6086
"enable .74"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
{$lua}
function lua_aobscan(name,module,bytes,index)
index = index - 1
if(module == "") then
local resultSet = AOBScan(bytes)
if(resultSet == nil) then
unregisterSymbol(name)
print(name.." not found")
else
unregisterSymbol(name)
registerSymbol(name,resultSet[index])
resultSet.destroy()
end
else
if(getModuleSize(module) == nil) then
print("Module "..module.." not found")
else
local memScanner = createMemScan()
local memFoundList = createFoundList(memScanner)
memScanner.firstScan(
soExactValue,vtByteArray,rtRounded,bytes,nil,
getAddress(module),(getAddress(module)+getModuleSize(module)),"",
fsmNotAligned,"",true,false,false,false)
memScanner.waitTillDone()
memFoundList.initialize()
if(memFoundList.Count == 0) then
unregisterSymbol(name)
print(name.." in module "..module.." not found")
else
unregisterSymbol(name)
registerSymbol(name,memFoundList.Address[index])
end
memScanner.destroy()
memFoundList.destroy()
end
end
end
{$asm}
//luaCall(lua_aobscan("humanStaminaWritesAOB","ffxv_s.exe","F3 0F 10 ** ** ** ** ** F3 0F 5D C1 F3 0F 11 ** ** ** ** ** C3",2))
//luaCall(lua_aobscan("techWritesAOB","ffxv_s.exe","F3 0F 10 ** ** ** ** ** F3 0F 5D C1 F3 0F 11 ** ** ** ** ** C3",3))
///***********************************************///
//aobscanmodule(healthReadOnChangeAOB,ffxv_s.exe,8B ** ** ** ** ** 2B ** 8B ** ** ** ** ** ** ** 41 ** ** 89)
//registersymbol(healthReadOnChangeAOB)
luaCall(lua_aobscan("healthReadOnChangeAOB","ffxv_s.exe","8B ** ** ** ** ** 2B 02 8B ** ** ** ** ** ** ** 41",2))
label(dMinHealth)
registersymbol(dMinHealth)
label(pEntityJustBeenHit)
registersymbol(pEntityJustBeenHit)
label(bUndeadTeam)
registersymbol(bUndeadTeam)
label(bUndead)
registersymbol(bUndead)
label(bAdvanceEvadeKey)
registersymbol(bAdvanceEvadeKey)
alloc(newmem,2048,healthReadOnChangeAOB) //"ffxv_s.exe"+1F8AB7)
label(originalcode_undead)
registersymbol(originalcode_undead)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push r12
mov r12,pEntityJustBeenHit
mov [r12],rbx
xor rax,rax
mov r12,bUndeadTeam
cmp byte ptr [r12],1
jne @f
//cmp dword ptr [rbx+264],0000ff00 //0xff00 - team
//je dominhealth
cmp dword ptr [rbx+174],ffffffff //0,1,2,3,4.. - team
jne dominhealth
cmp dword ptr [rbx+15c],0 //0 - team
jne dominhealth
@@:
mov r12,bUndead
cmp dword ptr [rbx+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rbx+d8],'is' //0x7369
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rbx+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rbx+dc],'s' //0x73
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rbx+d8],'pt' //0x7470
jne @f
cmp byte ptr [rbx+da],'o' //0x6f
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rbx+d8],'s' //0x73
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],706c6f53
jne @f
cmp word ptr [rbx+d8],6968
jne @f
cmp word ptr [rbx+da],65
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],00726f43 //'Cor'+0x00
je dominhealth
@@:
inc rax
cmp dword ptr [rbx+d4],73697249 //'Iris'
je dominhealth
@@:
jmp end
dominhealth:
cmp byte ptr [r12+rax],1
jne @f
readmem(healthReadOnChangeAOB,6)
//mov eax,[rbx+198]
sub eax,[rdx]
mov r12,dMinHealth
cmp eax,[r12]
jge @f
mov eax,[r12]
add eax,[edx]
db 89
readmem(healthReadOnChangeAOB+1,5)
//mov [rbx+198],eax
end:
pop r12
originalcode_undead:
readmem(healthReadOnChangeAOB,14)
//mov eax,[rbx+00000198]
//sub eax,[rdx]
//mov ecx,[rbx+0000019C]
exit:
jmp healthReadOnChangeAOB+e
///
bAdvanceEvadeKey:
dd 0
dMinHealth:
dd 0
pEntityJustBeenHit:
dq 0
dq 0
bUndeadTeam:
dd 0
bUndead:
db 0 //Noctis
db 0 //Gladiolus
db 0 //Prompto
db 0 //Ignis
db 0 //
db 0 //Cor
db 0 //Iris
///
healthReadOnChangeAOB: //"ffxv_s.exe"+1F8AB7:
jmp newmem
///***********************************************///
luaCall(lua_aobscan("maxHealthReadOnChangeAOB","ffxv_s.exe","8B ** ** ** ** ** 2B 02 8B ** ** ** ** ** ** ** 41",1))
alloc(newmem2,2048,maxHealthReadOnChangeAOB) //"ffxv_s.exe"+1F9D17)
label(originalcode2_undead)
registersymbol(originalcode2_undead)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
push r12
mov r12,pEntityJustBeenHit
mov [r12],rbx
mov r12,bUndeadTeam
cmp byte ptr [r12],1
jne @f
//cmp dword ptr [rbx+264],0000ff00 //0xff00 - team, 0xffff - not team, 0x00000000 - ?
//je dominmaxhealth2
cmp dword ptr [rbx+174],ffffffff //0,1,2,3,4.. - team
jne dominmaxhealth2
cmp dword ptr [rbx+15c],0 //0 - team
jne dominmaxhealth2
@@:
xor rax,rax
mov r12,bUndead
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rbx+d8],'is' //0x7369
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rbx+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rbx+dc],'s' //0x73
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rbx+d8],'pt' //0x7470
jne @f
cmp byte ptr [rbx+da],'o' //0x6f
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rbx+d8],'s' //0x73
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rbx+d8],'s' //0x73
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],706c6f53
jne @f
cmp word ptr [rbx+d8],6968
jne @f
cmp byte ptr [rbx+da],65
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],00726f43 //'Cor'+0x00
je dominmaxhealth2
@@:
inc rax
cmp byte ptr [r12+rax],1
jne @f
cmp dword ptr [rbx+d4],73697249 //'Iris'
je dominmaxhealth2
@@:
jmp end2
dominmaxhealth2:
readmem(maxHealthReadOnChangeAOB,6)
//mov eax,[rbx+18c]
sub eax,[rdx]
mov r12,dMinHealth
mov r12d,[r12]
inc r12d
cmp eax,r12d
jge @f
mov eax,r12d
add eax,[edx]
db 89
readmem(maxHealthReadOnChangeAOB+1,5)
//mov [rbx+19c],eax
end2:
pop r12
originalcode2_undead:
readmem(maxHealthReadOnChangeAOB,14)
//mov eax,[rbx+0000019C]
//sub eax,[rdx]
//mov ecx,[rbx+000001a0]
exit2:
jmp maxHealthReadOnChangeAOB+e
///
maxHealthReadOnChangeAOB: //"ffxv_s.exe"+1F9D17:
jmp newmem2
///***********************************************///
aobscanmodule(partyCurMaxHealthReadAOB,ffxv_s.exe,FF 90 ** ** ** ** 8B 80 9C 01 00 00 48 ** ** ** 5B C3 48 ** ** ** 5B C3)
registersymbol(partyCurMaxHealthReadAOB)
label(pNoctisAutoEvadeFlag)
registersymbol(pNoctisAutoEvadeFlag)
label(pNoctisAutoEvadeTimer)
registersymbol(pNoctisAutoEvadeTimer)
label(pParty)
registersymbol(pParty)
alloc(newmem6,2048,partyCurMaxHealthReadAOB) //"ffxv_s.exe"+5B6712C)
label(originalcode6_enable)
registersymbol(originalcode6_enable)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(partyCurMaxHealthReadAOB,6)
push rcx
mov rbx,pParty
xor rcx,rcx
cmp dword ptr [rax+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rax+d8],'is' //0x7369
jne @f
push rdx
push rdi
mov rdx,pNoctisAutoEvadeFlag
lea rdi,[rax+a+268]
mov [rdx],rdi
lea rdi,[rax+a*2+368]
mov [rdx+8],rdi
pop rdi
pop rdx
jmp assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rax+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rax+dc],'s' //0x73
je assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rax+d8],'pt' //0x7470
jne @f
cmp byte ptr [rax+da],'o' //0x6f
je assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rax+d8],'s' //0x73
je assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],706c6f53
jne @f
cmp word ptr [rax+d8],6968
jne @f
cmp byte ptr [rax+da],65
je assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],00726f43 //'Cor'+0x00
je assignpparty6
@@:
inc rcx
cmp dword ptr [rax+d4],73697249 //'Iris'
je assignpparty6
@@:
jmp end6
assignpparty6:
mov [rbx+rcx*8],rax
end6:
pop rcx
readmem(partyCurMaxHealthReadAOB+6,10)
jmp exit6
originalcode6_enable:
readmem(partyCurMaxHealthReadAOB,16)
//call qword ptr [rax+00000AA8]
//mov eax,[rax+0000018C]
//add rsp,20
exit6:
jmp partyCurMaxHealthReadAOB+10
///
pNoctisAutoEvadeFlag:
dq 0
pNoctisAutoEvadeTimer:
dq 0
pParty:
///
partyCurMaxHealthReadAOB: //"ffxv_s.exe"+5B6712C:
jmp newmem6
///***********************************************///
aobscanmodule(weaponStructureBaseReadInCGearsMenusAOB,ffxv_s.exe,44 ** ** BA ** ** ** ** 48 ** ** ** ** E8 ** ** ** ** 83 ** ** ** ** 74 ** 48 ** ** ** ** ** 74 ** 33 ** 8B)
registersymbol(weaponStructureBaseReadInCGearsMenusAOB)
label(pCWeaponStats)
registersymbol(pCWeaponStats)
alloc(newmem11,2048,weaponStructureBaseReadInCGearsMenusAOB) //"ffxv_s.exe"+7C42F2)
label(originalcode11_enable)
registersymbol(originalcode11_enable)
label(exit11)
newmem11: //this is allocated memory, you have read,write,execute access
//place your code here
mov rcx,pCWeaponStats
mov [rcx],ebx
readmem(weaponStructureBaseReadInCGearsMenusAOB,13)
reassemble(weaponStructureBaseReadInCGearsMenusAOB+d)
jmp exit11
originalcode11_enable:
readmem(weaponStructureBaseReadInCGearsMenusAOB,18)
//mov r8d,[rbx]
//mov edx,0101AA13
//lea rcx,[rsp+28]
//call ffxv_s.exe+265350
exit11:
jmp weaponStructureBaseReadInCGearsMenusAOB+12
///
pCWeaponStats:
///
weaponStructureBaseReadInCGearsMenusAOB: //"ffxv_s.exe"+7C42F2:
jmp newmem11
///***********************************************///
/*
aobscanmodule(weaponAttkRead1AOB,ffxv_s.exe,8B ** 1C 44 ** ** 20 8B ** 14 89)
registersymbol(weaponAttkRead1AOB)
label(bDamageMultiplierEnable)
registersymbol(bDamageMultiplierEnable)
label(dDamageMultiplierC)
registersymbol(dDamageMultiplierC)
label(bTeamWeaponDamageMultiply)
registersymbol(bTeamWeaponDamageMultiply)
label(dTeamWeaponDamageMultiplier)
registersymbol(dTeamWeaponDamageMultiplier)
label(dWeaponDamageMultiplier)
registersymbol(dWeaponDamageMultiplier)
alloc(newmem12,2048,weaponAttkRead1AOB) //"ffxv_s.exe"+6043095)
label(originalcode12_weapondamagemultipier)
registersymbol(originalcode12_weapondamagemultipier)
label(exit12)
newmem12: //this is allocated memory, you have read,write,execute access
//place your code here
mov r12,bDamageMultiplierEnable
cmp byte ptr [r12],1
jne donormalweapondamage12
mov rsi,1
mov r12,bTeamWeaponDamageMultiply
cmp byte ptr [r12],1
jne @f
cmp dword ptr [rbx+254],0000ff00
je doweapondamagemultiply12
@@:
xor rsi,rsi
mov r12,dWeaponDamageMultiplier
cmp dword ptr [rbx+c4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rbx+c8],'is' //0x7369
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rbx+c8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rbx+cc],'s' //0x73
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rbx+c8],'pt' //0x7470
jne @f
cmp byte ptr [rbx+ca],'o' //0x6f
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rbx+c8],'s' //0x73
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],706c6f53
jne @f
cmp word ptr [rbx+c8],6968
jne @f
cmp word ptr [rbx+ca],65
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],00726f43 //'Cor'+0x00
je doweapondamagemultiply12
@@:
inc rsi
cmp dword ptr [rbx+c4],73697249 //'Iris'
je doweapondamagemultiply12
@@:
jmp donormalweapondamage12
doweapondamagemultiply12:
cmp dword ptr [r12+rsi*4],(float)1
je @f
//push [rax+1c]
//fild dword ptr [rsp]
//fmul dword ptr [r12+rsi*4]
//fistp dword ptr [rsp]
fld dword ptr [r12+rsi*4]
mov r12,dDamageMultiplierC
fstp dword ptr [r12]
//pop rsi
jmp end12
donormalweapondamage12:
fld1
mov r12,dDamageMultiplierC
fstp dword ptr [r12]
end12:
originalcode12_weapondamagemultipier:
readmem(weaponAttkRead1AOB,14)
//mov esi,[rax+1C]
//mov r12d,[rax+20]
//mov ebp,[rax+14]
//mov [rsp+68],ecx
exit12:
jmp weaponAttkRead1AOB+e
///
bDamageMultiplierEnable:
dd 0
dDamageMultiplierC:
dd (float)1
bTeamWeaponDamageMultiply:
dd 0
dTeamWeaponDamageMultiplier:
dd (float)2
dWeaponDamageMultiplier:
dd (float)10 //Noctis
dd (float)1 //Gladiolus
dd (float)1 //Prompto
dd (float)1 //Ignis
dd (float)10 //
dd (float)1 //Cor
dd (float)1 //Iris
///
weaponAttkRead1AOB: //"ffxv_s.exe"+6043095:
jmp newmem12
///***********************************************///
aobscanmodule(damageOutputAdjustAfterCapChhAOB,ffxv_s.exe,8B ** ** 0F B6 C0 85 DB B9 ** ** ** ** 0F)
registersymbol(damageOutputAdjustAfterCapChhAOB)
label(bCustomDamageCap)
registersymbol(bCustomDamageCap)
label(dCustomDamageCap)
registersymbol(dCustomDamageCap)
label(bDamageMultiplierEnable)
registersymbol(bDamageMultiplierEnable)
label(dDamageMultiplierC)
registersymbol(dDamageMultiplierC)
label(bTeamWeaponDamageMultiply)
registersymbol(bTeamWeaponDamageMultiply)
label(dTeamWeaponDamageMultiplier)
registersymbol(dTeamWeaponDamageMultiplier)
label(dWeaponDamageMultiplier)
registersymbol(dWeaponDamageMultiplier)
alloc(newmem14,2048,damageOutputAdjustAfterCapChhAOB) //"ffxv_s.exe"+AF397)
label(dodamagemultiply14)
registersymbol(dodamagemultiply14)
label(originalcode14_damagecapraised)
registersymbol(originalcode14_damagecapraised)
label(exit14)
newmem14: //this is allocated memory, you have read,write,execute access
//place your code here
test edi,edi
js originalcode14_damagecapraised
mov rax,bDamageMultiplierEnable
cmp byte ptr [rax],1
jne bcustomdamagecapchk14
mov rcx,[rbp-58]
//
push rsi
//push rax
push rcx
push rdx
push r8
push r9
mov rbx,r8
//
mov rdx,8
////rcx
call isbadreadptr
////test eax,eax
//
mov r8,rbx
mov [rsp+8],r8
pop r9
pop r8
pop rdx
pop rcx
//pop rax
pop rsi
//
test eax,eax
jnz bcustomdamagecapchk14
mov rbx,1
mov rax,bTeamWeaponDamageMultiply
cmp byte ptr [rax],1
jne @f
cmp dword ptr [rcx+264],0000ff00
je dodamagemultiply14
@@:
xor rbx,rbx
mov rax,dWeaponDamageMultiplier
cmp dword ptr [rcx+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rcx+d8],'is' //0x7369
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rcx+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rcx+dc],'s' //0x73
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rcx+d8],'pt' //0x7470
jne @f
cmp byte ptr [rcx+da],'o' //0x6f
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rcx+d8],'s' //0x73
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],706c6f53
jne @f
cmp word ptr [rcx+d8],6968
jne @f
cmp word ptr [rcx+da],65
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],00726f43 //'Cor'+0x00
je dodamagemultiply14
@@:
inc rbx
cmp dword ptr [rcx+d4],73697249 //'Iris'
je dodamagemultiply14
@@:
jmp bcustomdamagecapchk14
dodamagemultiply14:
push rdi
fild dword ptr [rsp]
fmul dword ptr [rax+rbx*4]
fistp dword ptr [rsp]
pop rdi
test edi,edi
jns @f
mov edi,7fffffff
bcustomdamagecapchk14:
mov ecx,#9999
mov eax,#99999
test r14d,r14d
cmovnz ecx,eax
mov rax,bCustomDamageCap
cmp byte ptr [rax],1
mov rax,dCustomDamageCap
mov eax,[rax]
cmove ecx,eax
mov ebx,edi
cmp ebx,ecx
jle @f
mov ebx,ecx
originalcode14_damagecapraised:
readmem(damageOutputAdjustAfterCapChhAOB,16)
//mov eax,[rbp-28]
//movzx eax,al
//test ebx,ebx
//mov ecx,00000001
//cmovg eax,ecx
exit14:
jmp damageOutputAdjustAfterCapChhAOB+10
///
bCustomDamageCap:
dd 0
dCustomDamageCap:
dd #1000000000
dd 0
bDamageMultiplierEnable:
dd 0
dDamageMultiplierC:
dd (float)1
bTeamWeaponDamageMultiply:
dd 0
dTeamWeaponDamageMultiplier:
dd (float)2
dWeaponDamageMultiplier:
dd (float)10 //Noctis
dd (float)1 //Gladiolus
dd (float)1 //Prompto
dd (float)1 //Ignis
dd (float)10 //
dd (float)1 //Cor
dd (float)1 //Iris
///
damageOutputAdjustAfterCapChhAOB: //"ffxv_s.exe"+AF397:
jmp newmem14
///***********************************************///
aobscanmodule(techWritesAOB,ffxv_s.exe,72 0C F3 0F 10 ** C4 57 00 00 F3 0F 5D C1 F3 0F 11 ** ** ** ** ** C3)
registersymbol(techWritesAOB)
label(pSomeGameInfoA)
registersymbol(pSomeGameInfoA)
label(bMaxTech)
registersymbol(bMaxTech)
alloc(newmem17,2048,techWritesAOB) //"ffxv_s.exe"+74B76B6)
label(originalcode17_enable)
registersymbol(originalcode17_enable)
label(exit17)
newmem17: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
jb @f
mov rax,pSomeGameInfoA
mov [rax],rcx
readmem(techWritesAOB+2,8)
mov rax,bMaxTech
cmp byte ptr [rax],1
je @f
readmem(techWritesAOB+a,4)
end17:
pop rax
jmp exit17
originalcode17_enable:
readmem(techWritesAOB,14)
//jb ffxv_s.exe+74B76C4
//movss xmm0,[rcx+000057C4]
//minss xmm0,xmm1
exit17:
jmp techWritesAOB+e
///
pSomeGameInfoA:
dq 0
bMaxTech:
dd 0
///
techWritesAOB: //"ffxv_s.exe"+74B76B6:
jmp newmem17
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
healthReadOnChangeAOB: //"ffxv_s.exe"+1F8AB7:
readmem(originalcode_undead,14)
//db 8B 83 88 01 00 00 2B 02 8B 8B 8C 01 00 00
//Alt: mov eax,[rbx+00000188]
//Alt: sub eax,[rdx]
//Alt: mov ecx,[rbx+0000018C]
unregistersymbol(dMinHealth)
unregistersymbol(pEntityJustBeenHit)
unregistersymbol(bUndeadTeam)
unregistersymbol(bUndead)
unregistersymbol(bAdvanceEvadeKey)
unregistersymbol(originalcode_undead)
///***********************************************///
dealloc(newmem2)
maxHealthReadOnChangeAOB: //"ffxv_s.exe"+1F9D17:
readmem(originalcode2_undead,14)
//db 8B 83 8C 01 00 00 2B 02 8B 8B 90 01 00 00
//Alt: mov eax,[rbx+0000018C]
//Alt: sub eax,[rdx]
//Alt: mov ecx,[rbx+00000190]
unregistersymbol(originalcode2_undead)
///***********************************************///
dealloc(newmem6)
partyCurMaxHealthReadAOB: //"ffxv_s.exe"+5B6712C:
readmem(originalcode6_enable,16)
//db FF 90 A8 0A 00 00 8B 80 8C 01 00 00 48 83 C4 20
//Alt: call qword ptr [rax+00000AA8]
//Alt: mov eax,[rax+0000018C]
//Alt: add rsp,20
unregistersymbol(originalcode6_enable)
unregistersymbol(pNoctisAutoEvadeFlag)
unregistersymbol(pNoctisAutoEvadeTimer)
unregistersymbol(pParty)
///***********************************************///
dealloc(newmem11)
weaponStructureBaseReadInCGearsMenusAOB: //"ffxv_s.exe"+7C42F2:
readmem(originalcode11_enable,18)
//db 44 8B 03 BA 13 AA 01 01 48 8D 4C 24 28 E8 4C 10 AA FF
//Alt: mov r8d,[rbx]
//Alt: mov edx,0101AA13
//Alt: lea rcx,[rsp+28]
//Alt: call ffxv_s.exe+265350
unregistersymbol(originalcode11_enable)
unregistersymbol(pCWeaponStats)
///***********************************************///
/*
dealloc(newmem12)
weaponAttkRead1AOB: //"ffxv_s.exe"+6043095:
readmem(originalcode12_weapondamagemultipier,14)
//db 8B 70 1C 44 8B 60 20 8B 68 14 89 4C 24 68
//Alt: mov esi,[rax+1C]
//Alt: mov r12d,[rax+20]
//Alt: mov ebp,[rax+14]
//Alt: mov [rsp+68],ecx
unregistersymbol(originalcode12_weapondamagemultipier)
unregistersymbol(bDamageMultiplierEnable)
unregistersymbol(dDamageMultiplierC)
unregistersymbol(bTeamWeaponDamageMultiply)
unregistersymbol(dTeamWeaponDamageMultiplier)
unregistersymbol(dWeaponDamageMultiplier)
///***********************************************///
dealloc(newmem14)
damageOutputAdjustAfterCapChhAOB: //"ffxv_s.exe"+AF397:
readmem(originalcode14_damagecapraised,16)
//db 8B 45 D8 0F B6 C0 85 DB B9 01 00 00 00 0F 4F C1
//Alt: mov eax,[rbp-28]
//Alt: movzx eax,al
//Alt: test ebx,ebx
//Alt: mov ecx,00000001
//Alt: cmovg eax,ecx
unregistersymbol(dodamagemultiply14)
unregistersymbol(originalcode14_damagecapraised)
unregistersymbol(bCustomDamageCap)
unregistersymbol(dCustomDamageCap)
unregistersymbol(bDamageMultiplierEnable)
unregistersymbol(dDamageMultiplierC)
unregistersymbol(bTeamWeaponDamageMultiply)
unregistersymbol(dTeamWeaponDamageMultiplier)
unregistersymbol(dWeaponDamageMultiplier)
///***********************************************///
dealloc(newmem17)
techWritesAOB: //"ffxv_s.exe"+74B76B6:
readmem(originalcode17_enable,14)
//db 72 0C F3 0F 10 81 C4 57 00 00 F3 0F 5D C1
//Alt: jb ffxv_s.exe+74B76C4
//Alt: movss xmm0,[rcx+000057C4]
//Alt: minss xmm0,xmm1
unregistersymbol(originalcode17_enable)
unregistersymbol(bMaxTech)
unregistersymbol(pSomeGameInfoA)
6087
"undead .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
dMinHealth:
dd #1
bUndeadTeam:
db 0
bUndead:
db 1 //Noctis
db 1 //Gladiolus
db 1 //Prompto
db 1 //Ignis
db 1 //
db 0 //Cor
db 0 //Iris
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bUndeadTeam:
db 0
bUndead:
dd 0
db 0
db 0
db 0
6088
"min health"
008000
4 Bytes
dMinHealth
6089
"current health of the just hit entity"
0000FF
4 Bytes
pEntityJustBeenHit
188
6090
"team test"
0000ff00:team
1
0000FF
4 Bytes
pEntityJustBeenHit
254
6091
"name"
0000FF
String
128
0
0
1
pEntityJustBeenHit
c4
6092
"current max health"
0000FF
4 Bytes
+4
6093
"max health"
0000FF
4 Bytes
+4
6094
"?"
