API tools faq
paste
BreezierD

WZ3 XBOX

BreezierD
Oct 28th, 2024
9
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 49.68 KB | None | 0 0
raw download clone embed print report
  1. uintptr_t decrypt_client_info(const Driver& driver)
  2. {
  3. const uint64_t mb = driver.base_addr;
  4. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  5. r9 = driver.base_addr;
  6. if(!r9)
  7. return r9;
  8. rdx = driver.target_peb; //mov rdx, gs:[rax]
  9. return r9;
  10. }
  11. uintptr_t decrypt_client_base(const Driver& driver, uintptr_t client_info)
  12. {
  13. const uint64_t mb = driver.base_addr;
  14. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  15. r10 = driver.Read<uintptr_t>(client_info + 0x199798);
  16. if(!r10)
  17. return r10;
  18. r11= ~driver.target_peb; //mov r11, gs:[rax]
  19. rax = r11; //mov rax, r11
  20. rax <<= 0x23; //shl rax, 0x23
  21. rax = _byteswap_uint64(rax); //bswap rax
  22. rax &= 0xF;
  23. switch(rax) {
  24. case 0:
  25. {
  26. return r10;
  27. }
  28. case 1:
  29. {
  30. return r10;
  31. }
  32. case 2:
  33. {
  34. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r9, [0x00000000087D9C6C]
  35. rax = 0x43AE441D8481DD04; //mov rax, 0x43AE441D8481DD04
  36. r10 -= rax; //sub r10, rax
  37. rax = r10; //mov rax, r10
  38. rax >>= 0x26; //shr rax, 0x26
  39. r10 ^= rax; //xor r10, rax
  40. rax = r10; //mov rax, r10
  41. rax >>= 0x9; //shr rax, 0x09
  42. r10 ^= rax; //xor r10, rax
  43. rax = r10; //mov rax, r10
  44. rax >>= 0x12; //shr rax, 0x12
  45. r10 ^= rax; //xor r10, rax
  46. rcx = r10; //mov rcx, r10
  47. rcx >>= 0x24; //shr rcx, 0x24
  48. rcx ^= r10; //xor rcx, r10
  49. rax = r11; //mov rax, r11
  50. r10 = driver.base_addr + 0x424950C8; //lea r10, [0x000000003FC0A9BF]
  51. rax = ~rax; //not rax
  52. r10 *= rax; //imul r10, rax
  53. r10 += rcx; //add r10, rcx
  54. rax = 0x1EB0B3B479EF017; //mov rax, 0x1EB0B3B479EF017
  55. r10 *= rax; //imul r10, rax
  56. rax = 0xF4FDCF8C05766D07; //mov rax, 0xF4FDCF8C05766D07
  57. r10 ^= rax; //xor r10, rax
  58. rax = r10; //mov rax, r10
  59. rax >>= 0x17; //shr rax, 0x17
  60. r10 ^= rax; //xor r10, rax
  61. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  62. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  63. rax = r10; //mov rax, r10
  64. rcx ^= r9; //xor rcx, r9
  65. rax >>= 0x2E; //shr rax, 0x2E
  66. rcx = ~rcx; //not rcx
  67. r10 ^= rax; //xor r10, rax
  68. r10 *= driver.Read<uintptr_t>(rcx + 0x9); //imul r10, [rcx+0x09]
  69. return r10;
  70. }
  71. case 3:
  72. {
  73. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r9, [0x00000000087D971A]
  74. rcx = r11; //mov rcx, r11
  75. rcx = ~rcx; //not rcx
  76. rax = driver.base_addr + 0x8952; //lea rax, [0xFFFFFFFFFD77DBB2]
  77. rax = ~rax; //not rax
  78. rcx *= rax; //imul rcx, rax
  79. rax = 0x920D8D54066C3BC8; //mov rax, 0x920D8D54066C3BC8
  80. r10 ^= rcx; //xor r10, rcx
  81. r10 ^= rax; //xor r10, rax
  82. rax = 0x71B6A01168176A5F; //mov rax, 0x71B6A01168176A5F
  83. r10 *= rax; //imul r10, rax
  84. rax = 0; //and rax, 0xFFFFFFFFC0000000
  85. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  86. rax ^= r9; //xor rax, r9
  87. rax = ~rax; //not rax
  88. r10 *= driver.Read<uintptr_t>(rax + 0x9); //imul r10, [rax+0x09]
  89. rax = r10; //mov rax, r10
  90. rax >>= 0xB; //shr rax, 0x0B
  91. r10 ^= rax; //xor r10, rax
  92. rax = r10; //mov rax, r10
  93. rax >>= 0x16; //shr rax, 0x16
  94. r10 ^= rax; //xor r10, rax
  95. rax = r10; //mov rax, r10
  96. rax >>= 0x2C; //shr rax, 0x2C
  97. r10 ^= rax; //xor r10, rax
  98. rax = 0x28C4EBE07CC779E5; //mov rax, 0x28C4EBE07CC779E5
  99. r10 ^= rax; //xor r10, rax
  100. rax = r11; //mov rax, r11
  101. uintptr_t RSP_0xFFFFFFFFFFFFFF80;
  102. RSP_0xFFFFFFFFFFFFFF80 = driver.base_addr + 0x1488BAD0; //lea rax, [0x00000000120010B7] : RBP+0xFFFFFFFFFFFFFF80
  103. rax *= RSP_0xFFFFFFFFFFFFFF80; //imul rax, [rbp-0x80]
  104. r10 -= rax; //sub r10, rax
  105. r10 += r11; //add r10, r11
  106. return r10;
  107. }
  108. case 4:
  109. {
  110. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r9, [0x00000000087D9236]
  111. rax = 0x7BD4F3C29580BB87; //mov rax, 0x7BD4F3C29580BB87
  112. r10 *= rax; //imul r10, rax
  113. rax = 0x646EC108C275FCD7; //mov rax, 0x646EC108C275FCD7
