Speedhack.cpp (3,90 KB)
#include <windows>
#include <iostream>
#include <TlHelp32.h>
using namespace std;
int GetProcessIdByName ( string ProcessName );
float GetCurrentSpeed( HANDLE h );
void IncreaseSpeed(HANDLE h,float speed);
void GetDebugPrivilege();
int main(int argc, char*argv[])
{
GetDebugPrivilege();
int pid = GetProcessIdByName("WoW.exe");
if ( pid == -1 )
{
cout<<"You havent start WOW\n";
}
HANDLE h = OpenProcess(PROCESS_ALL_ACCESS,0,pid);
if ( h == 0)
{
cout<<"OpenProcess error: " << GetLastError() << "\n";
system("PAUSE");
return 0;
}
/*/
Speehack:
"WoW.exe"+0084E4BC
+0x24
+0x78c
+0x27c
Normal running speed = 7.0
Walk speed = 2.5
while(1)
{
for(int i=0;i<256;i++)
{
if(GetAsyncKeyState(i)==-32767)
{
cout<<i<<"\n";
}
}
}
/*/
SetConsoleTitle("Bass World of Warcraft Speedhack :-)");
cout<<"+ = Increase speed\n";
cout<<"- = Decrease speed\n";
cout<<"DEL key = Restore normal run speed\n";
float speed = 7.0; // normal run speed
while(1)
{
if(GetAsyncKeyState(107)==-32767) // 107 = +
{
speed = GetCurrentSpeed(h);
speed = speed + 1;
IncreaseSpeed(h,speed);
}
if(GetAsyncKeyState(109)==-32767) // 109 = -
{
speed = GetCurrentSpeed(h);
speed = speed - 1;
IncreaseSpeed(h,speed);
}
// This sets the character back on normal run speed
if(GetAsyncKeyState(46)==-32767) // 109 = -
{
speed = GetCurrentSpeed(h);
speed = 7;
IncreaseSpeed(h,speed);
}
IncreaseSpeed(h,speed);
}
}
//---------------------------------------------------------------------------
void GetDebugPrivilege()
{
TOKEN_PRIVILEGES priv;
HANDLE hThis, hToken;
LUID luid;
hThis = GetCurrentProcess();
OpenProcessToken(hThis, TOKEN_ADJUST_PRIVILEGES, &hToken);
LookupPrivilegeValue(0, "seDebugPrivilege", &luid);
priv.PrivilegeCount = 1;
priv.Privileges[0].Luid = luid;
priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, false, &priv, 0, 0, 0);
CloseHandle(hToken);
CloseHandle(hThis);
}
float GetCurrentSpeed( HANDLE h )
{
unsigned addr = 0x00400000+0x0084E4BC; // 0x00400000 = WoW.exe (base)
unsigned NextAddr=0;
bool r = ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
addr = NextAddr + 0x24;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
//cout<<hex<<"0x24: "<< NextAddr<<"\n";
addr = NextAddr + 0x78c;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
//cout<<hex<<"0x78c: "<< NextAddr<<"\n";
float CurrentSpeed=0.0;
addr = NextAddr + 0x27c;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&CurrentSpeed, sizeof(float) ,0);
return CurrentSpeed;
}
void IncreaseSpeed(HANDLE h, float speed)
{
unsigned addr = 0x00400000+0x0084E4BC; // 0x00400000 = WoW.exe (base)
unsigned NextAddr=0;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
addr = NextAddr + 0x24;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
//cout<<hex<<"0x24: "<< NextAddr<<"\n";
addr = NextAddr + 0x78c;
ReadProcessMemory(h,reinterpret_cast<void*>(addr),&NextAddr, sizeof(unsigned) ,0);
//cout<<hex<<"0x78c: "<< NextAddr<<"\n";
addr = NextAddr + 0x27c;
WriteProcessMemory(h,reinterpret_cast<void*>(addr),&speed,sizeof(float), 0);
}
int GetProcessIdByName ( string ProcessName )
{
HANDLE h = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 lppe;
lppe.dwSize = sizeof(PROCESSENTRY32);
Process32First( h, &lppe );
do
{
if ( strcmp(lppe.szExeFile,"WoW.exe") == false )
{
return lppe.th32ProcessID;
}
}
while ( Process32Next (h, &lppe) == true );
return -1;
}