Zelda: Breath of the Wild (CEMU)

Upload your cheat tables here (No requests)
Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Tue May 09, 2017 1:31 am

Updated OP with 2 more adds.

-No recharge after rune use
-Break Yoself!

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Wed May 10, 2017 9:27 pm

Well, currently making the table, but like i said here is the AoB, AA and LUA script i used with my version:

Version used: DCAC9927 EUR V64

*Updated AoB

Code: Select all

?? ?? ?? ?? 44 C8 00 00 00 00 00 00 00 00 00 00 42 78 A5 A4 00 00 00 3C 00 00 00 ?? 00 00 00 3C

it only returns one address for my system and version, though i use Lua so it autopopulates the table with addresses when you activate and removes them when you deactivate

AA and LUA code:

Code: Select all

[ENABLE]
{$lua}
AoB = AOBScan("?? ?? ?? ?? 44 C8 00 00 00 00 00 00 00 00 00 00 42 78 A5 A4 00 00 00 3C 00 00 00 ?? 00 00 00 3C")

      if (AoB) then -- Check if there were any results
          length = AoB.getCount() -- Get number of matches found
          if (length > 0) then
          address1 = getAddress(AoB[0])
          AoB.Destroy()  -- destroy the array
          AoB = nil
      end
  else
end

local list = getAddressList()

         description = 'Stamina'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Hearts'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+153CAF0"
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Bomb Arrow'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+1865F30"
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Lightning Arrow'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+1866150"
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Ice Arrow'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+1866370"
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Fire Arrow'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+1866590"
         rec.setAddress(address2)
         rec.setDescription(description)

         description = 'Normal Arrow'
         rec = list.createMemoryRecord()
         address2 = string.format( '%x', address1 )
         address2 = address2.."+18667B0"
         rec.setAddress(address2)
         rec.setDescription(description)

{$asm}

[DISABLE]

{$lua}
      local list = getAddressList()
      while list.getCount() > 1 do
            rec = list.getMemoryRecord(list,1)
            memoryrecord_delete(rec)
      end
{$asm}
I then used offset's to calcuate key addresses from the AoB address

Stamina = No offset needed (Same as base)
Hearts = +153CAF0
Bomb Arrow = +1865F30
Lightning Arrow = +1866150
Ice Arrow = +1866370
Fire Arrow = +1866590
Normal Arrow = +18667B0
Last edited by mflvs on Sat May 13, 2017 11:08 pm, edited 3 times in total.

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Thu May 11, 2017 4:53 pm

If possible, could i check your version of this aob if you created one.
the one i use is found by finding the stamina address and browsing its memory region and copying the first 5 lines of 16 bytes. i am just wondering if there are any changes.

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Thu May 11, 2017 7:29 pm

mflvs wrote:
Thu May 11, 2017 4:53 pm
If possible, could i check your version of this aob if you created one.
the one i use is found by finding the stamina address and browsing its memory region and copying the first 5 lines of 16 bytes. i am just wondering if there are any changes.
I'm not sure I'm following your last two posts, but feel free to grab the .ct file and take it apart. :)

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Thu May 11, 2017 8:05 pm

Yeah went off on a tangent, was basically providing information just in case there was a diffrence between some of the versions of the game :)
Thanks again for all your help

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Thu May 11, 2017 9:24 pm

mflvs wrote:
Thu May 11, 2017 8:05 pm
Yeah went off on a tangent, was basically providing information just in case there was a diffrence between some of the versions of the game :)
Thanks again for all your help
You are clearly a more advanced aob dev than myself. Mine has no LUA! What is it that that script is doing?

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Thu May 11, 2017 9:24 pm

-added some videos of the hacks in action to OP

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Thu May 11, 2017 9:50 pm

I am not that advanced just been reading on the forums if I get stuck and seeing if I could use the same information else where.

The first bit of lua searches for the AoB but unlike AA script it doesn't stop on the first result found so you can select which AoB you want to use e.g. I choose to use the result AoB[0] which is the first AoB returned though if I was to have more than one AoB returned I could of said for example AoB[1] which would of returned the second AoB found by the search. The rest of the lua creates addresses in the cheat table instead of manually entering them. Finally when the script is deactivated it deletes all the addresses.

