API tools faq
paste
Advertisement
tcyknhrabirwjyljhp

Untitled

tcyknhrabirwjyljhp
Mar 27th, 2022
23
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 216.99 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0" encoding="utf-8"?>
  2. <CheatTable>
  3. <CheatEntries>
  4. <CheatEntry>
  5. <ID>87496</ID>
  6. <Description>"[ Initialize ]"</Description>
  7. <Options moHideChildren="1"/>
  8. <LastState/>
  9. <Color>A96974</Color>
  10. <VariableType>Auto Assembler Script</VariableType>
  11. <AssemblerScript Async="1">{$STRICT}
  12.  
  13. {$lua}
  14.  
  15. if syntaxcheck then return end
  16.  
  17. function openGameProcess( procName )
  18. local proc = procName
  19. if process ~= procName then
  20. if messageDialog( 'Attempt to open game process?', mtConfirmation, mbYes, mbNo ) == mrYes then
  21. local processId = getProcessIDFromProcessName( procName )
  22. if processId == nil then stopExec( "Game is not running." ) end
  23. openProcess( processId )
  24. sleep( 100 )
  25. end
  26. end
  27. end
  28.  
  29. function stopExec( s )
  30. error( print( string.format( "\r\n&gt;&gt; %s &lt;&lt;", s ) ) )
  31. end
  32.  
  33. function aobScanEx( aob )
  34. -- thanks panraven for this function!
  35. -- https://forum.cheatengine.org/viewtopic.php?t=577536
  36. -- simplified for my needs
  37. -- scan the entire memory space: e = nil or '*X*W'
  38. -- scan only executable code: e = nil or '+X'
  39. local p, a, n, s, e = nil or '+X', nil or fsmNotAligned, nil or '0', getAddress( process ) or 0x0, ( getAddress( process ) + getModuleSize( process ) ) or 0xffffffffffffffff
  40. local ms = pb and createMemScan( pb ) or createMemScan()
  41. local fl = createFoundList( ms )
  42. ms.firstScan( soExactValue, vtByteArray, nil, aob, nil, s, e, p, a, n, true, false, false, false )
  43. ms.waitTillDone()
  44. fl.initialize()
  45. local result = nil
  46. if fl ~= nil and fl.getCount() &gt; 0 then
  47. result = createStringlist()
  48. for i = 1, fl.getCount() do result.add( fl.getAddress( i - 1 ) ) end
  49. end
  50. fl.destroy()
  51. ms.destroy()
  52. return result
  53. end
  54.  
  55. function string.fromhex( s )
  56. return ( s:gsub( '..', function ( cc )
  57. return string.char( tonumber( cc, 16 ) )
  58. end ) )
  59. end
  60.  
  61. function aobScanSmall( aob, s, e )
  62. local i = byteTableToString( readBytes( s, e, true ) ):find( string.fromhex( aob ), 1, true )
  63. if i == nil then i = 1 end
  64. return ( s + i - 1 )
  65. end
  66.  
  67. function staticFindObjectEx( sa, sb, sc )
  68. local StaticFindObject = getAddressSafe( "StaticFindObject" )
  69. if StaticFindObject == 0x0 then return 0 end
  70. local s, Class, InOuter, UObject = allocateMemory( 256 ), 0, 0, 0
  71. if sb == nil and sc == nil then
  72. writeString( s, sa, true )
  73. writeBytes( s + #sa * 2, 0 )
  74. UObject = executeCodeEx( 0, nil, StaticFindObject, 0, -1, s, 1 )
  75. elseif sc == nil then
  76. writeString( s, sa, true )
  77. writeBytes( s + #sa * 2, 0 )
  78. Class = executeCodeEx( 0, nil, StaticFindObject, 0, -1, s, 1 )
  79. writeString( s, sb, true )
  80. writeBytes( s + #sb * 2, 0 )
  81. UObject = executeCodeEx( 0, nil, StaticFindObject, Class, -1, s, 0 )
  82. else
  83. writeString( s, sa, true )
  84. writeBytes( s + #sa * 2, 0 )
  85. Class = executeCodeEx( 0, nil, StaticFindObject, 0, -1, s, 1 )
  86. writeString( s, sb, true )
  87. writeBytes( s + #sb * 2, 0 )
  88. InOuter = executeCodeEx( 0, nil, StaticFindObject, 0, -1, s, 1 )
  89. writeString( s, sc, true )
  90. writeBytes( s + #sc * 2, 0 )
  91. UObject = executeCodeEx( 0, nil, StaticFindObject, Class, InOuter, s, 0 )
  92. end
  93. deAlloc( s )
  94. return UObject
  95. end
  96.  
  97. function getOffset( p )
  98. return readInteger( p + 0x44 )
  99. end
  100.  
  101. function getLocalPlayer()
  102. local LocalPlayer = 0
  103. local GEngine = readQword( getAddressSafe( "GEngine" ) )
  104. local t = staticFindObjectEx( "ObjectProperty", "Engine.Engine", "GameViewport" )
  105. if t &lt; 1 then stopExec( "'GameViewport' ObjectProperty not found." ) end
  106. local GameViewport_offset = getOffset( t )
  107. local GameViewportClient = readQword( GEngine + GameViewport_offset )
  108. t = staticFindObjectEx( "ObjectProperty", "Engine.GameViewportClient", "World" )
  109. if t &lt; 1 then stopExec( "'World' ObjectProperty not found." ) end
  110. local World_offset = getOffset( t )
  111. local World = readQword( GameViewportClient + World_offset )
  112. local UEngine_GetFirstGamePlayer = getAddressSafe( "UEngine__GetFirstGamePlayer" )
  113. if UEngine_GetFirstGamePlayer &lt; 1 then stopExec( "'UEngine__GetFirstGamePlayer' symbol not found." ) end
  114. LocalPlayer = executeCodeEx( 0, nil, UEngine_GetFirstGamePlayer, GEngine, World )
  115. return LocalPlayer
  116. end
  117.  
  118. function getPlayerController()
  119. local PlayerController = 0
  120. local LocalPlayer = getLocalPlayer()
  121. if LocalPlayer &lt; 1 then stopExec( "LocalPlayer not found. Are you at least at main menu?" ) end
  122. local t = staticFindObjectEx( "ObjectProperty", "Engine.Player", "PlayerController" )
  123. if t &lt; 1 then stopExec( "'PlayerController' ObjectProperty not found." ) end
  124. local PlayerController_offset = getOffset( t )
  125. PlayerController = readQword( LocalPlayer + PlayerController_offset )
  126. return PlayerController
  127. end
  128.  
  129. function getPlayerCharacter()
  130. local PlayerCharacter = 0
  131. local PlayerController = getPlayerController()
  132. if PlayerController &lt; 1 then stopExec( "PlayerController was not yet initialized. Not at main menu?" ) end
  133. local t = staticFindObjectEx( "ObjectProperty", "Engine.Controller", "Pawn" )
  134. if t &lt; 1 then stopExec( "'Pawn' ObjectProperty not found." ) end
  135. local Pawn_offset = getOffset( t )
  136. PlayerCharacter = readQword( PlayerController + Pawn_offset )
  137. return PlayerCharacter
  138. end
  139.  
  140. function killTabInConsoleKeys()
  141. local Default__InputSettings = staticFindObjectEx( "InputSettings", "Engine.Default__InputSettings" )
  142. local ConsoleKeys_ArrayProperty = staticFindObjectEx( "ArrayProperty", "Engine.InputSettings", "ConsoleKeys" )
  143. if Default__InputSettings ~= 0x0 then
  144. if ConsoleKeys_ArrayProperty ~= 0x0 then
  145. local ConsoleKeys_offset = readInteger( ConsoleKeys_ArrayProperty + 0x44 )
  146. local ConsoleKeys_Array_addr = readQword( Default__InputSettings + ConsoleKeys_offset )
  147. local ConsoleKeys_Array_size = readInteger( Default__InputSettings + ConsoleKeys_offset + 8 ) -- array has 2 elements
  148. writeInteger( ConsoleKeys_Array_addr + ( ConsoleKeys_Array_size - 1 ) * 8 * 3, 0 ) -- each comprised of 3 quads
  149. end
  150. end
  151. end
  152.  
  153. function changeConsoleKeyTo( key )
  154. local Default__InputSettings = staticFindObjectEx( "InputSettings", "Engine.Default__InputSettings" )
  155. local ConsoleKeys_ArrayProperty = staticFindObjectEx( "ArrayProperty", "Engine.InputSettings", "ConsoleKeys" )
  156. if Default__InputSettings ~= 0x0 then
  157. if ConsoleKeys_ArrayProperty ~= 0x0 then
  158. local ConsoleKeys_offset = readInteger( ConsoleKeys_ArrayProperty + 0x44 )
  159. local ConsoleKeys_Array_addr = readQword( Default__InputSettings + ConsoleKeys_offset )
  160. local FName_FName = getAddressSafe( "FName__FName" )
  161. if FName_FName ~= 0x0 then
  162. local p = allocateMemory( 256 )
  163. local s = p + 0x8
  164. writeString( s, key, true )
  165. writeBytes( s + #key * 2, 0 )
  166. local FName_id = executeCodeEx( 0, nil, FName_FName, p, s, 1 )
  167. if readInteger( FName_id ) ~= 0x0 then
  168. writeInteger( ConsoleKeys_Array_addr, readInteger( FName_id ) )
  169. end
  170. deAlloc( p )
  171. end
  172. end
  173. end
  174. end
  175.  
  176. function Init()
  177.  
  178. local sl, t, u = 0, 0, 0
  179.  
  180. --** CheatManager-related **--
  181.  
  182. local aob_GEngine = "448B45??488D47D8488B0D????????48????48894587E8"
  183. sl = aobScanEx( aob_GEngine )
  184. if not sl or sl.Count &lt; 1 then stopExec( "'aob_GEngine' not found." ) end
  185. t = tonumber( sl[0], 16 )
  186. t = t + 0x8
  187. t = t + readInteger( t + 0x3, true ) + 0x7
  188. unregisterSymbol( "GEngine" )
  189. registerSymbol( "GEngine", t, true )
  190.  
  191. local aob_EngineRef = "??FF48894424??4C8D4C24??48897C24??4C8D05????????48897C2458488D15"
  192. sl = aobScanEx( aob_EngineRef )
  193. if not sl or sl.Count &lt; 1 then stopExec( "'aob_EngineRef' not found." ) end
  194. t = tonumber( sl[0], 16 )
  195. t = t + 0xBC
  196. u = t + readInteger( t + 0x1, true ) + 0x5
  197. unregisterSymbol( "GetTransientPackage" )
  198. registerSymbol( "GetTransientPackage", u, true )
  199. t = t + 0x15
  200. u = t + readInteger( t + 0x3, true ) + 0x7
  201. unregisterSymbol( "wszNewObject" )
  202. registerSymbol( "wszNewObject", u, true )
  203. t = t + 0xA
  204. u = t + readInteger( t + 0x1, true ) + 0x5
  205. unregisterSymbol( "FObjectInitializer__AssertIfInConstructor" )
  206. registerSymbol( "FObjectInitializer__AssertIfInConstructor", u, true )
  207. t = t + 0x29
  208. u = t + readInteger( t + 0x1, true ) + 0x5
  209. unregisterSymbol( "StaticConstructObject_Internal" )
  210. registerSymbol( "StaticConstructObject_Internal", u, true )
  211.  
  212. local aob_StaticFindObject = "48895C24??48897424??5557415441564157??????4883EC60803D????????0045"
  213. sl = aobScanEx( aob_StaticFindObject )
  214. if not sl or sl.Count &lt; 1 then stopExec( "'aob_StaticFindObject' not found." ) end
  215. t = tonumber( sl[0], 16 )
  216. unregisterSymbol( "StaticFindObject" )
  217. registerSymbol( "StaticFindObject", t, true )
  218.  
  219. local aob_FName__FName = "4883EC??41B801000000488D15????????488D4C24??E8????????4533C9"
  220. sl = aobScanEx( aob_FName__FName )
  221. if not sl or sl.Count &lt; 1 then stopExec( "'aob_FName__FName' not found." ) end
  222. t = tonumber( sl[0], 16 ) + 0x16
  223. t = t + readInteger( t + 0x1, true ) + 0x5
  224. unregisterSymbol( "FName__FName" )
  225. registerSymbol( "FName__FName", t, true )
  226.  
  227. local aob_in_APlayerController__PostInitializeComponents = "838B????????1048C74424??4201000048"
  228. sl = aobScanEx( aob_in_APlayerController__PostInitializeComponents )
  229. if not sl or sl.Count &lt; 1 then stopExec( "'aob_in_APlayerController__PostInitializeComponents' not found." ) end
  230. t = tonumber( sl[0], 16 )
  231. unregisterSymbol( "APlayerController__PostInitializeComponents_hookspot" )
  232. registerSymbol( "APlayerController__PostInitializeComponents_hookspot", t, true )
  233.  
  234. --** UCheatManager execs **--
  235.  
  236. local aob_AActor__SetActorEnableCollision = "??????4881EC????????488B05????????48????48898424????????440FB681"
  237. sl = aobScanEx( aob_AActor__SetActorEnableCollision )
  238. if not sl or sl.Count &lt; 1 then stopExec( "'aob_AActor__SetActorEnableCollision' not found." ) end
  239. t = tonumber( sl[0], 16 )
  240. unregisterSymbol( "AActor__SetActorEnableCollision" )
  241. registerSymbol( "AActor__SetActorEnableCollision", t, true )
  242.  
  243. local aob_UClass__CreateLinkAndAddChildFunctionsToMap = "4585C00F84??????????????5553564157498DAB??FFFFFF4881EC"
  244. sl = aobScanEx( aob_UClass__CreateLinkAndAddChildFunctionsToMap )
  245. if not sl or sl.Count &lt; 1 then stopExec( "'aob_UClass__CreateLinkAndAddChildFunctionsToMap' not found." ) end
  246. t = tonumber( sl[0], 16 )
  247. unregisterSymbol( "UClass__CreateLinkAndAddChildFunctionsToMap" )
  248. registerSymbol( "UClass__CreateLinkAndAddChildFunctionsToMap", t, true )
  249.  
  250. local aob_UE4CodeGen_Private__ConstructUFunction = "4053564154415641574881EC????????488B05??????????????488984"
  251. sl = aobScanEx( aob_UE4CodeGen_Private__ConstructUFunction )
  252. if not sl or sl.Count &lt; 1 then stopExec( "'aob_UE4CodeGen_Private__ConstructUFunction' not found." ) end
  253. t = tonumber( sl[0], 16 )
  254. unregisterSymbol( "UE4CodeGen_Private__ConstructUFunction" )
  255. registerSymbol( "UE4CodeGen_Private__ConstructUFunction", t, true )
  256.  
  257. local aob_UE4CodeGen_Private__ConstructUClass = "405641574881EC????????488B05??????????????48898424????????488B01????????????48"
  258. sl = aobScanEx( aob_UE4CodeGen_Private__ConstructUClass )
  259. if not sl or sl.Count &lt; 1 then stopExec( "'aob_UE4CodeGen_Private__ConstructUClass' not found." ) end
  260. t = tonumber( sl[0], 16 )
  261. unregisterSymbol( "UE4CodeGen_Private__ConstructUClass" )
  262. registerSymbol( "UE4CodeGen_Private__ConstructUClass", t, true )
  263.  
  264. local aob_UEngine__GetFirstGamePlayer = "4883EC??E8????????8378??0074??488B00488B004883C4??C3??C04883C428C3"
  265. sl = aobScanEx( aob_UEngine__GetFirstGamePlayer )
  266. if not sl or sl.Count &lt; 1 then stopExec( "'aob_UEngine__GetFirstGamePlayer' not found." ) end
  267. t = tonumber( sl[0], 16 )
  268. unregisterSymbol( "UEngine__GetFirstGamePlayer" )
  269. registerSymbol( "UEngine__GetFirstGamePlayer", t, true )
  270.  
  271. local aob_in_AActor_Tick = "F683????????100F84????????4889B424????????45"
  272. sl = aobScanEx( aob_in_AActor_Tick )
  273. if not sl or sl.Count &lt; 1 then stopExec( "'aob_in_AActor_Tick' not found." ) end
  274. t = tonumber( sl[0], 16 )
  275. unregisterSymbol( "AActor__Tick_hookspot" )
  276. registerSymbol( "AActor__Tick_hookspot", t, true )
  277.  
  278. local aob_Weapon_OnFire = "40534883EC??488B01488BD948896C24"
  279. sl = aobScanEx( aob_Weapon_OnFire )
  280. if not sl or sl.Count &lt; 1 then stopExec( "'aob_Weapon_OnFire' not found." ) end
  281. t = tonumber( sl[0], 16 )
  282. unregisterSymbol( "Weapon__OnFire" )
  283. registerSymbol( "Weapon__OnFire", t, true )
  284.  
  285. --** caves **--
  286. -- let's use trampolines: jumping is always done via 5-to-14 bytes traversals
  287.  
  288. local gameModule = getAddress( process )
  289. local offset = 0x500
  290. t = gameModule + offset
  291. fullAccess( t, 0x1000 - offset )
  292. executeCodeEx( 0, nil, getAddressSafe( "RtlZeroMemory" ), t, 0x1000 - offset )
  293. unregisterSymbol( "Trampolines" )
  294. registerSymbol( "Trampolines", t, true )
  295.  
  296. --** hooks the return from GetGamePlayers **--
  297.  
  298. local aob_in_FViewport_Draw = "488B40??4885C074??F680????????0274"
  299. sl = aobScanEx( aob_in_FViewport_Draw )
  300. if not sl or sl.Count &lt; 1 then stopExec( "'aob_in_FViewport_Draw' not found." ) end
  301. t = tonumber( sl[0], 16 )
  302. unregisterSymbol( "FViewport__Draw_hookspot" )
  303. registerSymbol( "FViewport__Draw_hookspot", t, true )
  304.  
  305. t = allocateMemory( 0x1000 )
  306. unregisterSymbol( "FViewport__Draw_hook" )
  307. registerSymbol( "FViewport__Draw_hook", t, true )
  308.  
  309. autoAssemble([[
  310.  
  311. label( LocalPlayer )
  312. registersymbol( LocalPlayer )
  313. label( GameViewportClient )
  314. registersymbol( GameViewportClient )
  315. label( Console )
  316. registersymbol( Console )
  317. label( PlayerController )
  318. registersymbol( PlayerController )
  319. label( CheatManager )
  320. registersymbol( CheatManager )
  321. label( PlayerCharacter )
  322. registersymbol( PlayerCharacter )
  323. label( DeveloperPerks )
  324. registersymbol( DeveloperPerks )
  325.  
  326. label( FViewport__Draw_hookspot_o )
  327. registersymbol( FViewport__Draw_hookspot_o )
  328.  
  329. FViewport__Draw_hook:
  330. mov [LocalPlayer],rax
  331. mov rcx,[rax+70]
  332. mov [GameViewportClient],rcx
  333. mov rcx,[rcx+50]
  334. mov [Console],rcx
  335. mov rcx,[rax+30]
  336. test rcx,rcx
  337. je short @f
  338. mov [PlayerController],rcx
  339. mov rdx,[rcx+5A8]
  340. mov [CheatManager],rdx
  341. mov rcx,[rcx+488] // if OakCharacter valid (we're in game world)
  342. test rcx,rcx
  343. je short @f
  344. mov [PlayerCharacter],rcx
  345. mov rcx,[rax+30] // read OakPlayerController
  346. mov rcx,[rcx+2780] // offset to OakDeveloperPerks
  347. test rcx,rcx // check if not NULL first
  348. je short @f
  349. mov [DeveloperPerks],rcx // store it
  350. test byte ptr [rcx+C8],40 // flip UWorld_destroy bool
  351. jne short @f
  352. or byte ptr [rcx+C8],40
  353. FViewport__Draw_hookspot_o:
  354. readmem( FViewport__Draw_hookspot, 7 )
  355. jmp FViewport__Draw_hookspot+7
  356.  
  357. align 10 CC
  358.  
  359. LocalPlayer:
  360. dq 0
  361.  
  362. align 10 CC
  363.  
  364. GameViewportClient:
  365. dq 0
  366.  
  367. align 10 CC
  368.  
  369. Console:
  370. dq 0
  371.  
  372. align 10 CC
  373.  
  374. PlayerController:
  375. dq 0
  376.  
  377. align 10 CC
  378.  
  379. CheatManager:
  380. dq 0
  381.  
  382. align 10 CC
  383.  
  384. PlayerCharacter:
  385. dq 0
  386.  
  387. align 10 CC
  388.  
  389. DeveloperPerks:
  390. dq 0
  391.  
  392. align 10 CC
  393.  
  394. Trampolines+00:
  395. jmp far FViewport__Draw_hook
  396.  
  397. align 10 CC
  398.  
  399. FViewport__Draw_hookspot:
  400. jmp Trampolines+00
  401. nop 2
  402.  
  403. ]])
  404.  
  405. --** allocate memory for the CheatManager inline **--
  406.  
  407. t = allocateMemory( 0x1000 )
  408. unregisterSymbol( "Inline__CheatManager" )
  409. registerSymbol( "Inline__CheatManager", t, true )
  410.  
  411. --** get CheatManager Class via StaticFindObject **--
  412.  
  413. t = staticFindObjectEx( "Engine.CheatManager" )
  414. if t &lt; 1 then stopExec( "'Engine.CheatManager' Class not found." ) end
  415. unregisterSymbol( "CheatManager_Class" )
  416. registerSymbol( "CheatManager_Class", t, true )
  417.  
  418. local p = staticFindObjectEx( "ObjectProperty", "Engine.PlayerController", "CheatManager" )
  419. if p &lt; 1 then stopExec( "'CheatManager' ObjectProperty not found." ) end
  420. p = getOffset( p )
  421.  
  422. t = p + 0x8
  423. p = string.format( "%X", p )
  424. t = string.format( "%X", t )
  425.  
  426. --** assembly **--
  427. -- note Trampolines+10 is used here, in case you wonder where it is
  428.  
  429. autoAssemble([[
  430.  
  431. label( APlayerController__AddCheats )
  432. registersymbol( APlayerController__AddCheats )
  433. label( APlayerController__PostInitializeComponents_hookspot_o )
  434. registersymbol( APlayerController__PostInitializeComponents_hookspot_o )
  435.  
  436. label( @L00000001 )
  437. label( @L00000002 )
  438. label( @L00000003 )
  439. label( @L00000004 )
  440. label( @L00000005 )
  441. label( @L00000006 )
  442. label( @L00000007 )
  443.  
  444. Inline__CheatManager:
  445. mov rcx,rbx
  446. call short APlayerController__AddCheats
  447. APlayerController__PostInitializeComponents_hookspot_o:
  448. readmem( APlayerController__PostInitializeComponents_hookspot, 7 )
  449. jmp far APlayerController__PostInitializeComponents_hookspot+7
  450.  
  451. align 10 CC
  452.  
  453. APlayerController__AddCheats:
  454. push rbx
  455. push rsi
  456. push rdi
  457. sub rsp,50
  458. mov rdi,rcx
  459. mov rax,[rcx]
  460. call qword ptr [rax+148] // APlayerController::GetWorld
  461. cmp qword ptr [rdi+]]..p..[[],0 // CheatManager
  462. mov rsi,rax
  463. jne @L00000007
  464. cmp qword ptr [rdi+]]..t..[[],0 // Class
  465. je @L00000007
  466. mov rax,CheatManager_Class
  467. mov rdx,[rdi+]]..t..[[] // Class
  468. mov rcx,rdx
  469. test rdx,rdx
  470. je @L00000007
  471.  
  472. @L00000001:
  473. cmp rcx,rax
  474. je short @L00000002
  475. mov rcx,[rcx+30]
  476. test rcx,rcx
  477. jne short @L00000001
  478. add rsp,50
  479. pop rdi
  480. pop rsi
  481. pop rbx
  482. ret
  483.  
  484. @L00000002:
  485. mov [rsp+78],rbp
  486. xor ebp,ebp
  487. mov [rsp+70],rbp
  488. cmp [rdi+]]..t..[[],rbp // Class
  489. je short @L00000004
  490. mov rax,CheatManager_Class
  491. mov rsi,[rdi+]]..t..[[] // Class
  492. mov rcx,rsi
  493. test rsi,rsi
  494. je short @L00000004
  495.  
  496. @L00000003:
  497. cmp rcx,rax
  498. je short @L00000005
  499. mov rcx,[rcx+30]
  500. test rcx,rcx
  501. jne short @L00000003
  502.  
  503. @L00000004:
  504. mov rsi,rbp
  505.  
  506. @L00000005:
  507. mov rbx,[rsp+70]
  508. mov [rsp+80],rbp
  509. cmp rbx,rbp
  510. jne short @L00000006
  511. mov rdx,wszNewObject
  512. mov rcx,rdi
  513. call FObjectInitializer__AssertIfInConstructor
  514.  
  515. @L00000006:
  516. mov [rsp+40],bpl
  517. xor r9d,r9d
  518. mov [rsp+38],rbp
  519. mov r8,rbx
  520. mov [rsp+30],bpl
  521. mov rdx,rdi
  522. mov [rsp+28],rbp
  523. mov rcx,rsi
  524. mov [rsp+20],ebp
  525. call StaticConstructObject_Internal
  526. mov [rdi+]]..p..[[],rax
  527. mov rcx,rax
  528. mov rdx,[rax]
  529. call qword ptr [rdx+408]
  530. mov rbp,[rsp+78]
  531.  
  532. @L00000007:
  533. add rsp,50
  534. pop rdi
  535. pop rsi
  536. pop rbx
  537. ret
  538.  
  539. align 10 CC
  540.  
  541. Trampolines+10:
  542. jmp far Inline__CheatManager
  543.  
  544. align 10 CC
  545.  
  546. APlayerController__PostInitializeComponents_hookspot:
  547. jmp Trampolines+10
  548. nop 2
  549.  
  550. ]])
  551.  
  552. local PlayerController = getPlayerController()
  553. if PlayerController &lt; 1 then stopExec( "PlayerController was not yet initialized. Not at main menu?" ) end
  554. local APlayerController_AddCheats = getAddressSafe( "APlayerController__AddCheats" )
  555. if APlayerController_AddCheats == 0x0 then stopExec( "'APlayerController_AddCheats' symbol not found." ) end
  556. executeCodeEx( 0, nil, APlayerController_AddCheats, PlayerController ) -- I've removed the need for the 0/1 parameter
  557.  
  558. --[[
  559.  
  560. APlayerController::PostInitializeComponents:
  561.  
