Source Codes

[xMadHatter]

[Only registered and activated users can see links. ]

[Sv3nt3k]

Name Source: [Only registered and activated users can see links. ]

Credits to Zentaki.

[Odd-Ball]

i got some stuff too
dunno if it helps but just giving my contribution to gzp
maybe some are there idk
they are outdated as well

[GlockHeadshot]

Credits DexGod

[rafodapimp]

On Screen Menu Class (C++ | Direct3D)

:[Only registered and activated users can see links. ]


credits:Galco

[Guy]

[Only registered and activated users can see links. ].

[RobotGymnast]

NOP Anti-hack

[Only registered and activated users can see links. ]

By the way, the line

Code:

int distance = ((DistX * DistX) + (DistY * DistY))^(1/2);

In the aimbot source should be changed to:

Code:

int distance = (int)pow((double)((DistX * DistX) + (DistY * DistY)), 0.5);

[WaffleByte]

Source code of Fire.dll:

Code:

//Fire.dll by WaffleByte
//Alt + F toggles the fire
//Tested on January 9, 2010

#include <windows.h>

#define ZGetGameAddr 0x004B9730
#define ZPostReactionAddr 0x004883C0

bool fire;
float Time;

void ToggleSound(bool on)
{
    if(on){Beep(700,500);}
    else{Beep(300,500);}
}

DWORD ZGetGame()
{
    DWORD GAME;
    __asm
    {
        MOV EAX,ZGetGameAddr
        CALL EAX
        MOV GAME,EAX
    }
    return GAME;
}

DWORD ZMyCharacter()
{
    DWORD Game;
    __asm
    {
        MOV EAX,ZGetGameAddr
        CALL EAX
        CMP EAX,0
        JA RetGame
        MOV Game,0
        JMP End
        RetGame:
        LEA EAX,DWORD PTR DS:[EAX+0x94]
        MOV EAX,DWORD PTR DS:[EAX]
        MOV Game,EAX
        End:
    }
    return Game;
}

void ZPostReaction(int ReactionID)
{
    __asm
    {
        MOV EAX,ZPostReactionAddr
        PUSH ReactionID
        PUSH Time
        CALL EAX
        ADD ESP,8
    }
}

void Keys()
{
    while(true)
    {
        if((GetAsyncKeyState(0x12)&0x8000)&&(GetAsyncKeyState('F')&0x8000))
        {
            fire=!fire;
            ToggleSound(fire);
        }
        Sleep(20);
    }
}

void Execute()
{
    while(true)
    {
        if(fire&&ZMyCharacter())
        {
            ZPostReaction(2);
        }
        Sleep(20);
    }
}

extern "C"
{
        __declspec(dllexport) bool __stdcall DllMain(HINSTANCE hInst,DWORD reason,LPVOID lpv)
        {
                if(reason==DLL_PROCESS_ATTACH)
                {
                        DisableThreadLibraryCalls(hInst);
                        CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)Keys,NULL,0,NULL);
                        CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)Execute,NULL,0,NULL);
                        Beep(500,500);
                }
                return true;
        }
}

[WaffleByte]

Code:

//Waffles.dll
//January 15 2010
//Made by WaffleByte
//Alt + G = Godmode
//Alt + L = Lawnmower
//Alt + R = Rapeshot

#include <windows.h>

#define ZRuleBerserker__BonusHealthAddr 0x4C12A0
#define ZPostStageEnterBattleAddr 0x4AD4B0
#define ZGetGameAddr 0x4B9730
#define ZGetGameClientAddr 0x4B9620
#define ZBypassAddr 0x5A1817
#define ZNewCmdAddr 0x4D1D60
#define ZPostCommandAddr 0x4D1E20
#define ZUnknownOneAddr 0x5A2CA0
#define ZUnknownTwoAddr 0x63C5F2
#define ZUnknownThreeAddr 0x517110
#define ZUnknownFourAddr 0x5195B0

bool godmode,lawnmower,rapeshot;

struct MUID
{
    DWORD LowID;
    DWORD HighID;
};

void ToggleSound(bool on)
{
    if(on){Beep(700,500);}
    else{Beep(300,500);}
}

DWORD ZGetGame()
{
    DWORD GAME;
    __asm
    {
        MOV EAX,ZGetGameAddr
        CALL EAX
        MOV GAME,EAX
    }
    return GAME;
}

