Resident Evil 2 Cheat Table old version

1. <?xml version="1.0" encoding="utf-8"?>
2. <CheatTable CheatEngineTableVersion="28">
3. <CheatEntries>
4. <CheatEntry>
5. <ID>12997</ID>
6. <Description>"enable"</Description>
7. <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
8. <LastState Activated="1"/>
9. <Color>FF0000</Color>
10. <VariableType>Auto Assembler Script</VariableType>
11. <AssemblerScript>[ENABLE]
12. //code from here to '[DISABLE]' will be used to enable the cheat
13. aobscanmodule(damageHandle1AOB,re2.exe,8B 43 7C 89 46 7C 48 8B 47 50)
14. registersymbol(damageHandle1AOB)
15. aobscanmodule(totalGameTimeWriteAOB,re2.exe,E8 ** ** ** ** EB 08 48 ** ** ** 48 ** ** ** 48 ** ** ** 4C ** ** ** 0F 85 ** ** ** ** 44 ** ** ** 0F 85)
16. registersymbol(totalGameTimeWriteAOB)
17.  
18. ///*******************************************///
19. //current ammo clip read on fine aim / on reload / after rload until next exit fine aim
20. aobscanmodule(ammoClipReadOnAimReloadAOB,re2.exe,48 ** ** A0 00 00 00 48 ** ** 74 ** 48 ** ** ** 48 ** ** 74 ** 48 ** ** ** 48 ** ** 74 ** 8B ** 20 48 ** ** ** ** 48 ** ** ** 5F C3)
21. registersymbol(ammoClipReadOnAimReloadAOB)
22.  
23. label(pAmmo)
24. registersymbol(pAmmo)
25. label(dAmmoClipMax)
26. registersymbol(dAmmoClipMax)
27.  
28. alloc(newmem,2048,ammoClipReadOnAimReloadAOB+1e) //"re2.exe"+E993E19)
29. label(returnhere)
30. label(originalcode_ammoClipReadOnAimReloadAOB)
31. registersymbol(originalcode_ammoClipReadOnAimReloadAOB)
32. label(exit)
33.  
34. newmem: //this is allocated memory, you have read,write,execute access
35. //place your code here
36. push rcx
37. mov rcx,pAmmo
38. mov [rcx],rax
39. mov byte ptr [rcx+8],1
40. cmp byte ptr [rcx+c],0
41. je end
42. //mov byte ptr [rcx+c],0
43. mov rbx,dAmmoClipMax
44. mov ebx,[rbx]
45. test ebx,ebx
46. jg @f
47. mov ebx,2
48. @@:
49. cmp [rax+20],ebx
50. jge end
51. cmp dword ptr [rax+14],9 //SLS 60
52. jne @f
53. //mov ebx,5
54. //mov edi,[rax+18]
55. //shr edi,1
56. //test dil,dil //Quick Loader
57. mov edi,[rax+18]
58. and edi,2
59. cmp edi,2 //Quick Loader
60. jne doinc
61. @@:
62. cmp dword ptr [rax+14],4 //Quickdraw Army
63. je doinc
64. @@:
65. cmp dword ptr [rax+14],b //W-870
66. jne @f
67. mov edi,[rax+18]
68. and edi,1
69. cmp edi,1
70. jne doinc
71. inc [rax+20]
72. jmp doinc
73. @@:
74. jmp customammoclipassign
75.  
76. doinc:
77. cmp byte ptr [rcx+c],1
78. jne end
79. inc [rax+20]
80. cmp [rax+20],ebx
81. jle end
82.  
83. customammoclipassign:
84. mov [rax+20],ebx
85.  
86. end:
87. mov byte ptr [rcx+c],0
88. pop rcx
89.  
90. originalcode_ammoClipReadOnAimReloadAOB:
91. readmem(ammoClipReadOnAimReloadAOB+1e,8)
92. //mov eax,[rax+20]
93. //mov rbx,[rsp+30]
94.  
95. exit:
96. jmp returnhere
97.  
98. ///
99. pAmmo:
100. dq 0
101. dq 0
102. dAmmoClipMax:
103. dq 1
104. ///
105.  
106. ammoClipReadOnAimReloadAOB+1e: //"re2.exe"+E993E19:
107. jmp newmem
108. nop
109. nop
110. nop
111. returnhere:
112.  
113. ///*******************************************///
114. //current ammo clip chk max
115. aobscanmodule(ammoClipMaxCChkAOB,re2.exe,74 0C 48 ** ** 10 48 ** ** 74 03 8B ** ** 39 DA 48)
116. registersymbol(ammoClipMaxCChkAOB)
117.  
118. alloc(newmem2,2048,ammoClipMaxCChkAOB+e) //"re2.exe"+B8BE4D2)
119. label(returnhere2)
120. label(originalcode2_ammoClipMaxCChkAOB)
121. registersymbol(originalcode2_ammoClipMaxCChkAOB)
122. label(exit2)
123.  
124. newmem2: //this is allocated memory, you have read,write,execute access
125. //place your code here
126. mov rsi,dAmmoClipMax
127. mov [rsi],edx
128.  
129. originalcode2_ammoClipMaxCChkAOB:
130. readmem(ammoClipMaxCChkAOB+e,7)
131. //cmp edx,ebx
132. //mov rbx,[rsp+30]
133.  
134. exit2:
135. jmp returnhere2
136.  
137. ///
138.  
139. ammoClipMaxCChkAOB+e: //"re2.exe"+B8BE4D2:
140. jmp newmem2
141. nop
142. nop
143. returnhere2:
144.  
145. ///*******************************************///
146. //player health read 4 bytes, start: 1200
147. aobscanmodule(playerHealthCReadAOB,re2.exe,8B ** ** 48 ** ** ** ** 48 ** ** ** 5F C3 48 ** ** ** ** B8 01)
148. registersymbol(playerHealthCReadAOB)
149.  
150. label(pPlayer)
151. registersymbol(pPlayer)
152. label(pPlayerBase)
153. registersymbol(pPlayerBase)
154.  
155. alloc(newmem6,2048,playerHealthCReadAOB) //"re2.exe"+8F11DE3)
156. label(returnhere6)
157. label(originalcode6_playerHealthCReadAOB)
158. registersymbol(originalcode6_playerHealthCReadAOB)
159. label(exit6)
160.  
161. newmem6: //this is allocated memory, you have read,write,execute access
162. //place your code here
163. mov rbx,pPlayer
164. mov [rbx],rax
165. mov [rbx+8],rdi
166.  
167. originalcode6_playerHealthCReadAOB:
168. readmem(playerHealthCReadAOB,8)
169. //mov eax,[rax+58]
170. //mov rbx,[rsp+30]
171.  
172. exit6:
173. jmp returnhere6
174.  
175. ///
176. pPlayer:
177. dq 0
178. pPlayerBase:
179. dq 0
180. ///
181.  
182. playerHealthCReadAOB: //"re2.exe"+8F11DE3:
183. jmp newmem6
184. nop
185. nop
186. nop
187. returnhere6:
188.  
189. ///*******************************************///
190. aobscanmodule(someItemQWrite3AOB,re2.exe,41 ** ** ** 48 ** ** ** ** 48 ** ** ** ** 48 ** ** ** 5F E9 ** ** ** ** 89 ** ** 48 ** 74 ** ** 48 ** ** ** ** 48 ** ** ** 5F C3)
191. registersymbol(someItemQWrite3AOB)
192.  
193. alloc(newmem3,2048,someItemQWrite3AOB+18) //"re2.exe"+B8BC63A)
194. label(returnhere3)
195. label(originalcode3_someItemQWrite3AOB)
196. registersymbol(originalcode3_someItemQWrite3AOB)
197. label(exit3)
198.  
199. newmem3: //this is allocated memory, you have read,write,execute access
200. //place your code here
201. mov rsi,pAmmo
202. cmp byte ptr [rsi+c],1
203. jne @f
204. inc byte ptr [rsi+c]
205.  
206. originalcode3_someItemQWrite3AOB:
207. readmem(someItemQWrite3AOB+18,8)
208. //mov [rax+20],ebx
209. //mov rsi,[rsp+30]
210.  
211. exit3:
212. jmp returnhere3
213.  
214. ///
215.  
216. someItemQWrite3AOB+18: //"re2.exe"+B8BC63A:
217. jmp newmem3
218. nop
219. nop
220. nop
221. returnhere3:
222.  
223. ///*******************************************///
224. aobscanmodule(readiedWeaponChkAOB,re2.exe,44 ** ** ** ** ** ** 75 ** 44 ** ** ** ** ** ** 75 ** 40)
225. registersymbol(readiedWeaponChkAOB)
226.  
227. label(pReadiedWeapon)
228. registersymbol(pReadiedWeapon)
229. label(dCusFCamZOffset)
230. registersymbol(dCusFCamZOffset)
231.  
232. alloc(newmem7,2048,readiedWeaponChkAOB+9) //"re2.exe"+B45CCE1)
233. label(returnhere7)
234. label(originalcode7_readiedWeaponChkAOB)
235. registersymbol(originalcode7_readiedWeaponChkAOB)
236. label(exit7)
237.  
238. newmem7: //this is allocated memory, you have read,write,execute access
239. //place your code here
240. mov rdx,pReadiedWeapon
241. db 48 8D 8F
242. readmem(readiedWeaponChkAOB+c,4)
243. //lea rcx,[rdi+198]
244. mov [rdx],rcx
245.  
246. originalcode7_readiedWeaponChkAOB:
247. readmem(readiedWeaponChkAOB+9,7)
248. //cmp [rdi+00000198],r12d
249.  
250. exit7:
251. jmp returnhere7
252.  
253. ///
254. pReadiedWeapon:
255. dq 0
256. dCusFCamZOffset:
257. dd (float)-0.18
258. dd (float)-0.18
259. dd (float)-0.18
260. dd (float)0.012
261. dd (float)15
262. dd (float)-1
263. dd 0
264. ///
265.  
266. readiedWeaponChkAOB+9: //"re2.exe"+B45CCE1:
267. jmp newmem7
268. nop
269. nop
270. returnhere7:
271.  
272. ///*******************************************///
273. label(pSomeGameStatus)
274. registersymbol(pSomeGameStatus)
275.  
276. alloc(newmem8,2048,totalGameTimeWriteAOB+1d) //"re2.exe"+AD9D90B)
277. label(returnhere8)
278. label(originalcode8_totalGameTimeWriteAOB)
279. registersymbol(originalcode8_totalGameTimeWriteAOB)
280. label(exit8)
281.  
282. newmem8: //this is allocated memory, you have read,write,execute access
283. //place your code here
284. push rax
285. mov rax,pSomeGameStatus
286. mov [rax],rdi
287. pop rax
288. readmem(totalGameTimeWriteAOB+1d,4)
289. reassemble(totalGameTimeWriteAOB+21)
290. jmp exit8
291.  
292. originalcode8_totalGameTimeWriteAOB:
293. readmem(totalGameTimeWriteAOB+1d,10)
294. //cmp [rdi+53],r14l
295. //jne re2.exe+AD9D9AE
296.  
297. exit8:
298. jmp returnhere8
299.  
300. ///
301. pSomeGameStatus:
302. ///
303.  
304. totalGameTimeWriteAOB+1d: //"re2.exe"+AD9D90B:
305. jmp newmem8
306. nop
307. nop
308. nop
309. nop
310. nop
311. returnhere8:
312.  
313. ///*******************************************///
314.  
315.  
316.  
317.  
318. [DISABLE]
319. //code from here till the end of the code will be used to disable the cheat
320. dealloc(newmem)
321. ammoClipReadOnAimReloadAOB+1e: //"re2.exe"+E993E19:
322. readmem(originalcode_ammoClipReadOnAimReloadAOB,8)
323. //db 8B 40 20 48 8B 5C 24 30
324. //Alt: mov eax,[rax+20]
325. //Alt: mov rbx,[rsp+30]
326. unregistersymbol(originalcode_ammoClipReadOnAimReloadAOB)
327.  
328. unregistersymbol(pAmmo)
329. unregistersymbol(dAmmoClipMax)
330.  
331. ///*******************************************///
332. dealloc(newmem2)
333. ammoClipMaxCChkAOB+e: //"re2.exe"+B8BE4D2:
334. readmem(originalcode2_ammoClipMaxCChkAOB,7)
335. //db 39 DA 48 8B 5C 24 30
336. //Alt: cmp edx,ebx
337. //Alt: mov rbx,[rsp+30]
338. unregistersymbol(originalcode2_ammoClipMaxCChkAOB)
339.  
340. ///*******************************************///
341. dealloc(newmem6)
342. playerHealthCReadAOB: //"re2.exe"+8F11DE3:
343. readmem(originalcode6_playerHealthCReadAOB,8)
344. //db 8B 40 58 48 8B 5C 24 30
345. //Alt: mov eax,[rax+58]
346. //Alt: mov rbx,[rsp+30]
347. unregistersymbol(originalcode6_playerHealthCReadAOB)
348.  
349.  
350. unregistersymbol(pPlayer)
351. unregistersymbol(pPlayerBase)
352.  
353. ///*******************************************///
354. dealloc(newmem3)
355. someItemQWrite3AOB+18: //"re2.exe"+B8BC63A:
356. readmem(originalcode3_someItemQWrite3AOB,8)
357. //db 89 58 20 48 8B 74 24 30
358. //Alt: mov [rax+20],ebx
359. //Alt: mov rsi,[rsp+30]
360. unregistersymbol(originalcode3_someItemQWrite3AOB)
361.  
362. ///*******************************************///
363. dealloc(newmem7)
364. readiedWeaponChkAOB+9: //"re2.exe"+B45CCE1:
365. readmem(originalcode7_readiedWeaponChkAOB,7)
366. //db 44 39 A7 98 01 00 00
367. //Alt: cmp [rdi+00000198],r12d
368. unregistersymbol(originalcode7_readiedWeaponChkAOB)
369.  
370. unregistersymbol(pReadiedWeapon)
371. unregistersymbol(dCusFCamZOffset)
372.  
373. ///*******************************************///
374. dealloc(newmem8)
375. totalGameTimeWriteAOB+1d: //"re2.exe"+AD9D90B:
376. readmem(originalcode8_totalGameTimeWriteAOB,10)
377. db 44 38 77 53 0F 85 99 00 00 00
378. //Alt: cmp [rdi+53],r14l
379. //Alt: jne re2.exe+AD9D9AE
380. unregistersymbol(originalcode8_totalGameTimeWriteAOB)
381.  
382. unregistersymbol(pSomeGameStatus)
383.  
384. ///*******************************************///
385. </AssemblerScript>
386. <CheatEntries>
387. <CheatEntry>
388. <ID>12998</ID>
389. <Description>"undead .4"</Description>
390. <Options moHideChildren="1"/>
391. <LastState Activated="1"/>
392. <Color>FF0000</Color>
393. <VariableType>Auto Assembler Script</VariableType>
394. <AssemblerScript>[ENABLE]
395. //code from here to '[DISABLE]' will be used to enable the cheat
396. define(dminhealthdefault,#360)
397.  
398. label(pPlayerJustHit)
399. registersymbol(pPlayerJustHit)
400. label(pPAttackedInfo)
401. registersymbol(pPAttackedInfo)
402. label(pPAttackedInfo2)
403. registersymbol(pPAttackedInfo2)
404. label(dMinHealth)
405. registersymbol(dMinHealth)
406.  
407. alloc(newmem8,2048,damageHandle1AOB) //"re2.exe"+B9766D3)
408. label(returnhere8)
409. label(originalcode8_damageHandle1AOB)
410. registersymbol(originalcode8_damageHandle1AOB)
411. label(exit8)
412.  
413. newmem8: //this is allocated memory, you have read,write,execute access
414. //place your code here
415. push r14
416. push rdx
417. mov rax,pPlayer
418. mov rdx,[rbp+b8]
419. cmp [rax],rdx
420. jne notplayer8
421.  
422. mov rax,pPlayerJustHit
423. mov [rax],rbp
424. mov rax,pPAttackedInfo
425. mov [rax],rbx
426. mov rax,pPAttackedInfo2
427. mov [rax],rcx
428.  
429. mov r14,dMinHealth
430. mov eax,[rdx+58]
431. sub eax,[rbx+7c]
432. cmp eax,[r14]
433. jg @f
434. xor eax,eax
435. mov [rbx+7c],eax
436. mov eax,[r14]
437. mov [rdx+58],eax
438. mov byte ptr [rdx+5c],1 //god flag
439. jmp end8
440. @@:
441. //mov byte ptr [rdx+5c],0
442. jmp end8
443.  
444. notplayer8:
445.  
446. end8:
447. pop rdx
448. pop r14
449.  
450. originalcode8_damageHandle1AOB:
451. readmem(damageHandle1AOB,6)
452. //mov eax,[rbx+7C]
453. //mov [rsi+7C],eax
454.  
455. exit8:
456. jmp returnhere8
457.  
458. ///
459. pPlayerJustHit:
460. dq 0
461. pPAttackedInfo:
462. dq 0
463. pPAttackedInfo2:
464. dq 0
465. dMinHealth:
466. dd dminhealthdefault
467. ///
468.  
469. damageHandle1AOB: //"re2.exe"+B9766D3:
470. jmp newmem8
471. nop
472. returnhere8:
473.  
474.  
475.  
476.  
477. [DISABLE]
478. //code from here till the end of the code will be used to disable the cheat
479. dealloc(newmem8)
480. damageHandle1AOB: //"re2.exe"+B9766D3:
481. readmem(originalcode8_damageHandle1AOB,6)
482. //db 8B 43 7C 89 46 7C
483. //Alt: mov eax,[rbx+7C]
484. //Alt: mov [rsi+7C],eax
485. unregistersymbol(originalcode8_damageHandle1AOB)
486.  
487.  
488. unregistersymbol(pPlayerJustHit)
489. unregistersymbol(pPAttackedInfo)
490. unregistersymbol(pPAttackedInfo2)
491. unregistersymbol(dMinHealth)
492. </AssemblerScript>
493. <CheatEntries>
494. <CheatEntry>
495. <ID>13060</ID>
496. <Description>"min health"</Description>
497. <LastState Value="650" Activated="1" RealAddress="156A300B7"/>
498. <Color>008000</Color>
499. <VariableType>4 Bytes</VariableType>
500. <Address>dMinHealth</Address>
501. <CheatEntries>
502. <CheatEntry>
503. <ID>13061</ID>
504. <Description>"don't set lower than 360"</Description>
505. <LastState Value="" RealAddress="00000000"/>
506. <Color>808080</Color>
507. <GroupHeader>1</GroupHeader>
508. </CheatEntry>
509. </CheatEntries>
510. </CheatEntry>
511. </CheatEntries>
512. </CheatEntry>
513. <CheatEntry>
514. <ID>13062</ID>
515. <Description>"damage mod"</Description>
516. <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
517. <LastState Activated="1"/>
518. <Color>FF0000</Color>
519. <VariableType>Auto Assembler Script</VariableType>
520. <AssemblerScript>[ENABLE]
521. //code from here to '[DISABLE]' will be used to enable the cheat
522. define(ddamagemultiplierdefault,(float)1)
523.  
524. label(pEnemyJustHit)
525. registersymbol(pEnemyJustHit)
526. label(pAttackInfo)
527. registersymbol(pAttackInfo)
528. label(pAttackInfo2)
529. registersymbol(pAttackInfo2)
530. label(bIsEnemy)
531. registersymbol(bIsEnemy)
532. label(dDamageMultiplier)
533. registersymbol(dDamageMultiplier)
534. label(bWeakLimbsKey)
535. registersymbol(bWeakLimbsKey)
536. label(bWeakLimbs)
537. registersymbol(bWeakLimbs)
538.  
539. alloc(newmem2,2048,damageHandle1AOB+6) //"re2.exe"+B9766D9)
540. label(returnhere2)
541. label(originalcode2_damageHandle1AOB)
542. registersymbol(originalcode2_damageHandle1AOB)
543. label(exit2)
544.  
545. newmem2: //this is allocated memory, you have read,write,execute access
546. //place your code here
547. push rdx
548. mov rax,pPlayer
549. mov rdx,[rbp+b8]
550. cmp [rax],rdx
551. pop rdx
552. je @f
553. mov rax,pEnemyJustHit
554. mov [rax],rbp
555. mov rax,pAttackInfo
556. mov [rax],rbx
557. mov rax,pAttackInfo2
558. mov [rax],rcx
559.  
560. mov rax,bIsEnemy
561. mov byte ptr [rax],1
562.  
563. mov rax,dDamageMultiplier
564. fild dword ptr [rbx+7c]
565. fmul dword ptr [rax]
566. fist dword ptr [rsi+7c]
567. fistp dword ptr [rbx+7c]
568. //fld1
569. //fst dword ptr [rbx+80]
570. //fst dword ptr [rbx+8c]
571. //fstp dword ptr [rbx+90]
572.  
573. originalcode2_damageHandle1AOB:
574. readmem(damageHandle1AOB+6,9)
575. //mov rax,[rdi+50]
576. //cmp qword ptr [rax+18],00
577.  
578. exit2:
579. jmp returnhere2
580.  
581. ///
582. pEnemyJustHit:
583. dq 0
584. pAttackInfo:
585. dq 0
586. pAttackInfo2:
587. dq 0
588. bIsEnemy:
589. dd 0
590. dDamageMultiplier:
591. dd ddamagemultiplierdefault
592. bWeakLimbsKey:
593. dd 14
594. bWeakLimbs:
595. dd 0
596. dd 0
597. ///
598.  
599. damageHandle1AOB+6: //"re2.exe"+B9766D9:
600. jmp newmem2
601. nop
602. nop
603. nop
604. nop
605. returnhere2:
606.  
607. ///*******************************************///
608. aobscanmodule(cJmpIfNormalAttackAOB,re2.exe,48 ** ** ** 00 0F 85 ** ** ** ** 48 ** ** 74 ** 83 ** ** 00 7E)
609. registersymbol(cJmpIfNormalAttackAOB)
610.  
611. alloc(newmem6,2048,cJmpIfNormalAttackAOB+10) //"re2.exe"+6940E6)
612. label(returnhere6)
613. label(originalcode6_cJmpIfNormalAttackAOB)
614. registersymbol(originalcode6_cJmpIfNormalAttackAOB)
615. label(exit6)
616.  
617. newmem6: //this is allocated memory, you have read,write,execute access
618. //place your code here
619. mov rdi,bIsEnemy
620. cmp byte ptr [rdi],1
621. jne end6
622. inc byte ptr [rdi]
623.  
624. mov rdi,bWeakLimbs
625. cmp byte ptr [rdi],1
626. je @f
627.  
628. cmp byte ptr [rdi+4],1
629. jne end6
630.  
631. @@:
632. readmem(cJmpIfNormalAttackAOB+10,4)
633. //cmp dword ptr [rax+1C],00
634. jg @f
635. db C7 40
636. readmem(cJmpIfNormalAttackAOB+12,1)
637. db 01 00 00 00
638. //mov dword ptr [rax+1c],1
639.  
640. end6:
641. readmem(cJmpIfNormalAttackAOB+10,4)
642. reassemble(cJmpIfNormalAttackAOB+14)
643. jmp exit6
644.  
645. originalcode6_cJmpIfNormalAttackAOB:
646. readmem(cJmpIfNormalAttackAOB+10,6)
647. //cmp dword ptr [rax+1C],00
648. //jle re2.exe+694138
649.  
650. exit6:
651. jmp returnhere6
652.  
653. ///
654.  
655. cJmpIfNormalAttackAOB+10: //"re2.exe"+6940E6:
656. jmp newmem6
657. nop
658. returnhere6:
659.  
660. ///*******************************************///
661. aobscanmodule(dsmageSpecialEffectReadAOB,re2.exe,8B ** ** ** ** 00 02 00 00 0F 8E ** ** ** ** ** 00 00 02 00)
662. registersymbol(dsmageSpecialEffectReadAOB)
663.  
664. alloc(newmem12,2048,dsmageSpecialEffectReadAOB) //"re2.exe"+A3DDB96)
665. label(returnhere12)
666. label(originalcode12_dsmageSpecialEffectReadAOB)
667. registersymbol(originalcode12_dsmageSpecialEffectReadAOB)
668. label(exit12)
669.  
670. newmem12: //this is allocated memory, you have read,write,execute access
671. //place your code here
672. push rdi
673. mov rdi,bIsEnemy
674. cmp byte ptr [rdi],2
675. jne end12
676. xor eax,eax
677. mov [rdi],eax
678.  
679. mov rdi,bWeakLimbs
680. cmp byte ptr [rdi],1
681. je @f
682.  
683. cmp byte ptr [rdi+4],1
684. jne end12
685.  
686. @@:
687. mov eax,40
688. db 89
689. readmem(dsmageSpecialEffectReadAOB+1,3)
690. //mov [rbx+rsi*4+20],eax
691.  
692. end12:
693. pop rdi
694.  
695. originalcode12_dsmageSpecialEffectReadAOB:
696. readmem(dsmageSpecialEffectReadAOB,9)
697. //mov eax,[rbx+rsi*4+20]
698. //cmp eax,00000200
699.  
700. exit12:
701. jmp returnhere12
702.  
703. ///
704.  
705. dsmageSpecialEffectReadAOB: //"re2.exe"+A3DDB96:
706. jmp newmem12
707. nop
708. nop
709. nop
710. nop
711. returnhere12:
712.  
713. ///*******************************************///
714.  
715.  
716.  
717.  
718. [DISABLE]
719. //code from here till the end of the code will be used to disable the cheat
720. dealloc(newmem2)
721. damageHandle1AOB+6: //"re2.exe"+B9766D9:
722. readmem(originalcode2_damageHandle1AOB,9)
723. //db 48 8B 47 50 48 83 78 18 00
724. //Alt: mov rax,[rdi+50]
725. //Alt: cmp qword ptr [rax+18],00
726. unregistersymbol(originalcode2_damageHandle1AOB)
727.  
728. unregistersymbol(pEnemyJustHit)
729. unregistersymbol(pAttackInfo)
730. unregistersymbol(pAttackInfo2)
731. unregistersymbol(bIsEnemy)
732. unregistersymbol(dDamageMultiplier)
733. unregistersymbol(bWeakLimbsKey)
734. unregistersymbol(bWeakLimbs)
735.  
736. ///*******************************************///
737. dealloc(newmem6)
738. cJmpIfNormalAttackAOB+10: //"re2.exe"+6940E6:
739. readmem(originalcode6_cJmpIfNormalAttackAOB,6)
740. //db 83 78 1C 00 7E 4C
741. //Alt: cmp dword ptr [rax+1C],00
742. //Alt: jle re2.exe+694138
743. unregistersymbol(originalcode6_cJmpIfNormalAttackAOB)
744.  
745. ///*******************************************///
746. dealloc(newmem12)
747. dsmageSpecialEffectReadAOB: //"re2.exe"+A3DDB96:
748. readmem(originalcode12_dsmageSpecialEffectReadAOB,9)
749. //db 8B 44 B3 20 3D 00 02 00 00
750. //Alt: mov eax,[rbx+rsi*4+20]
751. //Alt: cmp eax,00000200
752. unregistersymbol(originalcode12_dsmageSpecialEffectReadAOB)
753.  
754. ///*******************************************///
755. </AssemblerScript>
756. <CheatEntries>
757. <CheatEntry>
758. <ID>13693</ID>
759. <Description>"damage multiplier"</Description>
760. <Options moHideChildren="1"/>
761. <LastState Activated="1"/>
762. <Color>FF0000</Color>
763. <VariableType>Auto Assembler Script</VariableType>
764. <AssemblerScript>[ENABLE]
765. //code from here to '[DISABLE]' will be used to enable the cheat
766. dDamageMultiplier:
767. dd (float)2
768.  
769.  
770.  
771.  
