26
"Unlimited Money"
Auto Assembler Script
{ Game : forzamotorsport7.exe
Version:
Date : 2017-10-02
Author : STN
This script does blah blah blah
}
[ENABLE]
aobscanmodule(money,ForzaMotorsport7.exe,48 89 44 24 50 48 8B DA 48 8B F9 83) // should be unique
alloc(newmem,$1000,money)
label(code)
label(return)
newmem:
cmp [rdx+48], 'UpTime'
jne code
cmp [rdx+8], #1000
jna code
mov rbx, [rdx+8]
cmp rbx, 0
je code
mov [rbx], 77ACA3EB //04C494A90
code:
mov [rsp+50],rax
jmp return
money:
jmp newmem
return:
registersymbol(money)
[DISABLE]
money:
db 48 89 44 24 50
unregistersymbol(money)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ForzaMotorsport7.exe"+EBA602
"ForzaMotorsport7.exe"+EBA5DE: CC - int 3
"ForzaMotorsport7.exe"+EBA5DF: CC - int 3
"ForzaMotorsport7.exe"+EBA5E0: 48 8B C4 - mov rax,rsp
"ForzaMotorsport7.exe"+EBA5E3: 57 - push rdi
"ForzaMotorsport7.exe"+EBA5E4: 48 83 EC 60 - sub rsp,60
"ForzaMotorsport7.exe"+EBA5E8: 48 C7 40 C0 FE FF FF FF - mov [rax-40],FFFFFFFE
"ForzaMotorsport7.exe"+EBA5F0: 48 89 58 18 - mov [rax+18],rbx
"ForzaMotorsport7.exe"+EBA5F4: 48 89 70 20 - mov [rax+20],rsi
"ForzaMotorsport7.exe"+EBA5F8: 48 8B 05 11 D8 8A 06 - mov rax,[ForzaMotorsport7.exe+7767E10]
"ForzaMotorsport7.exe"+EBA5FF: 48 33 C4 - xor rax,rsp
// ---------- INJECTING HERE ----------
"ForzaMotorsport7.exe"+EBA602: 48 89 44 24 50 - mov [rsp+50],rax
// ---------- DONE INJECTING ----------
"ForzaMotorsport7.exe"+EBA607: 48 8B DA - mov rbx,rdx
"ForzaMotorsport7.exe"+EBA60A: 48 8B F9 - mov rdi,rcx
"ForzaMotorsport7.exe"+EBA60D: 83 79 10 12 - cmp dword ptr [rcx+10],12
"ForzaMotorsport7.exe"+EBA611: 75 06 - jne ForzaMotorsport7.exe+EBA619
"ForzaMotorsport7.exe"+EBA613: 83 7A 10 03 - cmp dword ptr [rdx+10],03
"ForzaMotorsport7.exe"+EBA617: 74 08 - je ForzaMotorsport7.exe+EBA621
"ForzaMotorsport7.exe"+EBA619: 8B 52 10 - mov edx,[rdx+10]
"ForzaMotorsport7.exe"+EBA61C: E8 2F F7 00 00 - call ForzaMotorsport7.exe+EC9D50
"ForzaMotorsport7.exe"+EBA621: 48 63 47 10 - movsxd rax,dword ptr [rdi+10]
"ForzaMotorsport7.exe"+EBA625: 83 F8 12 - cmp eax,12
}
Toggle Activation
112
0
0G)+UwlO9lV!w#Pb.[WQmPY_CU5h]J[q,DOc^Z]AJwW]-klf3)7vXr-FM((0@c+c2jBm_@Y]M?Kruhh]?pJ%P9TjGg=;VM6ywfr6jO{9^6:I}:awu2@e2LX_bPdsev0gQbs_Ot}Ff3C:8)6^ganMN!CEjO.0,ZRide}S_
CIA2cQ*y;zWn;@=c[33%PA({!W?TY:Y-MwEa%FaJY._.LZ+DGQZ+7bK0RTlqQ#C;W0005Nd,bJ2aZE/{)[g11up9}h-h:-.dX$Uuo2VIuNbG}FhM]dZ#F:19Q6J:.CY;JLUaF*Mrd8hw-g)veO^]y50Hd.{,W0_9?LWuhaP;2ppkn4$7Y!dKb/Aeyh:tak?g:=Mm-^:roKW*lYux:Bhn+^XD$QxcDlO-dP#I-fZqfjR00000]a2MWq]^#OcC8[@8@,;xC6y6sxu8!wf!iwb0L?tW$X=KGvY^9wq*=V9qQGF7nXROuac2jA,(]93D2MoSwgKx[eGGEl3E)EVab)@s3AQ;:O2*kNW8tNa^qZY@-2SQt!ezy}CNwBZU}+!+xt.pI1#uB!K63o%OXpGRw+dA