OldSchoolHack

Register / Login English
deutschDeutsch
englishEnglish
New Posts Advanced Search

TF2 Wallhack v1.0.1


icon TF2 Wallhack v1.0.1 #1

Join Date: Aug 2007

Posts: 8643

User-Rating:

199 positive
33 negative
 how to use:
run tf2, connect the game, run the program, and use left shift key.

software not have gui after kill it with taskmanager.

Source:
TEXT Code:
  1. program TF2Wallhack;
  2.  
  3. uses
  4.   windows,
  5.   SysUtils,
  6.   Messages,
  7.   TlHelp32;
  8.  
  9. type
  10.    tagKBDLLHOOKSTRUCT = record  
  11.         vkCode: DWORD;  
  12.         scanCode: DWORD;  
  13.         flags: DWORD;  
  14.         time: DWORD;  
  15.         dwExtraInfo: DWORD;  
  16.    end;  
  17.    TKbDllHookStruct = tagKBDLLHOOKSTRUCT;  
  18.    PKbDllHookStruct = ^TKbDllHookStruct;  
  19.  
  20. const
  21.   WH_KEYBOARD_LL  = 13;
  22.  
  23. var
  24.  hkeyhook: HHOOK;
  25.  
  26.  
  27. function KeyEvent(code: integer; wParam: word; lParam: longword): longword; stdcall; forward;
  28. exports Keyevent;
  29.  
  30. function GetProcessID(strProcessName : string):DWORD; 
  31. var 
  32.   dwRet : DWORD; 
  33.   hSnapShot : THandle; 
  34.   ProcessEntry : PROCESSENTRY32; 
  35.   bFlag : BOOL; 
  36. begin 
  37. 	dwRet := 0; 
  38. 	hSnapshot := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); 
  39. 	if(hSnapshot <> INVALID_HANDLE_VALUE) then 
  40. 	begin 
  41. 		FillChar(ProcessEntry,sizeof(PROCESSENTRY32),0); 
  42. 		ProcessEntry.dwSize := sizeof(PROCESSENTRY32); 
  43. 		bFlag := Process32First(hSnapshot,ProcessEntry); 
  44. 		while (bFlag) do 
  45. 		begin 
  46.       if Pos(UpperCase(strProcessName), UpperCase(ProcessEntry.szExeFile)) <> 0 then 
  47. 			begin 
  48. 				dwRet := ProcessEntry.th32ProcessID; 
  49. 				break; 
  50. 			end; 
  51. 			ProcessEntry.dwSize := sizeof(PROCESSENTRY32); 
  52. 			bFlag := Process32Next(hSnapshot,ProcessEntry); 
  53. 		end; 
  54. 		CloseHandle(hSnapshot); 
  55. 	end; 
  56. 	result := dwRet; 
  57. end;
  58.  
  59. function IsShift(Ch: Char): Boolean;
  60. begin
  61. Result := False;
  62. if Ord(Ch) in [33,34,36..42,47,58,59,61,63,65..90,96,167] then
  63. Result := True;
  64. end;
  65.  
  66. function GetModuleBase(hProcID: Cardinal; lpModName: PChar):Cardinal;
  67. var
  68.   hSnap: Cardinal;
  69.   tm: TModuleEntry32;
  70. begin
  71.   result := 0;
  72.   hSnap := CreateToolHelp32Snapshot(TH32CS_SNAPMODULE, hProcID);
  73.   if hSnap <> 0 then
  74.   begin
  75.     tm.dwSize := sizeof(TModuleEntry32);
  76.     if Module32First(hSnap, tm) = true then
  77.     begin
  78.       while Module32Next(hSnap, tm) = true do
  79.       begin
  80.         if lstrcmpi(tm.szModule, lpModName) = 0 then
  81.         begin
  82.           result := Cardinal(tm.modBaseAddr);
  83.           break;
  84.         end;
  85.       end;
  86.     end;
  87.     CloseHandle(hSnap);
  88.   end;
  89. end;
  90.  
  91. function KeyEvent(code: integer; wParam: word; lParam: longword): longword; stdcall;
