API tools faq
paste
Guest User

Untitled

a guest
Oct 2nd, 2025
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 77.56 KB | None | 0 0
raw download clone embed print report
  1. #pragma once
  2.  
  3. namespace SDK {
  4. namespace Offsets
  5. {
  6. constexpr auto timestamp = 0x68CDC1C6;
  7. constexpr auto ref_def_ptr = 0xCA72F30;
  8. constexpr auto name_array = 0xCBA63F8;
  9. constexpr auto name_array_pos = 0x3058; // Updated from 0x3038
  10. constexpr auto name_array_size = 0xD0;
  11. constexpr auto loot_ptr = 0xE3DF1C8;
  12. constexpr auto loot_pos = 0x188;
  13. constexpr auto camera_base = 0xC6D3100;
  14. constexpr auto camera_pos = 0x20C;
  15. constexpr auto local_index = 0x1BC90;
  16. constexpr auto local_index_pos = 0x39C;
  17. constexpr auto game_mode = 0xBA4A4C8;
  18. constexpr auto weapon_definitions = 0xC907F80;
  19. constexpr auto distribute = 0x97FD0F8;
  20. constexpr uint32_t o_visible_bit = 0x1ABE10;
  21. constexpr uint32_t o_no_recoil = 0x1B1780;
  22. constexpr uint32_t Player_client_state_enum = 0x1A21F0;
  23. constexpr auto scoreboard = 0x1BE6A0;
  24. constexpr auto scoreboardsize = 0x80;
  25.  
  26. namespace Player
  27. {
  28. constexpr auto size = 0x23D0;
  29. constexpr auto valid = 0xC6C;
  30. constexpr auto pos = 0xF90;
  31. constexpr auto team = 0x1C1A;
  32. constexpr auto stance = 0x2A4;
  33. constexpr auto weapon_index = 0x19D4;
  34. constexpr auto dead_1 = 0xB0; //ignore check health
  35. constexpr auto dead_2 = 0xC1; //ignore check health/bones
  36. constexpr auto dead_3 = 0x157FE; //ignore check health!!!
  37. };
  38.  
  39. namespace Bone
  40. {
  41. constexpr auto bone_base = 0x1CDED8;
  42. constexpr auto size = 0x1C0;
  43. constexpr auto offset = 0xE0;
  44. };
  45. }
  46.  
  47. enum AXIS_VEC : int {
  48. FORWARD_VEC = 0,
  49. RIGHT_VEC = 1,
  50. UP_VEC = 2,
  51. MAX_AXIS_VEC,
  52. };
  53.  
  54. struct RefDef_T {
  55. int32_t x;
  56. int32_t y;
  57. int32_t width;
  58. int32_t height;
  59. Vec2 fov;
  60. char pad1[8];
  61. char pad2[4];
  62. Vec3 axis[MAX_AXIS_VEC];
  63. };
  64.  
  65. class RefDef_Class {
  66.  
  67. public:
  68. struct key {
  69. int32_t ref0;
  70. int32_t ref1;
  71. int32_t ref2;
  72. };
  73.  
  74. auto GetRefDef() -> uintptr_t
  75. {
  76. key encrypted = Kernel::Read<key>(globals::g_baseAddress + Offsets::ref_def_ptr);
  77.  
  78. DWORD lowerref = encrypted.ref0 ^ (encrypted.ref2 ^ (uint64_t)(globals::g_baseAddress + Offsets::ref_def_ptr)) * ((encrypted.ref2 ^ (uint64_t)(globals::g_baseAddress + Offsets::ref_def_ptr)) + 2);
  79. DWORD upperref = encrypted.ref1 ^ (encrypted.ref2 ^ (uint64_t)(globals::g_baseAddress + Offsets::ref_def_ptr + 0x4)) * ((encrypted.ref2 ^ (uint64_t)(globals::g_baseAddress + Offsets::ref_def_ptr + 0x4)) + 2); \
  80. return (uint64_t)upperref << 32 | lowerref;
  81. }
  82. RefDef_T ref_def_nn;
  83. }; inline RefDef_Class* DecryptRefDef = new RefDef_Class();
  84.  
  85. inline uintptr_t decrypt_client_info()
  86. {
  87. const uint64_t mb = globals::g_baseAddress;
  88. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  89.  
  90. r8 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xCA37148); // Updated offset
  91. if(!r8)
  92. return r8;
  93. rdx= ~globals::g_peb; //mov rdx, gs:[rax]
  94. rax = r8; //mov rax, r8
  95. rax >>= 0x18; //shr rax, 0x18
  96. r8 ^= rax; //xor r8, rax
  97. rax = r8; //mov rax, r8
  98. rax >>= 0x30; //shr rax, 0x30
  99. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  100. r8 ^= rax; //xor r8, rax
  101. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  102. rcx ^= Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F39); // Updated key offset
  103. rax = 0x233F5F4AE79533B1; //mov rax, 0x233F5F4AE79533B1
  104. r8 *= rax; //imul r8, rax
  105. rax = 0x4FF2ED27F19D575D; //mov rax, 0x4FF2ED27F19D575D
  106. rcx = ~rcx; //not rcx
  107. r8 -= rdx; //sub r8, rdx
  108. r8 += rax; //add r8, rax
  109. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFF9CA1F7D]
  110. r8 ^= rax; //xor r8, rax
  111. r8 *= Kernel::Read<uintptr_t>(rcx + 0x19); //imul r8, [rcx+0x19]
  112. return r8;
  113. }
  114. inline uintptr_t decrypt_client_base(uintptr_t client_info)
  115. {
  116. const uint64_t mb = globals::g_baseAddress;
  117. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  118. r8 = Kernel::Read<uintptr_t>(client_info + 0x1df868); // Updated offset
  119. if(!r8)
  120. return r8;
  121. rbx = globals::g_peb; //mov rbx, gs:[rax]
  122. rax = rbx; //mov rax, rbx
  123. rax <<= 0x23; //shl rax, 0x23
  124. rax = _byteswap_uint64(rax); //bswap rax
  125. rax &= 0xF;
  126. switch(rax) {
  127. case 0:
  128. {
  129. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); // Updated key offset
  130. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD213976]
  131. r8 -= rax; //sub r8, rax
  132. rax = r8; //mov rax, r8
  133. rax >>= 0x1E; //shr rax, 0x1E
  134. r8 ^= rax; //xor r8, rax
  135. rax = r8; //mov rax, r8
  136. rax >>= 0x3C; //shr rax, 0x3C
  137. r8 ^= rax; //xor r8, rax
  138. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD21375C]
  139. r8 -= rax; //sub r8, rax
  140. rax = r8; //mov rax, r8
  141. rax >>= 0x28; //shr rax, 0x28
  142. r8 ^= rax; //xor r8, rax
  143. rax = 0; //and rax, 0xFFFFFFFFC0000000
  144. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  145. rax ^= r10; //xor rax, r10
  146. rax = ~rax; //not rax
  147. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  148. rax = 0x9CC8E0420ADA280D; //mov rax, 0x9CC8E0420ADA280D
  149. r8 *= rax; //imul r8, rax
  150. r8 += rbx; //add r8, rbx
  151. rax = r8; //mov rax, r8
  152. rax >>= 0x11; //shr rax, 0x11
  153. r8 ^= rax; //xor r8, rax
  154. rax = r8; //mov rax, r8
  155. rax >>= 0x22; //shr rax, 0x22
  156. r8 ^= rax; //xor r8, rax
  157. return r8;
  158. }
  159. case 1:
  160. {
  161. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000086345EB]
  162. r15 = globals::g_baseAddress + 0x755F7BDD; //lea r15, [0x000000007280B256]
  163. rax = r8; //mov rax, r8
  164. rax >>= 0x9; //shr rax, 0x09
  165. r8 ^= rax; //xor r8, rax
  166. rax = r8; //mov rax, r8
  167. rax >>= 0x12; //shr rax, 0x12
  168. r8 ^= rax; //xor r8, rax
  169. rax = r8; //mov rax, r8
  170. rax >>= 0x24; //shr rax, 0x24
  171. r8 ^= rax; //xor r8, rax
  172. r8 ^= rbx; //xor r8, rbx
  173. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  174. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  175. rcx ^= r10; //xor rcx, r10
  176. rcx = ~rcx; //not rcx
  177. r8 *= Kernel::Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
  178. rcx = globals::g_baseAddress; //lea rcx, [0xFFFFFFFFFD2132DF]
