XBOX BO6 07/02/25

1. uintptr_t decrypt_client_info(const Driver& driver)
2. {
3. const uint64_t mb = globals::base;
4. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
5.  
6. r8 = mem.Read<uintptr_t>(globals::base + 0xC73DF78);
7. if(!r8)
8. return r8;
9. rdx= ~globals::vaPeb; //mov rdx, gs:[rax]
10. rax = r8; //mov rax, r8
11. rax >>= 0x18; //shr rax, 0x18
12. r8 ^= rax; //xor r8, rax
13. rax = r8; //mov rax, r8
14. rax >>= 0x30; //shr rax, 0x30
15. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
16. r8 ^= rax; //xor r8, rax
17. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
18. rcx ^= mem.Read<uintptr_t>(globals::base + 0xB1973B9); //xor rcx, [0x0000000004F3C90E]
19. rax = 0x233F5F4AE79533B1; //mov rax, 0x233F5F4AE79533B1
20. r8 *= rax; //imul r8, rax
21. rax = 0x4FF2ED27F19D575D; //mov rax, 0x4FF2ED27F19D575D
22. rcx = ~rcx; //not rcx
23. r8 -= rdx; //sub r8, rdx
24. r8 += rax; //add r8, rax
25. rax = globals::base; //lea rax, [0xFFFFFFFFF9DA552D]
26. r8 ^= rax; //xor r8, rax
27. r8 *= mem.Read<uintptr_t>(rcx + 0x19); //imul r8, [rcx+0x19]
28. return r8;
29. }
30. uintptr_t decrypt_client_base(const Driver& driver, uintptr_t client_info)
31. {
32. const uint64_t mb = globals::base;
33. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
34. r8 = mem.Read<uintptr_t>(client_info + 0x1e51b8);
35. if(!r8)
36. return r8;
37. rbx = globals::vaPeb; //mov rbx, gs:[rax]
38. rax = rbx; //mov rax, rbx
39. rax <<= 0x23; //shl rax, 0x23
40. rax = _byteswap_uint64(rax); //bswap rax
41. rax &= 0xF;
42. switch(rax) {
43. case 0:
44. {
45. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B1871]
46. rax = globals::base; //lea rax, [0xFFFFFFFFFD21A2D5]
47. r8 -= rax; //sub r8, rax
48. rax = r8; //mov rax, r8
49. rax >>= 0x1E; //shr rax, 0x1E
50. r8 ^= rax; //xor r8, rax
51. rax = r8; //mov rax, r8
52. rax >>= 0x3C; //shr rax, 0x3C
53. r8 ^= rax; //xor r8, rax
54. rax = globals::base; //lea rax, [0xFFFFFFFFFD21A0B6]
55. r8 -= rax; //sub r8, rax
56. rax = r8; //mov rax, r8
57. rax >>= 0x28; //shr rax, 0x28
58. r8 ^= rax; //xor r8, rax
59. rax = 0; //and rax, 0xFFFFFFFFC0000000
60. rax = _rotl64(rax, 0x10); //rol rax, 0x10
61. rax ^= r10; //xor rax, r10
62. rax = ~rax; //not rax
63. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
64. rax = 0x9CC8E0420ADA280D; //mov rax, 0x9CC8E0420ADA280D
65. r8 *= rax; //imul r8, rax
66. r8 += rbx; //add r8, rbx
67. rax = r8; //mov rax, r8
68. rax >>= 0x11; //shr rax, 0x11
69. r8 ^= rax; //xor r8, rax
70. rax = r8; //mov rax, r8
71. rax >>= 0x22; //shr rax, 0x22
72. r8 ^= rax; //xor r8, rax
73. return r8;
74. }
75. case 1:
76. {
77. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B13DF]
78. rax = r8; //mov rax, r8
79. rax >>= 0x9; //shr rax, 0x09
80. r8 ^= rax; //xor r8, rax
81. rax = r8; //mov rax, r8
82. rax >>= 0x12; //shr rax, 0x12
83. r8 ^= rax; //xor r8, rax
84. rax = r8; //mov rax, r8
85. rax >>= 0x24; //shr rax, 0x24
86. r8 ^= rax; //xor r8, rax
87. r8 ^= rbx; //xor r8, rbx
88. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
89. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
90. rcx ^= r10; //xor rcx, r10
91. rcx = ~rcx; //not rcx
92. r8 *= mem.Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
93. rcx = globals::base; //lea rcx, [0xFFFFFFFFFD219C40]
94. rax = rbx; //mov rax, rbx
95. rax -= rcx; //sub rax, rcx
96. rax += 0xFFFFFFFF9F0CFAED; //add rax, 0xFFFFFFFF9F0CFAED
97. r8 += rax; //add r8, rax
98. rax = 0x40ED86BABDEA8F5B; //mov rax, 0x40ED86BABDEA8F5B
99. r8 *= rax; //imul r8, rax
100. rax = 0xA7798517B7F399EA; //mov rax, 0xA7798517B7F399EA
101. r8 ^= rax; //xor r8, rax
102. rcx = globals::base + 0x755F7BDD; //lea rcx, [0x0000000072811B8D]
103. rax = rcx; //mov rax, rcx
104. rax = ~rax; //not rax
105. rax ^= rbx; //xor rax, rbx
106. r8 += rax; //add r8, rax
107. rax = 0x459093E765583ADB; //mov rax, 0x459093E765583ADB
108. r8 *= rax; //imul r8, rax
109. return r8;
110. }
111. case 2:
112. {
113. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B0F8E]
114. r12 = globals::base + 0xAC81; //lea r12, [0xFFFFFFFFFD224812]
115. rax = 0xE03443781C6DB26D; //mov rax, 0xE03443781C6DB26D
116. r8 *= rax; //imul r8, rax
117. rax = 0x26676A6627BAC50C; //mov rax, 0x26676A6627BAC50C
118. r8 -= rax; //sub r8, rax
119. rax = 0x541ECC7788F37ADE; //mov rax, 0x541ECC7788F37ADE
120. r8 += rax; //add r8, rax
121. r8 += r12; //add r8, r12
122. rax = globals::base + 0x142; //lea rax, [0xFFFFFFFFFD219895]
123. rax = ~rax; //not rax
124. rcx = rbx; //mov rcx, rbx
125. rcx = ~rcx; //not rcx
126. rcx -= rbx; //sub rcx, rbx
127. rcx += rax; //add rcx, rax
128. r8 += rcx; //add r8, rcx
129. rax = r8; //mov rax, r8
130. rax >>= 0x15; //shr rax, 0x15
131. r8 ^= rax; //xor r8, rax
132. rax = r8; //mov rax, r8
133. rax >>= 0x2A; //shr rax, 0x2A
134. r8 ^= rax; //xor r8, rax
135. rax = globals::base; //lea rax, [0xFFFFFFFFFD2196F4]
136. r8 -= rax; //sub r8, rax
137. rax = 0; //and rax, 0xFFFFFFFFC0000000
138. rax = _rotl64(rax, 0x10); //rol rax, 0x10
139. rax ^= r10; //xor rax, r10
140. rax = ~rax; //not rax
141. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
142. return r8;
143. }
144. case 3:
145. {
146. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B0AB5]
147. r8 ^= rbx; //xor r8, rbx
148. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
149. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
150. rcx ^= r10; //xor rcx, r10
151. rcx = ~rcx; //not rcx
152. r8 *= mem.Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
153. rax = 0x6C5618A3BE4C414; //mov rax, 0x6C5618A3BE4C414
154. r8 -= rax; //sub r8, rax
155. rax = 0xE98709096AD185CC; //mov rax, 0xE98709096AD185CC
156. r8 ^= rax; //xor r8, rax
157. rax = r8; //mov rax, r8
158. rcx = globals::base + 0x5ED318FB; //lea rcx, [0x000000005BF4AEB1]
159. rax >>= 0xB; //shr rax, 0x0B
160. rcx = ~rcx; //not rcx
161. r8 ^= rax; //xor r8, rax
162. rcx *= rbx; //imul rcx, rbx
163. rax = r8; //mov rax, r8
164. rax >>= 0x16; //shr rax, 0x16
165. r8 ^= rax; //xor r8, rax
166. rax = r8; //mov rax, r8
167. rax >>= 0x2C; //shr rax, 0x2C
168. rcx ^= rax; //xor rcx, rax
169. r8 ^= rcx; //xor r8, rcx
170. rax = 0x22A1571E2E749CB; //mov rax, 0x22A1571E2E749CB
171. r8 *= rax; //imul r8, rax
172. rcx = globals::base + 0xF26D; //lea rcx, [0xFFFFFFFFFD22871F]
173. rax = rbx; //mov rax, rbx
174. rax *= rcx; //imul rax, rcx
175. r8 += rax; //add r8, rax
176. return r8;
177. }
178. case 4:
179. {
180. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B0641]
181. rax = 0x54EE9012A77B3C0E; //mov rax, 0x54EE9012A77B3C0E
182. r8 ^= rax; //xor r8, rax
183. rax = globals::base; //lea rax, [0xFFFFFFFFFD218DDE]
184. rax += 0x432D; //add rax, 0x432D
185. rax += rbx; //add rax, rbx
186. r8 += rax; //add r8, rax
187. rax = 0xBE6A84FFF3304C3D; //mov rax, 0xBE6A84FFF3304C3D
188. r8 *= rax; //imul r8, rax
189. rax = r8; //mov rax, r8
190. rax >>= 0x12; //shr rax, 0x12
191. r8 ^= rax; //xor r8, rax
192. rax = r8; //mov rax, r8
193. rax >>= 0x24; //shr rax, 0x24
194. r8 ^= rax; //xor r8, rax
195. rax = r8; //mov rax, r8
196. rax >>= 0x7; //shr rax, 0x07
197. r8 ^= rax; //xor r8, rax
198. rax = r8; //mov rax, r8
199. rax >>= 0xE; //shr rax, 0x0E
200. r8 ^= rax; //xor r8, rax
201. rax = r8; //mov rax, r8
202. rax >>= 0x1C; //shr rax, 0x1C
203. r8 ^= rax; //xor r8, rax
204. rax = r8; //mov rax, r8
205. rax >>= 0x38; //shr rax, 0x38
206. r8 ^= rax; //xor r8, rax
207. rcx = globals::base + 0x72D0A311; //lea rcx, [0x000000006FF2351A]
208. rax = 0; //and rax, 0xFFFFFFFFC0000000
209. rax = _rotl64(rax, 0x10); //rol rax, 0x10
210. rax ^= r10; //xor rax, r10
211. rax = ~rax; //not rax
212. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
213. rax = rbx; //mov rax, rbx
214. rax *= rcx; //imul rax, rcx
215. r8 -= rax; //sub r8, rax
216. rax = 0x598660DAA37ACC99; //mov rax, 0x598660DAA37ACC99
217. r8 ^= rax; //xor r8, rax
218. return r8;
219. }
220. case 5:
221. {
222. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083B0196]
223. rcx = 0xC088FB236BE68165; //mov rcx, 0xC088FB236BE68165
224. rax = 0; //and rax, 0xFFFFFFFFC0000000
225. rax = _rotl64(rax, 0x10); //rol rax, 0x10
226. rax ^= r10; //xor rax, r10
227. rax = ~rax; //not rax
228. rax = mem.Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
229. rax *= rcx; //imul rax, rcx
230. r8 *= rax; //imul r8, rax
231. rax = r8; //mov rax, r8
232. rax >>= 0x5; //shr rax, 0x05
233. r8 ^= rax; //xor r8, rax
234. rax = r8; //mov rax, r8
235. rax >>= 0xA; //shr rax, 0x0A
236. r8 ^= rax; //xor r8, rax
237. rax = r8; //mov rax, r8
238. rax >>= 0x14; //shr rax, 0x14
239. r8 ^= rax; //xor r8, rax
240. rax = r8; //mov rax, r8
241. rax >>= 0x28; //shr rax, 0x28
242. r8 ^= rax; //xor r8, rax
243. rax = r8; //mov rax, r8
244. rax >>= 0xB; //shr rax, 0x0B
245. r8 ^= rax; //xor r8, rax
246. rax = r8; //mov rax, r8
247. rax >>= 0x16; //shr rax, 0x16
248. r8 ^= rax; //xor r8, rax
249. rax = r8; //mov rax, r8
250. rax >>= 0x2C; //shr rax, 0x2C
251. r8 ^= rax; //xor r8, rax
252. rax = 0xF87FD44152069748; //mov rax, 0xF87FD44152069748
253. r8 ^= rax; //xor r8, rax
254. rax = globals::base; //lea rax, [0xFFFFFFFFFD218A79]
255. rax += 0x1079; //add rax, 0x1079
256. rax += rbx; //add rax, rbx
257. r8 ^= rax; //xor r8, rax
258. rcx = globals::base; //lea rcx, [0xFFFFFFFFFD218C63]
259. rax = rbx; //mov rax, rbx
260. rax = ~rax; //not rax
261. rax -= rcx; //sub rax, rcx
262. rax += 0xFFFFFFFF968271AB; //add rax, 0xFFFFFFFF968271AB
263. r8 += rax; //add r8, rax
264. return r8;
265. }
266. case 6:
267. {
268. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AFD1E]
269. rax = 0; //and rax, 0xFFFFFFFFC0000000
270. rax = _rotl64(rax, 0x10); //rol rax, 0x10
271. rax ^= r10; //xor rax, r10
272. rax = ~rax; //not rax
273. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
274. rcx = globals::base + 0x1EE2; //lea rcx, [0xFFFFFFFFFD21A7E4]
275. rax = rbx; //mov rax, rbx
276. rax ^= rcx; //xor rax, rcx
277. rcx = 0x30DABF93D6E4FB5; //mov rcx, 0x30DABF93D6E4FB5
278. r8 ^= rcx; //xor r8, rcx
279. r8 -= rax; //sub r8, rax
280. rax = 0xDB8B0AAFA542904; //mov rax, 0xDB8B0AAFA542904
281. r8 -= rbx; //sub r8, rbx
282. r8 -= rax; //sub r8, rax
283. rax = r8; //mov rax, r8
284. rax >>= 0x22; //shr rax, 0x22
285. r8 ^= rax; //xor r8, rax
286. rax = 0xDF170407BBE28DB5; //mov rax, 0xDF170407BBE28DB5
287. r8 *= rax; //imul r8, rax
288. rax = r8; //mov rax, r8
289. rax >>= 0x8; //shr rax, 0x08
290. r8 ^= rax; //xor r8, rax
291. rax = r8; //mov rax, r8
292. rax >>= 0x10; //shr rax, 0x10
293. r8 ^= rax; //xor r8, rax
294. rax = r8; //mov rax, r8
295. rax >>= 0x20; //shr rax, 0x20
296. r8 ^= rax; //xor r8, rax
297. return r8;
298. }
299. case 7:
300. {
301. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AF8ED]
302. rax = 0; //and rax, 0xFFFFFFFFC0000000
303. rax = _rotl64(rax, 0x10); //rol rax, 0x10