0000FF
4 Bytes
pEntityJustBeenHit
4dc
6095
"?"
0000FF
4 Bytes
+4
6096
"?"
0000FF
4 Bytes
+4
6097
"team override"
0:disabled
1:appplied
008000
Byte
bUndeadTeam
6098
"Noctis"
0:disabled
1:appplied
008000
Byte
bUndead+0
6099
""
0:disabled
1:appplied
008000
Byte
bUndead+4
6100
"Gladiolus"
0:disabled
1:appplied
008000
Byte
bUndead+1
6101
"Prompto"
0:disabled
1:appplied
008000
Byte
bUndead+2
6102
"Ignis"
0:disabled
1:appplied
008000
Byte
bUndead+3
6103
"Cor"
0:disabled
1:appplied
008000
Byte
bUndead+5
6104
"Iris"
0:disabled
1:appplied
008000
Byte
bUndead+6
6105
"max stamina .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(humanStaminaWritesAOB,ffxv_s.exe,F3 0F 10 ** 00 02 00 00 F3 0F 5D C1 F3 0F 11 ** ** ** ** ** C3)
registersymbol(humanStaminaWritesAOB)
humanStaminaWritesAOB+8: //"ffxv_s.exe"+1F3130:
db 90 0F 57 C0
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
humanStaminaWritesAOB+8: //"ffxv_s.exe"+1F3130:
db F3 0F 5D C1
//Alt: minss xmm0,xmm1
/*
ffxv_s.exe+1F3120 - 0F57 C0 - xorps xmm0,xmm0
ffxv_s.exe+1F3123 - 0F2F C8 - comiss xmm1,xmm0
ffxv_s.exe+1F3126 - 72 0C - jb ffxv_s.exe+1F3134
ffxv_s.exe+1F3128 - F3 0F10 81 F0010000 - movss xmm0,[rcx+000001F0]
>>ffxv_s.exe+1F3130 - F3 0F5D C1 - minss xmm0,xmm1
ffxv_s.exe+1F3134 - F3 0F11 81 EC010000 - movss [rcx+000001EC],xmm0
ffxv_s.exe+1F313C - C3 - ret
ffxv_s.exe+1F313D - CC - int 3
*/
6106
"max mp .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(mpChkZeroAfterChangeAOB,ffxv_s.exe,41 0F 4F D0 89 ** ** ** ** ** 45 85 C9 79)
registersymbol(mpChkZeroAfterChangeAOB)
label(bMaxMPTeam)
registersymbol(bMaxMPTeam)
label(bMaxMP)
registersymbol(bMaxMP)
alloc(newmem,2048,mpChkZeroAfterChangeAOB+a) //"ffxv_s.exe"+1F3062)
label(originalcode_maxmp)
registersymbol(originalcode_maxmp)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push r12
mov r12,bMaxMPTeam
cmp byte ptr [r12],1
jne @f
//cmp dword ptr [rax+254],0000ff00 //0xff00 - team, 0xffff - not team, 0x00000000 - ?
//je domaxmp
cmp dword ptr [rax+174],ffffffff //0,1,2,3,4.. - team
jne domaxmp
cmp dword ptr [rax+15c],0 //0 - team
jne domaxmp
@@:
xor rdx,rdx
mov r12,bMaxMP
cmp byte ptr [r12+rdx],1
jne @f
cmp dword ptr [rax+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rax+d8],'is' //0x7369
je domaxmp
@@:
inc rdx
cmp byte ptr [r12+rdx],1
jne @f
cmp dword ptr [rax+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rax+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rax+dc],'s' //0x73
je domaxmp
@@:
inc rdx
cmp byte ptr [r12+rdx],1
jne @f
cmp dword ptr [rax+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rax+d8],'pt' //0x7470
jne @f
cmp byte ptr [rax+da],'o' //0x6f
je domaxmp
@@:
inc rdx
cmp byte ptr [r12+rdx],1
jne @f
cmp dword ptr [rax+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rax+d8],'s' //0x73
je domaxmp
@@:
inc rdx
cmp byte ptr [r12+rdx],1
jne @f
cmp dword ptr [rax+d4],706c6f53
jne @f
cmp word ptr [rax+d8],6968
jne @f
cmp byte ptr [rax+da],65
je domaxmp
@@:
jmp end
domaxmp:
db 4C 8D A0
readmem(mpChkZeroAfterChangeAOB+6,4)
//lea r12,[rax+1dc]
mov r9d,[r12+4]
mov [r12],r9d
//mov r9d,[rax+1e0]
//mov [rax+1dc],r9d
end:
pop r12
push rax
mov rax,originalcode_maxmp
movzx rdx,byte ptr [rax+4]
mov rax,mpChkZeroAfterChangeAOB
lea rax,[rax+f]
add rdx,rax
pop rax
readmem(mpChkZeroAfterChangeAOB+a,3)
js @f
jmp rdx
@@:
push rax
mov rax,originalcode_maxmp
movzx rdx,byte ptr [rax+d]
mov rax,mpChkZeroAfterChangeAOB
lea rax,[rax+18]
add rdx,rax
pop rax
readmem(mpChkZeroAfterChangeAOB+f,7)
jge @f
jmp rdx
@@:
jmp exit
originalcode_maxmp:
readmem(mpChkZeroAfterChangeAOB+a,14)
//test r9d,r9d
//jns ffxv_s.exe+1F307A
//cmp dword ptr [rax+000001DC],00
//jl ffxv_s.exe+6021F8A
exit:
jmp mpChkZeroAfterChangeAOB+18
///
bMaxMPTeam:
dd 0
bMaxMP:
db 1 //Noctis
db 1 //Gladiolus
db 1 //Prompto
db 1 //Ignis
db 1 //
///
mpChkZeroAfterChangeAOB+a: //"ffxv_s.exe"+1F3062:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
mpChkZeroAfterChangeAOB+a: //"ffxv_s.exe"+1F3062:
readmem(originalcode_maxmp,14)
//db 45 85 C9 79 13 83 B8 EC 01 00 00 00 7C 0A
//Alt: test r9d,r9d
//Alt: jns ffxv_s.exe+1F307A
//Alt: cmp dword ptr [rax+000001EC],00
//Alt: jl ffxv_s.exe+6021F8A
unregistersymbol(mpChkZeroAfterChangeAOB)
unregistersymbol(originalcode_maxmp)
unregistersymbol(bMaxMPTeam)
unregistersymbol(bMaxMP)
7729
"no stasis"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
luaCall(lua_aobscan("mpConstRead1AOB","ffxv_s.exe","48 ** ** FF ** ** ** ** ** 8B 80 ** ** ** ** 48 ** ** ** 5B C3",4))
alloc(newmem2,2048,mpConstRead1AOB+3) //"ffxv_s.exe"+5A1A3AC)
label(originalcode2_maxmp)
registersymbol(originalcode2_maxmp)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(mpConstRead1AOB+3,6)
push r12
mov r12,bMaxMPTeam
cmp byte ptr [r12],1
jne @f
//cmp dword ptr [rax+254],0000ff00 //0xff00 - team, 0xffff - not team, 0x00000000 - ?
//je domaxmp2
cmp dword ptr [rax+174],ffffffff //0,1,2,3,4.. - team
jne domaxmp2
cmp dword ptr [rax+15c],0 //0 - team
jne domaxmp2
@@:
xor rbx,rbx
mov r12,bMaxMP
cmp byte ptr [r12+rbx],1
jne @f
cmp dword ptr [rax+d4],'Noct' //0x74636f4e
jne @f
cmp word ptr [rax+d8],'is' //0x7369
je domaxmp2
@@:
inc rbx
cmp byte ptr [r12+rbx],1
jne @f
cmp dword ptr [rax+d4],'Glad' //0x64616c47
jne @f
cmp dword ptr [rax+d8],'iolu' //0x756c6f69
jne @f
cmp byte ptr [rax+dc],'s' //0x73
je domaxmp2
@@:
inc rbx
cmp byte ptr [r12+rbx],1
jne @f
cmp dword ptr [rax+d4],'Prom' //0x6d6f7250
jne @f
cmp word ptr [rax+d8],'pt' //0x7470
jne @f
cmp byte ptr [rax+da],'o' //0x6f
je domaxmp2
@@:
inc rbx
cmp byte ptr [r12+rbx],1
jne @f
cmp dword ptr [rax+d4],'Igni' //0x696e6749
jne @f
cmp byte ptr [rax+d8],'s' //0x73
je domaxmp2
@@:
inc rbx
cmp byte ptr [r12+rbx],1
jne @f
cmp dword ptr [rax+d4],706c6f53
jne @f
cmp word ptr [rax+d8],6968
jne @f
cmp byte ptr [rax+da],65
je domaxmp2
@@:
jmp end2
domaxmp2:
db 4C 8D A0
readmem(mpChkZeroAfterChangeAOB+6,4)
//lea r12,[rax+1dc]
mov ebx,[r12+4]
mov [r12],ebx
//mov ebx,[rax+1e0]
//mov [rax+1dc],ebx
end2:
pop r12
readmem(mpConstRead1AOB+9,10)
jmp exit2
originalcode2_maxmp:
readmem(mpConstRead1AOB+3,16)
//call qword ptr [rax+00000AA8]
//mov eax,[rax+000001EC]
//add rsp,20
exit2:
jmp mpConstRead1AOB+13
///
mpConstRead1AOB+3: //"ffxv_s.exe"+5A1A3AC:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
mpConstRead1AOB+3: //"ffxv_s.exe"+5A1A3AC:
readmem(originalcode2_maxmp,16)
//db FF 90 A8 0A 00 00 8B 80 EC 01 00 00 48 83 C4 20
//Alt: call qword ptr [rax+00000AA8]
//Alt: mov eax,[rax+000001EC]
//Alt: add rsp,20
unregistersymbol(originalcode2_maxmp)
6107
"team ovverride"
0:disabled
1:appplied
008000
Byte
bMaxMPTeam
6108
"Noctis"
0:disabled
1:appplied
008000
Byte
bMaxMP+0
6109
""
0:disabled
1:appplied
008000
Byte
bMaxMP+4
6110
"Gladiolus"
0:disabled
1:appplied
008000
Byte
bMaxMP+1
6111
"Prompto"
0:disabled
1:appplied
008000
Byte
bMaxMP+2
6112
"Ignis"
0:disabled
1:appplied
008000
Byte
bMaxMP+3
6113
"inf. spell quantity .1"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(spellQCalOnUseAOB,ffxv_s.exe,44 ** ** F7 DB 8B)
registersymbol(spellQCalOnUseAOB)
alloc(newmem,2048,spellQCalOnUseAOB) //"ffxv_s.exe"+779929)
label(originalcode_infspellq)
registersymbol(originalcode_infspellq)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
jg @f
inc ebx
mov [rax+4],ebx
dec ebx
originalcode_infspellq:
readmem(spellQCalOnUseAOB,15)
//mov r12d,[rax]
//neg ebx
//mov ecx,[rax+2C]
//mov [rsp+38],ecx
//mov ecx,[rax+28]
exit:
jmp spellQCalOnUseAOB+f
///
spellQCalOnUseAOB: //"ffxv_s.exe"+779929:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
spellQCalOnUseAOB: //"ffxv_s.exe"+779929:
readmem(originalcode_infspellq,15)
//db 44 8B 20 F7 DB 8B 48 2C 89 4C 24 38 8B 48 28
//Alt: mov r12d,[rax]
//Alt: neg ebx
//Alt: mov ecx,[rax+2C]
//Alt: mov [rsp+38],ecx
//Alt: mov ecx,[rax+28]
unregistersymbol(spellQCalOnUseAOB)
unregistersymbol(originalcode_infspellq)
6114
"spell instant cooldown"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfSpellCoolDownNotCompletedAOB,ffxv_s.exe,F3 0F 11 ** ** 72 04 C6 ** ** 01)
registersymbol(cJmpIfSpellCoolDownNotCompletedAOB)
cJmpIfSpellCoolDownNotCompletedAOB+5: //"ffxv_s.exe"+3070F6:
db 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfSpellCoolDownNotCompletedAOB+5: //"ffxv_s.exe"+3070F6:
db 72 04
//Alt: jb ffxv_s.exe+3070FC
/*
ffxv_s.exe+3070A4 - E8 7704DBFF - call ffxv_s.exe+B7520
ffxv_s.exe+3070A9 - 84 C0 - test al,al
ffxv_s.exe+3070AB - 74 4F - je ffxv_s.exe+3070FC
ffxv_s.exe+3070AD - 80 7B 02 00 - cmp byte ptr [rbx+02],00 { 0 }
ffxv_s.exe+3070B1 - 75 49 - jne ffxv_s.exe+3070FC
ffxv_s.exe+3070B3 - E8 68DCE4FF - call ffxv_s.exe+154D20
ffxv_s.exe+3070B8 - 83 38 00 - cmp dword ptr [rax],00 { 0 }
ffxv_s.exe+3070BB - 75 3F - jne ffxv_s.exe+3070FC
ffxv_s.exe+3070BD - 80 7B 03 00 - cmp byte ptr [rbx+03],00 { 0 }
ffxv_s.exe+3070C1 - 75 39 - jne ffxv_s.exe+3070FC
ffxv_s.exe+3070C3 - 66 0F6E 0F - movd xmm1,[rdi]
ffxv_s.exe+3070C7 - 0F57 C0 - xorps xmm0,xmm0
ffxv_s.exe+3070CA - 0F5B C9 - cvtdq2ps xmm1,xmm1
ffxv_s.exe+3070CD - F3 0F59 0D 3B3EBF02 - mulss xmm1,[ffxv_s.exe+2EFAF10] { [0.00] }
ffxv_s.exe+3070D5 - F3 0F59 4B 0C - mulss xmm1,[rbx+0C]
ffxv_s.exe+3070DA - F3 0F59 4B 10 - mulss xmm1,[rbx+10]
ffxv_s.exe+3070DF - F3 0F58 4B 04 - addss xmm1,[rbx+04]
ffxv_s.exe+3070E4 - F3 0F5F C8 - maxss xmm1,xmm0
ffxv_s.exe+3070E8 - F3 0F5D 4B 08 - minss xmm1,[rbx+08]
ffxv_s.exe+3070ED - 0F2F 4B 08 - comiss xmm1,[rbx+08]
>> ffxv_s.exe+3070F1 - F3 0F11 4B 04 - movss [rbx+04],xmm1
ffxv_s.exe+3070F6 - 72 04 - jb ffxv_s.exe+3070FC
ffxv_s.exe+3070F8 - C6 43 03 01 - mov byte ptr [rbx+03],01 { 1 }
ffxv_s.exe+3070FC - 48 8B 5C 24 30 - mov rbx,[rsp+30]
ffxv_s.exe+307101 - 48 83 C4 20 - add rsp,20 { 32 }
ffxv_s.exe+307105 - 5F - pop rdi
ffxv_s.exe+307106 - C3 - ret
*/
6115
"max tech .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bMaxTech:
db 1
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bMaxTech:
db 0
/*
ffxv_s.exe+773080 - 0F57 C0 - xorps xmm0,xmm0
ffxv_s.exe+773083 - 0F2F C8 - comiss xmm1,xmm0
ffxv_s.exe+773086 - 72 0C - jb ffxv_s.exe+773094
>>ffxv_s.exe+773088 - F3 0F10 81 C4570000 - movss xmm0,[rcx+000057C4]
ffxv_s.exe+773090 - F3 0F5D C1 - minss xmm0,xmm1
ffxv_s.exe+773094 - F3 0F11 81 C0570000 - movss [rcx+000057C0],xmm0
ffxv_s.exe+77309C - C3 - ret
ffxv_s.exe+77309D - CC - int 3
*/
6224
"max armiger .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(readyForArmigerCallChkAOB,ffxv_s.exe,** ** 74 ** 84 C0 74 ** 80 ** ** ** ** ** 00 75 ** 48 ** ** 48 ** ** FF ** ** ** ** ** EB)
registersymbol(readyForArmigerCallChkAOB)
//aobscanmodule(readyForArmigerCallChkAOB,ffxv_s.exe,** ** ** 74 ** 84 C0 74 ** 80 ** ** ** ** ** 00 75 ** 48 ** ** 48 ** ** FF ** ** ** ** ** EB)
//registersymbol(readyForArmigerCallChkAOB)
aobscanmodule(resetFlagIfNotReadyToArmigerAOB,ffxv_s.exe,32 C0 48 ** ** ** ** 0F 28 ** ** ** 48 ** ** ** 5F)
registersymbol(resetFlagIfNotReadyToArmigerAOB)
label(bArmigerResetKey)
registersymbol(bArmigerResetKey)
alloc(newmem,2048,resetFlagIfNotReadyToArmigerAOB) //"ffxv_s.exe"+2DC370)
label(originalcode_maxarmiger)
registersymbol(originalcode_maxarmiger)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
test rcx,rcx
jz @f
mov rbx,[rsp+38]
lea rbx,[rbx+0]
mov rbx,readyForArmigerCallChkAOB //"ffxv_s.exe"+514B46
cmp [rsp+38],rbx
jne @f
mov rbx,pSomeGameInfoA
cmp [rbx],rcx
jne @f
xor rax,rax
mov rbx,originalcode17_enable
mov eax,[rbx+6]
lea rbx,[rcx+rax-10] //57b4]
mov eax,[rbx+4]
mov [rbx],eax
originalcode_maxarmiger:
readmem(resetFlagIfNotReadyToArmigerAOB,16)
//xor al,al
//mov rbx,[rsp+40]
//movaps xmm6,[rsp+20]
//add rsp,30
exit:
jmp resetFlagIfNotReadyToArmigerAOB+10
///
bArmigerResetKey:
///
resetFlagIfNotReadyToArmigerAOB: //"ffxv_s.exe"+2DC370:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
resetFlagIfNotReadyToArmigerAOB: //"ffxv_s.exe"+2DC370:
readmem(originalcode_maxarmiger,16)
//db 32 C0 48 8B 5C 24 40 0F 28 74 24 20 48 83 C4 30
//Alt: xor al,al
//Alt: mov rbx,[rsp+40]
//Alt: movaps xmm6,[rsp+20]
//Alt: add rsp,30
unregistersymbol(originalcode_maxarmiger)
unregistersymbol(bArmigerResetKey)
6844
"always max"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(armigerWritesOnChangeAOB,ffxv_s.exe,72 0C F3 0F 10 ** B8 57 00 00 F3 0F 5D C1 F3 0F 11 ** ** ** ** ** C3)
registersymbol(armigerWritesOnChangeAOB)
alloc(newmem,2048,armigerWritesOnChangeAOB) //"ffxv_s.exe"+74B6A56)
label(originalcode_alwaysmaxarmiger)
registersymbol(originalcode_alwaysmaxarmiger)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
jb end
readmem(armigerWritesOnChangeAOB+2,8)
push rax
mov rax,bArmigerResetKey
cmp byte ptr [rax],1
pop rax
jne @f
xorps xmm0,xmm0
end:
jmp exit
originalcode_alwaysmaxarmiger:
readmem(armigerWritesOnChangeAOB,14)
//jb ffxv_s.exe+74B6A64
//movss xmm0,[rcx+000057B8]
//minss xmm0,xmm1
exit:
jmp armigerWritesOnChangeAOB+e
///
armigerWritesOnChangeAOB: //"ffxv_s.exe"+74B6A56:
jmp newmem
///****************************************///
{$lua}
function armigerResetKeys(timer)
if ( isKeyPressed(VK_R) ) then
writeBytes("bArmigerResetKey" ,1)
else
writeBytes("bArmigerResetKey" ,0)
end
end
t4=createTimer(nil)
timer_setInterval(t4, 100)
timer_onTimer(t4, armigerResetKeys)
timer_setEnabled(t4, true)
{$asm}
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
armigerWritesOnChangeAOB: //"ffxv_s.exe"+74B6A56:
readmem(originalcode_alwaysmaxarmiger,14)
//db 72 0C F3 0F 10 81 B8 57 00 00 F3 0F 5D C1
//Alt: jb ffxv_s.exe+74B6A64
//Alt: movss xmm0,[rcx+000057B8]
//Alt: minss xmm0,xmm1
unregistersymbol(originalcode_alwaysmaxarmiger)
///****************************************///
{$lua}
timer_setEnabled(t4, false)
{$asm}
6845
"press R to exit armiger mode"
808080
1
6846
"bArmigerResetKey"
008000
Byte
bArmigerResetKey
6116
"damage multiplier .5"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bDamageMultiplierEnable:
db 1
dDamageMultiplierC:
dd (float)1
dWeaponDamageMultiplier:
dd (float)10 //Noctis
dd (float)1 //Gladiolus
dd (float)1 //Prompto
dd (float)1 //Ignis
dd (float)10 //
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bDamageMultiplierEnable:
db 0
dWeaponDamageMultiplier:
dd (float)1 //Noctis
dd (float)1 //Gladiolus
dd (float)1 //Prompto
dd (float)1 //Ignis
dd (float)1 //
6117
"Noctis"
008000
Float
dWeaponDamageMultiplier+0*4
6118
""
008000
Float
dWeaponDamageMultiplier+4*4
6119
""
0:disabled
1:appplied
008000
Byte
bUndead+4
6120
"Gladiolus"
008000
Float
dWeaponDamageMultiplier+1*4
6121
"Prompto"
008000
Float
dWeaponDamageMultiplier+2*4
6122
"Ignis"
008000
Float
dWeaponDamageMultiplier+3*4
6123
"raised damage cap .1"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bCustomDamageCap:
db 1
dCustomDamageCap:
dd #1000000000
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bCustomDamageCap:
db 0
6124
"custom damage cap"
1
008000
4 Bytes
dCustomDamageCap
6125
"inf. item usage .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(itemUsageCallRetAOB,ffxv_s.exe,44 8B C3 48 8B CF E8 ** ** ** ** 48 ** ** ** ** E8)
registersymbol(itemUsageCallRetAOB)
aobscanmodule(promptoAmmoUsageCallRetAOB,ffxv_s.exe,45 8B C6 49 8B CF E8 ** ** ** ** EB ** 4D)
registersymbol(promptoAmmoUsageCallRetAOB)
aobscanmodule(itemQCalOnUseAOB,ffxv_s.exe,41 ** ** ** 44 8B E0 85 C9)
registersymbol(itemQCalOnUseAOB)
label(bInfPromptoAmmo)
registersymbol(bInfPromptoAmmo)
alloc(newmem,2048,itemQCalOnUseAOB) //"ffxv_s.exe"+7770CB)
label(originalcode_infitem)