  114. r10 -= r11; //sub r10, r11
  115. r10 -= rax; //sub r10, rax
  116. rax = r10; //mov rax, r10
  117. rax >>= 0x1B; //shr rax, 0x1B
  118. r10 ^= rax; //xor r10, rax
  119. rax = r10; //mov rax, r10
  120. rax >>= 0x36; //shr rax, 0x36
  121. r10 ^= rax; //xor r10, rax
  122. rax = 0x142843BCE5FD72BB; //mov rax, 0x142843BCE5FD72BB
  123. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  124. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  125. r10 *= rax; //imul r10, rax
  126. rcx ^= r9; //xor rcx, r9
  127. rcx = ~rcx; //not rcx
  128. r10 += r11; //add r10, r11
  129. r10 *= driver.Read<uintptr_t>(rcx + 0x9); //imul r10, [rcx+0x09]
  130. rax = r11; //mov rax, r11
  131. rax = ~rax; //not rax
  132. uintptr_t RSP_0x78;
  133. RSP_0x78 = driver.base_addr + 0x71CF; //lea rax, [0xFFFFFFFFFD77C2A3] : RSP+0x78
  134. rax ^= RSP_0x78; //xor rax, [rsp+0x78]
  135. r10 -= rax; //sub r10, rax
  136. return r10;
  137. }
  138. case 5:
  139. {
  140. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r9, [0x00000000087D8E51]
  141. rax = r10; //mov rax, r10
  142. rax >>= 0x9; //shr rax, 0x09
  143. r10 ^= rax; //xor r10, rax
  144. rax = r10; //mov rax, r10
  145. rax >>= 0x12; //shr rax, 0x12
  146. r10 ^= rax; //xor r10, rax
  147. rax = r10; //mov rax, r10
  148. rax >>= 0x24; //shr rax, 0x24
  149. r10 ^= rax; //xor r10, rax
  150. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD774770]
  151. rax += 0x111FC085; //add rax, 0x111FC085
  152. rax += r11; //add rax, r11
  153. r10 += rax; //add r10, rax
  154. rax = 0xF8D94370868AB99; //mov rax, 0xF8D94370868AB99
  155. r10 *= rax; //imul r10, rax
  156. rax = 0xB026072E428E1D57; //mov rax, 0xB026072E428E1D57
  157. r10 *= rax; //imul r10, rax
  158. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD77493E]
  159. rax += 0x19F5; //add rax, 0x19F5
  160. rax += r11; //add rax, r11
  161. r10 += rax; //add r10, rax
  162. rax = r10; //mov rax, r10
  163. rax >>= 0x23; //shr rax, 0x23
  164. r10 ^= rax; //xor r10, rax
  165. rax = 0; //and rax, 0xFFFFFFFFC0000000
  166. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  167. rax ^= r9; //xor rax, r9
  168. rax = ~rax; //not rax
  169. rax = driver.Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
  170. uintptr_t RSP_0x30;
  171. RSP_0x30 = 0x5F23D3FEF0707261; //mov rax, 0x5F23D3FEF0707261 : RSP+0x30
  172. rax *= RSP_0x30; //imul rax, [rsp+0x30]
  173. r10 *= rax; //imul r10, rax
  174. return r10;
  175. }
  176. case 6:
  177. {
  178. return r10;
  179. }
  180. case 7:
  181. {
  182. return r10;
  183. }
  184. case 8:
  185. {
  186. r8 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r8, [0x00000000087D7F42]
  187. rax = 0x4F7CA4829AB6D5E8; //mov rax, 0x4F7CA4829AB6D5E8
  188. r10 ^= rax; //xor r10, rax
  189. r10 += r11; //add r10, r11
  190. rax = r10; //mov rax, r10
  191. rax >>= 0x24; //shr rax, 0x24
  192. r10 ^= rax; //xor r10, rax
  193. rax = 0x5178F05F16D45A5B; //mov rax, 0x5178F05F16D45A5B
  194. r10 *= rax; //imul r10, rax
  195. rax = 0x2ED8CECF4C40E0F3; //mov rax, 0x2ED8CECF4C40E0F3
  196. r10 ^= r11; //xor r10, r11
  197. r10 ^= rax; //xor r10, rax
  198. r10 ^= r11; //xor r10, r11
  199. rax = 0; //and rax, 0xFFFFFFFFC0000000
  200. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  201. rax ^= r8; //xor rax, r8
  202. rax = ~rax; //not rax
  203. r10 *= driver.Read<uintptr_t>(rax + 0x9); //imul r10, [rax+0x09]
  204. return r10;
  205. }
  206. case 9:
  207. {
  208. return r10;
  209. }
  210. case 10:
  211. {
  212. rax = r10; //mov rax, r10
  213. rax >>= 0xD; //shr rax, 0x0D
  214. r10 ^= rax; //xor r10, rax
  215. rax = r10; //mov rax, r10
  216. rax >>= 0x1A; //shr rax, 0x1A
  217. r10 ^= rax; //xor r10, rax
  218. rax = r10; //mov rax, r10
  219. rax >>= 0x34; //shr rax, 0x34
  220. r10 ^= rax; //xor r10, rax
  221. return r10;
  222. }
  223. case 11:
  224. {
  225. return r10;
  226. }
  227. case 12:
  228. {
  229. rax = r10; //mov rax, r10
  230. rax >>= 0xE; //shr rax, 0x0E
  231. r10 ^= rax; //xor r10, rax
  232. return r10;
  233. }
  234. case 13:
  235. {
  236. rax = driver.base_addr + 0xB0AA; //lea rax, [0xFFFFFFFFFD77D28C]
  237. rax = ~rax; //not rax
  238. rax ^= r11; //xor rax, r11
