From 37a3c51a9541d6cc7af2ddb07ad96f8b403c10bf Mon Sep 17 00:00:00 2001
From: xerox <xerox@back.engineering>
Date: Wed, 19 Aug 2020 20:02:37 -0700
Subject: [PATCH] speed hacks and such, just pushing some work

---
 .../includes/gamebase/pawn.h                  |  2 +-
 .../includes/gameengine/engine.h              |  4 -
 .../includes/gameengine/interactiveobject.h   |  3 -
 .../includes/gameengine/offwallweaponstore.h  |  3 -
 .../includes/gameengine/tacticsgaunsight.h    |  3 -
 .../includes/unityengine/androidjni.h         |  2 +-
 .../includes/unityengine/androidjnihelper.h   |  2 +-
 .../includes/unityengine/debug.h              |  2 +-
 .../includes/unityengine/texteditor.h         |  2 +-
 ligma-cheat/ligma-cheat/bypass/bypass.cpp     |  1 +
 ligma-cheat/ligma-cheat/main.cpp              | 81 +++++++++++++++++++
 11 files changed, 87 insertions(+), 18 deletions(-)

diff --git a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gamebase/pawn.h b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gamebase/pawn.h
index ca920b311..cf4bec2d6 100644
--- a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gamebase/pawn.h
+++ b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gamebase/pawn.h
@@ -5131,7 +5131,7 @@ namespace gamebase {
                 il2cpp::il2cpp_base() + 0x1D85B68))(this, _spritetype);
         }
 
-        template <typename T = bool> T canbedamagedby(std::uintptr_t _pawn) {
+        template <typename T = bool> T canbedamagedby(pawn* _pawn) {
             return ((T(*)(pawn *, std::uintptr_t))(il2cpp::il2cpp_base() +
                                                    0x1D85C50))(this, _pawn);
         }
diff --git a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/engine.h b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/engine.h
index 9383a0254..daa428e59 100644
--- a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/engine.h
+++ b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/engine.h
@@ -72,10 +72,6 @@ namespace gameengine {
         template <typename T = void> static T create() {
             return ((T(*)(void *))(il2cpp::il2cpp_base() + 0x5F36F70))(0);
         }
-
-        template <typename T = void> static T shutdown() {
-            return ((T(*)(void *))(il2cpp::il2cpp_base() + 0x5F370E8))(0);
-        }
     };
 
 } // namespace gameengine
diff --git a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/interactiveobject.h b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/interactiveobject.h
index 24c4bb2fd..d2e724c1f 100644
--- a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/interactiveobject.h
+++ b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/interactiveobject.h
@@ -41,9 +41,6 @@ namespace gameengine {
         template <typename T = bool> T &serverusability() {
             return *(T *)((std::uintptr_t)this + 0x55);
         }
-        template <typename T = il2cpp_string *> T &btnspritename() {
-            return *(T *)((std::uintptr_t)this + 0x58);
-        }
         template <typename T = il2cpp_string *> T &buttonmessagelocid() {
             return *(T *)((std::uintptr_t)this + 0x5C);
         }
diff --git a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/offwallweaponstore.h b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/offwallweaponstore.h
index d1f14ff30..a1e88d87b 100644
--- a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/offwallweaponstore.h
+++ b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/offwallweaponstore.h
@@ -52,9 +52,6 @@ namespace gameengine {
         template <typename T = il2cpp_string *> T &buttonstring() {
             return *(T *)((std::uintptr_t)this + 0xB4);
         }
-        template <typename T = std::int32_t> T &weaponprice() {
-            return *(T *)((std::uintptr_t)this + 0xB8);
-        }
         template <typename T = float> T &weaponmodeldestorytime() {
             return *(T *)((std::uintptr_t)this + 0xBC);
         }
diff --git a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/tacticsgaunsight.h b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/tacticsgaunsight.h
index 6199ed135..27ae2e60e 100644
--- a/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/tacticsgaunsight.h
+++ b/ligma-cheat/ligma-cheat/SDK/assembly-csharp.dll/includes/gameengine/tacticsgaunsight.h
@@ -25,9 +25,6 @@ namespace gameengine {
         template <typename T = std::uintptr_t> T &mhudmat() {
             return *(T *)((std::uintptr_t)this + 0x3C);
         }
-        template <typename T = std::uintptr_t> T &mhudmat() {
-            return *(T *)((std::uintptr_t)this + 0x40);
-        }
         template <typename T = std::uintptr_t> T &mhudmesh() {
             return *(T *)((std::uintptr_t)this + 0x44);
         }
diff --git a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjni.h b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjni.h
index f28c2d9af..098626c68 100644
--- a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjni.h
+++ b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjni.h
@@ -114,7 +114,7 @@ namespace unityengine {
         }
 