772. [DISABLE]
773. //code from here till the end of the code will be used to disable the cheat
774. dDamageMultiplier:
775. dd (float)1
776. </AssemblerScript>
777. <CheatEntries>
778. <CheatEntry>
779. <ID>13063</ID>
780. <Description>"x?"</Description>
781. <Options moHideChildren="1"/>
782. <LastState Value="0.5" Activated="1" RealAddress="13FF00098"/>
783. <Color>008000</Color>
784. <VariableType>Float</VariableType>
785. <Address>dDamageMultiplier</Address>
786. <CheatEntries>
787. <CheatEntry>
788. <ID>13580</ID>
789. <Description>"enemy base"</Description>
790. <LastState Value="" RealAddress="100F01A0"/>
791. <ShowAsHex>1</ShowAsHex>
792. <Color>000080</Color>
793. <VariableType>Array of byte</VariableType>
794. <ByteLength>0</ByteLength>
795. <Address>pEnemyJustHit</Address>
796. <Offsets>
797. <Offset>0</Offset>
798. </Offsets>
799. <CheatEntries>
800. <CheatEntry>
801. <ID>13614</ID>
802. <Description>"+120"</Description>
803. <LastState Value="" RealAddress="121558F0"/>
804. <Color>000080</Color>
805. <VariableType>Array of byte</VariableType>
806. <ByteLength>0</ByteLength>
807. <Address>+120</Address>
808. <Offsets>
809. <Offset>0</Offset>
810. </Offsets>
811. <CheatEntries>
812. <CheatEntry>
813. <ID>13613</ID>
814. <Description>"+28"</Description>
815. <LastState Value="" RealAddress="100F4B60"/>
816. <Color>000080</Color>
817. <VariableType>Array of byte</VariableType>
818. <ByteLength>0</ByteLength>
819. <Address>+28</Address>
820. <Offsets>
821. <Offset>0</Offset>
822. </Offsets>
823. <CheatEntries>
824. <CheatEntry>
825. <ID>13615</ID>
826. <Description>"+60"</Description>
827. <LastState Value="" RealAddress="121E0FC0"/>
828. <Color>000080</Color>
829. <VariableType>Array of byte</VariableType>
830. <ByteLength>0</ByteLength>
831. <Address>+60</Address>
832. <Offsets>
833. <Offset>0</Offset>
834. </Offsets>
835. <CheatEntries>
836. <CheatEntry>
837. <ID>13617</ID>
838. <Description>"+10"</Description>
839. <LastState Value="00000002" RealAddress="121E0FD0"/>
840. <ShowAsHex>1</ShowAsHex>
841. <Color>0000FF</Color>
842. <VariableType>4 Bytes</VariableType>
843. <Address>+10</Address>
844. </CheatEntry>
845. </CheatEntries>
846. </CheatEntry>
847. <CheatEntry>
848. <ID>13616</ID>
849. <Description>"+68"</Description>
850. <LastState Value="" RealAddress="121E4CC0"/>
851. <Color>000080</Color>
852. <VariableType>Array of byte</VariableType>
853. <ByteLength>0</ByteLength>
854. <Address>+68</Address>
855. <Offsets>
856. <Offset>0</Offset>
857. </Offsets>
858. <CheatEntries>
859. <CheatEntry>
860. <ID>13618</ID>
861. <Description>"+10"</Description>
862. <LastState Value="00000001" RealAddress="121E4CD0"/>
863. <ShowAsHex>1</ShowAsHex>
864. <Color>0000FF</Color>
865. <VariableType>4 Bytes</VariableType>
866. <Address>+10</Address>
867. </CheatEntry>
868. </CheatEntries>
869. </CheatEntry>
870. <CheatEntry>
871. <ID>13621</ID>
872. <Description>"+98 enemy health"</Description>
873. <LastState Value="" RealAddress="100F49F0"/>
874. <Color>000080</Color>
875. <VariableType>Array of byte</VariableType>
876. <ByteLength>0</ByteLength>
877. <Address>+98</Address>
878. <Offsets>
879. <Offset>0</Offset>
880. </Offsets>
881. </CheatEntry>
882. </CheatEntries>
883. </CheatEntry>
884. </CheatEntries>
885. </CheatEntry>
886. <CheatEntry>
887. <ID>13581</ID>
888. <Description>"enemy health"</Description>
889. <LastState Value="" RealAddress="100F49F0"/>
890. <Color>000080</Color>
891. <VariableType>Array of byte</VariableType>
892. <ByteLength>0</ByteLength>
893. <Address>+b8</Address>
894. <Offsets>
895. <Offset>0</Offset>
896. </Offsets>
897. <CheatEntries>
898. <CheatEntry>
899. <ID>13582</ID>
900. <Description>"h"</Description>
901. <LastState Value="890" RealAddress="100F4A48"/>
902. <Color>0000FF</Color>
903. <VariableType>4 Bytes</VariableType>
904. <Address>+58</Address>
905. <CheatEntries>
906. <CheatEntry>
907. <ID>13583</ID>
908. <Description>"h max"</Description>
909. <LastState Value="890" RealAddress="100F4A44"/>
910. <Color>0000FF</Color>
911. <VariableType>4 Bytes</VariableType>
912. <Address>-4</Address>
913. </CheatEntry>
914. <CheatEntry>
915. <ID>13584</ID>
916. <Description>"god (auto reset)"</Description>
917. <LastState Value="0" RealAddress="100F4A4C"/>
918. <Color>0000FF</Color>
919. <VariableType>Byte</VariableType>
920. <Address>+4</Address>
921. </CheatEntry>
922. <CheatEntry>
923. <ID>13585</ID>
924. <Description>"god"</Description>
925. <LastState Value="0" RealAddress="100F4A4D"/>
926. <Color>0000FF</Color>
927. <VariableType>Byte</VariableType>
928. <Address>+5</Address>
929. </CheatEntry>
930. </CheatEntries>
931. </CheatEntry>
932. <CheatEntry>
933. <ID>13586</ID>
934. <Description>"+a0"</Description>
935. <LastState Value="9.720168429E-29" RealAddress="100F4A90"/>
936. <Color>0000FF</Color>
937. <VariableType>Float</VariableType>
938. <Address>+a0</Address>
939. </CheatEntry>
940. </CheatEntries>
941. </CheatEntry>
942. </CheatEntries>
943. </CheatEntry>
944. <CheatEntry>
945. <ID>13587</ID>
946. <Description>"ai 1"</Description>
947. <Options moHideChildren="1"/>
948. <LastState Value="" RealAddress="12033B90"/>
949. <Color>000080</Color>
950. <VariableType>Array of byte</VariableType>
951. <ByteLength>0</ByteLength>
952. <Address>pAttackInfo</Address>
953. <Offsets>
954. <Offset>0</Offset>
955. </Offsets>
956. <CheatEntries>
957. <CheatEntry>
958. <ID>13592</ID>
959. <Description>"damage"</Description>
960. <LastState Value="0" RealAddress="12033C0C"/>
961. <Color>0000FF</Color>
962. <VariableType>Float</VariableType>
963. <Address>+7c</Address>
964. </CheatEntry>
965. <CheatEntry>
966. <ID>13593</ID>
967. <Description>"+70"</Description>
968. <LastState Value="117B7D50" RealAddress="12033C00"/>
969. <ShowAsHex>1</ShowAsHex>
970. <Color>0000FF</Color>
971. <VariableType>4 Bytes</VariableType>
972. <Address>+70</Address>
973. </CheatEntry>
974. <CheatEntry>
975. <ID>13612</ID>
976. <Description>"+74"</Description>
977. <LastState Value="00000000" RealAddress="12033C04"/>
978. <ShowAsHex>1</ShowAsHex>
979. <Color>0000FF</Color>
980. <VariableType>4 Bytes</VariableType>
981. <Address>+74</Address>
982. </CheatEntry>
983. <CheatEntry>
984. <ID>13611</ID>
985. <Description>"+78"</Description>
986. <LastState Value="FFFFFFFF" RealAddress="12033C08"/>
987. <ShowAsHex>1</ShowAsHex>
988. <Color>0000FF</Color>
989. <VariableType>4 Bytes</VariableType>
990. <Address>+78</Address>
991. </CheatEntry>
992. <CheatEntry>
993. <ID>13610</ID>
994. <Description>"+7c damage"</Description>
995. <LastState Value="0" RealAddress="12033C0C"/>
996. <Color>0000FF</Color>
997. <VariableType>Float</VariableType>
998. <Address>+7c</Address>
999. </CheatEntry>
1000. <CheatEntry>
1001. <ID>13609</ID>
1002. <Description>"+80"</Description>
1003. <LastState Value="1" RealAddress="12033C10"/>
1004. <Color>0000FF</Color>
1005. <VariableType>Float</VariableType>
1006. <Address>+80</Address>
1007. </CheatEntry>
1008. <CheatEntry>
1009. <ID>13598</ID>
1010. <Description>"+84"</Description>
1011. <LastState Value="FFFFFFFF" RealAddress="12033C14"/>
1012. <ShowAsHex>1</ShowAsHex>
1013. <Color>0000FF</Color>
1014. <VariableType>4 Bytes</VariableType>
1015. <Address>+84</Address>
1016. </CheatEntry>
1017. <CheatEntry>
1018. <ID>13597</ID>
1019. <Description>"+88"</Description>
1020. <LastState Value="0" RealAddress="12033C18"/>
1021. <Color>0000FF</Color>
1022. <VariableType>4 Bytes</VariableType>
1023. <Address>+88</Address>
1024. </CheatEntry>
1025. <CheatEntry>
1026. <ID>13599</ID>
1027. <Description>"+8c"</Description>
1028. <LastState Value="1" RealAddress="12033C1C"/>
1029. <Color>0000FF</Color>
1030. <VariableType>Float</VariableType>
1031. <Address>+8c</Address>
1032. </CheatEntry>
1033. <CheatEntry>
1034. <ID>13600</ID>
1035. <Description>"+90"</Description>
1036. <LastState Value="1" RealAddress="12033C20"/>
1037. <Color>0000FF</Color>
1038. <VariableType>Float</VariableType>
1039. <Address>+90</Address>
1040. </CheatEntry>
1041. <CheatEntry>
1042. <ID>13602</ID>
1043. <Description>"+94"</Description>
1044. <LastState Value="0" RealAddress="12033C24"/>
1045. <Color>0000FF</Color>
1046. <VariableType>Float</VariableType>
1047. <Address>+94</Address>
1048. </CheatEntry>
1049. <CheatEntry>
1050. <ID>13603</ID>
1051. <Description>"+98"</Description>
1052. <LastState Value="0" RealAddress="12033C28"/>
1053. <Color>0000FF</Color>
1054. <VariableType>Float</VariableType>
1055. <Address>+98</Address>
1056. </CheatEntry>
1057. <CheatEntry>
1058. <ID>13604</ID>
1059. <Description>"+9c"</Description>
1060. <LastState Value="0" RealAddress="12033C2C"/>
1061. <Color>0000FF</Color>
1062. <VariableType>Float</VariableType>
1063. <Address>+9c</Address>
1064. </CheatEntry>
1065. <CheatEntry>
1066. <ID>13594</ID>
1067. <Description>"+a0 impact angle"</Description>
1068. <LastState Value="0.8535404205" RealAddress="12033C30"/>
1069. <Color>0000FF</Color>
1070. <VariableType>Float</VariableType>
1071. <Address>+a0</Address>
1072. </CheatEntry>
1073. <CheatEntry>
1074. <ID>13595</ID>
1075. <Description>"+a4 impact angle"</Description>
1076. <LastState Value="-0.3193790913" RealAddress="12033C34"/>
1077. <Color>0000FF</Color>
1078. <VariableType>Float</VariableType>
1079. <Address>+a4</Address>
1080. </CheatEntry>
1081. <CheatEntry>
1082. <ID>13596</ID>
1083. <Description>"+a8 impact angle"</Description>
1084. <LastState Value="0.411662221" RealAddress="12033C38"/>
1085. <Color>0000FF</Color>
1086. <VariableType>Float</VariableType>
1087. <Address>+a8</Address>
1088. </CheatEntry>
1089. <CheatEntry>
1090. <ID>13605</ID>
1091. <Description>"+ac"</Description>
1092. <LastState Value="0" RealAddress="12033C3C"/>
1093. <Color>0000FF</Color>
1094. <VariableType>Float</VariableType>
1095. <Address>+ac</Address>
1096. </CheatEntry>
1097. <CheatEntry>
1098. <ID>13601</ID>
1099. <Description>"+b0"</Description>
1100. <LastState Value="0" RealAddress="12033C40"/>
1101. <Color>0000FF</Color>
1102. <VariableType>4 Bytes</VariableType>
1103. <Address>+b0</Address>
1104. </CheatEntry>
1105. <CheatEntry>
1106. <ID>13606</ID>
1107. <Description>"+b4"</Description>
1108. <LastState Value="0" RealAddress="12033C44"/>
1109. <Color>0000FF</Color>
1110. <VariableType>4 Bytes</VariableType>
1111. <Address>+b4</Address>
1112. </CheatEntry>
1113. <CheatEntry>
1114. <ID>13607</ID>
1115. <Description>"+b8"</Description>
1116. <LastState Value="355905728" RealAddress="12033C48"/>
1117. <Color>0000FF</Color>
1118. <VariableType>4 Bytes</VariableType>
1119. <Address>+b8</Address>
1120. </CheatEntry>
1121. <CheatEntry>
1122. <ID>13608</ID>
1123. <Description>"+bc"</Description>
1124. <LastState Value="0" RealAddress="12033C4C"/>
1125. <Color>0000FF</Color>
1126. <VariableType>4 Bytes</VariableType>
1127. <Address>+bc</Address>
1128. </CheatEntry>
1129. </CheatEntries>
1130. </CheatEntry>
1131. <CheatEntry>
1132. <ID>13619</ID>
1133. <Description>"ai 2"</Description>
1134. <Options moHideChildren="1"/>
1135. <LastState Value="" RealAddress="1E349DF0"/>
1136. <Color>000080</Color>
1137. <VariableType>Array of byte</VariableType>
1138. <ByteLength>0</ByteLength>
1139. <Address>pAttackInfo2</Address>
1140. <Offsets>
1141. <Offset>0</Offset>
1142. </Offsets>
1143. <CheatEntries>
1144. <CheatEntry>
1145. <ID>13622</ID>
1146. <Description>"+60"</Description>
1147. <Options moHideChildren="1"/>
1148. <LastState Value="" RealAddress="12825EF0"/>
1149. <Color>000080</Color>
1150. <VariableType>Array of byte</VariableType>
1151. <ByteLength>0</ByteLength>
1152. <Address>+60</Address>
1153. <Offsets>
1154. <Offset>0</Offset>
1155. </Offsets>
1156. <CheatEntries>
1157. <CheatEntry>
1158. <ID>13623</ID>
1159. <Description>"+40"</Description>
1160. <LastState Value="170C6670" RealAddress="12825F30"/>
1161. <ShowAsHex>1</ShowAsHex>
1162. <Color>0000FF</Color>
1163. <VariableType>4 Bytes</VariableType>
1164. <Address>+40</Address>
1165. <CheatEntries>
1166. <CheatEntry>
1167. <ID>13624</ID>
1168. <Description>"+3a0"</Description>
1169. <LastState Value="00000000" RealAddress="128262D0"/>
1170. <ShowAsHex>1</ShowAsHex>
1171. <Color>0000FF</Color>
1172. <VariableType>4 Bytes</VariableType>
1173. <Address>+3a0</Address>
1174. </CheatEntry>
1175. <CheatEntry>
1176. <ID>13625</ID>
1177. <Description>"+690"</Description>
1178. <LastState Value="00000000" RealAddress="128265C0"/>
1179. <ShowAsHex>1</ShowAsHex>
1180. <Color>0000FF</Color>
1181. <VariableType>4 Bytes</VariableType>
1182. <Address>+690</Address>
1183. </CheatEntry>
1184. <CheatEntry>
1185. <ID>13627</ID>
1186. <Description>"+6f0"</Description>
1187. <LastState Value="00000000" RealAddress="12826620"/>
1188. <ShowAsHex>1</ShowAsHex>
1189. <Color>0000FF</Color>
1190. <VariableType>4 Bytes</VariableType>
1191. <Address>+6f0</Address>
1192. </CheatEntry>
1193. <CheatEntry>
1194. <ID>13626</ID>
1195. <Description>"+720"</Description>
1196. <LastState Value="00000000" RealAddress="12826650"/>
1197. <ShowAsHex>1</ShowAsHex>
1198. <Color>0000FF</Color>
1199. <VariableType>4 Bytes</VariableType>
1200. <Address>+720</Address>
1201. </CheatEntry>
1202. <CheatEntry>
1203. <ID>13628</ID>
1204. <Description>"+790"</Description>
1205. <LastState Value="00000000" RealAddress="128266C0"/>
1206. <ShowAsHex>1</ShowAsHex>
1207. <Color>0000FF</Color>
1208. <VariableType>4 Bytes</VariableType>
1209. <Address>+790</Address>
1210. </CheatEntry>
1211. <CheatEntry>
1212. <ID>13629</ID>
1213. <Description>"+7c0 *"</Description>
1214. <LastState Value="00000000" RealAddress="128266F0"/>
1215. <ShowAsHex>1</ShowAsHex>
1216. <Color>0000FF</Color>
1217. <VariableType>4 Bytes</VariableType>
1218. <Address>+7c0</Address>
1219. </CheatEntry>
1220. <CheatEntry>
1221. <ID>13630</ID>
1222. <Description>"+8d0"</Description>
1223. <LastState Value="00000000" RealAddress="12826800"/>
1224. <ShowAsHex>1</ShowAsHex>
1225. <Color>0000FF</Color>
1226. <VariableType>4 Bytes</VariableType>
1227. <Address>+8d0</Address>
1228. </CheatEntry>
1229. <CheatEntry>
1230. <ID>13631</ID>
1231. <Description>"+b00"</Description>
1232. <LastState Value="00000000" RealAddress="12826A30"/>
1233. <ShowAsHex>1</ShowAsHex>
1234. <Color>0000FF</Color>
1235. <VariableType>4 Bytes</VariableType>
1236. <Address>+b00</Address>
1237. </CheatEntry>
1238. <CheatEntry>
1239. <ID>13632</ID>
1240. <Description>"+b40"</Description>
1241. <LastState Value="00000000" RealAddress="12826A70"/>
1242. <ShowAsHex>1</ShowAsHex>
1243. <Color>0000FF</Color>
1244. <VariableType>4 Bytes</VariableType>
1245. <Address>+b40</Address>
1246. </CheatEntry>
1247. </CheatEntries>
1248. </CheatEntry>
1249. </CheatEntries>
1250. </CheatEntry>
1251. </CheatEntries>
1252. </CheatEntry>
1253. </CheatEntries>
1254. </CheatEntry>
1255. </CheatEntries>
1256. </CheatEntry>
1257. <CheatEntry>
1258. <ID>13694</ID>
1259. <Description>"tofu zombies"</Description>
1260. <Options moDeactivateChildrenAsWell="1"/>
1261. <LastState/>
1262. <Color>FF0000</Color>
1263. <VariableType>Auto Assembler Script</VariableType>
1264. <AssemblerScript>[ENABLE]
1265. //code from here to '[DISABLE]' will be used to enable the cheat
1266. //modified from TheyCallMeTim13's lua keylistener script
1267. //http://fearlessrevolution.com/viewtopic.php?f=4&amp;t=6041&amp;start=60#p62657
1268. {$lua}
1269. local function weaklimbskeyLuaThread(thread)
1270. while WeakLimbskeyLuaThread do
1271. addrwl = getAddress('bWeakLimbs')
1272. if addrwl then
1273. if ( isKeyPressed( readInteger('bWeakLimbsKey') ) and readBytes(addrwl) == 2 ) then
1274. writeBytes(addrwl+4, 1)
1275. else
1276. writeBytes(addrwl+4, 0)
1277. end
1278. else
1279. addrwl = getAddress('bWeakLimbs')
1280. end
1281. end
1282. thread.terminate()
1283. -- while WeakLimbskeyLuaThread do
1284. -- if ( isKeyPressed(VK_CAPITAL) ) then
1285. -- writeBytes("bWeakLimbs" ,1)
1286. -- else
1287. -- writeBytes("bWeakLimbs" ,0)
1288. -- end
1289. -- end
1290. -- thread.terminate()
1291. end
1292. ----------------------------------
1293. if syntaxcheck then return end
1294. WeakLimbskeyLuaThread = true
1295. createThread(weaklimbskeyLuaThread)
1296. {$asm}
1297.  
1298. ///*****************************************///
1299. bWeakLimbs:
1300. db 2
1301. dd 0
1302.  
1303.  
1304.  
1305.  
1306. [DISABLE]
1307. //code from here till the end of the code will be used to disable the cheat
1308. {$lua}
1309. if syntaxcheck then return end
1310. WeakLimbskeyLuaThread = false
1311. {$asm}
1312.  
1313. ///*****************************************///
1314. bWeakLimbs:
1315. dd 0
1316. dd 0
1317. </AssemblerScript>
1318. <CheatEntries>
1319. <CheatEntry>
1320. <ID>13637</ID>
1321. <Description>"method"</Description>
1322. <Options moHideChildren="1"/>
1323. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:no
1324. 2:hold key
1325. 1:always
1326. </DropDownList>
1327. <LastState Value="0" RealAddress="13FF000A0"/>
1328. <Color>008000</Color>
1329. <VariableType>Byte</VariableType>
1330. <Address>bWeakLimbs</Address>
1331. <CheatEntries>
1332. <CheatEntry>
1333. <ID>13744</ID>
1334. <Description>"+4"</Description>
1335. <Options moHideChildren="1"/>
1336. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:not pressing
1337. 1:pressing
1338. </DropDownList>
1339. <LastState Value="0" RealAddress="13FF000A4"/>
1340. <Color>008000</Color>
1341. <VariableType>Byte</VariableType>
1342. <Address>+4</Address>
1343. </CheatEntry>
1344. <CheatEntry>
1345. <ID>13634</ID>
1346. <Description>""</Description>
1347. <LastState/>
1348. <Color>FFFFFF</Color>
1349. <VariableType>Auto Assembler Script</VariableType>
1350. <AssemblerScript>[ENABLE]
1351. //code from here to '[DISABLE]' will be used to enable the cheat
1352. alloc(newmem11,2048,"re2.exe"+A9EA0BD)
1353. label(returnhere11)
1354. label(originalcode11)
1355. label(exit11)
1356.  
1357. newmem11: //this is allocated memory, you have read,write,execute access
1358. //place your code here
1359. mov r8d,3
1360. mov [rdx+10],r8d
1361.  
1362. originalcode11:
1363. mov r8d,[rdx+10]
1364. mov rbx,rcx
1365.  
1366. exit11:
1367. jmp returnhere11
1368.  
1369. ///
1370.  
1371. "re2.exe"+A9EA0BD:
1372. jmp newmem11
1373. nop
1374. nop
1375. returnhere11:
1376.  
1377.  
1378.  
1379.  
1380. [DISABLE]
1381. //code from here till the end of the code will be used to disable the cheat
1382. dealloc(newmem11)
1383. "re2.exe"+A9EA0BD:
1384. db 44 8B 42 10 48 89 CB
1385. //Alt: mov r8d,[rdx+10]
1386. //Alt: mov rbx,rcx
1387. </AssemblerScript>
1388. </CheatEntry>
1389. <CheatEntry>
1390. <ID>13635</ID>
1391. <Description>""</Description>
1392. <LastState/>
1393. <Color>FFFFFF</Color>
1394. <VariableType>Auto Assembler Script</VariableType>
1395. <AssemblerScript>[ENABLE]
1396. //code from here to '[DISABLE]' will be used to enable the cheat
1397. alloc(newmem17,2048,"re2.exe"+BE144BE)
1398. label(returnhere17)
1399. label(originalcode17)
1400. label(exit17)
1401.  
1402. newmem17: //this is allocated memory, you have read,write,execute access
1403. //place your code here
1404. xor rax,rax
1405. test r10,r10
1406. jz @f
1407. mov dword ptr [r10+8],ffffffff
1408.  
1409. originalcode17:
1410. mov r8,rax
1411. mov rdx,rdi
1412.  
1413. exit17:
1414. jmp returnhere17
1415.  
1416. ///
1417.  
1418. "re2.exe"+BE144BE:
1419. jmp newmem17
1420. nop
1421. returnhere17:
1422.  
1423.  
1424.  
1425.  
1426. [DISABLE]
1427. //code from here till the end of the code will be used to disable the cheat
1428. dealloc(newmem17)
1429. "re2.exe"+BE144BE:
1430. db 49 89 C0 48 89 FA
1431. //Alt: mov r8,rax
1432. //Alt: mov rdx,rdi
1433. </AssemblerScript>
1434. </CheatEntry>
1435. <CheatEntry>
1436. <ID>13633</ID>
1437. <Description>"+"</Description>
1438. <LastState/>
1439. <Color>FFFFFF</Color>
1440. <VariableType>Auto Assembler Script</VariableType>
1441. <AssemblerScript>[ENABLE]
1442. //code from here to '[DISABLE]' will be used to enable the cheat
1443. aobscanmodule(cJmpIfNormalAttackAOB,re2.exe,48 ** ** ** 00 0F 85 ** ** ** ** 48 ** ** 74 ** 83 ** ** 00 7E)
1444. registersymbol(cJmpIfNormalAttackAOB)
1445.  
1446. alloc(newmem6,2048,cJmpIfNormalAttackAOB+10) //"re2.exe"+6940E6)
1447. label(returnhere6)
1448. label(originalcode6_cJmpIfNormalAttackAOB)
1449. registersymbol(originalcode6_cJmpIfNormalAttackAOB)
1450. label(exit6)
1451.  
1452. newmem6: //this is allocated memory, you have read,write,execute access
1453. //place your code here
1454. mov rdi,bIsEnemy
1455. cmp byte ptr [rdi],1
1456. jne @f
1457. inc byte ptr [rdi]
1458.  
1459. mov rdi,bWeakLimbs
1460. cmp byte ptr [rdi],1
1461. jne @f
1462.  
1463. readmem(cJmpIfNormalAttackAOB+10,4)
1464. //cmp dword ptr [rax+1C],00
1465. jg @f
1466. db C7 40
1467. readmem(cJmpIfNormalAttackAOB+12,1)
1468. db 01 00 00 00
1469. //mov dword ptr [rax+1c],1
1470.  
1471. @@:
1472. readmem(cJmpIfNormalAttackAOB+10,4)
1473. reassemble(cJmpIfNormalAttackAOB+14)
1474. jmp exit6
1475.  
1476. originalcode6_cJmpIfNormalAttackAOB:
1477. readmem(cJmpIfNormalAttackAOB+10,6)
1478. //cmp dword ptr [rax+1C],00
1479. //jle re2.exe+694138
1480.  
1481. exit6:
1482. jmp returnhere6
1483.  
1484. ///
1485.  
1486. cJmpIfNormalAttackAOB+10: //"re2.exe"+6940E6:
1487. jmp newmem6
1488. nop
1489. returnhere6:
1490.  
1491.  
1492.  
1493.  
1494. [DISABLE]
1495. //code from here till the end of the code will be used to disable the cheat
1496. dealloc(newmem6)
1497. cJmpIfNormalAttackAOB+10: //"re2.exe"+6940E6:
1498. readmem(originalcode6_cJmpIfNormalAttackAOB,6)
1499. //db 83 78 1C 00 7E 4C
1500. //Alt: cmp dword ptr [rax+1C],00
1501. //Alt: jle re2.exe+694138
1502. unregistersymbol(originalcode6_cJmpIfNormalAttackAOB)
1503. </AssemblerScript>
1504. <CheatEntries>
1505. <CheatEntry>
1506. <ID>13636</ID>
1507. <Description>"++"</Description>
1508. <LastState/>
1509. <Color>FFFFFF</Color>
1510. <VariableType>Auto Assembler Script</VariableType>
1511. <AssemblerScript>[ENABLE]
1512. //code from here to '[DISABLE]' will be used to enable the cheat
1513. aobscanmodule(dsmageSpecialEffectReadAOB,re2.exe,8B ** ** ** ** 00 02 00 00 0F 8E ** ** ** ** ** 00 00 02 00)
1514. registersymbol(dsmageSpecialEffectReadAOB)
1515.  
1516. alloc(newmem12,2048,dsmageSpecialEffectReadAOB) //"re2.exe"+A3DDB96)
1517. label(returnhere12)
1518. label(originalcode12_dsmageSpecialEffectReadAOB)
1519. registersymbol(originalcode12_dsmageSpecialEffectReadAOB)
1520. label(exit12)
1521.  
1522. newmem12: //this is allocated memory, you have read,write,execute access
1523. //place your code here
1524. push rdi
1525. mov rdi,bIsEnemy
1526. cmp byte ptr [rdi],2
1527. jne @f
1528. xor eax,eax
1529. mov [rdi],eax
1530.  
1531. mov rdi,bWeakLimbs
1532. cmp byte ptr [rdi],1
1533. jne @f
1534.  
1535. mov eax,40
1536. db 89
1537. readmem(dsmageSpecialEffectReadAOB+1,3)
1538. //mov [rbx+rsi*4+20],eax
1539.  
1540. @@:
1541. pop rdi
1542.  
1543. originalcode12_dsmageSpecialEffectReadAOB:
1544. readmem(dsmageSpecialEffectReadAOB,9)
1545. //mov eax,[rbx+rsi*4+20]
1546. //cmp eax,00000200
1547.  
1548. exit12:
1549. jmp returnhere12
1550.  
1551. ///
1552.  
1553. dsmageSpecialEffectReadAOB: //"re2.exe"+A3DDB96:
1554. jmp newmem12
1555. nop
1556. nop
1557. nop
1558. nop
1559. returnhere12:
1560.  
1561.  
1562.  
1563.  
1564. [DISABLE]
1565. //code from here till the end of the code will be used to disable the cheat
1566. dealloc(newmem12)
1567. dsmageSpecialEffectReadAOB: //"re2.exe"+A3DDB96:
1568. readmem(originalcode12_dsmageSpecialEffectReadAOB,9)
1569. //db 8B 44 B3 20 3D 00 02 00 00
1570. //Alt: mov eax,[rbx+rsi*4+20]
1571. //Alt: cmp eax,00000200
1572. unregistersymbol(originalcode12_dsmageSpecialEffectReadAOB)
1573. </AssemblerScript>
1574. </CheatEntry>
1575. </CheatEntries>
1576. </CheatEntry>
1577. </CheatEntries>
1578. </CheatEntry>
1579. <CheatEntry>
1580. <ID>13746</ID>
1581. <Description>"mod key"</Description>
1582. <Options moHideChildren="1"/>
1583. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
1584. 11:CTRL key
1585. 12:ALT key
1586. 14:CAPS LOCK key
1587. 04:Middle Mouse Button
1588. 05:X1 Mouse Button
1589. 06:X2 Moust Button
1590. </DropDownList>
1591. <LastState Value="14" RealAddress="13FF0009C"/>
1592. <ShowAsHex>1</ShowAsHex>
1593. <Color>008000</Color>
1594. <VariableType>Byte</VariableType>
1595. <Address>bWeakLimbsKey</Address>
1596. <CheatEntries>
1597. <CheatEntry>
1598. <ID>13747</ID>
1599. <Description>"ignore if method is set to always"</Description>
1600. <LastState Value="" RealAddress="00000000"/>
1601. <Color>808080</Color>
1602. <GroupHeader>1</GroupHeader>
1603. </CheatEntry>
1604. </CheatEntries>
1605. </CheatEntry>
1606. </CheatEntries>
1607. </CheatEntry>
1608. </CheatEntries>
1609. </CheatEntry>
1610. <CheatEntry>
1611. <ID>13001</ID>
1612. <Description>"no reload"</Description>
1613. <LastState/>
1614. <Color>FF0000</Color>
1615. <VariableType>Auto Assembler Script</VariableType>
1616. <AssemblerScript>[ENABLE]
1617. //code from here to '[DISABLE]' will be used to enable the cheat
1618. //ammo clip read on fire 1
1619. aobscanmodule(ammoClipReadOnFire1AOB,re2.exe,74 0C 48 ** ** ** 48 ** ** 74 03 8B ** ** 48 ** ** 48 ** ** E8)
1620. registersymbol(ammoClipReadOnFire1AOB)
1621.  
1622. alloc(newmem,2048,ammoClipReadOnFire1AOB+e) //"re2.exe"+BFBB04E)
1623. label(returnhere)
1624. label(originalcode_ammoClipReadOnFire1AOB)
1625. registersymbol(originalcode_ammoClipReadOnFire1AOB)
1626. label(exit)
1627.  
1628. newmem: //this is allocated memory, you have read,write,execute access
1629. //place your code here
1630. mov rdx,pAmmo
1631. cmp [rdx],rcx
1632. jne @f
1633. cmp byte ptr [rdx+8],1
1634. jne @f
1635. inc byte ptr [rdx+8]
1636. test esi,esi
1637. jg @f
1638. mov esi,1
1639. //mov [rcx+20],esi
1640.  
1641. originalcode_ammoClipReadOnFire1AOB:
1642. readmem(ammoClipReadOnFire1AOB+e,6)
1643. //mov rdx,rdi
1644. //mov rcx,rbx
1645.  
1646. exit:
1647. jmp returnhere
1648.  
1649. ///
1650.  
1651. ammoClipReadOnFire1AOB+e: //"re2.exe"+BFBB04E:
1652. jmp newmem
1653. nop
1654. returnhere:
1655.  
1656. ///****************************************///
1657. //ammo clip const read 1 (chk zero), accessed twice after "ammo clip read on fire 1"
1658. aobscanmodule(ammoClipZeroCChkAOB,re2.exe,74 0C 48 ** ** ** 48 ** ** 74 03 8B ** ** 85 DB 48)
1659. registersymbol(ammoClipZeroCChkAOB)
1660.  
1661. alloc(newmem2,2048,ammoClipZeroCChkAOB+e) //"re2.exe"+B8BE2C8)
1662. label(returnhere2)
1663. label(originalcode2_ammoClipZeroCChkAOB)
1664. registersymbol(originalcode2_ammoClipZeroCChkAOB)
1665. label(exit2)
1666.  
1667. newmem2: //this is allocated memory, you have read,write,execute access
1668. //place your code here
1669. mov rsi,pAmmo
1670. cmp [rsi],rcx
1671. jne end2
1672. cmp byte ptr [rsi+8],2
1673. je @f
1674. cmp byte ptr [rsi+8],3
1675. je @f
1676. jmp end2
1677.  
1678. @@:
1679. inc byte ptr [rsi+8]
1680. test ebx,ebx
1681. jg @f
1682. mov ebx,1
1683.  
1684. end2:
1685.  
1686. originalcode2_ammoClipZeroCChkAOB:
1687. readmem(ammoClipZeroCChkAOB+e,7)
1688. //test ebx,ebx
1689. //mov rbx,[rsp+30]
1690.  
1691. exit2:
1692. jmp returnhere2
1693.  
1694. ///
1695.  
1696. ammoClipZeroCChkAOB+e: //"re2.exe"+B8BE2C8:
1697. jmp newmem2
1698. nop
1699. nop
1700. returnhere2:
1701.  
1702. ///****************************************///
1703.  
1704.  
1705.  
1706.  
1707. [DISABLE]
1708. //code from here till the end of the code will be used to disable the cheat
1709. dealloc(newmem)
1710. ammoClipReadOnFire1AOB+e: //"re2.exe"+BFBB04E:
1711. readmem(originalcode_ammoClipReadOnFire1AOB,6)
1712. //db 48 89 FA 48 89 D9
1713. //Alt: mov rdx,rdi
1714. //Alt: mov rcx,rbx
1715. unregistersymbol(originalcode_ammoClipReadOnFire1AOB)
1716.  
1717. ///****************************************///
1718. dealloc(newmem2)
1719. ammoClipZeroCChkAOB+e: //"re2.exe"+B8BE2C8:
1720. readmem(originalcode2_ammoClipZeroCChkAOB,7)
1721. //db 85 DB 48 8B 5C 24 30
1722. //Alt: test ebx,ebx
1723. //Alt: mov rbx,[rsp+30]
1724. unregistersymbol(originalcode2_ammoClipZeroCChkAOB)
1725.  
1726. ///****************************************///
1727. </AssemblerScript>
1728. </CheatEntry>
1729. <CheatEntry>
1730. <ID>13004</ID>
1731. <Description>"ignore ammo pouch .4"</Description>
1732. <LastState Activated="1"/>
1733. <Color>FF0000</Color>
1734. <VariableType>Auto Assembler Script</VariableType>
1735. <AssemblerScript>[ENABLE]
1736. //code from here to '[DISABLE]' will be used to enable the cheat
1737. //have ammo pouch to reload flag fetchED, const
1738. aobscanmodule(ammoPouchReadCallerForReloadFlagFetchCAOB,re2.exe,74 0D 48 ** ** ** 48 ** ** 74 04 44 ** ** ** 45 ** ** 48 ** ** 48 ** ** E8 ** ** ** ** 0F B6 C8 48 ** ** ** 48 ** ** ** 00)
1739. registersymbol(ammoPouchReadCallerForReloadFlagFetchCAOB)
1740.  
1741. alloc(newmem,2048,ammoPouchReadCallerForReloadFlagFetchCAOB+1d) //"re2.exe"+C30F42D)
1742. label(returnhere)
1743. label(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
1744. registersymbol(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
1745. label(exit)
1746.  
1747. newmem: //this is allocated memory, you have read,write,execute access
1748. //place your code here
1749. mov al,1
1750.  
1751. originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB:
1752. readmem(ammoPouchReadCallerForReloadFlagFetchCAOB+1d,7)
1753. //movzx ecx,al
1754. //mov rax,[rbx+50]
1755.  
1756. exit:
1757. jmp returnhere
1758.  
1759. ///
1760.  
1761. ammoPouchReadCallerForReloadFlagFetchCAOB+1d: //"re2.exe"+C30F42D:
1762. jmp newmem
1763. nop
1764. nop
1765. returnhere:
1766.  
1767. ///**************************************///
1768. //cjmp1 to skip ammo/ammopouch chk on ammo/ammopouch cal after reload, before 1st ammopouch read after reload
1769. aobscanmodule(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB,re2.exe,F2 ** ** ** ** ** 0F 11 ** ** ** E8 ** ** ** ** 0F B6 D0 48 ** ** ** 48 ** ** ** 48 ** ** 0F 85 ** ** ** ** 49 BC FF FF FF FF FF FF FF 7F 85 ** 0F 84)
1770. registersymbol(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
1771.  
1772. alloc(newmem2,2048,haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24) //"re2.exe"+C30FC4B)
1773. label(returnhere2)
1774. label(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
1775. registersymbol(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
1776. label(exit2)
1777.  
1778. newmem2: //this is allocated memory, you have read,write,execute access
1779. //place your code here
1780. push rbx
1781. mov rbx,pAmmo
1782. mov byte ptr [rbx+c],1
1783. test edx,edx
1784. jnz @f
1785. mov edx,1
1786. //inc byte ptr [rbx+c]
1787. @@:
1788. pop rbx
1789.  