  239. r10 ^= rax; //xor r10, rax
  240. rax = r10; //mov rax, r10
  241. rax >>= 0x18; //shr rax, 0x18
  242. r10 ^= rax; //xor r10, rax
  243. return r10;
  244. }
  245. case 14:
  246. {
  247. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06412C); //mov r9, [0x00000000087D6173]
  248. r10 -= r11; //sub r10, r11
  249. rax = 0xEEEEF35687DD1DF7; //mov rax, 0xEEEEF35687DD1DF7
  250. r10 *= rax; //imul r10, rax
  251. rax = r11; //mov rax, r11
  252. uintptr_t RSP_0x30;
  253. RSP_0x30 = driver.base_addr + 0x913D; //lea rax, [0xFFFFFFFFFD77B17D] : RSP+0x30
  254. rax *= RSP_0x30; //imul rax, [rsp+0x30]
  255. r10 ^= rax; //xor r10, rax
  256. rax = 0; //and rax, 0xFFFFFFFFC0000000
  257. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  258. rax ^= r9; //xor rax, r9
  259. rax = ~rax; //not rax
  260. rax = driver.Read<uintptr_t>(rax + 0x9); //mov rax, [rax+0x09]
  261. uintptr_t RSP_0x50;
  262. RSP_0x50 = 0x571AF583F00DB5E9; //mov rax, 0x571AF583F00DB5E9 : RSP+0x50
  263. rax *= RSP_0x50; //imul rax, [rsp+0x50]
  264. r10 *= rax; //imul r10, rax
  265. rax = r10; //mov rax, r10
  266. rcx = driver.base_addr + 0x6A35; //lea rcx, [0xFFFFFFFFFD778918]
  267. rax >>= 0x21; //shr rax, 0x21
  268. rcx -= r11; //sub rcx, r11
  269. rcx ^= rax; //xor rcx, rax
  270. r10 ^= rcx; //xor r10, rcx
  271. return r10;
  272. }
  273. case 15:
  274. {
  275. rax = 0x586536E499271C5; //mov rax, 0x586536E499271C5
  276. r10 *= rax; //imul r10, rax
  277. return r10;
  278. }
  279. }
  280. }
  281. uintptr_t decrypt_bone_base(const Driver& driver)
  282. {
  283. const uint64_t mb = driver.base_addr;
  284. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  285. rdx = driver.Read<uintptr_t>(driver.base_addr + 0xEF3BD58);
  286. if(!rdx)
  287. return rdx;
  288. r11 = driver.target_peb; //mov r11, gs:[rax]
  289. rax = r11; //mov rax, r11
  290. rax = _rotr64(rax, 0x1A); //ror rax, 0x1A
  291. rax &= 0xF;
  292. switch(rax) {
  293. case 0:
  294. {
  295. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084FA6EF]
  296. r14 = driver.base_addr + 0x9280; //lea r14, [0xFFFFFFFFFD49F73F]
  297. rax = rdx; //mov rax, rdx
  298. rax >>= 0x26; //shr rax, 0x26
  299. rdx ^= rax; //xor rdx, rax
  300. rax = 0x1409F0CD847A37CE; //mov rax, 0x1409F0CD847A37CE
  301. rdx ^= rax; //xor rdx, rax
  302. rax = r11; //mov rax, r11
  303. rax = ~rax; //not rax
  304. rax ^= r14; //xor rax, r14
  305. rdx += rax; //add rdx, rax
  306. rax = 0x3C34D747DB7928EE; //mov rax, 0x3C34D747DB7928EE
  307. rdx -= rax; //sub rdx, rax
  308. rax = driver.base_addr + 0xDB7F; //lea rax, [0xFFFFFFFFFD4A3E47]
  309. rax = ~rax; //not rax
  310. rax -= r11; //sub rax, r11
  311. rdx ^= rax; //xor rdx, rax
  312. rax = 0xC029A5A1D42718DD; //mov rax, 0xC029A5A1D42718DD
  313. rdx *= rax; //imul rdx, rax
  314. rax = 0; //and rax, 0xFFFFFFFFC0000000
  315. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  316. rax ^= r9; //xor rax, r9
  317. rax = ~rax; //not rax
  318. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  319. rax = rdx; //mov rax, rdx
  320. rax >>= 0x7; //shr rax, 0x07
  321. rdx ^= rax; //xor rdx, rax
  322. rax = rdx; //mov rax, rdx
  323. rax >>= 0xE; //shr rax, 0x0E
  324. rdx ^= rax; //xor rdx, rax
  325. rax = rdx; //mov rax, rdx
  326. rax >>= 0x1C; //shr rax, 0x1C
  327. rdx ^= rax; //xor rdx, rax
  328. rax = rdx; //mov rax, rdx
  329. rax >>= 0x38; //shr rax, 0x38
  330. rdx ^= rax; //xor rdx, rax
  331. return rdx;
  332. }
  333. case 1:
  334. {
  335. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084FA148]
  336. r14 = driver.base_addr + 0x54CA1D31; //lea r14, [0x0000000052137C49]
  337. rdx += r11; //add rdx, r11
  338. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD495E13]
  339. rdx += rax; //add rdx, rax
  340. rax = 0; //and rax, 0xFFFFFFFFC0000000
  341. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  342. rax ^= r9; //xor rax, r9
  343. rax = ~rax; //not rax
  344. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  345. rax = 0x48462EAD4F11FD6D; //mov rax, 0x48462EAD4F11FD6D
  346. rdx *= rax; //imul rdx, rax
  347. rax = r11; //mov rax, r11
  348. rax ^= r14; //xor rax, r14
  349. rdx -= rax; //sub rdx, rax
  350. rax = 0x83B3774C1397A303; //mov rax, 0x83B3774C1397A303