304. rax ^= r10; //xor rax, r10
305. rax = ~rax; //not rax
306. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
307. rax = 0x1C4A7DE2E2F8F68F; //mov rax, 0x1C4A7DE2E2F8F68F
308. rcx = 0x378CE09B287B2D41; //mov rcx, 0x378CE09B287B2D41
309. rcx ^= r8; //xor rcx, r8
310. r8 = globals::base + 0xC177; //lea r8, [0xFFFFFFFFFD224411]
311. rcx += rax; //add rcx, rax
312. rax = rbx + 0x1; //lea rax, [rbx+0x01]
313. rax *= r8; //imul rax, r8
314. r8 = rcx; //mov r8, rcx
315. r8 >>= 0x23; //shr r8, 0x23
316. rax += rbx; //add rax, rbx
317. r8 ^= rcx; //xor r8, rcx
318. r8 += rax; //add r8, rax
319. rax = 0xEBEA9B8B5714671D; //mov rax, 0xEBEA9B8B5714671D
320. r8 *= rax; //imul r8, rax
321. rax = r8; //mov rax, r8
322. rax >>= 0xE; //shr rax, 0x0E
323. r8 ^= rax; //xor r8, rax
324. rax = r8; //mov rax, r8
325. rax >>= 0x1C; //shr rax, 0x1C
326. r8 ^= rax; //xor r8, rax
327. rax = r8; //mov rax, r8
328. rax >>= 0x38; //shr rax, 0x38
329. r8 ^= rax; //xor r8, rax
330. return r8;
331. }
332. case 8:
333. {
334. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AF3B1]
335. rax = globals::base; //lea rax, [0xFFFFFFFFFD217DC5]
336. r8 ^= rax; //xor r8, rax
337. rax = 0x3169FBDB3B875224; //mov rax, 0x3169FBDB3B875224
338. r8 += rax; //add r8, rax
339. rcx = globals::base + 0x88B9; //lea rcx, [0xFFFFFFFFFD220845]
340. rax = rcx; //mov rax, rcx
341. rax = ~rax; //not rax
342. rax *= rbx; //imul rax, rbx
343. r8 ^= rax; //xor r8, rax
344. r8 ^= rbx; //xor r8, rbx
345. rax = globals::base + 0x553; //lea rax, [0xFFFFFFFFFD21816F]
346. r8 ^= rax; //xor r8, rax
347. rax = r8; //mov rax, r8
348. rax >>= 0x13; //shr rax, 0x13
349. r8 ^= rax; //xor r8, rax
350. rax = r8; //mov rax, r8
351. rax >>= 0x26; //shr rax, 0x26
352. r8 ^= rax; //xor r8, rax
353. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
354. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
355. rax = 0x49665D7F2AFA3F6B; //mov rax, 0x49665D7F2AFA3F6B
356. r8 *= rax; //imul r8, rax
357. rcx ^= r10; //xor rcx, r10
358. rax = globals::base + 0x11D125F7; //lea rax, [0x000000000EF2A2FC]
359. rax = ~rax; //not rax
360. rcx = ~rcx; //not rcx
361. rax *= rbx; //imul rax, rbx
362. r8 += rax; //add r8, rax
363. r8 *= mem.Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
364. return r8;
365. }
366. case 9:
367. {
368. r9 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r9, [0x00000000083AEF71]
369. r11 = globals::base + 0x7C81; //lea r11, [0xFFFFFFFFFD21F7F5]
370. rax = rbx; //mov rax, rbx
371. rax *= r11; //imul rax, r11
372. r8 -= rax; //sub r8, rax
373. rax = globals::base; //lea rax, [0xFFFFFFFFFD21789E]
374. r8 -= rax; //sub r8, rax
375. rax = rbx; //mov rax, rbx
376. rax -= driver.base_addr; //sub rax, [rsp+0x78] -- didn't find trace -> use base
377. rax += 0xFFFFFFFFFFFF4D38; //add rax, 0xFFFFFFFFFFFF4D38
378. r8 += rax; //add r8, rax
379. rax = 0xB294869EA09D48AA; //mov rax, 0xB294869EA09D48AA
380. r8 ^= rax; //xor r8, rax
381. rax = 0xDA6A9700AB4D27FD; //mov rax, 0xDA6A9700AB4D27FD
382. r8 *= rax; //imul r8, rax
383. rax = 0; //and rax, 0xFFFFFFFFC0000000
384. rax = _rotl64(rax, 0x10); //rol rax, 0x10
385. rax ^= r9; //xor rax, r9
386. rax = ~rax; //not rax
387. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
388. rax = 0x38632CDC13FD78A5; //mov rax, 0x38632CDC13FD78A5
389. r8 += rax; //add r8, rax
390. rax = r8; //mov rax, r8
391. rax >>= 0x1D; //shr rax, 0x1D
392. r8 ^= rax; //xor r8, rax
393. rax = r8; //mov rax, r8
394. rax >>= 0x3A; //shr rax, 0x3A
395. r8 ^= rax; //xor r8, rax
396. return r8;
397. }
398. case 10:
399. {
400. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AEA5D]
401. r8 += rbx; //add r8, rbx
402. rax = 0x36164EFD786890C1; //mov rax, 0x36164EFD786890C1
403. r8 *= rax; //imul r8, rax
404. rax = 0x6F993F33D7A49418; //mov rax, 0x6F993F33D7A49418
405. r8 += rax; //add r8, rax
406. rax = r8; //mov rax, r8
407. rax >>= 0x8; //shr rax, 0x08
408. r8 ^= rax; //xor r8, rax
409. rax = r8; //mov rax, r8
410. rax >>= 0x10; //shr rax, 0x10
411. r8 ^= rax; //xor r8, rax
412. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
413. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
414. rax = r8; //mov rax, r8
415. rcx ^= r10; //xor rcx, r10
416. rax >>= 0x20; //shr rax, 0x20
417. r8 ^= rax; //xor r8, rax
418. rcx = ~rcx; //not rcx
419. r8 *= mem.Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
420. rax = 0xE88B55E25B8B057C; //mov rax, 0xE88B55E25B8B057C
421. r8 ^= rax; //xor r8, rax
422. rax = r8; //mov rax, r8
423. rax >>= 0x1A; //shr rax, 0x1A
424. r8 ^= rax; //xor r8, rax
425. rax = r8; //mov rax, r8
426. rax >>= 0x34; //shr rax, 0x34
427. r8 ^= rax; //xor r8, rax
428. rax = r8; //mov rax, r8
429. rax >>= 0x4; //shr rax, 0x04
430. r8 ^= rax; //xor r8, rax
431. rax = r8; //mov rax, r8
432. rax >>= 0x8; //shr rax, 0x08
433. r8 ^= rax; //xor r8, rax
434. rax = r8; //mov rax, r8
435. rax >>= 0x10; //shr rax, 0x10
436. r8 ^= rax; //xor r8, rax
437. rax = r8; //mov rax, r8
438. rax >>= 0x20; //shr rax, 0x20
439. r8 ^= rax; //xor r8, rax
440. return r8;
441. }
442. case 11:
443. {
444. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AE639]
445. rax = 0; //and rax, 0xFFFFFFFFC0000000
446. rax = _rotl64(rax, 0x10); //rol rax, 0x10
447. rax ^= r10; //xor rax, r10
448. rax = ~rax; //not rax
449. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
450. rax = rbx; //mov rax, rbx
451. uintptr_t RSP_0xFFFFFFFFFFFFFFD0;
452. RSP_0xFFFFFFFFFFFFFFD0 = globals::base + 0xA1FD; //lea rax, [0xFFFFFFFFFD221445] : RBP+0xFFFFFFFFFFFFFFD0
453. rax *= RSP_0xFFFFFFFFFFFFFFD0; //imul rax, [rbp-0x30]
454. r8 += rax; //add r8, rax
455. rax = r8; //mov rax, r8
456. rax >>= 0x26; //shr rax, 0x26
457. r8 ^= rax; //xor r8, rax
458. rax = r8; //mov rax, r8
459. rax >>= 0xA; //shr rax, 0x0A
460. r8 ^= rax; //xor r8, rax
461. rax = r8; //mov rax, r8
462. rax >>= 0x14; //shr rax, 0x14
463. r8 ^= rax; //xor r8, rax
464. rax = r8; //mov rax, r8
465. rax >>= 0x28; //shr rax, 0x28
466. r8 ^= rax; //xor r8, rax
467. rax = 0xC6A8E21F37CF3675; //mov rax, 0xC6A8E21F37CF3675
468. r8 *= rax; //imul r8, rax
469. rax = globals::base; //lea rax, [0xFFFFFFFFFD216D48]
470. rax += rbx; //add rax, rbx
471. r8 -= rax; //sub r8, rax
472. rax = globals::base; //lea rax, [0xFFFFFFFFFD216E74]
473. r8 ^= rax; //xor r8, rax
474. return r8;
475. }
476. case 12:
477. {
478. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AE111]
479. rax = 0x5D2901AC55739352; //mov rax, 0x5D2901AC55739352
480. r8 -= rax; //sub r8, rax
481. rax = 0; //and rax, 0xFFFFFFFFC0000000
482. rax = _rotl64(rax, 0x10); //rol rax, 0x10
483. rax ^= r10; //xor rax, r10
484. rax = ~rax; //not rax
485. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
486. rax = globals::base; //lea rax, [0xFFFFFFFFFD216883]
487. r8 += rax; //add r8, rax
488. rax = 0x156D71AB28FBFAFF; //mov rax, 0x156D71AB28FBFAFF
489. r8 *= rax; //imul r8, rax
490. rax = r8; //mov rax, r8
491. rax >>= 0x27; //shr rax, 0x27
492. r8 ^= rax; //xor r8, rax
493. r8 -= rbx; //sub r8, rbx
494. rax = r8; //mov rax, r8
495. rax >>= 0x17; //shr rax, 0x17
496. r8 ^= rax; //xor r8, rax
497. rax = r8; //mov rax, r8
498. rax >>= 0x2E; //shr rax, 0x2E
499. r8 ^= rax; //xor r8, rax
500. rax = globals::base; //lea rax, [0xFFFFFFFFFD216904]
501. r8 ^= rax; //xor r8, rax
502. return r8;
503. }
504. case 13:
505. {
506. r11 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r11, [0x00000000083ADBD8]
507. rax = r8; //mov rax, r8
508. rax >>= 0x1F; //shr rax, 0x1F
509. r8 ^= rax; //xor r8, rax
510. rcx = r8; //mov rcx, r8
511. rax = globals::base; //lea rax, [0xFFFFFFFFFD216408]
512. rcx >>= 0x3E; //shr rcx, 0x3E
513. rcx ^= r8; //xor rcx, r8
514. rdx = 0; //and rdx, 0xFFFFFFFFC0000000
515. rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
516. r8 = rbx; //mov r8, rbx
517. r8 = ~r8; //not r8
518. rdx ^= r11; //xor rdx, r11
519. r8 += rcx; //add r8, rcx
520. rdx = ~rdx; //not rdx
521. r8 -= rax; //sub r8, rax
522. r8 -= 0x6929AFAC; //sub r8, 0x6929AFAC
523. r8 *= mem.Read<uintptr_t>(rdx + 0x9); //imul r8, [rdx+0x09]
524. rax = r8; //mov rax, r8
525. rax >>= 0x18; //shr rax, 0x18
526. r8 ^= rax; //xor r8, rax
527. rax = r8; //mov rax, r8
528. rax >>= 0x30; //shr rax, 0x30
529. r8 ^= rax; //xor r8, rax
530. rax = 0x69651B1AF033619B; //mov rax, 0x69651B1AF033619B
531. r8 += rbx; //add r8, rbx
532. r8 *= rax; //imul r8, rax
533. rax = 0x29BBD1B30DFD9417; //mov rax, 0x29BBD1B30DFD9417
534. r8 *= rax; //imul r8, rax
535. rax = 0xA7B8F15C4FABBB6C; //mov rax, 0xA7B8F15C4FABBB6C
536. r8 ^= rax; //xor r8, rax
537. return r8;
538. }
539. case 14:
540. {
541. r9 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r9, [0x00000000083AD768]
542. r8 += rbx; //add r8, rbx
543. rax = globals::base + 0x8D0; //lea rax, [0xFFFFFFFFFD216AA6]
544. rax -= rbx; //sub rax, rbx
545. r8 += rax; //add r8, rax
546. rax = 0xBC0AAA7E98B1663A; //mov rax, 0xBC0AAA7E98B1663A
547. r8 ^= rax; //xor r8, rax
548. rax = 0x54D1F9305B205B45; //mov rax, 0x54D1F9305B205B45
549. r8 *= rax; //imul r8, rax
550. rax = r8; //mov rax, r8
551. rax >>= 0xA; //shr rax, 0x0A
552. r8 ^= rax; //xor r8, rax
553. rax = r8; //mov rax, r8
554. rax >>= 0x14; //shr rax, 0x14
555. r8 ^= rax; //xor r8, rax
556. rax = r8; //mov rax, r8
557. rax >>= 0x28; //shr rax, 0x28
558. r8 ^= rax; //xor r8, rax
559. rax = r8; //mov rax, r8
560. rax >>= 0x12; //shr rax, 0x12
561. r8 ^= rax; //xor r8, rax
562. rax = r8; //mov rax, r8
563. rax >>= 0x24; //shr rax, 0x24
564. r8 ^= rax; //xor r8, rax
565. rax = 0xFFFFFFFFDE23E20A; //mov rax, 0xFFFFFFFFDE23E20A
566. rax -= rbx; //sub rax, rbx
567. rax -= driver.base_addr; //sub rax, [rsp+0x78] -- didn't find trace -> use base
568. r8 += rax; //add r8, rax
569. rax = 0; //and rax, 0xFFFFFFFFC0000000
570. rax = _rotl64(rax, 0x10); //rol rax, 0x10
571. rax ^= r9; //xor rax, r9
572. rax = ~rax; //not rax
573. r8 *= mem.Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
574. return r8;
575. }
576. case 15:
577. {
578. r10 = mem.Read<uintptr_t>(globals::base + 0xB1973EA); //mov r10, [0x00000000083AD2E3]
579. rax = 0; //and rax, 0xFFFFFFFFC0000000
580. rax = _rotl64(rax, 0x10); //rol rax, 0x10
581. rax ^= r10; //xor rax, r10
582. rax = ~rax; //not rax
583. rax = mem.Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
584. uintptr_t RSP_0xFFFFFFFFFFFFFFC0;
585. RSP_0xFFFFFFFFFFFFFFC0 = 0x3A27415DA31CA989; //mov rax, 0x3A27415DA31CA989 : RBP+0xFFFFFFFFFFFFFFC0
586. rax *= RSP_0xFFFFFFFFFFFFFFC0; //imul rax, [rbp-0x40]
587. r8 *= rax; //imul r8, rax
588. rax = 0x6F6A3BE0CADE4A54; //mov rax, 0x6F6A3BE0CADE4A54
589. r8 -= rax; //sub r8, rax
590. r8 -= rbx; //sub r8, rbx
591. rax = r8; //mov rax, r8
592. rax >>= 0x13; //shr rax, 0x13
593. rcx = rbx; //mov rcx, rbx
594. r8 ^= rax; //xor r8, rax
595. rcx = ~rcx; //not rcx
