49
"Player Data Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(regimentfund_base,8,"AoT.exe")
alloc(regimentfund_set,4,"AoT.exe")
alloc(development_mat_set,4,"AoT.exe")
alloc(materials_set,4,"AoT.exe")
alloc(fortify_set,4,"AoT.exe")
registersymbol(regimentfund_base)
registersymbol(regimentfund_set)
registersymbol(development_mat_set)
registersymbol(materials_set)
registersymbol(fortify_set)
[DISABLE]
dealloc(regimentfund_base)
dealloc(regimentfund_set)
dealloc(development_mat_set)
dealloc(materials_set)
dealloc(fortify_set)
unregistersymbol(regimentfund_base)
unregistersymbol(regimentfund_set)
unregistersymbol(development_mat_set)
unregistersymbol(materials_set)
unregistersymbol(fortify_set)
50
"Player Data Base Address Scan (To Update: Equipment Supply Station/Material Acquisition Depot/Corps Information)"
800000
Auto Assembler Script
[ENABLE]
//Regiment Fund - Equipment Supply Station - New Developments
luacall(lua_aobscan("regimentfund_ess_nd_aob","AoT.exe","48 8B D9 8B 50 1C",1))
alloc(regimentfund_ess_nd_newmem,1024,AoT.exe)
label(regimentfund_ess_nd_return)
regimentfund_ess_nd_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov rbx,rcx
mov edx,[rax+1C]
jmp regimentfund_ess_nd_return
regimentfund_ess_nd_aob:
jmp regimentfund_ess_nd_newmem
nop
regimentfund_ess_nd_return:
//Regiment Fund - Equipment Supply Station - Equipment Modification
luacall(lua_aobscan("regimentfund_ess_em_aob","AoT.exe","48 8B D9 8B 50 1C",13))
alloc(regimentfund_ess_em_newmem,1024,AoT.exe)
label(regimentfund_ess_em_return)
regimentfund_ess_em_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov rbx,rcx
mov edx,[rax+1C]
jmp regimentfund_ess_em_return
regimentfund_ess_em_aob:
jmp regimentfund_ess_em_newmem
nop
regimentfund_ess_em_return:
//Regiment Fund - Equipment Supply Station - Cash In
luacall(lua_aobscan("regimentfund_ess_ci_aob","AoT.exe","48 8B D9 8B 50 1C",20))
alloc(regimentfund_ess_ci_newmem,1024,AoT.exe)
label(regimentfund_ess_ci_return)
regimentfund_ess_ci_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov rbx,rcx
mov edx,[rax+1C]
jmp regimentfund_ess_ci_return
regimentfund_ess_ci_aob:
jmp regimentfund_ess_ci_newmem
nop
regimentfund_ess_ci_return:
//Regiment Fund - Material Acquisition Depot - Acquisition
luacall(lua_aobscan("regimentfund_mad_acq_aob","AoT.exe","48 8B D9 8B 50 1C",11))
alloc(regimentfund_mad_acq_newmem,1024,AoT.exe)
label(regimentfund_mad_acq_return)
regimentfund_mad_acq_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov rbx,rcx
mov edx,[rax+1C]
jmp regimentfund_mad_acq_return
regimentfund_mad_acq_aob:
jmp regimentfund_mad_acq_newmem
nop
regimentfund_mad_acq_return:
//Regiment Fund - Material Acquisition Depot - Cash In
luacall(lua_aobscan("regimentfund_mad_ci_aob","AoT.exe","48 8B D9 8B 50 1C",21))
alloc(regimentfund_mad_ci_newmem,1024,AoT.exe)
label(regimentfund_mad_ci_return)
regimentfund_mad_ci_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov rbx,rcx
mov edx,[rax+1C]
jmp regimentfund_mad_ci_return
regimentfund_mad_ci_aob:
jmp regimentfund_mad_ci_newmem
nop
regimentfund_mad_ci_return:
//Regiment Fund - Corps Information
luacall(lua_aobscan("regimentfund_corpsinfo_aob","AoT.exe","41 B9 98 04 00 00 8B 50 1C",1))
alloc(regimentfund_corpsinfo_newmem,1024,AoT.exe)
label(regimentfund_corpsinfo_return)
regimentfund_corpsinfo_newmem:
mov [regimentfund_base],rax
cmp [regimentfund_set],#0
je @f
mov [rax+1C],#9999999
@@:
mov r9d,00000498
jmp regimentfund_corpsinfo_return
regimentfund_corpsinfo_aob:
jmp regimentfund_corpsinfo_newmem
nop
regimentfund_corpsinfo_return:
//Materials - New Development - Blade - Required Materials
aobscanmodule(development_mat_blade_aob,AoT.exe,66 45 39 8C CA 88 5C 03 00 72 1E)
registersymbol(development_mat_blade_aob)
alloc(development_mat_blade_newmem,1024,AoT.exe)
label(development_mat_blade_return)
development_mat_blade_newmem:
cmp [development_mat_set],#0
je @f
mov word ptr [r10+rcx*8+00035C88],#999
@@:
cmp [r10+rcx*8+00035C88],r9w
jmp development_mat_blade_return
development_mat_blade_aob:
jmp development_mat_blade_newmem
nop
nop
nop
nop
development_mat_blade_return:
//Materials - New Development - Scabbard - Required Materials
aobscanmodule(development_mat_scabbard_aob,AoT.exe,66 45 39 8C CA 88 5C 03 00 72 19)
registersymbol(development_mat_scabbard_aob)
alloc(development_mat_scabbard_newmem,1024,AoT.exe)
label(development_mat_scabbard_return)
development_mat_scabbard_newmem:
cmp [development_mat_set],#0
je @f
mov word ptr [r10+rcx*8+00035C88],#999
@@:
cmp [r10+rcx*8+00035C88],r9w
jmp development_mat_scabbard_return
development_mat_scabbard_aob:
jmp development_mat_scabbard_newmem
nop
nop
nop
nop
development_mat_scabbard_return:
//Materials - New Development - ODMG - Required Materials
aobscanmodule(development_mat_odmg_aob,AoT.exe,66 45 39 8C CA 88 5C 03 00 72 1D)
registersymbol(development_mat_odmg_aob)
alloc(development_mat_odmg_newmem,1024,AoT.exe)
label(development_mat_odmg_return)
development_mat_odmg_newmem:
cmp [development_mat_set],#0
je @f
mov word ptr [r10+rcx*8+00035C88],#999
@@:
cmp [r10+rcx*8+00035C88],r9w
jmp development_mat_odmg_return
development_mat_odmg_aob:
jmp development_mat_odmg_newmem
nop
nop
nop
nop
development_mat_odmg_return:
//Materials - Unlock All
aobscanmodule(materials_unlockall_aob,AoT.exe,0F B7 08 85 C9 74 02)
registersymbol(materials_unlockall_aob)
alloc(materials_unlockall_newmem,1024,AoT.exe)
label(materials_unlockall_return)
materials_unlockall_newmem:
cmp [materials_set],#2
jne @f
mov word ptr [rax],#999
@@:
movzx ecx,word ptr [rax]
test ecx,ecx
jmp materials_unlockall_return
materials_unlockall_aob:
jmp materials_unlockall_newmem
materials_unlockall_return:
//Materials - Materials Acquisition Depot - Acquisition - Selected Material
aobscanmodule(materials_mad_acq_selected_aob,AoT.exe,0F B7 94 C7 88 5C 03 00)
registersymbol(materials_mad_acq_selected_aob)
alloc(materials_mad_acq_selected_newmem,1024,AoT.exe)
label(materials_mad_acq_selected_return)
materials_mad_acq_selected_newmem:
cmp [materials_set],#1
jne @f
mov word ptr [rdi+rax*8+00035C88],#999
@@:
movzx edx,word ptr [rdi+rax*8+00035C88]
jmp materials_mad_acq_selected_return
materials_mad_acq_selected_aob:
jmp materials_mad_acq_selected_newmem
nop
nop
nop
materials_mad_acq_selected_return:
//Materials - Materials Acquisition Depot - Cash In - Selected Material
aobscanmodule(materials_mad_ci_selected_aob,AoT.exe,41 0F B7 84 ED 88 5C 03 00 45)
registersymbol(materials_mad_ci_selected_aob)
alloc(materials_mad_ci_selected_newmem,1024,AoT.exe)
label(materials_mad_ci_selected_return)
materials_mad_ci_selected_newmem:
cmp [materials_set],#1
jne @f
mov word ptr [r13+rbp*8+00035C88],#999
@@:
movzx eax,word ptr [r13+rbp*8+00035C88]
jmp materials_mad_ci_selected_return
materials_mad_ci_selected_aob:
jmp materials_mad_ci_selected_newmem
nop
nop
nop
nop
materials_mad_ci_selected_return:
//Materials - Corps Information - Selected Material
aobscanmodule(materials_ci_selected_aob,AoT.exe,41 0F B7 84 CD 88 5C 03 00)
registersymbol(materials_ci_selected_aob)
alloc(materials_ci_selected_newmem,1024,AoT.exe)
label(materials_ci_selected_return)
materials_ci_selected_newmem:
cmp [materials_set],#1
jne @f
mov word ptr [r13+rcx*8+00035C88],#999
@@:
movzx eax,word ptr [r13+rcx*8+00035C88]
jmp materials_ci_selected_return
materials_ci_selected_aob:
jmp materials_ci_selected_newmem
nop
nop
nop
nop
materials_ci_selected_return:
//Fortify Blade
aobscanmodule(fortify_blade_aob,AoT.exe,42 0F B6 84 08 89 51 02 00)
registersymbol(fortify_blade_aob)
alloc(fortify_blade_newmem,1024,AoT.exe)
label(fortify_blade_return)
fortify_blade_newmem:
cmp [fortify_set],#0
je @f
mov byte ptr [rax+r9+00025189],#99
mov byte ptr [rax+r9+0002519A],#99
mov byte ptr [rax+r9+0002519B],#1
@@:
movzx eax,byte ptr [rax+r9+00025189]
jmp fortify_blade_return
fortify_blade_aob:
jmp fortify_blade_newmem
nop
nop
nop
nop
fortify_blade_return:
//Fortify Scabbard
aobscanmodule(fortify_scabbard_aob,AoT.exe,42 0F B6 84 08 89 6A 02 00)
registersymbol(fortify_scabbard_aob)
alloc(fortify_scabbard_newmem,1024,AoT.exe)
label(fortify_scabbard_return)
fortify_scabbard_newmem:
cmp [fortify_set],#0
je @f
mov byte ptr [rax+r9+00026A89],#99
mov byte ptr [rax+r9+00026A9A],#99
mov byte ptr [rax+r9+00026A9B],#1
@@:
movzx eax,byte ptr [rax+r9+00026A89]
jmp fortify_scabbard_return
fortify_scabbard_aob:
jmp fortify_scabbard_newmem
nop
nop
nop
nop
fortify_scabbard_return:
//Fortify ODMG
aobscanmodule(fortify_odmg_aob,AoT.exe,42 0F B6 84 08 89 83 02 00)
registersymbol(fortify_odmg_aob)
alloc(fortify_odmg_newmem,1024,AoT.exe)
label(fortify_odmg_return)
fortify_odmg_newmem:
cmp [fortify_set],#0
je @f
mov byte ptr [rax+r9+00028389],#99
mov byte ptr [rax+r9+0002839A],#99
mov byte ptr [rax+r9+0002839B],#1
@@:
movzx eax,byte ptr [rax+r9+00028389]
jmp fortify_odmg_return
fortify_odmg_aob:
jmp fortify_odmg_newmem
nop
nop
nop
nop
fortify_odmg_return:
[DISABLE]
//Regiment Fund - Equipment Supply Station - New Developments
regimentfund_ess_nd_aob:
db 48 8B D9 8B 50 1C
unregistersymbol(regimentfund_ess_nd_aob)
dealloc(regimentfund_ess_nd_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3A4F06
"AoT.exe"+3A4EEC: CC - int 3
"AoT.exe"+3A4EED: CC - int 3
"AoT.exe"+3A4EEE: CC - int 3
"AoT.exe"+3A4EEF: CC - int 3
"AoT.exe"+3A4EF0: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+3A4EF5: 57 - push rdi
"AoT.exe"+3A4EF6: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3A4EFA: 48 8B 05 57 F7 86 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+3A4F01: 8B FA - mov edi,edx
// ---------- INJECTING HERE ----------
"AoT.exe"+3A4F03: 48 8B D9 - mov rbx,rcx
"AoT.exe"+3A4F06: 8B 50 1C - mov edx,[rax+1C]
// ---------- DONE INJECTING ----------
"AoT.exe"+3A4F09: 48 8B 05 D8 0F 87 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+3A4F10: 48 8D 0D 8D BB 63 00 - lea rcx,[AoT.exe+9E0AA4]
"AoT.exe"+3A4F17: 48 85 C0 - test rax,rax
"AoT.exe"+3A4F1A: 41 B9 98 04 00 00 - mov r9d,00000498
"AoT.exe"+3A4F20: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+3A4F26: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+3A4F2A: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+3A4F2E: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+3A4F36: E8 55 8F 01 00 - call AoT.exe+3BDE90
"AoT.exe"+3A4F3B: 83 BB D8 2F 00 00 00 - cmp dword ptr [rbx+00002FD8],00
"AoT.exe"+3A4F42: 74 0E - je AoT.exe+3A4F52
}
//Regiment Fund - Equipment Supply Station - Equipment Modification
regimentfund_ess_em_aob:
db 48 8B D9 8B 50 1C
unregistersymbol(regimentfund_ess_em_aob)
dealloc(regimentfund_ess_em_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3A87F6
"AoT.exe"+3A87DC: CC - int 3
"AoT.exe"+3A87DD: CC - int 3
"AoT.exe"+3A87DE: CC - int 3
"AoT.exe"+3A87DF: CC - int 3
"AoT.exe"+3A87E0: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+3A87E5: 57 - push rdi
"AoT.exe"+3A87E6: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3A87EA: 48 8B 05 67 BE 86 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+3A87F1: 8B FA - mov edi,edx
// ---------- INJECTING HERE ----------
"AoT.exe"+3A87F3: 48 8B D9 - mov rbx,rcx
"AoT.exe"+3A87F6: 8B 50 1C - mov edx,[rax+1C]
// ---------- DONE INJECTING ----------
"AoT.exe"+3A87F9: 48 8B 05 E8 D6 86 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+3A8800: 48 8D 0D 9D 82 63 00 - lea rcx,[AoT.exe+9E0AA4]
"AoT.exe"+3A8807: 48 85 C0 - test rax,rax
"AoT.exe"+3A880A: 41 B9 98 04 00 00 - mov r9d,00000498
"AoT.exe"+3A8810: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+3A8816: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+3A881A: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+3A881E: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+3A8826: E8 65 56 01 00 - call AoT.exe+3BDE90
"AoT.exe"+3A882B: 83 BB D8 2F 00 00 00 - cmp dword ptr [rbx+00002FD8],00
"AoT.exe"+3A8832: 74 15 - je AoT.exe+3A8849
}
//Regiment Fund - Equipment Supply Station - Cash In
regimentfund_ess_ci_aob:
db 48 8B D9 8B 50 1C
unregistersymbol(regimentfund_ess_ci_aob)
dealloc(regimentfund_ess_ci_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3ABBB6
"AoT.exe"+3ABB9C: C3 - ret
"AoT.exe"+3ABB9D: CC - int 3
"AoT.exe"+3ABB9E: CC - int 3
"AoT.exe"+3ABB9F: CC - int 3
"AoT.exe"+3ABBA0: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+3ABBA5: 57 - push rdi
"AoT.exe"+3ABBA6: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3ABBAA: 48 8B 05 A7 8A 86 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+3ABBB1: 8B FA - mov edi,edx
// ---------- INJECTING HERE ----------
"AoT.exe"+3ABBB3: 48 8B D9 - mov rbx,rcx
"AoT.exe"+3ABBB6: 8B 50 1C - mov edx,[rax+1C]
// ---------- DONE INJECTING ----------
"AoT.exe"+3ABBB9: 48 8B 05 28 A3 86 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+3ABBC0: 48 8D 0D DD 4E 63 00 - lea rcx,[AoT.exe+9E0AA4]
"AoT.exe"+3ABBC7: 48 85 C0 - test rax,rax
"AoT.exe"+3ABBCA: 41 B9 98 04 00 00 - mov r9d,00000498
"AoT.exe"+3ABBD0: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+3ABBD6: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+3ABBDA: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+3ABBDE: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+3ABBE6: E8 A5 22 01 00 - call AoT.exe+3BDE90
"AoT.exe"+3ABBEB: 83 BB D8 2F 00 00 00 - cmp dword ptr [rbx+00002FD8],00
"AoT.exe"+3ABBF2: 74 0E - je AoT.exe+3ABC02
}
//Regiment Fund - Material Acquisition Depot - Acquisition
regimentfund_mad_acq_aob:
db 48 8B D9 8B 50 1C
unregistersymbol(regimentfund_mad_acq_aob)
dealloc(regimentfund_mad_acq_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3A7C16
"AoT.exe"+3A7BFC: CC - int 3
"AoT.exe"+3A7BFD: CC - int 3
"AoT.exe"+3A7BFE: CC - int 3
"AoT.exe"+3A7BFF: CC - int 3
"AoT.exe"+3A7C00: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+3A7C05: 57 - push rdi
"AoT.exe"+3A7C06: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3A7C0A: 48 8B 05 47 CA 86 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+3A7C11: 8B FA - mov edi,edx
// ---------- INJECTING HERE ----------
"AoT.exe"+3A7C13: 48 8B D9 - mov rbx,rcx
"AoT.exe"+3A7C16: 8B 50 1C - mov edx,[rax+1C]
// ---------- DONE INJECTING ----------
"AoT.exe"+3A7C19: 48 8B 05 C8 E2 86 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+3A7C20: 48 8D 0D 7D 8E 63 00 - lea rcx,[AoT.exe+9E0AA4]
"AoT.exe"+3A7C27: 48 85 C0 - test rax,rax
"AoT.exe"+3A7C2A: 41 B9 98 04 00 00 - mov r9d,00000498
"AoT.exe"+3A7C30: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+3A7C36: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+3A7C3A: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+3A7C3E: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+3A7C46: E8 45 62 01 00 - call AoT.exe+3BDE90
"AoT.exe"+3A7C4B: 83 BB D8 2F 00 00 00 - cmp dword ptr [rbx+00002FD8],00
"AoT.exe"+3A7C52: 74 10 - je AoT.exe+3A7C64
}
//Regiment Fund - Material Acquisition Depot - Cash In
regimentfund_mad_ci_aob:
db 48 8B D9 8B 50 1C
unregistersymbol(regimentfund_mad_ci_aob)
dealloc(regimentfund_mad_ci_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3AC586
"AoT.exe"+3AC56C: CC - int 3
"AoT.exe"+3AC56D: CC - int 3
"AoT.exe"+3AC56E: CC - int 3
"AoT.exe"+3AC56F: CC - int 3
"AoT.exe"+3AC570: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+3AC575: 57 - push rdi
"AoT.exe"+3AC576: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3AC57A: 48 8B 05 D7 80 86 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+3AC581: 8B FA - mov edi,edx
// ---------- INJECTING HERE ----------
"AoT.exe"+3AC583: 48 8B D9 - mov rbx,rcx
"AoT.exe"+3AC586: 8B 50 1C - mov edx,[rax+1C]
// ---------- DONE INJECTING ----------
"AoT.exe"+3AC589: 48 8B 05 58 99 86 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+3AC590: 48 8D 0D 0D 45 63 00 - lea rcx,[AoT.exe+9E0AA4]
"AoT.exe"+3AC597: 48 85 C0 - test rax,rax
"AoT.exe"+3AC59A: 41 B9 98 04 00 00 - mov r9d,00000498