  562. Wonderlands.exe+26EDD60 - 40 53 - push rbx
  563. Wonderlands.exe+26EDD62 - 48 83 EC 20 - sub rsp,20 { 32 }
  564. Wonderlands.exe+26EDD66 - 48 8B D9 - mov rbx,rcx
  565. Wonderlands.exe+26EDD69 - E8 12B7CBFF - call Wonderlands.exe+23A9480
  566. Wonderlands.exe+26EDD6E - 8B 43 0C - mov eax,[rbx+0C]
  567. Wonderlands.exe+26EDD71 - 3B 05 2D9CEB03 - cmp eax,[Wonderlands.exe+65A79A4] { (485739) }
  568. Wonderlands.exe+26EDD77 - 7D 2C - jnl Wonderlands.exe+26EDDA5
  569. Wonderlands.exe+26EDD79 - 99 - cdq
  570. Wonderlands.exe+26EDD7A - 0FB7 D2 - movzx edx,dx
  571. Wonderlands.exe+26EDD7D - 03 C2 - add eax,edx
  572. Wonderlands.exe+26EDD7F - 44 8B C0 - mov r8d,eax
  573. Wonderlands.exe+26EDD82 - 0FB7 C0 - movzx eax,ax
  574. Wonderlands.exe+26EDD85 - 2B C2 - sub eax,edx
  575. Wonderlands.exe+26EDD87 - 48 98 - cdqe
  576. Wonderlands.exe+26EDD89 - 41 C1 F8 10 - sar r8d,10 { 16 }
  577. Wonderlands.exe+26EDD8D - 49 63 C8 - movsxd rcx,r8d
  578. Wonderlands.exe+26EDD90 - 48 8D 14 40 - lea rdx,[rax+rax*2]
  579. Wonderlands.exe+26EDD94 - 48 8B 05 F59BEB03 - mov rax,[Wonderlands.exe+65A7990] { (094EF700) }
  580. Wonderlands.exe+26EDD9B - 48 8B 0C C8 - mov rcx,[rax+rcx*8]
  581. Wonderlands.exe+26EDD9F - 48 8D 04 D1 - lea rax,[rcx+rdx*8]
  582. Wonderlands.exe+26EDDA3 - EB 02 - jmp Wonderlands.exe+26EDDA7
  583. Wonderlands.exe+26EDDA5 - 33 C0 - xor eax,eax
  584. Wonderlands.exe+26EDDA7 - 8B 40 08 - mov eax,[rax+08]
  585. Wonderlands.exe+26EDDAA - C1 E8 1D - shr eax,1D { 29 }
  586. Wonderlands.exe+26EDDAD - A8 01 - test al,01 { 1 }
  587. Wonderlands.exe+26EDDAF - 75 19 - jne Wonderlands.exe+26EDDCA
  588. Wonderlands.exe+26EDDB1 - 48 8B CB - mov rcx,rbx
  589. Wonderlands.exe+26EDDB4 - E8 8715B1FF - call Wonderlands.exe+21FF340
  590. Wonderlands.exe+26EDDB9 - 83 F8 03 - cmp eax,03 { 3 }
  591. Wonderlands.exe+26EDDBC - 74 0C - je Wonderlands.exe+26EDDCA
  592. Wonderlands.exe+26EDDBE - 48 8B 03 - mov rax,[rbx]
  593. Wonderlands.exe+26EDDC1 - 48 8B CB - mov rcx,rbx
  594. Wonderlands.exe+26EDDC4 - FF 90 A8070000 - call qword ptr [rax+000007A8]
  595. Wonderlands.exe+26EDDCA - 48 8B 03 - mov rax,[rbx]
  596. Wonderlands.exe+26EDDCD - 48 8B CB - mov rcx,rbx
  597. Wonderlands.exe+26EDDD0 - FF 90 580D0000 - call qword ptr [rax+00000D58]
  598. Wonderlands.exe+26EDDD6 - 48 8B 03 - mov rax,[rbx]
  599. Wonderlands.exe+26EDDD9 - 48 8B CB - mov rcx,rbx
  600. Wonderlands.exe+26EDDDC - FF 90 B00E0000 - call qword ptr [rax+00000EB0]
  601. Wonderlands.exe+26EDDE2 - 48 8B CB - mov rcx,rbx
  602. Wonderlands.exe+26EDDE5 - E8 5615B1FF - call Wonderlands.exe+21FF340
  603. Wonderlands.exe+26EDDEA - 83 F8 03 - cmp eax,03 { 3 }
  604. Wonderlands.exe+26EDDED - 75 0C - jne Wonderlands.exe+26EDDFB
  605. Wonderlands.exe+26EDDEF - 48 8B 03 - mov rax,[rbx]
  606. Wonderlands.exe+26EDDF2 - 48 8B CB - mov rcx,rbx
  607. Wonderlands.exe+26EDDF5 - FF 90 B00D0000 - call qword ptr [rax+00000DB0] &lt;------------ it's not the AddCheats call, as the code was not compiled in, but it's after this dynamic call ;)
  608. Wonderlands.exe+26EDDFB - 83 8B 40060000 10 - or dword ptr [rbx+00000640],10 { 16 }
  609. Wonderlands.exe+26EDE02 - 48 C7 44 24 30 42010000 - mov qword ptr [rsp+30],00000142 { 322 }
  610. Wonderlands.exe+26EDE0B - 48 8B 44 24 30 - mov rax,[rsp+30]
  611. Wonderlands.exe+26EDE10 - 48 89 83 80040000 - mov [rbx+00000480],rax
  612. Wonderlands.exe+26EDE17 - 48 83 C4 20 - add rsp,20 { 32 }
  613. Wonderlands.exe+26EDE1B - 5B - pop rbx
  614. Wonderlands.exe+26EDE1C - C3 - ret
  615.  
  616. ]]
  617.  
  618. --** restore UCheatManager execs **--
  619.  
  620. local aa = staticFindObjectEx( "ObjectProperty", "Engine.Controller", "Pawn" )
  621. if aa &lt; 1 then stopExec( "'Pawn' ObjectProperty not found." ) end
  622. aa = getOffset( aa )
  623. aa = string.format( "%X", aa )
  624.  
  625. local ab = staticFindObjectEx( "ObjectProperty", "Engine.Character", "CharacterMovement" )
  626. if ab &lt; 1 then stopExec( "'CharacterMovement' ObjectProperty not found." ) end
  627. ab = getOffset( ab )
  628. ab = string.format( "%X", ab )
  629.  
  630. local ac = staticFindObjectEx( "BoolProperty", "Engine.CharacterMovementComponent", "bCheatFlying" )
  631. if ac &lt; 1 then stopExec( "'bCheatFlying' BoolProperty not found." ) end
  632. ac = getOffset( ac )
  633. if (ac % 2 ~= 0) then ac = ac - 0x1 end -- in BL3 this BoolProperty is 0x4B5; I use the 4B4 one with DWORD, rather than 4B5 with BOOL
  634. ac = string.format( "%X", ac )
  635.  
  636. local ad = staticFindObjectEx( "BoolProperty", "Engine.Actor", "bCanBeDamaged" )
  637. if ad &lt; 1 then stopExec( "'bCanBeDamaged' BoolProperty not found." ) end
  638. ad = getOffset( ad )
  639. ad = string.format( "%X", ad )
  640.  
  641. t = staticFindObjectEx( "Function", "Engine.CheatManager", "Fly" )
  642. if t &lt; 1 then stopExec( "'Fly' Function not found." ) end
  643. t = readQword( t + 0xB0 ) -- get to execFly
  644. t = t + 0x18 + 0x3 -- offset till the JMP qword ptr [rax+2A0] + 0x3
  645. t = readInteger( t )
  646. local ae = t + 0x18 -- execGod is @ execFly+0x18
  647. ae = string.format( "%X", ae )
  648. local af = t + 0x10 -- execGhost is @ execFly+0x10
  649. af = string.format( "%X", af )
  650.  
  651. t = allocateMemory( 0x1000 )
  652. unregisterSymbol( "RebuiltCode" )
  653. registerSymbol( "RebuiltCode", t, true )
  654.  
  655. autoAssemble([[
  656.  
  657. label( UCheatManager__Fly )
  658. registersymbol( UCheatManager__Fly )
  659. label( UCheatManager__Fly_exit )
  660. label( UCheatManager__Walk )
  661. registersymbol( UCheatManager__Walk )
  662. label( UCheatManager__Walk_exit )
  663. label( UCheatManager__Ghost )
  664. registersymbol( UCheatManager__Ghost )
  665. label( UCheatManager__Ghost_exit )
  666. label( UCheatManager__God )
  667. registersymbol( UCheatManager__God )
  668. label( UCheatManager__God_Null )
  669. label( UCheatManager__God_On )
  670. label( UCheatManager__God_Off )
  671. label( UCheatManager__God_Print )
  672. label( UCheatManager__PlayersOnly )
  673. registersymbol( UCheatManager__PlayersOnly )
  674.  
  675. label( wszCheatFly )
  676. label( wszCheatWalk )
  677. label( wszCheatGhost )
  678. label( wszCheatGodOn )
  679. label( wszCheatGodOff )
  680. label( wszCheatGodNoPawn )
  681.  
  682. label( ConstructUFunctions )
  683. registersymbol( ConstructUFunctions )
  684. label( Z_Construct_UClass_UCheatManager )
  685. registersymbol( Z_Construct_UClass_UCheatManager )
  686. label( Z_Construct_UClass_UCheatManager_Statics_FuncInfo )
  687. registersymbol( Z_Construct_UClass_UCheatManager_Statics_FuncInfo )
  688. label( Z_Construct_UFunction_UCheatManager__God )
  689. registersymbol( Z_Construct_UFunction_UCheatManager__God )
  690. label( Z_Construct_UFunction_UCheatManager__Ghost )
  691. registersymbol( Z_Construct_UFunction_UCheatManager__Ghost )
  692. label( Z_Construct_UFunction_UCheatManager__God_Statics_FuncParams )
  693. registersymbol( Z_Construct_UFunction_UCheatManager__God_Statics_FuncParams )
  694. label( Z_Construct_UFunction_UCheatManager__Ghost_Statics_FuncParams )
  695. registersymbol( Z_Construct_UFunction_UCheatManager__Ghost_Statics_FuncParams )
  696. label( UFunction__God )
  697. registersymbol( UFunction__God )
  698. label( UFunction__Ghost )
  699. registersymbol( UFunction__Ghost )
  700.  
  701. label( pszGod )
  702. label( pszGhost )
  703.  
  704. label( UCheatManager__execGod )
  705. registersymbol( UCheatManager__execGod )
  706. label( UCheatManager__execGhost )
  707. registersymbol( UCheatManager__execGhost )
  708.  
  709. RebuiltCode:
  710.  
  711. align 10 CC
  712.  
  713. UCheatManager__Fly:
  714. sub rsp,38
  715. mov rsi,rcx // rcx = CheatManager
  716. mov rbx,[rcx+20] // rbx &lt;- PlayerController
  717. mov rbx,[rbx+]]..aa..[[] // rbx &lt;- PlayerCharacter
  718. test rbx,rbx
  719. je UCheatManager__Fly_exit
  720. xorps xmm3,xmm3
  721. xor r8,r8
  722. lea rcx,[wszCheatFly]
  723. mov [rsp+20],rcx // str
  724. mov rax,FFFFFFFFFFFFFFFF
  725. @@:
  726. inc rax
  727. cmp word ptr [rcx+rax*2],0
  728. jne short @b
  729. inc eax
  730. mov [rsp+28],eax // size with 0-terminator
  731. lea rdx,[rsp+20] // p -&gt; str|size
  732. mov rcx,[rsi+20] // rcx &lt;- PlayerController
  733. mov rax,[rcx]
  734. call [rax+C70] // APlayerController::ClientMessage
  735. mov dl,1
  736. mov rcx,rbx // rbx = PlayerCharacter
  737. call AActor__SetActorEnableCollision
  738. mov rax,[rbx+]]..ab..[[] // rax &lt;- CharMovementComponent
  739. test rax,rax
  740. je short @f
  741. or dword ptr [rax+]]..ac..[[],400 // CharacterMovement-&gt;bCheatFlying = false;
  742. mov edx,5
  743. mov rcx,rax
  744. mov rax,[rcx]
  745. call [rax+5A8] // UCharacterMovementComponent::SetMovementMode
  746. UCheatManager__Fly_exit:
  747. add rsp,38
  748. ret
  749.  
  750. align 10 CC
  751.  
  752. UCheatManager__Walk:
  753. sub rsp,38
  754. mov rsi,rcx // rcx = CheatManager
  755. mov rbx,[rcx+20] // rbx &lt;- PlayerController
  756. mov rbx,[rbx+]]..aa..[[] // rbx &lt;- PlayerCharacter
  757. test rbx,rbx
  758. je UCheatManager__Walk_exit
  759. xorps xmm3,xmm3
  760. xor r8,r8
  761. lea rcx,[wszCheatWalk]
  762. mov [rsp+20],rcx // str
  763. mov rax,FFFFFFFFFFFFFFFF
  764. @@:
  765. inc rax
  766. cmp word ptr [rcx+rax*2],0
  767. jne short @b
  768. inc eax
  769. mov [rsp+28],eax // size with 0-terminator
  770. lea rdx,[rsp+20] // p -&gt; str|size
  771. mov rcx,[rsi+20] // rcx &lt;- PlayerController
  772. mov rax,[rcx]
  773. call [rax+C70] // APlayerController::ClientMessage
  774. mov dl,1
  775. mov rcx,rbx // rbx = PlayerCharacter
  776. call AActor__SetActorEnableCollision
  777. mov rax,[rbx+]]..ab..[[] // rax &lt;- CharMovementComponent
  778. test rax,rax
  779. je short @f
  780. and dword ptr [rax+]]..ac..[[],FFFFFBFF // CharacterMovement-&gt;bCheatFlying = true;
  781. mov edx,3
  782. mov rcx,rax
  783. mov rax,[rcx]
  784. call [rax+5A8] // UCharacterMovementComponent::SetMovementMode
  785. UCheatManager__Walk_exit:
  786. add rsp,38
  787. ret
  788.  
  789. align 10 CC
  790.  
  791. UCheatManager__Ghost:
  792. sub rsp,38
  793. mov rsi,rcx // rcx = CheatManager
  794. mov rbx,[rcx+20] // rbx &lt;- PlayerController
  795. mov rbx,[rbx+]]..aa..[[] // rbx &lt;- PlayerCharacter
  796. test rbx,rbx
  797. je UCheatManager__Ghost_exit
  798. xorps xmm3,xmm3
  799. xor r8,r8
  800. lea rcx,[wszCheatGhost]
  801. mov [rsp+20],rcx // str
  802. mov rax,FFFFFFFFFFFFFFFF
  803. @@:
  804. inc rax
  805. cmp word ptr [rcx+rax*2],0
  806. jne short @b
  807. inc eax
  808. mov [rsp+28],eax // size with 0-terminator
  809. lea rdx,[rsp+20] // p -&gt; str|size
  810. mov rcx,[rsi+20] // rcx &lt;- PlayerController
  811. mov rax,[rcx]
  812. call [rax+C70] // APlayerController_ClientMessage
  813. xor edx,edx
  814. mov rcx,rbx // rbx = PlayerCharacter
  815. call AActor__SetActorEnableCollision
  816. mov rax,[rbx+]]..ab..[[] // rax &lt;- CharMovementComponent
  817. test rax,rax
  818. je short @f
  819. or dword ptr [rax+]]..ac..[[],400 // CharacterMovement-&gt;bCheatFlying = false;
  820. mov edx,5
  821. mov rcx,rax
  822. mov rax,[rcx]
  823. call [rax+5A8] // UCharacterMovementComponent::SetMovementMode
  824. UCheatManager__Ghost_exit:
  825. add rsp,38
  826. ret
  827.  
  828. align 10 CC
  829.  
  830. UCheatManager__God:
  831. sub rsp,38
  832. mov rsi,rcx // rcx = CheatManager
  833. mov rbx,[rcx+20] // rbx &lt;- PlayerController
  834. mov rbx,[rbx+]]..aa..[[] // rbx &lt;- PlayerCharacter
  835. test rbx,rbx
  836. je UCheatManager__God_Null
  837. movzx eax,byte ptr [rbx+]]..ad..[[] // Pawn-&gt;CanBeDamaged()
  838. test al,40
  839. je short UCheatManager__God_Off
  840. UCheatManager__God_On:
  841. and al,0xBF // false
  842. mov byte ptr [rbx+]]..ad..[[],al // Pawn-&gt;SetCanBeDamaged(false);
  843. lea rcx,[wszCheatGodOn]
  844. jmp short UCheatManager__God_Print
  845. UCheatManager__God_Off:
  846. or al,0x40 // true
  847. mov byte ptr [rbx+]]..ad..[[],al // Pawn-&gt;SetCanBeDamaged(true);
  848. lea rcx,[wszCheatGodOff]
  849. jmp short UCheatManager__God_Print
  850. UCheatManager__God_Null:
  851. lea rcx,[wszCheatGodNoPawn]
  852. UCheatManager__God_Print:
  853. xorps xmm3,xmm3
  854. xor r8,r8
  855. mov [rsp+20],rcx // str
  856. mov rax,FFFFFFFFFFFFFFFF
  857. @@:
  858. inc rax
  859. cmp word ptr [rcx+rax*2],0
  860. jne short @b
  861. inc eax
  862. mov [rsp+28],eax // size with 0-terminator
  863. lea rdx,[rsp+20] // p -&gt; str|size
  864. mov rcx,[rsi+20] // rcx &lt;- PlayerController
  865. mov rax,[rcx]
  866. call [rax+C70] // APlayerController::ClientMessage
  867. add rsp,38
  868. ret
  869.  
  870. align 10 CC
  871.  
  872. UCheatManager__PlayersOnly:
  873. push rdi
  874. sub rsp,20
  875. mov rax,[rcx] // [
  876. mov rdi,rcx //
  877. call [rax+148] //
  878. test byte ptr [rax+830],0x80 // if (GetWorld()-&gt;bPlayersOnly
  879. jne short @f // ||
  880. mov rax,[rdi] //
  881. mov rcx,rdi //
  882. call [rax+148] //
  883. test [rax+830],0x100 // GetWorld()-&gt;bPlayersOnlyPending)
  884. jne short @f // ]
  885. mov rax,[rdi] // [
  886. mov rcx,rdi //
  887. mov [rsp+30],rbx //
  888. call [rax+148] // GetWorld()
  889. mov rdx,[rdi] //
  890. mov rcx,rdi //
  891. mov rbx,rax //
  892. call [rdx+148] // GetWorld()
  893. mov ecx,[rbx+830] // -&gt;bPlayersOnlyPending
  894. mov rbx,[rsp+30] //
  895. not ecx // = !GetWorld()-&gt;bPlayersOnlyPending
  896. xor ecx,[rax+830] //
  897. and ecx,0x100 //
  898. xor [rax+830],ecx // ]
  899. add rsp,20
  900. pop rdi
  901. ret
  902. @@:
  903. mov rax,[rdi] // [
  904. mov rcx,rdi //
  905. call [rax+148] // GetWorld()-&gt;bPlayersOnly = false;
  906. and [rax+830],0xFFFFFF7F // ]
  907. mov rcx,rdi // [
  908. mov rax,[rdi] //
  909. call [rax+148] // GetWorld()-&gt;bPlayersOnlyPending = false;
  910. and [rax+830],0xFFFFFEFF // ]
  911. add rsp,20
  912. pop rdi
  913. ret
  914.  
  915. align 10 CC
  916.  
  917. UCheatManager__execGod:
  918. mov rax,[rdx+20]
  919. xor r8d,r8d
  920. test rax,rax
  921. setne r8l
  922. add r8,rax
  923. mov [rdx+20],r8
  924. mov rax,[rcx]
  925. //jmp qword ptr [rax+2B8]
  926. jmp qword ptr [rax+]]..ae..[[]
  927.  
  928. align 10 CC
  929.  
  930. Z_Construct_UFunction_UCheatManager__God:
  931. sub rsp,28
  932. mov rax,[UFunction__God]
  933. test rax,rax
  934. jne short @f
  935. lea rdx,[Z_Construct_UFunction_UCheatManager__God_Statics_FuncParams]
  936. lea rcx,[UFunction__God]
  937. call UE4CodeGen_Private__ConstructUFunction // UE4CodeGen_Private::ConstructUFunction
  938. mov rax,[UFunction__God]
  939. @@:
  940. add rsp,28
  941. ret
  942.  
  943. align 10 CC
  944.  
  945. UCheatManager__execGhost:
  946. mov rax,[rdx+20]
  947. xor r8d,r8d
  948. test rax,rax
  949. setne r8l
  950. add r8,rax
  951. mov [rdx+20],r8
  952. mov rax,[rcx]
  953. //jmp qword ptr [rax+2B0]
  954. jmp qword ptr [rax+]]..af..[[]
  955.  
  956. align 10 CC
  957.  
  958. Z_Construct_UFunction_UCheatManager__Ghost:
  959. sub rsp,28
  960. mov rax,[UFunction__Ghost]
  961. test rax,rax
  962. jne short @f
  963. lea rdx,[Z_Construct_UFunction_UCheatManager__Ghost_Statics_FuncParams]
  964. lea rcx,[UFunction__Ghost]
  965. call UE4CodeGen_Private__ConstructUFunction // UE4CodeGen_Private::ConstructUFunction
  966. mov rax,[UFunction__Ghost]
  967. @@:
  968. add rsp,28
  969. ret
  970.  
  971. align 10 CC
  972.  
  973. /*
  974. Z_Construct_UClass_UCheatManager:
  975. sub rsp,28
  976. mov rax,[UCheatManager_OuterClass]
  977. test rax,rax
  978. jne short @f
  979. lea rdx,[UCheatManager_GetPrivateStaticClass]
  980. lea rcx,[UCheatManager_OuterClass]
  981. call UE4CodeGen_Private__ConstructUClass
  982. mov rax,[UCheatManager_OuterClass]
  983. @@:
  984. add rsp,28
  985. ret
  986. */
  987.  
  988. Z_Construct_UClass_UCheatManager:
  989. sub rsp,28
  990. mov rax,CheatManager_Class
  991. add rsp,28
  992. ret
  993.  
  994. align 10 CC
  995.  
  996. ConstructUFunctions:
  997. sub rsp,178
  998. mov r8d,2 // uint32 NumFunctions
  999. lea rdx,[Z_Construct_UClass_UCheatManager_Statics_FuncInfo] // FClassFunctionLinkInfo* Functions
  1000. //call UCheatManager_GetPrivateStaticClass
  1001. mov rax,CheatManager_Class
  1002. mov rcx,rax // Class Engine.CheatManager
  1003. call UClass__CreateLinkAndAddChildFunctionsToMap // UClass::CreateLinkAndAddChildFunctionsToMap
  1004. add rsp,178
  1005. ret
  1006.  
  1007. align 10 CC
  1008.  
  1009. wszCheatFly:
  1010. dw '[SunBeam]: fly -&gt; ON.',0
  1011.  
  1012. align 10 CC
  1013.  
  1014. wszCheatWalk:
  1015. dw '[SunBeam]: fly/ghost -&gt; OFF.',0
  1016.  
  1017. align 10 CC
  1018.  
  1019. wszCheatGhost:
  1020. dw '[SunBeam]: ghost -&gt; ON.',0
  1021.  
  1022. align 10 CC
  1023.  
  1024. wszCheatGodOn:
  1025. dw '[SunBeam]: god -&gt; ON.',0
  1026.  
  1027. align 10 CC
  1028.  
  1029. wszCheatGodOff:
  1030. dw '[SunBeam]: god -&gt; OFF.',0
  1031.  
  1032. align 10 CC
  1033.  
  1034. wszCheatGodNoPawn:
  1035. dw '[SunBeam]: god -&gt; No APawn* possessed.',0
  1036.  
  1037. align 10 CC
  1038.  
  1039. UFunction__God:
  1040. dq 0
  1041.  
  1042. align 10 CC
  1043.  
  1044. UFunction__Ghost:
  1045. dq 0
  1046.  
  1047. align 10 CC
  1048.  
  1049. pszGod:
  1050. db 'God',0
  1051.  
  1052. align 10 CC
  1053.  
  1054. pszGhost:
  1055. db 'Ghost',0
  1056.  
  1057. align 10 CC
  1058.  
  1059. Z_Construct_UFunction_UCheatManager__God_Statics_FuncParams:
  1060. dq Z_Construct_UClass_UCheatManager // 0x00
  1061. dq pszGod // 0x08
  1062. dq 0x45 // 0x10
  1063. dq 0 // 0x18
  1064. dq 04020600 // 0x20
  1065. dq 0 // 0x28
  1066. dq 0 // 0x30
  1067. dq 0 // 0x38
  1068. dq 0
  1069.  
  1070. align 10 CC
  1071.  
  1072. Z_Construct_UFunction_UCheatManager__Ghost_Statics_FuncParams:
  1073. dq Z_Construct_UClass_UCheatManager // 0x00
  1074. dq pszGhost // 0x08
  1075. dq 0x45 // 0x10
  1076. dq 0 // 0x18
  1077. dq 04020600 // 0x20
  1078. dq 0 // 0x28
  1079. dq 0 // 0x30
  1080. dq 0 // 0x38
  1081. dq 0
  1082.  
  1083. align 10 CC
  1084.  
  1085. Z_Construct_UClass_UCheatManager_Statics_FuncInfo:
  1086. dq Z_Construct_UFunction_UCheatManager__God // 0x00
  1087. dq pszGod // 0x08
  1088. dq Z_Construct_UFunction_UCheatManager__Ghost // 0x10
  1089. dq pszGhost // 0x18
  1090. dq 0
  1091.  
  1092. ]])
  1093.  
  1094. t = getAddressSafe( "ConstructUFunctions" )
  1095. if t == 0x0 then stopExec( "'ConstructUFunctions' not assembled?" ) end
  1096. executeCodeEx( 0, nil, t )
  1097.  
  1098. --* adjust exec functions after creation *--
  1099.  
  1100. t = getAddressSafe( "UFunction__God" )
  1101. if t == 0x0 then stopExec( "'UFunction__God' not assembled?" ) end
  1102.  
  1103. local UFunction_God = readQword( getAddressSafe( "UFunction__God" ) )
  1104. local UCheatManager_execGod = getAddressSafe( "UCheatManager__execGod" )
  1105. writeQword( UFunction_God + 0xB0, UCheatManager_execGod )
  1106. local UFunction_Ghost = readQword( getAddressSafe( "UFunction__Ghost" ) )
  1107. local UCheatManager_execGhost = getAddressSafe( "UCheatManager__execGhost" )
  1108. writeQword( UFunction_Ghost + 0xB0, UCheatManager_execGhost )
  1109.  
  1110. t = staticFindObjectEx( "ObjectProperty", "Engine.PlayerController", "CheatManager" )
  1111. if t &lt; 1 then stopExec( "'CheatManager' ObjectProperty not found." ) end
  1112. local CheatManager_offset = getOffset( t )
  1113. local CheatManager = readQword( PlayerController + CheatManager_offset )
  1114.  
  1115. local mf_CheatManager = readQword( CheatManager )
  1116. -- offset till execFly in the member-functions vtable [execFly-&gt;+0x00;execWalk-&gt;+0x08;execGhost-&gt;+0x10;execGod-&gt;+0x18;execPlayersOnly-&gt;+0x58]
  1117. t = staticFindObjectEx( "Function", "Engine.CheatManager", "Fly" )
  1118. if t &lt; 1 then stopExec( "'Fly' Function not found." ) end
  1119. t = readQword( t + 0xB0 ) -- to get to execFly
  1120. t = t + 0x18 + 0x3 -- offset till the JMP qword ptr [rax+2A0] + 0x3
  1121. t = readInteger( t )
  1122. t = mf_CheatManager + t -- should be 2A0 at this point
  1123. local UCheatManager_execFly = t + 0x00
  1124. fullAccess( UCheatManager_execFly, 8 )
  1125. writeQword( UCheatManager_execFly, getAddressSafe( "UCheatManager__Fly" ) )
  1126. local UCheatManager_execWalk = t + 0x08
  1127. fullAccess( UCheatManager_execWalk, 8 )
  1128. writeQword( UCheatManager_execWalk, getAddressSafe( "UCheatManager__Walk" ) )
  1129. local UCheatManager_execGhost = t + 0x10
  1130. fullAccess( UCheatManager_execGhost, 8 )
  1131. writeQword( UCheatManager_execGhost, getAddressSafe( "UCheatManager__Ghost" ) )
  1132. local UCheatManager_execGod = t + 0x18
  1133. fullAccess( UCheatManager_execGod, 8 )
  1134. writeQword( UCheatManager_execGod, getAddressSafe( "UCheatManager__God" ) )
  1135. local UCheatManager_execPlayersOnly = t + 0x58
  1136. fullAccess( UCheatManager_execPlayersOnly, 8 )
  1137. writeQword( UCheatManager_execPlayersOnly, getAddressSafe( "UCheatManager__PlayersOnly" ) )
  1138.  
  1139. --** inline UPlayer::Exec so DeveloperPerks functions work **--
  1140.  
  1141. t = allocateMemory( 0x1000 )
  1142. unregisterSymbol( "UPlayer__Exec_hook" )
  1143. registerSymbol( "UPlayer__Exec_hook", t, true )
  1144.  
  1145. local aob_in_UPlayer_Exec = "488D4C24??E8??????????C04883C4??415F415E415D5F5E5D5BC3"
  1146. sl = aobScanEx( aob_in_UPlayer_Exec )
  1147. if not sl or sl.Count &lt; 1 then stopExec( "'aob_in_UPlayer_Exec' not found." ) end
  1148. t = tonumber( sl[0], 16 )
  1149. unregisterSymbol( "UPlayer__Exec_hookspot" )
  1150. registerSymbol( "UPlayer__Exec_hookspot", t, true )
  1151.  
  1152. t = staticFindObjectEx( "ObjectProperty", "BPCont_Player.BPCont_Player_C", "DeveloperPerks" )
  1153. if t &lt; 1 then stopExec( "'DeveloperPerks' ObjectProperty not found." ) end
  1154. t = getOffset( t )
  1155. t = string.format( "%X", t )
  1156.  
  1157. autoAssemble([[
  1158.  
  1159. label( UPlayer__Exec_hookspot_o )
  1160. registersymbol( UPlayer__Exec_hookspot_o )
  1161. label( UPlayer__Exec_hook_exit )
  1162.  
