Source Code – DOTA 2 Cheats
Download Source Code – DOTA 2 Cheats for FREE
I’ve had a lot of requests to update the offsets for this hack, both here an in Github, since Dota has since been updated and some of the features are not working. Since dota is updated frequently and I’ve moved onto other games, it’ll be better to post a quick tutorial for how to update the offsets yourself.
To do this, you’ll need IDA and the Class Informer plugin.
The offset that changes most frequently is the CanBeSeenByTeam offset in the C_BaseModelEntity vtable. Since this offset is near the bottom of the vtable, there are often changes to functions before this one, which cause the offset to move by a few places every few months.
Okay, so how do we update the CanBeSeenByTeam offset. Get an old version of Dota where this hack was working from the steam depot (google it, there’s other tutorials that explain how to get old versions).
On the old version of dota, Open client.dll (generally located at C:Program Files (x86)Steamsteamappscommondota 2 betagamedotabinwin64) in IDA. Once auto-analysis is complete, run the Class Informer plugin.
Select the C_BaseModelEntity vtable:
Once you select this vtable, you’ll see the below entries. I’ve highlighted the first offset (0), which is the start of the vtable.
In the hack, the CEntityInstance.h file shows that we are currently accessing CanBeSeenByTeam at the 215th offset. So count down 215 places, or do math to add the amount of bytes from the first offset of the vtable (8 * 215 + 181B0D5E0) = 181B0DC98.
You can now see the function that we are calling:
Go ahead and open the vfunc to see what it looks like:
Now that we know what the function looks like, open the new client.dll file in IDA, run class informer, and go to the BaseModelEntity vtable. Look around the 215th entry to see if you can see a similar function to the above. I did this and saw the function is now at the 211th offset.
Once you find it, edit our CEntityInstance.h file to add or remove padding as appropriate. Here, since the function is now four offsets closer to the start of the vtable, I removed four of the padding vtable functions in CEntityInstance, and now the hack works.
Updated files can be found here: