9
"created by REX"
1
1
"god"
Auto Assembler Script
{ Game : PostalREDUX-Win64-Shipping.exe
Version:
Date : 2017-07-29
Author : prani
This script does blah blah blah
}
[ENABLE]
aobscanmodule(health,PostalREDUX-Win64-Shipping.exe,F3 0F 10 82 7C 08 00 00) // should be unique
alloc(newmem,$1000,"PostalREDUX-Win64-Shipping.exe"+230086)
label(code)
label(return)
newmem:
mov dword ptr[rdx+0000087C],(float)500
code:
movss xmm0,[rdx+0000087C]
jmp return
health:
jmp newmem
nop
nop
nop
return:
registersymbol(health)
[DISABLE]
health:
db F3 0F 10 82 7C 08 00 00
unregistersymbol(health)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PostalREDUX-Win64-Shipping.exe"+230086
"PostalREDUX-Win64-Shipping.exe"+230078: 5E - pop rsi
"PostalREDUX-Win64-Shipping.exe"+230079: C3 - ret
"PostalREDUX-Win64-Shipping.exe"+23007A: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+23007B: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+23007C: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+23007D: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+23007E: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+23007F: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+230080: 41 56 - push r14
"PostalREDUX-Win64-Shipping.exe"+230082: 48 83 EC 50 - sub rsp,50
// ---------- INJECTING HERE ----------
"PostalREDUX-Win64-Shipping.exe"+230086: F3 0F 10 82 7C 08 00 00 - movss xmm0,[rdx+0000087C]
// ---------- DONE INJECTING ----------
"PostalREDUX-Win64-Shipping.exe"+23008E: 4C 8B F1 - mov r14,rcx
"PostalREDUX-Win64-Shipping.exe"+230091: 0F 29 74 24 40 - movaps [rsp+40],xmm6
"PostalREDUX-Win64-Shipping.exe"+230096: 0F 57 F6 - xorps xmm6,xmm6
"PostalREDUX-Win64-Shipping.exe"+230099: 0F 2F C6 - comiss xmm0,xmm6
"PostalREDUX-Win64-Shipping.exe"+23009C: 77 0E - ja PostalREDUX-Win64-Shipping.exe+2300AC
"PostalREDUX-Win64-Shipping.exe"+23009E: 32 C0 - xor al,al
"PostalREDUX-Win64-Shipping.exe"+2300A0: 0F 28 74 24 40 - movaps xmm6,[rsp+40]
"PostalREDUX-Win64-Shipping.exe"+2300A5: 48 83 C4 50 - add rsp,50
"PostalREDUX-Win64-Shipping.exe"+2300A9: 41 5E - pop r14
"PostalREDUX-Win64-Shipping.exe"+2300AB: C3 - ret
}
3
"ammo"
Auto Assembler Script
{ Game : PostalREDUX-Win64-Shipping.exe
Version:
Date : 2017-07-29
Author : prani
This script does blah blah blah
}
[ENABLE]
aobscanmodule(ammoo,PostalREDUX-Win64-Shipping.exe,CC 8B 81 90 03 00 00 C3) // should be unique
alloc(newmem,$1000,"PostalREDUX-Win64-Shipping.exe"+2761D0)
label(code)
label(return)
newmem:
mov dword ptr[rcx+00000390],#50
code:
mov eax,[rcx+00000390]
jmp return
ammoo+01:
jmp newmem
nop
return:
registersymbol(ammoo)
[DISABLE]
ammoo+01:
db 8B 81 90 03 00 00
unregistersymbol(ammoo)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PostalREDUX-Win64-Shipping.exe"+2761D0
"PostalREDUX-Win64-Shipping.exe"+2761B6: 8B 05 94 DD BB 02 - mov eax,[PostalREDUX-Win64-Shipping.exe+2E33F50]
"PostalREDUX-Win64-Shipping.exe"+2761BC: 89 42 08 - mov [rdx+08],eax
"PostalREDUX-Win64-Shipping.exe"+2761BF: 48 8B C3 - mov rax,rbx
"PostalREDUX-Win64-Shipping.exe"+2761C2: 48 8B 5C 24 70 - mov rbx,[rsp+70]