  1163. UPlayer__Exec_hook:
  1164. // [ObjectProperty BPCont_Player.BPCont_Player_C.DeveloperPerks + 0x44] = 0x2780
  1165. // r14 = OakPlayerController
  1166. mov rcx,[r14+]]..t..[[] // adjusted it so it's read directly from the ObjectProperty, hence stable across updates
  1167. test rcx,rcx
  1168. je short @f
  1169. mov rax,[rcx]
  1170. mov r9,rdi
  1171. mov r8,rbp
  1172. mov rdx,rsi
  1173. call qword ptr [rax+220] // UObject::ProcessConsoleExec
  1174. test al,al
  1175. jne short UPlayer__Exec_hook_exit
  1176. UPlayer__Exec_hookspot_o:
  1177. readmem( UPlayer__Exec_hookspot, 5 )
  1178. jmp far UPlayer__Exec_hookspot+5
  1179. UPlayer__Exec_hook_exit:
  1180. jmp far UPlayer__Exec_hookspot+1B
  1181.  
  1182. align 10 CC
  1183.  
  1184. Trampolines+20:
  1185. jmp far UPlayer__Exec_hook
  1186.  
  1187. align 10 CC
  1188.  
  1189. UPlayer__Exec_hookspot:
  1190. jmp Trampolines+20
  1191.  
  1192. ]])
  1193.  
  1194. --** set UFUNC_Exec flag on all DeveloperPerks functions of interest **--
  1195.  
  1196. local UFUNC_Exec = 0x200
  1197.  
  1198. local i = 0x0
  1199. local cmdArr = 0x0
  1200.  
  1201. cmdArr = {
  1202. "GiveCash",
  1203. "GiveEridium",
  1204. "GiveGoldenKeys",
  1205. "GiveLevels",
  1206. "KillEnemies",
  1207. "SpawnAwesomeItems",
  1208. "UnlimitedAmmo",
  1209. "UnlockAllCustomizations"
  1210. }
  1211.  
  1212. for i = 1, #cmdArr do
  1213. t = staticFindObjectEx( "Function", "BP_DevPerks.BP_DevPerks_C", cmdArr[i] )
  1214. if t &lt; 1 then stopExec( "'" .. cmdArr[i] .. "' Function not found." ) end
  1215. writeInteger( t + 0x88, readInteger( t + 0x88 ) | UFUNC_Exec )
  1216. if cmdArr[i] == "SpawnAwesomeItems" then
  1217. unregisterSymbol( "UFunction__SpawnAwesomeItems" )
  1218. registerSymbol( "UFunction__SpawnAwesomeItems", t, true )
  1219. end
  1220. end
  1221.  
  1222. cmdArr = {
  1223. "GetOwnerOakPlayerController",
  1224. "GiveCurrency",
  1225. "GrantLevels",
  1226. "KillAllEnemies",
  1227. "Loaded",
  1228. "OnDeveloperPerkActivated",
  1229. "PerkTypeEnumFunc",
  1230. "ServerGiveCurrency",
  1231. "ServerGrantLevels",
  1232. "ServerKillAllEnemies",
  1233. "ServerSpawnItems",
  1234. "ServerUnlockVehicleParts",
  1235. "SpawnItems",
  1236. "UnlockCustomizations",
  1237. "UnlockVehicleParts"
  1238. }
  1239.  
  1240. for i = 1, #cmdArr do
  1241. t = staticFindObjectEx( "Function", "OakGame.OakDeveloperPerks", cmdArr[i] )
  1242. if t &lt; 1 then stopExec( "'" .. cmdArr[i] .. "' Function not found." ) end
  1243. writeInteger( t + 0x88, readInteger( t + 0x88 ) | UFUNC_Exec )
  1244. end
  1245.  
  1246. --** misc. stuff **--
  1247.  
  1248. -- ZoneMapGlobalData contains the values we'd like to adjust for minimap FogOfDiscovery removal
  1249. t = staticFindObjectEx( "ZoneMapGlobalsData", "ZoneMapGlobals.ZoneMapGlobals" )
  1250. if t &lt; 1 then stopExec( "'ZoneMapGlobalsData' not found." ) end
  1251. unregisterSymbol( "ZoneMapGlobalsData" )
  1252. registerSymbol( "ZoneMapGlobalsData", t, true )
  1253.  
  1254. --** remove Tab from ConsoleKeys**--
  1255.  
  1256. if messageDialog( 'Remove Tab from ConsoleKeys?', mtConfirmation, mbYes, mbNo ) == mrYes then
  1257. killTabInConsoleKeys()
  1258. end
  1259.  
  1260. --** replace Tilde or Tab with a key of your choice **-
  1261.  
  1262. --[[
  1263. [00013646] BackSpace
  1264. [00013647] Tab
  1265. [00013648] Enter
  1266. [00013649] Pause
  1267. [00013650] CapsLock
  1268. [00013651] Escape
  1269. [00013652] SpaceBar
  1270. [00013653] PageUp
  1271. [00013654] PageDown
  1272. [00013655] End
  1273. [00013656] Home
  1274. [00013657] Left
  1275. [00013658] Up
  1276. [00013659] Right
  1277. [00013660] Down
  1278. [00013661] Insert
  1279. [00013662] Delete
  1280. [00013663] Zero
  1281. [00013664] One
  1282. [00013665] Two
  1283. [00013666] Three
  1284. [00013667] Four
  1285. [00013668] Five
  1286. [00013669] Six
  1287. [00013670] Seven
  1288. [00013671] Eight
  1289. [00013672] Nine
  1290. [00013673] A
  1291. [00013674] B
  1292. [00013675] C
  1293. [00013676] D
  1294. [00013677] E
  1295. [00013678] F
  1296. [00013679] G
  1297. [00013680] H
  1298. [00013681] I
  1299. [00013682] J
  1300. [00013683] K
  1301. [00013684] L
  1302. [00013685] M
  1303. [00013686] N
  1304. [00013687] O
  1305. [00013688] P
  1306. [00013689] Q
  1307. [00013690] R
  1308. [00013691] S
  1309. [00013692] T
  1310. [00013693] U
  1311. [00013694] V
  1312. [00013695] W
  1313. [00013696] X
  1314. [00013697] Y
  1315. [00013698] Z
  1316. [00013699] NumPadZero
  1317. [00013700] NumPadOne
  1318. [00013701] NumPadTwo
  1319. [00013702] NumPadThree
  1320. [00013703] NumPadFour
  1321. [00013704] NumPadFive
  1322. [00013705] NumPadSix
  1323. [00013706] NumPadSeven
  1324. [00013707] NumPadEight
  1325. [00013708] NumPadNine
  1326. [00013709] Multiply
  1327. [00013710] Add
  1328. [00013711] Subtract
  1329. [00013712] Decimal
  1330. [00013713] Divide
  1331. [00013714] F1
  1332. [00013715] F2
  1333. [00013716] F3
  1334. [00013717] F4
  1335. [00013718] F5
  1336. [00013719] F6
  1337. [00013720] F7
  1338. [00013721] F8
  1339. [00013722] F9
  1340. [00013723] F10
  1341. [00013724] F11
  1342. [00013725] F12
  1343. [00013726] NumLock
  1344. [00013727] ScrollLock
  1345. [00013728] LeftShift
  1346. [00013729] RightShift
  1347. [00013730] LeftControl
  1348. [00013731] RightControl
  1349. [00013732] LeftAlt
  1350. [00013733] RightAlt
  1351. [00013734] LeftCommand
  1352. [00013735] RightCommand
  1353. [00013736] Semicolon
  1354. [00013737] Equals
  1355. [00013738] Comma
  1356. [00013739] Underscore
  1357. [00013740] Hyphen
  1358. [00013741] Period
  1359. [00013742] Slash
  1360. [00013743] Tilde
  1361. [00013744] LeftBracket
  1362. [00013745] LeftParantheses
  1363. [00013746] Backslash
  1364. [00013747] RightBracket
  1365. [00013748] RightParantheses
  1366. [00013749] Apostrophe
  1367. [00013750] Quote
  1368. [00013751] Asterix
  1369. [00013752] Ampersand
  1370. [00013753] Caret
  1371. [00013754] Dollar
  1372. [00013755] Exclamation
  1373. [00013756] Colon
  1374. [00013757] A_AccentGrave
  1375. [00013758] E_AccentGrave
  1376. [00013759] E_AccentAigu
  1377. [00013760] C_Cedille
  1378. ]]
  1379.  
  1380. if messageDialog( 'Change current ConsoleKey?', mtConfirmation, mbYes, mbNo ) == mrYes then
  1381. synchronize( function()
  1382. local s = inputQuery( "Change ConsoleKey", "Key:", "Backspace" )
  1383. if string.len( s ) ~= 0x0 then changeConsoleKeyTo( s ) end
  1384. end )
  1385. end
  1386.  
  1387. end
  1388.  
  1389. [ENABLE]
  1390.  
  1391. local CEVersion = 7.1
  1392. local processName = "Wonderlands.exe"
  1393.  
  1394. if CEVersion ~= getCEVersion() then
  1395. showMessage( "This table was designed with Cheat Engine " .. CEVersion .. ".\r\nYour Cheat Engine " .. getCEVersion() .. " may work just fine. Try it first.\r\n\r\nIn case it doesn't, then please download version 7.1 ZIP file from the FRF Wonderlands topic.\r\n\r\n7.4 may cause failures with memory allocation, thus [ Initialize ] script won't enable and you'll have to close and reopen the game." )
  1396. end
  1397.  
  1398. openGameProcess( processName )
  1399.  
  1400. local sl, t = 0, 0
  1401.  
  1402. -- get BuildId
  1403.  
  1404. local aob_to_VersionString = "488935????????8935????????C705????????04001400668935"
  1405. sl = aobScanEx( aob_to_VersionString )
  1406. if not sl or sl.Count &lt; 1 then stopExec( "'aob_to_VersionString' not found." ) end
  1407. t = tonumber( sl[0], 16 )
  1408. local BuildId = readString( readQword( t + readInteger( t + 0x3, true ) + 0x7 ), 60000, true )
  1409.  
  1410. -- find the table record by matching strings, rather than direct record description/id
  1411.  
  1412. for i = 0, AddressList.Count - 1 do
  1413. mr = AddressList[i]
  1414. if mr.Parent == nil then
  1415. if string.match( mr.Description, "Version:" ) then
  1416. break
  1417. end
  1418. end
  1419. end
  1420.  
  1421. local TableBuildId = mr.Description
  1422. TableBuildId = string.match( TableBuildId, 'Version: Epic Games Store | (.*)' )
  1423.  
  1424. -- check the two and warn the user
  1425.  
  1426. if TableBuildId ~= BuildId then
  1427. showMessage( "This table is designed for BuildId: \r\n&gt;&gt; " .. TableBuildId .. "\r\n\r\nYours is: \r\n&gt;&gt; " .. BuildId .. "\r\n\r\nThe script will now enable, though I can't guarantee everything will work properly." )
  1428. end
  1429.  
  1430. -- scan time!
  1431.  
  1432. Init()
  1433.  
  1434. [DISABLE]
  1435.  
  1436. -- restore the CheatManager hook
  1437.  
  1438. autoAssemble([[
  1439.  
  1440. APlayerController__PostInitializeComponents_hookspot:
  1441. readmem( APlayerController__PostInitializeComponents_hookspot_o, 7 )
  1442.  
  1443. unregistersymbol( APlayerController__PostInitializeComponents_hookspot_o )
  1444. unregistersymbol( APlayerController__AddCheats )
  1445.  
  1446. ]])
  1447.  
  1448. deAlloc( getAddressSafe( "Inline__CheatManager" ) )
  1449.  
  1450. -- clean-up
  1451.  
  1452. local t = getAddressSafe( "Trampolines" )
  1453. local offset = 0x500
  1454. executeCodeEx( 0, nil, getAddressSafe( "RtlZeroMemory" ), t, 0x1000 - offset )
  1455. unregisterSymbol( "Trampolines" )
  1456.  
  1457. -- unregister everything; I know I could've used "unregistersymbol( * )"
  1458.  
  1459. autoAssemble([[
  1460.  
  1461. unregistersymbol( CheatManager_Class )
  1462. unregistersymbol( Inline__CheatManager )
  1463. unregistersymbol( Weapon__OnFire )
  1464. unregistersymbol( AActor__Tick_hookspot )
  1465. unregistersymbol( UEngine__GetFirstGamePlayer )
  1466. unregistersymbol( UE4CodeGen_Private__ConstructUClass )
  1467. unregistersymbol( UE4CodeGen_Private__ConstructUFunction )
  1468. unregistersymbol( UClass__CreateLinkAndAddChildFunctionsToMap )
  1469. unregistersymbol( AActor__SetActorEnableCollision )
  1470. unregistersymbol( APlayerController__PostInitializeComponents_hookspot )
  1471. unregistersymbol( FName__FName )
  1472. unregistersymbol( StaticFindObject )
  1473. unregistersymbol( StaticConstructObject_Internal )
  1474. unregistersymbol( FObjectInitializer__AssertIfInConstructor )
  1475. unregistersymbol( wszNewObject )
  1476. unregistersymbol( GetTransientPackage )
  1477. unregistersymbol( GEngine )
  1478.  
  1479. ]])
  1480. </AssemblerScript>
  1481. <CheatEntries>
  1482. <CheatEntry>
  1483. <ID>16274</ID>
  1484. <Description>"[ Engine ]"</Description>
  1485. <Options moHideChildren="1"/>
  1486. <LastState Value="" RealAddress="00000000"/>
  1487. <GroupHeader>1</GroupHeader>
  1488. <CheatEntries>
  1489. <CheatEntry>
  1490. <ID>24341</ID>
  1491. <Description>"Kill Tab in ConsoleKeys"</Description>
  1492. <LastState/>
  1493. <VariableType>Auto Assembler Script</VariableType>
  1494. <AssemblerScript Async="1">{$STRICT}
  1495.  
  1496. {$lua}
  1497.  
  1498. if syntaxcheck then return end
  1499.  
  1500. [ENABLE]
  1501.  
  1502. killTabInConsoleKeys()
  1503. return "assert(true)"
  1504.  
  1505. [DISABLE]
  1506. </AssemblerScript>
  1507. </CheatEntry>
  1508. <CheatEntry>
  1509. <ID>24342</ID>
  1510. <Description>"Change ConsoleKey"</Description>
  1511. <LastState/>
  1512. <VariableType>Auto Assembler Script</VariableType>
  1513. <AssemblerScript>{$STRICT}
  1514.  
  1515. {$lua}
  1516.  
  1517. if syntaxcheck then return end
  1518.  
  1519. [ENABLE]
  1520.  
  1521. local s = inputQuery( "Change ConsoleKey", "Key:", "Backspace" )
  1522. if string.len( s ) ~= 0x0 then changeConsoleKeyTo( s ) end
  1523. return "assert(true)"
  1524.  
  1525. [DISABLE]
  1526. </AssemblerScript>
  1527. </CheatEntry>
  1528. <CheatEntry>
  1529. <ID>16267</ID>
  1530. <Description>"Unrestrict CVars"</Description>
  1531. <LastState/>
  1532. <VariableType>Auto Assembler Script</VariableType>
  1533. <AssemblerScript Async="1">[ENABLE]
  1534.  
  1535. aobscanmodule( hkProcessUserConsoleInput, $process, 488B1048????FF5218A8010F )
  1536. registersymbol( hkProcessUserConsoleInput )
  1537. label( hkProcessUserConsoleInput_o )
  1538. registersymbol( hkProcessUserConsoleInput_o )
  1539.  
  1540. alloc( Hook, 0x1000, $process )
  1541.  
  1542. Hook:
  1543. mov byte ptr [rax+18],0
  1544. hkProcessUserConsoleInput_o:
  1545. readmem( hkProcessUserConsoleInput, 6 )
  1546. jmp hkProcessUserConsoleInput+6
  1547.  
  1548. hkProcessUserConsoleInput:
  1549. jmp Hook
  1550. db 90
  1551.  
  1552. [DISABLE]
  1553.  
  1554. hkProcessUserConsoleInput:
  1555. readmem( hkProcessUserConsoleInput_o, 6 )
  1556.  
  1557. dealloc( Hook )
  1558.  
  1559. unregistersymbol( hkProcessUserConsoleInput_o )
  1560. unregistersymbol( hkProcessUserConsoleInput )
  1561. </AssemblerScript>
  1562. </CheatEntry>
  1563. <CheatEntry>
  1564. <ID>16247</ID>
  1565. <Description>"Clear Console (works only with the Console active)"</Description>
  1566. <LastState/>
  1567. <VariableType>Auto Assembler Script</VariableType>
  1568. <AssemblerScript Async="1">{$STRICT}
  1569.  
  1570. {$lua}
  1571.  
  1572. if syntaxcheck then return end
  1573.  
  1574. [ENABLE]
  1575.  
  1576. local Console = getAddressSafe( "Console" )
  1577. if Console ~= nil then
  1578. Console = readQword( Console )
  1579. if Console ~= 0x0 then
  1580. local mf_Console = readQword( Console )
  1581. local UConsole_ClearOutput = readQword( mf_Console + 0x290 )
  1582. executeCode( UConsole_ClearOutput, Console )
  1583. end
  1584. end
  1585.  
  1586. return "assert(true)"
  1587.  
  1588. [DISABLE]
  1589. </AssemblerScript>
  1590. </CheatEntry>
  1591. </CheatEntries>
  1592. </CheatEntry>
  1593. <CheatEntry>
  1594. <ID>16303</ID>
  1595. <Description>"[ Scripts ]"</Description>
  1596. <Options moHideChildren="1"/>
  1597. <LastState Value="" RealAddress="00000000"/>
  1598. <GroupHeader>1</GroupHeader>
  1599. <CheatEntries>
  1600. <CheatEntry>
  1601. <ID>24025</ID>
  1602. <Description>"God Mode"</Description>
  1603. <LastState/>
  1604. <VariableType>Auto Assembler Script</VariableType>
  1605. <AssemblerScript Async="1">// Trampolines+30
  1606.  
  1607. [ENABLE]
  1608.  
  1609. alloc( AActor__Tick_hook, 0x1000 )
  1610. registersymbol( AActor__Tick_hook )
  1611. label( AActor__Tick_hookspot_o )
  1612. registersymbol( AActor__Tick_hookspot_o )
  1613.  
  1614. AActor__Tick_hook:
  1615. push rax
  1616. mov rax,[PlayerCharacter]
  1617. cmp rax,rbx
  1618. pop rax
  1619. jne short @f
  1620. and byte ptr [rbx+91],BF
  1621. AActor__Tick_hookspot_o:
  1622. readmem( AActor__Tick_hookspot, 7 )
  1623. jmp far AActor__Tick_hookspot+7
  1624.  
  1625. align 10 CC
  1626.  
  1627. Trampolines+30:
  1628. jmp far AActor__Tick_hook
  1629.  
  1630. align 10 CC
  1631.  
  1632. AActor__Tick_hookspot:
  1633. jmp Trampolines+30
  1634. nop 2
  1635.  
  1636. [DISABLE]
  1637.  
  1638. AActor__Tick_hookspot:
  1639. readmem( AActor__Tick_hookspot_o, 7 )
  1640.  
  1641. unregistersymbol( AActor__Tick_hookspot_o )
  1642. dealloc( AActor__Tick_hook )
  1643. unregistersymbol( AActor__Tick_hook )
  1644.  
  1645. {$lua}
  1646.  
  1647. local t = getAddressSafe( "PlayerCharacter" )
  1648. if t ~= nil then
  1649. t = readQword( t )
  1650. if t ~= 0x0 then
  1651. local u = readBytes( t + 0x91 )
  1652. u = u | 0x40
  1653. writeBytes( t + 0x91, u )
  1654. end
  1655. end
  1656. </AssemblerScript>
  1657. </CheatEntry>
  1658. <CheatEntry>
  1659. <ID>11</ID>
  1660. <Description>"Infinite Clip Ammo"</Description>
  1661. <LastState/>
  1662. <VariableType>Auto Assembler Script</VariableType>
  1663. <AssemblerScript Async="1">// Trampolines+40
  1664.  
  1665. [ENABLE]
  1666.  
  1667. alloc( Weapon__OnFire_hook, 0x1000 )
  1668. registersymbol( Weapon__OnFire_hook )
  1669. label( Weapon__OnFire_o )
  1670. registersymbol( Weapon__OnFire_o )
  1671.  
  1672. Weapon__OnFire_hook:
  1673. mov rax,[rcx+1A8] // WeaponAmmoComponent-&gt;WeaponPrivate
  1674. test rax,rax
  1675. jne short @f
  1676. mov rax,[rcx+118] // WeaponAmmoComponent-&gt;CachedWeapon
  1677. test rax,rax
  1678. je short Weapon__OnFire_o
  1679. @@:
  1680. cmp [rax+4A0],0 // Weapon-&gt;WeaponUser
  1681. je short @f
  1682. mov rax,[rax+4A8]
  1683. mov rax,[rax-928] // PlayerController
  1684. cmp rax,[PlayerController]
  1685. jne short @f
  1686. ret // no ammo processing
  1687. Weapon__OnFire_o:
  1688. readmem( Weapon__OnFire, 6 )
  1689. jmp Weapon__OnFire+6
  1690.  
  1691. align 10 CC
  1692.  
  1693. Trampolines+40:
  1694. jmp far Weapon__OnFire_hook
  1695.  
  1696. align 10 CC
  1697.  
  1698. Weapon__OnFire:
  1699. jmp Trampolines+40
  1700. nop 1
  1701.  
  1702. [DISABLE]
  1703.  
  1704. Weapon__OnFire:
  1705. readmem( Weapon__OnFire_o, 6 )
  1706.  
  1707. unregistersymbol( Weapon__OnFire_o )
  1708. dealloc( Weapon__OnFire_hook )
  1709. unregistersymbol( Weapon__OnFire_hook )
  1710. </AssemblerScript>
  1711. </CheatEntry>
  1712. <CheatEntry>
  1713. <ID>24357</ID>
  1714. <Description>"Set Weapon Properties"</Description>
  1715. <LastState/>
  1716. <VariableType>Auto Assembler Script</VariableType>
  1717. <AssemblerScript Async="1">{$STRICT}
  1718.  
  1719. {$lua}
  1720.  
  1721. if syntaxcheck then return end
  1722.  
  1723. [ENABLE]
  1724.  
  1725. -- get active weapon first (can use "Function OakGame.OakCharacter.GetActiveWeapon" as well)
  1726. t = staticFindObjectEx( "Function", "OakGame.OakCharacter", "GetWeapon" )
  1727. if t &lt; 1 then stopExec( "'GetWeapon' Function not found." ) end
  1728. t = readQword( t + 0xB0 )
  1729. if readBytes( t, 0x1 ) == 0xE9 then -- cuz of Denuvo function relocations
  1730. t = t + readInteger( t + 0x1, true ) + 0x5
  1731. end
  1732. t = t + 0x73 -- get to CALL
  1733. execGetWeapon = t + readInteger( t + 0x1, true ) + 0x5 -- now we have execGetWeapon
  1734. local PlayerCharacter = readQword( getAddressSafe( "PlayerCharacter" ) )
  1735. local Weapon = executeCodeEx( 0, nil, execGetWeapon, PlayerCharacter, 0 )
  1736. if Weapon ~= 0x0 then
  1737. --print( string.format( "Weapon:\t\t\t\t\t%X", Weapon ) )
  1738.  
  1739. -- get Sway, Recoil, FireProjectile Component Classes
  1740. WeaponRecoilComponent_Class = staticFindObjectEx( "Class", "GbxWeapon.WeaponRecoilComponent" )
  1741. if t &lt; 1 then stopExec( "'WeaponRecoilComponent' Class not found." ) end
  1742. --print( string.format( "WeaponRecoilComponent Class:\t\t%X", WeaponRecoilComponent_Class ) )
  1743. WeaponSwayComponent_Class = staticFindObjectEx( "Class", "OakGame.WeaponSwayComponent" )
  1744. if t &lt; 1 then stopExec( "'WeaponSwayComponent' Class not found." ) end
  1745. --print( string.format( "WeaponSwayComponent Class:\t\t%X", WeaponSwayComponent_Class ) )
  1746. WeaponHeatComponent_Class = staticFindObjectEx( "Class", "GbxWeapon.WeaponHeatComponent" )
  1747. if t &lt; 1 then stopExec( "'WeaponHeatComponent' Class not found." ) end
  1748. --print( string.format( "WeaponHeatComponent Class:\t\t%X", WeaponHeatComponent_Class ) )
  1749. WeaponChargeComponent_Class = staticFindObjectEx( "Class", "GbxWeapon.WeaponChargeComponent" )
  1750. if t &lt; 1 then stopExec( "'WeaponChargeComponent' Class not found." ) end
  1751. --print( string.format( "WeaponChargeComponent Class:\t\t%X", WeaponChargeComponent_Class ) )
  1752. WeaponFireProjectileComponent_Class = staticFindObjectEx( "Class", "GbxWeapon.WeaponFireProjectileComponent" )
  1753. if t &lt; 1 then stopExec( "'WeaponFireProjectileComponent' Class not found." ) end
  1754. --print( string.format( "WeaponFireProjectileComponent Class:\t\t%X", WeaponFireProjectileComponent_Class ) )
  1755.  
  1756. -- we'll use "Function GbxWeapon.Weapon.GetUseModeComponentByClass"
  1757. t = staticFindObjectEx( "Function", "GbxWeapon.Weapon", "GetUseModeComponentByClass" )
  1758. if t &lt; 1 then stopExec( "'GetUseModeComponentByClass' Function not found." ) end
  1759. t = readQword( t + 0xB0 )
  1760. if readBytes( t, 0x1 ) == 0xE9 then -- cuz of Denuvo function relocations
  1761. t = t + readInteger( t + 0x1, true ) + 0x5
  1762. end
  1763. t = t + 0xB6
  1764. local u = readInteger( t + 0x2 )
  1765. local Weapon_mf = readQword( Weapon )
  1766. local execGetUseModeComponentByClass = readQword( Weapon_mf + u )
  1767.  
  1768. -- get the current weapon's 3 components above by their Classes
  1769. -- how many max. modes are there, 3?
