A universal way to create a noclip mod in Unity games (Mono/IIL2CPP)

Overview

Universal-Unity-NoClip

This projects aim to show how a noclip mod can be created in any unity game, regardless if its using an il2cpp or mono backend.

Requirements

  • The game uses CharacterController to control player movement and state.
  • You have to be able to use the set_radius function within the CharacterController class. If that method is stripped from your dump then you are out of luck.

Il2CPP

For this example I am going to be using PG3D v16.6.1. PG3D which uses CharacterController to handle everything player related. This example applies only to PG3D, other games may implement CharacterController differently.

For my initial C++ hook of pg3d, I am going to be hooking the UpdateEffects method of the class Player_move_c.

It is bad practice to make extra hooks, if you can do everthing inside of one hook then you should. I hooked into Player_move_c because I can access a lot from there.

My goal is to be able to access the games CharacterController from my hook.

On line 197626 of dump.cs you will see that in class FirstPersonControllerCSharp has a field internal CharacterController character; // 0x74. This is where PG3D handles CharacterController.

If I want to be able to FirstPersonControllerCSharp and its character field then I will have to find what other classes use the FirstPersonControllerCSharp class.

One of the classes that use FirstPersonControllerCSharp is the SkinName class. On line 189324 of dump.cs you can see public FirstPersonControlSharp firstPersonControl; // 0xD8.

Now that we have found a class that is using FirstPersonControllerCSharp, we have to find a class, field, or method that is using that class. We have to repeat this until we find a way to access said function from our hook. It could be via a static class pointer or through a method or field.

For PG3D's case, I can access SkinName from my initial hook. Player_move_c has a field that uses SkinName, on line 145297 of dump.cs internal SkinName mySkinName; // 0x320.

Now that we have a way to access CharacterController from our hook, we need to implement a way to access it.

We need to write the C# code this.mySkinName.firstPersonControl.character in C++. We have the field offsets which makes this very easy.

void (*_Update)(void* _this);
void Update(void* _this)
{
    if (_this)
    {
        void* skinName = *(void **)((uint32_t)_this + 0x320); // internal SkinName mySkinName; // 0x320
        void* firstPersonControl = *(void **)((uint32_t)skinName + 0xD8); // public FirstPersonControlSharp firstPersonControl; // 0xD8
        void* characterController = *(void **)((uint32_t)firstPersonControl + 0x74); // internal CharacterController character; // 0x74
        // Now we have access to CharacterController.
        _Update(_this);
    }
}

MSHookFunction((void *) getRealOffset(offset), (void *) &Update, (void **) &_Update); // Player_move_c UpdateEffects   

Now we have access to CharacterController. In order to create noclip we need to be able to set the CharacterController's radius. On line 80966 of dump.cs we have public void set_radius(float value); // RVA: 0xEAB82C Offset: 0xEAB82C

We need to create a c++ function to be able to use it which is also easy.

void (*CharacterController_set_radius)(void* character, float radius) = (void (*)(void *, float ))getRealOffset(0xEAB82C); // CharacterController$$set_radius

In order to make the player clip, we will need to set the CharacterController's radius to infinity. Unity does not know how to handle a CharacterController with an infinite radius which results in your player to clip through all walls.

The C# code of this is this.mySkinName.firstPersonControl.character.radius = INFINITY

Lets put this all together.

void (*_Update)(void* _this);
void Update(void* _this)
{
    if (_this)
    {
        void* skinName = *(void **)((uint32_t)_this + 0x320); // internal SkinName mySkinName; // 0x320
        void* firstPersonControl = *(void **)((uint32_t)skinName + 0xD8); // public FirstPersonControlSharp firstPersonControl; // 0xD8
        void* characterController = *(void **)((uint32_t)firstPersonControl + 0x74); // internal CharacterController character; // 0x74

        void (*CharacterController_set_radius)(void* character, float radius) = (void (*)(void *, float ))getRealOffset(0xEAB82C); // CharacterController$$set_radius

        CharacterController_set_radius(characterController, INFINITY);
        
        _Update(_this);
    }
}


MSHookFunction((void *) getRealOffset(offset), (void *) &Update, (void **) &_Update); // Player_move_c UpdateEffects   

