1741
"enable .1"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
//vng21092's aobscan lua script
{$lua}
function lua_aobscan(name,module,bytes,index)
index = index - 1
if(module == "") then
local resultSet = AOBScan(bytes)
if(resultSet == nil) then
unregisterSymbol(name)
print(name.." not found")
else
unregisterSymbol(name)
registerSymbol(name,resultSet[index])
resultSet.destroy()
end
else
if(getModuleSize(module) == nil) then
print("Module "..module.." not found")
else
local memScanner = createMemScan()
local memFoundList = createFoundList(memScanner)
memScanner.firstScan(
soExactValue,vtByteArray,rtRounded,bytes,nil,
getAddress(module),(getAddress(module)+getModuleSize(module)),"",
fsmNotAligned,"",true,false,false,false)
memScanner.waitTillDone()
memFoundList.initialize()
if(memFoundList.Count == 0) then
unregisterSymbol(name)
print(name.." in module "..module.." not found")
else
unregisterSymbol(name)
registerSymbol(name,memFoundList.Address[index])
end
memScanner.destroy()
memFoundList.destroy()
end
end
end
{$asm}
//////////////////////////
//aobscanmodule(setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB,ACOrigins.exe,E8 ** ** ** ** 3B C3 0F 42 D8)
//registersymbol(setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB)
//aobscanmodule(setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB,ACOrigins.exe,E8 ** ** ** ** 48 ** ** ** 8B D3 ** ** ** ** ** ** 48 ** ** ** ** 3B D0 0F 46 C2)
//registersymbol(setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB)
//////////////////////////
aobscanmodule(playerFetchAOB,ACOrigins.exe,74 0C E8 ** ** ** ** C6 87 ** ** ** ** 00 F6 87)
registersymbol(playerFetchAOB)
label(pPlayer)
registersymbol(pPlayer)
alloc(newmem,2048,playerFetchAOB) //"ACOrigins.exe"+175D259)
label(originalcode_enable)
registersymbol(originalcode_enable)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(playerFetchAOB,2)
reassemble(playerFetchAOB+2)
readmem(playerFetchAOB+7,7)
readmem(playerFetchAOB+e,7)
push rax
mov rax,pPlayer
mov [rax],rdi
pop rax
jmp exit
originalcode_enable:
readmem(playerFetchAOB,21)
//je ACOrigins.AK::WriteBytesMem::Bytes+8004C7
//call ACOrigins.AK::WriteBytesMem::Bytes+7A9360
//mov byte ptr [rdi+0000016A],00
//test byte ptr [rdi+00000168],01
exit:
jmp playerFetchAOB+15 //"ACOrigins.exe"+175D26E
///
pPlayer:
///
playerFetchAOB: //"ACOrigins.exe"+175D259:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
playerFetchAOB: //"ACOrigins.exe"+175D259:
readmem(originalcode_enable,21)
//db 74 0C E8 A0 8E FA FF C6 87 6A 01 00 00 00 F6 87 68 01 00 00 01
//Alt: je ACOrigins.AK::WriteBytesMem::Bytes+8004C7
//Alt: call ACOrigins.AK::WriteBytesMem::Bytes+7A9360
//Alt: mov byte ptr [rdi+0000016A],00
//Alt: test byte ptr [rdi+00000168],01
unregistersymbol(originalcode_enable)
unregistersymbol(pPlayer)
3296
"undead .5"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(minhealthblockdefault,(float)1.5)
aobscanmodule(healthWritesAOB,ACOrigins.exe,0F 4E F9 39 F8 0F 4E F8 89 BB ** ** ** ** 48)
registersymbol(healthWritesAOB)
label(dMinHealthBlock)
registersymbol(dMinHealthBlock)
alloc(newmem,2048,healthWritesAOB) //"ACOrigins.exe"+8357D39)
label(originalcode_undead)
registersymbol(originalcode_undead)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(healthWritesAOB,8)
push rax
mov rax,pPlayer
cmp [rax],rbx
pop rax
jne end
@@:
//
sub rsp,10
movdqu dqword [rsp],xmm0
//sub rsp,10
//movdqu dqword [rsp],xmm1
push rax
//
/* the following is to calulate calulate the actual max health manulally, which I didn't know RAX stores it already
mov rax,playerFetchAOB
mov eax,[rax+17]
movsxd rax,eax
lea rax,[rbx+rax]
movss xmm0,[rax+c] //e0]
xorps xmm1,xmm1
comiss xmm0,xmm1
movd xmm1,[rax+4] //d8]
cvtdq2ps xmm1,xmm1
je @f
mulss xmm1,xmm0
@@:
mov rax,dMinHealthBlock
divss xmm1,[rax+4]
mulss xmm1,[rax]
cvttss2si eax,xmm1
*/
movd xmm0,eax
cvtdq2ps xmm0,xmm0
mov rax,dMinHealthBlock
divss xmm0,[rax+4]
mulss xmm0,[rax]
cvttss2si eax,xmm0
cmp edi,eax
jge @f
mov edi,eax
@@:
//
pop rax
//movdqu xmm1,dqword [rsp]
//add rsp,10
movdqu xmm0,dqword [rsp]
add rsp,10
//
end:
readmem(healthWritesAOB+8,6)
jmp exit
originalcode_undead:
readmem(healthWritesAOB,14)
//cmovle edi,ecx
//cmp eax,edi
//cmovle edi,eax
//mov [rbx+000000D4],edi
exit:
jmp healthWritesAOB+e //"ACOrigins.exe"+8357D47
///
dMinHealthBlock:
dd minhealthblockdefault
dd (float)3
///
healthWritesAOB: //"ACOrigins.exe"+8357D39:
jmp newmem
///*************************************************///
aobscanmodule(someHealthRead1AOB,ACOrigins.exe,8B 81 CC FE FF FF 89 02 33 C0 C3)
registersymbol(someHealthRead1AOB)
aobscanmodule(playerHealthRead1OnHitCallAOB,ACOrigins.exe,E8 ** ** ** ** 8B ** ** 48 8B D7 48 8B CB 89 ** ** C6)
registersymbol(playerHealthRead1OnHitCallAOB)
label(bPlayerHealthRead1OnHit)
registersymbol(bPlayerHealthRead1OnHit)
alloc(newmem1,2048,someHealthRead1AOB) //"ACOrigins.exe"+173CF20)
label(originalcode1_healthread1)
registersymbol(originalcode1_healthread1)
newmem1: //this is allocated memory, you have read,write,execute access
//place your code here
/*
mov rax,"ACOrigins.exe"+1793577 //const read 1
cmp [rsp],rax
je end1
mov rax,"ACOrigins.exe"+1C377BA //const read 2
cmp [rsp],rax
je end1
*/
mov rax,playerHealthRead1OnHitCallAOB //"ACOrigins.exe"+175F2E3 //read on hit 1
cmp [rsp],rax
je readonhit1_1
/*
mov rax,"ACOrigins.exe"+17313BC //read on hit 2
cmp [rsp],rax
je readonhit1_2
*/
jmp end1
readonhit1_1:
mov rax,bPlayerHealthRead1OnHit
mov byte ptr [rax],1
//or rsi -> r12
//readmem(someHealthRead1AOB,6)
jmp end1
readonhit1_2:
readmem(someHealthRead1AOB,6)
jmp end1
end1:
originalcode1_healthread1:
readmem(someHealthRead1AOB,14)
//mov eax,[rcx-00000134]
//mov [rdx],eax
//xor eax,eax
//ret
//db CC CC CC
///
bPlayerHealthRead1OnHit:
///
someHealthRead1AOB: //"ACOrigins.exe"+173CF20:
jmp newmem1
///*************************************************///
aobscanmodule(healthChkZeroOnHealthCalOnHitAOB,ACOrigins.exe,41 8B C7 2B ** ** ** ** ** ** ** 85 C0 7F)
registersymbol(healthChkZeroOnHealthCalOnHitAOB)
alloc(newmem2,2048,healthChkZeroOnHealthCalOnHitAOB) //"ACOrigins.exe"+1724E2B)
label(originalcode2_ignoreforcekill)
registersymbol(originalcode2_ignoreforcekill)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(healthChkZeroOnHealthCalOnHitAOB,9)
push rcx
push rbx
mov rcx,bPlayerHealthRead1OnHit
cmp byte ptr [rcx],1
jne end2
mov byte ptr [rcx],0
//
sub rsp,10
movdqu dqword [rsp],xmm0
sub rsp,10
movdqu dqword [rsp],xmm1
//
mov rbx,pPlayer
mov rbx,[rbx]
mov rcx,playerFetchAOB
mov ecx,[rcx+17]
movsxd rcx,ecx
lea rbx,[rbx+rcx]
movss xmm0,[rbx+c] //e0]
xorps xmm1,xmm1
comiss xmm0,xmm1
movd xmm1,[rbx+4] //d8]
cvtdq2ps xmm1,xmm1
je @f
mulss xmm1,xmm0
@@:
mov rcx,dMinHealthBlock
divss xmm1,[rcx+4]
mulss xmm1,[rcx]
cvttss2si ecx,xmm1
//
movdqu xmm1,dqword [rsp]
add rsp,10
movdqu xmm0,dqword [rsp]
add rsp,10
//
cmp eax,ecx
jge end2
mov eax,ecx
add eax,[rdi+94]
mov [rbx],eax
/*
test eax,eax
jg end2
xor eax,eax
db 89
readmem(healthChkZeroOnHealthCalOnHitAOB+4,5)
//mov [rdi+94],eax
mov eax,1
*/
end2:
pop rbx
pop rcx
readmem(healthChkZeroOnHealthCalOnHitAOB+9,4)
reassemble(healthChkZeroOnHealthCalOnHitAOB+d)
jmp exit2
originalcode2_ignoreforcekill:
readmem(healthChkZeroOnHealthCalOnHitAOB,15)
//mov eax,r15d
//sub eax,[rdi+00000094]
//mov [rbx],eax
//test eax,eax
//jg ACOrigins.AK::WriteBytesMem::Bytes+7C80AE
exit2:
jmp healthChkZeroOnHealthCalOnHitAOB+f //"ACOrigins.exe"+1729194
healthChkZeroOnHealthCalOnHitAOB: //"ACOrigins.exe"+1724E2B:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
healthWritesAOB: //"ACOrigins.exe"+8357D39:
readmem(originalcode_undead,14)
//db 0F 4E F9 39 F8 0F 4E F8 89 BB D4 00 00 00
//Alt: cmovle edi,ecx
//Alt: cmp eax,edi
//Alt: cmovle edi,eax
//Alt: mov [rbx+000000D4],edi
unregistersymbol(originalcode_undead)
unregistersymbol(dMinHealthBlock)
///*************************************************///
dealloc(newmem1)
someHealthRead1AOB: //"ACOrigins.exe"+173CF20:
readmem(originalcode1_healthread1,14)
//db 8B 81 CC FE FF FF 89 02 33 C0 C3 CC CC CC
//Alt: mov eax,[rcx-00000134]
//Alt: mov [rdx],eax
//Alt: xor eax,eax
//Alt: ret
//Alt: int 3
//Alt: int 3
//Alt: int 3
unregistersymbol(originalcode1_healthread1)
unregistersymbol(bPlayerHealthRead1OnHit)
///*************************************************///
dealloc(newmem2)
healthChkZeroOnHealthCalOnHitAOB: //"ACOrigins.exe"+1724E2B:
readmem(originalcode2_ignoreforcekill,15)
//db 41 8B C7 2B 87 94 00 00 00 89 03 85 C0 7F 14
//Alt: mov eax,r15d
//Alt: sub eax,[rdi+00000094]
//Alt: mov [rbx],eax
//Alt: test eax,eax
//Alt: jg ACOrigins.AK::WriteBytesMem::Bytes+7C80AE
unregistersymbol(originalcode2_ignoreforcekill)
3297
"min health block"
008000
Float
dMinHealthBlock
1747
"ignore adrenaline .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(adrenalineReadOnOverpowerAttackUseAttemptAOB,ACOrigins.exe,E8 ** ** ** ** 48 83 ** ** ** 8B E8 75 ** 48 8B 17)
registersymbol(adrenalineReadOnOverpowerAttackUseAttemptAOB)
alloc(newmem,2048,adrenalineReadOnOverpowerAttackUseAttemptAOB) //"ACOrigins.exe"+1599233)
label(originalcode_ignoreadrenaline)
registersymbol(originalcode_ignoreadrenaline)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
reassemble(adrenalineReadOnOverpowerAttackUseAttemptAOB)
mov eax,64
mov [rcx-40],eax
readmem(adrenalineReadOnOverpowerAttackUseAttemptAOB+5,7)
reassemble(adrenalineReadOnOverpowerAttackUseAttemptAOB+c)
jmp exit
originalcode_ignoreadrenaline:
readmem(adrenalineReadOnOverpowerAttackUseAttemptAOB,14)
//call ACOrigins.AK::WriteBytesMem::Clear+129140
//cmp qword ptr [rdi+08],00
//mov ebp,eax
//jne ACOrigins.AK::WriteBytesMem::Bytes+63C4B1
exit:
jmp adrenalineReadOnOverpowerAttackUseAttemptAOB+e //"ACOrigins.exe"+1599241
///
adrenalineReadOnOverpowerAttackUseAttemptAOB: //"ACOrigins.exe"+1599233:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
adrenalineReadOnOverpowerAttackUseAttemptAOB: //"ACOrigins.exe"+1599233:
readmem(originalcode_ignoreadrenaline,14)
//db E8 28 C1 69 00 48 83 7F 08 00 8B E8 75 10
//Alt: call ACOrigins.AK::WriteBytesMem::Clear+129140
//Alt: cmp qword ptr [rdi+08],00
//Alt: mov ebp,eax
//Alt: jne ACOrigins.AK::WriteBytesMem::Bytes+63C4B1
unregistersymbol(originalcode_ignoreadrenaline)
2392
"instant charged heavy attack"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(heavyAttackChargeTimeAssignAOB,ACOrigins.exe,48 8B ** ** ** ** ** ** 41 C1 ** ** 41 F6 D0 F3 0F 11)
registersymbol(heavyAttackChargeTimeAssignAOB)
alloc(newmem,2048,heavyAttackChargeTimeAssignAOB) //"ACOrigins.exe"+1B382B4)
label(originalcode_instantchargedheavyattack)
registersymbol(originalcode_instantchargedheavyattack)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
//xorps xmm0,xmm0
mov ebx,(float)0.01
movd xmm0,ebx
originalcode_instantchargedheavyattack:
readmem(heavyAttackChargeTimeAssignAOB,15)
//mov rbx,[rsp+000000B0]
//shr r8d,10
//not r8l
exit:
jmp heavyAttackChargeTimeAssignAOB+f //"ACOrigins.exe"+1B382C3
///
heavyAttackChargeTimeAssignAOB: //"ACOrigins.exe"+1B382B4:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
heavyAttackChargeTimeAssignAOB: //"ACOrigins.exe"+1B382B4:
readmem(originalcode_instantchargedheavyattack,15)
//db 48 8B 9C 24 B0 00 00 00 41 C1 E8 10 41 F6 D0
//Alt: mov rbx,[rsp+000000B0]
//Alt: shr r8d,10
//Alt: not r8l
unregistersymbol(originalcode_instantchargedheavyattack)
2468
"instant bow charge .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(bowChargeSpeedReadOnAimAOB,ACOrigins.exe,48 8B 90 ** ** ** ** F3 0F 10 90 ** ** ** ** 0F B6 92 ** ** ** ** E8)
registersymbol(bowChargeSpeedReadOnAimAOB)
alloc(newmem2,2048,bowChargeSpeedReadOnAimAOB) //"ACOrigins.exe"+271F4E9)
label(originalcode2_instanthunterbowcharge)
registersymbol(originalcode2_instanthunterbowcharge)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
mov edx,(float)0.1
movd xmm2,edx
//readmem(bowChargeSpeedReadOnAimAOB,7)
//jmp exit2
db F3 0F 11
readmem(bowChargeSpeedReadOnAimAOB+a,5)
//movss [rax+62c],xmm2
originalcode2_instanthunterbowcharge:
readmem(bowChargeSpeedReadOnAimAOB,15)
//mov rdx,[rax+000005C8]
//movss xmm2,[rax+0000062C]
exit2:
jmp bowChargeSpeedReadOnAimAOB+f //"ACOrigins.exe"+271F4F8
///
bowChargeSpeedReadOnAimAOB: //"ACOrigins.exe"+271F4E9:
jmp newmem2
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
bowChargeSpeedReadOnAimAOB: //"ACOrigins.exe"+271F4E9:
readmem(originalcode2_instanthunterbowcharge,15)
//db 48 8B 90 C8 05 00 00 F3 0F 10 90 2C 06 00 00
//Alt: mov rdx,[rax+000005C8]
//Alt: movss xmm2,[rax+0000062C]
unregistersymbol(originalcode2_instanthunterbowcharge)
2469
"rate of fire mod"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(dcuslightbowfirerate,(float)0.001) //0.275)
aobscanmodule(lightBowFireRateFetchAOB,ACOrigins.exe,C8 E8 ** ** ** ** ** ** ** E8 ** ** ** ** 48 8D ** ** ** 0F 28 F8 E8 ** ** ** ** 0F 57 C9 0F 2F F9)
registersymbol(lightBowFireRateFetchAOB)
label(dCusLightBowFireRate)
registersymbol(dCusLightBowFireRate)
alloc(newmem,2048,lightBowFireRateFetchAOB+15) //"ACOrigins.exe"+2722154)
label(originalcode_lightbowfireratemod)
registersymbol(originalcode_lightbowfireratemod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
//mov ecx,(float)0.275
//movd xmm0,ecx
mov rcx,dCusLightBowFireRate
movss xmm0,[rcx]
readmem(lightBowFireRateFetchAOB+e,5)
readmem(lightBowFireRateFetchAOB+13,3)
reassemble(lightBowFireRateFetchAOB+16)
readmem(lightBowFireRateFetchAOB+1b,6)
jmp exit
originalcode_lightbowfireratemod:
readmem(lightBowFireRateFetchAOB+13,14)
//movaps xmm7,xmm0
//call ACOrigins.AK::WriteBytesMem::Bytes+9063A0
//xorps xmm1,xmm1
//comiss xmm7,xmm1
exit:
jmp lightBowFireRateFetchAOB+21 //"ACOrigins.exe"+2722162
///
dCusLightBowFireRate:
dd dcuslightbowfirerate
///
lightBowFireRateFetchAOB+13: //"ACOrigins.exe"+2722154:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
lightBowFireRateFetchAOB+13: //"ACOrigins.exe"+2722154:
readmem(originalcode_lightbowfireratemod,14)
//db 0F 28 F8 E8 E4 0F 14 FF 0F 57 C9 0F 2F F9
//Alt: movaps xmm7,xmm0
//Alt: call ACOrigins.AK::WriteBytesMem::Bytes+9063A0
//Alt: xorps xmm1,xmm1
//Alt: comiss xmm7,xmm1
unregistersymbol(originalcode_lightbowfireratemod)
unregistersymbol(dCusLightBowFireRate)
2470
"custom rate of fire"
008000
Float
dCusLightBowFireRate
3301
"light bow arrow "clip" mod"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(maxarrowtofetchformultishootbowdefault,#80) //60)