registersymbol(originalcode_infitem)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rax,itemUsageCallRetAOB
lea rax,[rax+b]
cmp [rsp+3f8],rax
je dominitemq
mov rax,bInfPromptoAmmo
cmp byte ptr [rax],1
jne @f
mov rax,promptoAmmoUsageCallRetAOB
lea rax,[rax+b]
cmp [rsp+3f8],rax
je dominitemq
@@:
jmp end
dominitemq:
cmp ecx,1
jge @f
mov ecx,ebp
neg ecx
add ecx,1
mov r14d,ecx
mov ecx,1
end:
readmem(itemQCalOnUseAOB+4,5)
jns @f
readmem(itemQCalOnUseAOB+b,2)
mov rax,originalcode_infitem
movzx rbx,byte ptr [rax+a]
mov rax,itemQCalOnUseAOB
lea rax,[rax+f]
add rax,rbx
jmp rax
@@:
readmem(itemQCalOnUseAOB+f,3)
jmp exit
originalcode_infitem:
readmem(itemQCalOnUseAOB+4,14)
//mov r12d,eax
//test ecx,ecx
//jns ffxv_s.exe+77B0F6
//mov ecx,ebx
//jmp ffxv_s.exe+77B0FD
//cmp ecx,r12d
exit:
jmp itemQCalOnUseAOB+12
///
bInfPromptoAmmo:
///
itemQCalOnUseAOB+4: //"ffxv_s.exe"+7770CB:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
itemQCalOnUseAOB+4: //"ffxv_s.exe"+7770CB:
readmem(originalcode_infitem,14)
//db 44 8B E0 85 C9 79 04 8B CB EB 07 41 3B CC
//Alt: mov r12d,eax
//Alt: test ecx,ecx
//Alt: jns ffxv_s.exe+77B0F6
//Alt: mov ecx,ebx
//Alt: jmp ffxv_s.exe+77B0FD
//Alt: cmp ecx,r12d
unregistersymbol(itemQCalOnUseAOB)
unregistersymbol(originalcode_infitem)
unregistersymbol(bInfPromptoAmmo)
/*
ffxv_s.exe+77708B - 38 9C 24 A8000000 - cmp [rsp+000000A8],bl
ffxv_s.exe+777092 - 74 0D - je ffxv_s.exe+7770A1
ffxv_s.exe+777094 - 45 85 F6 - test r14d,r14d
ffxv_s.exe+777097 - 7E 08 - jle ffxv_s.exe+7770A1
ffxv_s.exe+777099 - 85 ED - test ebp,ebp
ffxv_s.exe+77709B - 0F89 D6000000 - jns ffxv_s.exe+777177
ffxv_s.exe+7770A1 - 85 ED - test ebp,ebp
ffxv_s.exe+7770A3 - 7F 13 - jg ffxv_s.exe+7770B8
ffxv_s.exe+7770A5 - 0F89 CC000000 - jns ffxv_s.exe+777177
ffxv_s.exe+7770AB - 8B C5 - mov eax,ebp
ffxv_s.exe+7770AD - F7 D8 - neg eax
ffxv_s.exe+7770AF - 44 3B F0 - cmp r14d,eax
ffxv_s.exe+7770B2 - 0F8C BF000000 - jl ffxv_s.exe+777177
ffxv_s.exe+7770B8 - 8B D7 - mov edx,edi
ffxv_s.exe+7770BA - 4C 89 64 24 78 - mov [rsp+78],r12
ffxv_s.exe+7770BF - 49 8B CF - mov rcx,r15
ffxv_s.exe+7770C2 - E8 E9EFFFFF - call ffxv_s.exe+7760B0
>>ffxv_s.exe+7770C7 - 41 8D 0C 2E - lea ecx,[r14+rbp]
ffxv_s.exe+7770CB - 44 8B E0 - mov r12d,eax
ffxv_s.exe+7770CE - 85 C9 - test ecx,ecx
ffxv_s.exe+7770D0 - 79 04 - jns ffxv_s.exe+7770D6
ffxv_s.exe+7770D2 - 8B CB - mov ecx,ebx
ffxv_s.exe+7770D4 - EB 07 - jmp ffxv_s.exe+7770DD
ffxv_s.exe+7770D6 - 41 3B CC - cmp ecx,r12d
ffxv_s.exe+7770D9 - 41 0F4F CC - cmovg ecx,r12d
ffxv_s.exe+7770DD - 8B C1 - mov eax,ecx
ffxv_s.exe+7770DF - 89 3E - mov [rsi],edi
ffxv_s.exe+7770E1 - 41 2B C6 - sub eax,r14d
ffxv_s.exe+7770E4 - 89 4E 04 - mov [rsi+04],ecx
ffxv_s.exe+7770E7 - 8B D8 - mov ebx,eax
ffxv_s.exe+7770E9 - 85 C0 - test eax,eax
ffxv_s.exe+7770EB - 7E 45 - jle ffxv_s.exe+777132
ffxv_s.exe+7770ED - 41 B0 01 - mov r8l,01 { 1 }
ffxv_s.exe+7770F0 - 8B D7 - mov edx,edi
ffxv_s.exe+7770F2 - 49 8B CF - mov rcx,r15
ffxv_s.exe+7770F5 - E8 E65B0000 - call ffxv_s.exe+77CCE0
ffxv_s.exe+7770FA - 45 85 F6 - test r14d,r14d
ffxv_s.exe+7770FD - 7F 11 - jg ffxv_s.exe+777110
ffxv_s.exe+7770FF - 41 B1 01 - mov r9l,01 { 1 }
ffxv_s.exe+777102 - 44 8B C7 - mov r8d,edi
ffxv_s.exe+777105 - 41 8B D5 - mov edx,r13d
ffxv_s.exe+777108 - 49 8B CF - mov rcx,r15
ffxv_s.exe+77710B - E8 A0000000 - call ffxv_s.exe+7771B0
ffxv_s.exe+777110 - E8 5B01EDFF - call ffxv_s.exe+647270
ffxv_s.exe+777115 - 48 8B C8 - mov rcx,rax
ffxv_s.exe+777118 - C6 44 24 28 00 - mov byte ptr [rsp+28],00 { 0 }
ffxv_s.exe+77711D - 44 8B CB - mov r9d,ebx
*/
7739
"inf. prompto ammo"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bInfPromptoAmmo:
db 1
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bInfPromptoAmmo:
db 0
6126
"max fishing line drability"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(fishlineDurabilityCalOnChangeAOB,ffxv_s.exe,F3 0F 10 ** ** ** ** ** F3 0F 5D C1 0F 28 F8)
registersymbol(fishlineDurabilityCalOnChangeAOB)
fishlineDurabilityCalOnChangeAOB+8: //"ffxv_s.exe"+175AE8:
db 90 90 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
fishlineDurabilityCalOnChangeAOB+8: //"ffxv_s.exe"+175AE8:
db F3 0F 5D C1
//Alt: minss xmm0,xmm1
/*
ffxv_s.exe+175A7F - E8 6C884500 - call ffxv_s.exe+5CE2F0
ffxv_s.exe+175A84 - F3 0F10 B3 E0000000 - movss xmm6,[rbx+000000E0]
ffxv_s.exe+175A8C - 0F57 FF - xorps xmm7,xmm7
ffxv_s.exe+175A8F - 0F2F 35 42A2D802 - comiss xmm6,[ffxv_s.exe+2EFFCD8] { [0.30] }
ffxv_s.exe+175A96 - 73 05 - jae ffxv_s.exe+175A9D
ffxv_s.exe+175A98 - 0F28 F7 - movaps xmm6,xmm7
ffxv_s.exe+175A9B - EB 1C - jmp ffxv_s.exe+175AB9
ffxv_s.exe+175A9D - F3 0F59 B3 10010000 - mulss xmm6,[rbx+00000110]
ffxv_s.exe+175AA5 - F3 0F59 F0 - mulss xmm6,xmm0
ffxv_s.exe+175AA9 - F3 0F59 B3 00010000 - mulss xmm6,[rbx+00000100]
ffxv_s.exe+175AB1 - F3 0F59 B3 0C010000 - mulss xmm6,[rbx+0000010C]
ffxv_s.exe+175AB9 - 48 8B CB - mov rcx,rbx
ffxv_s.exe+175ABC - E8 CF050000 - call ffxv_s.exe+176090
ffxv_s.exe+175AC1 - F3 0F10 8B EC000000 - movss xmm1,[rbx+000000EC]
ffxv_s.exe+175AC9 - F3 0F59 F0 - mulss xmm6,xmm0
ffxv_s.exe+175ACD - F3 41 0F59 F0 - mulss xmm6,xmm8
ffxv_s.exe+175AD2 - F3 0F5C CE - subss xmm1,xmm6
ffxv_s.exe+175AD6 - 0F28 74 24 40 - movaps xmm6,[rsp+40]
ffxv_s.exe+175ADB - 0F2F CF - comiss xmm1,xmm7
ffxv_s.exe+175ADE - 76 0F - jna ffxv_s.exe+175AEF
>>ffxv_s.exe+175AE0 - F3 0F10 83 F0000000 - movss xmm0,[rbx+000000F0]
ffxv_s.exe+175AE8 - F3 0F5D C1 - minss xmm0,xmm1
ffxv_s.exe+175AEC - 0F28 F8 - movaps xmm7,xmm0
ffxv_s.exe+175AEF - F3 0F11 BB EC000000 - movss [rbx+000000EC],xmm7
ffxv_s.exe+175AF7 - 0F28 7C 24 30 - movaps xmm7,[rsp+30]
ffxv_s.exe+175AFC - 44 0F28 44 24 20 - movaps xmm8,[rsp+20]
ffxv_s.exe+175B02 - 48 83 C4 50 - add rsp,50 { 80 }
ffxv_s.exe+175B06 - 5B - pop rbx
ffxv_s.exe+175B07 - C3 - ret
ffxv_s.exe+175B08 - CC - int 3
ffxv_s.exe+175B09 - CC - int 3
ffxv_s.exe+175B0A - CC - int 3
ffxv_s.exe+175B0B - CC - int 3
ffxv_s.exe+175B0C - CC - int 3
ffxv_s.exe+175B0D - CC - int 3
ffxv_s.exe+175B0E - CC - int 3
ffxv_s.exe+175B0F - CC - int 3
ffxv_s.exe+175B10 - F3 0F10 81 1C010000 - movss xmm0,[rcx+0000011C]
*/
6127
"ignore Gil .8"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
luaCall(lua_aobscan("cJmpIfNotEnoughGilForCurrentQ","ffxv_s.exe","0F 2F CF 0F 86 ** ** ** ** ** ** ** ** ** ** FF CF",2))
cJmpIfNotEnoughGilForCurrentQ+3: //"ffxv_s.exe"+11F8ED4: //cJmpIfNotEnough$ForCurrentQ
db 90 E9
///*******************************************///
aobscanmodule(chkEnoughGilOnShopEnterAOB,ffxv_s.exe,8B ** ** 3B ** 7C ** 45 85 ** 7E ** B3)
registersymbol(chkEnoughGilOnShopEnterAOB)
alloc(originalcode2_ignoregil,8)
registersymbol(originalcode2_ignoregil)
originalcode2_ignoregil:
readmem(chkEnoughGilOnShopEnterAOB+5,2)
///
chkEnoughGilOnShopEnterAOB+5: //"ffxv_s.exe"+989A131:
db 90 90
///*******************************************///
luaCall(lua_aobscan("chkEnoughGilOnShopPay","ffxv_s.exe","48 ** ** ** ** ** ** E8 ** ** ** ** 41 ** ** 0F 8C ** ** ** ** 48 ** ** E8 ** ** ** ** 45",2))
alloc(originalcode3_ignoregil,8)
registersymbol(originalcode3_ignoregil)
originalcode3_ignoregil:
readmem(chkEnoughGilOnShopPay+c,3)
///
chkEnoughGilOnShopPay+c: //"ffxv_s.exe"+11F9421: //chkEnough$OnShopPay
db 48 85 DB
///*******************************************///
aobscanmodule(gilCalOnChange,ffxv_s.exe,E8 ** ** ** ** 41 8B ** ** ** ** ** 85 F6 7F)
registersymbol(gilCalOnChange)
alloc(newmem4,2048,gilCalOnChange+5) //"ffxv_s.exe"+772006) //$CalOnChange
label(originalcode4_ignoregil)
registersymbol(originalcode4_ignoregil)
label(exit4)
newmem4: //this is allocated memory, you have read,write,execute access
//place your code here
mov ecx,esi
readmem(gilCalOnChange+5,1)
db 03
readmem(gilCalOnChange+7,5)
//add ecx,[r14+5650]
jns @f
mov ecx,esi
neg ecx
readmem(gilCalOnChange+5,1)
db 89
readmem(gilCalOnChange+7,5)
//mov [r14+5650],ecx
@@:
readmem(gilCalOnChange+5,9)
jle @f
push rbx
mov rbx,originalcode4_ignoregil
movzx rax,[rbx+a]
mov rbx,gilCalOnChange
lea rbx,[rbx+10]
lea rax,[rax+rbx]
pop rbx
jmp rax
@@:
js @f
push rbx
mov rbx,originalcode4_ignoregil
movzx rax,[rbx+c]
mov rbx,gilCalOnChange
lea rbx,[rbx+12]
lea rax,[rax+rbx]
pop rbx
jmp rax
@@:
readmem(gilCalOnChange+12,2)
jmp exit4
originalcode4_ignoregil:
readmem(gilCalOnChange+5,15)
//mov ecx,[r14+00005650]
//test esi,esi
//jg ffxv_s.exe+792F7FB
//jns ffxv_s.exe+792F82B
//mov eax,esi
exit4:
jmp gilCalOnChange+14
///
gilCalOnChange+5: //"ffxv_s.exe"+772006:
jmp newmem4
///*******************************************///
aobscanmodule(eatSleepCallRet2AOB,ffxv_s.exe,49 8B 06 49 89 F8 48 89 DA 4C 89 F1 FF ** ** ** ** ** EB)
registersymbol(eatSleepCallRet2AOB)
//aobscanmodule(eatFastTravelGilChkAOB,ffxv_s.exe,E8 ** ** ** ** C7 ** ** ** ** ** ** 89 ** ** 48 89 D8)
//registersymbol(eatFastTravelGilChkAOB)
luaCall(lua_aobscan("eatFastTravelGilChkAOB","ffxv_s.exe","E8 ** ** ** ** C7 ** ** ** ** ** ** 89 ** ** 48 89 D8",5))
label(bFromGilFetchToLogicalDecision)
registersymbol(bFromGilFetchToLogicalDecision)
alloc(newmem5pre,2048,eatFastTravelGilChkAOB+5) //"ffxv_s.exe"+A9CCF79)
label(originalcode5pre_ignoregil)
registersymbol(originalcode5pre_ignoregil)
label(exit5pre)
newmem5pre: //this is allocated memory, you have read,write,execute access
//place your code here
{
//mov rax,"ffxv_s.exe"+8192E49
mov rax,eatSleepCallRet2AOB
lea rax,[rax+12]
cmp [rsp+38],rax
jne @f
mov rax,bFromGilFetchToLogicalDecision
mov byte ptr [rax],1
}
mov edi,#500000000
originalcode5pre_ignoregil:
readmem(eatFastTravelGilChkAOB+5,18)
//mov [rbx+20],00000002
//mov [rbx+10],edi
//mov rax,rbx
//mov rbx,[rsp+40]
exit5pre:
jmp eatFastTravelGilChkAOB+17
///
bFromGilFetchToLogicalDecision:
///
eatFastTravelGilChkAOB+5: //"ffxv_s.exe"+A9CCF79:
jmp newmem5pre
///*******************************************///
/*
//aobscanmodule(eatSleepCallRet2AOB,ffxv_s.exe,49 8B 06 49 89 F8 48 89 DA 4C 89 F1 FF ** ** ** ** ** EB)
//registersymbol(eatSleepCallRet2AOB)
//
aobscanmodule(setFlagIfEnoughGilToEat,ffxv_s.exe,0F 85 ** ** ** ** 3B D1 0F 9D C3 E9)
registersymbol(setFlagIfEnoughGilToEat)
alloc(newmem5,2048,setFlagIfEnoughGilToEat) //"ffxv_s.exe"+9C2034)
label(originalcode5_ignoregil)
registersymbol(originalcode5_ignoregil)
label(exit5)
newmem5: //this is allocated memory, you have read,write,execute access
//place your code here
je @f
push rax
mov rax,originalcode5_ignoregil
xor r14,r14
mov r14d,[rax+2]
mov rax,setFlagIfEnoughGilToEat
lea rax,[rax+6]
lea r14,[rax+r14]
pop rax
jmp r14
@@:
{
mov r14,"ffxv_s.exe"+8118B7B //?1 ret in eat menu +108: +8192e49
cmp [rsp+68],r14
jne @f
readmem(setFlagIfEnoughGilToEat+6,5)
jmp end5
@@:
mov r14,"ffxv_s.exe"+9C083E //?2 ret in eat menu +168: +819dc2b
cmp [rsp+68],r14
jne @f
readmem(setFlagIfEnoughGilToEat+6,5)
jmp end5
@@:
mov r14,"ffxv_s.exe"+8193670 //eat/sleep, not related to $ chk, ret
cmp [rsp+168],r14
jne @f
readmem(setFlagIfEnoughGilToEat+6,5)
jmp end5
@@:
mov r14,"ffxv_s.exe"+819DC2B //quest info load ret
cmp [rsp+168],r14
jne @f
readmem(setFlagIfEnoughGilToEat+6,5)
jmp end5
@@:
readmem(setFlagIfEnoughGilToEat+6,5)
}
{
mov r14,eatSleepCallRetAOB
lea r14,[r14+6]
cmp [rsp+168],r14
jne @f
mov bl,1
jmp end5
}
{
mov r14,eatSleepCallRet2AOB
lea r14,[r14+12]
cmp [rsp+108],r14
jne @f
mov bl,1
jmp end5
}
mov r14,bFromGilFetchToLogicalDecision
cmp byte ptr [r14],1
jne @f
mov byte ptr [r14],0
mov bl,1
jmp end5
@@:
readmem(setFlagIfEnoughGilToEat+6,5)
end5:
push rax
mov rax,originalcode5_ignoregil
xor r14,r14
mov r14d,[rax+c]
mov rax,setFlagIfEnoughGilToEat
lea rax,[rax+10]
lea r14,[rax+r14]
pop rax
jmp r14
originalcode5_ignoregil:
readmem(setFlagIfEnoughGilToEat,16)
//jne ffxv_s.exe+9C23F0
//cmp edx,ecx
//setge bl
//jmp ffxv_s.exe+9C23F2
exit5:
jmp setFlagIfEnoughGilToEat+10
///
setFlagIfEnoughGilToEat: //"ffxv_s.exe"+9C2034:
jmp newmem5
///*******************************************///
aobscanmodule(setFlagIfEnoughGilToCustomizeCar,ffxv_s.exe,49 8B CC 0F 9D C0 41)
registersymbol(setFlagIfEnoughGilToCustomizeCar)
setFlagIfEnoughGilToCustomizeCar+3: //"ffxv_s.exe"+10F0759: //setFlagIfEnough$ToCustomizeCar
db 90 B0 01
///*******************************************///
luaCall(lua_aobscan("cJmpIfNotEnoughGilForCarFastTravel","ffxv_s.exe","8B ** 60 01 00 00 48 ** ** ** ** ** ** 45 ** ** 48 ** ** 39 ** 98 00 00 00 48 ** ** 7C ** ** ** ** ** ** ** ** ** ** ** ** ** ** 48",2))
alloc(originalcode7_ignoregil,8)
registersymbol(originalcode7_ignoregil)
originalcode7_ignoregil:
readmem(cJmpIfNotEnoughGilForCarFastTravel+1c,2)
///
cJmpIfNotEnoughGilForCarFastTravel+1c: //"ffxv_s.exe"+A9CCC20:
db 90 90
///*******************************************///
luaCall(lua_aobscan("chkEnoughGilOnCShopEnter","ffxv_s.exe","8B ** ** 3B ** ** 7C ** 85 F6",1))
alloc(originalcode8_ignoregil,8)
registersymbol(originalcode8_ignoregil)
originalcode8_ignoregil:
readmem(chkEnoughGilOnCShopEnter+6,2)
///
chkEnoughGilOnCShopEnter+6: //"ffxv_s.exe"+A142113:
db 90 90
///*******************************************///
luaCall(lua_aobscan("cJmpIfNotEnoughGilForCurrentCQ","ffxv_s.exe","0F 2F CF 0F 86 ** ** ** ** ** ** ** ** ** ** FF CF",1))
cJmpIfNotEnoughGilForCurrentCQ+3: //"ffxv_s.exe"+11D4F34:
db 90 E9
///*******************************************///
luaCall(lua_aobscan("chkEnoughGilOnCShopPay","ffxv_s.exe","48 ** ** ** ** ** ** E8 ** ** ** ** 41 ** ** 0F 8C ** ** ** ** 48 ** ** E8 ** ** ** ** 45",1))
alloc(originalcode10_ignoregil,8)
registersymbol(originalcode10_ignoregil)
originalcode10_ignoregil:
readmem(chkEnoughGilOnCShopPay+c,3)
///
chkEnoughGilOnCShopPay+c: //"ffxv_s.exe"+11F9421: //chkEnough$OnShopPay
db 48 85 DB
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfNotEnoughGilForCurrentQ+3://"ffxv_s.exe"+11F8ED4:
db 0F 86
//Alt: jbe
///*******************************************///
chkEnoughGilOnShopEnterAOB+5: //"ffxv_s.exe"+989A131:
readmem(originalcode2_ignoregil,2)
//db 7C 09
//Alt: jl ffxv_s.exe+989A13C
dealloc(originalcode2_ignoregil)
unregistersymbol(originalcode2_ignoregil)
///*******************************************///
chkEnoughGilOnShopPay+c: //"ffxv_s.exe"+11F9421:
readmem(originalcode3_ignoregil,3)
//db 41 3B C5
//Alt: cmp eax,r13d
dealloc(originalcode3_ignoregil)
unregistersymbol(originalcode3_ignoregil)
///*******************************************///
dealloc(newmem4)
gilCalOnChange+5://"ffxv_s.exe"+772006:
readmem(originalcode4_ignoregil,15)
//db 41 8B 8E 50 56 00 00 85 F6 7F 0A 79 38 89 F0
//Alt: mov ecx,[r14+00005650]
//Alt: test esi,esi
//Alt: jg ffxv_s.exe+792F7FB
//Alt: jns ffxv_s.exe+792F82B
//Alt: mov eax,esi
unregistersymbol(originalcode4_ignoregil)
///*******************************************///
dealloc(newmem5pre)
eatFastTravelGilChkAOB+5: //"ffxv_s.exe"+A9CCF79:
readmem(originalcode5pre_ignoregil,18)
//db C7 43 20 02 00 00 00 89 7B 10 48 89 D8 48 8B 5C 24 40
//Alt: mov [rbx+20],00000002
//Alt: mov [rbx+10],edi
//Alt: mov rax,rbx
//Alt: mov rbx,[rsp+40]
unregistersymbol(originalcode5pre_ignoregil)
unregistersymbol(bFromGilFetchToLogicalDecision)
///*******************************************///
/*
dealloc(newmem5)
setFlagIfEnoughGilToEat: //"ffxv_s.exe"+9C2034:
readmem(originalcode5_ignoregil,16)
//db 0F 85 B6 03 00 00 3B D1 0F 9D C3 E9 AE 03 00 00
//Alt: jne ffxv_s.exe+9C23F0
//Alt: cmp edx,ecx
//Alt: setge bl
//Alt: jmp ffxv_s.exe+9C23F2
unregistersymbol(originalcode5_ignoregil)
///*******************************************///
setFlagIfEnoughGilToCustomizeCar+3: //"ffxv_s.exe"+10F0759:
db 0F 9D C0
//Alt: setge al
///*******************************************///
cJmpIfNotEnoughGilForCarFastTravel+1c: //"ffxv_s.exe"+A9CCC20:
readmem(originalcode7_ignoregil,2)
//db 7C 07
//Alt: jl ffxv_s.exe+A9CCC29
///*******************************************///
chkEnoughGilOnCShopEnter+6: //"ffxv_s.exe"+A142113:
readmem(originalcode8_ignoregil,2)
//db 7C 09
//Alt: jl ffxv_s.exe+A14211E
dealloc(originalcode8_ignoregil)
unregistersymbol(originalcode8_ignoregil)
///*******************************************///
cJmpIfNotEnoughGilForCurrentCQ+3: //"ffxv_s.exe"+11D4F34:
db 0F 86
//Alt: jbe
unregistersymbol(cJmpIfNotEnoughGilForCurrentCQ)
///*******************************************///
chkEnoughGilOnCShopPay+c: //"ffxv_s.exe"+11F9421:
readmem(originalcode10_ignoregil,3)
//db 41 3B C5
//Alt: cmp eax,r13d
dealloc(originalcode10_ignoregil)
unregistersymbol(originalcode10_ignoregil)
7021
"ignore medals"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(medalsChkOnPrizesMenuAccessAOB,ffxv_s.exe,E8 ** ** ** ** 44 ** ** ** ** 72 ** 0F B6 DB)
registersymbol(medalsChkOnPrizesMenuAccessAOB)
alloc(originalcode_ignoremedals,8)
registersymbol(originalcode_ignoremedals)
originalcode_ignoremedals:
readmem(medalsChkOnPrizesMenuAccessAOB+a,2)
///
medalsChkOnPrizesMenuAccessAOB+a: //"ffxv_s.exe"+110CD8A:
db 90 90
///*************************************///
aobscanmodule(medalsChkOnPurchaseAOB,ffxv_s.exe,48 ** ** E8 ** ** ** ** 39 F8 78)
registersymbol(medalsChkOnPurchaseAOB)
alloc(originalcode1_ignoremedals,8)
registersymbol(originalcode1_ignoremedals)
originalcode1_ignoremedals:
readmem(medalsChkOnPurchaseAOB+a,2)
///
medalsChkOnPurchaseAOB+a: //"ffxv_s.exe"+952CC39:
db 90 90
///*************************************///
aobscanmodule(medalsReadOnChangeAOB,ffxv_s.exe,31 DB FF ** ** ** ** ** 8B ** ** ** ** ** 85 FF 7F)
registersymbol(medalsReadOnChangeAOB)
alloc(newmem2,2048,medalsReadOnChangeAOB+2) //"ffxv_s.exe"+72BC773)
label(originalcode2_ignoremedals)
registersymbol(originalcode2_ignoremedals)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
reassemble(medalsReadOnChangeAOB+2)
readmem(medalsReadOnChangeAOB+8,8)
jg end2
jns end2
readmem(medalsReadOnChangeAOB+14,6)
jge end2
mov edx,eax
end2:
readmem(medalsReadOnChangeAOB+e,2)
jmp exit2
originalcode2_ignoremedals:
readmem(medalsReadOnChangeAOB+2,14)
//call qword ptr [ffxv_s.exe+FE18670]
//mov edx,[rsi+00005654]
//test edi,edi
exit2:
jmp medalsReadOnChangeAOB+10
///
medalsReadOnChangeAOB+2: //"ffxv_s.exe"+72BC773:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
medalsChkOnPrizesMenuAccessAOB+a: //"ffxv_s.exe"+110CD8A:
readmem(originalcode_ignoremedals,2)
//db 72 0D
//Alt: jb ffxv_s.exe+110CD99
dealloc(originalcode_ignoremedals)
unregistersymbol(originalcode_ignoremedals)
///*************************************///
medalsChkOnPurchaseAOB+a: //"ffxv_s.exe"+952CC39:
readmem(originalcode1_ignoremedals,2)
//db 78 36
//Alt: js ffxv_s.exe+952CC71
dealloc(originalcode1_ignoremedals)
unregistersymbol(originalcode1_ignoremedals)
///*************************************///
dealloc(newmem2)
medalsReadOnChangeAOB+2: //"ffxv_s.exe"+72BC773:
readmem(originalcode2_ignoremedals,14)
//db FF 15 F7 BE B5 08 8B 96 54 56 00 00 85 FF
//Alt: call qword ptr [ffxv_s.exe+FE18670]
//Alt: mov edx,[rsi+00005654]
//Alt: test edi,edi
unregistersymbol(originalcode2_ignoremedals)
6128
"ignore kW"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfEnoughKWAOB,ffxv_s.exe,7E 0S 45 ** ** ** ** ** ** ** 45 ** ** ** ** 89)
registersymbol(cJmpIfEnoughKWAOB)
cJmpIfEnoughKWAOB: //"ffxv_s.exe"+A12AB81:
db EB
///*************************************///
{
alloc(newmem2,2048,cJmpIfEnoughKWAOB+f) //"ffxv_s.exe"+A12AB90)
label(originalcode2_ignorekw)
registersymbol(originalcode2_ignorekw)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
jle @f
xor ecx,ecx
db 03 4F
readmem(cJmpIfEnoughKWAOB+1d,1)
//add ecx,[rdi+70]
@@:
originalcode2_ignorekw:
readmem(cJmpIfEnoughKWAOB+f,15)
//mov [rbx+00000418],ecx
//mov eax,[rax+002EAF40]
//sub eax,[rdi+70]
exit2:
jmp cJmpIfEnoughKWAOB+1e
///
cJmpIfEnoughKWAOB+f: //"ffxv_s.exe"+A12AB90:
jmp newmem2
}
///*************************************///
aobscanmodule(kWWriteOnChange,ffxv_s.exe,41 ** ** 89 ** 41 ** ** 48 ** ** 44 ** ** ** 44 ** ** A8 00 00 00)
registersymbol(kWWriteOnChange)
alloc(newmem6,2048,kWWriteOnChange) //"ffxv_s.exe"+78B462B)
label(originalcode6_ignorekw)
registersymbol(originalcode6_ignorekw)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(kWWriteOnChange,15)
test r8d,r8d
jge @f
xor r8d,r8d
@@:
jmp exit6
originalcode6_ignorekw:
readmem(kWWriteOnChange,15)
//add r8d,edx
//mov edi,edx
//cmp r8d,ebp
//mov rbx,rcx
//cmovg r8d,ebp
exit6:
jmp kWWriteOnChange+f
///
kWWriteOnChange: //"ffxv_s.exe"+78B462B:
jmp newmem6
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfEnoughKWAOB: //"ffxv_s.exe"+A12AB81:
db 7E
//Alt: jle
///*************************************///
{
dealloc(newmem2)
cJmpIfEnoughKWAOB+f: //"ffxv_s.exe"+A12AB90:
readmem(originalcode2_ignorekw,15)
//db 89 8B 18 04 00 00 8B 80 40 AF 2E 00 2B 47 70
//Alt: mov [rbx+00000418],ecx
//Alt: mov eax,[rax+002EAF40]
//Alt: sub eax,[rdi+70]
unregistersymbol(originalcode2_ignorekw)
}
///*************************************///
dealloc(newmem6)
kWWriteOnChange: //"ffxv_s.exe"+78B462B:
readmem(originalcode6_ignorekw,15)
//db 41 01 D0 89 D7 41 39 E8 48 89 CB 44 0F 4F C5
//Alt: add r8d,edx
//Alt: mov edi,edx
//Alt: cmp r8d,ebp
//Alt: mov rbx,rcx
//Alt: cmovg r8d,ebp
unregistersymbol(originalcode6_ignorekw)
7794
"ignore chocobo stats **"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfChocoboStatsSufficientAOB,ffxv_s.exe,74 ** 0F 2F C7 76 ** BB ** ** ** ** EB)
registersymbol(cJmpIfChocoboStatsSufficientAOB)
cJmpIfChocoboStatsSufficientAOB+5: //"ffxv_s.exe"+99124B7:
db EB
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfChocoboStatsSufficientAOB+5: //"ffxv_s.exe"+99124B7:
db 76
//Alt: jna
6129
"ignore AP .1"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(apCalOnAscensionMenuAccessAOB,ffxv_s.exe,41 89 C0 45 29 C8 48 ** ** ** ** 79)
registersymbol(apCalOnAscensionMenuAccessAOB)
apCalOnAscensionMenuAccessAOB+b: //"ffxv_s.exe"+115161E:
db EB
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
apCalOnAscensionMenuAccessAOB+b: //"ffxv_s.exe"+115161E:
db 79
//Alt: jns
6130
"ignore customize car item requirement"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(setFlagIfEnoughItemForCarCustomize,ffxv_s.exe,8D 0C 2B 3B C1 48 ** ** ** ** ** ** ** 0F 9D C0)
registersymbol(setFlagIfEnoughItemForCarCustomize)
setFlagIfEnoughItemForCarCustomize+d: //"ffxv_s.exe"+10F0838:
db 90 B0 01
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
setFlagIfEnoughItemForCarCustomize+d: //"ffxv_s.exe"+10F0838:
db 0F 9D C0
//Alt: setge al
6131
"ignore cooking ingredient"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfNotEnoughItemForCookAOB,ffxv_s.exe,E8 ** ** ** ** 85 C0 7E ** FF C3 41)
registersymbol(cJmpIfNotEnoughItemForCookAOB)
alloc(originalcode_ignorecookingingredient,8)
registersymbol(originalcode_ignorecookingingredient)
originalcode_ignorecookingingredient:
readmem(cJmpIfNotEnoughItemForCookAOB+7,2)
///
cJmpIfNotEnoughItemForCookAOB+7: //"ffxv_s.exe"+1134C28:
db 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfNotEnoughItemForCookAOB+7: //"ffxv_s.exe"+1134C28:
readmem(originalcode_ignorecookingingredient,2)
//db 7E 09
//Alt: jle ffxv_s.exe+1134C33
dealloc(originalcode_ignorecookingingredient)
unregistersymbol(originalcode_ignorecookingingredient)
6132
"time of day mod .1"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(timeOfDayCalAOB,ffxv_s.exe,F3 48 0F 2C C0 48 ** ** ** 75 03 48 01 03 48 ** ** ** ** 48)
registersymbol(timeOfDayCalAOB)
label(pTimeOfDay)
registersymbol(pTimeOfDay)
label(bAdvanceTimeOfDay)
registersymbol(bAdvanceTimeOfDay)
label(bRewindTimeOfDay)
registersymbol(bRewindTimeOfDay)
label(dTimeOfDayMod)
registersymbol(dTimeOfDayMod)
alloc(newmem,2048,timeOfDayCalAOB+e) //"ffxv_s.exe"+2C5306C)
label(originalcode_timeofdaymod)
registersymbol(originalcode_timeofdaymod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
//
push rax
push rcx
push rdx
push r8
push r9
push r10
//
mov rcx,pTimeOfDay
mov [rcx],rbx
mov rcx,dTimeOfDayMod
mov r8,[rcx+18]
mov rdx,bAdvanceTimeOfDay
mov eax,[rdx]
test al,al
jnz @f
neg r8
mov eax,[rdx+4] //bRewindTimeOfDay
test al,al
jnz @f
xor r8,r8
@@:
mov [rcx+8],r8
@@:
mov r8,[rcx]
cmp r8,[rcx+8]
jl inctodm
jg dectodm
jmp settodm
inctodm:
add r8,[rcx+10]
cmp r8,[rcx+8]
jle settodm
mov r8,[rcx+8]
jmp settodm
dectodm:
sub r8,[rcx+10]
cmp r8,[rcx+8]
jge settodm
mov r8,[rcx+8]
jmp settodm
settodm:
mov [rcx],r8
@@:
mov r8,[rcx]
add r8,[rbx]
//skip day length chk for now
settod:
mov [rbx],r8
//
@@:
pop r10
pop r9
pop r8
pop rdx
pop rcx
pop rax
//
originalcode_timeofdaymod:
readmem(timeOfDayCalAOB+e,14)
//mov rbx,[rsp+30]
//mov rsi,[rsp+38]
//add rsp,20
exit:
jmp timeOfDayCalAOB+1c
///
pTimeOfDay:
dq 0
bAdvanceTimeOfDay:
dd 0
bRewindTimeOfDay:
dd 0
dTimeOfDayMod:
dq 0 //current mod speed
dq 0 //destinate mod speed
dq #1493248 //mod speed adjust
dq #29864960 //max mod speed
///
timeOfDayCalAOB+e: //"ffxv_s.exe"+2C5306C:
jmp newmem
///*************************************************///
{$lua}
function checkTimeOfDayKeys(timer)
if ( isKeyPressed(VK_CAPITAL) ) then
if ( isKeyPressed(VK_NEXT) ) then
writeInteger("bAdvanceTimeOfDay",1)
writeInteger("bRewindTimeOfDay",0)
elseif ( isKeyPressed(VK_PRIOR) ) then
writeInteger("bRewindTimeOfDay",1)
writeInteger("bAdvanceTimeOfDay",0)
else
writeInteger("bAdvanceTimeOfDay",0)
writeInteger("bRewindTimeOfDay",0)
end
else
writeInteger("bAdvanceTimeOfDay",0)
writeInteger("bRewindTimeOfDay",0)
end
end
t=createTimer(nil)
timer_setInterval(t, 100)
timer_onTimer(t, checkTimeOfDayKeys)
timer_setEnabled(t, true)
{$asm}
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
timeOfDayCalAOB+e: //"ffxv_s.exe"+2C5306C:
readmem(originalcode_timeofdaymod,14)
//db 48 8B 5C 24 30 48 8B 74 24 38 48 83 C4 20
//Alt: mov rbx,[rsp+30]
//Alt: mov rsi,[rsp+38]
//Alt: add rsp,20
unregistersymbol(originalcode_timeofdaymod)
unregistersymbol(pTimeOfDay)
unregistersymbol(bAdvanceTimeOfDay)
unregistersymbol(bRewindTimeOfDay)
unregistersymbol(dTimeOfDayMod)
///*************************************************///
{$lua}
timer_setEnabled(t, false)
{$asm}
6133
"CapsLock_PageUp to rewind"
808080
1
6134
"bAdvanceTimeOfDay"
0:no
1:yes
008000
Byte
bAdvanceTimeOfDay
6135
"bRewindTimeOfDay"
0:no
1:yes
008000
Byte
bRewindTimeOfDay
6136
"current time of day"
1
0000FF
8 Bytes
pTimeOfDay
0
6137
"CapsLock_PageDown to advance"
808080
1
6138
"dTimeOfDayMod"
008000
8 Bytes
dTimeOfDayMod
6139
"dTimeOfDayMod+8"
008000
8 Bytes
dTimeOfDayMod+8
6140
"dTimeOfDayMod+10"
008000
8 Bytes
dTimeOfDayMod+10
6141
"dTimeOfDayMod+18"
008000
8 Bytes
dTimeOfDayMod+18
6142
"advance evade key .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(chkIfEvadeReadAOB,ffxv_s.exe,E8 ** ** ** ** 84 C0 75 ** 48 ** ** ** ** ** ** 8B ** ** 83 ** ** 74)
registersymbol(chkIfEvadeReadAOB)
alloc(newmem,2048,chkIfEvadeReadAOB+5) //"ffxv_s.exe"+2F02B0)
label(originalcode_advanceevadekey)
registersymbol(originalcode_advanceevadekey)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rcx,originalcode_advanceevadekey
movzx rdx,byte ptr [rcx+3]
mov rcx,chkIfEvadeReadAOB
lea rcx,[rcx+9]
lea rdx,[rcx+rdx]
mov rcx,bAdvanceEvadeKey
cmp byte ptr [rcx],1
jne @f
jmp rdx
@@:
readmem(chkIfEvadeReadAOB+5,2)
je @f
jmp rdx
@@:
readmem(chkIfEvadeReadAOB+9,10)
jmp exit
originalcode_advanceevadekey:
readmem(chkIfEvadeReadAOB+5,14)
//test al,al
//jne ffxv_s.exe+2F0300
//mov rax,[rdi+00000350]
//mov ecx,[rax+78]
exit:
jmp chkIfEvadeReadAOB+13
///
chkIfEvadeReadAOB+5: //"ffxv_s.exe"+2F02B0:
jmp newmem
///*************************************///
/*
luaCall(lua_aobscan("cJmpIfCanEvadeInCurrentState1AOB","ffxv_s.exe","05 ** ** ** ** 83 ** 02 0F 87 ** ** ** ** 48 ** ** ** ** ** ** 0F B6",2))
alloc(newmem2,2048,cJmpIfCanEvadeInCurrentState1AOB) //"ffxv_s.exe"+2F0763)
label(originalcode2_advanceevadekey)
registersymbol(originalcode2_advanceevadekey)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(cJmpIfCanEvadeInCurrentState1AOB,5)
push rax
xor rax,rax
mov rcx,originalcode2_advanceevadekey
mov eax,[rcx+a]
mov rcx,cJmpIfCanEvadeInCurrentState1AOB
lea rcx,[rcx+e]
lea rcx,[rcx+rax]
mov rax,bAdvanceEvadeKey
cmp byte ptr [rax],1
pop rax
jne @f
jmp rcx
@@:
readmem(cJmpIfCanEvadeInCurrentState1AOB+5,3)
jbe @f
jmp rcx
@@:
jmp exit2
originalcode2_advanceevadekey:
readmem(cJmpIfCanEvadeInCurrentState1AOB,14)
//add eax,FEFECA1C
//cmp eax,02
//ja ffxv_s.exe+2F0EE4
exit2:
jmp cJmpIfCanEvadeInCurrentState1AOB+e
///
cJmpIfCanEvadeInCurrentState1AOB: //"ffxv_s.exe"+2F0763:
jmp newmem2
///*************************************///
aobscanmodule(cJmpIfCanEvadeInCurrentState2AOB,ffxv_s.exe,E9 ** ** ** ** 48 8B ** ** ** ** ** 0F B6 ** ** C0 ** ** F6 ** ** 75 ** 48 ** ** 48)
registersymbol(cJmpIfCanEvadeInCurrentState2AOB)
alloc(newmem6,2048,cJmpIfCanEvadeInCurrentState2AOB+5) //"ffxv_s.exe"+2D82B4)
label(originalcode6_advanceevadeke)
registersymbol(originalcode6_advanceevadeke)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(cJmpIfCanEvadeInCurrentState2AOB+5,14)
push rax
mov rax,bAdvanceEvadeKey
cmp byte ptr [rax],0
pop rax
jne @f
readmem(cJmpIfCanEvadeInCurrentState2AOB+13,3)
@@:
jmp exit6
originalcode6_advanceevadeke:
readmem(cJmpIfCanEvadeInCurrentState2AOB+5,17)
//mov rax,[rdi+00000320]
//movzx ecx,byte ptr [rax+70]
//shr cl,04
//test cl,01
exit6:
jmp cJmpIfCanEvadeInCurrentState2AOB+16
///
cJmpIfCanEvadeInCurrentState2AOB+5: //"ffxv_s.exe"+2D82B4:
jmp newmem6
///*************************************///
{$lua}
function checkAutoEvadeKeys(timer)
if ( isKeyPressed(VK_CAPITAL) ) then
--writeBytes( readQword("bAdvanceEvadeKey") ,1)
writeBytes("bAdvanceEvadeKey" ,1)
else
--writeBytes( readQword("bAdvanceEvadeKey") ,0)
writeBytes("bAdvanceEvadeKey" ,0)
end
end
t2=createTimer(nil)
timer_setInterval(t2, 100)
timer_onTimer(t2, checkAutoEvadeKeys)
timer_setEnabled(t2, true)
{$asm}
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
chkIfEvadeReadAOB+5: //"ffxv_s.exe"+2F02B0:
readmem(originalcode_advanceevadekey,14)
//db 84 C0 75 4C 48 8B 87 50 03 00 00 8B 48 78
//Alt: test al,al
//Alt: jne ffxv_s.exe+2F0300
//Alt: mov rax,[rdi+00000350]
//Alt: mov ecx,[rax+78]
unregistersymbol(originalcode_advanceevadekey)
///*************************************///
/*
dealloc(newmem2)
cJmpIfCanEvadeInCurrentState1AOB: //"ffxv_s.exe"+2F0763:
readmem(originalcode2_advanceevadekey,14)
//db 05 1C CA FE FE 83 F8 02 0F 87 73 07 00 00
//Alt: add eax,FEFECA1C
//Alt: cmp eax,02
//Alt: ja ffxv_s.exe+2F0EE4
UNregistersymbol(originalcode2_advanceevadekey)
///*************************************///
dealloc(newmem6)
cJmpIfCanEvadeInCurrentState2AOB+5: //"ffxv_s.exe"+2D82B4:
readmem(originalcode6_advanceevadeke,17)
//db 48 8B 87 20 03 00 00 0F B6 48 70 C0 E9 04 F6 C1 01
//Alt: mov rax,[rdi+00000320]
//Alt: movzx ecx,byte ptr [rax+70]
//Alt: shr cl,04
//Alt: test cl,01
unregistersymbol(originalcode6_advanceevadeke)
///*************************************///
{$lua}
timer_setEnabled(t2, false)
{$asm}
6143
"hold CapsLock"
808080
1
6144
"bAdvanceEvadeKey"
008000
Byte
bAdvanceEvadeKey
11011
"addon"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