Now we have created noclip. Obviously you do not want noclip to be indefinite so lets add a way to revert back to normal.

bool togglenoclip = false;
bool noclip = false;

void (*_Update)(void* _this);
void Update(void* _this)
{
    if (_this)
    {
        void* skinName = *(void **)((uint32_t)_this + 0x320); // internal SkinName mySkinName; // 0x320
        void* firstPersonControl = *(void **)((uint32_t)skinName + 0xD8); // public FirstPersonControlSharp firstPersonControl; // 0xD8
        void* characterController = *(void **)((uint32_t)firstPersonControl + 0x74); // internal CharacterController character; // 0x74

        void (*CharacterController_set_radius)(void* character, float radius) = (void (*)(void *, float ))getRealOffset(0xEAB82C); // CharacterController$$set_radius

        if (togglenoclip) // check to see if u have ever enabled no clip
        {	
            if (noclip) // turn on noclip
            {
                CharacterController_set_radius(characterController, INFINITY);
            }
            else // turn off noclip
            {
                CharacterController_set_radius(characterController, 0.35f); // In order to get the original radius, you will have to get the value of the default radius. If a get_radius does no exist, then experiment around to find a good value. For PG3D I figured out that 0.35f is a good value.
            }
        }
        _Update(_this);
}


MSHookFunction((void *) getRealOffset(offset), (void *) &Update, (void **) &_Update); // Player_move_c UpdateEffects   

I am sure there are other better ways of implementing a way to go back and forth between noclipping and regular clipping, this is just how I do it.

That is how to create noclip in unity il2cpp. Obviously every game is different. I could've hooked into FirstPersonControlSharp.Update() and set the radius there, but that would require an extra hook, which I didn't want to do.

This way of implementing noclip does not stop the game from checking to see if you are clipping, bypassing that would require something else and this tutorial isn't meant to provide a bypass.

As long as the game uses CharacterController to handle player movement, state, and collision then this should work, regardless of what classes or code is inbetween.

You can look at all file used for il2cpp here

Mono

in progress

Issues
  • [ImgBot] Optimize images

    [ImgBot] Optimize images

    Beep boop. Your images are optimized!

    Your image file size has been reduced by 5% 🎉

    Details

    | File | Before | After | Percent reduction | |:--|:--|:--|:--| | /Previews/mono-original.png | 17.22kb | 14.18kb | 17.62% | | /Previews/mono-modified.png | 19.13kb | 16.17kb | 15.47% | | /Previews/mono.gif | 4,746.49kb | 4,490.21kb | 5.40% | | /Previews/il2cpp.gif | 3,430.16kb | 3,276.40kb | 4.48% | | | | | | | Total : | 8,213.00kb | 7,796.97kb | 5.07% |


    Black Lives Matter | 💰 donate | 🎓 learn | ✍🏾 sign

    📝 docs | :octocat: repo | 🙋🏾 issues | 🏅 swag | 🏪 marketplace

    opened by imgbot[bot] 0
Owner
Jonah
YouTuber and Android App Creator/Modder
Jonah
QPEP (Quadratic Pose Estimation Problems) Enhanced VINS-Mono SLAM System

VINS-Mono-QPEP The QPEP (Quadratic Pose Estimation Problems) Enhanced VINS-Mono

Jin Wu 27 Jul 19, 2022
Visual Studio native debugger extension to help debug native applications using Mono.

Unity Mixed Callstack UnityMixedCallstack is a Visual Studio 2017/2019 extension to help debug native applications embedding Mono, like Unity. If you

Unity Technologies 73 Aug 5, 2022
the first ever open source zombie killcam mod for bo2 zombies. this repository is the original mod.

BO2 T6ZM Killcams (+ Mod Menu) my zombie killcam mod that is a work-in-progress and open sourced. this may work off plutonium but this was only suppor

m 4 Jun 6, 2022
Engine originally used on Mind Games mod

Friday Night Funkin' - Psych Engine Engine originally used on Mind Games Mod, intended to be a fix for the vanilla version's many issues while keeping

null 619 Aug 12, 2022
Create a calculator of any kind in any language, create a pr.

calculators Create a calculator of any kind in any language, create a pr. Create a calculator of any type using the programming language of your choic

Akshay Gautam 2 Dec 1, 2021
Tactile-Arcade-Games - Wrote a C program comprised of four separate games that run in a loop using the PSoC 5LP board and Cypress IDE.