  1770. for i = 0, 2 do
  1771. -- RECOIL
  1772. WeaponRecoilComponent = executeCodeEx( 0, nil, execGetUseModeComponentByClass, Weapon, WeaponRecoilComponent_Class, i )
  1773. -- disable recoil for all weapon modes by 0-ing out the # of Samples (array size = 0)
  1774. if WeaponRecoilComponent ~= 0x0 then
  1775. RecoilPatternData = readQword( WeaponRecoilComponent + 0x1A0 )
  1776. --print( string.format( "RecoilPatternData_Mode0%X:\t\t\t%X", i, RecoilPatternData ) )
  1777. Samples = readQword( RecoilPatternData + 0x30 )
  1778. --print( string.format( "Samples_Mode0%X:\t\t\t\t%X", i, Samples ) )
  1779. NumSamples = RecoilPatternData + 0x38
  1780. --print( string.format( "NumSamples_Mode0%X:\t\t\t%X", i, readInteger( NumSamples ) ) )
  1781. writeInteger( NumSamples, 0 )
  1782. end
  1783. --print( string.format( "WeaponRecoilComponent_Mode0%X:\t\t%X", i, WeaponRecoilComponent ) )
  1784. -- SWAY
  1785. -- disable sway for all weapon modes by 0-ing out the # of Samples (array size = 0)
  1786. WeaponSwayComponent = executeCodeEx( 0, nil, execGetUseModeComponentByClass, Weapon, WeaponSwayComponent_Class, i )
  1787. if WeaponSwayComponent ~= 0x0 then
  1788. SwayPatternData = readQword( WeaponSwayComponent + 0x188 )
  1789. --print( string.format( "SwayPatternData_Mode0%X:\t\t\t%X", i, SwayPatternData ) )
  1790. Samples = readQword( SwayPatternData + 0x30 )
  1791. --print( string.format( "Samples_Mode0%X:\t\t\t\t%X", i, Samples ) )
  1792. NumSamples = SwayPatternData + 0x38
  1793. --print( string.format( "NumSamples_Mode0%X:\t\t\t%X", i, readInteger( NumSamples ) ) )
  1794. writeInteger( NumSamples, 0 )
  1795. end
  1796. --print( string.format( "WeaponSwayComponent_Mode0%X:\t\t%X", i, WeaponSwayComponent ) )
  1797. -- HEAT
  1798. -- kill overheating on firing (weapon still overheats, but you can fire it while overheated; won't reload)
  1799. WeaponHeatComponent = executeCodeEx( 0, nil, execGetUseModeComponentByClass, Weapon, WeaponHeatComponent_Class, i )
  1800. if WeaponHeatComponent ~= 0x0 then
  1801. bCanOverheat = WeaponHeatComponent + 0x1B9
  1802. t = readBytes( bCanOverheat )
  1803. t = t &amp; 0xF7 -- false = and(not(true_val))
  1804. writeBytes( bCanOverheat, t )
  1805. end
  1806. -- CHARGE
  1807. WeaponChargeComponent = executeCodeEx( 0, nil, execGetUseModeComponentByClass, Weapon, WeaponChargeComponent_Class, i )
  1808. if WeaponChargeComponent ~= 0x0 then
  1809. ChargeTime = WeaponChargeComponent + 0x198
  1810. writeFloat( ChargeTime + 0x4, 0.0 ) -- instant charge
  1811. writeFloat( ChargeTime + 0x8, 0.0 ) -- instant charge
  1812. DischargeTime = WeaponChargeComponent + 0x1A4
  1813. writeFloat( DischargeTime + 0x4, 3600.0 ) -- 1h
  1814. writeFloat( DischargeTime + 0x8, 3600.0 ) -- 1h
  1815. end
  1816. -- PROJECTILE
  1817. WeaponFireProjectileComponent = executeCodeEx( 0, nil, execGetUseModeComponentByClass, Weapon, WeaponFireProjectileComponent_Class, i )
  1818. --print( string.format( "WeaponFireProjectileComponent_Mode0%X:\t%X", i, WeaponFireProjectileComponent ) )
  1819. -- adjust several parameters in here
  1820. if WeaponFireProjectileComponent ~= 0x0 then
  1821. FireRate = WeaponFireProjectileComponent + 0x218
  1822. writeFloat( FireRate + 0x4, 20.0 )
  1823. writeFloat( FireRate + 0x8, 20.0 )
  1824. BurstFireDelay = WeaponFireProjectileComponent + 0x230
  1825. writeFloat( BurstFireDelay + 0x4, 0.0 )
  1826. writeFloat( BurstFireDelay + 0x8, 0.0 )
  1827. bAutoBurst = WeaponFireProjectileComponent + 0x23C
  1828. writeBytes( bAutoBurst, 0x1 )
  1829. ShotAmmoCost = WeaponFireProjectileComponent + 0x2E0
  1830. writeInteger( ShotAmmoCost + 0x4, 0 )
  1831. writeInteger( ShotAmmoCost + 0x8, 0 )
  1832. Spread = WeaponFireProjectileComponent + 0x2F0
  1833. writeFloat( Spread + 0x4, 0.0 )
  1834. writeFloat( Spread + 0x8, 0.0 )
  1835. AccuracyImpulse = WeaponFireProjectileComponent + 0x2FC
  1836. writeFloat( AccuracyImpulse + 0x4, 0.0 )
  1837. writeFloat( AccuracyImpulse + 0x8, 0.0 )
  1838. BurstAccuracyImpulseScale = WeaponFireProjectileComponent + 0x308
  1839. writeFloat( BurstAccuracyImpulseScale + 0x4, 0.0 )
  1840. writeFloat( BurstAccuracyImpulseScale + 0x8, 0.0 )
  1841. ProjectileSpeedScale = WeaponFireProjectileComponent + 0x90C
  1842. writeFloat( ProjectileSpeedScale + 0x4, 200.0 )
  1843. writeFloat( ProjectileSpeedScale + 0x8, 200.0 )
  1844. -- might wanna remove the below if too instant-kill-y
  1845. Damage = WeaponFireProjectileComponent + 0x318
  1846. local newDamage = readFloat( Damage + 0x4 ) * 4.0
  1847. writeFloat( Damage + 0x4, newDamage )
  1848. writeFloat( Damage + 0x8, newDamage )
  1849. end
  1850. end
  1851. end
  1852. return "assert(true)"
  1853.  
  1854. [DISABLE]
  1855.  
  1856.  
  1857. </AssemblerScript>
  1858. <Hotkeys>
  1859. <Hotkey>
  1860. <Action>Toggle Activation</Action>
  1861. <Keys>
  1862. <Key>103</Key>
  1863. </Keys>
  1864. <ID>0</ID>
  1865. </Hotkey>
  1866. </Hotkeys>
  1867. </CheatEntry>
  1868. </CheatEntries>
  1869. </CheatEntry>
  1870. <CheatEntry>
  1871. <ID>24109</ID>
  1872. <Description>"[ SpawnAwesomeItems ]"</Description>
  1873. <Options moHideChildren="1"/>
  1874. <LastState Value="" RealAddress="00000000"/>
  1875. <Color>0080FF</Color>
  1876. <GroupHeader>1</GroupHeader>
  1877. <CheatEntries>
  1878. <CheatEntry>
  1879. <ID>24106</ID>
  1880. <Description>"Set All ItemPools To .."</Description>
  1881. <LastState/>
  1882. <Color>808000</Color>
  1883. <VariableType>Auto Assembler Script</VariableType>
  1884. <AssemblerScript>{$STRICT}
  1885.  
  1886. {$lua}
  1887.  
  1888. if syntaxcheck then return end
  1889.  
  1890. [ENABLE]
  1891.  
  1892. local UFunction = readQword( getAddressSafe( "UFunction_SpawnAwesomeItems" ) )
  1893. local UScript = readQword( UFunction + 0x48 )
  1894.  
  1895. local addr = inputQuery( "Set All Pools To", "ItemPoolData Address:", string.format( "%X", readQword( UScript + 0x0B ) ) )
  1896. addr = tonumber( addr, 16 )
  1897.  
  1898. local offsets_arr = { 0x0B, 0x14, 0x1D, 0x26, 0x2F, 0x38, 0x41, 0x4A, 0x76, 0x7F, 0x88 }
  1899. for i = 1, #offsets_arr do
  1900. writeQword( UScript + offsets_arr[i], addr )
  1901. end
  1902.  
  1903. return "assert (true)"
  1904.  
  1905. [DISABLE]
  1906.  
  1907. --[[
  1908. default UnrealScript:
  1909. +0x0B: ItemPoolData_1_1 (ItemPool_Artifacts_05_Legendary)
  1910. +0x14: ItemPoolData_1_2 (ItemPool_ClassMods_05_Legendary)
  1911. +0x1D: ItemPoolData_1_3 (ItemPool_GrenadeMods_05_Legendary)
  1912. +0x26: ItemPoolData_1_4 (ItemPool_Shields_05_Legendary)
  1913. +0x2F: ItemPoolData_1_5 (ItemPool_Guns_Legendary)
  1914. +0x38: ItemPoolData_1_6 (ItemPool_Guns_Legendary)
  1915. +0x41: ItemPoolData_1_7 (ItemPool_Guns_Legendary)
  1916. +0x4A: ItemPoolData_1_8 (ItemPool_Guns_Legendary)
  1917. +0x76: ItemPoolData_2_1 (ItemPool_Eridium_Stack)
  1918. +0x7F: ItemPoolData_2_2 (ItemPool_Eridium)
  1919. +0x88: ItemPoolData_2_3 (ItemPool_Money_Rich)
  1920. ]]
  1921. </AssemblerScript>
  1922. </CheatEntry>
  1923. <CheatEntry>
  1924. <ID>24092</ID>
  1925. <Description>"UFunction__SpawnAwesomeItems"</Description>
  1926. <ShowAsHex>1</ShowAsHex>
  1927. <VariableType>8 Bytes</VariableType>
  1928. <Address>UFunction__SpawnAwesomeItems</Address>
  1929. <CheatEntries>
  1930. <CheatEntry>
  1931. <ID>24105</ID>
  1932. <Description>"UnrealScript"</Description>
  1933. <LastState Value="" RealAddress="00000000"/>
  1934. <GroupHeader>1</GroupHeader>
  1935. <Address>UFunction__SpawnAwesomeItems+48</Address>
  1936. <Offsets>
  1937. <Offset>0</Offset>
  1938. </Offsets>
  1939. <CheatEntries>
  1940. <CheatEntry>
  1941. <ID>24094</ID>
  1942. <Description>"ItemPoolData_1_1 (ItemPool_Guns_Legendary)"</Description>
  1943. <ShowAsHex>1</ShowAsHex>
  1944. <VariableType>8 Bytes</VariableType>
  1945. <Address>+B</Address>
  1946. </CheatEntry>
  1947. <CheatEntry>
  1948. <ID>24095</ID>
  1949. <Description>"ItemPoolData_1_2 (ItemPool_SpellMods_05_Legendary)"</Description>
  1950. <ShowAsHex>1</ShowAsHex>
  1951. <VariableType>8 Bytes</VariableType>
  1952. <Address>+14</Address>
  1953. </CheatEntry>
  1954. <CheatEntry>
  1955. <ID>24096</ID>
  1956. <Description>"ItemPoolData_1_3 (ItemPool_Melee_05_Legendary)"</Description>
  1957. <ShowAsHex>1</ShowAsHex>
  1958. <VariableType>8 Bytes</VariableType>
  1959. <Address>+1D</Address>
  1960. </CheatEntry>
  1961. <CheatEntry>
  1962. <ID>87501</ID>
  1963. <Description>"ItemPoolData_2_1 (ItemPool_Amulets_05_Legendary)"</Description>
  1964. <ShowAsHex>1</ShowAsHex>
  1965. <VariableType>8 Bytes</VariableType>
  1966. <Address>+49</Address>
  1967. </CheatEntry>
  1968. <CheatEntry>
  1969. <ID>87506</ID>
  1970. <Description>"ItemPoolData_2_2 (ItemPool_Rings_05_Legendary)"</Description>
  1971. <ShowAsHex>1</ShowAsHex>
  1972. <VariableType>8 Bytes</VariableType>
  1973. <Address>+52</Address>
  1974. </CheatEntry>
  1975. <CheatEntry>
  1976. <ID>87505</ID>
  1977. <Description>"ItemPoolData_2_3 (ItemPool_Armor_05_Legendary)"</Description>
  1978. <ShowAsHex>1</ShowAsHex>
  1979. <VariableType>8 Bytes</VariableType>
  1980. <Address>+5B</Address>
  1981. </CheatEntry>
  1982. <CheatEntry>
  1983. <ID>87500</ID>
  1984. <Description>"ItemPoolData_2_4 (ItemPool_Shields_05_Legendary)"</Description>
  1985. <ShowAsHex>1</ShowAsHex>
  1986. <VariableType>8 Bytes</VariableType>
  1987. <Address>+64</Address>
  1988. </CheatEntry>
  1989. <CheatEntry>
  1990. <ID>87499</ID>
  1991. <Description>"ItemPoolData_3_1 (ItemPool_Guns_VeryRare)"</Description>
  1992. <ShowAsHex>1</ShowAsHex>
  1993. <VariableType>8 Bytes</VariableType>
  1994. <Address>+90</Address>
  1995. </CheatEntry>
  1996. <CheatEntry>
  1997. <ID>87507</ID>
  1998. <Description>"ItemPoolData_3_2 (ItemPool_SpellMods_04_VeryRare)"</Description>
  1999. <ShowAsHex>1</ShowAsHex>
  2000. <VariableType>8 Bytes</VariableType>
  2001. <Address>+99</Address>
  2002. </CheatEntry>
  2003. <CheatEntry>
  2004. <ID>87508</ID>
  2005. <Description>"ItemPoolData_3_3 (ItemPool_Melee_04_VeryRare )"</Description>
  2006. <ShowAsHex>1</ShowAsHex>
  2007. <VariableType>8 Bytes</VariableType>
  2008. <Address>+A2</Address>
  2009. </CheatEntry>
  2010. <CheatEntry>
  2011. <ID>87498</ID>
  2012. <Description>"ItemPoolData_3_4 (ItemPool_Armor_04_VeryRare )"</Description>
  2013. <ShowAsHex>1</ShowAsHex>
  2014. <VariableType>8 Bytes</VariableType>
  2015. <Address>+AB</Address>
  2016. </CheatEntry>
  2017. <CheatEntry>
  2018. <ID>87497</ID>
  2019. <Description>"ItemPoolData_3_5 (ItemPool_Amulets_04_VeryRare)"</Description>
  2020. <ShowAsHex>1</ShowAsHex>
  2021. <VariableType>8 Bytes</VariableType>
  2022. <Address>+B4</Address>
  2023. </CheatEntry>
  2024. <CheatEntry>
  2025. <ID>87502</ID>
  2026. <Description>"ItemPoolData_3_6 (ItemPool_Shields_04_VeryRare)"</Description>
  2027. <ShowAsHex>1</ShowAsHex>
  2028. <VariableType>8 Bytes</VariableType>
  2029. <Address>+BD</Address>
  2030. </CheatEntry>
  2031. <CheatEntry>
  2032. <ID>87503</ID>
  2033. <Description>"ItemPoolData_3_7 (ItemPool_Rings_04_VeryRare)"</Description>
  2034. <ShowAsHex>1</ShowAsHex>
  2035. <VariableType>8 Bytes</VariableType>
  2036. <Address>+C6</Address>
  2037. </CheatEntry>
  2038. </CheatEntries>
  2039. </CheatEntry>
  2040. </CheatEntries>
  2041. </CheatEntry>
  2042. </CheatEntries>
  2043. </CheatEntry>
  2044. </CheatEntries>
  2045. </CheatEntry>
  2046. <CheatEntry>
  2047. <ID>3</ID>
  2048. <Description>"[ Debug ]"</Description>
  2049. <Options moHideChildren="1"/>
  2050. <LastState Value="" RealAddress="00000000"/>
  2051. <Color>8EA5F5</Color>
  2052. <GroupHeader>1</GroupHeader>
  2053. <CheatEntries>
  2054. <CheatEntry>
  2055. <ID>24118</ID>
  2056. <Description>"LocalPlayer"</Description>
  2057. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2058. <LastState Value="" RealAddress="04F10090"/>
  2059. <Color>6E6F6F</Color>
  2060. <GroupHeader>1</GroupHeader>
  2061. <Address>LocalPlayer</Address>
  2062. <CheatEntries>
  2063. <CheatEntry>
  2064. <ID>24119</ID>
  2065. <Description>"LocalPlayer"</Description>
  2066. <LastState Value="0000000000000000" RealAddress="04F10090"/>
  2067. <ShowAsHex>1</ShowAsHex>
  2068. <Color>9D9A89</Color>
  2069. <VariableType>8 Bytes</VariableType>
  2070. <Address>+0</Address>
  2071. </CheatEntry>
  2072. <CheatEntry>
  2073. <ID>24120</ID>
  2074. <Description>"[0030] PlayerController"</Description>
  2075. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2076. <LastState Value="" RealAddress="04F100C0"/>
  2077. <Color>6E6F6F</Color>
  2078. <GroupHeader>1</GroupHeader>
  2079. <Address>PlayerController</Address>
  2080. <CheatEntries>
  2081. <CheatEntry>
  2082. <ID>24121</ID>
  2083. <Description>"PlayerController"</Description>
  2084. <LastState Value="0000000000000000" RealAddress="04F100C0"/>
  2085. <ShowAsHex>1</ShowAsHex>
  2086. <Color>9D9A89</Color>
  2087. <VariableType>8 Bytes</VariableType>
  2088. <Address>+0</Address>
  2089. </CheatEntry>
  2090. <CheatEntry>
  2091. <ID>24123</ID>
  2092. <Description>"[0488] Pawn"</Description>
  2093. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2094. <LastState Value="" RealAddress="00000488"/>
  2095. <Color>6E6F6F</Color>
  2096. <GroupHeader>1</GroupHeader>
  2097. <Address>+0</Address>
  2098. <Offsets>
  2099. <Offset>488</Offset>
  2100. </Offsets>
  2101. <CheatEntries>
  2102. <CheatEntry>
  2103. <ID>24124</ID>
  2104. <Description>"Pawn"</Description>
  2105. <ShowAsHex>1</ShowAsHex>
  2106. <Color>9D9A89</Color>
  2107. <VariableType>8 Bytes</VariableType>
  2108. <Address>+0</Address>
  2109. </CheatEntry>
  2110. <CheatEntry>
  2111. <ID>24148</ID>
  2112. <Description>"[0091] bCanBeDamaged"</Description>
  2113. <ShowAsHex>1</ShowAsHex>
  2114. <VariableType>Byte</VariableType>
  2115. <Address>+0</Address>
  2116. <Offsets>
  2117. <Offset>91</Offset>
  2118. </Offsets>
  2119. </CheatEntry>
  2120. <CheatEntry>
  2121. <ID>24149</ID>
  2122. <Description>"[04C8] CharacterMovementComponent"</Description>
  2123. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2124. <LastState Value="" RealAddress="00000000"/>
  2125. <Color>6E6F6F</Color>
  2126. <GroupHeader>1</GroupHeader>
  2127. <Address>+0</Address>
  2128. <Offsets>
  2129. <Offset>4C8</Offset>
  2130. </Offsets>
  2131. <CheatEntries>
  2132. <CheatEntry>
  2133. <ID>24150</ID>
  2134. <Description>"CharacterMovementComponent"</Description>
  2135. <ShowAsHex>1</ShowAsHex>
  2136. <Color>9D9A89</Color>
  2137. <VariableType>8 Bytes</VariableType>
  2138. <Address>+0</Address>
  2139. </CheatEntry>
  2140. <CheatEntry>
  2141. <ID>24162</ID>
  2142. <Description>"[0274] MaxWalkSpeed"</Description>
  2143. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2144. <LastState Value="" RealAddress="00000000"/>
  2145. <Color>6E6F6F</Color>
  2146. <GroupHeader>1</GroupHeader>
  2147. <Address>+0</Address>
  2148. <Offsets>
  2149. <Offset>274</Offset>
  2150. </Offsets>
  2151. <CheatEntries>
  2152. <CheatEntry>
  2153. <ID>24151</ID>
  2154. <Description>"[0004] MaxWalkSpeed_Current"</Description>
  2155. <VariableType>Float</VariableType>
  2156. <Address>+4</Address>
  2157. </CheatEntry>
  2158. <CheatEntry>
  2159. <ID>24165</ID>
  2160. <Description>"[0008] MaxWalkSpeed_Default"</Description>
  2161. <VariableType>Float</VariableType>
  2162. <Address>+8</Address>
  2163. </CheatEntry>
  2164. </CheatEntries>
  2165. </CheatEntry>
  2166. <CheatEntry>
  2167. <ID>24166</ID>
  2168. <Description>"[0298] MaxFlySpeed"</Description>
  2169. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2170. <LastState Value="" RealAddress="00000000"/>
  2171. <Color>6E6F6F</Color>
  2172. <GroupHeader>1</GroupHeader>
  2173. <Address>+0</Address>
  2174. <Offsets>
  2175. <Offset>298</Offset>
  2176. </Offsets>
  2177. <CheatEntries>
  2178. <CheatEntry>
  2179. <ID>24167</ID>
  2180. <Description>"[0004] MaxFlySpeed_Current"</Description>
  2181. <VariableType>Float</VariableType>
  2182. <Address>+4</Address>
  2183. </CheatEntry>
  2184. <CheatEntry>
  2185. <ID>24168</ID>
  2186. <Description>"[0008] MaxFlySpeed_Default"</Description>
  2187. <VariableType>Float</VariableType>
  2188. <Address>+8</Address>
  2189. </CheatEntry>
  2190. </CheatEntries>
  2191. </CheatEntry>
  2192. </CheatEntries>
  2193. </CheatEntry>
  2194. <CheatEntry>
  2195. <ID>24164</ID>
  2196. <Description>"[0580] JumpMaxCount"</Description>
  2197. <VariableType>4 Bytes</VariableType>
  2198. <Address>+0</Address>
  2199. <Offsets>
  2200. <Offset>580</Offset>
  2201. </Offsets>
  2202. </CheatEntry>
  2203. <CheatEntry>
  2204. <ID>24152</ID>
  2205. <Description>"[0584] JumpCurrentCount"</Description>
  2206. <VariableType>4 Bytes</VariableType>
  2207. <Address>+0</Address>
  2208. <Offsets>
  2209. <Offset>584</Offset>
  2210. </Offsets>
  2211. </CheatEntry>
  2212. <CheatEntry>
  2213. <ID>24354</ID>
  2214. <Description>"[0698] WheeledVehicleMovementComponentNW"</Description>
  2215. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2216. <LastState Value="" RealAddress="00000000"/>
  2217. <Color>6E6F6F</Color>
  2218. <GroupHeader>1</GroupHeader>
  2219. <Address>+0</Address>
  2220. <Offsets>
  2221. <Offset>698</Offset>
  2222. </Offsets>
  2223. <CheatEntries>
  2224. <CheatEntry>
  2225. <ID>24355</ID>
  2226. <Description>"WheeledVehicleMovementComponentNW"</Description>
  2227. <ShowAsHex>1</ShowAsHex>
  2228. <Color>9D9A89</Color>
  2229. <VariableType>8 Bytes</VariableType>
  2230. <Address>+0</Address>
  2231. </CheatEntry>
  2232. <CheatEntry>
  2233. <ID>24356</ID>
  2234. <Description>"[0230] Mass"</Description>
  2235. <VariableType>Float</VariableType>
  2236. <Address>+0</Address>
  2237. <Offsets>
  2238. <Offset>230</Offset>
  2239. </Offsets>
  2240. </CheatEntry>
  2241. </CheatEntries>
  2242. </CheatEntry>
  2243. <CheatEntry>
  2244. <ID>24353</ID>
  2245. <Description>"[0738] VehicleMaxSpeed"</Description>
  2246. <VariableType>Float</VariableType>
  2247. <Address>+0</Address>
  2248. <Offsets>
  2249. <Offset>738</Offset>
  2250. </Offsets>
  2251. </CheatEntry>
  2252. <CheatEntry>
  2253. <ID>24351</ID>
  2254. <Description>"[0784] VehicleSpeed"</Description>
  2255. <VariableType>Float</VariableType>
  2256. <Address>+0</Address>
  2257. <Offsets>
  2258. <Offset>784</Offset>
  2259. </Offsets>
  2260. </CheatEntry>
  2261. <CheatEntry>
  2262. <ID>24352</ID>
  2263. <Description>"[079C] VehicleRPM"</Description>
  2264. <VariableType>Float</VariableType>
  2265. <Address>+0</Address>
  2266. <Offsets>
  2267. <Offset>79C</Offset>
  2268. </Offsets>
  2269. </CheatEntry>
  2270. <CheatEntry>
  2271. <ID>24153</ID>
  2272. <Description>"[0E88] AbilityManagerComponent "</Description>
  2273. <ShowAsHex>1</ShowAsHex>
  2274. <VariableType>8 Bytes</VariableType>
  2275. <Address>+0</Address>
  2276. <Offsets>
  2277. <Offset>E88</Offset>
  2278. </Offsets>
  2279. </CheatEntry>
  2280. <CheatEntry>
  2281. <ID>24169</ID>
  2282. <Description>"[0E70] ResourcePoolComponent"</Description>
  2283. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2284. <LastState Value="" RealAddress="00000000"/>
  2285. <Color>6E6F6F</Color>
  2286. <GroupHeader>1</GroupHeader>
  2287. <Address>+0</Address>
  2288. <Offsets>
  2289. <Offset>E70</Offset>
  2290. </Offsets>
  2291. <CheatEntries>
  2292. <CheatEntry>
  2293. <ID>24170</ID>
  2294. <Description>"ResourcePoolComponent"</Description>
  2295. <ShowAsHex>1</ShowAsHex>
  2296. <Color>9D9A89</Color>
  2297. <VariableType>8 Bytes</VariableType>
  2298. <Address>+0</Address>
  2299. </CheatEntry>
  2300. <CheatEntry>
  2301. <ID>24175</ID>
  2302. <Description>"[[0180]+1*F8+A0] CurrentHealth"</Description>
  2303. <VariableType>Float</VariableType>
  2304. <Address>+0</Address>
  2305. <Offsets>
  2306. <Offset>1*F8+A0</Offset>
  2307. <Offset>180</Offset>
  2308. </Offsets>
  2309. </CheatEntry>
  2310. <CheatEntry>
  2311. <ID>24177</ID>
  2312. <Description>"[[0180]+1*F8+AC] MaxHealth"</Description>
  2313. <VariableType>Float</VariableType>
  2314. <Address>+0</Address>
  2315. <Offsets>
  2316. <Offset>1*F8+AC</Offset>
  2317. <Offset>180</Offset>
  2318. </Offsets>
  2319. </CheatEntry>
  2320. <CheatEntry>
  2321. <ID>24174</ID>
  2322. <Description>"[[0180]+1*F8+118] MaxShield"</Description>
  2323. <VariableType>Float</VariableType>
  2324. <Address>+0</Address>
  2325. <Offsets>
  2326. <Offset>1*F8+118</Offset>
  2327. <Offset>180</Offset>
  2328. </Offsets>
  2329. </CheatEntry>
  2330. <CheatEntry>
  2331. <ID>24173</ID>
  2332. <Description>"[[0180]+1*F8+198] CurrentShield"</Description>
  2333. <VariableType>Float</VariableType>
  2334. <Address>+0</Address>
  2335. <Offsets>
  2336. <Offset>1*F8+198</Offset>
  2337. <Offset>180</Offset>
  2338. </Offsets>
  2339. </CheatEntry>
  2340. </CheatEntries>
  2341. </CheatEntry>
  2342. <CheatEntry>
  2343. <ID>24181</ID>
  2344. <Description>"[0E78] OakDamageComponent"</Description>
  2345. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2346. <LastState Value="" RealAddress="00000000"/>
  2347. <Color>6E6F6F</Color>
  2348. <GroupHeader>1</GroupHeader>
  2349. <Address>+0</Address>
  2350. <Offsets>
  2351. <Offset>E78</Offset>
  2352. </Offsets>
  2353. <CheatEntries>
  2354. <CheatEntry>
  2355. <ID>24182</ID>
  2356. <Description>"OakDamageComponent"</Description>
  2357. <ShowAsHex>1</ShowAsHex>
  2358. <Color>9D9A89</Color>
  2359. <VariableType>8 Bytes</VariableType>
  2360. <Address>+0</Address>
  2361. </CheatEntry>
  2362. <CheatEntry>
  2363. <ID>24183</ID>
  2364. <Description>"[07E8] bPassDamageToParent(1)|bDamageOnlyAppliesToParent(2)|bCanDamageCorpse(4)"</Description>
  2365. <ShowAsHex>1</ShowAsHex>
  2366. <VariableType>Byte</VariableType>
  2367. <Address>+0</Address>
  2368. <Offsets>
  2369. <Offset>7E8</Offset>
  2370. </Offsets>
  2371. </CheatEntry>
  2372. <CheatEntry>
  2373. <ID>24187</ID>
  2374. <Description>"[0820] LastHitBy"</Description>
  2375. <ShowAsHex>1</ShowAsHex>
  2376. <VariableType>8 Bytes</VariableType>
  2377. <Address>+0</Address>
  2378. <Offsets>
  2379. <Offset>820</Offset>
  2380. </Offsets>
  2381. </CheatEntry>
  2382. <CheatEntry>
  2383. <ID>24186</ID>
  2384. <Description>"[0840] bGodMode(1)|bDemigodMode(2)"</Description>
  2385. <ShowAsHex>1</ShowAsHex>
  2386. <VariableType>Byte</VariableType>
  2387. <Address>+0</Address>
  2388. <Offsets>
  2389. <Offset>840</Offset>
  2390. </Offsets>
  2391. </CheatEntry>
  2392. <CheatEntry>
  2393. <ID>24185</ID>
  2394. <Description>"[0975] bDisableElementalDeaths"</Description>
  2395. <ShowAsHex>1</ShowAsHex>
  2396. <VariableType>Byte</VariableType>
  2397. <Address>+0</Address>
  2398. <Offsets>
  2399. <Offset>975</Offset>
  2400. </Offsets>
  2401. </CheatEntry>
  2402. <CheatEntry>
  2403. <ID>24184</ID>
  2404. <Description>"[09B0] IgnoreShield"</Description>
  2405. <ShowAsHex>1</ShowAsHex>
  2406. <VariableType>Byte</VariableType>
  2407. <Address>+0</Address>