1790. originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB:
1791. readmem(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24,10)
1792. //mov r12,7FFFFFFFFFFFFFFF
1793.  
1794. exit2:
1795. jmp returnhere2
1796.  
1797. ///
1798.  
1799. haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24: //"re2.exe"+C30FC4B:
1800. jmp newmem2
1801. nop
1802. nop
1803. nop
1804. nop
1805. nop
1806. returnhere2:
1807.  
1808. ///**************************************///
1809. aobscanmodule(itemIDsReadForAltAmmoPresenceAOB,re2.exe,8B ** ** EB 02 31 C0 48 ** ** 75 ** 41 ** ** 18 0F 94 D0)
1810. registersymbol(itemIDsReadForAltAmmoPresenceAOB)
1811.  
1812. itemIDsReadForAltAmmoPresenceAOB+10: //"re2.exe"+B9F3E92:
1813. db 90 B0 01
1814.  
1815. ///**************************************///
1816. aobscanmodule(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,re2.exe,48 ** ** ** 75 ** 48 ** ** 74 ** 39 ** ** 0F 84)
1817. registersymbol(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB)
1818.  
1819. alloc(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,8,re2.exe)
1820. registersymbol(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB)
1821.  
1822. originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB:
1823. readmem(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e,6)
1824.  
1825. ///
1826.  
1827. cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e: //"re2.exe"+C311C6D:
1828. db 90 90 90 90 90 90
1829.  
1830. ///**************************************///
1831.  
1832.  
1833.  
1834.  
1835. [DISABLE]
1836. //code from here till the end of the code will be used to disable the cheat
1837. dealloc(newmem)
1838. ammoPouchReadCallerForReloadFlagFetchCAOB+1d: //"re2.exe"+C30F42D:
1839. readmem(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB,7)
1840. //db 0F B6 C8 48 8B 43 50
1841. //Alt: movzx ecx,al
1842. //Alt: mov rax,[rbx+50]
1843. unregistersymbol(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
1844.  
1845. ///**************************************///
1846. dealloc(newmem2)
1847. haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24: //"re2.exe"+C30FC4B:
1848. readmem(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB,10)
1849. //db 49 BC FF FF FF FF FF FF FF 7F
1850. //Alt: mov r12,7FFFFFFFFFFFFFFF
1851. unregistersymbol(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
1852.  
1853. ///**************************************///
1854. itemIDsReadForAltAmmoPresenceAOB+10: //"re2.exe"+B9F3E92:
1855. db 0F 94 D0
1856. //Alt: sete al
1857.  
1858. ///**************************************///
1859. cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e: //"re2.exe"+C311C6D:
1860. readmem(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,6)
1861. //db 0F 84 09 02 00 00
1862. //Alt: je re2.exe+C311E7C
1863.  
1864. ///**************************************///
1865. </AssemblerScript>
1866. </CheatEntry>
1867. <CheatEntry>
1868. <ID>13030</ID>
1869. <Description>"inf. sub-weapons"</Description>
1870. <LastState Activated="1"/>
1871. <Color>FF0000</Color>
1872. <VariableType>Auto Assembler Script</VariableType>
1873. <AssemblerScript>[ENABLE]
1874. //code from here to '[DISABLE]' will be used to enable the cheat
1875. aobscanmodule(subWeaponsDurationQuantityCalOnUseCounterAOB,re2.exe,0F 84 ** ** ** ** 48 ** ** ** 48 ** ** 0F 84 ** ** ** ** 8B ** ** E9)
1876. registersymbol(subWeaponsDurationQuantityCalOnUseCounterAOB)
1877.  
1878. alloc(newmem,2048,subWeaponsDurationQuantityCalOnUseCounterAOB+13) //"re2.exe"+B8C3A02)
1879. label(returnhere)
1880. label(originalcode_subWeaponsDurationQuantityCalOnUseCounterAOB)
1881. registersymbol(originalcode_subWeaponsDurationQuantityCalOnUseCounterAOB)
1882. label(exit)
1883.  
1884. newmem: //this is allocated memory, you have read,write,execute access
1885. //place your code here
1886. cmp dword ptr [rcx+14],2e //knife
1887. jne @f
1888. db 01 79
1889. readmem(subWeaponsDurationQuantityCalOnUseCounterAOB+15,1)
1890. //add [rcx+20],edi
1891. jmp fakeoriginalcode
1892.  
1893. @@:
1894. cmp dword ptr [rcx+14],42 //flash grenade
1895. jne @f
1896. cmp [rcx+20],edi
1897. jg fakeoriginalcode
1898. mov [rcx+20],edi
1899. inc dword ptr [rcx+20]
1900.  
1901. @@:
1902. cmp dword ptr [rcx+14],41 //hand grenade
1903. jne @f
1904. cmp [rcx+20],edi
1905. jg fakeoriginalcode
1906. mov [rcx+20],edi
1907. inc dword ptr [rcx+20]
1908.  
1909. @@:
1910.  
1911. fakeoriginalcode:
1912. readmem(subWeaponsDurationQuantityCalOnUseCounterAOB+13,3)
1913. //mov ebx,[rcx+20]
1914. reassemble(subWeaponsDurationQuantityCalOnUseCounterAOB+16)
1915. //jmp re2.exe+B8C3947
1916.  
1917. originalcode_subWeaponsDurationQuantityCalOnUseCounterAOB:
1918. readmem(subWeaponsDurationQuantityCalOnUseCounterAOB+13,8)
1919. //mov ebx,[rcx+20]
1920. //jmp re2.exe+B8C3947
1921.  
1922. exit:
1923. jmp returnhere
1924.  
1925. ///
1926.  
1927. subWeaponsDurationQuantityCalOnUseCounterAOB+13: //"re2.exe"+B8C3A02:
1928. jmp newmem
1929. nop
1930. nop
1931. nop
1932. returnhere:
1933.  
1934.  
1935.  
1936.  
1937. [DISABLE]
1938. //code from here till the end of the code will be used to disable the cheat
1939. dealloc(newmem)
1940. subWeaponsDurationQuantityCalOnUseCounterAOB+13: //"re2.exe"+B8C3A02:
1941. readmem(originalcode_subWeaponsDurationQuantityCalOnUseCounterAOB,8)
1942. //db 8B 59 20 E9 3D FF FF FF
1943. //Alt: mov ebx,[rcx+20]
1944. //Alt: jmp re2.exe+B8C3947
1945. unregistersymbol(originalcode_subWeaponsDurationQuantityCalOnUseCounterAOB)
1946. </AssemblerScript>
1947. </CheatEntry>
1948. <CheatEntry>
1949. <ID>13013</ID>
1950. <Description>"universal item key"</Description>
1951. <Options moHideChildren="1"/>
1952. <LastState/>
1953. <Color>FF0000</Color>
1954. <VariableType>Auto Assembler Script</VariableType>
1955. <AssemblerScript>[ENABLE]
1956. //code from here to '[DISABLE]' will be used to enable the cheat
1957. define(universalitemkeyiddefault,14)
1958.  
1959. aobscanmodule(itemIDChkOnWObjectInteractViaInvClickAOB,re2.exe,EB 02 89 ** 39 ** ** 74 ** 48)
1960. registersymbol(itemIDChkOnWObjectInteractViaInvClickAOB)
1961.  
1962. label(bUniversalItemKeyID)
1963. registersymbol(bUniversalItemKeyID)
1964. label(bUniversalItemKeyPressed)
1965. registersymbol(bUniversalItemKeyPressed)
1966.  
1967. alloc(newmem,2048,itemIDChkOnWObjectInteractViaInvClickAOB+4) //"re2.exe"+E9A08EF)
1968. label(returnhere)
1969. label(originalcode_itemIDChkOnWObjectInteractViaInvClickAOB)
1970. registersymbol(originalcode_itemIDChkOnWObjectInteractViaInvClickAOB)
1971. label(exit)
1972.  
1973. newmem: //this is allocated memory, you have read,write,execute access
1974. //place your code here
1975. push rcx
1976. mov rcx,bUniversalItemKeyPressed
1977. cmp byte ptr [rcx],1
1978. pop rcx
1979. je @f
1980.  
1981. readmem(itemIDChkOnWObjectInteractViaInvClickAOB+4,3)
1982. //cmp [rax+10],edx
1983. @@:
1984. reassemble(itemIDChkOnWObjectInteractViaInvClickAOB+7)
1985. //je re2.exe+E9A0927
1986. jmp exit
1987.  
1988. originalcode_itemIDChkOnWObjectInteractViaInvClickAOB:
1989. readmem(itemIDChkOnWObjectInteractViaInvClickAOB+4,5)
1990. //cmp [rax+10],edx
1991. //je re2.exe+E9A0927
1992.  
1993. exit:
1994. jmp returnhere
1995.  
1996. ///
1997. bUniversalItemKeyID:
1998. dd universalitemkeyiddefault
1999. bUniversalItemKeyPressed:
2000. dd 0
2001. ///
2002.  
2003. itemIDChkOnWObjectInteractViaInvClickAOB+4: //"re2.exe"+E9A08EF:
2004. jmp newmem
2005. returnhere:
2006.  
2007. ///*****************************************///
2008. //item id chk on use with world object interact
2009. aobscanmodule(itemIDChkOnWObjectInteractViaInvUseAOB,re2.exe,74 0E 48 ** ** ** 48 ** ** 74 05 8B ** ** EB 02 89 ** 39 ** ** 74 ** 48)
2010. registersymbol(itemIDChkOnWObjectInteractViaInvUseAOB)
2011.  
2012. alloc(newmem2,2048,itemIDChkOnWObjectInteractViaInvUseAOB+12) //"re2.exe"+E9A0D77)
2013. label(returnhere2)
2014. label(originalcode2_itemIDChkOnWObjectInteractViaInvUseAOB)
2015. registersymbol(originalcode2_itemIDChkOnWObjectInteractViaInvUseAOB)
2016. label(exit2)
2017.  
2018. newmem2: //this is allocated memory, you have read,write,execute access
2019. //place your code here
2020. push rbx
2021. mov rbx,bUniversalItemKeyPressed
2022. cmp byte ptr [rbx],1
2023. pop rbx
2024. je @f
2025.  
2026. readmem(itemIDChkOnWObjectInteractViaInvUseAOB+12,3)
2027. //cmp [rax+10],ecx
2028. @@:
2029. reassemble(itemIDChkOnWObjectInteractViaInvUseAOB+15)
2030. //je re2.exe+E9A0DB1
2031. jmp exit2
2032.  
2033. originalcode2_itemIDChkOnWObjectInteractViaInvUseAOB:
2034. readmem(itemIDChkOnWObjectInteractViaInvUseAOB+12,5)
2035. //cmp [rax+10],ecx
2036. //je re2.exe+E9A0DB1
2037.  
2038. exit2:
2039. jmp returnhere2
2040.  
2041. ///
2042.  
2043. itemIDChkOnWObjectInteractViaInvUseAOB+12: //"re2.exe"+E9A0D77:
2044. jmp newmem2
2045. returnhere2:
2046.  
2047. ///*****************************************///
2048. //modified from TheyCallMeTim13's lua keylistener script
2049. //http://fearlessrevolution.com/viewtopic.php?f=4&amp;t=6041&amp;start=60#p62657
2050. {$lua}
2051. local function universalitemkeyLuaThread(thread)
2052. local addr = getAddressSafe('bUniversalItemKeyPressed')
2053. while UniversalItemkeyLuaThread do
2054. if addr then
2055. if ( isKeyPressed( readInteger('bUniversalItemKeyID') ) ) then
2056. writeBytes(addr, 1)
2057. else
2058. writeBytes(addr, 0)
2059. end
2060. else
2061. addr = getAddressSafe('bUniversalItemKeyPressed')
2062. end
2063. end
2064. thread.terminate()
2065. -- while UniversalItemkeyLuaThread do
2066. -- if ( isKeyPressed(VK_CAPITAL) ) then
2067. -- writeBytes("bUniversalItemKeyPressed" ,1)
2068. -- else
2069. -- writeBytes("bUniversalItemKeyPressed" ,0)
2070. -- end
2071. -- end
2072. -- thread.terminate()
2073. end
2074. ----------------------------------
2075. if syntaxcheck then return end
2076. UniversalItemkeyLuaThread = true
2077. createThread(universalitemkeyLuaThread)
2078. {$asm}
2079.  
2080. ///*****************************************///
2081.  
2082.  
2083.  
2084.  
2085.  
2086. [DISABLE]
2087. //code from here till the end of the code will be used to disable the cheat
2088. {$lua}
2089. if syntaxcheck then return end
2090. UniversalItemkeyLuaThread = false
2091. {$asm}
2092.  
2093. ///*****************************************///
2094. dealloc(newmem)
2095. itemIDChkOnWObjectInteractViaInvClickAOB+4: //"re2.exe"+E9A08EF:
2096. readmem(originalcode_itemIDChkOnWObjectInteractViaInvClickAOB,5)
2097. //db 39 50 10 74 33
2098. //Alt: cmp [rax+10],edx
2099. //Alt: je re2.exe+E9A0927
2100. unregistersymbol(originalcode_itemIDChkOnWObjectInteractViaInvClickAOB)
2101.  
2102. unregistersymbol(bUniversalItemKeyID)
2103. unregistersymbol(bUniversalItemKeyPressed)
2104.  
2105. ///*****************************************///
2106. dealloc(newmem2)
2107. itemIDChkOnWObjectInteractViaInvUseAOB+12: //"re2.exe"+E9A0D77:
2108. readmem(originalcode2_itemIDChkOnWObjectInteractViaInvUseAOB,5)
2109. //db 39 48 10 74 35
2110. //Alt: cmp [rax+10],ecx
2111. //Alt: je re2.exe+E9A0DB1
2112. unregistersymbol(originalcode2_itemIDChkOnWObjectInteractViaInvUseAOB)
2113.  
2114. ///*****************************************///
2115. </AssemblerScript>
2116. <CheatEntries>
2117. <CheatEntry>
2118. <ID>13019</ID>
2119. <Description>"key"</Description>
2120. <Options moHideChildren="1"/>
2121. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
2122. 11:CTRL key
2123. 12:ALT key
2124. 14:CAPS LOCK key
2125. 04:Middle Mouse Button
2126. 05:X1 Mouse Button
2127. 06:X2 Moust Button
2128. </DropDownList>
2129. <ShowAsHex>1</ShowAsHex>
2130. <Color>008000</Color>
2131. <VariableType>Byte</VariableType>
2132. <Address>bUniversalItemKeyID</Address>
2133. <CheatEntries>
2134. <CheatEntry>
2135. <ID>13020</ID>
2136. <Description>""</Description>
2137. <Color>008000</Color>
2138. <VariableType>Byte</VariableType>
2139. <Address>+4</Address>
2140. <CheatEntries>
2141. <CheatEntry>
2142. <ID>13021</ID>
2143. <Description>""</Description>
2144. <Color>008000</Color>
2145. <VariableType>Float</VariableType>
2146. <Address>+4</Address>
2147. </CheatEntry>
2148. </CheatEntries>
2149. </CheatEntry>
2150. </CheatEntries>
2151. </CheatEntry>
2152. </CheatEntries>
2153. </CheatEntry>
2154. <CheatEntry>
2155. <ID>13005</ID>
2156. <Description>"slow walk key"</Description>
2157. <Options moHideChildren="1"/>
2158. <LastState/>
2159. <Color>FF0000</Color>
2160. <VariableType>Auto Assembler Script</VariableType>
2161. <AssemblerScript>[ENABLE]
2162. //code from here to '[DISABLE]' will be used to enable the cheat
2163. //move float read, 0&lt;&gt;1, r8==b
2164. define(walkkeyiddefault,14)
2165.  
2166. aobscanmodule(someFloatRead1AOB,re2.exe,E8 ** ** ** ** 48 ** ** ** 5B C3 0F 57 C0 48 ** ** ** 5B C3 F3 ** ** ** ** 48 ** ** ** 5B C3)
2167. registersymbol(someFloatRead1AOB)
2168.  
2169. label(bWalkKeyID)
2170. registersymbol(bWalkKeyID)
2171. label(bWalkKeyPressed)
2172. registersymbol(bWalkKeyPressed)
2173.  
2174. alloc(newmem,2048,someFloatRead1AOB+14) //"re2.exe"+F58320D)
2175. label(returnhere)
2176. label(originalcode_someFloatRead1AOB)
2177. registersymbol(originalcode_someFloatRead1AOB)
2178. label(exit)
2179.  
2180. newmem: //this is allocated memory, you have read,write,execute access
2181. //place your code here
2182. cmp r8,b
2183. jne @f
2184.  
2185. mov rbx,bWalkKeyPressed
2186. cmp byte ptr [rbx],1
2187. jne @f
2188.  
2189. mov rbx,dCustMoveSpeed
2190. movss xmm0,[rbx]
2191. jmp exit
2192.  
2193. originalcode_someFloatRead1AOB:
2194. readmem(someFloatRead1AOB+14,5)
2195. //movss xmm0,[rcx+10]
2196.  
2197. exit:
2198. jmp returnhere
2199.  
2200. ///
2201. bWalkKeyID:
2202. dd walkkeyiddefault
2203. bWalkKeyPressed:
2204. dd 0
2205. dCustMoveSpeed:
2206. dd (float)0.75
2207. ///
2208.  
2209. someFloatRead1AOB+14: //"re2.exe"+F58320D:
2210. jmp newmem
2211. returnhere:
2212.  
2213. ///*****************************************///
2214. //modified from TheyCallMeTim13's lua keylistener script
2215. //http://fearlessrevolution.com/viewtopic.php?f=4&amp;t=6041&amp;start=60#p62657
2216. {$lua}
2217. local function walkkeyLuaThread(thread2)
2218. local addr2 = getAddressSafe('bWalkKeyPressed')
2219. while RunWalkkeyLuaThread do
2220. if addr2 then
2221. if ( isKeyPressed( readInteger('bWalkKeyID') ) ) then
2222. writeBytes(addr2, 1)
2223. else
2224. writeBytes(addr2, 0)
2225. end
2226. else
2227. addr2 = getAddressSafe('bWalkKeyPressed')
2228. end
2229. end
2230. thread2.terminate()
2231. -- while RunWalkkeyLuaThread do
2232. -- if ( isKeyPressed(VK_CAPITAL) ) then
2233. -- writeBytes("bWalkKeyPressed" ,1)
2234. -- else
2235. -- writeBytes("bWalkKeyPressed" ,0)
2236. -- end
2237. -- end
2238. -- thread2.terminate()
2239. end
2240. ----------------------------------
2241. if syntaxcheck then return end
2242. RunWalkkeyLuaThread = true
2243. createThread(walkkeyLuaThread)
2244. {$asm}
2245.  
2246. ///*****************************************///
2247.  
2248.  
2249.  
2250.  
2251. [DISABLE]
2252. //code from here till the end of the code will be used to disable the cheat
2253. {$lua}
2254. if syntaxcheck then return end
2255. RunWalkkeyLuaThread = false
2256. {$asm}
2257.  
2258. ///*****************************************///
2259. dealloc(newmem)
2260. someFloatRead1AOB+14: //"re2.exe"+F58320D:
2261. readmem(originalcode_someFloatRead1AOB,5)
2262. //db F3 0F 10 41 10
2263. //Alt: movss xmm0,[rcx+10]
2264. unregistersymbol(originalcode_someFloatRead1AOB)
2265. </AssemblerScript>
2266. <CheatEntries>
2267. <CheatEntry>
2268. <ID>13006</ID>
2269. <Description>"key"</Description>
2270. <Options moHideChildren="1"/>
2271. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
2272. 11:CTRL key
2273. 12:ALT key
2274. 14:CAPS LOCK key
2275. 04:Middle Mouse Button
2276. 05:X1 Mouse Button
2277. 06:X2 Moust Button
2278. </DropDownList>
2279. <ShowAsHex>1</ShowAsHex>
2280. <Color>008000</Color>
2281. <VariableType>Byte</VariableType>
2282. <Address>bWalkKeyID</Address>
2283. <CheatEntries>
2284. <CheatEntry>
2285. <ID>13007</ID>
2286. <Description>""</Description>
2287. <Color>008000</Color>
2288. <VariableType>Byte</VariableType>
2289. <Address>+4</Address>
2290. <CheatEntries>
2291. <CheatEntry>
2292. <ID>13008</ID>
2293. <Description>""</Description>
2294. <Color>008000</Color>
2295. <VariableType>Float</VariableType>
2296. <Address>+4</Address>
2297. </CheatEntry>
2298. </CheatEntries>
2299. </CheatEntry>
2300. </CheatEntries>
2301. </CheatEntry>
2302. </CheatEntries>
2303. </CheatEntry>
2304. <CheatEntry>
2305. <ID>13037</ID>
2306. <Description>"slow motion .2"</Description>
2307. <Options moHideChildren="1"/>
2308. <LastState Activated="1"/>
2309. <Color>FF0000</Color>
2310. <VariableType>Auto Assembler Script</VariableType>
2311. <AssemblerScript>[ENABLE]
2312. //code from here to '[DISABLE]' will be used to enable the cheat
2313. alloc(slowmokeys,1024,re2.exe)
2314.  
2315. label(dSlowMoKey1)
2316. registersymbol(dSlowMoKey1)
2317. label(dSlowMoKey2)
2318. registersymbol(dSlowMoKey2)
2319. label(dCustSpeedhackSpeed)
2320. registersymbol(dCustSpeedhackSpeed)
2321.  
2322. ///
2323. slowmokeys:
2324. dSlowMoKey1:
2325. dd 05
2326. dSlowMoKey2:
2327. dd 02
2328. dCustSpeedhackSpeed:
2329. dd (float)0.15
2330. ///
2331.  
2332.  
2333. {$lua}
2334.  
2335. lastSpeed=speedhack_getSpeed();
2336. local myToggle=0;
2337. bSpeedKeyReleased=1;
2338. local function slowmokeyLuaThread(thread3)
2339.  
2340. local addr = getAddressSafe('dCustSpeedhackSpeed')
2341. -- local addrga = readPointer(getAddress('pSomeGameStatus'))
2342. while SlowMokeyLuaThread do
2343. local myTable = getXBox360ControllerState()
2344. addrga = readPointer(getAddress('pSomeGameStatus'))
2345. -- addrga = getAddress('pSomeGameStatus')
2346. if (addr and (addrga ~= 0))then
2347. if (myTable == nil) then
2348. if ( ((isKeyPressed(readInteger('dSlowMoKey1'))) and (isKeyPressed(readInteger('dSlowMoKey2')))) and not( readBytes(addrga+0x51)==1 or readBytes(addrga+0x53)==1) ) then
2349. if ( bSpeedKeyReleased == 1) then
2350. if (myToggle == 0) then
2351. myToggle=1
2352. else
2353. myToggle = 0
2354. end
2355. end
2356.  
2357. else
2358.  
2359. if bSpeedKeyReleased == 0 then
2360. bSpeedKeyReleased=1
2361. end
2362.  
2363. end
2364.  
2365. if myToggle == 1 then
2366. if speedhack_getSpeed() ~= readFloat("dCustSpeedhackSpeed") then
2367. -- print("pressing: ", lastSpeed)
2368. lastSpeed=speedhack_getSpeed()
2369. speedhack_setSpeed(readFloat("dCustSpeedhackSpeed"))
2370. end
2371. else
2372. -- print(lastSpeed)
2373. if speedhack_getSpeed() ~= lastSpeed then
2374. speedhack_setSpeed(lastSpeed)
2375. end
2376. end
2377. else
2378. if ( ((myTable.GAMEPAD_RIGHT_SHOULDER) or ((isKeyPressed(readInteger('dSlowMoKey1'))) and (isKeyPressed(readInteger('dSlowMoKey2'))))) and not( readBytes(addrga+0x51)==1 or readBytes(addrga+0x53)==1) ) then
2379.  
2380. if ( bSpeedKeyReleased == 1) then
2381. if (myToggle == 0) then
2382. myToggle=1
2383. else
2384. myToggle = 0
2385. end
2386. end
2387.  
2388. else
2389.  
2390. if bSpeedKeyReleased == 0 then
2391. bSpeedKeyReleased=1
2392. end
2393.  
2394. end
2395.  
2396. if myToggle == 1 then
2397. if speedhack_getSpeed() ~= readFloat("dCustSpeedhackSpeed") then
2398. -- print("pressing: ", lastSpeed)
2399. lastSpeed=speedhack_getSpeed()
2400. speedhack_setSpeed(readFloat("dCustSpeedhackSpeed"))
2401. end
2402. else
2403. -- print(lastSpeed)
2404. if speedhack_getSpeed() ~= lastSpeed then
2405. speedhack_setSpeed(lastSpeed)
2406. end
2407. end
2408. end
2409.  
2410. else
2411. addr = getAddressSafe('dCustSpeedhackSpeed')
2412. -- addrga = readPointer(getAddress('pSomeGameStatus'))
2413. end
2414.  
2415. end
2416. thread3.terminate()
2417. end
2418. ----------------------------------
2419. if syntaxcheck then return end
2420. SlowMokeyLuaThread = true
2421. createThread(slowmokeyLuaThread)
2422. {$asm}
2423.  
2424.  
2425. [DISABLE]
2426. //code from here till the end of the code will be used to disable the cheat
2427. {$lua}
2428. if syntaxcheck then return end
2429. SlowMokeyLuaThread = false
2430. {$asm}
2431.  
2432. ///*****************************************///
2433. dealloc(newmem)
2434. unregistersymbol(dSlowMoKey1)
2435. unregistersymbol(dSlowMoKey2)
2436. unregistersymbol(dCustSpeedhackSpeed)
2437. </AssemblerScript>
2438. <CheatEntries>
2439. <CheatEntry>
2440. <ID>13038</ID>
2441. <Description>"key 1"</Description>
2442. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
2443. 11:CTRL key
2444. 12:ALT key
2445. 14:CAPS LOCK key
2446. 02:Right Mouse Button
2447. 04:Middle Mouse Button
2448. 05:X1 Mouse Button
2449. 06:X2 Moust Button
2450. </DropDownList>
2451. <LastState Value="10" Activated="1" RealAddress="13FF40000"/>
2452. <ShowAsHex>1</ShowAsHex>
2453. <Color>008000</Color>
2454. <VariableType>Byte</VariableType>
2455. <Address>dSlowMoKey1</Address>
2456. </CheatEntry>
2457. <CheatEntry>
2458. <ID>13039</ID>
2459. <Description>"key 2"</Description>
2460. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
2461. 11:CTRL key
2462. 12:ALT key
2463. 14:CAPS LOCK key
2464. 02:Right Mouse Button
2465. 04:Middle Mouse Button
2466. 05:X1 Mouse Button
2467. 06:X2 Moust Button
2468. </DropDownList>
2469. <LastState Value="10" Activated="1" RealAddress="13FF40004"/>
2470. <ShowAsHex>1</ShowAsHex>
2471. <Color>008000</Color>
2472. <VariableType>Byte</VariableType>
2473. <Address>dSlowMoKey2</Address>
2474. </CheatEntry>
2475. <CheatEntry>
2476. <ID>13040</ID>
2477. <Description>"slow motion speed"</Description>
2478. <LastState Value="0.150000006" Activated="1" RealAddress="13FF40008"/>
2479. <Color>008000</Color>
2480. <VariableType>Float</VariableType>
2481. <Address>dCustSpeedhackSpeed</Address>
2482. </CheatEntry>
2483. </CheatEntries>
2484. </CheatEntry>
2485. <CheatEntry>
2486. <ID>13179</ID>
2487. <Description>"game play time mod .2"</Description>
2488. <Options moHideChildren="1"/>
2489. <LastState/>
2490. <Color>FF0000</Color>
2491. <VariableType>Auto Assembler Script</VariableType>
2492. <AssemblerScript>[ENABLE]
2493. //code from here to '[DISABLE]' will be used to enable the cheat
2494. define(qmaxgameplaytime_default,#7123) //1:58:43
2495.  
2496. //aobscanmodule(totalGameTimeWriteAOB,re2.exe,E8 ** ** ** ** EB 08 48 ** ** ** 48 ** ** ** 48 ** ** ** 4C ** ** ** 0F 85 ** ** ** ** 44 ** ** ** 0F 85)
2497. //registersymbol(totalGameTimeWriteAOB)
2498.  
2499. label(pGameTime)
2500. registersymbol(pGameTime)
2501. label(qMaxGamePlayTime)
2502. registersymbol(qMaxGamePlayTime)
2503.  
2504. alloc(newmem,2048,totalGameTimeWriteAOB+7) //"re2.exe"+AD9D8F5)
2505. label(returnhere)
2506. label(originalcode_totalGameTimeWriteAOB)
2507. registersymbol(originalcode_totalGameTimeWriteAOB)
2508. label(exit)
2509.  
2510. newmem: //this is allocated memory, you have read,write,execute access
2511. //place your code here
2512. push rbx
2513. mov rbx,pGameTime
2514. mov [rbx],rcx
2515. mov rbx,qMaxGamePlayTime
2516. mov rbx,[rbx]
2517. imul rbx,rbx,#1000000
2518. lea rax,[rdx+rbp]
2519. sub rax,[rcx+20]
2520. sub rax,[rcx+30]
2521. cmp rax,rbx
2522. jbe @f
2523. mov rax,rbx
2524. add rax,[rcx+20]
2525. add rax,[rcx+30]
2526. sub rax,#4000000
2527. mov rdx,rax
2528. xor rbp,ebp
2529.  
2530. end:
2531. pop rbx
2532.  
2533. originalcode_totalGameTimeWriteAOB:
2534. readmem(totalGameTimeWriteAOB+7,8)
2535. //lea rax,[rdx+rbp]
2536. //mov [rcx+18],rax
2537.  
2538. exit:
2539. jmp returnhere
2540.  
2541. ///
2542. pGameTime:
2543. dq 0
2544. qMaxGamePlayTime:
2545. dq qmaxgameplaytime_default
2546. ///
2547.  
2548. totalGameTimeWriteAOB+7: //"re2.exe"+AD9D8F5:
2549. jmp newmem
2550. nop
2551. nop
2552. nop
2553. returnhere:
2554.  
2555.  
2556.  
2557.  
2558. [DISABLE]
2559. //code from here till the end of the code will be used to disable the cheat
2560. dealloc(newmem)
2561. totalGameTimeWriteAOB+7: //"re2.exe"+AD9D8F5:
2562. readmem(originalcode_totalGameTimeWriteAOB,8)
2563. //db 48 8D 04 2A 48 89 41 18
2564. //Alt: lea rax,[rdx+rbp]
2565. //Alt: mov [rcx+18],rax
2566. unregistersymbol(originalcode_totalGameTimeWriteAOB)
2567.  
2568. unregistersymbol(pGameTime)
2569. unregistersymbol(qMaxGamePlayTime)
2570. </AssemblerScript>
2571. <CheatEntries>
2572. <CheatEntry>
2573. <ID>13180</ID>
2574. <Description>"stop at:"</Description>
2575. <LastState Value="" RealAddress="00000000"/>
2576. <ShowAsHex>1</ShowAsHex>
2577. <Color>808080</Color>
2578. <VariableType>Array of byte</VariableType>
2579. <ByteLength>0</ByteLength>
2580. <Address>qMaxGamePlayTime</Address>
2581. <CheatEntries>
2582. <CheatEntry>
2583. <ID>13181</ID>
2584. <Description>"hour"</Description>
2585. <Color>008000</Color>
2586. <VariableType>Custom</VariableType>
2587. <CustomType>RE2_Hrs</CustomType>
2588. <Address>+0</Address>
2589. </CheatEntry>
2590. <CheatEntry>
2591. <ID>13182</ID>
2592. <Description>"minute"</Description>
2593. <Color>008000</Color>
2594. <VariableType>Custom</VariableType>
2595. <CustomType>RE2_Mins</CustomType>
2596. <Address>+0</Address>
2597. </CheatEntry>
2598. <CheatEntry>
2599. <ID>13183</ID>
2600. <Description>"second"</Description>
2601. <Color>008000</Color>
2602. <VariableType>Custom</VariableType>
2603. <CustomType>RE2_Secs</CustomType>
2604. <Address>+0</Address>
2605. </CheatEntry>
2606. <CheatEntry>
2607. <ID>13184</ID>
2608. <Description>"total in secs"</Description>
2609. <Color>008000</Color>
2610. <VariableType>4 Bytes</VariableType>
2611. <Address>+0</Address>
2612. </CheatEntry>
2613. </CheatEntries>
2614. </CheatEntry>
2615. <CheatEntry>
2616. <ID>13185</ID>
2617. <Description>""</Description>
2618. <Options moHideChildren="1"/>
2619. <LastState Value="" RealAddress="00000000"/>
2620. <GroupHeader>1</GroupHeader>
2621. <CheatEntries>
2622. <CheatEntry>
2623. <ID>13186</ID>
2624. <Description>"total"</Description>
2625. <Color>0000FF</Color>
2626. <VariableType>8 Bytes</VariableType>
2627. <Address>pGameTime</Address>
2628. <Offsets>
2629. <Offset>18</Offset>
2630. </Offsets>
2631. <CheatEntries>
2632. <CheatEntry>
2633. <ID>13187</ID>
2634. <Description>"cut-scene"</Description>
2635. <Color>0000FF</Color>
2636. <VariableType>8 Bytes</VariableType>
2637. <Address>+8</Address>
2638. <CheatEntries>
2639. <CheatEntry>
2640. <ID>13188</ID>
2641. <Description>"pause"</Description>
2642. <Color>0000FF</Color>
2643. <VariableType>8 Bytes</VariableType>
2644. <Address>+10</Address>
2645. </CheatEntry>
2646. </CheatEntries>
2647. </CheatEntry>
2648. </CheatEntries>
2649. </CheatEntry>
2650. </CheatEntries>
2651. </CheatEntry>
2652. </CheatEntries>
2653. </CheatEntry>
2654. <CheatEntry>
2655. <ID>13025</ID>
2656. <Description>"highlighted item"</Description>
2657. <Options moHideChildren="1"/>
2658. <LastState/>
2659. <Color>FF0000</Color>
2660. <VariableType>Auto Assembler Script</VariableType>
2661. <AssemblerScript>[ENABLE]
2662. //code from here to '[DISABLE]' will be used to enable the cheat
2663. aobscanmodule(itemIDReadOnHighlightedInInvAOB,re2.exe,4C ** ** ** 45 ** ** 4D ** ** 74 ** 45 ** ** ** 75)
2664. registersymbol(itemIDReadOnHighlightedInInvAOB)
2665.  