"PostalREDUX-Win64-Shipping.exe"+2761C7: 48 83 C4 60 - add rsp,60
"PostalREDUX-Win64-Shipping.exe"+2761CB: 5F - pop rdi
"PostalREDUX-Win64-Shipping.exe"+2761CC: C3 - ret
"PostalREDUX-Win64-Shipping.exe"+2761CD: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761CE: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761CF: CC - int 3
// ---------- INJECTING HERE ----------
"PostalREDUX-Win64-Shipping.exe"+2761D0: 8B 81 90 03 00 00 - mov eax,[rcx+00000390]
// ---------- DONE INJECTING ----------
"PostalREDUX-Win64-Shipping.exe"+2761D6: C3 - ret
"PostalREDUX-Win64-Shipping.exe"+2761D7: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761D8: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761D9: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DA: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DB: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DC: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DD: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DE: CC - int 3
"PostalREDUX-Win64-Shipping.exe"+2761DF: CC - int 3
}
5
"god2"
Auto Assembler Script
{ Game : PostalREDUX-Win64-Shipping.exe
Version:
Date : 2017-07-29
Author : prani
This script does blah blah blah
}
[ENABLE]
aobscanmodule(god2,PostalREDUX-Win64-Shipping.exe,F3 0F 10 B3 7C 08 00 00 E8 25) // should be unique
alloc(newmem,$1000,"PostalREDUX-Win64-Shipping.exe"+2367DE)
label(code)
label(return)
newmem:
mov dword ptr[rbx+0000087C],(float)500
code:
movss xmm6,[rbx+0000087C]
jmp return
god2:
jmp newmem
nop
nop
nop
return:
registersymbol(god2)
[DISABLE]
god2:
db F3 0F 10 B3 7C 08 00 00
unregistersymbol(god2)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PostalREDUX-Win64-Shipping.exe"+2367DE
"PostalREDUX-Win64-Shipping.exe"+2367A8: C6 45 72 FF - mov byte ptr [rbp+72],-01
"PostalREDUX-Win64-Shipping.exe"+2367AC: 66 C7 45 78 3F AE - mov word ptr [rbp+78],AE3F
"PostalREDUX-Win64-Shipping.exe"+2367B2: C6 45 77 00 - mov byte ptr [rbp+77],00
"PostalREDUX-Win64-Shipping.exe"+2367B6: C6 45 7A FF - mov byte ptr [rbp+7A],-01
"PostalREDUX-Win64-Shipping.exe"+2367BA: 48 85 DB - test rbx,rbx
"PostalREDUX-Win64-Shipping.exe"+2367BD: 0F 84 C5 01 00 00 - je PostalREDUX-Win64-Shipping.exe+236988
"PostalREDUX-Win64-Shipping.exe"+2367C3: 48 89 B4 24 98 00 00 00 - mov [rsp+00000098],rsi
"PostalREDUX-Win64-Shipping.exe"+2367CB: 48 8B CB - mov rcx,rbx
"PostalREDUX-Win64-Shipping.exe"+2367CE: 4C 89 B4 24 90 00 00 00 - mov [rsp+00000090],r14
"PostalREDUX-Win64-Shipping.exe"+2367D6: 0F 29 B4 24 80 00 00 00 - movaps [rsp+00000080],xmm6
// ---------- INJECTING HERE ----------
"PostalREDUX-Win64-Shipping.exe"+2367DE: F3 0F 10 B3 7C 08 00 00 - movss xmm6,[rbx+0000087C]
// ---------- DONE INJECTING ----------
"PostalREDUX-Win64-Shipping.exe"+2367E6: E8 25 06 F9 FF - call PostalREDUX-Win64-Shipping.exe+1C6E10
"PostalREDUX-Win64-Shipping.exe"+2367EB: 66 0F 6E C0 - movd xmm0,eax
"PostalREDUX-Win64-Shipping.exe"+2367EF: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"PostalREDUX-Win64-Shipping.exe"+2367F2: F3 0F 5E F0 - divss xmm6,xmm0