  2408. <Offsets>
  2409. <Offset>9B0</Offset>
  2410. </Offsets>
  2411. </CheatEntry>
  2412. </CheatEntries>
  2413. </CheatEntry>
  2414. <CheatEntry>
  2415. <ID>24188</ID>
  2416. <Description>"[0E98] OakCharacterInventory"</Description>
  2417. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2418. <LastState Value="" RealAddress="00000000"/>
  2419. <Color>6E6F6F</Color>
  2420. <GroupHeader>1</GroupHeader>
  2421. <Address>+0</Address>
  2422. <Offsets>
  2423. <Offset>E98</Offset>
  2424. </Offsets>
  2425. <CheatEntries>
  2426. <CheatEntry>
  2427. <ID>24189</ID>
  2428. <Description>"OakCharacterInventory"</Description>
  2429. <ShowAsHex>1</ShowAsHex>
  2430. <Color>9D9A89</Color>
  2431. <VariableType>8 Bytes</VariableType>
  2432. <Address>+0</Address>
  2433. </CheatEntry>
  2434. <CheatEntry>
  2435. <ID>24190</ID>
  2436. <Description>"[0228] ??"</Description>
  2437. <ShowAsHex>1</ShowAsHex>
  2438. <VariableType>8 Bytes</VariableType>
  2439. <Address>+0</Address>
  2440. <Offsets>
  2441. <Offset>228</Offset>
  2442. </Offsets>
  2443. <CheatEntries>
  2444. <CheatEntry>
  2445. <ID>24191</ID>
  2446. <Description>"[[+0000]+0018] Money"</Description>
  2447. <VariableType>4 Bytes</VariableType>
  2448. <Address>+0</Address>
  2449. <Offsets>
  2450. <Offset>0+18</Offset>
  2451. </Offsets>
  2452. </CheatEntry>
  2453. <CheatEntry>
  2454. <ID>24192</ID>
  2455. <Description>"[[+0040]+0018] Eridium"</Description>
  2456. <VariableType>4 Bytes</VariableType>
  2457. <Address>+0</Address>
  2458. <Offsets>
  2459. <Offset>40+18</Offset>
  2460. </Offsets>
  2461. </CheatEntry>
  2462. </CheatEntries>
  2463. </CheatEntry>
  2464. <CheatEntry>
  2465. <ID>24193</ID>
  2466. <Description>"[0230] Size"</Description>
  2467. <VariableType>4 Bytes</VariableType>
  2468. <Address>+0</Address>
  2469. <Offsets>
  2470. <Offset>230</Offset>
  2471. </Offsets>
  2472. </CheatEntry>
  2473. </CheatEntries>
  2474. </CheatEntry>
  2475. <CheatEntry>
  2476. <ID>24154</ID>
  2477. <Description>"[0E90] StatusEffectManagerComponent"</Description>
  2478. <ShowAsHex>1</ShowAsHex>
  2479. <VariableType>8 Bytes</VariableType>
  2480. <Address>+0</Address>
  2481. <Offsets>
  2482. <Offset>E90</Offset>
  2483. </Offsets>
  2484. </CheatEntry>
  2485. <CheatEntry>
  2486. <ID>24179</ID>
  2487. <Description>"[0EA0] OakCharacterBankInventory"</Description>
  2488. <ShowAsHex>1</ShowAsHex>
  2489. <VariableType>8 Bytes</VariableType>
  2490. <Address>+0</Address>
  2491. <Offsets>
  2492. <Offset>EA0</Offset>
  2493. </Offsets>
  2494. </CheatEntry>
  2495. <CheatEntry>
  2496. <ID>24155</ID>
  2497. <Description>"[10E0] FFYLComponent"</Description>
  2498. <ShowAsHex>1</ShowAsHex>
  2499. <VariableType>8 Bytes</VariableType>
  2500. <Address>+0</Address>
  2501. <Offsets>
  2502. <Offset>10E0</Offset>
  2503. </Offsets>
  2504. </CheatEntry>
  2505. <CheatEntry>
  2506. <ID>24178</ID>
  2507. <Description>"[12C8] DamageToVehicleFactor"</Description>
  2508. <VariableType>Float</VariableType>
  2509. <Address>+0</Address>
  2510. <Offsets>
  2511. <Offset>12C8</Offset>
  2512. </Offsets>
  2513. </CheatEntry>
  2514. <CheatEntry>
  2515. <ID>24194</ID>
  2516. <Description>"[[1518]+0008] CurrentWeapon"</Description>
  2517. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2518. <LastState Value="" RealAddress="00000000"/>
  2519. <Color>6E6F6F</Color>
  2520. <GroupHeader>1</GroupHeader>
  2521. <Address>+0</Address>
  2522. <Offsets>
  2523. <Offset>8</Offset>
  2524. <Offset>1518</Offset>
  2525. </Offsets>
  2526. <CheatEntries>
  2527. <CheatEntry>
  2528. <ID>24195</ID>
  2529. <Description>"CurrentWeapon"</Description>
  2530. <ShowAsHex>1</ShowAsHex>
  2531. <Color>9D9A89</Color>
  2532. <VariableType>8 Bytes</VariableType>
  2533. <Address>+0</Address>
  2534. </CheatEntry>
  2535. <CheatEntry>
  2536. <ID>24202</ID>
  2537. <Description>"[[0320]+2*8] WeaponRecoilPatternComponent"</Description>
  2538. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2539. <LastState Value="" RealAddress="00000000"/>
  2540. <Color>6E6F6F</Color>
  2541. <GroupHeader>1</GroupHeader>
  2542. <Address>+0</Address>
  2543. <Offsets>
  2544. <Offset>2*8</Offset>
  2545. <Offset>320</Offset>
  2546. </Offsets>
  2547. <CheatEntries>
  2548. <CheatEntry>
  2549. <ID>24203</ID>
  2550. <Description>"WeaponRecoilPatternComponent"</Description>
  2551. <ShowAsHex>1</ShowAsHex>
  2552. <Color>9D9A89</Color>
  2553. <VariableType>8 Bytes</VariableType>
  2554. <Address>+0</Address>
  2555. </CheatEntry>
  2556. <CheatEntry>
  2557. <ID>24206</ID>
  2558. <Description>"[01A0] RecoilPatternData"</Description>
  2559. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2560. <LastState Value="" RealAddress="00000000"/>
  2561. <Color>6E6F6F</Color>
  2562. <GroupHeader>1</GroupHeader>
  2563. <Address>+0</Address>
  2564. <Offsets>
  2565. <Offset>1A0</Offset>
  2566. </Offsets>
  2567. <CheatEntries>
  2568. <CheatEntry>
  2569. <ID>24207</ID>
  2570. <Description>"RecoilPatternData"</Description>
  2571. <ShowAsHex>1</ShowAsHex>
  2572. <Color>9D9A89</Color>
  2573. <VariableType>8 Bytes</VariableType>
  2574. <Address>+0</Address>
  2575. </CheatEntry>
  2576. <CheatEntry>
  2577. <ID>24208</ID>
  2578. <Description>"[0030] Samples"</Description>
  2579. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2580. <LastState Value="" RealAddress="00000000"/>
  2581. <Color>6E6F6F</Color>
  2582. <GroupHeader>1</GroupHeader>
  2583. <Address>+0</Address>
  2584. <Offsets>
  2585. <Offset>30</Offset>
  2586. </Offsets>
  2587. <CheatEntries>
  2588. <CheatEntry>
  2589. <ID>24209</ID>
  2590. <Description>"Samples"</Description>
  2591. <ShowAsHex>1</ShowAsHex>
  2592. <Color>9D9A89</Color>
  2593. <VariableType>8 Bytes</VariableType>
  2594. <Address>+0</Address>
  2595. </CheatEntry>
  2596. <CheatEntry>
  2597. <ID>24211</ID>
  2598. <Description>"[0000] Samples.Samples"</Description>
  2599. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2600. <LastState Value="" RealAddress="00000000"/>
  2601. <Color>6E6F6F</Color>
  2602. <GroupHeader>1</GroupHeader>
  2603. <Address>+0</Address>
  2604. <CheatEntries>
  2605. <CheatEntry>
  2606. <ID>24212</ID>
  2607. <Description>"Samples.Samples"</Description>
  2608. <ShowAsHex>1</ShowAsHex>
  2609. <Color>9D9A89</Color>
  2610. <VariableType>8 Bytes</VariableType>
  2611. <Address>+0</Address>
  2612. </CheatEntry>
  2613. <CheatEntry>
  2614. <ID>24213</ID>
  2615. <Description>"[0000] Attr1+0"</Description>
  2616. <VariableType>Float</VariableType>
  2617. <Address>+0</Address>
  2618. <Offsets>
  2619. <Offset>0</Offset>
  2620. </Offsets>
  2621. </CheatEntry>
  2622. <CheatEntry>
  2623. <ID>24217</ID>
  2624. <Description>"[0004] Attr1+4"</Description>
  2625. <VariableType>Float</VariableType>
  2626. <Address>+0</Address>
  2627. <Offsets>
  2628. <Offset>4</Offset>
  2629. </Offsets>
  2630. </CheatEntry>
  2631. <CheatEntry>
  2632. <ID>24216</ID>
  2633. <Description>"[0008] Attr2+0"</Description>
  2634. <VariableType>Float</VariableType>
  2635. <Address>+0</Address>
  2636. <Offsets>
  2637. <Offset>8</Offset>
  2638. </Offsets>
  2639. </CheatEntry>
  2640. <CheatEntry>
  2641. <ID>24215</ID>
  2642. <Description>"[000C] Attr2+4"</Description>
  2643. <VariableType>Float</VariableType>
  2644. <Address>+0</Address>
  2645. <Offsets>
  2646. <Offset>C</Offset>
  2647. </Offsets>
  2648. </CheatEntry>
  2649. <CheatEntry>
  2650. <ID>24219</ID>
  2651. <Description>"[0010] Attr3+0"</Description>
  2652. <VariableType>Float</VariableType>
  2653. <Address>+0</Address>
  2654. <Offsets>
  2655. <Offset>10</Offset>
  2656. </Offsets>
  2657. </CheatEntry>
  2658. <CheatEntry>
  2659. <ID>24220</ID>
  2660. <Description>"[0014] Attr3+4"</Description>
  2661. <VariableType>Float</VariableType>
  2662. <Address>+0</Address>
  2663. <Offsets>
  2664. <Offset>14</Offset>
  2665. </Offsets>
  2666. </CheatEntry>
  2667. <CheatEntry>
  2668. <ID>24221</ID>
  2669. <Description>"[0018] Attr4+0"</Description>
  2670. <VariableType>Float</VariableType>
  2671. <Address>+0</Address>
  2672. <Offsets>
  2673. <Offset>18</Offset>
  2674. </Offsets>
  2675. </CheatEntry>
  2676. <CheatEntry>
  2677. <ID>24222</ID>
  2678. <Description>"[001C] Attr4+4"</Description>
  2679. <VariableType>Float</VariableType>
  2680. <Address>+0</Address>
  2681. <Offsets>
  2682. <Offset>1C</Offset>
  2683. </Offsets>
  2684. </CheatEntry>
  2685. </CheatEntries>
  2686. </CheatEntry>
  2687. <CheatEntry>
  2688. <ID>24214</ID>
  2689. <Description>"[0008] NumSamples"</Description>
  2690. <VariableType>4 Bytes</VariableType>
  2691. <Address>+8</Address>
  2692. </CheatEntry>
  2693. </CheatEntries>
  2694. </CheatEntry>
  2695. </CheatEntries>
  2696. </CheatEntry>
  2697. </CheatEntries>
  2698. </CheatEntry>
  2699. <CheatEntry>
  2700. <ID>24204</ID>
  2701. <Description>"[[0320]+3*8] WeaponSwayComponent"</Description>
  2702. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2703. <LastState Value="" RealAddress="00000000"/>
  2704. <Color>6E6F6F</Color>
  2705. <GroupHeader>1</GroupHeader>
  2706. <Address>+0</Address>
  2707. <Offsets>
  2708. <Offset>4*8</Offset>
  2709. <Offset>320</Offset>
  2710. </Offsets>
  2711. <CheatEntries>
  2712. <CheatEntry>
  2713. <ID>24205</ID>
  2714. <Description>"WeaponSwayComponent"</Description>
  2715. <ShowAsHex>1</ShowAsHex>
  2716. <Color>9D9A89</Color>
  2717. <VariableType>8 Bytes</VariableType>
  2718. <Address>+0</Address>
  2719. </CheatEntry>
  2720. <CheatEntry>
  2721. <ID>24223</ID>
  2722. <Description>"[0188] SwayPatternData"</Description>
  2723. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2724. <LastState Value="" RealAddress="00000000"/>
  2725. <Color>6E6F6F</Color>
  2726. <GroupHeader>1</GroupHeader>
  2727. <Address>+0</Address>
  2728. <Offsets>
  2729. <Offset>188</Offset>
  2730. </Offsets>
  2731. <CheatEntries>
  2732. <CheatEntry>
  2733. <ID>24224</ID>
  2734. <Description>"SwayPatternData"</Description>
  2735. <ShowAsHex>1</ShowAsHex>
  2736. <Color>9D9A89</Color>
  2737. <VariableType>8 Bytes</VariableType>
  2738. <Address>+0</Address>
  2739. </CheatEntry>
  2740. <CheatEntry>
  2741. <ID>24225</ID>
  2742. <Description>"[0030] Samples"</Description>
  2743. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2744. <LastState Value="" RealAddress="00000000"/>
  2745. <Color>6E6F6F</Color>
  2746. <GroupHeader>1</GroupHeader>
  2747. <Address>+0</Address>
  2748. <Offsets>
  2749. <Offset>30</Offset>
  2750. </Offsets>
  2751. <CheatEntries>
  2752. <CheatEntry>
  2753. <ID>24226</ID>
  2754. <Description>"Samples"</Description>
  2755. <ShowAsHex>1</ShowAsHex>
  2756. <Color>9D9A89</Color>
  2757. <VariableType>8 Bytes</VariableType>
  2758. <Address>+0</Address>
  2759. </CheatEntry>
  2760. <CheatEntry>
  2761. <ID>24227</ID>
  2762. <Description>"[0000] Samples.Samples"</Description>
  2763. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  2764. <LastState Value="" RealAddress="00000000"/>
  2765. <Color>6E6F6F</Color>
  2766. <GroupHeader>1</GroupHeader>
  2767. <Address>+0</Address>
  2768. <CheatEntries>
  2769. <CheatEntry>
  2770. <ID>24228</ID>
  2771. <Description>"Samples.Samples"</Description>
  2772. <ShowAsHex>1</ShowAsHex>
  2773. <Color>9D9A89</Color>
  2774. <VariableType>8 Bytes</VariableType>
  2775. <Address>+0</Address>
  2776. </CheatEntry>
  2777. <CheatEntry>
  2778. <ID>24229</ID>
  2779. <Description>"[0000] Attr01+00"</Description>
  2780. <VariableType>Float</VariableType>
  2781. <Address>+0</Address>
  2782. <Offsets>
  2783. <Offset>0</Offset>
  2784. </Offsets>
  2785. </CheatEntry>
  2786. <CheatEntry>
  2787. <ID>24230</ID>
  2788. <Description>"[0004] Attr01+04"</Description>
  2789. <VariableType>Float</VariableType>
  2790. <Address>+0</Address>
  2791. <Offsets>
  2792. <Offset>4</Offset>
  2793. </Offsets>
  2794. </CheatEntry>
  2795. <CheatEntry>
  2796. <ID>24231</ID>
  2797. <Description>"[0008] Attr02+00"</Description>
  2798. <VariableType>Float</VariableType>
  2799. <Address>+0</Address>
  2800. <Offsets>
  2801. <Offset>8</Offset>
  2802. </Offsets>
  2803. </CheatEntry>
  2804. <CheatEntry>
  2805. <ID>24232</ID>
  2806. <Description>"[000C] Attr02+04"</Description>
  2807. <VariableType>Float</VariableType>
  2808. <Address>+0</Address>
  2809. <Offsets>
  2810. <Offset>C</Offset>
  2811. </Offsets>
  2812. </CheatEntry>
  2813. <CheatEntry>
  2814. <ID>24233</ID>
  2815. <Description>"[0010] Attr03+00"</Description>
  2816. <VariableType>Float</VariableType>
  2817. <Address>+0</Address>
  2818. <Offsets>
  2819. <Offset>10</Offset>
  2820. </Offsets>
  2821. </CheatEntry>
  2822. <CheatEntry>
  2823. <ID>24234</ID>
  2824. <Description>"[0014] Attr03+04"</Description>
  2825. <VariableType>Float</VariableType>
  2826. <Address>+0</Address>
  2827. <Offsets>
  2828. <Offset>14</Offset>
  2829. </Offsets>
  2830. </CheatEntry>
  2831. <CheatEntry>
  2832. <ID>24235</ID>
  2833. <Description>"[0018] Attr04+00"</Description>
  2834. <VariableType>Float</VariableType>
  2835. <Address>+0</Address>
  2836. <Offsets>
  2837. <Offset>18</Offset>
  2838. </Offsets>
  2839. </CheatEntry>
  2840. <CheatEntry>
  2841. <ID>24236</ID>
  2842. <Description>"[001C] Attr04+04"</Description>
  2843. <VariableType>Float</VariableType>
  2844. <Address>+0</Address>
  2845. <Offsets>
  2846. <Offset>1C</Offset>
  2847. </Offsets>
  2848. </CheatEntry>
  2849. <CheatEntry>
  2850. <ID>24239</ID>
  2851. <Description>"[0020] Attr05+00"</Description>
  2852. <VariableType>Float</VariableType>
  2853. <Address>+0</Address>
  2854. <Offsets>
  2855. <Offset>20</Offset>
  2856. </Offsets>
  2857. </CheatEntry>
  2858. <CheatEntry>
  2859. <ID>24238</ID>
  2860. <Description>"[0024] Attr05+04"</Description>
  2861. <VariableType>Float</VariableType>
  2862. <Address>+0</Address>
  2863. <Offsets>
  2864. <Offset>24</Offset>
  2865. </Offsets>
  2866. </CheatEntry>
  2867. <CheatEntry>
  2868. <ID>24240</ID>
  2869. <Description>"[0028] Attr06+00"</Description>
  2870. <VariableType>Float</VariableType>
  2871. <Address>+0</Address>
  2872. <Offsets>
  2873. <Offset>28</Offset>
  2874. </Offsets>
  2875. </CheatEntry>
  2876. <CheatEntry>
  2877. <ID>24241</ID>
  2878. <Description>"[002C] Attr06+04"</Description>
  2879. <VariableType>Float</VariableType>
  2880. <Address>+0</Address>
  2881. <Offsets>
  2882. <Offset>2C</Offset>
  2883. </Offsets>
  2884. </CheatEntry>
  2885. <CheatEntry>
  2886. <ID>24246</ID>
  2887. <Description>"[0030] Attr07+00"</Description>
  2888. <VariableType>Float</VariableType>
  2889. <Address>+0</Address>
  2890. <Offsets>
  2891. <Offset>30</Offset>
  2892. </Offsets>
  2893. </CheatEntry>
  2894. <CheatEntry>
  2895. <ID>24247</ID>
  2896. <Description>"[0034] Attr07+04"</Description>
  2897. <VariableType>Float</VariableType>
  2898. <Address>+0</Address>
  2899. <Offsets>
  2900. <Offset>34</Offset>
  2901. </Offsets>
  2902. </CheatEntry>
  2903. <CheatEntry>
  2904. <ID>24244</ID>
  2905. <Description>"[0038] Attr08+00"</Description>
  2906. <VariableType>Float</VariableType>
  2907. <Address>+0</Address>
  2908. <Offsets>
  2909. <Offset>38</Offset>
  2910. </Offsets>
  2911. </CheatEntry>
  2912. <CheatEntry>
  2913. <ID>24245</ID>
  2914. <Description>"[003C] Attr08+04"</Description>
  2915. <VariableType>Float</VariableType>
  2916. <Address>+0</Address>
  2917. <Offsets>
  2918. <Offset>3C</Offset>
  2919. </Offsets>
  2920. </CheatEntry>
  2921. <CheatEntry>
  2922. <ID>24242</ID>
  2923. <Description>"[0040] Attr09+00"</Description>
  2924. <VariableType>Float</VariableType>
  2925. <Address>+0</Address>
  2926. <Offsets>
  2927. <Offset>40</Offset>
  2928. </Offsets>
  2929. </CheatEntry>
  2930. <CheatEntry>
  2931. <ID>24243</ID>
  2932. <Description>"[0044] Attr09+04"</Description>
  2933. <VariableType>Float</VariableType>
  2934. <Address>+0</Address>
  2935. <Offsets>
  2936. <Offset>44</Offset>
  2937. </Offsets>
  2938. </CheatEntry>
  2939. <CheatEntry>
  2940. <ID>24248</ID>
  2941. <Description>"[0048] Attr10+00"</Description>
  2942. <VariableType>Float</VariableType>
  2943. <Address>+0</Address>
  2944. <Offsets>
  2945. <Offset>48</Offset>
  2946. </Offsets>
  2947. </CheatEntry>
  2948. <CheatEntry>
  2949. <ID>24249</ID>
  2950. <Description>"[004C] Attr10+04"</Description>
  2951. <VariableType>Float</VariableType>
  2952. <Address>+0</Address>
  2953. <Offsets>
  2954. <Offset>4C</Offset>
  2955. </Offsets>
  2956. </CheatEntry>
  2957. <CheatEntry>
  2958. <ID>24250</ID>
  2959. <Description>"[0050] Attr11+00"</Description>
  2960. <VariableType>Float</VariableType>
  2961. <Address>+0</Address>
  2962. <Offsets>
  2963. <Offset>50</Offset>
  2964. </Offsets>
  2965. </CheatEntry>
  2966. <CheatEntry>
  2967. <ID>24251</ID>
  2968. <Description>"[0054] Attr11+04"</Description>
  2969. <VariableType>Float</VariableType>
  2970. <Address>+0</Address>
  2971. <Offsets>
  2972. <Offset>54</Offset>
  2973. </Offsets>
  2974. </CheatEntry>
  2975. <CheatEntry>
  2976. <ID>24252</ID>
  2977. <Description>"[0058] Attr12+00"</Description>
  2978. <VariableType>Float</VariableType>
  2979. <Address>+0</Address>
  2980. <Offsets>
  2981. <Offset>58</Offset>
  2982. </Offsets>
  2983. </CheatEntry>
  2984. <CheatEntry>
  2985. <ID>24253</ID>
  2986. <Description>"[005C] Attr12+04"</Description>
  2987. <VariableType>Float</VariableType>
  2988. <Address>+0</Address>
  2989. <Offsets>
  2990. <Offset>5C</Offset>
  2991. </Offsets>
  2992. </CheatEntry>
  2993. <CheatEntry>
  2994. <ID>24254</ID>
  2995. <Description>"[0060] Attr13+00"</Description>
  2996. <VariableType>Float</VariableType>
  2997. <Address>+0</Address>
  2998. <Offsets>
  2999. <Offset>60</Offset>
  3000. </Offsets>
  3001. </CheatEntry>
  3002. <CheatEntry>
  3003. <ID>24255</ID>
  3004. <Description>"[0064] Attr13+04"</Description>
  3005. <VariableType>Float</VariableType>
  3006. <Address>+0</Address>
  3007. <Offsets>
  3008. <Offset>64</Offset>
  3009. </Offsets>
  3010. </CheatEntry>
  3011. <CheatEntry>
  3012. <ID>24256</ID>
  3013. <Description>"[0068] Attr14+00"</Description>
  3014. <VariableType>Float</VariableType>
  3015. <Address>+0</Address>
  3016. <Offsets>
  3017. <Offset>68</Offset>
  3018. </Offsets>
  3019. </CheatEntry>
  3020. <CheatEntry>
  3021. <ID>24257</ID>
  3022. <Description>"[006C] Attr14+04"</Description>
  3023. <VariableType>Float</VariableType>
  3024. <Address>+0</Address>
  3025. <Offsets>
  3026. <Offset>6C</Offset>
  3027. </Offsets>
  3028. </CheatEntry>
  3029. <CheatEntry>
  3030. <ID>24258</ID>
  3031. <Description>"[0070] Attr15+00"</Description>
  3032. <VariableType>Float</VariableType>
  3033. <Address>+0</Address>
  3034. <Offsets>
  3035. <Offset>70</Offset>
  3036. </Offsets>
  3037. </CheatEntry>
  3038. <CheatEntry>
  3039. <ID>24259</ID>
  3040. <Description>"[0074] Attr15+04"</Description>
  3041. <VariableType>Float</VariableType>
  3042. <Address>+0</Address>
  3043. <Offsets>
  3044. <Offset>74</Offset>
  3045. </Offsets>
  3046. </CheatEntry>
  3047. <CheatEntry>
  3048. <ID>24260</ID>
  3049. <Description>"[0078] Attr16+00"</Description>
  3050. <VariableType>Float</VariableType>
  3051. <Address>+0</Address>
  3052. <Offsets>
  3053. <Offset>78</Offset>
  3054. </Offsets>
  3055. </CheatEntry>
  3056. <CheatEntry>
  3057. <ID>24261</ID>
  3058. <Description>"[007C] Attr16+04"</Description>
  3059. <VariableType>Float</VariableType>
  3060. <Address>+0</Address>
  3061. <Offsets>
  3062. <Offset>7C</Offset>
  3063. </Offsets>
  3064. </CheatEntry>
  3065. <CheatEntry>
  3066. <ID>24262</ID>
  3067. <Description>"[0080] Attr17+00"</Description>
  3068. <VariableType>Float</VariableType>
  3069. <Address>+0</Address>
  3070. <Offsets>
  3071. <Offset>80</Offset>
  3072. </Offsets>
  3073. </CheatEntry>
  3074. <CheatEntry>
  3075. <ID>24263</ID>
  3076. <Description>"[0084] Attr17+04"</Description>
  3077. <VariableType>Float</VariableType>
  3078. <Address>+0</Address>
  3079. <Offsets>
  3080. <Offset>84</Offset>
  3081. </Offsets>
  3082. </CheatEntry>
  3083. <CheatEntry>
  3084. <ID>24264</ID>
  3085. <Description>"[0088] Attr18+00"</Description>
  3086. <VariableType>Float</VariableType>
  3087. <Address>+0</Address>
  3088. <Offsets>
  3089. <Offset>88</Offset>
  3090. </Offsets>
  3091. </CheatEntry>
  3092. <CheatEntry>
  3093. <ID>24265</ID>
  3094. <Description>"[008C] Attr18+04"</Description>
  3095. <VariableType>Float</VariableType>
  3096. <Address>+0</Address>
  3097. <Offsets>
  3098. <Offset>8C</Offset>
  3099. </Offsets>
  3100. </CheatEntry>
  3101. <CheatEntry>
  3102. <ID>24266</ID>
  3103. <Description>"[0090] Attr19+00"</Description>
  3104. <VariableType>Float</VariableType>
  3105. <Address>+0</Address>
  3106. <Offsets>
  3107. <Offset>90</Offset>
  3108. </Offsets>
  3109. </CheatEntry>
  3110. <CheatEntry>
  3111. <ID>24267</ID>
  3112. <Description>"[0094] Attr19+04"</Description>
  3113. <VariableType>Float</VariableType>
  3114. <Address>+0</Address>
  3115. <Offsets>
  3116. <Offset>94</Offset>
  3117. </Offsets>
  3118. </CheatEntry>
  3119. <CheatEntry>
  3120. <ID>24268</ID>
  3121. <Description>"[0098] Attr20+00"</Description>
  3122. <VariableType>Float</VariableType>
  3123. <Address>+0</Address>
  3124. <Offsets>
  3125. <Offset>98</Offset>
  3126. </Offsets>
  3127. </CheatEntry>
  3128. <CheatEntry>
  3129. <ID>24269</ID>
  3130. <Description>"[009C] Attr20+04"</Description>
  3131. <VariableType>Float</VariableType>
  3132. <Address>+0</Address>
  3133. <Offsets>
  3134. <Offset>9C</Offset>
  3135. </Offsets>
  3136. </CheatEntry>
  3137. </CheatEntries>
  3138. </CheatEntry>
  3139. <CheatEntry>
  3140. <ID>24237</ID>
  3141. <Description>"[0008] NumSamples"</Description>
  3142. <VariableType>4 Bytes</VariableType>
  3143. <Address>+8</Address>
  3144. </CheatEntry>
  3145. </CheatEntries>
  3146. </CheatEntry>
  3147. </CheatEntries>
  3148. </CheatEntry>
  3149. <CheatEntry>
  3150. <ID>24270</ID>
  3151. <Description>"[01A8] Speed"</Description>
  3152. <VariableType>Float</VariableType>
  3153. <Address>+0</Address>
  3154. <Offsets>
  3155. <Offset>1A8</Offset>
  3156. </Offsets>
  3157. </CheatEntry>
  3158. <CheatEntry>
  3159. <ID>24271</ID>
  3160. <Description>"[01D4] ZoomSmoothingSpeed"</Description>
  3161. <VariableType>Float</VariableType>
  3162. <Address>+0</Address>
  3163. <Offsets>
  3164. <Offset>1D4</Offset>
  3165. </Offsets>
  3166. </CheatEntry>
  3167. <CheatEntry>
  3168. <ID>24272</ID>
  3169. <Description>"[01D8] ZoomSmoothInTime_OnZoom"</Description>
  3170. <VariableType>Float</VariableType>
  3171. <Address>+0</Address>
  3172. <Offsets>
  3173. <Offset>1D8</Offset>
  3174. </Offsets>
  3175. </CheatEntry>
  3176. <CheatEntry>
  3177. <ID>24273</ID>
  3178. <Description>"[01DC] ZoomSmoothInTime_OnZoom"</Description>
  3179. <VariableType>Float</VariableType>
  3180. <Address>+0</Address>
  3181. <Offsets>