  351. rdx ^= rax; //xor rdx, rax
  352. rax = rdx; //mov rax, rdx
  353. rax >>= 0x26; //shr rax, 0x26
  354. rdx ^= rax; //xor rdx, rax
  355. rax = 0x829707C28057B2BC; //mov rax, 0x829707C28057B2BC
  356. rdx ^= rax; //xor rdx, rax
  357. return rdx;
  358. }
  359. case 2:
  360. {
  361. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F9C67]
  362. rax = rdx; //mov rax, rdx
  363. rax >>= 0x20; //shr rax, 0x20
  364. rdx ^= rax; //xor rdx, rax
  365. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD49568B]
  366. rdx ^= rax; //xor rdx, rax
  367. rax = 0; //and rax, 0xFFFFFFFFC0000000
  368. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  369. rax ^= r9; //xor rax, r9
  370. rax = ~rax; //not rax
  371. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  372. rax = r11; //mov rax, r11
  373. uintptr_t RSP_0x40;
  374. RSP_0x40 = driver.base_addr + 0x3A246E06; //lea rax, [0x00000000376DC849] : RSP+0x40
  375. rax ^= RSP_0x40; //xor rax, [rsp+0x40]
  376. rdx += rax; //add rdx, rax
  377. rax = 0xC391B266D5217A5F; //mov rax, 0xC391B266D5217A5F
  378. rdx ^= rax; //xor rdx, rax
  379. rax = 0x5B7F3E818AF67A35; //mov rax, 0x5B7F3E818AF67A35
  380. rdx ^= rax; //xor rdx, rax
  381. rax = rdx; //mov rax, rdx
  382. rax >>= 0x1A; //shr rax, 0x1A
  383. rdx ^= rax; //xor rdx, rax
  384. rax = rdx; //mov rax, rdx
  385. rax >>= 0x34; //shr rax, 0x34
  386. rdx ^= rax; //xor rdx, rax
  387. rax = 0x19C8F1552DE67BBF; //mov rax, 0x19C8F1552DE67BBF
  388. rdx *= rax; //imul rdx, rax
  389. return rdx;
  390. }
  391. case 3:
  392. {
  393. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F977F]
  394. rax = driver.base_addr + 0xBD6; //lea rax, [0xFFFFFFFFFD495F43]
  395. rax -= r11; //sub rax, r11
  396. rax ^= r11; //xor rax, r11
  397. rdx ^= rax; //xor rdx, rax
  398. rax = 0xAA6F288FD0E3CBF; //mov rax, 0xAA6F288FD0E3CBF
  399. rdx *= rax; //imul rdx, rax
  400. r15 = 0x702F07A4D309E97C; //mov r15, 0x702F07A4D309E97C
  401. rdx += r15; //add rdx, r15
  402. rax = 0; //and rax, 0xFFFFFFFFC0000000
  403. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  404. rax ^= r9; //xor rax, r9
  405. rax = ~rax; //not rax
  406. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  407. rdx ^= r11; //xor rdx, r11
  408. rax = 0x65D0349BA5FED43B; //mov rax, 0x65D0349BA5FED43B
  409. rdx *= rax; //imul rdx, rax
  410. rax = rdx; //mov rax, rdx
  411. rax >>= 0x12; //shr rax, 0x12
  412. rdx ^= rax; //xor rdx, rax
  413. rax = rdx; //mov rax, rdx
  414. rax >>= 0x24; //shr rax, 0x24
  415. rdx ^= rax; //xor rdx, rax
  416. return rdx;
  417. }
  418. case 4:
  419. {
  420. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F9390]
  421. r15 = driver.base_addr + 0x8817; //lea r15, [0xFFFFFFFFFD49D977]
  422. rdx ^= r11; //xor rdx, r11
  423. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD494FC7]
  424. rdx -= rax; //sub rdx, rax
  425. rax = 0; //and rax, 0xFFFFFFFFC0000000
  426. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  427. rax ^= r10; //xor rax, r10
  428. rax = ~rax; //not rax
  429. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  430. rax = 0x647DC95B2924B45D; //mov rax, 0x647DC95B2924B45D
  431. rdx *= rax; //imul rdx, rax
  432. rax = rdx; //mov rax, rdx
  433. rax >>= 0xF; //shr rax, 0x0F
  434. rdx ^= rax; //xor rdx, rax
  435. rax = rdx; //mov rax, rdx
  436. rax >>= 0x1E; //shr rax, 0x1E
  437. rdx ^= rax; //xor rdx, rax
  438. rax = rdx; //mov rax, rdx
  439. rax >>= 0x3C; //shr rax, 0x3C
  440. rdx ^= rax; //xor rdx, rax
  441. rax = r11; //mov rax, r11
  442. rax ^= r15; //xor rax, r15
  443. rdx += rax; //add rdx, rax
  444. rax = 0x66F54217655405BD; //mov rax, 0x66F54217655405BD
  445. rdx *= rax; //imul rdx, rax
  446. return rdx;
  447. }
  448. case 5:
  449. {
  450. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F8E6E]
  451. rax = r11; //mov rax, r11
  452. rax -= driver.base_addr; //sub rax, [rsp+0xC8] -- didn't find trace -> use base
  453. rax += 0xFFFFFFFFDA207ED1; //add rax, 0xFFFFFFFFDA207ED1
  454. rdx += rax; //add rdx, rax
  455. rax = rdx; //mov rax, rdx
  456. rax >>= 0x12; //shr rax, 0x12
  457. rdx ^= rax; //xor rdx, rax
  458. rax = rdx; //mov rax, rdx
  459. rax >>= 0x24; //shr rax, 0x24
  460. rdx ^= rax; //xor rdx, rax
