使命召唤现代战争 - 2020-07-15 - 《HelloPPM》

enum game_data : uint32_t
{
    // 48 8B 1D ? ? ? ? C6 44 24 ? ? 0F B6 44 24 ?
    o_client_info = 0x174A9718, // +
    // 48 8B 83 ?? ?? ?? ?? C6 44 24 ?? ?? 0F B6
    o_client_base = 0x9DBF8, // +
    //48 83 BB ? ? ? ? ? 0F 84 ? ? ? ? 48 89 B4 24 ? ? ? ?
    o_local_index = 0x178, // +
    // 4C 8D 1D ? ? ? ? 44 8B 15 ? ? ? ? 48 8D 1D ? ? ? ? 4C 8B C9
    o_refdef = 0x174AC0C8, //+ ‬
    // 48 8B 05 ? ? ? ? 48 8B 7C 24 ? 48 05 ? ? ? ?
    o_camera_base = 0x145F67E0, // ‬+
    o_camera_pos = 0x1D8,
    // C7 83 ? ? ? ? ? ? ? ? C7 83 ? ? ? ? ? ? ? ? E8 ? ? ? ? 44 0F B6 C6 48 8B D5 48 8B CF E8 ? ? ? ?
    o_player_dead_1 = 0x3818, // +
    // 41 83 B8 ? ? ? ? ? 0F 85 ? ? ? ? 41 B8 ? ? ? ?
    o_player_dead_2 = 0xF40, // +
    // 49 8B D9 41 0F B6 F0 8B F9 48 8B EA
    o_player_pos = 0x468, // +
    // 48 69 D3 ?? ?? ?? ?? 48 03 96 ?? ?? ?? ??
    o_player_size = 0x3AD8, // +
    // 8B 87 ? ? ? ? 4C 8B BC 24 ? ? ? ? 4C 8B B4 24 ? ? ? ? 4C 8B AC 24 ? ? ? ? 4C 8B A4 24 ? ? ? ? 85 C0 74 16
    o_player_team = 0xF60, // +
    // C7 87 ?? ?? ?? ?? ?? ?? ?? ?? C7 87 ?? ?? ?? ?? ?? ?? ?? ?? 41
    o_player_valid = 0xF64, // +
    // 48 8D 0D ? ? ? ? 48 8B 0C C1 48 8B 01 FF 90 ? ? ? ?
    o_name_array = 0x174B76B8, // ‬+
    o_name_array_padding = 0x4C70, 
    o_name_array_size = 0xD0,
};

ULONG64 GetClientInfo(ULONG64 peb, ULONG64 moduleBase) {
    ULONG64 rax = 0, rbx = 0, rcx = 0, rdx = 0, rdi = 0, rsi = 0, r8 = 0, r9 = 0, r10 = 0, r11 = 0, r12 = 0, r13 = 0, r14 = 0, r15 = 0, rbp = 0;
    r8 = peb;
    rbx = *(ULONG64*)(moduleBase + 0x174a9718);
    //r8 = *(ULONG64*)(moduleBase + 0x1c79082); // ? this is gay
    rax = moduleBase;
    rbx += rax;
    rax = rbx;
    rax >>= 0x10;
    rbx ^= rax;
    rax = (moduleBase + 0x134);
    rcx -= rax;
    rax = rbx;
    rcx = 0; // bruh
    rax >>= 0x20;
    rax ^= rbx;
    rcx = _rotl64(rcx, 0x10);
    rcx ^= *(ULONG64*)(moduleBase + 0x663C10A);
    rcx = _byteswap_uint64(rcx);
    rbx = *(ULONG64*)(rcx + 0x13);
    rbx *= rax;
    rax = 0x76D048452DCF6909;
    rbx -= r8;
    r8 = (~r8);
    rbx *= rax;
    rax = (moduleBase + 0x2C8CD073);
    r8 += rax;
    rbx ^= r8;
    return rbx;
}

ULONG64 GetClientBase(ULONG64 Peb, ULONG64 moduleBase, ULONG64 clientInfo)
{
    ULONG64 rax = moduleBase, rcx = moduleBase, rdx = moduleBase, r8 = moduleBase, r9 = moduleBase, r10 = moduleBase, r11 = moduleBase, r12 = moduleBase, r13 = moduleBase, r14 = moduleBase, r15 = moduleBase, rsi = moduleBase, rdi = moduleBase; // hardcoded lol
    ULONG64 rbx = Peb;
    rax = *(ULONG64*)(clientInfo + 0x9dbf8);
    rcx = rbx;
    rcx <<= 0x21;
    rcx = _byteswap_uint64(rcx);
    rcx &= 0xf;
    switch (rcx)
    {
    case 0:
    { r9 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = rax;
    rcx >>= 0x18;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x30;
    rax ^= rcx;
    rcx = moduleBase;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x8;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x10;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x20;
    rax ^= rcx;
    rcx = 0x345963FE4F9F5BC7;
    rax *= rcx;
    rcx = 0x1BC0D0E9288C6DB3;
    rax += rcx;
    rax += rbx;
