetected) - Aims the same way as engine using VIEWANGLES! - Uses offsetless...
QuakerGL is a little weekend Project. It is my first Q3 hack so it´s not PB proofed. Sourcecode included. It´s nothing special but i think that it shows the possibilitys of an OGL hack in Quake 3. have pHun with it :)
Normal Threads
Any Ideas how to do that? I thought cgDC could be a start but don't managed finding the address. I can already use DrawStretchPic but ESP is a bit cooler with text. ;)
Note: Please do not CP&P(Copy, Paste and Post). Link to this page instead. Cod2 V1.3 MP -> ←↔↔↔↔↔↔↔↔↔↔↔↔↔↔↔→ Content: ▪Links / Linkage > ▪ASM / C++ >
modelrec using RB_TessXModel : P bool OneTime = true; bool PlayerSkinnedModels = false; HRESULT (WINAPI *orig_DrawIndexedPrimitive) ( LPDIRECT3DDEVICE9,D3DPRIMITIVETYPE ,INT ,UINT ,UINT ,UINT ,UINT ); HRESULT WINAPI DrawIndexedPrimitive_det(LPDIRECT3DDEVICE9 pDevice,D3DPRIMITIVETYPE...
WHAT: A small procedure which changes the cl_guid variable to a random sequence of 32 characters complying with the standards of the cl_guid format. If you're not familiar with ASM the important part is the '0041F7A0h'. It appears to be the Set_Cvar function, param1 is a pointer to the command...
hi all...., i have some questions about UTR hacks...., i found ConsolePrint, SetCvar functions and throught OllyDBG i found a nice function: 004AB1E0 /$ 68 C83A4E00 PUSH ioUrbanT.004E3AC8 004AB1E5 |. 68 7CE64E00 PUSH ioUrbanT.004EE67C ; ASCII "phys_friction"...
Simple and quick explanation to bypass the protections used in some mods for Jk2/jka. The code used in this project doesnt alter the game's code in any way. it just changes a pointer. First you must understand how the protection works. 1) The ui module calls the syscall function with the 1st...
if you are to lazy to hooking first the gfx engine.dll hire the quick way void (*orig_CG_R_AddrefEntitieToScene) ( ) = (void ( *) ( ))0x4CE000; void CG_R_AddrefEntitieToScene( ){ __asm pushad refEntity_t* ref = (refEntity_t *)(NULL); __asm mov eax, __asm mov ref, eax// ...
same i made for cod4/5 a while ago. hire is it for cod2 typedef struct{ short UNKNOW; short allies; short axis; short current; short damage;
Sorry, I didn't see a section for older engines. Maybe someone else will find this useful. This is using ms detours cuz i'm lazy. http://quakeone.com/proquake/ typedef void (*ConPrintf)(char *fmt); ConPrintf trap_ConPrintf = (ConPrintf)0x0040BB60; void ConPrint(char *fmt)
typedef enum { TR_STATIONARY, TR_INTERPOLATE, TR_LINEAR, TR_LINEAR_STOP, TR_SINE, TR_GRAVITY } trType_t; typedef struct {
Perfect XQZ Wallhack for Smokin' Guns: if( rfEnt->customSkin ) { rfEnt->renderfx |= RF_DEPTHHACK; } I figured this out by just looking at the skin files that only apply for the player models in the sg .pak file:
This has probably been posted before, but here's a perfect wallhack method I just found. Works in UrT 4.1, and maybe could be adapted to other games... Make sure you have syscall hooking. I do this in VM_Create, but you can do it in VM_LoadQVM as well and possible elsewhere(perhaps monitoring...
Client NoRecoil in Q3 We are making visual no recoil for the Q3 engine. I used ET as an example. When you fire your weapon, CG_FireWeapon gets called. From there it calls CG_WeaponFireRecoil, which adds recoil to your view. So we will hook CG_WeaponFireRecoil. The function we are going...
http://de.wikipedia.org/wiki/DarkPlaces void (*DrawEngine_DrawTextBox)(float x, float y, float width, float height) = (void (__cdecl *)(float x, float y, float width, float height))0x49A6E0; void (*DrawEngine_M_PrintColored)(float cx, float cy, const char *str) = (void (__cdecl *)(float cx,...
cparticle_t * (*hook_new_particle)() = (cparticle_t * (__cdecl *)())0x5E7B904; void (*Engine_CL_ItemRespawnParticles)(vec3_t org) = (void (__cdecl *)(vec3_t))0x406460; void (*Engine_CL_TeleportParticles)(vec3_t org) = (void (__cdecl *)(vec3_t))0x40C860; void (*p_CL_DeltaEntity)( frame_t *frame,...
we need a idtech2/q2 forum anyways i post it hire becouse the game is based on q2,q3 and ut, mostly q2 cls.state/*0x5AC2EA0*/ = 1; cls.realtime/*0x5AC2EAC*/ = Sys_Milliseconds ()/*0x4370C0*/; CL_InitInput () /*0x40E590*/; CL_InitHttpDownload();/*0x40DBB0*/ adr0/*0x5ADC784*/ =...
http://upload.wikimedia.org/wikipedia/commons/8/85/Quake_-_family_tree_2.svg
today i found 22 ways how to make a another player wallhack Part 1:Using AddMD3Surfaces exemplare i use Urban Terror 4.1 ok lets start Tools we need:q3sdk,ollydbg or ida and me lol
I'm trying to mess about with ioUrbanTerror.exe v4.1, which I believe is based off the Q3 engine. I'm using a basic opengl32.dll wrapper (coded by guyonasm, cheers) to wrap the glBegin() function. The code i'm using is at the bottom of this snippet. I've converted the most generic of...
Alright I've never messed with this game or q3 mods before, but this could be applied to doing chams or other neat shader effects on players. First lets register our shader in CG_Init: shaderFlag = trap_R_RegisterShader( "models/misc/cloth_flag_44" ); Now in your syscall hook in...
inside GetRefAPI are the funtion offsets http://aimbots.net76.net/king-orgy/sof2refapi.html static void (*CL_DrawStretchPic)( float x, float y, float w, float h, float s1, float t1, float s2, float t2,const float* color, qhandle_t hShader ) = (void (__cdecl *)( float , float , float , float...
In this example i'll target the "screenshot" command to hook screenshots for visual hack removal. Heres how i do it in a modified Quake3 Engine... Find the screenshot command in memory, backup the pointer, overwrite with the address of my hookfunc. Within my hookfunc i set a flag 'var == 1'...
Finding and using basic offsets for Q3 based games. OK, this tutorial should help you find offsets for Quake 3 based games, and the basics of how to use them. The example game we will use is CoDUO 1.5. We will use raw offsets, although it can also be done through the cg, cgs, eg_ents structs....
Jedi Knight has the Game Mode Ysalimari. Its like Capture the Flag though. Now the Flag has two shaders for each Team. Blue and Red of course. We could use these Shaders for Glowshells for example. The two Shader Names are: ysaliredShader and ysaliblueShader. These Shaders are stored in the...
for q3 engine games, kinda like the "Aj" thread by gna but this way is quicker and better. First up, disassemble the cgame dll (usually cgame_mp_x86.dll) any disassembler will do but IDA is best. now in q3 engine games, CG_Init function calls memset to reset the structs, this is...
There are currently 1 users browsing this forum. (0 members & 1 guests)
Use this control to limit the display of threads to those newer than the specified time frame.
Allows you to choose the data by which the thread list will be sorted.
Order threads in...
Note: when sorting by date, 'descending order' will show the newest results first.
Forum Rules
