Assassin's Creed: Origins

Upload your cheat tables here (No requests)
leseho
Expert Cheater
Expert Cheater
Posts: 82
Joined: Mon Aug 21, 2017 1:37 am
Reputation: 1

Re: Assassin's Creed: Origins

Post by leseho »

leseho wrote:
Sat Feb 24, 2018 3:00 pm
budabum wrote:
Thu Feb 22, 2018 10:53 am
you may try a CE table codes I compiled. attached.
The most of the codes are reusable, rest are for reference.

I posted earlier connected list of items with "Celestial Raiment" (offset for each item is 18h).
However as reported earlier my list with "Celestial Raiment" is not reusable for others.

More reversing is required to find iterator instead on blind walking through bytes.
v1.2.1 / v1.3
F0 84 ** 75 / C8 D3 D1 6A 01 Ippei Blade
08 85 ** 75 / E0 D3 D1 6A 01 Tempest Blade
20 85 ** 75 / F8 D3 D1 6A 01 Imelda Shield
38 85 ** 75 / 10 D4 D1 6A 01 Sahalin Axe
50 85 ** 75 / 28 D4 D1 6A 01 Sword of Goujian
68 85 ** 75 / 40 D4 D1 6A 01 Courage and Justice
80 85 ** 75 / 58 D4 D1 6A 01 Guardian Lion
98 85 ** 75 / 70 D4 D1 6A 01 Hou Yi's Bow
B0 85 ** 75 / 88 D4 D1 6A 01 Celestial Raiment

for reference:
Cielos cheat table: viewtopic.php?p=23057#p23057
Gear cheat instructions: viewtopic.php?f=4&t=5267&start=270#p33190
Compiled file with codes: this post


How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

^ Still.. no one wants to debug that crap and figure out the iterator? Hardware breakpoint, on access. Open/close inventory menu; it should hit.

ryudan888
Novice Cheater
Novice Cheater
Posts: 15
Joined: Tue Nov 21, 2017 11:45 am
Reputation: 0

Re: Assassin's Creed: Origins

Post by ryudan888 »

leseho wrote:
Sun Feb 25, 2018 4:52 am
ryudan888 wrote:
Sat Feb 24, 2018 3:53 pm
leseho wrote:
Sat Feb 24, 2018 3:51 am




It's not lazy.
I don't understand, so I ask for help.
You get help sometimes.
Be kind.
THEY ARE STEP BY STEP , how much help do you need ? LOL


I am not good at English like you.
That's why we need help.
Someday you'll get what you did.
LOL
No , I'm not stupid I don't get it.
There is something called TRANSLATOR , learn to use google.

v0id
Novice Cheater
Novice Cheater
Posts: 20
Joined: Sat Feb 24, 2018 6:11 am
Reputation: 0

Re: Assassin's Creed: Origins

Post by v0id »

LOL

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

leseho wrote:
Sun Feb 25, 2018 4:52 am
I am not good at English like you.
That's why we need help.
Someday you'll get what you did.
Regardless if you know English or not, we're not here to hold your hand. Tables authors do not speak your native language; it's you who has to ADAPT, not us. Get your facts straight. Also, stop bullshitting; not speaking English has nothing to do with you not being able to understand assembly or how Cheat Engine works. You just want a quick hack to satisfy your OCD (which is getting all outfits/weapons/crap in the game).

P.S.: OCD = [Link]

User avatar
budabum
Expert Cheater
Expert Cheater
Posts: 279
Joined: Tue Nov 28, 2017 6:34 pm
Reputation: 310

Re: Assassin's Creed: Origins

Post by budabum »

for inventory iterator. kind of iterator has been shared by Cielos yet. appreciate this.
pInventory is a list of slots with 20h bytes size each, the slot is pretty straightforward:
- 4b an inventory item quantity
- 4b <?>
- 8b pointer to inventory item; let it be pItem
- 4b item level, e.g. 45
- 8b <?>
- 4b item list number, e.g. 1B

Watching pInventory memory access is not something what can reveal items which are not part of the inventory.
Seems AOC on loading saved game allocates memory for all gear items and fills in inventory by certain elements.
what interesting is to watch how that allocation happens stealing a pack of loaded pItem elements.

SunBean, wanna try? that is your finest hour to find iterator.

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

Sorry, I've been busy with this lately:



:D

BR,
Sun

leseho
Expert Cheater
Expert Cheater
Posts: 82
Joined: Mon Aug 21, 2017 1:37 am
Reputation: 1

Re: Assassin's Creed: Origins

Post by leseho »

SunBeam wrote:
Mon Feb 26, 2018 6:30 am
leseho wrote:
Sun Feb 25, 2018 4:52 am
I am not good at English like you.
That's why we need help.
Someday you'll get what you did.
Regardless if you know English or not, we're not here to hold your hand. Tables authors do not speak your native language; it's you who has to ADAPT, not us. Get your facts straight. Also, stop bullshitting; not speaking English has nothing to do with you not being able to understand assembly or how Cheat Engine works. You just want a quick hack to satisfy your OCD (which is getting all outfits/weapons/crap in the game).

