AutoHotKey SAMP Trainer that injects ASM Code

luxdav

Active member
Joined
Sep 17, 2014
Messages
45
Reaction score
5
Hello out there!

I wrote an AutoHotKey Script that basically works as a Trainer on every SAMP Server. The current Cheats included are written for R1. The cold is a half year old. I wrote most from scratch.
The Trainer injects some ASM Code into the game. This works on RoleplayServers, too. Even with AntiCheat. You can't get banned by a system.
An Admin has to ban you. If you are using it wisely you won't get banned (e.g. don't use obvious cheats.)

  • Search a player in streaming range
  • Set the weather to default
  • Toggle NameTagHack
  • Toggle NoRecoil
  • Toggle Infinite Stamina
  • Toggle Unlimited Ammo
  • Toggle TargetInfo
  • Teleport to a Checkpoint
  • Teleport to the player next to you
  • Teleport to a streamed UserID
  • Teleport to coordinates
  • Save a location
  • Teleport to a saved location
  • Slap yourself in the air
  • Toggle FPSLimiter
  • Enable AntiExplode (Cars can't explode)
  • List all your saved Teleports
  • Toggle an Overlay that shows all players in StreamingRange with location and HP
  • Toggle AntiBikeFall (You don't fall off a bike when hitting a wall)
  • Jump a little bit forward
  • Clip some meters forward
  • Toggle AntiCarEject (You can't get ejected from a car)
  • Toggle AntiFreeze (You can't get freezed anymore)
  • Start every engine. (The engine of every car is already started)
  • Toggle Blur Effect
  • Toggle Animations
  • Teleport to Map (ESC->MAP->MOUSEOVER->Press Hotkey)
  • Set the DL of your car
  • Spawn a car that is not synched
  • Change your Skin while playin'
  • Get a speedboost
  • Stop your car


I wrote a method called writeByteCode(handle, address, (String) byteCode) in MemoryFunctions.ahk that injecteds a sequence of Opcodes as Hex in the game (e.g.: writeByteCode(gtaHandle, 0x1337, "909090"), this writes 3 nops to 0x1337).
Then I wrote a function called executeCheat(name) that toggles a cheat from the cheatlist (cheats[] in Main.ahk).
The structur of cheats[] is an Object with name, address, newInstruction, origInstruction and description.
With this structure you can easily add new cheats.

I also added my Cheat Engine test table.
 

Attachments

  • SAMPTrainer.zip
    262.3 KB · Views: 1,262
  • Cheat Engine TestTable.zip
    3.6 KB · Views: 804

0x_

Wtf I'm not new....
Administrator
Joined
Feb 18, 2013
Messages
1,116
Reaction score
167

BODZy

New member
Joined
Nov 8, 2013
Messages
1
Reaction score
0
Qz4SNtS.png
 

hammad

Active member
Joined
Feb 6, 2014
Messages
77
Reaction score
0
Great!!! You Made my Day  :youdontsay:
 

whoonga

Active member
Joined
Nov 6, 2014
Messages
52
Reaction score
0
Looks really nice, but what can i do with the "enableObjectDraw"-Mode?
Can i create Objects with it?
If "Yes" i would like to know how i can use it.

greetings
 

Claudiu

Member
Joined
Apr 12, 2015
Messages
24
Reaction score
0
Nice release, although some features don't work, like NameTagHack, Speed Boost and Skin Changer (not that I need them :D )
 

luxdav

Active member
Joined
Sep 17, 2014
Messages
45
Reaction score
5
What version do you use? They should work.

Actually I posted this release that you can improve your own knowledges in ASM via GTA and AutoHotKey.

It's pretty easy to create a method that changes your skin via AutoHotKey.

I'll give you an example how I did it:

