API tools faq
paste
Advertisement
sunbeam906

Untitled

sunbeam906
Nov 29th, 2018
207
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.61 KB | None | 0 0
raw download clone embed print report
  1. 0 1 2 3 4 5 6 7 8 9 A B C D E F
  2. -----------------------------------------------
  3. +00: 0F 10 9A 1F 86 6E 02 00 00 00 10 9A 1F 86 6E 02
  4. +10: 00 00 19 00 80 B8 B4 86 6E 02 00 00 0E 00 00 00
  5. +20: 10 9A 1F 86 6E 02 00 00 1B D8 3B 00 00 D8 3B 00
  6. +30: 00 00 00 00 00 16 19 01 00 1E EA 8B 6E 02 00 00
  7. +40: 17 00 00 00 00 00 00 00 00 00 00 00 1B F4 66 03
  8. +50: 00 F4 66 03 00 00 00 00 00 00 10 9A 1F 86 6E 02
  9. +60: 00 00 16 0F 10 9A 1F 86 6E 02 00 00 00 10 9A 1F
  10. +70: 86 6E 02 00 00 19 00 80 B8 B4 86 6E 02 00 00 0E
  11. +80: 00 00 00 10 9A 1F 86 6E 02 00 00 1B D8 3B 00 00
  12. +90: D8 3B 00 00 00 00 00 00 16 1B 02 67 03 00 02 67
  13. +A0: 03 00 00 00 00 00 00 10 9A 1F 86 6E 02 00 00 16
  14. +B0: 04 0B 53
  15.  
  16.  
  17. +0x1: 10 9A 1F 86 6E 02 00 00 -> 0000026E861F9A10
  18. -> [052884] FloatProperty Widget_HUD.Widget_HUD_C.Update Health.CallFunc_GetHealthPercentage_ReturnValue 0x0000026E861F9A10
  19. +0xA: 10 9A 1F 86 6E 02 00 00 -> 0000026E861F9A10
  20. -> [052884] FloatProperty Widget_HUD.Widget_HUD_C.Update Health.CallFunc_GetHealthPercentage_ReturnValue 0x0000026E861F9A10
  21. +0x13: 00 80 B8 B4 86 6E 02 00 -> 0000026E86B4B880
  22. -> [050378] ObjectProperty Widget_HUD.Widget_HUD_C.Update Health.Character 0x0000026E86B4B880
  23. +0x29: D8 3B 00 00 D8 3B 00 00 00 00 00 00 -> function to find
  24. -> [014651] Function GunfireRuntime.CharacterGunfire.GetHealthPercentage 0x0000026EE8D0C480
  25. +0x38: 00 1E EA 8B 6E 02 00 00 == 0000026E8BEA1E00
  26. -> [052958] ObjectProperty Widget_HUD.Widget_HUD_C.HealthBar 0x0000026E8BEA1E00
  27. +0x4D: F4 66 03 00 F4 66 03 00 00 00 00 00 -> function to find
  28. -> [049828] Function Widget_StatusBar.Widget_StatusBar_C.SetPercentage 0x0000026E86B94000
  29. +0x5A: 10 9A 1F 86 6E 02 00 00 == 0000026E861F9A10
  30. -> [052884] FloatProperty Widget_HUD.Widget_HUD_C.Update Health.CallFunc_GetHealthPercentage_ReturnValue 0x0000026E861F9A10
  31. +0x9A: 02 67 03 00 02 67 03 00 00 00 00 00 -> function to find
  32. -> [050367] Function Widget_HUD.Widget_HUD_C.UpdateHealthWarningAnimation 0x0000026E86B98C80
  33.  
  34.  
  35. rsi == Function Widget_HUD.Widget_HUD_C.Update Health | 0x0000026E86B98F80
  36.  
  37. +0x48 == the UScript buffer to execute
  38. +0x50 == size/byte
  39.  
  40. Darksiders3-Win64-Shipping.exe+70BE7A - 44 0FB7 86 8E000000 - movzx r8d,word ptr [rsi+0000008E] // 0x8
  41. ..
  42. Darksiders3-Win64-Shipping.exe+70BF5D - 48 8B 9E 98000000 - mov rbx,[rsi+00000098] // 0x0
  43. ..
  44. Darksiders3-Win64-Shipping.exe+70BFB6 - 0FB7 86 90000000 - movzx eax,word ptr [rsi+00000090] // 0xFFFF
  45.  
  46. Darksiders3-Win64-Shipping.exe+6083FA - 48 8B 59 20 - mov rbx,[rcx+20] // 0x0000026E8C0E7B00
  47. -> [050303] WidgetBlueprintGeneratedClass Widget_HUD.Widget_HUD_C 0x0000026E8C0E7B00
  48.  