  92. var  
  93.   szKeyName: array[0..255] of Char;
  94.   hooked: TKbDllHookStruct;  
  95.   dwMsg: DWORD;
  96.   i: integer;
  97.   Value, HandleWindow : Integer;
  98.   Read : cardinal;
  99.  
  100. begin  
  101.  if (code = HC_ACTION) then
  102.  begin
  103.   CopyMemory(@hooked,Pointer(lParam),sizeof(TKbDllHookStruct));
  104.  
  105.   dwMsg := 1;
  106.   dwMsg := dwMsg + (hooked.scanCode shl 16);
  107.   dwMsg := dwMsg + (hooked.flags shl 24);
  108.  
  109.  
  110.   ZeroMemory(@szKeyName,sizeof(szKeyName));
  111.  
  112.   szKeyName[0]:='[';
  113.   i := GetKeyNameText(dwMsg, szKeyName+1, sizeof(szKeyName))+1;
  114.   szKeyName[i]:=']';
  115.  
  116.   If (szKeyName='[Shift]') Then
  117.   Begin
  118.  
  119.    If ((wParam = WM_SYSKEYDOWN) or (wParam = WM_KEYDOWN)) then
  120.    Begin
  121.     HandleWindow:=OpenProcess(PROCESS_ALL_ACCESS,False, GetProcessID('hl2.exe'));
  122.     If HandleWindow<>0 then
  123.     Begin
  124.      Value:=2;
  125.      WriteProcessMemory(HandleWindow,Ptr(GetModuleBase(GetProcessID('hl2.exe'),'client.dll')+$8A2D58),@Value,4,Read); // r_drawothermodels 2
  126.      CloseHandle(HandleWindow);
  127.     End;
  128.    End;
  129.  
  130.    If ( (wParam = WM_SYSKEYUP) or (wParam = WM_KEYUP))  then
  131.    Begin
  132.     HandleWindow:=OpenProcess(PROCESS_ALL_ACCESS,False, GetProcessID('hl2.exe'));
  133.     If HandleWindow<>0 then
  134.     Begin
  135.      Value:=1;
  136.      WriteProcessMemory(HandleWindow,Ptr(GetModuleBase(GetProcessID('hl2.exe'),'client.dll')+$8A2D58),@Value,4,Read); // r_drawothermodels 1
  137.      CloseHandle(HandleWindow);
  138.     End;
  139.    End;
  140.  
  141.   End;
  142.  
  143.  end;
  144.  Result := CallNextHookEx(hkeyhook,code,wParam,lParam);
  145. end;
  146.  
  147. procedure MsgLoop();
  148. var  
  149.   msg: tagMsg;  
  150. begin  
  151.   while GetMessage(msg, 0, 0, 0) do  
  152.   begin  
  153.     TranslateMessage(msg);  
  154.     DispatchMessage(msg);  
  155.   end;  
  156. end;  
  157.  
  158. function KeyLogger(lpParameter: Pointer): DWORD; stdcall;
  159. var  
  160.   hExe: HINST;
  161.  
  162. begin  
  163.     Hexe := GetModuleHandle(nil);
  164.     if (hExe = 0) then  
  165.         hExe := LoadLibrary(PChar(lpParameter));  
  166.  
  167.     if hExe = 0 then begin
  168.         result := 1;  
  169.         exit;  
  170.     end;  
  171.     hkeyhook := SetWindowsHookEx(WH_KEYBOARD_LL, @Keyevent, hExe, 0);
  172.     MsgLoop();
  173.     UnhookWindowsHookEx(hKeyHook);
  174.     Result := 1;  
  175. end;  
  176.  
  177.  
  178. var  
  179.  hThread: Hwnd;  
  180.  dwThread: DWORD;  
  181.  
  182. begin
  183.  hThread := CreateThread( nil, 0, @KeyLogger, nil, 0, dwThread);
  184.  if (hthread <> 0) then
  185.  begin
  186.   WaitForSingleObject(hThread,INFINITE);
  187.  end;
  188. end.
Download TF2 Wallhack v1.0.1

__________________

Hallo
KN4CK3R is offline