1638
"Player Scripts"
Auto Assembler Script
[ENABLE]
aobscanmodule(player,DXMD.exe,F3 0F 10 40 1C 48 83 C4)
alloc(newmem,$1000,player)
label(code)
label(return)
label(health_ptr)
newmem:
push rbx
mov rbx,health_ptr
pop qword ptr [rbx]
code:
movss xmm0,[rax+1C]
jmp return
health_ptr:
dq 0
player:
jmp newmem
return:
registersymbol(player)
aobscanmodule(player_status,DXMD.exe,0F 2F 73 44 40 0F 96 D6)
alloc(newmem2,$1000,player_status)
label(code2)
label(return2)
label(health)
label(energy)
newmem2:
mov rcx,health_ptr
cmp [rcx],rbx
jne @f
mov rcx,health
cmp byte ptr [rcx],1
jne code2
movss [rbx+44],xmm6
jmp code2
@@:
mov rcx,energy
cmp byte ptr [rcx],1
jne code2
movss [rbx+44],xmm6
code2:
comiss xmm6,[rbx+44]
setbe sil
jmp return2
health:
db 0
energy:
db 0
player_status:
jmp newmem2
nop
nop
nop
return2:
registersymbol(player_status)
registersymbol(health)
registersymbol(energy)
[DISABLE]
player:
db F3 0F 10 40 1C
unregistersymbol(player)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+390A856
"DXMD.exe"+390A831: 48 83 EC 20 - sub rsp,20
"DXMD.exe"+390A835: 48 8B 01 - mov rax,[rcx]
"DXMD.exe"+390A838: 48 89 CB - mov rbx,rcx
"DXMD.exe"+390A83B: FF 90 40 01 00 00 - call qword ptr [rax+00000140]
"DXMD.exe"+390A841: 48 89 D9 - mov rcx,rbx
"DXMD.exe"+390A844: 0F 57 C0 - xorps xmm0,xmm0
"DXMD.exe"+390A847: 0F 2E 40 1C - ucomiss xmm0,[rax+1C]
"DXMD.exe"+390A84B: 48 8B 03 - mov rax,[rbx]
"DXMD.exe"+390A84E: 74 12 - je DXMD.exe+390A862
"DXMD.exe"+390A850: FF 90 40 01 00 00 - call qword ptr [rax+00000140]
// ---------- INJECTING HERE ----------
"DXMD.exe"+390A856: F3 0F 10 40 1C - movss xmm0,[rax+1C]
// ---------- DONE INJECTING ----------
"DXMD.exe"+390A85B: 48 83 C4 20 - add rsp,20
"DXMD.exe"+390A85F: 5B - pop rbx
"DXMD.exe"+390A860: C3 - ret
"DXMD.exe"+390A861: EA 48 83 C4 20 5B FF - jmp FF5B:20C48348
"DXMD.exe"+390A868: A0 E8 00 00 00 CC CC 90 0F - mov ax,[F90CCCC000000E8]
"DXMD.exe"+390A871: 57 - push rdi
"DXMD.exe"+390A872: C0 48 89 C8 - ror byte ptr [rax-77],-38
"DXMD.exe"+390A876: 0F 5C 42 10 - subps xmm0,[rdx+10]
"DXMD.exe"+390A87A: 0F 29 01 - movaps [rcx],xmm0
"DXMD.exe"+390A87D: C3 - ret
}
player_status:
db 0F 2F 73 44 40 0F 96 D6
unregistersymbol(player_status)
unregistersymbol(health)
unregistersymbol(energy)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+390E7B4
"DXMD.exe"+390E790: 48 FF CF - dec rdi
"DXMD.exe"+390E793: 75 F4 - jne DXMD.exe+390E789
"DXMD.exe"+390E795: 48 8B 03 - mov rax,[rbx]
"DXMD.exe"+390E798: 48 89 D9 - mov rcx,rbx
"DXMD.exe"+390E79B: FF 90 E0 00 00 00 - call qword ptr [rax+000000E0]
"DXMD.exe"+390E7A1: 48 8B 06 - mov rax,[rsi]
"DXMD.exe"+390E7A4: 48 89 F1 - mov rcx,rsi
"DXMD.exe"+390E7A7: 0F 28 F0 - movaps xmm6,xmm0
"DXMD.exe"+390E7AA: FF 90 D0 00 00 00 - call qword ptr [rax+000000D0]
"DXMD.exe"+390E7B0: F3 0F 59 F0 - mulss xmm6,xmm0
// ---------- INJECTING HERE ----------
"DXMD.exe"+390E7B4: 0F 2F 73 44 - comiss xmm6,[rbx+44]
"DXMD.exe"+390E7B8: 40 0F 96 D6 - setbe sil
// ---------- DONE INJECTING ----------
"DXMD.exe"+390E7BC: 48 89 D9 - mov rcx,rbx
"DXMD.exe"+390E7BF: E8 FC F8 FF FF - call DXMD.exe+390E0C0
"DXMD.exe"+390E7C4: 84 C0 - test al,al
"DXMD.exe"+390E7C6: 75 12 - jne DXMD.exe+390E7DA
"DXMD.exe"+390E7C8: 48 8B 03 - mov rax,[rbx]
"DXMD.exe"+390E7CB: 48 89 D9 - mov rcx,rbx
"DXMD.exe"+390E7CE: FF 90 30 01 00 00 - call qword ptr [rax+00000130]
"DXMD.exe"+390E7D4: 0F 2F 43 4C - comiss xmm0,[rbx+4C]