596. rax = globals::base + 0x76BB; //lea rax, [0xFFFFFFFFFD21D455]
597. rax = ~rax; //not rax
598. rcx *= rax; //imul rcx, rax
599. rax = r8; //mov rax, r8
600. rax >>= 0x26; //shr rax, 0x26
601. r8 ^= rax; //xor r8, rax
602. r8 += rcx; //add r8, rcx
603. rax = r8; //mov rax, r8
604. rax >>= 0x28; //shr rax, 0x28
605. r8 ^= rax; //xor r8, rax
606. rax = 0x3224CE0A9BEB6A6E; //mov rax, 0x3224CE0A9BEB6A6E
607. r8 -= rax; //sub r8, rax
608. return r8;
609. }
610. }
611. }
612. uintptr_t GetCmdTextArray()
613. {
614. const uint64_t mb = globals::base;
615. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
616. rcx = mem.Read<uintptr_t>(globals::base + 0x10FB6108);
617. if(!rcx)
618. return rcx;
619. r11 = globals::vaPeb; //mov r11, gs:[rdx]
620. //failed to translate: mov [rsp+0x90], r12
621. rdx = r11; //mov rdx, r11
622. rdx = _rotl64(rdx, 0x22); //rol rdx, 0x22
623. rdx &= 0xF;
624. switch(rdx) {
625. case 0:
626. {
627. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DE758]
628. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF472E8]
629. r15 = globals::base + 0x5E33; //lea r15, [0xFFFFFFFFFBF4D10F]
630. rax = rcx; //mov rax, rcx
631. rax >>= 0x1B; //shr rax, 0x1B
632. rcx ^= rax; //xor rcx, rax
633. rax = rcx; //mov rax, rcx
634. rax >>= 0x36; //shr rax, 0x36
635. rcx ^= rax; //xor rcx, rax
636. rax = 0xB5E3A5C14A756615; //mov rax, 0xB5E3A5C14A756615
637. rcx ^= rax; //xor rcx, rax
638. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
639. rax = r11; //mov rax, r11
640. rax *= r15; //imul rax, r15
641. rcx += rax; //add rcx, rax
642. rax = rcx; //mov rax, rcx
643. rax >>= 0x17; //shr rax, 0x17
644. rcx ^= rax; //xor rcx, rax
645. rax = rcx; //mov rax, rcx
646. rax >>= 0x2E; //shr rax, 0x2E
647. rcx ^= rax; //xor rcx, rax
648. rcx += rbx; //add rcx, rbx
649. rax = 0x451CDD50ED47051D; //mov rax, 0x451CDD50ED47051D
650. rcx *= rax; //imul rcx, rax
651. rax = rcx; //mov rax, rcx
652. rax >>= 0x27; //shr rax, 0x27
653. rcx ^= rax; //xor rcx, rax
654. return rcx;
655. }
656. case 1:
657. {
658. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DE264]
659. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF46DF4]
660. rcx ^= rbx; //xor rcx, rbx
661. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
662. rax = 0x3F5FF8759C0450AD; //mov rax, 0x3F5FF8759C0450AD
663. rcx *= rax; //imul rcx, rax
664. rax = 0x49224897BA23AD81; //mov rax, 0x49224897BA23AD81
665. rcx *= rax; //imul rcx, rax
666. rax = rcx; //mov rax, rcx
667. rax >>= 0x26; //shr rax, 0x26
668. rcx ^= rax; //xor rcx, rax
669. rax = 0x9308B88C835A243; //mov rax, 0x9308B88C835A243
670. rcx -= rax; //sub rcx, rax
671. return rcx;
672. }
673. case 2:
674. {
675. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DDE40]
676. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF469D0]
677. r12 = globals::base + 0xC499; //lea r12, [0xFFFFFFFFFBF52E58]
678. rcx ^= r11; //xor rcx, r11
679. rcx ^= r12; //xor rcx, r12
680. rcx += r11; //add rcx, r11
681. rax = 0xDD209D02F3077017; //mov rax, 0xDD209D02F3077017
682. rcx *= rax; //imul rcx, rax
683. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
684. rax = rcx; //mov rax, rcx
685. rax >>= 0x12; //shr rax, 0x12
686. rcx ^= rax; //xor rcx, rax
687. rax = rcx; //mov rax, rcx
688. rax >>= 0x24; //shr rax, 0x24
689. rcx ^= rax; //xor rcx, rax
690. rax = 0x7B3DE336F351C129; //mov rax, 0x7B3DE336F351C129
691. rcx -= rax; //sub rcx, rax
692. rcx ^= rbx; //xor rcx, rbx
693. return rcx;
694. }
695. case 3:
696. {
697. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DDAA0]
698. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF46625]
699. rax = 0x292A737D3A8A003D; //mov rax, 0x292A737D3A8A003D
700. rcx *= rax; //imul rcx, rax
701. rcx ^= r11; //xor rcx, r11
702. rcx ^= r11; //xor rcx, r11
703. rcx -= rbx; //sub rcx, rbx
704. rax = rcx; //mov rax, rcx
705. rax >>= 0x19; //shr rax, 0x19
706. rcx ^= rax; //xor rcx, rax
707. rax = rcx; //mov rax, rcx
708. rax >>= 0x32; //shr rax, 0x32
709. rcx ^= rax; //xor rcx, rax
710. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
711. rdx = r11; //mov rdx, r11
712. rdx = ~rdx; //not rdx
713. rax = globals::base + 0x4F2A; //lea rax, [0xFFFFFFFFFBF4B190]
714. rcx += rax; //add rcx, rax
715. rcx += rdx; //add rcx, rdx
716. rax = 0x1D53DC9394D6C68A; //mov rax, 0x1D53DC9394D6C68A
717. rcx += rax; //add rcx, rax
718. return rcx;
719. }
720. case 4:
721. {
722. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DD66B]
723. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF461FB]
724. r14 = globals::base + 0x46C0CD17; //lea r14, [0x0000000042B52F06]
725. rax = rcx; //mov rax, rcx
726. rax >>= 0x10; //shr rax, 0x10
727. rcx ^= rax; //xor rcx, rax
728. rax = rcx; //mov rax, rcx
729. rax >>= 0x20; //shr rax, 0x20
730. rcx ^= rax; //xor rcx, rax
731. rcx ^= r11; //xor rcx, r11
732. rcx ^= r14; //xor rcx, r14
733. rax = rcx; //mov rax, rcx
734. rax >>= 0x17; //shr rax, 0x17
735. rcx ^= rax; //xor rcx, rax
736. rax = rcx; //mov rax, rcx
737. rax >>= 0x2E; //shr rax, 0x2E
738. rcx ^= rax; //xor rcx, rax
739. rax = 0x2A27FA74C256E0E7; //mov rax, 0x2A27FA74C256E0E7
740. rcx *= rax; //imul rcx, rax
741. rcx += rbx; //add rcx, rbx
742. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
743. rax = 0xE889A0595E16BFDB; //mov rax, 0xE889A0595E16BFDB
744. rcx *= rax; //imul rcx, rax
745. return rcx;
746. }
747. case 5:
748. {
749. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DD152]
750. r14 = globals::base + 0x6CA3; //lea r14, [0xFFFFFFFFFBF4C985]
751. rax = 0x4694415E362AF97D; //mov rax, 0x4694415E362AF97D
752. rcx *= rax; //imul rcx, rax
753. rax = rcx; //mov rax, rcx
754. rax >>= 0xE; //shr rax, 0x0E
755. rcx ^= rax; //xor rcx, rax
756. rax = rcx; //mov rax, rcx
757. rax >>= 0x1C; //shr rax, 0x1C
758. rcx ^= rax; //xor rcx, rax
759. rax = rcx; //mov rax, rcx
760. rax >>= 0x38; //shr rax, 0x38
761. rcx ^= rax; //xor rcx, rax
762. rax = 0x2A796B075D8038A1; //mov rax, 0x2A796B075D8038A1
763. rcx ^= rax; //xor rcx, rax
764. rcx += r11; //add rcx, r11
765. rax = 0x3212ABD7EB1A3183; //mov rax, 0x3212ABD7EB1A3183
766. rcx += rax; //add rcx, rax
767. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
768. rax = r11; //mov rax, r11
769. rax *= r14; //imul rax, r14
770. rcx -= rax; //sub rcx, rax
771. rax = rcx; //mov rax, rcx
772. rax >>= 0x18; //shr rax, 0x18
773. rcx ^= rax; //xor rcx, rax
774. rax = rcx; //mov rax, rcx
775. rax >>= 0x30; //shr rax, 0x30
776. rcx ^= rax; //xor rcx, rax
777. return rcx;
778. }
779. case 6:
780. {
781. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DCC83]
782. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF45813]
783. r12 = globals::base + 0x2407; //lea r12, [0xFFFFFFFFFBF47C0E]
784. r13 = globals::base + 0xD54B; //lea r13, [0xFFFFFFFFFBF52D47]
785. rax = rcx; //mov rax, rcx
786. rax >>= 0x8; //shr rax, 0x08
787. rcx ^= rax; //xor rcx, rax
788. rax = rcx; //mov rax, rcx
789. rax >>= 0x10; //shr rax, 0x10
790. rcx ^= rax; //xor rcx, rax
791. rax = rcx; //mov rax, rcx
792. rax >>= 0x20; //shr rax, 0x20
793. rcx ^= rax; //xor rcx, rax
794. rax = rcx; //mov rax, rcx
795. rax >>= 0xF; //shr rax, 0x0F
796. rcx ^= rax; //xor rcx, rax
797. rax = rcx; //mov rax, rcx
798. rax >>= 0x1E; //shr rax, 0x1E
799. rcx ^= rax; //xor rcx, rax
800. rdx = rcx; //mov rdx, rcx
801. rdx >>= 0x3C; //shr rdx, 0x3C
802. rax = r12; //mov rax, r12
803. rax = ~rax; //not rax
804. rdx ^= rax; //xor rdx, rax
805. rdx ^= r11; //xor rdx, r11
806. rcx ^= rdx; //xor rcx, rdx
807. rax = rbx + 0x86d9; //lea rax, [rbx+0x86D9]
808. rax += r11; //add rax, r11
809. rcx ^= rax; //xor rcx, rax
810. rax = 0x394D31FBFC54D5C7; //mov rax, 0x394D31FBFC54D5C7
811. rcx *= rax; //imul rcx, rax
812. rax = r13; //mov rax, r13
813. rax = ~rax; //not rax
814. rax *= r11; //imul rax, r11
815. rcx ^= rax; //xor rcx, rax
816. rax = 0xF248AD144683687F; //mov rax, 0xF248AD144683687F
817. rcx *= rax; //imul rcx, rax
818. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
819. return rcx;
820. }
821. case 7:
822. {
823. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DC7CF]
824. r15 = globals::base + 0xF2B7; //lea r15, [0xFFFFFFFFFBF54616]
825. r14 = globals::base + 0x727BCC8E; //lea r14, [0x000000006E701FE1]
826. rcx += r14; //add rcx, r14
827. rdx = r11; //mov rdx, r11
828. rdx = ~rdx; //not rdx
829. rax = rdx; //mov rax, rdx
830. rax ^= r15; //xor rax, r15
831. rdx -= rax; //sub rdx, rax
832. rcx += rdx; //add rcx, rdx
833. rax = rcx; //mov rax, rcx
834. rax >>= 0x18; //shr rax, 0x18
835. rcx ^= rax; //xor rcx, rax
836. rax = rcx; //mov rax, rcx
837. rax >>= 0x30; //shr rax, 0x30
838. rcx ^= rax; //xor rcx, rax
839. rax = 0x2B8B78BC1D92212A; //mov rax, 0x2B8B78BC1D92212A
840. rcx -= rax; //sub rcx, rax
841. rax = rcx; //mov rax, rcx
842. rax >>= 0x17; //shr rax, 0x17
843. rcx ^= rax; //xor rcx, rax
844. rax = rcx; //mov rax, rcx
845. rax >>= 0x2E; //shr rax, 0x2E
846. rcx ^= rax; //xor rcx, rax
847. rax = 0x49781D9754795626; //mov rax, 0x49781D9754795626
848. rcx ^= rax; //xor rcx, rax
849. rax = 0xE1A998C5EA9145DD; //mov rax, 0xE1A998C5EA9145DD
850. rcx *= rax; //imul rcx, rax
851. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
852. return rcx;
853. }
854. case 8:
855. {
856. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DC3B0]
857. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF44F40]
858. rcx ^= r11; //xor rcx, r11
859. rax = 0xD0FA4725C1F6A4DB; //mov rax, 0xD0FA4725C1F6A4DB
860. rcx *= rax; //imul rcx, rax
861. rcx += rbx; //add rcx, rbx
862. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
863. rax = 0x2280D092AFB637A3; //mov rax, 0x2280D092AFB637A3
864. rcx ^= rax; //xor rcx, rax
865. rax = rcx; //mov rax, rcx
866. rax >>= 0x21; //shr rax, 0x21
867. rcx ^= rax; //xor rcx, rax
868. rax = rcx; //mov rax, rcx
869. rax >>= 0x1D; //shr rax, 0x1D
870. rcx ^= rax; //xor rcx, rax
871. rax = rcx; //mov rax, rcx
872. rax >>= 0x3A; //shr rax, 0x3A
873. rcx ^= rax; //xor rcx, rax
874. return rcx;
875. }
876. case 9:
877. {
878. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DBF80]
879. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF44B10]
880. r14 = globals::base + 0xF805; //lea r14, [0xFFFFFFFFFBF54304]
881. rax = r11; //mov rax, r11
882. rax *= r14; //imul rax, r14
883. rcx -= rax; //sub rcx, rax
884. rcx += r11; //add rcx, r11
885. rax = globals::base + 0x34E2; //lea rax, [0xFFFFFFFFFBF47F63]
886. rcx += rax; //add rcx, rax
887. rax = 0xD670AE07CD87C44B; //mov rax, 0xD670AE07CD87C44B
888. rcx *= rax; //imul rcx, rax
889. rax = rcx; //mov rax, rcx
890. rax >>= 0x11; //shr rax, 0x11
891. rcx ^= rax; //xor rcx, rax
892. rax = rcx; //mov rax, rcx
893. rax >>= 0x22; //shr rax, 0x22
894. rcx ^= rax; //xor rcx, rax
895. rax = mem.Read<uintptr_t>(r10 + 0x15); //mov rax, [r10+0x15]
896. rdx = 0x7DF246B4B47C04D; //mov rdx, 0x7DF246B4B47C04D