"AoT.exe"+3AC5A0: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+3AC5A6: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+3AC5AA: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+3AC5AE: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+3AC5B6: E8 D5 18 01 00 - call AoT.exe+3BDE90
"AoT.exe"+3AC5BB: 83 BB D8 2F 00 00 00 - cmp dword ptr [rbx+00002FD8],00
"AoT.exe"+3AC5C2: 74 0E - je AoT.exe+3AC5D2
}
//Regiment Fund - Corps Information
regimentfund_corpsinfo_aob:
db 41 B9 98 04 00 00
unregistersymbol(regimentfund_corpsinfo_aob)
dealloc(regimentfund_corpsinfo_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+300445
"AoT.exe"+300416: 83 BB 64 10 00 00 00 - cmp dword ptr [rbx+00001064],00
"AoT.exe"+30041D: 75 0F - jne AoT.exe+30042E
"AoT.exe"+30041F: 48 8D 8B E0 0D 00 00 - lea rcx,[rbx+00000DE0]
"AoT.exe"+300426: 48 8B 01 - mov rax,[rcx]
"AoT.exe"+300429: 8B D7 - mov edx,edi
"AoT.exe"+30042B: FF 50 20 - call qword ptr [rax+20]
"AoT.exe"+30042E: 83 BB 48 10 00 00 01 - cmp dword ptr [rbx+00001048],01
"AoT.exe"+300435: 74 3C - je AoT.exe+300473
"AoT.exe"+300437: 48 8B 05 1A 42 91 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+30043E: 48 8D 0D 5F 06 6E 00 - lea rcx,[AoT.exe+9E0AA4]
// ---------- INJECTING HERE ----------
"AoT.exe"+300445: 41 B9 98 04 00 00 - mov r9d,00000498
// ---------- DONE INJECTING ----------
"AoT.exe"+30044B: 8B 50 1C - mov edx,[rax+1C]
"AoT.exe"+30044E: 48 8B 05 93 5A 91 00 - mov rax,[AoT.exe+C15EE8]
"AoT.exe"+300455: 41 B8 01 00 00 00 - mov r8d,00000001
"AoT.exe"+30045B: 48 85 C0 - test rax,rax
"AoT.exe"+30045E: 89 7C 24 30 - mov [rsp+30],edi
"AoT.exe"+300462: C7 44 24 20 60 00 00 00 - mov [rsp+20],00000060
"AoT.exe"+30046A: 48 0F 45 C8 - cmovne rcx,rax
"AoT.exe"+30046E: E8 1D DA 0B 00 - call AoT.exe+3BDE90
"AoT.exe"+300473: 48 8B 5C 24 50 - mov rbx,[rsp+50]
"AoT.exe"+300478: 48 83 C4 40 - add rsp,40
}
//Materials - New Development - Blade - Required Materials
development_mat_blade_aob:
db 66 45 39 8C CA 88 5C 03 00
unregistersymbol(development_mat_blade_aob)
dealloc(development_mat_blade_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+39E80D
"AoT.exe"+39E7ED: 0F 1F 00 - nop [rax]
"AoT.exe"+39E7F0: 41 0F B6 40 FE - movzx eax,byte ptr [r8-02]
"AoT.exe"+39E7F5: 45 0F B7 08 - movzx r9d,word ptr [r8]
"AoT.exe"+39E7F9: 3C 80 - cmp al,-80
"AoT.exe"+39E7FB: 73 1B - jae AoT.exe+39E818
"AoT.exe"+39E7FD: 66 45 85 C9 - test r9w,r9w
"AoT.exe"+39E801: 74 15 - je AoT.exe+39E818
"AoT.exe"+39E803: 0F B6 C0 - movzx eax,al
"AoT.exe"+39E806: 48 8D 0C 40 - lea rcx,[rax+rax*2]
"AoT.exe"+39E80A: 48 03 C9 - add rcx,rcx
// ---------- INJECTING HERE ----------
"AoT.exe"+39E80D: 66 45 39 8C CA 88 5C 03 00 - cmp [r10+rcx*8+00035C88],r9w
// ---------- DONE INJECTING ----------
"AoT.exe"+39E816: 72 1E - jb AoT.exe+39E836
"AoT.exe"+39E818: 48 FF C2 - inc rdx
"AoT.exe"+39E81B: 49 83 C0 04 - add r8,04
"AoT.exe"+39E81F: 48 83 FA 04 - cmp rdx,04
"AoT.exe"+39E823: 7C CB - jl AoT.exe+39E7F0
"AoT.exe"+39E825: 8B 43 0C - mov eax,[rbx+0C]
"AoT.exe"+39E828: 41 39 42 1C - cmp [r10+1C],eax
"AoT.exe"+39E82C: 72 08 - jb AoT.exe+39E836
"AoT.exe"+39E82E: C7 06 0C 00 00 00 - mov [rsi],0000000C
"AoT.exe"+39E834: EB 1B - jmp AoT.exe+39E851
}
//Materials - New Development - Scabbard - Required Materials
development_mat_scabbard_aob:
db 66 45 39 8C CA 88 5C 03 00
unregistersymbol(development_mat_scabbard_aob)
dealloc(development_mat_scabbard_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+39E78D
"AoT.exe"+39E764: 66 66 66 66 0F 1F 84 00 00 00 00 00 - nop [rax+rax+00000000]
"AoT.exe"+39E770: 41 0F B6 40 FE - movzx eax,byte ptr [r8-02]
"AoT.exe"+39E775: 45 0F B7 08 - movzx r9d,word ptr [r8]
"AoT.exe"+39E779: 3C 80 - cmp al,-80
"AoT.exe"+39E77B: 73 1B - jae AoT.exe+39E798
"AoT.exe"+39E77D: 66 45 85 C9 - test r9w,r9w
"AoT.exe"+39E781: 74 15 - je AoT.exe+39E798
"AoT.exe"+39E783: 0F B6 C0 - movzx eax,al
"AoT.exe"+39E786: 48 8D 0C 40 - lea rcx,[rax+rax*2]
"AoT.exe"+39E78A: 48 03 C9 - add rcx,rcx
// ---------- INJECTING HERE ----------
"AoT.exe"+39E78D: 66 45 39 8C CA 88 5C 03 00 - cmp [r10+rcx*8+00035C88],r9w
// ---------- DONE INJECTING ----------
"AoT.exe"+39E796: 72 19 - jb AoT.exe+39E7B1
"AoT.exe"+39E798: 48 FF C2 - inc rdx
"AoT.exe"+39E79B: 49 83 C0 04 - add r8,04
"AoT.exe"+39E79F: 48 83 FA 04 - cmp rdx,04
"AoT.exe"+39E7A3: 7C CB - jl AoT.exe+39E770
"AoT.exe"+39E7A5: 8B 83 0C 22 00 00 - mov eax,[rbx+0000220C]
"AoT.exe"+39E7AB: 41 39 42 1C - cmp [r10+1C],eax
"AoT.exe"+39E7AF: 73 7D - jae AoT.exe+39E82E
"AoT.exe"+39E7B1: B9 01 00 00 00 - mov ecx,00000001
"AoT.exe"+39E7B6: E9 7D 00 00 00 - jmp AoT.exe+39E838
}
//Materials - New Development - ODMG - Required Materials
development_mat_odmg_aob:
db 66 45 39 8C CA 88 5C 03 00
unregistersymbol(development_mat_odmg_aob)
dealloc(development_mat_odmg_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+39E6FD
"AoT.exe"+39E6DB: 0F 1F 44 00 00 - nop [rax+rax+00]
"AoT.exe"+39E6E0: 41 0F B6 40 FE - movzx eax,byte ptr [r8-02]
"AoT.exe"+39E6E5: 45 0F B7 08 - movzx r9d,word ptr [r8]
"AoT.exe"+39E6E9: 3C 80 - cmp al,-80
"AoT.exe"+39E6EB: 73 1B - jae AoT.exe+39E708
"AoT.exe"+39E6ED: 66 45 85 C9 - test r9w,r9w
"AoT.exe"+39E6F1: 74 15 - je AoT.exe+39E708
"AoT.exe"+39E6F3: 0F B6 C0 - movzx eax,al
"AoT.exe"+39E6F6: 48 8D 0C 40 - lea rcx,[rax+rax*2]
"AoT.exe"+39E6FA: 48 03 C9 - add rcx,rcx
// ---------- INJECTING HERE ----------
"AoT.exe"+39E6FD: 66 45 39 8C CA 88 5C 03 00 - cmp [r10+rcx*8+00035C88],r9w
// ---------- DONE INJECTING ----------
"AoT.exe"+39E706: 72 1D - jb AoT.exe+39E725
"AoT.exe"+39E708: 48 FF C2 - inc rdx
"AoT.exe"+39E70B: 49 83 C0 04 - add r8,04
"AoT.exe"+39E70F: 48 83 FA 04 - cmp rdx,04
"AoT.exe"+39E713: 7C CB - jl AoT.exe+39E6E0
"AoT.exe"+39E715: 8B 83 0C 44 00 00 - mov eax,[rbx+0000440C]
"AoT.exe"+39E71B: 41 39 42 1C - cmp [r10+1C],eax
"AoT.exe"+39E71F: 0F 83 09 01 00 00 - jae AoT.exe+39E82E
"AoT.exe"+39E725: B9 02 00 00 00 - mov ecx,00000002
"AoT.exe"+39E72A: E9 09 01 00 00 - jmp AoT.exe+39E838
}
//Materials - Unlock All
materials_unlockall_aob:
db 0F B7 08 85 C9
unregistersymbol(materials_unlockall_aob)
dealloc(materials_unlockall_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2FEE8B
"AoT.exe"+2FEE60: 48 8B 05 F1 57 91 00 - mov rax,[AoT.exe+C14658]
"AoT.exe"+2FEE67: 44 8B 89 C8 00 00 00 - mov r9d,[rcx+000000C8]
"AoT.exe"+2FEE6E: 33 D2 - xor edx,edx
"AoT.exe"+2FEE70: 48 05 88 5C 03 00 - add rax,00035C88
"AoT.exe"+2FEE76: 41 B8 80 00 00 00 - mov r8d,00000080
"AoT.exe"+2FEE7C: 0F 1F 40 00 - nop [rax+00]
"AoT.exe"+2FEE80: 45 85 C9 - test r9d,r9d
"AoT.exe"+2FEE83: 74 06 - je AoT.exe+2FEE8B
"AoT.exe"+2FEE85: 0F B7 48 02 - movzx ecx,word ptr [rax+02]
"AoT.exe"+2FEE89: EB 03 - jmp AoT.exe+2FEE8E
// ---------- INJECTING HERE ----------
"AoT.exe"+2FEE8B: 0F B7 08 - movzx ecx,word ptr [rax]
"AoT.exe"+2FEE8E: 85 C9 - test ecx,ecx
// ---------- DONE INJECTING ----------
"AoT.exe"+2FEE90: 74 02 - je AoT.exe+2FEE94
"AoT.exe"+2FEE92: FF C2 - inc edx
"AoT.exe"+2FEE94: 48 83 C0 30 - add rax,30
"AoT.exe"+2FEE98: 49 FF C8 - dec r8
"AoT.exe"+2FEE9B: 75 E3 - jne AoT.exe+2FEE80
"AoT.exe"+2FEE9D: 8B C2 - mov eax,edx
"AoT.exe"+2FEE9F: C3 - ret
"AoT.exe"+2FEEA0: B8 01 00 00 00 - mov eax,00000001
"AoT.exe"+2FEEA5: C3 - ret
"AoT.exe"+2FEEA6: CC - int 3
}
//Materials - Materials Acquisition Depot - Acquisition - Selected Material
materials_mad_acq_selected_aob:
db 0F B7 94 C7 88 5C 03 00
unregistersymbol(materials_mad_acq_selected_aob)
dealloc(materials_mad_acq_selected_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3A7B7F
"AoT.exe"+3A7B46: 33 D2 - xor edx,edx
"AoT.exe"+3A7B48: 44 89 86 A8 27 00 00 - mov [rsi+000027A8],r8d
"AoT.exe"+3A7B4F: C7 86 AC 27 00 00 01 00 00 00 - mov [rsi+000027AC],00000001
"AoT.exe"+3A7B59: 44 8D 42 2C - lea r8d,[rdx+2C]
"AoT.exe"+3A7B5D: 48 8D 4C 24 20 - lea rcx,[rsp+20]
"AoT.exe"+3A7B62: C7 86 B0 27 00 00 E7 03 00 00 - mov [rsi+000027B0],000003E7
"AoT.exe"+3A7B6C: 44 89 8E B4 27 00 00 - mov [rsi+000027B4],r9d
"AoT.exe"+3A7B73: E8 58 AD 46 00 - call AoT.exe+8128D0
"AoT.exe"+3A7B78: 48 8D 04 5B - lea rax,[rbx+rbx*2]
"AoT.exe"+3A7B7C: 48 03 C0 - add rax,rax
// ---------- INJECTING HERE ----------
"AoT.exe"+3A7B7F: 0F B7 94 C7 88 5C 03 00 - movzx edx,word ptr [rdi+rax*8+00035C88]
// ---------- DONE INJECTING ----------
"AoT.exe"+3A7B87: 8B 44 24 28 - mov eax,[rsp+28]
"AoT.exe"+3A7B8B: 48 8B 7C 24 70 - mov rdi,[rsp+70]
"AoT.exe"+3A7B90: C7 86 08 27 00 00 01 00 00 00 - mov [rsi+00002708],00000001
"AoT.exe"+3A7B9A: 89 9E 0C 27 00 00 - mov [rsi+0000270C],ebx
"AoT.exe"+3A7BA0: 89 86 10 27 00 00 - mov [rsi+00002710],eax
"AoT.exe"+3A7BA6: 8B 44 24 2C - mov eax,[rsp+2C]
"AoT.exe"+3A7BAA: 89 86 14 27 00 00 - mov [rsi+00002714],eax
"AoT.exe"+3A7BB0: 8B 44 24 3C - mov eax,[rsp+3C]
"AoT.exe"+3A7BB4: 48 89 AE 18 27 00 00 - mov [rsi+00002718],rbp
"AoT.exe"+3A7BBB: C7 86 20 27 00 00 FF FF FF FF - mov [rsi+00002720],FFFFFFFF
}
//Materials - Materials Acquisition Depot - Cash In - Selected Material
materials_mad_ci_selected_aob:
db 41 0F B7 84 ED 88 5C 03 00
unregistersymbol(materials_mad_ci_selected_aob)
dealloc(materials_mad_ci_selected_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3AC47E
"AoT.exe"+3AC44D: 89 44 24 2C - mov [rsp+2C],eax
"AoT.exe"+3AC451: 41 8B 86 B0 27 00 00 - mov eax,[r14+000027B0]
"AoT.exe"+3AC458: 48 03 C9 - add rcx,rcx
"AoT.exe"+3AC45B: 89 44 24 30 - mov [rsp+30],eax
"AoT.exe"+3AC45F: 48 8B 05 EA 81 86 00 - mov rax,[AoT.exe+C14650]
"AoT.exe"+3AC466: 8B 94 C8 A8 69 00 00 - mov edx,[rax+rcx*8+000069A8]
"AoT.exe"+3AC46D: 41 8B 8E 08 27 00 00 - mov ecx,[r14+00002708]
"AoT.exe"+3AC474: 41 8B C4 - mov eax,r12d
"AoT.exe"+3AC477: 48 8D 2C 40 - lea rbp,[rax+rax*2]
"AoT.exe"+3AC47B: 48 03 ED - add rbp,rbp
// ---------- INJECTING HERE ----------
"AoT.exe"+3AC47E: 41 0F B7 84 ED 88 5C 03 00 - movzx eax,word ptr [r13+rbp*8+00035C88]
// ---------- DONE INJECTING ----------
"AoT.exe"+3AC487: 45 89 86 A0 27 00 00 - mov [r14+000027A0],r8d
"AoT.exe"+3AC48E: 45 8B 86 14 27 00 00 - mov r8d,[r14+00002714]
"AoT.exe"+3AC495: 45 89 8E A4 27 00 00 - mov [r14+000027A4],r9d
"AoT.exe"+3AC49C: 45 8B 8E 18 27 00 00 - mov r9d,[r14+00002718]
"AoT.exe"+3AC4A3: 41 89 96 A8 27 00 00 - mov [r14+000027A8],edx
"AoT.exe"+3AC4AA: 41 8B 96 10 27 00 00 - mov edx,[r14+00002710]
"AoT.exe"+3AC4B1: 41 C7 86 AC 27 00 00 01 00 00 00 - mov [r14+000027AC],00000001
"AoT.exe"+3AC4BC: 41 89 86 B0 27 00 00 - mov [r14+000027B0],eax
"AoT.exe"+3AC4C3: 41 8B 86 0C 27 00 00 - mov eax,[r14+0000270C]
"AoT.exe"+3AC4CA: 45 89 96 B4 27 00 00 - mov [r14+000027B4],r10d
}
//Materials - Corps Information - Selected Material
materials_ci_selected_aob:
db 41 0F B7 84 CD 88 5C 03 00
unregistersymbol(materials_ci_selected_aob)
dealloc(materials_ci_selected_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+301016
"AoT.exe"+300FE1: 45 8B 9E 2C 10 00 00 - mov r11d,[r14+0000102C]
"AoT.exe"+300FE8: 41 8B 9E 30 10 00 00 - mov ebx,[r14+00001030]
"AoT.exe"+300FEF: 41 8B BE 34 10 00 00 - mov edi,[r14+00001034]
"AoT.exe"+300FF6: 89 44 24 24 - mov [rsp+24],eax
"AoT.exe"+300FFA: 41 8B 86 40 10 00 00 - mov eax,[r14+00001040]
"AoT.exe"+301001: 89 44 24 48 - mov [rsp+48],eax
"AoT.exe"+301005: 41 8B C7 - mov eax,r15d
"AoT.exe"+301008: 45 89 BE 70 10 00 00 - mov [r14+00001070],r15d
"AoT.exe"+30100F: 48 8D 0C 40 - lea rcx,[rax+rax*2]
"AoT.exe"+301013: 48 03 C9 - add rcx,rcx
// ---------- INJECTING HERE ----------
"AoT.exe"+301016: 41 0F B7 84 CD 88 5C 03 00 - movzx eax,word ptr [r13+rcx*8+00035C88]
// ---------- DONE INJECTING ----------
"AoT.exe"+30101F: 4C 8B 6C 24 68 - mov r13,[rsp+68]
"AoT.exe"+301024: 41 89 96 18 10 00 00 - mov [r14+00001018],edx
"AoT.exe"+30102B: 45 89 BE 1C 10 00 00 - mov [r14+0000101C],r15d
"AoT.exe"+301032: 4C 8B 7C 24 60 - mov r15,[rsp+60]
"AoT.exe"+301037: 45 89 86 20 10 00 00 - mov [r14+00001020],r8d
"AoT.exe"+30103E: 45 89 8E 24 10 00 00 - mov [r14+00001024],r9d
"AoT.exe"+301045: 45 89 96 28 10 00 00 - mov [r14+00001028],r10d
"AoT.exe"+30104C: 45 89 9E 2C 10 00 00 - mov [r14+0000102C],r11d
"AoT.exe"+301053: 41 89 9E 30 10 00 00 - mov [r14+00001030],ebx
"AoT.exe"+30105A: 41 89 BE 34 10 00 00 - mov [r14+00001034],edi
}
//Fortify Blade
fortify_blade_aob:
db 42 0F B6 84 08 89 51 02 00
unregistersymbol(fortify_blade_aob)
dealloc(fortify_blade_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2FAB3C
"AoT.exe"+2FAB0F: 42 0F B6 84 08 89 6A 02 00 - movzx eax,byte ptr [rax+r9+00026A89]
"AoT.exe"+2FAB18: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAB1C: C3 - ret
"AoT.exe"+2FAB1D: 4C 8B 0D 34 9B 91 00 - mov r9,[AoT.exe+C14658]
"AoT.exe"+2FAB24: 49 8D 89 88 51 02 00 - lea rcx,[r9+00025188]
"AoT.exe"+2FAB2B: E8 90 50 E4 FF - call AoT.exe+13FBC0
"AoT.exe"+2FAB30: 44 3B C0 - cmp r8d,eax
"AoT.exe"+2FAB33: 73 15 - jae AoT.exe+2FAB4A
"AoT.exe"+2FAB35: 49 8B C0 - mov rax,r8
"AoT.exe"+2FAB38: 48 C1 E0 06 - shl rax,06
// ---------- INJECTING HERE ----------
"AoT.exe"+2FAB3C: 42 0F B6 84 08 89 51 02 00 - movzx eax,byte ptr [rax+r9+00025189]
// ---------- DONE INJECTING ----------
"AoT.exe"+2FAB45: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAB49: C3 - ret
"AoT.exe"+2FAB4A: 83 C8 FF - or eax,-01
"AoT.exe"+2FAB4D: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAB51: C3 - ret
"AoT.exe"+2FAB52: CC - int 3
"AoT.exe"+2FAB53: CC - int 3
"AoT.exe"+2FAB54: CC - int 3
"AoT.exe"+2FAB55: CC - int 3
"AoT.exe"+2FAB56: CC - int 3
}
//Fortify Scabbard
fortify_scabbard_aob:
db 42 0F B6 84 08 89 6A 02 00
unregistersymbol(fortify_scabbard_aob)
dealloc(fortify_scabbard_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2FAB0F
"AoT.exe"+2FAAE2: 42 0F B6 84 08 89 83 02 00 - movzx eax,byte ptr [rax+r9+00028389]
"AoT.exe"+2FAAEB: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAAEF: C3 - ret
"AoT.exe"+2FAAF0: 4C 8B 0D 61 9B 91 00 - mov r9,[AoT.exe+C14658]
"AoT.exe"+2FAAF7: 49 8D 89 88 51 02 00 - lea rcx,[r9+00025188]
"AoT.exe"+2FAAFE: E8 6D 56 E4 FF - call AoT.exe+140170
"AoT.exe"+2FAB03: 44 3B C0 - cmp r8d,eax
"AoT.exe"+2FAB06: 73 42 - jae AoT.exe+2FAB4A
"AoT.exe"+2FAB08: 49 8B C0 - mov rax,r8
"AoT.exe"+2FAB0B: 48 C1 E0 06 - shl rax,06
// ---------- INJECTING HERE ----------
"AoT.exe"+2FAB0F: 42 0F B6 84 08 89 6A 02 00 - movzx eax,byte ptr [rax+r9+00026A89]
// ---------- DONE INJECTING ----------
"AoT.exe"+2FAB18: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAB1C: C3 - ret
"AoT.exe"+2FAB1D: 4C 8B 0D 34 9B 91 00 - mov r9,[AoT.exe+C14658]
"AoT.exe"+2FAB24: 49 8D 89 88 51 02 00 - lea rcx,[r9+00025188]
"AoT.exe"+2FAB2B: E8 90 50 E4 FF - call AoT.exe+13FBC0
"AoT.exe"+2FAB30: 44 3B C0 - cmp r8d,eax
"AoT.exe"+2FAB33: 73 15 - jae AoT.exe+2FAB4A
"AoT.exe"+2FAB35: 49 8B C0 - mov rax,r8
"AoT.exe"+2FAB38: 48 C1 E0 06 - shl rax,06
"AoT.exe"+2FAB3C: E9 BF 88 CE FF - jmp 7FF7510C3400
}
//Fortify ODMG
fortify_odmg_aob:
db 42 0F B6 84 08 89 83 02 00
unregistersymbol(fortify_odmg_aob)
dealloc(fortify_odmg_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2FAAE2
"AoT.exe"+2FAABC: 33 C0 - xor eax,eax
"AoT.exe"+2FAABE: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAAC2: C3 - ret
"AoT.exe"+2FAAC3: 4C 8B 0D 8E 9B 91 00 - mov r9,[AoT.exe+C14658]
"AoT.exe"+2FAACA: 49 8D 89 88 51 02 00 - lea rcx,[r9+00025188]
"AoT.exe"+2FAAD1: E8 8A 5C E4 FF - call AoT.exe+140760
"AoT.exe"+2FAAD6: 44 3B C0 - cmp r8d,eax
"AoT.exe"+2FAAD9: 73 6F - jae AoT.exe+2FAB4A
"AoT.exe"+2FAADB: 49 8B C0 - mov rax,r8
"AoT.exe"+2FAADE: 48 C1 E0 06 - shl rax,06
// ---------- INJECTING HERE ----------
"AoT.exe"+2FAAE2: 42 0F B6 84 08 89 83 02 00 - movzx eax,byte ptr [rax+r9+00028389]
// ---------- DONE INJECTING ----------
"AoT.exe"+2FAAEB: 48 83 C4 28 - add rsp,28
"AoT.exe"+2FAAEF: C3 - ret
"AoT.exe"+2FAAF0: 4C 8B 0D 61 9B 91 00 - mov r9,[AoT.exe+C14658]
"AoT.exe"+2FAAF7: 49 8D 89 88 51 02 00 - lea rcx,[r9+00025188]
"AoT.exe"+2FAAFE: E8 6D 56 E4 FF - call AoT.exe+140170
"AoT.exe"+2FAB03: 44 3B C0 - cmp r8d,eax
"AoT.exe"+2FAB06: 73 42 - jae AoT.exe+2FAB4A
"AoT.exe"+2FAB08: 49 8B C0 - mov rax,r8
"AoT.exe"+2FAB0B: 48 C1 E0 06 - shl rax,06
"AoT.exe"+2FAB0F: 42 0F B6 84 08 89 6A 02 00 - movzx eax,byte ptr [rax+r9+00026A89]
}
51
"Regiment Fund Set to Max?"