2666. label(bSpecialChangeAa)
2667. registersymbol(bSpecialChangeAa)
2668. label(bSpecialChangeAb)
2669. registersymbol(bSpecialChangeAb)
2670. label(bSpecialChangeB)
2671. registersymbol(bSpecialChangeB)
2672. label(bSpecialChangeC)
2673. registersymbol(bSpecialChangeC)
2674. label(bSpecialChangeD)
2675. registersymbol(bSpecialChangeD)
2676. label(pHighlightedItem)
2677. registersymbol(pHighlightedItem)
2678.  
2679. alloc(newmem,2048,itemIDReadOnHighlightedInInvAOB+c) //"re2.exe"+9868BBC)
2680. label(returnhere)
2681. label(originalcode_itemIDReadOnHighlightedInInvAOB)
2682. registersymbol(originalcode_itemIDReadOnHighlightedInInvAOB)
2683. label(exit)
2684.  
2685. newmem: //this is allocated memory, you have read,write,execute access
2686. //place your code here
2687. mov rax,pHighlightedItem
2688. mov [rax],r8
2689. mov rax,bSpecialChangeAa
2690.  
2691. ncaa:
2692. cmp byte ptr [rax],1
2693. jne @f
2694. cmp dword ptr [r8+10],f
2695. jne @f
2696. mov dword ptr [r8+10],1a
2697.  
2698. ncab:
2699. mov rax,bSpecialChangeAb
2700. cmp byte ptr [rax],1
2701. jne @f
2702. cmp dword ptr [r8+10],1a
2703. jne @f
2704. mov dword ptr [r8+10],f
2705.  
2706. ncb:
2707. cmp byte ptr [rax+4],1
2708. jne ncc
2709. cmp dword ptr [r8+10],16
2710. je @f
2711. cmp dword ptr [r8+10],17
2712. je @f
2713. cmp dword ptr [r8+10],18
2714. je @f
2715. jmp ncc
2716. @@:
2717. mov dword ptr [r8+10],1b
2718.  
2719. ncc:
2720. cmp byte ptr [rax+8],1
2721. jne @f
2722. cmp dword ptr [r8+10],20
2723. jne @f
2724. mov dword ptr [r8+10],1a
2725. fild dword ptr [r8+20]
2726. fimul dword ptr [rax+c]
2727. fistp dword ptr [r8+20]
2728.  
2729. ncd:
2730. mov rax,bSpecialChangeD
2731. cmp byte ptr [rax],1
2732. jne @f
2733. cmp dword ptr [r8+10],12
2734. jne @f
2735. mov dword ptr [r8+10],f
2736.  
2737. @@:
2738. readmem(itemIDReadOnHighlightedInInvAOB+c,4)
2739. reassemble(itemIDReadOnHighlightedInInvAOB+10)
2740. jmp exit
2741.  
2742. originalcode_itemIDReadOnHighlightedInInvAOB:
2743. readmem(itemIDReadOnHighlightedInInvAOB+c,6)
2744. //cmp [r8+10],r9d
2745. //jne re2.exe+9868BDE
2746.  
2747. exit:
2748. jmp returnhere
2749.  
2750. ///
2751. bSpecialChangeAa: //Handgun Ammo &gt; Large-caliber Handgun Ammo
2752. dd 0
2753. bSpecialChangeAb: //Large-caliber Handgun Ammo &gt; Handgun Ammo
2754. dd 0
2755. bSpecialChangeB: //Rounds+Needles &gt; High-Powered Rounds (SLS 60)
2756. dd 0
2757. bSpecialChangeC: //Ribbon &gt; 20 Large-caliber Handgun Ammo
2758. dd 0
2759. dd #10
2760. bSpecialChangeD: //MAG Ammo &gt; Handgun Ammo
2761. dd 0
2762. pHighlightedItem:
2763. ///
2764.  
2765. itemIDReadOnHighlightedInInvAOB+c: //"re2.exe"+9868BBC:
2766. jmp newmem
2767. nop
2768. returnhere:
2769.  
2770.  
2771.  
2772.  
2773. [DISABLE]
2774. //code from here till the end of the code will be used to disable the cheat
2775. dealloc(newmem)
2776. itemIDReadOnHighlightedInInvAOB+c: //"re2.exe"+9868BBC:
2777. readmem(originalcode_itemIDReadOnHighlightedInInvAOB,6)
2778. //db 45 39 48 10 75 1C
2779. //Alt: cmp [r8+10],r9d
2780. //Alt: jne re2.exe+9868BDE
2781. unregistersymbol(originalcode_itemIDReadOnHighlightedInInvAOB)
2782.  
2783. unregistersymbol(bSpecialChangeAa)
2784. unregistersymbol(bSpecialChangeAb)
2785. unregistersymbol(bSpecialChangeB)
2786. unregistersymbol(bSpecialChangeC)
2787. unregistersymbol(bSpecialChangeD)
2788. unregistersymbol(pHighlightedItem)
2789. </AssemblerScript>
2790. <CheatEntries>
2791. <CheatEntry>
2792. <ID>13026</ID>
2793. <Description>""</Description>
2794. <LastState Value="" RealAddress="00000000"/>
2795. <Color>FFFFFF</Color>
2796. <VariableType>Array of byte</VariableType>
2797. <ByteLength>0</ByteLength>
2798. <Address>pHighlightedItem</Address>
2799. <Offsets>
2800. <Offset>0</Offset>
2801. </Offsets>
2802. <CheatEntries>
2803. <CheatEntry>
2804. <ID>13130</ID>
2805. <Description>"item id"</Description>
2806. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">00000000:is weapon
2807. 00000001:First Aid Spray
2808. 00000002:Green Herb
2809. 00000003:Red Herb
2810. 00000004:Blue Herb
2811. 00000005:Mixed Herb (G+G)
2812. 00000006:Mixed Herb (G+R)
2813. 00000007:Mixed Herb (G+B)
2814. 00000008:Mixed Herb (G+G+B)
2815. 00000009:Mixed Herb (G+G+G)
2816. 0000000A:Mixed Herb (G+R+B)
2817. 0000000B:Mixed Herb (R+B)
2818. 0000000C:Green Herb
2819. 0000000D:Red Herb
2820. 0000000E:Blue Herb
2821. 0000000F:Handgun Ammo
2822. 00000010:Shotgun Shells
2823. 00000011:Submachine Gun Ammo
2824. 00000012:MAG Ammo
2825. 00000016:Acid Rounds
2826. 00000017:Flame Rounds
2827. 00000018:Needle Cartridges
2828. 00000019:Fuel
2829. 0000001A:Large-caliber Handgun Ammo
2830. 0000001B:High-Powered Rounds (SLS 60)
2831. 0000001F:Detonator
2832. 00000020:Ink Ribbon
2833. 00000021:Wooden Board
2834. 00000022:Electronic Gadget
2835. 00000023:Battery (9-volt)
2836. 00000024:Gunpowder
2837. 00000025:Gunpowder (Large)
2838. 00000026:High-Grade Gunpowder (Yellow)
2839. 00000027:High-Grade Gunpowder (White)
2840. 00000030:High-Capacity Mag. (Matilda)
2841. 00000031:Muzzle Brake (Matilda)
2842. 00000032:Gun Stock(Matilda)
2843. 00000033:Speed Loader (SLS 60)
2844. 00000034:Laser Sight (JMB Hp3)
2845. 00000035:Reinforced Frame (SLS 60)
2846. 00000036:High-Capacity Mag. (JMB Hp3)
2847. 00000037:Shotgun Stock (W-870)
2848. 00000038:Long Barrel (W-870)
2849. 0000003A:High-Capacity Mag. (MQ 11)
2850. 0000003C:Suppressor (MQ 11)
2851. 0000003D:Red Dot Sight (Lightning Hawk)
2852. 0000003E:Long Barrel (Lightning Hawk)
2853. 00000040:Shoulder Stock (GM 79)
2854. 00000041:Regulator (Flamethrower)
2855. 00000042:High Voltage Condenser (Spark Shot)
2856. 00000048:Film "Hiding Place"
2857. 00000049:Film "Rising Rookie"
2858. 0000004A:Film "Commemorative"
2859. 0000004B:Film "3F Locker"
2860. 0000004C:Film "Lion Statue"
2861. 0000004D:Storage Room Key
2862. 0000004F:Mechanic Jack Handle
2863. 00000050:Square Crank
2864. 00000051:Unicorn Medallion
2865. 00000052:Spade Key
2866. 00000053:Parking Garage Key Card
2867. 00000054:Weapons Locker Key Card
2868. 00000056:Valve Handle
2869. 00000057:S.T.A.R.S. Badge
2870. 00000058:Scepter
2871. 0000005A:Red Jewel
2872. 0000005B:Bejeweled Box
2873. 0000005D:Bishop Plug
2874. 0000005E:Rook Plug
2875. 0000005F:King Plug
2876. 00000062:Picture Block
2877. 00000066:USB Dongle Key
2878. 00000070:Spare Key (key pad)
2879. 00000072:Red Book (Art Object)
2880. 00000073:Statue's Left Arm
2881. 00000074:Left Arm with Book
2882. 00000076:Lion Medallion
2883. 00000077:Diamond Key
2884. 00000078:Car Key
2885. 0000007C:Maiden Medallion
2886. 0000007E:Power Panel Part
2887. 0000007F:Power Panel Part
2888. 00000080:Lovers Relief
2889. 00000081:Small Gear
2890. 00000082:Large Gear
2891. 00000083:Courtyard Key
2892. 00000084:Knight Plug
2893. 00000085:Pawn Plug
2894. 00000086:Queen Plug
2895. 00000087:Boxed Electronic Part
2896. 00000088:Boxed Electronic Part
2897. 0000009F:Orphanage Key
2898. 000000A0:Club Key
2899. 000000A9:Heart Key
2900. 000000AA:U.S.S. Digital Video Cassette
2901. 000000B0:T-Bar Valve Handle
2902. 000000B3:Dispersal Cartridge (Empty)
2903. 000000B4:Dispersal Cartridge (Solution)
2904. 000000B5:Dispersal Cartridge (Herbicide)
2905. 000000B7:Joint Plug
2906. 000000BA:Upgrade Chip (Admin)
2907. 000000BB:ID Wristband (Admin)
2908. 000000BC:Electronic Chip
2909. 000000BD:Signal Modulator
2910. 000000BE:Trophy
2911. 000000BF:Trophy
2912. 000000C2:Sewers Key
2913. 000000C3:ID Wristband (Visitor)
2914. 000000C4:ID Wristband (General Staff)
2915. 000000C5:ID Wristband (Senior Staff)
2916. 000000C6:Upgrade Chip (General Staff)
2917. 000000C7:Upgrade Chip (Senior Staff)
2918. 000000C8:ID Wristband (Visitor)
2919. 000000C9:ID Wristband (General Staff)
2920. 000000CA:ID Wristband (Senior Staff)
2921. 000000CB:Lab Digital Video Cassette
2922. 000000E6:Briefcase
2923. 000000F0:Fuse (Main Hall)
2924. 000000F1:Fuse (Break Room Hallway)
2925. 000000F3:Scissors
2926. 000000F4:Bolt Cutter
2927. 000000F5:Stuffed Doll
2928. 00000106:Hip Pouch
2929. 00000123:Portable Safe
2930. 00000125:Tin Storage Box
2931. 00000126:Wooden Box
2932. 00000127:Wooden Box
2933. 00000128:Tin Storage Box
2934. </DropDownList>
2935. <ShowAsHex>1</ShowAsHex>
2936. <Color>0000FF</Color>
2937. <VariableType>4 Bytes</VariableType>
2938. <Address>+10</Address>
2939. </CheatEntry>
2940. <CheatEntry>
2941. <ID>13131</ID>
2942. <Description>"weapon id"</Description>
2943. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">FFFFFFFF:not weapon
2944. 00000001:Handgun - Matilda
2945. 00000002:Handgun - M19
2946. 00000003:Handgun - JMB Hp3
2947. 00000004:Handgun - Quickdraw Army Revolver
2948. 00000007:Handgun - MUP
2949. 00000008:Handgun - Broom Hc
2950. 00000009:Handgun - SLS 60
2951. 0000000B:Shotgun - W-870
2952. 00000015:Sub Gun - MQ 11
2953. 00000017:Sub Gun - LE 5 (Infinite)
2954. 0000001F:MAG - Lightning Hawk
2955. 00000029:EMF Visualizer
2956. 0000002A:Grenade Launcher - GM 79
2957. 0000002B:Chemical Flamethrower
2958. 0000002C:Stun Gun - Spark Shot
2959. 0000002D:ATM-4
2960. 0000002E:Combat Knife
2961. 0000002F:Combat knife (Infinite)
2962. 00000031:Anti-tank Rocket
2963. 00000032:Minigun
2964. 00000041:Hand Grenade
2965. 00000042:Flash Grenade
2966. 00000052:Handgun - Samurai Edge (Infinite)
2967. 00000053:Handgun - Samurai Edge (Chris Model)
2968. 00000054:Handgun - Samurai Edge (Jill Model)
2969. 00000055:Handgun - Samurai Edge (Albert Model)
2970. 000000DE:ATM-4 (Infinite)
2971. 000000F2:Anti-tank Rocket (Infinite)
2972. 000000FC:Minigun (Infinite)
2973. </DropDownList>
2974. <ShowAsHex>1</ShowAsHex>
2975. <Color>0000FF</Color>
2976. <VariableType>4 Bytes</VariableType>
2977. <Address>+14</Address>
2978. </CheatEntry>
2979. <CheatEntry>
2980. <ID>13074</ID>
2981. <Description>"upgrade"</Description>
2982. <DropDownList DisplayValueAsItem="1">00000000:Nothing
2983. 00000001:Upgrade 1
2984. 00000002:Upgrade 2
2985. 00000003:Upgrade 1 + 2
2986. </DropDownList>
2987. <ShowAsHex>1</ShowAsHex>
2988. <Color>0000FF</Color>
2989. <VariableType>4 Bytes</VariableType>
2990. <Address>+18</Address>
2991. <CheatEntries>
2992. <CheatEntry>
2993. <ID>13143</ID>
2994. <Description>"1"</Description>
2995. <Color>0000FF</Color>
2996. <VariableType>Binary</VariableType>
2997. <BitStart>0</BitStart>
2998. <BitLength>1</BitLength>
2999. <ShowAsBinary>0</ShowAsBinary>
3000. <Address>+0</Address>
3001. </CheatEntry>
3002. <CheatEntry>
3003. <ID>13144</ID>
3004. <Description>"2"</Description>
3005. <Color>0000FF</Color>
3006. <VariableType>Binary</VariableType>
3007. <BitStart>1</BitStart>
3008. <BitLength>1</BitLength>
3009. <ShowAsBinary>0</ShowAsBinary>
3010. <Address>+0</Address>
3011. </CheatEntry>
3012. <CheatEntry>
3013. <ID>13145</ID>
3014. <Description>"3"</Description>
3015. <Color>0000FF</Color>
3016. <VariableType>Binary</VariableType>
3017. <BitStart>2</BitStart>
3018. <BitLength>1</BitLength>
3019. <ShowAsBinary>0</ShowAsBinary>
3020. <Address>+0</Address>
3021. </CheatEntry>
3022. <CheatEntry>
3023. <ID>13146</ID>
3024. <Description>"4"</Description>
3025. <Color>0000FF</Color>
3026. <VariableType>Binary</VariableType>
3027. <BitStart>3</BitStart>
3028. <BitLength>1</BitLength>
3029. <ShowAsBinary>0</ShowAsBinary>
3030. <Address>+0</Address>
3031. </CheatEntry>
3032. <CheatEntry>
3033. <ID>13147</ID>
3034. <Description>"5"</Description>
3035. <Color>0000FF</Color>
3036. <VariableType>Binary</VariableType>
3037. <BitStart>4</BitStart>
3038. <BitLength>1</BitLength>
3039. <ShowAsBinary>0</ShowAsBinary>
3040. <Address>+0</Address>
3041. </CheatEntry>
3042. <CheatEntry>
3043. <ID>13150</ID>
3044. <Description>"6"</Description>
3045. <Color>0000FF</Color>
3046. <VariableType>Binary</VariableType>
3047. <BitStart>5</BitStart>
3048. <BitLength>1</BitLength>
3049. <ShowAsBinary>0</ShowAsBinary>
3050. <Address>+0</Address>
3051. </CheatEntry>
3052. <CheatEntry>
3053. <ID>13149</ID>
3054. <Description>"7"</Description>
3055. <Color>0000FF</Color>
3056. <VariableType>Binary</VariableType>
3057. <BitStart>6</BitStart>
3058. <BitLength>1</BitLength>
3059. <ShowAsBinary>0</ShowAsBinary>
3060. <Address>+0</Address>
3061. </CheatEntry>
3062. <CheatEntry>
3063. <ID>13148</ID>
3064. <Description>"8"</Description>
3065. <Color>0000FF</Color>
3066. <VariableType>Binary</VariableType>
3067. <BitStart>7</BitStart>
3068. <BitLength>1</BitLength>
3069. <ShowAsBinary>0</ShowAsBinary>
3070. <Address>+0</Address>
3071. </CheatEntry>
3072. </CheatEntries>
3073. </CheatEntry>
3074. <CheatEntry>
3075. <ID>13132</ID>
3076. <Description>"ammo type"</Description>
3077. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">00000000:N/A
3078. 0000000F:Handgun Ammo
3079. 00000010:Shotgun Shells
3080. 00000011:Submachine Gun Ammo
3081. 00000012:MAG Ammo
3082. 00000016:Acid Rounds
3083. 00000017:Flame Rounds
3084. 00000018:Needle Cartridges
3085. 00000019:Fuel
3086. 0000001A:Large-caliber Handgun Ammo
3087. 0000001B:High-Powered Rounds (SLS 60)
3088. 0000001C:Rocket
3089. </DropDownList>
3090. <ShowAsHex>1</ShowAsHex>
3091. <Color>0000FF</Color>
3092. <VariableType>4 Bytes</VariableType>
3093. <Address>+1C</Address>
3094. </CheatEntry>
3095. <CheatEntry>
3096. <ID>13133</ID>
3097. <Description>"quantity / durabiliy"</Description>
3098. <Color>0000FF</Color>
3099. <VariableType>4 Bytes</VariableType>
3100. <Address>+20</Address>
3101. </CheatEntry>
3102. </CheatEntries>
3103. </CheatEntry>
3104. <CheatEntry>
3105. <ID>13168</ID>
3106. <Description>"DO NOT ACTIVATE"</Description>
3107. <LastState/>
3108. <Color>FFFFFF</Color>
3109. <VariableType>Auto Assembler Script</VariableType>
3110. <AssemblerScript>[ENABLE]
3111. //code from here to '[DISABLE]' will be used to enable the cheat
3112. bSpecialChangeAa:
3113. db 1
3114. bSpecialChangeC:
3115. db 1
3116. //bSpecialChangeD:
3117. //db 1
3118.  
3119.  
3120.  
3121. [DISABLE]
3122. //code from here till the end of the code will be used to disable the cheat
3123. bSpecialChangeAa:
3124. db 0
3125. bSpecialChangeC:
3126. db 0
3127. //bSpecialChangeD:
3128. //db 0
3129. </AssemblerScript>
3130. </CheatEntry>
3131. <CheatEntry>
3132. <ID>13189</ID>
3133. <Description>"DO NOT ACTIVATE"</Description>
3134. <LastState/>
3135. <Color>FFFFFF</Color>
3136. <VariableType>Auto Assembler Script</VariableType>
3137. <AssemblerScript>[ENABLE]
3138. //code from here to '[DISABLE]' will be used to enable the cheat
3139. bSpecialChangeAb:
3140. db 1
3141. //bSpecialChangeB:
3142. //db 1
3143. //bSpecialChangeC:
3144. //db 1
3145.  
3146.  
3147.  
3148. [DISABLE]
3149. //code from here till the end of the code will be used to disable the cheat
3150. bSpecialChangeAb:
3151. db 0
3152. //bSpecialChangeB:
3153. //db 0
3154. //bSpecialChangeC:
3155. //db 0
3156. </AssemblerScript>
3157. </CheatEntry>
3158. </CheatEntries>
3159. </CheatEntry>
3160. <CheatEntry>
3161. <ID>13409</ID>
3162. <Description>"hide weapon upgrade appearance"</Description>
3163. <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
3164. <LastState/>
3165. <Color>FF0000</Color>
3166. <VariableType>Auto Assembler Script</VariableType>
3167. <AssemblerScript>[ENABLE]
3168. //code from here to '[DISABLE]' will be used to enable the cheat
3169. aobscanmodule(weaponUpgradeFlagsReadForAppearanceAOB,re2.exe,48 ** ** ** ** 00 00 45 ** ** 8B ** ** ** 00 00 48 ** ** 74)
3170. registersymbol(weaponUpgradeFlagsReadForAppearanceAOB)
3171.  
3172. label(bW870UAppearance)
3173. registersymbol(bW870UAppearance)
3174. label(bMaltildaUAppearance)
3175. registersymbol(bMaltildaUAppearance)
3176. label(bSLS60UAppearance)
3177. registersymbol(bSLS60UAppearance)
3178.  
3179. alloc(newmem,2048,weaponUpgradeFlagsReadForAppearanceAOB+a) //"re2.exe"+C795D26)
3180. label(returnhere)
3181. label(originalcode_weaponUpgradeFlagsReadForAppearanceAOB)
3182. registersymbol(originalcode_weaponUpgradeFlagsReadForAppearanceAOB)
3183. label(exit)
3184.  
3185. newmem: //this is allocated memory, you have read,write,execute access
3186. //place your code here
3187. readmem(weaponUpgradeFlagsReadForAppearanceAOB+a,6)
3188. //mov ebp,[rdi+13c]
3189.  
3190. db 48 8D 87
3191. readmem(weaponUpgradeFlagsReadForAppearanceAOB+c,4)
3192. //lea rax,[rdi+13c]
3193.  
3194. cmp word ptr [rax-4],b //W-870
3195. jne @f
3196. mov rax,bW870UAppearance
3197. mov al,[rax]
3198. movzx eax,al
3199. not eax
3200. and ebp,eax
3201. jmp end
3202.  
3203. @@:
3204. cmp word ptr [rax-4],1 //Maltilda
3205. jne @f
3206. mov rax,bMaltildaUAppearance
3207. mov al,[rax]
3208. movzx eax,al
3209. not eax
3210. and ebp,eax
3211. jmp end
3212.  
3213. @@:
3214. cmp word ptr [rax-4],9 //SLS 60
3215. jne @f
3216. mov rax,bSLS60UAppearance
3217. mov al,[rax]
3218. movzx eax,al
3219. not eax
3220. and ebp,eax
3221. jmp end
3222.  
3223. end:
3224. jmp exit
3225.  
3226. originalcode_weaponUpgradeFlagsReadForAppearanceAOB:
3227. readmem(weaponUpgradeFlagsReadForAppearanceAOB+a,6)
3228. //mov ebp,[rdi+0000013C]
3229.  
3230. exit:
3231. jmp returnhere
3232.  
3233. ///
3234. bW870UAppearance:
3235. db 0
3236. bMaltildaUAppearance:
3237. db 0
3238. bSLS60UAppearance:
3239. db 0
3240. ///
3241.  
3242. weaponUpgradeFlagsReadForAppearanceAOB+a: //"re2.exe"+C795D26:
3243. jmp newmem
3244. nop
3245. returnhere:
3246.  
3247.  
3248.  
3249.  
3250. [DISABLE]
3251. //code from here till the end of the code will be used to disable the cheat
3252. dealloc(newmem)
3253. weaponUpgradeFlagsReadForAppearanceAOB+a: //"re2.exe"+C795D26:
3254. readmem(originalcode_weaponUpgradeFlagsReadForAppearanceAOB,6)
3255. //db 8B AF 3C 01 00 00
3256. //Alt: mov ebp,[rdi+0000013C]
3257. unregistersymbol(originalcode_weaponUpgradeFlagsReadForAppearanceAOB)
3258.  
3259. unregistersymbol(bW870UAppearance)
3260. unregistersymbol(bMaltildaUAppearance)
3261. unregistersymbol(bSLS60UAppearance)
3262. </AssemblerScript>
3263. <CheatEntries>
3264. <CheatEntry>
3265. <ID>13410</ID>
3266. <Description>"[Maltilda]"</Description>
3267. <Options moHideChildren="1"/>
3268. <LastState Value="" RealAddress="00000000"/>
3269. <Color>000080</Color>
3270. <VariableType>Array of byte</VariableType>
3271. <ByteLength>0</ByteLength>
3272. <Address>bMaltildaUAppearance</Address>
3273. <CheatEntries>
3274. <CheatEntry>
3275. <ID>13411</ID>
3276. <Description>"Gun Stock"</Description>
3277. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:as is
3278. 1:hide
3279. </DropDownList>
3280. <Color>008000</Color>
3281. <VariableType>Binary</VariableType>
3282. <BitStart>0</BitStart>
3283. <BitLength>1</BitLength>
3284. <ShowAsBinary>0</ShowAsBinary>
3285. <Address>+0</Address>
3286. </CheatEntry>
3287. <CheatEntry>
3288. <ID>13412</ID>
3289. <Description>"Muzzle Brake"</Description>
3290. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:as is
3291. 1:hide
3292. </DropDownList>
3293. <Color>008000</Color>
3294. <VariableType>Binary</VariableType>
3295. <BitStart>1</BitStart>
3296. <BitLength>1</BitLength>
3297. <ShowAsBinary>0</ShowAsBinary>
3298. <Address>+0</Address>
3299. </CheatEntry>
3300. </CheatEntries>
3301. </CheatEntry>
3302. <CheatEntry>
3303. <ID>13413</ID>
3304. <Description>"[SLS 60]"</Description>
3305. <Options moHideChildren="1"/>
3306. <LastState Value="" RealAddress="00000000"/>
3307. <Color>000080</Color>
3308. <VariableType>Array of byte</VariableType>
3309. <ByteLength>0</ByteLength>
3310. <Address>bSLS60UAppearance</Address>
3311. <CheatEntries>
3312. <CheatEntry>
3313. <ID>13414</ID>
3314. <Description>"Reinforced Frame"</Description>
3315. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:as is
3316. 1:hide
3317. </DropDownList>
3318. <Color>008000</Color>
3319. <VariableType>Binary</VariableType>
3320. <BitStart>3</BitStart>
3321. <BitLength>1</BitLength>
3322. <ShowAsBinary>0</ShowAsBinary>
3323. <Address>+0</Address>
3324. </CheatEntry>
3325. </CheatEntries>
3326. </CheatEntry>
3327. <CheatEntry>
3328. <ID>13415</ID>
3329. <Description>"[W-870]"</Description>
3330. <Options moHideChildren="1"/>
3331. <LastState Value="" RealAddress="00000000"/>
3332. <Color>000080</Color>
3333. <VariableType>Array of byte</VariableType>
3334. <ByteLength>0</ByteLength>
3335. <Address>bW870UAppearance</Address>
3336. <CheatEntries>
3337. <CheatEntry>
3338. <ID>13416</ID>
3339. <Description>"Long Barrel"</Description>
3340. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:as is
3341. 1:hide
3342. </DropDownList>
3343. <Color>008000</Color>
3344. <VariableType>Binary</VariableType>
3345. <BitStart>0</BitStart>
3346. <BitLength>1</BitLength>
3347. <ShowAsBinary>0</ShowAsBinary>
3348. <Address>+0</Address>
3349. </CheatEntry>
3350. <CheatEntry>
3351. <ID>13417</ID>
3352. <Description>"Shotgun Stock"</Description>
3353. <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:as is
3354. 1:hide
3355. </DropDownList>
3356. <Color>008000</Color>
3357. <VariableType>Binary</VariableType>
3358. <BitStart>1</BitStart>
3359. <BitLength>1</BitLength>
3360. <ShowAsBinary>0</ShowAsBinary>
3361. <Address>+0</Address>
3362. </CheatEntry>
3363. </CheatEntries>
3364. </CheatEntry>
3365. <CheatEntry>
3366. <ID>13418</ID>
3367. <Description>"DO NOT ACTIVATE"</Description>
3368. <LastState/>
3369. <Color>FFFFFF</Color>
3370. <VariableType>Auto Assembler Script</VariableType>
3371. <AssemblerScript>[ENABLE]
3372. //code from here to '[DISABLE]' will be used to enable the cheat
3373. bW870UAppearance:
3374. db 1
3375. bMaltildaUAppearance:
3376. db 2
3377. //bSLS60UAppearance:
3378. //db 4
3379.  
3380.  
3381.  
3382.  
3383. [DISABLE]
3384. //code from here till the end of the code will be used to disable the cheat
3385. bW870UAppearance:
3386. db 0
3387. bMaltildaUAppearance:
3388. db 0
3389. //bSLS60UAppearance:
3390. //db 0
3391. </AssemblerScript>
3392. </CheatEntry>
3393. </CheatEntries>
3394. </CheatEntry>
3395. <CheatEntry>
3396. <ID>13488</ID>
3397. <Description>"wet!"</Description>
3398. <Options moHideChildren="1"/>
3399. <LastState Activated="1"/>
3400. <Color>FF0000</Color>
3401. <VariableType>Auto Assembler Script</VariableType>
3402. <AssemblerScript>[ENABLE]
3403. //code from here to '[DISABLE]' will be used to enable the cheat
3404. define(dcuswetamount,(float)0.5)
3405.  
3406. aobscanmodule(wetFlagReadAOB,re2.exe,48 ** ** 0F 85 ** ** ** ** 8B ** ** ** 00 00 FF ** 83 ** 02)
3407. registersymbol(wetFlagReadAOB)
3408.  
3409. label(dCusWetAmount)
3410. registersymbol(dCusWetAmount)
3411. label(pSomeFxInfo)
3412. registersymbol(pSomeFxInfo)
3413.  
3414. alloc(newmem,2048,wetFlagReadAOB+9) //"re2.exe"+AA843B6)
3415. label(returnhere)
3416. label(originalcode_wetFlagReadAOB)
3417. registersymbol(originalcode_wetFlagReadAOB)
3418. label(exit)
3419.  
3420. newmem: //this is allocated memory, you have read,write,execute access
3421. //place your code here
3422. push rbx
3423. mov rbx,pSomeFxInfo
3424. mov [rbx],rdi
3425. readmem(wetFlagReadAOB+9,6)
3426. //mov eax,[rdi+98]
3427. or eax,1
3428. mov rbx,dCusWetAmount
3429. movss xmm6,[rbx]
3430. maxss xmm6,[rdi+60]
3431. movss [rdi+60],xmm6
3432. pop rbx
3433. jmp exit
3434.  
3435. originalcode_wetFlagReadAOB:
3436. readmem(wetFlagReadAOB+9,6)
3437. //mov eax,[rdi+00000098]
3438.  
3439. exit:
3440. jmp returnhere
3441.  
3442. ///
3443. dCusWetAmount:
3444. dd dcuswetamount
3445. pSomeFxInfo:
3446. dq 0
3447. ///
3448.  
3449. wetFlagReadAOB+9: //"re2.exe"+AA843B6:
3450. jmp newmem
3451. nop
3452. returnhere:
3453.  
3454.  
3455.  
3456.  
3457. [DISABLE]
3458. //code from here till the end of the code will be used to disable the cheat
3459. dealloc(newmem)
3460. wetFlagReadAOB+9: //"re2.exe"+AA843B6:
3461. readmem(originalcode_wetFlagReadAOB,6)
3462. //db 8B 87 98 00 00 00
3463. //Alt: mov eax,[rdi+00000098]
3464. unregistersymbol(originalcode_wetFlagReadAOB)
3465.  