DWORD ZGetGameClient()
{
    DWORD CLIENT;
    __asm
    {
        MOV EAX,ZGetGameClientAddr
        CALL EAX
        MOV CLIENT,EAX
    }
    return CLIENT;
}

MUID *GetPlayer()
{
    return(MUID*)(ZGetGameClient()+0x1A0);
}

MUID *GetStage()
{
    return(MUID*)(ZGetGameClient()+0x1B0);
}

int GetGameType()
{
    return *(int*)(ZGetGameClient()+0xD20);
}

bool GetSafe()
{
    if(GetGameType()>4&&GetGameType()<8)
    return true;
    return false;
}

DWORD ZMyCharacter()
{
    DWORD Game;
    __asm
    {
        MOV EAX,ZGetGameAddr
        CALL EAX
        CMP EAX,0
        JA RetGame
        MOV Game,0
        JMP End
        RetGame:
        LEA EAX,DWORD PTR DS:[EAX+0x94]
        MOV EAX,DWORD PTR DS:[EAX]
        MOV Game,EAX
        End:
    }
    return Game;
}

float *GetPosition(DWORD ZCharacter)
{
    float *POS;
    __asm
    {
        PUSH ESI
        MOV ESI,ZCharacter
        MOV EAX,DWORD PTR DS:[ESI+0x30]
        TEST EAX,EAX
        JNZ OP2
        LEA EAX,DWORD PTR DS:[ESI+0x24]
        OP2:
        MOV EAX,DWORD PTR DS:[EAX]
        MOV POS,EAX
        POP ESI
    }
    return POS;
}

float *GetDirection(DWORD ZCharacter)
{
    float *DIR;
    __asm
    {
        PUSH ESI
        MOV ESI,DWORD PTR SS:[EBP+8]
        ADD ESI,0x340
        MOV DIR,ESI
        POP ESI
    }
    return DIR;
}

void Rejoin()
{
    MUID *PLAYER=GetPlayer();
    MUID *STAGE=GetStage();
    __asm
    {
        PUSH STAGE
        PUSH PLAYER
        MOV EAX,ZPostStageEnterBattleAddr
        CALL EAX
    }
}

void BonusHealth()
{
    __asm
    {
        PUSH HEALTHRET
        PUSH EBP
        MOV EBP,ESP
        CALL ZMyCharacter
        PUSH EAX
        PUSH ZBypassAddr
        MOV EAX,ZRuleBerserker__BonusHealthAddr
        JMP EAX
        HEALTHRET:
    }
}

void __declspec(naked) ZPostShot(float *Pos,float *Dir,int)
{
    __asm
    {
        PUSH EBP
        MOV EBP,ESP
        MOV DWORD PTR FS:[0],ESP
        SUB ESP,0xC4
        PUSH EBX
        PUSH ESI
        PUSH EDI
        MOV EAX,ZGetGameAddr
        CALL EAX
        MOV EAX,DWORD PTR DS:[EAX+0x30]
        MOV EAX,DWORD PTR DS:[EAX]
        MOV ECX,DWORD PTR DS:[EAX]
        MOV ESI,DWORD PTR SS:[EBP+8]
        FLD DWORD PTR DS:[ESI]
        MOV DWORD PTR SS:[EBP-0x84],ECX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        FLD DWORD PTR DS:[ESI+4]
        MOV WORD PTR SS:[EBP-0x80],AX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        FLD DWORD PTR DS:[ESI+8]
        MOV WORD PTR SS:[EBP-0x7E],AX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        MOV ESI,[EBP+0x0C]
        FLD DWORD PTR DS:[ESI]
        MOV WORD PTR SS:[EBP-0x7C],AX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        FLD DWORD PTR DS:[ESI+4]
        MOV WORD PTR SS:[EBP-0x7A],AX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        FLD DWORD PTR DS:[ESI+8]
        MOV WORD PTR SS:[EBP-0x78],AX
        MOV EAX,ZUnknownOneAddr
        CALL EAX
        MOV DL,BYTE PTR SS:[EBP+0x10]
        MOV WORD PTR SS:[EBP-0x76],AX
        MOV BYTE PTR SS:[EBP-0x74],DL
        PUSH 0x2732
        MOV EAX,ZNewCmdAddr
        CALL EAX
        PUSH 0x10
        MOV ESI,EAX
        MOV EAX,ZUnknownTwoAddr
        CALL EAX
        ADD ESP,0x10
        MOV DWORD PTR SS:[EBP-0x10],EAX
        TEST EAX,EAX
        MOV DWORD PTR SS:[EBP-4],0
        JE LNJ1
        PUSH 0x11
        LEA ECX,DWORD PTR SS:[EBP-0x84]
        PUSH ECX
        MOV ECX,EAX
        MOV EAX,ZUnknownThreeAddr
        CALL EAX
        JMP LNJ2
        LNJ1:
        XOR EAX,EAX
        LNJ2:
        MOV ECX,ESI
        PUSH EAX
        MOV DWORD PTR SS:[EBP-4],-1
        MOV EAX,ZUnknownFourAddr
        CALL EAX
        PUSH SHOTRET
        PUSH EBP
        MOV EBP,ESP
        PUSH ESI
        PUSH ZBypassAddr
        MOV EAX,ZPostCommandAddr
        JMP EAX
        SHOTRET:
        ADD ESP,4
        MOV ECX,DWORD PTR SS:[EBP-0xC]
        POP EDI
        POP ESI
        POP EBX
        MOV DWORD PTR FS:[0],ECX
        MOV ESP,EBP
        POP EBP
        RETN
    }
}