         template <typename T = std::int32_t>
-        static T throw(std::uintptr_t _obj) {
+        static T _throw(std::uintptr_t _obj) {
             return ((T(*)(void *, std::uintptr_t))(il2cpp::il2cpp_base() +
                                                    0x51D7AD8))(0, _obj);
         }
diff --git a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjnihelper.h b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjnihelper.h
index 2a6cf382f..dfdad20cf 100644
--- a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjnihelper.h
+++ b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/androidjnihelper.h
@@ -2,7 +2,7 @@
 #include <il2cpp/il2cpp.h>
 namespace unityengine {
 
-    class androidjnihelper {
+    class _androidjnihelper {
       public:
         template <typename T = bool> static T get_debug() {
             return ((T(*)(void *))(il2cpp::il2cpp_base() + 0x51DD3A8))(0);
diff --git a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/debug.h b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/debug.h
index 9c1198246..d5b1e9ec0 100644
--- a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/debug.h
+++ b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/debug.h
@@ -67,7 +67,7 @@ namespace unityengine {
                 0, _start, _dir, _color, _duration, _depthtest);
         }
 
-        template <typename T = void> static T break() {
+        template <typename T = void> static T _break() {
             return ((T(*)(void *))(il2cpp::il2cpp_base() + 0x5A553A4))(0);
         }
 
diff --git a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/texteditor.h b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/texteditor.h
index 53c795b3e..823a5f009 100644
--- a/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/texteditor.h
+++ b/ligma-cheat/ligma-cheat/SDK/unityengine.dll/includes/unityengine/texteditor.h
@@ -154,7 +154,7 @@ namespace unityengine {
                 this);
         }
 
-        template <typename T = bool> T delete () {
+        template <typename T = bool> T _delete () {
             return ((T(*)(texteditor *))(il2cpp::il2cpp_base() + 0x59C29D0))(
                 this);
         }
diff --git a/ligma-cheat/ligma-cheat/bypass/bypass.cpp b/ligma-cheat/ligma-cheat/bypass/bypass.cpp
index b08944be9..3bdd12bae 100644
--- a/ligma-cheat/ligma-cheat/bypass/bypass.cpp
+++ b/ligma-cheat/ligma-cheat/bypass/bypass.cpp
@@ -33,6 +33,7 @@ namespace ligma
 			ligma::hook::make_hook(system_prop_get, &system_property_hook);
 		}
 