  461. rax = r11; //mov rax, r11
  462. rax -= driver.base_addr; //sub rax, [rsp+0xC8] -- didn't find trace -> use base
  463. rax -= 0x39EDAA32; //sub rax, 0x39EDAA32
  464. rdx ^= rax; //xor rdx, rax
  465. rax = 0x24AC8C57718FF261; //mov rax, 0x24AC8C57718FF261
  466. rdx *= rax; //imul rdx, rax
  467. rax = 0x5997D68B6A65573B; //mov rax, 0x5997D68B6A65573B
  468. rdx *= rax; //imul rdx, rax
  469. rax = 0x5FD1C67422180770; //mov rax, 0x5FD1C67422180770
  470. rdx -= rax; //sub rdx, rax
  471. rax = 0; //and rax, 0xFFFFFFFFC0000000
  472. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  473. rax ^= r9; //xor rax, r9
  474. rax = ~rax; //not rax
  475. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  476. rax = r11; //mov rax, r11
  477. rax -= driver.base_addr; //sub rax, [rsp+0xC8] -- didn't find trace -> use base
  478. rax += 0xFFFFFFFFE77DFE7B; //add rax, 0xFFFFFFFFE77DFE7B
  479. rdx += rax; //add rdx, rax
  480. return rdx;
  481. }
  482. case 6:
  483. {
  484. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F896F]
  485. rax = 0; //and rax, 0xFFFFFFFFC0000000
  486. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  487. rax ^= r9; //xor rax, r9
  488. rax = ~rax; //not rax
  489. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  490. rax = 0x53AAB2A28C6F8FF0; //mov rax, 0x53AAB2A28C6F8FF0
  491. rdx ^= rax; //xor rdx, rax
  492. rdx -= r11; //sub rdx, r11
  493. rax = rdx; //mov rax, rdx
  494. rax >>= 0x12; //shr rax, 0x12
  495. rdx ^= rax; //xor rdx, rax
  496. rax = rdx; //mov rax, rdx
  497. rax >>= 0x24; //shr rax, 0x24
  498. rax ^= r11; //xor rax, r11
  499. rdx ^= rax; //xor rdx, rax
  500. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD494581]
  501. rdx += rax; //add rdx, rax
  502. rdx += r11; //add rdx, r11
  503. rax = 0x3EACC212565A3D5; //mov rax, 0x3EACC212565A3D5
  504. rdx *= rax; //imul rdx, rax
  505. return rdx;
  506. }
  507. case 7:
  508. {
  509. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F84E2]
  510. r14 = driver.base_addr + 0x8FBF; //lea r14, [0xFFFFFFFFFD49D26C]
  511. rax = driver.base_addr + 0xD9BA; //lea rax, [0xFFFFFFFFFD4A1A3E]
  512. rax = ~rax; //not rax
  513. rax += r11; //add rax, r11
  514. rdx += rax; //add rdx, rax
  515. rax = rdx; //mov rax, rdx
  516. rax >>= 0x1B; //shr rax, 0x1B
  517. rdx ^= rax; //xor rdx, rax
  518. rax = rdx; //mov rax, rdx
  519. rax >>= 0x36; //shr rax, 0x36
  520. rdx ^= rax; //xor rdx, rax
  521. rax = 0xC097FE30215EF7B; //mov rax, 0xC097FE30215EF7B
  522. rdx -= rax; //sub rdx, rax
  523. rdx += r11; //add rdx, r11
  524. rax = 0x27217EED83C00465; //mov rax, 0x27217EED83C00465
  525. rdx *= rax; //imul rdx, rax
  526. rax = 0; //and rax, 0xFFFFFFFFC0000000
  527. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  528. rax ^= r10; //xor rax, r10
  529. rax = ~rax; //not rax
  530. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  531. rcx = rdx; //mov rcx, rdx
  532. rdx = r11; //mov rdx, r11
  533. rdx ^= rcx; //xor rdx, rcx
  534. rdx ^= r14; //xor rdx, r14
  535. rax = 0x40FC9A08434EAB8; //mov rax, 0x40FC9A08434EAB8
  536. rdx ^= rax; //xor rdx, rax
  537. return rdx;
  538. }
  539. case 8:
  540. {
  541. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F80D1]
  542. rax = 0xC640566C96CFB225; //mov rax, 0xC640566C96CFB225
  543. rdx *= rax; //imul rdx, rax
  544. rdx ^= driver.base_addr; //xor rdx, [rsp+0xC8] -- didn't find trace -> use base
  545. rax = 0; //and rax, 0xFFFFFFFFC0000000
  546. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  547. rax ^= r9; //xor rax, r9
  548. rax = ~rax; //not rax
  549. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  550. rdx -= r11; //sub rdx, r11
  551. rax = rdx; //mov rax, rdx
  552. rax >>= 0x4; //shr rax, 0x04
  553. rdx ^= rax; //xor rdx, rax
  554. rax = rdx; //mov rax, rdx
  555. rax >>= 0x8; //shr rax, 0x08
  556. rdx ^= rax; //xor rdx, rax
  557. rax = rdx; //mov rax, rdx
  558. rax >>= 0x10; //shr rax, 0x10
  559. rdx ^= rax; //xor rdx, rax
  560. rax = rdx; //mov rax, rdx
  561. rax >>= 0x20; //shr rax, 0x20
  562. rdx ^= rax; //xor rdx, rax
  563. rdx += r11; //add rdx, r11
  564. rax = 0x36BE6884C47C6D33; //mov rax, 0x36BE6884C47C6D33
  565. rdx *= rax; //imul rdx, rax
  566. rax = r11; //mov rax, r11
  567. rax = ~rax; //not rax
