External BunnyHop [Auto-Update] Fixed

#include <Windows.h>
#include <iostream>
#include <TlHelp32.h>
 
#define FL_ONGROUND (1<<0)
 
using namespace std;
 
HWND css;
int iFlags;
DWORD dwBasePointer;
HANDLE hProcess;
DWORD m_hClient;
DWORD pID;
 
DWORD GetModuleSize(char* module)
{
 HANDLE hSnap;
 MODULEENTRY32 xModule;
 hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pID);
 xModule.dwSize = sizeof(MODULEENTRY32);
 if (Module32First(hSnap, &xModule)) {
 while (Module32Next(hSnap, &xModule)) {
 if (!strncmp((char*)xModule.szModule, module, 8)) {
 CloseHandle(hSnap);
 return (DWORD)xModule.modBaseSize;
 }
 }
 }
 CloseHandle(hSnap);
 return 0;
}
 
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
{ 
	MODULEENTRY32 lpModuleEntry = {0};
	HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwProcessId);
	if(!hSnapShot)	return NULL;
 
	lpModuleEntry.dwSize = sizeof(lpModuleEntry);
	BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
 
	while(bModule)
	{
		if(!strcmp(lpModuleEntry.szModule, lpModuleName ) )
		{
			CloseHandle( hSnapShot );
			return (DWORD)lpModuleEntry.modBaseAddr;
		}
 
		bModule = Module32Next( hSnapShot, &lpModuleEntry );
	}
 
	CloseHandle( hSnapShot );
	return NULL;
}
 
void SetDebugPrivilege() 
{
	HANDLE hProcess=GetCurrentProcess(), hToken;
	TOKEN_PRIVILEGES priv;
	LUID luid;
 
	OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES, &hToken);
	LookupPrivilegeValue(0, "seDebugPrivilege", &luid);
	priv.PrivilegeCount = 1;
	priv.Privileges[0].Luid = luid;
	priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
	AdjustTokenPrivileges(hToken, false, &priv, 0, 0, 0);
	CloseHandle(hToken);
	CloseHandle(hProcess);
}
 
bool bDataCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
 for(;*szMask;++szMask,++pData,++bMask)
 if(*szMask=='x' && *pData!=*bMask )
 return false;
 return (*szMask) == NULL;
}
 
DWORD dwFindPattern( BYTE* pData, DWORD dwSize, BYTE* bMask, char* szMask )
{
 for ( int i = 0; i < dwSize; i ++ )
 if ( bDataCompare( (BYTE*)( pData + i ), bMask, szMask ) )
 return i;
 return NULL;
}
 
DWORD FindPattern( DWORD dwAddress, DWORD dwSize, PBYTE pbSignature, char* pszSignature )
{
 DWORD dwTemp = dwAddress;
 BYTE pBuf[ 2048 ] = { 0 };
 
 do
 {
 if ( ReadProcessMemory( hProcess, ( PVOID )dwTemp, pBuf, 2048, NULL ) == FALSE )
 {
 printf("External FindPattern RPM : Error!\n");
 return NULL;
 }
 else
 {
 DWORD dwDelta = dwFindPattern( pBuf, 2048, pbSignature, pszSignature );
 
 if ( dwDelta )
 return dwTemp + dwDelta;
 
			dwTemp += 2048 - strlen(pszSignature);
 }
 } while ( true );
 
 return NULL;
}
 
DWORD dwBaseEntity;
DWORD dwFlags;
DWORD dwJump;
 
void offset()
{
	DWORD client_size = GetModuleSize("client.dll");
 
	PBYTE LocalBase_sig = (PBYTE)"\x39\x35\x00\x00\x00\x00\x8B\xCF\x0F\x94\xC2";
	char *LocalBase = "xx????xxxxx";
	DWORD LocalBase_temp = FindPattern(m_hClient, client_size, LocalBase_sig, LocalBase) + 0x2;
	ReadProcessMemory(hProcess, (PBYTE*)LocalBase_temp, &dwBaseEntity, sizeof(DWORD), NULL);
 
	PBYTE m_fFlags_sig = (PBYTE)"\x68\x00\x00\x00\x00\x68\x00\x00\x00\x00\x68\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x83\xC4\x30\x68\x00\x00\x00\x00\x6A\x07";
	char *m_fFlags = "x????x????x????x????xxxx????xx";
	DWORD m_fFlags_temp = 0x0;
	m_fFlags_temp = FindPattern(m_hClient, client_size, m_fFlags_sig, m_fFlags) + 0x1;
	ReadProcessMemory(hProcess, (PBYTE*)m_fFlags_temp, &dwFlags, 2, NULL);
 
	PBYTE jump_sig = (PBYTE)"\x74\x06\x21\x05\x00\x00\x00\x00\xF6\x05\x4C\x13\x31\x51\x03\x74\x03";
	char *jump = "xxxx????xxxxxxxxx";
	DWORD jump_temp = FindPattern(m_hClient, client_size, jump_sig, jump) + 0x4;
	ReadProcessMemory(hProcess, (PBYTE*)jump_temp, &dwJump, sizeof(DWORD), NULL);
}
 
void Read()
{
	while(true)
	{
		Sleep(1);
		ReadProcessMemory(hProcess, (PBYTE*)dwBaseEntity, &dwBasePointer, sizeof(DWORD), NULL);
		ReadProcessMemory(hProcess, (PBYTE*)(dwBasePointer + dwFlags), &iFlags, sizeof(int), NULL);
	}
}
int five = 5;
int four = 4;
void BunnyHop(void)
{
	while(true)
	{
		Sleep(1);
 
		if(!GetAsyncKeyState(32))
		{
			Sleep(10);
			continue;
		}
 
		WriteProcessMemory(hProcess, (PBYTE*)dwJump, &four, sizeof(int), NULL);
 
		if(iFlags & FL_ONGROUND) {
			WriteProcessMemory(hProcess, (PBYTE*)dwJump, &five, sizeof(int), NULL);
			Sleep(10);
		}
	}
}
 
 
 
DWORD GetProcId(const char* ProcName)
{
	PROCESSENTRY32 pe32;
	HANDLE hSnapshot = NULL;
 
	pe32.dwSize = sizeof( PROCESSENTRY32 );
	hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
 
	if( Process32First( hSnapshot, &pe32 ) )
	{
		do{
			if( strcmp(pe32.szExeFile, ProcName) == 0 )
				break;
		}while( Process32Next( hSnapshot, &pe32 ) );
	}
 
	if( hSnapshot != INVALID_HANDLE_VALUE )
		CloseHandle( hSnapshot );
 
	return pe32.th32ProcessID;
}
 
int main(HINSTANCE hInstance)
{
	SetConsoleTitle("External BunnyHop");
 
	while(!FindWindow(NULL, "Counter-Strike Source"))
		Sleep(10);
 
	while(!pID) { pID = GetProcId("hl2.exe");Sleep(100); }
	while(!hProcess) { hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pID);Sleep(100); }
	while(!m_hClient) { m_hClient = GetModuleBase("client.dll", pID);Sleep(100); }
 
	offset();
 
	printf("Scan result:\n");
	printf(" [+] LocalBaseEntity:	[0x%X]\n", dwBaseEntity - m_hClient);
	printf(" [+] m_fFlags:		[0x%X]\n", dwFlags);
	printf(" [+] Jump State:	[0x%X]\n", dwJump - m_hClient);
 
	CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)Read, NULL, NULL, NULL);
	CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)BunnyHop, NULL, NULL, NULL);
 
	while(FindWindow(NULL, "Counter-Strike Source"))
		Sleep(10);
 
	return 1337;
}