P.S.: OCD = [Link]
Thank you.
I found something I didn't know,
I managed to fix the problem on my own.
Thanks for the advice, and the information.

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

..and this:


User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

As for inventory collected items:

Code: Select all

rsi == 0000000207B20980 == Inventory

Size of Inventory:

ACOrigins.exe+1BE4319 - 8B 56 34              - mov edx,[rsi+34]
ACOrigins.exe+1BE431C - 48 8B 4E 2C           - mov rcx,[rsi+2C]
ACOrigins.exe+1BE4320 - C1 EA 11              - shr edx,11
ACOrigins.exe+1BE4323 - C1 E2 05              - shl edx,5
ACOrigins.exe+1BE4326 - 48 03 D1              - add rdx,rcx
ACOrigins.exe+1BE4329 - 48 3B CA              - cmp rcx,rdx

get_Inventory:

ACOrigins.exe+19CA950 - 48 89 74 24 10        - mov [rsp+10],rsi
ACOrigins.exe+19CA955 - 57                    - push rdi
ACOrigins.exe+19CA956 - 48 83 EC 20           - sub rsp,20 { 32 }
ACOrigins.exe+19CA95A - 48 8B 09              - mov rcx,[rcx]
ACOrigins.exe+19CA95D - 49 8B F8              - mov rdi,r8 <-- rcx = CharacterAI
ACOrigins.exe+19CA960 - 48 8B F2              - mov rsi,rdx
ACOrigins.exe+19CA963 - 48 85 C9              - test rcx,rcx
ACOrigins.exe+19CA966 - 74 45                 - je ACOrigins.exe+19CA9AD
ACOrigins.exe+19CA968 - 48 8B 49 40           - mov rcx,[rcx+40]
ACOrigins.exe+19CA96C - 48 89 5C 24 30        - mov [rsp+30],rbx
ACOrigins.exe+19CA971 - 48 8B 1D 48CF1803     - mov rbx,[ACOrigins.exe+4B578C0] { [1443C8170] }
ACOrigins.exe+19CA978 - 48 8B 01              - mov rax,[rcx]
ACOrigins.exe+19CA97B - FF 90 98000000        - call qword ptr [rax+00000098]
ACOrigins.exe+19CA981 - 0FB6 4B 49            - movzx ecx,byte ptr [rbx+49]
ACOrigins.exe+19CA985 - 48 8B 5C 24 30        - mov rbx,[rsp+30]
ACOrigins.exe+19CA98A - 48 8B 00              - mov rax,[rax]
ACOrigins.exe+19CA98D - 48 8B 0C C8           - mov rcx,[rax+rcx*8] <-- get it here
ACOrigins.exe+19CA991 - 48 85 C9              - test rcx,rcx
ACOrigins.exe+19CA994 - 74 17                 - je ACOrigins.exe+19CA9AD
ACOrigins.exe+19CA996 - 48 8B 01              - mov rax,[rcx]
ACOrigins.exe+19CA999 - 4C 8B C7              - mov r8,rdi
ACOrigins.exe+19CA99C - 48 8B D6              - mov rdx,rsi
ACOrigins.exe+19CA99F - 48 8B 74 24 38        - mov rsi,[rsp+38]
ACOrigins.exe+19CA9A4 - 48 83 C4 20           - add rsp,20 { 32 }
ACOrigins.exe+19CA9A8 - 5F                    - pop rdi
ACOrigins.exe+19CA9A9 - 48 FF 60 78           - jmp qword ptr [rax+78]
ACOrigins.exe+19CA9AD - B8 03000000           - mov eax,00000003 { 3 }
ACOrigins.exe+19CA9B2 - 48 8B 74 24 38        - mov rsi,[rsp+38]
ACOrigins.exe+19CA9B7 - 48 83 C4 20           - add rsp,20 { 32 }
ACOrigins.exe+19CA9BB - 5F                    - pop rdi
ACOrigins.exe+19CA9BC - C3                    - ret

IStruct:  0x207B581C0 
IName:    0x1443CE6D0 
ObjStr:   CharacterAI 
ObjHash:  0x516CC959 

adjust by:

ACOrigins.exe+8857330 - 53                    - push rbx
ACOrigins.exe+8857331 - 48 83 EC 20           - sub rsp,20 { 32 }
ACOrigins.exe+8857335 - 48 83 C1 B0           - add rcx,-50 { 176 } <-- here
ACOrigins.exe+8857339 - 4C 89 C3              - mov rbx,r8
ACOrigins.exe+885733C - E8 8FCF38F9           - call ACOrigins.exe+1BE42D0
ACOrigins.exe+8857341 - 89 03                 - mov [rbx],eax
ACOrigins.exe+8857343 - 31 C0                 - xor eax,eax
ACOrigins.exe+8857345 - 48 83 C4 20           - add rsp,20 { 32 }
ACOrigins.exe+8857349 - 5B                    - pop rbx
ACOrigins.exe+885734A - C3                    - ret 

iterate all inventory items:

ACOrigins.exe+1BE4329 - 48 3B CA              - cmp rcx,rdx <-- start vs. end
ACOrigins.exe+1BE432C - 74 1A                 - je ACOrigins.exe+1BE4348
ACOrigins.exe+1BE432E - 4C 8B 07              - mov r8,[rdi]
ACOrigins.exe+1BE4331 - 4C 3B 41 08           - cmp r8,[rcx+08]
ACOrigins.exe+1BE4335 - 75 08                 - jne ACOrigins.exe+1BE433F
ACOrigins.exe+1BE4337 - 8B 47 08              - mov eax,[rdi+08]
ACOrigins.exe+1BE433A - 39 41 10              - cmp [rcx+10],eax
ACOrigins.exe+1BE433D - 74 38                 - je ACOrigins.exe+1BE4377
ACOrigins.exe+1BE433F - 48 83 C1 20           - add rcx,20 { 32 } <-- size of item block
ACOrigins.exe+1BE4343 - 48 3B CA              - cmp rcx,rdx
ACOrigins.exe+1BE4346 - 75 E9                 - jne ACOrigins.exe+1BE4331
ACOrigins.exe+1BE4348 - 33 C0                 - xor eax,eax
Image

And here's some hashes:

Cedarwood: 2A80A8B0
Bronze: 2A80A8B1
Soft Leather: 2A80A8AF
Hard Leather: 12FA86C4
Pelt: 12FA86C6
Iron: 2A80A8B2
Carbon Crystal: 12FA86C7
Silica: 58DAAAAD

I used the last 4 bytes of the hash for checking, but the game actually verifies all 8 (a quad). You can use the same logic to build up a list of weapons/outfits/etc. hashes ;)

Here's an example:

Image

Image

So Sunslayer's hash is 0x0000010BDB8ED19.
Last edited by SunBeam on Mon Feb 26, 2018 4:23 pm, edited 1 time in total.

User avatar
budabum
Expert Cheater
Expert Cheater
Posts: 279
Joined: Tue Nov 28, 2017 6:34 pm
Reputation: 310

Re: Assassin's Creed: Origins

Post by budabum »

good catch, now try to iterate let's say "Loincloth" (always presented as 0x????8158/0x????81A0 pointer) outfit which never appears in pIinventory but pre-loaded into list of all pItems. seems you are hashing known items, hell on wheels is to iterate unknown items, items which are not yet discovered through gameplay
Last edited by budabum on Mon Feb 26, 2018 4:30 pm, edited 1 time in total.

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

I am cycling the current player inventory, figuring a method to get the hashes. How about you search a known hash in memory and find where all are stored? Also, why do you guys randomly work with pointers, when you clearly know those addresses are different for each and every one of you? WTF is "0x????8158 pointer"?

User avatar
budabum
Expert Cheater
Expert Cheater
Posts: 279
Joined: Tue Nov 28, 2017 6:34 pm
Reputation: 310

Re: Assassin's Creed: Origins

Post by budabum »

"wft" is 4bytes static part of pointer which is consistent per each load, rest 4 bytes are floating. that is like ECX 0x0C328158, where CX is constant and high part is changing. scanning all memory for ECX produces hundreds of multilevel pointers.
i do not say it's impossible, rather annoying and time consuming.

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Assassin's Creed: Origins

Post by SunBeam »

^ How about this: get a regular item, find its hash as I showed. Sell any in your inventory. Close game. Re-open. Scan memory for that hash. Subtract 8 and find a proper pointer to it. Then buy some random item, use Cielos' script to catch it when equipped; swap its pointer with the one you found. Simple. I found no connection so far between that spot where Cielos picks items up and a hash, item name, etc. Will keep digging.

User avatar
budabum
Expert Cheater
Expert Cheater
Posts: 279
Joined: Tue Nov 28, 2017 6:34 pm
Reputation: 310

Re: Assassin's Creed: Origins

Post by budabum »

scan for hash (not pointer) is good to try, let me see.

by the way, your screen, Sunslayer is consiten for you also, it is still "0x????9E20" which is shared in xls shitty table :)
Last edited by budabum on Mon Feb 26, 2018 4:51 pm, edited 1 time in total.

Post Reply

Who is online

Users browsing this forum: Almurik, Anantafirdaus, Baidu [Spider], FiSChar, Google [Bot], holyhawk, iLeonidze, Junxionghua, kurokisan, Mustafoni, oOooo00o, Passer556, ricebandit, romilius, SAINTJ, SemrushBot