  568. rax -= driver.base_addr; //sub rax, [rsp+0xC8] -- didn't find trace -> use base
  569. rax -= 0x736A3793; //sub rax, 0x736A3793
  570. rdx ^= rax; //xor rdx, rax
  571. return rdx;
  572. }
  573. case 9:
  574. {
  575. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F7BDD]
  576. r15 = driver.base_addr + 0x56B5; //lea r15, [0xFFFFFFFFFD499062]
  577. rax = r11; //mov rax, r11
  578. rax = ~rax; //not rax
  579. rax ^= r15; //xor rax, r15
  580. rdx -= rax; //sub rdx, rax
  581. rax = 0x617EE6B8548ACFF8; //mov rax, 0x617EE6B8548ACFF8
  582. rdx ^= rax; //xor rdx, rax
  583. rdx += r11; //add rdx, r11
  584. rax = 0x44AC3A1174A702A7; //mov rax, 0x44AC3A1174A702A7
  585. rdx *= rax; //imul rdx, rax
  586. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  587. rdx ^= r11; //xor rdx, r11
  588. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  589. rax = rdx; //mov rax, rdx
  590. rcx ^= r10; //xor rcx, r10
  591. rdx >>= 0x27; //shr rdx, 0x27
  592. rcx = ~rcx; //not rcx
  593. rdx ^= rax; //xor rdx, rax
  594. rdx *= driver.Read<uintptr_t>(rcx + 0x15); //imul rdx, [rcx+0x15]
  595. rax = 0x7915D47D16706192; //mov rax, 0x7915D47D16706192
  596. rdx -= rax; //sub rdx, rax
  597. return rdx;
  598. }
  599. case 10:
  600. {
  601. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F779C]
  602. r15 = driver.base_addr + 0x5A848877; //lea r15, [0x0000000057CDBDE3]
  603. rax = r15; //mov rax, r15
  604. rax = ~rax; //not rax
  605. rax ^= r11; //xor rax, r11
  606. rdx -= rax; //sub rdx, rax
  607. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD49347B]
  608. rdx ^= rax; //xor rdx, rax
  609. rax = 0x21F6FDA360F3B27; //mov rax, 0x21F6FDA360F3B27
  610. rdx *= rax; //imul rdx, rax
  611. rdx -= r11; //sub rdx, r11
  612. rax = rdx; //mov rax, rdx
  613. rax >>= 0x6; //shr rax, 0x06
  614. rdx ^= rax; //xor rdx, rax
  615. rax = rdx; //mov rax, rdx
  616. rax >>= 0xC; //shr rax, 0x0C
  617. rdx ^= rax; //xor rdx, rax
  618. rax = rdx; //mov rax, rdx
  619. rax >>= 0x18; //shr rax, 0x18
  620. rdx ^= rax; //xor rdx, rax
  621. rax = rdx; //mov rax, rdx
  622. rax >>= 0x30; //shr rax, 0x30
  623. rdx ^= rax; //xor rdx, rax
  624. rax = 0x3B33D31E5AB12803; //mov rax, 0x3B33D31E5AB12803
  625. rdx += rax; //add rdx, rax
  626. rax = 0; //and rax, 0xFFFFFFFFC0000000
  627. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  628. rax ^= r9; //xor rax, r9
  629. rax = ~rax; //not rax
  630. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  631. rax = rdx; //mov rax, rdx
  632. rax >>= 0x26; //shr rax, 0x26
  633. rdx ^= rax; //xor rdx, rax
  634. return rdx;
  635. }
  636. case 11:
  637. {
  638. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F72C4]
  639. rcx = r11; //mov rcx, r11
  640. rcx = ~rcx; //not rcx
  641. rax = driver.base_addr + 0x28691EFC; //lea rax, [0x0000000025B24CCE]
  642. rax = ~rax; //not rax
  643. rcx += rax; //add rcx, rax
  644. rdx ^= rcx; //xor rdx, rcx
  645. rax = 0x4F163BACB48EBF73; //mov rax, 0x4F163BACB48EBF73
  646. rdx += rax; //add rdx, rax
  647. rax = rdx; //mov rax, rdx
  648. rax >>= 0x14; //shr rax, 0x14
  649. rdx ^= rax; //xor rdx, rax
  650. rax = rdx; //mov rax, rdx
  651. rax >>= 0x28; //shr rax, 0x28
  652. rdx ^= rax; //xor rdx, rax
  653. rax = 0x4127EEFEDE5B92FD; //mov rax, 0x4127EEFEDE5B92FD
  654. rdx += rax; //add rdx, rax
  655. rax = rdx; //mov rax, rdx
  656. rax >>= 0x21; //shr rax, 0x21
  657. rdx ^= rax; //xor rdx, rax
  658. rax = 0; //and rax, 0xFFFFFFFFC0000000
  659. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  660. rax ^= r10; //xor rax, r10
  661. rax = ~rax; //not rax
  662. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  663. rax = rdx; //mov rax, rdx
  664. rax >>= 0x4; //shr rax, 0x04
  665. rdx ^= rax; //xor rdx, rax
  666. rax = rdx; //mov rax, rdx
  667. rax >>= 0x8; //shr rax, 0x08
  668. rdx ^= rax; //xor rdx, rax
  669. rax = rdx; //mov rax, rdx
  670. rax >>= 0x10; //shr rax, 0x10
  671. rdx ^= rax; //xor rdx, rax
  672. rax = rdx; //mov rax, rdx
  673. rax >>= 0x20; //shr rax, 0x20
  674. rdx ^= rax; //xor rdx, rax
  675. rax = 0x397EFF255639273F; //mov rax, 0x397EFF255639273F
  676. rdx *= rax; //imul rdx, rax
  677. return rdx;
  678. }
  679. case 12:
  680. {