luaCall(lua_aobscan("cJmpIfCanEvadeInCurrentState1AOB","ffxv_s.exe","05 ** ** ** ** 83 ** 02 0F 87 ** ** ** ** 48 ** ** ** ** ** ** 0F B6",2))
alloc(newmem2,2048,cJmpIfCanEvadeInCurrentState1AOB) //"ffxv_s.exe"+2F0763)
label(originalcode2_advanceevadekey)
registersymbol(originalcode2_advanceevadekey)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(cJmpIfCanEvadeInCurrentState1AOB,5)
push rax
xor rax,rax
mov rcx,originalcode2_advanceevadekey
mov eax,[rcx+a]
mov rcx,cJmpIfCanEvadeInCurrentState1AOB
lea rcx,[rcx+e]
lea rcx,[rcx+rax]
mov rax,bAdvanceEvadeKey
cmp byte ptr [rax],1
pop rax
jne @f
jmp rcx
@@:
readmem(cJmpIfCanEvadeInCurrentState1AOB+5,3)
jbe @f
jmp rcx
@@:
jmp exit2
originalcode2_advanceevadekey:
readmem(cJmpIfCanEvadeInCurrentState1AOB,14)
//add eax,FEFECA1C
//cmp eax,02
//ja ffxv_s.exe+2F0EE4
exit2:
jmp cJmpIfCanEvadeInCurrentState1AOB+e
///
cJmpIfCanEvadeInCurrentState1AOB: //"ffxv_s.exe"+2F0763:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
cJmpIfCanEvadeInCurrentState1AOB: //"ffxv_s.exe"+2F0763:
readmem(originalcode2_advanceevadekey,14)
//db 05 1C CA FE FE 83 F8 02 0F 87 73 07 00 00
//Alt: add eax,FEFECA1C
//Alt: cmp eax,02
//Alt: ja ffxv_s.exe+2F0EE4
UNregistersymbol(originalcode2_advanceevadekey)
6145
"longer hover"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfHoverTimerEndAOB,ffxv_s.exe,F3 ** ** ** ** ** ** ** 0F 2F ** ** ** ** ** 73 ** C7 ** ** ** ** ** ** 0F 28)
registersymbol(cJmpIfHoverTimerEndAOB)
alloc(originalcode_longerhover,8)
registersymbol(originalcode_longerhover)
originalcode_longerhover:
readmem(cJmpIfHoverTimerEndAOB+f,2)
///
cJmpIfHoverTimerEndAOB+f: //"ffxv_s.exe"+16552F:
db 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfHoverTimerEndAOB+f: //"ffxv_s.exe"+16552F:
readmem(originalcode_longerhover,2)
//db 73 12
//Alt: jae ffxv_s.exe+165543
dealloc(originalcode_longerhover)
unregistersymbol(originalcode_longerhover)
6146
"chocobo speed mod"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(chocoboTrotSpeedWritesAOB,ffxv_s.exe,F3 ** ** ** ** ** 48 8B CF 0F 28 F0 F3)
registersymbol(chocoboTrotSpeedWritesAOB)
label(dChocoboTrotSpeed)
registersymbol(dChocoboTrotSpeed)
label(dChocoboWalkSpeed)
registersymbol(dChocoboWalkSpeed)
label(dAltChocoboSprintKeySpeed)
registersymbol(dAltChocoboSprintKeySpeed)
label(pChocoboStuff)
registersymbol(pChocoboStuff)
label(pChocoboTrotSpeed)
registersymbol(pChocoboTrotSpeed)
label(pChocoboWalkSpeed)
registersymbol(pChocoboWalkSpeed)
alloc(newmem,2048,chocoboTrotSpeedWritesAOB) //"ffxv_s.exe"+2C553F)
label(originalcode_trotspeedmod)
registersymbol(originalcode_trotspeedmod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rcx,pChocoboStuff
mov [rcx],rbx
mov rcx,pChocoboTrotSpeed
lea rax,[rbx+10]
mov [rcx],rax
mov rcx,pChocoboWalkSpeed
lea rax,[rbx+14]
mov [rcx],rax
//readmem(chocoboTrotSpeedWritesAOB,6)
////movss [rbx+10],xmm9
//cmp dword ptr [rbx+10],0
//je @f
xorps xmm6,xmm6
comiss xmm9,xmm6
je @f
mov rcx,dChocoboTrotSpeed
movss xmm9,[rcx]
@@:
comiss xmm0,xmm6
je @f
mov rcx,dChocoboWalkSpeed
movss xmm0,[rcx]
originalcode_trotspeedmod:
readmem(chocoboTrotSpeedWritesAOB,18)
//movss [rbx+10],xmm9
//mov rcx,rdi
//movaps xmm6,xmm0
//movss [rbx+0C],xmm8
exit:
jmp chocoboTrotSpeedWritesAOB+12
///
dChocoboTrotSpeed:
dd (float)1
dChocoboWalkSpeed:
dd (float)1
dAltChocoboSprintKeySpeed:
dd (float)10
pChocoboStuff:
dq 0
pChocoboTrotSpeed:
dq 0
pChocoboWalkSpeed:
dq 0
///
chocoboTrotSpeedWritesAOB: //"ffxv_s.exe"+2C553F:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
chocoboTrotSpeedWritesAOB: //"ffxv_s.exe"+2C553F:
readmem(originalcode_trotspeedmod,18)
//db F3 44 0F 11 4B 10 48 8B CF 0F 28 F0 F3 44 0F 11 43 0C
//Alt: movss [rbx+10],xmm9
//Alt: mov rcx,rdi
//Alt: movaps xmm6,xmm0
//Alt: movss [rbx+0C],xmm8
unregistersymbol(originalcode_trotspeedmod)
unregistersymbol(dChocoboTrotSpeed)
unregistersymbol(dChocoboWalkSpeed)
unregistersymbol(dAltChocoboSprintKeySpeed)
unregistersymbol(pChocoboStuff)
unregistersymbol(pChocoboTrotSpeed)
unregistersymbol(pChocoboWalkSpeed)
6147
"alt chocobo sprint key"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
dAltChocoboSprintKeySpeed:
dd (float)4
{$lua}
function altChocoboSprintKeys(timer)
if ( isKeyPressed(VK_CAPITAL) ) then
writeFloat("dChocoboWalkSpeed",readFloat("dAltChocoboSprintKeySpeed"))
writeFloat("dChocoboTrotSpeed",readFloat("dAltChocoboSprintKeySpeed"))
else
writeFloat("dChocoboWalkSpeed",1)
writeFloat("dChocoboTrotSpeed",1)
end
end
t3=createTimer(nil)
timer_setInterval(t3, 100)
timer_onTimer(t3, altChocoboSprintKeys)
timer_setEnabled(t3, true)
{$asm}
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
{$lua}
timer_setEnabled(t3, false)
{$asm}
6148
"hold CapsLock"
808080
1
6149
"alt sprint speed"
008000
Float
dAltChocoboSprintKeySpeed
6150
"[custom speed]"
000080
1
6151
"walk speed"
008000
Float
dChocoboWalkSpeed
6152
"trot speed"
008000
Float
dChocoboTrotSpeed
6153
""
808080
1
6154
"[current speed]"
000080
Array of byte
0
pChocoboStuff
0
6155
"walk speed"
0000FF
Float
+14
6156
"trot speed"
0000FF
Float
+10
8138
"tech exp multiplier"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(techExpCalOnChangeAOB,ffxv_s.exe,8B ** ** 44 01 C9 78 0C B8 ** ** ** ** 39 C1)
registersymbol(techExpCalOnChangeAOB)
label(dTechExpMultiplier)
registersymbol(dTechExpMultiplier)
alloc(newmem,2048,techExpCalOnChangeAOB) //"ffxv_s.exe"+740EF5E)
label(originalcode_techexpmultiplier)
registersymbol(originalcode_techexpmultiplier)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push r9
fild dword ptr [rsp]
mov rcx,dTechExpMultiplier
fmul dword ptr [rcx]
fistp dword ptr [rsp]
pop r9
readmem(techExpCalOnChangeAOB,6)
jns @f
jmp techExpCalOnChangeAOB+14
@@:
readmem(techExpCalOnChangeAOB+8,7)
jmp exit
originalcode_techexpmultiplier:
readmem(techExpCalOnChangeAOB,15)
//mov ecx,[rdx+08]
//add ecx,r9d
//js ffxv_s.exe+740EF72
//mov eax,3B9AC9FF
//cmp ecx,eax
exit:
jmp techExpCalOnChangeAOB+f
///
dTechExpMultiplier:
dd (float)2
///
techExpCalOnChangeAOB: //"ffxv_s.exe"+740EF5E:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
techExpCalOnChangeAOB: //"ffxv_s.exe"+740EF5E:
readmem(originalcode_techexpmultiplier,15)
//db 8B 4A 08 44 01 C9 78 0C B8 FF C9 9A 3B 39 C1
//Alt: mov ecx,[rdx+08]
//Alt: add ecx,r9d
//Alt: js ffxv_s.exe+740EF72
//Alt: mov eax,3B9AC9FF
//Alt: cmp ecx,eax
unregistersymbol(originalcode_techexpmultiplier)
unregistersymbol(dTechExpMultiplier)
8139
"x?"
008000
Float
dTechExpMultiplier
8140
"skill exp multiplier"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(skillExpCalOnChangeAOB,ffxv_s.exe,8B ** ** 44 01 C2 78 0D B8 ** ** ** ** 39 C2)
registersymbol(skillExpCalOnChangeAOB)
label(dSkillExpMultiplier)
registersymbol(dSkillExpMultiplier)
alloc(newmem,2048,skillExpCalOnChangeAOB) //"ffxv_s.exe"+7412FE7)
label(originalcode_skillexpmultiplier)
registersymbol(originalcode_skillexpmultiplier)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push r8
fild dword ptr [rsp]
mov rdx,dSkillExpMultiplier
fmul dword ptr [rdx]
fistp dword ptr [rsp]
pop r8
readmem(skillExpCalOnChangeAOB,6)
jne @f
jmp skillExpCalOnChangeAOB+15
@@:
readmem(skillExpCalOnChangeAOB+8,7)
jmp exit
originalcode_skillexpmultiplier:
readmem(skillExpCalOnChangeAOB,15)
//mov edx,[rcx+04]
//add edx,r8d
//js ffxv_s.exe+7412FFC
//mov eax,3B9AC9FF
//cmp edx,eax
exit:
jmp skillExpCalOnChangeAOB+f
///
dSkillExpMultiplier:
dd (float)4
///
skillExpCalOnChangeAOB: //"ffxv_s.exe"+7412FE7:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
skillExpCalOnChangeAOB: //"ffxv_s.exe"+7412FE7:
readmem(originalcode_skillexpmultiplier,15)
//db 8B 51 04 44 01 C2 78 0D B8 FF C9 9A 3B 39 C2
//Alt: mov edx,[rcx+04]
//Alt: add edx,r8d
//Alt: js ffxv_s.exe+7412FFC
//Alt: mov eax,3B9AC9FF
//Alt: cmp edx,eax
unregistersymbol(originalcode_skillexpmultiplier)
unregistersymbol(dSkillExpMultiplier)
8141
"x?"
008000
Float
dSkillExpMultiplier
6157
"custom guest member mod .32"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(guestFlagChkOnPartyRefreshAOB,ffxv_s.exe,40 ** ** 38 03 00 00 74 ** B2 01)
registersymbol(guestFlagChkOnPartyRefreshAOB)
label(dCustomGuestID)
registersymbol(dCustomGuestID)
label(pPartyToBeLoad)
registersymbol(pPartyToBeLoad)
alloc(newmem,2048,guestFlagChkOnPartyRefreshAOB) //"ffxv_s.exe"+1667F72)
label(originalcode_customguestmod)
registersymbol(originalcode_customguestmod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rcx,pPartyToBeLoad
mov [rcx],rbx
push rax
mov rcx,originalcode_customguestmod
movzx rax,byte ptr [rcx+8]
mov rcx,guestFlagChkOnPartyRefreshAOB
lea rcx,[rcx+9]
lea rcx,[rax+rcx]
////mov rax,dCustomGuestID
////cmp dword ptr [rax],ffffffff
pop rax
////je adjustedori1b
adjustedori1a:
cmp dword ptr [rbx+33c],ffffffff
jne @f
jmp adjustedori1c //
//cmp sil,1
//jne adjustedori1c
//jmp rcx
adjustedori1b:
//push rax
//mov rcx,originalcode_customguestmod
//movzx rax,byte ptr [rcx+8]
//mov rcx,guestFlagChkOnPartyRefreshAOB
//lea rcx,[rcx+9]
//lea rcx,[rax+rcx]
//pop rax
readmem(guestFlagChkOnPartyRefreshAOB,7)
jne @f
jmp rcx
adjustedori1c:
readmem(guestFlagChkOnPartyRefreshAOB+9,5)
jmp exit
originalcode_customguestmod:
readmem(guestFlagChkOnPartyRefreshAOB,14)
//cmp [rbx+00000338],sil
//je ffxv_s.exe+1667FB2
//mov dl,01
//mov rcx,rbp
exit:
jmp guestFlagChkOnPartyRefreshAOB+e
///
dCustomGuestID:
dd 7
dd 0
pPartyToBeLoad:
///
guestFlagChkOnPartyRefreshAOB: //"ffxv_s.exe"+1667F72:
jmp newmem
///**********************************************///
aobscanmodule(charIDIfGusetFlagIsOnAOB,ffxv_s.exe,45 33 C0 8B ** ** ** ** ** 48 ** ** E8 ** ** ** ** B2)
registersymbol(charIDIfGusetFlagIsOnAOB)
alloc(newmem2,2048,charIDIfGusetFlagIsOnAOB) //"ffxv_s.exe"+171B9F9)
label(originalcode2_customguestmod)
registersymbol(originalcode2_customguestmod)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(charIDIfGusetFlagIsOnAOB,3)
cmp dword ptr [rbx+33c],ffffffff
jne @f
mov rcx,dCustomGuestID
mov edx,[rcx]
jmp end2
@@:
readmem(charIDIfGusetFlagIsOnAOB+3,6)
end2:
readmem(charIDIfGusetFlagIsOnAOB+9,3)
reassemble(charIDIfGusetFlagIsOnAOB+c)
jmp exit2
originalcode2_customguestmod:
readmem(charIDIfGusetFlagIsOnAOB,17)
//xor r8d,r8d
//mov edx,[rbx+0000033C]
//mov rcx,rdi
//call ffxv_s.exe+7D71D0
exit2:
jmp charIDIfGusetFlagIsOnAOB+11
///
charIDIfGusetFlagIsOnAOB: //"ffxv_s.exe"+171B9F9:
jmp newmem2
///**********************************************///
aobscanmodule(chkIfAnyMemberIs0BOnPartyRefreshAOB,ffxv_s.exe,83 ** 34 03 00 00 0B 74 0D 83 ** 3C 03 00 00 0B)
registersymbol(chkIfAnyMemberIs0BOnPartyRefreshAOB)
alloc(newmem6,2048,chkIfAnyMemberIs0BOnPartyRefreshAOB) //"ffxv_s.exe"+1667FCD)
label(originalcode6_customguestmod)
registersymbol(originalcode6_customguestmod)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(chkIfAnyMemberIs0BOnPartyRefreshAOB,7)
jne @f
jmp chkIfAnyMemberIs0BOnPartyRefreshAOB+16
@@:
////mov rax,dCustomGuestID
////cmp dword ptr [rax],ffffffff
////je @f
cmp dword ptr [rbx+0000033c],ffffffff
jne @f
mov rax,dCustomGuestID
cmp dword ptr [rax],0000000b
jmp end6
@@:
readmem(chkIfAnyMemberIs0BOnPartyRefreshAOB+9,7)
end6:
jmp exit6
originalcode6_customguestmod:
readmem(chkIfAnyMemberIs0BOnPartyRefreshAOB,16)
//cmp dword ptr [rbx+00000334],0B
//je ffxv_s.exe+1667FE3
//cmp dword ptr [rbx+0000033C],0B
exit6:
jmp chkIfAnyMemberIs0BOnPartyRefreshAOB+10
///
chkIfAnyMemberIs0BOnPartyRefreshAOB: //"ffxv_s.exe"+1667FCD:
jmp newmem6
///**********************************************///
aobscanmodule(partySlotsConstReadAOB,ffxv_s.exe,8B 16 48 ** ** ** ** ** ** E8 ** ** ** ** 85 C0)
registersymbol(partySlotsConstReadAOB)
label(pPartySlots)
registersymbol(pPartySlots)
label(bRemoveCustomGuestMember)
registersymbol(bRemoveCustomGuestMember)
alloc(newmem11,2048,partySlotsConstReadAOB) //"ffxv_s.exe"+6071930)
label(originalcode11_customguestmod)
registersymbol(originalcode11_customguestmod)
label(exit11)
newmem11: //this is allocated memory, you have read,write,execute access
//place your code here
cmp rdi,4
jne @f
mov rcx,pPartySlots
mov [rcx],rsi
////mov rcx,bRemoveCustomGuestMember
////cmp byte ptr [rcx],1
////jne @f
////mov byte ptr [rcx],0
////xor rcx,rcx
////mov [rsi],rcx
@@:
mov rdx,originalcode11_customguestmod
movsxd rdx,dword ptr [rdx+5]
mov rcx,partySlotsConstReadAOB
lea rcx,[rcx+9]
mov rcx,[rcx+rdx]
readmem(partySlotsConstReadAOB,2)
//reassemble(partySlotsConstReadAOB+2)
reassemble(partySlotsConstReadAOB+9)
jmp exit11
originalcode11_customguestmod:
readmem(partySlotsConstReadAOB,14)
//mov edx,[rsi]
//mov rcx,[ffxv_s.exe+43F6600]
//call ffxv_s.exe+59323D0
exit11:
jmp partySlotsConstReadAOB+e
///
bRemoveCustomGuestMember:
dd 0
pPartySlots:
///
partySlotsConstReadAOB: //"ffxv_s.exe"+6071930:
jmp newmem11
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
guestFlagChkOnPartyRefreshAOB: //"ffxv_s.exe"+1667F72:
readmem(originalcode_customguestmod,14)
//db 40 38 B3 38 03 00 00 74 37 B2 01 48 8B CD
//Alt: cmp [rbx+00000338],sil
//Alt: je ffxv_s.exe+1667FB2
//Alt: mov dl,01
//Alt: mov rcx,rbp
unregistersymbol(originalcode_customguestmod)
unregistersymbol(dCustomGuestID)
unregistersymbol(pPartyToBeLoad)
///**********************************************///
dealloc(newmem2)
charIDIfGusetFlagIsOnAOB: //"ffxv_s.exe"+171B9F9:
readmem(originalcode2_customguestmod,17)
//db 45 33 C0 8B 93 3C 03 00 00 48 8B CF E8 C6 B7 0B FF
//Alt: xor r8d,r8d
//Alt: mov edx,[rbx+0000033C]
//Alt: mov rcx,rdi
//Alt: call ffxv_s.exe+7D71D0
unregistersymbol(originalcode2_customguestmod)
///**********************************************///
dealloc(newmem6)
chkIfAnyMemberIs0BOnPartyRefreshAOB: //"ffxv_s.exe"+1667FCD:
readmem(originalcode6_customguestmod,16)
//db 83 BB 34 03 00 00 0B 74 0D 83 BB 3C 03 00 00 0B
//Alt: cmp dword ptr [rbx+00000334],0B
//Alt: je ffxv_s.exe+1667FE3
//Alt: cmp dword ptr [rbx+0000033C],0B
unregistersymbol(originalcode6_customguestmod)
///**********************************************///
dealloc(newmem11)
partySlotsConstReadAOB: //"ffxv_s.exe"+6071930:
readmem(originalcode11_customguestmod,14)
//db 8B 16 48 8B 0D C7 4C 38 FE E8 92 0A 8C FF
//Alt: mov edx,[rsi]
//Alt: mov rcx,[ffxv_s.exe+43F6600]
//Alt: call ffxv_s.exe+59323D0
unregistersymbol(originalcode11_customguestmod)
unregistersymbol(bRemoveCustomGuestMember)
unregistersymbol(pPartySlots)
6158
"custom guest ID"
ffffffff:no custom guest
00000000:Noctis
00000001:Gladiolus
00000002:Prompto
00000003:Ignis
00000004:Ardyn
00000005:AraneaHighWind
00000006:Cor
00000007:Iris
00000008:Umbra
0000000F:Ravus
1
008000
4 Bytes
dCustomGuestID
6159
""
808080
1
6160
"current guest member"
ffffffff:no guest
00000000:Noctis
00000001:Gladiolus
00000002:Prompto
00000003:Ignis
00000004:Ardyn
00000005:AraneaHighWind
00000006:Cor
00000007:Iris
00000008:Umbra
00000009:Gentiana
0000000A:Titan
0000000B:Glaive
0000000F:Ravus
00000010:Lunafreya
1
808080
4 Bytes
pPartySlots
0
6161
"current party setup"
1
000080
Array of byte
0
pPartyToBeLoad
0
6162
"guest flag"
1
808080
4 Bytes
+338
6163
"guest"
ffffffff:no guest
00000000:Noctis
00000001:Gladiolus
00000002:Prompto
00000003:Ignis
00000004:Ardyn
00000005:AraneaHighWind
00000006:Cor
00000007:Iris
00000008:Umbra
00000009:Gentiana
0000000A:Titan
0000000B:Glaive
0000000F:Ravus
00000010:Lunafreya
1
808080
4 Bytes
+4
11035
"unlock all Avatar appearance options"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(avataraAppearanceObtainedFlagsRetrieveAOB,ffxv_s.exe,E8 ** ** ** ** 90 85 DB 74 ** 83)