FF8000
4 Bytes
regimentfund_set
204
"Development Required Materials Set to 999?"
FF8000
4 Bytes
development_mat_set
206
"Materials Quantity Change to 999?"
0:No
1:Selected
2:Unlock All (To Update: Corps Information Materials/Material Acquisition Depot Cash In
FF8000
4 Bytes
materials_set
273
"Fortification Set to 99?"
FF8000
4 Bytes
fortify_set
52
"Player Data Stats"
1
53
"Regiment Fund"
4 Bytes
regimentfund_base
1C
54
"Materials"
1
56
"Iron Bamboo Fragment"
4 Bytes
regimentfund_base
35C88
57
"B-Grade Iron Bamboo"
4 Bytes
regimentfund_base
35CB8
58
"A-Grade Iron Bamboo"
4 Bytes
regimentfund_base
35CE8
59
"S-Grade Iron Bamboo"
4 Bytes
regimentfund_base
35D18
60
"Iron Scraps"
4 Bytes
regimentfund_base
35D48
61
"B-Grade Steel"
4 Bytes
regimentfund_base
35D78
62
"A-Grade Steel"
4 Bytes
regimentfund_base
35DA8
63
"S-Grade Steel"
4 Bytes
regimentfund_base
35DD8
64
"B-Grade Ultra-Hard Steel"
4 Bytes
regimentfund_base
35E08
67
"A-Grade Ultra-Hard Steel"
4 Bytes
regimentfund_base
35E38
66
"S-Grade Ultra-Hard Steel"
4 Bytes
regimentfund_base
35E68
65
"Iceburst Stone Fragment"
4 Bytes
regimentfund_base
35E98
68
"B-Grade Iceburst Stone"
4 Bytes
regimentfund_base
35EC8
69
"A-Grade Iceburst Stone"
4 Bytes
regimentfund_base
35EF8
73
"S-Grade Iceburst Stone"
4 Bytes
regimentfund_base
35F28
72
"Low-Quality Rare Metal"
4 Bytes
regimentfund_base
35F58
71
"Rare Metal"
4 Bytes
regimentfund_base
35F88
70
"High-Quality Rare Metal"
4 Bytes
regimentfund_base
35FB8
78
"Ultra-High-Quality Rare Metal"
4 Bytes
regimentfund_base
35FE8
77
"Super-Durable Steel (Prototype)"
4 Bytes
regimentfund_base
36018
83
"Super-Durable Steel"
4 Bytes
regimentfund_base
36048
82
"New Super-Durable Steel"
4 Bytes
regimentfund_base
36078
81
"Light Steel (Prototype)"
4 Bytes
regimentfund_base
360A8
80
"Light Steel"
4 Bytes
regimentfund_base
360D8
88
"New Light Steel"
4 Bytes
regimentfund_base
36108
93
"Gem Steel"
4 Bytes
regimentfund_base
36138
92
"Super Gem Steel"
4 Bytes
regimentfund_base
36168
91
"Meteoric Iron"
4 Bytes
regimentfund_base
36198
90
"Wood"
4 Bytes
regimentfund_base
361C8
89
"High-Quality Wood"
4 Bytes
regimentfund_base
361F8
87
"Giant Tree Core"
4 Bytes
regimentfund_base
36228
86
"Leather"
4 Bytes
regimentfund_base
36258
85
"High-Quality Leather"
4 Bytes
regimentfund_base
36288
98
"Custom Leather"
4 Bytes
regimentfund_base
362B8
97
"High-Pressure Canister (Prototype)"
4 Bytes
regimentfund_base
362E8
96
"High-Pressure Canister"
4 Bytes
regimentfund_base
36318
95
"Super-High-Pressure Canister"
4 Bytes
regimentfund_base
36348
94
"Large Canister (Prototype)"
4 Bytes
regimentfund_base
36378
84
"Large Canister"
4 Bytes
regimentfund_base
363A8
79
"Extra-Large Canister"
4 Bytes
regimentfund_base
363D8
76
"Rigid Wire (Prototype)"
4 Bytes
regimentfund_base
36408
75
"Rigid Wire"
4 Bytes
regimentfund_base
36438
74
"Super-Rigid Wire"
4 Bytes
regimentfund_base
36468
99
"Lightweight Wire (Prototype)"
4 Bytes
regimentfund_base
36498
105
"Lightweight Wire"
4 Bytes
regimentfund_base
364C8
104
"Extra-Lightweight Wire"
4 Bytes
regimentfund_base
364F8
103
"High-Speed Fan (Prototype)"
4 Bytes
regimentfund_base
36528
102
"High-Speed Fan"
4 Bytes
regimentfund_base
36558
101
"Super-High-Speed Fan"
4 Bytes
regimentfund_base
36588
100
"Titan Skin Fragment"
4 Bytes
regimentfund_base
365B8
112
"Titan Crystal Fragment"
4 Bytes
regimentfund_base
365E8
111
"Titan Crystal"
4 Bytes
regimentfund_base
36618
110
"Large Titan Crystal"
4 Bytes
regimentfund_base
36648
109
"Abnormal Skin Fragment"
4 Bytes
regimentfund_base
36678
108
"Abnormal Crystal Fragment"
4 Bytes
regimentfund_base
366A8
107
"Abnormal Crystal"
4 Bytes
regimentfund_base
366D8
106
"Large Abnormal Crystal"
4 Bytes
regimentfund_base
36708
119
"Ultra-Hardened Crystal Fragment"
4 Bytes
regimentfund_base
36738
118
"Ultra-Hardened Crystal"
4 Bytes
regimentfund_base
36768
117
"Large Ultra-Hardened Crystal"
4 Bytes
regimentfund_base
36798
116
"Shining Titan Crystal"
4 Bytes
regimentfund_base
367C8
115
"Glowing Titan Crystal"
4 Bytes
regimentfund_base
367F8
114
"Titan Armor Fragment"
4 Bytes
regimentfund_base
36828
113
"Large Titan Armor Fragment"
4 Bytes
regimentfund_base
36858
121
"Unusual Titan Crystal"
4 Bytes
regimentfund_base
36888
120
"Ominous Titan Crystal"
4 Bytes
regimentfund_base
368B8
139
"Giant Crystal"
4 Bytes
regimentfund_base
368E8
138
"Colossal Crystal"
4 Bytes
regimentfund_base
36918
137
"Unique Crystal Fragment"
4 Bytes
regimentfund_base
36948
136
"Unique Crystal"
4 Bytes
regimentfund_base
36978
135
"Large Unique Crystal"
4 Bytes
regimentfund_base
369A8
134
"Generic Statement of Deployment"
4 Bytes
regimentfund_base
369D8
133
"High-Rank Generic Statement of Deployment"
4 Bytes
regimentfund_base
36A08
132
"Top-Rank Generic Statement of Deployment"
4 Bytes
regimentfund_base
36A38
131
"Specialized Statement of Deployment"
4 Bytes
regimentfund_base
36A68
130
"High-Rank Specialized Statement of Deployment"
4 Bytes
regimentfund_base
36A98
129
"Top-Rank Specialized Statement of Deployment"
4 Bytes
regimentfund_base
36AC8
128
"Ceremonial Statement of Deployment"
4 Bytes
regimentfund_base
36AF8
127
"High-Rank Ceremonial Statement of Deployment"
4 Bytes
regimentfund_base
36B28
126
"Top-Rank Ceremonial Statement of Deployment"
4 Bytes
regimentfund_base
36B58
125
"Dummy"
4 Bytes
regimentfund_base
36B88
124
"Dummy"
4 Bytes
regimentfund_base
36BB8
123
"Dummy"
4 Bytes
regimentfund_base
36BE8
122
"Dummy"
4 Bytes
regimentfund_base
36C18
202
"Dummy"
4 Bytes
regimentfund_base
36C48
201
"Dummy"
4 Bytes
regimentfund_base
36C78
200
"Dummy"
4 Bytes
regimentfund_base
36CA8
199
"Dummy"
4 Bytes
regimentfund_base
36CD8
198
"Dummy"
4 Bytes
regimentfund_base
36D08
197
"Dummy"
4 Bytes
regimentfund_base
36D38
196
"Dummy"
4 Bytes
regimentfund_base
36D68
195
"Dummy"
4 Bytes
regimentfund_base
36D98
194
"Dummy"
4 Bytes
regimentfund_base
36DC8
193
"Dummy"
4 Bytes
regimentfund_base
36DF8
192
"Dummy"
4 Bytes
regimentfund_base
36E28
191
"Dummy"
4 Bytes
regimentfund_base
36E58
190
"Dummy"
4 Bytes
regimentfund_base
36E88
189
"Dummy"
4 Bytes
regimentfund_base
36EB8
188
"Dummy"
4 Bytes
regimentfund_base
36EE8
187
"Dummy"
4 Bytes
regimentfund_base
36F18
186
"Dummy"
4 Bytes
regimentfund_base
36F48
185
"Dummy"
4 Bytes
regimentfund_base
36F78
184
"Dummy"
4 Bytes
regimentfund_base
36FA8
183
"Dummy"
4 Bytes
regimentfund_base
36FD8
182
"Dummy"
4 Bytes
regimentfund_base
37008
181
"Dummy"
4 Bytes
regimentfund_base
37038
180
"Dummy"
4 Bytes
regimentfund_base
37068
179
"Dummy"
4 Bytes
regimentfund_base
37098
178
"Dummy"
4 Bytes
regimentfund_base
370C8
177
"Dummy"
4 Bytes
regimentfund_base
370F8
176
"Dummy"
4 Bytes
regimentfund_base
37128
175
"Dummy"
4 Bytes
regimentfund_base
37158
174
"Dummy"
4 Bytes
regimentfund_base
37188
173
"Dummy"
4 Bytes
regimentfund_base
371B8
172
"Dummy"
4 Bytes
regimentfund_base
371E8
171
"Dummy"
4 Bytes
regimentfund_base
37218
170
"Dummy"
4 Bytes
regimentfund_base
37248
169
"Dummy"
4 Bytes
regimentfund_base
37278
168
"Dummy"
4 Bytes
regimentfund_base
372A8
167
"Dummy"
4 Bytes
regimentfund_base
372D8
166
"Dummy"
4 Bytes
regimentfund_base
37308
165
"Dummy"
4 Bytes
regimentfund_base
37338
164
"Dummy"
4 Bytes
regimentfund_base
37368
163
"Dummy"
4 Bytes
regimentfund_base
37398
162
"Dummy"
4 Bytes
regimentfund_base
373C8
161
"Dummy"
4 Bytes
regimentfund_base
373F8
160
"Dummy"
4 Bytes
regimentfund_base
37428
159
"Dummy"
4 Bytes
regimentfund_base
37458
3
"Battle Gauge Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(battlegauge_base,8,"AoT.exe")
alloc(bladegauge_set,4,"AoT.exe")
alloc(gasgauge_set,4,"AoT.exe")
alloc(anchorgauge_set,4,"AoT.exe")
alloc(focuschance_set,4,"AoT.exe")
alloc(focusgauge_set,4,"AoT.exe")
alloc(decisivegauge_set,4,"AoT.exe")
alloc(titanhealth_set,4,"AoT.exe")
alloc(titanrage_set,4,"AoT.exe")
alloc(horsestamina_set,4,"AoT.exe")
alloc(cannonammo_set,4,"AoT.exe")
registersymbol(battlegauge_base)
registersymbol(bladegauge_set)
registersymbol(gasgauge_set)
registersymbol(anchorgauge_set)
registersymbol(focuschance_set)
registersymbol(focusgauge_set)
registersymbol(decisivegauge_set)
registersymbol(titanhealth_set)
registersymbol(titanrage_set)
registersymbol(horsestamina_set)
registersymbol(cannonammo_set)
[DISABLE]
dealloc(battlegauge_base)
dealloc(bladegauge_set)
dealloc(gasgauge_set)
dealloc(anchorgauge_set)
dealloc(focuschance_set)
dealloc(focusgauge_set)
dealloc(decisivegauge_set)
dealloc(titanhealth_set)
dealloc(titanrage_set)
dealloc(horsestamina_set)
dealloc(cannonammo_set)
unregistersymbol(battlegauge_base)
unregistersymbol(bladegauge_set)
unregistersymbol(gasgauge_set)
unregistersymbol(anchorgauge_set)
unregistersymbol(focuschance_set)
unregistersymbol(focusgauge_set)
unregistersymbol(decisivegauge_set)
unregistersymbol(titanhealth_set)
unregistersymbol(titanrage_set)
unregistersymbol(horsestamina_set)
unregistersymbol(cannonammo_set)
4
"Battle Gauge Base Address Scan (To Update: Battle)"
800000
Auto Assembler Script
[ENABLE]
//Blade & Gas Gauge & Focus Chance
aobscanmodule(battlegauge_searchedaob,AoT.exe,00 F3 0F 10 83 B0 19 00 00)
label(battlegauge_aob)
registersymbol(battlegauge_aob)
alloc(battlegauge_newmem,$1000,"AoT.exe"+43F8D)
label(battlegauge_return)
battlegauge_newmem:
//Base Address
mov [battlegauge_base],rbx
push eax
//Blade Gauge
cmp [bladegauge_set],#0
je @f
mov eax,[rbx+199C]
mov [rbx+1998],eax
@@:
//Gas Gauge
cmp [gasgauge_set],#0
je @f
mov eax,[rbx+19B4]
mov [rbx+19B0],eax
@@:
//Decisive Battle Signal Meter
cmp [decisivegauge_set],#0
je @f
mov [rbx+1980],(float)18000
mov byte ptr [rbx+1984],#3
@@:
//Focus Chance
cmp [focuschance_set],#0
je @f
mov ax,[rbx+184E]
mov [rbx+184C],ax
@@:
//Titan Health
cmp [titanhealth_set],#0
je @f
push ecx
movd ecx,xmm0 //Backup xmm0
movd xmm0,[rbx+17F0]
cvtdq2ps xmm0,xmm0
movss [rbx+17F4],xmm0
movd xmm0,ecx //Restore xmm0
pop ecx
@@:
//Titan Rage
cmp [titanrage_set],#0
je @f
mov word ptr [rbx+1AF4],#1000
@@:
//Horse Stamina
cmp [horsestamina_set],#0
je @f
mov eax,[rbx+B240]
mov [rbx+B23C],eax
@@:
pop eax
movss xmm0,[rbx+000019B0]
jmp battlegauge_return
battlegauge_searchedaob+01:
battlegauge_aob:
jmp battlegauge_newmem
nop
nop
nop
battlegauge_return:
//Anchor Gauge
aobscanmodule(battlegauge_anchor_aob,AoT.exe,F3 41 0F 10 85 1C 18 00 00)
registersymbol(battlegauge_anchor_aob)
alloc(battlegauge_anchor_newmem,1024,AoT.exe)
label(battlegauge_anchor_return)
battlegauge_anchor_newmem:
cmp [anchorgauge_set],#0
je @f
push eax
mov eax,[r13+00001820]
mov [r13+0000181C],eax
pop eax
@@:
movss xmm0,[r13+0000181C]
jmp battlegauge_anchor_return
battlegauge_anchor_aob:
jmp battlegauge_anchor_newmem
nop
nop
nop
nop
battlegauge_anchor_return:
//Focus Gauge
aobscanmodule(focusgauge_aob,AoT.exe,F3 0F 10 81 38 18 00 00 0F)
registersymbol(focusgauge_aob)
alloc(focusgauge_newmem,1024,AoT.exe)
label(focusgauge_originalcode)
label(focusgauge_return)
focusgauge_newmem:
cmp [focusgauge_set],#0
je focusgauge_originalcode
push eax
sub rsp,8 //Move Stack Pointer
movss [rsp],xmm0 //Backup xmm0
movss [rsp+4],xmm1 //Backup xmm1
movss xmm0,[rcx+00001838]
movss xmm1,[rcx+0000183C]
comiss xmm0,xmm1
jae @f
mov eax,[rcx+0000183C]
mov [rcx+00001838],eax
@@:
movss xmm1,[rsp+4] //Restore xmm1
movss xmm0,[rsp] //Restore xmm0
add rsp,8
pop eax
focusgauge_originalcode:
movss xmm0,[rcx+00001838]
jmp focusgauge_return
focusgauge_aob:
jmp focusgauge_newmem
nop
nop
nop
focusgauge_return:
//Cannon Ammo
aobscanmodule(cannonammo_aob,AoT.exe,66 83 BF 86 01 00 00 00)
registersymbol(cannonammo_aob)
alloc(cannonammo_newmem,1024,AoT.exe)
label(cannonammo_return)
cannonammo_newmem:
cmp [cannonammo_set],#0
je @f
mov word ptr [rdi+00000186],#20
@@:
cmp word ptr [rdi+00000186],00
jmp cannonammo_return
cannonammo_aob:
jmp cannonammo_newmem
nop
nop
nop
cannonammo_return:
[DISABLE]
//Blade & Gas Gauge
battlegauge_aob:
db F3 0F 10 83 B0 19 00 00
unregistersymbol(battlegauge_aob)
dealloc(battlegauge_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+43F8D
"AoT.exe"+43F4D: 74 19 - je AoT.exe+43F68
"AoT.exe"+43F4F: 48 81 C1 90 99 00 00 - add rcx,00009990
"AoT.exe"+43F56: 89 B9 1C 0C 00 00 - mov [rcx+00000C1C],edi
"AoT.exe"+43F5C: E8 3F 78 0C 00 - call AoT.exe+10B7A0
"AoT.exe"+43F61: 48 89 B9 F0 0B 00 00 - mov [rcx+00000BF0],rdi
"AoT.exe"+43F68: F6 83 C0 57 00 00 02 - test byte ptr [rbx+000057C0],02
"AoT.exe"+43F6F: 4C 8B BC 24 60 01 00 00 - mov r15,[rsp+00000160]
"AoT.exe"+43F77: 4C 8B A4 24 A8 01 00 00 - mov r12,[rsp+000001A8]
"AoT.exe"+43F7F: 48 8B AC 24 98 01 00 00 - mov rbp,[rsp+00000198]
"AoT.exe"+43F87: 0F 84 BB 00 00 00 - je AoT.exe+44048
// ---------- INJECTING HERE ----------
"AoT.exe"+43F8D: F3 0F 10 83 B0 19 00 00 - movss xmm0,[rbx+000019B0]
// ---------- DONE INJECTING ----------
"AoT.exe"+43F95: 0F 5A C0 - cvtps2pd xmm0,xmm0
"AoT.exe"+43F98: 66 0F 54 05 70 6B A4 00 - andpd xmm0,[AoT.exe+A8AB10]
"AoT.exe"+43FA0: 66 0F 5A C8 - cvtpd2ps xmm1,xmm0
"AoT.exe"+43FA4: F3 0F 10 05 08 50 A4 00 - movss xmm0,[AoT.exe+A88FB4]
"AoT.exe"+43FAC: 0F 2F C1 - comiss xmm0,xmm1
"AoT.exe"+43FAF: 0F 86 93 00 00 00 - jbe AoT.exe+44048
"AoT.exe"+43FB5: 48 8B 83 D0 43 00 00 - mov rax,[rbx+000043D0]
"AoT.exe"+43FBC: A8 01 - test al,01
"AoT.exe"+43FBE: 0F 86 84 00 00 00 - jbe AoT.exe+44048
"AoT.exe"+43FC4: 48 B9 00 00 00 00 00 00 80 00 - mov rcx,0080000000000000
}
//Anchor Gauge
battlegauge_anchor_aob:
db F3 41 0F 10 85 1C 18 00 00
unregistersymbol(battlegauge_anchor_aob)