  49. Darksiders3-Win64-Shipping.exe+608449 - 48 8B CE - mov rcx,rsi
  50. Darksiders3-Win64-Shipping.exe+60844C - FF 95 B0000000 - call qword ptr [rbp+000000B0] <-- exec
  51.  
  52. block_1:
  53. Darksiders3-Win64-Shipping.exe+70C14C - 0FB6 08 - movzx ecx,byte ptr [rax]
  54. Darksiders3-Win64-Shipping.exe+70C14F - 48 FF C0 - inc rax
  55. Darksiders3-Win64-Shipping.exe+70C152 - 48 89 43 20 - mov [rbx+20],rax
  56. Darksiders3-Win64-Shipping.exe+70C156 - 8B C1 - mov eax,ecx
  57. Darksiders3-Win64-Shipping.exe+70C158 - 48 8B 4B 18 - mov rcx,[rbx+18] // rcx == 0x0000026EAD42D0C0
  58. -> [310180] Widget_HUD_C Transient.GameEngine_1.DS3GameInstance_C_1.Widget_HUD_C_1 0x0000026EAD42D0C0
  59. Darksiders3-Win64-Shipping.exe+70C15C - FF 14 C7 - call qword ptr [rdi+rax*8]
  60.  
  61. Darksiders3-Win64-Shipping.exe+711270 - 48 8B 4A 18 - mov rcx,[rdx+18]
  62. Darksiders3-Win64-Shipping.exe+711274 - 4C 8B F2 - mov r14,rdx
  63. Darksiders3-Win64-Shipping.exe+711277 - 48 89 5A 30 - mov [rdx+30],rbx
  64. Darksiders3-Win64-Shipping.exe+71127B - 48 8B 38 - mov rdi,[rax] // rdi == 0x0000026E861F9A10
  65. -> [052884] FloatProperty Widget_HUD.Widget_HUD_C.Update Health.CallFunc_GetHealthPercentage_ReturnValue 0x0000026E861F9A10
  66. Darksiders3-Win64-Shipping.exe+71127E - 48 83 C0 08 - add rax,08 { 8 }
  67.  
  68. block_2:
  69. Darksiders3-Win64-Shipping.exe+71128E - 44 0FB6 00 - movzx r8d,byte ptr [rax]
  70. Darksiders3-Win64-Shipping.exe+711292 - 48 FF C0 - inc rax
  71. Darksiders3-Win64-Shipping.exe+711295 - 48 89 42 20 - mov [rdx+20],rax
  72. Darksiders3-Win64-Shipping.exe+711299 - 41 8B C0 - mov eax,r8d
  73. Darksiders3-Win64-Shipping.exe+71129C - 45 33 C0 - xor r8d,r8d
  74. Darksiders3-Win64-Shipping.exe+71129F - 41 FF 54 C5 00 - call qword ptr [r13+rax*8+00]
  75.  
  76. Darksiders3-Win64-Shipping.exe+711C3A - 48 8B 42 20 - mov rax,[rdx+20]
  77. Darksiders3-Win64-Shipping.exe+711C3E - 48 8B E9 - mov rbp,rcx
  78. Darksiders3-Win64-Shipping.exe+711C41 - 4D 8B C8 - mov r9,r8
  79. Darksiders3-Win64-Shipping.exe+711C44 - 48 8B F2 - mov rsi,rdx
  80. Darksiders3-Win64-Shipping.exe+711C47 - 48 8B 08 - mov rcx,[rax]
  81. Darksiders3-Win64-Shipping.exe+711C4A - 48 83 C0 08 - add rax,08 { 8 }
  82. Darksiders3-Win64-Shipping.exe+711C4E - 48 89 42 20 - mov [rdx+20],rax
  83. Darksiders3-Win64-Shipping.exe+711C52 - 48 89 4A 30 - mov [rdx+30],rcx
  84. Darksiders3-Win64-Shipping.exe+711C56 - 48 85 C9 - test rcx,rcx
  85. ..
  86. Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // rcx == 0000026E861F9A10 -> [rcx+0x44] == 0x8
  87. Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
  88. Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
  89. Darksiders3-Win64-Shipping.exe+711D68 - 4D 85 C9 - test r9,r9
  90. Darksiders3-Win64-Shipping.exe+711D6B - 74 E1 - je Darksiders3-Win64-Shipping.exe+711D4E
  91.  