aobscanmodule(maxArrowQAllowedToFetchForMultiShootBowOnAimAOB,ACOrigins.exe,03 99 ** ** ** ** 48 8B 49 ** 48 8B 49 ** E8)
registersymbol(maxArrowQAllowedToFetchForMultiShootBowOnAimAOB)
label(bMaxArrowToFetchForMultiShootBow)
registersymbol(bMaxArrowToFetchForMultiShootBow)
alloc(newmem,2048,maxArrowQAllowedToFetchForMultiShootBowOnAimAOB) //"ACOrigins.exe"+27221A7)
label(originalcode_arrowtofetchmod)
registersymbol(originalcode_arrowtofetchmod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
cmp ebx,5
je @f
cmp ebx,1
je @f
mov rbx,bMaxArrowToFetchForMultiShootBow
mov ebx,[rbx]
readmem(maxArrowQAllowedToFetchForMultiShootBowOnAimAOB+6,8)
jmp exit
originalcode_arrowtofetchmod:
readmem(maxArrowQAllowedToFetchForMultiShootBowOnAimAOB,14)
//add ebx,[rcx+00000608]
//mov rcx,[rcx+48]
//mov rcx,[rcx+10]
exit:
jmp maxArrowQAllowedToFetchForMultiShootBowOnAimAOB+e //"ACOrigins.exe"+27221B5
///
bMaxArrowToFetchForMultiShootBow:
dd maxarrowtofetchformultishootbowdefault
///
maxArrowQAllowedToFetchForMultiShootBowOnAimAOB: //"ACOrigins.exe"+27221A7:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
maxArrowQAllowedToFetchForMultiShootBowOnAimAOB: //"ACOrigins.exe"+27221A7:
readmem(originalcode_arrowtofetchmod,14)
//db 03 99 08 06 00 00 48 8B 49 48 48 8B 49 10
//Alt: add ebx,[rcx+00000608]
//Alt: mov rcx,[rcx+48]
//Alt: mov rcx,[rcx+10]
unregistersymbol(originalcode_arrowtofetchmod)
unregistersymbol(bMaxArrowToFetchForMultiShootBow)
3302
"# of arrows to fetch per each draw"
008000
4 Bytes
bMaxArrowToFetchForMultiShootBow
1836
"ignore curse health-penalty"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(curseMultiplierChkAOB,ACOrigins.exe,F3 0F 10 ** ** ** ** ** 0F 28 C1 0F 54 C2 0F2F C3 76 0F ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** F3)
registersymbol(curseMultiplierChkAOB)
alloc(newmem,2048,curseMultiplierChkAOB) //"ACOrigins.exe"+1779B98)
label(originalcode_ignorecursepenalty)
registersymbol(originalcode_ignorecursepenalty)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
mov rax,pPlayer
cmp [rax],rcx
jne @f
readmem(curseMultiplierChkAOB,8)
mov eax,(float)1
movd xmm0,eax
comiss xmm1,xmm0
jae @f
xorps xmm1,xmm1
db F3 0F 11
readmem(curseMultiplierChkAOB+3,5)
//movss [rcx+e4],xmm1
@@:
pop rax
originalcode_ignorecursepenalty:
readmem(curseMultiplierChkAOB,14)
//movss xmm1,[rcx+000000E4]
//movaps xmm0,xmm1
//andps xmm0,xmm2
exit:
jmp curseMultiplierChkAOB+e //"ACOrigins.exe"+1779BA6
///
curseMultiplierChkAOB: //"ACOrigins.exe"+1779B98:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
curseMultiplierChkAOB: //"ACOrigins.exe"+1779B98:
readmem(originalcode_ignorecursepenalty,14)
//db F3 0F 10 89 E4 00 00 00 0F 28 C1 0F 54 C2
//Alt: movss xmm1,[rcx+000000E4]
//Alt: movaps xmm0,xmm1
//Alt: andps xmm0,xmm2
unregistersymbol(originalcode_ignorecursepenalty)
1748
"ignore $"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
luaCall(lua_aobscan("setFlagIfEnoughMoneyOnBuyOrUpgradeAOB","ACOrigins.exe","E8 ** ** ** ** 3B C5 0F 93 C0 48 85 DB",2))
setFlagIfEnoughMoneyOnBuyOrUpgradeAOB+7: //"ACOrigins.exe"+198743D:
db 90 B0 01
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
setFlagIfEnoughMoneyOnBuyOrUpgradeAOB+7: //"ACOrigins.exe"+198743D:
db 0F 93 C0
//Alt: setae al
1749
"ignore ability points"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(setFlagIfEnoughAPToLearnOnAMAccessAOB,ACOrigins.exe,3B F5 0F 93 C0 38 83)
registersymbol(setFlagIfEnoughAPToLearnOnAMAccessAOB)
setFlagIfEnoughAPToLearnOnAMAccessAOB+2: //"ACOrigins.exe"+1EEE210:
db 90 B0 01
///*****************************************///
aobscanmodule(cJmpIfNotEnoughAPToLearnOnALearnAOB,ACOrigins.exe,8B 85 ** ** ** ** 03 46 ** 39 85 ** ** ** ** 0F 82)
registersymbol(cJmpIfNotEnoughAPToLearnOnALearnAOB)
alloc(originalcode2_ignoreap,8)
registersymbol(originalcode2_ignoreap)
originalcode2_ignoreap:
readmem(cJmpIfNotEnoughAPToLearnOnALearnAOB+f,6)
///
cJmpIfNotEnoughAPToLearnOnALearnAOB+f: //"ACOrigins.exe"+185B56C:
db 90 90 90 90 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
setFlagIfEnoughAPToLearnOnAMAccessAOB+2: //"ACOrigins.exe"+1EEE210:
db 0F 93 C0
//Alt: setae al
///*****************************************///
cJmpIfNotEnoughAPToLearnOnALearnAOB+f: //"ACOrigins.exe"+185B56C:
readmem(originalcode2_ignoreap,6)
//db 0F 82 1D 01 00 00
//Alt: jb ACOrigins.AK::WriteBytesMem::Bytes+8FE8EF
dealloc(originalcode2_ignoreap)
unregistersymbol(originalcode2_ignoreap)
1750
"ignore resources"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(setFlagIfEnoughResourcesToCraftOnGMAccessAOB,ACOrigins.exe,E8 ** ** ** ** 39 1E 48 ** ** ** ** 48 ** ** ** ** 0F 96 C0 48 ** ** ** 5F C3)
registersymbol(setFlagIfEnoughResourcesToCraftOnGMAccessAOB)
setFlagIfEnoughResourcesToCraftOnGMAccessAOB+11: //"ACOrigins.exe"+1995494:
db 90 B0 01
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
setFlagIfEnoughResourcesToCraftOnGMAccessAOB+11: //"ACOrigins.exe"+1995494:
db 0F 96 C0
//Alt: setbe al
1751
"easy chariot race .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(chariotBoostCalOnUseAOB,ACOrigins.exe,F3 0F 59 F7 F3 0F 58 ** ** F3 41 0F 5F F0)
registersymbol(chariotBoostCalOnUseAOB)
alloc(newmem,2048,chariotBoostCalOnUseAOB) //"ACOrigins.exe"+1B92C9B)
label(originalcode_easychariotrace)
registersymbol(originalcode_easychariotrace)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(chariotBoostCalOnUseAOB,9)
cmp dword ptr [rdi+b4],0
jne @f
cmp dword ptr [rdi+c0],0
jne @f
movss xmm6,[rdi+50]
jmp end
@@:
xorps xmm6,xmm6
end:
readmem(chariotBoostCalOnUseAOB+9,5)
jmp exit
originalcode_easychariotrace:
readmem(chariotBoostCalOnUseAOB,14)
//mulss xmm6,xmm7
//addss xmm6,[rdi+60]
//maxss xmm6,xmm8
exit:
jmp chariotBoostCalOnUseAOB+e //"ACOrigins.exe"+1B92CA9
///
chariotBoostCalOnUseAOB: //"ACOrigins.exe"+1B92C9B:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
chariotBoostCalOnUseAOB: //"ACOrigins.exe"+1B92C9B:
readmem(originalcode_easychariotrace,14)
//db F3 0F 59 F7 F3 0F 58 77 60 F3 41 0F 5F F0
//Alt: mulss xmm6,xmm7
//Alt: addss xmm6,[rdi+60]
//Alt: maxss xmm6,xmm8
unregistersymbol(originalcode_easychariotrace)
1811
"sync equipments level / reset outfit quantities .4"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(playerLevelFetchRetAOB,ACOrigins.exe,48 8B ** ** ** 8B E8 8B 54 ** ** 0F 57 F6)
registersymbol(playerLevelFetchRetAOB)
label(dPlayerLevel)
registersymbol(dPlayerLevel)
alloc(newmem,2048,playerLevelFetchRetAOB) //"ACOrigins.exe"+1C254B7)
label(originalcode_syncweaponlvl)
registersymbol(originalcode_syncweaponlvl)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rbx,dPlayerLevel
mov [rbx],eax
originalcode_syncweaponlvl:
readmem(playerLevelFetchRetAOB,14)
//mov rbx,[rsp+50]
//mov ebp,eax
//mov edx,[rsp+58]
//xorps xmm6,xmm6
exit:
jmp playerLevelFetchRetAOB+e //"ACOrigins.exe"+1C254C5
///
dPlayerLevel:
///
playerLevelFetchRetAOB: //"ACOrigins.exe"+1C254B7:
jmp newmem
///***********************************************///
aobscanmodule(someLvlReadAOB,ACOrigins.exe,74 10 ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** 8B 47 08 89 42 08 48 8B ** ** ** 48 83 C4 30 5F C3)
registersymbol(someLvlReadAOB)
//aobscanmodule(equipmentLevelReadCallAOB,ACOrigins.exe,48 8D ** ** E8 ** ** ** ** 48 8D ** ** E8 ** ** ** ** 48 8B ** ** 48 8B ** ** 48 C1)
//registersymbol(equipmentLevelReadCallAOB)
aobscanmodule(equipmentLevelReadCallAOB,ACOrigins.exe,48 8D ** ** E8 ** ** ** ** 48 8D ** ** E8 ** ** ** ** 48 8B 47 ** 48 ** ** ** 48 C1)
registersymbol(equipmentLevelReadCallAOB)
label(bSyncEquipmentsLvlKey)
registersymbol(bSyncEquipmentsLvlKey)
label(bResetOutfitQuantitiesKey)
registersymbol(bResetOutfitQuantitiesKey)
alloc(newmem2,2048,someLvlReadAOB+12) //"ACOrigins.exe"+FD7BFB)
label(originalcode2_syncweaponlvl)
registersymbol(originalcode2_syncweaponlvl)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
//mov rbx,"ACOrigins.exe"+1C7F617
mov rbx,equipmentLevelReadCallAOB
lea rbx,[rbx+9]
cmp [rsp+108],rbx
jne end2
mov rbx,bSyncEquipmentsLvlKey
cmp byte ptr [rbx],1
je @f
mov rbx,bResetOutfitQuantitiesKey
cmp byte ptr [rbx],1
jne end2
cmp dword ptr [rdi+8],1
jg @f
mov eax,[rdi-8]
mov rax,[rdi]
test rax,rax
jz end2
mov rax,[rax]
test rax,rax
jz end2
mov rax,[rax+60]
test rax,rax
jnz end2
mov eax,[rdi-8]
mov eax,1
mov [rdi-8],eax
jmp end2
@@:
//mov eax,[rdi+08]
cmp dword ptr [rdi+8],1
jg @f
/*
mov eax,[rdi-8]
mov rax,[rdi]
test rax,rax
jz end2
mov rax,[rax]
test rax,rax
jz end2
mov rax,[rax+60]
test rax,rax
jnz end2
mov eax,[rdi-8]*/
jmp end2
@@:
mov rbx,dPlayerLevel
mov eax,[rbx]
cmp [rdi+8],eax
jge end2
mov [rdi+8],eax
end2:
originalcode2_syncweaponlvl:
readmem(someLvlReadAOB+12,15)
//mov eax,[rdi+08]
//mov [rdx+08],eax
//mov rbx,[rsp+40]
//add rsp,30
exit2:
jmp someLvlReadAOB+21 //"ACOrigins.exe"+FD7C0A
///
bResetOutfitQuantitiesKey:
dd 0
bSyncEquipmentsLvlKey:
dd 0
///
someLvlReadAOB+12: //"ACOrigins.exe"+FD7BFB:
jmp newmem2
///***********************************************///
label(bEndThread_syncEquipmentsLvlKey_keylistener_mem)
registersymbol(bEndThread_syncEquipmentsLvlKey_keylistener_mem)
alloc(syncEquipmentsLvlKey_keylistener_mem,1024,"ACOrigins.exe")
registersymbol(syncEquipmentsLvlKey_keylistener_mem)
createthread(syncEquipmentsLvlKey_keylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
syncEquipmentsLvlKey_keylistener_mem:
sub rsp,28
keylistenerstart:
mov rcx,14 //CAPS LOCK key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
je @f
xor ax,ax
jmp setkeya
@@:
mov rcx,11 //CTRL key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
je setkeya
xor ax,ax
setkeya:
mov rcx,bResetOutfitQuantitiesKey
mov [rcx],ax
@@:
mov rcx,14 //CAPS LOCK key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
je @f
xor ax,ax
jmp setkeyb
@@:
mov rcx,10 //SHIFT key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
je setkeyb
xor ax,ax
setkeyb:
mov rcx,bSyncEquipmentsLvlKey
mov [rcx],ax
keylistenerend:
mov rcx,#100
call Sleep
mov rbx,bEndThread_syncEquipmentsLvlKey_keylistener_mem
cmp dword ptr [rbx],1
jne keylistenerstart
keylistenerexit:
add rsp,28
mov rbx,bEndThread_syncEquipmentsLvlKey_keylistener_mem
mov dword ptr [rbx],2
ret
///
bEndThread_syncEquipmentsLvlKey_keylistener_mem:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_syncEquipmentsLvlKey_keylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_syncEquipmentsLvlKey_keylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_syncEquipmentsLvlKey_keylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_syncEquipmentsLvlKey_keylistener_mem:
//dd 1
///***********************************************///
dealloc(newmem)
playerLevelFetchRetAOB: //"ACOrigins.exe"+1C254B7:
readmem(originalcode_syncweaponlvl,14)
//db 48 8B 5C 24 50 8B E8 8B 54 24 58 0F 57 F6
//Alt: mov rbx,[rsp+50]
//Alt: mov ebp,eax
//Alt: mov edx,[rsp+58]
//Alt: xorps xmm6,xmm6
unregistersymbol(originalcode_syncweaponlvl)
unregistersymbol(dPlayerLevel)
///***********************************************///
dealloc(newmem2)
someLvlReadAOB+12: //"ACOrigins.exe"+FD7BFB:
readmem(originalcode2_syncweaponlvl,15)
//db 8B 47 08 89 42 08 48 8B 5C 24 40 48 83 C4 30
//Alt: mov eax,[rdi+08]
//Alt: mov [rdx+08],eax
//Alt: mov rbx,[rsp+40]
//Alt: add rsp,30
unregistersymbol(originalcode2_syncweaponlvl)
unregistersymbol(bSyncEquipmentsLvlKey)
unregistersymbol(bResetOutfitQuantitiesKey)
///***********************************************///
unregistersymbol(bEndThread_syncEquipmentsLvlKey_keylistener_mem)
dealloc(syncEquipmentsLvlKey_keylistener_mem)
unregistersymbol(syncEquipmentsLvlKey_keylistener_mem)
1812
"hold Shift_CapsLock to sync equipments level"
808080
1
3308
"dPlayerLevel"
008000
4 Bytes
dPlayerLevel
3307
"hold Ctrl_CapsLock to reset outfit quantities "
808080
1
1743
"item quantity mod"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(someWrite1AOB,ACOrigins.exe,41 0F 46 C5 44 2B C0 44 89 07 75 ** 8B D6 49 8B CF)
registersymbol(someWrite1AOB)
label(bInfAmmo)
registersymbol(bInfAmmo)
label(bInfAllItems)
registersymbol(bInfAllItems)
aobscanmodule(itemWriteCallAOB,ACOrigins.exe,0F B6 43 ** 88 ** ** ** E8 ** ** ** ** 48 ** ** ** ** 48 ** ** ** ** 48 ** ** ** 5F C3 0F)
registersymbol(itemWriteCallAOB)
aobscanmodule(ammoWriteCallAOB,ACOrigins.exe,84 C0 75 ** 4C 8B C6 48 8B D7 48 8B CB E8 ** ** ** ** 48 8B 83)
registersymbol(ammoWriteCallAOB)
alloc(newmem,2048,someWrite1AOB) //"ACOrigins.exe"+199DD88)
label(originalcode_infitemmod)
registersymbol(originalcode_infitemmod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(someWrite1AOB,4)
mov rcx,itemWriteCallAOB
lea rcx,[rcx+d]
cmp [rsp+78],rcx
jne end
mov rcx,bInfAllItems
cmp byte ptr [rcx],1
je @f
mov rcx,ammoWriteCallAOB
lea rcx,[rcx+12]
cmp [rsp+1c8],rcx
jne end
mov rcx,bInfAmmo
cmp byte ptr [rcx],1
je @f
jmp end
@@:
mov rcx,r8d
sub ecx,eax
cmp ecx,1
jge end
mov r8d,1
add r8d,eax
end:
readmem(someWrite1AOB+4,6)
reassemble(someWrite1AOB+a)
readmem(someWrite1AOB+c,2)
jmp exit
originalcode_infitemmod:
readmem(someWrite1AOB,14)
//cmovbe eax,r13d
//sub r8d,eax
//mov [rdi],r8d
//jne ACOrigins.AK::WriteBytesMem::Bytes+A40FFE
//mov edx,esi
exit:
jmp someWrite1AOB+e //"ACOrigins.exe"+199DD96
///
bInfAllItems:
dd 0
bInfAmmo:
dd 0
///
someWrite1AOB: //"ACOrigins.exe"+199DD88:
jmp newmem
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
someWrite1AOB: //"ACOrigins.exe"+199DD88:
readmem(originalcode_infitemmod,14)
//db 41 0F 46 C5 44 2B C0 44 89 07 75 0A 8B D6
//Alt: cmovbe eax,r13d
//Alt: sub r8d,eax
//Alt: mov [rdi],r8d
//Alt: jne ACOrigins.AK::WriteBytesMem::Bytes+A40FFE
//Alt: mov edx,esi
unregistersymbol(originalcode_infitemmod)
unregistersymbol(bInfAmmo)
unregistersymbol(bInfAllItems)
1744
"inf. ammo .5"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bInfAmmo:
db 1
///***************************************///
aobscanmodule(setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB,ACOrigins.exe,E8 ** ** ** ** 3B C3 0F 42 D8)
registersymbol(setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB)
setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB+7: //"ACOrigins.exe"+27221DB:
db 90 90 90
///***************************************///
aobscanmodule(setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB,ACOrigins.exe,E8 ** ** ** ** 48 ** ** ** 8B D3 ** ** ** ** ** ** 48 ** ** ** ** 3B D0 0F 46 C2)