dealloc(battlegauge_anchor_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+339451
"AoT.exe"+339429: 72 03 - jb AoT.exe+33942E
"AoT.exe"+33942B: 0F 28 C7 - movaps xmm0,xmm7
"AoT.exe"+33942E: F3 0F 11 43 44 - movss [rbx+44],xmm0
"AoT.exe"+339433: 48 8B 4B 38 - mov rcx,[rbx+38]
"AoT.exe"+339437: 4C 8B 7C 24 48 - mov r15,[rsp+48]
"AoT.exe"+33943C: 41 80 7C 0F 5B 00 - cmp byte ptr [r15+rcx+5B],00
"AoT.exe"+339442: 75 0D - jne AoT.exe+339451
"AoT.exe"+339444: 0F 2F 7B 44 - comiss xmm7,[rbx+44]
"AoT.exe"+339448: 72 07 - jb AoT.exe+339451
"AoT.exe"+33944A: C7 43 44 00 00 80 3E - mov [rbx+44],3E800000
// ---------- INJECTING HERE ----------
"AoT.exe"+339451: F3 41 0F 10 85 1C 18 00 00 - movss xmm0,[r13+0000181C]
// ---------- DONE INJECTING ----------
"AoT.exe"+33945A: F3 41 0F 10 8D 20 18 00 00 - movss xmm1,[r13+00001820]
"AoT.exe"+339463: F3 0F 11 45 FC - movss [rbp-04],xmm0
"AoT.exe"+339468: F3 0F 11 4D 00 - movss [rbp+00],xmm1
"AoT.exe"+33946D: 45 33 F6 - xor r14d,r14d
"AoT.exe"+339470: 45 84 C9 - test r9l,r9l
"AoT.exe"+339473: 75 1B - jne AoT.exe+339490
"AoT.exe"+339475: 41 0F 28 C0 - movaps xmm0,xmm8
"AoT.exe"+339479: F3 0F 58 43 40 - addss xmm0,[rbx+40]
"AoT.exe"+33947E: 0F 2F 05 67 01 75 00 - comiss xmm0,[AoT.exe+A895EC]
"AoT.exe"+339485: F3 0F 11 43 40 - movss [rbx+40],xmm0
}
//Focus Gauge
focusgauge_aob:
db F3 0F 10 81 38 18 00 00
unregistersymbol(focusgauge_aob)
dealloc(focusgauge_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+6CE49
"AoT.exe"+6CE20: 48 89 5C 24 08 - mov [rsp+08],rbx
"AoT.exe"+6CE25: 57 - push rdi
"AoT.exe"+6CE26: 48 83 EC 20 - sub rsp,20
"AoT.exe"+6CE2A: 8B 81 C0 57 00 00 - mov eax,[rcx+000057C0]
"AoT.exe"+6CE30: 33 FF - xor edi,edi
"AoT.exe"+6CE32: 48 8B D9 - mov rbx,rcx
"AoT.exe"+6CE35: A8 08 - test al,08
"AoT.exe"+6CE37: 0F 85 4F 01 00 00 - jne AoT.exe+6CF8C
"AoT.exe"+6CE3D: 39 B9 30 18 00 00 - cmp [rcx+00001830],edi
"AoT.exe"+6CE43: 0F 84 B7 00 00 00 - je AoT.exe+6CF00
// ---------- INJECTING HERE ----------
"AoT.exe"+6CE49: F3 0F 10 81 38 18 00 00 - movss xmm0,[rcx+00001838]
// ---------- DONE INJECTING ----------
"AoT.exe"+6CE51: 0F 5A C0 - cvtps2pd xmm0,xmm0
"AoT.exe"+6CE54: 66 0F 54 05 B4 DC A1 00 - andpd xmm0,[AoT.exe+A8AB10]
"AoT.exe"+6CE5C: 66 0F 5A C8 - cvtpd2ps xmm1,xmm0
"AoT.exe"+6CE60: F3 0F 10 05 4C C1 A1 00 - movss xmm0,[AoT.exe+A88FB4]
"AoT.exe"+6CE68: 0F 2F C1 - comiss xmm0,xmm1
"AoT.exe"+6CE6B: 77 6A - ja AoT.exe+6CED7
"AoT.exe"+6CE6D: 48 B8 00 00 00 00 20 00 00 00 - mov rax,0000002000000000
"AoT.exe"+6CE77: 48 85 81 08 1A 00 00 - test [rcx+00001A08],rax
"AoT.exe"+6CE7E: 77 57 - ja AoT.exe+6CED7
"AoT.exe"+6CE80: 48 8B 81 58 41 00 00 - mov rax,[rcx+00004158]
}
//Cannon Ammo
cannonammo_aob:
db 66 83 BF 86 01 00 00 00
unregistersymbol(cannonammo_aob)
dealloc(cannonammo_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+FA82
"AoT.exe"+FA5D: 48 8B CF - mov rcx,rdi
"AoT.exe"+FA60: E8 5B E1 27 00 - call AoT.exe+28DBC0
"AoT.exe"+FA65: 85 C0 - test eax,eax
"AoT.exe"+FA67: 74 3F - je AoT.exe+FAA8
"AoT.exe"+FA69: 48 8B 47 30 - mov rax,[rdi+30]
"AoT.exe"+FA6D: 8B 4F 38 - mov ecx,[rdi+38]
"AoT.exe"+FA70: 48 8B 80 B0 00 00 00 - mov rax,[rax+000000B0]
"AoT.exe"+FA77: 48 C1 E1 07 - shl rcx,07
"AoT.exe"+FA7B: F6 44 01 10 10 - test byte ptr [rcx+rax+10],10
"AoT.exe"+FA80: 74 26 - je AoT.exe+FAA8
// ---------- INJECTING HERE ----------
"AoT.exe"+FA82: 66 83 BF 86 01 00 00 00 - cmp word ptr [rdi+00000186],00
// ---------- DONE INJECTING ----------
"AoT.exe"+FA8A: 75 2F - jne AoT.exe+FABB
"AoT.exe"+FA8C: 33 FF - xor edi,edi
"AoT.exe"+FA8E: 0F 2F BB A0 40 00 00 - comiss xmm7,[rbx+000040A0]
"AoT.exe"+FA95: 72 26 - jb AoT.exe+FABD
"AoT.exe"+FA97: 48 83 8B C8 43 00 00 10 - or qword ptr [rbx+000043C8],10
"AoT.exe"+FA9F: 66 89 BB EC 44 00 00 - mov [rbx+000044EC],di
"AoT.exe"+FAA6: EB 15 - jmp AoT.exe+FABD
"AoT.exe"+FAA8: 33 FF - xor edi,edi
"AoT.exe"+FAAA: 66 89 BB EC 44 00 00 - mov [rbx+000044EC],di
"AoT.exe"+FAB1: 48 83 8B C8 43 00 00 10 - or qword ptr [rbx+000043C8],10
}
5738
"Infinite Chain Dash"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(chaindash_aob,AoT.exe,66 89 86 F4 44 00 00)
registersymbol(chaindash_aob)
chaindash_aob:
nop
nop
nop
nop
nop
nop
nop
aobscanmodule(chaindash2_aob,AoT.exe,66 89 86 8A 43 00 00)
registersymbol(chaindash2_aob)
chaindash2_aob:
nop
nop
nop
nop
nop
nop
nop
[DISABLE]
chaindash_aob:
db 66 89 86 F4 44 00 00
unregistersymbol(chaindash_aob)
dealloc(chaindash_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+961AB
"AoT.exe"+96182: 0F B7 91 AC 00 00 00 - movzx edx,word ptr [rcx+000000AC]
"AoT.exe"+96189: 48 0F BA E0 19 - bt rax,19
"AoT.exe"+9618E: 73 11 - jae AoT.exe+961A1
"AoT.exe"+96190: 80 79 3A 18 - cmp byte ptr [rcx+3A],18
"AoT.exe"+96194: 75 0B - jne AoT.exe+961A1
"AoT.exe"+96196: 66 83 FA 01 - cmp dx,01
"AoT.exe"+9619A: 7E 05 - jle AoT.exe+961A1
"AoT.exe"+9619C: BA 01 00 00 00 - mov edx,00000001
"AoT.exe"+961A1: 0F B7 86 8A 43 00 00 - movzx eax,word ptr [rsi+0000438A]
"AoT.exe"+961A8: 0F BF C8 - movsx ecx,ax
// ---------- INJECTING HERE ----------
"AoT.exe"+961AB: 66 89 86 F4 44 00 00 - mov [rsi+000044F4],ax
// ---------- DONE INJECTING ----------
"AoT.exe"+961B2: 0F BF C2 - movsx eax,dx
"AoT.exe"+961B5: 2B C8 - sub ecx,eax
"AoT.exe"+961B7: 0F BF 86 88 43 00 00 - movsx eax,word ptr [rsi+00004388]
"AoT.exe"+961BE: 3B C8 - cmp ecx,eax
"AoT.exe"+961C0: 7D 07 - jnl AoT.exe+961C9
"AoT.exe"+961C2: 8B C1 - mov eax,ecx
"AoT.exe"+961C4: 85 C9 - test ecx,ecx
"AoT.exe"+961C6: 0F 4E C5 - cmovle eax,ebp
"AoT.exe"+961C9: 66 89 86 8A 43 00 00 - mov [rsi+0000438A],ax
"AoT.exe"+961D0: 48 8B 5C 24 30 - mov rbx,[rsp+30]
}
chaindash2_aob:
db 66 89 86 8A 43 00 00
unregistersymbol(chaindash2_aob)
dealloc(chaindash2_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+961C9
"AoT.exe"+961A8: 0F BF C8 - movsx ecx,ax
"AoT.exe"+961AB: 66 89 86 F4 44 00 00 - mov [rsi+000044F4],ax
"AoT.exe"+961B2: 0F BF C2 - movsx eax,dx
"AoT.exe"+961B5: 2B C8 - sub ecx,eax
"AoT.exe"+961B7: 0F BF 86 88 43 00 00 - movsx eax,word ptr [rsi+00004388]
"AoT.exe"+961BE: 3B C8 - cmp ecx,eax
"AoT.exe"+961C0: 7D 07 - jnl AoT.exe+961C9
"AoT.exe"+961C2: 8B C1 - mov eax,ecx
"AoT.exe"+961C4: 85 C9 - test ecx,ecx
"AoT.exe"+961C6: 0F 4E C5 - cmovle eax,ebp
// ---------- INJECTING HERE ----------
"AoT.exe"+961C9: 66 89 86 8A 43 00 00 - mov [rsi+0000438A],ax
// ---------- DONE INJECTING ----------
"AoT.exe"+961D0: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"AoT.exe"+961D5: 48 8B 6C 24 38 - mov rbp,[rsp+38]
"AoT.exe"+961DA: 48 8B 74 24 40 - mov rsi,[rsp+40]
"AoT.exe"+961DF: 48 83 C4 20 - add rsp,20
"AoT.exe"+961E3: 5F - pop rdi
"AoT.exe"+961E4: C3 - ret
"AoT.exe"+961E5: CC - int 3
"AoT.exe"+961E6: CC - int 3
"AoT.exe"+961E7: CC - int 3
"AoT.exe"+961E8: CC - int 3
}
14
"Blade Gauge Set to Max?"
FF8000
4 Bytes
bladegauge_set
6
"Gas Gauge Set to Max?"
FF8000
4 Bytes
gasgauge_set
213
"Anchor Gauge Set to Max?"
FF8000
4 Bytes
anchorgauge_set
218
"Focus Chance Set to Max?"
FF8000
4 Bytes
focuschance_set
222
"Focus Gauge Set to Max?"
FF8000
4 Bytes
focusgauge_set
262
"Decisive Battle Signal Meter Set to Max?"
FF8000
4 Bytes
decisivegauge_set
270
"Titan Health Gauge Set to Max?"
FF8000
4 Bytes
titanhealth_set
269
"Titan Rage Meter Set to Max?"
FF8000
4 Bytes
titanrage_set
1180
"Horse Stamina Gauge Set to Max?"
FF8000
4 Bytes
horsestamina_set
2697
"Cannon Ammo Set to Max?"
FF8000
4 Bytes
cannonammo_set
7
"Battle Gauge Stats"
1
8
"Anchor Strength Left"
Float
battlegauge_base
181C
211
"Anchor Strength Max"
Float
battlegauge_base
1820
220
"Focus Gauge Left"
Float
battlegauge_base
1838
224
"Focus Gauge Max"
Float
battlegauge_base
183C
223
"Focus Chance Left (-1)"
2 Bytes
battlegauge_base
184C
221
"Focus Chance Max (-1)"
2 Bytes
battlegauge_base
184E
261
"Decisive Battle Signal Meter (Max: 18000)"
Float
battlegauge_base
1980
2685
"Decisive Battle Signal Level"
Byte
battlegauge_base
1984
210
"Blade Gauge Left"
Float
battlegauge_base
1998
10
"Blade Gauge Max"
Float
battlegauge_base
199C
15
"Gas Gauge Left"
Float
battlegauge_base
19B0
16
"Gas Gauge Max"
Float
battlegauge_base
19B4
268
"Titan Health Gauge Max"
4 Bytes
battlegauge_base
17F0
264
"Titan Health Gauge Left"
Float
battlegauge_base
17F4
271
"Titan Health Gauge Left"
Float
battlegauge_base
17F8
267
"Titan Rage Meter (Max: 1000)"
2 Bytes
battlegauge_base
1AF4
1178
"Horse Stamina Left"
Float
battlegauge_base
B23C
1179
"Horse Stamina Max"
Float
battlegauge_base
B240
255
"[DEVELOPER USE]"
1
229
"Subjugations"
2 Bytes
battlegauge_base
19F0
230
"Subjugations"
2 Bytes
battlegauge_base
7C6F3C
232
"Subjugations"
2 Bytes
battlegauge_base
7C6F6A
231
"Subjugations"
2 Bytes
battlegauge_base
AAD5DE8
246
"(Copied) Battle Outcome - Subjugations"
2 Bytes
battlegauge_base
B290478
254
"(Copied) Battle Outcome - Missions Completed"
2 Bytes
battlegauge_base
B290484
247
"(Copied) Battle Outcome - Subjugation Rating"
2 Bytes
battlegauge_base
B2904A0
248
"(Copied) Battle Outcome - Base Rating"
2 Bytes
battlegauge_base
B2904A4
250
"(Copied) Battle Outcome - Special Rating"
2 Bytes
battlegauge_base
B2904A8
249
"(Copied) Battle Outcome - Total Rating"
2 Bytes
battlegauge_base
B2904AC
243
"(Displayed) Battle Outcome - Missions Completed"
4 Bytes
battlegauge_base
B291E60
252
"(Displayed) Battle Outcome - Subjugations"
4 Bytes
battlegauge_base
B291E74
253
"(Displayed) Battle Outcome - Battle Time (in Seconds)"
4 Bytes
battlegauge_base
B291E88
251
"(Displayed) Battle Outcome - Base Rating"
4 Bytes
battlegauge_base
B291E9C
239
"(Displayed) Battle Outcome - Subjugation Rating"
4 Bytes
battlegauge_base
B291EB0
245
"(Displayed) Battle Outcome - Special Rating"
4 Bytes
battlegauge_base
B291EC4
244
"(Displayed) Battle Outcome - Total Rating"
4 Bytes
battlegauge_base
B291ED8
242
"(Displayed) Received Rewards - Subjugation Reward"
4 Bytes
battlegauge_base
B2924DC
22
"Battle Item Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(battleitem_base,8,"AoT.exe")
alloc(restorativeitem_set,4,"AoT.exe")
alloc(gasitem_set,4,"AoT.exe")
alloc(bladeitem_set,4,"AoT.exe")
alloc(flashgdeitem_set,4,"AoT.exe")
alloc(soundgdeitem_set,4,"AoT.exe")
alloc(firebmbitem_set,4,"AoT.exe")
registersymbol(battleitem_base)
registersymbol(restorativeitem_set)
registersymbol(gasitem_set)
registersymbol(bladeitem_set)
registersymbol(flashgdeitem_set)
registersymbol(soundgdeitem_set)
registersymbol(firebmbitem_set)
[DISABLE]
dealloc(battleitem_base)
dealloc(restorativeitem_set)
dealloc(gasitem_set)
dealloc(bladeitem_set)
dealloc(flashgdeitem_set)
dealloc(soundgdeitem_set)
dealloc(firebmbitem_set)
unregistersymbol(battleitem_base)
unregistersymbol(restorativeitem_set)
unregistersymbol(gasitem_set)
unregistersymbol(bladeitem_set)
unregistersymbol(flashgdeitem_set)
unregistersymbol(soundgdeitem_set)
unregistersymbol(firebmbitem_set)
23
"Battle Items Base Address Scan (To Update: Battle)"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(battleitem_aob,AoT.exe,41 0F B7 84 12 D8 01 00 00)
registersymbol(battleitem_aob)
alloc(battleitem_newmem,$1000,"AoT.exe"+318CE0)
label(battleitem_originalcode)
label(battleitem_return)
battleitem_newmem:
push rax
cmp rcx,#0 //First Slot
jne battleitem_originalcode
lea rax,[r10+rdx+1D8]
mov [battleitem_base],rax
@@:
cmp [restorativeitem_set],#0
je @f
mov word ptr [r10+rdx+1D8],#10
@@:
cmp [gasitem_set],#0
je @f
mov word ptr [r10+rdx+1DA],#10
@@:
cmp [bladeitem_set],#0
je @f
mov word ptr [r10+rdx+1DC],#10
@@:
cmp [flashgdeitem_set],#0
je @f
mov word ptr [r10+rdx+1DE],#10
@@:
cmp [soundgdeitem_set],#0
je @f
mov word ptr [r10+rdx+1E0],#10
@@:
cmp [firebmbitem_set],#0
je @f
mov word ptr [r10+rdx+1E2],#10
battleitem_originalcode:
pop rax
movzx eax,word ptr [r10+rdx+000001D8]
jmp battleitem_return
battleitem_aob:
jmp battleitem_newmem
nop
nop
nop
nop
battleitem_return:
[DISABLE]
battleitem_aob:
db 41 0F B7 84 12 D8 01 00 00
unregistersymbol(battleitem_aob)
dealloc(battleitem_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+318CE0
"AoT.exe"+318CB6: 48 8D 0C 89 - lea rcx,[rcx+rcx*4]
"AoT.exe"+318CBA: 48 8D 0C 48 - lea rcx,[rax+rcx*2]
"AoT.exe"+318CBE: 8B 84 8A 30 B3 00 00 - mov eax,[rdx+rcx*4+0000B330]
"AoT.exe"+318CC5: 88 44 24 20 - mov [rsp+20],al
"AoT.exe"+318CC9: 48 8D 44 24 22 - lea rax,[rsp+22]
"AoT.exe"+318CCE: 41 8B CB - mov ecx,r11d
"AoT.exe"+318CD1: 4C 8D 43 49 - lea r8,[rbx+49]
"AoT.exe"+318CD5: 48 8D 54 24 22 - lea rdx,[rsp+22]
"AoT.exe"+318CDA: 4C 2B D0 - sub r10,rax
"AoT.exe"+318CDD: 0F 1F 00 - nop [rax]
// ---------- INJECTING HERE ----------
"AoT.exe"+318CE0: 41 0F B7 84 12 D8 01 00 00 - movzx eax,word ptr [r10+rdx+000001D8]
// ---------- DONE INJECTING ----------
"AoT.exe"+318CE9: 45 0F B6 08 - movzx r9d,byte ptr [r8]
"AoT.exe"+318CED: 66 89 02 - mov [rdx],ax
"AoT.exe"+318CF0: 66 41 3B C1 - cmp ax,r9w
"AoT.exe"+318CF4: 76 13 - jna AoT.exe+318D09
"AoT.exe"+318CF6: 0F B6 44 24 20 - movzx eax,byte ptr [rsp+20]
"AoT.exe"+318CFB: 3B C1 - cmp eax,ecx
"AoT.exe"+318CFD: 75 2F - jne AoT.exe+318D2E
"AoT.exe"+318CFF: 48 C7 43 58 0A D7 23 3C - mov [rbx+58],3C23D70A
"AoT.exe"+318D07: EB 25 - jmp AoT.exe+318D2E
"AoT.exe"+318D09: 73 29 - jae AoT.exe+318D34
}
24
"Restorative Set to Max?"
FF8000
4 Bytes
restorativeitem_set
38
"Gas Set to Max?"
FF8000
4 Bytes
gasitem_set
25
"Blade Set to Max?"
FF8000
4 Bytes
bladeitem_set
41
"Flash Grenade Set to Max?"
FF8000
4 Bytes
flashgdeitem_set
40
"Sound Grenade Set to Max?"
FF8000
4 Bytes
soundgdeitem_set
39
"Firebomb Set to Max?"
