Re: NieR Automata
Posted: Mon Mar 20, 2017 11:21 pm
Still waiting for pox911's stuff... fearlessrevolution's trainer has no infinite dashing :/
Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>78</ID>
<Description>"Infinite Double Jump"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(InfDoubleJumpAOB,NieRAutomata.exe,83 BB A8 14 00 00 02 0F)
registersymbol(InfDoubleJumpAOB)
InfDoubleJumpAOB+6:
db FF 0f 8c
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
InfDoubleJumpAOB+6:
db 02 0f 8d
unregistersymbol(InfDoubleJumpAOB)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>80</ID>
<Description>"Infinite Air Dashes"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(InfDashAOB,NieRAutomata.exe,C7 83 88 0A 01 00 01 00 00 00) // should be unique
registersymbol(InfDashAOB)
InfDashAOB+6:
db 00
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
InfDashAOB+6:
db 01
unregistersymbol(InfDashAOB)
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
Thanks a bunch for this, even being able to repeatedly airdash makes a HUGE difference to mobility/travel.
What that chip does is adjust the distance at which your dash becomes an evasion in relation to an incoming attack when using the dash button defensively. Its a combat chip, so not too sure how it'd help with travel .
I looked into airdashing and what not and there is a minor timer for when you are holding the dash button but things dont act right if you increase the length that that timer can go. All my tests ended in me still falling but being stuck in the dash animation. It was funny but didnt provide the effect wanted. Air dashing is handled oddly.KS212 wrote: ↑Tue Mar 21, 2017 10:02 amThanks a bunch for this, even being able to repeatedly airdash makes a HUGE difference to mobility/travel.
Just a thought by looking at your code, you're re-enabling the airdash by setting the counter to 00 making it as if the dash has not yet been used... Logically speaking there would have to be a variable or at least some sort of control somewhere that identifies the 'airdashing' state... maybe if this state could be set to always '1' while button is held?...
Alternatively there would also have to be a definition in the code somewhere which determines the length/duration of the airdash... maybe it'd work if you could pinpoint this and set it to some ridiculously huge number?
Just some ideas... I have no real idea how to FIND these but I have a semi decent idea of how the logic would work...
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>86</ID>
<Description>"Sprint Speed Modifier"</Description>
<Options moHideChildren="1"/>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(SprintSpeedAOB,NieRAutomata.exe,F3 0F 11 B3 90 1A 00 00) // should be unique
alloc(newmem,$1000,"NieRAutomata.exe"+1B8931)
label(code)
label(return)
label(SprintMod)
registersymbol(SprintMod)
newmem:
code:
push eax
mov eax,[SprintMod]
mov [rbx+00001A90],eax
pop eax
jmp return
SprintMod:
dd (float)3
SprintSpeedAOB:
jmp newmem
nop
nop
nop
return:
registersymbol(SprintSpeedAOB)
[DISABLE]
SprintSpeedAOB:
db F3 0F 11 B3 90 1A 00 00
unregistersymbol(SprintSpeedAOB)
unregistersymbol(SprintMod)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "NieRAutomata.exe"+1B8931
"NieRAutomata.exe"+1B8900: F3 0F 10 B3 0C 71 01 00 - movss xmm6,[rbx+0001710C]
"NieRAutomata.exe"+1B8908: 83 BB 80 6E 01 00 05 - cmp dword ptr [rbx+00016E80],05
"NieRAutomata.exe"+1B890F: 75 05 - jne NieRAutomata.exe+1B8916
"NieRAutomata.exe"+1B8911: F3 41 0F 58 F3 - addss xmm6,xmm11
"NieRAutomata.exe"+1B8916: F3 0F 10 83 90 1A 00 00 - movss xmm0,[rbx+00001A90]
"NieRAutomata.exe"+1B891E: 48 8B 03 - mov rax,[rbx]
"NieRAutomata.exe"+1B8921: 48 8B CB - mov rcx,rbx
"NieRAutomata.exe"+1B8924: F3 0F 5C F0 - subss xmm6,xmm0