  3182. <Offset>1DC</Offset>
  3183. </Offsets>
  3184. </CheatEntry>
  3185. </CheatEntries>
  3186. </CheatEntry>
  3187. <CheatEntry>
  3188. <ID>24200</ID>
  3189. <Description>"[0470] WeaponFireProjectileComponent"</Description>
  3190. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3191. <LastState Value="" RealAddress="00000000"/>
  3192. <Color>6E6F6F</Color>
  3193. <GroupHeader>1</GroupHeader>
  3194. <Address>+0</Address>
  3195. <Offsets>
  3196. <Offset>470</Offset>
  3197. </Offsets>
  3198. <CheatEntries>
  3199. <CheatEntry>
  3200. <ID>24201</ID>
  3201. <Description>"WeaponFireProjectileComponent"</Description>
  3202. <ShowAsHex>1</ShowAsHex>
  3203. <Color>9D9A89</Color>
  3204. <VariableType>8 Bytes</VariableType>
  3205. <Address>+0</Address>
  3206. </CheatEntry>
  3207. <CheatEntry>
  3208. <ID>24281</ID>
  3209. <Description>"[0200] WeaponChargeComponent"</Description>
  3210. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3211. <LastState Value="" RealAddress="00000000"/>
  3212. <Color>6E6F6F</Color>
  3213. <GroupHeader>1</GroupHeader>
  3214. <Address>+0</Address>
  3215. <Offsets>
  3216. <Offset>200</Offset>
  3217. </Offsets>
  3218. <CheatEntries>
  3219. <CheatEntry>
  3220. <ID>24282</ID>
  3221. <Description>"WeaponChargeComponent"</Description>
  3222. <ShowAsHex>1</ShowAsHex>
  3223. <Color>9D9A89</Color>
  3224. <VariableType>8 Bytes</VariableType>
  3225. <Address>+0</Address>
  3226. </CheatEntry>
  3227. <CheatEntry>
  3228. <ID>24284</ID>
  3229. <Description>"[0198] ChargeTime"</Description>
  3230. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3231. <LastState Value="" RealAddress="00000000"/>
  3232. <Color>6E6F6F</Color>
  3233. <GroupHeader>1</GroupHeader>
  3234. <Address>+0</Address>
  3235. <Offsets>
  3236. <Offset>198</Offset>
  3237. </Offsets>
  3238. <CheatEntries>
  3239. <CheatEntry>
  3240. <ID>24285</ID>
  3241. <Description>"[0004] ChargeTime_Current"</Description>
  3242. <VariableType>Float</VariableType>
  3243. <Address>+4</Address>
  3244. </CheatEntry>
  3245. <CheatEntry>
  3246. <ID>24286</ID>
  3247. <Description>"[0008] ChargeTime_Default"</Description>
  3248. <VariableType>Float</VariableType>
  3249. <Address>+8</Address>
  3250. </CheatEntry>
  3251. </CheatEntries>
  3252. </CheatEntry>
  3253. <CheatEntry>
  3254. <ID>24287</ID>
  3255. <Description>"[01A4] DischargeTime"</Description>
  3256. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3257. <LastState Value="" RealAddress="00000000"/>
  3258. <Color>6E6F6F</Color>
  3259. <GroupHeader>1</GroupHeader>
  3260. <Address>+0</Address>
  3261. <Offsets>
  3262. <Offset>1A4</Offset>
  3263. </Offsets>
  3264. <CheatEntries>
  3265. <CheatEntry>
  3266. <ID>24288</ID>
  3267. <Description>"[0004] DischargeTime_Current"</Description>
  3268. <VariableType>Float</VariableType>
  3269. <Address>+4</Address>
  3270. </CheatEntry>
  3271. <CheatEntry>
  3272. <ID>24289</ID>
  3273. <Description>"[0008] DischargeTime_Default"</Description>
  3274. <VariableType>Float</VariableType>
  3275. <Address>+8</Address>
  3276. </CheatEntry>
  3277. </CheatEntries>
  3278. </CheatEntry>
  3279. <CheatEntry>
  3280. <ID>24290</ID>
  3281. <Description>"[01C4] OverchargeHoldTime"</Description>
  3282. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3283. <LastState Value="" RealAddress="00000000"/>
  3284. <Color>6E6F6F</Color>
  3285. <GroupHeader>1</GroupHeader>
  3286. <Address>+0</Address>
  3287. <Offsets>
  3288. <Offset>1C4</Offset>
  3289. </Offsets>
  3290. <CheatEntries>
  3291. <CheatEntry>
  3292. <ID>24291</ID>
  3293. <Description>"[0004] OverchargeHoldTime_Current"</Description>
  3294. <VariableType>4 Bytes</VariableType>
  3295. <Address>+4</Address>
  3296. </CheatEntry>
  3297. <CheatEntry>
  3298. <ID>24292</ID>
  3299. <Description>"[0008] OverchargeHoldTime_Default"</Description>
  3300. <VariableType>4 Bytes</VariableType>
  3301. <Address>+8</Address>
  3302. </CheatEntry>
  3303. </CheatEntries>
  3304. </CheatEntry>
  3305. <CheatEntry>
  3306. <ID>24274</ID>
  3307. <Description>"[01D0] bChargeBeforeEachUse"</Description>
  3308. <ShowAsHex>1</ShowAsHex>
  3309. <VariableType>Byte</VariableType>
  3310. <Address>+0</Address>
  3311. <Offsets>
  3312. <Offset>1D0</Offset>
  3313. </Offsets>
  3314. </CheatEntry>
  3315. </CheatEntries>
  3316. </CheatEntry>
  3317. <CheatEntry>
  3318. <ID>24293</ID>
  3319. <Description>"[0218] FireRate"</Description>
  3320. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3321. <LastState Value="" RealAddress="00000000"/>
  3322. <Color>6E6F6F</Color>
  3323. <GroupHeader>1</GroupHeader>
  3324. <Address>+0</Address>
  3325. <Offsets>
  3326. <Offset>218</Offset>
  3327. </Offsets>
  3328. <CheatEntries>
  3329. <CheatEntry>
  3330. <ID>24294</ID>
  3331. <Description>"[0004] FireRate_Current"</Description>
  3332. <VariableType>Float</VariableType>
  3333. <Address>+4</Address>
  3334. </CheatEntry>
  3335. <CheatEntry>
  3336. <ID>24295</ID>
  3337. <Description>"[0008] FireRate_Default"</Description>
  3338. <VariableType>Float</VariableType>
  3339. <Address>+8</Address>
  3340. </CheatEntry>
  3341. </CheatEntries>
  3342. </CheatEntry>
  3343. <CheatEntry>
  3344. <ID>24296</ID>
  3345. <Description>"[0224] AutomaticBurstCount"</Description>
  3346. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3347. <LastState Value="" RealAddress="00000000"/>
  3348. <Color>6E6F6F</Color>
  3349. <GroupHeader>1</GroupHeader>
  3350. <Address>+0</Address>
  3351. <Offsets>
  3352. <Offset>224</Offset>
  3353. </Offsets>
  3354. <CheatEntries>
  3355. <CheatEntry>
  3356. <ID>24297</ID>
  3357. <Description>"[0004] AutomaticBurstCount_Current"</Description>
  3358. <VariableType>4 Bytes</VariableType>
  3359. <Address>+4</Address>
  3360. </CheatEntry>
  3361. <CheatEntry>
  3362. <ID>24298</ID>
  3363. <Description>"[0008] AutomaticBurstCount_Default"</Description>
  3364. <VariableType>4 Bytes</VariableType>
  3365. <Address>+8</Address>
  3366. </CheatEntry>
  3367. </CheatEntries>
  3368. </CheatEntry>
  3369. <CheatEntry>
  3370. <ID>24299</ID>
  3371. <Description>"[0230] BurstFireDelay"</Description>
  3372. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3373. <LastState Value="" RealAddress="00000000"/>
  3374. <Color>6E6F6F</Color>
  3375. <GroupHeader>1</GroupHeader>
  3376. <Address>+0</Address>
  3377. <Offsets>
  3378. <Offset>230</Offset>
  3379. </Offsets>
  3380. <CheatEntries>
  3381. <CheatEntry>
  3382. <ID>24300</ID>
  3383. <Description>"[0004] BurstFireDelay_Current"</Description>
  3384. <VariableType>Float</VariableType>
  3385. <Address>+4</Address>
  3386. </CheatEntry>
  3387. <CheatEntry>
  3388. <ID>24301</ID>
  3389. <Description>"[0008] BurstFireDelay_Default"</Description>
  3390. <VariableType>Float</VariableType>
  3391. <Address>+8</Address>
  3392. </CheatEntry>
  3393. </CheatEntries>
  3394. </CheatEntry>
  3395. <CheatEntry>
  3396. <ID>24283</ID>
  3397. <Description>"[023C] bAutoBurst"</Description>
  3398. <VariableType>Byte</VariableType>
  3399. <Address>+0</Address>
  3400. <Offsets>
  3401. <Offset>23C</Offset>
  3402. </Offsets>
  3403. </CheatEntry>
  3404. <CheatEntry>
  3405. <ID>24280</ID>
  3406. <Description>"[025C] MinFireRateScale"</Description>
  3407. <VariableType>Float</VariableType>
  3408. <Address>+0</Address>
  3409. <Offsets>
  3410. <Offset>25C</Offset>
  3411. </Offsets>
  3412. </CheatEntry>
  3413. <CheatEntry>
  3414. <ID>24302</ID>
  3415. <Description>"[0260] FireRateAccelDuration"</Description>
  3416. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3417. <LastState Value="" RealAddress="00000000"/>
  3418. <Color>6E6F6F</Color>
  3419. <GroupHeader>1</GroupHeader>
  3420. <Address>+0</Address>
  3421. <Offsets>
  3422. <Offset>260</Offset>
  3423. </Offsets>
  3424. <CheatEntries>
  3425. <CheatEntry>
  3426. <ID>24303</ID>
  3427. <Description>"[0004] FireRateAccelDuration_Current"</Description>
  3428. <VariableType>Float</VariableType>
  3429. <Address>+4</Address>
  3430. </CheatEntry>
  3431. <CheatEntry>
  3432. <ID>24304</ID>
  3433. <Description>"[0008] FireRateAccelDuration_Default"</Description>
  3434. <VariableType>Float</VariableType>
  3435. <Address>+8</Address>
  3436. </CheatEntry>
  3437. </CheatEntries>
  3438. </CheatEntry>
  3439. <CheatEntry>
  3440. <ID>24305</ID>
  3441. <Description>"[026C] FireRateDecelDuration"</Description>
  3442. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3443. <LastState Value="" RealAddress="00000000"/>
  3444. <Color>6E6F6F</Color>
  3445. <GroupHeader>1</GroupHeader>
  3446. <Address>+0</Address>
  3447. <Offsets>
  3448. <Offset>26C</Offset>
  3449. </Offsets>
  3450. <CheatEntries>
  3451. <CheatEntry>
  3452. <ID>24306</ID>
  3453. <Description>"[0004] FireRateDecelDuration_Current"</Description>
  3454. <VariableType>Float</VariableType>
  3455. <Address>+4</Address>
  3456. </CheatEntry>
  3457. <CheatEntry>
  3458. <ID>24307</ID>
  3459. <Description>"[0008] FireRateDecelDuration_Default"</Description>
  3460. <VariableType>Float</VariableType>
  3461. <Address>+8</Address>
  3462. </CheatEntry>
  3463. </CheatEntries>
  3464. </CheatEntry>
  3465. <CheatEntry>
  3466. <ID>24279</ID>
  3467. <Description>"[02C8] FireSequenceLength"</Description>
  3468. <VariableType>4 Bytes</VariableType>
  3469. <Address>+0</Address>
  3470. <Offsets>
  3471. <Offset>2C8</Offset>
  3472. </Offsets>
  3473. </CheatEntry>
  3474. <CheatEntry>
  3475. <ID>24308</ID>
  3476. <Description>"[02E0] ShotAmmoCost"</Description>
  3477. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3478. <LastState Value="" RealAddress="00000000"/>
  3479. <Color>6E6F6F</Color>
  3480. <GroupHeader>1</GroupHeader>
  3481. <Address>+0</Address>
  3482. <Offsets>
  3483. <Offset>2E0</Offset>
  3484. </Offsets>
  3485. <CheatEntries>
  3486. <CheatEntry>
  3487. <ID>24309</ID>
  3488. <Description>"[0004] ShotAmmoCost_Current"</Description>
  3489. <VariableType>4 Bytes</VariableType>
  3490. <Address>+4</Address>
  3491. </CheatEntry>
  3492. <CheatEntry>
  3493. <ID>24310</ID>
  3494. <Description>"[0008] ShotAmmoCost_Default"</Description>
  3495. <VariableType>4 Bytes</VariableType>
  3496. <Address>+8</Address>
  3497. </CheatEntry>
  3498. </CheatEntries>
  3499. </CheatEntry>
  3500. <CheatEntry>
  3501. <ID>24278</ID>
  3502. <Description>"[02EC] MinShotAmmoCost"</Description>
  3503. <VariableType>4 Bytes</VariableType>
  3504. <Address>+0</Address>
  3505. <Offsets>
  3506. <Offset>2EC</Offset>
  3507. </Offsets>
  3508. </CheatEntry>
  3509. <CheatEntry>
  3510. <ID>24311</ID>
  3511. <Description>"[02F0] Spread (Accuracy)"</Description>
  3512. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3513. <LastState Value="" RealAddress="00000000"/>
  3514. <Color>6E6F6F</Color>
  3515. <GroupHeader>1</GroupHeader>
  3516. <Address>+0</Address>
  3517. <Offsets>
  3518. <Offset>2F0</Offset>
  3519. </Offsets>
  3520. <CheatEntries>
  3521. <CheatEntry>
  3522. <ID>24312</ID>
  3523. <Description>"[0004] AutomaticBurstCount_Current"</Description>
  3524. <VariableType>Float</VariableType>
  3525. <Address>+4</Address>
  3526. </CheatEntry>
  3527. <CheatEntry>
  3528. <ID>24313</ID>
  3529. <Description>"[0008] AutomaticBurstCount_Default"</Description>
  3530. <VariableType>Float</VariableType>
  3531. <Address>+8</Address>
  3532. </CheatEntry>
  3533. </CheatEntries>
  3534. </CheatEntry>
  3535. <CheatEntry>
  3536. <ID>24314</ID>
  3537. <Description>"[02FC] AccuracyImpulse (Handling)"</Description>
  3538. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3539. <LastState Value="" RealAddress="00000000"/>
  3540. <Color>6E6F6F</Color>
  3541. <GroupHeader>1</GroupHeader>
  3542. <Address>+0</Address>
  3543. <Offsets>
  3544. <Offset>2FC</Offset>
  3545. </Offsets>
  3546. <CheatEntries>
  3547. <CheatEntry>
  3548. <ID>24315</ID>
  3549. <Description>"[0004] AccuracyImpulse_Current"</Description>
  3550. <VariableType>Float</VariableType>
  3551. <Address>+4</Address>
  3552. </CheatEntry>
  3553. <CheatEntry>
  3554. <ID>24316</ID>
  3555. <Description>"[0008] AccuracyImpulse_Default"</Description>
  3556. <VariableType>Float</VariableType>
  3557. <Address>+8</Address>
  3558. </CheatEntry>
  3559. </CheatEntries>
  3560. </CheatEntry>
  3561. <CheatEntry>
  3562. <ID>24317</ID>
  3563. <Description>"[0308] BurstAccuracyImpulseScale (Handling)"</Description>
  3564. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3565. <LastState Value="" RealAddress="00000000"/>
  3566. <Color>6E6F6F</Color>
  3567. <GroupHeader>1</GroupHeader>
  3568. <Address>+0</Address>
  3569. <Offsets>
  3570. <Offset>308</Offset>
  3571. </Offsets>
  3572. <CheatEntries>
  3573. <CheatEntry>
  3574. <ID>24318</ID>
  3575. <Description>"[0004] BurstAccuracyImpulseScale_Current"</Description>
  3576. <VariableType>Float</VariableType>
  3577. <Address>+4</Address>
  3578. </CheatEntry>
  3579. <CheatEntry>
  3580. <ID>24319</ID>
  3581. <Description>"[0008] BurstAccuracyImpulseScale_Default"</Description>
  3582. <VariableType>Float</VariableType>
  3583. <Address>+8</Address>
  3584. </CheatEntry>
  3585. </CheatEntries>
  3586. </CheatEntry>
  3587. <CheatEntry>
  3588. <ID>24320</ID>
  3589. <Description>"[0318] Damage"</Description>
  3590. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3591. <LastState Value="" RealAddress="00000000"/>
  3592. <Color>6E6F6F</Color>
  3593. <GroupHeader>1</GroupHeader>
  3594. <Address>+0</Address>
  3595. <Offsets>
  3596. <Offset>318</Offset>
  3597. </Offsets>
  3598. <CheatEntries>
  3599. <CheatEntry>
  3600. <ID>24321</ID>
  3601. <Description>"[0004] Damage_Current"</Description>
  3602. <VariableType>Float</VariableType>
  3603. <Address>+4</Address>
  3604. </CheatEntry>
  3605. <CheatEntry>
  3606. <ID>24322</ID>
  3607. <Description>"[0008] Damage_Default"</Description>
  3608. <VariableType>Float</VariableType>
  3609. <Address>+8</Address>
  3610. </CheatEntry>
  3611. </CheatEntries>
  3612. </CheatEntry>
  3613. <CheatEntry>
  3614. <ID>24323</ID>
  3615. <Description>"[0368] DamageRadius"</Description>
  3616. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3617. <LastState Value="" RealAddress="00000000"/>
  3618. <Color>6E6F6F</Color>
  3619. <GroupHeader>1</GroupHeader>
  3620. <Address>+0</Address>
  3621. <Offsets>
  3622. <Offset>368</Offset>
  3623. </Offsets>
  3624. <CheatEntries>
  3625. <CheatEntry>
  3626. <ID>24324</ID>
  3627. <Description>"[0004] DamageRadius_Current"</Description>
  3628. <VariableType>Float</VariableType>
  3629. <Address>+4</Address>
  3630. </CheatEntry>
  3631. <CheatEntry>
  3632. <ID>24325</ID>
  3633. <Description>"[0008] DamageRadius_Default"</Description>
  3634. <VariableType>Float</VariableType>
  3635. <Address>+8</Address>
  3636. </CheatEntry>
  3637. </CheatEntries>
  3638. </CheatEntry>
  3639. <CheatEntry>
  3640. <ID>24326</ID>
  3641. <Description>"[03B8] ImpactForce"</Description>
  3642. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3643. <LastState Value="" RealAddress="00000000"/>
  3644. <Color>6E6F6F</Color>
  3645. <GroupHeader>1</GroupHeader>
  3646. <Address>+0</Address>
  3647. <Offsets>
  3648. <Offset>3B8</Offset>
  3649. </Offsets>
  3650. <CheatEntries>
  3651. <CheatEntry>
  3652. <ID>24327</ID>
  3653. <Description>"[0004] ImpactForce_Current"</Description>
  3654. <VariableType>Float</VariableType>
  3655. <Address>+4</Address>
  3656. </CheatEntry>
  3657. <CheatEntry>
  3658. <ID>24328</ID>
  3659. <Description>"[0008] ImpactForce_Default"</Description>
  3660. <VariableType>Float</VariableType>
  3661. <Address>+8</Address>
  3662. </CheatEntry>
  3663. </CheatEntries>
  3664. </CheatEntry>
  3665. <CheatEntry>
  3666. <ID>24277</ID>
  3667. <Description>"[04E8] CurrentBurstShotCount"</Description>
  3668. <VariableType>4 Bytes</VariableType>
  3669. <Address>+0</Address>
  3670. <Offsets>
  3671. <Offset>4E8</Offset>
  3672. </Offsets>
  3673. </CheatEntry>
  3674. <CheatEntry>
  3675. <ID>24276</ID>
  3676. <Description>"[0520] FireRatePercent"</Description>
  3677. <VariableType>Float</VariableType>
  3678. <Address>+0</Address>
  3679. <Offsets>
  3680. <Offset>520</Offset>
  3681. </Offsets>
  3682. </CheatEntry>
  3683. <CheatEntry>
  3684. <ID>24275</ID>
  3685. <Description>"[054C] DamageAmount"</Description>
  3686. <VariableType>Float</VariableType>
  3687. <Address>+0</Address>
  3688. <Offsets>
  3689. <Offset>54C</Offset>
  3690. </Offsets>
  3691. </CheatEntry>
  3692. <CheatEntry>
  3693. <ID>24343</ID>
  3694. <Description>"[0900] ProjectilesPerShot"</Description>
  3695. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3696. <LastState Value="" RealAddress="00000000"/>
  3697. <Color>6E6F6F</Color>
  3698. <GroupHeader>1</GroupHeader>
  3699. <Address>+0</Address>
  3700. <Offsets>
  3701. <Offset>900</Offset>
  3702. </Offsets>
  3703. <CheatEntries>
  3704. <CheatEntry>
  3705. <ID>24344</ID>
  3706. <Description>"[0004] ProjectilesPerShot_Current"</Description>
  3707. <VariableType>4 Bytes</VariableType>
  3708. <Address>+4</Address>
  3709. </CheatEntry>
  3710. <CheatEntry>
  3711. <ID>24345</ID>
  3712. <Description>"[0008] ProjectilesPerShot_Default"</Description>
  3713. <VariableType>4 Bytes</VariableType>
  3714. <Address>+8</Address>
  3715. </CheatEntry>
  3716. </CheatEntries>
  3717. </CheatEntry>
  3718. <CheatEntry>
  3719. <ID>24346</ID>
  3720. <Description>"[090C] ProjectileSpeedScale"</Description>
  3721. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3722. <LastState Value="" RealAddress="00000000"/>
  3723. <Color>6E6F6F</Color>
  3724. <GroupHeader>1</GroupHeader>
  3725. <Address>+0</Address>
  3726. <Offsets>
  3727. <Offset>90C</Offset>
  3728. </Offsets>
  3729. <CheatEntries>
  3730. <CheatEntry>
  3731. <ID>24347</ID>
  3732. <Description>"[0004] ProjectileSpeedScale_Current"</Description>
  3733. <VariableType>Float</VariableType>
  3734. <Address>+4</Address>
  3735. </CheatEntry>
  3736. <CheatEntry>
  3737. <ID>24348</ID>
  3738. <Description>"[0008] ProjectileSpeedScale_Default"</Description>
  3739. <VariableType>Float</VariableType>
  3740. <Address>+8</Address>
  3741. </CheatEntry>
  3742. </CheatEntries>
  3743. </CheatEntry>
  3744. <CheatEntry>
  3745. <ID>24349</ID>
  3746. <Description>"[0948] Range"</Description>
  3747. <VariableType>Float</VariableType>
  3748. <Address>+0</Address>
  3749. <Offsets>
  3750. <Offset>948</Offset>
  3751. </Offsets>
  3752. </CheatEntry>
  3753. </CheatEntries>
  3754. </CheatEntry>
  3755. <CheatEntry>
  3756. <ID>24210</ID>
  3757. <Description>"[0480] WeaponType"</Description>
  3758. <ShowAsHex>1</ShowAsHex>
  3759. <VariableType>8 Bytes</VariableType>
  3760. <Address>+0</Address>
  3761. <Offsets>
  3762. <Offset>480</Offset>
  3763. </Offsets>
  3764. </CheatEntry>
  3765. <CheatEntry>
  3766. <ID>24197</ID>
  3767. <Description>"[04A0] WeaponUser"</Description>
  3768. <ShowAsHex>1</ShowAsHex>
  3769. <VariableType>8 Bytes</VariableType>
  3770. <Address>+0</Address>
  3771. <Offsets>
  3772. <Offset>4A0</Offset>
  3773. </Offsets>
  3774. </CheatEntry>
  3775. <CheatEntry>
  3776. <ID>24199</ID>
  3777. <Description>"[0958] OakCharacter (BPWeap_BaseWeapon_C.OakCharacter)"</Description>
  3778. <ShowAsHex>1</ShowAsHex>
  3779. <VariableType>8 Bytes</VariableType>
  3780. <Address>+0</Address>
  3781. <Offsets>
  3782. <Offset>958</Offset>
  3783. </Offsets>
  3784. </CheatEntry>
  3785. <CheatEntry>
  3786. <ID>24198</ID>
  3787. <Description>"[0960] Manufacturer (OakManufacturerData)"</Description>
  3788. <ShowAsHex>1</ShowAsHex>
  3789. <VariableType>8 Bytes</VariableType>
  3790. <Address>+0</Address>
  3791. <Offsets>
  3792. <Offset>960</Offset>
  3793. </Offsets>
  3794. </CheatEntry>
  3795. </CheatEntries>
  3796. </CheatEntry>
  3797. <CheatEntry>
  3798. <ID>24180</ID>
  3799. <Description>"[1E50] OwnedVehicle"</Description>
  3800. <ShowAsHex>1</ShowAsHex>
  3801. <VariableType>8 Bytes</VariableType>
  3802. <Address>+0</Address>
  3803. <Offsets>
  3804. <Offset>1E50</Offset>
  3805. </Offsets>
  3806. </CheatEntry>
  3807. <CheatEntry>
  3808. <ID>24156</ID>
  3809. <Description>"[2318] bSanctuaryZeroGravity"</Description>
  3810. <VariableType>Byte</VariableType>
  3811. <Address>+0</Address>
  3812. <Offsets>
  3813. <Offset>2318</Offset>
  3814. </Offsets>
  3815. </CheatEntry>
  3816. <CheatEntry>
  3817. <ID>24157</ID>
  3818. <Description>"[26C0] GrenadeThrowCooldown"</Description>
  3819. <VariableType>Float</VariableType>
  3820. <Address>+0</Address>
  3821. <Offsets>
  3822. <Offset>26C0</Offset>
  3823. </Offsets>
  3824. </CheatEntry>
  3825. <CheatEntry>
  3826. <ID>24158</ID>
  3827. <Description>"[2AC8] PlayerBalanceStateComponent"</Description>
  3828. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3829. <LastState Value="" RealAddress="00000000"/>
  3830. <Color>6E6F6F</Color>
  3831. <GroupHeader>1</GroupHeader>
  3832. <Address>+0</Address>
  3833. <Offsets>
  3834. <Offset>2AC8</Offset>
  3835. </Offsets>
  3836. <CheatEntries>
  3837. <CheatEntry>
  3838. <ID>24159</ID>
  3839. <Description>"PlayerBalanceStateComponent"</Description>
  3840. <ShowAsHex>1</ShowAsHex>
  3841. <Color>9D9A89</Color>
  3842. <VariableType>8 Bytes</VariableType>
  3843. <Address>+0</Address>
  3844. </CheatEntry>
  3845. <CheatEntry>
  3846. <ID>24160</ID>
  3847. <Description>"[01A4] Level"</Description>
  3848. <VariableType>4 Bytes</VariableType>
  3849. <Address>+0</Address>
  3850. <Offsets>
  3851. <Offset>1A4</Offset>
  3852. </Offsets>
  3853. </CheatEntry>
  3854. <CheatEntry>
  3855. <ID>24161</ID>
  3856. <Description>"[01D8] Experience"</Description>
  3857. <VariableType>4 Bytes</VariableType>
  3858. <Address>+0</Address>
  3859. <Offsets>
  3860. <Offset>1D8</Offset>
  3861. </Offsets>
  3862. </CheatEntry>
  3863. </CheatEntries>
  3864. </CheatEntry>
  3865. </CheatEntries>
  3866. </CheatEntry>
  3867. <CheatEntry>
  3868. <ID>24122</ID>
  3869. <Description>"[0510] AcknowledgedPawn"</Description>
  3870. <ShowAsHex>1</ShowAsHex>
  3871. <VariableType>8 Bytes</VariableType>
  3872. <Address>+0</Address>
  3873. <Offsets>
  3874. <Offset>510</Offset>
  3875. </Offsets>
  3876. </CheatEntry>
  3877. <CheatEntry>
  3878. <ID>24143</ID>
  3879. <Description>"[0528] PlayerCameraManager"</Description>
  3880. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3881. <LastState Value="" RealAddress="00000528"/>
  3882. <Color>6E6F6F</Color>
  3883. <GroupHeader>1</GroupHeader>
  3884. <Address>+0</Address>
  3885. <Offsets>
  3886. <Offset>528</Offset>
  3887. </Offsets>
  3888. <CheatEntries>
  3889. <CheatEntry>
  3890. <ID>24144</ID>
  3891. <Description>"PlayerCameraManager"</Description>
  3892. <ShowAsHex>1</ShowAsHex>
  3893. <Color>9D9A89</Color>
  3894. <VariableType>8 Bytes</VariableType>
  3895. <Address>+0</Address>
  3896. </CheatEntry>
  3897. <CheatEntry>
  3898. <ID>24145</ID>