897. rax *= rdx; //imul rax, rdx
898. rcx *= rax; //imul rcx, rax
899. rax = r11; //mov rax, r11
900. rax -= rbx; //sub rax, rbx
901. rax -= 0x3EA4E863; //sub rax, 0x3EA4E863
902. rcx ^= rax; //xor rcx, rax
903. rax = 0x6EAEB149F1BB523E; //mov rax, 0x6EAEB149F1BB523E
904. rcx ^= rax; //xor rcx, rax
905. return rcx;
906. }
907. case 10:
908. {
909. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DBC30]
910. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF447C0]
911. rcx += r11; //add rcx, r11
912. rcx ^= rbx; //xor rcx, rbx
913. rcx -= rbx; //sub rcx, rbx
914. rax = 0xC2C77ADBEA06CC71; //mov rax, 0xC2C77ADBEA06CC71
915. rcx *= rax; //imul rcx, rax
916. rax = rcx; //mov rax, rcx
917. rax >>= 0x20; //shr rax, 0x20
918. rcx ^= rax; //xor rcx, rax
919. rax = 0x6ABDE99A4C942C1D; //mov rax, 0x6ABDE99A4C942C1D
920. rcx -= rax; //sub rcx, rax
921. rax = rcx; //mov rax, rcx
922. rax >>= 0xB; //shr rax, 0x0B
923. rcx ^= rax; //xor rcx, rax
924. rax = rcx; //mov rax, rcx
925. rax >>= 0x16; //shr rax, 0x16
926. rcx ^= rax; //xor rcx, rax
927. rax = rcx; //mov rax, rcx
928. rax >>= 0x2C; //shr rax, 0x2C
929. rcx ^= rax; //xor rcx, rax
930. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
931. return rcx;
932. }
933. case 11:
934. {
935. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DB843]
936. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF443D3]
937. rax = rcx; //mov rax, rcx
938. rax >>= 0xA; //shr rax, 0x0A
939. rcx ^= rax; //xor rcx, rax
940. rax = rcx; //mov rax, rcx
941. rax >>= 0x14; //shr rax, 0x14
942. rcx ^= rax; //xor rcx, rax
943. rax = rcx; //mov rax, rcx
944. rax >>= 0x28; //shr rax, 0x28
945. rcx ^= rax; //xor rcx, rax
946. rcx -= r11; //sub rcx, r11
947. rax = rbx + 0x723d2a5a; //lea rax, [rbx+0x723D2A5A]
948. rax += r11; //add rax, r11
949. rcx ^= rax; //xor rcx, rax
950. rax = 0x405646879A90A4B1; //mov rax, 0x405646879A90A4B1
951. rcx *= rax; //imul rcx, rax
952. rax = 0x7E1BE77430218FC2; //mov rax, 0x7E1BE77430218FC2
953. rcx += rax; //add rcx, rax
954. rax = 0xF28B8C5F9F41196A; //mov rax, 0xF28B8C5F9F41196A
955. rcx ^= rax; //xor rcx, rax
956. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
957. rax = rcx; //mov rax, rcx
958. rax >>= 0xF; //shr rax, 0x0F
959. rcx ^= rax; //xor rcx, rax
960. rax = rcx; //mov rax, rcx
961. rax >>= 0x1E; //shr rax, 0x1E
962. rcx ^= rax; //xor rcx, rax
963. rax = rcx; //mov rax, rcx
964. rax >>= 0x3C; //shr rax, 0x3C
965. rcx ^= rax; //xor rcx, rax
966. return rcx;
967. }
968. case 12:
969. {
970. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DB38E]
971. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF43F1E]
972. r15 = globals::base + 0x339332F9; //lea r15, [0x000000002F877206]
973. rax = r11; //mov rax, r11
974. rax *= r15; //imul rax, r15
975. rcx -= rax; //sub rcx, rax
976. rax = 0x3038E6AB6FEAABA9; //mov rax, 0x3038E6AB6FEAABA9
977. rcx *= rax; //imul rcx, rax
978. rcx ^= r11; //xor rcx, r11
979. rcx += r11; //add rcx, r11
980. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
981. rcx -= rbx; //sub rcx, rbx
982. rax = rcx; //mov rax, rcx
983. rax >>= 0x25; //shr rax, 0x25
984. rcx ^= rax; //xor rcx, rax
985. rcx += r11; //add rcx, r11
986. return rcx;
987. }
988. case 13:
989. {
990. r10 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r10, [0x00000000070DAFEB]
991. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF43B7B]
992. rax = globals::base + 0x45FE7DB0; //lea rax, [0x0000000041F2B7F4]
993. rax -= r11; //sub rax, r11
994. rcx ^= rax; //xor rcx, rax
995. rax = rbx + 0x44c85679; //lea rax, [rbx+0x44C85679]
996. rax += r11; //add rax, r11
997. rcx += rax; //add rcx, rax
998. rcx *= mem.Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
999. rax = rcx; //mov rax, rcx
1000. rax >>= 0x1B; //shr rax, 0x1B
1001. rcx ^= rax; //xor rcx, rax
1002. rax = rcx; //mov rax, rcx
1003. rax >>= 0x36; //shr rax, 0x36
1004. rcx ^= rax; //xor rcx, rax
1005. rax = 0xDC51C6CA5ECBE269; //mov rax, 0xDC51C6CA5ECBE269
1006. rcx *= rax; //imul rcx, rax
1007. rax = rbx * 0xFFFFFFFFFFFFFFFE; //imul rax, rbx, 0xFFFFFFFFFFFFFFFE
1008. rcx += rax; //add rcx, rax
1009. rax = 0xA8C2E47322E167D3; //mov rax, 0xA8C2E47322E167D3
1010. rcx -= r11; //sub rcx, r11
1011. rcx -= 0x6842; //sub rcx, 0x6842
1012. rcx ^= rax; //xor rcx, rax
1013. return rcx;
1014. }
1015. case 14:
1016. {
1017. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DABE4]
1018. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF43774]
1019. rcx ^= rbx; //xor rcx, rbx
1020. rax = 0xC2092D064BD7621B; //mov rax, 0xC2092D064BD7621B
1021. rcx *= rax; //imul rcx, rax
1022. rax = rcx; //mov rax, rcx
1023. rax >>= 0xA; //shr rax, 0x0A
1024. rcx ^= rax; //xor rcx, rax
1025. rax = rcx; //mov rax, rcx
1026. rax >>= 0x14; //shr rax, 0x14
1027. rcx ^= rax; //xor rcx, rax
1028. rax = rcx; //mov rax, rcx
1029. rax >>= 0x28; //shr rax, 0x28
1030. rcx ^= rax; //xor rcx, rax
1031. rax = globals::base + 0xB084; //lea rax, [0xFFFFFFFFFBF4E4A1]
1032. rcx += r11; //add rcx, r11
1033. rcx += rax; //add rcx, rax
1034. rax = r11; //mov rax, r11
1035. rax -= rbx; //sub rax, rbx
1036. rax -= 0xB9AC; //sub rax, 0xB9AC
1037. rcx ^= rax; //xor rcx, rax
1038. rax = 0x9883AEFFA28B11D0; //mov rax, 0x9883AEFFA28B11D0
1039. rcx ^= rax; //xor rcx, rax
1040. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
1041. rax = rcx; //mov rax, rcx
1042. rax >>= 0x1D; //shr rax, 0x1D
1043. rcx ^= rax; //xor rcx, rax
1044. rax = rcx; //mov rax, rcx
1045. rax >>= 0x3A; //shr rax, 0x3A
1046. rcx ^= rax; //xor rcx, rax
1047. return rcx;
1048. }
1049. case 15:
1050. {
1051. r9 = mem.Read<uintptr_t>(globals::base + 0xB197469); //mov r9, [0x00000000070DA71C]
1052. rbx = globals::base; //lea rbx, [0xFFFFFFFFFBF432AC]
1053. rcx ^= rbx; //xor rcx, rbx
1054. rax = 0x62EE0D555FE38340; //mov rax, 0x62EE0D555FE38340
1055. rcx -= rax; //sub rcx, rax
1056. rax = rcx; //mov rax, rcx
1057. rax >>= 0x24; //shr rax, 0x24
1058. rcx ^= rax; //xor rcx, rax
1059. rcx *= mem.Read<uintptr_t>(r9 + 0x15); //imul rcx, [r9+0x15]
1060. rax = 0x8821DA37E07E4065; //mov rax, 0x8821DA37E07E4065
1061. rcx *= rax; //imul rcx, rax
1062. rcx += rbx; //add rcx, rbx
1063. rax = rcx; //mov rax, rcx
1064. rax >>= 0x14; //shr rax, 0x14
1065. rcx ^= rax; //xor rcx, rax
1066. rax = rcx; //mov rax, rcx
1067. rax >>= 0x28; //shr rax, 0x28
1068. rcx ^= rax; //xor rcx, rax
1069. rax = 0x6535948A0956C067; //mov rax, 0x6535948A0956C067
1070. rcx *= rax; //imul rcx, rax
1071. return rcx;
1072. }
1073. }
1074. }
1075. uintptr_t decrypt_client_active()
1076. {
1077. const uint64_t mb = globals::base;
1078. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
1079. rax = mem.Read<uintptr_t>(rdx + 0xb386bd0);
1080. if(!rax)
1081. return rax;
1082. rbx = globals::vaPeb; //mov rbx, gs:[rcx]
1083. //failed to translate: mov [rsp+0x68], rdi
1084. rcx = rbx; //mov rcx, rbx
1085. //failed to translate: mov [rsp+0x60], r12
1086. rcx = _rotr64(rcx, 0x1D); //ror rcx, 0x1D
1087. //failed to translate: mov [rsp+0x58], r13
1088. rcx &= 0xF;
1089. switch(rcx) {
1090. case 0:
1091. {
1092. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x00000000091683A6]
1093. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFD0F91]
1094. rcx = 0x75A35BF5EC482D53; //mov rcx, 0x75A35BF5EC482D53
1095. rax -= rcx; //sub rax, rcx
1096. rcx = r11 + 0x39674f96; //lea rcx, [r11+0x39674F96]
1097. rcx += rbx; //add rcx, rbx
1098. rax ^= rcx; //xor rax, rcx
1099. rcx = rax; //mov rcx, rax
1100. rcx >>= 0x7; //shr rcx, 0x07
1101. rax ^= rcx; //xor rax, rcx
1102. rcx = rax; //mov rcx, rax
1103. rcx >>= 0xE; //shr rcx, 0x0E
1104. rax ^= rcx; //xor rax, rcx
1105. rcx = rax; //mov rcx, rax
1106. rcx >>= 0x1C; //shr rcx, 0x1C
1107. rax ^= rcx; //xor rax, rcx
1108. rcx = rax; //mov rcx, rax
1109. rcx >>= 0x38; //shr rcx, 0x38
1110. rax ^= rcx; //xor rax, rcx
1111. rcx = 0x7ED1321242287D37; //mov rcx, 0x7ED1321242287D37
1112. rax *= rcx; //imul rax, rcx
1113. rcx = rax; //mov rcx, rax
1114. rcx >>= 0x2; //shr rcx, 0x02
1115. rax ^= rcx; //xor rax, rcx
1116. rcx = rax; //mov rcx, rax
1117. rcx >>= 0x4; //shr rcx, 0x04
1118. rax ^= rcx; //xor rax, rcx
1119. rcx = rax; //mov rcx, rax
1120. rcx >>= 0x8; //shr rcx, 0x08
1121. rax ^= rcx; //xor rax, rcx
1122. rcx = rax; //mov rcx, rax
1123. rcx >>= 0x10; //shr rcx, 0x10
1124. rax ^= rcx; //xor rax, rcx
1125. rcx = rax; //mov rcx, rax
1126. rcx >>= 0x20; //shr rcx, 0x20
1127. rax ^= rcx; //xor rax, rcx
1128. rcx = rax; //mov rcx, rax
1129. rcx >>= 0x22; //shr rcx, 0x22
1130. rax ^= rcx; //xor rax, rcx
1131. rax += r11; //add rax, r11
1132. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1133. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1134. rcx ^= r10; //xor rcx, r10
1135. rcx = ~rcx; //not rcx
1136. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1137. return rax;
1138. }
1139. case 1:
1140. {
1141. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009167E9B]
1142. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFD0A86]
1143. r12 = globals::base + 0x2B0E; //lea r12, [0xFFFFFFFFFDFD357D]
1144. r13 = globals::base + 0x2982AAEB; //lea r13, [0x00000000277FB54E]
1145. rdx = rbx; //mov rdx, rbx
1146. rdx = ~rdx; //not rdx
1147. rdx ^= r12; //xor rdx, r12
1148. rcx = r11; //mov rcx, r11
1149. rcx -= rdx; //sub rcx, rdx
1150. rax += rcx; //add rax, rcx
1151. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1152. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1153. rcx ^= r10; //xor rcx, r10
1154. rcx = ~rcx; //not rcx
1155. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1156. rcx = rbx; //mov rcx, rbx
1157. rcx ^= r13; //xor rcx, r13
1158. rax -= rcx; //sub rax, rcx
1159. rcx = rax; //mov rcx, rax
1160. rcx >>= 0x5; //shr rcx, 0x05
1161. rax ^= rcx; //xor rax, rcx
1162. rcx = rax; //mov rcx, rax
1163. rcx >>= 0xA; //shr rcx, 0x0A
1164. rax ^= rcx; //xor rax, rcx
1165. rcx = rax; //mov rcx, rax
1166. rcx >>= 0x14; //shr rcx, 0x14
1167. rax ^= rcx; //xor rax, rcx
1168. rcx = rax; //mov rcx, rax
1169. rcx >>= 0x28; //shr rcx, 0x28
1170. rax ^= rcx; //xor rax, rcx
1171. rcx = rax; //mov rcx, rax
1172. rcx >>= 0x10; //shr rcx, 0x10
1173. rax ^= rcx; //xor rax, rcx
1174. rcx = rax; //mov rcx, rax
1175. rcx >>= 0x20; //shr rcx, 0x20
1176. rax ^= rcx; //xor rax, rcx
1177. rcx = 0x395F229C1F64329; //mov rcx, 0x395F229C1F64329
1178. rax *= rcx; //imul rax, rcx
1179. rcx = 0x90CE9B89EFABB41; //mov rcx, 0x90CE9B89EFABB41
1180. rax -= rcx; //sub rax, rcx
1181. return rax;
1182. }
1183. case 2:
1184. {
1185. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009167923]
1186. r14 = globals::base + 0x30F0A65E; //lea r14, [0x000000002EEDAB60]
1187. r15 = globals::base + 0x8EAC; //lea r15, [0xFFFFFFFFFDFD93A3]
1188. rdx = rbx; //mov rdx, rbx
1189. rdx = ~rdx; //not rdx