registersymbol(setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB)
setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB+18: //"ACOrigins.exe"+2728A16:
db 90 8B
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bInfAmmo:
db 0
///***************************************///
setArrowQToShootWithCurrentArrowPouchForWarriorBowOnAimAOB+7: //"ACOrigins.exe"+27221DB:
db 0F 42 D8
//Alt: cmovb ebx,eax
///***************************************///
setArrowQToFetchWithCurrentArrowPouchForMultArrowFetchBowAOB+18: //"ACOrigins.exe"+2728A16:
db 0F 46
//Alt: cmovbe
1745
"inf. all items .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bInfAllItems:
db 1
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bInfAllItems:
db 0
1752
"time of day mod .2"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(timeOfDayRead1AOB,ACOrigins.exe,48 ** ** ** ** 75 ** 48 8B ** ** ** ** ** F3 0F 10 08 48)
registersymbol(timeOfDayRead1AOB)
define(day_length,(float)24)
label(pTimeOfDay)
registersymbol(pTimeOfDay)
label(bAdvanceTimeOfDay)
registersymbol(bAdvanceTimeOfDay)
label(bRewindTimeOfDay)
registersymbol(bRewindTimeOfDay)
label(fTimeOfDayMod)
registersymbol(fTimeOfDayMod)
alloc(newmem,2048,timeOfDayRead1AOB) //"ACOrigins.exe"+11B667C)
label(originalcode_timeofdaymod)
registersymbol(originalcode_timeofdaymod)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(timeOfDayRead1AOB,14)
//
sub rsp,10
movdqu dqword [rsp],xmm1
sub rsp,10
movdqu dqword [rsp],xmm2
push rcx
push rbx
push rax
//
mov rbx,pTimeOfDay
mov [rbx],rax
mov rbx,fTimeOfDayMod
movss xmm1,[rbx+c]
mov rcx,bAdvanceTimeOfDay
mov eax,[rcx]
test al,al
jnz @f
mulss xmm1,[rbx+10]
mov rcx,bRewindTimeOfDay
mov eax,[rcx]
test al,al
jnz @f
xorps xmm1,xmm1
@@:
movss [rbx+4],xmm1
@@:
movss xmm1,[rbx]
comiss xmm1,[rbx+4]
jb inctodm
ja dectodm
jmp settodm
inctodm:
addss xmm1,[rbx+8]
comiss xmm1,[rbx+4]
jbe settodm
movss xmm1,[rbx+4]
jmp settodm
dectodm:
subss xmm1,[rbx+8]
comiss xmm1,[rbx+4]
jae settodm
movss xmm1,[rbx+4]
jmp settodm
settodm:
movss [rbx],xmm1
@@:
mov eax,day_length
mov rcx,[rsp]
movss xmm1,[rcx]
addss xmm1,[rbx]
xorps xmm2,xmm2
comiss xmm1,xmm2
jae @f
movd xmm2,eax
addss xmm1,xmm2
jmp settod
@@:
movd xmm2,eax
comiss xmm1,xmm2
jbe settod
subss xmm1,xmm2
//xorps xmm1,xmm1
settod:
mov rcx,[rsp]
movss [rcx],xmm1
//
@@:
pop rax
pop rbx
pop rcx
movdqu xmm2,dqword [rsp]
add rsp,10
movdqu xmm1,dqword [rsp]
add rsp,10
//
end:
readmem(timeOfDayRead1AOB+e,4)
jmp exit
originalcode_timeofdaymod:
readmem(timeOfDayRead1AOB,18)
//mov rbx,[rsp+40]
//jne ACOrigins.AK::WriteBytesMem::Bytes+2598EA
//mov rax,[rdi+00000240]
//movss xmm1,[rax]
exit:
jmp timeOfDayRead1AOB+12 //"ACOrigins.exe"+11B668A
///
pTimeOfDay:
dq 0
bAdvanceTimeOfDay:
dd 0
bRewindTimeOfDay:
dd 0
fTimeOfDayMod:
dd 0
dd 0
dd (float)0.0027777777777778 //10
dd (float)0.0555555555555556 //200
dd (float)-1
///
timeOfDayRead1AOB: //"ACOrigins.exe"+11B667C:
jmp newmem
///********************************************************///
label(bEndThread_timeOfDay_keylistener_mem)
registersymbol(bEndThread_timeOfDay_keylistener_mem)
label(bAdvanceTimeOfDayTmp)
label(bRewindTimeOfDayTmp)
alloc(timeOfDay_keylistener_mem,1024,"ACOrigins.exe")
registersymbol(timeOfDay_keylistener_mem)
createthread(timeOfDay_keylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
timeOfDay_keylistener_mem:
sub rsp,28
keylistenerstart:
mov rax,bAdvanceTimeOfDayTmp
mov dword ptr [rax],0
mov rax,bRewindTimeOfDayTmp
mov dword ptr [rax],0
mov rcx,14 //CAPS LOCK key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
jne keylistenerend
mov rcx,22 //PAGE DOWN key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
jne @f
mov rax,bAdvanceTimeOfDayTmp
mov dword ptr [rax],1
jmp keylistenerend
@@:
mov rcx,21 //PAGE UP key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
jne @f
mov rax,bRewindTimeOfDayTmp
mov dword ptr [rax],1
jmp keylistenerend
keylistenerend:
mov rbx,bAdvanceTimeOfDayTmp
mov eax,[rbx]
mov rbx,bAdvanceTimeOfDay
mov [rbx],eax
mov rbx,bRewindTimeOfDayTmp
mov eax,[rbx]
mov rbx,bRewindTimeOfDay
mov [rbx],eax
mov rcx,#100
call Sleep
mov rbx,bEndThread_timeOfDay_keylistener_mem
cmp dword ptr [rbx],1
jne keylistenerstart
keylistenerexit:
add rsp,28
mov rbx,bEndThread_timeOfDay_keylistener_mem
mov dword ptr [rbx],2
ret
///
bEndThread_timeOfDay_keylistener_mem:
dd 0
bAdvanceTimeOfDayTmp:
dd 0
bRewindTimeOfDayTmp:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_timeOfDay_keylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_timeOfDay_keylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_timeOfDay_keylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_timeOfDay_keylistener_mem:
//dd 1
///********************************************************///
dealloc(newmem)
timeOfDayRead1AOB: //"ACOrigins.exe"+11B667C:
readmem(originalcode_timeofdaymod,18)
//db 48 8B 5C 24 40 75 07 48 8B 87 40 02 00 00 F3 0F 10 08
//Alt: mov rbx,[rsp+40]
//Alt: jne ACOrigins.AK::WriteBytesMem::Bytes+2598EA
//Alt: mov rax,[rdi+00000240]
//Alt: movss xmm1,[rax]
unregistersymbol(originalcode_timeofdaymod)
unregistersymbol(pTimeOfDay)
unregistersymbol(bAdvanceTimeOfDay)
unregistersymbol(bRewindTimeOfDay)
unregistersymbol(fTimeOfDayMod)
///********************************************************///
unregistersymbol(bEndThread_timeOfDay_keylistener_mem)
dealloc(timeOfDay_keylistener_mem)
unregistersymbol(timeOfDay_keylistener_mem)
1753
"CapsLock_PageUp to rewind"
808080
1
1754
"bAdvanceTimeOfDay"
0:no
1:yes
008000
Byte
bAdvanceTimeOfDay
1755
"bRewindTimeOfDay"
0:no
1:yes
008000
Byte
bRewindTimeOfDay
1756
"CapsLock_PageDown to advance"
808080
1
1757
"fTimeOfDayMod"
008000
Float
fTimeOfDayMod
1758
"fTimeOfDayMod+4"
008000
Float
fTimeOfDayMod+4
1759
"fTimeOfDayMod+8"
008000
Float
fTimeOfDayMod+8
1760
"fTimeOfDayMod+c"
008000
Float
fTimeOfDayMod+c
1761
"current time of day"
0000FF
Float
pTimeOfDay
0
3319
"movement mod .5"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(noclipbasespeed,(float)0.2)
define(shiftkeynoclipspeedmultiplier,(float)3)
define(capslockkeynoclipspeedmultiplier,(float)0.5)
aobscanmodule(playerCamTNVReadAOB,ACOrigins.exe,0F 29 ** ** 48 8B ** ** ** ** ** 41 0F 28 88 ** ** ** ** 0F 29 ** ** C3)
registersymbol(playerCamTNVReadAOB)
label(bSenuTeleportKey)
registersymbol(bSenuTeleportKey)
label(pNV)
registersymbol(pNV)
alloc(newmem6,2048,playerCamTNVReadAOB+4) //"ACOrigins.exe"+1480586)
label(originalcode6_noclip)
registersymbol(originalcode6_noclip)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
mov rax,pNV
mov [rax],r8
originalcode6_noclip:
readmem(playerCamTNVReadAOB+4,15)
//mov rax,[rcx+000000E0]
//movaps xmm1,[r8+000004A0]
exit6:
jmp playerCamTNVReadAOB+13 //"ACOrigins.exe"+1480595
///
bSenuTeleportKey:
db 00 //key
db 00 //1 - flying senu /0 - in map menu
pNV:
dq 0
///
playerCamTNVReadAOB+4: //"ACOrigins.exe"+1480586:
jmp newmem6
///*************************************************///
aobscanmodule(movementForceRead1AOB,ACOrigins.exe,0F 2F ** ** ** ** ** 0F 28 99 ** ** ** ** 0F 29 ** ** ** 76)
registersymbol(movementForceRead1AOB)
label(pMovementInfo)
registersymbol(pMovementInfo)
alloc(newmem11,2048,movementForceRead1AOB+7) //"ACOrigins.exe"+28E3568)
label(originalcode11_noclip)
registersymbol(originalcode11_noclip)
label(exit11)
newmem11: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
mov rax,pMovementInfo
mov [rax],rcx
pop rax
readmem(movementForceRead1AOB+7,12)
reassemble(movementForceRead1AOB+13)
jmp exit11
originalcode11_noclip:
readmem(movementForceRead1AOB+7,14)
//movaps xmm3,[rcx+000000C0]
//movaps xmm3,[rcx+000000C0]
//movaps [rsp+20],xmm3
//jna ACOrigins.AK::WriteBytesMem::Count+608AF8
exit11:
jmp movementForceRead1AOB+15 //"ACOrigins.exe"+28E3576
///
pMovementInfo:
dq 0
///
movementForceRead1AOB+7: //"ACOrigins.exe"+28E3568:
jmp newmem11
///*************************************************///
aobscanmodule(2DNVReadAOB,ACOrigins.exe,48 ** ** ** ** E8 ** ** ** ** 0F 28 47 ** 48 8D ** ** 0F 29)
registersymbol(2DNVReadAOB)
label(p2DNV)
registersymbol(p2DNV)
alloc(newmem17,2048,2DNVReadAOB+a) //"ACOrigins.exe"+12D4570)
label(originalcode17_noclip)
registersymbol(originalcode17_noclip)
label(exit17)
newmem17: //this is allocated memory, you have read,write,execute access
//place your code here
mov rdx,p2DNV
mov [rdx],rdi
originalcode17_noclip:
readmem(2DNVReadAOB+a,15)
//movaps xmm0,[rdi+70]
//lea rdx,[rdi+30]
//movaps [rdi+00000280],xmm0
exit17:
jmp 2DNVReadAOB+19 //"ACOrigins.exe"+12D457F
///
p2DNV:
dq 0
///
2DNVReadAOB+a: //"ACOrigins.exe"+12D4570:
jmp newmem17
///*************************************************///
luaCall(lua_aobscan("playerCoordRead1AOB","ACOrigins.exe","0F 28 D1 0F 55 53 ** 48 8B ** ** ** 0F 29 17",2))
label(pPlayerCoord)
registersymbol(pPlayerCoord)
label(pPlayerBayekCoord)
registersymbol(pPlayerBayekCoord)
label(psWaypointCoord)
registersymbol(psWaypointCoord)
label(bNoClip)
registersymbol(bNoClip)
label(dNoClipSpeedMultiplier)
registersymbol(dNoClipSpeedMultiplier)
label(dZForce)
registersymbol(dZForce)
alloc(newmem,2048,playerCoordRead1AOB+3) //"ACOrigins.exe"+10720E5)
label(originalcode_noclip)
registersymbol(originalcode_noclip)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
mov rax,pPlayerCoord
mov [rax],rbx
mov rax,bNoClip
cmp byte ptr [rax],1
pop rax
je donoclip
push rax
mov rax,pPlayerBayekCoord
mov rax,[rax]
cmp rax,rbx
jne @f
mov rax,psWaypointCoord
cmp dword ptr [rax],0
je @f
//
sub rsp,10
movdqu dqword [rsp],xmm0
//
movss xmm0,[rax]
movss [rbx+30],xmm0
movss xmm0,[rax+4]
movss [rbx+34],xmm0
movss xmm0,[rax+8]
movss [rbx+38],xmm0
xorps xmm0,xmm0
movups [rax],xmm0
//
movdqu xmm0,dqword [rsp]
add rsp,10
//
@@:
pop rax
jmp originalcode_noclip
donoclip:
//store registers, xmms
push rax
push rbx
push r8
push r9
sub rsp,10
movdqu dqword [rsp],xmm1
xorps xmm1,xmm1
sub rsp,10
movdqu dqword [rsp],xmm3
xorps xmm3,xmm3
sub rsp,10
movdqu dqword [rsp],xmm4
xorps xmm4,xmm4
//player coord fetch
mov rbx,pPlayerCoord
mov rbx,[rbx]
movups xmm1,[rbx+30]
//do y
//get y movement
mov r8,pMovementInfo
mov r8,[r8]
test r8,r8
jz @f
//mov rax,originalcode11_noclip
//mov eax,[rax+3]
//mov rax,movementForceRead1AOB
//mov eax,[rax+a]
//movsxd rax,eax
lea r8,[r8+c0] //rax]
movss xmm4,[r8+4]
shufps xmm4,xmm4,c0 //broadcast except 4th
//apply speed
mov eax,noclipbasespeed
movd xmm3,eax
shufps xmm3,xmm3,00 //broadcast
mulps xmm4,xmm3
mov rax,dNoClipSpeedMultiplier
movss xmm3,[rax]
shufps xmm3,xmm3,c0 //broadcast except 4th
mulps xmm4,xmm3
//apply vector
mov r9,pNV
mov r9,[r9]
test r9,r9
jz @f
//xor rbx,rbx
//mov rax,playerCamTNVReadAOB
//mov ebx,[rax+f]
movups xmm3,[r9+4b0] //rbx]
mulps xmm4,xmm3
//update new coord
addps xmm1,xmm4
//do x
//get x movement
movss xmm4,[r8]
shufps xmm4,xmm4,e0 //copy to 2nd
//apply speed
mov eax,noclipbasespeed
movd xmm3,eax
shufps xmm3,xmm3,e0 //copy to 2nd
mulps xmm4,xmm3
mov rax,dNoClipSpeedMultiplier
movss xmm3,[rax]
shufps xmm3,xmm3,00 //broadcast
mulps xmm4,xmm3
//apply vector
mov r9,p2DNV
mov r9,[r9]
test r9,r9
jz @f
//xor rbx,rbx
//mov rax,originalcode17_noclip
//mov bl,[rax+3]
//mov rax,2DNVReadAOB
//mov bl,[rax+d]
movups xmm3,[r9+70] //rbx]
mulps xmm4,xmm3
//update new coord
addps xmm1,xmm4
//do z
//get z direction
/*skipped for now
movss xmm4,[dZForce]
shufps xmm4,xmm4,c6 //place z direction to 3rd element
//apply speed
mov eax,noclipbasespeed
movd xmm3,eax
shufps xmm3,xmm3,00
mulps xmm4,xmm3
movss xmm3,[dNoClipSpeedMultiplier]
shufps xmm3,xmm3,00 //broadcast
mulps xmm4,xmm3
//update new coord
addps xmm1,xmm4
*/
//update new coord to game
mov rbx,pPlayerCoord
mov rbx,[rbx]
movups [rbx+30],xmm1
@@:
//restore registers, xmms
movdqu xmm4,dqword [rsp]
add rsp,10
movdqu xmm3,dqword [rsp]
add rsp,10
movdqu xmm1,dqword [rsp]
add rsp,10
pop r9
pop r8
pop rbx
pop rax
originalcode_noclip:
readmem(playerCoordRead1AOB+3,16)
//andnps xmm2,[rbx+30]
//mov rbx,[rsp+30]
//movaps [rdi],xmm2
//add rsp,20
exit:
jmp playerCoordRead1AOB+13 //"ACOrigins.exe"+10720F5
///
pPlayerCoord:
dq 0
pPlayerBayekCoord:
dq 0
psWaypointCoord:
dq 0
dq 0
bNoClip:
dd 0
dNoClipSpeedMultiplier:
dd (float)0.05
dZForce:
dd 0
///
playerCoordRead1AOB+3: //"ACOrigins.exe"+10720E5:
jmp newmem
///*************************************************///
aobscanmodule(someCoordWritesAOB,ACOrigins.exe,48 8B 02 0F 28 00 0F 29 ** ** 0F 28 ** ** 0F 29 ** ** 0F 28 ** ** 0F 29 ** ** 0F 28 ** ** 0F 29 ** ** C3)
registersymbol(someCoordWritesAOB)
alloc(newmem2,2048,someCoordWritesAOB+12) //"ACOrigins.exe"+6A9EF2)
label(originalcode2_noclip)
registersymbol(originalcode2_noclip)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(someCoordWritesAOB+12,8)
push rbx
mov rbx,pPlayerCoord
mov rbx,[rbx]
lea rbx,[rbx-20]
cmp rcx,rbx
jne @f
mov rbx,bSenuTeleportKey
cmp word ptr [rbx+1],1
//cmp byte ptr [rbx],1
je freezepalyercoord2
mov rbx,bNoClip
cmp byte ptr [rbx],1
je freezepalyercoord2
noraml2:
pop rbx
readmem(someCoordWritesAOB+1a,8)
jmp exit2
freezepalyercoord2:
mov rbx,bSenuTeleportKey
//mov byte ptr [rbx+1],0
pop rbx
movaps xmm1,[rcx+50]
movaps [rcx+50],xmm1
jmp exit2
originalcode2_noclip:
readmem(someCoordWritesAOB+12,16)
//movaps xmm0,[rax+20]
//movaps [rcx+40],xmm0
//movaps xmm1,[rax+30]
//movaps [rcx+50],xmm1
exit2:
jmp someCoordWritesAOB+22 //"ACOrigins.exe"+6A9F02
///
someCoordWritesAOB+12: //"ACOrigins.exe"+6A9EF2:
jmp newmem2
///*************************************************///
aobscanmodule(playerCoordReadWhenFlyingSenu,ACOrigins.exe,48 8B 4E ** 0F 28 CA 0F 55 4F ** 0F 29 ** ** ** 48 85 C9)
registersymbol(playerCoordReadWhenFlyingSenu)
alloc(newmem18,2048,playerCoordReadWhenFlyingSenu+7) //"ACOrigins.exe"+264BD0D)
label(originalcode18_senuteleport)
registersymbol(originalcode18_senuteleport)
label(exit18)
newmem18: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
//mov rax,bSenuTeleportKey
//mov byte ptr [rax+1],1
mov rax,pPlayerBayekCoord
mov [rax],rdi
/*
mov rax,psWaypointCoord
cmp dword ptr [rax],0
je end
*/
/*
sub rsp,10
movdqu dqword [rsp],xmm0
//
movss xmm0,[rax]
movss [rdi+30],xmm0
movss xmm0,[rax+4]
movss [rdi+34],xmm0
movss xmm0,[rax+8]
movss [rdi+38],xmm0
xorps xmm0,xmm0
movups [rax],xmm0
//
movdqu xmm0,dqword [rsp]
add rsp,10
*/
end18:
pop rax
readmem(playerCoordReadWhenFlyingSenu+7,12)
reassemble(playerCoordReadWhenFlyingSenu+13)
jmp exit18
originalcode18_senuteleport:
readmem(playerCoordReadWhenFlyingSenu+7,14)
//andnps xmm1,[rdi+30]
//movaps [rsp+30],xmm1
//test rcx,rcx
//je ACOrigins.AK::WriteBytesMem::Count+3712A0
exit18:
jmp playerCoordReadWhenFlyingSenu+15 //"ACOrigins.exe"+264BD1B
///
playerCoordReadWhenFlyingSenu+7: //"ACOrigins.exe"+264BD0D:
jmp newmem18
///*************************************************///
aobscanmodule(playerCoordReadOnGroundAOB,ACOrigins.exe,0F 55 ** ** 48 8B ** ** ** ** ** ** 0F C6 ** ** F3 0F 58)
registersymbol(playerCoordReadOnGroundAOB)
alloc(newmem19,2048,playerCoordReadOnGroundAOB) //"ACOrigins.exe"+7EF15D)
label(originalcode19_senuteleport)
registersymbol(originalcode19_senuteleport)
label(exit19)
newmem19: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(playerCoordReadOnGroundAOB,4)
push rax
mov rax,pPlayerBayekCoord
mov [rax],rbx
pop rax
mov rbx,bSenuTeleportKey
mov byte ptr [rbx+1],0
jmp originalcode19_senuteleport+4
originalcode19_senuteleport:
readmem(playerCoordReadOnGroundAOB,16)
//andnps xmm1,[rbx+30]
//mov rbx,[rsp+000000A0]
//shufps xmm1,xmm1,-56
exit19:
jmp playerCoordReadOnGroundAOB+10 //"ACOrigins.exe"+7EF15D+10
///
playerCoordReadOnGroundAOB: //"ACOrigins.exe"+7EF15D:
jmp newmem19
///*************************************************///
aobscanmodule(someCCoordsReadAOB,ACOrigins.exe,F3 0F 10 ** ** ** ** ** 0F 29 ** ** ** 0F 28 40 ** 0F 29 ** ** ** 0F 28 48 ** 0F 29 ** ** ** F3 0F 10)
registersymbol(someCCoordsReadAOB)
label(pPlayerCCoords)
registersymbol(pPlayerCCoords)
alloc(newmem41,2048,someCCoordsReadAOB+11) //"ACOrigins.exe"+6C59F67)
label(originalcode41_noclip)
registersymbol(originalcode41_noclip)
label(exit41)
newmem41: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
push rbx
mov rbx,pPlayerBayekCoord
mov rbx,[rbx]
lea rbx,[rbx-20]
cmp rsi,rbx
jne end41
lea rax,[rax+20]
mov rbx,pPlayerCCoords
mov [rbx],rax
end41:
pop rbx
pop rax
originalcode41_noclip:
readmem(someCCoordsReadAOB+11,14)
//movaps [rsp+40],xmm1
//movaps xmm1,[rax+50]
//movaps [rsp+50],xmm0
exit41:
jmp someCCoordsReadAOB+1f //"ACOrigins.exe"+6C59F75
///
pPlayerCCoords:
///
someCCoordsReadAOB+11: //"ACOrigins.exe"+6C59F67:
jmp newmem41
///*************************************************///
aobscanmodule(someCCoordsWriteAOB,ACOrigins.exe,0F 29 21 0F 29 59 10 0F 29 51 20 0F 29 49 30 E8 ** ** ** ** ** ** ** ** ** ** ** 0F 28 ** ** ** ** ** 48)
registersymbol(someCCoordsWriteAOB)
alloc(newmem51,2048,someCCoordsWriteAOB) //"ACOrigins.exe"+CCBEF9)
label(originalcode51_noclip)
registersymbol(originalcode51_noclip)
label(exit51)
newmem51: //this is allocated memory, you have read,write,execute access
//place your code here
mov rdx,pPlayerCCoords
cmp [rdx],rcx
jne end51
mov rdx,bSenuTeleportKey
cmp word ptr [rdx+1],1
//cmp byte ptr [rbx],1
je skipcollisioncorrection51
mov rdx,bNoClip
cmp byte ptr [rdx],1
je skipcollisioncorrection51
jmp end51
skipcollisioncorrection51:
mov edx,(float)1
movd xmm1,edx
shufps xmm1,xmm1,c0 //broadcast except 4th
mov rdx,pPlayerBayekCoord
mov rdx,[rdx]
mulps xmm1,[rdx+30]
end51:
originalcode51_noclip:
readmem(someCCoordsWriteAOB,15)
//movaps [rcx],xmm4
//movaps [rcx+10],xmm3
//movaps [rcx+20],xmm2
//movaps [rcx+30],xmm1
exit51:
jmp someCCoordsWriteAOB+f //"ACOrigins.exe"+CCBF08
///
someCCoordsWriteAOB: //"ACOrigins.exe"+CCBEF9:
jmp newmem51
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem6)
playerCamTNVReadAOB+4: //"ACOrigins.exe"+1480586:
readmem(originalcode6_noclip,15)
//db 48 8B 81 E0 00 00 00 41 0F 28 88 A0 04 00 00
//Alt: mov rax,[rcx+000000E0]
//Alt: movaps xmm1,[r8+000004A0]
unregistersymbol(originalcode6_noclip)
unregistersymbol(bSenuTeleportKey)
unregistersymbol(pNV)
///*************************************************///
dealloc(newmem11)
movementForceRead1AOB+7: //"ACOrigins.exe"+28E3568:
readmem(originalcode11_noclip,14)
//db 0F 28 99 C0 00 00 00 0F 29 5C 24 20 76 12
//Alt: movaps xmm3,[rcx+000000C0]
//Alt: movaps [rsp+20],xmm3
//Alt: jna ACOrigins.AK::WriteBytesMem::Count+608AF8
unregistersymbol(originalcode11_noclip)
unregistersymbol(pMovementInfo)
///*************************************************///
dealloc(newmem17)
2DNVReadAOB+a: //"ACOrigins.exe"+12D4570:
readmem(originalcode17_noclip,15)
//db 0F 28 47 70 48 8D 57 30 0F 29 87 80 02 00 00
//Alt: movaps xmm0,[rdi+70]
//Alt: lea rdx,[rdi+30]
//Alt: movaps [rdi+00000280],xmm0
unregistersymbol(originalcode17_noclip)
unregistersymbol(p2DNV)
///*************************************************///
dealloc(newmem)
playerCoordRead1AOB+3: //"ACOrigins.exe"+10720E5:
readmem(originalcode_noclip,16)
//db 0F 55 53 30 48 8B 5C 24 30 0F 29 17 48 83 C4 20
//Alt: andnps xmm2,[rbx+30]
//Alt: mov rbx,[rsp+30]
//Alt: movaps [rdi],xmm2
//Alt: add rsp,20
unregistersymbol(originalcode_noclip)
unregistersymbol(pPlayerCoord)
unregistersymbol(pPlayerBayekCoord)
unregistersymbol(psWaypointCoord)
unregistersymbol(bNoClip)
unregistersymbol(dNoClipSpeedMultiplier)
unregistersymbol(dZForce)
///*************************************************///
dealloc(newmem2)
someCoordWritesAOB+12: //"ACOrigins.exe"+6A9EF2:
readmem(originalcode2_noclip,16)
//db 0F 28 40 20 0F 29 41 40 0F 28 48 30 0F 29 49 50
//Alt: movaps xmm0,[rax+20]
//Alt: movaps [rcx+40],xmm0
//Alt: movaps xmm1,[rax+30]
//Alt: movaps [rcx+50],xmm1
unregistersymbol(originalcode2_noclip)
///*************************************************///
dealloc(newmem18)
playerCoordReadWhenFlyingSenu+7: //"ACOrigins.exe"+264BD0D:
readmem(originalcode18_senuteleport,14)
//db 0F 55 4F 30 0F 29 4C 24 30 48 85 C9 74 15
//Alt: andnps xmm1,[rdi+30]
//Alt: movaps [rsp+30],xmm1
//Alt: test rcx,rcx
//Alt: je ACOrigins.AK::WriteBytesMem::Count+3712A0
unregistersymbol(originalcode18_senuteleport)
///*************************************************///
dealloc(newmem19)
playerCoordReadOnGroundAOB: //"ACOrigins.exe"+7EF15D:
readmem(originalcode19_senuteleport,16)
//db 0F 55 4B 30 48 8B 9C 24 A0 00 00 00 0F C6 C9 AA
//Alt: andnps xmm1,[rbx+30]
//Alt: mov rbx,[rsp+000000A0]
//Alt: shufps xmm1,xmm1,-56
unregistersymbol(originalcode13_senuteleport)
///*************************************************///
dealloc(newmem41)
someCCoordsReadAOB+11: //"ACOrigins.exe"+6C59F67:
readmem(originalcode41_noclip,14)
//db 0F 29 4C 24 40 0F 28 48 50 0F 29 44 24 50
//Alt: movaps [rsp+40],xmm1
//Alt: movaps xmm1,[rax+50]
//Alt: movaps [rsp+50],xmm0
unregistersymbol(originalcode41_noclip)
unregistersymbol(pPlayerCCoords)
///*************************************************///
dealloc(newmem51)
someCCoordsWriteAOB: //"ACOrigins.exe"+CCBEF9:
readmem(originalcode51_noclip,15)
//db 0F 29 21 0F 29 59 10 0F 29 51 20 0F 29 49 30
//Alt: movaps [rcx],xmm4
//Alt: movaps [rcx+10],xmm3
//Alt: movaps [rcx+20],xmm2
//Alt: movaps [rcx+30],xmm1
unregistersymbol(originalcode51_noclip)
3320
"walk key"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(walkspeedmultiplier,(float)0.525)
aobscanmodule(movementSpeedWritesAOB,ACOrigins.exe,F3 0F 11 ** ** ** ** ** 41 B8 ** ** ** ** E8 ** ** ** ** 45)
registersymbol(movementSpeedWritesAOB)
label(bWalkKeyPressed)
registersymbol(bWalkKeyPressed)
label(dWalkSpeedMultiplier)
registersymbol(dWalkSpeedMultiplier)
alloc(newmem,2048,movementSpeedWritesAOB) //"ACOrigins.exe"+28E4376)
label(originalcode_walkkey)
registersymbol(originalcode_walkkey)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
mov rax,bWalkKeyPressed
cmp byte ptr [rax],1
jne end
sub rsp,10
movdqu dqword [rsp],xmm1
//mov eax,(float)0.6
//movd xmm1,eax
//mov rax,dWalkSpeedMultiplier
//movss xmm1,[rax]
//mulss xmm0,xmm1
xorps xmm1,xmm1
comiss xmm0,xmm1
je @f
mov rax,dWalkSpeedMultiplier
movss xmm0,[rax]
@@:
movdqu xmm1,dqword [rsp]
add rsp,10
end:
pop rax
originalcode_walkkey:
readmem(movementSpeedWritesAOB,14)
//movss [rbx+000000D0],xmm0
//mov r8d,0000002B
exit:
jmp movementSpeedWritesAOB+e //"ACOrigins.exe"+28E4384
///
bWalkKeyPressed:
dd 0
dWalkSpeedMultiplier:
dd walkspeedmultiplier
///
movementSpeedWritesAOB: //"ACOrigins.exe"+28E4376:
jmp newmem
///********************************************************///
label(bEndThread_walkKey_keylistener_mem)
registersymbol(bEndThread_walkKey_keylistener_mem)
alloc(walkKey_keylistener_mem,1024,"ACOrigins.exe")
registersymbol(walkKey_keylistener_mem)
createthread(walkKey_keylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
walkKey_keylistener_mem:
sub rsp,28
keylistenerstart:
mov rcx,14 //CAPS LOCK key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
mov rcx,bWalkKeyPressed
mov [rcx],ax
keylistenerend:
mov rcx,#100
call Sleep
mov rbx,bEndThread_walkKey_keylistener_mem
cmp dword ptr [rbx],1
jne keylistenerstart
keylistenerexit:
add rsp,28
mov rbx,bEndThread_walkKey_keylistener_mem
mov dword ptr [rbx],2
ret
///
bEndThread_walkKey_keylistener_mem:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_walkKey_keylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_walkKey_keylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_walkKey_keylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_walkKey_keylistener_mem:
//dd 1
///********************************************************///
dealloc(newmem)
movementSpeedWritesAOB: //"ACOrigins.exe"+28E4376:
readmem(originalcode_walkkey,14)
//db F3 0F 11 83 D0 00 00 00 41 B8 2B 00 00 00
//Alt: movss [rbx+000000D0],xmm0
//Alt: mov r8d,0000002B
unregistersymbol(originalcode_walkkey)
unregistersymbol(bWalkKeyPressed)
unregistersymbol(dWalkSpeedMultiplier)
///********************************************************///
unregistersymbol(bEndThread_walkKey_keylistener_mem)
dealloc(walkKey_keylistener_mem)
unregistersymbol(walkKey_keylistener_mem)
3321
"hold CapsLock"
808080
1
3322
"walk speed"
008000
Float
dWalkSpeedMultiplier
3323
"senu teleport .5"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(waypointReadAfterSetAOB,ACOrigins.exe,41 0F 10 ** ** 66 48 0F 7E D2 F2 0F 11)
registersymbol(waypointReadAfterSetAOB)
aobscanmodule(jmpToFromSenuWaypointAOB,ACOrigins.exe,48 89 ** ** ** 57 48 83 ** ** 8B 81 ** ** ** ** 49 8B F0 48 8B F9 39 02)
registersymbol(jmpToFromSenuWaypointAOB)
alloc(newmem,2048,waypointReadAfterSetAOB) //"ACOrigins.exe"+8184D7)
label(originalcode_senuteleport)
registersymbol(originalcode_senuteleport)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(waypointReadAfterSetAOB+15,5)
mov rdx,jmpToFromSenuWaypointAOB
cmp [rsp+48],rdx
jne @f
mov rdx,bSenuTeleportKey
mov byte ptr [rdx+1],1
//cmp byte ptr [rdx+1],1
//jne @f
cmp byte ptr [rdx],1
jne @f
mov edx,(float)1
movd xmm1,edx
shufps xmm1,xmm1,c0 //broadcast except 4th
mulps xmm1,[r14+c]
mov rdx,psWaypointCoord
movups [rdx],xmm1
jmp end
@@:
xorps xmm1,xmm1
mov rdx,psWaypointCoord
movups [rdx],xmm1
end:
originalcode_senuteleport:
readmem(waypointReadAfterSetAOB,16)
//movups xmm1,[r14+0C]
//movq rdx,xmm2
//movsd [rsp+60],xmm0
exit:
jmp waypointReadAfterSetAOB+10 //"ACOrigins.exe"+8184E7
///
waypointReadAfterSetAOB: //"ACOrigins.exe"+8184D7:
jmp newmem
///********************************************************///
///********************************************************///
///********************************************************///
label(bEndThread_senuTeleportKey_keylistener_mem)
registersymbol(bEndThread_senuTeleportKey_keylistener_mem)
alloc(senuTeleportKey_keylistener_mem,1024,"ACOrigins.exe")
registersymbol(senuTeleportKey_keylistener_mem)
createthread(senuTeleportKey_keylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
senuTeleportKey_keylistener_mem:
sub rsp,28
keylistenerstart:
//mov rcx,bSenuTeleportKey
//cmp byte ptr [rcx+1],1
//jne keylistenerend
mov rcx,14 //CAPS LOCK key
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
cmp ax,1
sete al
mov rcx,bSenuTeleportKey
mov [rcx],al
keylistenerend:
mov rcx,#100
call Sleep
mov rbx,bEndThread_senuTeleportKey_keylistener_mem
cmp dword ptr [rbx],1
jne keylistenerstart
keylistenerexit:
add rsp,28
mov rbx,bEndThread_senuTeleportKey_keylistener_mem
mov dword ptr [rbx],2
ret
///
bEndThread_senuTeleportKey_keylistener_mem:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_senuTeleportKey_keylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_senuTeleportKey_keylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_senuTeleportKey_keylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_senuTeleportKey_keylistener_mem:
//dd 1
///********************************************************///
dealloc(newmem)
waypointReadAfterSetAOB: //"ACOrigins.exe"+8184D7:
readmem(originalcode_senuteleport,16)
//db 41 0F 10 4E 0C 66 48 0F 7E D2 F2 0F 11 44 24 60
//Alt: movups xmm1,[r14+0C]
//Alt: movq rdx,xmm2
//Alt: movsd [rsp+60],xmm0
unregistersymbol(originalcode_senuteleport)
///********************************************************///
///********************************************************///
///********************************************************///
unregistersymbol(bEndThread_senuTeleportKey_keylistener_mem)
dealloc(senuTeleportKey_keylistener_mem)
unregistersymbol(senuTeleportKey_keylistener_mem)
3324
"hold CapsLock"
808080
1
3325
"bSenuTeleportKey"
1
008000
2 Bytes
bSenuTeleportKey
3326
"no-clip (numpad0-)"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bNoClip:
db 1
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bNoClip:
db 0
Toggle Activation
96
109
0
no-clip Activated
no-clip Deactivated
3327
""
1
3328
"[PlayerBayekCoord]"
000080
Array of byte
0
pPlayerBayekCoord
30
3329
"x"
0000FF
Float
+0
3352
""
1
0000FF
4 Bytes
+0
3633
"No Description"
Float
1F29C9FB0
3330
"y"
0000FF
Float
+4
3331
"z"
0000FF
Float
+8
3332
"[PlayerCoord]"
000080
Array of byte
0
pPlayerCoord
30
3333
"x"
0000FF
Float
+0
3334
"y"
0000FF
Float
+4
3335
"z"
0000FF
Float
+8
3336
"[NV]"
000080
Array of byte
0
pNV
[playerCamTNVReadAOB+f]
3337
"x"
808080
Float
+0
3338
"y"
808080
Float
+4
3339
"z"
808080
Float
+8
3340
"[Movement Force]"
000080
Array of byte
0
pMovementInfo
[originalcode11_noclip+3]
3341
"x"
808080
Float
+0
3342
""
1
808080
4 Bytes
+0
3343
"y"
808080
Float
+4
3344
""
1
808080
4 Bytes
+0
3345
"[2DNV]"
000080
Array of byte
0
p2DNV
70
3346
"x"
808080
Float
+0
3347
"y"
808080
Float
+4
1781
"[pointers]"
000080
1
1782
"[Player]"
1
000080
Array of byte
0
pPlayer
0
1783
"current health"
0000FF
4 Bytes
pPlayer
[playerFetchAOB+17]
1784
"max health base"
0000FF
4 Bytes
+4
1785
"multi 1 (armor)"
0000FF
Float
+8
1834
"multi 2 (curse penalty)"
0000FF
Float
+c
1835
"multi 3 (?)"