  92. Darksiders3-Win64-Shipping.exe+71141C - 49 8B 46 20 - mov rax,[r14+20]
  93. Darksiders3-Win64-Shipping.exe+711420 - 49 8B D6 - mov rdx,r14
  94. Darksiders3-Win64-Shipping.exe+711423 - 4D 8B 46 38 - mov r8,[r14+38]
  95. Darksiders3-Win64-Shipping.exe+711427 - 0FB6 08 - movzx ecx,byte ptr [rax]
  96. Darksiders3-Win64-Shipping.exe+71142A - 48 FF C0 - inc rax
  97. Darksiders3-Win64-Shipping.exe+71142D - 49 89 46 20 - mov [r14+20],rax
  98. Darksiders3-Win64-Shipping.exe+711431 - 8B C1 - mov eax,ecx
  99. Darksiders3-Win64-Shipping.exe+711433 - 49 8B 4E 18 - mov rcx,[r14+18]
  100. Darksiders3-Win64-Shipping.exe+711437 - 41 FF 54 C5 00 - call qword ptr [r13+rax*8+00]
  101.  
  102. Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // rcx == 0x0000026E86B4B880 -> [rcx+0x44] == 0x0
  103. Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
  104. Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
  105. Darksiders3-Win64-Shipping.exe+711D68 - 4D 85 C9 - test r9,r9
  106.  
  107. Darksiders3-Win64-Shipping.exe+6E3EFF - 48 03 D5 - add rdx,rbp
  108. Darksiders3-Win64-Shipping.exe+6E3F02 - 41 FF 91 20030000 - call qword ptr [r9+00000320]
  109. Darksiders3-Win64-Shipping.exe+6E3F09 - 48 89 06 - mov [rsi],rax // returns 0x0000026F4F439570
  110. -> [375789] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x0000026F4F439570
  111. Darksiders3-Win64-Shipping.exe+6E3F0C - FF C7 - inc edi
  112.  
  113. Darksiders3-Win64-Shipping.exe+70B6FC - 0FB6 10 - movzx edx,byte ptr [rax]
  114. Darksiders3-Win64-Shipping.exe+70B6FF - 48 FF C0 - inc rax
  115. Darksiders3-Win64-Shipping.exe+70B702 - 48 89 47 20 - mov [rdi+20],rax
  116. Darksiders3-Win64-Shipping.exe+70B706 - 8B C2 - mov eax,edx
  117. Darksiders3-Win64-Shipping.exe+70B708 - 48 8B D7 - mov rdx,rdi
  118. Darksiders3-Win64-Shipping.exe+70B70B - 41 FF 54 C5 00 - call qword ptr [r13+rax*8+00]
  119. -> returns [014651] Function GunfireRuntime.CharacterGunfire.GetHealthPercentage 0x0000026EE8D0C480
  120.  
  121. - then executes that
  122.  
  123. - then
  124.  
  125. Darksiders3-Win64-Shipping.exe+413CD0 - 40 53 - push rbx
  126. Darksiders3-Win64-Shipping.exe+413CD2 - 48 83 EC 20 - sub rsp,20 { 32 }
  127. Darksiders3-Win64-Shipping.exe+413CD6 - 48 8B 42 20 - mov rax,[rdx+20]
  128. Darksiders3-Win64-Shipping.exe+413CDA - 45 33 C9 - xor r9d,r9d
  129. Darksiders3-Win64-Shipping.exe+413CDD - 48 85 C0 - test rax,rax
  130. Darksiders3-Win64-Shipping.exe+413CE0 - 49 8B D8 - mov rbx,r8
  131. Darksiders3-Win64-Shipping.exe+413CE3 - 41 0F95 C1 - setne r9l
  132. Darksiders3-Win64-Shipping.exe+413CE7 - 48 81 C1 20070000 - add rcx,00000720 { 1824 }
  133. -> [375789] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x0000026F4F439570 + 0x720
  134. Darksiders3-Win64-Shipping.exe+413CEE - 4C 03 C8 - add r9,rax
  135. Darksiders3-Win64-Shipping.exe+413CF1 - 4C 89 4A 20 - mov [rdx+20],r9
  136. Darksiders3-Win64-Shipping.exe+413CF5 - 48 8B 01 - mov rax,[rcx]
  137. Darksiders3-Win64-Shipping.exe+413CF8 - FF 50 40 - call qword ptr [rax+40]
  138. Darksiders3-Win64-Shipping.exe+413CFB - F3 0F11 03 - movss [rbx],xmm0
  139. Darksiders3-Win64-Shipping.exe+413CFF - 48 83 C4 20 - add rsp,20 { 32 }
  140. Darksiders3-Win64-Shipping.exe+413D03 - 5B - pop rbx
  141. Darksiders3-Win64-Shipping.exe+413D04 - C3 - ret
  142.  