  3899. <Description>"[2BB0] CachedCameraShakeMod"</Description>
  3900. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3901. <LastState Value="" RealAddress="00000000"/>
  3902. <Color>6E6F6F</Color>
  3903. <GroupHeader>1</GroupHeader>
  3904. <Address>+0</Address>
  3905. <Offsets>
  3906. <Offset>2BB0</Offset>
  3907. </Offsets>
  3908. <CheatEntries>
  3909. <CheatEntry>
  3910. <ID>24146</ID>
  3911. <Description>"CachedCameraShakeMod"</Description>
  3912. <ShowAsHex>1</ShowAsHex>
  3913. <Color>9D9A89</Color>
  3914. <VariableType>8 Bytes</VariableType>
  3915. <Address>+0</Address>
  3916. </CheatEntry>
  3917. <CheatEntry>
  3918. <ID>24147</ID>
  3919. <Description>"[0028] CameraModifier .bExclusive|.bDebug"</Description>
  3920. <ShowAsHex>1</ShowAsHex>
  3921. <VariableType>Byte</VariableType>
  3922. <Address>+0</Address>
  3923. <Offsets>
  3924. <Offset>28</Offset>
  3925. </Offsets>
  3926. </CheatEntry>
  3927. </CheatEntries>
  3928. </CheatEntry>
  3929. </CheatEntries>
  3930. </CheatEntry>
  3931. <CheatEntry>
  3932. <ID>24138</ID>
  3933. <Description>"[05A8] CheatManager"</Description>
  3934. <ShowAsHex>1</ShowAsHex>
  3935. <VariableType>8 Bytes</VariableType>
  3936. <Address>+0</Address>
  3937. <Offsets>
  3938. <Offset>5A8</Offset>
  3939. </Offsets>
  3940. </CheatEntry>
  3941. <CheatEntry>
  3942. <ID>24333</ID>
  3943. <Description>"[0A91] DifficultySetting"</Description>
  3944. <VariableType>Byte</VariableType>
  3945. <Address>+0</Address>
  3946. <Offsets>
  3947. <Offset>A91</Offset>
  3948. </Offsets>
  3949. </CheatEntry>
  3950. <CheatEntry>
  3951. <ID>24361</ID>
  3952. <Description>"[0C60] PlayerGuardianRankComponent"</Description>
  3953. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  3954. <LastState Value="" RealAddress="00000C60"/>
  3955. <Color>6E6F6F</Color>
  3956. <GroupHeader>1</GroupHeader>
  3957. <Address>+0</Address>
  3958. <Offsets>
  3959. <Offset>C60</Offset>
  3960. </Offsets>
  3961. <CheatEntries>
  3962. <CheatEntry>
  3963. <ID>24362</ID>
  3964. <Description>"PlayerGuardianRankComponent"</Description>
  3965. <ShowAsHex>1</ShowAsHex>
  3966. <Color>9D9A89</Color>
  3967. <VariableType>8 Bytes</VariableType>
  3968. <Address>+0</Address>
  3969. </CheatEntry>
  3970. <CheatEntry>
  3971. <ID>24363</ID>
  3972. <Description>"[0178] GuardianRank"</Description>
  3973. <VariableType>4 Bytes</VariableType>
  3974. <Address>+0</Address>
  3975. <Offsets>
  3976. <Offset>178</Offset>
  3977. </Offsets>
  3978. </CheatEntry>
  3979. <CheatEntry>
  3980. <ID>24364</ID>
  3981. <Description>"[017C] AvailableTokens"</Description>
  3982. <VariableType>4 Bytes</VariableType>
  3983. <Address>+0</Address>
  3984. <Offsets>
  3985. <Offset>17C</Offset>
  3986. </Offsets>
  3987. </CheatEntry>
  3988. <CheatEntry>
  3989. <ID>24365</ID>
  3990. <Description>"[0180] GuardianExperience"</Description>
  3991. <VariableType>8 Bytes</VariableType>
  3992. <Address>+0</Address>
  3993. <Offsets>
  3994. <Offset>180</Offset>
  3995. </Offsets>
  3996. </CheatEntry>
  3997. </CheatEntries>
  3998. </CheatEntry>
  3999. <CheatEntry>
  4000. <ID>24330</ID>
  4001. <Description>"[0C68] FogOfDiscoveryComponent"</Description>
  4002. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4003. <LastState Value="" RealAddress="00000C68"/>
  4004. <Color>6E6F6F</Color>
  4005. <GroupHeader>1</GroupHeader>
  4006. <Address>+0</Address>
  4007. <Offsets>
  4008. <Offset>C68</Offset>
  4009. </Offsets>
  4010. <CheatEntries>
  4011. <CheatEntry>
  4012. <ID>24331</ID>
  4013. <Description>"FogOfDiscoveryComponent"</Description>
  4014. <ShowAsHex>1</ShowAsHex>
  4015. <Color>9D9A89</Color>
  4016. <VariableType>8 Bytes</VariableType>
  4017. <Address>+0</Address>
  4018. </CheatEntry>
  4019. <CheatEntry>
  4020. <ID>24332</ID>
  4021. <Description>"[01A8] PlayerUnfogRadius|VehicleUnfogRadius"</Description>
  4022. <VariableType>Float</VariableType>
  4023. <Address>+0</Address>
  4024. <Offsets>
  4025. <Offset>1A8</Offset>
  4026. </Offsets>
  4027. </CheatEntry>
  4028. </CheatEntries>
  4029. </CheatEntry>
  4030. <CheatEntry>
  4031. <ID>24340</ID>
  4032. <Description>"[1638] bInfiniteAmmo"</Description>
  4033. <VariableType>Byte</VariableType>
  4034. <Address>+0</Address>
  4035. <Offsets>
  4036. <Offset>1638</Offset>
  4037. </Offsets>
  4038. </CheatEntry>
  4039. <CheatEntry>
  4040. <ID>24140</ID>
  4041. <Description>"[1A78] DeveloperPerks"</Description>
  4042. <ShowAsHex>1</ShowAsHex>
  4043. <VariableType>8 Bytes</VariableType>
  4044. <Address>+0</Address>
  4045. <Offsets>
  4046. <Offset>1A78</Offset>
  4047. </Offsets>
  4048. </CheatEntry>
  4049. </CheatEntries>
  4050. </CheatEntry>
  4051. <CheatEntry>
  4052. <ID>23964</ID>
  4053. <Description>"[0058] GameViewportClient"</Description>
  4054. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4055. <LastState Value="" RealAddress="04F100A0"/>
  4056. <Color>6E6F6F</Color>
  4057. <GroupHeader>1</GroupHeader>
  4058. <Address>GameViewportClient</Address>
  4059. <CheatEntries>
  4060. <CheatEntry>
  4061. <ID>24125</ID>
  4062. <Description>"GameViewportClient"</Description>
  4063. <LastState Value="0000000000000000" RealAddress="04F100A0"/>
  4064. <ShowAsHex>1</ShowAsHex>
  4065. <Color>9D9A89</Color>
  4066. <VariableType>8 Bytes</VariableType>
  4067. <Address>GameViewportClient</Address>
  4068. </CheatEntry>
  4069. <CheatEntry>
  4070. <ID>24126</ID>
  4071. <Description>"[0050] ViewportConsole"</Description>
  4072. <ShowAsHex>1</ShowAsHex>
  4073. <VariableType>8 Bytes</VariableType>
  4074. <Address>+0</Address>
  4075. <Offsets>
  4076. <Offset>50</Offset>
  4077. </Offsets>
  4078. </CheatEntry>
  4079. <CheatEntry>
  4080. <ID>23961</ID>
  4081. <Description>"[0088] World"</Description>
  4082. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4083. <LastState Value="" RealAddress="00000088"/>
  4084. <Color>6E6F6F</Color>
  4085. <GroupHeader>1</GroupHeader>
  4086. <Address>+0</Address>
  4087. <Offsets>
  4088. <Offset>88</Offset>
  4089. </Offsets>
  4090. <CheatEntries>
  4091. <CheatEntry>
  4092. <ID>24128</ID>
  4093. <Description>"World"</Description>
  4094. <ShowAsHex>1</ShowAsHex>
  4095. <Color>9D9A89</Color>
  4096. <VariableType>8 Bytes</VariableType>
  4097. <Address>+0</Address>
  4098. </CheatEntry>
  4099. <CheatEntry>
  4100. <ID>23938</ID>
  4101. <Description>"[0030] PersistentLevel"</Description>
  4102. <ShowAsHex>1</ShowAsHex>
  4103. <VariableType>8 Bytes</VariableType>
  4104. <Address>+0</Address>
  4105. <Offsets>
  4106. <Offset>30</Offset>
  4107. </Offsets>
  4108. </CheatEntry>
  4109. <CheatEntry>
  4110. <ID>24129</ID>
  4111. <Description>"[0140] AuthorityGameMode"</Description>
  4112. <ShowAsHex>1</ShowAsHex>
  4113. <VariableType>8 Bytes</VariableType>
  4114. <Address>+0</Address>
  4115. <Offsets>
  4116. <Offset>140</Offset>
  4117. </Offsets>
  4118. </CheatEntry>
  4119. <CheatEntry>
  4120. <ID>24133</ID>
  4121. <Description>"[0148] GameState"</Description>
  4122. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4123. <LastState Value="" RealAddress="00000000"/>
  4124. <Color>6E6F6F</Color>
  4125. <GroupHeader>1</GroupHeader>
  4126. <Address>+0</Address>
  4127. <Offsets>
  4128. <Offset>148</Offset>
  4129. </Offsets>
  4130. <CheatEntries>
  4131. <CheatEntry>
  4132. <ID>23940</ID>
  4133. <Description>"GameState"</Description>
  4134. <ShowAsHex>1</ShowAsHex>
  4135. <Color>9D9A89</Color>
  4136. <VariableType>8 Bytes</VariableType>
  4137. <Address>+0</Address>
  4138. </CheatEntry>
  4139. <CheatEntry>
  4140. <ID>24134</ID>
  4141. <Description>"[06C8] InventoryShopResetPeriod"</Description>
  4142. <VariableType>Float</VariableType>
  4143. <Address>+0</Address>
  4144. <Offsets>
  4145. <Offset>6C8</Offset>
  4146. </Offsets>
  4147. </CheatEntry>
  4148. <CheatEntry>
  4149. <ID>24136</ID>
  4150. <Description>"[06DC] ReplicatedSecondsBeforeShopsReset"</Description>
  4151. <VariableType>Float</VariableType>
  4152. <Address>+0</Address>
  4153. <Offsets>
  4154. <Offset>6DC</Offset>
  4155. </Offsets>
  4156. </CheatEntry>
  4157. <CheatEntry>
  4158. <ID>24135</ID>
  4159. <Description>"[06E0] LocalSecondsBeforeShopsReset"</Description>
  4160. <VariableType>Float</VariableType>
  4161. <Address>+0</Address>
  4162. <Offsets>
  4163. <Offset>6E0</Offset>
  4164. </Offsets>
  4165. </CheatEntry>
  4166. <CheatEntry>
  4167. <ID>24137</ID>
  4168. <Description>"[0758] bInfiniteAmmo"</Description>
  4169. <VariableType>Byte</VariableType>
  4170. <Address>+0</Address>
  4171. <Offsets>
  4172. <Offset>758</Offset>
  4173. </Offsets>
  4174. </CheatEntry>
  4175. </CheatEntries>
  4176. </CheatEntry>
  4177. <CheatEntry>
  4178. <ID>24130</ID>
  4179. <Description>"[0160] Levels"</Description>
  4180. <ShowAsHex>1</ShowAsHex>
  4181. <VariableType>8 Bytes</VariableType>
  4182. <Address>+0</Address>
  4183. <Offsets>
  4184. <Offset>160</Offset>
  4185. </Offsets>
  4186. </CheatEntry>
  4187. <CheatEntry>
  4188. <ID>24131</ID>
  4189. <Description>"[0170] LevelCollections"</Description>
  4190. <ShowAsHex>1</ShowAsHex>
  4191. <VariableType>8 Bytes</VariableType>
  4192. <Address>+0</Address>
  4193. <Offsets>
  4194. <Offset>170</Offset>
  4195. </Offsets>
  4196. </CheatEntry>
  4197. <CheatEntry>
  4198. <ID>24132</ID>
  4199. <Description>"[0190] OwningGameInstance"</Description>
  4200. <ShowAsHex>1</ShowAsHex>
  4201. <VariableType>8 Bytes</VariableType>
  4202. <Address>+0</Address>
  4203. <Offsets>
  4204. <Offset>190</Offset>
  4205. </Offsets>
  4206. </CheatEntry>
  4207. </CheatEntries>
  4208. </CheatEntry>
  4209. <CheatEntry>
  4210. <ID>24127</ID>
  4211. <Description>"[0090] GameInstance"</Description>
  4212. <ShowAsHex>1</ShowAsHex>
  4213. <VariableType>8 Bytes</VariableType>
  4214. <Address>+0</Address>
  4215. <Offsets>
  4216. <Offset>90</Offset>
  4217. </Offsets>
  4218. </CheatEntry>
  4219. </CheatEntries>
  4220. </CheatEntry>
  4221. </CheatEntries>
  4222. </CheatEntry>
  4223. <CheatEntry>
  4224. <ID>24141</ID>
  4225. <Description>"ZoneMapGlobalsData"</Description>
  4226. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4227. <LastState Value="" RealAddress="00000000"/>
  4228. <Color>6E6F6F</Color>
  4229. <GroupHeader>1</GroupHeader>
  4230. <Address>ZoneMapGlobalsData</Address>
  4231. <CheatEntries>
  4232. <CheatEntry>
  4233. <ID>24142</ID>
  4234. <Description>"ZoneMapGlobalsData"</Description>
  4235. <ShowAsHex>1</ShowAsHex>
  4236. <Color>9D9A89</Color>
  4237. <VariableType>8 Bytes</VariableType>
  4238. <Address>+0</Address>
  4239. </CheatEntry>
  4240. <CheatEntry>
  4241. <ID>24336</ID>
  4242. <Description>"[0218] PlayerUnfogRadius"</Description>
  4243. <VariableType>Float</VariableType>
  4244. <Address>+218</Address>
  4245. </CheatEntry>
  4246. <CheatEntry>
  4247. <ID>24337</ID>
  4248. <Description>"[021C] VehicleUnfogRadius"</Description>
  4249. <VariableType>Float</VariableType>
  4250. <Address>+21C</Address>
  4251. </CheatEntry>
  4252. <CheatEntry>
  4253. <ID>24338</ID>
  4254. <Description>"[0220] DefaultUnfogHeight"</Description>
  4255. <VariableType>Float</VariableType>
  4256. <Address>+220</Address>
  4257. </CheatEntry>
  4258. <CheatEntry>
  4259. <ID>24339</ID>
  4260. <Description>"[0224] DefaultVehicleUnfogHeight"</Description>
  4261. <VariableType>Float</VariableType>
  4262. <Address>+224</Address>
  4263. </CheatEntry>
  4264. </CheatEntries>
  4265. </CheatEntry>
  4266. <CheatEntry>
  4267. <ID>24334</ID>
  4268. <Description>"Mock-Up"</Description>
  4269. <Options moHideChildren="1" moManualExpandCollapse="1"/>
  4270. <LastState Value="" RealAddress="00000000"/>
  4271. <Color>6E6F6F</Color>
  4272. <GroupHeader>1</GroupHeader>
  4273. <Address/>
  4274. <CheatEntries>
  4275. <CheatEntry>
  4276. <ID>24335</ID>
  4277. <Description>"No description"</Description>
  4278. <ShowAsHex>1</ShowAsHex>
  4279. <Color>9D9A89</Color>
  4280. <VariableType>8 Bytes</VariableType>
  4281. <Address>+0</Address>
  4282. </CheatEntry>
  4283. </CheatEntries>
  4284. </CheatEntry>
  4285. <CheatEntry>
  4286. <ID>24078</ID>
  4287. <Description>"[ Not Updated ]"</Description>
  4288. <Options moHideChildren="1"/>
  4289. <LastState Value="" RealAddress="00000000"/>
  4290. <Color>6E6F6F</Color>
  4291. <GroupHeader>1</GroupHeader>
  4292. <CheatEntries>
  4293. <CheatEntry>
  4294. <ID>8</ID>
  4295. <Description>"Unreal Engine 'god' :)"</Description>
  4296. <LastState/>
  4297. <VariableType>Auto Assembler Script</VariableType>
  4298. <AssemblerScript>{$STRICT}
  4299.  
  4300. {$lua}
  4301.  
  4302. if syntaxcheck then return end
  4303.  
  4304. [ENABLE]
  4305.  
  4306. local t = getAddressSafe( "OakPlayerController" )
  4307. t = readQword( t )
  4308. t = readQword( t + 0x488 ) -- OakCharacter
  4309. local u = readBytes( t + 0x91 )
  4310. u = u &amp; 0xBF
  4311. writeBytes( t + 0x91, u )
  4312.  
  4313. [DISABLE]
  4314.  
  4315. local t = getAddressSafe( "OakPlayerController" )
  4316. t = readQword( t )
  4317. t = readQword( t + 0x488 ) -- OakCharacter
  4318. local u = readBytes( t + 0x91 )
  4319. u = u | 0x40
  4320. writeBytes( t + 0x91, u )
  4321.  
  4322. </AssemblerScript>
  4323. </CheatEntry>
  4324. <CheatEntry>
  4325. <ID>10</ID>
  4326. <Description>"Init &amp; Link 'god' UFunction"</Description>
  4327. <LastState/>
  4328. <VariableType>Auto Assembler Script</VariableType>
  4329. <AssemblerScript Async="1">[ENABLE]
  4330.  
  4331. alloc( ZConstructGodThread, 0x1000, Borderlands3.exe )
  4332. registersymbol( ZConstructGodThread )
  4333. CreateThread( ZConstructGodThread )
  4334.  
  4335. label( pReturnFunction )
  4336. label( pszGod )
  4337. label( Z_Construct_UFunction_UCheatManager_God )
  4338. registersymbol( Z_Construct_UFunction_UCheatManager_God )
  4339. label( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  4340. registersymbol( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  4341. label( aZ_Construct_UFunction_UCheatManager_God )
  4342. registersymbol( aZ_Construct_UFunction_UCheatManager_God )
  4343.  
  4344. ZConstructGodThread:
  4345. db EB FE
  4346. sub rsp,178
  4347. mov r8d,1
  4348. lea rdx,[aZ_Construct_UFunction_UCheatManager_God]
  4349. mov rcx,[Borderlands3.exe+66026A0]
  4350. call Borderlands3.exe+147F3A0 // UClass::CreateLinkAndAddChildFunctionsToMap
  4351. add rsp,178
  4352. ret
  4353.  
  4354. align 10 CC
  4355.  
  4356. Z_Construct_UFunction_UCheatManager_God:
  4357. sub rsp,28
  4358. mov rax,[pReturnFunction]
  4359. test rax,rax
  4360. jne short @f
  4361. lea rdx,[Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams]
  4362. lea rcx,[pReturnFunction]
  4363. call Borderlands3.exe+14EE340 // UE4CodeGen_Private::ConstructUFunction
  4364. mov rax,[pReturnFunction]
  4365. @@:
  4366. add rsp,28
  4367. ret
  4368.  
  4369. align 10 CC
  4370.  
  4371. pReturnFunction:
  4372. dq 0
  4373.  
  4374. align 10 CC
  4375.  
  4376. pszGod:
  4377. db 'God',0
  4378.  
  4379. align 10 CC
  4380.  
  4381. Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams:
  4382. dq Borderlands3.exe+2661100 // 0x0 - Z_Construct_UClass_UCheatManager
  4383. dq pszGod // 0x8
  4384. dq 0x45 // 0x10
  4385. dq 0 // 0x18
  4386. dq 04020600 // 0x20
  4387. dq 0 // 0x28
  4388. dq 0 // 0x30
  4389. dq 0 // 0x38
  4390.  
  4391. align 10 CC
  4392.  
  4393. aZ_Construct_UFunction_UCheatManager_God:
  4394. dq Z_Construct_UFunction_UCheatManager_God // 0x0
  4395. dq pszGod // 0x8
  4396.  
  4397. align 10 CC
  4398.  
  4399. [DISABLE]
  4400.  
  4401. unregistersymbol( Z_Construct_UFunction_UCheatManager_God )
  4402. unregistersymbol( aZ_Construct_UFunction_UCheatManager_God )
  4403. unregistersymbol( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  4404. unregistersymbol( ZConstructGodThread )
  4405. dealloc( ZConstructGodThread )
  4406. </AssemblerScript>
  4407. </CheatEntry>
  4408. <CheatEntry>
  4409. <ID>14</ID>
  4410. <Description>"Test_StaticFindUObject"</Description>
  4411. <LastState/>
  4412. <VariableType>Auto Assembler Script</VariableType>
  4413. <AssemblerScript>[ENABLE]
  4414.  
  4415. alloc( UEThread, 0x1000, Borderlands3.exe )
  4416. registersymbol( UEThread )
  4417. CreateThread( UEThread )
  4418. label( UEThreadOff )
  4419. registersymbol( UEThreadOff )
  4420. label( UEThread_loop )
  4421.  
  4422. label( FindUObject_do )
  4423.  
  4424. UEThread:
  4425. sub rsp,28
  4426.  
  4427. UEThread_loop:
  4428. mov rcx,A
  4429. call Sleep
  4430.  
  4431. cmp [UEThreadOff],1
  4432. jne short @f
  4433. add rsp,28
  4434. mov [UEThreadOff],2
  4435. ret
  4436. @@:
  4437.  
  4438. mov rcx,6E // VK_DECIMAL
  4439. call GetAsyncKeyState
  4440. test ax,ax
  4441. je short @f
  4442.  
  4443. call short FindUObject_do
  4444. mov rcx,C8
  4445. call Sleep
  4446.  
  4447. @@:
  4448. jmp short UEThread_loop
  4449.  
  4450. align 10 CC
  4451.  
  4452. FindUObject_do:
  4453. sub rsp,28
  4454. xor r9d,r9d
  4455. lea r8,[szSpawnAwesomeItems]
  4456. mov rax,[OakPlayerController]
  4457. mov rax,[rax+1970]
  4458. mov rdx,[rax+10] // 0x20: BlueprintGeneratedClass BP_DevPerks.BP_DevPerks_C
  4459. mov rcx,[Borderlands3.exe+64D2020] // 0x10: Class CoreUObject.Function
  4460. call Borderlands3.exe+1500B80 // StaticFindObject
  4461. add rsp,28
  4462. ret
  4463.  
  4464. align 10 CC
  4465.  
  4466. szSpawnAwesomeItems:
  4467. db 'S',0,'p',0,'a',0,'w',0,'n',0,'A',0,'w',0,'e',0,'s',0,'o',0,'m',0,'e',0,'I',0,'t',0,'e',0,'m',0,'s',0,0,0
  4468.  
  4469. align 10 CC
  4470.  
  4471. UEThreadOff:
  4472. dd 0
  4473.  
  4474. [DISABLE]
  4475.  
  4476.  
  4477. {$lua}
  4478.  
  4479. if( syntaxcheck == false ) then --actual execution
  4480. local starttime = getTickCount()
  4481.  
  4482. if readInteger( "UEThreadOff" ) == 0 then --could be 2 already
  4483. writeInteger( "UEThreadOff", 1 ) --tell the thread to kill itself
  4484. end
  4485.  
  4486. while( getTickCount() &lt; starttime + 1000 ) and ( readInteger( "UEThreadOff" ) ~= 2 ) do --wait till it has finished
  4487. sleep( 20 )
  4488. end
  4489.  
  4490. if( getTickCount() &gt; starttime + 1000 ) then --could happen when the window is shown
  4491. showMessage( 'Disabling the thread failed!' )
  4492. error( 'Thread disabling failed!' )
  4493. end
  4494. sleep( 1 )
  4495. end
  4496.  
  4497. {$asm}
  4498.  
  4499. unregistersymbol( UEThreadOff )
  4500. unregistersymbol( UEThread )
  4501. dealloc( UEThread )
  4502. </AssemblerScript>
  4503. </CheatEntry>
  4504. <CheatEntry>
  4505. <ID>15</ID>
  4506. <Description>"UFunction SpawnAwesomeItems"</Description>
  4507. <ShowAsHex>1</ShowAsHex>
  4508. <VariableType>8 Bytes</VariableType>
  4509. <Address>282DDD80</Address>
  4510. <CheatEntries>
  4511. <CheatEntry>
  4512. <ID>16</ID>
  4513. <Description>"UFlags"</Description>
  4514. <ShowAsHex>1</ShowAsHex>
  4515. <VariableType>4 Bytes</VariableType>
  4516. <Address>+88</Address>
  4517. </CheatEntry>
  4518. <CheatEntry>
  4519. <ID>16229</ID>
  4520. <Description>"UFunction_ByteCode"</Description>
  4521. <ShowAsHex>1</ShowAsHex>
  4522. <VariableType>Array of byte</VariableType>
  4523. <ByteLength>172</ByteLength>
  4524. <Address>+48</Address>
  4525. <Offsets>
  4526. <Offset>0</Offset>
  4527. </Offsets>
  4528. <CheatEntries>
  4529. <CheatEntry>
  4530. <ID>16230</ID>
  4531. <Description>"ItemPoolData_1_1 (ItemPoolData ItemPool_Artifacts_05_Legendary.ItemPool_Artifacts_05_Legendary)"</Description>
  4532. <ShowAsHex>1</ShowAsHex>
  4533. <VariableType>8 Bytes</VariableType>
  4534. <Address>+B</Address>
  4535. </CheatEntry>
  4536. <CheatEntry>
  4537. <ID>16231</ID>
  4538. <Description>"ItemPoolData_1_2 (ItemPoolData ItemPool_ClassMods_05_Legendary.ItemPool_ClassMods_05_Legendary)"</Description>
  4539. <ShowAsHex>1</ShowAsHex>
  4540. <VariableType>8 Bytes</VariableType>
  4541. <Address>+14</Address>
  4542. </CheatEntry>
  4543. <CheatEntry>
  4544. <ID>16232</ID>
  4545. <Description>"ItemPoolData_1_3 (ItemPoolData ItemPool_GrenadeMods_05_Legendary.ItemPool_GrenadeMods_05_Legendary)"</Description>
  4546. <ShowAsHex>1</ShowAsHex>
  4547. <VariableType>8 Bytes</VariableType>
  4548. <Address>+1D</Address>
  4549. </CheatEntry>
  4550. <CheatEntry>
  4551. <ID>16233</ID>
  4552. <Description>"ItemPoolData_1_4 (ItemPoolData ItemPool_Shields_05_Legendary.ItemPool_Shields_05_Legendary)"</Description>
  4553. <ShowAsHex>1</ShowAsHex>
  4554. <VariableType>8 Bytes</VariableType>
  4555. <Address>+26</Address>
  4556. </CheatEntry>
  4557. <CheatEntry>
  4558. <ID>16234</ID>
  4559. <Description>"ItemPoolData_1_5 (ItemPoolData ItemPool_Guns_Legendary.ItemPool_Guns_Legendary)"</Description>
  4560. <ShowAsHex>1</ShowAsHex>
  4561. <VariableType>8 Bytes</VariableType>
  4562. <Address>+2F</Address>
  4563. </CheatEntry>
  4564. <CheatEntry>
  4565. <ID>16235</ID>
  4566. <Description>"ItemPoolData_1_6 (ItemPoolData ItemPool_Guns_Legendary.ItemPool_Guns_Legendary)"</Description>
  4567. <ShowAsHex>1</ShowAsHex>
  4568. <VariableType>8 Bytes</VariableType>
  4569. <Address>+38</Address>
  4570. </CheatEntry>
  4571. <CheatEntry>
  4572. <ID>16236</ID>
  4573. <Description>"ItemPoolData_1_7 (ItemPoolData ItemPool_Guns_Legendary.ItemPool_Guns_Legendary)"</Description>
  4574. <ShowAsHex>1</ShowAsHex>
  4575. <VariableType>8 Bytes</VariableType>
  4576. <Address>+41</Address>
  4577. </CheatEntry>
  4578. <CheatEntry>
  4579. <ID>16237</ID>
  4580. <Description>"ItemPoolData_1_8 (ItemPoolData ItemPool_Guns_Legendary.ItemPool_Guns_Legendary)"</Description>
  4581. <ShowAsHex>1</ShowAsHex>
  4582. <VariableType>8 Bytes</VariableType>
  4583. <Address>+4A</Address>
  4584. </CheatEntry>
  4585. <CheatEntry>
  4586. <ID>16238</ID>
  4587. <Description>"ItemPoolData_2_1 (ItemPoolData ItemPool_Eridium_Stack.ItemPool_Eridium_Stack)"</Description>
  4588. <ShowAsHex>1</ShowAsHex>
  4589. <VariableType>8 Bytes</VariableType>
  4590. <Address>+76</Address>
  4591. </CheatEntry>
  4592. <CheatEntry>
  4593. <ID>16239</ID>
  4594. <Description>"ItemPoolData_2_2 (ItemPoolData ItemPool_Eridium.ItemPool_Eridium)"</Description>
  4595. <ShowAsHex>1</ShowAsHex>
  4596. <VariableType>8 Bytes</VariableType>
  4597. <Address>+7F</Address>
  4598. </CheatEntry>
  4599. <CheatEntry>
  4600. <ID>16240</ID>
  4601. <Description>"ItemPoolData_2_3 (ItemPoolData ItemPool_Money_Rich.ItemPool_Money_Rich)"</Description>
  4602. <ShowAsHex>1</ShowAsHex>
  4603. <VariableType>8 Bytes</VariableType>
  4604. <Address>+88</Address>
  4605. </CheatEntry>
  4606. </CheatEntries>
  4607. </CheatEntry>
  4608. </CheatEntries>
  4609. </CheatEntry>
  4610. <CheatEntry>
  4611. <ID>16225</ID>
  4612. <Description>"Item Spawner"</Description>
  4613. <Options moHideChildren="1"/>
  4614. <LastState/>
  4615. <Color>FF0000</Color>
  4616. <VariableType>Auto Assembler Script</VariableType>
  4617. <AssemblerScript Async="1">[ENABLE]
  4618.  