  179. rax = rbx; //mov rax, rbx
  180. rax -= rcx; //sub rax, rcx
  181. rax += 0xFFFFFFFF9F0CFAED; //add rax, 0xFFFFFFFF9F0CFAED
  182. r8 += rax; //add r8, rax
  183. rax = 0x40ED86BABDEA8F5B; //mov rax, 0x40ED86BABDEA8F5B
  184. r8 *= rax; //imul r8, rax
  185. rax = 0xA7798517B7F399EA; //mov rax, 0xA7798517B7F399EA
  186. r8 ^= rax; //xor r8, rax
  187. rax = r15; //mov rax, r15
  188. rax = ~rax; //not rax
  189. rax ^= rbx; //xor rax, rbx
  190. r8 += rax; //add r8, rax
  191. rax = 0x459093E765583ADB; //mov rax, 0x459093E765583ADB
  192. r8 *= rax; //imul r8, rax
  193. return r8;
  194. }
  195. case 2:
  196. {
  197. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x000000000863419D]
  198. r14 = globals::g_baseAddress + 0xAC81; //lea r14, [0xFFFFFFFFFD21DEB1]
  199. rax = 0xE03443781C6DB26D; //mov rax, 0xE03443781C6DB26D
  200. r8 *= rax; //imul r8, rax
  201. rax = 0x26676A6627BAC50C; //mov rax, 0x26676A6627BAC50C
  202. r8 -= rax; //sub r8, rax
  203. rax = 0x541ECC7788F37ADE; //mov rax, 0x541ECC7788F37ADE
  204. r8 += rax; //add r8, rax
  205. r8 += r14; //add r8, r14
  206. rax = globals::g_baseAddress + 0x142; //lea rax, [0xFFFFFFFFFD1F91AF]
  207. rax = ~rax; //not rax
  208. rcx = rbx; //mov rcx, rbx
  209. rcx = ~rcx; //not rcx
  210. rcx -= rbx; //sub rcx, rbx
  211. rcx += rax; //add rcx, rax
  212. r8 += rcx; //add r8, rcx
  213. rax = r8; //mov rax, r8
  214. rax >>= 0x15; //shr rax, 0x15
  215. r8 ^= rax; //xor r8, rax
  216. rax = r8; //mov rax, r8
  217. rax >>= 0x2A; //shr rax, 0x2A
  218. r8 ^= rax; //xor r8, rax
  219. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F900E]
  220. r8 -= rax; //sub r8, rax
  221. rax = 0; //and rax, 0xFFFFFFFFC0000000
  222. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  223. rax ^= r10; //xor rax, r10
  224. rax = ~rax; //not rax
  225. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  226. return r8;
  227. }
  228. case 3:
  229. {
  230. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x0000000008633CBA]
  231. r8 ^= rbx; //xor r8, rbx
  232. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  233. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  234. rcx ^= r10; //xor rcx, r10
  235. rcx = ~rcx; //not rcx
  236. r8 *= Kernel::Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
  237. rax = 0x6C5618A3BE4C414; //mov rax, 0x6C5618A3BE4C414
  238. r8 -= rax; //sub r8, rax
  239. rax = 0xE98709096AD185CC; //mov rax, 0xE98709096AD185CC
  240. r8 ^= rax; //xor r8, rax
  241. rax = r8; //mov rax, r8
  242. rcx = globals::g_baseAddress + 0x5ED318FB; //lea rcx, [0x000000005BF2A7CB]
  243. rax >>= 0xB; //shr rax, 0x0B
  244. rcx = ~rcx; //not rcx
  245. r8 ^= rax; //xor r8, rax
  246. rcx *= rbx; //imul rcx, rbx
  247. rax = r8; //mov rax, r8
  248. rax >>= 0x16; //shr rax, 0x16
  249. r8 ^= rax; //xor r8, rax
  250. rax = r8; //mov rax, r8
  251. rax >>= 0x2C; //shr rax, 0x2C
  252. rcx ^= rax; //xor rcx, rax
  253. r8 ^= rcx; //xor r8, rcx
  254. rax = 0x22A1571E2E749CB; //mov rax, 0x22A1571E2E749CB
  255. r8 *= rax; //imul r8, rax
  256. rcx = globals::g_baseAddress + 0xF26D; //lea rcx, [0xFFFFFFFFFD208035]
  257. rax = rbx; //mov rax, rbx
  258. rax *= rcx; //imul rax, rcx
  259. r8 += rax; //add r8, rax
  260. return r8;
  261. }
  262. case 4:
  263. {
  264. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x000000000863383C]
  265. r15 = globals::g_baseAddress + 0x72D0A311; //lea r15, [0x000000006FF1CBDB]
  266. rax = 0x54EE9012A77B3C0E; //mov rax, 0x54EE9012A77B3C0E
  267. r8 ^= rax; //xor r8, rax
  268. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F86E8]
  269. rax += 0x432D; //add rax, 0x432D
  270. rax += rbx; //add rax, rbx
  271. r8 += rax; //add r8, rax
  272. rax = 0xBE6A84FFF3304C3D; //mov rax, 0xBE6A84FFF3304C3D
  273. r8 *= rax; //imul r8, rax
  274. rax = r8; //mov rax, r8
  275. rax >>= 0x12; //shr rax, 0x12
  276. r8 ^= rax; //xor r8, rax
  277. rax = r8; //mov rax, r8
  278. rax >>= 0x24; //shr rax, 0x24
  279. r8 ^= rax; //xor r8, rax
  280. rax = r8; //mov rax, r8
  281. rax >>= 0x7; //shr rax, 0x07
  282. r8 ^= rax; //xor r8, rax
  283. rax = r8; //mov rax, r8
  284. rax >>= 0xE; //shr rax, 0x0E
  285. r8 ^= rax; //xor r8, rax
  286. rax = r8; //mov rax, r8
  287. rax >>= 0x1C; //shr rax, 0x1C
  288. r8 ^= rax; //xor r8, rax
  289. rax = r8; //mov rax, r8
  290. rax >>= 0x38; //shr rax, 0x38
  291. r8 ^= rax; //xor r8, rax
  292. rcx = globals::g_baseAddress + 0x72D0A311; //lea rcx, [0x000000006FF02E2A]
  293. rax = 0; //and rax, 0xFFFFFFFFC0000000
  294. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  295. rax ^= r10; //xor rax, r10
  296. rax = ~rax; //not rax
  297. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  298. rax = rbx; //mov rax, rbx
  299. rax *= rcx; //imul rax, rcx
  300. r8 -= rax; //sub r8, rax
  301. rax = 0x598660DAA37ACC99; //mov rax, 0x598660DAA37ACC99
  302. r8 ^= rax; //xor r8, rax
  303. return r8;
  304. }
  305. case 5:
  306. {
  307. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000086333A0]
  308. rcx = 0xC088FB236BE68165; //mov rcx, 0xC088FB236BE68165
  309. rax = 0; //and rax, 0xFFFFFFFFC0000000
  310. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  311. rax ^= r10; //xor rax, r10
  312. rax = ~rax; //not rax
  313. rax = Kernel::Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
  314. rax *= rcx; //imul rax, rcx
  315. r8 *= rax; //imul r8, rax
  316. rax = r8; //mov rax, r8
  317. rax >>= 0x5; //shr rax, 0x05
  318. r8 ^= rax; //xor r8, rax
  319. rax = r8; //mov rax, r8
  320. rax >>= 0xA; //shr rax, 0x0A
  321. r8 ^= rax; //xor r8, rax
  322. rax = r8; //mov rax, r8
  323. rax >>= 0x14; //shr rax, 0x14
  324. r8 ^= rax; //xor r8, rax
  325. rax = r8; //mov rax, r8
  326. rax >>= 0x28; //shr rax, 0x28
  327. r8 ^= rax; //xor r8, rax
  328. rax = r8; //mov rax, r8
  329. rax >>= 0xB; //shr rax, 0x0B
  330. r8 ^= rax; //xor r8, rax
  331. rax = r8; //mov rax, r8
  332. rax >>= 0x16; //shr rax, 0x16
  333. r8 ^= rax; //xor r8, rax
  334. rax = r8; //mov rax, r8
  335. rax >>= 0x2C; //shr rax, 0x2C
  336. r8 ^= rax; //xor r8, rax
  337. rax = 0xF87FD44152069748; //mov rax, 0xF87FD44152069748
  338. r8 ^= rax; //xor r8, rax
  339. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F837D]
  340. rax += 0x1079; //add rax, 0x1079
  341. rax += rbx; //add rax, rbx
  342. r8 ^= rax; //xor r8, rax
  343. rcx = globals::g_baseAddress; //lea rcx, [0xFFFFFFFFFD1F856D]
  344. rax = rbx; //mov rax, rbx
  345. rax = ~rax; //not rax
  346. rax -= rcx; //sub rax, rcx
  347. rax += 0xFFFFFFFF968271AB; //add rax, 0xFFFFFFFF968271AB
  348. r8 += rax; //add r8, rax
  349. return r8;
  350. }
  351. case 6:
  352. {