"DXMD.exe"+390E7D8: 73 31 - jae DXMD.exe+390E80B
"DXMD.exe"+390E7DA: 48 8B 03 - mov rax,[rbx]
}
1649
"Full Health"
Auto Assembler Script
[ENABLE]
health:
db 1
[DISABLE]
health:
db 0
1650
"Full Energy"
Auto Assembler Script
[ENABLE]
energy:
db 1
[DISABLE]
energy:
db 0
1658
"Full Energy Marker"
Auto Assembler Script
[ENABLE]
aobscanmodule(energy2,DXMD.exe,F3 0F 10 89 18 01 00 00 0F 2F)
alloc(newmem,$1000,energy2)
label(code)
label(return)
newmem:
code:
movss [rcx+00000118],xmm0
movss xmm1,xmm0
jmp return
energy2:
jmp code
nop
nop
nop
return:
registersymbol(energy2)
[DISABLE]
energy2:
db F3 0F 10 89 18 01 00 00
unregistersymbol(energy2)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+3910150
"DXMD.exe"+391013A: CC - int 3
"DXMD.exe"+391013B: CC - int 3
"DXMD.exe"+391013C: CC - int 3
"DXMD.exe"+391013D: CC - int 3
"DXMD.exe"+391013E: CC - int 3
"DXMD.exe"+391013F: CC - int 3
"DXMD.exe"+3910140: F3 0F 10 81 04 01 00 00 - movss xmm0,[rcx+00000104]
"DXMD.exe"+3910148: 0F 57 C9 - xorps xmm1,xmm1
"DXMD.exe"+391014B: 0F 2E C1 - ucomiss xmm0,xmm1
"DXMD.exe"+391014E: 74 11 - je DXMD.exe+3910161
// ---------- INJECTING HERE ----------
"DXMD.exe"+3910150: F3 0F 10 89 18 01 00 00 - movss xmm1,[rcx+00000118]
// ---------- DONE INJECTING ----------
"DXMD.exe"+3910158: 0F 2F C1 - comiss xmm0,xmm1
"DXMD.exe"+391015B: 72 0C - jb DXMD.exe+3910169
"DXMD.exe"+391015D: 0F 28 C1 - movaps xmm0,xmm1
"DXMD.exe"+3910160: C3 - ret
"DXMD.exe"+3910161: F3 0F 10 81 18 01 00 00 - movss xmm0,[rcx+00000118]
"DXMD.exe"+3910169: F3 C3 - repe ret
"DXMD.exe"+391016B: 00 CC - add ah,cl
"DXMD.exe"+391016D: CC - int 3
"DXMD.exe"+391016E: CC - int 3
"DXMD.exe"+391016F: CC - int 3
}
1612
"No Reload"
Auto Assembler Script
[ENABLE]
aobscanmodule(reload,DXMD.exe,45 89 E6 8B 78 08)
reload:
db 45 31 F6
registersymbol(reload)
[DISABLE]
reload:
db 45 89 E6
unregistersymbol(reload)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+404C535
"DXMD.exe"+404C50A: 00 00 - add [rax],al
"DXMD.exe"+404C50C: 00 45 31 - add [rbp+31],al
"DXMD.exe"+404C50F: ED - in eax,dx
"DXMD.exe"+404C510: 44 38 69 08 - cmp [rcx+08],r13l
"DXMD.exe"+404C514: 0F 85 C6 02 00 00 - jne DXMD.exe+404C7E0
"DXMD.exe"+404C51A: 48 8B 41 E8 - mov rax,[rcx-18]
"DXMD.exe"+404C51E: 48 83 C1 E8 - add rcx,-18
"DXMD.exe"+404C522: 4C 89 B4 24 80 00 00 00 - mov [rsp+00000080],r14
"DXMD.exe"+404C52A: 4C 89 7C 24 78 - mov [rsp+78],r15
"DXMD.exe"+404C52F: FF 90 F0 00 00 00 - call qword ptr [rax+000000F0]
// ---------- INJECTING HERE ----------
"DXMD.exe"+404C535: 45 89 E6 - mov r14d,r12d
"DXMD.exe"+404C538: 8B 78 08 - mov edi,[rax+08]
// ---------- DONE INJECTING ----------
"DXMD.exe"+404C53B: 48 8B 18 - mov rbx,[rax]
"DXMD.exe"+404C53E: 49 89 C7 - mov r15,rax
"DXMD.exe"+404C541: 48 83 C3 F0 - add rbx,-10
"DXMD.exe"+404C545: 89 F8 - mov eax,edi
"DXMD.exe"+404C547: 48 89 7D 7F - mov [rbp+7F],rdi
"DXMD.exe"+404C54B: 48 C1 E0 04 - shl rax,04
"DXMD.exe"+404C54F: 48 01 C3 - add rbx,rax
"DXMD.exe"+404C552: 48 85 FF - test rdi,rdi
"DXMD.exe"+404C555: 0F 84 71 02 00 00 - je DXMD.exe+404C7CC
"DXMD.exe"+404C55B: 4C 8D 66 E8 - lea r12,[rsi-18]
}
1619
"Unlimited Items"
Auto Assembler Script
[ENABLE]
aobscanmodule(items,DXMD.exe,75 40 39 E8 7F 18)
items:
db EB
registersymbol(items)
[DISABLE]
items:
db 75
unregistersymbol(items)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+404C153
"DXMD.exe"+404C131: 48 89 DA - mov rdx,rbx
"DXMD.exe"+404C134: 48 89 C8 - mov rax,rcx