FF8000
4 Bytes
firebmbitem_set
26
"Battle Items Stats"
1
27
"Restorative"
2 Bytes
battleitem_base
0
37
"Gas"
2 Bytes
battleitem_base
2
36
"Blade"
2 Bytes
battleitem_base
4
35
"Flash Grenade"
2 Bytes
battleitem_base
6
34
"Sound Grenade"
2 Bytes
battleitem_base
8
33
"Firebomb"
2 Bytes
battleitem_base
A
42
"Battle Timer Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(battletime_base,8,"AoT.exe")
registersymbol(battletime_base)
[DISABLE]
dealloc(battletime_base)
unregistersymbol(battletime_base)
43
"Battle Timer Base Address Scan (To Update: Battle)"
800000
Auto Assembler Script
[ENABLE]
luacall(lua_aobscan("battletime_aob","AoT.exe","F3 0F 11 40 10 EB",2))
alloc(battletime_newmem,1024,AoT.exe)
label(battletime_return)
battletime_newmem:
mov [battletime_base],rax
@@:
movss [rax+10],xmm0
jmp battletime_return
battletime_aob:
jmp battletime_newmem
battletime_return:
[DISABLE]
battletime_aob:
db F3 0F 11 40 10
unregistersymbol(battletime_aob)
dealloc(battletime_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+20959A
"AoT.exe"+20957C: 33 D2 - xor edx,edx
"AoT.exe"+20957E: 0F 57 D2 - xorps xmm2,xmm2
"AoT.exe"+209581: 49 8B 00 - mov rax,[r8]
"AoT.exe"+209584: 8B 48 0C - mov ecx,[rax+0C]
"AoT.exe"+209587: 83 F9 01 - cmp ecx,01
"AoT.exe"+20958A: 75 15 - jne AoT.exe+2095A1
"AoT.exe"+20958C: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+209591: 0F 2F D8 - comiss xmm3,xmm0
"AoT.exe"+209594: 76 2D - jna AoT.exe+2095C3
"AoT.exe"+209596: F3 0F 58 C1 - addss xmm0,xmm1
// ---------- INJECTING HERE ----------
"AoT.exe"+20959A: F3 0F 11 40 10 - movss [rax+10],xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+20959F: EB 22 - jmp AoT.exe+2095C3
"AoT.exe"+2095A1: 83 F9 02 - cmp ecx,02
"AoT.exe"+2095A4: 75 1D - jne AoT.exe+2095C3
"AoT.exe"+2095A6: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+2095AB: 0F 2F C2 - comiss xmm0,xmm2
"AoT.exe"+2095AE: 76 09 - jna AoT.exe+2095B9
"AoT.exe"+2095B0: F3 0F 5C C1 - subss xmm0,xmm1
"AoT.exe"+2095B4: F3 0F 11 40 10 - movss [rax+10],xmm0
"AoT.exe"+2095B9: 0F 2F 50 10 - comiss xmm2,[rax+10]
"AoT.exe"+2095BD: 72 04 - jb AoT.exe+2095C3
}
46
"Disable Battle Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(battletime_disable_searchedaob,AoT.exe,76 2D F3 0F 58 C1)
label(battletime_disable_aob)
registersymbol(battletime_disable_aob)
battletime_disable_searchedaob+2:
battletime_disable_aob:
nop
nop
nop
nop
[DISABLE]
battletime_disable_aob:
db F3 0F 58 C1
unregistersymbol(battletime_disable_aob)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+209596
"AoT.exe"+209574: F3 0F 10 1D 18 07 88 00 - movss xmm3,[AoT.exe+A89C94]
"AoT.exe"+20957C: 33 D2 - xor edx,edx
"AoT.exe"+20957E: 0F 57 D2 - xorps xmm2,xmm2
"AoT.exe"+209581: 49 8B 00 - mov rax,[r8]
"AoT.exe"+209584: 8B 48 0C - mov ecx,[rax+0C]
"AoT.exe"+209587: 83 F9 01 - cmp ecx,01
"AoT.exe"+20958A: 75 15 - jne AoT.exe+2095A1
"AoT.exe"+20958C: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+209591: 0F 2F D8 - comiss xmm3,xmm0
"AoT.exe"+209594: 76 2D - jna AoT.exe+2095C3
// ---------- INJECTING HERE ----------
"AoT.exe"+209596: F3 0F 58 C1 - addss xmm0,xmm1
"AoT.exe"+20959A: E9 61 6A BD FF - jmp 7FF7F60D0000
// ---------- DONE INJECTING ----------
"AoT.exe"+20959F: EB 22 - jmp AoT.exe+2095C3
"AoT.exe"+2095A1: 83 F9 02 - cmp ecx,02
"AoT.exe"+2095A4: 75 1D - jne AoT.exe+2095C3
"AoT.exe"+2095A6: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+2095AB: 0F 2F C2 - comiss xmm0,xmm2
"AoT.exe"+2095AE: 76 09 - jna AoT.exe+2095B9
"AoT.exe"+2095B0: F3 0F 5C C1 - subss xmm0,xmm1
"AoT.exe"+2095B4: F3 0F 11 40 10 - movss [rax+10],xmm0
"AoT.exe"+2095B9: 0F 2F 50 10 - comiss xmm2,[rax+10]
"AoT.exe"+2095BD: 72 04 - jb AoT.exe+2095C3
}
48
"Disable Mission Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(missiontime_disable_aob,AoT.exe,F3 0F 5C C1 F3 0F 11 40 10)
registersymbol(missiontime_disable_aob)
missiontime_disable_aob:
nop
nop
nop
nop
[DISABLE]
missiontime_disable_aob:
db F3 0F 5C C1
unregistersymbol(missiontime_disable_aob)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2095B0
"AoT.exe"+209597: 90 - nop
"AoT.exe"+209598: 90 - nop
"AoT.exe"+209599: 90 - nop
"AoT.exe"+20959A: E9 61 6A B9 FF - jmp 7FF7F6090000
"AoT.exe"+20959F: EB 22 - jmp AoT.exe+2095C3
"AoT.exe"+2095A1: 83 F9 02 - cmp ecx,02
"AoT.exe"+2095A4: 75 1D - jne AoT.exe+2095C3
"AoT.exe"+2095A6: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+2095AB: 0F 2F C2 - comiss xmm0,xmm2
"AoT.exe"+2095AE: 76 09 - jna AoT.exe+2095B9
// ---------- INJECTING HERE ----------
"AoT.exe"+2095B0: F3 0F 5C C1 - subss xmm0,xmm1
"AoT.exe"+2095B4: F3 0F 11 40 10 - movss [rax+10],xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+2095B9: 0F 2F 50 10 - comiss xmm2,[rax+10]
"AoT.exe"+2095BD: 72 04 - jb AoT.exe+2095C3
"AoT.exe"+2095BF: 48 89 50 0C - mov [rax+0C],rdx
"AoT.exe"+2095C3: 49 8B 49 30 - mov rcx,[r9+30]
"AoT.exe"+2095C7: 49 8B 41 40 - mov rax,[r9+40]
"AoT.exe"+2095CB: 49 83 C0 08 - add r8,08
"AoT.exe"+2095CF: 48 8D 0C C8 - lea rcx,[rax+rcx*8]
"AoT.exe"+2095D3: 49 3B C8 - cmp rcx,r8
"AoT.exe"+2095D6: 75 A9 - jne AoT.exe+209581
"AoT.exe"+2095D8: F3 C3 - repe ret
}
7244
"Zero Mission Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(missiontime_disable_aob,AoT.exe,F3 0F 5C C1 F3 0F 11 40 10)
registersymbol(missiontime_disable_aob)
missiontime_disable_aob:
mov [rax+10],#0
nop
nop
[DISABLE]
missiontime_disable_aob:
db F3 0F 5C C1 F3 0F 11 40 10
unregistersymbol(missiontime_disable_aob)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2095B0
"AoT.exe"+209597: 90 - nop
"AoT.exe"+209598: 90 - nop
"AoT.exe"+209599: 90 - nop
"AoT.exe"+20959A: E9 61 6A B9 FF - jmp 7FF7F6090000
"AoT.exe"+20959F: EB 22 - jmp AoT.exe+2095C3
"AoT.exe"+2095A1: 83 F9 02 - cmp ecx,02
"AoT.exe"+2095A4: 75 1D - jne AoT.exe+2095C3
"AoT.exe"+2095A6: F3 0F 10 40 10 - movss xmm0,[rax+10]
"AoT.exe"+2095AB: 0F 2F C2 - comiss xmm0,xmm2
"AoT.exe"+2095AE: 76 09 - jna AoT.exe+2095B9
// ---------- INJECTING HERE ----------
"AoT.exe"+2095B0: F3 0F 5C C1 - subss xmm0,xmm1
"AoT.exe"+2095B4: F3 0F 11 40 10 - movss [rax+10],xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+2095B9: 0F 2F 50 10 - comiss xmm2,[rax+10]
"AoT.exe"+2095BD: 72 04 - jb AoT.exe+2095C3
"AoT.exe"+2095BF: 48 89 50 0C - mov [rax+0C],rdx
"AoT.exe"+2095C3: 49 8B 49 30 - mov rcx,[r9+30]
"AoT.exe"+2095C7: 49 8B 41 40 - mov rax,[r9+40]
"AoT.exe"+2095CB: 49 83 C0 08 - add r8,08
"AoT.exe"+2095CF: 48 8D 0C C8 - lea rcx,[rax+rcx*8]
"AoT.exe"+2095D3: 49 3B C8 - cmp rcx,r8
"AoT.exe"+2095D6: 75 A9 - jne AoT.exe+209581
"AoT.exe"+2095D8: F3 C3 - repe ret
}
2690
"Disable Side Mission Available Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(sidemissiontime_aob,AoT.exe,F3 0F 5C C1 F3 0F 10 0D * * * * 0F)
registersymbol(sidemissiontime_aob)
sidemissiontime_aob:
nop
nop
nop
nop
[DISABLE]
sidemissiontime_aob:
db F3 0F 5C C1
unregistersymbol(sidemissiontime_aob)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+207ACA
"AoT.exe"+207AA4: 48 89 70 18 - mov [rax+18],rsi
"AoT.exe"+207AA8: 48 89 78 F0 - mov [rax-10],rdi
"AoT.exe"+207AAC: 4C 89 60 E8 - mov [rax-18],r12
"AoT.exe"+207AB0: 0F 57 C0 - xorps xmm0,xmm0
"AoT.exe"+207AB3: 4C 89 78 D8 - mov [rax-28],r15
"AoT.exe"+207AB7: 45 33 FF - xor r15d,r15d
"AoT.exe"+207ABA: 45 8D 67 02 - lea r12d,[r15+02]
"AoT.exe"+207ABE: 0F 2F D0 - comiss xmm2,xmm0
"AoT.exe"+207AC1: 0F 86 EE 03 00 00 - jbe AoT.exe+207EB5
"AoT.exe"+207AC7: 0F 28 C2 - movaps xmm0,xmm2
// ---------- INJECTING HERE ----------
"AoT.exe"+207ACA: F3 0F 5C C1 - subss xmm0,xmm1
"AoT.exe"+207ACE: F3 0F 10 0D 72 1D 88 00 - movss xmm1,[AoT.exe+A89848]
// ---------- DONE INJECTING ----------
"AoT.exe"+207AD6: 0F 2F D1 - comiss xmm2,xmm1
"AoT.exe"+207AD9: F3 0F 11 81 F4 00 00 00 - movss [rcx+000000F4],xmm0
"AoT.exe"+207AE1: 0F 86 CE 03 00 00 - jbe AoT.exe+207EB5
"AoT.exe"+207AE7: 0F 2F C8 - comiss xmm1,xmm0
"AoT.exe"+207AEA: 0F 82 C5 03 00 00 - jb AoT.exe+207EB5
"AoT.exe"+207AF0: 44 38 B9 8F 00 00 00 - cmp [rcx+0000008F],r15l
"AoT.exe"+207AF7: 74 24 - je AoT.exe+207B1D
"AoT.exe"+207AF9: FF 15 39 F8 9E 00 - call qword ptr [AoT.exe+BF7338]
"AoT.exe"+207AFF: 85 C0 - test eax,eax
"AoT.exe"+207B01: 0F 84 AE 03 00 00 - je AoT.exe+207EB5
}
2688
"Disable Escape Titan Grab Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(escapegrabtime_aob,AoT.exe,F3 0F 5C C6 0F 2F F8 F3 0F 11 83)
registersymbol(escapegrabtime_aob)
escapegrabtime_aob:
nop
nop
nop
nop
[DISABLE]
escapegrabtime_aob:
db F3 0F 5C C6
unregistersymbol(escapegrabtime_aob)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+5193F
"AoT.exe"+51906: 89 74 24 28 - mov [rsp+28],esi
"AoT.exe"+5190A: E8 C1 02 00 00 - call AoT.exe+51BD0
"AoT.exe"+5190F: 66 83 BB 50 45 00 00 0C - cmp word ptr [rbx+00004550],0C
"AoT.exe"+51917: 75 4F - jne AoT.exe+51968
"AoT.exe"+51919: 41 F6 85 50 3C 00 00 08 - test byte ptr [r13+00003C50],08
"AoT.exe"+51921: 75 45 - jne AoT.exe+51968
"AoT.exe"+51923: 66 44 39 A3 7C 1E 00 00 - cmp [rbx+00001E7C],r12w
"AoT.exe"+5192B: 7C 3B - jl AoT.exe+51968
"AoT.exe"+5192D: F3 0F 10 83 78 1E 00 00 - movss xmm0,[rbx+00001E78]
"AoT.exe"+51935: 48 BD 00 00 00 00 08 00 00 00 - mov rbp,0000000800000000
// ---------- INJECTING HERE ----------
"AoT.exe"+5193F: F3 0F 5C C6 - subss xmm0,xmm6
"AoT.exe"+51943: 0F 2F F8 - comiss xmm7,xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+51946: F3 0F 11 83 78 1E 00 00 - movss [rbx+00001E78],xmm0
"AoT.exe"+5194E: 76 22 - jna AoT.exe+51972
"AoT.exe"+51950: 83 C8 FF - or eax,-01
"AoT.exe"+51953: 66 89 87 7C 1E 00 00 - mov [rdi+00001E7C],ax
"AoT.exe"+5195A: EB 16 - jmp AoT.exe+51972
"AoT.exe"+5195C: F3 0F 5C C6 - subss xmm0,xmm6
"AoT.exe"+51960: F3 0F 11 83 64 44 00 00 - movss [rbx+00004464],xmm0
"AoT.exe"+51968: 48 BD 00 00 00 00 08 00 00 00 - mov rbp,0000000800000000
"AoT.exe"+51972: 44 39 25 E7 E0 B9 00 - cmp [AoT.exe+BEFA60],r12d
"AoT.exe"+51979: 75 09 - jne AoT.exe+51984
}
2696
"Disable Cannon Reload Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(cannontimer_aob,AoT.exe,F3 0F 11 83 A0 40 00 00)
registersymbol(cannontimer_aob)
alloc(cannontimer_newmem,1024,AoT.exe)
label(cannontimer_return)
cannontimer_newmem:
mov [rbx+000040A0],#0
jmp cannontimer_return
cannontimer_aob:
jmp cannontimer_newmem
nop
nop
nop
cannontimer_return:
[DISABLE]
cannontimer_aob:
db F3 0F 11 83 A0 40 00 00
unregistersymbol(cannontimer_aob)
dealloc(cannontimer_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+F885
"AoT.exe"+F85F: 48 85 C0 - test rax,rax
"AoT.exe"+F862: 74 0A - je AoT.exe+F86E
"AoT.exe"+F864: 66 83 B8 C8 00 00 00 7A - cmp word ptr [rax+000000C8],7A
"AoT.exe"+F86C: 74 14 - je AoT.exe+F882
"AoT.exe"+F86E: F3 0F 10 83 A0 40 00 00 - movss xmm0,[rbx+000040A0]
"AoT.exe"+F876: F3 0F 5C C6 - subss xmm0,xmm6
"AoT.exe"+F87A: 0F 2F F8 - comiss xmm7,xmm0
"AoT.exe"+F87D: 72 03 - jb AoT.exe+F882
"AoT.exe"+F87F: 0F 28 C7 - movaps xmm0,xmm7
"AoT.exe"+F882: 48 8B CB - mov rcx,rbx
// ---------- INJECTING HERE ----------
"AoT.exe"+F885: F3 0F 11 83 A0 40 00 00 - movss [rbx+000040A0],xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+F88D: E8 1E 73 05 00 - call AoT.exe+66BB0
"AoT.exe"+F892: 85 C0 - test eax,eax
"AoT.exe"+F894: 0F 85 1C 01 00 00 - jne AoT.exe+F9B6
"AoT.exe"+F89A: 49 8D 85 D0 00 00 00 - lea rax,[r13+000000D0]
"AoT.exe"+F8A1: 4C 89 44 24 40 - mov [rsp+40],r8
"AoT.exe"+F8A6: 48 8D 54 24 50 - lea rdx,[rsp+50]
"AoT.exe"+F8AB: 41 0F 28 DA - movaps xmm3,xmm10
"AoT.exe"+F8AF: F3 44 0F 11 4C 24 20 - movss [rsp+20],xmm9
"AoT.exe"+F8B6: 48 8D 4C 24 40 - lea rcx,[rsp+40]
"AoT.exe"+F8BB: 4C 8B C3 - mov r8,rbx
}
7248
"Disable Team Order Timer"
800000
Auto Assembler Script
[ENABLE]
aobscanmodule(teamtimer_aob,AoT.exe,F3 0F 11 81 D0 00 00 00 4C)
registersymbol(teamtimer_aob)
alloc(teamtimer_newmem,1024,AoT.exe)
label(teamtimer_return)
teamtimer_newmem:
mov [rcx+000000D0],#0
jmp teamtimer_return
teamtimer_aob:
jmp teamtimer_newmem
nop
nop
nop
teamtimer_return:
aobscanmodule(teamtimer2_aob,AoT.exe,F3 0F 11 90 D0 00 00 00)
registersymbol(teamtimer2_aob)
alloc(teamtimer2_newmem,1024,AoT.exe)
label(teamtimer2_return)
teamtimer2_newmem:
mov [rax+000000D0],#0
jmp teamtimer2_return
teamtimer2_aob:
jmp teamtimer2_newmem
nop
nop
nop
teamtimer2_return:
[DISABLE]
teamtimer_aob:
db F3 0F 11 81 D0 00 00 00
unregistersymbol(teamtimer_aob)
dealloc(teamtimer_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+CDB3E
"AoT.exe"+CDB0C: 0F 28 C6 - movaps xmm0,xmm6
"AoT.exe"+CDB0F: F3 0F 58 82 D4 00 00 00 - addss xmm0,[rdx+000000D4]
"AoT.exe"+CDB17: F3 0F 11 82 D4 00 00 00 - movss [rdx+000000D4],xmm0
"AoT.exe"+CDB1F: 48 8B 43 08 - mov rax,[rbx+08]
"AoT.exe"+CDB23: 48 8B 88 A0 00 00 00 - mov rcx,[rax+000000A0]
"AoT.exe"+CDB2A: F3 0F 10 81 D0 00 00 00 - movss xmm0,[rcx+000000D0]
"AoT.exe"+CDB32: F3 0F 5C C6 - subss xmm0,xmm6
"AoT.exe"+CDB36: 0F 2F C1 - comiss xmm0,xmm1
"AoT.exe"+CDB39: 73 03 - jae AoT.exe+CDB3E
"AoT.exe"+CDB3B: 0F 28 C1 - movaps xmm0,xmm1
// ---------- INJECTING HERE ----------
"AoT.exe"+CDB3E: F3 0F 11 81 D0 00 00 00 - movss [rcx+000000D0],xmm0
// ---------- DONE INJECTING ----------
"AoT.exe"+CDB46: 4C 8B 43 08 - mov r8,[rbx+08]
"AoT.exe"+CDB4A: 49 8B 80 B0 00 00 00 - mov rax,[r8+000000B0]
"AoT.exe"+CDB51: 0F B6 88 B2 00 00 00 - movzx ecx,byte ptr [rax+000000B2]
"AoT.exe"+CDB58: 80 F9 04 - cmp cl,04
"AoT.exe"+CDB5B: 0F 84 8F 00 00 00 - je AoT.exe+CDBF0
"AoT.exe"+CDB61: 0F B6 C1 - movzx eax,cl
"AoT.exe"+CDB64: 83 F8 04 - cmp eax,04
"AoT.exe"+CDB67: 0F 4D C7 - cmovge eax,edi
"AoT.exe"+CDB6A: 48 63 C8 - movsxd rcx,eax
"AoT.exe"+CDB6D: 48 8B 05 54 69 B4 00 - mov rax,[AoT.exe+C144C8]
}