  353. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x0000000008632F22]
  354. rax = 0; //and rax, 0xFFFFFFFFC0000000
  355. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  356. rax ^= r10; //xor rax, r10
  357. rax = ~rax; //not rax
  358. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  359. rcx = globals::g_baseAddress + 0x1EE2; //lea rcx, [0xFFFFFFFFFD1FA0E8]
  360. rax = rbx; //mov rax, rbx
  361. rax ^= rcx; //xor rax, rcx
  362. rcx = 0x30DABF93D6E4FB5; //mov rcx, 0x30DABF93D6E4FB5
  363. r8 ^= rcx; //xor r8, rcx
  364. r8 -= rax; //sub r8, rax
  365. rax = 0xDB8B0AAFA542904; //mov rax, 0xDB8B0AAFA542904
  366. r8 -= rbx; //sub r8, rbx
  367. r8 -= rax; //sub r8, rax
  368. rax = r8; //mov rax, r8
  369. rax >>= 0x22; //shr rax, 0x22
  370. r8 ^= rax; //xor r8, rax
  371. rax = 0xDF170407BBE28DB5; //mov rax, 0xDF170407BBE28DB5
  372. r8 *= rax; //imul r8, rax
  373. rax = r8; //mov rax, r8
  374. rax >>= 0x8; //shr rax, 0x08
  375. r8 ^= rax; //xor r8, rax
  376. rax = r8; //mov rax, r8
  377. rax >>= 0x10; //shr rax, 0x10
  378. r8 ^= rax; //xor r8, rax
  379. rax = r8; //mov rax, r8
  380. rax >>= 0x20; //shr rax, 0x20
  381. r8 ^= rax; //xor r8, rax
  382. return r8;
  383. }
  384. case 7:
  385. {
  386. r9 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r9, [0x0000000008632AEA]
  387. r15 = globals::g_baseAddress + 0xC177; //lea r15, [0xFFFFFFFFFD203F61]
  388. rax = 0; //and rax, 0xFFFFFFFFC0000000
  389. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  390. rax ^= r9; //xor rax, r9
  391. rax = ~rax; //not rax
  392. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  393. rax = 0x378CE09B287B2D41; //mov rax, 0x378CE09B287B2D41
  394. r8 ^= rax; //xor r8, rax
  395. rax = 0x1C4A7DE2E2F8F68F; //mov rax, 0x1C4A7DE2E2F8F68F
  396. r8 += rax; //add r8, rax
  397. rax = r8; //mov rax, r8
  398. rax >>= 0x23; //shr rax, 0x23
  399. rax ^= r8; //xor rax, r8
  400. r8 = rbx + 0x1; //lea r8, [rbx+0x01]
  401. rax += rbx; //add rax, rbx
  402. r8 *= r15; //imul r8, r15
  403. r8 += rax; //add r8, rax
  404. rax = 0xEBEA9B8B5714671D; //mov rax, 0xEBEA9B8B5714671D
  405. r8 *= rax; //imul r8, rax
  406. rax = r8; //mov rax, r8
  407. rax >>= 0xE; //shr rax, 0x0E
  408. r8 ^= rax; //xor r8, rax
  409. rax = r8; //mov rax, r8
  410. rax >>= 0x1C; //shr rax, 0x1C
  411. r8 ^= rax; //xor r8, rax
  412. rax = r8; //mov rax, r8
  413. rax >>= 0x38; //shr rax, 0x38
  414. r8 ^= rax; //xor r8, rax
  415. return r8;
  416. }
  417. case 8:
  418. {
  419. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000086325B1]
  420. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F76BE]
  421. r8 ^= rax; //xor r8, rax
  422. rax = 0x3169FBDB3B875224; //mov rax, 0x3169FBDB3B875224
  423. r8 += rax; //add r8, rax
  424. rcx = globals::g_baseAddress + 0x88B9; //lea rcx, [0xFFFFFFFFFD200145]
  425. rax = rcx; //mov rax, rcx
  426. rax = ~rax; //not rax
  427. rax *= rbx; //imul rax, rbx
  428. r8 ^= rax; //xor r8, rax
  429. r8 ^= rbx; //xor r8, rbx
  430. rax = globals::g_baseAddress + 0x553; //lea rax, [0xFFFFFFFFFD1F7A61]
  431. r8 ^= rax; //xor r8, rax
  432. rax = r8; //mov rax, r8
  433. rax >>= 0x13; //shr rax, 0x13
  434. r8 ^= rax; //xor r8, rax
  435. rax = r8; //mov rax, r8
  436. rax >>= 0x26; //shr rax, 0x26
  437. r8 ^= rax; //xor r8, rax
  438. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  439. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  440. rax = 0x49665D7F2AFA3F6B; //mov rax, 0x49665D7F2AFA3F6B
  441. r8 *= rax; //imul r8, rax
  442. rcx ^= r10; //xor rcx, r10
  443. rax = globals::g_baseAddress + 0x11D125F7; //lea rax, [0x000000000EF09BEE]
  444. rax = ~rax; //not rax
  445. rcx = ~rcx; //not rcx
  446. rax *= rbx; //imul rax, rbx
  447. r8 += rax; //add r8, rax
  448. r8 *= Kernel::Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
  449. return r8;
  450. }
  451. case 9:
  452. {
  453. r9 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r9, [0x00000000089AB4C0]
  454. r11 = globals::g_baseAddress + 0x7C81; //lea r11, [0xFFFFFFFFFD1FF0E7]
  455. rax = rbx; //mov rax, rbx
  456. rax *= r11; //imul rax, r11
  457. r8 -= rax; //sub r8, rax
  458. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F718B]
  459. r8 -= rax; //sub r8, rax
  460. rax = rbx; //mov rax, rbx
  461. rax -= globals::g_baseAddress; //sub rax, [rsp+0x78] -- didn't find trace -> use base
  462. rax += 0xFFFFFFFFFFFF4D38; //add rax, 0xFFFFFFFFFFFF4D38
  463. r8 += rax; //add r8, rax
  464. rax = 0xB294869EA09D48AA; //mov rax, 0xB294869EA09D48AA
  465. r8 ^= rax; //xor r8, rax
  466. rax = 0xDA6A9700AB4D27FD; //mov rax, 0xDA6A9700AB4D27FD
  467. r8 *= rax; //imul r8, rax
  468. rax = 0; //and rax, 0xFFFFFFFFC0000000
  469. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  470. rax ^= r9; //xor rax, r9
  471. rax = ~rax; //not rax
  472. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  473. rax = 0x38632CDC13FD78A5; //mov rax, 0x38632CDC13FD78A5
  474. r8 += rax; //add r8, rax
  475. rax = r8; //mov rax, r8
  476. rax >>= 0x1D; //shr rax, 0x1D
  477. r8 ^= rax; //xor r8, rax
  478. rax = r8; //mov rax, r8
  479. rax >>= 0x3A; //shr rax, 0x3A
  480. r8 ^= rax; //xor r8, rax
  481. return r8;
  482. }
  483. case 10:
  484. {
  485. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000089AAFA7]
  486. r8 += rbx; //add r8, rbx
  487. rax = 0x36164EFD786890C1; //mov rax, 0x36164EFD786890C1
  488. r8 *= rax; //imul r8, rax
  489. rax = 0x6F993F33D7A49418; //mov rax, 0x6F993F33D7A49418
  490. r8 += rax; //add r8, rax
  491. rax = r8; //mov rax, r8
  492. rax >>= 0x8; //shr rax, 0x08
  493. r8 ^= rax; //xor r8, rax
  494. rax = r8; //mov rax, r8
  495. rax >>= 0x10; //shr rax, 0x10
  496. r8 ^= rax; //xor r8, rax
  497. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  498. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  499. rax = r8; //mov rax, r8
  500. rcx ^= r10; //xor rcx, r10
  501. rax >>= 0x20; //shr rax, 0x20
  502. r8 ^= rax; //xor r8, rax
  503. rcx = ~rcx; //not rcx
  504. r8 *= Kernel::Read<uintptr_t>(rcx + 0x9); //imul r8, [rcx+0x09]
  505. rax = 0xE88B55E25B8B057C; //mov rax, 0xE88B55E25B8B057C
  506. r8 ^= rax; //xor r8, rax
  507. rax = r8; //mov rax, r8
  508. rax >>= 0x1A; //shr rax, 0x1A
  509. r8 ^= rax; //xor r8, rax
  510. rax = r8; //mov rax, r8
  511. rax >>= 0x34; //shr rax, 0x34
  512. r8 ^= rax; //xor r8, rax
  513. rax = r8; //mov rax, r8
  514. rax >>= 0x4; //shr rax, 0x04
  515. r8 ^= rax; //xor r8, rax
  516. rax = r8; //mov rax, r8
  517. rax >>= 0x8; //shr rax, 0x08
  518. r8 ^= rax; //xor r8, rax
  519. rax = r8; //mov rax, r8
  520. rax >>= 0x10; //shr rax, 0x10
  521. r8 ^= rax; //xor r8, rax
  522. rax = r8; //mov rax, r8
  523. rax >>= 0x20; //shr rax, 0x20