"DXMD.exe"+404C137: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+404C13A: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+404C13E: 48 FF CA - dec rdx
"DXMD.exe"+404C141: 75 F4 - jne DXMD.exe+404C137
"DXMD.exe"+404C143: 48 8B 01 - mov rax,[rcx]
"DXMD.exe"+404C146: FF 90 20 01 00 00 - call qword ptr [rax+00000120]
"DXMD.exe"+404C14C: 80 7E 20 00 - cmp byte ptr [rsi+20],00
"DXMD.exe"+404C150: 41 89 C7 - mov r15d,eax
// ---------- INJECTING HERE ----------
"DXMD.exe"+404C153: 75 40 - jne DXMD.exe+404C195
"DXMD.exe"+404C155: 39 E8 - cmp eax,ebp
"DXMD.exe"+404C157: 7F 18 - jg DXMD.exe+404C171
// ---------- DONE INJECTING ----------
"DXMD.exe"+404C159: 48 8B 06 - mov rax,[rsi]
"DXMD.exe"+404C15C: 45 31 C0 - xor r8d,r8d
"DXMD.exe"+404C15F: 4C 89 F2 - mov rdx,r14
"DXMD.exe"+404C162: 48 89 F1 - mov rcx,rsi
"DXMD.exe"+404C165: FF 90 D8 00 00 00 - call qword ptr [rax+000000D8]
"DXMD.exe"+404C16B: 44 89 FF - mov edi,r15d
"DXMD.exe"+404C16E: EB 27 - jmp DXMD.exe+404C197
"DXMD.exe"+404C170: 6C - insb
"DXMD.exe"+404C171: 49 8B 4E 08 - mov rcx,[r14+08]
"DXMD.exe"+404C175: 48 89 DA - mov rdx,rbx
}
1629
"Unlimited Augmentation Usage"
Auto Assembler Script
[ENABLE]
aobscanmodule(augs,DXMD.exe,7C 26 48 8B 4C 24 28)
augs:
db EB
registersymbol(augs)
aobscanmodule(augs2,DXMD.exe,29 F8 89 C2 FF)
augs2:
db 90 90
registersymbol(augs2)
[DISABLE]
augs:
db 7C
unregistersymbol(augs)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+404BF8E
"DXMD.exe"+404BF68: 48 8B 89 18 01 00 00 - mov rcx,[rcx+00000118]
"DXMD.exe"+404BF6F: 48 89 4C 24 28 - mov [rsp+28],rcx
"DXMD.exe"+404BF74: 48 89 C8 - mov rax,rcx
"DXMD.exe"+404BF77: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+404BF7A: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+404BF7E: 48 FF CA - dec rdx
"DXMD.exe"+404BF81: 75 F4 - jne DXMD.exe+404BF77
"DXMD.exe"+404BF83: 48 8B 01 - mov rax,[rcx]
"DXMD.exe"+404BF86: FF 90 20 01 00 00 - call qword ptr [rax+00000120]
"DXMD.exe"+404BF8C: 39 C7 - cmp edi,eax
// ---------- INJECTING HERE ----------
"DXMD.exe"+404BF8E: 7C 26 - jl DXMD.exe+404BFB6
"DXMD.exe"+404BF90: 48 8B 4C 24 28 - mov rcx,[rsp+28]
// ---------- DONE INJECTING ----------
"DXMD.exe"+404BF95: 48 89 C8 - mov rax,rcx
"DXMD.exe"+404BF98: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+404BF9B: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+404BF9F: 48 FF CB - dec rbx
"DXMD.exe"+404BFA2: 75 F4 - jne DXMD.exe+404BF98
"DXMD.exe"+404BFA4: 48 8B 01 - mov rax,[rcx]
"DXMD.exe"+404BFA7: FF 90 20 01 00 00 - call qword ptr [rax+00000120]
"DXMD.exe"+404BFAD: 89 FB - mov ebx,edi
"DXMD.exe"+404BFAF: 40 B5 01 - mov bpl,01
"DXMD.exe"+404BFB2: 29 C3 - sub ebx,eax
}
augs2:
db 29 F8
unregistersymbol(augs2)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+404BFF0
"DXMD.exe"+404BFD0: 75 F4 - jne DXMD.exe+404BFC6
"DXMD.exe"+404BFD2: 48 89 F0 - mov rax,rsi
"DXMD.exe"+404BFD5: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+404BFD8: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+404BFDC: 48 FF CB - dec rbx
"DXMD.exe"+404BFDF: 75 F4 - jne DXMD.exe+404BFD5
"DXMD.exe"+404BFE1: 48 8B 1E - mov rbx,[rsi]
"DXMD.exe"+404BFE4: 48 89 F1 - mov rcx,rsi
"DXMD.exe"+404BFE7: FF 93 20 01 00 00 - call qword ptr [rbx+00000120]
"DXMD.exe"+404BFED: 48 89 F1 - mov rcx,rsi
// ---------- INJECTING HERE ----------
"DXMD.exe"+404BFF0: 29 F8 - sub eax,edi
"DXMD.exe"+404BFF2: 89 C2 - mov edx,eax
"DXMD.exe"+404BFF4: FF 93 28 01 00 00 - call qword ptr [rbx+00000128]