teamtimer2_aob:
db F3 0F 11 90 D0 00 00 00
unregistersymbol(teamtimer2_aob)
dealloc(teamtimer2_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+CDBE8
"AoT.exe"+CDBBA: 66 0F 6E C0 - movd xmm0,eax
"AoT.exe"+CDBBE: 49 8B 80 A0 00 00 00 - mov rax,[r8+000000A0]
"AoT.exe"+CDBC5: F3 0F 10 90 D0 00 00 00 - movss xmm2,[rax+000000D0]
"AoT.exe"+CDBCD: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"AoT.exe"+CDBD0: F3 0F 59 05 88 B4 9B 00 - mulss xmm0,[AoT.exe+A89060]
"AoT.exe"+CDBD8: F3 0F 59 C6 - mulss xmm0,xmm6
"AoT.exe"+CDBDC: F3 0F 5C D0 - subss xmm2,xmm0
"AoT.exe"+CDBE0: 0F 2F D1 - comiss xmm2,xmm1
"AoT.exe"+CDBE3: 73 03 - jae AoT.exe+CDBE8
"AoT.exe"+CDBE5: 0F 28 D1 - movaps xmm2,xmm1
// ---------- INJECTING HERE ----------
"AoT.exe"+CDBE8: F3 0F 11 90 D0 00 00 00 - movss [rax+000000D0],xmm2
// ---------- DONE INJECTING ----------
"AoT.exe"+CDBF0: 48 8B CB - mov rcx,rbx
"AoT.exe"+CDBF3: E8 28 12 00 00 - call AoT.exe+CEE20
"AoT.exe"+CDBF8: 48 8B 43 08 - mov rax,[rbx+08]
"AoT.exe"+CDBFC: 48 8B CB - mov rcx,rbx
"AoT.exe"+CDBFF: 48 89 38 - mov [rax],rdi
"AoT.exe"+CDC02: 48 C7 40 08 00 00 80 3F - mov [rax+08],3F800000
"AoT.exe"+CDC0A: 89 78 20 - mov [rax+20],edi
"AoT.exe"+CDC0D: 48 89 78 34 - mov [rax+34],rdi
"AoT.exe"+CDC11: 89 78 30 - mov [rax+30],edi
"AoT.exe"+CDC14: E8 D7 24 00 00 - call AoT.exe+D00F0
}
44
"Battle Time Stats"
1
45
"Battle Time Elapsed (Seconds)"
Float
battletime_base
10
47
"Mission Time Remaining (Seconds)"
Float
battletime_base
FFFFFF90
257
"Battle Outcome Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(sidemissioncount_mul,4,"AoT.exe")
alloc(subjugationcount_mul,4,"AoT.exe")
alloc(base_mul,4,"AoT.exe")
alloc(subjugation_mul,4,"AoT.exe")
alloc(special_mul,4,"AoT.exe")
registersymbol(sidemissioncount_mul)
registersymbol(subjugationcount_mul)
registersymbol(base_mul)
registersymbol(subjugation_mul)
registersymbol(special_mul)
sidemissioncount_mul:
dd 1
subjugationcount_mul:
dd 1
base_mul:
dd 1
subjugation_mul:
dd 1
special_mul:
dd 1
[DISABLE]
dealloc(sidemissioncount_mul)
dealloc(subjugationcount_mul)
dealloc(base_mul)
dealloc(subjugation_mul)
dealloc(special_mul)
unregistersymbol(sidemissioncount_mul)
unregistersymbol(subjugationcount_mul)
unregistersymbol(base_mul)
unregistersymbol(subjugation_mul)
unregistersymbol(special_mul)
256
"Battle Outcome Base Address Scan (To Update: Finish Battle)"
800000
Auto Assembler Script
[ENABLE]
//Battle Ratings
aobscanmodule(battleoutcome_aob,AoT.exe,8B 81 38 0A 00 00)
registersymbol(battleoutcome_aob)
alloc(battleoutcome_newmem,1024,AoT.exe)
label(battleoutcome_return)
battleoutcome_newmem:
push ebx
//Subjugation Rating
cmp [subjugation_mul],#1
jbe @f
mov ebx,[subjugation_mul]
mov eax,[rcx+A30]
imul eax,ebx
mov [rcx+A30],eax
//Base Rating
@@:
cmp [base_mul],#1
jbe @f
mov ebx,[base_mul]
mov eax,[rcx+A34]
imul eax,ebx
mov [rcx+A34],eax
//Special Rating
@@:
cmp [special_mul],#1
jbe @f
mov ebx,[special_mul]
mov eax,[rcx+A38]
imul eax,ebx
mov [rcx+A38],eax
@@:
pop ebx
mov eax,[rcx+00000A38]
jmp battleoutcome_return
battleoutcome_aob:
jmp battleoutcome_newmem
nop
battleoutcome_return:
//Result Page Subjugation Count
aobscanmodule(subjugationcount_aob,AoT.exe,FF C0 41 3B C0 41 0F 43 C0 45)
registersymbol(subjugationcount_aob)
alloc(subjugationcount_newmem,1024,AoT.exe)
label(subjugationcount_originalcode)
label(subjugationcount_return)
subjugationcount_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add eax,[subjugationcount_mul]
jmp subjugationcount_originalcode
@@:
inc eax
subjugationcount_originalcode:
cmp eax,r8d
jmp subjugationcount_return
subjugationcount_aob:
jmp subjugationcount_newmem
subjugationcount_return:
//Total Subjugation Count
aobscanmodule(subjugationcount2_aob,AoT.exe,FF C0 41 3B C0 41 0F 43 C0 89)
registersymbol(subjugationcount2_aob)
alloc(subjugationcount2_newmem,1024,AoT.exe)
label(subjugationcount2_originalcode)
label(subjugationcount2_return)
subjugationcount2_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add eax,[subjugationcount_mul]
jmp subjugationcount2_originalcode
@@:
inc eax
subjugationcount2_originalcode:
cmp eax,r8d
jmp subjugationcount2_return
subjugationcount2_aob:
jmp subjugationcount2_newmem
subjugationcount2_return:
//Individual Subjugation Count
aobscanmodule(subjugationcount3_aob,AoT.exe,FF C0 41 3B C0 0F)
registersymbol(subjugationcount3_aob)
alloc(subjugationcount3_newmem,1024,AoT.exe)
label(subjugationcount3_originalcode)
label(subjugationcount3_return)
subjugationcount3_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add eax,[subjugationcount_mul]
jmp subjugationcount3_originalcode
@@:
inc eax
subjugationcount3_originalcode:
cmp eax,r8d
jmp subjugationcount3_return
subjugationcount3_aob:
jmp subjugationcount3_newmem
subjugationcount3_return:
//Combo Streak
aobscanmodule(subjugationcount4_aob,AoT.exe,FF C0 3B C2 0F 43 C2 89 41 3C)
registersymbol(subjugationcount4_aob)
alloc(subjugationcount4_newmem,1024,AoT.exe)
label(subjugationcount4_originalcode)
label(subjugationcount4_return)
subjugationcount4_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add eax,[subjugationcount_mul]
jmp subjugationcount4_originalcode
@@:
inc eax
subjugationcount4_originalcode:
cmp eax,edx
cmovae eax,edx
jmp subjugationcount4_return
subjugationcount4_aob:
jmp subjugationcount4_newmem
nop
nop
subjugationcount4_return:
aobscanmodule(subjugationcount5_aob,AoT.exe,FE C0 42 88 84 07 98 02 00 00)
registersymbol(subjugationcount5_aob)
alloc(subjugationcount5_newmem,1024,AoT.exe)
label(subjugationcount5_originalcode)
label(subjugationcount5_return)
//Medal Count
subjugationcount5_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add al,[subjugationcount_mul]
jmp subjugationcount5_originalcode
@@:
inc al
subjugationcount5_originalcode:
mov [rdi+r8+00000298],al
jmp subjugationcount5_return
subjugationcount5_aob:
jmp subjugationcount5_newmem
nop
nop
nop
nop
nop
subjugationcount5_return:
//Total Subjugation Count - Special Mission Counter
aobscanmodule(subjugationcount6_aob,AoT.exe,66 03 CA 66 41 89 88 AC 00 00 00)
registersymbol(subjugationcount6_aob)
alloc(subjugationcount6_newmem,1024,AoT.exe)
label(subjugationcount6_return)
subjugationcount6_newmem:
cmp [subjugationcount_mul],#1
jbe @f
add dx,[subjugationcount_mul]
@@:
add cx,dx
mov [r8+000000AC],cx
jmp subjugationcount6_return
subjugationcount6_aob:
jmp subjugationcount6_newmem
nop
nop
nop
nop
nop
nop
subjugationcount6_return:
//Side Mission Count - Special Mission Counter
aobscanmodule(sidemissioncount_aob,AoT.exe,FE 84 18 20 08 00 00)
registersymbol(sidemissioncount_aob)
alloc(sidemissioncount_newmem,1024,AoT.exe)
label(sidemissioncount_return)
sidemissioncount_newmem:
cmp [sidemissioncount_mul],#1
jbe @f
push rcx
mov ecx,[sidemissioncount_mul]
add byte ptr [rax+rbx+00000820],cl
pop rcx
@@:
inc byte ptr [rax+rbx+00000820]
jmp sidemissioncount_return
sidemissioncount_aob:
jmp sidemissioncount_newmem
nop
nop
sidemissioncount_return:
//Side Mission Count
aobscanmodule(sidemissioncount2_aob,AoT.exe,FF C0 B9 A0 86 01 00)
registersymbol(sidemissioncount2_aob)
alloc(sidemissioncount2_newmem,1024,AoT.exe)
label(sidemissioncount2_originalcode)
label(sidemissioncount2_return)
sidemissioncount2_newmem:
cmp [sidemissioncount_mul],#1
jbe @f
add eax,[sidemissioncount_mul]
jmp sidemissioncount2_originalcode
@@:
inc eax
sidemissioncount2_originalcode:
mov ecx,000186A0
jmp sidemissioncount2_return
sidemissioncount2_aob:
jmp sidemissioncount2_newmem
nop
nop
sidemissioncount2_return:
//Side Mission Count
aobscanmodule(sidemissioncount3_aob,AoT.exe,FF C0 3B C2 0F 43 C2 89 41 34 41)
registersymbol(sidemissioncount3_aob)
alloc(sidemissioncount3_newmem,1024,AoT.exe)
label(sidemissioncount3_originalcode)
label(sidemissioncount3_return)
sidemissioncount3_newmem:
cmp [sidemissioncount_mul],#1
jbe @f
add eax,[sidemissioncount_mul]
jmp sidemissioncount3_originalcode
@@:
inc eax
sidemissioncount3_originalcode:
cmp eax,edx
cmovae eax,edx
jmp sidemissioncount3_return
sidemissioncount3_aob:
jmp sidemissioncount3_newmem
nop
nop
sidemissioncount3_return:
[DISABLE]
//Battle Ratings
battleoutcome_aob:
db 8B 81 38 0A 00 00
unregistersymbol(battleoutcome_aob)
dealloc(battleoutcome_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2EAEAC
"AoT.exe"+2EAE8B: B8 1F 85 EB 51 - mov eax,51EB851F
"AoT.exe"+2EAE90: F7 E9 - imul ecx
"AoT.exe"+2EAE92: C1 FA 05 - sar edx,05
"AoT.exe"+2EAE95: 8B C2 - mov eax,edx
"AoT.exe"+2EAE97: C1 E8 1F - shr eax,1F
"AoT.exe"+2EAE9A: 03 D0 - add edx,eax
"AoT.exe"+2EAE9C: 8D 04 92 - lea eax,[rdx+rdx*4]
"AoT.exe"+2EAE9F: 03 C0 - add eax,eax
"AoT.exe"+2EAEA1: 41 01 80 38 0A 00 00 - add [r8+00000A38],eax
"AoT.exe"+2EAEA8: 48 8B 4D 08 - mov rcx,[rbp+08]
// ---------- INJECTING HERE ----------
"AoT.exe"+2EAEAC: 8B 81 38 0A 00 00 - mov eax,[rcx+00000A38]
// ---------- DONE INJECTING ----------
"AoT.exe"+2EAEB2: 03 81 34 0A 00 00 - add eax,[rcx+00000A34]
"AoT.exe"+2EAEB8: 03 81 30 0A 00 00 - add eax,[rcx+00000A30]
"AoT.exe"+2EAEBE: 89 81 3C 0A 00 00 - mov [rcx+00000A3C],eax
"AoT.exe"+2EAEC4: 48 8B 45 08 - mov rax,[rbp+08]
"AoT.exe"+2EAEC8: 8B 90 3C 0A 00 00 - mov edx,[rax+00000A3C]
"AoT.exe"+2EAECE: 48 8D 88 6C 15 00 00 - lea rcx,[rax+0000156C]
"AoT.exe"+2EAED5: E8 66 74 E5 FF - call AoT.exe+142340
"AoT.exe"+2EAEDA: 48 8B 45 08 - mov rax,[rbp+08]
"AoT.exe"+2EAEDE: 8B 90 3C 0A 00 00 - mov edx,[rax+00000A3C]
"AoT.exe"+2EAEE4: 48 8D 88 0C 17 00 00 - lea rcx,[rax+0000170C]
}
//Subjugation Count
subjugationcount_aob:
db FF C0 41 3B C0
unregistersymbol(subjugationcount_aob)
dealloc(subjugationcount_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+1314DD
"AoT.exe"+1314AB: 4C 89 64 24 58 - mov [rsp+58],r12
"AoT.exe"+1314B0: 4C 89 74 24 60 - mov [rsp+60],r14
"AoT.exe"+1314B5: 4C 8B 35 9C 30 AE 00 - mov r14,[AoT.exe+C14558]
"AoT.exe"+1314BC: 41 B8 A0 86 01 00 - mov r8d,000186A0
"AoT.exe"+1314C2: 4C 89 7C 24 68 - mov [rsp+68],r15
"AoT.exe"+1314C7: 4C 63 FE - movsxd r15,esi
"AoT.exe"+1314CA: 49 8B CF - mov rcx,r15
"AoT.exe"+1314CD: 48 69 C9 70 01 00 00 - imul rcx,rcx,00000170
"AoT.exe"+1314D4: 48 03 CB - add rcx,rbx
"AoT.exe"+1314D7: 8B 81 68 20 00 00 - mov eax,[rcx+00002068]
// ---------- INJECTING HERE ----------
"AoT.exe"+1314DD: FF C0 - inc eax
"AoT.exe"+1314DF: 41 3B C0 - cmp eax,r8d
// ---------- DONE INJECTING ----------
"AoT.exe"+1314E2: 41 0F 43 C0 - cmovae eax,r8d
"AoT.exe"+1314E6: 45 33 E4 - xor r12d,r12d
"AoT.exe"+1314E9: 89 81 68 20 00 00 - mov [rcx+00002068],eax
"AoT.exe"+1314EF: 0F B7 47 44 - movzx eax,word ptr [rdi+44]
"AoT.exe"+1314F3: 66 83 F8 1E - cmp ax,1E
"AoT.exe"+1314F7: 76 12 - jna AoT.exe+13150B
"AoT.exe"+1314F9: 66 83 E8 21 - sub ax,21
"AoT.exe"+1314FD: BA D3 00 00 00 - mov edx,000000D3
"AoT.exe"+131502: 66 3B C2 - cmp ax,dx
"AoT.exe"+131505: 0F 87 18 01 00 00 - ja AoT.exe+131623
}
//Total Subjugation Count
subjugationcount2_aob:
db FF C0 41 3B C0
unregistersymbol(subjugationcount2_aob)
dealloc(subjugationcount2_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+131518
"AoT.exe"+1314E9: 89 81 68 20 00 00 - mov [rcx+00002068],eax
"AoT.exe"+1314EF: 0F B7 47 44 - movzx eax,word ptr [rdi+44]
"AoT.exe"+1314F3: 66 83 F8 1E - cmp ax,1E
"AoT.exe"+1314F7: 76 12 - jna AoT.exe+13150B
"AoT.exe"+1314F9: 66 83 E8 21 - sub ax,21
"AoT.exe"+1314FD: BA D3 00 00 00 - mov edx,000000D3
"AoT.exe"+131502: 66 3B C2 - cmp ax,dx
"AoT.exe"+131505: 0F 87 18 01 00 00 - ja AoT.exe+131623
"AoT.exe"+13150B: 8B 81 6C 20 00 00 - mov eax,[rcx+0000206C]
"AoT.exe"+131511: 48 8B 2D 30 31 AE 00 - mov rbp,[AoT.exe+C14648]
// ---------- INJECTING HERE ----------
"AoT.exe"+131518: FF C0 - inc eax
"AoT.exe"+13151A: 41 3B C0 - cmp eax,r8d
// ---------- DONE INJECTING ----------
"AoT.exe"+13151D: 41 0F 43 C0 - cmovae eax,r8d
"AoT.exe"+131521: 89 81 6C 20 00 00 - mov [rcx+0000206C],eax
"AoT.exe"+131527: 0F B6 45 45 - movzx eax,byte ptr [rbp+45]
"AoT.exe"+13152B: 3B F0 - cmp esi,eax
"AoT.exe"+13152D: 75 08 - jne AoT.exe+131537
"AoT.exe"+13152F: 48 8B CB - mov rcx,rbx
"AoT.exe"+131532: E8 C9 FE FF FF - call AoT.exe+131400
"AoT.exe"+131537: 48 8B 87 F0 00 00 00 - mov rax,[rdi+000000F0]
"AoT.exe"+13153E: 48 8B CB - mov rcx,rbx
"AoT.exe"+131541: 8B 90 B0 01 00 00 - mov edx,[rax+000001B0]
}
//Individual Subjugation Count
subjugationcount3_aob:
db FF C0 41 3B C0
unregistersymbol(subjugationcount3_aob)
dealloc(subjugationcount3_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+43E6A
"AoT.exe"+43E42: 48 85 C6 - test rsi,rax
"AoT.exe"+43E45: 76 53 - jna AoT.exe+43E9A
"AoT.exe"+43E47: 48 85 D2 - test rdx,rdx
"AoT.exe"+43E4A: 74 4E - je AoT.exe+43E9A
"AoT.exe"+43E4C: 8B 82 D0 43 00 00 - mov eax,[rdx+000043D0]
"AoT.exe"+43E52: 41 B8 0F 27 00 00 - mov r8d,0000270F
"AoT.exe"+43E58: 48 A9 00 01 00 00 - test rax,00000100
"AoT.exe"+43E5E: 77 19 - ja AoT.exe+43E79
"AoT.exe"+43E60: 0F B7 82 F0 19 00 00 - movzx eax,word ptr [rdx+000019F0]
"AoT.exe"+43E67: 41 8B C8 - mov ecx,r8d
// ---------- INJECTING HERE ----------
"AoT.exe"+43E6A: FF C0 - inc eax
"AoT.exe"+43E6C: 41 3B C0 - cmp eax,r8d
// ---------- DONE INJECTING ----------
"AoT.exe"+43E6F: 0F 4E C8 - cmovle ecx,eax
"AoT.exe"+43E72: 66 89 8A F0 19 00 00 - mov [rdx+000019F0],cx
"AoT.exe"+43E79: 40 38 BA 7C 19 00 00 - cmp [rdx+0000197C],dil
"AoT.exe"+43E80: 74 18 - je AoT.exe+43E9A
"AoT.exe"+43E82: 0F B7 82 F6 19 00 00 - movzx eax,word ptr [rdx+000019F6]
"AoT.exe"+43E89: FF C0 - inc eax
"AoT.exe"+43E8B: 41 3B C0 - cmp eax,r8d
"AoT.exe"+43E8E: 44 0F 4E C0 - cmovle r8d,eax
"AoT.exe"+43E92: 66 44 89 82 F6 19 00 00 - mov [rdx+000019F6],r8w
"AoT.exe"+43E9A: 48 B8 FF FF FF FF FF FF BF FF - mov rax,FFBFFFFFFFFFFFFF