0000FF
Float
+10
1798
""
0000FF
4 Bytes
+3d8
1786
""
1
1787
"current ammo"
0000FF
4 Bytes
pCurrentAmmo
0
1845
"weapon editor .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(levelChkOnEquipAOB,ACOrigins.exe,75 08 8B 47 ** 39 41 ** 74 ** 48 83 ** ** ** ** ** ** ** 33 C0 85 C0)
registersymbol(levelChkOnEquipAOB)
aobscanmodule(gearEquipRetAOB,ACOrigins.exe,0F B6 AC ** ** ** ** ** 84 C0 75 ** 88)
registersymbol(gearEquipRetAOB)
label(pEquippedGear)
registersymbol(pEquippedGear)
alloc(newmem2,2048,levelChkOnEquipAOB) //"ACOrigins.exe"+1998FD5)
label(originalcode2_onequipgear)
registersymbol(originalcode2_onequipgear)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
//readmem(levelChkOnEquipAOB,2)
jne normalout
mov rax,gearEquipRetAOB //"ACOrigins.exe"+198D432
cmp [rsp+28],rax
jne @f
mov rax,pEquippedGear
mov [rax],rcx
@@:
readmem(levelChkOnEquipAOB+2,6)
reassemble(levelChkOnEquipAOB+8)
normalout:
readmem(levelChkOnEquipAOB+a,4)
jmp exit2
originalcode2_onequipgear:
readmem(levelChkOnEquipAOB,14)
//jne ACOrigins.AK::WriteBytesMem::Bytes+A3C23F
//mov eax,[rdi+08]
//cmp [rcx+10],eax
//je ACOrigins.AK::WriteBytesMem::Bytes+A3C27C
//add rcx,20
exit2:
jmp levelChkOnEquipAOB+e //"ACOrigins.exe"+1998FE3
///
pEquippedGear:
///
levelChkOnEquipAOB: //"ACOrigins.exe"+1998FD5:
jmp newmem2
returnhere2:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
levelChkOnEquipAOB: //"ACOrigins.exe"+1998FD5:
readmem(originalcode2_onequipgear,14)
//db 75 08 8B 47 08 39 41 10 74 3D 48 83 C1 20
//Alt: jne ACOrigins.AK::WriteBytesMem::Bytes+A3C23F
//Alt: mov eax,[rdi+08]
//Alt: cmp [rcx+10],eax
//Alt: je ACOrigins.AK::WriteBytesMem::Bytes+A3C27C
//Alt: add rcx,20
unregistersymbol(originalcode2_onequipgear)
unregistersymbol(pEquippedGear)
1846
"[just equipped gear]"
000080
Array of byte
0
pEquippedGear
0
1850
"category"
808080
String
12
0
0
1
+8
0
10
0
0
60
0
1847
"quantity"
0000FF
4 Bytes
+0
1848
"lvl"
0000FF
4 Bytes
+10
1849
"rarity"
0000FF
4 Bytes
+8
10
0
1851
"some flags"
1
808080
4 Bytes
+8
C
1852
"[properties]"
1
000080
Array of byte
0
+8
48
0
1853
"# of properties"
808080
2 Bytes
pEquippedGear
50
0
8
1854
"(x2)"
808080
2 Bytes
+2
1855
"[base property]"
1
000080
Array of byte
0
+0
0
0
0*8
1856
"# of modifiers"
808080
2 Bytes
+1c
1857
"(x2)"
808080
2 Bytes
+2
2397
"modifier"
0000FF
Float
+14
+1*8
2446
"if the float is invalid, check the pointers below"
808080
1
1974
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
1975
"# of values"
808080
2 Bytes
+10
1976
"(x2)"
808080
2 Bytes
+2
2491
"value"
0000FF
Float
+8
2492
"if the float is invalid, check the pointers below"
808080
1
1977
"[values (01 - 20)]"
1
000080
Array of byte
0
+8
0
1978
"level 01"
0000FF
Float
+0*4
1979
"level 02"
0000FF
Float
+1*4
1980
"level 03"
0000FF
Float
+2*4
1981
"level 04"
0000FF
Float
+3*4
1982
"level 05"
0000FF
Float
+4*4
1983
"level 06"
0000FF
Float
+5*4
1984
"level 07"
0000FF
Float
+6*4
1985
"level 08"
0000FF
Float
+7*4
1986
"level 09"
0000FF
Float
+8*4
1987
"level 10"
0000FF
Float
+9*4
1988
"level 11"
0000FF
Float
+a*4
1989
"level 12"
0000FF
Float
+b*4
1990
"level 13"
0000FF
Float
+c*4
1991
"level 14"
0000FF
Float
+d*4
1992
"level 15"
0000FF
Float
+e*4
1993
"level 16"
0000FF
Float
+f*4
1994
"level 17"
0000FF
Float
+10*4
1995
"level 18"
0000FF
Float
+11*4
1996
"level 19"
0000FF
Float
+12*4
1997
"level 20"
0000FF
Float
+13*4
1998
"[values (21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
1999
"level 21"
0000FF
Float
+0*4
2000
"level 22"
0000FF
Float
+1*4
2001
"level 23"
0000FF
Float
+2*4
2002
"level 24"
0000FF
Float
+3*4
2003
"level 25"
0000FF
Float
+4*4
2004
"level 26"
0000FF
Float
+5*4
2005
"level 27"
0000FF
Float
+6*4
2006
"level 28"
0000FF
Float
+7*4
2007
"level 29"
0000FF
Float
+8*4
2008
"level 30"
0000FF
Float
+9*4
2009
"level 31"
0000FF
Float
+a*4
2010
"level 32"
0000FF
Float
+b*4
2011
"level 33"
0000FF
Float
+c*4
2012
"level 34"
0000FF
Float
+d*4
2013
"level 35"
0000FF
Float
+e*4
2014
"level 36"
0000FF
Float
+f*4
2015
"level 37"
0000FF
Float
+10*4
2016
"level 38"
0000FF
Float
+11*4
2017
"level 39"
0000FF
Float
+12*4
2018
"level 40"
0000FF
Float
+13*4
2398
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
2399
"# of values"
808080
2 Bytes
+10
2400
"(x2)"
808080
2 Bytes
+2
2493
"value"
0000FF
Float
+8
2494
"if the float is invalid, check the pointers below"
808080
1
2401
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
2402
"level 01"
0000FF
Float
+0*4
2403
"level 02"
0000FF
Float
+1*4
2404
"level 03"
0000FF
Float
+2*4
2405
"level 04"
0000FF
Float
+3*4
2406
"level 05"
0000FF
Float
+4*4
2407
"level 06"
0000FF
Float
+5*4
2408
"level 07"
0000FF
Float
+6*4
2409
"level 08"
0000FF
Float
+7*4
2410
"level 09"
0000FF
Float
+8*4
2411
"level 10"
0000FF
Float
+9*4
2412
"level 11"
0000FF
Float
+a*4
2413
"level 12"
0000FF
Float
+b*4
2414
"level 13"
0000FF
Float
+c*4
2415
"level 14"
0000FF
Float
+d*4
2416
"level 15"
0000FF
Float
+e*4
2417
"level 16"
0000FF
Float
+f*4
2418
"level 17"
0000FF
Float
+10*4
2419
"level 18"
0000FF
Float
+11*4
2420
"level 19"
0000FF
Float
+12*4
2421
"level 20"
0000FF
Float
+13*4
2422
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
2423
"level 21"
0000FF
Float
+0*4
2424
"level 22"
0000FF
Float
+1*4
2425
"level 23"
0000FF
Float
+2*4
2426
"level 24"
0000FF
Float
+3*4
2427
"level 25"
0000FF
Float
+4*4
2428
"level 26"
0000FF
Float
+5*4
2429
"level 27"
0000FF
Float
+6*4
2430
"level 28"
0000FF
Float
+7*4
2431
"level 29"
0000FF
Float
+8*4
2432
"level 30"
0000FF
Float
+9*4
2433
"level 31"
0000FF
Float
+a*4
2434
"level 32"
0000FF
Float
+b*4
2435
"level 33"
0000FF
Float
+c*4
2436
"level 34"
0000FF
Float
+d*4
2437
"level 35"
0000FF
Float
+e*4
2438
"level 36"
0000FF
Float
+f*4
2439
"level 37"
0000FF
Float
+10*4
2440
"level 38"
0000FF
Float
+11*4
2441
"level 39"
0000FF
Float
+12*4
2442
"level 40"
0000FF
Float
+13*4
2594
"[property 2]"
1
000080
Array of byte
0
+0
1*8
2891
"base"
1
0000FF
8 Bytes
+0
2792
"[details]"
1
000080
Array of byte
0
+0
0
0
2793
"# of modifiers"
808080
2 Bytes
+1c
2794
"(x2)"
808080
2 Bytes
+2
2795
"modifier"
0000FF
Float
+14
+1*8
2796
"if the float is invalid, check the pointers below"
808080
1
2797
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
2798
"# of values"
808080
2 Bytes
+10
2799
"(x2)"
808080
2 Bytes
+2
2800
"value"
0000FF
Float
+8
2801
"if the float is invalid, check the pointers below"
808080
1
2802
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
2803
"level 01"
0000FF
Float
+0*4
2804
"level 02"
0000FF
Float
+1*4
2805
"level 03"
0000FF
Float
+2*4
2806
"level 04"
0000FF
Float
+3*4
2807
"level 05"
0000FF
Float
+4*4
2808
"level 06"
0000FF
Float
+5*4
2809
"level 07"
0000FF
Float
+6*4
2810
"level 08"
0000FF
Float
+7*4
2811
"level 09"
0000FF
Float
+8*4
2812
"level 10"
0000FF
Float
+9*4
2813
"level 11"
0000FF
Float
+a*4
2814
"level 12"
0000FF
Float
+b*4
2815
"level 13"
0000FF
Float
+c*4
2816
"level 14"
0000FF
Float
+d*4
2817
"level 15"
0000FF
Float
+e*4
2818
"level 16"
0000FF
Float
+f*4
2819
"level 17"
0000FF
Float
+10*4
2820
"level 18"
0000FF
Float
+11*4
2821
"level 19"
0000FF
Float
+12*4
2822
"level 20"
0000FF
Float
+13*4
2823
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
2824
"level 21"
0000FF
Float
+0*4
2825
"level 22"
0000FF
Float
+1*4
2826
"level 23"
0000FF
Float
+2*4
2827
"level 24"
0000FF
Float
+3*4
2828
"level 25"
0000FF
Float
+4*4
2829
"level 26"
0000FF
Float
+5*4
2830
"level 27"
0000FF
Float
+6*4
2831
"level 28"
0000FF
Float
+7*4
2832
"level 29"
0000FF
Float
+8*4
2833
"level 30"
0000FF
Float
+9*4
2834
"level 31"
0000FF
Float
+a*4
2835
"level 32"
0000FF
Float
+b*4
2836
"level 33"
0000FF
Float
+c*4
2837
"level 34"
0000FF
Float
+d*4
2838
"level 35"
0000FF
Float
+e*4
2839
"level 36"
0000FF
Float
+f*4
2840
"level 37"
0000FF
Float
+10*4
2841
"level 38"
0000FF
Float
+11*4
2842
"level 39"
0000FF
Float
+12*4
2843
"level 40"
0000FF
Float
+13*4
2844
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
2845
"# of values"
808080
2 Bytes
+10
2846
"(x2)"
808080
2 Bytes
+2
2847
"value"
0000FF
Float
+8
2848
"if the float is invalid, check the pointers below"
808080
1
2849
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
2850
"level 01"
0000FF
Float
+0*4
2851
"level 02"
0000FF
Float
+1*4
2852
"level 03"
0000FF
Float
+2*4
2853
"level 04"
0000FF
Float
+3*4
2854
"level 05"
0000FF
Float
+4*4
2855
"level 06"
0000FF
Float
+5*4
2856
"level 07"
0000FF
Float
+6*4
2857
"level 08"
0000FF
Float
+7*4
2858
"level 09"
0000FF
Float
+8*4
2859
"level 10"
0000FF
Float
+9*4
2860
"level 11"
0000FF
Float
+a*4
2861
"level 12"
0000FF
Float
+b*4
2862
"level 13"
0000FF
Float
+c*4
2863
"level 14"
0000FF
Float
+d*4
2864
"level 15"
0000FF
Float
+e*4
2865
"level 16"
0000FF
Float
+f*4
2866
"level 17"
0000FF
Float
+10*4
2867
"level 18"
0000FF
Float
+11*4
2868
"level 19"
0000FF
Float
+12*4
2869
"level 20"
0000FF
Float
+13*4
2870
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
2871
"level 21"
0000FF
Float
+0*4
2872
"level 22"
0000FF
Float
+1*4
2873
"level 23"
0000FF
Float
+2*4
2874
"level 24"
0000FF
Float
+3*4
2875
"level 25"
0000FF
Float
+4*4
2876
"level 26"
0000FF
Float
+5*4
2877
"level 27"
0000FF
Float
+6*4
2878
"level 28"
0000FF
Float
+7*4
2879
"level 29"
0000FF
Float
+8*4
2880
"level 30"
0000FF
Float
+9*4
2881
"level 31"
0000FF
Float
+a*4
2882
"level 32"
0000FF
Float
+b*4
2883
"level 33"
0000FF
Float
+c*4
2884
"level 34"
0000FF
Float
+d*4
2885
"level 35"
0000FF
Float
+e*4
2886
"level 36"
0000FF
Float
+f*4
2887
"level 37"
0000FF
Float
+10*4
2888
"level 38"
0000FF
Float
+11*4
2889
"level 39"
0000FF
Float
+12*4
2890
"level 40"
0000FF
Float
+13*4
2892
"[property 3]"
1
000080
Array of byte
0
+0
2*8
2893
"base"
1
0000FF
8 Bytes
+0
2894
"[details]"
1
000080
Array of byte
0
+0
0
0
2895
"# of modifiers"
808080
2 Bytes
+1c
2896
"(x2)"
808080
2 Bytes
+2
2897
"modifier"
0000FF
Float
+14
+1*8
2898
"if the float is invalid, check the pointers below"
808080
1
2899
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
2900
"# of values"
808080
2 Bytes
+10
2901
"(x2)"
808080
2 Bytes
+2
2902
"value"
0000FF
Float
+8
2903
"if the float is invalid, check the pointers below"
808080
1
2904
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
2905
"level 01"
0000FF
Float
+0*4
2906
"level 02"
0000FF
Float
+1*4
2907
"level 03"
0000FF
Float
+2*4
2908
"level 04"
0000FF
Float
+3*4
2909
"level 05"
0000FF
Float
+4*4
2910
"level 06"
0000FF
Float
+5*4
2911
"level 07"
0000FF
Float
+6*4
2912
"level 08"
0000FF
Float
+7*4
2913
"level 09"
0000FF
Float
+8*4
2914
"level 10"
0000FF
Float
+9*4
2915
"level 11"
0000FF
Float
+a*4
2916
"level 12"
0000FF
Float
+b*4
2917
"level 13"
0000FF
Float
+c*4
2918
"level 14"
0000FF
Float
+d*4
2919
"level 15"
0000FF
Float
+e*4
2920
"level 16"
0000FF
Float
+f*4
2921
"level 17"
0000FF
Float
+10*4
2922
"level 18"
0000FF
Float
+11*4
2923
"level 19"
0000FF
Float
+12*4
2924
"level 20"
0000FF
Float
+13*4
2925
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
2926
"level 21"
0000FF
Float
+0*4
2927
"level 22"
0000FF
Float
+1*4
2928
"level 23"
0000FF
Float
+2*4
2929
"level 24"
0000FF
Float
+3*4
2930
"level 25"
0000FF
Float
+4*4
2931
"level 26"
0000FF
Float
+5*4
2932
"level 27"
0000FF
Float
+6*4
2933
"level 28"
0000FF
Float
+7*4
2934
"level 29"
0000FF
Float
+8*4
2935
"level 30"
0000FF
Float
+9*4
2936
"level 31"
0000FF
Float
+a*4
2937
"level 32"
0000FF
Float
+b*4
2938
"level 33"
0000FF
Float
+c*4
2939
"level 34"
0000FF
Float
+d*4
2940
"level 35"
0000FF
Float
+e*4
2941
"level 36"
0000FF
Float
+f*4
2942
"level 37"
0000FF
Float
+10*4
2943
"level 38"
0000FF
Float
+11*4
2944
"level 39"
0000FF
Float
+12*4
2945
"level 40"
0000FF
Float
+13*4
2946
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
2947
"# of values"
808080
2 Bytes
+10
2948
"(x2)"
808080
2 Bytes
+2
2949
"value"
0000FF
Float
+8
2950
"if the float is invalid, check the pointers below"
808080
1
2951
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
2952
"level 01"
0000FF
Float
+0*4
2953
"level 02"
0000FF
Float
+1*4
2954
"level 03"
0000FF
Float
+2*4
2955
"level 04"
0000FF
Float
+3*4
2956
"level 05"
0000FF
Float
+4*4
2957
"level 06"
0000FF
Float
+5*4
2958
"level 07"
0000FF
Float
+6*4
2959
"level 08"
0000FF
Float
+7*4
2960
"level 09"
0000FF
Float
+8*4
2961
"level 10"
0000FF
Float
+9*4
2962
"level 11"
0000FF
Float