// ---------- DONE INJECTING ----------
"DXMD.exe"+404BFFA: 48 8B 74 24 40 - mov rsi,[rsp+40]
"DXMD.exe"+404BFFF: 31 DB - xor ebx,ebx
"DXMD.exe"+404C001: 49 8B 06 - mov rax,[r14]
"DXMD.exe"+404C004: 48 8D 54 24 78 - lea rdx,[rsp+78]
"DXMD.exe"+404C009: 4C 89 F1 - mov rcx,r14
"DXMD.exe"+404C00C: FF 50 28 - call qword ptr [rax+28]
"DXMD.exe"+404C00F: 48 C7 44 24 30 00 00 00 00 - mov [rsp+30],00000000
"DXMD.exe"+404C018: 48 8D 15 C1 14 E6 FE - lea rdx,[DXMD.exe+2EAD4E0]
"DXMD.exe"+404C01F: 48 8B 08 - mov rcx,[rax]
"DXMD.exe"+404C022: 48 89 4C 24 30 - mov [rsp+30],rcx
}
1597
"Stealth Hacking"
Auto Assembler Script
[ENABLE]
aobscanmodule(StealthCheckUI,DXMD.exe,41 39 BD * * * * 7E 05)
StealthCheckUI+7:
db 90 90
registersymbol(StealthCheckUI)
aobscanmodule(StealthCheck,DXMD.exe,41 0F 9F D7 44 89 E1)
StealthCheck:
db 90 90 90 90
registersymbol(StealthCheck)
aobscanmodule(StealthDecrease,DXMD.exe,FF CB 0F 48 DD 89 9F 90 01 00 00)
StealthDecrease:
db 90 90
registersymbol(StealthDecrease)
[DISABLE]
StealthCheckUI+7:
db 7E 05
unregistersymbol(StealthCheckUI)
{
// ORIGINAL CODE - INJECTION POINT: DXMD.NvOptimusEnablement+192F546
DXMD.NvOptimusEnablement+192F51E: 48 8D 40 40 - lea rax,[rax+40]
DXMD.NvOptimusEnablement+192F522: 48 FF C9 - dec rcx
DXMD.NvOptimusEnablement+192F525: 75 F4 - jne 143B88ED3
DXMD.NvOptimusEnablement+192F527: 48 8B 07 - mov rax,[rdi]
DXMD.NvOptimusEnablement+192F52A: 48 89 F9 - mov rcx,rdi
DXMD.NvOptimusEnablement+192F52D: FF 90 E8000000 - call qword ptr [rax+000000E8]
DXMD.NvOptimusEnablement+192F533: 84 C0 - test al,al
DXMD.NvOptimusEnablement+192F535: 0F84 6D020000 - je 143B89160
DXMD.NvOptimusEnablement+192F53B: 48 89 B4 24 B0000000 - mov [rsp+000000B0],rsi
DXMD.NvOptimusEnablement+192F543: 40 30 F6 - xor sil,sil
// ---------- INJECTING HERE ----------
DXMD.NvOptimusEnablement+192F546: 41 83 BE 90010000 00 - cmp dword ptr [r14+00000190],00
// ---------- DONE INJECTING ----------
DXMD.NvOptimusEnablement+192F54E: 4C 89 BC 24 B8000000 - mov [rsp+000000B8],r15
DXMD.NvOptimusEnablement+192F556: 41 0F9F D7 - setg r15l
DXMD.NvOptimusEnablement+192F55A: 44 89 E1 - mov ecx,r12d
DXMD.NvOptimusEnablement+192F55D: 45 85 E4 - test r12d,r12d
DXMD.NvOptimusEnablement+192F560: 0F84 3A010000 - je 143B89058
DXMD.NvOptimusEnablement+192F566: FF C9 - dec ecx
DXMD.NvOptimusEnablement+192F568: 0F84 F5000000 - je 143B8901B
DXMD.NvOptimusEnablement+192F56E: FF C9 - dec ecx
DXMD.NvOptimusEnablement+192F570: 0F85 07020000 - jne 143B89135
DXMD.NvOptimusEnablement+192F576: 48 89 F8 - mov rax,rdi
}
StealthCheck:
db 41 0F 9F D7
unregistersymbol(StealthCheck)
{
// ORIGINAL CODE - INJECTION POINT: DXMD.NvOptimusEnablement+192F556
DXMD.NvOptimusEnablement+192F525: 75 F4 - jne 143B88ED3
DXMD.NvOptimusEnablement+192F527: 48 8B 07 - mov rax,[rdi]
DXMD.NvOptimusEnablement+192F52A: 48 89 F9 - mov rcx,rdi
DXMD.NvOptimusEnablement+192F52D: FF 90 E8000000 - call qword ptr [rax+000000E8]
DXMD.NvOptimusEnablement+192F533: 84 C0 - test al,al
DXMD.NvOptimusEnablement+192F535: 0F84 6D020000 - je 143B89160
DXMD.NvOptimusEnablement+192F53B: 48 89 B4 24 B0000000 - mov [rsp+000000B0],rsi
DXMD.NvOptimusEnablement+192F543: 40 30 F6 - xor sil,sil
DXMD.NvOptimusEnablement+192F546: 41 83 BE 90010000 00 - cmp dword ptr [r14+00000190],00
DXMD.NvOptimusEnablement+192F54E: 4C 89 BC 24 B8000000 - mov [rsp+000000B8],r15
// ---------- INJECTING HERE ----------