1190. rax += r15; //add rax, r15
1191. rcx = rbx; //mov rcx, rbx
1192. rcx *= r14; //imul rcx, r14
1193. rdx -= rcx; //sub rdx, rcx
1194. rax += rdx; //add rax, rdx
1195. rcx = 0xF7070315E5585D71; //mov rcx, 0xF7070315E5585D71
1196. rax ^= rcx; //xor rax, rcx
1197. rcx = 0x5C10EC95D52AE35C; //mov rcx, 0x5C10EC95D52AE35C
1198. rax += rcx; //add rax, rcx
1199. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1200. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1201. rcx ^= r10; //xor rcx, r10
1202. rcx = ~rcx; //not rcx
1203. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1204. rcx = rax; //mov rcx, rax
1205. rcx >>= 0x9; //shr rcx, 0x09
1206. rax ^= rcx; //xor rax, rcx
1207. rcx = rax; //mov rcx, rax
1208. rcx >>= 0x12; //shr rcx, 0x12
1209. rax ^= rcx; //xor rax, rcx
1210. rcx = rax; //mov rcx, rax
1211. rcx >>= 0x24; //shr rcx, 0x24
1212. rax ^= rcx; //xor rax, rcx
1213. rcx = 0xEAF8DD4E7DAEE839; //mov rcx, 0xEAF8DD4E7DAEE839
1214. rax *= rcx; //imul rax, rcx
1215. rax -= rbx; //sub rax, rbx
1216. return rax;
1217. }
1218. case 3:
1219. {
1220. r9 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r9, [0x000000000916748F]
1221. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFD007A]
1222. rcx = rax; //mov rcx, rax
1223. rcx >>= 0x20; //shr rcx, 0x20
1224. rax ^= rcx; //xor rax, rcx
1225. rcx = 0x5EF0345657B7395; //mov rcx, 0x5EF0345657B7395
1226. rax *= rcx; //imul rax, rcx
1227. rcx = 0xACDBE6CC0EC7F1D6; //mov rcx, 0xACDBE6CC0EC7F1D6
1228. rax ^= rcx; //xor rax, rcx
1229. rax += rbx; //add rax, rbx
1230. rcx = rax; //mov rcx, rax
1231. rcx >>= 0x28; //shr rcx, 0x28
1232. rax ^= rcx; //xor rax, rcx
1233. rax ^= r11; //xor rax, r11
1234. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1235. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1236. rcx ^= r9; //xor rcx, r9
1237. rcx = ~rcx; //not rcx
1238. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1239. rax += r11; //add rax, r11
1240. return rax;
1241. }
1242. case 4:
1243. {
1244. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009167023]
1245. r15 = globals::base + 0xA062; //lea r15, [0xFFFFFFFFFDFD9C64]
1246. r12 = globals::base + 0x29D008DE; //lea r12, [0x0000000027CD04D5]
1247. rcx = 0x61F81B41A154355F; //mov rcx, 0x61F81B41A154355F
1248. rax += rcx; //add rax, rcx
1249. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1250. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1251. rcx ^= r10; //xor rcx, r10
1252. rcx = ~rcx; //not rcx
1253. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1254. rcx = 0x60C7116DFD4132B; //mov rcx, 0x60C7116DFD4132B
1255. rax *= rcx; //imul rax, rcx
1256. rcx = rax; //mov rcx, rax
1257. rcx >>= 0x3; //shr rcx, 0x03
1258. rax ^= rcx; //xor rax, rcx
1259. rcx = rax; //mov rcx, rax
1260. rcx >>= 0x6; //shr rcx, 0x06
1261. rax ^= rcx; //xor rax, rcx
1262. rcx = rax; //mov rcx, rax
1263. rcx >>= 0xC; //shr rcx, 0x0C
1264. rax ^= rcx; //xor rax, rcx
1265. rcx = rax; //mov rcx, rax
1266. rcx >>= 0x18; //shr rcx, 0x18
1267. rax ^= rcx; //xor rax, rcx
1268. rdx = rax; //mov rdx, rax
1269. rdx >>= 0x30; //shr rdx, 0x30
1270. rdx ^= rax; //xor rdx, rax
1271. rax = rbx; //mov rax, rbx
1272. rax *= r12; //imul rax, r12
1273. rax += rdx; //add rax, rdx
1274. rcx = rbx; //mov rcx, rbx
1275. rcx *= r15; //imul rcx, r15
1276. rax ^= rcx; //xor rax, rcx
1277. rcx = rax; //mov rcx, rax
1278. rcx >>= 0x6; //shr rcx, 0x06
1279. rax ^= rcx; //xor rax, rcx
1280. rcx = rax; //mov rcx, rax
1281. rcx >>= 0xC; //shr rcx, 0x0C
1282. rax ^= rcx; //xor rax, rcx
1283. rcx = rax; //mov rcx, rax
1284. rcx >>= 0x18; //shr rcx, 0x18
1285. rax ^= rcx; //xor rax, rcx
1286. rcx = rax; //mov rcx, rax
1287. rcx >>= 0x30; //shr rcx, 0x30
1288. rax ^= rcx; //xor rax, rcx
1289. rcx = 0x7383B429035656CC; //mov rcx, 0x7383B429035656CC
1290. rax -= rcx; //sub rax, rcx
1291. return rax;
1292. }
1293. case 5:
1294. {
1295. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009166AED]
1296. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCF6D8]
1297. rcx = rax; //mov rcx, rax
1298. rcx >>= 0x1C; //shr rcx, 0x1C
1299. rax ^= rcx; //xor rax, rcx
1300. rcx = rax; //mov rcx, rax
1301. rcx >>= 0x38; //shr rcx, 0x38
1302. rax ^= rcx; //xor rax, rcx
1303. rcx = rax; //mov rcx, rax
1304. rcx >>= 0xD; //shr rcx, 0x0D
1305. rax ^= rcx; //xor rax, rcx
1306. rcx = rax; //mov rcx, rax
1307. rcx >>= 0x1A; //shr rcx, 0x1A
1308. rax ^= rcx; //xor rax, rcx
1309. rcx = rax; //mov rcx, rax
1310. rcx >>= 0x34; //shr rcx, 0x34
1311. rax ^= rcx; //xor rax, rcx
1312. rcx = 0xFA0DDD2C604B9D1F; //mov rcx, 0xFA0DDD2C604B9D1F
1313. rax *= rcx; //imul rax, rcx
1314. rcx = globals::base + 0x46B0; //lea rcx, [0xFFFFFFFFFDFD3B9A]
1315. rax -= rcx; //sub rax, rcx
1316. rax += rbx; //add rax, rbx
1317. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1318. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1319. rcx ^= r10; //xor rcx, r10
1320. rcx = ~rcx; //not rcx
1321. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1322. rcx = 0x64F0F35E29D4C7B9; //mov rcx, 0x64F0F35E29D4C7B9
1323. rax *= rcx; //imul rax, rcx
1324. rax -= r11; //sub rax, r11
1325. rax += 0xFFFFFFFFFFFF24CA; //add rax, 0xFFFFFFFFFFFF24CA
1326. rax += rbx; //add rax, rbx
1327. rcx = 0x249EDB181C0475B9; //mov rcx, 0x249EDB181C0475B9
1328. rax ^= rcx; //xor rax, rcx
1329. return rax;
1330. }
1331. case 6:
1332. {
1333. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x00000000091666C1]
1334. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCF2A1]
1335. rcx = rax; //mov rcx, rax
1336. rcx >>= 0x10; //shr rcx, 0x10
1337. rax ^= rcx; //xor rax, rcx
1338. rcx = rax; //mov rcx, rax
1339. rcx >>= 0x20; //shr rcx, 0x20
1340. rax ^= rcx; //xor rax, rcx
1341. rax += rbx; //add rax, rbx
1342. rdx = 0; //and rdx, 0xFFFFFFFFC0000000
1343. rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
1344. rdx ^= r10; //xor rdx, r10
1345. rcx = rbx; //mov rcx, rbx
1346. rcx -= r11; //sub rcx, r11
1347. r15 = 0xD29D6FF40A4A734D; //mov r15, 0xD29D6FF40A4A734D
1348. rcx += r15; //add rcx, r15
1349. rdx = ~rdx; //not rdx
1350. rax += rcx; //add rax, rcx
1351. rax *= mem.Read<uintptr_t>(rdx + 0xf); //imul rax, [rdx+0x0F]
1352. rcx = rbx; //mov rcx, rbx
1353. rcx -= r11; //sub rcx, r11
1354. rcx -= 0x160C0564; //sub rcx, 0x160C0564
1355. rax ^= rcx; //xor rax, rcx
1356. rcx = rbx; //mov rcx, rbx
1357. rcx = ~rcx; //not rcx
1358. rcx -= r11; //sub rcx, r11
1359. rcx -= 0x473E; //sub rcx, 0x473E
1360. rax ^= rcx; //xor rax, rcx
1361. rcx = 0xA4D2A49AD11FF335; //mov rcx, 0xA4D2A49AD11FF335
1362. rax *= rcx; //imul rax, rcx
1363. return rax;
1364. }
1365. case 7:
1366. {
1367. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009166223]
1368. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCEE0E]
1369. rcx = 0x8A9DA3385FC38B18; //mov rcx, 0x8A9DA3385FC38B18
1370. rax ^= rcx; //xor rax, rcx
1371. rax ^= rbx; //xor rax, rbx
1372. rdx = 0; //and rdx, 0xFFFFFFFFC0000000
1373. rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
1374. rdx ^= r10; //xor rdx, r10
1375. rdx = ~rdx; //not rdx
1376. rax *= mem.Read<uintptr_t>(rdx + 0xf); //imul rax, [rdx+0x0F]
1377. rdx = rbx; //mov rdx, rbx
1378. rcx = globals::base + 0x49AEB26D; //lea rcx, [0x0000000047AB9FA1]
1379. rdx = ~rdx; //not rdx
1380. rcx = ~rcx; //not rcx
1381. rdx *= rcx; //imul rdx, rcx
1382. rax ^= rdx; //xor rax, rdx
1383. rcx = rax; //mov rcx, rax
1384. rcx >>= 0xF; //shr rcx, 0x0F
1385. rax ^= rcx; //xor rax, rcx
1386. rcx = rax; //mov rcx, rax
1387. rcx >>= 0x1E; //shr rcx, 0x1E
1388. rax ^= rcx; //xor rax, rcx
1389. rcx = rax; //mov rcx, rax
1390. rcx >>= 0x3C; //shr rcx, 0x3C
1391. rax ^= rcx; //xor rax, rcx
1392. rcx = 0xF4D742FA3C9800A5; //mov rcx, 0xF4D742FA3C9800A5
1393. rax *= rcx; //imul rax, rcx
1394. rcx = 0x10F2E1DC08054DCE; //mov rcx, 0x10F2E1DC08054DCE
1395. rax ^= r11; //xor rax, r11
1396. rax -= rcx; //sub rax, rcx
1397. return rax;
1398. }
1399. case 8:
1400. {
1401. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009165DCD]
1402. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCE9B8]
1403. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1404. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1405. rcx ^= r10; //xor rcx, r10
1406. rcx = ~rcx; //not rcx
1407. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1408. rcx = rax; //mov rcx, rax
1409. rcx >>= 0x7; //shr rcx, 0x07
1410. rax ^= rcx; //xor rax, rcx
1411. rcx = rax; //mov rcx, rax
1412. rcx >>= 0xE; //shr rcx, 0x0E
1413. rax ^= rcx; //xor rax, rcx
1414. rcx = rax; //mov rcx, rax
1415. rcx >>= 0x1C; //shr rcx, 0x1C
1416. rax ^= rcx; //xor rax, rcx
1417. rcx = rax; //mov rcx, rax
1418. rcx >>= 0x38; //shr rcx, 0x38
1419. rax ^= rcx; //xor rax, rcx
1420. rcx = 0x95279C81D5942D9; //mov rcx, 0x95279C81D5942D9
1421. rax *= rcx; //imul rax, rcx
1422. rcx = 0x43F7B4F4DCCCEAA1; //mov rcx, 0x43F7B4F4DCCCEAA1
1423. rax -= r11; //sub rax, r11
1424. rax -= rcx; //sub rax, rcx
1425. rax ^= rbx; //xor rax, rbx
1426. rax ^= r11; //xor rax, r11
1427. rcx = 0x41A42223B53D6ABF; //mov rcx, 0x41A42223B53D6ABF
1428. rax *= rcx; //imul rax, rcx
1429. return rax;
1430. }
1431. case 9:
1432. {
1433. r9 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r9, [0x00000000091659B9]
1434. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCE5A4]
1435. rax ^= r11; //xor rax, r11
1436. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1437. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1438. rcx ^= r9; //xor rcx, r9
1439. rcx = ~rcx; //not rcx
1440. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1441. rax += rbx; //add rax, rbx
1442. rax ^= rbx; //xor rax, rbx
1443. rax -= r11; //sub rax, r11
1444. rcx = 0x4B6230D25E9BA161; //mov rcx, 0x4B6230D25E9BA161
1445. rax *= rcx; //imul rax, rcx
1446. rax += rbx; //add rax, rbx
1447. rcx = rax; //mov rcx, rax
1448. rcx >>= 0xE; //shr rcx, 0x0E
1449. rax ^= rcx; //xor rax, rcx
1450. rcx = rax; //mov rcx, rax
1451. rcx >>= 0x1C; //shr rcx, 0x1C
1452. rax ^= rcx; //xor rax, rcx
1453. rcx = rax; //mov rcx, rax
1454. rcx >>= 0x38; //shr rcx, 0x38
1455. rax ^= rcx; //xor rax, rcx
1456. return rax;
1457. }
1458. case 10:
1459. {
1460. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x000000000916550A]
1461. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCE0EA]
1462. r15 = globals::base + 0x2BB81C0C; //lea r15, [0x0000000029B4FCDF]
1463. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1464. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1465. rcx ^= r10; //xor rcx, r10
1466. rcx = ~rcx; //not rcx
1467. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1468. rcx = rbx; //mov rcx, rbx
1469. rcx -= r11; //sub rcx, r11
1470. rcx += 0xFFFFFFFFFFFFCAD7; //add rcx, 0xFFFFFFFFFFFFCAD7
1471. rax += rcx; //add rax, rcx
1472. rcx = rbx; //mov rcx, rbx
1473. rcx = ~rcx; //not rcx
