Assassin's Creed Odyssey v1.3.0/v1.5.1 +21 (table Update18.3)

[axellslade]

EDIT: nope, the damage multiplier isn't working... sorry about that.

Can confirm the damage multipliers are no longer working.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[Emlorp]

EDIT: nope, the damage multiplier isn't working... sorry about that.

Can confirm the damage multipliers are no longer working.

Thats odd mine works just fine check for the most recent released one cause i know they were making new posts of the table updates for damage not updating the original link

[AkashiGamer]

Is there any progress in getting items from the store?

[budabum]

they made a few store protections since ACO and getting items from the store is a bit harder than it used to be.

[AkashiGamer]

they made a few store protections since ACO and getting items from the store is a bit harder than it used to be.

Difficult, but possible?

[AkashiGamer]

Ubisoft no longer know what to think of, what would they be dripping money

[SunBeam]

they made a few store protections since ACO and getting items from the store is a bit harder than it used to be.

Odyssey was already in development at the time the "store hack" came into play. I highly doubt it. But if that is code for "the shit is different, will take some time to study and patch" then sure

[SunBeam]

Meanwhile I've discovered a big ass buffer where Anvil logs some nice information

[Griffihn]

Meanwhile I've discovered a big ass buffer where Anvil logs some nice information

can't wait to see what your mind will cook up with that info SunBeam

[SunBeam]

Well.. Break here:

Code: Select all

ACOdyssey.exe+3A7B5D0 - 40 53                 - push rbx
ACOdyssey.exe+3A7B5D2 - 48 83 EC 30           - sub rsp,30 { 48 }
ACOdyssey.exe+3A7B5D6 - 49 8B 41 10           - mov rax,[r9+10]
ACOdyssey.exe+3A7B5DA - 49 8B D9              - mov rbx,r9
ACOdyssey.exe+3A7B5DD - 48 89 6C 24 40        - mov [rsp+40],rbp
ACOdyssey.exe+3A7B5E2 - 41 8B E8              - mov ebp,r8d
ACOdyssey.exe+3A7B5E5 - 48 89 74 24 48        - mov [rsp+48],rsi
ACOdyssey.exe+3A7B5EA - 48 8B F1              - mov rsi,rcx
ACOdyssey.exe+3A7B5ED - 4C 89 74 24 28        - mov [rsp+28],r14
ACOdyssey.exe+3A7B5F2 - 44 8D 72 01           - lea r14d,[rdx+01]
ACOdyssey.exe+3A7B5F6 - 4C 89 7C 24 20        - mov [rsp+20],r15
ACOdyssey.exe+3A7B5FB - 44 8B FA              - mov r15d,edx
ACOdyssey.exe+3A7B5FE - 49 3B 41 08           - cmp rax,[r9+08]
ACOdyssey.exe+3A7B602 - 75 0A                 - jne ACOdyssey.exe+3A7B60E
ACOdyssey.exe+3A7B604 - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B606 - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B609 - E8 B278F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B60E - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B612 - C6 00 7B              - mov byte ptr [rax],7B { 123 }
ACOdyssey.exe+3A7B615 - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B619 - 85 ED                 - test ebp,ebp
ACOdyssey.exe+3A7B61B - 74 1F                 - je ACOdyssey.exe+3A7B63C
ACOdyssey.exe+3A7B61D - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B621 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B625 - 75 0A                 - jne ACOdyssey.exe+3A7B631
ACOdyssey.exe+3A7B627 - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B629 - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B62C - E8 8F78F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B631 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B635 - C6 00 0A              - mov byte ptr [rax],0A { 10 }
ACOdyssey.exe+3A7B638 - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B63C - 48 8B 76 10           - mov rsi,[rsi+10]
ACOdyssey.exe+3A7B640 - 48 89 7C 24 50        - mov [rsp+50],rdi
ACOdyssey.exe+3A7B645 - 48 85 F6              - test rsi,rsi
ACOdyssey.exe+3A7B648 - 0F84 F3000000         - je ACOdyssey.exe+3A7B741
ACOdyssey.exe+3A7B64E - 66 90                 - nop 
ACOdyssey.exe+3A7B650 - 85 ED                 - test ebp,ebp
ACOdyssey.exe+3A7B652 - 74 31                 - je ACOdyssey.exe+3A7B685
ACOdyssey.exe+3A7B654 - 45 85 F6              - test r14d,r14d
ACOdyssey.exe+3A7B657 - 7E 2C                 - jle ACOdyssey.exe+3A7B685
ACOdyssey.exe+3A7B659 - 41 8B FE              - mov edi,r14d
ACOdyssey.exe+3A7B65C - 0F1F 40 00            - nop [rax+00]
ACOdyssey.exe+3A7B660 - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B664 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B668 - 75 0A                 - jne ACOdyssey.exe+3A7B674
ACOdyssey.exe+3A7B66A - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B66C - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B66F - E8 4C78F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B674 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B678 - C6 00 09              - mov byte ptr [rax],09 { 9 }
ACOdyssey.exe+3A7B67B - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B67F - 48 83 EF 01           - sub rdi,01 { 1 }
ACOdyssey.exe+3A7B683 - 75 DB                 - jne ACOdyssey.exe+3A7B660
ACOdyssey.exe+3A7B685 - 48 8B 4E 50           - mov rcx,[rsi+50]
ACOdyssey.exe+3A7B689 - 48 85 C9              - test rcx,rcx
ACOdyssey.exe+3A7B68C - 75 04                 - jne ACOdyssey.exe+3A7B692
ACOdyssey.exe+3A7B68E - 48 8D 4E 40           - lea rcx,[rsi+40]
ACOdyssey.exe+3A7B692 - 48 8B D3              - mov rdx,rbx
ACOdyssey.exe+3A7B695 - E8 26010000           - call ACOdyssey.exe+3A7B7C0
ACOdyssey.exe+3A7B69A - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B69E - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B6A2 - 75 0A                 - jne ACOdyssey.exe+3A7B6AE
ACOdyssey.exe+3A7B6A4 - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B6A6 - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B6A9 - E8 1278F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B6AE - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B6B2 - C6 00 3A              - mov byte ptr [rax],3A { 58 }
ACOdyssey.exe+3A7B6B5 - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B6B9 - 85 ED                 - test ebp,ebp
ACOdyssey.exe+3A7B6BB - 74 1F                 - je ACOdyssey.exe+3A7B6DC
ACOdyssey.exe+3A7B6BD - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B6C1 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B6C5 - 75 0A                 - jne ACOdyssey.exe+3A7B6D1