    rcx = moduleBase;
    rax -= rcx;
    return rax;
    }
    case 1:
    { r11 = (moduleBase + 0x6064722A);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = rbx;
    rcx ^= r11;
    rax -= rcx;
    rcx = rax;
    rcx >>= 0x11;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x22;
    rax ^= rcx;
    rax ^= rbx;
    rcx = (moduleBase + 0x28AB);
    rcx = (~rcx);
    rcx -= rbx;
    rax += rcx;
    rcx = 0x16A1C31B3D93A83F;
    rax *= rcx;
    rcx = 0xD0C234BF8A55764B;
    rax *= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = 0xB75E6F62B4DBBCC1;
    rax *= rcx;
    return rax;
    }
    case 2:
    { r14 = (moduleBase + 0x30A5);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = rax;
    rcx >>= 0x15;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x2A;
    rax ^= rcx;
    rcx = rbx;
    rcx = (~rcx);
    rcx ^= r14;
    rax -= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = 0x5D11A30DE94FFEDE;
    rax += rcx;
    rcx = rax;
    rcx >>= 0x1B;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x36;
    rax ^= rcx;
    rax ^= rbx;
    rcx = 0x1D2CA89A1A1BE3D9;
    rax ^= rcx;
    rcx = 0xDD63D27B22050957;
    rax *= rcx;
    return rax;
    }
    case 3:
    { r14 = (moduleBase + 0x7B3CDBC1);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rdx = rbx;
    rdx = (~rdx);
    rcx = r14;
    rcx = (~rcx);
    rdx *= rcx;
    rax += rdx;
    rcx = rax;
    rcx >>= 0x26;
    rcx ^= rax;
    rax = rcx + rbx * 2;
    rcx = moduleBase;
    rax -= rcx;
    rax -= 0x7736E4C5;
    rcx = 0xA4C7B3171334DA2E;
    rax ^= rcx;
    rcx = 0x667B75570F23711D;
    rax *= rcx;
    rcx = 0x7E05078E8B5B3EDA;
    rax -= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    return rax;
    }
    case 4:
    { r9 = *(ULONG64*)(moduleBase + 0x663C140);
    rax ^= rbx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rcx = *(ULONG64*)(rcx + 0xb);
    rcx *= 0x64DE26759A457153;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0x24;
    rax ^= rcx;
    rcx = 0x49AF5B2E74070925;
    rax *= rcx;
    rcx = 0xB5CC279242DD0301;
    rax *= rcx;
    return rax;
    }
    case 5:
    { r11 = *(ULONG64*)(moduleBase + 0x663C140);
    r15 = (moduleBase + 0x6BA9);
    rdx = (moduleBase + 0x5F9E55C9);
    rdx = (~rdx);
    rdx ^= rbx;
    rcx = rax;
    rax = 0xBF5978C960F6BB4B;
    rax ^= rcx;
    rax += rdx;
    rdx = (moduleBase + 0x28877536);
    rcx = rax;
    rcx >>= 0x18;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x30;
    rax ^= rcx;
    rcx = rbx;
    rcx = (~rcx);
    rcx *= r15;
    rax ^= rcx;
    r8 = 0; // bruh
    r8 = _rotl64(r8, 0x10);
    r8 ^= r11;
    rcx = rbx;
    rcx *= rdx;
    rdx = rax;
    rdx -= rcx;
    rcx = 0x84229F2B4FE6843B;
    r8 = _byteswap_uint64(r8);
    rax = *(ULONG64*)(r8 + 0xb);
    rax *= rdx;
    rax *= rcx;
    rax ^= rbx;
    return rax;
    }
    case 6:
    { r15 = (moduleBase + 0xE397);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = moduleBase;
    rax += rcx;
    rcx = moduleBase;
    rax += rcx;
    rcx = 0x4030351D523D85BB;
    rax += rcx;
    rcx = rbx;
    rcx ^= r15;
    rax += rcx;
    rcx = 0x71A01F36E5BF55AF;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0x10;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x20;