1474. rcx += r15; //add rcx, r15
1475. rax ^= rcx; //xor rax, rcx
1476. rcx = rax; //mov rcx, rax
1477. rcx >>= 0x12; //shr rcx, 0x12
1478. rax ^= rcx; //xor rax, rcx
1479. rcx = rax; //mov rcx, rax
1480. rcx >>= 0x24; //shr rcx, 0x24
1481. rax ^= rcx; //xor rax, rcx
1482. rdx = rbx; //mov rdx, rbx
1483. rcx = globals::base + 0xEF52; //lea rcx, [0xFFFFFFFFFDFDCEC1]
1484. rdx = ~rdx; //not rdx
1485. rax += rcx; //add rax, rcx
1486. rax += rdx; //add rax, rdx
1487. rcx = 0x6763BC8B6D17752D; //mov rcx, 0x6763BC8B6D17752D
1488. rax *= rcx; //imul rax, rcx
1489. rcx = 0x8BEF7389669EF866; //mov rcx, 0x8BEF7389669EF866
1490. rax ^= rcx; //xor rax, rcx
1491. return rax;
1492. }
1493. case 11:
1494. {
1495. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009164FF7]
1496. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1497. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1498. rcx ^= r10; //xor rcx, r10
1499. rcx = ~rcx; //not rcx
1500. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1501. rax ^= rbx; //xor rax, rbx
1502. rcx = rax; //mov rcx, rax
1503. rcx >>= 0x1F; //shr rcx, 0x1F
1504. rax ^= rcx; //xor rax, rcx
1505. rcx = rax; //mov rcx, rax
1506. rcx >>= 0x3E; //shr rcx, 0x3E
1507. rax ^= rcx; //xor rax, rcx
1508. rdx = rbx; //mov rdx, rbx
1509. rdx = ~rdx; //not rdx
1510. rcx = globals::base + 0x923A; //lea rcx, [0xFFFFFFFFFDFD6BFE]
1511. rcx = ~rcx; //not rcx
1512. rdx += rcx; //add rdx, rcx
1513. rax ^= rdx; //xor rax, rdx
1514. rax += rbx; //add rax, rbx
1515. rcx = 0x9FC5A5033F4BA222; //mov rcx, 0x9FC5A5033F4BA222
1516. rax ^= rcx; //xor rax, rcx
1517. rcx = 0xEE85007B158F0715; //mov rcx, 0xEE85007B158F0715
1518. rax *= rcx; //imul rax, rcx
1519. rcx = 0x237F4FB43D19B0AB; //mov rcx, 0x237F4FB43D19B0AB
1520. rax ^= rcx; //xor rax, rcx
1521. return rax;
1522. }
1523. case 12:
1524. {
1525. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009164B27]
1526. r11 = globals::base + 0x12A67ACE; //lea r11, [0x0000000010A351D4]
1527. rcx = 0x1A8D56D056CAA6AD; //mov rcx, 0x1A8D56D056CAA6AD
1528. rax *= rcx; //imul rax, rcx
1529. rcx = r11; //mov rcx, r11
1530. rcx = ~rcx; //not rcx
1531. rcx -= rbx; //sub rcx, rbx
1532. rax ^= rcx; //xor rax, rcx
1533. rax ^= rbx; //xor rax, rbx
1534. rcx = 0xCF3780F20368ADFF; //mov rcx, 0xCF3780F20368ADFF
1535. rax *= rcx; //imul rax, rcx
1536. rcx = rax; //mov rcx, rax
1537. rcx >>= 0x15; //shr rcx, 0x15
1538. rax ^= rcx; //xor rax, rcx
1539. rdx = 0; //and rdx, 0xFFFFFFFFC0000000
1540. rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
1541. rcx = rax; //mov rcx, rax
1542. rdx ^= r10; //xor rdx, r10
1543. rcx >>= 0x2A; //shr rcx, 0x2A
1544. rax ^= rcx; //xor rax, rcx
1545. rdx = ~rdx; //not rdx
1546. rax *= mem.Read<uintptr_t>(rdx + 0xf); //imul rax, [rdx+0x0F]
1547. rcx = 0x620FE8A3984FA9A2; //mov rcx, 0x620FE8A3984FA9A2
1548. rax ^= rcx; //xor rax, rcx
1549. rax += rbx; //add rax, rbx
1550. return rax;
1551. }
1552. case 13:
1553. {
1554. r9 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r9, [0x000000000916479B]
1555. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCD386]
1556. rax += r11; //add rax, r11
1557. rcx = rax; //mov rcx, rax
1558. rcx >>= 0x10; //shr rcx, 0x10
1559. rax ^= rcx; //xor rax, rcx
1560. rcx = rax; //mov rcx, rax
1561. rcx >>= 0x20; //shr rcx, 0x20
1562. rax ^= rcx; //xor rax, rcx
1563. rcx = 0x153249CC4096DEBB; //mov rcx, 0x153249CC4096DEBB
1564. rax += rcx; //add rax, rcx
1565. rax += rbx; //add rax, rbx
1566. rax ^= r11; //xor rax, r11
1567. rcx = 0x3FEF9376461CD77C; //mov rcx, 0x3FEF9376461CD77C
1568. rax += rcx; //add rax, rcx
1569. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1570. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1571. rcx ^= r9; //xor rcx, r9
1572. rcx = ~rcx; //not rcx
1573. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1574. rcx = 0xCD5C890FC6052E0B; //mov rcx, 0xCD5C890FC6052E0B
1575. rax *= rcx; //imul rax, rcx
1576. return rax;
1577. }
1578. case 14:
1579. {
1580. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x00000000091642A0]
1581. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCCE8B]
1582. r12 = globals::base + 0x2858; //lea r12, [0xFFFFFFFFFDFCF6C1]
1583. r13 = globals::base + 0xB818; //lea r13, [0xFFFFFFFFFDFD8674]
1584. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1585. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1586. rcx ^= r10; //xor rcx, r10
1587. rcx = ~rcx; //not rcx
1588. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1589. rax -= r11; //sub rax, r11
1590. rcx = rax; //mov rcx, rax
1591. rdx = rbx; //mov rdx, rbx
1592. rdx *= r13; //imul rdx, r13
1593. rcx >>= 0x28; //shr rcx, 0x28
1594. rdx ^= rcx; //xor rdx, rcx
1595. rax ^= rdx; //xor rax, rdx
1596. rcx = 0x51E63BDB2878DA3D; //mov rcx, 0x51E63BDB2878DA3D
1597. rax *= rcx; //imul rax, rcx
1598. rcx = rax; //mov rcx, rax
1599. rcx >>= 0x17; //shr rcx, 0x17
1600. rax ^= rcx; //xor rax, rcx
1601. rcx = globals::base + 0x54FCAA3A; //lea rcx, [0x0000000052F975AA]
1602. rdx = rax; //mov rdx, rax
1603. rcx = ~rcx; //not rcx
1604. rdx >>= 0x2E; //shr rdx, 0x2E
1605. rcx ^= rbx; //xor rcx, rbx
1606. rax ^= rdx; //xor rax, rdx
1607. rax -= rcx; //sub rax, rcx
1608. rcx = rbx; //mov rcx, rbx
1609. rcx ^= r12; //xor rcx, r12
1610. rax -= rcx; //sub rax, rcx
1611. return rax;
1612. }
1613. case 15:
1614. {
1615. r10 = mem.Read<uintptr_t>(globals::base + 0xB19740E); //mov r10, [0x0000000009163E75]
1616. r11 = globals::base; //lea r11, [0xFFFFFFFFFDFCCA60]
1617. r12 = globals::base + 0x6D7996B9; //lea r12, [0x000000006B7660F7]
1618. rax += r11; //add rax, r11
1619. rcx = rax; //mov rcx, rax
1620. rcx >>= 0x16; //shr rcx, 0x16
1621. rax ^= rcx; //xor rax, rcx
1622. rcx = rax; //mov rcx, rax
1623. rcx >>= 0x2C; //shr rcx, 0x2C
1624. rax ^= rcx; //xor rax, rcx
1625. rcx = r12; //mov rcx, r12
1626. rcx = ~rcx; //not rcx
1627. rcx *= rbx; //imul rcx, rbx
1628. rax += rcx; //add rax, rcx
1629. rdx = 0xEEC920FB0911427A; //mov rdx, 0xEEC920FB0911427A
1630. rax += rdx; //add rax, rdx
1631. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
1632. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
1633. rcx ^= r10; //xor rcx, r10
1634. rcx = ~rcx; //not rcx
1635. rax *= mem.Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
1636. rcx = globals::base + 0x9A06; //lea rcx, [0xFFFFFFFFFDFD607D]
1637. rcx = ~rcx; //not rcx
1638. rax += rcx; //add rax, rcx
1639. rcx = 0xC2732136FBDEB5CD; //mov rcx, 0xC2732136FBDEB5CD
1640. rax -= rbx; //sub rax, rbx
1641. rax ^= rcx; //xor rax, rcx
1642. rcx = 0x8A516BBDDE1E408F; //mov rcx, 0x8A516BBDDE1E408F
1643. rax *= rcx; //imul rax, rcx
1644. return rax;
1645. }
1646. }
1647. }
1648. uintptr_t decrypt_bone_base()
1649. {
1650. uint64_t mb = base_address;
1651. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
1652.  
1653. rdx = mem.Read<uintptr_t>(globals::base + 0x112A3F08);
1654. if(!rdx)
1655. return rdx;
1656.  
1657. r11 = globals::vaPeb; //mov r11, gs:[rax]
1658. rax = r11; //mov rax, r11
1659. rax >>= 0x13; //shr rax, 0x13
1660. rax &= 0xF;
1661.  
1662. switch(rax)
1663. {
1664. case 0:
1665. {
1666. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x000000000756549C]
1667. rcx = globals::base + 0x8C93; //lea rcx, [0xFFFFFFFFFC3D6BEF]
1668. rax = rcx; //mov rax, rcx
1669. rax -= r11; //sub rax, r11
1670. rdx ^= rax; //xor rdx, rax
1671. rax = rdx; //mov rax, rdx
1672. rax >>= 0x15; //shr rax, 0x15
1673. rdx ^= rax; //xor rdx, rax
1674. rax = rdx; //mov rax, rdx
1675. rax >>= 0x2A; //shr rax, 0x2A
1676. rdx ^= rax; //xor rdx, rax
1677. rdx += r11; //add rdx, r11
1678. rax = 0; //and rax, 0xFFFFFFFFC0000000
1679. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1680. rax ^= r10; //xor rax, r10
1681. rax = ~rax; //not rax
1682. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1683. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CDBE5]
1684. rdx ^= rax; //xor rdx, rax
1685. rax = 0x860534C8C01FEA7B; //mov rax, 0x860534C8C01FEA7B
1686. rdx *= rax; //imul rdx, rax
1687. rax = 0xEE334BF3EC572D68; //mov rax, 0xEE334BF3EC572D68
1688. rdx ^= rax; //xor rdx, rax
1689. return rdx;
1690. }
1691. case 1:
1692. {
1693. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007565023]
1694. rax = 0; //and rax, 0xFFFFFFFFC0000000
1695. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1696. rax ^= r10; //xor rax, r10
1697. rax = ~rax; //not rax
1698. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1699. rax = 0x8A4B98169395E686; //mov rax, 0x8A4B98169395E686
1700. rdx ^= rax; //xor rdx, rax
1701. rax = 0xC3957EB9F84EC5AF; //mov rax, 0xC3957EB9F84EC5AF
1702. rdx *= rax; //imul rdx, rax
1703. rax = rdx; //mov rax, rdx
1704. rax >>= 0xE; //shr rax, 0x0E
1705. rdx ^= rax; //xor rdx, rax
1706. rax = rdx; //mov rax, rdx
1707. rax >>= 0x1C; //shr rax, 0x1C
1708. rdx ^= rax; //xor rdx, rax
1709. rax = rdx; //mov rax, rdx
1710. rax >>= 0x38; //shr rax, 0x38
1711. rdx ^= rax; //xor rdx, rax
1712. rax = globals::base + 0x31CB; //lea rax, [0xFFFFFFFFFC3D08BF]
1713. rax -= r11; //sub rax, r11
1714. rdx += rax; //add rdx, rax
1715. rax = rdx; //mov rax, rdx
1716. rax >>= 0xD; //shr rax, 0x0D
1717. rdx ^= rax; //xor rdx, rax
1718. rax = rdx; //mov rax, rdx
1719. rax >>= 0x1A; //shr rax, 0x1A
1720. rdx ^= rax; //xor rdx, rax
1721. rax = rdx; //mov rax, rdx
1722. rax >>= 0x34; //shr rax, 0x34
1723. rdx ^= rax; //xor rdx, rax
1724. rax = globals::base + 0xDF5D; //lea rax, [0xFFFFFFFFFC3DB8E0]
1725. rax = ~rax; //not rax
1726. rax ^= r11; //xor rax, r11
1727. rdx ^= rax; //xor rdx, rax
1728. return rdx;
1729. }
1730. case 2:
1731. {
1732. r9 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r9, [0x0000000007564B02]
1733. rax = 0; //and rax, 0xFFFFFFFFC0000000
1734. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1735. rax ^= r9; //xor rax, r9
1736. rax = ~rax; //not rax
1737. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1738. rax = globals::base + 0x47C2AE1B; //lea rax, [0x0000000043FF8315]
1739. rax = ~rax; //not rax
1740. rax ^= r11; //xor rax, r11
1741. rax += r11; //add rax, r11
1742. rdx += rax; //add rdx, rax
1743. rax = 0x94073D91C803188D; //mov rax, 0x94073D91C803188D
1744. rdx ^= rax; //xor rdx, rax
1745. rax = 0x2EEA8A0831CE333B; //mov rax, 0x2EEA8A0831CE333B
1746. rdx *= rax; //imul rdx, rax
1747. rdx += r11; //add rdx, r11
1748. rax = rdx; //mov rax, rdx
1749. rax >>= 0x13; //shr rax, 0x13
1750. rdx ^= rax; //xor rdx, rax
1751. rax = rdx; //mov rax, rdx
1752. rax >>= 0x26; //shr rax, 0x26
1753. rdx ^= rax; //xor rdx, rax
1754. rax = 0xD4E2CCE5B7959CA0; //mov rax, 0xD4E2CCE5B7959CA0
1755. rdx ^= rax; //xor rdx, rax
1756. return rdx;
1757. }
1758. case 3:
1759. {
1760. r9 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r9, [0x0000000007564707]
1761. rax = rdx; //mov rax, rdx