  4619. alloc( UEThread, 0x1000, Borderlands3.exe )
  4620. registersymbol( UEThread )
  4621. CreateThread( UEThread )
  4622. label( UEThreadOff )
  4623. registersymbol( UEThreadOff )
  4624. label( UEThread_loop )
  4625.  
  4626. label( SpawnItem_do )
  4627.  
  4628. label( iAmount )
  4629. registersymbol( iAmount )
  4630. label( ppItemPoolArr )
  4631. registersymbol( ppItemPoolArr )
  4632. label( pItemPool )
  4633. registersymbol( pItemPool )
  4634.  
  4635. UEThread:
  4636. sub rsp,28
  4637.  
  4638. UEThread_loop:
  4639. mov rcx,A
  4640. call Sleep
  4641.  
  4642. cmp [UEThreadOff],1
  4643. jne short @f
  4644. add rsp,28
  4645. mov [UEThreadOff],2
  4646. ret
  4647. @@:
  4648.  
  4649. mov rcx,6E // VK_DECIMAL
  4650. call GetAsyncKeyState
  4651. test ax,ax
  4652. je short @f
  4653.  
  4654. call short SpawnItem_do
  4655. mov rcx,C8
  4656. call Sleep
  4657.  
  4658. @@:
  4659. jmp short UEThread_loop
  4660.  
  4661. align 10 CC
  4662.  
  4663. SpawnItem_do:
  4664. sub rsp,38
  4665. mov r8d,[iAmount] // item amount
  4666. lea rdx,[ppItemPoolArr] // pointer to pointer to ItemPoolArr
  4667. mov rcx,[OakDeveloperPerks] // UObject
  4668. call Borderlands3.exe+BAF140 // SpawnItems_Internal
  4669. add rsp,38
  4670. ret
  4671.  
  4672. align 10 CC
  4673.  
  4674. iAmount:
  4675. dd 1
  4676.  
  4677. align 10 CC
  4678.  
  4679. ppItemPoolArr:
  4680. dq pItemPool
  4681. dd 1 // dwArrSize (expand this to &gt; 1 if you add more items in pItemPool
  4682.  
  4683. align 10 CC
  4684.  
  4685. pItemPool:
  4686. dq 0
  4687. dq 0
  4688.  
  4689. UEThreadOff:
  4690. dd 0
  4691.  
  4692. [DISABLE]
  4693.  
  4694.  
  4695. {$lua}
  4696.  
  4697. if( syntaxcheck == false ) then --actual execution
  4698. local starttime = getTickCount()
  4699.  
  4700. if readInteger( "UEThreadOff" ) == 0 then --could be 2 already
  4701. writeInteger( "UEThreadOff", 1 ) --tell the thread to kill itself
  4702. end
  4703.  
  4704. while( getTickCount() &lt; starttime + 1000 ) and ( readInteger( "UEThreadOff" ) ~= 2 ) do --wait till it has finished
  4705. sleep( 20 )
  4706. end
  4707.  
  4708. if( getTickCount() &gt; starttime + 1000 ) then --could happen when the window is shown
  4709. showMessage( 'Disabling the thread failed!' )
  4710. error( 'Thread disabling failed!' )
  4711. end
  4712. sleep( 1 )
  4713. end
  4714.  
  4715. {$asm}
  4716.  
  4717. unregistersymbol( pItemPool )
  4718. unregistersymbol( ppItemPoolArr )
  4719. unregistersymbol( iAmount )
  4720.  
  4721. unregistersymbol( UEThreadOff )
  4722. unregistersymbol( UEThread )
  4723. dealloc( UEThread )
  4724. </AssemblerScript>
  4725. <CheatEntries>
  4726. <CheatEntry>
  4727. <ID>16226</ID>
  4728. <Description>"iAmount"</Description>
  4729. <Color>FF8080</Color>
  4730. <VariableType>4 Bytes</VariableType>
  4731. <Address>iAmount</Address>
  4732. </CheatEntry>
  4733. <CheatEntry>
  4734. <ID>16227</ID>
  4735. <Description>"pItemPool"</Description>
  4736. <ShowAsHex>1</ShowAsHex>
  4737. <Color>FF8080</Color>
  4738. <VariableType>8 Bytes</VariableType>
  4739. <Address>pItemPool</Address>
  4740. </CheatEntry>
  4741. </CheatEntries>
  4742. </CheatEntry>
  4743. <CheatEntry>
  4744. <ID>16241</ID>
  4745. <Description>"Assemble execOpenDebugMenu"</Description>
  4746. <LastState/>
  4747. <VariableType>Auto Assembler Script</VariableType>
  4748. <AssemblerScript Async="1">[ENABLE]
  4749.  
  4750. alloc( execOpenDebugMenu, 0x1000, Borderlands3.exe )
  4751. registersymbol( execOpenDebugMenu )
  4752.  
  4753. label( szCheatMenuData )
  4754. label( szGbxCheatSettings )
  4755.  
  4756. label( @L00000001 )
  4757. label( @L00000002 )
  4758. label( @L00000003 )
  4759. label( @L00000004 )
  4760. label( @L00000005 )
  4761. label( @L00000006 )
  4762.  
  4763. execOpenDebugMenu:
  4764.  
  4765. mov [rsp+10],rbp
  4766. mov [rsp+18],rsi
  4767. push rdi
  4768. sub rsp,50
  4769. mov rax,[rcx]
  4770. mov rdi,rcx
  4771. call qword ptr [rax+F88] // this changes
  4772. xor ebp,ebp
  4773. mov rsi,rax
  4774. mov [rsp+40],rbp
  4775. mov [rsp+48],rbp
  4776. test rax,rax
  4777. je @L00000006
  4778. mov rcx,[Borderlands3.exe+687E470] // GConfig
  4779. test rcx,rcx
  4780. je @L00000006
  4781. lea rax,[Borderlands3.exe+688A670] // path to Engine.ini
  4782. lea r9,[rsp+40]
  4783. mov [rsp+20],rax
  4784. lea r8,[szCheatMenuData] // L"CheatMenuData"
  4785. lea rdx,[szGbxCheatSettings] // L"GbxCheatSettings"
  4786. call Borderlands3.exe+158BCB0 // FConfigCacheIni::GetString
  4787. test al,al
  4788. je @L00000005
  4789. cmp [rsp+48],ebp
  4790. mov [rsp+60],rbx
  4791. lea rbx,[Borderlands3.exe+400DB18] // 0
  4792. cmovne rbx,[rsp+40]
  4793. call Borderlands3.exe+1BF5DF50 // GbxUmgMenuData::GetPrivateStaticClass
  4794. mov byte ptr [rsp+30],1
  4795. xor r9d,r9d
  4796. mov [rsp+28],rbp
  4797. mov r8,rbx
  4798. xor edx,edx
  4799. mov [rsp+20],ebp
  4800. mov rcx,rax
  4801. call Borderlands3.exe+16E3260 // StaticLoadObject
  4802. mov rbx,rax
  4803. test rax,rax
  4804. je short @L00000004
  4805. cmp [rax+48],rbp
  4806. je short @L00000002
  4807. call Borderlands3.exe+1BF5DCB0 // GbxUmgMenu::GetPrivateStaticClass
  4808. mov rdx,[rbx+48]
  4809. mov rcx,rdx
  4810. test rdx,rdx
  4811. je short @L00000002
  4812.  
  4813. @L00000001:
  4814. cmp rcx,rax
  4815. je short @L00000003
  4816. mov rcx,[rcx+30]
  4817. test rcx,rcx
  4818. jne short @L00000001
  4819.  
  4820. @L00000002:
  4821. mov rdx,rbp
  4822.  
  4823. @L00000003:
  4824. mov rcx,[rdi+A78] // this changes
  4825. call Borderlands3.exe+2DF2380
  4826. test al,al
  4827. jne short @L00000004
  4828. mov rdx,rbx
  4829. mov rcx,rsi
  4830. call Borderlands3.exe+2E0DBD0
  4831.  
  4832. @L00000004:
  4833. mov rbx,[rsp+60]
  4834.  
  4835. @L00000005:
  4836. mov rcx,[rsp+40]
  4837. test rcx,rcx
  4838. je short @L00000006
  4839. call Borderlands3.exe+1532090 // FMemory::Free
  4840.  
  4841. @L00000006:
  4842. mov rbp,[rsp+68]
  4843. mov rsi,[rsp+70]
  4844. add rsp,50
  4845. pop rdi
  4846. ret
  4847.  
  4848. align 10 CC
  4849.  
  4850. szCheatMenuData:
  4851. db 'C',0,'h',0,'e',0,'a',0,'t',0,'M',0,'e',0,'n',0,'u',0,'D',0,'a',0,'t',0,'a',0,0,0
  4852.  
  4853. align 10 CC
  4854.  
  4855. szGbxCheatSettings:
  4856. db 'G',0,'b',0,'x',0,'C',0,'h',0,'e',0,'a',0,'t',0,'S',0,'e',0,'t',0,'t',0,'i',0,'n',0,'g',0,'s',0,0,0
  4857.  
  4858. [DISABLE]
  4859.  
  4860. dealloc( execOpenDebugMenu )
  4861. unregistersymbol( execOpenDebugMenu )
  4862. </AssemblerScript>
  4863. </CheatEntry>
  4864. <CheatEntry>
  4865. <ID>6</ID>
  4866. <Description>"Restore 'god', 'playersonly', 'fly', 'ghost', 'walk'"</Description>
  4867. <Options moHideChildren="1"/>
  4868. <LastState/>
  4869. <VariableType>Auto Assembler Script</VariableType>
  4870. <AssemblerScript Async="1">{$STRICT}
  4871.  
  4872. {$lua}
  4873.  
  4874. if syntaxcheck then return end
  4875.  
  4876. [ENABLE]
  4877.  
  4878. local gameProcess = "Borderlands3.exe"
  4879. local gameModule = getAddress( gameProcess )
  4880.  
  4881. autoAssemble([[
  4882.  
  4883. alloc( ReCode, 0x1000, Borderlands3.exe )
  4884. registersymbol( ReCode )
  4885.  
  4886. label( UCheatManager_PlayersOnly )
  4887. registersymbol( UCheatManager_PlayersOnly )
  4888. label( UCharacter_ClientCheatWalk_Implementation )
  4889. registersymbol( UCharacter_ClientCheatWalk_Implementation )
  4890. label( UCharacter_ClientCheatFly_Implementation )
  4891. registersymbol( UCharacter_ClientCheatFly_Implementation )
  4892. label( UCharacter_ClientCheatGhost_Implementation )
  4893. registersymbol( UCharacter_ClientCheatGhost_Implementation )
  4894.  
  4895. label( Init )
  4896. registersymbol( Init )
  4897. label( Init_exit )
  4898. label( ConstructUFunctions )
  4899. registersymbol( ConstructUFunctions )
  4900. label( Z_Construct_UClass_UCheatManager_Statics_FuncInfo )
  4901. registersymbol( Z_Construct_UClass_UCheatManager_Statics_FuncInfo )
  4902. label( Z_Construct_UFunction_UCheatManager_God )
  4903. registersymbol( Z_Construct_UFunction_UCheatManager_God )
  4904. label( Z_Construct_UFunction_UCheatManager_Ghost )
  4905. registersymbol( Z_Construct_UFunction_UCheatManager_Ghost )
  4906. label( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  4907. registersymbol( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  4908. label( Z_Construct_UFunction_UCheatManager_Ghost_Statics_FuncParams )
  4909. registersymbol( Z_Construct_UFunction_UCheatManager_Ghost_Statics_FuncParams )
  4910. label( UFunction_God )
  4911. registersymbol( UFunction_God )
  4912. label( UFunction_Ghost )
  4913. registersymbol( UFunction_Ghost )
  4914.  
  4915. label( pszGod )
  4916. label( pszGhost )
  4917. label( pszSpawnAwesomeItems )
  4918.  
  4919. CreateThread( Init )
  4920.  
  4921. ReCode:
  4922.  
  4923. UCheatManager_PlayersOnly:
  4924. push rdi
  4925. sub rsp,20
  4926. mov rax,[rcx]
  4927. mov rdi,rcx
  4928. call qword ptr [rax+148] // UCheatManager::GetWorld
  4929. test byte ptr [rax+830],0x80 // bPlayersOnly
  4930. jne short @f
  4931. mov rax,[rdi]
  4932. mov rcx,rdi
  4933. call qword ptr [rax+148] // UCheatManager::GetWorld
  4934. test [rax+830],0x100 // bPlayersOnlyPending
  4935. jne short @f
  4936. mov rax,[rdi]
  4937. mov rcx,rdi
  4938. mov [rsp+30],rbx
  4939. call qword ptr [rax+148] // UCheatManager::GetWorld
  4940. mov rdx,[rdi]
  4941. mov rcx,rdi
  4942. mov rbx,rax
  4943. call qword ptr [rdx+148] // UCheatManager::GetWorld
  4944. mov ecx,[rbx+830] // bPlayersOnlyPending
  4945. mov rbx,[rsp+30]
  4946. not ecx // = !bPlayersOnlyPending
  4947. xor ecx,[rax+830]
  4948. and ecx,0x100
  4949. xor [rax+830],ecx
  4950. add rsp,20
  4951. pop rdi
  4952. ret
  4953. @@:
  4954. mov rax,[rdi]
  4955. mov rcx,rdi
  4956. call qword ptr [rax+148] // UCheatManager::GetWorld
  4957. mov rcx,rdi
  4958. and [rax+830],0xFFFFFF7F // bPlayersOnly = false
  4959. mov rax,[rdi]
  4960. call qword ptr [rax+148] // UCheatManager::GetWorld
  4961. and [rax+830],0xFFFFFEFF // bPlayersOnlyPending = false
  4962. add rsp,20
  4963. pop rdi
  4964. ret
  4965.  
  4966. align 10 CC
  4967.  
  4968. UCharacter_ClientCheatFly_Implementation:
  4969. push rbx
  4970. sub rsp,20
  4971. mov dl,1
  4972. mov rbx,rcx
  4973. call Borderlands3.exe+1F7F1C0 // AActor::SetActorEnableCollision
  4974. mov rax,[rbx+4C8]
  4975. test rax,rax
  4976. je short @f
  4977. or [rax+4B4],400
  4978. xor r8d,r8d
  4979. mov rcx,[rbx+4C8]
  4980. lea edx,[r8+5]
  4981. mov rax,[rcx]
  4982. add rsp,20
  4983. pop rbx
  4984. jmp qword ptr [rax+5A0] // UCharacterMovementComponent::SetMovementMode
  4985. @@:
  4986. add rsp,20
  4987. pop rbx
  4988. ret
  4989.  
  4990. align 10 CC
  4991.  
  4992. UCharacter_ClientCheatGhost_Implementation:
  4993. push rbx
  4994. sub rsp,20
  4995. xor edx,edx
  4996. mov rbx,rcx
  4997. call Borderlands3.exe+1F7F1C0 // AActor::SetActorEnableCollision
  4998. mov rax,[rbx+4C8]
  4999. test rax,rax
  5000. je short @f
  5001. or [rax+4B4],400
  5002. xor r8d,r8d
  5003. mov rcx,[rbx+4C8]
  5004. lea edx,[r8+5]
  5005. mov rax,[rcx]
  5006. add rsp,20
  5007. pop rbx
  5008. jmp qword ptr [rax+5A0] // UCharacterMovementComponent::SetMovementMode
  5009. @@:
  5010. add rsp,20
  5011. pop rbx
  5012. ret
  5013.  
  5014. align 10 CC
  5015.  
  5016. UCharacter_ClientCheatWalk_Implementation:
  5017. push rbx
  5018. sub rsp,20
  5019. mov dl,1
  5020. mov rbx,rcx
  5021. call Borderlands3.exe+1F7F1C0 // AActor::SetActorEnableCollision
  5022. mov rax,[rbx+4C8]
  5023. test rax,rax
  5024. je short @f
  5025. and [rax+4B4],BFF
  5026. xor r8d,r8d
  5027. mov rcx,[rbx+4C8]
  5028. lea edx,[r8+3]
  5029. mov rax,[rcx]
  5030. add rsp,20
  5031. pop rbx
  5032. jmp qword ptr [rax+5A0] // UCharacterMovementComponent::SetMovementMode
  5033. @@:
  5034. add rsp,20
  5035. pop rbx
  5036. ret
  5037.  
  5038. align 10 CC
  5039.  
  5040. Init:
  5041. sub rsp,28
  5042. xor r9d,r9d
  5043. lea r8,[pszSpawnAwesomeItems]
  5044. mov rax,[OakPlayerController]
  5045. mov rax,[rax+1970]
  5046. test rax,rax // if this is NULL by the time the user enables this script, abort
  5047. je short Init_exit
  5048. mov rdx,[rax+10] // 0x20: BlueprintGeneratedClass BP_DevPerks.BP_DevPerks_C
  5049. mov rcx,[Borderlands3.exe+64D6EA0] // 0x10: Class CoreUObject.Function
  5050. call Borderlands3.exe+14F9D80 // StaticFindObject
  5051. test rax,rax
  5052. je short @f
  5053. mov dword ptr [rax+88],4020600 // patch UFunction flags
  5054. @@:
  5055. call ConstructUFunctions
  5056. Init_exit:
  5057. add rsp,28
  5058. ret
  5059.  
  5060. align 10 CC
  5061.  
  5062. ConstructUFunctions:
  5063. sub rsp,178
  5064. mov r8d,2 // uint32 NumFunctions
  5065. lea rdx,[Z_Construct_UClass_UCheatManager_Statics_FuncInfo] // FClassFunctionLinkInfo* Functions
  5066. mov rcx,[Borderlands3.exe+6607640] // Class Engine.CheatManager
  5067. call Borderlands3.exe+14785A0 // UClass::CreateLinkAndAddChildFunctionsToMap
  5068. add rsp,178
  5069. ret
  5070.  
  5071. align 10 CC
  5072.  
  5073. Z_Construct_UFunction_UCheatManager_God:
  5074. sub rsp,28
  5075. mov rax,[UFunction_God]
  5076. test rax,rax
  5077. jne short @f
  5078. lea rdx,[Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams]
  5079. lea rcx,[UFunction_God]
  5080. call Borderlands3.exe+14E7540 // UE4CodeGen_Private::ConstructUFunction
  5081. mov rax,[UFunction_God]
  5082. @@:
  5083. add rsp,28
  5084. ret
  5085.  
  5086. align 10 CC
  5087.  
  5088. Z_Construct_UFunction_UCheatManager_Ghost:
  5089. sub rsp,28
  5090. mov rax,[UFunction_Ghost]
  5091. test rax,rax
  5092. jne short @f
  5093. lea rdx,[Z_Construct_UFunction_UCheatManager_Ghost_Statics_FuncParams]
  5094. lea rcx,[UFunction_Ghost]
  5095. call Borderlands3.exe+14E7540 // UE4CodeGen_Private::ConstructUFunction
  5096. mov rax,[UFunction_Ghost]
  5097. @@:
  5098. add rsp,28
  5099. ret
  5100.  
  5101. align 10 CC
  5102.  
  5103. UFunction_God:
  5104. dq 0
  5105.  
  5106. align 10 CC
  5107.  
  5108. UFunction_Ghost:
  5109. dq 0
  5110.  
  5111. align 10 CC
  5112.  
  5113. pszGod:
  5114. db 'God',0
  5115.  
  5116. align 10 CC
  5117.  
  5118. pszGhost:
  5119. db 'Ghost',0
  5120.  
  5121. align 10 CC
  5122.  
  5123. pszSpawnAwesomeItems:
  5124. db 'S',0,'p',0,'a',0,'w',0,'n',0,'A',0,'w',0,'e',0,'s',0,'o',0,'m',0,'e',0,'I',0,'t',0,'e',0,'m',0,'s',0,0,0
  5125.  
  5126. align 10 CC
  5127.  
  5128. Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams:
  5129. dq Borderlands3.exe+265A7C0 // 0x00 -&gt; Z_Construct_UClass_UCheatManager
  5130. dq pszGod // 0x08
  5131. dq 0x45 // 0x10
  5132. dq 0 // 0x18
  5133. dq 04020600 // 0x20
  5134. dq 0 // 0x28
  5135. dq 0 // 0x30
  5136. dq 0 // 0x38
  5137. dq 0
  5138.  
  5139. align 10 CC
  5140.  
  5141. Z_Construct_UFunction_UCheatManager_Ghost_Statics_FuncParams:
  5142. dq Borderlands3.exe+265A7C0 // 0x00 -&gt; Z_Construct_UClass_UCheatManager
  5143. dq pszGhost // 0x08
  5144. dq 0x45 // 0x10
  5145. dq 0 // 0x18
  5146. dq 04020600 // 0x20
  5147. dq 0 // 0x28
  5148. dq 0 // 0x30
  5149. dq 0 // 0x38
  5150. dq 0
  5151.  
  5152. align 10 CC
  5153.  
  5154. Z_Construct_UClass_UCheatManager_Statics_FuncInfo:
  5155. dq Z_Construct_UFunction_UCheatManager_God // 0x00
  5156. dq pszGod // 0x08
  5157. dq Z_Construct_UFunction_UCheatManager_Ghost // 0x10
  5158. dq pszGhost // 0x18
  5159. dq 0
  5160.  
  5161. ]])
  5162.  
  5163. -- might need some Sleep
  5164.  
  5165. Sleep( 2000 )
  5166.  
  5167. -- restore the execs in God and Ghost UFunctions
  5168.  
  5169. local UFunction_God = readQword( getAddressSafe( "UFunction_God" ) )
  5170. local UFunction_Ghost = readQword( getAddressSafe( "UFunction_Ghost" ) )
  5171. -- UCheatManager::execGod
  5172. local UCheatManager_execGod = gameModule + 0x2689790
  5173. -- UCheatManager::execGhost
  5174. local UCheatManager_execGhost = gameModule + 0x26898D0
  5175. writeQword( UFunction_God + 0xB0, UCheatManager_execGod )
  5176. writeQword( UFunction_Ghost + 0xB0, UCheatManager_execGhost )
  5177.  
  5178. -- patch the UCheatManager functions back in
  5179.  
  5180. -- OakPlayerController
  5181. local OakPlayerController = readQword( getAddressSafe( "OakPlayerController" ) )
  5182. -- OakCheatManager
  5183. local OakCheatManager = readQword( OakPlayerController + 0x5A8 )
  5184. -- member-functions pointer
  5185. local mf_OakCheatManager = readQword( OakCheatManager )
  5186. -- UCheatManager::Fly
  5187. local UCheatManager_Fly = gameModule + 0x20525D0
  5188. -- UCheatManager::Walk
  5189. local UCheatManager_Walk = gameModule + 0x2065930
  5190. -- UCheatManager::Ghost
  5191. local UCheatManager_Ghost = gameModule + 0x2055920
  5192. -- UCheatManager::God
  5193. local UCheatManager_God = gameModule + 0x2055A30
  5194. -- UCheatManager::PlayersOnly
  5195. local UCheatManager_PlayersOnly = getAddressSafe( "UCheatManager_PlayersOnly" )
  5196. fullAccess( mf_OakCheatManager + 0x2A0, 8 )
  5197. writeQword( mf_OakCheatManager + 0x2A0, UCheatManager_Fly )
  5198. fullAccess( mf_OakCheatManager + 0x2A8, 8 )
  5199. writeQword( mf_OakCheatManager + 0x2A8, UCheatManager_Walk )
  5200. fullAccess( mf_OakCheatManager + 0x2B0, 8 )
  5201. writeQword( mf_OakCheatManager + 0x2B0, UCheatManager_Ghost )
  5202. fullAccess( mf_OakCheatManager + 0x2B8, 8 )
  5203. writeQword( mf_OakCheatManager + 0x2B8, UCheatManager_God )
  5204. fullAccess( mf_OakCheatManager + 0x2F8, 8 )
  5205. writeQword( mf_OakCheatManager + 0x2F8, UCheatManager_PlayersOnly )
  5206.  
  5207. -- patch the UOakChararacter ClientCheat functions back in
  5208.  
  5209. -- OakCharacter
  5210. local OakCharacter = readQword( OakPlayerController + 0x488 )
  5211. -- member-functions pointer
  5212. local mf_OakCharacter = readQword( OakCharacter )
  5213. -- ACharacter::ClientCheatWalk_Implementation
  5214. local UCharacter_ClientCheatWalk_Implementation = getAddressSafe( "UCharacter_ClientCheatWalk_Implementation" )
  5215. -- ACharacter::ClientCheatFly_Implementation
  5216. local UCharacter_ClientCheatFly_Implementation = getAddressSafe( "UCharacter_ClientCheatFly_Implementation" )
  5217. -- ACharacter::ClientCheatGhost_Implementation
  5218. local UCharacter_ClientCheatGhost_Implementation = getAddressSafe( "UCharacter_ClientCheatGhost_Implementation" )
  5219. fullAccess( mf_OakCharacter + 0x928, 8 )
  5220. writeQword( mf_OakCharacter + 0x928, UCharacter_ClientCheatWalk_Implementation )
  5221. fullAccess( mf_OakCharacter + 0x930, 8 )
  5222. writeQword( mf_OakCharacter + 0x930, UCharacter_ClientCheatFly_Implementation )
  5223. fullAccess( mf_OakCharacter + 0x938, 8 )
  5224. writeQword( mf_OakCharacter + 0x938, UCharacter_ClientCheatGhost_Implementation )
  5225.  
  5226. [DISABLE]
  5227.  
  5228. {$asm}
  5229.  
  5230. unregistersymbol( UFunction_Ghost )
  5231. unregistersymbol( UFunction_God )
  5232. unregistersymbol( Z_Construct_UFunction_UCheatManager_Ghost_Statics_FuncParams )
  5233. unregistersymbol( Z_Construct_UFunction_UCheatManager_God_Statics_FuncParams )
  5234. unregistersymbol( Z_Construct_UFunction_UCheatManager_Ghost )
  5235. unregistersymbol( Z_Construct_UFunction_UCheatManager_God )
  5236. unregistersymbol( Z_Construct_UClass_UCheatManager_Statics_FuncInfo )
  5237. unregistersymbol( ConstructUFunctions )
  5238.  
  5239. unregistersymbol( UCharacter_ClientCheatGhost_Implementation )
  5240. unregistersymbol( UCharacter_ClientCheatFly_Implementation )
  5241. unregistersymbol( UCharacter_ClientCheatWalk_Implementation )
  5242. unregistersymbol( UCheatManager_PlayersOnly )
  5243.  
  5244. dealloc( ReCode )
  5245. unregistersymbol( ReCode )
  5246. </AssemblerScript>
  5247. </CheatEntry>
  5248. </CheatEntries>
  5249. </CheatEntry>
  5250. </CheatEntries>
  5251. </CheatEntry>
  5252. </CheatEntries>
  5253. </CheatTable>
  5254.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!