DXMD.NvOptimusEnablement+192F556: 41 0F9F D7 - setg r15l
// ---------- DONE INJECTING ----------
DXMD.NvOptimusEnablement+192F55A: 44 89 E1 - mov ecx,r12d
DXMD.NvOptimusEnablement+192F55D: 45 85 E4 - test r12d,r12d
DXMD.NvOptimusEnablement+192F560: 0F84 3A010000 - je 143B89058
DXMD.NvOptimusEnablement+192F566: FF C9 - dec ecx
DXMD.NvOptimusEnablement+192F568: 0F84 F5000000 - je 143B8901B
DXMD.NvOptimusEnablement+192F56E: FF C9 - dec ecx
DXMD.NvOptimusEnablement+192F570: 0F85 07020000 - jne 143B89135
DXMD.NvOptimusEnablement+192F576: 48 89 F8 - mov rax,rdi
DXMD.NvOptimusEnablement+192F579: 48 89 D9 - mov rcx,rbx
DXMD.NvOptimusEnablement+192F57C: 0F18 08 - prefetchto [rax]
}
StealthDecrease:
db FF CB
unregistersymbol(StealthDecrease)
{
// ORIGINAL CODE - INJECTION POINT: DXMD.NvOptimusEnablement+1B2233A
DXMD.NvOptimusEnablement+1B22311: 48 8B 91 80010000 - mov rdx,[rcx+00000180]
DXMD.NvOptimusEnablement+1B22318: 4B 8D 0C 52 - lea rcx,[r10+r10*2]
DXMD.NvOptimusEnablement+1B2231C: 48 8D 04 CA - lea rax,[rdx+rcx*8]
DXMD.NvOptimusEnablement+1B22320: 48 85 C0 - test rax,rax
DXMD.NvOptimusEnablement+1B22323: 74 0B - je 143D7BCE8
DXMD.NvOptimusEnablement+1B22325: 4C 89 18 - mov [rax],r11
DXMD.NvOptimusEnablement+1B22328: 48 89 58 08 - mov [rax+08],rbx
DXMD.NvOptimusEnablement+1B2232C: 44 89 40 10 - mov [rax+10],r8d
DXMD.NvOptimusEnablement+1B22330: 41 8D 42 01 - lea eax,[r10+01]
DXMD.NvOptimusEnablement+1B22334: 89 87 88010000 - mov [rdi+00000188],eax
// ---------- INJECTING HERE ----------
DXMD.NvOptimusEnablement+1B2233A: 8B 9F 90010000 - mov ebx,[rdi+00000190]
// ---------- DONE INJECTING ----------
DXMD.NvOptimusEnablement+1B22340: BD 00000000 - mov ebp,00000000
DXMD.NvOptimusEnablement+1B22345: B9 0FA24FC3 - mov ecx,C34FA20F
DXMD.NvOptimusEnablement+1B2234A: 8D 89 F55DB03C - lea ecx,[rcx+3CB05DF5]
DXMD.NvOptimusEnablement+1B22350: FF CB - dec ebx
DXMD.NvOptimusEnablement+1B22352: 0F48 DD - cmovs ebx,ebp
DXMD.NvOptimusEnablement+1B22355: 89 9F 90010000 - mov [rdi+00000190],ebx
DXMD.NvOptimusEnablement+1B2235B: 48 8B BF 58020000 - mov rdi,[rdi+00000258]
DXMD.NvOptimusEnablement+1B22362: 48 89 F8 - mov rax,rdi
DXMD.NvOptimusEnablement+1B22365: 0F18 08 - prefetchto [rax]
DXMD.NvOptimusEnablement+1B22368: 48 83 C0 40 - add rax,40
}
1596
"Unlimited Hacking Attempts"
Auto Assembler Script
[ENABLE]
aobscanmodule(hackchance,DXMD.exe,FF 49 1C 83 79 1C 00)
hackchance:
db 90 90 90
registersymbol(hackchance)
[DISABLE]
hackchance:
db FF 49 1C
unregistersymbol(hackchance)
{
// ORIGINAL CODE - INJECTION POINT: DXMD.NvOptimusEnablement+206020D
DXMD.NvOptimusEnablement+2060200: CC - int 3
DXMD.NvOptimusEnablement+2060201: CC - int 3
DXMD.NvOptimusEnablement+2060202: CC - int 3
DXMD.NvOptimusEnablement+2060203: CC - int 3
DXMD.NvOptimusEnablement+2060204: CC - int 3
DXMD.NvOptimusEnablement+2060205: CC - int 3
DXMD.NvOptimusEnablement+2060206: CC - int 3
DXMD.NvOptimusEnablement+2060207: CC - int 3
DXMD.NvOptimusEnablement+2060208: 57 - push rdi
DXMD.NvOptimusEnablement+2060209: 48 83 EC 40 - sub rsp,40
// ---------- INJECTING HERE ----------
DXMD.NvOptimusEnablement+206020D: FF 49 1C - dec [rcx+1C]
// ---------- DONE INJECTING ----------
DXMD.NvOptimusEnablement+2060210: 83 79 1C 00 - cmp dword ptr [rcx+1C],00
DXMD.NvOptimusEnablement+2060214: 48 89 CF - mov rdi,rcx
DXMD.NvOptimusEnablement+2060217: 0F8F 83000000 - jg 1442B9C58
DXMD.NvOptimusEnablement+206021D: C7 41 1C 00000000 - mov [rcx+1C],00000000