registersymbol(avataraAppearanceObtainedFlagsRetrieveAOB)
avataraAppearanceObtainedFlagsRetrieveAOB+8: //"ffxv_s.exe"+2149D6:
db EB
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
avataraAppearanceObtainedFlagsRetrieveAOB+8: //"ffxv_s.exe"+2149D6:
db 74
//Alt: je
10783
"dossiers cam control override .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(camZoomAllowedForDossiersChkOnViewStartAOB,ffxv_s.exe,48 85 C9 74 08 40 ** ** ** 40 ** ** ** 48 ** ** E8 ** ** ** ** 41 ** ** 40)
registersymbol(camZoomAllowedForDossiersChkOnViewStartAOB)
label(bCustomDossiersCamSetting)
registersymbol(bCustomDossiersCamSetting)
alloc(newmem,2048,camZoomAllowedForDossiersChkOnViewStartAOB) //"ffxv_s.exe"+97CCF8C)
label(originalcode_dossierscamsettingoverride)
registersymbol(originalcode_dossierscamsettingoverride)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(camZoomAllowedForDossiersChkOnViewStartAOB,3)
jz @f
push rax
mov rax,bCustomDossiersCamSetting
mov eax,[rax]
mov [rcx+28],eax
pop rax
readmem(camZoomAllowedForDossiersChkOnViewStartAOB+5,8)
@@:
readmem(camZoomAllowedForDossiersChkOnViewStartAOB+d,3)
jmp exit
originalcode_dossierscamsettingoverride:
readmem(camZoomAllowedForDossiersChkOnViewStartAOB,16)
//test rcx,rcx
//je ffxv_s.exe+97CCF99
//cmp [rcx+29],sil
//sete sil
//mov rcx,rbp
exit:
jmp camZoomAllowedForDossiersChkOnViewStartAOB+10
///
bCustomDossiersCamSetting:
db 01 //h.rotate
db 01 //zoom
db 01 //reposition
db 01 //v.rotate, depends on h.rotate
///
camZoomAllowedForDossiersChkOnViewStartAOB: //"ffxv_s.exe"+97CCF8C:
jmp newmem
///*****************************************///
aobscanmodule(camZoomInLimitForDossiersViewReadAOB,ffxv_s.exe,F3 0F 10 ** ** 0F 28 C3 F3 ** ** ** 0F 2F)
registersymbol(camZoomInLimitForDossiersViewReadAOB)
label(dCustZoomInLimit)
registersymbol(dCustZoomInLimit)
alloc(newmem2,2048,camZoomInLimitForDossiersViewReadAOB) //"ffxv_s.exe"+114DE91)
label(originalcode2_dossierscamsettingoverride)
registersymbol(originalcode2_dossierscamsettingoverride)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
push rsi
push rax
mov rax,dCustZoomInLimit
mov [rax+4],rsi
pop rax
mov rsi,dCustZoomInLimit
lea rsi,[rsi-8]
originalcode2_dossierscamsettingoverride:
readmem(camZoomInLimitForDossiersViewReadAOB,15)
//movss xmm3,[rsi+08]
//movaps xmm0,xmm3
//mulss xmm0,xmm2
//comiss xmm1,xmm0
pop rsi //
exit2:
jmp camZoomInLimitForDossiersViewReadAOB+f
///
dCustZoomInLimit:
dd (float)-2.3
///
camZoomInLimitForDossiersViewReadAOB: //"ffxv_s.exe"+114DE91:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
camZoomAllowedForDossiersChkOnViewStartAOB: //"ffxv_s.exe"+97CCF8C:
readmem(originalcode_dossierscamsettingoverride,16)
//db 48 85 C9 74 08 40 38 71 29 40 0F 94 D6 48 89 E9
//Alt: test rcx,rcx
//Alt: je ffxv_s.exe+97CCF99
//Alt: cmp [rcx+29],sil
//Alt: sete sil
//Alt: mov rcx,rbp
unregistersymbol(originalcode_dossierscamsettingoverride)
unregistersymbol(bCustomDossiersCamSetting)
///*****************************************///
dealloc(newmem2)
camZoomInLimitForDossiersViewReadAOB: //"ffxv_s.exe"+114DE91:
readmem(originalcode2_dossierscamsettingoverride,15)
//db F3 0F 10 5E 08 0F 28 C3 F3 0F 59 C2 0F 2F C8
//Alt: movss xmm3,[rsi+08]
//Alt: movaps xmm0,xmm3
//Alt: mulss xmm0,xmm2
//Alt: comiss xmm1,xmm0
unregistersymbol(originalcode2_dossierscamsettingoverride)
unregistersymbol(dCustZoomInLimit)
10781
"reposition"
00:force disable
01:force enable
1
008000
Byte
bCustomDossiersCamSetting+2
10779
"h. rotate"
00:force disable
01:force enable
1
008000
Byte
bCustomDossiersCamSetting+0
10782
"v. rotate"
00:force disable
01:force enable
1
008000
Byte
bCustomDossiersCamSetting+3
10780
"zoom"
00:force disable
01:force enable
1
008000
Byte
bCustomDossiersCamSetting+1
10786
"zoom in limit"
008000
Float
dCustZoomInLimit
10788
"game default"
808080
Float
dCustZoomInLimit+4
8
8134
"[pointers]"
000080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(optionsNoReadInMenuAOB,ffxv_s.exe,C7 ** ** ** ** ** ** ** 48 ** ** ** ** ** ** 48 ** ** 75 ** 8B 9E 64 09 00 00 48)
registersymbol(optionsNoReadInMenuAOB)
label(dOptinsNo)
registersymbol(dOptinsNo)
alloc(newmem,2048,optionsNoReadInMenuAOB) //"ffxv_s.exe"+ADD6859)
label(originalcode_itemreadinremodelingmenu)
registersymbol(originalcode_itemreadinremodelingmenu)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(optionsNoReadInMenuAOB,18)
jne @f
readmem(optionsNoReadInMenuAOB+14,6)
mov rcx,dOptinsNo
mov [rcx],ebx
@@:
jmp exit
originalcode_itemreadinremodelingmenu:
readmem(optionsNoReadInMenuAOB,18)
//mov [rsp+20],00000001
//lea rcx,[rsi+00000730]
//cmp rbx,rcx
exit:
jmp optionsNoReadInMenuAOB+12
///
dOptinsNo:
///
optionsNoReadInMenuAOB: //"ffxv_s.exe"+ADD6859:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
optionsNoReadInMenuAOB: //"ffxv_s.exe"+ADD6859:
readmem(originalcode_itemreadinremodelingmenu,18)
//db C7 44 24 20 01 00 00 00 48 8D 8E 30 07 00 00 48 39 CB
//Alt: mov [rsp+20],00000001
//Alt: lea rcx,[rsi+00000730]
//Alt: cmp rbx,rcx
unregistersymbol(originalcode_itemreadinremodelingmenu)
unregistersymbol(dOptinsNo)
6841
"[misc.]"
000080
1
6832
"Gil"
0000FF
4 Bytes
pSomeGameInfoA
5650
7016
"Medals"
0000FF
4 Bytes
pSomeGameInfoA
5654
7017
"?"
0000FF
4 Bytes
pSomeGameInfoA
5658
6836
"AP"
0000FF
4 Bytes
pSomeGameInfoA
565c
6837
"tech bar"
0000FF
Float
pSomeGameInfoA
[originalcode17_enable+6]-4
6839
"max"
0000FF
Float
+4
6838
"armiger bar"
0000FF
Float
pSomeGameInfoA
[originalcode17_enable+6]-10
6840
"max"
0000FF
Float
+4
8142
"[highlighted gear accessory]"
000080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(gearHAccessoryIDReadAOB,ffxv_s.exe,8B 1B E8 ** ** ** ** C7 47 ** ** ** ** ** 89 ** ** C7)
registersymbol(gearHAccessoryIDReadAOB)
label(pHighlightedGearAccessory)
registersymbol(pHighlightedGearAccessory)
alloc(newmem,2048,gearHAccessoryIDReadAOB) //"ffxv_s.exe"+1132B3D)
label(originalcode_highlightedgearaccessory)
registersymbol(originalcode_highlightedgearaccessory)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
mov rax,pHighlightedGearAccessory
mov [rax],rbx
pop rax
readmem(gearHAccessoryIDReadAOB,2)
reassemble(gearHAccessoryIDReadAOB+2)
readmem(gearHAccessoryIDReadAOB+7,7)
jmp exit
originalcode_highlightedgearaccessory:
readmem(gearHAccessoryIDReadAOB,14)
//mov ebx,[rbx]
//call ffxv_s.exe+9D7CA0
//mov [rdi+20],00000006
exit:
jmp gearHAccessoryIDReadAOB+e
///
pHighlightedGearAccessory:
///
gearHAccessoryIDReadAOB: //"ffxv_s.exe"+1132B3D:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
gearHAccessoryIDReadAOB: //"ffxv_s.exe"+1132B3D:
readmem(originalcode_highlightedgearaccessory,14)
//db 8B 1B E8 5C 51 8A FF C7 47 20 06 00 00 00
//Alt: mov ebx,[rbx]
//Alt: call ffxv_s.exe+9D7CA0
//Alt: mov [rdi+20],00000006
unregistersymbol(originalcode_highlightedgearaccessory)
unregistersymbol(pHighlightedGearAccessory)
8144
"Accessory ID"
17004553:Bronze Bangle
17004554:Iron Bangle
17004555:Carbon Bangle
17004556:Titanium Bangle
17004557:Silver Bangle
17004558:Gold Bangle
17004559:Platinum Bangle
17004560:Centurion Bangle
17004561:Legatus Bangle
17004562:Gigas Bangle
17004563:Onion Bangle
17004564:Adamantite Bangle
17004565:White choker
17004566:Green Choker
17004567:Blue Choker
17004568:Red Choker
17004569:Black Choker
17004570:Garnet Bracelet
17004571:Amethyst Bracelet
17004572:Heliodor Bracelet
17004573:Sapphire Bracelet
17004574:Ruby Bracelet
17004575:Emerald Bracelet
17004576:Diamond Bracelet
17004577:Blue Diamond Bracelet
17004578:Dark Matter Bracelet
17004579:Soldiers Anklet
17004580:Warriors Anklet
17004581:Fencers Anklet
17004582:Knight's Anklet
17004583:Crusader's Anklet
17004584:Champions Anklet
17004585:Emperors Anklet
17004586:Anklet of the Gods
17004587:Amulet
17004588:Angel Earring
17004589:Talisman
17004590:Rune Earrings
17004591:Circlet
17004592:Oracle Erring
17004593:Mystic Circlet
17004594:Hypno Crown
17004595:Potpourri
17004596:White Sage
17004597:Power Stone
17004598:Oracle Card
17004599:Pendulum
17004600:Lavender Oil
17004601:Purified Salt
17004602:Tarot Card
17004603:Assist Suit
17004604:Magitek Suit
17004605:Magitek Suit v2
17004606:Star Pendant
17004607:Rainbow Pendant
17004608:Moon Pendant
17004609:Earth Pendant
17004610:Golden Hourglass
17004611:Safety Bit
17004616:Ribbon
17004617:Bulletproof Vest
17004618:Bulletproof Suit
17004619:Chobham Armor
17004620:Fireproof Inners
17004621:Fire Crest
17004624:Warm Inners
17004625:Ice Crest
17004628:Insulated Inners
17004629:Lightning Crest
17004632:Anti-Darkness Inners
17004633:Dark Crest
17004636:Celestriad
17004637:Mightry Guard
17004638:Stone Wall
17004639:Genji Gloves
17004640:Tempered Shield
17004641:Magitek Shield
17004642:Towel
17004643:Handkerchief
17004644:White Sneakers
17004645:Field Medicine
17004646:Thieves' Way
17004647:Thieves' Way II
17004654:Friendship Band
17004658:Auto-Changer
17004659:Soul of Thamasa
17004660:Robe of Lord
17004661:Applied Sorcery
17004663:Black Hood
17004665:Megaphone
17004667:Black Belt
17004670:The Good Chamberlain
17004671:The Grand Chamberlain
17004672:Target Scope
17004674:Camera Strap
17004676:Moogle Charm
17031695:Bandage
17031696:Styling Gel
17194398:The Tall's Talisman
17194399:The Clever's Talisman
17004671:The Wanderer's Talisman
17194401:Trihead Heart
17182048:Founders King Sigil
17193053:Rare Metal
17092531:Ring Of Resistance
17092532:Nixperience Band
17092533:AP Adapter
17092534:Tech Turbo Charger
17092535:Armiger Accelerator
17092536:Warrior's Fanfare
17092537:Blitzer's Fanfare
17092538:Tactician's Fanfare
17092539:Key of Prosperity
17092540:Radiant Gemstone
17092541:Stamina Badge
0000FF
4 Bytes
pHighlightedGearAccessory
0
8161
"Accessory ID"
1
0000FF
4 Bytes
pHighlightedGearAccessory
0
8145
"Effect ID"
17004553:Bronze Bangle
17004554:Iron Bangle
17004555:Carbon Bangle
17004556:Titanium Bangle
17004557:Silver Bangle
17004558:Gold Bangle
17004559:Platinum Bangle
17004560:Centurion Bangle
17004561:Legatus Bangle
17004562:Gigas Bangle
17004563:Onion Bangle
17004564:Adamantite Bangle
17004565:White choker
17004566:Green Choker
17004567:Blue Choker
17004568:Red Choker
17004569:Black Choker
17004570:Garnet Bracelet
17004571:Amethyst Bracelet
17004572:Heliodor Bracelet
17004573:Sapphire Bracelet
17004574:Ruby Bracelet
17004575:Emerald Bracelet
17004576:Diamond Bracelet
17004577:Blue Diamond Bracelet
17004578:Dark Matter Bracelet
17004579:Soldiers Anklet
17004580:Warriors Anklet
17004581:Fencers Anklet
17004582:Knight's Anklet
17004583:Crusader's Anklet
17004584:Champions Anklet
17004585:Emperors Anklet
17004586:Anklet of the Gods
17004587:Amulet
17004588:Angel Earring
17004589:Talisman
17004590:Rune Earrings
17004591:Circlet
17004592:Oracle Erring
17004593:Mystic Circlet
17004594:Hypno Crown
17004595:Potpourri
17004596:White Sage
17004597:Power Stone
17004598:Oracle Card
17004599:Pendulum
17004600:Lavender Oil
17004601:Purified Salt
17004602:Tarot Card
17004603:Assist Suit
17004604:Magitek Suit
17004605:Magitek Suit v2
17004606:Star Pendant
17004607:Rainbow Pendant
17004608:Moon Pendant
17004609:Earth Pendant
17004610:Golden Hourglass
17004611:Safety Bit
17004616:Ribbon
17004617:Bulletproof Vest
17004618:Bulletproof Suit
17004619:Chobham Armor
17004620:Fireproof Inners
17004621:Fire Crest
17004624:Warm Inners
17004625:Ice Crest
17004628:Insulated Inners
17004629:Lightning Crest
17004632:Anti-Darkness Inners
17004633:Dark Crest
17004636:Celestriad
17004637:Mightry Guard
17004638:Stone Wall
17004639:Genji Gloves
17004640:Tempered Shield
17004641:Magitek Shield
17004642:Towel
17004643:Handkerchief
17004644:White Sneakers
17004645:Field Medicine
17004646:Thieves' Way
17004647:Thieves' Way II
17004654:Friendship Band
17004658:Auto-Changer
17004659:Soul of Thamasa
17004660:Robe of Lord
17004661:Applied Sorcery
17004663:Black Hood
17004665:Megaphone
17004667:Black Belt
17004670:The Good Chamberlain
17004671:The Grand Chamberlain
17004672:Target Scope
17004674:Camera Strap
17004676:Moogle Charm
17031695:Bandage
17031696:Styling Gel
17092531:Ring Of Resistance
17092532:Nixperience Band
17092533:AP Adapter
17092534:Tech Turbo Charger
17092535:Armiger Accelerator
17092536:Warrior's Fanfare
17092537:Blitzer's Fanfare
17092538:Tactician's Fanfare
17092539:Key of Prosperity
17092540:Radiant Gemstone
17092541:Stamina Badge
0000FF
4 Bytes
pHighlightedGearAccessory
30
8146
"HP Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
58
8147
"HP Regen"
0000FF
4 Bytes
pHighlightedGearAccessory
5C
8148
"MP Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
60
8149
"MP Regen"
0000FF
4 Bytes
pHighlightedGearAccessory
64
8150
"Strength Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
48
8151
"Defense Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
4C
8152
"Magic Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
50
8153
"Spirit Mod"
0000FF
4 Bytes
pHighlightedGearAccessory
54
8154
"[Resistances]"
000080
1
8155
"Make Values Negative Here. (-50 = +50%)"
808080
1
8156
"Fire Resistance Mod"
1
0000FF
4 Bytes
pHighlightedGearAccessory
78
8157
"Ice Resistance Mod"
1
0000FF
4 Bytes
pHighlightedGearAccessory
7C
8158
"Thunder Resistance Mod"
1
0000FF
4 Bytes
pHighlightedGearAccessory
80
8159
"Darkness Resistance Mod"
1
0000FF
4 Bytes
pHighlightedGearAccessory
84
8160
"Ballistic Resistance Mod"
1
0000FF
4 Bytes
pHighlightedGearAccessory
74
7742
"[Episodes]"
000080
1
7741
"[highlighted item]"
000080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(ePHighlightedItemQReadAOB,ffxv_s.exe,48 ** ** 48 8D ** ** 48 85 C0 74 ** 8B)
registersymbol(ePHighlightedItemQReadAOB)
label(bEPHighlightedItem)
registersymbol(bEPHighlightedItem)
alloc(newmem,2048,ePHighlightedItemQReadAOB) //"ffxv_s.exe"+779212)
label(originalcode_ephighlighteditem)
registersymbol(originalcode_ephighlighteditem)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(ePHighlightedItemQReadAOB,10)
jnz @f
mov rbp,originalcode_ephighlighteditem
movzx rbx,byte ptr [rbp+b]
mov rbp,ePHighlightedItemQReadAOB
lea rbp,[rbp+c]
lea rbx,[rbx+rbp]
jmp rbx
@@:
mov rbx,bEPHighlightedItem
mov [rbx],rax
readmem(ePHighlightedItemQReadAOB+c,3)
jmp exit
originalcode_ephighlighteditem:
readmem(ePHighlightedItemQReadAOB,15)
//movsxd rcx,ebp
//lea rax,[rax+rcx*8]
//test rax,rax
//je ffxv_s.exe+77924D
//mov edi,[rax+04]
exit:
jmp ePHighlightedItemQReadAOB+f
///
bEPHighlightedItem:
///
ePHighlightedItemQReadAOB: //"ffxv_s.exe"+779212:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
ePHighlightedItemQReadAOB: //"ffxv_s.exe"+779212:
readmem(originalcode_ephighlighteditem,15)
//db 48 63 CD 48 8D 04 C8 48 85 C0 74 2F 8B 78 04
//Alt: movsxd rcx,ebp
//Alt: lea rax,[rax+rcx*8]
//Alt: test rax,rax
//Alt: je ffxv_s.exe+77924D
//Alt: mov edi,[rax+04]
unregistersymbol(originalcode_ephighlighteditem)
unregistersymbol(bEPHighlightedItem)
7743
"ID"
-----Potions-----
16789763:Potion
16804372:Hi-Poition
17007196:Mega-Potion
16797897:Ether
16797899:Elixir
17061946:Hi-Elixir
16797900:Megalixir
16847544:Phoenix Down
16908179:Mega Phoenix
16842430:Antidote
16802100:Remedy
17007250:Gold Needle
17007251:Smelling Salts
17007252:Maidens Kiss
16908177:Super Restorative
16908180:Muscle Stimulant
17007255:Reflex Enhancer
17007256:Magitek Booster
17039271:Flesh Fortifiier
16797812:Power EX
16797813:Spirit EX
17007253:Mettle VX
17007254:Verve WX
16954523:Moogle Plushie
17160101:Potion (Prompto)
17160102:Hi-Poition (Prompto)