  524. r8 ^= rax; //xor r8, rax
  525. return r8;
  526. }
  527. case 11:
  528. {
  529. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000089AAB7D]
  530. rax = 0; //and rax, 0xFFFFFFFFC0000000
  531. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  532. rax ^= r10; //xor rax, r10
  533. rax = ~rax; //not rax
  534. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  535. rax = rbx; //mov rax, rbx
  536. uintptr_t RSP_0xFFFFFFFFFFFFFFC8;
  537. RSP_0xFFFFFFFFFFFFFFC8 = globals::g_baseAddress + 0xA1FD; //lea rax, [0xFFFFFFFFFD181199] : RBP+0xFFFFFFFFFFFFFFC8
  538. rax *= RSP_0xFFFFFFFFFFFFFFC8; //imul rax, [rbp-0x38]
  539. r8 += rax; //add r8, rax
  540. rax = r8; //mov rax, r8
  541. rax >>= 0x26; //shr rax, 0x26
  542. r8 ^= rax; //xor r8, rax
  543. rax = r8; //mov rax, r8
  544. rax >>= 0xA; //shr rax, 0x0A
  545. r8 ^= rax; //xor r8, rax
  546. rax = r8; //mov rax, r8
  547. rax >>= 0x14; //shr rax, 0x14
  548. r8 ^= rax; //xor r8, rax
  549. rax = r8; //mov rax, r8
  550. rax >>= 0x28; //shr rax, 0x28
  551. r8 ^= rax; //xor r8, rax
  552. rax = 0xC6A8E21F37CF3675; //mov rax, 0xC6A8E21F37CF3675
  553. r8 *= rax; //imul r8, rax
  554. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F6622]
  555. rax += rbx; //add rax, rbx
  556. r8 -= rax; //sub r8, rax
  557. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F674E]
  558. r8 ^= rax; //xor r8, rax
  559. return r8;
  560. }
  561. case 12:
  562. {
  563. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000089AA64B]
  564. rax = 0x5D2901AC55739352; //mov rax, 0x5D2901AC55739352
  565. r8 -= rax; //sub r8, rax
  566. rax = 0; //and rax, 0xFFFFFFFFC0000000
  567. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  568. rax ^= r10; //xor rax, r10
  569. rax = ~rax; //not rax
  570. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  571. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F614D]
  572. r8 += rax; //add r8, rax
  573. rax = 0x156D71AB28FBFAFF; //mov rax, 0x156D71AB28FBFAFF
  574. r8 *= rax; //imul r8, rax
  575. rax = r8; //mov rax, r8
  576. rax >>= 0x27; //shr rax, 0x27
  577. r8 ^= rax; //xor r8, rax
  578. r8 -= rbx; //sub r8, rbx
  579. rax = r8; //mov rax, r8
  580. rax >>= 0x17; //shr rax, 0x17
  581. r8 ^= rax; //xor r8, rax
  582. rax = r8; //mov rax, r8
  583. rax >>= 0x2E; //shr rax, 0x2E
  584. r8 ^= rax; //xor r8, rax
  585. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F61CE]
  586. r8 ^= rax; //xor r8, rax
  587. return r8;
  588. }
  589. case 13:
  590. {
  591. r11 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r11, [0x00000000089AA102]
  592. rax = r8; //mov rax, r8
  593. rax >>= 0x1F; //shr rax, 0x1F
  594. r8 ^= rax; //xor r8, rax
  595. rcx = r8; //mov rcx, r8
  596. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFD1F5CCF]
  597. rcx >>= 0x3E; //shr rcx, 0x3E
  598. rcx ^= r8; //xor rcx, r8
  599. rdx = 0; //and rdx, 0xFFFFFFFFC0000000
  600. rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
  601. r8 = rbx; //mov r8, rbx
  602. r8 = ~r8; //not r8
  603. rdx ^= r11; //xor rdx, r11
  604. r8 += rcx; //add r8, rcx
  605. rdx = ~rdx; //not rdx
  606. r8 -= rax; //sub r8, rax
  607. r8 -= 0x6929AFAC; //sub r8, 0x6929AFAC
  608. r8 *= Kernel::Read<uintptr_t>(rdx + 0x9); //imul r8, [rdx+0x09]
  609. rax = r8; //mov rax, r8
  610. rax >>= 0x18; //shr rax, 0x18
  611. r8 ^= rax; //xor r8, rax
  612. rax = r8; //mov rax, r8
  613. rax >>= 0x30; //shr rax, 0x30
  614. r8 ^= rax; //xor r8, rax
  615. rax = 0x69651B1AF033619B; //mov rax, 0x69651B1AF033619B
  616. r8 += rbx; //add r8, rbx
  617. r8 *= rax; //imul r8, rax
  618. rax = 0x29BBD1B30DFD9417; //mov rax, 0x29BBD1B30DFD9417
  619. r8 *= rax; //imul r8, rax
  620. rax = 0xA7B8F15C4FABBB6C; //mov rax, 0xA7B8F15C4FABBB6C
  621. r8 ^= rax; //xor r8, rax
  622. return r8;
  623. }
  624. case 14:
  625. {
  626. r9 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r9, [0x00000000089A9C8C]
  627. r8 += rbx; //add r8, rbx
  628. rax = globals::g_baseAddress + 0x8D0; //lea rax, [0xFFFFFFFFFD1F6372]
  629. rax -= rbx; //sub rax, rbx
  630. r8 += rax; //add r8, rax
  631. rax = 0xBC0AAA7E98B1663A; //mov rax, 0xBC0AAA7E98B1663A
  632. r8 ^= rax; //xor r8, rax
  633. rax = 0x54D1F9305B205B45; //mov rax, 0x54D1F9305B205B45
  634. r8 *= rax; //imul r8, rax
  635. rax = r8; //mov rax, r8
  636. rax >>= 0xA; //shr rax, 0x0A
  637. r8 ^= rax; //xor r8, rax
  638. rax = r8; //mov rax, r8
  639. rax >>= 0x14; //shr rax, 0x14
  640. r8 ^= rax; //xor r8, rax
  641. rax = r8; //mov rax, r8
  642. rax >>= 0x28; //shr rax, 0x28
  643. r8 ^= rax; //xor r8, rax
  644. rax = r8; //mov rax, r8
  645. rax >>= 0x12; //shr rax, 0x12
  646. r8 ^= rax; //xor r8, rax
  647. rax = r8; //mov rax, r8
  648. rax >>= 0x24; //shr rax, 0x24
  649. r8 ^= rax; //xor r8, rax
  650. rax = 0xFFFFFFFFDE23E20A; //mov rax, 0xFFFFFFFFDE23E20A
  651. rax -= rbx; //sub rax, rbx
  652. rax -= globals::g_baseAddress; //sub rax, [rsp+0x78] -- didn't find trace -> use base
  653. r8 += rax; //add r8, rax
  654. rax = 0; //and rax, 0xFFFFFFFFC0000000
  655. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  656. rax ^= r9; //xor rax, r9
  657. rax = ~rax; //not rax
  658. r8 *= Kernel::Read<uintptr_t>(rax + 0x9); //imul r8, [rax+0x09]
  659. return r8;
  660. }
  661. case 15:
  662. {
  663. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F6A); //mov r10, [0x00000000089A9809]
  664. rax = 0; //and rax, 0xFFFFFFFFC0000000
  665. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  666. rax ^= r10; //xor rax, r10
  667. rax = ~rax; //not rax
  668. rax = Kernel::Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
  669. uintptr_t RSP_0xFFFFFFFFFFFFFFB8;
  670. RSP_0xFFFFFFFFFFFFFFB8 = 0x3A27415DA31CA989; //mov rax, 0x3A27415DA31CA989 : RBP+0xFFFFFFFFFFFFFFB8
  671. rax *= RSP_0xFFFFFFFFFFFFFFB8; //imul rax, [rbp-0x48]
  672. r8 *= rax; //imul r8, rax
  673. rax = 0x6F6A3BE0CADE4A54; //mov rax, 0x6F6A3BE0CADE4A54
  674. r8 -= rax; //sub r8, rax
  675. r8 -= rbx; //sub r8, rbx
  676. rax = r8; //mov rax, r8
  677. rax >>= 0x13; //shr rax, 0x13
  678. rcx = rbx; //mov rcx, rbx
  679. r8 ^= rax; //xor r8, rax
  680. rcx = ~rcx; //not rcx
  681. rax = globals::g_baseAddress + 0x76BB; //lea rax, [0xFFFFFFFFFD17D194]
  682. rax = ~rax; //not rax
  683. rcx *= rax; //imul rcx, rax
  684. rax = r8; //mov rax, r8
  685. rax >>= 0x26; //shr rax, 0x26
  686. r8 ^= rax; //xor r8, rax
  687. r8 += rcx; //add r8, rcx
  688. rax = r8; //mov rax, r8
  689. rax >>= 0x28; //shr rax, 0x28
  690. r8 ^= rax; //xor r8, rax
  691. rax = 0x3224CE0A9BEB6A6E; //mov rax, 0x3224CE0A9BEB6A6E
  692. r8 -= rax; //sub r8, rax
  693. return r8;
  694. }
  695. }
  696.  