Offsets are a good way to go if you can find a base to work from. For example in most games if you can find one of the values and take away the offset used you will be at the base of the structure for that value. And other values would be derived from it. E.g. If you find hp then values like mp and xp should be in the same area.

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Thu May 11, 2017 10:05 pm

Interesting! I still have yet to find things like weapon health (can find, but can't isolate from health of everything else such as enemies - when I NOP, enemies, link, and weapons take no damage) or item/weapon modifiers.

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Thu May 11, 2017 10:25 pm

I will look into that tomorrow then I have managed to make enemies invincible by changing the add instruction same as if I was to make link invincible. So I might see what I can. I remember having a similar issue with doom as enemy's use th same code for decreasing health

Nalkrien
What is cheating?
What is cheating?
Posts: 2
Joined: Wed May 10, 2017 9:48 pm
Reputation: 0

Re: Zelda: Breath of the Wild (CEMU)

Post by Nalkrien » Fri May 12, 2017 2:53 am

Drivium I saw in a video, that might help with the durability, is that in the video they mentioned that weapons are flagged as being used by Link before losing durability. So if you could find a way to change that flag to the off even if Link is using it, that might help with the durability. Also, I know I am using 1.1.1 USA but I could not get the scripts to work for me. I actually had to shorten the AOB for the health and stamina to a shorter search value just to get them to work for me.

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Fri May 12, 2017 2:50 pm

Ok, thanks for letting me know. I'm not sure why they wouldn't work for you. I do tend to make long sigs to ensure it only finds one result, but I may need more wild cards.

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Sat May 13, 2017 10:33 pm

Updated OP with EUR version of the CT. These are possibly universal as they also work for me on the USA version.

Drivium
Fearless Donors
Fearless Donors
Posts: 87
Joined: Tue Apr 04, 2017 2:47 am
Reputation: 15

Re: Zelda: Breath of the Wild (CEMU)

Post by Drivium » Sat May 13, 2017 10:34 pm

Nalkrien wrote:
Fri May 12, 2017 2:53 am
Drivium I saw in a video, that might help with the durability, is that in the video they mentioned that weapons are flagged as being used by Link before losing durability. So if you could find a way to change that flag to the off even if Link is using it, that might help with the durability. Also, I know I am using 1.1.1 USA but I could not get the scripts to work for me. I actually had to shorten the AOB for the health and stamina to a shorter search value just to get them to work for me.
Just uploaded a EUR version. See if they work for you on USA version (they do for me).

mflvs
Cheater
Cheater
Posts: 29
Joined: Fri Mar 03, 2017 8:55 pm
Reputation: 2

Re: Zelda: Breath of the Wild (CEMU)

Post by mflvs » Sat May 13, 2017 10:40 pm

Hey Thanks for new version still didn't work for me. only tried the health (This is why)

41 0F CE 45 89 74 3D 00 41 8B 4C 2D 00 0F C9 89 4C 24 10 C7 84 24 BC 02 00 00 ?? ?? = Drivium
41 0F 38 F0 4C 2D 00 89 4C 24 10 C7 84 24 BC 02 00 00 44 39 C2 01 B8 74 7D C2 01 48 = Mflvs

AoB Difference:
41 0F ?? ?? ?? ?? ?? ?? 4? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? B? ?? ?? ?? ?? ??

Am looking into why
p.s. will look at others as well for differences tomorrow: hopefully they work

if i uploaded a .ct file attached to this post code you try mine. that way we could limit some possibilities
zelda.CT
Only thing to do is change the values types to what they should be as mine defaults them to 4 byte. instead of 4 byte big endian and 2 byte big endian
(720.8 KiB) Downloaded 83 times
p.p.s also am replying to your message as i write this

Also forgot to say it will say plugin address if the AoB dosent work for your version
Last edited by mflvs on Sun May 14, 2017 12:11 am, edited 3 times in total.

Post Reply

Who is online

Users browsing this forum: cwpchris, Lukacross