17158752:Elixir (Prompto)
17158755:Phoenix Down (Prompto)
17160104:Superior Restorative (Prompto)
17189879:Potion (Ignis)
17189880:Hi-Poition (Ignis)
17189882:Superior Restorative (Ignis)
17189883:Elixir (Ignis)
17189884:Hi-Elixir (Ignis)
17189885:Megalixir (Ignis)
17189886:Phoenix Down (Ignis)
17189888:Power EX (Ignis)
17189889:Mettle VX (Ignis)
17189891:Spirit EX (Ignis)
17189892:Muscle Stimulant (Ignis)
17189893:Flesh Fortifiier (Ignis)
-----Ingredients-----
17101940:Adamantoise Meat
16908251:Aegir Root
16984933:Allural Sea Bass Fillet
17014304:Allural Shallot
16908252:Alstroom
16986609:Anak Meat
17014305:Arapaima Roe
16984931:Barramudi Fillet
17101937:Basilisk Breast
17101945:Beetroot
16986612:Behomoth Tenderloin
16908257:Birdbreast Egg
17101939:Bulette Shank
16986624:Caem Pinkshrimp
17007297:Catoblepas Brisket
16986613:Chickatrice Leg
17101944:Chocobean
16986625:Cleigne Darkshell
16986623:Cleigne Mollusk
16986638:Cleigne Wheat
17101943:Coraldevil Fin
16986641:Cup Noodles
16986642:Cup Noodles (EXP)
16986626:Cygillan Crab
17037503:Daggerquill Breast
17101947:Dank Barramundi Fillet
16984936:Devil Gar Fillet
16986611:Dualhorn Steak
17101949:Duscaen Orange
16986619:Eos Green Peas
16986639:Fine Cleigne Wheat
16986614:Fine Gighee Ham
16986620:Funguar
17101951:Garlic
16908250:Garula Sirloin
17101938:Garulessa Steak
17101936:Gigantoad Steak
16908248:Gighee Ham
17014300:Griffon Breast
16986632:Hulldagh Nutmeg
17014297:Jabberwock Sirloin
17101941:Karlabos Claw
17014303:Kettier Ginger
16986617:Killer Tomato
16984937:King Trout Fillet
16986637:Kujata Marrow
16908259:Leiden Pepper
16986618:Leiden Potato
16986633:Leiden Sweet Potato
17014298:Leukorn Steak
16984935:Lucian Carp Fillet
16986615:Lucian Tomato
17101935:Luncheon Meat
16986622:Malmashroom
17014302:Midgardsormr Shank
17101946:Mighty Barramundi Fillet
16908256:Nebula Salmon Fillet
16984930:Platinum Myritrout Fillet
16986636:Sahagin Liver
16986640:Saxham Rice
16986631:Schier Turmeric
16984928:Sea Bass Fillet
16986630:Sheep Milk
17101942:Shieldshears Claw
16986634:Smoking Wood
17101950:Sweet Pepper
16986635:Tenebraen Oak
16984927:Tide Grouper Fillet
16908254:Trevally Fillet
16908255:Trout Fillet
16986629:Ulwaat Berries
16984932:Vesper Gar Fillet
16986621:Vesproom
17101948:Wennath Samon Fillet
16986616:Wild Onion
16984934:Zipper Barramundi Fillet
17014301:Zu Tender
-----Treasures-----
17069814:Adamantite
17093465:Alstor Bass Bones
17093467:Arapaima Scales
17037087:Arba Spur
17009813:Ammonite Fossil
17009869:Anak Antlers
17009868:Anak Fetlock
17009814:Ancient Dragon Tooth
17009862:Barbed Poison Needle
17009882:Barbed Scythe
17103949:Barramundi Innards
17103960:Barrelfish Mucus
17093468:Barrelfish Scales
17009880:Basilisk Plumage
17103953:Bass Eye
17103952:Bass Teeth
17009838:Beautiful Bottle
17037104:Beautiful Hide
17037114:Beautiful Plumage
17009826:Beetle Shell
17009883:Behemoth Horn
17037105:Big Scorpion Stinger
17093459:Bluegill Fin
17093458:Bluegill Scale
17009831:Broken Harmonica
17009827:Building Stone
17009886:Bulette Carapace
17037108:Cactuar Needle
17093460:Catfish Barbel
17093461:Catfish Heart
17103946:Catfish Mucus
17009875:Catoblepas Fang
17037088:Centipede Feet
17009895:Centipede Jaw
17009894:Centipede Legs
17037089:Centipede Teeth
17009810:Chrome Bit
17009879:Cockatrice Crest
17009878:Cockatrice Tail Feathers
17009856:Coeurl Whiskers
17037098:Colorful Griffon Claw
17037125:Crab Carapace
17009863:Crimson Tongue
17009867:Crooked Helixhorn
17009858:Curved Fang
17009876:Curved Hollowhorn
17103963:Dace Scales
17037094:Deadly Stinger
17009841:Debased Banknote
17009839:Debased Coin
17009840:Debased Silverpiece
17037124:Divine Whiskers
17037120:Downy Feathers
17037121:Dragon Claw
17037084:Dragon Horn
17009815:Dragon Scales
17037123:Drooping Whiskers
17009821:Dynamo
17009836:Earth Gemstone
17009819:Electrolytic Condenser
17037093:Enormous Stinger
17037097:Fearsome Hoof
17037102:Fine Crest
17037091:Fine Slimy Oil
17037100:Fine Tail Feathers
17009811:Fossil Shell
17009812:Fossil Wood
17103948:Gar Fin
17009849:Garula Fur
17009848:Garula Tusk
17037117:Giant Crab Pincers
17009870:Giant Curlhorn
17009825:Giant Feather
17009853:Giant Hairy Horn
17037096:Giant Hoof
17009835:Glass Gemstone
17084984:Glimmering Amber
17037115:Gorgeous Plumage
17009842:Gralean Medal of Distinction
17037086:Great Anak Antlers
17009850:Great Garula Tusk
17009893:Greatsnake Crest
17009892:Greatsnake Scale
17009885:Griffon Claw
17009884:Griffon Feather
17103954:Grouper Bones
17103956:Grouper Fin
17103955:Grouper Skin
17009851:Hairy Horn
17037107:Hard Scale
17009864:Hard Whiskers
17037111:Hardened Hide
17009852:Hardened Hoof
17009860:Havocfang Hide
17037109:Heavy Scale
17009847:Hunter's Medal
17009845:Hydraulic Cylinder
17009843:Imperial Medal of Honor
17009881:Insect Stinger
17009808:Iron Shavings
17093462:Jade Gar MirrorScale
17037112:Jumbo Needle
17103957:Large Arapaima Scales
17037130:Large Hollowhorn
17009820:Laser Sensor
17103961:Lucian Carp Reverscales
17103962:Lucian Carp Rowscales
17009822:Magitek Core
17009844:Magnetron
17037103:Magnificent Crest
17037101:Magnificent Tail Feathers
17009888:Malboro Eye
17009889:Malboro Vine
17009902:Mandrake Flower
17009865:Mesmenir Horn
17009806:Metal Scrap
17009890:Monster Claw
17009891:Monster Jaw
17103945:Morion Trout Scales
17093781:Murk Grouper Eye
17009834:Mythril Ingot
17009816:Mythril Shaft
17009830:Old Book
17093466:Phoenix Bass Bladder
17009832:Platinum Ingot
17103947:Poisonous Catfish Fin
17009898:Prawn Antennae
17009828:Quality Building Stone
17009833:Rare Coin
17009912:Repair Kit
17037129:Rotten Splinterbone
17009874:Rough Scales
17037090:Rough Shell
17009807:Rusted Bit
17009857:Sabertusk Claw
17009871:Sahagin Scale
17103943:Salmon Fin
17009861:Scaled Skin
17037085:Scarlet Splinterbone
17037106:Scorpion Barb
17009899:Scorpion Stinger
17009817:Sharp Bone
17037092:Sharp Bristles
17009872:Sharp Head Fin
17037113:Sharp Scythe
17009904:Sharp Tail Feathers
17009809:Shattered Timepiece
17009887:Shield Spike
17009837:Sky Gemstone
17009873:Slimy Oil
17037119:Small Beak
17093464:Snakehead Scales
17103951:Snakehead Scales
17093463:Snakehead Teeth
17037110:Spiked Armor
17103950:Spiny Barramundi Fin
17009829:Splendid Building Stone
17009823:Star Shell
17009818:Strong Bone
17037118:Strong Pincers
17037095:Strong Whiskers
17037127:Sturdy Helixhorn
17009866:Supple Tail
17009854:Thick Hide
17009905:Thunderoc Feather
17009824:Tiny Feather
17037116:Tough Shell
17037099:Translucent Skin
17009900:Treant Branch
17009901:Treant Trunk
17103959:Trevally Fin
17103958:Trevally Scales
17103944:Trout Scales
17009859:Voretooth Bristles
17009846:Wind-up Lord Vexxos
17009855:Worn Incisor
17009903:Wyvern Wing
17009907:Zu Beak
-----Auto Parts-----
17007402:2-Tone
17037666:Advanced Color Samples
17007409:The Beast
17007405:Beaux Arts
16936432:Blackstone Shard
16936434:Bluestone Shard
16936435:Greenstone Shard
17007444:Hammerhead Sticker
17033125:Lucian Cruisin Collection
17033102:Memories Of FF
17033103:Memories Of FFII
17033104:Memories Of FFIII
17033105:Memories Of FFIV
17033106:Memories Of FFV
17033107:Memories Of FFVI
17033108:Memories Of FFVII
17033109:Memories Of FFVIII
17033110:Memories Of FFIX Disc 1
17033111:Memories Of FFIX Disc 2
17033112:Memories Of FFX
17033113:Memories Of FF11 Disc 1
17033114:Memories Of FF11 Disc 2
17033115:Memories Of FF11 Disc 3
17033116:Memories Of FF11 Disc 4
17033117:Memories Of FF11 Disc 5
17033118:Memories Of FF12
17033119:Memories Of FFXIII
17033120:Memories Of FF14 Disc 1
17033121:Memories Of FF14 Disc 2
17033122:Memories Of DISSIDIA 012 FF
17033123:Memories Of FF Type-0
17033124:Memories The Dissidia 012
17033124:Lucian Cruisin' Collection
17033124:Afrojack
17033124:Memories Of KINGSGLAIVE
17033124:Memories Of JUSTICE MONSTERS FIVE
17033124:Memories Of BROTHERHOOD
17044344:Memories of NieR: Gestalt & Replicant
17044345:Memories of Nier: Automata
17044346:Memories of EPISODE GLADIOLUS
17044347:Memories of TERRA BATTLE
17044348:Memories of EPISODE PROMPTO
17044349:Memories of MULTIPLAYER EXPANSION: COMRADES
17044350:Memories of EPISODE IGNIS
17007423:Racing Stripes IV
17007424:Racing Stripes V
16936433:Redstone Shard
16957671:Supercharger
-----Leisure Goods-----
16984844:Mind Breaker
17051174:Menkar
16984917:Spider Silk
16984918:Super Baleen
16984919:Dragon Beard
16984856:Poppeck: Chocobo
16984857:Poppeck: White Chocobo
16984858:Poppeck: Red Chocobo
16984867:Sweet Jamming: Custard
16984868:Sweet Jamming: Flan
16984869:Sweet Jamming: Flan
16984885:Bomber: Bomb
16984886:Bomber: Ice Bomb
16984887:Bomber: Thunder Bomb
17021989:Horn of Resolve
17021990:Horn of Tenacity
17021991:Horn of Fortitude
17021992:Horn of Cleansing
17021993:Horn of Madness
17035770:Xelphatol Apple Seeds
17035771:Xelphatol Pear
17035772:Doman Plum Pits
17035773:Doman Pear
17035774:Mamook Pear Seeds
17035775:Mamook Pear
17035776:Valfruit Seeds
17035777:Val Pear
17035778:O Ghomoro Berry Seeds
17035779:O Ghomoro Pear
17035780:Cieldalaes Pinapple Seeds
17035781:Cieldalaes Pear
17035782:Han Lemon Seeds
17035783:Han Pear
17035796:Replica Medal
17035797:Short Course Medal
17035798:Long Course Medal
17035799:Rounsey Medal
17035800:Destrier Medal
17035801:Courser Medal
17035802:Jennet Medal
17035803:Fat Chocobo Medal
17035804:Jockey Master Medal
17070609:Caem Carrot
17101271:Fresh Green Beans
17101272:Bulbous Onion (May Break Quest)
17101273:Aromatic Root (May Break Quest)
-----Key Items-----
17131070:QP
16940964:World Map
16940965:Crown City Smartphone
16940966:LOKTON LX-30
16940967:Lovers' Notebook
16940968:Regalia Key
16940970:Red Tusk
16940971:Intricate Coin
16940972:756-V-17th Morning Edition
16940973:Tombkeeps Key
16940975:Mark of Archaean
16940976:Mark of Fulgurian
16940977:Mythril Ore
16940978:Mythril Component
16940981:Map of Altissia
16940982:Mark of the Hydraean
16940983:Mark of the Glacian
16940984:Mark of the Draconian
16940985:Infernions Shard
16940987:Ring of the Lucii
16941384:Enticing Truffle
16946496:Broken Dog Tag
16946497:Bent Dog Tag
16946498:Rusted Dog Tag
16946499:Scorched Dog Tag
16946500:Twisted Dog Tag
16946501:Scratched Dog Tag
16946502:Crushed Dog Tag
16946503:Polished Dog Tag
16946504:Sullied Dog Tag
16946521:Cactuar Statuette
16946522:Cactuar Medal
16946523:Cactuar Sculpture
16946524:Cactuar Effigy
16946532:Yellow Frog
16946534:Red Frog
16946543:Mystery Map
16946544:Mystery Map
16946545:Mystery Map
16946546:Mystery Map
16946547:Mystery Map
16946548:Mystery Map
16946549:Mystery Map
16946550:Mystery Map
16946551:Mystery Map
16946552:Mystery Map
16946553:Mystery Map
16946554:Mystery Map
16946555:Mystery Map
16946556:Mystery Map
16946557:Sylvesters Map
16946558:Sylvesters Map Piece A
16946559:Sylvesters Map Piece B
16946560:Sylvesters Map Piece C
16946561:Sylvesters Map Piece D
16946562:Sylvesters Map Piece E
16946563:Sylvesters Map Piece F
16946564:Sylvesters Map Piece G
16946565:Sylvesters Map Piece H
16946566:Sylvesters Map Piece I
16946567:Sylvesters Map Piece J
16946568:Sylvesters Map Piece K
16946569:Sylvesters Map Piece L
16946570:Sylvesters Map Piece M
16946571:Sylvesters Map Piece N
016946590:Amethyst Stone
16946592:Sapphire Stone
16946593:Ruby Stone
16946594:Emerald Stone
16950025:Hunting License
16960964:Sealbreaker's Key
16978294:Glimmering Zu Egg
16978305:Cactura's Cat Food
16978306:Monica's Cat Food
16996648:Volcanic Bouquet
17002719:Moogle Plushie
17002720:Ignis's Cane
17002721:Generator Key
17002722:Security Card
17002723:Generator Keycard
17004682:Cindy's Parcel
17004683:Sealed Envelope
17004684:Oracle Ascension Coin
17004685:Messengers Amulet
17004686:Scribbled Note
17004707:Food Shipment
17004708:Prissock's Package
17004709:Prissock's Package
17005361:Luxury Cat Food
17006466:LOKTON LX-X1R
17006467:Sealbreakers Key
17021917:Rainbow Frog
17029436:Lodging Coupon
17029437:Gas Coupon
17032366:Magic Flask
17039277:Garnet Stone
17043512:Warped Wings
17043513:Unstable Stabilizer
17043514:Strange Engine
17057487:Behemoth Round
17057488:Kariabos Carapace
17059676:Cids Old Hammer
17064419:Prince Fatigues
17064420:Crownsguard Fatigues
17064421:Kingly Raiment
17064422:Kingsglaive Garb
17064423:Casual Outfit
17064424:Thermal Suit
17064425:Royal Raiment
17069659:Jet-Black Beak
17069660:Malboro Tentacle
17069661:Chef's Knife
17069662:Resplendent Hollowhorn
17069663:Squirming Bone
17069988:Panel B Keycard
17069989:Panel C Keycard
17070522:Myrlwood Firefly
17070523:Myrlwood Firefly
17070524:Myrlwood Firefly
17071689:Hellodor Stone
17071690:Hellodor Stone
17071691:Hellodor Stone
17095298:Trendy Outfit
17098373:Lovers Notebook
17098374:Lovers Notebook
17101933:Iron Shelf Recipes Vol 1
17101928:Iron Shelf Recipes Vol 2
17101932:Iron Shelf Recipes Vol 3
17101931:Iron Shelf Recipes Vol 4
17101930:Iron Shelf Recipes Vol 5
17101934:Iron Shelf Recipes Vol 6
17101929:Iron Shelf Recipes Vol 7
17104204:Beast Whistle
17105376:Portable MP3 Player
17107812:Choco-Mog Medallion
17107825:Lodging Voucher
17110293:Free Carnival Passport
17110294:Runaway Chocochick
17110296:Seaside Scamper Trophy
17110297:Water Trotter Trophy
17110535:Choco-Mog Tee
17110714:Carnival Passport
17110715:Festive Ensemble
17111867:VIP Pass
17114609:Magitek Exosuit
17122188:Rugged Attire
17127900:Master Assassin's Robes
17128025:Kingsglaive Crest
17128026:Well-used Daggers
17128027:Radio Transceiver
17129965:Assassin Flag
17137914:Publicity Contract
17140101:Assassin Medallion
17140102:Magitek Wrench
17140103:Viva la Vista - Festival Edition
17140104:Assassin Frame
17140105:Lestallum Speedway Trophy
17140106:Meteor Circuit Trophy
17140107:Air Assassination Medal
17140108:Haystack Assassination Medal
17140109:Doorway Assassination Medal
17140110:Garbage Assassination Medal
17140111:Double Assassination Medal
17141332:Medjay Assassin's Robes
17143179:Faded Letter
17144058:Noodle Helmet
17144122:Lodging Voucher
17148276:CPU
17149528:Tattered Newspaper
17149529:Crumpled Letter
17149530:Prototype Numbering Instructions
17149531:Termination Report
17149532:Proposal for Operation: Countersign
17149533:Diamond Weapon Report
17149534:Record of Unit SAS-0822
17149535:Researcher's Writings 1
17149536:Researcher's Writings 2
17149537:Researcher's Writings 3
17149538:Researcher's Writings 4
17149539:Researcher's Writings 5
17149540:Researcher's Writings 6
17149541:Researcher's Writings 7
17149542:Researcher's Writings 8
17149543:Researcher's Writings 9
17149544:Researcher's Writings 10
17149545:Researcher's Writings 11
17150540:Research Log: 722-VII-8th
17150541:Research Log: 722-X-21st
17150542:Research Log: 722-XII-5th
17150543:Research Log: 723-III-11th
17150544:Research Log: 724-X-24th
17150545:Research Log: 736-V-3rd
17150546:Research Log: 745-XI-21st
17150547:Research Log: 756-IV-8th
17150548:Research Log: 756-VII-9th
17151152:False Orders
17155862:Power Plant Keycard
17158858:Tundra Attire (Mask/Googles On)
17158859:Tundra Attire (Goggles On)
17158860:Tundra Attire (Mask On)
17174753:The Oracle's Coffin
17174754:The Warrior's Coffin
17174766:Dream Egg Shard
17175900:Hunting License
17175901:Coernix Oil Key
0000FF
4 Bytes
bEPHighlightedItem
0
7744
"quantity"
0000FF
4 Bytes
+4
7774
"[Comrades]"
000080
1
6166
"[highlighted weapon]"
000080
Array of byte
0
pCWeaponStats
0
6167
"exp"
0000FF
4 Bytes
+90
6168
"lv"
0000FF
4 Bytes
+94
6169
"attack"
0000FF
4 Bytes
+1c
6170
"?"
0000FF
4 Bytes
+20
6171
"?"