ACOdyssey.exe+3A7B6C7 - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B6C9 - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B6CC - E8 EF77F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B6D1 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B6D5 - C6 00 09              - mov byte ptr [rax],09 { 9 }
ACOdyssey.exe+3A7B6D8 - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B6DC - 4C 8B CB              - mov r9,rbx
ACOdyssey.exe+3A7B6DF - 44 8B C5              - mov r8d,ebp
ACOdyssey.exe+3A7B6E2 - 41 8B D6              - mov edx,r14d
ACOdyssey.exe+3A7B6E5 - 48 8B CE              - mov rcx,rsi
ACOdyssey.exe+3A7B6E8 - E8 C3020000           - call ACOdyssey.exe+3A7B9B0
ACOdyssey.exe+3A7B6ED - 48 83 3E 00           - cmp qword ptr [rsi],00 { 0 }
ACOdyssey.exe+3A7B6F1 - 74 1F                 - je ACOdyssey.exe+3A7B712
ACOdyssey.exe+3A7B6F3 - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B6F7 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B6FB - 75 0A                 - jne ACOdyssey.exe+3A7B707
ACOdyssey.exe+3A7B6FD - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B6FF - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B702 - E8 B977F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B707 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B70B - C6 00 2C              - mov byte ptr [rax],2C { 44 }
ACOdyssey.exe+3A7B70E - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B712 - 85 ED                 - test ebp,ebp
ACOdyssey.exe+3A7B714 - 74 1F                 - je ACOdyssey.exe+3A7B735
ACOdyssey.exe+3A7B716 - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B71A - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B71E - 75 0A                 - jne ACOdyssey.exe+3A7B72A
ACOdyssey.exe+3A7B720 - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B722 - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B725 - E8 9677F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B72A - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B72E - C6 00 0A              - mov byte ptr [rax],0A { 10 }
ACOdyssey.exe+3A7B731 - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B735 - 48 8B 36              - mov rsi,[rsi]
ACOdyssey.exe+3A7B738 - 48 85 F6              - test rsi,rsi
ACOdyssey.exe+3A7B73B - 0F85 0FFFFFFF         - jne ACOdyssey.exe+3A7B650
ACOdyssey.exe+3A7B741 - 4C 8B 74 24 28        - mov r14,[rsp+28]
ACOdyssey.exe+3A7B746 - 85 ED                 - test ebp,ebp
ACOdyssey.exe+3A7B748 - 48 8B 6C 24 40        - mov rbp,[rsp+40]
ACOdyssey.exe+3A7B74D - 48 8B 74 24 48        - mov rsi,[rsp+48]
ACOdyssey.exe+3A7B752 - 74 32                 - je ACOdyssey.exe+3A7B786
ACOdyssey.exe+3A7B754 - 33 FF                 - xor edi,edi
ACOdyssey.exe+3A7B756 - 45 85 FF              - test r15d,r15d
ACOdyssey.exe+3A7B759 - 7E 2B                 - jle ACOdyssey.exe+3A7B786
ACOdyssey.exe+3A7B75B - 0F1F 44 00 00         - nop [rax+rax+00]
ACOdyssey.exe+3A7B760 - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B764 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B768 - 75 0A                 - jne ACOdyssey.exe+3A7B774
ACOdyssey.exe+3A7B76A - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B76C - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B76F - E8 4C77F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B774 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B778 - FF C7                 - inc edi
ACOdyssey.exe+3A7B77A - C6 00 09              - mov byte ptr [rax],09 { 9 }
ACOdyssey.exe+3A7B77D - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B781 - 41 3B FF              - cmp edi,r15d
ACOdyssey.exe+3A7B784 - 7C DA                 - jl ACOdyssey.exe+3A7B760
ACOdyssey.exe+3A7B786 - 48 8B 43 10           - mov rax,[rbx+10]
ACOdyssey.exe+3A7B78A - 4C 8B 7C 24 20        - mov r15,[rsp+20]
ACOdyssey.exe+3A7B78F - 48 8B 7C 24 50        - mov rdi,[rsp+50]
ACOdyssey.exe+3A7B794 - 48 3B 43 08           - cmp rax,[rbx+08]
ACOdyssey.exe+3A7B798 - 75 0A                 - jne ACOdyssey.exe+3A7B7A4
ACOdyssey.exe+3A7B79A - 33 D2                 - xor edx,edx
ACOdyssey.exe+3A7B79C - 48 8B CB              - mov rcx,rbx
ACOdyssey.exe+3A7B79F - E8 1C77F9FF           - call ACOdyssey.exe+3A12EC0
ACOdyssey.exe+3A7B7A4 - 48 8B 43 08           - mov rax,[rbx+08]
ACOdyssey.exe+3A7B7A8 - C6 00 7D              - mov byte ptr [rax],7D { 125 }
ACOdyssey.exe+3A7B7AB - 48 FF 43 08           - inc [rbx+08]
ACOdyssey.exe+3A7B7AF - 48 83 C4 30           - add rsp,30 { 48 }
ACOdyssey.exe+3A7B7B3 - 5B                    - pop rbx
ACOdyssey.exe+3A7B7B4 - C3                    - ret