  681. r9 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r9, [0x00000000084F6D60]
  682. r15 = driver.base_addr + 0x41C6E8B9; //lea r15, [0x000000003F1013E9]
  683. rdx += r11; //add rdx, r11
  684. rax = rdx; //mov rax, rdx
  685. rax >>= 0x22; //shr rax, 0x22
  686. rdx ^= rax; //xor rdx, rax
  687. rax = 0x233E216C40FA2CDF; //mov rax, 0x233E216C40FA2CDF
  688. rdx ^= rax; //xor rdx, rax
  689. rax = rdx; //mov rax, rdx
  690. rax >>= 0x18; //shr rax, 0x18
  691. rdx ^= rax; //xor rdx, rax
  692. rax = rdx; //mov rax, rdx
  693. rax >>= 0x30; //shr rax, 0x30
  694. rdx ^= rax; //xor rdx, rax
  695. rax = r11; //mov rax, r11
  696. rax ^= r15; //xor rax, r15
  697. rdx ^= rax; //xor rdx, rax
  698. rax = 0x6773B66CDA475049; //mov rax, 0x6773B66CDA475049
  699. rdx *= rax; //imul rdx, rax
  700. uintptr_t RSP_0x80;
  701. RSP_0x80 = 0xF154E6D1B3660D73; //mov rax, 0xF154E6D1B3660D73 : RSP+0x80
  702. rdx ^= RSP_0x80; //xor rdx, [rsp+0x80]
  703. rax = 0; //and rax, 0xFFFFFFFFC0000000
  704. rax = _rotl64(rax, 0x10); //rol rax, 0x10
  705. rax ^= r9; //xor rax, r9
  706. rax = ~rax; //not rax
  707. rdx *= driver.Read<uintptr_t>(rax + 0x15); //imul rdx, [rax+0x15]
  708. return rdx;
  709. }
  710. case 13:
  711. {
  712. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F6845]
  713. r15 = driver.base_addr + 0x102B1DCA; //lea r15, [0x000000000D7443DF]
  714. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD492564]
  715. rax += 0xBA17; //add rax, 0xBA17
  716. rax += r11; //add rax, r11
  717. rdx += rax; //add rdx, rax
  718. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  719. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  720. rax = driver.base_addr + 0x9610; //lea rax, [0xFFFFFFFFFD49B8B9]
  721. rax = ~rax; //not rax
  722. rcx ^= r10; //xor rcx, r10
  723. rax -= r11; //sub rax, r11
  724. rcx = ~rcx; //not rcx
  725. rdx += rax; //add rdx, rax
  726. rdx *= driver.Read<uintptr_t>(rcx + 0x15); //imul rdx, [rcx+0x15]
  727. rax = rdx; //mov rax, rdx
  728. rax >>= 0x15; //shr rax, 0x15
  729. rdx ^= rax; //xor rdx, rax
  730. rax = rdx; //mov rax, rdx
  731. rax >>= 0x2A; //shr rax, 0x2A
  732. rdx ^= rax; //xor rdx, rax
  733. rax = 0x6A8B294107CC0501; //mov rax, 0x6A8B294107CC0501
  734. rdx ^= rax; //xor rdx, rax
  735. rax = 0x2EA5061AACD42452; //mov rax, 0x2EA5061AACD42452
  736. rdx -= rax; //sub rdx, rax
  737. rax = r11; //mov rax, r11
  738. rax = ~rax; //not rax
  739. rax ^= r15; //xor rax, r15
  740. rdx += rax; //add rdx, rax
  741. rax = 0x4EB7AE4244212391; //mov rax, 0x4EB7AE4244212391
  742. rdx *= rax; //imul rdx, rax
  743. return rdx;
  744. }
  745. case 14:
  746. {
  747. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F6412]
  748. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD49210C]
  749. rdx ^= rax; //xor rdx, rax
  750. rax = 0xC752E26BA360D032; //mov rax, 0xC752E26BA360D032
  751. rdx ^= rax; //xor rdx, rax
  752. rax = rdx; //mov rax, rdx
  753. rax >>= 0x19; //shr rax, 0x19
  754. rdx ^= rax; //xor rdx, rax
  755. rax = rdx; //mov rax, rdx
  756. rax >>= 0x32; //shr rax, 0x32
  757. rdx ^= rax; //xor rdx, rax
  758. rax = rdx; //mov rax, rdx
  759. rax >>= 0xD; //shr rax, 0x0D
  760. rdx ^= rax; //xor rdx, rax
  761. rax = rdx; //mov rax, rdx
  762. rax >>= 0x1A; //shr rax, 0x1A
  763. rdx ^= rax; //xor rdx, rax
  764. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  765. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  766. rax = rdx; //mov rax, rdx
  767. rcx ^= r10; //xor rcx, r10
  768. rax >>= 0x34; //shr rax, 0x34
  769. rcx = ~rcx; //not rcx
  770. rdx ^= rax; //xor rdx, rax
  771. rdx *= driver.Read<uintptr_t>(rcx + 0x15); //imul rdx, [rcx+0x15]
  772. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD491DB2]
  773. rdx ^= rax; //xor rdx, rax
  774. rax = 0x5436A045E6437655; //mov rax, 0x5436A045E6437655
  775. rdx *= rax; //imul rdx, rax
  776. return rdx;
  777. }
  778. case 15:
  779. {
  780. r10 = driver.Read<uintptr_t>(driver.base_addr + 0xB06421D); //mov r10, [0x00000000084F5F77]
  781. rax = rdx; //mov rax, rdx
  782. rax >>= 0x6; //shr rax, 0x06
  783. rdx ^= rax; //xor rdx, rax
  784. rax = rdx; //mov rax, rdx
  785. rax >>= 0xC; //shr rax, 0x0C
  786. rdx ^= rax; //xor rdx, rax
  787. rax = rdx; //mov rax, rdx