+a*4
2963
"level 12"
0000FF
Float
+b*4
2964
"level 13"
0000FF
Float
+c*4
2965
"level 14"
0000FF
Float
+d*4
2966
"level 15"
0000FF
Float
+e*4
2967
"level 16"
0000FF
Float
+f*4
2968
"level 17"
0000FF
Float
+10*4
2969
"level 18"
0000FF
Float
+11*4
2970
"level 19"
0000FF
Float
+12*4
2971
"level 20"
0000FF
Float
+13*4
2972
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
2973
"level 21"
0000FF
Float
+0*4
2974
"level 22"
0000FF
Float
+1*4
2975
"level 23"
0000FF
Float
+2*4
2976
"level 24"
0000FF
Float
+3*4
2977
"level 25"
0000FF
Float
+4*4
2978
"level 26"
0000FF
Float
+5*4
2979
"level 27"
0000FF
Float
+6*4
2980
"level 28"
0000FF
Float
+7*4
2981
"level 29"
0000FF
Float
+8*4
2982
"level 30"
0000FF
Float
+9*4
2983
"level 31"
0000FF
Float
+a*4
2984
"level 32"
0000FF
Float
+b*4
2985
"level 33"
0000FF
Float
+c*4
2986
"level 34"
0000FF
Float
+d*4
2987
"level 35"
0000FF
Float
+e*4
2988
"level 36"
0000FF
Float
+f*4
2989
"level 37"
0000FF
Float
+10*4
2990
"level 38"
0000FF
Float
+11*4
2991
"level 39"
0000FF
Float
+12*4
2992
"level 40"
0000FF
Float
+13*4
2993
"[property 4]"
1
000080
Array of byte
0
+0
3*8
2994
"base"
1
0000FF
8 Bytes
+0
2995
"[details]"
1
000080
Array of byte
0
+0
0
0
2996
"# of modifiers"
808080
2 Bytes
+1c
2997
"(x2)"
808080
2 Bytes
+2
2998
"modifier"
0000FF
Float
+14
+1*8
2999
"if the float is invalid, check the pointers below"
808080
1
3000
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3001
"# of values"
808080
2 Bytes
+10
3002
"(x2)"
808080
2 Bytes
+2
3003
"value"
0000FF
Float
+8
3004
"if the float is invalid, check the pointers below"
808080
1
3005
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3006
"level 01"
0000FF
Float
+0*4
3007
"level 02"
0000FF
Float
+1*4
3008
"level 03"
0000FF
Float
+2*4
3009
"level 04"
0000FF
Float
+3*4
3010
"level 05"
0000FF
Float
+4*4
3011
"level 06"
0000FF
Float
+5*4
3012
"level 07"
0000FF
Float
+6*4
3013
"level 08"
0000FF
Float
+7*4
3014
"level 09"
0000FF
Float
+8*4
3015
"level 10"
0000FF
Float
+9*4
3016
"level 11"
0000FF
Float
+a*4
3017
"level 12"
0000FF
Float
+b*4
3018
"level 13"
0000FF
Float
+c*4
3019
"level 14"
0000FF
Float
+d*4
3020
"level 15"
0000FF
Float
+e*4
3021
"level 16"
0000FF
Float
+f*4
3022
"level 17"
0000FF
Float
+10*4
3023
"level 18"
0000FF
Float
+11*4
3024
"level 19"
0000FF
Float
+12*4
3025
"level 20"
0000FF
Float
+13*4
3026
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3027
"level 21"
0000FF
Float
+0*4
3028
"level 22"
0000FF
Float
+1*4
3029
"level 23"
0000FF
Float
+2*4
3030
"level 24"
0000FF
Float
+3*4
3031
"level 25"
0000FF
Float
+4*4
3032
"level 26"
0000FF
Float
+5*4
3033
"level 27"
0000FF
Float
+6*4
3034
"level 28"
0000FF
Float
+7*4
3035
"level 29"
0000FF
Float
+8*4
3036
"level 30"
0000FF
Float
+9*4
3037
"level 31"
0000FF
Float
+a*4
3038
"level 32"
0000FF
Float
+b*4
3039
"level 33"
0000FF
Float
+c*4
3040
"level 34"
0000FF
Float
+d*4
3041
"level 35"
0000FF
Float
+e*4
3042
"level 36"
0000FF
Float
+f*4
3043
"level 37"
0000FF
Float
+10*4
3044
"level 38"
0000FF
Float
+11*4
3045
"level 39"
0000FF
Float
+12*4
3046
"level 40"
0000FF
Float
+13*4
3047
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3048
"# of values"
808080
2 Bytes
+10
3049
"(x2)"
808080
2 Bytes
+2
3050
"value"
0000FF
Float
+8
3051
"if the float is invalid, check the pointers below"
808080
1
3052
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3053
"level 01"
0000FF
Float
+0*4
3054
"level 02"
0000FF
Float
+1*4
3055
"level 03"
0000FF
Float
+2*4
3056
"level 04"
0000FF
Float
+3*4
3057
"level 05"
0000FF
Float
+4*4
3058
"level 06"
0000FF
Float
+5*4
3059
"level 07"
0000FF
Float
+6*4
3060
"level 08"
0000FF
Float
+7*4
3061
"level 09"
0000FF
Float
+8*4
3062
"level 10"
0000FF
Float
+9*4
3063
"level 11"
0000FF
Float
+a*4
3064
"level 12"
0000FF
Float
+b*4
3065
"level 13"
0000FF
Float
+c*4
3066
"level 14"
0000FF
Float
+d*4
3067
"level 15"
0000FF
Float
+e*4
3068
"level 16"
0000FF
Float
+f*4
3069
"level 17"
0000FF
Float
+10*4
3070
"level 18"
0000FF
Float
+11*4
3071
"level 19"
0000FF
Float
+12*4
3072
"level 20"
0000FF
Float
+13*4
3073
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3074
"level 21"
0000FF
Float
+0*4
3075
"level 22"
0000FF
Float
+1*4
3076
"level 23"
0000FF
Float
+2*4
3077
"level 24"
0000FF
Float
+3*4
3078
"level 25"
0000FF
Float
+4*4
3079
"level 26"
0000FF
Float
+5*4
3080
"level 27"
0000FF
Float
+6*4
3081
"level 28"
0000FF
Float
+7*4
3082
"level 29"
0000FF
Float
+8*4
3083
"level 30"
0000FF
Float
+9*4
3084
"level 31"
0000FF
Float
+a*4
3085
"level 32"
0000FF
Float
+b*4
3086
"level 33"
0000FF
Float
+c*4
3087
"level 34"
0000FF
Float
+d*4
3088
"level 35"
0000FF
Float
+e*4
3089
"level 36"
0000FF
Float
+f*4
3090
"level 37"
0000FF
Float
+10*4
3091
"level 38"
0000FF
Float
+11*4
3092
"level 39"
0000FF
Float
+12*4
3093
"level 40"
0000FF
Float
+13*4
3094
"[property 5]"
1
000080
Array of byte
0
+0
4*8
3095
"base"
1
0000FF
8 Bytes
+0
3096
"[details]"
1
000080
Array of byte
0
+0
0
0
3097
"# of modifiers"
808080
2 Bytes
+1c
3098
"(x2)"
808080
2 Bytes
+2
3099
"modifier"
0000FF
Float
+14
+1*8
3100
"if the float is invalid, check the pointers below"
808080
1
3101
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3102
"# of values"
808080
2 Bytes
+10
3103
"(x2)"
808080
2 Bytes
+2
3104
"value"
0000FF
Float
+8
3105
"if the float is invalid, check the pointers below"
808080
1
3106
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3107
"level 01"
0000FF
Float
+0*4
3108
"level 02"
0000FF
Float
+1*4
3109
"level 03"
0000FF
Float
+2*4
3110
"level 04"
0000FF
Float
+3*4
3111
"level 05"
0000FF
Float
+4*4
3112
"level 06"
0000FF
Float
+5*4
3113
"level 07"
0000FF
Float
+6*4
3114
"level 08"
0000FF
Float
+7*4
3115
"level 09"
0000FF
Float
+8*4
3116
"level 10"
0000FF
Float
+9*4
3117
"level 11"
0000FF
Float
+a*4
3118
"level 12"
0000FF
Float
+b*4
3119
"level 13"
0000FF
Float
+c*4
3120
"level 14"
0000FF
Float
+d*4
3121
"level 15"
0000FF
Float
+e*4
3122
"level 16"
0000FF
Float
+f*4
3123
"level 17"
0000FF
Float
+10*4
3124
"level 18"
0000FF
Float
+11*4
3125
"level 19"
0000FF
Float
+12*4
3126
"level 20"
0000FF
Float
+13*4
3127
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3128
"level 21"
0000FF
Float
+0*4
3129
"level 22"
0000FF
Float
+1*4
3130
"level 23"
0000FF
Float
+2*4
3131
"level 24"
0000FF
Float
+3*4
3132
"level 25"
0000FF
Float
+4*4
3133
"level 26"
0000FF
Float
+5*4
3134
"level 27"
0000FF
Float
+6*4
3135
"level 28"
0000FF
Float
+7*4
3136
"level 29"
0000FF
Float
+8*4
3137
"level 30"
0000FF
Float
+9*4
3138
"level 31"
0000FF
Float
+a*4
3139
"level 32"
0000FF
Float
+b*4
3140
"level 33"
0000FF
Float
+c*4
3141
"level 34"
0000FF
Float
+d*4
3142
"level 35"
0000FF
Float
+e*4
3143
"level 36"
0000FF
Float
+f*4
3144
"level 37"
0000FF
Float
+10*4
3145
"level 38"
0000FF
Float
+11*4
3146
"level 39"
0000FF
Float
+12*4
3147
"level 40"
0000FF
Float
+13*4
3148
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3149
"# of values"
808080
2 Bytes
+10
3150
"(x2)"
808080
2 Bytes
+2
3151
"value"
0000FF
Float
+8
3152
"if the float is invalid, check the pointers below"
808080
1
3153
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3154
"level 01"
0000FF
Float
+0*4
3155
"level 02"
0000FF
Float
+1*4
3156
"level 03"
0000FF
Float
+2*4
3157
"level 04"
0000FF
Float
+3*4
3158
"level 05"
0000FF
Float
+4*4
3159
"level 06"
0000FF
Float
+5*4
3160
"level 07"
0000FF
Float
+6*4
3161
"level 08"
0000FF
Float
+7*4
3162
"level 09"
0000FF
Float
+8*4
3163
"level 10"
0000FF
Float
+9*4
3164
"level 11"
0000FF
Float
+a*4
3165
"level 12"
0000FF
Float
+b*4
3166
"level 13"
0000FF
Float
+c*4
3167
"level 14"
0000FF
Float
+d*4
3168
"level 15"
0000FF
Float
+e*4
3169
"level 16"
0000FF
Float
+f*4
3170
"level 17"
0000FF
Float
+10*4
3171
"level 18"
0000FF
Float
+11*4
3172
"level 19"
0000FF
Float
+12*4
3173
"level 20"
0000FF
Float
+13*4
3174
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3175
"level 21"
0000FF
Float
+0*4
3176
"level 22"
0000FF
Float
+1*4
3177
"level 23"
0000FF
Float
+2*4
3178
"level 24"
0000FF
Float
+3*4
3179
"level 25"
0000FF
Float
+4*4
3180
"level 26"
0000FF
Float
+5*4
3181
"level 27"
0000FF
Float
+6*4
3182
"level 28"
0000FF
Float
+7*4
3183
"level 29"
0000FF
Float
+8*4
3184
"level 30"
0000FF
Float
+9*4
3185
"level 31"
0000FF
Float
+a*4
3186
"level 32"
0000FF
Float
+b*4
3187
"level 33"
0000FF
Float
+c*4
3188
"level 34"
0000FF
Float
+d*4
3189
"level 35"
0000FF
Float
+e*4
3190
"level 36"
0000FF
Float
+f*4
3191
"level 37"
0000FF
Float
+10*4
3192
"level 38"
0000FF
Float
+11*4
3193
"level 39"
0000FF
Float
+12*4
3194
"level 40"
0000FF
Float
+13*4
3195
"[property 6]"
1
000080
Array of byte
0
+0
5*8
3196
"base"
1
0000FF
8 Bytes
+0
3197
"[details]"
1
000080
Array of byte
0
+0
0
0
3198
"# of modifiers"
808080
2 Bytes
+1c
3199
"(x2)"
808080
2 Bytes
+2
3200
"modifier"
0000FF
Float
+14
+1*8
3201
"if the float is invalid, check the pointers below"
808080
1
3202
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3203
"# of values"
808080
2 Bytes
+10
3204
"(x2)"
808080
2 Bytes
+2
3205
"value"
0000FF
Float
+8
3206
"if the float is invalid, check the pointers below"
808080
1
3207
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3208
"level 01"
0000FF
Float
+0*4
3209
"level 02"
0000FF
Float
+1*4
3210
"level 03"
0000FF
Float
+2*4
3211
"level 04"
0000FF
Float
+3*4
3212
"level 05"
0000FF
Float
+4*4
3213
"level 06"
0000FF
Float
+5*4
3214
"level 07"
0000FF
Float
+6*4
3215
"level 08"
0000FF
Float
+7*4
3216
"level 09"
0000FF
Float
+8*4
3217
"level 10"
0000FF
Float
+9*4
3218
"level 11"
0000FF
Float
+a*4
3219
"level 12"
0000FF
Float
+b*4
3220
"level 13"
0000FF
Float
+c*4
3221
"level 14"
0000FF
Float
+d*4
3222
"level 15"
0000FF
Float
+e*4
3223
"level 16"
0000FF
Float
+f*4
3224
"level 17"
0000FF
Float
+10*4
3225
"level 18"
0000FF
Float
+11*4
3226
"level 19"
0000FF
Float
+12*4
3227
"level 20"
0000FF
Float
+13*4
3228
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3229
"level 21"
0000FF
Float
+0*4
3230
"level 22"
0000FF
Float
+1*4
3231
"level 23"
0000FF
Float
+2*4
3232
"level 24"
0000FF
Float
+3*4
3233
"level 25"
0000FF
Float
+4*4
3234
"level 26"
0000FF
Float
+5*4
3235
"level 27"
0000FF
Float
+6*4
3236
"level 28"
0000FF
Float
+7*4
3237
"level 29"
0000FF
Float
+8*4
3238
"level 30"
0000FF
Float
+9*4
3239
"level 31"
0000FF
Float
+a*4
3240
"level 32"
0000FF
Float
+b*4
3241
"level 33"
0000FF
Float
+c*4
3242
"level 34"
0000FF
Float
+d*4
3243
"level 35"
0000FF
Float
+e*4
3244
"level 36"
0000FF
Float
+f*4
3245
"level 37"
0000FF
Float
+10*4
3246
"level 38"
0000FF
Float
+11*4
3247
"level 39"
0000FF
Float
+12*4
3248
"level 40"
0000FF
Float
+13*4
3249
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3250
"# of values"
808080
2 Bytes
+10
3251
"(x2)"
808080
2 Bytes
+2
3252
"value"
0000FF
Float
+8
3253
"if the float is invalid, check the pointers below"
808080
1
3254
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3255
"level 01"
0000FF
Float
+0*4
3256
"level 02"
0000FF
Float
+1*4
3257
"level 03"
0000FF
Float
+2*4
3258
"level 04"
0000FF
Float
+3*4
3259
"level 05"
0000FF
Float
+4*4
3260
"level 06"
0000FF
Float
+5*4
3261
"level 07"
0000FF
Float
+6*4
3262
"level 08"
0000FF
Float
+7*4
3263
"level 09"
0000FF
Float
+8*4
3264
"level 10"
0000FF
Float
+9*4
3265
"level 11"
0000FF
Float
+a*4
3266
"level 12"
0000FF
Float
+b*4
3267
"level 13"
0000FF
Float
+c*4
3268
"level 14"
0000FF
Float
+d*4
3269
"level 15"
0000FF
Float
+e*4
3270
"level 16"
0000FF
Float
+f*4
3271
"level 17"
0000FF
Float
+10*4
3272
"level 18"
0000FF
Float
+11*4
3273
"level 19"
0000FF
Float
+12*4
3274
"level 20"
0000FF
Float
+13*4
3275
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3276
"level 21"
0000FF
Float
+0*4
3277
"level 22"
0000FF
Float
+1*4
3278
"level 23"
0000FF
Float
+2*4
3279
"level 24"
0000FF
Float
+3*4
3280
"level 25"
0000FF
Float
+4*4
3281
"level 26"
0000FF
Float
+5*4
3282
"level 27"
0000FF
Float
+6*4
3283
"level 28"
0000FF
Float
+7*4
3284
"level 29"
0000FF
Float
+8*4
3285
"level 30"
0000FF
Float
+9*4
3286
"level 31"
0000FF
Float
+a*4
3287
"level 32"
0000FF
Float
+b*4
3288
"level 33"
0000FF
Float
+c*4
3289
"level 34"
0000FF
Float
+d*4
3290
"level 35"
0000FF
Float
+e*4
3291
"level 36"
0000FF
Float
+f*4
3292
"level 37"
0000FF
Float
+10*4
3293
"level 38"
0000FF
Float
+11*4
3294
"level 39"
0000FF
Float
+12*4
3295
"level 40"
0000FF