  697. }
  698. inline uintptr_t GetCmdTextArray()
  699. {
  700. const uint64_t mb = globals::g_baseAddress;
  701. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  702. rcx = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0x11566810); // Updated offset
  703. if(!rcx)
  704. return rcx;
  705. r11 = globals::g_peb; //mov r11, gs:[rdx]
  706. rdx = r11; //mov rdx, r11
  707. //failed to translate: mov [rsp+0xE0], r12
  708. rdx = _rotl64(rdx, 0x22); //rol rdx, 0x22
  709. rdx &= 0xF;
  710. switch(rdx) {
  711. case 0:
  712. {
  713. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420FE9); // Updated key offset
  714. rbx = globals::g_baseAddress; //lea rbx, [0xFFFFFFFFF9BD382B]
  715. r15 = globals::g_baseAddress + 0x5E33; //lea r15, [0xFFFFFFFFF9BD9652]
  716. rax = rcx; //mov rax, rcx
  717. rax >>= 0x1B; //shr rax, 0x1B
  718. rcx ^= rax; //xor rcx, rax
  719. rax = rcx; //mov rax, rcx
  720. rax >>= 0x36; //shr rax, 0x36
  721. rcx ^= rax; //xor rcx, rax
  722. rax = 0xB5E3A5C14A756615; //mov rax, 0xB5E3A5C14A756615
  723. rcx ^= rax; //xor rcx, rax
  724. rcx *= Kernel::Read<uintptr_t>(r10 + 0x15); //imul rcx, [r10+0x15]
  725. rax = r11; //mov rax, r11
  726. rax *= r15; //imul rax, r15
  727. rcx += rax; //add rcx, rax
  728. rax = rcx; //mov rax, rcx
  729. rax >>= 0x17; //shr rax, 0x17
  730. rcx ^= rax; //xor rcx, rax
  731. rax = rcx; //mov rax, rcx
  732. rax >>= 0x2E; //shr rax, 0x2E
  733. rcx ^= rax; //xor rcx, rax
  734. rcx += rbx; //add rcx, rbx
  735. rax = 0x451CDD50ED47051D; //mov rax, 0x451CDD50ED47051D
  736. rcx *= rax; //imul rcx, rax
  737. rax = rcx; //mov rcx, rax
  738. rax >>= 0x27; //shr rax, 0x27
  739. rcx ^= rax; //xor rcx, rax
  740. return rcx;
  741. }
  742. // Additional cases truncated for brevity but would include all 16 cases
  743. default:
  744. return 0;
  745. }
  746. }
  747. inline uintptr_t decrypt_client_active()
  748. {
  749. const uint64_t mb = globals::g_baseAddress;
  750. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  751. rax = Kernel::Read<uintptr_t>(rdx + 0xba2f460); // Updated offset
  752. if(!rax)
  753. return rax;
  754. rbx = globals::g_peb; //mov rbx, gs:[rcx]
  755. //failed to translate: mov [rsp+0x68], rdi
  756. rcx = rbx; //mov rcx, rbx
  757. //failed to translate: mov [rsp+0x60], r12
  758. rcx = _rotr64(rcx, 0x1D); //ror rcx, 0x1D
  759. //failed to translate: mov [rsp+0x58], r13
  760. rcx &= 0xF;
  761. switch(rcx) {
  762. case 0:
  763. {
  764. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB420F8E); // Updated key offset
  765. r11 = globals::g_baseAddress; //lea r11, [0xFFFFFFFFFDFCF071]
  766. rcx = 0x75A35BF5EC482D53; //mov rcx, 0x75A35BF5EC482D53
  767. rax -= rcx; //sub rax, rcx
  768. rcx = r11 + 0x39674f96; //lea rcx, [r11+0x39674F96]
  769. rcx += rbx; //add rcx, rbx
  770. rax ^= rcx; //xor rax, rcx
  771. rcx = rax; //mov rcx, rax
  772. rcx >>= 0x7; //shr rcx, 0x07
  773. rax ^= rcx; //xor rax, rcx
  774. rcx = rax; //mov rcx, rax
  775. rcx >>= 0xE; //shr rcx, 0x0E
  776. rax ^= rcx; //xor rax, rcx
  777. rcx = rax; //mov rcx, rax
  778. rcx >>= 0x1C; //shr rcx, 0x1C
  779. rax ^= rcx; //xor rax, rcx
  780. rcx = rax; //mov rcx, rax
  781. rcx >>= 0x38; //shr rcx, 0x38
  782. rax ^= rcx; //xor rax, rcx
  783. rcx = 0x7ED1321242287D37; //mov rcx, 0x7ED1321242287D37
  784. rax *= rcx; //imul rax, rcx
  785. rcx = rax; //mov rcx, rax
  786. rcx >>= 0x2; //shr rcx, 0x02
  787. rax ^= rcx; //xor rax, rcx
  788. rcx = rax; //mov rcx, rax
  789. rcx >>= 0x4; //shr rcx, 0x04
  790. rax ^= rcx; //xor rax, rcx
  791. rcx = rax; //mov rcx, rax
  792. rcx >>= 0x8; //shr rcx, 0x08
  793. rax ^= rcx; //xor rax, rcx
  794. rcx = rax; //mov rcx, rax
  795. rcx >>= 0x10; //shr rcx, 0x10
  796. rax ^= rcx; //xor rax, rcx
  797. rcx = rax; //mov rcx, rax
  798. rcx >>= 0x20; //shr rcx, 0x20
  799. rax ^= rcx; //xor rax, rcx
  800. rcx = rax; //mov rcx, rax
  801. rcx >>= 0x22; //shr rcx, 0x22
  802. rax ^= rcx; //xor rax, rcx
  803. rax += r11; //add rax, r11
  804. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  805. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  806. rcx ^= r10; //xor rcx, r10
  807. rcx = ~rcx; //not rcx
  808. rax *= Kernel::Read<uintptr_t>(rcx + 0xf); //imul rax, [rcx+0x0F]
  809. return rax;
  810. }
  811. // Additional cases truncated for brevity
  812. default:
  813. return 0;
  814. }
  815. }
  816. inline uintptr_t decrypt_bone_base()
  817. {
  818. uint64_t mb = globals::g_baseAddress;
  819. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  820.  
  821. rdx = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0x118BB878); // Updated offset
  822. if (!rdx)
  823. return rdx;
  824.  
  825. r11 = globals::g_peb; //mov r11, gs:[rax]
  826. rax = r11; //mov rax, r11
  827. rax >>= 0x13; //shr rax, 0x13
  828. rax &= 0xF;
  829.  
  830. switch (rax)
  831. {
  832. case 0:
  833. {
  834. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); // Updated key offset
  835. r12 = globals::g_baseAddress + 0x8C93; //lea r12, [0xFFFFFFFFFC00BF35]
  836. rax = r12; //mov rax, r12
  837. rax -= r11; //sub rax, r11
  838. rdx ^= rax; //xor rdx, rax
  839. rax = rdx; //mov rax, rdx
  840. rax >>= 0x15; //shr rax, 0x15
  841. rdx ^= rax; //xor rdx, rax
  842. rax = rdx; //mov rax, rdx
  843. rax >>= 0x2A; //shr rax, 0x2A
  844. rdx ^= rax; //xor rdx, rax
  845. rdx += r11; //add rdx, r11
  846. rax = 0; //and rax, 0xFFFFFFFFC0000000
  847. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  848. rax ^= r10; //xor rax, r10
  849. rax = ~rax; //not rax
  850. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  851. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC002F1D]
  852. rdx ^= rax; //xor rdx, rax
  853. rax = 0x860534C8C01FEA7B; //mov rax, 0x860534C8C01FEA7B
  854. rdx *= rax; //imul rdx, rax
  855. rax = 0xEE334BF3EC572D68; //mov rax, 0xEE334BF3EC572D68
  856. rdx ^= rax; //xor rdx, rax
  857. return rdx;
  858. }
  859. case 1:
  860. {
  861. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF4318]
  862. r12 = globals::g_baseAddress + 0xDF5D; //lea r12, [0xFFFFFFFFFC010DB1]
  863. rax = 0; //and rax, 0xFFFFFFFFC0000000
  864. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  865. rax ^= r10; //xor rax, r10
  866. rax = ~rax; //not rax
  867. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  868. rax = 0x8A4B98169395E686; //mov rax, 0x8A4B98169395E686
  869. rdx ^= rax; //xor rdx, rax
  870. rax = 0xC3957EB9F84EC5AF; //mov rax, 0xC3957EB9F84EC5AF
  871. rdx *= rax; //imul rdx, rax
  872. rax = rdx; //mov rax, rdx
  873. rax >>= 0xE; //shr rax, 0x0E
  874. rdx ^= rax; //xor rdx, rax
  875. rax = rdx; //mov rax, rdx
  876. rax >>= 0x1C; //shr rax, 0x1C
  877. rdx ^= rax; //xor rdx, rax
  878. rax = rdx; //mov rax, rdx
  879. rax >>= 0x38; //shr rax, 0x38
  880. rdx ^= rax; //xor rdx, rax
  881. rax = globals::g_baseAddress + 0x31CB; //lea rax, [0xFFFFFFFFFC005BF2]
  882. rax -= r11; //sub rax, r11
  883. rdx += rax; //add rdx, rax
  884. rax = rdx; //mov rax, rdx
  885. rax >>= 0xD; //shr rax, 0x0D
  886. rdx ^= rax; //xor rdx, rax
  887. rax = rdx; //mov rax, rdx
  888. rax >>= 0x1A; //shr rax, 0x1A
  889. rdx ^= rax; //xor rdx, rax
  890. rax = rdx; //mov rax, rdx
  891. rax >>= 0x34; //shr rax, 0x34
  892. rdx ^= rax; //xor rdx, rax
  893. rax = r12; //mov rax, r12
  894. rax = ~rax; //not rax
  895. rax ^= r11; //xor rax, r11
  896. rdx ^= rax; //xor rdx, rax
  897. return rdx;
