CS2 Internal ESP

Inspiration

This is meant to be an exercise in implementing my own simple ESP for Counter Strike 2. Even though it would never be used in live matches for ethical reasons, I think its important to have an understanding of malware development as it can allow us to make better decisions as malware analysts and improve EDR solutions. This has not and will never be used in live matches. And even if it was, would very likely get you caught and banned.

What it does

Using previously existing code meant for process injection, we can create a 'hook' by loading a DLL into CS2 as its running. We then instantiate an overlay that checks for enemy players and draws a box around them. Its basically wallhacks.

How we built it

This is built using C++ and previously dumped memory address offsets within the game's native DLLs. External and internal ESP are different in that external modifications are those that constantly read/write to the game's memory while internal uses a direct hook for quicker modifications.

Challenges we ran into

Because the game is updated frequently, offset values can change by the day. When these values change, the code has to be modified (since this naive implementation has them hard-coded).

Accomplishments that we're proud of

Despite the obvious 'grey-hat' nature of this project, I'm proud that I was able to learn about the inner workings of a large game and more about process injection, which is an off-shoot of a previous project.

What's next for CS2 Internal ESP

This program is wildly inconsistent (has only worked as intended a handful of times) and requires disabling certain Steam security settings. I don't intend on regularly updating this project as its finished variation is not something I would want to make available or use personally. But having an excuse to use dissamblers/decompilers for search DLL is always a good time in my opinion.

Built With

• c++
• extremeinjector
• kiero