3466. unregistersymbol(dCusWetAmount)
3467. unregistersymbol(pSomeFxInfo)
3468. </AssemblerScript>
3469. <CheatEntries>
3470. <CheatEntry>
3471. <ID>13489</ID>
3472. <Description>"amount"</Description>
3473. <LastState Value="0.200000003" Activated="1" RealAddress="13FFB0052"/>
3474. <Color>008000</Color>
3475. <VariableType>Float</VariableType>
3476. <Address>dCusWetAmount</Address>
3477. <CheatEntries>
3478. <CheatEntry>
3479. <ID>13573</ID>
3480. <Description>""</Description>
3481. <Options moHideChildren="1"/>
3482. <LastState Value="" RealAddress="15567BA0"/>
3483. <Color>FFFFFF</Color>
3484. <VariableType>Array of byte</VariableType>
3485. <ByteLength>0</ByteLength>
3486. <Address>pSomeFxInfo</Address>
3487. <Offsets>
3488. <Offset>0</Offset>
3489. </Offsets>
3490. <CheatEntries>
3491. <CheatEntry>
3492. <ID>13574</ID>
3493. <Description>"wet flag"</Description>
3494. <LastState Value="1" RealAddress="15567C38"/>
3495. <Color>0000FF</Color>
3496. <VariableType>4 Bytes</VariableType>
3497. <Address>+98</Address>
3498. </CheatEntry>
3499. <CheatEntry>
3500. <ID>13575</ID>
3501. <Description>"wet amount"</Description>
3502. <LastState Value="0.1997894943" RealAddress="15567C00"/>
3503. <Color>0000FF</Color>
3504. <VariableType>Float</VariableType>
3505. <Address>+60</Address>
3506. </CheatEntry>
3507. </CheatEntries>
3508. </CheatEntry>
3509. </CheatEntries>
3510. </CheatEntry>
3511. </CheatEntries>
3512. </CheatEntry>
3513. <CheatEntry>
3514. <ID>13551</ID>
3515. <Description>"follow cam mod"</Description>
3516. <Options moHideChildren="1"/>
3517. <LastState Activated="1"/>
3518. <Color>FF0000</Color>
3519. <VariableType>Auto Assembler Script</VariableType>
3520. <AssemblerScript>[ENABLE]
3521. //code from here to '[DISABLE]' will be used to enable the cheat
3522. aobscanmodule(folllowCamOffsets2WriteAOB,re2.exe,0F 85 ** ** ** ** 48 85 DB 0F 84 ** ** ** ** F3 ** ** ** ** F3 ** ** ** ** F3 ** ** ** ** C6 ** ** 01 48 ** ** ** 48)
3523. registersymbol(folllowCamOffsets2WriteAOB)
3524.  
3525. label(pFCamOffsets)
3526. registersymbol(pFCamOffsets)
3527.  
3528. alloc(newmem,2048,folllowCamOffsets2WriteAOB+f) //"re2.exe"+B468A5B)
3529. label(returnhere)
3530. label(originalcode_folllowCamOffsets2WriteAOB)
3531. registersymbol(originalcode_folllowCamOffsets2WriteAOB)
3532. label(exit)
3533.  
3534. newmem: //this is allocated memory, you have read,write,execute access
3535. //place your code here
3536. mov rax,pFCamOffsets
3537. mov [rax],rbx
3538.  
3539. originalcode_folllowCamOffsets2WriteAOB:
3540. readmem(folllowCamOffsets2WriteAOB+f,5)
3541. //movss [rbx+50],xmm0
3542.  
3543. exit:
3544. jmp returnhere
3545.  
3546. ///
3547. pFCamOffsets:
3548. ///
3549.  
3550. folllowCamOffsets2WriteAOB+f: //"re2.exe"+B468A5B:
3551. jmp newmem
3552. returnhere:
3553.  
3554. ///*****************************************///
3555. aobscanmodule(folllowCamOffsetZ1WriteAOB,re2.exe,F3 ** ** ** ** 0F ** ** ** 0F ** ** ** F3 ** ** ** ** F3 ** ** ** ** 48 ** ** ** E9)
3556. registersymbol(folllowCamOffsetZ1WriteAOB)
3557.  
3558. label(bAimKey)
3559. registersymbol(bAimKey)
3560. label(bAimKeyPressed)
3561. registersymbol(bAimKeyPressed)
3562.  
3563. alloc(newmem2,2048,folllowCamOffsetZ1WriteAOB+12) //"re2.exe"+BB83445)
3564. label(returnhere2)
3565. label(originalcode2_folllowCamOffsetZ1WriteAOB)
3566. registersymbol(originalcode2_folllowCamOffsetZ1WriteAOB)
3567. label(exit2)
3568.  
3569. newmem2: //this is allocated memory, you have read,write,execute access
3570. //place your code here
3571. push rcx
3572. mov rax,pFCamOffsets
3573. cmp [rax],rbx
3574. jne end
3575.  
3576. mov rcx,dCusFCamZOffset
3577. xorps xmm0,xmm0
3578. comiss xmm0,[rcx+8]
3579. movss xmm0,[rcx+8]
3580. jbe @f
3581. mulss xmm0,[rcx+14]
3582. @@:
3583. divss xmm0,[rcx+10]
3584. movss [rcx+c],xmm0
3585.  
3586. movss xmm0,[rcx+8]
3587. mov rcx,pReadiedWeapon
3588. mov rcx,[rcx]
3589. test rcx,rcx
3590. jz cfczoc
3591. cmp dword ptr [rcx],0
3592. je @f
3593. cmp dword ptr [rcx],2e
3594. je @f
3595. cmp dword ptr [rcx],2f
3596. je @f
3597. xorps xmm0,xmm0
3598. @@:
3599. mov rcx,dCusFCamZOffset
3600. movss [rcx+4],xmm0
3601.  
3602. cfczoc:
3603. mov rcx,dCusFCamZOffset
3604. movss xmm0,[rcx]
3605. comiss xmm0,[rcx+4]
3606. ja deccfczo
3607. jb inccfczo
3608. je assigncfczo
3609.  
3610. inccfczo:
3611. addss xmm0,[rcx+c]
3612. minss xmm0,[rcx+4]
3613. jmp assigncfczo
3614.  
3615. deccfczo:
3616. subss xmm0,[rcx+c]
3617. maxss xmm0,[rcx+4]
3618. jmp assigncfczo
3619.  
3620. assigncfczo:
3621. movss [rcx],xmm0
3622. db F3 0F 58 43
3623. readmem(folllowCamOffsets2WriteAOB+18,1)
3624. //addss xmm0,[rbx+54]
3625.  
3626. end:
3627. pop rcx
3628.  
3629. originalcode2_folllowCamOffsetZ1WriteAOB:
3630. readmem(folllowCamOffsetZ1WriteAOB+12,5)
3631. //movss [rdx+14],xmm0
3632.  
3633. exit2:
3634. jmp returnhere2
3635.  
3636. ///
3637. bAimKey:
3638. dd 02
3639. bAimKeyPressed:
3640. dd 0
3641. ///
3642.  
3643. folllowCamOffsetZ1WriteAOB+12: //"re2.exe"+BB83445:
3644. jmp newmem2
3645. returnhere2:
3646.  
3647. ///*****************************************///
3648. dCusFCamZOffset:
3649. dd 0
3650. dCusFCamZOffset+8:
3651. dd (float)-0.22
3652.  
3653.  
3654.  
3655.  
3656.  
3657. [DISABLE]
3658. //code from here till the end of the code will be used to disable the cheat
3659. dealloc(newmem)
3660. folllowCamOffsets2WriteAOB+f: //"re2.exe"+B468A5B:
3661. readmem(originalcode_folllowCamOffsets2WriteAOB,5)
3662. //db F3 0F 11 43 50
3663. //Alt: movss [rbx+50],xmm0
3664. unregistersymbol(originalcode_folllowCamOffsets2WriteAOB)
3665.  
3666. unregistersymbol(pFCamOffsets)
3667.  
3668. ///*****************************************///
3669. dealloc(newmem2)
3670. folllowCamOffsetZ1WriteAOB+12: //"re2.exe"+BB83445:
3671. readmem(originalcode2_folllowCamOffsetZ1WriteAOB,5)
3672. //db F3 0F 11 42 14
3673. //Alt: movss [rdx+14],xmm0
3674. unregistersymbol(originalcode2_folllowCamOffsetZ1WriteAOB)
3675.  
3676. unregistersymbol(bAimKey)
3677. unregistersymbol(bAimKeyPressed)
3678.  
3679. ///*****************************************///
3680. </AssemblerScript>
3681. <CheatEntries>
3682. <CheatEntry>
3683. <ID>13562</ID>
3684. <Description>"custom z"</Description>
3685. <LastState Value="-0.3300000131" Activated="1" RealAddress="13FFD0039"/>
3686. <Color>008000</Color>
3687. <VariableType>Float</VariableType>
3688. <Address>dCusFCamZOffset+8</Address>
3689. </CheatEntry>
3690. <CheatEntry>
3691. <ID>13561</ID>
3692. <Description>""</Description>
3693. <Options moHideChildren="1"/>
3694. <LastState Value="" RealAddress="00000000"/>
3695. <GroupHeader>1</GroupHeader>
3696. <CheatEntries>
3697. <CheatEntry>
3698. <ID>13552</ID>
3699. <Description>""</Description>
3700. <LastState Value="" RealAddress="15B1EE90"/>
3701. <VariableType>Array of byte</VariableType>
3702. <ByteLength>0</ByteLength>
3703. <Address>pFCamOffsets</Address>
3704. <Offsets>
3705. <Offset>0</Offset>
3706. </Offsets>
3707. <CheatEntries>
3708. <CheatEntry>
3709. <ID>13553</ID>
3710. <Description>"+50"</Description>
3711. <LastState Value="-12.5851469" RealAddress="15B1EEE0"/>
3712. <VariableType>Float</VariableType>
3713. <Address>+50</Address>
3714. </CheatEntry>
3715. <CheatEntry>
3716. <ID>13554</ID>
3717. <Description>"+54"</Description>
3718. <LastState Value="1.419144511" RealAddress="15B1EEE4"/>
3719. <VariableType>Float</VariableType>
3720. <Address>+54</Address>
3721. </CheatEntry>
3722. <CheatEntry>
3723. <ID>13555</ID>
3724. <Description>"+58"</Description>
3725. <LastState Value="-16.14104843" RealAddress="15B1EEE8"/>
3726. <VariableType>Float</VariableType>
3727. <Address>+58</Address>
3728. </CheatEntry>
3729. </CheatEntries>
3730. </CheatEntry>
3731. <CheatEntry>
3732. <ID>13556</ID>
3733. <Description>"+0"</Description>
3734. <LastState Value="-0.3300000131" RealAddress="13FFD0031"/>
3735. <VariableType>Float</VariableType>
3736. <Address>dCusFCamZOffset</Address>
3737. <CheatEntries>
3738. <CheatEntry>
3739. <ID>13557</ID>
3740. <Description>"+4"</Description>
3741. <LastState Value="-0.3300000131" RealAddress="13FFD0035"/>
3742. <VariableType>Float</VariableType>
3743. <Address>+4</Address>
3744. <CheatEntries>
3745. <CheatEntry>
3746. <ID>13558</ID>
3747. <Description>"+8"</Description>
3748. <LastState Value="-0.3300000131" RealAddress="13FFD0039"/>
3749. <VariableType>Float</VariableType>
3750. <Address>+4</Address>
3751. <CheatEntries>
3752. <CheatEntry>
3753. <ID>13559</ID>
3754. <Description>"+c"</Description>
3755. <LastState Value="0.02200000174" RealAddress="13FFD003D"/>
3756. <VariableType>Float</VariableType>
3757. <Address>+4</Address>
3758. <CheatEntries>
3759. <CheatEntry>
3760. <ID>13560</ID>
3761. <Description>"+10"</Description>
3762. <LastState Value="15" RealAddress="13FFD0041"/>
3763. <VariableType>Float</VariableType>
3764. <Address>+4</Address>
3765. <CheatEntries>
3766. <CheatEntry>
3767. <ID>13565</ID>
3768. <Description>"+14"</Description>
3769. <LastState Value="-1" RealAddress="13FFD0045"/>
3770. <VariableType>Float</VariableType>
3771. <Address>+4</Address>
3772. <CheatEntries>
3773. <CheatEntry>
3774. <ID>13566</ID>
3775. <Description>"+18"</Description>
3776. <LastState Value="0" RealAddress="13FFD0049"/>
3777. <VariableType>Float</VariableType>
3778. <Address>+4</Address>
3779. </CheatEntry>
3780. </CheatEntries>
3781. </CheatEntry>
3782. </CheatEntries>
3783. </CheatEntry>
3784. </CheatEntries>
3785. </CheatEntry>
3786. </CheatEntries>
3787. </CheatEntry>
3788. </CheatEntries>
3789. </CheatEntry>
3790. </CheatEntries>
3791. </CheatEntry>
3792. </CheatEntries>
3793. </CheatEntry>
3794. </CheatEntries>
3795. </CheatEntry>
3796. <CheatEntry>
3797. <ID>13209</ID>
3798. <Description>"character model mod .6"</Description>
3799. <Options moHideChildren="1"/>
3800. <LastState/>
3801. <Color>FF0000</Color>
3802. <VariableType>Auto Assembler Script</VariableType>
3803. <AssemblerScript>[ENABLE]
3804. //code from here to '[DISABLE]' will be used to enable the cheat
3805. aobscanmodule(charInvReadOnLodAOB,re2.exe,74 ** 48 ** ** 88 00 ** ** 48 ** ** 75 ** 8D ** ** 45 ** ** 48 ** ** E8 ** ** ** ** 31 C0 48 ** ** ** ** 48 ** ** ** 5F C3 8B ** ** 48 ** ** ** ** 48 ** ** ** 5F C3)
3806. registersymbol(charInvReadOnLodAOB)
3807.  
3808. label(bStart)
3809. registersymbol(bStart)
3810. label(pCurrentCharacter)
3811. registersymbol(pCurrentCharacter)
3812. label(dCurrentCharacter)
3813. registersymbol(dCurrentCharacter)
3814.  
3815. alloc(newmem23,2048,charInvReadOnLodAOB+29) //"re2.exe"+C2EB9E3)
3816. label(returnhere23)
3817. label(originalcode23_charInvReadOnLodAOB)
3818. registersymbol(originalcode23_charInvReadOnLodAOB)
3819. label(exit23)
3820.  
3821. newmem23: //this is allocated memory, you have read,write,execute access
3822. //place your code here
3823. xor rdi,rdi //
3824. mov rbx,bStart
3825. mov [rbx],rdi
3826. mov rbx,pCurrentCharacter
3827. mov [rbx],rdi
3828. mov rbx,dCurrentCharacter
3829. //mov eax,[rax+54] //
3830. mov [rbx],edi
3831.  
3832. originalcode23_charInvReadOnLodAOB:
3833. readmem(charInvReadOnLodAOB+29,8)
3834. //mov eax,[rax+54]
3835. //mov rbx,[rsp+30]
3836.  
3837. exit23:
3838. jmp returnhere23
3839.  
3840. ///
3841. bStart:
3842. dd 0
3843. pCurrentCharacter:
3844. dq 0
3845. dCurrentCharacter:
3846. dd ffffffff
3847. ///
3848.  
3849. charInvReadOnLodAOB+29: //"re2.exe"+C2EB9E3:
3850. jmp newmem23
3851. nop
3852. nop
3853. nop
3854. returnhere23:
3855.  
3856. ///*************************************///
3857. aobscanmodule(charIDReadOnModelLoadAOB,re2.exe,31 C0 48 ** ** ** ** 48 ** ** ** 5F C3 8B ** ** 48 ** ** ** ** 48 ** ** ** 5F C3 8B)
3858. registersymbol(charIDReadOnModelLoadAOB)
3859.  
3860. //label(pCurrentCharacter)
3861. //registersymbol(pCurrentCharacter)
3862. //label(dCurrentCharacter)
3863. //registersymbol(dCurrentCharacter)
3864. label(pCharacterInfo)
3865. registersymbol(pCharacterInfo)
3866. label(dCustomCharacter)
3867. registersymbol(dCustomCharacter)
3868.  
3869. alloc(newmem,2048,charIDReadOnModelLoadAOB+d) //"re2.exe"+E4616C3)
3870. label(returnhere)
3871. label(originalcode_charIDReadOnModelLoadAOB)
3872. registersymbol(originalcode_charIDReadOnModelLoadAOB)
3873. label(exit)
3874.  
3875. newmem: //this is allocated memory, you have read,write,execute access
3876. //place your code here
3877. //mov rbx,pCharacterInfo
3878. //mov [rbx],rax
3879. xor rbx,rbx
3880. readmem(charIDReadOnModelLoadAOB+d,1)
3881. db 58
3882. readmem(charIDReadOnModelLoadAOB+f,1)
3883. //mov ebx,[rax+54]
3884. test ebx,ebx
3885. jl @f
3886. cmp ebx,5
3887. jg @f
3888. mov rdi,dCustomCharacter
3889. mov ebx,[rdi+rbx*4]
3890. test ebx,ebx
3891. cmovge eax,ebx //
3892. jl @f //
3893. readmem(charIDReadOnModelLoadAOB+10,5) //
3894. jmp exit //
3895. {jl @f
3896. db 89 58
3897. readmem(charIDReadOnModelLoadAOB+f,1)
3898. //mov [rax+54],ebx}
3899.  
3900. originalcode_charIDReadOnModelLoadAOB:
3901. readmem(charIDReadOnModelLoadAOB+d,8)
3902. //mov eax,[rax+54]
3903. //mov rbx,[rsp+30]
3904.  
3905. exit:
3906. jmp returnhere
3907.  
3908. ///
3909. //pCurrentCharacter:
3910. //dq 0
3911. //dCurrentCharacter:
3912. //dd ffffffff
3913. pCharacterInfo:
3914. dq 0
3915. dCustomCharacter:
3916. dd ffffffff //leon
3917. dd ffffffff //claire
3918. dd ffffffff //ada
3919. dd ffffffff //sherry
3920. dd ffffffff //hunk
3921. dd ffffffff //tofu
3922. ///
3923.  
3924. charIDReadOnModelLoadAOB+d: //"re2.exe"+E4616C3:
3925. jmp newmem
3926. nop
3927. nop
3928. nop
3929. returnhere:
3930.  
3931. ///*************************************///
3932. aobscanmodule(costumeWriteOnLoadOrChangeAOB,re2.exe,74 14 E8 ** ** ** ** 48 ** ** ** 48 ** ** ** 00 0F 85 ** ** ** ** 89 ** ** 48)
3933. registersymbol(costumeWriteOnLoadOrChangeAOB)
3934.  
3935. label(dCustomCostume)
3936. registersymbol(dCustomCostume)
3937.  
3938. alloc(newmem2,2048,costumeWriteOnLoadOrChangeAOB+16) //"re2.exe"+E46D663)
3939. label(returnhere2)
3940. label(originalcode2_costumeWriteOnLoadOrChangeAOB)
3941. registersymbol(originalcode2_costumeWriteOnLoadOrChangeAOB)
3942. label(exit2)
3943.  
3944. newmem2: //this is allocated memory, you have read,write,execute access
3945. //place your code here
3946. test eax,eax
3947. jl end2
3948. cmp eax,3
3949. jg @f
3950. push rcx
3951. mov rcx,dCustomCostume
3952. mov eax,[rcx+rax*4]
3953. pop rcx
3954. test eax,eax
3955. cmovge ebp,eax
3956. jmp end2
3957. @@:
3958. xor ebp,ebp
3959.  
3960. end2:
3961.  
3962. originalcode2_costumeWriteOnLoadOrChangeAOB:
3963. readmem(costumeWriteOnLoadOrChangeAOB+16,7)
3964. //mov [rdi+54],ebp
3965. //mov rax,[rbx+50]
3966.  
3967. exit2:
3968. jmp returnhere2
3969.  
3970. ///
3971. dCustomCostume:
3972. dd ffffffff //leon
3973. dd ffffffff //claire
3974. dd ffffffff //ada
3975. dd ffffffff //sherry
3976. ///
3977.  
3978. costumeWriteOnLoadOrChangeAOB+16: //"re2.exe"+E46D663:
3979. jmp newmem2
3980. nop
3981. nop
3982. returnhere2:
3983.  
3984. ///*************************************///
3985. aobscanmodule(charIDChk1AOB,re2.exe,48 ** ** ** ** ** ** 48 85 C0 0F 84 ** ** ** ** 48 ** ** ** 48 ** ** 0F 84 ** ** ** ** 39 ** ** 0F 85)
3986. registersymbol(charIDChk1AOB)
3987.  
3988. alloc(newmem4,2048,charIDChk1AOB+1d) //"re2.exe"+D5DDD90)
3989. label(returnhere4)
3990. label(originalcode4_charIDChk1AOB)
3991. registersymbol(originalcode4_charIDChk1AOB)
3992. label(exit4)
3993.  
3994. newmem4: //this is allocated memory, you have read,write,execute access
3995. //place your code here
3996. //cmp edi,4
3997. //je @f
3998. //push rbx
3999. //mov rbx,pCurrentCharacter
4000. //cmp [rbx],rcx
4001. //pop rbx
4002. //jne @f
4003.  
4004. cmp rsi,1
4005. jne @f
4006.  
4007. push rbx
4008. mov rbx,pCurrentCharacter
4009. mov [rbx],rcx
4010.  
4011. //push rbx
4012. mov rbx,dCurrentCharacter
4013. //mov ebx,[rbx]
4014. //cmp ebx,edi
4015. mov [rbx],edi
4016. pop rbx
4017. //reassemble(charIDChk1AOB+20)
4018. //jmp exit4
4019.  
4020. @@:
4021. readmem(charIDChk1AOB+1d,3)
4022. reassemble(charIDChk1AOB+20)
4023. jmp exit4
4024.  
4025. originalcode4_charIDChk1AOB:
4026. readmem(charIDChk1AOB+1d,9)
4027. //cmp [rcx+54],edi
4028. //jne re2.exe+D5DDCA2
4029.  
4030. exit4:
4031. jmp returnhere4
4032.  
4033. ///
4034. ///
4035.  
4036. charIDChk1AOB+1d: //"re2.exe"+D5DDD90:
4037. jmp newmem4
4038. nop
4039. nop
4040. nop
4041. nop
4042. returnhere4:
4043.  
4044. ///*************************************///
4045. aobscanmodule(charIDReadOnModelLoadForStanceAOB,re2.exe,75 ** 48 ** ** ** 48 ** ** 8B ** ** 48 85 C0 74 ** 8B ** ** E8)
4046. registersymbol(charIDReadOnModelLoadForStanceAOB)
4047.  
4048. label(dCustomStance)
4049. registersymbol(dCustomStance)
4050.  
4051. alloc(newmem24,2048,charIDReadOnModelLoadForStanceAOB+11) //"re2.exe"+C23D28A)
4052. label(returnhere24)
4053. label(originalcode24_charIDReadOnModelLoadForStanceAOB)
4054. registersymbol(originalcode24_charIDReadOnModelLoadForStanceAOB)
4055. label(exit24)
4056.  
4057. newmem24: //this is allocated memory, you have read,write,execute access
4058. //place your code here
4059. //mov rdx,pCharacterInfo
4060. //mov [rdx],rax
4061.  
4062. mov rdx,pCurrentCharacter
4063. mov [rdx],rax
4064.  
4065. xor rdx,rdx
4066. readmem(charIDReadOnModelLoadForStanceAOB+11,3)
4067. //mov edx,[rax+54]
4068.  
4069. mov rax,dCurrentCharacter
4070. mov [rax],edx
4071.  
4072. mov rax,dCustomStance
4073. mov eax,[rax]
4074. test eax,eax
4075. cmovge edx,eax
4076. xor rax,rax
4077.  
4078. end24:
4079. reassemble(charIDReadOnModelLoadForStanceAOB+14)
4080. //call re2.exe+149C610
4081. jmp exit24
4082.  
4083. originalcode24_charIDReadOnModelLoadForStanceAOB:
4084. readmem(charIDReadOnModelLoadForStanceAOB+11,8)
4085. //mov edx,[rax+54]
4086. //call re2.exe+149C610
4087.  
4088. exit24:
4089. jmp returnhere24
4090.  
4091. ///
4092. dCustomStance:
4093. dd ffffffff
4094. ///
4095.  
4096. charIDReadOnModelLoadForStanceAOB+11: //"re2.exe"+C23D28A:
4097. jmp newmem24
4098. nop
4099. nop
4100. nop
4101. returnhere24:
4102.  
4103. ///*************************************///
4104. luaCall(lua_aobscan("charIDReadForLoadoutOnLoadAOB","re2.exe","48 ** ** ** 48 ** ** ** 48 ** ** 48 ** ** ** 00 74 08 31 C0 48 ** ** ** 5F C3 48 ** ** ** ** 45 ** ** 8B ** ** 48",2))
4105.  
4106. alloc(newmem25,2048,charIDReadForLoadoutOnLoadAOB+1f) //"re2.exe"+950EAC1)
4107. label(returnhere25)
4108. label(originalcode25_charIDReadForLoadoutOnLoadAOB)
4109. registersymbol(originalcode25_charIDReadForLoadoutOnLoadAOB)
4110. label(exit25)
4111.  
4112. newmem25: //this is allocated memory, you have read,write,execute access
4113. //place your code here
4114. readmem(charIDReadForLoadoutOnLoadAOB+1f,6)
4115. //xor r8d,r8d
4116. //mov ebx,[rdx+54]
4117.  
4118. push rcx
4119.  
4120. mov rcx,bStart
4121. cmp dword ptr [rcx],0
4122. je @f
4123.  
4124. mov rcx,pCurrentCharacter
4125. cmp [rcx],rdx
4126. jne @f
4127. mov rcx,dCustomStance
4128. mov ecx,[rcx]
4129. test ecx,ecx
4130. cmovge ebx,ecx
4131.  
4132. end25:
4133. mov rcx,bStart
4134. inc dword ptr [rcx]
4135. pop rcx
4136. jmp exit25
4137.  
4138. originalcode25_charIDReadForLoadoutOnLoadAOB:
4139. readmem(charIDReadForLoadoutOnLoadAOB+1f,6)
4140. //xor r8d,r8d
4141. //mov ebx,[rdx+54]
4142.  
4143. exit25:
4144. jmp returnhere25
4145.  
4146. ///
4147.  
4148. charIDReadForLoadoutOnLoadAOB+1f: //"re2.exe"+950EAC1:
4149. jmp newmem25
4150. nop
4151. returnhere25:
4152.  
4153. ///*************************************///
4154. aobscanmodule(charIDReadForLoadoutOnCutsceneEndAOB,re2.exe,4C ** ** ** 48 ** ** 49 ** ** ** ** ** ** 48 ** ** 0F 84 ** ** ** ** 8B ** ** 45 ** ** 48)
4155. registersymbol(charIDReadForLoadoutOnCutsceneEndAOB)
4156.  
4157. alloc(newmem26,2048,charIDReadForLoadoutOnCutsceneEndAOB+17) //"re2.exe"+BFD2E06)
4158. label(returnhere26)
4159. label(originalcode26_charIDReadForLoadoutOnCutsceneEndAOB)
4160. registersymbol(originalcode26_charIDReadForLoadoutOnCutsceneEndAOB)
4161. label(exit26)
4162.  
4163. newmem26: //this is allocated memory, you have read,write,execute access
4164. //place your code here
4165. readmem(charIDReadForLoadoutOnCutsceneEndAOB+17,6)
4166. //mov edi,[rax+54]
4167. //xor r8d,r8d
4168.  
4169. mov rdx,pCurrentCharacter
4170. cmp [rdx],rax
4171. jne @f
4172. mov rdx,dCustomStance
4173. mov edx,[rdx]
4174. test edx,edx
4175. cmovge edi,edx
4176.  
4177. end26:
4178. jmp exit26
4179.  
4180. originalcode26_charIDReadForLoadoutOnCutsceneEndAOB:
4181. readmem(charIDReadForLoadoutOnCutsceneEndAOB+17,6)
4182. //mov edi,[rax+54]
4183. //xor r8d,r8d
4184.  
4185. exit26:
4186. jmp returnhere26
4187.  
4188. ///
4189.  
4190. charIDReadForLoadoutOnCutsceneEndAOB+17: //"re2.exe"+BFD2E06:
4191. jmp newmem26
4192. nop
4193. returnhere26:
4194.  
4195. ///*************************************///
4196.  
4197.  
4198.  
4199.  
4200. [DISABLE]
4201. //code from here till the end of the code will be used to disable the cheat
4202. dealloc(newmem23)
4203. charInvReadOnLodAOB+29: //"re2.exe"+C2EB9E3:
4204. readmem(originalcode23_charInvReadOnLodAOB,8)
4205. //db 8B 40 54 48 8B 5C 24 30
4206. //Alt: mov eax,[rax+54]
4207. //Alt: mov rbx,[rsp+30]
4208. unregistersymbol(originalcode23_charInvReadOnLodAOB)
4209.  
4210. unregistersymbol(bStart)
4211. unregistersymbol(pCurrentCharacter)
4212. unregistersymbol(dCurrentCharacter)
4213.  
4214. ///*************************************///
4215. dealloc(newmem)
4216. charIDReadOnModelLoadAOB+d: //"re2.exe"+E4616C3:
4217. readmem(originalcode_charIDReadOnModelLoadAOB,8)
4218. //db 8B 40 54 48 8B 5C 24 30
4219. //Alt: mov eax,[rax+54]
4220. //Alt: mov rbx,[rsp+30]
4221. unregistersymbol(originalcode_charIDReadOnModelLoadAOB)
4222.  
4223. //unregistersymbol(pCurrentCharacter)
4224. //unregistersymbol(dCurrentCharacter)
4225. unregistersymbol(pCharacterInfo)
4226. unregistersymbol(dCustomCharacter)
4227.  
4228. ///*************************************///
4229. dealloc(newmem2)
4230. costumeWriteOnLoadOrChangeAOB+16: //"re2.exe"+E46D663:
4231. readmem(originalcode2_costumeWriteOnLoadOrChangeAOB,7)
4232. //db 89 6F 54 48 8B 43 50
4233. //Alt: mov [rdi+54],ebp
4234. //Alt: mov rax,[rbx+50]
4235. unregistersymbol(originalcode2_costumeWriteOnLoadOrChangeAOB)
4236.  
4237. unregistersymbol(dCustomCostume)
4238.  
4239. ///*************************************///
4240. dealloc(newmem4)
4241. charIDChk1AOB+1d: //"re2.exe"+D5DDD90:
4242. readmem(originalcode4_charIDChk1AOB,9)
4243. //db 39 79 54 0F 85 09 FF FF FF
4244. //Alt: cmp [rcx+54],edi
4245. //Alt: jne re2.exe+D5DDCA2
4246. unregistersymbol(originalcode4_charIDChk1AOB)
4247.  
4248. ///*************************************///
4249. dealloc(newmem24)
4250. charIDReadOnModelLoadForStanceAOB+11: //"re2.exe"+C23D28A:
4251. readmem(originalcode24_charIDReadOnModelLoadForStanceAOB,8)
4252. //db 8B 50 54 E8 7E F3 25 F5
4253. //Alt: mov edx,[rax+54]
4254. //Alt: call re2.exe+149C610
4255. unregistersymbol(originalcode24_charIDReadOnModelLoadForStanceAOB)
4256.  
4257. unregistersymbol(dCustomStance)
4258.  
4259. ///*************************************///
4260. dealloc(newmem25)
4261. charIDReadForLoadoutOnLoadAOB+1f: //"re2.exe"+950EAC1:
4262. readmem(originalcode25_charIDReadForLoadoutOnLoadAOB,6)
4263. //db 45 31 C0 8B 5A 54
4264. //Alt: xor r8d,r8d
4265. //Alt: mov ebx,[rdx+54]
4266. unregistersymbol(originalcode25_charIDReadForLoadoutOnLoadAOB)
4267.  
4268. ///*************************************///
4269. dealloc(newmem26)
4270. charIDReadForLoadoutOnCutsceneEndAOB+17: //"re2.exe"+BFD2E06:
4271. readmem(originalcode26_charIDReadForLoadoutOnCutsceneEndAOB,6)
4272. //db 8B 78 54 45 31 C0
4273. //Alt: mov edi,[rax+54]
4274. //Alt: xor r8d,r8d
4275. unregistersymbol(originalcode26_charIDReadForLoadoutOnCutsceneEndAOB)
4276.  