  143.  
  144. Darksiders3-Win64-Shipping.exe+318D80 - F3 0F10 81 F4000000 - movss xmm0,[rcx+000000F4] // [0x0000026F4F439570 + 0x720] + 0xF4
  145. Darksiders3-Win64-Shipping.exe+318D88 - F3 0F59 05 A021C101 - mulss xmm0,[Darksiders3-Win64-Shipping.exe+1F2AF30] { [0.00] }
  146. Darksiders3-Win64-Shipping.exe+318D90 - C3 - ret
  147.  
  148.  
  149. Darksiders3-Win64-Shipping.exe+70C14C - 0FB6 08 - movzx ecx,byte ptr [rax]
  150. Darksiders3-Win64-Shipping.exe+70C14F - 48 FF C0 - inc rax
  151. Darksiders3-Win64-Shipping.exe+70C152 - 48 89 43 20 - mov [rbx+20],rax
  152. Darksiders3-Win64-Shipping.exe+70C156 - 8B C1 - mov eax,ecx
  153. Darksiders3-Win64-Shipping.exe+70C158 - 48 8B 4B 18 - mov rcx,[rbx+18]
  154. Darksiders3-Win64-Shipping.exe+70C15C - FF 14 C7 - call qword ptr [rdi+rax*8]
  155. Darksiders3-Win64-Shipping.exe+70C15F - 48 8B 43 20 - mov rax,[rbx+20]
  156. Darksiders3-Win64-Shipping.exe+70C163 - 80 38 04 - cmp byte ptr [rax],04 { 4 }
  157.  
  158. Darksiders3-Win64-Shipping.exe+710C71 - 48 8B 42 20 - mov rax,[rdx+20]
  159. Darksiders3-Win64-Shipping.exe+710C75 - 4C 8B F1 - mov r14,rcx
  160. Darksiders3-Win64-Shipping.exe+710C78 - 4D 8B C8 - mov r9,r8
  161. Darksiders3-Win64-Shipping.exe+710C7B - 48 8B F2 - mov rsi,rdx
  162. Darksiders3-Win64-Shipping.exe+710C7E - 48 8B 08 - mov rcx,[rax] // rcx == 0x0000026E8BEA1E00
  163. -> [052958] ObjectProperty Widget_HUD.Widget_HUD_C.HealthBar 0x0000026E8BEA1E00
  164. Darksiders3-Win64-Shipping.exe+710C81 - 48 83 C0 08 - add rax,08 { 8 }
  165. Darksiders3-Win64-Shipping.exe+710C85 - 48 89 42 20 - mov [rdx+20],rax
  166.  
  167. Darksiders3-Win64-Shipping.exe+710CBE - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // rcx == 0x0000026E8BEA1E00 -> [rcx+0x44] = 0x278
  168. -> [052958] ObjectProperty Widget_HUD.Widget_HUD_C.HealthBar 0x0000026E8BEA1E00
  169. Darksiders3-Win64-Shipping.exe+710CC2 - 4D 03 C6 - add r8,r14 // r14 == 0x0000026EAD42D0C0
  170. -> [310180] Widget_HUD_C Transient.GameEngine_1.DS3GameInstance_C_1.Widget_HUD_C_1 0x0000026EAD42D0C0
  171. Darksiders3-Win64-Shipping.exe+710CC5 - 4C 89 46 38 - mov [rsi+38],r8
  172.  
  173. Darksiders3-Win64-Shipping.exe+6ED270 - 48 8B 02 - mov rax,[rdx]
  174. -> [310276] Widget_StatusBar_C Transient.GameEngine_1.DS3GameInstance_C_1.Widget_HUD_C_1.WidgetTree_1.HealthBar 0x0000026E8BCCE800
  175. Darksiders3-Win64-Shipping.exe+6ED273 - C3 - ret
  176.  
  177. Darksiders3-Win64-Shipping.exe+701584 - 0FB6 08 - movzx ecx,byte ptr [rax]
  178. Darksiders3-Win64-Shipping.exe+701587 - 48 FF C0 - inc rax
  179. Darksiders3-Win64-Shipping.exe+70158A - 48 89 43 20 - mov [rbx+20],rax
  180. Darksiders3-Win64-Shipping.exe+70158E - 8B C1 - mov eax,ecx
  181. Darksiders3-Win64-Shipping.exe+701590 - 48 8B 4B 18 - mov rcx,[rbx+18]
  182. Darksiders3-Win64-Shipping.exe+701594 - 41 FF 54 C5 00 - call qword ptr [r13+rax*8+00] // writes 1.0f
  183.  
  184. 0x53 = end of UScript
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!