DXMD.NvOptimusEnablement+2060224: 83 FA 01 - cmp edx,01
DXMD.NvOptimusEnablement+2060227: 75 77 - jne 1442B9C58
DXMD.NvOptimusEnablement+2060229: 48 8D 0D 189FEBFD - lea rcx,[142173B00]
DXMD.NvOptimusEnablement+2060230: 48 89 5C 24 50 - mov [rsp+50],rbx
DXMD.NvOptimusEnablement+2060235: 48 8B 1D 0C9FEBFD - mov rbx,[142173B00]
DXMD.NvOptimusEnablement+206023C: E8 679CE2FE - call 1430E3860
}
1643
"Upgrade Pointers"
Auto Assembler Script
[ENABLE]
aobscanmodule(upgrade,DXMD.exe,48 8B 19 48 89 CF FF 93 00)
alloc(newmem,$1000,upgrade)
label(code)
label(return)
label(upgrade_ptr)
newmem:
mov rbx,upgrade_ptr
mov [rbx],rcx
code:
mov rbx,[rcx]
mov rdi,rcx
jmp return
upgrade_ptr:
dq 0
upgrade:
jmp newmem
nop
return:
registersymbol(upgrade)
registersymbol(upgrade_ptr)
[DISABLE]
upgrade:
db 48 8B 19 48 89 CF
unregistersymbol(upgrade)
unregistersymbol(upgrade_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+41ACEBA
"DXMD.exe"+41ACE9D: F7 41 0C 00 00 00 80 - test [rcx+0C],80000000
"DXMD.exe"+41ACEA4: 75 03 - jne DXMD.exe+41ACEA9
"DXMD.exe"+41ACEA6: 48 8B 09 - mov rcx,[rcx]
"DXMD.exe"+41ACEA9: 8B 44 81 FC - mov eax,[rcx+rax*4-04]
"DXMD.exe"+41ACEAD: C3 - ret
"DXMD.exe"+41ACEAE: CC - int 3
"DXMD.exe"+41ACEAF: CC - int 3
"DXMD.exe"+41ACEB0: 48 89 5C 24 08 - mov [rsp+08],rbx
"DXMD.exe"+41ACEB5: 57 - push rdi
"DXMD.exe"+41ACEB6: 48 83 EC 20 - sub rsp,20
// ---------- INJECTING HERE ----------
"DXMD.exe"+41ACEBA: 48 8B 19 - mov rbx,[rcx]
"DXMD.exe"+41ACEBD: 48 89 CF - mov rdi,rcx
// ---------- DONE INJECTING ----------
"DXMD.exe"+41ACEC0: FF 93 00 01 00 00 - call qword ptr [rbx+00000100]
"DXMD.exe"+41ACEC6: 48 89 F9 - mov rcx,rdi
"DXMD.exe"+41ACEC9: 89 C2 - mov edx,eax
"DXMD.exe"+41ACECB: 48 8B 83 F8 00 00 00 - mov rax,[rbx+000000F8]
"DXMD.exe"+41ACED2: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"DXMD.exe"+41ACED7: 48 83 C4 20 - add rsp,20
"DXMD.exe"+41ACEDB: 5F - pop rdi
"DXMD.exe"+41ACEDC: FF E0 - jmp rax
"DXMD.exe"+41ACEDE: ED - in eax,dx
"DXMD.exe"+41ACEDF: E1 0A - loope DXMD.exe+41ACEEB
}
1642
"Base Address"
String
0
0
1
upgrade_ptr
0
1641
"Praxis Points"
4 Bytes
+1c
1645
"Next Praxis"
4 Bytes
+18
1644
"Total XP"
4 Bytes
+30
1626
"Credits Pointer"
Auto Assembler Script
[ENABLE]
aobscanmodule(credits,DXMD.exe,49 8B 9E 48 01 00 00 48)
alloc(newmem,$1000,credits)
label(code)
label(return)
label(credits_ptr)
newmem:
mov rbx,credits_ptr
mov [rbx],rcx
code:
mov rbx,[r14+00000148]
jmp return
credits_ptr:
dq 0
credits:
jmp newmem
nop
nop
return:
registersymbol(credits)
registersymbol(credits_ptr)
[DISABLE]
credits:
db 49 8B 9E 48 01 00 00
unregistersymbol(credits)
unregistersymbol(credits_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+46F586E
"DXMD.exe"+46F5852: 48 89 FA - mov rdx,rdi
"DXMD.exe"+46F5855: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+46F5858: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+46F585C: 48 FF CA - dec rdx
"DXMD.exe"+46F585F: 75 F4 - jne DXMD.exe+46F5855
"DXMD.exe"+46F5861: E8 EA BD 1F 00 - call DXMD.exe+48F1650
"DXMD.exe"+46F5866: 89 C6 - mov esi,eax
"DXMD.exe"+46F5868: EB 04 - jmp DXMD.exe+46F586E
"DXMD.exe"+46F586A: 77 44 - ja DXMD.exe+46F58B0
"DXMD.exe"+46F586C: 89 FE - mov esi,edi
// ---------- INJECTING HERE ----------
"DXMD.exe"+46F586E: 49 8B 9E 48 01 00 00 - mov rbx,[r14+00000148]
// ---------- DONE INJECTING ----------
"DXMD.exe"+46F5875: 48 8D 05 3C 1F 46 FD - lea rax,[DXMD.exe+1B577B8]