void Keys()
{
    while(true)
    {
        if((GetAsyncKeyState(0x12)&0x8000)&&(GetAsyncKeyState('G')&0x8000))
        {
            godmode=!godmode;
            ToggleSound(godmode);
        }
        if((GetAsyncKeyState(0x12)&0x8000)&&(GetAsyncKeyState('L')&0x8000))
        {
            lawnmower=!lawnmower;
            ToggleSound(lawnmower);
        }
        if((GetAsyncKeyState(0x12)&0x8000)&&(GetAsyncKeyState('R')&0x8000))
        {
            rapeshot=!rapeshot;
            ToggleSound(rapeshot);
        }
        Sleep(30);
    }
}

void Execute()
{
    while(true)
    {
        if(ZMyCharacter()&&GetSafe())
        {
            if(godmode)
            {
                BonusHealth();
            }
            if(lawnmower)
            {
                ZPostShot(GetPosition(ZMyCharacter()),GetDirection(ZMyCharacter()),7);
                ZPostShot(GetPosition(ZMyCharacter()),GetDirection(ZMyCharacter()),1);
            }
            if(rapeshot&&(GetAsyncKeyState(0x01)&0x8000))
            {
                float *MyPosition=GetPosition(ZMyCharacter());
                float *MyDirection=GetDirection(ZMyCharacter());
                float NewPosition[3];
                NewPosition[0]=MyPosition[0];
                NewPosition[1]=MyPosition[1];
                NewPosition[2]=MyPosition[2]+200;
                float NewDirection[3];
                NewDirection[0]=MyPosition[0]+(MyDirection[0]*9001);
                NewDirection[1]=MyPosition[1]+(MyDirection[1]*9001);
                NewDirection[2]=200+MyPosition[2]+(MyDirection[2]*9001);
                for(int i=0;i<10;i++)
                {
                    ZPostShot(NewPosition,NewDirection,8);
                    ZPostShot(NewPosition,NewDirection,1);
                    ZPostShot(NewPosition,NewDirection,9);
                    ZPostShot(NewPosition,NewDirection,1);
                }
                Rejoin();
                Sleep(200);
            }
        }
        Sleep(10);
    }
}

extern "C"
{
        __declspec(dllexport) BOOL __stdcall DllMain(HINSTANCE hInst,DWORD reason,LPVOID lpv)
        {
                if(reason==DLL_PROCESS_ATTACH)
                {
                        DisableThreadLibraryCalls(hInst);
                        CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)Keys,NULL,0,NULL);
                        CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)Execute,NULL,0,NULL);
                        Beep(500,500);
                }
                return true;
        }
}

[hmhax]

MCInject source code -

Authors: Xeffar/Aesma Daeva
Source: Mafiacoders VIP

Code:

#define _WIN32_WINNT 0x500

#include <windows.h>
#include <stdio.h>
#include <tchar.h>
#include <tlhelp32.h>

int main(void)
{
    INT c = 0, i = 0, Found, bFound = 0, Injected = 0;
    DWORD dwPID;

    system(_T("title Mafiacoders Recursive Injector -- by Xeffar"));