  898. }
  899. case 2:
  900. {
  901. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF3EF0]
  902. rax = 0; //and rax, 0xFFFFFFFFC0000000
  903. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  904. rax ^= r10; //xor rax, r10
  905. rax = ~rax; //not rax
  906. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  907. rcx = globals::g_baseAddress + 0x47C2AE1B; //lea rcx, [0x0000000043C2D745]
  908. rax = rcx; //mov rax, rcx
  909. rax = ~rax; //not rax
  910. rax ^= r11; //xor rax, r11
  911. rax += r11; //add rax, r11
  912. rdx += rax; //add rdx, rax
  913. rax = 0x94073D91C803188D; //mov rax, 0x94073D91C803188D
  914. rdx ^= rax; //xor rdx, rax
  915. rax = 0x2EEA8A0831CE333B; //mov rax, 0x2EEA8A0831CE333B
  916. rdx *= rax; //imul rdx, rax
  917. rdx += r11; //add rdx, r11
  918. rax = rdx; //mov rax, rdx
  919. rax >>= 0x13; //shr rax, 0x13
  920. rdx ^= rax; //xor rdx, rax
  921. rax = rdx; //mov rax, rdx
  922. rax >>= 0x26; //shr rax, 0x26
  923. rdx ^= rax; //xor rdx, rax
  924. rax = 0xD4E2CCE5B7959CA0; //mov rax, 0xD4E2CCE5B7959CA0
  925. rdx ^= rax; //xor rdx, rax
  926. return rdx;
  927. }
  928. case 3:
  929. {
  930. r9 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r9, [0x0000000004FF3B51]
  931. r12 = globals::g_baseAddress + 0x114B; //lea r12, [0xFFFFFFFFFC0036E3]
  932. rax = rdx; //mov rax, rdx
  933. rax >>= 0x13; //shr rax, 0x13
  934. rdx ^= rax; //xor rdx, rax
  935. rax = rdx; //mov rax, rdx
  936. rax >>= 0x26; //shr rax, 0x26
  937. rdx ^= rax; //xor rdx, rax
  938. rax = rdx; //mov rax, rdx
  939. rax >>= 0x24; //shr rax, 0x24
  940. rdx ^= rax; //xor rdx, rax
  941. rax = 0x764F15DD269101D3; //mov rax, 0x764F15DD269101D3
  942. rdx *= rax; //imul rdx, rax
  943. rax = 0x34E81942B113C230; //mov rax, 0x34E81942B113C230
  944. rdx -= rax; //sub rdx, rax
  945. rax = 0x13805FC46F4FC36A; //mov rax, 0x13805FC46F4FC36A
  946. rdx += rax; //add rdx, rax
  947. rax = r11; //mov rax, r11
  948. rax -= globals::g_baseAddress; //sub rax, [rbp-0x50] -- didn't find trace -> use base
  949. rax += 0xFFFFFFFFFFFF85F3; //add rax, 0xFFFFFFFFFFFF85F3
  950. rdx += rax; //add rdx, rax
  951. rax = 0; //and rax, 0xFFFFFFFFC0000000
  952. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  953. rax ^= r9; //xor rax, r9
  954. rax = ~rax; //not rax
  955. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  956. rax = r11; //mov rax, r11
  957. rax ^= r12; //xor rax, r12
  958. rdx ^= rax; //xor rdx, rax
  959. return rdx;
  960. }
  961. case 4:
  962. {
  963. r9 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r9, [0x0000000004FF371B]
  964. rax = rdx; //mov rax, rdx
  965. rax >>= 0x11; //shr rax, 0x11
  966. rdx ^= rax; //xor rdx, rax
  967. rax = rdx; //mov rax, rdx
  968. rax >>= 0x22; //shr rax, 0x22
  969. rdx ^= rax; //xor rdx, rax
  970. rax = 0x2CFB6FB2F3BAD3C; //mov rax, 0x2CFB6FB2F3BAD3C
  971. rdx -= rax; //sub rdx, rax
  972. rax = 0; //and rax, 0xFFFFFFFFC0000000
  973. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  974. rax ^= r9; //xor rax, r9
  975. rax = ~rax; //not rax
  976. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  977. rax = 0xEED0F28134CE8447; //mov rax, 0xEED0F28134CE8447
  978. rdx *= rax; //imul rdx, rax
  979. rax = 0x52D4170A67BFFCB2; //mov rax, 0x52D4170A67BFFCB2
  980. rdx ^= rax; //xor rdx, rax
  981. rdx += r11; //add rdx, r11
  982. rax = rdx; //mov rax, rdx
  983. rax >>= 0x16; //shr rax, 0x16
  984. rdx ^= rax; //xor rdx, rax
  985. rax = rdx; //mov rax, rdx
  986. rax >>= 0x2C; //shr rax, 0x2C
  987. rdx ^= rax; //xor rdx, rax
  988. rdx ^= r11; //xor rdx, r11
  989. return rdx;
  990. }
  991. case 5:
  992. {
  993. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF3202]
  994. r12 = globals::g_baseAddress + 0x654BDD13; //lea r12, [0x00000000614BF78C]
  995. rax = r12; //mov rax, r12
  996. rax = ~rax; //not rax
  997. rax += 1; //inc rax
  998. rax += r11; //add rax, r11
  999. rdx += rax; //add rdx, rax
  1000. rax = 0x4A2AFA53025C5181; //mov rax, 0x4A2AFA53025C5181
  1001. rdx *= rax; //imul rdx, rax
  1002. rax = rdx; //mov rax, rdx
  1003. rax >>= 0x28; //shr rax, 0x28
  1004. rdx ^= rax; //xor rdx, rax
  1005. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC001751]
  1006. rcx = rax + 0xa045; //lea rcx, [rax+0xA045]
  1007. rax += 0x19B7DBCB; //add rax, 0x19B7DBCB
  1008. rax += r11; //add rax, r11
  1009. rcx += r11; //add rcx, r11
  1010. rcx ^= rax; //xor rcx, rax
  1011. rdx ^= rcx; //xor rdx, rcx
  1012. rax = 0x574A3A5B7408079B; //mov rax, 0x574A3A5B7408079B
  1013. rdx *= rax; //imul rdx, rax
  1014. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1015. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1016. rax ^= r10; //xor rax, r10
  1017. rax = ~rax; //not rax
  1018. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1019. return rdx;
  1020. }
  1021. case 6:
  1022. {
  1023. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF2D33]
  1024. r12 = globals::g_baseAddress + 0x4951; //lea r12, [0xFFFFFFFFFC005FD3]
  1025. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1026. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1027. rax ^= r10; //xor rax, r10
  1028. rax = ~rax; //not rax
  1029. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1030. rdx += r11; //add rdx, r11
  1031. rax = r11; //mov rax, r11
  1032. rax *= r12; //imul rax, r12
  1033. rdx += rax; //add rdx, rax
  1034. rcx = globals::g_baseAddress; //lea rcx, [0xFFFFFFFFFC0014EB]
  1035. rax = rcx + 0x1d37b933; //lea rax, [rcx+0x1D37B933]
  1036. rax += r11; //add rax, r11
  1037. rdx += rax; //add rdx, rax
  1038. rax = rdx; //mov rax, rdx
  1039. rax >>= 0x9; //shr rax, 0x09
  1040. rdx ^= rax; //xor rdx, rax
  1041. rax = rdx; //mov rax, rdx
  1042. rax >>= 0x12; //shr rax, 0x12
  1043. rdx ^= rax; //xor rdx, rax
  1044. rax = rdx; //mov rax, rdx
  1045. rax >>= 0x24; //shr rax, 0x24
  1046. rdx ^= rax; //xor rdx, rax
  1047. rax = 0x6C2A29044A40E4C7; //mov rax, 0x6C2A29044A40E4C7
  1048. rdx *= rax; //imul rdx, rax
  1049. rdx ^= rcx; //xor rdx, rcx
  1050. rax = rdx; //mov rax, rdx
  1051. rax >>= 0x3; //shr rax, 0x03
  1052. rdx ^= rax; //xor rdx, rax
  1053. rax = rdx; //mov rax, rdx
  1054. rax >>= 0x6; //shr rax, 0x06
  1055. rdx ^= rax; //xor rdx, rax
  1056. rax = rdx; //mov rax, rdx
  1057. rax >>= 0xC; //shr rax, 0x0C
  1058. rdx ^= rax; //xor rdx, rax
  1059. rax = rdx; //mov rax, rdx
  1060. rax >>= 0x18; //shr rax, 0x18
  1061. rdx ^= rax; //xor rdx, rax
  1062. rax = rdx; //mov rax, rdx
  1063. rax >>= 0x30; //shr rax, 0x30
  1064. rdx ^= rax; //xor rdx, rax
  1065. return rdx;
  1066. }
  1067. case 7:
  1068. {
  1069. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF287F]
  1070. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC001161]
  1071. rdx += rax; //add rdx, rax
  1072. rax = 0x5F80490A38DB3901; //mov rax, 0x5F80490A38DB3901
  1073. rdx ^= rax; //xor rdx, rax
  1074. rax = 0x4EC9DC6A5902297D; //mov rax, 0x4EC9DC6A5902297D
  1075. rdx -= rax; //sub rdx, rax
  1076. rax = rdx; //mov rax, rdx
  1077. rax >>= 0x25; //shr rax, 0x25
  1078. rdx ^= rax; //xor rdx, rax
  1079. rcx = globals::g_baseAddress + 0xCEFB; //lea rcx, [0xFFFFFFFFFC00E16D]
  1080. rax = r11; //mov rax, r11
  1081. rax ^= rcx; //xor rax, rcx
  1082. rdx += rax; //add rdx, rax
  1083. rax = 0x92B34BC27C367071; //mov rax, 0x92B34BC27C367071
  1084. rdx *= rax; //imul rdx, rax
  1085. rdx -= r11; //sub rdx, r11