4277. ///*************************************///
4278. </AssemblerScript>
4279. <CheatEntries>
4280. <CheatEntry>
4281. <ID>13245</ID>
4282. <Description>"custom stance"</Description>
4283. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4284. 00000000:Leon Scott Kennedy
4285. 00000001:Claire Redfield
4286. 00000002:Ada Wong
4287. 00000003:Sherry Birkin
4288. 00000004:HUNK
4289. 00000005:Tofu
4290. 00000006:Robert Kendo (Gun Shop Owner)
4291. 00000007:Brian Irons (Chief of Police)
4292. 00000008:Ben Bertolucci (Journalist)
4293. 00000009:Annette Birkin
4294. 0000000a:Chris Redfield
4295. 0000000D:Marvin Branagh
4296. 00000010:William Broken
4297. 00000014:Katherine Warren
4298. 0000001B:RPD Pilot
4299. 0000001D:Truck Driver
4300. 0000001E:Woman that Truck Driver hits
4301. 0000001F:Cop in Gas Station
4302. 00000020:First zombie in gas station with missing face texture
4303. 00000021:Emma Kendo
4304. 00000022:RPD Elliot with Entrails buttflap
4305. 00000024:Gas Station clerk
4306. 00000025:Officer in west hallway with cheek torn open. Broken textures
4307. 00000027:Male Generic Zombie A
4308. 00000028:G-infected Zombie torched by Annette
4309. 00000029:Some guy in a lab coat
4310. 0000002A:Unknown character
4311. </DropDownList>
4312. <ShowAsHex>1</ShowAsHex>
4313. <Color>008000</Color>
4314. <VariableType>4 Bytes</VariableType>
4315. <Address>dCustomStance</Address>
4316. <CheatEntries>
4317. <CheatEntry>
4318. <ID>13455</ID>
4319. <Description>"for controlling character"</Description>
4320. <LastState Value="" RealAddress="00000000"/>
4321. <Color>808080</Color>
4322. <GroupHeader>1</GroupHeader>
4323. </CheatEntry>
4324. <CheatEntry>
4325. <ID>13571</ID>
4326. <Description>"MUST reload after changes"</Description>
4327. <LastState Value="" RealAddress="00000000"/>
4328. <Color>808080</Color>
4329. <GroupHeader>1</GroupHeader>
4330. </CheatEntry>
4331. </CheatEntries>
4332. </CheatEntry>
4333. <CheatEntry>
4334. <ID>13210</ID>
4335. <Description>"[custom character]"</Description>
4336. <Options moHideChildren="1"/>
4337. <LastState Value="" RealAddress="00000000"/>
4338. <Color>000080</Color>
4339. <VariableType>Array of byte</VariableType>
4340. <ByteLength>0</ByteLength>
4341. <Address>dCustomCharacter</Address>
4342. <CheatEntries>
4343. <CheatEntry>
4344. <ID>13211</ID>
4345. <Description>"Leon"</Description>
4346. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4347. 00000000:Leon Scott Kennedy
4348. 00000001:Claire Redfield
4349. 00000002:Ada Wong
4350. 00000003:Sherry Birkin
4351. 00000004:HUNK
4352. 00000005:Tofu
4353. 00000006:Robert Kendo (Gun Shop Owner)
4354. 00000007:Brian Irons (Chief of Police)
4355. 00000008:Ben Bertolucci (Journalist)
4356. 00000009:Annette Birkin
4357. 0000000a:Chris Redfield
4358. 0000000D:Marvin Branagh
4359. 00000010:William Broken
4360. 00000014:Katherine Warren
4361. 0000001B:RPD Pilot
4362. 0000001D:Truck Driver
4363. 0000001E:Woman that Truck Driver hits
4364. 0000001F:Cop in Gas Station
4365. 00000020:First zombie in gas station with missing face texture
4366. 00000021:Emma Kendo
4367. 00000022:RPD Elliot with Entrails buttflap
4368. 00000024:Gas Station clerk
4369. 00000025:Officer in west hallway with cheek torn open. Broken textures
4370. 00000027:Male Generic Zombie A
4371. 00000028:G-infected Zombie torched by Annette
4372. 00000029:Some guy in a lab coat
4373. 0000002A:Unknown character
4374. </DropDownList>
4375. <ShowAsHex>1</ShowAsHex>
4376. <Color>008000</Color>
4377. <VariableType>4 Bytes</VariableType>
4378. <Address>+0*4</Address>
4379. </CheatEntry>
4380. <CheatEntry>
4381. <ID>13212</ID>
4382. <Description>"Claire"</Description>
4383. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4384. 00000000:Leon Scott Kennedy
4385. 00000001:Claire Redfield
4386. 00000002:Ada Wong
4387. 00000003:Sherry Birkin
4388. 00000004:HUNK
4389. 00000005:Tofu
4390. 00000006:Robert Kendo (Gun Shop Owner)
4391. 00000007:Brian Irons (Chief of Police)
4392. 00000008:Ben Bertolucci (Journalist)
4393. 00000009:Annette Birkin
4394. 0000000a:Chris Redfield
4395. 0000000D:Marvin Branagh
4396. 00000010:William Broken
4397. 00000014:Katherine Warren
4398. 0000001B:RPD Pilot
4399. 0000001D:Truck Driver
4400. 0000001E:Woman that Truck Driver hits
4401. 0000001F:Cop in Gas Station
4402. 00000020:First zombie in gas station with missing face texture
4403. 00000021:Emma Kendo
4404. 00000022:RPD Elliot with Entrails buttflap
4405. 00000024:Gas Station clerk
4406. 00000025:Officer in west hallway with cheek torn open. Broken textures
4407. 00000027:Male Generic Zombie A
4408. 00000028:G-infected Zombie torched by Annette
4409. 00000029:Some guy in a lab coat
4410. 0000002A:Unknown character
4411. </DropDownList>
4412. <ShowAsHex>1</ShowAsHex>
4413. <Color>008000</Color>
4414. <VariableType>4 Bytes</VariableType>
4415. <Address>+1*4</Address>
4416. </CheatEntry>
4417. <CheatEntry>
4418. <ID>13213</ID>
4419. <Description>"Ada"</Description>
4420. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4421. 00000000:Leon Scott Kennedy
4422. 00000001:Claire Redfield
4423. 00000002:Ada Wong
4424. 00000003:Sherry Birkin
4425. 00000004:HUNK
4426. 00000005:Tofu
4427. 00000006:Robert Kendo (Gun Shop Owner)
4428. 00000007:Brian Irons (Chief of Police)
4429. 00000008:Ben Bertolucci (Journalist)
4430. 00000009:Annette Birkin
4431. 0000000a:Chris Redfield
4432. 0000000D:Marvin Branagh
4433. 00000010:William Broken
4434. 00000014:Katherine Warren
4435. 0000001B:RPD Pilot
4436. 0000001D:Truck Driver
4437. 0000001E:Woman that Truck Driver hits
4438. 0000001F:Cop in Gas Station
4439. 00000020:First zombie in gas station with missing face texture
4440. 00000021:Emma Kendo
4441. 00000022:RPD Elliot with Entrails buttflap
4442. 00000024:Gas Station clerk
4443. 00000025:Officer in west hallway with cheek torn open. Broken textures
4444. 00000027:Male Generic Zombie A
4445. 00000028:G-infected Zombie torched by Annette
4446. 00000029:Some guy in a lab coat
4447. 0000002A:Unknown character
4448. </DropDownList>
4449. <ShowAsHex>1</ShowAsHex>
4450. <Color>008000</Color>
4451. <VariableType>4 Bytes</VariableType>
4452. <Address>+2*4</Address>
4453. </CheatEntry>
4454. <CheatEntry>
4455. <ID>13214</ID>
4456. <Description>"Sherry"</Description>
4457. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4458. 00000000:Leon Scott Kennedy
4459. 00000001:Claire Redfield
4460. 00000002:Ada Wong
4461. 00000003:Sherry Birkin
4462. 00000004:HUNK
4463. 00000005:Tofu
4464. 00000006:Robert Kendo (Gun Shop Owner)
4465. 00000007:Brian Irons (Chief of Police)
4466. 00000008:Ben Bertolucci (Journalist)
4467. 00000009:Annette Birkin
4468. 0000000a:Chris Redfield
4469. 0000000D:Marvin Branagh
4470. 00000010:William Broken
4471. 00000014:Katherine Warren
4472. 0000001B:RPD Pilot
4473. 0000001D:Truck Driver
4474. 0000001E:Woman that Truck Driver hits
4475. 0000001F:Cop in Gas Station
4476. 00000020:First zombie in gas station with missing face texture
4477. 00000021:Emma Kendo
4478. 00000022:RPD Elliot with Entrails buttflap
4479. 00000024:Gas Station clerk
4480. 00000025:Officer in west hallway with cheek torn open. Broken textures
4481. 00000027:Male Generic Zombie A
4482. 00000028:G-infected Zombie torched by Annette
4483. 00000029:Some guy in a lab coat
4484. 0000002A:Unknown character
4485. </DropDownList>
4486. <ShowAsHex>1</ShowAsHex>
4487. <Color>008000</Color>
4488. <VariableType>4 Bytes</VariableType>
4489. <Address>+3*4</Address>
4490. </CheatEntry>
4491. <CheatEntry>
4492. <ID>13215</ID>
4493. <Description>"HUNK"</Description>
4494. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4495. 00000000:Leon Scott Kennedy
4496. 00000001:Claire Redfield
4497. 00000002:Ada Wong
4498. 00000003:Sherry Birkin
4499. 00000004:HUNK
4500. 00000005:Tofu
4501. 00000006:Robert Kendo (Gun Shop Owner)
4502. 00000007:Brian Irons (Chief of Police)
4503. 00000008:Ben Bertolucci (Journalist)
4504. 00000009:Annette Birkin
4505. 0000000a:Chris Redfield
4506. 0000000D:Marvin Branagh
4507. 00000010:William Broken
4508. 00000014:Katherine Warren
4509. 0000001B:RPD Pilot
4510. 0000001D:Truck Driver
4511. 0000001E:Woman that Truck Driver hits
4512. 0000001F:Cop in Gas Station
4513. 00000020:First zombie in gas station with missing face texture
4514. 00000021:Emma Kendo
4515. 00000022:RPD Elliot with Entrails buttflap
4516. 00000024:Gas Station clerk
4517. 00000025:Officer in west hallway with cheek torn open. Broken textures
4518. 00000027:Male Generic Zombie A
4519. 00000028:G-infected Zombie torched by Annette
4520. 00000029:Some guy in a lab coat
4521. 0000002A:Unknown character
4522. </DropDownList>
4523. <ShowAsHex>1</ShowAsHex>
4524. <Color>008000</Color>
4525. <VariableType>4 Bytes</VariableType>
4526. <Address>+4*4</Address>
4527. </CheatEntry>
4528. <CheatEntry>
4529. <ID>13216</ID>
4530. <Description>"Tofu"</Description>
4531. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">ffffffff:default
4532. 00000000:Leon Scott Kennedy
4533. 00000001:Claire Redfield
4534. 00000002:Ada Wong
4535. 00000003:Sherry Birkin
4536. 00000004:HUNK
4537. 00000005:Tofu
4538. 00000006:Robert Kendo (Gun Shop Owner)
4539. 00000007:Brian Irons (Chief of Police)
4540. 00000008:Ben Bertolucci (Journalist)
4541. 00000009:Annette Birkin
4542. 0000000a:Chris Redfield
4543. 0000000D:Marvin Branagh
4544. 00000010:William Broken
4545. 00000014:Katherine Warren
4546. 0000001B:RPD Pilot
4547. 0000001D:Truck Driver
4548. 0000001E:Woman that Truck Driver hits
4549. 0000001F:Cop in Gas Station
4550. 00000020:First zombie in gas station with missing face texture
4551. 00000021:Emma Kendo
4552. 00000022:RPD Elliot with Entrails buttflap
4553. 00000024:Gas Station clerk
4554. 00000025:Officer in west hallway with cheek torn open. Broken textures
4555. 00000027:Male Generic Zombie A
4556. 00000028:G-infected Zombie torched by Annette
4557. 00000029:Some guy in a lab coat
4558. 0000002A:Unknown character
4559. </DropDownList>
4560. <ShowAsHex>1</ShowAsHex>
4561. <Color>008000</Color>
4562. <VariableType>4 Bytes</VariableType>
4563. <Address>+5*4</Address>
4564. </CheatEntry>
4565. </CheatEntries>
4566. </CheatEntry>
4567. <CheatEntry>
4568. <ID>13217</ID>
4569. <Description>"[costumes]"</Description>
4570. <Options moHideChildren="1"/>
4571. <LastState Value="" RealAddress="00000000"/>
4572. <ShowAsHex>1</ShowAsHex>
4573. <Color>000080</Color>
4574. <VariableType>Array of byte</VariableType>
4575. <ByteLength>0</ByteLength>
4576. <Address>dCustomCostume</Address>
4577. <CheatEntries>
4578. <CheatEntry>
4579. <ID>13218</ID>
4580. <Description>"Leon"</Description>
4581. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">FFFFFFFF:default
4582. 00000000:Leon Casual
4583. 00000001:Leon Police (Clean)
4584. 00000002:Leon Police (Dirty)
4585. 00000003:Leon Police Injured (Clean)
4586. 00000004:Leon Police Injured (Dirty)
4587. 00000005:Leon C. Police 1
4588. 00000006:Leon C. Police 2
4589. 00000007:Leon C. Police 3
4590. 00000008:Leon C. Police Injured 1
4591. 00000009:Leon C. Police Injured 2
4592. 0000000A:Noir
4593. 0000000B:Arklay Sheriff
4594. </DropDownList>
4595. <ShowAsHex>1</ShowAsHex>
4596. <Color>008000</Color>
4597. <VariableType>4 Bytes</VariableType>
4598. <Address>+0*4</Address>
4599. </CheatEntry>
4600. <CheatEntry>
4601. <ID>13219</ID>
4602. <Description>"Claire"</Description>
4603. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">FFFFFFFF:default
4604. 00000000:Claire Jacket (Clean)
4605. 00000001:Claire Jacket (Slight Dirty)
4606. 00000002:Claire Jacket (Dirty)
4607. 00000003:Claire Tank Top (Slight Dirty)
4608. 00000004:Claire Tank Top (Dirty)
4609. 00000005:Claire C. Jacket 1
4610. 00000006:Claire C. Jacket 2
4611. 00000007:Claire C. Jacket 3
4612. 00000008:Claire C. No Jacket 1
4613. 00000009:Claire C. No Jacket 2
4614. 0000000A:Noir
4615. 0000000B:Military
4616. 0000000C:Elza Walker
4617. </DropDownList>
4618. <ShowAsHex>1</ShowAsHex>
4619. <Color>008000</Color>
4620. <VariableType>4 Bytes</VariableType>
4621. <Address>+1*4</Address>
4622. </CheatEntry>
4623. <CheatEntry>
4624. <ID>13220</ID>
4625. <Description>"Ada"</Description>
4626. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">FFFFFFFF:default
4627. 00000000:Coat
4628. 00000001:without Coat
4629. 00000002:Injured
4630. </DropDownList>
4631. <ShowAsHex>1</ShowAsHex>
4632. <Color>008000</Color>
4633. <VariableType>4 Bytes</VariableType>
4634. <Address>+2*4</Address>
4635. </CheatEntry>
4636. <CheatEntry>
4637. <ID>13221</ID>
4638. <Description>"Sherry"</Description>
4639. <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">FFFFFFFF:default
4640. </DropDownList>
4641. <ShowAsHex>1</ShowAsHex>
4642. <Color>008000</Color>
4643. <VariableType>4 Bytes</VariableType>
4644. <Address>+3*4</Address>
4645. </CheatEntry>
4646. </CheatEntries>
4647. </CheatEntry>
4648. <CheatEntry>
4649. <ID>13238</ID>
4650. <Description>"debug"</Description>
4651. <Options moHideChildren="1"/>
4652. <LastState/>
4653. <Color>FFFFFF</Color>
4654. <VariableType>Auto Assembler Script</VariableType>
4655. <AssemblerScript>[ENABLE]
4656. //code from here to '[DISABLE]' will be used to enable the cheat
4657. {aobscanmodule(charIDChk1AOB,re2.exe,48 ** ** ** ** ** ** 48 85 C0 0F 84 ** ** ** ** 48 ** ** ** 48 ** ** 0F 84 ** ** ** ** 39 ** ** 0F 85)
4658. registersymbol(charIDChk1AOB)
4659.  
4660. alloc(newmem,2048,charIDChk1AOB+1d) //"re2.exe"+D5DDD90)
4661. label(returnhere)
4662. label(originalcode_charIDChk1AOB)
4663. registersymbol(originalcode_charIDChk1AOB)
4664. label(exit)
4665.  
4666. newmem: //this is allocated memory, you have read,write,execute access
4667. //place your code here
4668. //cmp edi,4
4669. //je @f
4670. push rbx
4671. mov rbx,pCharacterInfo
4672. mov [rbx],rcx
4673. pop rbx
4674. @@:
4675. readmem(charIDChk1AOB+1d,3)
4676. reassemble(charIDChk1AOB+20)
4677. jmp exit
4678.  
4679. originalcode_charIDChk1AOB:
4680. readmem(charIDChk1AOB+1d,9)
4681. //cmp [rcx+54],edi
4682. //jne re2.exe+D5DDCA2
4683.  
4684. exit:
4685. jmp returnhere
4686.  
4687. ///
4688.  
4689. charIDChk1AOB+1d: //"re2.exe"+D5DDD90:
4690. jmp newmem
4691. nop
4692. nop
4693. nop
4694. nop
4695. returnhere:}
4696.  
4697.  
4698.  
4699.  
4700. [DISABLE]
4701. //code from here till the end of the code will be used to disable the cheat
4702. {dealloc(newmem)
4703. charIDChk1AOB+1d: //"re2.exe"+D5DDD90:
4704. readmem(originalcode_charIDChk1AOB,9)
4705. //db 39 79 54 0F 85 09 FF FF FF
4706. //Alt: cmp [rcx+54],edi
4707. //Alt: jne re2.exe+D5DDCA2
4708. unregistersymbol(originalcode_charIDChk1AOB)}
4709. </AssemblerScript>
4710. <CheatEntries>
4711. <CheatEntry>
4712. <ID>13236</ID>
4713. <Description>""</Description>
4714. <Options moHideChildren="1"/>
4715. <LastState Value="" RealAddress="00000000"/>
4716. <Color>FFFFFF</Color>
4717. <VariableType>Array of byte</VariableType>
4718. <ByteLength>0</ByteLength>
4719. <Address>pCharacterInfo</Address>
4720. <Offsets>
4721. <Offset>0</Offset>
4722. </Offsets>
4723. <CheatEntries>
4724. <CheatEntry>
4725. <ID>13237</ID>
4726. <Description>"char ID"</Description>
4727. <DropDownList DisplayValueAsItem="1">0000:Leon Scott Kennedy
4728. 0001:Claire Redfield
4729. 0002:Ada Wong
4730. 0003:Sherry Birkin
4731. 0004:HUNK
4732. 0005:Tofu
4733. 0006:Robert Kendo (Gun Shop Owner)
4734. 0007:Brian Irons (Chief of Police)
4735. 0008:Ben Bertolucci (Journalist)
4736. 0009:Annette Birkin
4737. 000a:Chris Redfield
4738. 000D:Marvin Branagh
4739. 0010:William Broken
4740. 0014:Katherine Warren
4741. 001B:RPD Pilot from crashed helicopter
4742. 001D:Truck Driver
4743. 001E:Woman that Truck Driver hits
4744. 001F:Cop in Gas Station
4745. 0020:First zombie in gas station with missing face texture
4746. 0021:Emma Kendo (With weird skeleton. Because of Leon base?)
4747. 0022:RPD Elliot with Entrails buttflap
4748. 0024:Gas Station clerk
4749. 0025:Officer in west hallway with cheek torn open. Broken textures
4750. 0027:Male Generic Zombie A
4751. 0028:G-infected Zombie torched by Annette
4752. 0029:Some guy in a lab coat
4753. 002A:Unknown character
4754. </DropDownList>
4755. <ShowAsHex>1</ShowAsHex>
4756. <Color>808080</Color>
4757. <VariableType>2 Bytes</VariableType>
4758. <Address>+54</Address>
4759. </CheatEntry>
4760. </CheatEntries>
4761. </CheatEntry>
4762. <CheatEntry>
4763. <ID>13450</ID>
4764. <Description>""</Description>
4765. <LastState Value="" RealAddress="00000000"/>
4766. <Color>FFFFFF</Color>
4767. <VariableType>Array of byte</VariableType>
4768. <ByteLength>0</ByteLength>
4769. <Address>pCurrentCharacter</Address>
4770. <Offsets>
4771. <Offset>0</Offset>
4772. </Offsets>
4773. <CheatEntries>
4774. <CheatEntry>
4775. <ID>13451</ID>
4776. <Description>""</Description>
4777. <Color>FFFFFF</Color>
4778. <VariableType>Byte</VariableType>
4779. <Address>+54</Address>
4780. </CheatEntry>
4781. </CheatEntries>
4782. </CheatEntry>
4783. <CheatEntry>
4784. <ID>13452</ID>
4785. <Description>""</Description>
4786. <Color>FFFFFF</Color>
4787. <VariableType>Byte</VariableType>
4788. <Address>dCurrentCharacter</Address>
4789. </CheatEntry>
4790. </CheatEntries>
4791. </CheatEntry>
4792. </CheatEntries>
4793. </CheatEntry>
4794. <CheatEntry>
4795. <ID>13134</ID>
4796. <Description>"save count (edited) (cjbok)"</Description>
4797. <Options moHideChildren="1"/>
4798. <LastState/>
4799. <Color>FF0000</Color>
4800. <VariableType>Auto Assembler Script</VariableType>
4801. <AssemblerScript>[ENABLE]
4802. aobscanmodule(SaveCountAOB,re2.exe,01 89 41 24 48 8B 43 50) // should be unique
4803.  
4804. label(dCustSaveCount)
4805. registersymbol(dCustSaveCount)
4806.  
4807. alloc(SaveCountMem,$1000,"re2.exe"+ADE1B7E)
4808. registersymbol(SaveCountAOB)
4809.  
4810. label(return)
4811.  
4812. SaveCountMem:
4813. mov rax,dCustSaveCount
4814. mov eax,[rax]
4815. mov [rcx+24],eax
4816. mov rax,[rbx+50]
4817. jmp return
4818.  
4819. ///
4820. dCustSaveCount:
4821. dd #3
4822. ///
4823.  
4824. SaveCountAOB+01:
4825. jmp SaveCountMem
4826. nop
4827. nop
4828. return:
4829.  
4830.  
4831. [DISABLE]
4832. SaveCountAOB+01:
4833. //mov [rcx+24],eax
4834. //mov rax,[rbx+50]
4835. db 89 41 24 48 8B 43 50
4836.  
4837. unregistersymbol(SaveCountAOB)
4838. dealloc(SaveCountMem)
4839.  
4840. unregistersymbol(dCustSaveCount)
4841. </AssemblerScript>
4842. <CheatEntries>
4843. <CheatEntry>
4844. <ID>13572</ID>
4845. <Description>"#"</Description>
4846. <Color>008000</Color>
4847. <VariableType>4 Bytes</VariableType>
4848. <Address>dCustSaveCount</Address>
4849. </CheatEntry>
4850. </CheatEntries>
4851. </CheatEntry>
4852. <CheatEntry>
4853. <ID>13050</ID>
4854. <Description>"max pouch slots (cjbok)"</Description>
4855. <LastState Activated="1"/>
4856. <Color>FF0000</Color>
4857. <VariableType>Auto Assembler Script</VariableType>
4858. <AssemblerScript>[ENABLE]
4859.  
4860. aobscanmodule(PouchSlotCountAOB,re2.exe,F5 45 31 ED EB 07 44 8B A8 90 00 00 00) // should be unique
4861. alloc(PouchSlotCountMem,$1000,"re2.exe"+C715653)
4862. registersymbol(PouchSlotCountAOB)
4863.  
4864. label(PouchSlotCountRet)
4865.  
4866. PouchSlotCountMem:
4867. mov [rax+00000090],#20
4868. mov r13d,[rax+00000090]
4869. jmp PouchSlotCountRet
4870.  
4871. PouchSlotCountAOB+06:
4872. jmp PouchSlotCountMem
4873. nop
4874. nop
4875. PouchSlotCountRet:
4876.  
4877.  
4878. [DISABLE]
4879. PouchSlotCountAOB+06:
4880. //mov r13d,[rax+00000090]
4881. db 44 8B A8 90 00 00 00
4882.  
4883. unregistersymbol(PouchSlotCountAOB)
4884. dealloc(PouchSlotCountMem)
4885. </AssemblerScript>
4886. </CheatEntry>
4887. <CheatEntry>
4888. <ID>13135</ID>
4889. <Description>"Game Time (cjbok)"</Description>
4890. <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
4891. <LastState/>
4892. <Color>FF0000</Color>
4893. <VariableType>Auto Assembler Script</VariableType>
4894. <AssemblerScript>[ENABLE]
4895. aobscanmodule(GameTimeAOB,re2.exe,48 8B 43 50 4C 39 70 18 0F 85 78 02 00 00 48 8B 4F)
4896. alloc(GameTimeMem,512,"re2.exe"+AD9D8CE)
4897. registersymbol(GameTimeAOB)
4898.  
4899. label(calculate)
4900. label(GameTimeRet)
4901.  
4902. label(pTime)
4903. label(bSetGameTime)
4904. label(iSetTime)
4905. label(fCurTime)
4906.  
4907. registersymbol(pTime)
4908. registersymbol(bSetGameTime)
4909. registersymbol(iSetTime)
4910. registersymbol(fCurTime)
4911.  
4912. GameTimeMem:
4913.  
4914. mov [pTime],rax // Game Time Timer Pointer
4915.  
4916. cmp [bSetGameTime],1
4917. jne calculate
4918.  
4919. push rax
4920. mov rax,[iSetTime]
4921. mov rdx,0
4922. mov rcx,#60000000
4923. mul rcx
4924. mov rdx,rax
4925. pop rax
4926.  
4927. mov [rax+18],rdx
4928. mov [rax+20],0
4929. mov [rax+30],0
4930. mov rbp,0
4931.  
4932. // Formula:
4933. // (Current Time - Start Time - Pause Time) / 1.000.000 = Game Time in seconds
4934. calculate:
4935. push rdx
4936. push rcx
4937. mov rdx,[rax+18] // Current Time
4938. sub rdx,[rax+20] // Start Time
4939. sub rdx,[rax+30] // Pause Time
4940. mov rax,rdx
4941. mov rdx,0
4942. mov rcx,#1000000
4943. div rcx
4944. mov [fCurTime],rax
4945.  
4946. pop rcx
4947. pop rdx
4948. mov rax,[rbx+50]
4949. cmp [rax+18],r14
4950. jmp GameTimeRet
4951.  
4952.  
4953. pTime:
4954. dq 0
4955. bSetGameTime:
4956. dq 0
4957. iSetTime:
4958. dq #60
4959. fCurTime:
4960. dq 0
4961.  
4962. GameTimeAOB:
4963. jmp GameTimeMem
4964. nop
4965. nop
4966. nop
4967. GameTimeRet:
4968.  
4969.  
4970. [DISABLE]
4971.  
4972. GameTimeAOB:
4973. //mov rax,[rbx+50]
4974. //cmp [rax+18],r14
4975. db 48 8B 43 50 4C 39 70 18
4976.  
4977. unregistersymbol(pTime)
4978. unregistersymbol(bSetGameTime)
4979. unregistersymbol(iSetTime)
4980. unregistersymbol(fCurTime)
4981.  
4982. unregistersymbol(GameTimeAOB)
4983. dealloc(GameTimeMem)
4984. </AssemblerScript>
4985. <CheatEntries>
4986. <CheatEntry>
4987. <ID>13072</ID>
4988. <Description>"Set Game Time"</Description>
4989. <Options moHideChildren="1"/>
4990. <LastState/>
4991. <Color>FF0000</Color>
4992. <VariableType>Auto Assembler Script</VariableType>
4993. <AssemblerScript>[ENABLE]
4994. bSetGameTime:
4995. dq 1
4996.  