Trace till:

Code: Select all

ACOdyssey.exe+3A7B612 - C6 00 7B              - mov byte ptr [rax],7B { 123 }

And follow RAX in dump. Then execute till the ret at "ACOdyssey.exe+3A7B7B4". See what happens in that RAX buffer


BR,
Sun

[AkashiGamer]

Meanwhile I've discovered a big ass buffer where Anvil logs some nice information

You will do it)

[SunBeam]

This is where I get God Mode:



There's a lot of parameters down below to track down, each being checked by the functions atop the string reference. For example, "GodMode" will make it in that buffer above if GodMode is ON. The functions above it get CharacterAI from Entity then run a function I call IsGodMode(). If the function returns true, then "GodMode" makes it in the buffer. What I think the buffer is: some sort of logging information that is displayed on screen in debug builds. Am not yet sure if I can toggle it to become visible in-game, but will give it a try

Similarly you can query if player is swimming, if is in air, etc. Will see if I learn more from those logging thingiez

BR,
Sun

EDIT: Let's see the "InCover" one

[AkashiGamer]

Feel soon we will be able to fly on Pegasus)

[SunBeam]

The above has nothing to do with Inventory and Items (Gear Swapper) Sorry to burst yer bubble.

[SunBeam]

Code: Select all

ACOdyssey.exe+2A22BD0 - 48 8B CF              - mov rcx,rdi                        // Entity
ACOdyssey.exe+2A22BD3 - E8 78B5E6FF           - call ACOdyssey.exe+288E150 -->

Code: Select all

-->
ACOdyssey.exe+288E150 - 48 83 EC 28           - sub rsp,28
ACOdyssey.exe+288E154 - E8 071170FF           - call ACOdyssey.exe+1F8F260 -->     // returns a pointer to something (000000091B1027D0)
ACOdyssey.exe+288E159 - 48 85 C0              - test rax,rax
ACOdyssey.exe+288E15C - 74 11                 - je ACOdyssey.exe+288E16F
ACOdyssey.exe+288E15E - BA 02000000           - mov edx,00000002                   // status?
ACOdyssey.exe+288E163 - 48 8B C8              - mov rcx,rax
ACOdyssey.exe+288E166 - 48 83 C4 28           - add rsp,28
ACOdyssey.exe+288E16A - E9 911AAD00           - jmp ACOdyssey.exe+335FC00 -->
ACOdyssey.exe+288E16F - 48 83 C4 28           - add rsp,28
ACOdyssey.exe+288E173 - C3                    - ret

Code: Select all

-->
ACOdyssey.exe+1F8F260 - 40 53                 - push rbx
ACOdyssey.exe+1F8F262 - 48 83 EC 20           - sub rsp,20
ACOdyssey.exe+1F8F266 - 48 85 C9              - test rcx,rcx
ACOdyssey.exe+1F8F269 - 74 65                 - je ACOdyssey.exe+1F8F2D0
ACOdyssey.exe+1F8F26B - 8B 81 D8000000        - mov eax,[rcx+000000D8]             // Entity+D8 == entity_id
ACOdyssey.exe+1F8F271 - 24 07                 - and al,07
ACOdyssey.exe+1F8F273 - 3C 01                 - cmp al,01                          // is it us?
ACOdyssey.exe+1F8F275 - 75 0A                 - jne ACOdyssey.exe+1F8F281

RAX == 000000091B1027D0

And the check is done here:

Code: Select all

ACOdyssey.exe+30212CE - 8B B9 D00A0000        - mov edi,[rcx+00000AD0]
ACOdyssey.exe+30212D4 - 48 89 74 24 30        - mov [rsp+30],rsi
ACOdyssey.exe+30212D9 - 81 FF 00000200        - cmp edi,00020000
ACOdyssey.exe+30212DF - 72 2D                 - jb ACOdyssey.exe+302130E
ACOdyssey.exe+30212E1 - C1 EF 11              - shr edi,11
ACOdyssey.exe+30212E4 - 83 EF 01              - sub edi,01
ACOdyssey.exe+30212E7 - 78 25                 - js ACOdyssey.exe+302130E
ACOdyssey.exe+30212E9 - 8D 34 FD 00000000     - lea esi,[rdi*8+00000000]
ACOdyssey.exe+30212F0 - 48 8B 83 C80A0000     - mov rax,[rbx+00000AC8]
ACOdyssey.exe+30212F7 - 8B D5                 - mov edx,ebp
ACOdyssey.exe+30212F9 - 48 8B 0C 06           - mov rcx,[rsi+rax]                  // returns HumanBehaviorStateBitfield structure (000000091BD52310)
ACOdyssey.exe+30212FD - E8 0E46F7FE           - call ACOdyssey.exe+1F95910 <--
ACOdyssey.exe+3021302 - 84 C0                 - test al,al

Let's go in:

Code: Select all

ACOdyssey.exe+1F95937 - 49 8B 40 08           - mov rax,[r8+08] <--
ACOdyssey.exe+1F9593B - 49 23 C2              - and rax,r10
ACOdyssey.exe+1F9593E - 49 3B C2              - cmp rax,r10
ACOdyssey.exe+1F95941 - 0F94 C0               - sete al
ACOdyssey.exe+1F95944 - C3                    - ret 
ACOdyssey.exe+1F95945 - 49 8B 40 10           - mov rax,[r8+10]
ACOdyssey.exe+1F95949 - 49 23 C2              - and rax,r10
ACOdyssey.exe+1F9594C - 49 3B C2              - cmp rax,r10
ACOdyssey.exe+1F9594F - 0F94 C0               - sete al
ACOdyssey.exe+1F95952 - C3                    - ret 

The AND is done with the "status?" byte I've indicated earlier: AND [r8+8],2 (where r8 is HumanBehaviorStateBitfield pointer).

So.. if I'm not in cover, simply idling, then the value is this:



If Ikaros lands on my hand while idle, the value is this:



If I'm exposed and press C:



And if I head over to a bush where I'd be in cover:



And if I press C while in that bush, I get this:



Will be back with more