"PostalREDUX-Win64-Shipping.exe"+2367F6: F3 0F 59 35 7A 15 11 02 - mulss xmm6,[PostalREDUX-Win64-Shipping.exe+2347D78]
"PostalREDUX-Win64-Shipping.exe"+2367FE: F3 0F 2C F6 - cvttss2si esi,xmm6
"PostalREDUX-Win64-Shipping.exe"+236802: 0F 28 B4 24 80 00 00 00 - movaps xmm6,[rsp+00000080]
"PostalREDUX-Win64-Shipping.exe"+23680A: 85 F6 - test esi,esi
"PostalREDUX-Win64-Shipping.exe"+23680C: 75 12 - jne PostalREDUX-Win64-Shipping.exe+236820
"PostalREDUX-Win64-Shipping.exe"+23680E: 0F 57 C0 - xorps xmm0,xmm0
}
8
"timer campaign set to 1750 seconds"
Auto Assembler Script
{ Game : PostalREDUX-Win64-Shipping.exe
Version:
Date : 2017-07-29
Author : prani
This script does blah blah blah
}
[ENABLE]
aobscanmodule(timer2,PostalREDUX-Win64-Shipping.exe,F3 0F 10 8F 54 06 00 00) // should be unique
alloc(newmem,$1000,"PostalREDUX-Win64-Shipping.exe"+1E89FF)
label(code)
label(return)
newmem:
mov dword ptr[rdi+00000654],(float)1750
code:
movss xmm1,[rdi+00000654]
jmp return
timer2:
jmp newmem
nop
nop
nop
return:
registersymbol(timer2)
[DISABLE]
timer2:
db F3 0F 10 8F 54 06 00 00
unregistersymbol(timer2)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PostalREDUX-Win64-Shipping.exe"+1E89FF
"PostalREDUX-Win64-Shipping.exe"+1E89D3: E8 48 2D 0B 00 - call PostalREDUX-Win64-Shipping.exe+29B720
"PostalREDUX-Win64-Shipping.exe"+1E89D8: 48 8B 53 10 - mov rdx,[rbx+10]
"PostalREDUX-Win64-Shipping.exe"+1E89DC: 4C 8D 80 88 00 00 00 - lea r8,[rax+00000088]
"PostalREDUX-Win64-Shipping.exe"+1E89E3: 49 63 40 08 - movsxd rax,dword ptr [r8+08]
"PostalREDUX-Win64-Shipping.exe"+1E89E7: 3B 82 90 00 00 00 - cmp eax,[rdx+00000090]
"PostalREDUX-Win64-Shipping.exe"+1E89ED: 7F 20 - jg PostalREDUX-Win64-Shipping.exe+1E8A0F
"PostalREDUX-Win64-Shipping.exe"+1E89EF: 48 8B C8 - mov rcx,rax
"PostalREDUX-Win64-Shipping.exe"+1E89F2: 48 8B 82 88 00 00 00 - mov rax,[rdx+00000088]
"PostalREDUX-Win64-Shipping.exe"+1E89F9: 4C 39 04 C8 - cmp [rax+rcx*8],r8
"PostalREDUX-Win64-Shipping.exe"+1E89FD: 75 10 - jne PostalREDUX-Win64-Shipping.exe+1E8A0F
// ---------- INJECTING HERE ----------
"PostalREDUX-Win64-Shipping.exe"+1E89FF: F3 0F 10 8F 54 06 00 00 - movss xmm1,[rdi+00000654]
// ---------- DONE INJECTING ----------
"PostalREDUX-Win64-Shipping.exe"+1E8A07: 48 8B CB - mov rcx,rbx
"PostalREDUX-Win64-Shipping.exe"+1E8A0A: E8 11 C4 0B 00 - call PostalREDUX-Win64-Shipping.exe+2A4E20
"PostalREDUX-Win64-Shipping.exe"+1E8A0F: 8B 44 24 28 - mov eax,[rsp+28]
"PostalREDUX-Win64-Shipping.exe"+1E8A13: FF C0 - inc eax
"PostalREDUX-Win64-Shipping.exe"+1E8A15: 89 44 24 28 - mov [rsp+28],eax
"PostalREDUX-Win64-Shipping.exe"+1E8A19: EB 8D - jmp PostalREDUX-Win64-Shipping.exe+1E89A8
"PostalREDUX-Win64-Shipping.exe"+1E8A1B: 48 8B 5C 24 40 - mov rbx,[rsp+40]
"PostalREDUX-Win64-Shipping.exe"+1E8A20: 48 83 C4 30 - add rsp,30
"PostalREDUX-Win64-Shipping.exe"+1E8A24: 5F - pop rdi
"PostalREDUX-Win64-Shipping.exe"+1E8A25: C3 - ret
}
health
7FF71B860086
ammoo
7FF71B8A61CF
god2
7FF71B8667DE
timer2
7FF71B8189FF