0000FF
4 Bytes
+14
6172
"[buff]"
1
000080
Array of byte
0
+48
6173
"HP+"
0000FF
4 Bytes
+4*4
6174
"MP+"
0000FF
4 Bytes
+6*4
6175
"strength"
0000FF
4 Bytes
+0*4
6176
"vitality"
0000FF
4 Bytes
+1*4
6177
"magic"
0000FF
4 Bytes
+2*4
6178
"spirit"
0000FF
4 Bytes
+3*4
6179
"[resistance]"
1
000080
Array of byte
0
+74
6181
"fire"
1
0000FF
4 Bytes
+4
6182
"ice"
1
0000FF
4 Bytes
+8
6183
"thunder"
1
0000FF
4 Bytes
+c
6184
"dark"
1
0000FF
4 Bytes
+10
6180
"shot"
1
0000FF
4 Bytes
+0
7749
"[resistance] (old)"
1
000080
Array of byte
0
+64
7750
"fire"
1
0000FF
4 Bytes
+0
7751
"ice"
1
0000FF
4 Bytes
+4
7752
"thunder"
1
0000FF
4 Bytes
+8
7753
"dark"
1
0000FF
4 Bytes
+c
7754
"shot"
1
0000FF
4 Bytes
+10
6185
"[highlighted treasure in remodeling]"
000080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(itemIDReadInRemodelingMenuAOB,ffxv_s.exe,E8 ** ** ** ** 4C 8B F8 44 ** ** BA ** ** ** ** 48 ** ** ** E8 ** ** ** ** 0F 28)
registersymbol(itemIDReadInRemodelingMenuAOB)
label(pCItemBase)
registersymbol(pCItemBase)
alloc(newmem2,2048,itemIDReadInRemodelingMenuAOB) //"ffxv_s.exe"+11AAE1E)
label(originalcode2_itemreadinremodelingmenu)
registersymbol(originalcode2_itemreadinremodelingmenu)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
reassemble(itemIDReadInRemodelingMenuAOB)
lea rcx,[rcx+1208]
mov r15,dOptinsNo
mov r15,[r15]
lea rcx,[rcx+r15*8]
mov r15,pCItemBase
mov [r15],rcx
readmem(itemIDReadInRemodelingMenuAOB+5,11)
jmp exit2
originalcode2_itemreadinremodelingmenu:
readmem(itemIDReadInRemodelingMenuAOB,16)
//call ffxv_s.exe+778EE0
//mov r15,rax
//mov r8d,[rax]
//mov edx,01000154
exit2:
jmp itemIDReadInRemodelingMenuAOB+10
///
pCItemBase:
///
itemIDReadInRemodelingMenuAOB: //"ffxv_s.exe"+11AAE1E:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
itemIDReadInRemodelingMenuAOB: //"ffxv_s.exe"+11AAE1E:
readmem(originalcode2_itemreadinremodelingmenu,16)
//db E8 BD E0 5C FF 4C 8B F8 44 8B 00 BA 54 01 00 01
//Alt: call ffxv_s.exe+778EE0
//Alt: mov r15,rax
//Alt: mov r8d,[rax]
//Alt: mov edx,01000154
unregistersymbol(originalcode2_itemreadinremodelingmenu)
unregistersymbol(pCItemBase)
6186
"don't change/freeze outside of remodeling trasure choosing menu"
808080
1
11013
""
0000FF
Array of byte
0
pCItemBase
0
11014
"id"
0105C470:Platinum Ingot
0105C478:Metal Scrap
0105C479:Iron Shavings
0105C47A:Gralean Medal of Distinction
0105C47B:Imperial Medal of Honor
0105C47C:Sharp Bone
0105C47D:Sharp Needlebone
0105C47E:Strong Bone
0105C47F:Large Beastbone
0105C480:Tiny Feather
0105C481:Insect Wings
0105C482:Beetle Shell
0105C484:Garula Fur
0105C486:Thick Hide
0105C487:Thick Hide
0105C488:Sabertusk Claw
0105C489:Sabertusk Fang
0105C48B:Voretooth Bristles
0105C48C:Sharp Bristles
0105C48D:Havocfang Hide
0105C48F:Scaled Skin
0105C490:Barbed Poison Needle
0105C491:Coeurl Whiskers
0105C492:Gorgeous Pelt
0105C493:Strong Whiskers
0105C494:Crimson Tongue
0105C495:Hard Whiskers
0105C497:Arba Spur
0105C498:Supple Tail
0105C499:Gator Liver
0105C49A:Sahagin Scale
0105C49B:Hard Scale
0105C49C:Sharp Head Fin
0105C49D:Heavy Scale
0105C49E:Sturdy Jawbone
0105C49F:Rough Scales
0105C4A0:Slimy Oil
0105C4A1:Fine Slimy Oil
0105C4A2:Gigantoad Tongue
0105C4A4:Catoblepas Molar
0105C4A5:Catoblepas Fang
0105C4A6:Giant Hoof
0105C4A8:Small Beak
0105C4A9:Downy Feathers
0105C4AA:Basilisk Plumage
0105C4AD:Gorgeos Plumage
0105C4AF:Cockatrice Crest
0105C4B1:Insect Stinger
0105C4B2:Enormous Stinger
0105C4B4:Barbed Scythe
0105C4B5:Sharp Scythe
0105C4B6:Bulette Carapace
0105C4B7:Tough Shell
0105C4B9:Majestic Mane
0105C4BA:Wicked Claws
0105C4BB:Griffon Feather
0105C4BC:Splendid Plume
0105C4BD:Translucent Skin
0105C4BE:Skyserpent Talon
0105C4BF:Blue Skyserpent Scale
0105C4C0:Malboro Hair
0105C4C1:Malboro Mucilage
0105C4C2:Malboro Vine
0105C4C3:Monster Claw
0105C4C5:Sinister Sharpscale
0105C4C6:Hardened Hide
0105C4C7:Large Dreadvern Scale
0105C4C9:Centipede Legs
0105C4CA:Centipede Feet
0105C4CE:Drooping Whiskers
0105C4CF:Silver Mane
0105C4D2:Rough Shell
0105C4D3:Giant Crab Pincers
0105C4D4:Garula Tusk
0105C4D5:Great Garula Tusk
0105C4D7:Giant Hairy Horn
0105C4D8:Warm Incisor
0105C4D9:Mesmenir Horn
0105C4DD:Crooked Helixhorn
0105C4DF:Curved Hollowhorn
0105C4E1:Shield Spike
0105C4E4:Behemoth Tears
0105C4E5:Behemoth Horn
0105C4E6:Griffon Claw
0105C4E7:Colorful Griffon Claw
0105C4E8:Scarlet Splinterbone
0105C4EB:Monster Jawss
0105C4EC:Dragon Horn
0105C4EE:Centipede Jaw
0105C4EF:Centipede Teeth
0105C4F1:Prawn Antennae
0105C4F3:Zu Beak
0105C50A:Accursed Coin
0105C50B:Dark Matter
0105C50C:Daemonic Scab
0105C50D:Squirming Bone
0105C50F:Goblin Cap
0105C511:Garchimacera Claw
0105C512:Crescent Impmoon
0105C513:Skeleton Fragment
0105C514:Naga Scale
0105C515:Naga Necklace
0105C516:Antique Coin
0105C518:Reaper Funnybone
0105C51A:Ariadne Webbing
0105C51B:Spider Silk
0105C51F:Ghastly Left Arm
0105C51C:Iron Giant Armor
0105C520:Watchman's Building Stone
0105C522:Armor of Discord
0105C526:Forbidden Draught
0105C527:Ancient Cloth
0105C528:Octolegs
0105C52A:Tattered Rag
0105C52B:Bomb Fragment
0105C52C:Grenade Fragment
0105C52D:Ice Bomb Fragment
0105C52E:Cryonade Fragment
0105C52F:Thunder Bomb Fragment
0105C530:Galvanade Fragment
0105EDAF:Crab Carapace
0105EDB0:Giant Crab Pincers
0105EDB1:Strong Pincers
0105EDB2:Scorpion Barb
0105EDB3:Scirpion Stinger
0105EDB4:Big Scorpion Stinger
0105EDB5:Mandrake Flower
0105EDB6:Mandrake Root
0105EDB7:Treant Branch
0105EDB8:Treant Sap
0105EDB9:Wyvern Wing
0105EDBA:Dragon Claw
0105EDBB:Sharp Tail Feathers
0105EDBC:Thunderoc Feather
0105EDBD:Cactuar Needle
0105EDBE:Cactuar Blossom
0105EDC5:Flan Ooze
0105EDC6:Black Flan Ooze
0105EDC7:Hecteyes Eye
01061FF0:Fossil Shell
01061FF1:Fossil Wood
01061FF2:Ammonite Fossil
01061FF3:Ancient Dragon Tooth
01062390:Rusted Bit
01062391:Shattered Timepiece
01062392:Dynamo
01062393:Lucian Carp Rowscales
01062394:Dace Scales
01062395:Laser Sensor
01062396:Electrolytic Condenser
01062397:Chrome Bit
01062398:Reflex Enhancer
01062399:Magitek Booster
0106336A:Flame Shard
0106336B:Frost Shard
0106336C:Storm Shard
01063460:Beast Claw
01063461:Miasmal Particle
01069FFF:Hydraulic Cylinder
1
0000FF
4 Bytes
+[dOptinsNo]*8
11015
"quantity"
0000FF
4 Bytes
+[dOptinsNo]*8+4
6187
"id"
0105C470:Platinum Ingot
0105C478:Metal Scrap
0105C479:Iron Shavings
0105C47A:Gralean Medal of Distinction
0105C47B:Imperial Medal of Honor
0105C47C:Sharp Bone
0105C47D:Sharp Needlebone
0105C47E:Strong Bone
0105C47F:Large Beastbone
0105C480:Tiny Feather
0105C481:Insect Wings
0105C482:Beetle Shell
0105C484:Garula Fur
0105C486:Thick Hide
0105C487:Thick Hide
0105C488:Sabertusk Claw
0105C489:Sabertusk Fang
0105C48B:Voretooth Bristles
0105C48C:Sharp Bristles
0105C48D:Havocfang Hide
0105C48F:Scaled Skin
0105C490:Barbed Poison Needle
0105C491:Coeurl Whiskers
0105C492:Gorgeous Pelt
0105C493:Strong Whiskers
0105C494:Crimson Tongue
0105C495:Hard Whiskers
0105C497:Arba Spur
0105C498:Supple Tail
0105C499:Gator Liver
0105C49A:Sahagin Scale
0105C49B:Hard Scale
0105C49C:Sharp Head Fin
0105C49D:Heavy Scale
0105C49E:Sturdy Jawbone
0105C49F:Rough Scales
0105C4A0:Slimy Oil
0105C4A1:Fine Slimy Oil
0105C4A2:Gigantoad Tongue
0105C4A4:Catoblepas Molar
0105C4A5:Catoblepas Fang
0105C4A6:Giant Hoof
0105C4A8:Small Beak
0105C4A9:Downy Feathers
0105C4AA:Basilisk Plumage
0105C4AD:Gorgeos Plumage
0105C4AF:Cockatrice Crest
0105C4B1:Insect Stinger
0105C4B2:Enormous Stinger
0105C4B4:Barbed Scythe
0105C4B5:Sharp Scythe
0105C4B6:Bulette Carapace
0105C4B7:Tough Shell
0105C4B9:Majestic Mane
0105C4BA:Wicked Claws
0105C4BB:Griffon Feather
0105C4BC:Splendid Plume
0105C4BD:Translucent Skin
0105C4BE:Skyserpent Talon
0105C4BF:Blue Skyserpent Scale
0105C4C0:Malboro Hair
0105C4C1:Malboro Mucilage
0105C4C2:Malboro Vine
0105C4C3:Monster Claw
0105C4C5:Sinister Sharpscale
0105C4C6:Hardened Hide
0105C4C7:Large Dreadvern Scale
0105C4C9:Centipede Legs
0105C4CA:Centipede Feet
0105C4CE:Drooping Whiskers
0105C4CF:Silver Mane
0105C4D2:Rough Shell
0105C4D3:Giant Crab Pincers
0105C4D4:Garula Tusk
0105C4D5:Great Garula Tusk
0105C4D7:Giant Hairy Horn
0105C4D8:Warm Incisor
0105C4D9:Mesmenir Horn
0105C4DD:Crooked Helixhorn
0105C4DF:Curved Hollowhorn
0105C4E1:Shield Spike
0105C4E4:Behemoth Tears
0105C4E5:Behemoth Horn
0105C4E6:Griffon Claw
0105C4E7:Colorful Griffon Claw
0105C4E8:Scarlet Splinterbone
0105C4EB:Monster Jawss
0105C4EC:Dragon Horn
0105C4EE:Centipede Jaw
0105C4EF:Centipede Teeth
0105C4F1:Prawn Antennae
0105C4F3:Zu Beak
0105C50A:Accursed Coin
0105C50B:Dark Matter
0105C50C:Daemonic Scab
0105C50D:Squirming Bone
0105C50F:Goblin Cap
0105C511:Garchimacera Claw
0105C512:Crescent Impmoon
0105C513:Skeleton Fragment
0105C514:Naga Scale
0105C515:Naga Necklace
0105C516:Antique Coin
0105C518:Reaper Funnybone
0105C51A:Ariadne Webbing
0105C51B:Spider Silk
0105C51F:Ghastly Left Arm
0105C51C:Iron Giant Armor
0105C520:Watchman's Building Stone
0105C522:Armor of Discord
0105C526:Forbidden Draught
0105C527:Ancient Cloth
0105C528:Octolegs
0105C52A:Tattered Rag
0105C52B:Bomb Fragment
0105C52C:Grenade Fragment
0105C52D:Ice Bomb Fragment
0105C52E:Cryonade Fragment
0105C52F:Thunder Bomb Fragment
0105C530:Galvanade Fragment
0105EDAF:Crab Carapace
0105EDB0:Giant Crab Pincers
0105EDB1:Strong Pincers
0105EDB2:Scorpion Barb
0105EDB3:Scirpion Stinger
0105EDB4:Big Scorpion Stinger
0105EDB5:Mandrake Flower
0105EDB6:Mandrake Root
0105EDB7:Treant Branch
0105EDB8:Treant Sap
0105EDB9:Wyvern Wing
0105EDBA:Dragon Claw
0105EDBB:Sharp Tail Feathers
0105EDBC:Thunderoc Feather
0105EDBD:Cactuar Needle
0105EDBE:Cactuar Blossom
0105EDC5:Flan Ooze
0105EDC6:Black Flan Ooze
0105EDC7:Hecteyes Eye
01061FF0:Fossil Shell
01061FF1:Fossil Wood
01061FF2:Ammonite Fossil
01061FF3:Ancient Dragon Tooth
01062390:Rusted Bit
01062391:Shattered Timepiece
01062392:Dynamo
01062393:Lucian Carp Rowscales
01062394:Dace Scales
01062395:Laser Sensor
01062396:Electrolytic Condenser
01062397:Chrome Bit
01062398:Reflex Enhancer
01062399:Magitek Booster
0106336A:Flame Shard
0106336B:Frost Shard
0106336C:Storm Shard
01063460:Beast Claw
01063461:Miasmal Particle
01069FFF:Hydraulic Cylinder
1
0000FF
4 Bytes
pCItemBase
[dOptinsNo]*8
6188
"quantity"
0000FF
4 Bytes
pCItemBase
[dOptinsNo]*8+4
11016
"id"
0105C470:Platinum Ingot
0105C478:Metal Scrap
0105C479:Iron Shavings
0105C47A:Gralean Medal of Distinction
0105C47B:Imperial Medal of Honor
0105C47C:Sharp Bone
0105C47D:Sharp Needlebone
0105C47E:Strong Bone
0105C47F:Large Beastbone
0105C480:Tiny Feather
0105C481:Insect Wings
0105C482:Beetle Shell
0105C484:Garula Fur
0105C485:Hardened Hoof
0105C486:Thick Hide
0105C487:Thick Hide
0105C488:Sabertusk Claw
0105C489:Sabertusk Fang
0105C48B:Voretooth Bristles
0105C48C:Sharp Bristles
0105C48D:Havocfang Hide
0105C48F:Scaled Skin
0105C490:Barbed Poison Needle
0105C491:Coeurl Whiskers
0105C492:Gorgeous Pelt
0105C493:Strong Whiskers
0105C494:Crimson Tongue
0105C495:Hard Whiskers
0105C497:Arba Spur
0105C498:Supple Tail
0105C499:Gator Liver
0105C49A:Sahagin Scale
0105C49B:Hard Scale
0105C49C:Sharp Head Fin
0105C49D:Heavy Scale
0105C49E:Sturdy Jawbone
0105C49F:Rough Scales
0105C4A0:Slimy Oil
0105C4A1:Fine Slimy Oil
0105C4A2:Gigantoad Tongue
0105C4A4:Catoblepas Molar
0105C4A5:Catoblepas Fang
0105C4A6:Giant Hoof
0105C4A8:Small Beak
0105C4A9:Downy Feathers
0105C4AA:Basilisk Plumage
0105C4AD:Gorgeos Plumage
0105C4AF:Cockatrice Crest
0105C4B1:Insect Stinger
0105C4B2:Enormous Stinger
0105C4B4:Barbed Scythe
0105C4B5:Sharp Scythe
0105C4B6:Bulette Carapace
0105C4B7:Tough Shell
0105C4B9:Majestic Mane
0105C4BA:Wicked Claws
0105C4BB:Griffon Feather
0105C4BC:Splendid Plume
0105C4BD:Translucent Skin
0105C4BE:Skyserpent Talon
0105C4BF:Blue Skyserpent Scale
0105C4C0:Malboro Hair
0105C4C1:Malboro Mucilage
0105C4C2:Malboro Vine
0105C4C3:Monster Claw
0105C4C5:Sinister Sharpscale
0105C4C6:Hardened Hide
0105C4C7:Large Dreadvern Scale
0105C4C9:Centipede Legs
0105C4CA:Centipede Feet
0105C4CE:Drooping Whiskers
0105C4CF:Silver Mane
0105C4D2:Rough Shell
0105C4D3:Giant Crab Pincers
0105C4D4:Garula Tusk
0105C4D5:Great Garula Tusk
0105C4D7:Giant Hairy Horn
0105C4D8:Warm Incisor
0105C4D9:Mesmenir Horn
0105C4DD:Crooked Helixhorn
0105C4DF:Curved Hollowhorn
0105C4E1:Shield Spike
0105C4E4:Behemoth Tears
0105C4E5:Behemoth Horn
0105C4E6:Griffon Claw
0105C4E7:Colorful Griffon Claw
0105C4E8:Scarlet Splinterbone
0105C4EB:Monster Jawss
0105C4EC:Dragon Horn
0105C4EE:Centipede Jaw
0105C4EF:Centipede Teeth
0105C4F1:Prawn Antennae
0105C4F3:Zu Beak
0105C50A:Accursed Coin
0105C50B:Dark Matter
0105C50C:Daemonic Scab
0105C50D:Squirming Bone
0105C50F:Goblin Cap
0105C511:Garchimacera Claw
0105C512:Crescent Impmoon
0105C513:Skeleton Fragment
0105C514:Naga Scale
0105C515:Naga Necklace
0105C516:Antique Coin
0105C518:Reaper Funnybone
0105C51A:Ariadne Webbing
0105C51B:Spider Silk
0105C51F:Ghastly Left Arm
0105C51C:Iron Giant Armor
0105C520:Watchman's Building Stone
0105C522:Armor of Discord
0105C526:Forbidden Draught
0105C527:Ancient Cloth
0105C528:Octolegs
0105C52A:Tattered Rag
0105C52B:Bomb Fragment
0105C52C:Grenade Fragment
0105C52D:Ice Bomb Fragment
0105C52E:Cryonade Fragment
0105C52F:Thunder Bomb Fragment
0105C530:Galvanade Fragment
0105EDAF:Crab Carapace
0105EDB0:Giant Crab Pincers
0105EDB1:Strong Pincers
0105EDB2:Scorpion Barb
0105EDB3:Scirpion Stinger
0105EDB4:Big Scorpion Stinger
0105EDB5:Mandrake Flower
0105EDB6:Mandrake Root
0105EDB7:Treant Branch
0105EDB8:Treant Sap
0105EDB9:Wyvern Wing
0105EDBA:Dragon Claw
0105EDBB:Sharp Tail Feathers
0105EDBC:Thunderoc Feather
0105EDBD:Cactuar Needle
0105EDBE:Cactuar Blossom
0105EDC5:Flan Ooze
0105EDC6:Black Flan Ooze
0105EDC7:Hecteyes Eye
01061FF0:Fossil Shell
01061FF1:Fossil Wood
01061FF2:Ammonite Fossil
01061FF3:Ancient Dragon Tooth
01062390:Rusted Bit
01062391:Shattered Timepiece
01062392:Dynamo
01062393:Lucian Carp Rowscales
01062394:Dace Scales
01062395:Laser Sensor
01062396:Electrolytic Condenser
01062397:Chrome Bit
01062398:Reflex Enhancer
01062399:Magitek Booster
0106336A:Flame Shard
0106336B:Frost Shard
0106336C:Storm Shard
01063460:Beast Claw
01063461:Miasmal Particle
01069FFF:Hydraulic Cylinder
1
0000FF
4 Bytes
pCItemBase
0
11017
"quantity"
0000FF
4 Bytes
+4
7772
"[Chocobo]"
000080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cChocoboJumpReadAOB,ffxv_s.exe,66 44 0F 6E ** ** ** ** ** ** 45 0F 5B C0 8B)
registersymbol(cChocoboJumpReadAOB)
label(pCChocoboStats)
registersymbol(pCChocoboStats)
alloc(newmem,2048,cChocoboJumpReadAOB) //"ffxv_s.exe"+976DCE3)
label(originalcode_cchocoboretrive)
registersymbol(originalcode_cchocoboretrive)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
//mov rcx,pCChocoboStats
//mov [rcx],rdi
//mov [rcx+8],rsi
//mov rbx,originalcode_cchocoboretrive
//movzx rbx,dword ptr [rbx+6]
db 48 8D 9C
readmem(cChocoboJumpReadAOB+5,5)
//lea rbx,[rsi+rdi+2f7db8]
lea rbx,[rbx-4]
mov rcx,pCChocoboStats
mov [rcx],rsi
mov [rcx+8],rbx
originalcode_cchocoboretrive:
readmem(cChocoboJumpReadAOB,14)
//movd xmm8,[rsi+rdi+002E75E8]
//cvtdq2ps xmm8,xmm8
exit:
jmp cChocoboJumpReadAOB+e
///
pCChocoboStats:
///
cChocoboJumpReadAOB: //"ffxv_s.exe"+976DCE3:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
cChocoboJumpReadAOB: //"ffxv_s.exe"+976DCE3:
readmem(originalcode_cchocoboretrive,14)
//db 66 44 0F 6E 84 3E B8 7D 2F 00 45 0F 5B C0
//Alt: movd xmm8,[rsi+rdi+002E75E8]
//Alt: cvtdq2ps xmm8,xmm8
unregistersymbol(originalcode_cchocoboretrive)
unregistersymbol(pCChocoboStats)
7782
"[highlighted slot]"
000080
Array of byte
0
pCChocoboStats
[originalcode_cchocoboretrive+6]-4+[pCChocoboStats+8]
7786
"stamina"
0000FF
4 Bytes
+0
7787
"bonus"
0000FF
2 Bytes
+18-0*2
7788
"jump"
0000FF
4 Bytes
+4
7789
"bonus"
0000FF
2 Bytes
+18-1*2
7790
"top speed"
0000FF
Float
+8
7791
"bonus"
0000FF
2 Bytes
+18-2*2
7792
"lvl"
0000FF
2 Bytes
+32
7793
"max"
0000FF
2 Bytes
-2
7804
"[slot 01]"
000080
Array of byte
0
pCChocoboStats
[originalcode_cchocoboretrive+6]-4+0*54
7805
"stamina"
0000FF
4 Bytes
+0
7806
"bonus"
0000FF
2 Bytes
+18-0*2
7807
"jump"
0000FF
4 Bytes
+4
7808
"bonus"
0000FF
2 Bytes
+18-1*2
7809
"top speed"
0000FF
Float
+8
7810
"bonus"
0000FF
2 Bytes
+18-2*2
7811
"lvl"
0000FF
2 Bytes
+32
7812
"max"
0000FF
2 Bytes
-2
7795
"[slot 02]"
000080
Array of byte
0
pCChocoboStats
[originalcode_cchocoboretrive+6]-4+1*54
7796
"stamina"
0000FF
4 Bytes
+0
7797
"bonus"
0000FF
2 Bytes
+18-0*2
7798
"jump"
0000FF
4 Bytes
+4
7799
"bonus"
0000FF
2 Bytes
+18-1*2
7800
"top speed"
0000FF
Float
+8
7801
"bonus"
0000FF
2 Bytes
+18-2*2
7802
"lvl"
0000FF
2 Bytes
+32
7803
"max"
0000FF
2 Bytes
-2
released:
http://fearlessrevolution.com/viewtopic.php?f=4&t=6178&p=35885#p35885
demo:
http://fearlessrevolution.com/viewtopic.php?f=4&t=6124&p=34588#p34588