"DXMD.exe"+46F587C: 48 8D 54 24 70 - lea rdx,[rsp+70]
"DXMD.exe"+46F5881: 48 8D 4D 90 - lea rcx,[rbp-70]
"DXMD.exe"+46F5885: 45 31 C9 - xor r9d,r9d
"DXMD.exe"+46F5888: 45 31 C0 - xor r8d,r8d
"DXMD.exe"+46F588B: 48 89 44 24 70 - mov [rsp+70],rax
"DXMD.exe"+46F5890: C7 44 24 78 0E 00 00 80 - mov [rsp+78],8000000E
"DXMD.exe"+46F5898: 44 89 7C 24 7C - mov [rsp+7C],r15d
"DXMD.exe"+46F589D: E8 5E 18 80 FF - call DXMD.exe+3EF7100
"DXMD.exe"+46F58A2: 89 F2 - mov edx,esi
}
1625
"Credits (Open Inventory)"
4 Bytes
credits_ptr
98
1613
"In-Game Cheats"
Auto Assembler Script
[ENABLE]
aobscanmodule(cheat,DXMD.exe,4C 8B 87 E8 00 00 00 48 89)
alloc(newmem,$1000,cheat)
label(code)
label(return)
label(cheat_ptr)
newmem:
mov r8,cheat_ptr
mov [r8],rbx
code:
mov r8,[rdi+000000E8]
jmp return
cheat_ptr:
dq 0
cheat:
jmp newmem
nop
nop
return:
registersymbol(cheat)
registersymbol(cheat_ptr)
[DISABLE]
cheat:
db 4C 8B 87 E8 00 00 00
unregistersymbol(cheat)
unregistersymbol(cheat_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+456365D
"DXMD.exe"+456363C: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+456363F: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+4563643: 48 FF CA - dec rdx
"DXMD.exe"+4563646: 75 F4 - jne DXMD.exe+456363C
"DXMD.exe"+4563648: 48 8B 01 - mov rax,[rcx]
"DXMD.exe"+456364B: FF 90 60 02 00 00 - call qword ptr [rax+00000260]
"DXMD.exe"+4563651: 49 8B 5F 08 - mov rbx,[r15+08]
"DXMD.exe"+4563655: 41 89 C4 - mov r12d,eax
"DXMD.exe"+4563658: 48 85 DB - test rbx,rbx
"DXMD.exe"+456365B: 74 4C - je DXMD.exe+45636A9
// ---------- INJECTING HERE ----------
"DXMD.exe"+456365D: 4C 8B 87 E8 00 00 00 - mov r8,[rdi+000000E8]
// ---------- DONE INJECTING ----------
"DXMD.exe"+4563664: 48 89 F2 - mov rdx,rsi
"DXMD.exe"+4563667: 4C 89 C1 - mov rcx,r8
"DXMD.exe"+456366A: 66 90 - nop
"DXMD.exe"+456366C: 0F 18 09 - prefetchto [rcx]
"DXMD.exe"+456366F: 48 8D 49 40 - lea rcx,[rcx+40]
"DXMD.exe"+4563673: 48 FF CA - dec rdx
"DXMD.exe"+4563676: 75 F4 - jne DXMD.exe+456366C
"DXMD.exe"+4563678: 48 89 D8 - mov rax,rbx
"DXMD.exe"+456367B: 48 89 F2 - mov rdx,rsi
"DXMD.exe"+456367E: 0F 18 08 - prefetchto [rax]
}
1599
"1 = Enabled; 0 = Disabled"
Byte
cheat_ptr
20
1628
"Ignore This"
1
1609
"Unlimited Ammo"
Auto Assembler Script
[ENABLE]
aobscanmodule(usage,DXMD.exe,44 29 F0 89 C2)
usage:
db 90 90 90
registersymbol(usage)
[DISABLE]
usage:
db 44 29 F0
unregistersymbol(usage)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+404C716
"DXMD.exe"+404C6F3: 48 89 F0 - mov rax,rsi
"DXMD.exe"+404C6F6: B9 04 00 00 00 - mov ecx,00000004
"DXMD.exe"+404C6FB: 0F 18 08 - prefetchto [rax]
"DXMD.exe"+404C6FE: 48 8D 40 40 - lea rax,[rax+40]
"DXMD.exe"+404C702: 48 FF C9 - dec rcx
"DXMD.exe"+404C705: 75 F4 - jne DXMD.exe+404C6FB
"DXMD.exe"+404C707: 48 8B 3E - mov rdi,[rsi]
"DXMD.exe"+404C70A: 48 89 F1 - mov rcx,rsi
"DXMD.exe"+404C70D: FF 97 20 01 00 00 - call qword ptr [rdi+00000120]
"DXMD.exe"+404C713: 48 89 F1 - mov rcx,rsi
// ---------- INJECTING HERE ----------
"DXMD.exe"+404C716: 44 29 F0 - sub eax,r14d
"DXMD.exe"+404C719: 89 C2 - mov edx,eax
// ---------- DONE INJECTING ----------
"DXMD.exe"+404C71B: FF 97 28 01 00 00 - call qword ptr [rdi+00000128]
"DXMD.exe"+404C721: 49 8B 04 24 - mov rax,[r12]
"DXMD.exe"+404C725: 48 8D 55 CF - lea rdx,[rbp-31]
"DXMD.exe"+404C729: 4C 89 E1 - mov rcx,r12
"DXMD.exe"+404C72C: FF 50 28 - call qword ptr [rax+28]
"DXMD.exe"+404C72F: 31 FF - xor edi,edi
"DXMD.exe"+404C731: 48 8D 15 A8 0D E6 FE - lea rdx,[DXMD.exe+2EAD4E0]