+		__attribute__((noinline))
 		char* strcat_hook(char* destination, const char* source)
 		{
 			if (!destination || !source)
diff --git a/ligma-cheat/ligma-cheat/main.cpp b/ligma-cheat/ligma-cheat/main.cpp
index 9d989aa28..1431d22d4 100644
--- a/ligma-cheat/ligma-cheat/main.cpp
+++ b/ligma-cheat/ligma-cheat/main.cpp
@@ -1,4 +1,79 @@
 #include "bypass/bypass.h"
+#include "SDK/assembly-csharp.dll/gamebase.h"
+#include "SDK/assembly-csharp.dll/gameengine.h"
+#include "SDK/unityengine.dll/unityengine.h"
+
+namespace movement
+{
+	// 0x1DAB2EC
+	__attribute__((noinline))
+	float calc_walk_speed()
+	{
+		return 12.5f;
+	}
+}
+
+namespace weapon
+{
+	// 0x2E3A99C, 0x2E41190, 0x2E45448
+	__attribute__((noinline))
+	bool check_target()
+	{
+		return true;
+	}
+
+	// 0x1D835A0
+	__attribute__((noinline))
+	gameengine::attackabletarget* find_melee_target(gamebase::pawn* pawn, float range)
+	{
+		LOGI("find melee target called! range = %.2f, pawn = %p", range, pawn);
+		ligma::hook::disable(il2cpp::il2cpp_base() + 0x1D835A0);
+		auto attack_target = pawn->findmeleeattacktarget<gameengine::attackabletarget*>(range);
+		ligma::hook::enable(il2cpp::il2cpp_base() + 0x1D835A0);
+		LOGI("attackable target = %p", attack_target);
+
+		if (!attack_target)
+		{
+			const auto game_base = gameengine::gameplay::get_game<gamebase::basegame*>();
+			const auto game_info = gameengine::gameplay::get_gameinfo<gameengine::gameinfo*>();
+			const auto local_pawn = gameengine::gameplay::get_localpawn<gamebase::pawn*>();
+			const auto enemy_pawn_list = game_base->enemypawns<il2cpp_list<gamebase::pawn*>*>();
+			const auto enemy_pawns = enemy_pawn_list->get_items();
+
+			for (auto idx = 0u; idx < enemy_pawn_list->get_size(); ++idx)
+			{
+				if (enemy_pawns[idx]->get_health())
+				{
+					const auto actor_id = game_info->getactorid(enemy_pawns[idx]->get_playerid());
+					const auto attackable_target = game_base->getattackabletarget<gameengine::attackabletarget*>(actor_id);
+
+					// put the pawn on my head
+					enemy_pawns[idx]->setlocation(local_pawn->get_headposition());
+					LOGI("player_id => 0x%x, actor_id => 0x%x, attackable_target => %p", enemy_pawns[idx]->get_playerid(), actor_id, attackable_target);
+					attack_target = attackable_target;
+				}
+			}
+		}
+		return attack_target;
+	}
+
+	// 0x2E44660
+	__attribute__((noinline))
+	bool cast_ray(gameengine::weaponfirecomponentmelee* melee, unityengine::collider* collider, il2cpp_vec3 start, int trace_flag, il2cpp_vec3* dir, gameengine::attackabletarget* hit_target)
+	{
+		LOGI("============ cast ray called! ================");
+		ligma::hook::disable(il2cpp::il2cpp_base() + 0x2E44660);
+		const auto result = melee->raycastmeleeobb(
+			reinterpret_cast<std::uintptr_t>(collider),
+			start, trace_flag,
+			reinterpret_cast<std::uintptr_t>(dir), 
+			reinterpret_cast<std::uintptr_t>(hit_target)
+		);
+		ligma::hook::enable(il2cpp::il2cpp_base() + 0x2E44660);
+		LOGI("result = %d, hit_target = %p, dir = %p", result, hit_target, dir);
+		return result;
+	}
+}
 
 __attribute__((constructor))
 void init()
@@ -6,6 +81,12 @@ void init()
 	ligma::bypass::init([&](std::uintptr_t il2cpp_base, void* module_handle) -> bool
 	{
 		LOGI("il2cpp base address = %p, module_handle = %p", il2cpp_base, module_handle);
+		ligma::hook::make_hook(il2cpp_base + 0x1DAB2EC, &movement::calc_walk_speed);
+		ligma::hook::make_hook(il2cpp_base + 0x1D835A0, &weapon::find_melee_target);
+		ligma::hook::make_hook(il2cpp_base + 0x2E41190, &weapon::check_target);
+		ligma::hook::make_hook(il2cpp_base + 0x2E3A99C, &weapon::check_target);
+		ligma::hook::make_hook(il2cpp_base + 0x2E45448, &weapon::check_target);
+		ligma::hook::make_hook(il2cpp_base + 0x2E44660, &weapon::cast_ray);
 		return false;
 	});
 	LOGI("installed bypass...");