    rcx ^= rax;
    rdx = 0; // bruh
    rdx = _rotl64(rdx, 0x10);
    rdx ^= r10;
    rdx = _byteswap_uint64(rdx);
    rax = *(ULONG64*)(rdx + 0xb);
    rdx = (moduleBase + 0x31AFF9CE);
    rax *= rcx;
    rcx = rbx;
    rcx *= rdx;
    rax -= rcx;
    return rax;
    }
    case 7:
    { r10 = *(ULONG64*)(moduleBase + 0x663C140);
    r15 = (moduleBase + 0x9CF0);
    rcx = rax;
    rcx >>= 0x19;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x32;
    rax ^= rcx;
    rcx = moduleBase;
    rcx += 0x16E9;
    rcx += rbx;
    rax ^= rcx;
    rdx = 0; // bruh
    rdx = _rotl64(rdx, 0x10);
    rdx ^= r10;
    rcx = rbx;
    rdx = _byteswap_uint64(rdx);
    rcx ^= r15;
    rdx = *(ULONG64*)(rdx + 0xb);
    rax *= rdx;
    rax -= rcx;
    rcx = rax;
    rcx >>= 0xA;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x14;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x28;
    rax ^= rcx;
    rcx = 0x201300BD919020EB;
    rax *= rcx;
    rcx = 0x136871F8B2311042;
    rax += rcx;
    rcx = 0xE0229051A9F3C38B;
    rax ^= rcx;
    return rax;
    }
    case 8:
    { r15 = (moduleBase + 0x6C04);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rdx = *(ULONG64*)(rcx + 0xb);
    rcx = 0x866F75E98D0D53B1;
    rdx *= rax;
    rax = rbx;
    rax *= r15;
    rdx += rax;
    rax = 0x1671E2558441F0BB;
    rdx ^= rbx;
    rax = rdx;
    rax >>= 0x20;
    rax ^= rdx;
    rax ^= rcx;
    rcx = 0x9E0D951F0C28F90B;
    rax *= rcx;
    rcx = 0x78503CB374B04FAD;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0x2;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x4;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x8;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x10;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x20;
    rax ^= rcx;
    return rax;
    }
    case 9:
    { r14 = (moduleBase + 0x6CFB74E0);
    r11 = (moduleBase + 0x7F309832);
    r9 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rax ^= rbx;
    rax ^= r14;
    rcx = rax;
    rcx >>= 0x17;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x2E;
    rax ^= rcx;
    rcx = 0xD7356E290A5B1FBA;
    rax += rcx;
    rcx = moduleBase;
    rax ^= rcx;
    rcx = 0xD80D8A31210F08D3;
    rax *= rcx;
    rcx = r11;
    rcx = (~rcx);
    rcx ^= rbx;
    rax -= rcx;
    rcx = rax;
    rcx >>= 0x9;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x12;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x24;
    rax ^= rcx;
    return rax;
    }
    case 10:
    { r9 = *(ULONG64*)(moduleBase + 0x663C140);
    r11 = (moduleBase + 0x6AD2A7C4);
    rax -= rbx;
    rax ^= rbx;
    rcx = 0x29222BE3E0E2FFB;
    rax ^= r11;
    r11 = moduleBase;
    rax *= rcx;
    rcx = 0x5BB04B85CD9365D;
    rax -= rbx;
    rax += rcx;
    rax += r11;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = 0x5FC588EC700475F3;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0xC;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x18;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x30;
    rax ^= rcx;
    return rax;
    }
    case 11:
    { r10 = *(ULONG64*)(moduleBase + 0x663C140);
    r14 = (moduleBase + 0xCF97);
    rdx = r14;