  1086. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1087. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1088. rax ^= r10; //xor rax, r10
  1089. rax = ~rax; //not rax
  1090. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1091. return rdx;
  1092. }
  1093. case 8:
  1094. {
  1095. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF2460]
  1096. rcx = globals::g_baseAddress + 0x5723; //lea rcx, [0xFFFFFFFFFC006517]
  1097. rax = 0xE62DA6375F493113; //mov rax, 0xE62DA6375F493113
  1098. rdx *= rax; //imul rdx, rax
  1099. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC000BC6]
  1100. rdx -= rax; //sub rdx, rax
  1101. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1102. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1103. rax ^= r10; //xor rax, r10
  1104. rax = ~rax; //not rax
  1105. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1106. rdx -= r11; //sub rdx, r11
  1107. rax = rdx; //mov rax, rdx
  1108. rax >>= 0xF; //shr rax, 0x0F
  1109. rdx ^= rax; //xor rdx, rax
  1110. rax = rdx; //mov rax, rdx
  1111. rax >>= 0x1E; //shr rax, 0x1E
  1112. rdx ^= rax; //xor rdx, rax
  1113. rax = rdx; //mov rax, rdx
  1114. rax >>= 0x3C; //shr rax, 0x3C
  1115. rdx ^= rax; //xor rdx, rax
  1116. rax = rdx; //mov rax, rdx
  1117. rax >>= 0x3; //shr rax, 0x03
  1118. rdx ^= rax; //xor rdx, rax
  1119. rax = rdx; //mov rax, rdx
  1120. rax >>= 0x6; //shr rax, 0x06
  1121. rdx ^= rax; //xor rdx, rax
  1122. rax = rdx; //mov rax, rdx
  1123. rax >>= 0xC; //shr rax, 0x0C
  1124. rdx ^= rax; //xor rdx, rax
  1125. rax = rdx; //mov rax, rdx
  1126. rax >>= 0x18; //shr rax, 0x18
  1127. rdx ^= rax; //xor rdx, rax
  1128. rax = rdx; //mov rax, rdx
  1129. rax >>= 0x30; //shr rax, 0x30
  1130. rdx ^= rax; //xor rdx, rax
  1131. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC000A38]
  1132. rax += 0xFAB2; //add rax, 0xFAB2
  1133. rax += r11; //add rax, r11
  1134. rdx ^= rax; //xor rdx, rax
  1135. rax = r11; //mov rax, r11
  1136. rax ^= rcx; //xor rax, rcx
  1137. rdx ^= rax; //xor rdx, rax
  1138. return rdx;
  1139. }
  1140. case 9:
  1141. {
  1142. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF2030]
  1143. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1144. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1145. rax ^= r10; //xor rax, r10
  1146. rax = ~rax; //not rax
  1147. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1148. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFC00086D]
  1149. rcx = rax + 0x429d; //lea rcx, [rax+0x429D]
  1150. rax += 0xF1EC; //add rax, 0xF1EC
  1151. rax += r11; //add rax, r11
  1152. rcx += r11; //add rcx, r11
  1153. rdx += rcx; //add rdx, rcx
  1154. rdx ^= rax; //xor rdx, rax
  1155. rax = globals::g_baseAddress + 0x5304B0E6; //lea rax, [0x000000004F04B929]
  1156. rdx ^= r11; //xor rdx, r11
  1157. rdx ^= rax; //xor rdx, rax
  1158. rax = rdx; //mov rax, rdx
  1159. rax >>= 0x22; //shr rax, 0x22
  1160. rdx ^= rax; //xor rdx, rax
  1161. rax = 0xEE899EDDAF56550; //mov rax, 0xEE899EDDAF56550
  1162. rdx ^= rax; //xor rdx, rax
  1163. rax = rdx; //mov rax, rdx
  1164. rax >>= 0xE; //shr rax, 0x0E
  1165. rdx ^= rax; //xor rdx, rax
  1166. rax = rdx; //mov rax, rdx
  1167. rax >>= 0x1C; //shr rax, 0x1C
  1168. rdx ^= rax; //xor rdx, rax
  1169. rax = rdx; //mov rax, rdx
  1170. rax >>= 0x38; //shr rax, 0x38
  1171. rdx ^= rax; //xor rdx, rax
  1172. rax = 0x39D515C223A57391; //mov rax, 0x39D515C223A57391
  1173. rdx *= rax; //imul rdx, rax
  1174. return rdx;
  1175. }
  1176. case 10:
  1177. {
  1178. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF1CE0]
  1179. rcx = globals::g_baseAddress + 0x1A3D; //lea rcx, [0xFFFFFFFFFC001E54]
  1180. rax = rdx; //mov rax, rdx
  1181. rax >>= 0xF; //shr rax, 0x0F
  1182. rdx ^= rax; //xor rdx, rax
  1183. rax = rdx; //mov rax, rdx
  1184. rax >>= 0x1E; //shr rax, 0x1E
  1185. rdx ^= rax; //xor rdx, rax
  1186. rax = rdx; //mov rax, rdx
  1187. rax >>= 0x3C; //shr rax, 0x3C
  1188. rdx ^= rax; //xor rdx, rax
  1189. rax = rdx; //mov rax, rdx
  1190. rax >>= 0x13; //shr rax, 0x13
  1191. rdx ^= rax; //xor rdx, rax
  1192. rax = rdx; //mov rax, rdx
  1193. rax >>= 0x26; //shr rax, 0x26
  1194. rdx ^= rax; //xor rdx, rax
  1195. rax = r11; //mov rax, r11
  1196. rax = ~rax; //not rax
  1197. rax *= rcx; //imul rax, rcx
  1198. rdx ^= rax; //xor rdx, rax
  1199. rax = 0x8330B389343DA675; //mov rax, 0x8330B389343DA675
  1200. rdx *= rax; //imul rdx, rax
  1201. rax = 0x5A325A7184C15E55; //mov rax, 0x5A325A7184C15E55
  1202. rdx -= rax; //sub rdx, rax
  1203. rax = 0xE28957C95B7E497; //mov rax, 0xE28957C95B7E497
  1204. rdx += rax; //add rdx, rax
  1205. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1206. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1207. rax ^= r10; //xor rax, r10
  1208. rax = ~rax; //not rax
  1209. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1210. rdx -= r11; //sub rdx, r11
  1211. return rdx;
  1212. }
  1213. case 11:
  1214. {
  1215. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF18F4]
  1216. r15 = globals::g_baseAddress + 0x67B591A2; //lea r15, [0x0000000063B5916E]
  1217. rax = rdx; //mov rax, rdx
  1218. rax >>= 0x22; //shr rax, 0x22
  1219. rdx ^= rax; //xor rdx, rax
  1220. rax = r15; //mov rax, r15
  1221. rax = ~rax; //not rax
  1222. rax ^= r11; //xor rax, r11
  1223. rax += r11; //add rax, r11
  1224. rdx -= rax; //sub rdx, rax
  1225. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1226. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1227. rax ^= r10; //xor rax, r10
  1228. rax = ~rax; //not rax
  1229. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1230. rdx ^= r11; //xor rdx, r11
  1231. rax = 0x112AEF7CBA9BEDF1; //mov rax, 0x112AEF7CBA9BEDF1
  1232. rdx *= rax; //imul rdx, rax
  1233. rax = 0x792205E77EAA6797; //mov rax, 0x792205E77EAA6797
  1234. rdx ^= rax; //xor rdx, rax
  1235. return rdx;
  1236. }
  1237. case 12:
  1238. {
  1239. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF143E]
  1240. r12 = globals::g_baseAddress + 0x70E4B3E1; //lea r12, [0x000000006CE4AFFF]
  1241. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1242. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1243. rax ^= r10; //xor rax, r10
  1244. rax = ~rax; //not rax
  1245. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1246. rax = 0x33BF00DD8A073650; //mov rax, 0x33BF00DD8A073650
  1247. rdx -= rax; //sub rdx, rax
  1248. rax = rdx; //mov rax, rdx
  1249. rax >>= 0xA; //shr rax, 0x0A
  1250. rdx ^= rax; //xor rdx, rax
  1251. rax = rdx; //mov rax, rdx
  1252. rax >>= 0x14; //shr rax, 0x14
  1253. rdx ^= rax; //xor rdx, rax
  1254. rax = rdx; //mov rax, rdx
  1255. rax >>= 0x28; //shr rax, 0x28
  1256. rdx ^= rax; //xor rdx, rax
  1257. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFBFFF9D0]
  1258. rdx ^= rax; //xor rdx, rax
  1259. rax = r12; //mov rax, r12
  1260. rax = ~rax; //not rax
  1261. rdx += rax; //add rdx, rax
  1262. rax = 0x37300D9E69A77B2F; //mov rax, 0x37300D9E69A77B2F
  1263. rdx *= rax; //imul rdx, rax
  1264. rdx -= r11; //sub rdx, r11
  1265. return rdx;
  1266. }
  1267. case 13:
  1268. {
  1269. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF109C]
  1270. r15 = globals::g_baseAddress + 0x666C9DA0; //lea r15, [0x00000000626C95FC]
  1271. rax = r11; //mov rax, r11
  1272. rax ^= r15; //xor rax, r15
  1273. rdx -= rax; //sub rdx, rax
  1274. rax = 0x124569EA4125D98; //mov rax, 0x124569EA4125D98
  1275. rdx ^= rax; //xor rdx, rax
  1276. rax = rdx; //mov rax, rdx