Tactile-Arcade-Games - Wrote a C program comprised of four separate games that run in a loop using the PSoC 5LP board and Cypress IDE. Used two potentiometers, two ADCs to convert their voltages to digital values, a PWM to drive two servos, an 8x8 RGB LED matrix, 40 digital output pins and 8 power MOSFETS to control the matrix, and a character LCD display.

null 2 Dec 24, 2021
Defold Engine integration with Yandex.Metrica to track your games on Yandex.Games.

Yandex.Metrica for Defold Yandex.Metrica is a free of charge web analytics tool for websites, that's the reason why we can use it for HTML5 games. Yan

Indiesoft LLC 7 Aug 2, 2022
Powerful automated tool for reverse engineering Unity IL2CPP binaries

Powerful automated tool for reverse engineering Unity IL2CPP binaries

Katy 1.9k Aug 15, 2022
Adds proper Apple Pencil support to Unity's InputSystem.

This project aims to create an Apple Pencil device for Unity's InputSystem package. The problem: Unity does not fully integrate with Apple Pencil. App

Oliver Smith 9 Jul 15, 2022
A native plugin for Unity that provides simple packet division and restoration.

uPacketDivision This is a native plug-in that divides a given data (System.IntPtr or array) into specified sizes and restores them regardless of the i

hecomi 4 Feb 20, 2022
Unity Scripting in C++

Unity Native Scripting A library to allow writing Unity scripts in native code: C, C++, assembly. Purpose This project aims to give you a viable alter

Jackson Dunstan 1.1k Aug 5, 2022
Open source simulator for autonomous vehicles built on Unreal Engine / Unity, from Microsoft AI & Research

Welcome to AirSim AirSim is a simulator for drones, cars and more, built on Unreal Engine (we now also have an experimental Unity release). It is open

Microsoft 13.4k Aug 9, 2022
Tests to check the determinism of the basic floating point arithmetic operations on different devices, using Unity and Rust.

This repo contains tests to check the determinism (consistency) of the basic floating point arithmetic operations (add, subtract, multiply, divide) on

Erik Roystan 4 Dec 24, 2021
Unity project with an example on how to run the depthai library in Android.

depthai-android-unity-example Unity project (built with Unity 2020.3.25f1) with an example on how to run the depthai library in Android. Important Thi

Ibai Gorordo 18 Mar 13, 2022
Useful cmake macros that help with: compiler/linker flags, collecting sources, PCHs, Unity builds and other stuff.

ucm - useful cmake macros ucm is a collection of cmake macros that help with: managing compiler/linker flags collecting source files with grouping in

Viktor Kirilov 192 Aug 11, 2022
A lightweight additive chiptune synthesizer (LV2 and Unity Plugin)

OvenMit Synthesizer kenakofer's first ever synthesizer! Coming initially out of BMusic's excellent tutoral series for lv2 synthesizers, the developer

Kenan Schaefkofer 7 Apr 18, 2022
HLSL to GLSL language translator based on ATI's HLSL2GLSL. Used in Unity.

HLSL to GLSL shader language translator ⚠️ As of mid-2016, the project is unlikely to have any significant developments. At Unity we are moving to a d

Aras Pranckevičius 517 Aug 4, 2022
GLSL optimizer based on Mesa's GLSL compiler. Used to be used in Unity for mobile shader optimization.

GLSL optimizer ⚠️ As of mid-2016, the project is unlikely to have any significant developments. At Unity we are moving to a different shader compilati

Aras Pranckevičius 1.6k Aug 11, 2022
Unity includes a 10,000 NPC scene

luacluster 概要 luacluster分布式游戏服务器框架。特色是实现了万人同屏,实现了无缝大地图,用户开发方式为lua的rpc调用模式,已经接入mongodb。近期计划是写技术白皮书。QQ群:927073440。 [TOC] 1. BUILDING AND INSTALLATION CM

surparallel.org 133 Aug 8, 2022