    OPENFILENAME oFile;
    DWORD nArray[255];

    LPTSTR lpProcess = (LPTSTR)malloc(MAX_PATH);
    LPTSTR lpDLL = (LPTSTR)malloc(MAX_PATH);

    lpDLL[0] = _T('\0');

    memset(&oFile, 0, 88);

    oFile.hwndOwner = GetConsoleWindow();

    printf(_T("Credits to Aesma for helping.\n"));

    printf(_T("Process name to inject to (e.g. gunz.exe, case insensitive):\n"));

    scanf(_T("%[^\n]%*c"), lpProcess);

    printf(_T("Select your DLL file:\n"));

    oFile.lpstrFile = lpDLL;
    oFile.lStructSize = 88;
    oFile.lpstrFilter = _T("DLL Files (*.dll)");
    oFile.nMaxFile = MAX_PATH;
    oFile.Flags = OFN_EXPLORER | OFN_FILEMUSTEXIST;
    oFile.lpstrDefExt = _T("dll");

    if(!GetOpenFileName(&oFile))
    {
        printf(_T("Error finding the file\n"));
        getchar();
        exit(EXIT_SUCCESS);
    }
    else
    {
        printf(_T("Selected \"%s\"\nWaiting for %s\n"), lpDLL, lpProcess);

        while(!Injected)
        {
            HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);

            PROCESSENTRY32 peProcess32;
            
            peProcess32.dwSize = sizeof(peProcess32);
            if(Process32First(hSnapshot, &peProcess32))
            {
                do
                {
                    if(!(c = _stricmp(peProcess32.szExeFile, lpProcess)))
                    {
                        dwPID = peProcess32.th32ProcessID;

                        if(i != 0)
                        {
                            for(c = 0;;)
                            {
                                if(nArray[c] == dwPID)
                                {
                                    Found = TRUE; //found?
                                    break;
                                }
                                c++;
                                Found = FALSE; //not found
                                if(c >= i)
                                    break;
                            }
                        }
                        
                        if(c == i)
                        {
                            printf(_T("New proc found(procid:%x)\n"), dwPID);
                            nArray[i] = peProcess32.th32ProcessID;
                            i++;

                            if(Found == FALSE)
                            {
                                bFound++;

                                if(bFound == 2)
                                {

                                    HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_QUERY_INFORMATION, FALSE, peProcess32.th32ProcessID);
                                    
                                    if(hProcess)
                                    {

                                        LPVOID lpszModule = VirtualAllocEx(hProcess, NULL, _tcscnlen(lpDLL, MAX_PATH), MEM_COMMIT, PAGE_READWRITE);
                                        
                                        SIZE_T nBytes;
                                        //Write the path to the Dll File in the location just created
                                        if(WriteProcessMemory(hProcess, lpszModule, lpDLL, _tcscnlen(lpDLL, MAX_PATH), &nBytes))
                                        {
                                            DWORD dwThread;
                                            // Random sleep
                                            Sleep(5000);
                                            //Create a remote thread that starts begins at the LoadLibrary function and is passed are memory pointer
                                            HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "LoadLibraryA"), lpszModule, 0, &dwThread);
                                            
                                            if(hThread != NULL)
                                            {
                                                printf(_T("Injected successfully.\n"));
                                                Injected = 1;
                                            }
                                            else
                                                printf(_T("Failed to create thread. Error : %d\n"), GetLastError());

                                            //Release the handle to the other process
                                            CloseHandle(hProcess);
                                        }

                                        else
                                        {
                                            printf(_T("Failed to write memory: %d\n"), GetLastError());
                                            ExitProcess(EXIT_SUCCESS);
                                        }
                    
                                    }
                                    
                                    else
                                    {
                                        printf(_T("Failed to open handle.\n"));
                                        printf(_T("Error code : %d\n"), GetLastError());
                                        Sleep(9001);
                                        ExitProcess(EXIT_SUCCESS);
                                    }
                                
                                }
                            
                            }
                        
                        }
                        peProcess32.dwSize = sizeof(peProcess32);
                    }
                }
                while(Process32Next(hSnapshot, &peProcess32));

                i++;
                if(i > 10)
                    i = 0;

                CloseHandle(hSnapshot);
                Sleep(20);
            }

        }
        Sleep(2000);
    }
    return EXIT_SUCCESS;
}