    rdx = (~rdx);
    rdx += rbx;
    rax ^= rdx;
    rcx = (moduleBase + 0xCA22);
    rax += rbx;
    rdx = moduleBase;
    rax += rcx;
    rcx = rbx;
    rcx = (~rcx);
    rcx -= rdx;
    rcx -= 0x1236;
    rax ^= rcx;
    rcx = 0x48502E6384BA9941;
    rax *= rcx;
    rcx = 0x5EB925E16D423E1E;
    rax -= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = 0xE5AB625D3BB65BBF;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0x1F;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x3E;
    rax ^= rcx;
    return rax;
    }
    case 12:
    { r15 = (moduleBase + 0xEE34);
    r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = rbx + 0x1;
    rcx *= r15;
    rax += rcx;
    rax ^= rbx;
    rcx = 0xBF0F6EC504339C71;
    rax *= rcx;
    rcx = 0x62753D45ABF968CD;
    rax -= rcx;
    rcx = 0x28C82E52D21EB6AB;
    rax -= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = rax;
    rcx >>= 0xB;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x16;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x2C;
    rax ^= rcx;
    rcx = moduleBase;
    rax ^= rcx;
    return rax;
    }
    case 13:
    { r10 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r10;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = rax;
    rcx >>= 0x2;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x4;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x8;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x10;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x20;
    rax ^= rcx;
    rdx = rax;
    rdx >>= 0x22;
    rdx ^= rax;
    rcx = 0xAB96BD5255F50EEF;
    rax = (moduleBase + 0x4795B778);
    rax = (~rax);
    rax ^= rbx;
    rax += rdx;
    rax *= rcx;
    rax -= rbx;
    rcx = 0x697DECF064AB09C3;
    rax *= rcx;
    rcx = rbx;
    rcx *= 0x7FF6A2B4E842;
    rax += rcx;
    return rax;
    }
    case 14:
    { r9 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = rax;
    rcx >>= 0xB;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x16;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x2C;
    rax ^= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rcx = *(ULONG64*)(rcx + 0xb);
    rcx *= 0xF2B84228009F892B;
    rax *= rcx;
    r10 = 0x21D0F0E2660F5094;
    rcx = rbx;
    rcx = (~rcx);
    rcx *= 0x7FF6A2B42E00;
    rcx += r10;
    rax += rcx;
    rcx = rax;
    rcx >>= 0x10;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x20;
    rax ^= rcx;
    rcx = 0x1E450D45A88B3DC9;
    rax *= rcx;
    rcx = rax;
    rcx >>= 0x17;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x2E;
    rax ^= rcx;
    return rax;
    }
    case 15:
    { r9 = *(ULONG64*)(moduleBase + 0x663C140);
    rcx = moduleBase;
    rax ^= rcx;
    rcx = 0x104FF8B4C43406AD;
    rax += rcx;
    rcx = 0x16DB4431461A3E29;
    rax *= rcx;
    rcx = 0; // bruh
    rcx = _rotl64(rcx, 0x10);
    rcx ^= r9;
    rcx = _byteswap_uint64(rcx);
    rax *= *(ULONG64*)(rcx + 0xb);
    rcx = rax;
    rcx >>= 0x13;
    rax ^= rcx;
    rcx = rax;
    rcx >>= 0x26;
    rax ^= rcx;
    rcx = moduleBase;
    rax -= rcx;
    rax += 0xFFFFFFFFFFFF9A85;
    rax += rbx;
    rcx = 0x11B2D7215841BEB4;
    rax += rcx;
    return rax;
    }
    default:
        return 0;
    }
}