"DXMD.exe"+404C738: 48 89 7D F7 - mov [rbp-09],rdi
"DXMD.exe"+404C73C: 48 89 C1 - mov rcx,rax
"DXMD.exe"+404C73F: 48 8B 00 - mov rax,[rax]
}
1607
"Get Integers"
Auto Assembler Script
[ENABLE]
aobscanmodule(integer,DXMD.exe,CC 8B 41 40 C3 CC)
alloc(newmem,$1000,integer)
label(code)
label(return)
newmem:
mov rax,[rsp]
lea rax,[rax]
code:
mov eax,[rcx+40]
ret
int 3
jmp return
integer+01:
jmp newmem
return:
registersymbol(integer)
[DISABLE]
integer+01:
db 8B 41 40 C3 CC
unregistersymbol(integer)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+32FD760
"DXMD.exe"+32FD749: 48 89 C3 - mov rbx,rax
"DXMD.exe"+32FD74C: FF 52 68 - call qword ptr [rdx+68]
"DXMD.exe"+32FD74F: 48 01 D8 - add rax,rbx
"DXMD.exe"+32FD752: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"DXMD.exe"+32FD757: 48 83 C4 20 - add rsp,20
"DXMD.exe"+32FD75B: 5F - pop rdi
"DXMD.exe"+32FD75C: C3 - ret
"DXMD.exe"+32FD75D: CC - int 3
"DXMD.exe"+32FD75E: CC - int 3
"DXMD.exe"+32FD75F: CC - int 3
// ---------- INJECTING HERE ----------
"DXMD.exe"+32FD760: 8B 41 40 - mov eax,[rcx+40]
"DXMD.exe"+32FD763: C3 - ret
"DXMD.exe"+32FD764: CC - int 3
// ---------- DONE INJECTING ----------
"DXMD.exe"+32FD765: CC - int 3
"DXMD.exe"+32FD766: CC - int 3
"DXMD.exe"+32FD767: CC - int 3
"DXMD.exe"+32FD768: CC - int 3
"DXMD.exe"+32FD769: CC - int 3
"DXMD.exe"+32FD76A: CC - int 3
"DXMD.exe"+32FD76B: CC - int 3
"DXMD.exe"+32FD76C: CC - int 3
"DXMD.exe"+32FD76D: CC - int 3
"DXMD.exe"+32FD76E: CC - int 3
}
1636
"Unlimited Energy"
Auto Assembler Script
[ENABLE]
aobscanmodule(energy,DXMD.exe,F3 0F 5C F7 41 0F 2F F0 F3)
energy:
db 90 90 90 90
registersymbol(energy)
[DISABLE]
energy:
db F3 0F 5C F7
unregistersymbol(energy)
{
// ORIGINAL CODE - INJECTION POINT: "DXMD.exe"+39036D7
"DXMD.exe"+39036B6: 24 51 - and al,51
"DXMD.exe"+39036B8: 18 7D 18 - sbb [rbp+18],bh
"DXMD.exe"+39036BB: 8A 0F - mov cl,[rdi]
"DXMD.exe"+39036BD: 28 C6 - sub dh,al
"DXMD.exe"+39036BF: F3 0F 5C C7 - subss xmm0,xmm7
"DXMD.exe"+39036C3: 0F 2F C1 - comiss xmm0,xmm1
"DXMD.exe"+39036C6: 77 0F - ja DXMD.exe+39036D7
"DXMD.exe"+39036C8: 0F 28 FE - movaps xmm7,xmm6
"DXMD.exe"+39036CB: F3 0F 5C F9 - subss xmm7,xmm1
"DXMD.exe"+39036CF: F3 0F 5C 3D 01 72 4B FE - subss xmm7,[DXMD.exe+1DBA8D8]
// ---------- INJECTING HERE ----------
"DXMD.exe"+39036D7: F3 0F 5C F7 - subss xmm6,xmm7
"DXMD.exe"+39036DB: 41 0F 2F F0 - comiss xmm6,xmm8
// ---------- DONE INJECTING ----------
"DXMD.exe"+39036DF: F3 0F 11 73 44 - movss [rbx+44],xmm6
"DXMD.exe"+39036E4: 73 04 - jae DXMD.exe+39036EA
"DXMD.exe"+39036E6: 41 0F 28 F0 - movaps xmm6,xmm8
"DXMD.exe"+39036EA: 48 89 D9 - mov rcx,rbx
"DXMD.exe"+39036ED: F3 0F 11 73 44 - movss [rbx+44],xmm6
"DXMD.exe"+39036F2: E8 D9 65 00 00 - call DXMD.exe+3909CD0
"DXMD.exe"+39036F7: 48 8D 4B 20 - lea rcx,[rbx+20]
"DXMD.exe"+39036FB: F3 0F 5C C6 - subss xmm0,xmm6
"DXMD.exe"+39036FF: F3 0F 11 84 24 A0 00 00 00 - movss [rsp+000000A0],xmm0
"DXMD.exe"+3903708: F3 0F 10 8C 24 A0 00 00 00 - movss xmm1,[rsp+000000A0]
}
integer
1432FD75F
cheat
14456365D
cheat_ptr
13FFE0022
augmentation
14404BF29
player
1439101A6
player_status
143914093
health
13FFE0067
energy
13FFE0068
reload
143E79AE5
augs
143E7952E
augs2
143E79590
StealthCheckUI
143BAA1BD
StealthCheck
143B92B1E
StealthDecrease
143BAB2B9
hackchance
1440EBBC5
upgrade
143FDA8FA
upgrade_ptr
13FFD0021
credits
1446FDFF0
credits_ptr
13FFC0022
items
143E796F5
energy2
143910150