1762. rax >>= 0x13; //shr rax, 0x13
1763. rdx ^= rax; //xor rdx, rax
1764. rax = rdx; //mov rax, rdx
1765. rax >>= 0x26; //shr rax, 0x26
1766. rdx ^= rax; //xor rdx, rax
1767. rax = rdx; //mov rax, rdx
1768. rax >>= 0x24; //shr rax, 0x24
1769. rdx ^= rax; //xor rdx, rax
1770. rax = 0x764F15DD269101D3; //mov rax, 0x764F15DD269101D3
1771. rdx *= rax; //imul rdx, rax
1772. rax = 0x34E81942B113C230; //mov rax, 0x34E81942B113C230
1773. rdx -= rax; //sub rdx, rax
1774. rax = 0x13805FC46F4FC36A; //mov rax, 0x13805FC46F4FC36A
1775. rdx += rax; //add rdx, rax
1776. rax = r11; //mov rax, r11
1777. rax -= driver.base_addr; //sub rax, [rsp+0xB8] -- didn't find trace -> use base
1778. rax += 0xFFFFFFFFFFFF85F3; //add rax, 0xFFFFFFFFFFFF85F3
1779. rdx += rax; //add rdx, rax
1780. rax = 0; //and rax, 0xFFFFFFFFC0000000
1781. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1782. rax ^= r9; //xor rax, r9
1783. rax = ~rax; //not rax
1784. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1785. rdx ^= r11; //xor rdx, r11
1786. rax = globals::base + 0x114B; //lea rax, [0xFFFFFFFFFC3CE205]
1787. rdx ^= rax; //xor rdx, rax
1788. return rdx;
1789. }
1790. case 4:
1791. {
1792. r9 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r9, [0x000000000756416D]
1793. rax = rdx; //mov rax, rdx
1794. rax >>= 0x11; //shr rax, 0x11
1795. rdx ^= rax; //xor rdx, rax
1796. rax = rdx; //mov rax, rdx
1797. rax >>= 0x22; //shr rax, 0x22
1798. rdx ^= rax; //xor rdx, rax
1799. rax = 0x2CFB6FB2F3BAD3C; //mov rax, 0x2CFB6FB2F3BAD3C
1800. rdx -= rax; //sub rdx, rax
1801. rax = 0; //and rax, 0xFFFFFFFFC0000000
1802. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1803. rax ^= r9; //xor rax, r9
1804. rax = ~rax; //not rax
1805. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1806. rax = 0xEED0F28134CE8447; //mov rax, 0xEED0F28134CE8447
1807. rdx *= rax; //imul rdx, rax
1808. rax = 0x52D4170A67BFFCB2; //mov rax, 0x52D4170A67BFFCB2
1809. rdx ^= rax; //xor rdx, rax
1810. rdx += r11; //add rdx, r11
1811. rax = rdx; //mov rax, rdx
1812. rax >>= 0x16; //shr rax, 0x16
1813. rdx ^= rax; //xor rdx, rax
1814. rax = rdx; //mov rax, rdx
1815. rax >>= 0x2C; //shr rax, 0x2C
1816. rdx ^= rax; //xor rdx, rax
1817. rdx ^= r11; //xor rdx, r11
1818. return rdx;
1819. }
1820. case 5:
1821. {
1822. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007563BA6]
1823. rcx = globals::base + 0x654BDD13; //lea rcx, [0x000000006188A389]
1824. rax = rcx; //mov rax, rcx
1825. rax = ~rax; //not rax
1826. //failed to translate: inc rax
1827. rax += r11; //add rax, r11
1828. rdx += rax; //add rdx, rax
1829. rax = 0x4A2AFA53025C5181; //mov rax, 0x4A2AFA53025C5181
1830. rdx *= rax; //imul rdx, rax
1831. rax = rdx; //mov rax, rdx
1832. rax >>= 0x28; //shr rax, 0x28
1833. rdx ^= rax; //xor rdx, rax
1834. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CC350]
1835. rcx = rax + 0xa045; //lea rcx, [rax+0xA045]
1836. rax += 0x19B7DBCB; //add rax, 0x19B7DBCB
1837. rax += r11; //add rax, r11
1838. rcx += r11; //add rcx, r11
1839. rcx ^= rax; //xor rcx, rax
1840. rdx ^= rcx; //xor rdx, rcx
1841. rax = 0x574A3A5B7408079B; //mov rax, 0x574A3A5B7408079B
1842. rdx *= rax; //imul rdx, rax
1843. rax = 0; //and rax, 0xFFFFFFFFC0000000
1844. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1845. rax ^= r10; //xor rax, r10
1846. rax = ~rax; //not rax
1847. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1848. return rdx;
1849. }
1850. case 6:
1851. {
1852. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x000000000756379A]
1853. rcx = globals::base + 0x4951; //lea rcx, [0xFFFFFFFFFC3D0BB1]
1854. rax = 0; //and rax, 0xFFFFFFFFC0000000
1855. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1856. rax ^= r10; //xor rax, r10
1857. rax = ~rax; //not rax
1858. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1859. rdx += r11; //add rdx, r11
1860. rax = r11; //mov rax, r11
1861. rax *= rcx; //imul rax, rcx
1862. rdx += rax; //add rdx, rax
1863. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CC0BF]
1864. rax += 0x1D37B933; //add rax, 0x1D37B933
1865. rax += r11; //add rax, r11
1866. rdx += rax; //add rdx, rax
1867. rax = rdx; //mov rax, rdx
1868. rax >>= 0x9; //shr rax, 0x09
1869. rdx ^= rax; //xor rdx, rax
1870. rax = rdx; //mov rax, rdx
1871. rax >>= 0x12; //shr rax, 0x12
1872. rdx ^= rax; //xor rdx, rax
1873. rax = rdx; //mov rax, rdx
1874. rax >>= 0x24; //shr rax, 0x24
1875. rdx ^= rax; //xor rdx, rax
1876. rax = 0x6C2A29044A40E4C7; //mov rax, 0x6C2A29044A40E4C7
1877. rdx *= rax; //imul rdx, rax
1878. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CC059]
1879. rdx ^= rax; //xor rdx, rax
1880. rax = rdx; //mov rax, rdx
1881. rax >>= 0x3; //shr rax, 0x03
1882. rdx ^= rax; //xor rdx, rax
1883. rax = rdx; //mov rax, rdx
1884. rax >>= 0x6; //shr rax, 0x06
1885. rdx ^= rax; //xor rdx, rax
1886. rax = rdx; //mov rax, rdx
1887. rax >>= 0xC; //shr rax, 0x0C
1888. rdx ^= rax; //xor rdx, rax
1889. rax = rdx; //mov rax, rdx
1890. rax >>= 0x18; //shr rax, 0x18
1891. rdx ^= rax; //xor rdx, rax
1892. rax = rdx; //mov rax, rdx
1893. rax >>= 0x30; //shr rax, 0x30
1894. rdx ^= rax; //xor rdx, rax
1895. return rdx;
1896. }
1897. case 7:
1898. {
1899. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x000000000756336A]
1900. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CBCEF]
1901. rdx += rax; //add rdx, rax
1902. rax = 0x5F80490A38DB3901; //mov rax, 0x5F80490A38DB3901
1903. rdx ^= rax; //xor rdx, rax
1904. rax = 0x4EC9DC6A5902297D; //mov rax, 0x4EC9DC6A5902297D
1905. rdx -= rax; //sub rdx, rax
1906. rax = rdx; //mov rax, rdx
1907. rax >>= 0x25; //shr rax, 0x25
1908. rdx ^= rax; //xor rdx, rax
1909. rax = r11; //mov rax, r11
1910. uintptr_t RSP_0x30;
1911. RSP_0x30 = globals::base + 0xCEFB; //lea rax, [0xFFFFFFFFFC3D8D81] : RSP+0x30
1912. rax ^= RSP_0x30; //xor rax, [rsp+0x30]
1913. rdx += rax; //add rdx, rax
1914. rax = 0x92B34BC27C367071; //mov rax, 0x92B34BC27C367071
1915. rdx *= rax; //imul rdx, rax
1916. rdx -= r11; //sub rdx, r11
1917. rax = 0; //and rax, 0xFFFFFFFFC0000000
1918. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1919. rax ^= r10; //xor rax, r10
1920. rax = ~rax; //not rax
1921. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1922. return rdx;
1923. }
1924. case 8:
1925. {
1926. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007562EF0]
1927. rax = 0xE62DA6375F493113; //mov rax, 0xE62DA6375F493113
1928. rdx *= rax; //imul rdx, rax
1929. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CB77A]
1930. rdx -= rax; //sub rdx, rax
1931. rax = 0; //and rax, 0xFFFFFFFFC0000000
1932. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1933. rax ^= r10; //xor rax, r10
1934. rax = ~rax; //not rax
1935. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1936. rdx -= r11; //sub rdx, r11
1937. rax = rdx; //mov rax, rdx
1938. rax >>= 0xF; //shr rax, 0x0F
1939. rdx ^= rax; //xor rdx, rax
1940. rax = rdx; //mov rax, rdx
1941. rax >>= 0x1E; //shr rax, 0x1E
1942. rdx ^= rax; //xor rdx, rax
1943. rax = rdx; //mov rax, rdx
1944. rax >>= 0x3C; //shr rax, 0x3C
1945. rdx ^= rax; //xor rdx, rax
1946. rax = rdx; //mov rax, rdx
1947. rax >>= 0x3; //shr rax, 0x03
1948. rdx ^= rax; //xor rdx, rax
1949. rax = rdx; //mov rax, rdx
1950. rax >>= 0x6; //shr rax, 0x06
1951. rdx ^= rax; //xor rdx, rax
1952. rax = rdx; //mov rax, rdx
1953. rax >>= 0xC; //shr rax, 0x0C
1954. rdx ^= rax; //xor rdx, rax
1955. rax = rdx; //mov rax, rdx
1956. rax >>= 0x18; //shr rax, 0x18
1957. rdx ^= rax; //xor rdx, rax
1958. rax = rdx; //mov rax, rdx
1959. rax >>= 0x30; //shr rax, 0x30
1960. rdx ^= rax; //xor rdx, rax
1961. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CB5E1]
1962. rax += 0xFAB2; //add rax, 0xFAB2
1963. rax += r11; //add rax, r11
1964. rdx ^= rax; //xor rdx, rax
1965. rdx ^= r11; //xor rdx, r11
1966. rax = globals::base + 0x5723; //lea rax, [0xFFFFFFFFFC3D0FD2]
1967. rdx ^= rax; //xor rdx, rax
1968. return rdx;
1969. }
1970. case 9:
1971. {
1972. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x00000000075629A4]
1973. rax = 0; //and rax, 0xFFFFFFFFC0000000
1974. rax = _rotl64(rax, 0x10); //rol rax, 0x10
1975. rax ^= r10; //xor rax, r10
1976. rax = ~rax; //not rax
1977. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
1978. rdx += r11; //add rdx, r11
1979. rax = globals::base + 0x429D; //lea rax, [0xFFFFFFFFFC3CF65B]
1980. rdx += rax; //add rdx, rax
1981. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CB3B4]
1982. rax += 0xF1EC; //add rax, 0xF1EC
1983. rax += r11; //add rax, r11
1984. rdx ^= rax; //xor rdx, rax
1985. rax = globals::base + 0x5304B0E6; //lea rax, [0x000000004F416487]
1986. rdx ^= r11; //xor rdx, r11
1987. rdx ^= rax; //xor rdx, rax
1988. rax = rdx; //mov rax, rdx
1989. rax >>= 0x22; //shr rax, 0x22
1990. rdx ^= rax; //xor rdx, rax
1991. rax = 0xEE899EDDAF56550; //mov rax, 0xEE899EDDAF56550
1992. rdx ^= rax; //xor rdx, rax
1993. rax = rdx; //mov rax, rdx
1994. rax >>= 0xE; //shr rax, 0x0E
1995. rdx ^= rax; //xor rdx, rax
1996. rax = rdx; //mov rax, rdx
1997. rax >>= 0x1C; //shr rax, 0x1C
1998. rdx ^= rax; //xor rdx, rax
1999. rax = rdx; //mov rax, rdx
2000. rax >>= 0x38; //shr rax, 0x38
2001. rdx ^= rax; //xor rdx, rax
2002. rax = 0x39D515C223A57391; //mov rax, 0x39D515C223A57391
2003. rdx *= rax; //imul rdx, rax
2004. return rdx;
2005. }
2006. case 10:
2007. {
2008. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x00000000075624F3]
2009. rax = rdx; //mov rax, rdx
2010. rax >>= 0xF; //shr rax, 0x0F
2011. rdx ^= rax; //xor rdx, rax
2012. rax = rdx; //mov rax, rdx
2013. rax >>= 0x1E; //shr rax, 0x1E
2014. rdx ^= rax; //xor rdx, rax
2015. rax = rdx; //mov rax, rdx
2016. rax >>= 0x3C; //shr rax, 0x3C
2017. rdx ^= rax; //xor rdx, rax
2018. rax = rdx; //mov rax, rdx
2019. rax >>= 0x13; //shr rax, 0x13
2020. rdx ^= rax; //xor rdx, rax
2021. rax = rdx; //mov rax, rdx
2022. rax >>= 0x26; //shr rax, 0x26
2023. rdx ^= rax; //xor rdx, rax
2024. rax = r11; //mov rax, r11
2025. rax = ~rax; //not rax
2026. uintptr_t RSP_0xA8;
2027. RSP_0xA8 = globals::base + 0x1A3D; //lea rax, [0xFFFFFFFFFC3CCA4C] : RSP+0xA8
2028. rax *= RSP_0xA8; //imul rax, [rsp+0xA8]
2029. rdx ^= rax; //xor rdx, rax
2030. rax = 0x8330B389343DA675; //mov rax, 0x8330B389343DA675
2031. rdx *= rax; //imul rdx, rax
2032. rax = 0x5A325A7184C15E55; //mov rax, 0x5A325A7184C15E55
2033. rdx -= rax; //sub rdx, rax
2034. rax = 0xE28957C95B7E497; //mov rax, 0xE28957C95B7E497
2035. rdx += rax; //add rdx, rax
2036. rax = 0; //and rax, 0xFFFFFFFFC0000000
2037. rax = _rotl64(rax, 0x10); //rol rax, 0x10
2038. rax ^= r10; //xor rax, r10
2039. rax = ~rax; //not rax
2040. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
2041. rdx -= r11; //sub rdx, r11
2042. return rdx;
2043. }
2044. case 11:
2045. {
2046. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007562000]