}
//Combo Streak
subjugationcount4_aob:
db FF C0 3B C2 0F 43 C2
unregistersymbol(subjugationcount4_aob)
dealloc(subjugationcount4_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+1306F8
"AoT.exe"+1306E8: CC - int 3
"AoT.exe"+1306E9: CC - int 3
"AoT.exe"+1306EA: CC - int 3
"AoT.exe"+1306EB: CC - int 3
"AoT.exe"+1306EC: CC - int 3
"AoT.exe"+1306ED: CC - int 3
"AoT.exe"+1306EE: CC - int 3
"AoT.exe"+1306EF: CC - int 3
"AoT.exe"+1306F0: 8B 41 3C - mov eax,[rcx+3C]
"AoT.exe"+1306F3: BA A0 86 01 00 - mov edx,000186A0
// ---------- INJECTING HERE ----------
"AoT.exe"+1306F8: FF C0 - inc eax
"AoT.exe"+1306FA: 3B C2 - cmp eax,edx
"AoT.exe"+1306FC: 0F 43 C2 - cmovae eax,edx
// ---------- DONE INJECTING ----------
"AoT.exe"+1306FF: 89 41 3C - mov [rcx+3C],eax
"AoT.exe"+130702: 48 8B 05 3F 3F AE 00 - mov rax,[AoT.exe+C14648]
"AoT.exe"+130709: 83 78 3C 0A - cmp dword ptr [rax+3C],0A
"AoT.exe"+13070D: 72 0B - jb AoT.exe+13071A
"AoT.exe"+13070F: 48 8B 05 42 3E AE 00 - mov rax,[AoT.exe+C14558]
"AoT.exe"+130716: C6 40 2F 01 - mov byte ptr [rax+2F],01
"AoT.exe"+13071A: F3 C3 - repe ret
"AoT.exe"+13071C: CC - int 3
"AoT.exe"+13071D: CC - int 3
"AoT.exe"+13071E: CC - int 3
}
//Medal Count
subjugationcount5_aob:
db FE C0 42 88 84 07 98 02 00 00
unregistersymbol(subjugationcount5_aob)
dealloc(subjugationcount5_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+A1EF9
"AoT.exe"+A1ED9: 83 F8 0B - cmp eax,0B
"AoT.exe"+A1EDC: 7D 25 - jnl AoT.exe+A1F03
"AoT.exe"+A1EDE: 83 FF 03 - cmp edi,03
"AoT.exe"+A1EE1: 7D 20 - jnl AoT.exe+A1F03
"AoT.exe"+A1EE3: 8B C8 - mov ecx,eax
"AoT.exe"+A1EE5: 48 03 C6 - add rax,rsi
"AoT.exe"+A1EE8: 4C 8D 04 48 - lea r8,[rax+rcx*2]
"AoT.exe"+A1EEC: 42 0F B6 84 07 98 02 00 00 - movzx eax,byte ptr [rdi+r8+00000298]
"AoT.exe"+A1EF5: 3C FF - cmp al,-01
"AoT.exe"+A1EF7: 73 0A - jae AoT.exe+A1F03
// ---------- INJECTING HERE ----------
"AoT.exe"+A1EF9: FE C0 - inc al
"AoT.exe"+A1EFB: 42 88 84 07 98 02 00 00 - mov [rdi+r8+00000298],al
// ---------- DONE INJECTING ----------
"AoT.exe"+A1F03: 80 BB 25 01 00 00 05 - cmp byte ptr [rbx+00000125],05
"AoT.exe"+A1F0A: 41 BD FF FF 00 00 - mov r13d,0000FFFF
"AoT.exe"+A1F10: 0F 87 09 03 00 00 - ja AoT.exe+A221F
"AoT.exe"+A1F16: 48 8B 83 C0 01 00 00 - mov rax,[rbx+000001C0]
"AoT.exe"+A1F1D: 48 85 C0 - test rax,rax
"AoT.exe"+A1F20: 0F 84 F9 02 00 00 - je AoT.exe+A221F
"AoT.exe"+A1F26: 4C 39 A0 98 02 00 00 - cmp [rax+00000298],r12
"AoT.exe"+A1F2D: 0F 84 EC 02 00 00 - je AoT.exe+A221F
"AoT.exe"+A1F33: 48 8D 7D D8 - lea rdi,[rbp-28]
"AoT.exe"+A1F37: 41 0F B7 C4 - movzx eax,r12w
}
//Total Subjugation Count - Special Mission Counter
subjugationcount6_aob:
db 66 03 CA 66 41 89 88 AC 00 00 00
unregistersymbol(subjugationcount6_aob)
dealloc(subjugationcount6_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+A3EFA
"AoT.exe"+A3EDD: CC - int 3
"AoT.exe"+A3EDE: CC - int 3
"AoT.exe"+A3EDF: CC - int 3
"AoT.exe"+A3EE0: 40 53 - push rbx
"AoT.exe"+A3EE2: 48 83 EC 50 - sub rsp,50
"AoT.exe"+A3EE6: 4C 8B C1 - mov r8,rcx
"AoT.exe"+A3EE9: 0F B7 89 AC 00 00 00 - movzx ecx,word ptr [rcx+000000AC]
"AoT.exe"+A3EF0: 8D 04 0A - lea eax,[rdx+rcx]
"AoT.exe"+A3EF3: 3D FF FF 00 00 - cmp eax,0000FFFF
"AoT.exe"+A3EF8: 77 0B - ja AoT.exe+A3F05
// ---------- INJECTING HERE ----------
"AoT.exe"+A3EFA: 66 03 CA - add cx,dx
"AoT.exe"+A3EFD: 66 41 89 88 AC 00 00 00 - mov [r8+000000AC],cx
// ---------- DONE INJECTING ----------
"AoT.exe"+A3F05: 48 8B 1D 54 C7 B7 00 - mov rbx,[AoT.exe+C20660]
"AoT.exe"+A3F0C: 48 85 DB - test rbx,rbx
"AoT.exe"+A3F0F: 0F 84 CA 01 00 00 - je AoT.exe+A40DF
"AoT.exe"+A3F15: 45 0F B7 88 AC 00 00 00 - movzx r9d,word ptr [r8+000000AC]
"AoT.exe"+A3F1D: B8 CD CC CC CC - mov eax,CCCCCCCD
"AoT.exe"+A3F22: 41 F7 E1 - mul r9d
"AoT.exe"+A3F25: C1 EA 03 - shr edx,03
"AoT.exe"+A3F28: 8D 0C 92 - lea ecx,[rdx+rdx*4]
"AoT.exe"+A3F2B: 03 C9 - add ecx,ecx
"AoT.exe"+A3F2D: 44 3B C9 - cmp r9d,ecx
}
//Side Mission Count - Special Mission Counter
sidemissioncount_aob:
db FE 84 18 20 08 00 00
unregistersymbol(sidemissioncount_aob)
dealloc(sidemissioncount_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+20758F
"AoT.exe"+207569: C3 - ret
"AoT.exe"+20756A: 89 87 A0 01 00 00 - mov [rdi+000001A0],eax
"AoT.exe"+207570: 89 5F 40 - mov [rdi+40],ebx
"AoT.exe"+207573: C7 87 A4 01 00 00 00 00 90 40 - mov [rdi+000001A4],40900000
"AoT.exe"+20757D: EB B5 - jmp AoT.exe+207534
"AoT.exe"+20757F: 3C 03 - cmp al,03
"AoT.exe"+207581: 0F 85 FE 03 00 00 - jne AoT.exe+207985
"AoT.exe"+207587: 48 63 C6 - movsxd rax,esi
"AoT.exe"+20758A: 33 D2 - xor edx,edx
"AoT.exe"+20758C: 49 8B CE - mov rcx,r14
// ---------- INJECTING HERE ----------
"AoT.exe"+20758F: FE 84 18 20 08 00 00 - inc byte ptr [rax+rbx+00000820]
// ---------- DONE INJECTING ----------
"AoT.exe"+207596: E8 D5 E9 FF FF - call AoT.exe+205F70
"AoT.exe"+20759B: 48 8B 0D A6 D0 A0 00 - mov rcx,[AoT.exe+C14648]
"AoT.exe"+2075A2: 8B 41 34 - mov eax,[rcx+34]
"AoT.exe"+2075A5: BA A0 86 01 00 - mov edx,000186A0
"AoT.exe"+2075AA: FF C0 - inc eax
"AoT.exe"+2075AC: 3B C2 - cmp eax,edx
"AoT.exe"+2075AE: 0F 43 C2 - cmovae eax,edx
"AoT.exe"+2075B1: 89 41 34 - mov [rcx+34],eax
"AoT.exe"+2075B4: 41 80 7E 0B 0A - cmp byte ptr [r14+0B],0A
"AoT.exe"+2075B9: 72 82 - jb AoT.exe+20753D
}
//Side Mission Count
sidemissioncount2_aob:
db FF C0 B9 A0 86 01 00
unregistersymbol(sidemissioncount2_aob)
dealloc(sidemissioncount2_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+13061D
"AoT.exe"+130609: CC - int 3
"AoT.exe"+13060A: CC - int 3
"AoT.exe"+13060B: CC - int 3
"AoT.exe"+13060C: CC - int 3
"AoT.exe"+13060D: CC - int 3
"AoT.exe"+13060E: CC - int 3
"AoT.exe"+13060F: CC - int 3
"AoT.exe"+130610: 8B 41 30 - mov eax,[rcx+30]
"AoT.exe"+130613: 4C 8B 15 36 40 AE 00 - mov r10,[AoT.exe+C14650]
"AoT.exe"+13061A: 4C 8B C9 - mov r9,rcx
// ---------- INJECTING HERE ----------
"AoT.exe"+13061D: FF C0 - inc eax
"AoT.exe"+13061F: B9 A0 86 01 00 - mov ecx,000186A0
// ---------- DONE INJECTING ----------
"AoT.exe"+130624: 41 B8 04 00 00 00 - mov r8d,00000004
"AoT.exe"+13062A: 3B C1 - cmp eax,ecx
"AoT.exe"+13062C: 0F 43 C1 - cmovae eax,ecx
"AoT.exe"+13062F: 41 89 41 30 - mov [r9+30],eax
"AoT.exe"+130633: 49 8D 81 31 25 00 00 - lea rax,[r9+00002531]
"AoT.exe"+13063A: 66 0F 1F 44 00 00 - nop [rax+rax+00]
"AoT.exe"+130640: 80 78 F7 00 - cmp byte ptr [rax-09],00
"AoT.exe"+130644: 74 2C - je AoT.exe+130672
"AoT.exe"+130646: 0F B6 08 - movzx ecx,byte ptr [rax]
"AoT.exe"+130649: 80 F9 FF - cmp cl,-01
}
//Side Mission Count
sidemissioncount3_aob:
db FF C0 3B C2 0F 43 C2
unregistersymbol(sidemissioncount3_aob)
dealloc(sidemissioncount3_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+2075AA
"AoT.exe"+20757F: 3C 03 - cmp al,03
"AoT.exe"+207581: 0F 85 FE 03 00 00 - jne AoT.exe+207985
"AoT.exe"+207587: 48 63 C6 - movsxd rax,esi
"AoT.exe"+20758A: 33 D2 - xor edx,edx
"AoT.exe"+20758C: 49 8B CE - mov rcx,r14
"AoT.exe"+20758F: FE 84 18 20 08 00 00 - inc byte ptr [rax+rbx+00000820]
"AoT.exe"+207596: E8 D5 E9 FF FF - call AoT.exe+205F70
"AoT.exe"+20759B: 48 8B 0D A6 D0 A0 00 - mov rcx,[AoT.exe+C14648]
"AoT.exe"+2075A2: 8B 41 34 - mov eax,[rcx+34]
"AoT.exe"+2075A5: BA A0 86 01 00 - mov edx,000186A0
// ---------- INJECTING HERE ----------
"AoT.exe"+2075AA: FF C0 - inc eax
"AoT.exe"+2075AC: 3B C2 - cmp eax,edx
"AoT.exe"+2075AE: 0F 43 C2 - cmovae eax,edx
// ---------- DONE INJECTING ----------
"AoT.exe"+2075B1: 89 41 34 - mov [rcx+34],eax
"AoT.exe"+2075B4: 41 80 7E 0B 0A - cmp byte ptr [r14+0B],0A
"AoT.exe"+2075B9: 72 82 - jb AoT.exe+20753D
"AoT.exe"+2075BB: E8 50 90 F2 FF - call AoT.exe+130610
"AoT.exe"+2075C0: 41 0F B6 86 8D 00 00 00 - movzx eax,byte ptr [r14+0000008D]
"AoT.exe"+2075C8: 84 C0 - test al,al
"AoT.exe"+2075CA: 0F 84 45 01 00 00 - je AoT.exe+207715
"AoT.exe"+2075D0: 0F B6 C0 - movzx eax,al
"AoT.exe"+2075D3: FF C8 - dec eax
"AoT.exe"+2075D5: 48 63 F0 - movsxd rsi,eax
}
7257
"Side Mission Count"
FF8000
4 Bytes
sidemissioncount_mul
2698
"Subjugation Multiplier"
FF8000
4 Bytes
subjugationcount_mul
258
"Base Rating Multiplier"
FF8000
4 Bytes
base_mul
259
"Subjugation Rating Multiplier"
FF8000
4 Bytes
subjugation_mul
260
"Special Rating Multiplier"
FF8000
4 Bytes
special_mul
4213
"Character Stats Mod Base Address Scan Initialization (Activate This First)"
800000
Auto Assembler Script
[ENABLE]
alloc(skills_base,8,"AoT.exe")
alloc(skills_set,4,"AoT.exe")
alloc(skills_slot1,4,"AoT.exe")
alloc(skills_slot2,4,"AoT.exe")
alloc(skills_slot3,4,"AoT.exe")
alloc(skills_slot4,4,"AoT.exe")
alloc(skills_slot5,4,"AoT.exe")
alloc(skills_slot6,4,"AoT.exe")
alloc(skills_slot7,4,"AoT.exe")
alloc(attributes_base,8,"AoT.exe")
registersymbol(skills_base)
registersymbol(skills_set)
registersymbol(skills_slot1)
registersymbol(skills_slot2)
registersymbol(skills_slot3)
registersymbol(skills_slot4)
registersymbol(skills_slot5)
registersymbol(skills_slot6)
registersymbol(skills_slot7)
registersymbol(attributes_base)
//CHANGE VALUES BELOW FOR PRECONFIGURED SET//
skills_slot1:
dd #20 //Chain Attack
skills_slot2:
dd #21 //Rotating Slash
skills_slot3:
dd #22 //Swoop
skills_slot4:
dd #24 //Chain Dash
skills_slot5:
dd #63 //Decisive Battle
skills_slot6:
dd #67 //Power of Humanity
skills_slot7:
dd #69 //Wings of Freedom
[DISABLE]
dealloc(skills_base)
dealloc(skills_set)
dealloc(skills_slot1)
dealloc(skills_slot2)
dealloc(skills_slot3)
dealloc(skills_slot4)
dealloc(skills_slot5)
dealloc(skills_slot6)
dealloc(skills_slot7)
dealloc(attributes_base)
unregistersymbol(skills_base)
unregistersymbol(skills_set)
unregistersymbol(skills_slot1)
unregistersymbol(skills_slot2)
unregistersymbol(skills_slot3)
unregistersymbol(skills_slot4)
unregistersymbol(skills_slot5)
unregistersymbol(skills_slot6)
unregistersymbol(skills_slot7)
unregistersymbol(attributes_base)
4214
"Character Stats Mod Base Address Scan (To Update: Player Information)"
800000
Auto Assembler Script
[ENABLE]
//Skills
aobscanmodule(skills_aob,AoT.exe,0F B6 8C 2F D0 79 01 00)
registersymbol(skills_aob)
alloc(skills_newmem,1024,AoT.exe)
label(skills_return)
skills_newmem:
mov [skills_base],rbp
cmp [skills_set],#0
je @f
push rax
mov rax,[skills_slot1]
mov byte ptr [rbp+179D0],al
mov rax,[skills_slot2]
mov byte ptr [rbp+179D1],al
mov rax,[skills_slot3]
mov byte ptr [rbp+179D2],al
mov rax,[skills_slot4]
mov byte ptr [rbp+179D3],al
mov rax,[skills_slot5]
mov byte ptr [rbp+179D4],al
mov rax,[skills_slot6]
mov byte ptr [rbp+179D5],al
mov rax,[skills_slot7]
mov byte ptr [rbp+179D6],al
pop rax
@@:
movzx ecx,byte ptr [rdi+rbp+000179D0]
jmp skills_return
skills_aob:
jmp skills_newmem
nop
nop
nop
skills_return:
//Attributes
aobscanmodule(attributes_aob,AoT.exe,44 0F B7 43 70)
registersymbol(attributes_aob)
alloc(attributes_newmem,1024,AoT.exe)
label(attributes_return)
attributes_newmem:
mov [attributes_base],rbx
movzx r8d,word ptr [rbx+70]
jmp attributes_return
attributes_aob:
jmp attributes_newmem
attributes_return:
[DISABLE]
//Skills
skills_aob:
db 0F B6 8C 2F D0 79 01 00
unregistersymbol(skills_aob)
dealloc(skills_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3B858D
"AoT.exe"+3B856B: D1 E8 - shr eax,1
"AoT.exe"+3B856D: 8D 04 C0 - lea eax,[rax+rax*8]
"AoT.exe"+3B8570: 8D 14 C2 - lea edx,[rdx+rax*8]
"AoT.exe"+3B8573: 83 FB 06 - cmp ebx,06
"AoT.exe"+3B8576: 75 0E - jne AoT.exe+3B8586
"AoT.exe"+3B8578: 45 8D 97 CC 00 00 00 - lea r10d,[r15+000000CC]
"AoT.exe"+3B857F: 41 8D 96 64 02 00 00 - lea edx,[r14+00000264]
"AoT.exe"+3B8586: 8B 06 - mov eax,[rsi]
"AoT.exe"+3B8588: 83 F8 01 - cmp eax,01
"AoT.exe"+3B858B: 75 0A - jne AoT.exe+3B8597
// ---------- INJECTING HERE ----------
"AoT.exe"+3B858D: 0F B6 8C 2F D0 79 01 00 - movzx ecx,byte ptr [rdi+rbp+000179D0]
// ---------- DONE INJECTING ----------
"AoT.exe"+3B8595: EB 0D - jmp AoT.exe+3B85A4
"AoT.exe"+3B8597: 83 F8 02 - cmp eax,02
"AoT.exe"+3B859A: 75 22 - jne AoT.exe+3B85BE
"AoT.exe"+3B859C: 0F B6 8C 2F EB 79 01 00 - movzx ecx,byte ptr [rdi+rbp+000179EB]
"AoT.exe"+3B85A4: 81 F9 FB 00 00 00 - cmp ecx,000000FB
"AoT.exe"+3B85AA: 7D 12 - jnl AoT.exe+3B85BE
"AoT.exe"+3B85AC: 44 8B C2 - mov r8d,edx
"AoT.exe"+3B85AF: 41 8B D2 - mov edx,r10d
"AoT.exe"+3B85B2: 44 89 64 24 20 - mov [rsp+20],r12d
"AoT.exe"+3B85B7: E8 D4 51 00 00 - call AoT.exe+3BD790
}
//Attributes
attributes_aob:
db 44 0F B7 43 70
unregistersymbol(attributes_aob)
dealloc(attributes_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3BC2A5
"AoT.exe"+3BC27C: 4C 89 64 24 48 - mov [rsp+48],r12
"AoT.exe"+3BC281: 4C 8D 25 78 3D C4 FF - lea r12,[AoT.exe]
"AoT.exe"+3BC288: 41 8B D0 - mov edx,r8d
"AoT.exe"+3BC28B: 83 FF 05 - cmp edi,05
"AoT.exe"+3BC28E: 77 77 - ja AoT.exe+3BC307
"AoT.exe"+3BC290: 41 8B 8C BC DC C3 3B 00 - mov ecx,[r12+rdi*4+003BC3DC]
"AoT.exe"+3BC298: 49 03 CC - add rcx,r12
"AoT.exe"+3BC29B: FF E1 - jmp rcx
"AoT.exe"+3BC29D: 48 8B CB - mov rcx,rbx
"AoT.exe"+3BC2A0: E8 DB 6E D8 FF - call AoT.exe+143180
// ---------- INJECTING HERE ----------
"AoT.exe"+3BC2A5: 44 0F B7 43 70 - movzx r8d,word ptr [rbx+70]
// ---------- DONE INJECTING ----------
"AoT.exe"+3BC2AA: EB 53 - jmp AoT.exe+3BC2FF
"AoT.exe"+3BC2AC: 48 8B CB - mov rcx,rbx
"AoT.exe"+3BC2AF: E8 EC 6F D8 FF - call AoT.exe+1432A0
"AoT.exe"+3BC2B4: 44 8B C0 - mov r8d,eax
"AoT.exe"+3BC2B7: 0F B7 43 72 - movzx eax,word ptr [rbx+72]
"AoT.exe"+3BC2BB: EB 42 - jmp AoT.exe+3BC2FF
"AoT.exe"+3BC2BD: 48 8B CB - mov rcx,rbx
"AoT.exe"+3BC2C0: E8 FB 70 D8 FF - call AoT.exe+1433C0
"AoT.exe"+3BC2C5: 44 8B C0 - mov r8d,eax
"AoT.exe"+3BC2C8: 0F B7 43 74 - movzx eax,word ptr [rbx+74]
}
7249
"Character Skill Slots Set to Preconfigured Set?"