Float
+13*4
3634
"weapon editor .3"
FF0000
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(levelChkOnEquipAOB,ACOrigins.exe,75 08 8B 47 ** 39 41 ** 74 ** 48 83 ** ** ** ** ** ** ** 33 C0 85 C0)
registersymbol(levelChkOnEquipAOB)
aobscanmodule(gearEquipRetAOB,ACOrigins.exe,0F B6 AC ** ** ** ** ** 84 C0 75 ** 88)
registersymbol(gearEquipRetAOB)
label(pEquippedGear)
registersymbol(pEquippedGear)
alloc(newmem2,2048,levelChkOnEquipAOB) //"ACOrigins.exe"+1998FD5)
label(originalcode2_onequipgear)
registersymbol(originalcode2_onequipgear)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
//readmem(levelChkOnEquipAOB,2)
jne normalout
mov rax,gearEquipRetAOB //"ACOrigins.exe"+198D432
cmp [rsp+28],rax
jne @f
mov rax,pEquippedGear
mov [rax],rcx
@@:
readmem(levelChkOnEquipAOB+2,6)
reassemble(levelChkOnEquipAOB+8)
normalout:
readmem(levelChkOnEquipAOB+a,4)
jmp exit2
originalcode2_onequipgear:
readmem(levelChkOnEquipAOB,14)
//jne ACOrigins.AK::WriteBytesMem::Bytes+A3C23F
//mov eax,[rdi+08]
//cmp [rcx+10],eax
//je ACOrigins.AK::WriteBytesMem::Bytes+A3C27C
//add rcx,20
exit2:
jmp levelChkOnEquipAOB+e //"ACOrigins.exe"+1998FE3
///
pEquippedGear:
///
levelChkOnEquipAOB: //"ACOrigins.exe"+1998FD5:
jmp newmem2
returnhere2:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
levelChkOnEquipAOB: //"ACOrigins.exe"+1998FD5:
readmem(originalcode2_onequipgear,14)
//db 75 08 8B 47 08 39 41 10 74 3D 48 83 C1 20
//Alt: jne ACOrigins.AK::WriteBytesMem::Bytes+A3C23F
//Alt: mov eax,[rdi+08]
//Alt: cmp [rcx+10],eax
//Alt: je ACOrigins.AK::WriteBytesMem::Bytes+A3C27C
//Alt: add rcx,20
unregistersymbol(originalcode2_onequipgear)
unregistersymbol(pEquippedGear)
3635
"[just equipped gear]"
000080
Array of byte
0
pEquippedGear
0
3636
"category"
808080
String
12
0
0
1
+8
0
10
0
0
60
0
3637
"quantity"
0000FF
4 Bytes
+0
3638
"lvl"
0000FF
4 Bytes
+10
3639
"rarity"
0000FF
4 Bytes
+8
10
0
3640
"some flags"
1
808080
4 Bytes
+8
C
3641
"[properties]"
1
000080
Array of byte
0
+8
48
0
3642
"# of properties"
808080
2 Bytes
pEquippedGear
50
0
8
3643
"(x2)"
808080
2 Bytes
+2
3644
"[base property]"
1
000080
Array of byte
0
+0
0
0
0*8
3645
"# of modifiers"
808080
2 Bytes
+1c
3646
"(x2)"
808080
2 Bytes
+2
3647
"modifier"
0000FF
Float
+14
+1*8
3648
"if the float is invalid, check the pointers below"
808080
1
3649
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3650
"# of values"
808080
2 Bytes
+10
3651
"(x2)"
808080
2 Bytes
+2
3652
"value"
0000FF
Float
+8
3653
"if the float is invalid, check the pointers below"
808080
1
3654
"[values (01 - 20)]"
1
000080
Array of byte
0
+8
0
3655
"level 01"
0000FF
Float
+0*4
3656
"level 02"
0000FF
Float
+1*4
3657
"level 03"
0000FF
Float
+2*4
3658
"level 04"
0000FF
Float
+3*4
3659
"level 05"
0000FF
Float
+4*4
3660
"level 06"
0000FF
Float
+5*4
3661
"level 07"
0000FF
Float
+6*4
3662
"level 08"
0000FF
Float
+7*4
3663
"level 09"
0000FF
Float
+8*4
3664
"level 10"
0000FF
Float
+9*4
3665
"level 11"
0000FF
Float
+a*4
3666
"level 12"
0000FF
Float
+b*4
3667
"level 13"
0000FF
Float
+c*4
3668
"level 14"
0000FF
Float
+d*4
3669
"level 15"
0000FF
Float
+e*4
3670
"level 16"
0000FF
Float
+f*4
3671
"level 17"
0000FF
Float
+10*4
3672
"level 18"
0000FF
Float
+11*4
3673
"level 19"
0000FF
Float
+12*4
3674
"level 20"
0000FF
Float
+13*4
3675
"[values (21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3676
"level 21"
0000FF
Float
+0*4
3677
"level 22"
0000FF
Float
+1*4
3678
"level 23"
0000FF
Float
+2*4
3679
"level 24"
0000FF
Float
+3*4
3680
"level 25"
0000FF
Float
+4*4
3681
"level 26"
0000FF
Float
+5*4
3682
"level 27"
0000FF
Float
+6*4
3683
"level 28"
0000FF
Float
+7*4
3684
"level 29"
0000FF
Float
+8*4
3685
"level 30"
0000FF
Float
+9*4
3686
"level 31"
0000FF
Float
+a*4
3687
"level 32"
0000FF
Float
+b*4
3688
"level 33"
0000FF
Float
+c*4
3689
"level 34"
0000FF
Float
+d*4
3690
"level 35"
0000FF
Float
+e*4
3691
"level 36"
0000FF
Float
+f*4
3692
"level 37"
0000FF
Float
+10*4
3693
"level 38"
0000FF
Float
+11*4
3694
"level 39"
0000FF
Float
+12*4
3695
"level 40"
0000FF
Float
+13*4
3696
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3697
"# of values"
808080
2 Bytes
+10
3698
"(x2)"
808080
2 Bytes
+2
3699
"value"
0000FF
Float
+8
3700
"if the float is invalid, check the pointers below"
808080
1
3701
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3702
"level 01"
0000FF
Float
+0*4
3703
"level 02"
0000FF
Float
+1*4
3704
"level 03"
0000FF
Float
+2*4
3705
"level 04"
0000FF
Float
+3*4
3706
"level 05"
0000FF
Float
+4*4
3707
"level 06"
0000FF
Float
+5*4
3708
"level 07"
0000FF
Float
+6*4
3709
"level 08"
0000FF
Float
+7*4
3710
"level 09"
0000FF
Float
+8*4
3711
"level 10"
0000FF
Float
+9*4
3712
"level 11"
0000FF
Float
+a*4
3713
"level 12"
0000FF
Float
+b*4
3714
"level 13"
0000FF
Float
+c*4
3715
"level 14"
0000FF
Float
+d*4
3716
"level 15"
0000FF
Float
+e*4
3717
"level 16"
0000FF
Float
+f*4
3718
"level 17"
0000FF
Float
+10*4
3719
"level 18"
0000FF
Float
+11*4
3720
"level 19"
0000FF
Float
+12*4
3721
"level 20"
0000FF
Float
+13*4
3722
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3723
"level 21"
0000FF
Float
+0*4
3724
"level 22"
0000FF
Float
+1*4
3725
"level 23"
0000FF
Float
+2*4
3726
"level 24"
0000FF
Float
+3*4
3727
"level 25"
0000FF
Float
+4*4
3728
"level 26"
0000FF
Float
+5*4
3729
"level 27"
0000FF
Float
+6*4
3730
"level 28"
0000FF
Float
+7*4
3731
"level 29"
0000FF
Float
+8*4
3732
"level 30"
0000FF
Float
+9*4
3733
"level 31"
0000FF
Float
+a*4
3734
"level 32"
0000FF
Float
+b*4
3735
"level 33"
0000FF
Float
+c*4
3736
"level 34"
0000FF
Float
+d*4
3737
"level 35"
0000FF
Float
+e*4
3738
"level 36"
0000FF
Float
+f*4
3739
"level 37"
0000FF
Float
+10*4
3740
"level 38"
0000FF
Float
+11*4
3741
"level 39"
0000FF
Float
+12*4
3742
"level 40"
0000FF
Float
+13*4
3743
"[property 2]"
1
000080
Array of byte
0
+0
1*8
3744
"base"
1
0000FF
8 Bytes
+0
3745
"[details]"
1
000080
Array of byte
0
+0
0
0
3746
"# of modifiers"
808080
2 Bytes
+1c
3747
"(x2)"
808080
2 Bytes
+2
3748
"modifier"
0000FF
Float
+14
+1*8
3749
"if the float is invalid, check the pointers below"
808080
1
3750
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3751
"# of values"
808080
2 Bytes
+10
3752
"(x2)"
808080
2 Bytes
+2
3753
"value"
0000FF
Float
+8
3754
"if the float is invalid, check the pointers below"
808080
1
3755
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3756
"level 01"
0000FF
Float
+0*4
3757
"level 02"
0000FF
Float
+1*4
3758
"level 03"
0000FF
Float
+2*4
3759
"level 04"
0000FF
Float
+3*4
3760
"level 05"
0000FF
Float
+4*4
3761
"level 06"
0000FF
Float
+5*4
3762
"level 07"
0000FF
Float
+6*4
3763
"level 08"
0000FF
Float
+7*4
3764
"level 09"
0000FF
Float
+8*4
3765
"level 10"
0000FF
Float
+9*4
3766
"level 11"
0000FF
Float
+a*4
3767
"level 12"
0000FF
Float
+b*4
3768
"level 13"
0000FF
Float
+c*4
3769
"level 14"
0000FF
Float
+d*4
3770
"level 15"
0000FF
Float
+e*4
3771
"level 16"
0000FF
Float
+f*4
3772
"level 17"
0000FF
Float
+10*4
3773
"level 18"
0000FF
Float
+11*4
3774
"level 19"
0000FF
Float
+12*4
3775
"level 20"
0000FF
Float
+13*4
3776
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3777
"level 21"
0000FF
Float
+0*4
3778
"level 22"
0000FF
Float
+1*4
3779
"level 23"
0000FF
Float
+2*4
3780
"level 24"
0000FF
Float
+3*4
3781
"level 25"
0000FF
Float
+4*4
3782
"level 26"
0000FF
Float
+5*4
3783
"level 27"
0000FF
Float
+6*4
3784
"level 28"
0000FF
Float
+7*4
3785
"level 29"
0000FF
Float
+8*4
3786
"level 30"
0000FF
Float
+9*4
3787
"level 31"
0000FF
Float
+a*4
3788
"level 32"
0000FF
Float
+b*4
3789
"level 33"
0000FF
Float
+c*4
3790
"level 34"
0000FF
Float
+d*4
3791
"level 35"
0000FF
Float
+e*4
3792
"level 36"
0000FF
Float
+f*4
3793
"level 37"
0000FF
Float
+10*4
3794
"level 38"
0000FF
Float
+11*4
3795
"level 39"
0000FF
Float
+12*4
3796
"level 40"
0000FF
Float
+13*4
3797
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3798
"# of values"
808080
2 Bytes
+10
3799
"(x2)"
808080
2 Bytes
+2
3800
"value"
0000FF
Float
+8
3801
"if the float is invalid, check the pointers below"
808080
1
3802
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3803
"level 01"
0000FF
Float
+0*4
3804
"level 02"
0000FF
Float
+1*4
3805
"level 03"
0000FF
Float
+2*4
3806
"level 04"
0000FF
Float
+3*4
3807
"level 05"
0000FF
Float
+4*4
3808
"level 06"
0000FF
Float
+5*4
3809
"level 07"
0000FF
Float
+6*4
3810
"level 08"
0000FF
Float
+7*4
3811
"level 09"
0000FF
Float
+8*4
3812
"level 10"
0000FF
Float
+9*4
3813
"level 11"
0000FF
Float
+a*4
3814
"level 12"
0000FF
Float
+b*4
3815
"level 13"
0000FF
Float
+c*4
3816
"level 14"
0000FF
Float
+d*4
3817
"level 15"
0000FF
Float
+e*4
3818
"level 16"
0000FF
Float
+f*4
3819
"level 17"
0000FF
Float
+10*4
3820
"level 18"
0000FF
Float
+11*4
3821
"level 19"
0000FF
Float
+12*4
3822
"level 20"
0000FF
Float
+13*4
3823
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3824
"level 21"
0000FF
Float
+0*4
3825
"level 22"
0000FF
Float
+1*4
3826
"level 23"
0000FF
Float
+2*4
3827
"level 24"
0000FF
Float
+3*4
3828
"level 25"
0000FF
Float
+4*4
3829
"level 26"
0000FF
Float
+5*4
3830
"level 27"
0000FF
Float
+6*4
3831
"level 28"
0000FF
Float
+7*4
3832
"level 29"
0000FF
Float
+8*4
3833
"level 30"
0000FF
Float
+9*4
3834
"level 31"
0000FF
Float
+a*4
3835
"level 32"
0000FF
Float
+b*4
3836
"level 33"
0000FF
Float
+c*4
3837
"level 34"
0000FF
Float
+d*4
3838
"level 35"
0000FF
Float
+e*4
3839
"level 36"
0000FF
Float
+f*4
3840
"level 37"
0000FF
Float
+10*4
3841
"level 38"
0000FF
Float
+11*4
3842
"level 39"
0000FF
Float
+12*4
3843
"level 40"
0000FF
Float
+13*4
3844
"[property 3]"
1
000080
Array of byte
0
+0
2*8
3845
"base"
1
0000FF
8 Bytes
+0
3846
"[details]"
1
000080
Array of byte
0
+0
0
0
3847
"# of modifiers"
808080
2 Bytes
+1c
3848
"(x2)"
808080
2 Bytes
+2
3849
"modifier"
0000FF
Float
+14
+1*8
3850
"if the float is invalid, check the pointers below"
808080
1
3851
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3852
"# of values"
808080
2 Bytes
+10
3853
"(x2)"
808080
2 Bytes
+2
3854
"value"
0000FF
Float
+8
3855
"if the float is invalid, check the pointers below"
808080
1
3856
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3857
"level 01"
0000FF
Float
+0*4
3858
"level 02"
0000FF
Float
+1*4
3859
"level 03"
0000FF
Float
+2*4
3860
"level 04"
0000FF
Float
+3*4
3861
"level 05"
0000FF
Float
+4*4
3862
"level 06"
0000FF
Float
+5*4
3863
"level 07"
0000FF
Float
+6*4
3864
"level 08"
0000FF
Float
+7*4
3865
"level 09"
0000FF
Float
+8*4
3866
"level 10"
0000FF
Float
+9*4
3867
"level 11"
0000FF
Float
+a*4
3868
"level 12"
0000FF
Float
+b*4
3869
"level 13"
0000FF
Float
+c*4
3870
"level 14"
0000FF
Float
+d*4
3871
"level 15"
0000FF
Float
+e*4
3872
"level 16"
0000FF
Float
+f*4
3873
"level 17"
0000FF
Float
+10*4
3874
"level 18"
0000FF
Float
+11*4
3875
"level 19"
0000FF
Float
+12*4
3876
"level 20"
0000FF
Float
+13*4
3877
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3878
"level 21"
0000FF
Float
+0*4
3879
"level 22"
0000FF
Float
+1*4
3880
"level 23"
0000FF
Float
+2*4
3881
"level 24"
0000FF
Float
+3*4
3882
"level 25"
0000FF
Float
+4*4
3883
"level 26"
0000FF
Float
+5*4
3884
"level 27"
0000FF
Float
+6*4
3885
"level 28"
0000FF
Float
+7*4
3886
"level 29"
0000FF
Float
+8*4
3887
"level 30"
0000FF
Float
+9*4
3888
"level 31"
0000FF
Float
+a*4
3889
"level 32"
0000FF
Float
+b*4
3890
"level 33"
0000FF
Float
+c*4
3891
"level 34"
0000FF
Float
+d*4
3892
"level 35"
0000FF
Float
+e*4
3893
"level 36"
0000FF
Float
+f*4
3894
"level 37"
0000FF
Float
+10*4
3895
"level 38"
0000FF
Float
+11*4
3896
"level 39"
0000FF
Float
+12*4
3897
"level 40"
0000FF
Float
+13*4
3898
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
3899
"# of values"
808080
2 Bytes
+10
3900
"(x2)"
808080
2 Bytes
+2
3901
"value"
0000FF
Float
+8
3902
"if the float is invalid, check the pointers below"
808080
1
3903
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3904
"level 01"
0000FF
Float
+0*4
3905
"level 02"
0000FF
Float
+1*4
3906
"level 03"
0000FF
Float
+2*4
3907
"level 04"
0000FF
Float
+3*4
3908
"level 05"
0000FF
Float
+4*4
3909
"level 06"
0000FF
Float
+5*4
3910
"level 07"
0000FF
Float
+6*4
3911
"level 08"
0000FF
Float
+7*4
3912
"level 09"
0000FF
Float
+8*4
3913
"level 10"
0000FF
Float
+9*4
3914
"level 11"
0000FF
Float
+a*4
3915
"level 12"
0000FF
Float
+b*4
3916
"level 13"
0000FF
Float
+c*4
3917
"level 14"
0000FF