"NieRAutomata.exe"+1B8928: F3 41 0F 59 F1 - mulss xmm6,xmm9
"NieRAutomata.exe"+1B892D: F3 0F 58 F0 - addss xmm6,xmm0
// ---------- INJECTING HERE ----------
"NieRAutomata.exe"+1B8931: F3 0F 11 B3 90 1A 00 00 - movss [rbx+00001A90],xmm6
// ---------- DONE INJECTING ----------
"NieRAutomata.exe"+1B8939: FF 90 50 03 00 00 - call qword ptr [rax+00000350]
"NieRAutomata.exe"+1B893F: 85 C0 - test eax,eax
"NieRAutomata.exe"+1B8941: 75 20 - jne NieRAutomata.exe+1B8963
"NieRAutomata.exe"+1B8943: 83 BB 78 64 01 00 01 - cmp dword ptr [rbx+00016478],01
"NieRAutomata.exe"+1B894A: 75 17 - jne NieRAutomata.exe+1B8963
"NieRAutomata.exe"+1B894C: 48 8B CB - mov rcx,rbx
"NieRAutomata.exe"+1B894F: E8 CC CB 08 00 - call NieRAutomata.exe+245520
"NieRAutomata.exe"+1B8954: 48 85 C0 - test rax,rax
"NieRAutomata.exe"+1B8957: 74 0A - je NieRAutomata.exe+1B8963
"NieRAutomata.exe"+1B8959: C7 83 90 1A 00 00 00 00 80 3F - mov [rbx+00001A90],3F800000
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>87</ID>
<Description>"Speed Modifier"</Description>
<VariableType>Float</VariableType>
<Address>SprintMod</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>88</ID>
<Description>"Walk Through Walls"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(WallClipAOB1,NieRAutomata.exe,0F 29 42 50 44 39 82 68 05 00 00) // should be unique
aobscanmodule(WallClipAOB2,NieRAutomata.exe,0F 29 43 50 39 93 68 05 00 00 7E 39) // should be unique
registersymbol(WallClipAOB1)
registersymbol(WallClipAOB2)
WallClipAOB1:
db 90 90 90 90
WallClipAOB2:
db 90 90 90 90
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
WallClipAOB1:
db 0f 29 42 50
WallClipAOB2:
db 0f 29 43 50
unregistersymbol(WallClipAOB1)
unregistersymbol(WallClipAOB2)
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
There's apparently also another safety/sanity check... If you take off from one spot and stay in the air too long, the game will teleport you back to where you started as if you had bugged out and its resetting you 'just in case'. While this is good for if you ACTUALLY bug out, it sucks if you want to 'fly around' as with a combo of inf double jump and inf airdash, you basically can stay in the air permanently.pox911 wrote: ↑Tue Mar 21, 2017 3:34 pm
I looked into airdashing and what not and there is a minor timer for when you are holding the dash button but things dont act right if you increase the length that that timer can go. All my tests ended in me still falling but being stuck in the dash animation. It was funny but didnt provide the effect wanted. Air dashing is handled oddly.
interesting. I thought it was just a teleport check if you fell under the level to far and not just airborn as a whole. Maybe i can make take over that. If the timer is where i think it is, then i can try making it ignore the timer as long as you are above X elevation.KS212 wrote: ↑Tue Mar 21, 2017 11:20 pm
There's apparently also another safety/sanity check... If you take off from one spot and stay in the air too long, the game will teleport you back to where you started as if you had bugged out and its resetting you 'just in case'. While this is good for if you ACTUALLY bug out, it sucks if you want to 'fly around' as with a combo of inf double jump and inf airdash, you basically can stay in the air permanently.
Yeah, at first I thought it was a check for 'if you're falling thru geometry or falling thru structures without bones' (buildings that don't actually have walls/ceilings as normally you can't get that high).pox911 wrote: ↑Wed Mar 22, 2017 2:18 am
interesting. I thought it was just a teleport check if you fell under the level to far and not just airborn as a whole. Maybe i can make take over that. If the timer is where i think it is, then i can try making it ignore the timer as long as you are above X elevation.