This is the asm code of the skin change function of GTA SA (The base adress of samp is in this case 10000000 due to ollydbgs loaddll.exe):
Code:
1007B3C0 > . 51             PUSH ECX                                 ;  /player_skin
1007B3C1   . A1 E8202110    MOV EAX,DWORD PTR DS:[102120E8]
1007B3C6   . 85C0           TEST EAX,EAX
1007B3C8   . 74 61          JE SHORT samp.1007B42B                   ;  Checking for debug mode
1007B3CA   . 56             PUSH ESI
1007B3CB   . 8B7424 0C      MOV ESI,DWORD PTR SS:[ESP+C]
1007B3CF   . 8BC6           MOV EAX,ESI
1007B3D1   . 8D50 01        LEA EDX,DWORD PTR DS:[EAX+1]
1007B3D4   > 8A08           MOV CL,BYTE PTR DS:[EAX]
1007B3D6   . 40             INC EAX
1007B3D7   . 84C9           TEST CL,CL
1007B3D9   .^75 F9          JNZ SHORT samp.1007B3D4
1007B3DB   . 2BC2           SUB EAX,EDX
1007B3DD   . 894424 04      MOV DWORD PTR SS:[ESP+4],EAX
1007B3E1   . 75 16          JNZ SHORT samp.1007B3F9
1007B3E3   . A1 6C2A2110    MOV EAX,DWORD PTR DS:[10212A6C]
1007B3E8   . 68 EC3E0D10    PUSH samp.100D3EEC                       ; /Arg2 = 100D3EEC ASCII "Usage: player_skin (skin number)."
1007B3ED   . 50             PUSH EAX                                 ; |Arg1 => 00000000
1007B3EE   . E8 0DF6FFFF    CALL <samp.AddChatMessage>               ; \AddChatMessage
1007B3F3   . 83C4 08        ADD ESP,8
1007B3F6   . 5E             POP ESI
1007B3F7   . 59             POP ECX
1007B3F8   . C3             RETN
1007B3F9   > 56             PUSH ESI
1007B3FA   . E8 074F0300    CALL samp.100B0306
1007B3FF   . 8B0D 942A2110  MOV ECX,DWORD PTR DS:[10212A94]
1007B405   . 83C4 04        ADD ESP,4
1007B408   . 8BF0           MOV ESI,EAX
1007B40A   . E8 518CFEFF    CALL <samp.isGameLoaded>
1007B40F   . 85C0           TEST EAX,EAX
1007B411   . 74 17          JE SHORT samp.1007B42A
1007B413   . 8B0D 942A2110  MOV ECX,DWORD PTR DS:[10212A94]
1007B419   . E8 F25BF8FF    CALL <samp.isActorLoaded?>
1007B41E   . 85C0           TEST EAX,EAX
1007B420   . 74 08          JE SHORT samp.1007B42A
1007B422   . 56             PUSH ESI
1007B423   . 8BC8           MOV ECX,EAX
1007B425   . E8 1667FFFF    CALL samp.10071B40
1007B42A   > 5E             POP ESI
1007B42B   > 59             POP ECX
1007B42C   . C3             RETN

This is how I call the function via AHK passing the skinID as argument:
Code:
	gtaHandle := OpenHandleByName(windowNameOfSAMP) ; windowNameOfSAMP should be "GTA:SA:MP"
	sampDLL := GetAdressOfDLLByWindowName(windowNameOfSAMP, nameOfSAMPDLL) ; nameOfSAMPDLL should be "samp.dll"
	writeByteCode(gtaHandle, sampDLL + 0x7B3C8 , "9090") ; if we are in multiplayer we are not in debug mode thats why we disable the debug check at 7B3C8
	callWithParams(gtaHandle, sampDLL + 0x7B3C0, [["s", skinID]], true) ; call skin set function
	writeByteCode(gtaHandle, sampDLL + 0x7B3C8 , "7461") ; reenable dbg check
	CloseHandle(gtaHandle)

The adress for setskin is on 0.3.7 at samp+65090 and the dbg check some bytes further at 65098

Greets luxdav
 

luxdav

Active member
Joined
Sep 17, 2014
Messages
45
Reaction score
5
ASM Injector

Here is the ASM Injector as a standalone (slim) version. Made for embedding purposes. If you already have a Keybinder written in AutoHotKey you can easily add my functions to yours.

I will update the ASMCodeObjects to 0.3.7 when I have time. Remeber: The version for this injector is 0.3z R1.

This Injector was made as an alternative to CLEO or .asi-Loader. There are server that don't allow cleos and asis loaded.

Greets
luxdav

PS: If you have time you can update the adresses on your own. 1. Goto old adress in olly for 0.3z R1 make a sig, search the sig in 0.3.7. :ppffh:
 

Attachments

  • ASMInjector.zip
    22.9 KB · Views: 221

luxdav

Active member
Joined
Sep 17, 2014
Messages
45
Reaction score
5
Hello friends  :ppffh:!

I updated all addresses to 0.3.7.

If you have questions or it does not work, just post it.


  • See names through walls
  • See hp through walls
  • See names to streaming range
  • See hp to streaming range
  • No Recoil
  • Unlimited Ammo
  • No Reload
  • Infinite Stamina
  • Anti-Bike-Fall
  • Anti-Car-Eject
  • Anti-Freeze
  • Start every engine
  • Blur
  • Disable Animations
  • Object Debug Mode
 

Attachments

  • ASMInjector 0.3.7.zip
    20.2 KB · Views: 314
  • ASMInjector 0.3.7 with UDFEx.zip
    23.3 KB · Views: 258

Danil_Valov

Member
Joined
Jun 3, 2015
Messages
11
Reaction score
0
TeleportToPosition(x,y,z)  - this is cool function! Thank you!

But your first script in this topic (SAMP Trainer) crash SAMP (after push to Ctrl+Alt+7 for showing list for TP). Please, fix it.

Can you make a function for adding IDs of players in chat after nickname (for example: `Nick_Name[id]: Text his message`)?
And can you make getting data from SAMP-dialog?

Thank you again.
 

luxdav

Active member
Joined
Sep 17, 2014
Messages
45
Reaction score
5
It's crashing because this Trainer was for 0.3z and you are using it on 0.3.7. You may create a new ahk file that uses the 0.3.7 asm injector and the old teleportfunction.
 

Danil_Valov

Member
Joined
Jun 3, 2015
Messages
11
Reaction score
0
Please tell me how to change the interior id in AHK?




I found address for change interior id: 0x00B72914. It's work.
Please, add to your script change interior in TeleportToPosition-function. This will help players. Thanks.
 
Top