2047. r15 = globals::base + 0x67B591A2; //lea r15, [0x0000000063F23CB2]
2048. rax = rdx; //mov rax, rdx
2049. rax >>= 0x22; //shr rax, 0x22
2050. rdx ^= rax; //xor rdx, rax
2051. rax = r15; //mov rax, r15
2052. rax = ~rax; //not rax
2053. rax ^= r11; //xor rax, r11
2054. rax += r11; //add rax, r11
2055. rdx -= rax; //sub rdx, rax
2056. rax = 0; //and rax, 0xFFFFFFFFC0000000
2057. rax = _rotl64(rax, 0x10); //rol rax, 0x10
2058. rax ^= r10; //xor rax, r10
2059. rax = ~rax; //not rax
2060. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
2061. rdx ^= r11; //xor rdx, r11
2062. rax = 0x112AEF7CBA9BEDF1; //mov rax, 0x112AEF7CBA9BEDF1
2063. rdx *= rax; //imul rdx, rax
2064. rax = 0x792205E77EAA6797; //mov rax, 0x792205E77EAA6797
2065. rdx ^= rax; //xor rdx, rax
2066. return rdx;
2067. }
2068. case 12:
2069. {
2070. r9 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r9, [0x0000000007561C56]
2071. r15 = globals::base + 0x70E4B3E1; //lea r15, [0x000000006D215B47]
2072. rax = 0; //and rax, 0xFFFFFFFFC0000000
2073. rax = _rotl64(rax, 0x10); //rol rax, 0x10
2074. rax ^= r9; //xor rax, r9
2075. rax = ~rax; //not rax
2076. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
2077. rax = 0x33BF00DD8A073650; //mov rax, 0x33BF00DD8A073650
2078. rdx -= rax; //sub rdx, rax
2079. rax = rdx; //mov rax, rdx
2080. rax >>= 0xA; //shr rax, 0x0A
2081. rdx ^= rax; //xor rdx, rax
2082. rax = rdx; //mov rax, rdx
2083. rax >>= 0x14; //shr rax, 0x14
2084. rdx ^= rax; //xor rdx, rax
2085. rax = rdx; //mov rax, rdx
2086. rax >>= 0x28; //shr rax, 0x28
2087. rdx ^= rax; //xor rdx, rax
2088. rax = globals::base; //lea rax, [0xFFFFFFFFFC3CA4DF]
2089. rdx ^= rax; //xor rdx, rax
2090. rax = r15; //mov rax, r15
2091. rax = ~rax; //not rax
2092. rdx += rax; //add rdx, rax
2093. rax = 0x37300D9E69A77B2F; //mov rax, 0x37300D9E69A77B2F
2094. rdx *= rax; //imul rdx, rax
2095. rdx -= r11; //sub rdx, r11
2096. return rdx;
2097. }
2098. case 13:
2099. {
2100. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007561866]
2101. r15 = globals::base + 0x666C9DA0; //lea r15, [0x0000000062A94116]
2102. rax = r11; //mov rax, r11
2103. rax ^= r15; //xor rax, r15
2104. rdx -= rax; //sub rdx, rax
2105. rax = 0x124569EA4125D98; //mov rax, 0x124569EA4125D98
2106. rdx ^= rax; //xor rdx, rax
2107. rax = rdx; //mov rax, rdx
2108. rax >>= 0x5; //shr rax, 0x05
2109. rdx ^= rax; //xor rdx, rax
2110. rax = rdx; //mov rax, rdx
2111. rax >>= 0xA; //shr rax, 0x0A
2112. rdx ^= rax; //xor rdx, rax
2113. rax = rdx; //mov rax, rdx
2114. rax >>= 0x14; //shr rax, 0x14
2115. rdx ^= rax; //xor rdx, rax
2116. rax = rdx; //mov rax, rdx
2117. rax >>= 0x28; //shr rax, 0x28
2118. rdx ^= rax; //xor rdx, rax
2119. rax = rdx; //mov rax, rdx
2120. rax >>= 0x1A; //shr rax, 0x1A
2121. rdx ^= rax; //xor rdx, rax
2122. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
2123. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
2124. rax = rdx; //mov rax, rdx
2125. rcx ^= r10; //xor rcx, r10
2126. rax >>= 0x34; //shr rax, 0x34
2127. rcx = ~rcx; //not rcx
2128. rdx ^= rax; //xor rdx, rax
2129. rdx *= mem.Read<uintptr_t>(rcx + 0x17); //imul rdx, [rcx+0x17]
2130. rdx ^= r11; //xor rdx, r11
2131. rax = 0xD83F30F92C64DF4F; //mov rax, 0xD83F30F92C64DF4F
2132. rdx ^= rax; //xor rdx, rax
2133. rax = 0xB69AFD2628432A9D; //mov rax, 0xB69AFD2628432A9D
2134. rdx *= rax; //imul rdx, rax
2135. return rdx;
2136. }
2137. case 14:
2138. {
2139. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007561432]
2140. rax = rdx; //mov rax, rdx
2141. rax >>= 0x1B; //shr rax, 0x1B
2142. rdx ^= rax; //xor rdx, rax
2143. rax = rdx; //mov rax, rdx
2144. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
2145. rax >>= 0x36; //shr rax, 0x36
2146. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
2147. rdx ^= rax; //xor rdx, rax
2148. rcx ^= r10; //xor rcx, r10
2149. rcx = ~rcx; //not rcx
2150. rdx *= mem.Read<uintptr_t>(rcx + 0x17); //imul rdx, [rcx+0x17]
2151. rcx = globals::base + 0x5113; //lea rcx, [0xFFFFFFFFFC3CEFFE]
2152. rax = 0xDC4274449EFE767B; //mov rax, 0xDC4274449EFE767B
2153. rdx ^= rax; //xor rdx, rax
2154. rax = rdx; //mov rax, rdx
2155. rax >>= 0x6; //shr rax, 0x06
2156. rdx ^= rax; //xor rdx, rax
2157. rax = rdx; //mov rax, rdx
2158. rax >>= 0xC; //shr rax, 0x0C
2159. rdx ^= rax; //xor rdx, rax
2160. rax = rdx; //mov rax, rdx
2161. rax >>= 0x18; //shr rax, 0x18
2162. rdx ^= rax; //xor rdx, rax
2163. rax = rdx; //mov rax, rdx
2164. rax >>= 0x30; //shr rax, 0x30
2165. rdx ^= rax; //xor rdx, rax
2166. rax = r11; //mov rax, r11
2167. rax ^= rcx; //xor rax, rcx
2168. rdx -= rax; //sub rdx, rax
2169. rax = 0x4480AA60A21867F9; //mov rax, 0x4480AA60A21867F9
2170. rdx *= rax; //imul rdx, rax
2171. rax = globals::base; //lea rax, [0xFFFFFFFFFC3C9BD6]
2172. rax += 0xD03A; //add rax, 0xD03A
2173. rax += r11; //add rax, r11
2174. rdx += rax; //add rdx, rax
2175. return rdx;
2176. }
2177. case 15:
2178. {
2179. r10 = mem.Read<uintptr_t>(globals::base + 0xB1974DD); //mov r10, [0x0000000007560F5D]
2180. r12 = globals::base + 0x6744783A; //lea r12, [0x0000000063811298]
2181. rdx += r11; //add rdx, r11
2182. rax = r11; //mov rax, r11
2183. rax = ~rax; //not rax
2184. uintptr_t RSP_0xA8;
2185. RSP_0xA8 = globals::base + 0x642A39AC; //lea rax, [0x000000006066D425] : RSP+0xA8
2186. rax ^= RSP_0xA8; //xor rax, [rsp+0xA8]
2187. rdx -= rax; //sub rdx, rax
2188. rdx ^= r11; //xor rdx, r11
2189. rdx ^= r12; //xor rdx, r12
2190. rax = 0; //and rax, 0xFFFFFFFFC0000000
2191. rax = _rotl64(rax, 0x10); //rol rax, 0x10
2192. rax ^= r10; //xor rax, r10
2193. rax = ~rax; //not rax
2194. rdx *= mem.Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
2195. rax = 0x54750E0E4638841A; //mov rax, 0x54750E0E4638841A
2196. rdx += rax; //add rdx, rax
2197. rax = 0x17257FE07A931EB4; //mov rax, 0x17257FE07A931EB4
2198. rdx ^= rax; //xor rdx, rax
2199. rax = rdx; //mov rax, rdx
2200. rax >>= 0x4; //shr rax, 0x04
2201. rdx ^= rax; //xor rdx, rax
2202. rax = rdx; //mov rax, rdx
2203. rax >>= 0x8; //shr rax, 0x08
2204. rdx ^= rax; //xor rdx, rax
2205. rax = rdx; //mov rax, rdx
2206. rax >>= 0x10; //shr rax, 0x10
2207. rdx ^= rax; //xor rdx, rax
2208. rax = rdx; //mov rax, rdx
2209. rax >>= 0x20; //shr rax, 0x20
2210. rdx ^= rax; //xor rdx, rax
2211. rax = 0x7493CCED6314B08B; //mov rax, 0x7493CCED6314B08B
2212. rdx *= rax; //imul rdx, rax
2213. return rdx;
2214. }
2215. }
2216. };
2217.  
2218. uint16_t get_bone_index(const Driver& driver, uint32_t bone_index)
2219. {
2220. const uint64_t mb = globals::base;
2221. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
2222. rbx = bone_index;
2223. rcx = rbx * 0x13C8;
2224. rax = 0xCB182C584BD5193; //mov rax, 0xCB182C584BD5193
2225. r11 = globals::base; //lea r11, [0xFFFFFFFFFD20EF4A]
2226. rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
2227. rax = rcx; //mov rax, rcx
2228. r10 = 0xD6FB75C08B670E5B; //mov r10, 0xD6FB75C08B670E5B
2229. rax -= rdx; //sub rax, rdx
2230. rax >>= 0x1; //shr rax, 0x01
2231. rax += rdx; //add rax, rdx
2232. rax >>= 0xC; //shr rax, 0x0C
2233. rax = rax * 0x1E7D; //imul rax, rax, 0x1E7D
2234. rcx -= rax; //sub rcx, rax
2235. rax = 0x4078E2A8FCDA18EF; //mov rax, 0x4078E2A8FCDA18EF
2236. r8 = rcx * 0x1E7D; //imul r8, rcx, 0x1E7D
2237. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
2238. rdx >>= 0xB; //shr rdx, 0x0B
2239. rax = rdx * 0x1FC4; //imul rax, rdx, 0x1FC4
2240. r8 -= rax; //sub r8, rax
2241. rax = 0xF0F0F0F0F0F0F0F1; //mov rax, 0xF0F0F0F0F0F0F0F1
2242. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
2243. rax = 0x624DD2F1A9FBE77; //mov rax, 0x624DD2F1A9FBE77
2244. rdx >>= 0x6; //shr rdx, 0x06
2245. rcx = rdx * 0x44; //imul rcx, rdx, 0x44
2246. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
2247. rax = r8; //mov rax, r8
2248. rax -= rdx; //sub rax, rdx
2249. rax >>= 0x1; //shr rax, 0x01
2250. rax += rdx; //add rax, rdx
2251. rax >>= 0x6; //shr rax, 0x06
2252. rcx += rax; //add rcx, rax
2253. rax = rcx * 0xFA; //imul rax, rcx, 0xFA
2254. rcx = r8 * 0xFC; //imul rcx, r8, 0xFC
2255. rcx -= rax; //sub rcx, rax
2256. rax = mem.Read<uint16_t>(rcx + r11 * 1 + 0xA606940); //movzx eax, word ptr [rcx+r11*1+0xA606940]
2257. r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
2258. rax = r10; //mov rax, r10
2259. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
2260. rax = r10; //mov rax, r10
2261. rdx >>= 0xD; //shr rdx, 0x0D
2262. rcx = rdx * 0x261B; //imul rcx, rdx, 0x261B
2263. r8 -= rcx; //sub r8, rcx
2264. r9 = r8 * 0x2F75; //imul r9, r8, 0x2F75
2265. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
2266. rdx >>= 0xD; //shr rdx, 0x0D
2267. rax = rdx * 0x261B; //imul rax, rdx, 0x261B
2268. r9 -= rax; //sub r9, rax
2269. rax = 0x8FB823EE08FB823F; //mov rax, 0x8FB823EE08FB823F
2270. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
2271. rax = 0x579D6EE340579D6F; //mov rax, 0x579D6EE340579D6F
2272. rdx >>= 0x5; //shr rdx, 0x05
2273. rcx = rdx * 0x39; //imul rcx, rdx, 0x39
2274. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
2275. rdx >>= 0x6; //shr rdx, 0x06
2276. rcx += rdx; //add rcx, rdx
2277. rax = rcx * 0x176; //imul rax, rcx, 0x176
2278. rcx = r9 * 0x178; //imul rcx, r9, 0x178
2279. rcx -= rax; //sub rcx, rax
2280. rsi = mem.Read<uint16_t>(rcx + r11 * 1 + 0xA60ABB0); //movsx esi, word ptr [rcx+r11*1+0xA60ABB0]
2281. return rsi;
2282. }
2283. constexpr auto timestamp = 0x6855F7BB;
2284. constexpr auto ref_def_ptr = 0xC7434D0;
2285. constexpr auto name_array = 0xC8B6CC8;
2286. constexpr auto name_array_pos = 0x3038; // 0x4C70 for MW1(2019)
2287. constexpr auto name_array_size = 0xC8;
2288. constexpr auto loot_ptr = 0xE10BDA8;
2289. constexpr auto camera_base = 0xC4472D0;
2290. constexpr auto camera_pos = 0x204;
2291. constexpr auto local_index = 0x180838;
2292. constexpr auto local_index_pos = 0x38C;
2293. constexpr auto recoil = 0xA0398;
2294. constexpr auto game_mode = 0xB390218;
2295. constexpr auto weapon_definitions = 0xC6162A0;
2296. constexpr auto distribute = 0x1026A198;
2297. uint32_t o_visible_bit = 0xA82E8;
2298. uint32_t o_no_recoil = 0xA0398;
2299. uint32_t Player_client_state_enum = 0x1BF390;
2300. constexpr auto scoreboard = 0x1A99D8;
2301. constexpr auto scoreboardsize = 0x78;
2302. Lobby::currentPlayerCountPtr = 0x56B538D;
2303.  
2304.  
2305. namespace bone {
2306. constexpr auto bone_base = 0xA8478;
2307. constexpr auto size = 0x1B0;
2308. constexpr auto offset = 0xD8;
2309. };
2310.  
2311. namespace player {
2312. constexpr auto size = 0x2558;
2313. constexpr auto valid = 0xAA;
2314. constexpr auto pos = 0x8B0;
2315. constexpr auto team = 0x2C4;
2316. constexpr auto stance = 0xA14;
2317. constexpr auto weapon_index = 0x198C;
2318. constexpr auto dead_1 = 0x5E8;
2319. constexpr auto dead_2 = 0x135;
2320. constexpr auto dead_3 = 0x540;
2321. };
2322.