Float
+d*4
3918
"level 15"
0000FF
Float
+e*4
3919
"level 16"
0000FF
Float
+f*4
3920
"level 17"
0000FF
Float
+10*4
3921
"level 18"
0000FF
Float
+11*4
3922
"level 19"
0000FF
Float
+12*4
3923
"level 20"
0000FF
Float
+13*4
3924
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3925
"level 21"
0000FF
Float
+0*4
3926
"level 22"
0000FF
Float
+1*4
3927
"level 23"
0000FF
Float
+2*4
3928
"level 24"
0000FF
Float
+3*4
3929
"level 25"
0000FF
Float
+4*4
3930
"level 26"
0000FF
Float
+5*4
3931
"level 27"
0000FF
Float
+6*4
3932
"level 28"
0000FF
Float
+7*4
3933
"level 29"
0000FF
Float
+8*4
3934
"level 30"
0000FF
Float
+9*4
3935
"level 31"
0000FF
Float
+a*4
3936
"level 32"
0000FF
Float
+b*4
3937
"level 33"
0000FF
Float
+c*4
3938
"level 34"
0000FF
Float
+d*4
3939
"level 35"
0000FF
Float
+e*4
3940
"level 36"
0000FF
Float
+f*4
3941
"level 37"
0000FF
Float
+10*4
3942
"level 38"
0000FF
Float
+11*4
3943
"level 39"
0000FF
Float
+12*4
3944
"level 40"
0000FF
Float
+13*4
3945
"[property 4]"
1
000080
Array of byte
0
+0
3*8
3946
"base"
1
0000FF
8 Bytes
+0
3947
"[details]"
1
000080
Array of byte
0
+0
0
0
3948
"# of modifiers"
808080
2 Bytes
+1c
3949
"(x2)"
808080
2 Bytes
+2
3950
"modifier"
0000FF
Float
+14
+1*8
3951
"if the float is invalid, check the pointers below"
808080
1
3952
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
3953
"# of values"
808080
2 Bytes
+10
3954
"(x2)"
808080
2 Bytes
+2
3955
"value"
0000FF
Float
+8
3956
"if the float is invalid, check the pointers below"
808080
1
3957
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
3958
"level 01"
0000FF
Float
+0*4
3959
"level 02"
0000FF
Float
+1*4
3960
"level 03"
0000FF
Float
+2*4
3961
"level 04"
0000FF
Float
+3*4
3962
"level 05"
0000FF
Float
+4*4
3963
"level 06"
0000FF
Float
+5*4
3964
"level 07"
0000FF
Float
+6*4
3965
"level 08"
0000FF
Float
+7*4
3966
"level 09"
0000FF
Float
+8*4
3967
"level 10"
0000FF
Float
+9*4
3968
"level 11"
0000FF
Float
+a*4
3969
"level 12"
0000FF
Float
+b*4
3970
"level 13"
0000FF
Float
+c*4
3971
"level 14"
0000FF
Float
+d*4
3972
"level 15"
0000FF
Float
+e*4
3973
"level 16"
0000FF
Float
+f*4
3974
"level 17"
0000FF
Float
+10*4
3975
"level 18"
0000FF
Float
+11*4
3976
"level 19"
0000FF
Float
+12*4
3977
"level 20"
0000FF
Float
+13*4
3978
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
3979
"level 21"
0000FF
Float
+0*4
3980
"level 22"
0000FF
Float
+1*4
3981
"level 23"
0000FF
Float
+2*4
3982
"level 24"
0000FF
Float
+3*4
3983
"level 25"
0000FF
Float
+4*4
3984
"level 26"
0000FF
Float
+5*4
3985
"level 27"
0000FF
Float
+6*4
3986
"level 28"
0000FF
Float
+7*4
3987
"level 29"
0000FF
Float
+8*4
3988
"level 30"
0000FF
Float
+9*4
3989
"level 31"
0000FF
Float
+a*4
3990
"level 32"
0000FF
Float
+b*4
3991
"level 33"
0000FF
Float
+c*4
3992
"level 34"
0000FF
Float
+d*4
3993
"level 35"
0000FF
Float
+e*4
3994
"level 36"
0000FF
Float
+f*4
3995
"level 37"
0000FF
Float
+10*4
3996
"level 38"
0000FF
Float
+11*4
3997
"level 39"
0000FF
Float
+12*4
3998
"level 40"
0000FF
Float
+13*4
3999
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
4000
"# of values"
808080
2 Bytes
+10
4001
"(x2)"
808080
2 Bytes
+2
4002
"value"
0000FF
Float
+8
4003
"if the float is invalid, check the pointers below"
808080
1
4004
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
4005
"level 01"
0000FF
Float
+0*4
4006
"level 02"
0000FF
Float
+1*4
4007
"level 03"
0000FF
Float
+2*4
4008
"level 04"
0000FF
Float
+3*4
4009
"level 05"
0000FF
Float
+4*4
4010
"level 06"
0000FF
Float
+5*4
4011
"level 07"
0000FF
Float
+6*4
4012
"level 08"
0000FF
Float
+7*4
4013
"level 09"
0000FF
Float
+8*4
4014
"level 10"
0000FF
Float
+9*4
4015
"level 11"
0000FF
Float
+a*4
4016
"level 12"
0000FF
Float
+b*4
4017
"level 13"
0000FF
Float
+c*4
4018
"level 14"
0000FF
Float
+d*4
4019
"level 15"
0000FF
Float
+e*4
4020
"level 16"
0000FF
Float
+f*4
4021
"level 17"
0000FF
Float
+10*4
4022
"level 18"
0000FF
Float
+11*4
4023
"level 19"
0000FF
Float
+12*4
4024
"level 20"
0000FF
Float
+13*4
4025
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
4026
"level 21"
0000FF
Float
+0*4
4027
"level 22"
0000FF
Float
+1*4
4028
"level 23"
0000FF
Float
+2*4
4029
"level 24"
0000FF
Float
+3*4
4030
"level 25"
0000FF
Float
+4*4
4031
"level 26"
0000FF
Float
+5*4
4032
"level 27"
0000FF
Float
+6*4
4033
"level 28"
0000FF
Float
+7*4
4034
"level 29"
0000FF
Float
+8*4
4035
"level 30"
0000FF
Float
+9*4
4036
"level 31"
0000FF
Float
+a*4
4037
"level 32"
0000FF
Float
+b*4
4038
"level 33"
0000FF
Float
+c*4
4039
"level 34"
0000FF
Float
+d*4
4040
"level 35"
0000FF
Float
+e*4
4041
"level 36"
0000FF
Float
+f*4
4042
"level 37"
0000FF
Float
+10*4
4043
"level 38"
0000FF
Float
+11*4
4044
"level 39"
0000FF
Float
+12*4
4045
"level 40"
0000FF
Float
+13*4
4046
"[property 5]"
1
000080
Array of byte
0
+0
4*8
4047
"base"
1
0000FF
8 Bytes
+0
4048
"[details]"
1
000080
Array of byte
0
+0
0
0
4049
"# of modifiers"
808080
2 Bytes
+1c
4050
"(x2)"
808080
2 Bytes
+2
4051
"modifier"
0000FF
Float
+14
+1*8
4052
"if the float is invalid, check the pointers below"
808080
1
4053
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
4054
"# of values"
808080
2 Bytes
+10
4055
"(x2)"
808080
2 Bytes
+2
4056
"value"
0000FF
Float
+8
4057
"if the float is invalid, check the pointers below"
808080
1
4058
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
4059
"level 01"
0000FF
Float
+0*4
4060
"level 02"
0000FF
Float
+1*4
4061
"level 03"
0000FF
Float
+2*4
4062
"level 04"
0000FF
Float
+3*4
4063
"level 05"
0000FF
Float
+4*4
4064
"level 06"
0000FF
Float
+5*4
4065
"level 07"
0000FF
Float
+6*4
4066
"level 08"
0000FF
Float
+7*4
4067
"level 09"
0000FF
Float
+8*4
4068
"level 10"
0000FF
Float
+9*4
4069
"level 11"
0000FF
Float
+a*4
4070
"level 12"
0000FF
Float
+b*4
4071
"level 13"
0000FF
Float
+c*4
4072
"level 14"
0000FF
Float
+d*4
4073
"level 15"
0000FF
Float
+e*4
4074
"level 16"
0000FF
Float
+f*4
4075
"level 17"
0000FF
Float
+10*4
4076
"level 18"
0000FF
Float
+11*4
4077
"level 19"
0000FF
Float
+12*4
4078
"level 20"
0000FF
Float
+13*4
4079
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
4080
"level 21"
0000FF
Float
+0*4
4081
"level 22"
0000FF
Float
+1*4
4082
"level 23"
0000FF
Float
+2*4
4083
"level 24"
0000FF
Float
+3*4
4084
"level 25"
0000FF
Float
+4*4
4085
"level 26"
0000FF
Float
+5*4
4086
"level 27"
0000FF
Float
+6*4
4087
"level 28"
0000FF
Float
+7*4
4088
"level 29"
0000FF
Float
+8*4
4089
"level 30"
0000FF
Float
+9*4
4090
"level 31"
0000FF
Float
+a*4
4091
"level 32"
0000FF
Float
+b*4
4092
"level 33"
0000FF
Float
+c*4
4093
"level 34"
0000FF
Float
+d*4
4094
"level 35"
0000FF
Float
+e*4
4095
"level 36"
0000FF
Float
+f*4
4096
"level 37"
0000FF
Float
+10*4
4097
"level 38"
0000FF
Float
+11*4
4098
"level 39"
0000FF
Float
+12*4
4099
"level 40"
0000FF
Float
+13*4
4100
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
4101
"# of values"
808080
2 Bytes
+10
4102
"(x2)"
808080
2 Bytes
+2
4103
"value"
0000FF
Float
+8
4104
"if the float is invalid, check the pointers below"
808080
1
4105
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
4106
"level 01"
0000FF
Float
+0*4
4107
"level 02"
0000FF
Float
+1*4
4108
"level 03"
0000FF
Float
+2*4
4109
"level 04"
0000FF
Float
+3*4
4110
"level 05"
0000FF
Float
+4*4
4111
"level 06"
0000FF
Float
+5*4
4112
"level 07"
0000FF
Float
+6*4
4113
"level 08"
0000FF
Float
+7*4
4114
"level 09"
0000FF
Float
+8*4
4115
"level 10"
0000FF
Float
+9*4
4116
"level 11"
0000FF
Float
+a*4
4117
"level 12"
0000FF
Float
+b*4
4118
"level 13"
0000FF
Float
+c*4
4119
"level 14"
0000FF
Float
+d*4
4120
"level 15"
0000FF
Float
+e*4
4121
"level 16"
0000FF
Float
+f*4
4122
"level 17"
0000FF
Float
+10*4
4123
"level 18"
0000FF
Float
+11*4
4124
"level 19"
0000FF
Float
+12*4
4125
"level 20"
0000FF
Float
+13*4
4126
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
4127
"level 21"
0000FF
Float
+0*4
4128
"level 22"
0000FF
Float
+1*4
4129
"level 23"
0000FF
Float
+2*4
4130
"level 24"
0000FF
Float
+3*4
4131
"level 25"
0000FF
Float
+4*4
4132
"level 26"
0000FF
Float
+5*4
4133
"level 27"
0000FF
Float
+6*4
4134
"level 28"
0000FF
Float
+7*4
4135
"level 29"
0000FF
Float
+8*4
4136
"level 30"
0000FF
Float
+9*4
4137
"level 31"
0000FF
Float
+a*4
4138
"level 32"
0000FF
Float
+b*4
4139
"level 33"
0000FF
Float
+c*4
4140
"level 34"
0000FF
Float
+d*4
4141
"level 35"
0000FF
Float
+e*4
4142
"level 36"
0000FF
Float
+f*4
4143
"level 37"
0000FF
Float
+10*4
4144
"level 38"
0000FF
Float
+11*4
4145
"level 39"
0000FF
Float
+12*4
4146
"level 40"
0000FF
Float
+13*4
4147
"[property 6]"
1
000080
Array of byte
0
+0
5*8
4148
"base"
1
0000FF
8 Bytes
+0
4149
"[details]"
1
000080
Array of byte
0
+0
0
0
4150
"# of modifiers"
808080
2 Bytes
+1c
4151
"(x2)"
808080
2 Bytes
+2
4152
"modifier"
0000FF
Float
+14
+1*8
4153
"if the float is invalid, check the pointers below"
808080
1
4154
"[modifier 1]"
1
000080
Array of byte
0
+14
0
0*8
4155
"# of values"
808080
2 Bytes
+10
4156
"(x2)"
808080
2 Bytes
+2
4157
"value"
0000FF
Float
+8
4158
"if the float is invalid, check the pointers below"
808080
1
4159
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
4160
"level 01"
0000FF
Float
+0*4
4161
"level 02"
0000FF
Float
+1*4
4162
"level 03"
0000FF
Float
+2*4
4163
"level 04"
0000FF
Float
+3*4
4164
"level 05"
0000FF
Float
+4*4
4165
"level 06"
0000FF
Float
+5*4
4166
"level 07"
0000FF
Float
+6*4
4167
"level 08"
0000FF
Float
+7*4
4168
"level 09"
0000FF
Float
+8*4
4169
"level 10"
0000FF
Float
+9*4
4170
"level 11"
0000FF
Float
+a*4
4171
"level 12"
0000FF
Float
+b*4
4172
"level 13"
0000FF
Float
+c*4
4173
"level 14"
0000FF
Float
+d*4
4174
"level 15"
0000FF
Float
+e*4
4175
"level 16"
0000FF
Float
+f*4
4176
"level 17"
0000FF
Float
+10*4
4177
"level 18"
0000FF
Float
+11*4
4178
"level 19"
0000FF
Float
+12*4
4179
"level 20"
0000FF
Float
+13*4
4180
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
4181
"level 21"
0000FF
Float
+0*4
4182
"level 22"
0000FF
Float
+1*4
4183
"level 23"
0000FF
Float
+2*4
4184
"level 24"
0000FF
Float
+3*4
4185
"level 25"
0000FF
Float
+4*4
4186
"level 26"
0000FF
Float
+5*4
4187
"level 27"
0000FF
Float
+6*4
4188
"level 28"
0000FF
Float
+7*4
4189
"level 29"
0000FF
Float
+8*4
4190
"level 30"
0000FF
Float
+9*4
4191
"level 31"
0000FF
Float
+a*4
4192
"level 32"
0000FF
Float
+b*4
4193
"level 33"
0000FF
Float
+c*4
4194
"level 34"
0000FF
Float
+d*4
4195
"level 35"
0000FF
Float
+e*4
4196
"level 36"
0000FF
Float
+f*4
4197
"level 37"
0000FF
Float
+10*4
4198
"level 38"
0000FF
Float
+11*4
4199
"level 39"
0000FF
Float
+12*4
4200
"level 40"
0000FF
Float
+13*4
4201
"[modifier 2]"
1
000080
Array of byte
0
+14
0
+1*8
4202
"# of values"
808080
2 Bytes
+10
4203
"(x2)"
808080
2 Bytes
+2
4204
"value"
0000FF
Float
+8
4205
"if the float is invalid, check the pointers below"
808080
1
4206
"[values (lvl 01 - 20)]"
1
000080
Array of byte
0
+8
0
4207
"level 01"
0000FF
Float
+0*4
4208
"level 02"
0000FF
Float
+1*4
4209
"level 03"
0000FF
Float
+2*4
4210
"level 04"
0000FF
Float
+3*4
4211
"level 05"
0000FF
Float
+4*4
4212
"level 06"
0000FF
Float
+5*4
4213
"level 07"
0000FF
Float
+6*4
4214
"level 08"
0000FF
Float
+7*4
4215
"level 09"
0000FF
Float
+8*4
4216
"level 10"
0000FF
Float
+9*4
4217
"level 11"
0000FF
Float
+a*4
4218
"level 12"
0000FF
Float
+b*4
4219
"level 13"
0000FF
Float
+c*4
4220
"level 14"
0000FF
Float
+d*4
4221
"level 15"
0000FF
Float
+e*4
4222
"level 16"
0000FF
Float
+f*4
4223
"level 17"
0000FF
Float
+10*4
4224
"level 18"
0000FF
Float
+11*4
4225
"level 19"
0000FF
Float
+12*4
4226
"level 20"
0000FF
Float
+13*4
4227
"[values (lvl 21 - 40)]"
1
000080
Array of byte
0
+8
+14*4
4228
"level 21"
0000FF
Float
+0*4
4229
"level 22"
0000FF
Float
+1*4
4230
"level 23"
0000FF
Float
+2*4
4231
"level 24"
0000FF
Float
+3*4
4232
"level 25"
0000FF
Float
+4*4
4233
"level 26"
0000FF
Float
+5*4
4234
"level 27"
0000FF
Float
+6*4
4235
"level 28"
0000FF
Float
+7*4
4236
"level 29"
0000FF
Float
+8*4
4237
"level 30"
0000FF
Float
+9*4
4238
"level 31"
0000FF
Float
+a*4
4239
"level 32"
0000FF
Float
+b*4
4240
"level 33"
0000FF
Float
+c*4
4241
"level 34"
0000FF
Float
+d*4
4242
"level 35"
0000FF
Float
+e*4
4243
"level 36"
0000FF
Float
+f*4
4244
"level 37"
0000FF
Float
+10*4
4245
"level 38"
0000FF
Float
+11*4
4246
"level 39"
0000FF
Float
+12*4
4247
"level 40"
0000FF
Float
+13*4
http://fearlessrevolution.com/viewtopic.php?f=4&t=5267&p=23057#p23057