4997. [DISABLE]
4998. bSetGameTime:
4999. dq 0
5000. </AssemblerScript>
5001. <CheatEntries>
5002. <CheatEntry>
5003. <ID>13073</ID>
5004. <Description>"Time In Minutes"</Description>
5005. <VariableType>4 Bytes</VariableType>
5006. <Address>iSetTime</Address>
5007. </CheatEntry>
5008. </CheatEntries>
5009. </CheatEntry>
5010. <CheatEntry>
5011. <ID>13136</ID>
5012. <Description>"Current Time"</Description>
5013. <Color>808080</Color>
5014. <VariableType>8 Bytes</VariableType>
5015. <Address>pTime</Address>
5016. <Offsets>
5017. <Offset>18</Offset>
5018. </Offsets>
5019. </CheatEntry>
5020. <CheatEntry>
5021. <ID>13137</ID>
5022. <Description>"Start Time"</Description>
5023. <Color>808080</Color>
5024. <VariableType>8 Bytes</VariableType>
5025. <Address>pTime</Address>
5026. <Offsets>
5027. <Offset>20</Offset>
5028. </Offsets>
5029. </CheatEntry>
5030. <CheatEntry>
5031. <ID>13138</ID>
5032. <Description>"Pause Time"</Description>
5033. <Color>808080</Color>
5034. <VariableType>8 Bytes</VariableType>
5035. <Address>pTime</Address>
5036. <Offsets>
5037. <Offset>30</Offset>
5038. </Offsets>
5039. </CheatEntry>
5040. <CheatEntry>
5041. <ID>13071</ID>
5042. <Description>"Game Time (seconds)"</Description>
5043. <Color>808080</Color>
5044. <VariableType>8 Bytes</VariableType>
5045. <Address>fCurTime</Address>
5046. </CheatEntry>
5047. </CheatEntries>
5048. </CheatEntry>
5049. <CheatEntry>
5050. <ID>13022</ID>
5051. <Description>""</Description>
5052. <Options moHideChildren="1"/>
5053. <LastState Value="" RealAddress="00000000"/>
5054. <GroupHeader>1</GroupHeader>
5055. <CheatEntries>
5056. <CheatEntry>
5057. <ID>13014</ID>
5058. <Description>"health"</Description>
5059. <LastState Value="650" RealAddress="1556B9C8"/>
5060. <Color>0000FF</Color>
5061. <VariableType>4 Bytes</VariableType>
5062. <Address>pPlayer</Address>
5063. <Offsets>
5064. <Offset>58</Offset>
5065. </Offsets>
5066. <Hotkeys>
5067. <Hotkey>
5068. <Action>Set Value</Action>
5069. <Keys>
5070. <Key>18</Key>
5071. <Key>4</Key>
5072. </Keys>
5073. <Value>(health max)</Value>
5074. <ID>0</ID>
5075. </Hotkey>
5076. </Hotkeys>
5077. <CheatEntries>
5078. <CheatEntry>
5079. <ID>13015</ID>
5080. <Description>"health max"</Description>
5081. <LastState Value="1200" RealAddress="1556B9C4"/>
5082. <Color>0000FF</Color>
5083. <VariableType>4 Bytes</VariableType>
5084. <Address>-4</Address>
5085. </CheatEntry>
5086. <CheatEntry>
5087. <ID>13058</ID>
5088. <Description>"god (auto reset)"</Description>
5089. <LastState Value="0" RealAddress="1556B9CC"/>
5090. <Color>0000FF</Color>
5091. <VariableType>Byte</VariableType>
5092. <Address>+4</Address>
5093. </CheatEntry>
5094. <CheatEntry>
5095. <ID>13059</ID>
5096. <Description>"god"</Description>
5097. <LastState Value="0" RealAddress="1556B9CD"/>
5098. <Color>0000FF</Color>
5099. <VariableType>Byte</VariableType>
5100. <Address>+5</Address>
5101. </CheatEntry>
5102. </CheatEntries>
5103. </CheatEntry>
5104. <CheatEntry>
5105. <ID>13016</ID>
5106. <Description>"current clip"</Description>
5107. <LastState Value="15" RealAddress="153AB330"/>
5108. <Color>8080FF</Color>
5109. <VariableType>4 Bytes</VariableType>
5110. <Address>pAmmo</Address>
5111. <Offsets>
5112. <Offset>20</Offset>
5113. </Offsets>
5114. <CheatEntries>
5115. <CheatEntry>
5116. <ID>13017</ID>
5117. <Description>"clip max"</Description>
5118. <LastState Value="15" RealAddress="156A100DD"/>
5119. <Color>808080</Color>
5120. <VariableType>4 Bytes</VariableType>
5121. <Address>dAmmoClipMax</Address>
5122. </CheatEntry>
5123. <CheatEntry>
5124. <ID>13018</ID>
5125. <Description>""</Description>
5126. <LastState Value="1" RealAddress="156A100D5"/>
5127. <Color>808080</Color>
5128. <VariableType>Byte</VariableType>
5129. <Address>pAmmo+8</Address>
5130. </CheatEntry>
5131. </CheatEntries>
5132. </CheatEntry>
5133. <CheatEntry>
5134. <ID>13498</ID>
5135. <Description>"x +-"</Description>
5136. <LastState Value="-12.20088291" RealAddress="1536B150"/>
5137. <Color>0000FF</Color>
5138. <VariableType>Float</VariableType>
5139. <Address>pPlayerBase</Address>
5140. <Offsets>
5141. <Offset>30</Offset>
5142. <Offset>18</Offset>
5143. <Offset>10</Offset>
5144. </Offsets>
5145. </CheatEntry>
5146. <CheatEntry>
5147. <ID>13499</ID>
5148. <Description>"z +-"</Description>
5149. <LastState Value="2.980232239E-8" RealAddress="1536B154"/>
5150. <Color>0000FF</Color>
5151. <VariableType>Float</VariableType>
5152. <Address>pPlayerBase</Address>
5153. <Offsets>
5154. <Offset>34</Offset>
5155. <Offset>18</Offset>
5156. <Offset>10</Offset>
5157. </Offsets>
5158. </CheatEntry>
5159. <CheatEntry>
5160. <ID>13500</ID>
5161. <Description>"y -+"</Description>
5162. <LastState Value="-15.85340023" RealAddress="1536B158"/>
5163. <Color>0000FF</Color>
5164. <VariableType>Float</VariableType>
5165. <Address>pPlayerBase</Address>
5166. <Offsets>
5167. <Offset>38</Offset>
5168. <Offset>18</Offset>
5169. <Offset>10</Offset>
5170. </Offsets>
5171. </CheatEntry>
5172. </CheatEntries>
5173. </CheatEntry>
5174. </CheatEntries>
5175. </CheatEntry>
5176. </CheatEntries>
5177. <CheatCodes>
5178. <CodeEntry>
5179. <Description>Code :mov esi,[rcx+20]</Description>
5180. <AddressString>re2.exe+FFCD9CD</AddressString>
5181. <Before>
5182. <Byte>48</Byte>
5183. <Byte>85</Byte>
5184. <Byte>C9</Byte>
5185. <Byte>74</Byte>
5186. <Byte>05</Byte>
5187. </Before>
5188. <Actual>
5189. <Byte>8B</Byte>
5190. <Byte>71</Byte>
5191. <Byte>20</Byte>
5192. </Actual>
5193. <After>
5194. <Byte>EB</Byte>
5195. <Byte>02</Byte>
5196. <Byte>89</Byte>
5197. <Byte>FE</Byte>
5198. <Byte>4D</Byte>
5199. </After>
5200. </CodeEntry>
5201. <CodeEntry>
5202. <Description>Code :mov eax,[rcx+20]</Description>
5203. <AddressString>re2.exe+FFDEEF0</AddressString>
5204. <Before>
5205. <Byte>48</Byte>
5206. <Byte>85</Byte>
5207. <Byte>C9</Byte>
5208. <Byte>74</Byte>
5209. <Byte>05</Byte>
5210. </Before>
5211. <Actual>
5212. <Byte>8B</Byte>
5213. <Byte>41</Byte>
5214. <Byte>20</Byte>
5215. </Actual>
5216. <After>
5217. <Byte>EB</Byte>
5218. <Byte>02</Byte>
5219. <Byte>89</Byte>
5220. <Byte>F8</Byte>
5221. <Byte>4D</Byte>
5222. </After>
5223. </CodeEntry>
5224. <CodeEntry>
5225. <Description>Code :mov ecx,[rdx+20]</Description>
5226. <AddressString>re2.exe+FFDEF61</AddressString>
5227. <Before>
5228. <Byte>48</Byte>
5229. <Byte>85</Byte>
5230. <Byte>D2</Byte>
5231. <Byte>74</Byte>
5232. <Byte>05</Byte>
5233. </Before>
5234. <Actual>
5235. <Byte>8B</Byte>
5236. <Byte>4A</Byte>
5237. <Byte>20</Byte>
5238. </Actual>
5239. <After>
5240. <Byte>EB</Byte>
5241. <Byte>02</Byte>
5242. <Byte>89</Byte>
5243. <Byte>F9</Byte>
5244. <Byte>48</Byte>
5245. </After>
5246. </CodeEntry>
5247. <CodeEntry>
5248. <Description>Code :mov [rsp+10],rbx</Description>
5249. <AddressString>re2.exe+F4D91C0</AddressString>
5250. <Before>
5251. <Byte>00</Byte>
5252. <Byte>00</Byte>
5253. <Byte>00</Byte>
5254. <Byte>00</Byte>
5255. <Byte>00</Byte>
5256. </Before>
5257. <Actual>
5258. <Byte>48</Byte>
5259. <Byte>89</Byte>
5260. <Byte>5C</Byte>
5261. <Byte>24</Byte>
5262. <Byte>10</Byte>
5263. </Actual>
5264. <After>
5265. <Byte>57</Byte>
5266. <Byte>48</Byte>
5267. <Byte>83</Byte>
5268. <Byte>EC</Byte>
5269. <Byte>40</Byte>
5270. </After>
5271. </CodeEntry>
5272. <CodeEntry>
5273. <Description>Code :mov [rsp+20],rbx</Description>
5274. <AddressString>re2.exe+FFCD760</AddressString>
5275. <Before>
5276. <Byte>0F</Byte>
5277. <Byte>1F</Byte>
5278. <Byte>44</Byte>
5279. <Byte>00</Byte>
5280. <Byte>00</Byte>
5281. </Before>
5282. <Actual>
5283. <Byte>48</Byte>
5284. <Byte>89</Byte>
5285. <Byte>5C</Byte>
5286. <Byte>24</Byte>
5287. <Byte>20</Byte>
5288. </Actual>
5289. <After>
5290. <Byte>57</Byte>
5291. <Byte>41</Byte>
5292. <Byte>56</Byte>
5293. <Byte>41</Byte>
5294. <Byte>57</Byte>
5295. </After>
5296. </CodeEntry>
5297. <CodeEntry>
5298. <Description>Code :mov eax,[rcx+20]</Description>
5299. <AddressString>re2.exe+D984BA5</AddressString>
5300. <Before>
5301. <Byte>48</Byte>
5302. <Byte>85</Byte>
5303. <Byte>C9</Byte>
5304. <Byte>74</Byte>
5305. <Byte>05</Byte>
5306. </Before>
5307. <Actual>
5308. <Byte>8B</Byte>
5309. <Byte>41</Byte>
5310. <Byte>20</Byte>
5311. </Actual>
5312. <After>
5313. <Byte>EB</Byte>
5314. <Byte>02</Byte>
5315. <Byte>31</Byte>
5316. <Byte>C0</Byte>
5317. <Byte>48</Byte>
5318. </After>
5319. </CodeEntry>
5320. <CodeEntry>
5321. <Description>Code :mov r8d,esi</Description>
5322. <AddressString>re2.exe+F8F8710</AddressString>
5323. <Before>
5324. <Byte>E9</Byte>
5325. <Byte>C0</Byte>
5326. <Byte>17</Byte>
5327. <Byte>4A</Byte>
5328. <Byte>F2</Byte>
5329. </Before>
5330. <Actual>
5331. <Byte>41</Byte>
5332. <Byte>89</Byte>
5333. <Byte>F0</Byte>
5334. </Actual>
5335. <After>
5336. <Byte>48</Byte>
5337. <Byte>89</Byte>
5338. <Byte>C2</Byte>
5339. <Byte>E8</Byte>
5340. <Byte>C5</Byte>
5341. </After>
5342. </CodeEntry>
5343. <CodeEntry>
5344. <Description>Code :mov [rsi+10],r14d</Description>
5345. <AddressString>re2.exe+C94AF58</AddressString>
5346. <Before>
5347. <Byte>78</Byte>
5348. <Byte>18</Byte>
5349. <Byte>00</Byte>
5350. <Byte>75</Byte>
5351. <Byte>1F</Byte>
5352. </Before>
5353. <Actual>
5354. <Byte>44</Byte>
5355. <Byte>89</Byte>
5356. <Byte>76</Byte>
5357. <Byte>10</Byte>
5358. </Actual>
5359. <After>
5360. <Byte>48</Byte>
5361. <Byte>8B</Byte>
5362. <Byte>45</Byte>
5363. <Byte>50</Byte>
5364. <Byte>48</Byte>
5365. </After>
5366. </CodeEntry>
5367. <CodeEntry>
5368. <Description>Code :mov [rbp+00000098],r14d</Description>
5369. <AddressString>re2.exe+3CC50BB</AddressString>
5370. <Before>
5371. <Byte>B5</Byte>
5372. <Byte>90</Byte>
5373. <Byte>00</Byte>
5374. <Byte>00</Byte>
5375. <Byte>00</Byte>
5376. </Before>
5377. <Actual>
5378. <Byte>44</Byte>
5379. <Byte>89</Byte>
5380. <Byte>B5</Byte>
5381. <Byte>98</Byte>
5382. <Byte>00</Byte>
5383. <Byte>00</Byte>
5384. <Byte>00</Byte>
5385. </Actual>
5386. <After>
5387. <Byte>88</Byte>
5388. <Byte>8D</Byte>
5389. <Byte>A0</Byte>
5390. <Byte>00</Byte>
5391. <Byte>00</Byte>
5392. </After>
5393. </CodeEntry>
5394. <CodeEntry>
5395. <Description>Code :mov [rbp+000000A8],r8d</Description>
5396. <AddressString>re2.exe+3CC45C4</AddressString>
5397. <Before>
5398. <Byte>85</Byte>
5399. <Byte>A0</Byte>
5400. <Byte>00</Byte>
5401. <Byte>00</Byte>
5402. <Byte>00</Byte>
5403. </Before>
5404. <Actual>
5405. <Byte>44</Byte>
5406. <Byte>89</Byte>
5407. <Byte>85</Byte>
5408. <Byte>A8</Byte>
5409. <Byte>00</Byte>
5410. <Byte>00</Byte>
5411. <Byte>00</Byte>
5412. </Actual>
5413. <After>
5414. <Byte>88</Byte>
5415. <Byte>95</Byte>
5416. <Byte>B0</Byte>
5417. <Byte>00</Byte>
5418. <Byte>00</Byte>
5419. </After>
5420. </CodeEntry>
5421. <CodeEntry>
5422. <Description>Code :mov [rbp+00000098],r8d</Description>
5423. <AddressString>re2.exe+3C42C04</AddressString>
5424. <Before>
5425. <Byte>85</Byte>
5426. <Byte>90</Byte>
5427. <Byte>00</Byte>
5428. <Byte>00</Byte>
5429. <Byte>00</Byte>
5430. </Before>
5431. <Actual>
5432. <Byte>44</Byte>
5433. <Byte>89</Byte>
5434. <Byte>85</Byte>
5435. <Byte>98</Byte>
5436. <Byte>00</Byte>
5437. <Byte>00</Byte>
5438. <Byte>00</Byte>
5439. </Actual>
5440. <After>
5441. <Byte>88</Byte>
5442. <Byte>8D</Byte>
5443. <Byte>A0</Byte>
5444. <Byte>00</Byte>
5445. <Byte>00</Byte>
5446. </After>
5447. </CodeEntry>
5448. <CodeEntry>
5449. <Description>Code :mov rcx,[rdi+58]</Description>
5450. <AddressString>re2.exe+D6B723E</AddressString>
5451. <Before>
5452. <Byte>84</Byte>
5453. <Byte>03</Byte>
5454. <Byte>FF</Byte>
5455. <Byte>FF</Byte>
5456. <Byte>FF</Byte>
5457. </Before>
5458. <Actual>
5459. <Byte>48</Byte>
5460. <Byte>8B</Byte>
5461. <Byte>4F</Byte>
5462. <Byte>58</Byte>
5463. </Actual>
5464. <After>
5465. <Byte>48</Byte>
5466. <Byte>85</Byte>
5467. <Byte>C9</Byte>
5468. <Byte>75</Byte>
5469. <Byte>12</Byte>
5470. </After>
5471. </CodeEntry>
5472. <CodeEntry>
5473. <Description>Code :mov ebx,[rcx+20]</Description>
5474. <AddressString>re2.exe+10046882</AddressString>
5475. <Before>
5476. <Byte>48</Byte>
5477. <Byte>85</Byte>
5478. <Byte>C9</Byte>
5479. <Byte>74</Byte>
5480. <Byte>03</Byte>
5481. </Before>
5482. <Actual>
5483. <Byte>8B</Byte>
5484. <Byte>59</Byte>
5485. <Byte>20</Byte>
5486. </Actual>
5487. <After>
5488. <Byte>89</Byte>
5489. <Byte>D8</Byte>
5490. <Byte>48</Byte>
5491. <Byte>8B</Byte>
5492. <Byte>5C</Byte>
5493. </After>
5494. </CodeEntry>
5495. <CodeEntry>
5496. <Description>Code :mov esi,[rcx+20]</Description>
5497. <AddressString>re2.exe+10047153</AddressString>
5498. <Before>
5499. <Byte>48</Byte>
5500. <Byte>85</Byte>
5501. <Byte>C9</Byte>
5502. <Byte>74</Byte>
5503. <Byte>05</Byte>
5504. </Before>
5505. <Actual>
5506. <Byte>8B</Byte>
5507. <Byte>71</Byte>
5508. <Byte>20</Byte>
5509. </Actual>
5510. <After>
5511. <Byte>EB</Byte>
5512. <Byte>02</Byte>
5513. <Byte>89</Byte>
5514. <Byte>DE</Byte>
5515. <Byte>48</Byte>
5516. </After>
5517. </CodeEntry>
5518. <CodeEntry>
5519. <Description>Code :mov esi,[rcx+20]</Description>
5520. <AddressString>re2.exe+1004705D</AddressString>
5521. <Before>
5522. <Byte>48</Byte>
5523. <Byte>85</Byte>
5524. <Byte>C9</Byte>
5525. <Byte>74</Byte>
5526. <Byte>05</Byte>
5527. </Before>
5528. <Actual>
5529. <Byte>8B</Byte>
5530. <Byte>71</Byte>
5531. <Byte>20</Byte>
5532. </Actual>
5533. <After>
5534. <Byte>EB</Byte>
5535. <Byte>02</Byte>
5536. <Byte>89</Byte>
5537. <Byte>DE</Byte>
5538. <Byte>48</Byte>
5539. </After>
5540. </CodeEntry>
5541. <CodeEntry>
5542. <Description>Code :mov rsi,[rcx+18]</Description>
5543. <AddressString>re2.exe+A8D5D6B</AddressString>
5544. <Before>
5545. <Byte>48</Byte>
5546. <Byte>85</Byte>
5547. <Byte>C9</Byte>
5548. <Byte>74</Byte>
5549. <Byte>04</Byte>
5550. </Before>
5551. <Actual>
5552. <Byte>48</Byte>
5553. <Byte>8B</Byte>
5554. <Byte>71</Byte>
5555. <Byte>18</Byte>
5556. </Actual>
5557. <After>
5558. <Byte>48</Byte>
5559. <Byte>89</Byte>
5560. <Byte>F0</Byte>
5561. <Byte>E9</Byte>
5562. <Byte>77</Byte>
5563. </After>
5564. </CodeEntry>
5565. <CodeEntry>
5566. <Description>Code :mov edx,[rcx+10]</Description>
5567. <AddressString>re2.exe+1005AB98</AddressString>
5568. <Before>
5569. <Byte>48</Byte>
5570. <Byte>85</Byte>
5571. <Byte>C9</Byte>
5572. <Byte>74</Byte>
5573. <Byte>05</Byte>
5574. </Before>
5575. <Actual>
5576. <Byte>8B</Byte>
5577. <Byte>51</Byte>
5578. <Byte>10</Byte>
5579. </Actual>
5580. <After>
5581. <Byte>EB</Byte>
5582. <Byte>02</Byte>
5583. <Byte>89</Byte>
5584. <Byte>F2</Byte>
5585. <Byte>39</Byte>
5586. </After>
5587. </CodeEntry>
5588. <CodeEntry>
5589. <Description>Code :mov ebp,[rax+10]</Description>
5590. <AddressString>re2.exe+A92B69B</AddressString>
5591. <Before>
5592. <Byte>48</Byte>
5593. <Byte>85</Byte>
5594. <Byte>C0</Byte>
5595. <Byte>74</Byte>
5596. <Byte>03</Byte>
5597. </Before>
5598. <Actual>
5599. <Byte>8B</Byte>
5600. <Byte>68</Byte>
5601. <Byte>10</Byte>
5602. </Actual>
5603. <After>
5604. <Byte>48</Byte>
5605. <Byte>8B</Byte>
5606. <Byte>43</Byte>
5607. <Byte>50</Byte>
5608. <Byte>48</Byte>
5609. </After>
5610. </CodeEntry>
5611. <CodeEntry>
5612. <Description>Code :movss [rdi+30],xmm2</Description>
5613. <AddressString>re2.exe+2104505</AddressString>
5614. <Before>
5615. <Byte>41</Byte>
5616. <Byte>0F</Byte>
5617. <Byte>58</Byte>
5618. <Byte>46</Byte>
5619. <Byte>08</Byte>
5620. </Before>
5621. <Actual>
5622. <Byte>F3</Byte>
5623. <Byte>0F</Byte>
5624. <Byte>11</Byte>
5625. <Byte>57</Byte>
5626. <Byte>30</Byte>
5627. </Actual>
5628. <After>
5629. <Byte>F3</Byte>
5630. <Byte>0F</Byte>
5631. <Byte>11</Byte>
5632. <Byte>4F</Byte>
5633. <Byte>34</Byte>
5634. </After>
5635. </CodeEntry>
5636. <CodeEntry>
5637. <Description>Code :mov [rsp+28],al</Description>
5638. <AddressString>re2.exe+EE8A8FF</AddressString>
5639. <Before>
5640. <Byte>00</Byte>
5641. <Byte>00</Byte>
5642. <Byte>0F</Byte>
5643. <Byte>98</Byte>
5644. <Byte>D0</Byte>
5645. </Before>
5646. <Actual>
5647. <Byte>88</Byte>
5648. <Byte>44</Byte>
5649. <Byte>24</Byte>
5650. <Byte>28</Byte>
5651. </Actual>
5652. <After>
5653. <Byte>C6</Byte>
5654. <Byte>44</Byte>
5655. <Byte>24</Byte>
5656. <Byte>20</Byte>
5657. <Byte>01</Byte>
5658. </After>
5659. </CodeEntry>
5660. <CodeEntry>
5661. <Description>Code :mov rcx,[rbx+50]</Description>
5662. <AddressString>re2.exe+985FFB1</AddressString>
5663. <Before>
5664. <Byte>E8</Byte>
5665. <Byte>3F</Byte>
5666. <Byte>42</Byte>
5667. <Byte>96</Byte>
5668. <Byte>F7</Byte>
5669. </Before>
5670. <Actual>
5671. <Byte>48</Byte>
5672. <Byte>8B</Byte>
5673. <Byte>4B</Byte>
5674. <Byte>50</Byte>
5675. </Actual>
5676. <After>
5677. <Byte>31</Byte>
5678. <Byte>D2</Byte>
5679. <Byte>48</Byte>
5680. <Byte>8B</Byte>
5681. <Byte>5C</Byte>
5682. </After>
5683. </CodeEntry>
5684. <CodeEntry>
5685. <Description>Code :mov rdx,rax</Description>
5686. <AddressString>re2.exe+BFCEECA</AddressString>
5687. <Before>
5688. <Byte>48</Byte>
5689. <Byte>85</Byte>
5690. <Byte>C0</Byte>
5691. <Byte>74</Byte>
5692. <Byte>69</Byte>
5693. </Before>
5694. <Actual>
5695. <Byte>48</Byte>
5696. <Byte>89</Byte>
5697. <Byte>C2</Byte>
5698. </Actual>
5699. <After>
5700. <Byte>E8</Byte>
5701. <Byte>5E</Byte>
5702. <Byte>5C</Byte>
5703. <Byte>1F</Byte>
5704. <Byte>F5</Byte>
5705. </After>
5706. </CodeEntry>
5707. <CodeEntry>
5708. <Description>Code :mov rax,[rbx+50]</Description>
5709. <AddressString>re2.exe+CBA0721</AddressString>
5710. <Before>
5711. <Byte>87</Byte>
5712. <Byte>F8</Byte>
5713. <Byte>00</Byte>
5714. <Byte>00</Byte>
5715. <Byte>00</Byte>
5716. </Before>
5717. <Actual>
5718. <Byte>48</Byte>
5719. <Byte>8B</Byte>
5720. <Byte>43</Byte>
5721. <Byte>50</Byte>
5722. </Actual>
5723. <After>
5724. <Byte>48</Byte>
5725. <Byte>8B</Byte>
5726. <Byte>48</Byte>
5727. <Byte>18</Byte>
5728. <Byte>48</Byte>
5729. </After>
5730. </CodeEntry>
5731. <CodeEntry>
5732. <Description>Code :mov r8d,00000002</Description>
5733. <AddressString>re2.exe+CBA0609</AddressString>
5734. <Before>
5735. <Byte>84</Byte>
5736. <Byte>41</Byte>
5737. <Byte>01</Byte>
5738. <Byte>00</Byte>
5739. <Byte>00</Byte>
5740. </Before>
5741. <Actual>
5742. <Byte>41</Byte>
5743. <Byte>B8</Byte>
5744. <Byte>02</Byte>
5745. <Byte>00</Byte>
5746. <Byte>00</Byte>
5747. <Byte>00</Byte>
5748. </Actual>
5749. <After>
5750. <Byte>48</Byte>
5751. <Byte>89</Byte>
5752. <Byte>C2</Byte>
5753. <Byte>E8</Byte>
5754. <Byte>49</Byte>
5755. </After>
5756. </CodeEntry>
5757. <CodeEntry>
5758. <Description>Code :mov r8d,00000001</Description>
5759. <AddressString>re2.exe+CBA059F</AddressString>
5760. <Before>
5761. <Byte>84</Byte>
5762. <Byte>AB</Byte>
5763. <Byte>01</Byte>
5764. <Byte>00</Byte>
5765. <Byte>00</Byte>
5766. </Before>
5767. <Actual>
5768. <Byte>41</Byte>
5769. <Byte>B8</Byte>
5770. <Byte>01</Byte>
5771. <Byte>00</Byte>
5772. <Byte>00</Byte>
5773. <Byte>00</Byte>
5774. </Actual>
5775. <After>
5776. <Byte>48</Byte>
5777. <Byte>89</Byte>
5778. <Byte>C2</Byte>
5779. <Byte>E8</Byte>
5780. <Byte>B3</Byte>
5781. </After>
5782. </CodeEntry>
5783. <CodeEntry>
5784. <Description>Code :mov r8d,00000003</Description>
5785. <AddressString>re2.exe+CBA05D4</AddressString>
5786. <Before>
5787. <Byte>84</Byte>
5788. <Byte>76</Byte>
5789. <Byte>01</Byte>
5790. <Byte>00</Byte>
5791. <Byte>00</Byte>
5792. </Before>
5793. <Actual>
5794. <Byte>41</Byte>
5795. <Byte>B8</Byte>
5796. <Byte>03</Byte>
5797. <Byte>00</Byte>
5798. <Byte>00</Byte>
5799. <Byte>00</Byte>
5800. </Actual>
5801. <After>
5802. <Byte>48</Byte>
5803. <Byte>89</Byte>
5804. <Byte>C2</Byte>
5805. <Byte>E8</Byte>
5806. <Byte>7E</Byte>
5807. </After>
5808. </CodeEntry>
5809. <CodeEntry>
5810. <Description>Code :mov eax,[rbx+7C]</Description>
5811. <AddressString>re2.exe+B9766D3</AddressString>
5812. <Before>
5813. <Byte>85</Byte>
5814. <Byte>3C</Byte>
5815. <Byte>01</Byte>
5816. <Byte>00</Byte>
5817. <Byte>00</Byte>
5818. </Before>
5819. <Actual>
5820. <Byte>8B</Byte>
5821. <Byte>43</Byte>
5822. <Byte>7C</Byte>
5823. </Actual>
5824. <After>
5825. <Byte>89</Byte>
5826. <Byte>46</Byte>
5827. <Byte>7C</Byte>
5828. <Byte>48</Byte>
5829. <Byte>8B</Byte>
5830. </After>
5831. </CodeEntry>
5832. <CodeEntry>
5833. <Description>Code :mov [rsi+10],r14d</Description>
5834. <AddressString>re2.exe+B79C798</AddressString>
5835. <Before>
5836. <Byte>78</Byte>
5837. <Byte>18</Byte>
5838. <Byte>00</Byte>
5839. <Byte>75</Byte>
5840. <Byte>1F</Byte>
5841. </Before>
5842. <Actual>
5843. <Byte>44</Byte>
5844. <Byte>89</Byte>
5845. <Byte>76</Byte>
5846. <Byte>10</Byte>
5847. </Actual>
5848. <After>
5849. <Byte>48</Byte>
5850. <Byte>8B</Byte>
5851. <Byte>45</Byte>
5852. <Byte>50</Byte>
5853. <Byte>48</Byte>
5854. </After>
5855. </CodeEntry>
5856. <CodeEntry>
5857. <Description>Code :mov [rbx+1C],eax</Description>
5858. <AddressString>re2.exe+20C03A3</AddressString>
5859. <Before>
5860. <Byte>03</Byte>
5861. <Byte>C5</Byte>
5862. <Byte>41</Byte>
5863. <Byte>8B</Byte>
5864. <Byte>D6</Byte>
5865. </Before>
5866. <Actual>
5867. <Byte>89</Byte>
5868. <Byte>43</Byte>
5869. <Byte>1C</Byte>
5870. </Actual>
5871. <After>
5872. <Byte>E8</Byte>
5873. <Byte>D5</Byte>
5874. <Byte>16</Byte>
5875. <Byte>FB</Byte>
5876. <Byte>FF</Byte>
5877. </After>
5878. </CodeEntry>
5879. <CodeEntry>
5880. <Description>Code :mov r15d,[rdx+00000098]</Description>
5881. <AddressString>re2.exe+ACD6B56</AddressString>
5882. <Before>
5883. <Byte>50</Byte>
5884. <Byte>44</Byte>
5885. <Byte>8D</Byte>
5886. <Byte>76</Byte>
5887. <Byte>FF</Byte>
5888. </Before>
5889. <Actual>
5890. <Byte>44</Byte>
5891. <Byte>8B</Byte>
5892. <Byte>BA</Byte>
5893. <Byte>98</Byte>
5894. <Byte>00</Byte>
5895. <Byte>00</Byte>
5896. <Byte>00</Byte>
5897. </Actual>
5898. <After>
5899. <Byte>48</Byte>
5900. <Byte>8B</Byte>
5901. <Byte>15</Byte>
5902. <Byte>74</Byte>
5903. <Byte>39</Byte>
5904. </After>
5905. </CodeEntry>
5906. <CodeEntry>
5907. <Description>Code :mov [rdi+00000098],eax</Description>
5908. <AddressString>re2.exe+ACD5FC5</AddressString>
5909. <Before>
5910. <Byte>8F</Byte>
5911. <Byte>E0</Byte>
5912. <Byte>00</Byte>
5913. <Byte>00</Byte>
5914. <Byte>00</Byte>
5915. </Before>
5916. <Actual>
5917. <Byte>89</Byte>
5918. <Byte>87</Byte>
5919. <Byte>98</Byte>
5920. <Byte>00</Byte>
5921. <Byte>00</Byte>
5922. <Byte>00</Byte>
5923. </Actual>
5924. <After>
5925. <Byte>48</Byte>
5926. <Byte>85</Byte>
5927. <Byte>C9</Byte>
5928. <Byte>74</Byte>
5929. <Byte>15</Byte>
5930. </After>
5931. </CodeEntry>
5932. <CodeEntry>
5933. <Description>Code :mov [rbx+00000088],eax</Description>
5934. <AddressString>re2.exe+E46DA3C</AddressString>
5935. <Before>
5936. <Byte>85</Byte>
5937. <Byte>DF</Byte>
5938. <Byte>02</Byte>
5939. <Byte>00</Byte>
5940. <Byte>00</Byte>
5941. </Before>
5942. <Actual>
5943. <Byte>89</Byte>
5944. <Byte>83</Byte>
5945. <Byte>88</Byte>
5946. <Byte>00</Byte>
5947. <Byte>00</Byte>
5948. <Byte>00</Byte>
5949. </Actual>
5950. <After>
5951. <Byte>A9</Byte>
5952. <Byte>FD</Byte>
5953. <Byte>FF</Byte>
5954. <Byte>FF</Byte>
5955. <Byte>FF</Byte>
5956. </After>
5957. </CodeEntry>
5958. <CodeEntry>
5959. <Description>Code :mov eax,[rbx+00000088]</Description>
5960. <AddressString>re2.exe+E46DD0F</AddressString>
5961. <Before>
5962. <Byte>E8</Byte>
5963. <Byte>C1</Byte>
5964. <Byte>A7</Byte>
5965. <Byte>94</Byte>
5966. <Byte>F3</Byte>
5967. </Before>
5968. <Actual>
5969. <Byte>8B</Byte>
5970. <Byte>83</Byte>
5971. <Byte>88</Byte>
5972. <Byte>00</Byte>
5973. <Byte>00</Byte>
5974. <Byte>00</Byte>
5975. </Actual>
5976. <After>
5977. <Byte>89</Byte>
5978. <Byte>83</Byte>
5979. <Byte>A0</Byte>
5980. <Byte>00</Byte>
5981. <Byte>00</Byte>
5982. </After>
5983. </CodeEntry>
5984. <CodeEntry>
5985. <Description>Code :mov eax,[rbx+000000A0]</Description>
5986. <AddressString>re2.exe+AFB41BA</AddressString>
5987. <Before>
5988. <Byte>FF</Byte>
5989. <Byte>FF</Byte>
5990. <Byte>FF</Byte>
5991. <Byte>75</Byte>
5992. <Byte>14</Byte>
5993. </Before>
5994. <Actual>
5995. <Byte>8B</Byte>
5996. <Byte>83</Byte>
5997. <Byte>A0</Byte>
5998. <Byte>00</Byte>
5999. <Byte>00</Byte>
6000. <Byte>00</Byte>
6001. </Actual>
6002. <After>
6003. <Byte>85</Byte>
6004. <Byte>C0</Byte>
6005. <Byte>74</Byte>
6006. <Byte>05</Byte>
6007. <Byte>83</Byte>
6008. </After>
6009. </CodeEntry>
6010. <CodeEntry>
6011. <Description>Code :mov [rbx+000000A0],eax</Description>
6012. <AddressString>re2.exe+AFB44A5</AddressString>
6013. <Before>
6014. <Byte>83</Byte>
6015. <Byte>88</Byte>
6016. <Byte>00</Byte>
6017. <Byte>00</Byte>
6018. <Byte>00</Byte>
6019. </Before>
6020. <Actual>
6021. <Byte>89</Byte>
6022. <Byte>83</Byte>
6023. <Byte>A0</Byte>
6024. <Byte>00</Byte>
6025. <Byte>00</Byte>
6026. <Byte>00</Byte>
6027. </Actual>
6028. <After>
6029. <Byte>4C</Byte>
6030. <Byte>8B</Byte>
6031. <Byte>7C</Byte>
6032. <Byte>24</Byte>
6033. <Byte>20</Byte>
6034. </After>
6035. </CodeEntry>
6036. <CodeEntry>
6037. <Description>Code :mov [rbx],eax 0,3,5,7</Description>
6038. <AddressString>re2.exe+DBAAF6D</AddressString>
6039. <Before>
6040. <Byte>E3</Byte>
6041. <Byte>04</Byte>
6042. <Byte>48</Byte>
6043. <Byte>01</Byte>
6044. <Byte>CB</Byte>
6045. </Before>
6046. <Actual>
6047. <Byte>89</Byte>
6048. <Byte>03</Byte>
6049. </Actual>
6050. <After>
6051. <Byte>48</Byte>
6052. <Byte>3B</Byte>
6053. <Byte>7B</Byte>
6054. <Byte>08</Byte>
6055. <Byte>74</Byte>
6056. </After>
6057. </CodeEntry>
6058. <CodeEntry>
6059. <Description>Code :mov r8,[r13+00000090]</Description>
6060. <AddressString>re2.exe+1CF9E20</AddressString>
6061. <Before>
6062. <Byte>E9</Byte>
6063. <Byte>CE</Byte>
6064. <Byte>09</Byte>
6065. <Byte>00</Byte>
6066. <Byte>00</Byte>
6067. </Before>
6068. <Actual>
6069. <Byte>4D</Byte>
6070. <Byte>8B</Byte>
6071. <Byte>85</Byte>
6072. <Byte>90</Byte>
6073. <Byte>00</Byte>
6074. <Byte>00</Byte>
6075. <Byte>00</Byte>
6076. </Actual>
6077. <After>
6078. <Byte>4D</Byte>
6079. <Byte>85</Byte>
6080. <Byte>C0</Byte>
6081. <Byte>75</Byte>
6082. <Byte>17</Byte>
6083. </After>
6084. </CodeEntry>
6085. <CodeEntry>
6086. <Description>menu change flag chk Code :cmp [rax+18],r12d</Description>