FF8000
4 Bytes
skills_set
7250
"Slot 1"
FF8000
4 Bytes
skills_slot1
7251
"Slot 2"
FF8000
4 Bytes
skills_slot2
7252
"Slot 3"
FF8000
4 Bytes
skills_slot3
7253
"Slot 4"
FF8000
4 Bytes
skills_slot4
7254
"Slot 5"
FF8000
4 Bytes
skills_slot5
7255
"Slot 6"
FF8000
4 Bytes
skills_slot6
7256
"Slot 7"
FF8000
4 Bytes
skills_slot7
5725
"Character Stats Mod"
1
5726
"Skills"
1
5727
"Slot 1"
Byte
skills_base
179D0
5728
"Slot 2"
Byte
skills_base
179D1
5729
"Slot 3"
Byte
skills_base
179D2
5730
"Slot 4"
Byte
skills_base
179D3
5731
"Slot 5"
Byte
skills_base
179D4
5732
"Slot 6"
Byte
skills_base
179D5
5733
"Slot 7"
Byte
skills_base
179D6
5724
"Attributes"
1
5719
"Strength"
2 Bytes
attributes_base
70
5718
"Dexterity"
2 Bytes
attributes_base
72
5723
"Concentration"
2 Bytes
attributes_base
74
5722
"Stamina"
2 Bytes
attributes_base
76
5721
"Health"
2 Bytes
attributes_base
78
5720
"Leadership"
2 Bytes
attributes_base
7A
8782
"Hidden Character Mod Base Address Scan (To Activate: Character Select Menu)"
800000
Auto Assembler Script
[ENABLE]
alloc(keyState_base,8,AoT.exe)
alloc(keyState_timer,4,AoT.exe)
registersymbol(keyState_base)
registersymbol(keyState_timer)
//Key State Function Start//
aobscanmodule(keyState_aob,AoT.exe,33 C0 48 8B FA 48 89)
registersymbol(keyState_aob)
alloc(keyState_newmem,1024,AoT.exe)
label(keyState_return)
keyState_newmem:
cmp byte ptr [rcx],0 //First Controller
jne @f
mov [keyState_base],rcx
@@:
//Original Code
xor eax,eax
mov rdi,rdx
jmp keyState_return
keyState_aob:
jmp keyState_newmem
keyState_return:
//Key State Function End//
//Change Last Slot Character Start//
aobscanmodule(selectedChar_aob,AoT.exe,44 8B A9 F0 00 00 00)
registersymbol(selectedChar_aob)
alloc(selectedChar_newmem,1024,AoT.exe)
label(selectedChar_return)
label(originalcode)
label(scrollDown)
label(scrollUp)
label(setTimer)
label(popRax)
selectedChar_newmem:
cmp [keyState_timer],0 //Check if keypress wait timer is counting down
je long @f
dec [keyState_timer]
jmp long originalcode
@@:
cmp byte ptr [rcx+F0],9 //Check if last slot selected
jne long originalcode
push rax
mov rax,[keyState_base]
cmp byte ptr [rax+6],80 //Check if Down Key selected
je long scrollDown
cmp byte ptr [rax+6],20 //Check if Up Key selected
je long scrollUp
jmp long popRax
scrollDown:
cmp byte ptr [rcx+184],D //Check last slot is Erwin
jne long @f
mov [rcx+184],3 //Set last slot to Reiner
jmp long setTimer
@@:
cmp byte ptr [rcx+184],3 //Check if last slot is Reiner
jne long @f
mov [rcx+184],4 //Set last slot to Bertholdt
jmp long setTimer
@@:
cmp byte ptr [rcx+184],4 //Check if last slot is Bertholdt
jne long @f
mov [rcx+184],5 //Set last slot to Annie
jmp long setTimer
@@:
cmp byte ptr [rcx+184],5 //Check if last slot is Annie
jne long @f
mov [rcx+184],A //Set last slot to Ymir
jmp long setTimer
@@:
cmp byte ptr [rcx+184],A //Check if last slot is Ymir
jne long @f
mov [rcx+184],D //Set last slot to Erwin
jmp long setTimer
scrollUp:
cmp byte ptr [rcx+184],D //Check last slot is Erwin
jne long @f
mov [rcx+184],A //Set last slot to Ymir
jmp long setTimer
@@:
cmp byte ptr [rcx+184],3 //Check if last slot is Reiner
jne long @f
mov [rcx+184],D //Set last slot to Erwin
jmp long setTimer
@@:
cmp byte ptr [rcx+184],4 //Check if last slot is Bertholdt
jne long @f
mov [rcx+184],3 //Set last slot to Reiner
jmp long setTimer
@@:
cmp byte ptr [rcx+184],5 //Check if last slot is Annie
jne long @f
mov [rcx+184],4 //Set last slot to Bertholdt
jmp long setTimer
@@:
cmp byte ptr [rcx+184],A //Check if last slot is Ymir
jne long @f
mov [rcx+184],5 //Set last slot to Annie
setTimer:
mov [keyState_timer],8 //Wait Keypress Timer Duration
popRax:
pop rax
originalcode:
mov r13d,[rcx+000000F0]
jmp selectedChar_return
selectedChar_aob:
jmp selectedChar_newmem
nop
nop
selectedChar_return:
//Change Last Slot Character End//
[DISABLE]
//Change Last Slot Character Start//
selectedChar_aob:
db 44 8B A9 F0 00 00 00
unregistersymbol(selectedChar_aob)
dealloc(selectedChar_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+34BED3
"AoT.exe"+34BEA6: 41 57 - push r15
"AoT.exe"+34BEA8: 48 8D 68 A1 - lea rbp,[rax-5F]
"AoT.exe"+34BEAC: 48 81 EC F0 00 00 00 - sub rsp,000000F0
"AoT.exe"+34BEB3: 0F 29 70 C8 - movaps [rax-38],xmm6
"AoT.exe"+34BEB7: 0F 29 78 B8 - movaps [rax-48],xmm7
"AoT.exe"+34BEBB: 44 0F 29 40 A8 - movaps [rax-58],xmm8
"AoT.exe"+34BEC0: 44 0F 29 48 98 - movaps [rax-68],xmm9
"AoT.exe"+34BEC5: 48 8B 05 D4 22 84 00 - mov rax,[AoT.exe+B8E1A0]
"AoT.exe"+34BECC: 48 33 C4 - xor rax,rsp
"AoT.exe"+34BECF: 48 89 45 E7 - mov [rbp-19],rax
// ---------- INJECTING HERE ----------
"AoT.exe"+34BED3: 44 8B A9 F0 00 00 00 - mov r13d,[rcx+000000F0]
// ---------- DONE INJECTING ----------
"AoT.exe"+34BEDA: F3 0F 10 3D A6 D5 73 00 - movss xmm7,[AoT.exe+A89488]
"AoT.exe"+34BEE2: F3 44 0F 10 05 61 DC 73 00 - movss xmm8,[AoT.exe+A89B4C]
"AoT.exe"+34BEEB: 48 8B D9 - mov rbx,rcx
"AoT.exe"+34BEEE: 33 C9 - xor ecx,ecx
"AoT.exe"+34BEF0: 44 8B E2 - mov r12d,edx
"AoT.exe"+34BEF3: C7 45 87 FF FF FF FF - mov [rbp-79],FFFFFFFF
"AoT.exe"+34BEFA: 0F 57 F6 - xorps xmm6,xmm6
"AoT.exe"+34BEFD: 8B F9 - mov edi,ecx
"AoT.exe"+34BEFF: F3 44 0F 10 0D DC DA 73 00 - movss xmm9,[AoT.exe+A899E4]
"AoT.exe"+34BF08: 44 8B F1 - mov r14d,ecx
}
//Change Last Slot Character End//
//Key State Function Start//
keyState_aob:
db 33 C0 48 8B FA
unregistersymbol(keyState_aob)
dealloc(keyState_newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AoT.exe"+3F29C4
"AoT.exe"+3F29A4: 57 - push rdi
"AoT.exe"+3F29A5: 41 54 - push r12
"AoT.exe"+3F29A7: 41 55 - push r13
"AoT.exe"+3F29A9: 41 56 - push r14
"AoT.exe"+3F29AB: 41 57 - push r15
"AoT.exe"+3F29AD: 48 83 EC 40 - sub rsp,40
"AoT.exe"+3F29B1: 8B 82 84 02 00 00 - mov eax,[rdx+00000284]
"AoT.exe"+3F29B7: 44 8B 61 04 - mov r12d,[rcx+04]
"AoT.exe"+3F29BB: 44 8B 2D E2 E1 82 00 - mov r13d,[AoT.exe+C20BA4]
"AoT.exe"+3F29C2: 89 01 - mov [rcx],eax
// ---------- INJECTING HERE ----------
"AoT.exe"+3F29C4: 33 C0 - xor eax,eax
"AoT.exe"+3F29C6: 48 8B FA - mov rdi,rdx
// ---------- DONE INJECTING ----------
"AoT.exe"+3F29C9: 48 89 41 0C - mov [rcx+0C],rax
"AoT.exe"+3F29CD: 48 89 41 04 - mov [rcx+04],rax
"AoT.exe"+3F29D1: 48 89 41 1C - mov [rcx+1C],rax
"AoT.exe"+3F29D5: 48 89 41 14 - mov [rcx+14],rax
"AoT.exe"+3F29D9: 48 89 41 2C - mov [rcx+2C],rax
"AoT.exe"+3F29DD: 48 89 41 24 - mov [rcx+24],rax
"AoT.exe"+3F29E1: 48 89 41 44 - mov [rcx+44],rax
"AoT.exe"+3F29E5: 48 89 41 4C - mov [rcx+4C],rax
"AoT.exe"+3F29E9: 48 89 41 54 - mov [rcx+54],rax
"AoT.exe"+3F29ED: 48 89 41 5C - mov [rcx+5C],rax
}
//Key State Function End//
unregistersymbol(keyState_base)
unregistersymbol(keyState_timer)
dealloc(keyState_base)
dealloc(keyState_timer)
myDropDownListName_Skills = [[Slot:Character Stats Mod
Slot:Skills]]
myDropDownListOptions_Skills = {true,false,true}
myDropDownList_Skills = [[0:Enhanced Strength
1:Enhanced Dexterity
2:Enhanced Concentration
3:Enhanced Stamina
4:Enhanced Health
5:Enhanced Leadership
20:Chain Attack
21:Rotating Slash
22:Swoop
23:Aerial Replacement
24:Chain Dash
25:Pose
26:Stealth
27:Charisma
28:Focus
29:Expert Beggar
30:Guts
31:Ambush
32:Duelist
33:Togetherness
34:Relentless
35:Hunter
36:Reward Bonus
37:Elimination Bonus
38:Always Prepared
39:Ready for Anything
40:Tactician's Eyes
50:Quick Growth
51:Increased Rewards
52:Extermination Reward
53:Quick Growth+
54:Increased Rewards+
55:Extermination Reward+
56:Battle Fatigue
57:Battle Fatigue+
60:Research
61:Class Clown
62:Under Pressure
63:Decisive Battle
64:Order
65:Swordsmanship
66:Dedication
67:Power of Humanity
68:Flanking
69:Wings of Freedom
100:Reckless
101:Transformation
102:Mikasa 0
103:Mikasa 1
104:Armin 0
105:Armin 1
106:Reiner 0
107:Reiner 1
108:Bertholdt 0
109:Bertholdt 1
110:Annie 0
111:Annie 1
112:Jean 0
113:Jean 1
114:Conny 0
115:Conny 1
116:Sasha 0
117:Sasha 1
118:Christa 0
119:Christa 1
120:Ymir 0
121:Ymir 1
122:Levi 0
123:Levi 1
124:Hange 0
125:Hange 1
126:Erwin 0
127:Erwin 1
255:Empty]]
myDropDownList_ODMG = [[0:Training Gear
1:Training Gear Mk II
2:Training Gear Mk III
3:First-Generation Gear
4:First-Generation Gear Mk II
5:First-Generation Gear Mk III
6:Second-Generation Gear
7:Second-Generation Gear Mk II
8:Second-Generation Gear Mk III
9:Third-Generation Gear
10:Third-Generation Gear Mk II
11:Third-Generation Gear Mk III
12:Perfected Gear
13:Reinforced Gear Ver.1
14:Reinforced Gear Ver.2
15:Reinforced Gear Ver.3
16:Reinforced Gear Ver.4
17:Reinforced Gear Ver.5
18:Reinforced Gear Ver.6
19:Reinforced Gear Ver.7
20:Reinforced Gear Ver.8
21:Reinforced Gear Ver.9
22:Reinforced Gear Ver.10
23:Panther Tail Zero
24:Panther Tail Zero Mk II
25:Panther Tail Zero Mk III
26:Leopard Tail Zero
27:Leopard Tail Zero Mk II
28:Leopard Tail Zero Mk III
29:Cheetah Tail Zero
30:Schuzrumhaken
31:Schuzrumhaken II
32:Schuzrumhaken III
33:Blitzhaken
34:Blitzhaken II
35:Blitzhaken III
36:Jagthaken
37:Jagthaken II
38:Jagthaken III
39:Koenighaken
40:Symbol
41:Symbol II
42:Symbol III
43:Symbol IV
44:Symbol V
45:Symbol VI
46:Duster
47:Duster
48:Ultimate Duster
49:Instructor's Gear
50:Instructor's Gear Mk II
51:Instructor's Gear Mk III
52:Anti-hardening Gear
53:Anti-hardening Gear Mk II
54:Anti-hardening Gear Mk III
55:Regulation Hunting Gear
56:Regulation Hunting Gear Mk II
57:Regulation Hunting Gear Mk III
58:First Daybreak (Gear)
59:Second Dawn (Gear)
60:Third Sunrise (Gear)
61:Camellia Zero
62:Camellia Zero Mk II
63:Camellia Zero Plus
64:Gear of the Sky
65:Gear of the Heavens
66:Gear of the Cosmos
67:Rotebogen
68:Rotebogen II
69:Rotebogen III
70:Unicorn Tail
71:Unicorn Tail II
72:Unicorn Tail III
73:Nightmare Heart
74:Nightmare Heart II
75:Nightmare Heart III
76:Rozen Crest
103:Portable Shrine
104:Portable Shrine Mk II
105:Portable Shrine Mk III
255:Empty]]
myDropDownList_Scabbard = [[0:Training Scabbard
1:Training Scabbard Mk II
2:Training Scabbard Mk III
3:First-Generation Scabbard
4:First-Generation Scabbard Mk II
5:First-Generation Scabbard Mk III
6:Second-Generation Scabbard
7:Second-Generation Scabbard Mk II
8:Second-Generation Scabbard Mk III
9:Third-Generation Scabbard
10:Third-Generation Scabbard Mk II
11:Third-Generation Scabbard Mk III
12:Perfected Scabbard
13:Reinforced Scabbard Ver.1
14:Reinforced Scabbard Ver.2
15:Reinforced Scabbard Ver.3
16:Reinforced Scabbard Ver.4
17:Reinforced Scabbard Ver.5
18:Reinforced Scabbard Ver.6
19:Reinforced Scabbard Ver.7
20:Reinforced Scabbard Ver.8
21:Reinforced Scabbard Ver.9
22:Reinforced Scabbard Ver.10
23:Swifthorse Zero
24:Swifthorse Zero Mk II
25:Swifthorse Zero Mk III
26:Thunderhorse Zero
27:Thunderhorse Zero Mk II
28:Thunderhorse Zero Mk III
29:Warhorse Zero
30:Schuzrumscheide
31:Schuzrumscheide II
32:Schuzrumscheide III
33:Blitzscheide
34:Blitzscheide II
35:Blitzscheide III
36:Jagtscheide
37:Jagtscheide II
38:Jagtscheide III
39:Koenigscheide
40:Wing
41:Wing II
42:Wing III
43:Wing IV
44:Wing V
45:Wing VI
46:Duster
47:Duster
48:Ultimate Duster
49:Instructor's Scabbard
50:Instructor's Scabbard Mk II
51:Instructor's Scabbard Mk III
52:Anti-hardening Scabbard
53:Anti-hardening Scabbard Mk II
54:Anti-hardening Scabbard Mk III
55:Regulation Hunting Scabbard
56:Regulation Hunting Scabbard Mk II
57:Regulation Hunting Scabbard Mk III
58:First Daybreak (Scabbard)
59:Second Dawn (Scabbard)
60:Third Sunrise (Scabbard)
61:Wave Zero
62:Wave Zero Mk II
63:Wave Zero Plus
64:Scabbard of the Sky
65:Scabbard of the Heavens
66:Scabbard of the Cosmos
67:Roteeisen
68:Roteeisen II
69:Roteeisen III
70:Unicorn Crest
71:Unicorn Crest II
72:Unicorn Crest III
73:Nightmare Sheath
74:Nightmare Sheath II
75:Nightmare Sheath III
76:Rozen Wing
103:Drum
104:Drum Mk II
105:Drum Mk III
255:Empty]]
myDropDownList_Blade = [[0:Training Blade
1:Training Blade Mk II
2:Training Blade Mk III
3:First-Generation Blade
4:First-Generation Blade Mk II
5:First-Generation Blade Mk III
6:Second-Generation Blade
7:Second-Generation Blade Mk II
8:Second-Generation Blade Mk III
9:Third-Generation Blade
10:Third-Generation Blade Mk II
11:Third-Generation Blade Mk III
12:Perfected Blade
13:Reinforced Blade Ver.1
14:Reinforced Blade Ver.2
15:Reinforced Blade Ver.3
16:Reinforced Blade Ver.4
17:Reinforced Blade Ver.5
18:Reinforced Blade Ver.6
19:Reinforced Blade Ver.7
20:Reinforced Blade Ver.8
21:Reinforced Blade Ver.9
22:Reinforced Blade Ver.10
23:Tiger Zero
24:Tiger Zero Mk II
25:Tiger Zero Mk III
26:King Tiger Zero
27:King Tiger Zero Mk II
28:King Tiger Zero Mk III
29:Emperor Tiger Zero
30:Schuzrummesser
31:Schuzrummesser II
32:Schuzrummesser III
33:Blitzmesser
34:Blitzmesser II
35:Blitzmesser III
36:Jagtmesser
37:Jagtmesser II
38:Jagtmesser III
39:Koenigmesser
40:Rapier
41:Rapier II
42:Rapier III
43:Rapier IV
44:Rapier V
45:Rapier VI
46:Duster
47:Duster Mk II
48:Ultimate Duster
49:Instructor's Blade
50:Instructor's Blade Mk II
51:Instructor's Blade Mk III
52:Anti-hardening Blade
53:Anti-hardening Blade Mk II
54:Anti-hardening Blade Mk III
55:Regulation Hunting Blade
56:Regulation Hunting Blade Mk II
57:Regulation Hunting Blade Mk III
58:First Daybreak (Blade)
59:Second Dawn (Blade)
60:Third Sunrise (Blade)
61:Cloud Zero
62:Cloud Zero Mk II
63:Cloud Zero Plus
64:Blade of the Sky
65:Blade of the Heavens
66:Blade of the Cosmos
67:Roteklinge
68:Roteklinge II
69:Roteklinge III
70:Unicorn Horn
71:Unicorn Horn II
72:Unicorn Horn III
73:Nightmare Blade
74:Nightmare Blade II
75:Nightmare Blade III
76:Rozen Rapier
103:Drumsticks
104:Drumsticks Mk II
105:Drumsticks Mk III
255:Empty]]
myDropDownListName_Toggle = [[Set to]]
myDropDownListOptions_Toggle = {true,false,true}
myDropDownList_Toggle = [[0:No
1:Yes]]
function addDropDownList(list,...)
local listName, listOptions = ...
if listName == nil then return end
if listOptions == nil then listOptions = {false,false,false} end
--Convert listName to Stringlist---
local tmp = createStringlist()
tmp.Text = listName
listName = tmp
-----------------------------------
local al = getAddressList()
for i=0,al.Count-1 do
for j = 0, listName.Count-1 do
--No Parent String Found
if string.find(listName[j],':') == nil then
if al[i].Description:match(listName[j]) then
--Output Log--------------------------------------------------------------------------
if DDLEditor ~= nil and DDLEditor.OutputLog == true then
local a = string.format("%-15s %s","Match Found @","\""..al[i].Description.."\"")
local b = string.format("%-15s %s","Matched Name:","\""..listName[j].."\"\r\n")
print(a)
print(b)
end
--------------------------------------------------------------------------------------
al[i].DropDownList.Text = list
al[i].DropDownReadOnly = listOptions[1]
al[i].DropDownDescriptionOnly = listOptions[2]
al[i].DisplayAsDropDownListItem = listOptions[3]
end
else
--Parent String Found
if al[i].Parent ~= nil then
local splitName = listName[j]:match('(.*):')
local splitParent = listName[j]:match(':(.*)')
if al[i].Parent.Description:match(splitParent) and al[i].Description:match(splitName) then
--Output Log--------------------------------------------------------------------------
if DDLEditor ~= nil and DDLEditor.OutputLog == true then
local a = string.format("%-15s %s","Match Found @","\""..al[i].Description.."\"")
local b = string.format("%-15s %s","Matched Name:","\""..splitName.."\"")
local c = string.format("%-25s %s","Parent:","\""..al[i].Parent.Description.."\"\r\n")
print(a)
print(b)
print(c)
end
--------------------------------------------------------------------------------------
al[i].DropDownList.Text = list
al[i].DropDownReadOnly = listOptions[1]
al[i].DropDownDescriptionOnly = listOptions[2]
al[i].DisplayAsDropDownListItem = listOptions[3]
end
end
end
end
end
end
function lua_aobscan(name,module,bytes,index)
index = index - 1
if(module == "") then
local resultSet = AOBScan(bytes)
if(resultSet == nil) then
unregisterSymbol(name)
print(name.." not found")
else
unregisterSymbol(name)
registerSymbol(name,resultSet[index])
resultSet.destroy()
end
else
if(getModuleSize(module) == nil) then
print("Module "..module.." not found")
else
local memScanner = createMemScan()
local memFoundList = createFoundList(memScanner)
memScanner.firstScan(
soExactValue,vtByteArray,rtRounded,bytes,nil,
getAddress(module),(getAddress(module)+getModuleSize(module)),"",
fsmNotAligned,"",true,false,false,false)
memScanner.waitTillDone()
memFoundList.initialize()
if(memFoundList.Count == 0) then
unregisterSymbol(name)
print(name.." in module "..module.." not found")
else
unregisterSymbol(name)
registerSymbol(name,memFoundList.Address[index])
end
memScanner.destroy()
memFoundList.destroy()
end
end
end
local al = getAddressList()
local headerRecord = al.getMemoryRecordByDescription("Player Data Stats")
local inventoryHeader = al.createMemoryRecord()
inventoryHeader.Description = "Inventory"
inventoryHeader.IsGroupHeader = true
inventoryHeader.Options = "moHideChildren"
local bladeHeader = al.createMemoryRecord()
bladeHeader.Description = "Blade"
bladeHeader.IsGroupHeader = true
bladeHeader.Options = "moHideChildren"
local scabbardHeader = al.createMemoryRecord()
scabbardHeader.Description = "Scabbard"
scabbardHeader.IsGroupHeader = true
scabbardHeader.Options = "moHideChildren"
local ODMGHeader = al.createMemoryRecord()
ODMGHeader.Description = "ODMG"
ODMGHeader.IsGroupHeader = true
ODMGHeader.Options = "moHideChildren"
function addItemSlots(header,offset,count,dropdownlist)
for i=0,count-1,1 do
local itemSlotHeader = al.createMemoryRecord()
itemSlotHeader.Description = "Slot "..i+1
itemSlotHeader.IsGroupHeader = true
itemSlotHeader.Options = 'moHideChildren'
local id = al.createMemoryRecord()
id.Description = "ID"
id.Type = vtByte
id.Address = "regimentfund_base"
id.OffsetCount = 1
id.Offset[0] = offset+i*0x40
id.DropDownList.Text = dropdownlist
id.DropDownReadOnly = true
id.DisplayAsDropDownListItem = true
id.appendToEntry(itemSlotHeader)
local fortify = al.createMemoryRecord()
fortify.Description = "Fortify LVL"
fortify.Type = vtByte
fortify.Address = "regimentfund_base"
fortify.OffsetCount = 1
fortify.Offset[0] = offset+i*0x40+0x1
fortify.appendToEntry(itemSlotHeader)
local fortify2 = al.createMemoryRecord()
fortify2.Description = "Fortify LVL2"
fortify2.Type = vtByte
fortify2.Address = "regimentfund_base"
fortify2.OffsetCount = 1
fortify2.Offset[0] = offset+i*0x40+0x12
fortify2.appendToEntry(itemSlotHeader)
local fortify2on = al.createMemoryRecord()
fortify2on.Description = "Fortify LVL2?"
fortify2on.Type = vtByte
fortify2on.Address = "regimentfund_base"
fortify2on.OffsetCount = 1
fortify2on.Offset[0] = offset+i*0x40+0x13
fortify2on.DropDownList.Text = [[0:Off
1:On]]
fortify2on.DropDownReadOnly = true
fortify2on.DisplayAsDropDownListItem = true
fortify2on.appendToEntry(itemSlotHeader)
itemSlotHeader.appendToEntry(header)
end
end
addItemSlots(bladeHeader,0x25188,100,myDropDownList_Blade)
addItemSlots(scabbardHeader,0x26A88,100,myDropDownList_Scabbard)
addItemSlots(ODMGHeader,0x28388,100,myDropDownList_ODMG)
bladeHeader.appendToEntry(inventoryHeader)
scabbardHeader.appendToEntry(inventoryHeader)
ODMGHeader.appendToEntry(inventoryHeader)
inventoryHeader.appendToEntry(headerRecord)
addDropDownList(myDropDownList_Skills,myDropDownListName_Skills,myDropDownListOptions_Skills)
addDropDownList(myDropDownList_Toggle,myDropDownListName_Toggle,myDropDownListOptions_Toggle)