  788. rax >>= 0x18; //shr rax, 0x18
  789. rdx ^= rax; //xor rdx, rax
  790. rcx = 0; //and rcx, 0xFFFFFFFFC0000000
  791. rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
  792. rcx ^= r10; //xor rcx, r10
  793. rax = rdx; //mov rax, rdx
  794. rcx = ~rcx; //not rcx
  795. rax >>= 0x30; //shr rax, 0x30
  796. rdx ^= rax; //xor rdx, rax
  797. rdx *= driver.Read<uintptr_t>(rcx + 0x15); //imul rdx, [rcx+0x15]
  798. rax = driver.base_addr; //lea rax, [0xFFFFFFFFFD491AE1]
  799. rdx += rax; //add rdx, rax
  800. rax = rdx; //mov rax, rdx
  801. rax >>= 0x24; //shr rax, 0x24
  802. rdx ^= rax; //xor rdx, rax
  803. rax = 0xB6C3A6FE99C92A23; //mov rax, 0xB6C3A6FE99C92A23
  804. rdx *= rax; //imul rdx, rax
  805. rax = rdx; //mov rax, rdx
  806. rax >>= 0x9; //shr rax, 0x09
  807. rdx ^= rax; //xor rdx, rax
  808. rax = rdx; //mov rax, rdx
  809. rax >>= 0x12; //shr rax, 0x12
  810. rdx ^= rax; //xor rdx, rax
  811. rax = rdx; //mov rax, rdx
  812. rax >>= 0x24; //shr rax, 0x24
  813. rdx ^= rax; //xor rdx, rax
  814. rax = 0xD7420EB04571AACF; //mov rax, 0xD7420EB04571AACF
  815. rdx *= rax; //imul rdx, rax
  816. rax = 0x578A3A3D4AF2D633; //mov rax, 0x578A3A3D4AF2D633
  817. rdx += rax; //add rdx, rax
  818. return rdx;
  819. }
  820. }
  821. }
  822. uint16_t get_bone_index(const Driver& driver, uint32_t bone_index)
  823. {
  824. const uint64_t mb = driver.base_addr;
  825. uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
  826. rdi = bone_index;
  827. rcx = rdi * 0x13C8;
  828. rax = 0xCC70CD3D3E0A7B49; //mov rax, 0xCC70CD3D3E0A7B49
  829. rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
  830. r11 = driver.base_addr; //lea r11, [0xFFFFFFFFFD7FE0F5]
  831. r10 = 0x45F86A52798F52B7; //mov r10, 0x45F86A52798F52B7
  832. rdx >>= 0xC; //shr rdx, 0x0C
  833. rax = rdx * 0x1409; //imul rax, rdx, 0x1409
  834. rcx -= rax; //sub rcx, rax
  835. rax = 0xDC9D0ECFCB6E9379; //mov rax, 0xDC9D0ECFCB6E9379
  836. r8 = rcx * 0x1409; //imul r8, rcx, 0x1409
  837. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  838. rdx >>= 0xD; //shr rdx, 0x0D
  839. rax = rdx * 0x2522; //imul rax, rdx, 0x2522
  840. r8 -= rax; //sub r8, rax
  841. rax = 0x49539E3B2D066EA3; //mov rax, 0x49539E3B2D066EA3
  842. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  843. rax = r8; //mov rax, r8
  844. rax -= rdx; //sub rax, rdx
  845. rax >>= 0x1; //shr rax, 0x01
  846. rax += rdx; //add rax, rdx
  847. rax >>= 0x9; //shr rax, 0x09
  848. rcx = rax * 0x31C; //imul rcx, rax, 0x31C
  849. rax = 0xD79435E50D79435F; //mov rax, 0xD79435E50D79435F
  850. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  851. rdx >>= 0x4; //shr rdx, 0x04
  852. rcx += rdx; //add rcx, rdx
  853. rax = rcx * 0x26; //imul rax, rcx, 0x26
  854. rcx = r8 + r8 * 4; //lea rcx, [r8+r8*4]
  855. rcx <<= 0x3; //shl rcx, 0x03
  856. rcx -= rax; //sub rcx, rax
  857. rax = driver.Read<uint16_t>(rcx + r11 * 1 + 0xB0E6420); //movzx eax, word ptr [rcx+r11*1+0xB0E6420]
  858. r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
  859. rax = r10; //mov rax, r10
  860. rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
  861. rax = r10; //mov rax, r10
  862. rdx >>= 0xB; //shr rdx, 0x0B
  863. rcx = rdx * 0x1D45; //imul rcx, rdx, 0x1D45
  864. r8 -= rcx; //sub r8, rcx
  865. r9 = r8 * 0x39A6; //imul r9, r8, 0x39A6
  866. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  867. rdx >>= 0xB; //shr rdx, 0x0B
  868. rax = rdx * 0x1D45; //imul rax, rdx, 0x1D45
  869. r9 -= rax; //sub r9, rax
  870. rax = 0x88ECF206D1CD0DD7; //mov rax, 0x88ECF206D1CD0DD7
  871. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  872. rax = 0xAAAAAAAAAAAAAAAB; //mov rax, 0xAAAAAAAAAAAAAAAB
  873. rdx >>= 0xB; //shr rdx, 0x0B
  874. rcx = rdx * 0xEF5; //imul rcx, rdx, 0xEF5
  875. rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
  876. rdx >>= 0x1; //shr rdx, 0x01
  877. rcx += rdx; //add rcx, rdx
  878. rax = rcx + rcx * 2; //lea rax, [rcx+rcx*2]
  879. rax += rax; //add rax, rax
  880. rcx = r9 * 8 + 0x0; //lea rcx, [r9*8]
  881. rcx -= rax; //sub rcx, rax
  882. r15 = driver.Read<uint16_t>(rcx + r11 * 1 + 0xB0EDA50); //movsx r15d, word ptr [rcx+r11*1+0xB0EDA50]
  883. return r15;
  884. }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!