6087. <AddressString>re2.exe+1CF9E55</AddressString>
6088. <Before>
6089. <Byte>48</Byte>
6090. <Byte>85</Byte>
6091. <Byte>C0</Byte>
6092. <Byte>74</Byte>
6093. <Byte>D7</Byte>
6094. </Before>
6095. <Actual>
6096. <Byte>44</Byte>
6097. <Byte>39</Byte>
6098. <Byte>60</Byte>
6099. <Byte>18</Byte>
6100. </Actual>
6101. <After>
6102. <Byte>7F</Byte>
6103. <Byte>0D</Byte>
6104. <Byte>33</Byte>
6105. <Byte>FF</Byte>
6106. <Byte>41</Byte>
6107. </After>
6108. </CodeEntry>
6109. <CodeEntry>
6110. <Description>Code :cmp [r15+000000BC],ebx</Description>
6111. <AddressString>re2.exe+C929B1A</AddressString>
6112. <Before>
6113. <Byte>00</Byte>
6114. <Byte>00</Byte>
6115. <Byte>00</Byte>
6116. <Byte>75</Byte>
6117. <Byte>0D</Byte>
6118. </Before>
6119. <Actual>
6120. <Byte>41</Byte>
6121. <Byte>39</Byte>
6122. <Byte>9F</Byte>
6123. <Byte>BC</Byte>
6124. <Byte>00</Byte>
6125. <Byte>00</Byte>
6126. <Byte>00</Byte>
6127. </Actual>
6128. <After>
6129. <Byte>0F</Byte>
6130. <Byte>84</Byte>
6131. <Byte>6B</Byte>
6132. <Byte>03</Byte>
6133. <Byte>00</Byte>
6134. </After>
6135. </CodeEntry>
6136. <CodeEntry>
6137. <Description>Code :mov [r15+000000BC],ebx</Description>
6138. <AddressString>re2.exe+C929EA7</AddressString>
6139. <Before>
6140. <Byte>78</Byte>
6141. <Byte>18</Byte>
6142. <Byte>00</Byte>
6143. <Byte>75</Byte>
6144. <Byte>07</Byte>
6145. </Before>
6146. <Actual>
6147. <Byte>41</Byte>
6148. <Byte>89</Byte>
6149. <Byte>9F</Byte>
6150. <Byte>BC</Byte>
6151. <Byte>00</Byte>
6152. <Byte>00</Byte>
6153. <Byte>00</Byte>
6154. </Actual>
6155. <After>
6156. <Byte>4C</Byte>
6157. <Byte>8B</Byte>
6158. <Byte>64</Byte>
6159. <Byte>24</Byte>
6160. <Byte>48</Byte>
6161. </After>
6162. </CodeEntry>
6163. <CodeEntry>
6164. <Description>Code :cmp [rdi+54],esi</Description>
6165. <AddressString>re2.exe+BB15931</AddressString>
6166. <Before>
6167. <Byte>E9</Byte>
6168. <Byte>9F</Byte>
6169. <Byte>C0</Byte>
6170. <Byte>2B</Byte>
6171. <Byte>F6</Byte>
6172. </Before>
6173. <Actual>
6174. <Byte>39</Byte>
6175. <Byte>77</Byte>
6176. <Byte>54</Byte>
6177. </Actual>
6178. <After>
6179. <Byte>74</Byte>
6180. <Byte>27</Byte>
6181. <Byte>48</Byte>
6182. <Byte>89</Byte>
6183. <Byte>FA</Byte>
6184. </After>
6185. </CodeEntry>
6186. <CodeEntry>
6187. <Description>Code :mov [rdi+54],ebp</Description>
6188. <AddressString>re2.exe+E46D663</AddressString>
6189. <Before>
6190. <Byte>85</Byte>
6191. <Byte>81</Byte>
6192. <Byte>01</Byte>
6193. <Byte>00</Byte>
6194. <Byte>00</Byte>
6195. </Before>
6196. <Actual>
6197. <Byte>89</Byte>
6198. <Byte>6F</Byte>
6199. <Byte>54</Byte>
6200. </Actual>
6201. <After>
6202. <Byte>48</Byte>
6203. <Byte>8B</Byte>
6204. <Byte>43</Byte>
6205. <Byte>50</Byte>
6206. <Byte>48</Byte>
6207. </After>
6208. </CodeEntry>
6209. <CodeEntry>
6210. <Description>Code :mov eax,[rax+54]</Description>
6211. <AddressString>re2.exe+8F11C73</AddressString>
6212. <Before>
6213. <Byte>83</Byte>
6214. <Byte>C4</Byte>
6215. <Byte>20</Byte>
6216. <Byte>5F</Byte>
6217. <Byte>C3</Byte>
6218. </Before>
6219. <Actual>
6220. <Byte>8B</Byte>
6221. <Byte>40</Byte>
6222. <Byte>54</Byte>
6223. </Actual>
6224. <After>
6225. <Byte>48</Byte>
6226. <Byte>8B</Byte>
6227. <Byte>5C</Byte>
6228. <Byte>24</Byte>
6229. <Byte>30</Byte>
6230. </After>
6231. </CodeEntry>
6232. <CodeEntry>
6233. <Description>Code :mov eax,[rax+14]</Description>
6234. <AddressString>re2.exe+B7FBF47</AddressString>
6235. <Before>
6236. <Byte>00</Byte>
6237. <Byte>00</Byte>
6238. <Byte>00</Byte>
6239. <Byte>EB</Byte>
6240. <Byte>03</Byte>
6241. </Before>
6242. <Actual>
6243. <Byte>8B</Byte>
6244. <Byte>40</Byte>
6245. <Byte>14</Byte>
6246. </Actual>
6247. <After>
6248. <Byte>48</Byte>
6249. <Byte>8B</Byte>
6250. <Byte>5C</Byte>
6251. <Byte>24</Byte>
6252. <Byte>40</Byte>
6253. </After>
6254. </CodeEntry>
6255. <CodeEntry>
6256. <Description>Code :mov ecx,[rax+14]</Description>
6257. <AddressString>re2.exe+B7FBD3D</AddressString>
6258. <Before>
6259. <Byte>84</Byte>
6260. <Byte>03</Byte>
6261. <Byte>02</Byte>
6262. <Byte>00</Byte>
6263. <Byte>00</Byte>
6264. </Before>
6265. <Actual>
6266. <Byte>8B</Byte>
6267. <Byte>48</Byte>
6268. <Byte>14</Byte>
6269. </Actual>
6270. <After>
6271. <Byte>8D</Byte>
6272. <Byte>41</Byte>
6273. <Byte>FB</Byte>
6274. <Byte>83</Byte>
6275. <Byte>F8</Byte>
6276. </After>
6277. </CodeEntry>
6278. <CodeEntry>
6279. <Description>Code :mov r9d,[rax+14]</Description>
6280. <AddressString>re2.exe+B80BE55</AddressString>
6281. <Before>
6282. <Byte>00</Byte>
6283. <Byte>00</Byte>
6284. <Byte>00</Byte>
6285. <Byte>74</Byte>
6286. <Byte>2A</Byte>
6287. </Before>
6288. <Actual>
6289. <Byte>44</Byte>
6290. <Byte>8B</Byte>
6291. <Byte>48</Byte>
6292. <Byte>14</Byte>
6293. </Actual>
6294. <After>
6295. <Byte>41</Byte>
6296. <Byte>8D</Byte>
6297. <Byte>41</Byte>
6298. <Byte>F0</Byte>
6299. <Byte>83</Byte>
6300. </After>
6301. </CodeEntry>
6302. <CodeEntry>
6303. <Description>Code :mov [rdi+14],ebp</Description>
6304. <AddressString>re2.exe+B80BE7F</AddressString>
6305. <Before>
6306. <Byte>85</Byte>
6307. <Byte>F0</Byte>
6308. <Byte>02</Byte>
6309. <Byte>00</Byte>
6310. <Byte>00</Byte>
6311. </Before>
6312. <Actual>
6313. <Byte>89</Byte>
6314. <Byte>6F</Byte>
6315. <Byte>14</Byte>
6316. </Actual>
6317. <After>
6318. <Byte>8D</Byte>
6319. <Byte>45</Byte>
6320. <Byte>F0</Byte>
6321. <Byte>83</Byte>
6322. <Byte>F8</Byte>
6323. </After>
6324. </CodeEntry>
6325. <CodeEntry>
6326. <Description>Code :mov eax,[rax+54]</Description>
6327. <AddressString>re2.exe+8F11C73</AddressString>
6328. <Before>
6329. <Byte>83</Byte>
6330. <Byte>C4</Byte>
6331. <Byte>20</Byte>
6332. <Byte>5F</Byte>
6333. <Byte>C3</Byte>
6334. </Before>
6335. <Actual>
6336. <Byte>8B</Byte>
6337. <Byte>40</Byte>
6338. <Byte>54</Byte>
6339. </Actual>
6340. <After>
6341. <Byte>48</Byte>
6342. <Byte>8B</Byte>
6343. <Byte>5C</Byte>
6344. <Byte>24</Byte>
6345. <Byte>30</Byte>
6346. </After>
6347. </CodeEntry>
6348. <CodeEntry>
6349. <Description>Code :sub esp,20</Description>
6350. <AddressString>re2.exe+E468E67</AddressString>
6351. <Before>
6352. <Byte>5C</Byte>
6353. <Byte>24</Byte>
6354. <Byte>10</Byte>
6355. <Byte>57</Byte>
6356. <Byte>48</Byte>
6357. </Before>
6358. <Actual>
6359. <Byte>83</Byte>
6360. <Byte>EC</Byte>
6361. <Byte>20</Byte>
6362. </Actual>
6363. <After>
6364. <Byte>48</Byte>
6365. <Byte>89</Byte>
6366. <Byte>D7</Byte>
6367. <Byte>48</Byte>
6368. <Byte>89</Byte>
6369. </After>
6370. </CodeEntry>
6371. <CodeEntry>
6372. <Description>Code :mov eax,[rax+54]</Description>
6373. <AddressString>re2.exe+E4616C3</AddressString>
6374. <Before>
6375. <Byte>83</Byte>
6376. <Byte>C4</Byte>
6377. <Byte>20</Byte>
6378. <Byte>5F</Byte>
6379. <Byte>C3</Byte>
6380. </Before>
6381. <Actual>
6382. <Byte>8B</Byte>
6383. <Byte>40</Byte>
6384. <Byte>54</Byte>
6385. </Actual>
6386. <After>
6387. <Byte>48</Byte>
6388. <Byte>8B</Byte>
6389. <Byte>5C</Byte>
6390. <Byte>24</Byte>
6391. <Byte>30</Byte>
6392. </After>
6393. </CodeEntry>
6394. <CodeEntry>
6395. <Description>Code :cmp [rcx+54],edi</Description>
6396. <AddressString>re2.exe+D5DDD90</AddressString>
6397. <Before>
6398. <Byte>84</Byte>
6399. <Byte>03</Byte>
6400. <Byte>FF</Byte>
6401. <Byte>FF</Byte>
6402. <Byte>FF</Byte>
6403. </Before>
6404. <Actual>
6405. <Byte>39</Byte>
6406. <Byte>79</Byte>
6407. <Byte>54</Byte>
6408. </Actual>
6409. <After>
6410. <Byte>0F</Byte>
6411. <Byte>85</Byte>
6412. <Byte>09</Byte>
6413. <Byte>FF</Byte>
6414. <Byte>FF</Byte>
6415. </After>
6416. </CodeEntry>
6417. <CodeEntry>
6418. <Description>Code :mov ebx,[rdx+54]</Description>
6419. <AddressString>re2.exe+950EAC4</AddressString>
6420. <Before>
6421. <Byte>24</Byte>
6422. <Byte>38</Byte>
6423. <Byte>45</Byte>
6424. <Byte>31</Byte>
6425. <Byte>C0</Byte>
6426. </Before>
6427. <Actual>
6428. <Byte>8B</Byte>
6429. <Byte>5A</Byte>
6430. <Byte>54</Byte>
6431. </Actual>
6432. <After>
6433. <Byte>48</Byte>
6434. <Byte>8B</Byte>
6435. <Byte>15</Byte>
6436. <Byte>B2</Byte>
6437. <Byte>E0</Byte>
6438. </After>
6439. </CodeEntry>
6440. <CodeEntry>
6441. <Description>Code :mov ebx,[rbx+54]</Description>
6442. <AddressString>re2.exe+E3BFE2B</AddressString>
6443. <Before>
6444. <Byte>15</Byte>
6445. <Byte>55</Byte>
6446. <Byte>CD</Byte>
6447. <Byte>C6</Byte>
6448. <Byte>F8</Byte>
6449. </Before>
6450. <Actual>
6451. <Byte>8B</Byte>
6452. <Byte>5B</Byte>
6453. <Byte>54</Byte>
6454. </Actual>
6455. <After>
6456. <Byte>E8</Byte>
6457. <Byte>2D</Byte>
6458. <Byte>FF</Byte>
6459. <Byte>A0</Byte>
6460. <Byte>F3</Byte>
6461. </After>
6462. </CodeEntry>
6463. <CodeEntry>
6464. <Description>Code :cmp dword ptr [rsi+54],03</Description>
6465. <AddressString>re2.exe+C86AE77</AddressString>
6466. <Before>
6467. <Byte>E9</Byte>
6468. <Byte>98</Byte>
6469. <Byte>01</Byte>
6470. <Byte>00</Byte>
6471. <Byte>00</Byte>
6472. </Before>
6473. <Actual>
6474. <Byte>83</Byte>
6475. <Byte>7E</Byte>
6476. <Byte>54</Byte>
6477. <Byte>03</Byte>
6478. </Actual>
6479. <After>
6480. <Byte>0F</Byte>
6481. <Byte>84</Byte>
6482. <Byte>8E</Byte>
6483. <Byte>01</Byte>
6484. <Byte>00</Byte>
6485. </After>
6486. </CodeEntry>
6487. <CodeEntry>
6488. <Description>Code :mov r8d,[rbx+10]</Description>
6489. <AddressString>re2.exe+B800BE0</AddressString>
6490. <Before>
6491. <Byte>4B</Byte>
6492. <Byte>14</Byte>
6493. <Byte>4C</Byte>
6494. <Byte>89</Byte>
6495. <Byte>EA</Byte>
6496. </Before>
6497. <Actual>
6498. <Byte>44</Byte>
6499. <Byte>8B</Byte>
6500. <Byte>43</Byte>
6501. <Byte>10</Byte>
6502. </Actual>
6503. <After>
6504. <Byte>48</Byte>
6505. <Byte>89</Byte>
6506. <Byte>E9</Byte>
6507. <Byte>E8</Byte>
6508. <Byte>C4</Byte>
6509. </After>
6510. </CodeEntry>
6511. <CodeEntry>
6512. <Description>Code :mov r8,[rax-10]</Description>
6513. <AddressString>re2.exe+8DC564E</AddressString>
6514. <Before>
6515. <Byte>75</Byte>
6516. <Byte>23</Byte>
6517. <Byte>48</Byte>
6518. <Byte>8B</Byte>
6519. <Byte>02</Byte>
6520. </Before>
6521. <Actual>
6522. <Byte>4C</Byte>
6523. <Byte>8B</Byte>
6524. <Byte>40</Byte>
6525. <Byte>F0</Byte>
6526. </Actual>
6527. <After>
6528. <Byte>41</Byte>
6529. <Byte>FF</Byte>
6530. <Byte>90</Byte>
6531. <Byte>D0</Byte>
6532. <Byte>00</Byte>
6533. </After>
6534. </CodeEntry>
6535. <CodeEntry>
6536. <Description>Code :mov eax,[rax+54]</Description>
6537. <AddressString>re2.exe+C2EB9E3</AddressString>
6538. <Before>
6539. <Byte>83</Byte>
6540. <Byte>C4</Byte>
6541. <Byte>20</Byte>
6542. <Byte>5F</Byte>
6543. <Byte>C3</Byte>
6544. </Before>
6545. <Actual>
6546. <Byte>8B</Byte>
6547. <Byte>40</Byte>
6548. <Byte>54</Byte>
6549. </Actual>
6550. <After>
6551. <Byte>48</Byte>
6552. <Byte>8B</Byte>
6553. <Byte>5C</Byte>
6554. <Byte>24</Byte>
6555. <Byte>30</Byte>
6556. </After>
6557. </CodeEntry>
6558. <CodeEntry>
6559. <Description>Code :mov edx,[rax+54]</Description>
6560. <AddressString>re2.exe+C313673</AddressString>
6561. <Before>
6562. <Byte>44</Byte>
6563. <Byte>89</Byte>
6564. <Byte>F2</Byte>
6565. <Byte>EB</Byte>
6566. <Byte>0A</Byte>
6567. </Before>
6568. <Actual>
6569. <Byte>8B</Byte>
6570. <Byte>50</Byte>
6571. <Byte>54</Byte>
6572. </Actual>
6573. <After>
6574. <Byte>EB</Byte>
6575. <Byte>05</Byte>
6576. <Byte>BA</Byte>
6577. <Byte>FF</Byte>
6578. <Byte>FF</Byte>
6579. </After>
6580. </CodeEntry>
6581. <CodeEntry>
6582. <Description>Code :cmp dword ptr [rdi+54],05</Description>
6583. <AddressString>re2.exe+D0B2710</AddressString>
6584. <Before>
6585. <Byte>78</Byte>
6586. <Byte>18</Byte>
6587. <Byte>00</Byte>
6588. <Byte>75</Byte>
6589. <Byte>62</Byte>
6590. </Before>
6591. <Actual>
6592. <Byte>83</Byte>
6593. <Byte>7F</Byte>
6594. <Byte>54</Byte>
6595. <Byte>05</Byte>
6596. </Actual>
6597. <After>
6598. <Byte>75</Byte>
6599. <Byte>5C</Byte>
6600. <Byte>48</Byte>
6601. <Byte>8B</Byte>
6602. <Byte>15</Byte>
6603. </After>
6604. </CodeEntry>
6605. <CodeEntry>
6606. <Description>Code :mov ebx,[rdx+54]</Description>
6607. <AddressString>re2.exe+950EAC4</AddressString>
6608. <Before>
6609. <Byte>24</Byte>
6610. <Byte>38</Byte>
6611. <Byte>45</Byte>
6612. <Byte>31</Byte>
6613. <Byte>C0</Byte>
6614. </Before>
6615. <Actual>
6616. <Byte>8B</Byte>
6617. <Byte>5A</Byte>
6618. <Byte>54</Byte>
6619. </Actual>
6620. <After>
6621. <Byte>48</Byte>
6622. <Byte>8B</Byte>
6623. <Byte>15</Byte>
6624. <Byte>B2</Byte>
6625. <Byte>E0</Byte>
6626. </After>
6627. </CodeEntry>
6628. <CodeEntry>
6629. <Description>Code :cmp dword ptr [rbp+54],05</Description>
6630. <AddressString>re2.exe+D0B13C9</AddressString>
6631. <Before>
6632. <Byte>85</Byte>
6633. <Byte>E7</Byte>
6634. <Byte>00</Byte>
6635. <Byte>00</Byte>
6636. <Byte>00</Byte>
6637. </Before>
6638. <Actual>
6639. <Byte>83</Byte>
6640. <Byte>7D</Byte>
6641. <Byte>54</Byte>
6642. <Byte>05</Byte>
6643. </Actual>
6644. <After>
6645. <Byte>75</Byte>
6646. <Byte>3B</Byte>
6647. <Byte>48</Byte>
6648. <Byte>8B</Byte>
6649. <Byte>15</Byte>
6650. </After>
6651. </CodeEntry>
6652. <CodeEntry>
6653. <Description>Code :mov eax,[rdx+54]</Description>
6654. <AddressString>re2.exe+2772D0</AddressString>
6655. <Before>
6656. <Byte>CC</Byte>
6657. <Byte>CC</Byte>
6658. <Byte>CC</Byte>
6659. <Byte>CC</Byte>
6660. <Byte>CC</Byte>
6661. </Before>
6662. <Actual>
6663. <Byte>8B</Byte>
6664. <Byte>42</Byte>
6665. <Byte>54</Byte>
6666. </Actual>
6667. <After>
6668. <Byte>C3</Byte>
6669. <Byte>CC</Byte>
6670. <Byte>CC</Byte>
6671. <Byte>CC</Byte>
6672. <Byte>CC</Byte>
6673. </After>
6674. </CodeEntry>
6675. <CodeEntry>
6676. <Description>Code :mov r9d,[rdi+54]</Description>
6677. <AddressString>re2.exe+DBF4ABC</AddressString>
6678. <Before>
6679. <Byte>84</Byte>
6680. <Byte>DD</Byte>
6681. <Byte>00</Byte>
6682. <Byte>00</Byte>
6683. <Byte>00</Byte>
6684. </Before>
6685. <Actual>
6686. <Byte>44</Byte>
6687. <Byte>8B</Byte>
6688. <Byte>4F</Byte>
6689. <Byte>54</Byte>
6690. </Actual>
6691. <After>
6692. <Byte>41</Byte>
6693. <Byte>89</Byte>
6694. <Byte>C0</Byte>
6695. <Byte>48</Byte>
6696. <Byte>89</Byte>
6697. </After>
6698. </CodeEntry>
6699. <CodeEntry>
6700. <Description>Code :mov r8d,[rcx+10]</Description>
6701. <AddressString>re2.exe+CFC5014</AddressString>
6702. <Before>
6703. <Byte>39</Byte>
6704. <Byte>71</Byte>
6705. <Byte>20</Byte>
6706. <Byte>74</Byte>
6707. <Byte>CC</Byte>
6708. </Before>
6709. <Actual>
6710. <Byte>44</Byte>
6711. <Byte>8B</Byte>
6712. <Byte>41</Byte>
6713. <Byte>10</Byte>
6714. </Actual>
6715. <After>
6716. <Byte>BA</Byte>
6717. <Byte>01</Byte>
6718. <Byte>00</Byte>
6719. <Byte>00</Byte>
6720. <Byte>00</Byte>
6721. </After>
6722. </CodeEntry>
6723. <CodeEntry>
6724. <Description>Code :mov eax,[rbx+10]</Description>
6725. <AddressString>re2.exe+CFC9AEE</AddressString>
6726. <Before>
6727. <Byte>48</Byte>
6728. <Byte>85</Byte>
6729. <Byte>C9</Byte>
6730. <Byte>74</Byte>
6731. <Byte>58</Byte>
6732. </Before>
6733. <Actual>
6734. <Byte>8B</Byte>
6735. <Byte>43</Byte>
6736. <Byte>10</Byte>
6737. </Actual>
6738. <After>
6739. <Byte>39</Byte>
6740. <Byte>41</Byte>
6741. <Byte>10</Byte>
6742. <Byte>74</Byte>
6743. <Byte>03</Byte>
6744. </After>
6745. </CodeEntry>
6746. <CodeEntry>
6747. <Description>Code :cmp [rcx+10],eax</Description>
6748. <AddressString>re2.exe+CFC9AF1</AddressString>
6749. <Before>
6750. <Byte>74</Byte>
6751. <Byte>58</Byte>
6752. <Byte>8B</Byte>
6753. <Byte>43</Byte>
6754. <Byte>10</Byte>
6755. </Before>
6756. <Actual>
6757. <Byte>39</Byte>
6758. <Byte>41</Byte>
6759. <Byte>10</Byte>
6760. </Actual>
6761. <After>
6762. <Byte>74</Byte>
6763. <Byte>03</Byte>
6764. <Byte>89</Byte>
6765. <Byte>79</Byte>
6766. <Byte>20</Byte>
6767. </After>
6768. </CodeEntry>
6769. <CodeEntry>
6770. <Description>Code :mov r8d,[rcx+10]</Description>
6771. <AddressString>re2.exe+CFC5014</AddressString>
6772. <Before>
6773. <Byte>39</Byte>
6774. <Byte>71</Byte>
6775. <Byte>20</Byte>
6776. <Byte>74</Byte>
6777. <Byte>CC</Byte>
6778. </Before>
6779. <Actual>
6780. <Byte>44</Byte>
6781. <Byte>8B</Byte>
6782. <Byte>41</Byte>
6783. <Byte>10</Byte>
6784. </Actual>
6785. <After>
6786. <Byte>BA</Byte>
6787. <Byte>01</Byte>
6788. <Byte>00</Byte>
6789. <Byte>00</Byte>
6790. <Byte>00</Byte>
6791. </After>
6792. </CodeEntry>
6793. </CheatCodes>
6794. <UserdefinedSymbols/>
6795. <Comments>http://fearlessrevolution.com/viewtopic.php?f=4&amp;t=8539
6796. ///
6797. 3 scritps by CJBok:
6798. save count 0
6799. max pouch slots
6800. Game Time
6801. link:
6802. http://fearlessrevolution.com/viewtopic.php?p=76389#p76389
6803. ///
6804. weapon's upgrade shared by gir489
6805. link:
6806. http://fearlessrevolution.com/viewtopic.php?f=4&amp;t=8539&amp;start=255#p76443
6807. </Comments>
6808. <LuaScript>--vng21092's aobscan lua script
6809. function lua_aobscan(name,module,bytes,index)
6810. index = index - 1
6811. if(module == "") then
6812. local resultSet = AOBScan(bytes)
6813. if(resultSet == nil) then
6814. unregisterSymbol(name)
6815. print(name.." not found")
6816. else
6817. unregisterSymbol(name)
6818. registerSymbol(name,resultSet[index])
6819. resultSet.destroy()
6820. end
6821. else
6822. if(getModuleSize(module) == nil) then
6823. print("Module "..module.." not found")
6824. else
6825. local memScanner = createMemScan()
6826. local memFoundList = createFoundList(memScanner)
6827. memScanner.firstScan(
6828. soExactValue,vtByteArray,rtRounded,bytes,nil,
6829. getAddress(module),(getAddress(module)+getModuleSize(module)),"",
6830. fsmNotAligned,"",true,false,false,false)
6831. memScanner.waitTillDone()
6832. memFoundList.initialize()
6833. if(memFoundList.Count == 0) then
6834. unregisterSymbol(name)
6835. print(name.." in module "..module.." not found")
6836. else
6837. unregisterSymbol(name)
6838. registerSymbol(name,memFoundList.Address[index])
6839. end
6840. memScanner.destroy()
6841. memFoundList.destroy()
6842. end
6843. end
6844. end
6845.  
6846. ---
6847. ----------------------------------------------
6848. registerCustomTypeAutoAssembler([[
6849. alloc(ConvertRoutine,1024)
6850. alloc(ConvertBackRoutine,1024)
6851. alloc(TypeName,256)
6852. alloc(ByteSize,4)
6853. alloc(UsesFloat,1)
6854. alloc(CallMethod,1)
6855.  
6856. TypeName:
6857. db 'RE2_Hrs',0
6858.  
6859. ByteSize:
6860. dd 4
6861.  
6862. UsesFloat:
6863. db 0 //Change to 1 if this custom type should be treated as a float
6864.  
6865. CallMethod:
6866. db 1 //Remove or change to 0 for legacy call mechanism
6867.  
6868. //The convert routine should hold a routine that converts the data to an integer (in eax)
6869. //function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
6870. //Note: Keep in mind that this routine can be called by multiple threads at the same time.
6871. ConvertRoutine:
6872. //jmp dllname.functionname
6873. [64-bit]
6874. //or manual:
6875. //parameters: (64-bit)
6876. //rcx=address of input
6877. //rdx=address
6878. mov eax,[rcx] //eax now contains the bytes 'input' pointed to
6879. xor edx,edx
6880. mov ecx,#3600
6881. div ecx
6882.  
6883. ret
6884. [/64-bit]
6885.  
6886. [32-bit]
6887. //jmp dllname.functionname
6888. //or manual:
6889. //parameters: (32-bit)
6890. push ebp
6891. mov ebp,esp
6892. //[ebp+8]=address of input
6893. //[ebp+c]=address
6894. //example:
6895. mov eax,[ebp+8] //place the address that contains the bytes into eax
6896. mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
6897.  
6898. pop ebp
6899. ret
6900. [/32-bit]
6901.  
6902. //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
6903. //function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
6904. ConvertBackRoutine:
6905. //jmp dllname.functionname
6906. //or manual:
6907. [64-bit]
6908. //parameters: (64-bit)
6909. //ecx=input
6910. //rdx=address
6911. //r8=address of output
6912. //example:
6913. imul ecx,ecx,#3600
6914.  
6915. mov eax,[r8]
6916. xor edx,edx
6917. mov ebx,#3600
6918. div ebx
6919. add ecx,edx
6920.  
6921. mov [r8],ecx //place the integer at the 4 bytes pointed to by r8
6922.  
6923. ret
6924. [/64-bit]
6925.  
6926. [32-bit]
6927. //parameters: (32-bit)
6928. push ebp
6929. mov ebp,esp
6930. //[ebp+8]=input
6931. //[ebp+c]=address
6932. //[ebp+10]=address of output
6933. //example:
6934. push eax
6935. push ebx
6936. mov eax,[ebp+8] //load the value into eax
6937. mov ebx,[ebp+10] //load the output address into ebx
6938. mov [ebx],eax //write the value into the address
6939. pop ebx
6940. pop eax
6941.  
6942. pop ebp
6943. ret
6944. [/32-bit]
6945.  
6946. ]])
6947.  
6948. ---
6949. ----------------------------------------------
6950. registerCustomTypeAutoAssembler([[
6951. alloc(ConvertRoutine,1024)
6952. alloc(ConvertBackRoutine,1024)
6953. alloc(TypeName,256)
6954. alloc(ByteSize,4)
6955. alloc(UsesFloat,1)
6956. alloc(CallMethod,1)
6957.  
6958. TypeName:
6959. db 'RE2_Mins',0
6960.  
6961. ByteSize:
6962. dd 4
6963.  
6964. UsesFloat:
6965. db 0 //Change to 1 if this custom type should be treated as a float
6966.  
6967. CallMethod:
6968. db 1 //Remove or change to 0 for legacy call mechanism
6969.  
6970. //The convert routine should hold a routine that converts the data to an integer (in eax)
6971. //function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
6972. //Note: Keep in mind that this routine can be called by multiple threads at the same time.
6973. ConvertRoutine:
6974. //jmp dllname.functionname
6975. [64-bit]
6976. //or manual:
6977. //parameters: (64-bit)
6978. //rcx=address of input
6979. //rdx=address
6980. mov eax,[rcx] //eax now contains the bytes 'input' pointed to
6981. xor edx,edx
6982. mov ecx,#3600
6983. div ecx
6984. mov eax,edx
6985. xor edx,edx
6986. mov ecx,#60
6987. div ecx
6988.  
6989. ret
6990. [/64-bit]
6991.  
6992. [32-bit]
6993. //jmp dllname.functionname
6994. //or manual:
6995. //parameters: (32-bit)
6996. push ebp
6997. mov ebp,esp
6998. //[ebp+8]=address of input
6999. //[ebp+c]=address
7000. //example:
7001. mov eax,[ebp+8] //place the address that contains the bytes into eax
7002. mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
7003.  
7004. pop ebp
7005. ret
7006. [/32-bit]
7007.  
7008. //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
7009. //function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
7010. ConvertBackRoutine:
7011. //jmp dllname.functionname
7012. //or manual:
7013. [64-bit]
7014. //parameters: (64-bit)
7015. //ecx=input
7016. //rdx=address
7017. //r8=address of output
7018. //example:
7019. imul ecx,ecx,#60
7020.  
7021. mov eax,[r8]
7022. xor edx,edx
7023. mov ebx,#3600
7024. div ebx
7025. imul eax,eax,#3600
7026. add ecx,eax
7027.  
7028. mov eax,edx
7029. xor edx,edx
7030. mov ebx,#60
7031. div ebx
7032. add ecx,edx
7033.  
7034. mov [r8],ecx //place the integer at the 4 bytes pointed to by r8
7035.  
7036. ret
7037. [/64-bit]
7038.  
7039. [32-bit]
7040. //parameters: (32-bit)
7041. push ebp
7042. mov ebp,esp
7043. //[ebp+8]=input
7044. //[ebp+c]=address
7045. //[ebp+10]=address of output
7046. //example:
7047. push eax
7048. push ebx
7049. mov eax,[ebp+8] //load the value into eax
7050. mov ebx,[ebp+10] //load the output address into ebx
7051. mov [ebx],eax //write the value into the address
7052. pop ebx
7053. pop eax
7054.  
7055. pop ebp
7056. ret
7057. [/32-bit]
7058.  
7059. ]])
7060.  
7061. ---
7062. ----------------------------------------------
7063. registerCustomTypeAutoAssembler([[
7064. alloc(ConvertRoutine,1024)
7065. alloc(ConvertBackRoutine,1024)
7066. alloc(TypeName,256)
7067. alloc(ByteSize,4)
7068. alloc(UsesFloat,1)
7069. alloc(CallMethod,1)
7070.  
7071. TypeName:
7072. db 'RE2_Secs',0
7073.  
7074. ByteSize:
7075. dd 4
7076.  
7077. UsesFloat:
7078. db 0 //Change to 1 if this custom type should be treated as a float
7079.  
7080. CallMethod:
7081. db 1 //Remove or change to 0 for legacy call mechanism
7082.  
7083. //The convert routine should hold a routine that converts the data to an integer (in eax)
7084. //function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
7085. //Note: Keep in mind that this routine can be called by multiple threads at the same time.
7086. ConvertRoutine:
7087. //jmp dllname.functionname
7088. [64-bit]
7089. //or manual:
7090. //parameters: (64-bit)
7091. //rcx=address of input
7092. //rdx=address
7093. mov eax,[rcx] //eax now contains the bytes 'input' pointed to
7094. xor edx,edx
7095. mov ecx,#3600
7096. div ecx
7097. mov eax,edx
7098. xor edx,edx
7099. mov ecx,#60
7100. div ecx
7101. mov eax,edx
7102.  
7103. ret
7104. [/64-bit]
7105.  
7106. [32-bit]
7107. //jmp dllname.functionname
7108. //or manual:
7109. //parameters: (32-bit)
7110. push ebp
7111. mov ebp,esp
7112. //[ebp+8]=address of input
7113. //[ebp+c]=address
7114. //example:
7115. mov eax,[ebp+8] //place the address that contains the bytes into eax
7116. mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
7117.  
7118. pop ebp
7119. ret
7120. [/32-bit]
7121.  
7122. //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
7123. //function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
7124. ConvertBackRoutine:
7125. //jmp dllname.functionname
7126. //or manual:
7127. [64-bit]
7128. //parameters: (64-bit)
7129. //ecx=input
7130. //rdx=address
7131. //r8=address of output
7132. //example:
7133.  
7134. mov eax,[r8]
7135. xor edx,edx
7136. mov ebx,#60
7137. div ebx
7138. imul eax,eax,#60
7139. add ecx,eax
7140.  
7141. mov [r8],ecx //place the integer at the 4 bytes pointed to by r8
7142.  
7143. ret
7144. [/64-bit]
7145.  
7146. [32-bit]
7147. //parameters: (32-bit)
7148. push ebp
7149. mov ebp,esp
7150. //[ebp+8]=input
7151. //[ebp+c]=address
7152. //[ebp+10]=address of output
7153. //example:
7154. push eax
7155. push ebx
7156. mov eax,[ebp+8] //load the value into eax
7157. mov ebx,[ebp+10] //load the output address into ebx
7158. mov [ebx],eax //write the value into the address
7159. pop ebx
7160. pop eax
7161.  
7162. pop ebp
7163. ret
7164. [/32-bit]
7165.  
7166. ]])
7167.  
7168. ---
7169. ----------------------------------------------
7170. </LuaScript>
7171. </CheatTable>