  1277. rax >>= 0x5; //shr rax, 0x05
  1278. rdx ^= rax; //xor rdx, rax
  1279. rax = rdx; //mov rax, rdx
  1280. rax >>= 0xA; //shr rax, 0x0A
  1281. rdx ^= rax; //xor rdx, rax
  1282. rax = rdx; //mov rax, rdx
  1283. rax >>= 0x14; //shr rax, 0x14
  1284. rdx ^= rax; //xor rdx, rax
  1285. rax = rdx; //mov rax, rdx
  1286. rax >>= 0x28; //shr rax, 0x28
  1287. rdx ^= rax; //xor rdx, rax
  1288. rax = rdx; //mov rax, rdx
  1289. rax >>= 0x1A; //shr rax, 0x1A
  1290. rdx ^= rax; //xor rdx, rax
  1291. rax = rdx; //mov rax, rdx
  1292. rax >>= 0x34; //shr rax, 0x34
  1293. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  1294. rdx ^= rax; //xor rdx, rax
  1295. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  1296. rcx ^= r10; //xor rcx, r10
  1297. rcx = ~rcx; //not rcx
  1298. rdx *= Kernel::Read<uintptr_t>(rcx + 0x17); //imul rdx, [rcx+0x17]
  1299. rdx ^= r11; //xor rdx, r11
  1300. rax = 0xD83F30F92C64DF4F; //mov rax, 0xD83F30F92C64DF4F
  1301. rdx ^= rax; //xor rdx, rax
  1302. rax = 0xB69AFD2628432A9D; //mov rax, 0xB69AFD2628432A9D
  1303. rdx *= rax; //imul rdx, rax
  1304. return rdx;
  1305. }
  1306. case 14:
  1307. {
  1308. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF0C96]
  1309. r12 = globals::g_baseAddress + 0x5113; //lea r12, [0xFFFFFFFFFC00454C]
  1310. rax = rdx; //mov rax, rdx
  1311. rax >>= 0x1B; //shr rax, 0x1B
  1312. rdx ^= rax; //xor rdx, rax
  1313. rax = rdx; //mov rax, rdx
  1314. rax >>= 0x36; //shr rax, 0x36
  1315. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  1316. rdx ^= rax; //xor rdx, rax
  1317. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  1318. rcx ^= r10; //xor rcx, r10
  1319. rcx = ~rcx; //not rcx
  1320. rdx *= Kernel::Read<uintptr_t>(rcx + 0x17); //imul rdx, [rcx+0x17]
  1321. rax = 0xDC4274449EFE767B; //mov rax, 0xDC4274449EFE767B
  1322. rdx ^= rax; //xor rdx, rax
  1323. rax = rdx; //mov rax, rdx
  1324. rax >>= 0x6; //shr rax, 0x06
  1325. rdx ^= rax; //xor rdx, rax
  1326. rax = rdx; //mov rax, rdx
  1327. rax >>= 0xC; //shr rax, 0x0C
  1328. rdx ^= rax; //xor rdx, rax
  1329. rax = rdx; //mov rax, rdx
  1330. rax >>= 0x18; //shr rax, 0x18
  1331. rdx ^= rax; //xor rdx, rax
  1332. rax = rdx; //mov rax, rdx
  1333. rax >>= 0x30; //shr rax, 0x30
  1334. rdx ^= rax; //xor rdx, rax
  1335. rax = r11; //mov rax, r11
  1336. rax ^= r12; //xor rax, r12
  1337. rdx -= rax; //sub rdx, rax
  1338. rax = 0x4480AA60A21867F9; //mov rax, 0x4480AA60A21867F9
  1339. rdx *= rax; //imul rdx, rax
  1340. rax = globals::g_baseAddress; //lea rax, [0xFFFFFFFFFBFFF112]
  1341. rax += 0xD03A; //add rax, 0xD03A
  1342. rax += r11; //add rax, r11
  1343. rdx += rax; //add rdx, rax
  1344. return rdx;
  1345. }
  1346. case 15:
  1347. {
  1348. r10 = Kernel::Read<uintptr_t>(globals::g_baseAddress + 0xB42105D); //mov r10, [0x0000000004FF07CE]
  1349. rcx = globals::g_baseAddress + 0x6744783A; //lea rcx, [0x0000000063446735]
  1350. rdx += r11; //add rdx, r11
  1351. rax = r11; //mov rax, r11
  1352. rax = ~rax; //not rax
  1353. uintptr_t RSP_0xFFFFFFFFFFFFFFB0;
  1354. RSP_0xFFFFFFFFFFFFFFB0 = globals::g_baseAddress + 0x642A39AC; //lea rax, [0x00000000602A295C] : RBP+0xFFFFFFFFFFFFFFB0
  1355. rax ^= RSP_0xFFFFFFFFFFFFFFB0; //xor rax, [rbp-0x50]
  1356. rdx -= rax; //sub rdx, rax
  1357. rdx ^= r11; //xor rdx, r11
  1358. rdx ^= rcx; //xor rdx, rcx
  1359. rax = 0; //and rax, 0xFFFFFFFFC0000000
  1360. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  1361. rax ^= r10; //xor rax, r10
  1362. rax = ~rax; //not rax
  1363. rdx *= Kernel::Read<uintptr_t>(rax + 0x17); //imul rdx, [rax+0x17]
  1364. rax = 0x54750E0E4638841A; //mov rax, 0x54750E0E4638841A
  1365. rdx += rax; //add rdx, rax
  1366. rax = 0x17257FE07A931EB4; //mov rax, 0x17257FE07A931EB4
  1367. rdx ^= rax; //xor rdx, rax
  1368. rax = rdx; //mov rax, rdx
  1369. rax >>= 0x4; //shr rax, 0x04
  1370. rdx ^= rax; //xor rdx, rax
  1371. rax = rdx; //mov rax, rdx
  1372. rax >>= 0x8; //shr rax, 0x08
  1373. rdx ^= rax; //xor rdx, rax
  1374. rax = rdx; //mov rax, rdx
  1375. rax >>= 0x10; //shr rax, 0x10
  1376. rdx ^= rax; //xor rdx, rax
  1377. rax = rdx; //mov rax, rdx
  1378. rax >>= 0x20; //shr rax, 0x20
  1379. rdx ^= rax; //xor rdx, rax
  1380. rax = 0x7493CCED6314B08B; //mov rax, 0x7493CCED6314B08B
  1381. rdx *= rax; //imul rdx, rax
  1382. return rdx;
  1383. }
  1384. }
  1385. }
  1386. inline uint16_t get_bone_index(uint32_t bone_index)
  1387. {
  1388.  
  1389. const uint64_t mb = globals::g_baseAddress;
  1390. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  1391. rbx = bone_index;
  1392. rcx = rbx * 0x13C8;
  1393. rax = 0xCB182C584BD5193; //mov rax, 0xCB182C584BD5193
  1394. r11 = globals::g_baseAddress; //lea r11, [0xFFFFFFFFFD1EDE3E]
  1395. rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
  1396. rax = rcx; //mov rax, rcx
  1397. r10 = 0xD6FB75C08B670E5B; //mov r10, 0xD6FB75C08B670E5B
  1398. rax -= rdx; //sub rax, rdx
  1399. rax >>= 0x1; //shr rax, 0x01
  1400. rax += rdx; //add rax, rdx
  1401. rax >>= 0xC; //shr rax, 0x0C
  1402. rax = rax * 0x1E7D; //imul rax, rax, 0x1E7D
  1403. rcx -= rax; //sub rcx, rax
  1404. rax = 0x4078E2A8FCDA18EF; //mov rax, 0x4078E2A8FCDA18EF
  1405. r8 = rcx * 0x1E7D; //imul r8, rcx, 0x1E7D
  1406. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  1407. rdx >>= 0xB; //shr rdx, 0x0B
  1408. rax = rdx * 0x1FC4; //imul rax, rdx, 0x1FC4
  1409. r8 -= rax; //sub r8, rax
  1410. rax = 0xF0F0F0F0F0F0F0F1; //mov rax, 0xF0F0F0F0F0F0F0F1
  1411. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  1412. rax = 0x624DD2F1A9FBE77; //mov rax, 0x624DD2F1A9FBE77
  1413. rdx >>= 0x6; //shr rdx, 0x06
  1414. rcx = rdx * 0x44; //imul rcx, rdx, 0x44
  1415. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  1416. rax = r8; //mov rax, r8
  1417. rax -= rdx; //sub rax, rdx
  1418. rax >>= 0x1; //shr rax, 0x01
  1419. rax += rdx; //add rax, rdx
  1420. rax >>= 0x6; //shr rax, 0x06
  1421. rcx += rax; //add rcx, rax
  1422. rax = rcx * 0xFA; //imul rax, rcx, 0xFA
  1423. rcx = r8 * 0xFC; //imul rcx, r8, 0xFC
  1424. rcx -= rax; //sub rcx, rax
  1425. rax = Kernel::Read<uint16_t>(rcx + r11 * 1 + 0xA7C25A0); // Updated offset
  1426. r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
  1427. rax = r10; //mov rax, r10
  1428. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  1429. rax = r10; //mov rax, r10
  1430. rdx >>= 0xD; //shr rdx, 0x0D
  1431. rcx = rdx * 0x261B; //imul rcx, rdx, 0x261B
  1432. r8 -= rcx; //sub r8, rcx
  1433. r9 = r8 * 0x2F75; //imul r9, r8, 0x2F75
  1434. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  1435. rdx >>= 0xD; //shr rdx, 0x0D
  1436. rax = rdx * 0x261B; //imul rax, rdx, 0x261B
  1437. r9 -= rax; //sub r9, rax
  1438. rax = 0x8FB823EE08FB823F; //mov rax, 0x8FB823EE08FB823F
  1439. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  1440. rax = 0x579D6EE340579D6F; //mov rax, 0x579D6EE340579D6F
  1441. rdx >>= 0x5; //shr rdx, 0x05
  1442. rcx = rdx * 0x39; //imul rcx, rdx, 0x39
  1443. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  1444. rdx >>= 0x6; //shr rdx, 0x06
  1445. rcx += rdx; //add rcx, rdx
  1446. rax = rcx * 0x176; //imul rax, rcx, 0x176
  1447. rcx = r9 * 0x178; //imul rcx, r9, 0x178
  1448. rcx -= rax; //sub rcx, rax
  1449. r14 = Kernel::Read<uint16_t>(rcx + r11 * 1 + 0xA7C6810); // Updated offset
  1450. return r14;
  1451. }
  1452. }
  1453.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!