Dark Souls +11 [With Teleport Hack + Monster Vac :)]

Upload your cheat tables here (No requests)
Post Reply
User avatar
STN
Founder
Founder
Posts: 3156
Joined: Thu Mar 02, 2017 7:48 pm
Reputation: 527

Dark Souls +11 [With Teleport Hack + Monster Vac :)]

Post by STN » Sun Apr 09, 2017 12:40 pm

Made by SteveAndrew

EDIT3: Uploaded the new CT containing all the fixed hacks now!

EDIT2: New hack found thanks to kulatong21! Anti-Encumbered (Allows you to walk/run/roll at the fastest game speed no matter how heavy your armor is / encumbered level)
RE-EDIT: Thanks to dabura667 for fixing the undesired effect when targeting enemies, this now script contains the fix
Code:

//Dark Souls: Prepare To Die Edition
//Anti-Encumbered
//Credit to: kulatong21 and Steve Andrew
[enable]
alloc(AlwaysFastRoll,64)
label(RollRet)

AlwaysFastRoll: //0 = ninja flip, 1 == fastest roll
mov eax,0
push esi
jmp RollRet

DATA.exe+C0D020:
jmp AlwaysFastRoll
RollRet:

[disable]

DATA.exe+C0D020:
mov eax,[esp+04]
push esi

dealloc(AlwaysFastRoll)


EDIT: New hack found thanks to dabura667! Anti-Stagger (Allows you to never be staggered no matter your poise level EVER not even by bosses or anything in the game) You can run around naked and not be toppled over or even just make you flinch! Haven't added it to the CT yet so get it here until I do:

FIXED: Now only effects the player

Code:

//Never EVER Stagger PRO
//Credit to: dabura667 and Steve Andrew
[enable]
alloc(AntiStaggerPro,64)
label(LetEnemiesStagger)
label(StaggerRet)

AntiStaggerPro:
cmp byte ptr [eax+4],0
jne LetEnemiesStagger

//Skip stagger for player
xor eax,eax
ret

LetEnemiesStagger:
push ecx
cmp byte ptr [esp+8],0
jmp StaggerRet

DATA.exe+ACEB50:
jmp AntiStaggerPro
nop
StaggerRet:

[disable]

DATA.exe+ACEB50:
push ecx
cmp byte ptr [esp+8],0

dealloc(AntiStaggerPro)



Hello everyone! This is my latest game I've been hacking up! I know it isn't that new, been on consoles for a while, but I never got to check it out until it semi-recently came out on PC.

Within five minutes of playing the game I already wanted a health cheat Laughing So I went and made one! This is a true infinite health hack, as it identifies only you the player to set full health for. (at least I thought at first, NPC's are effected as well, not enemies though Smile)

Here's a feature list:
Infinite Health
Infinite Stamina
Anti-Poisoned/Cursed
Infinite Usable Items
Infinite Souls (You instantly get 999,999,999 souls upon enabling doesnt decrease)

Always Run (Makes it so holding space to sprint is reversed with walking normally[When enabled hold space to normal walk])

99 Humanity All The Time (Not the item, actual humanity amount)

Free Roam Camera (Like free roam player but just the camera, not that useful yet as you cant look around with the mouse freely it. It tends to lock to looking a certain way, maybe we can find a way to unlock the free mouse look so it would be very cool to just look around the map while your player sits in his spot)
No hotkey (unless you set one with CE) and it uses the same keys as Monster Vac

Free Roam Player (Teleport Move Around Hack numpad keys 2,4,6,8 to move back,left,right,forward respectively numpad +/- to go up/down)
F1 once enabled to enable/disable while in-game

Monster Vac (Sucks all monsters within area right above your head [They can't reach you to attack you from the starting position, even archers] and you can move the group around with the arrow keys / right ctrl for up, right alt for down)
F3 once enabled to enable/disable while in-game

Lock Monster Positions (Locks all monsters in the last spot they were standing at [they can't move from their spot but they still attack] It can be used with Free Roam Player)

Monster Shuffle (Is not finished/working yet, its a just for fun one though which is supposed to quickly shuffle in and out different monsters to other monsters coordinates while locking them in their place)

I made it so Free Roam Player and Monster Vac can be both enabled and used at the same time by hooking a different address and using different keys... Smile Don't enable Free Roam Camera while Monster Vac is enabled though, but it can be enabled at the same time as Free Roam Player Razz

I'll just post some of my favorite ones up here, then checkout the CT for the rest! Very Happy

Health:
Code:

//Dark Souls
//Infinite Health
//Steve Andrew
[enable]
alloc(InfiniteHealth,64)
label(HealthRet)

InfiniteHealth:
cmp byte ptr [ebp+4],0 //Appears to be the best identifier as its only +4
jne +5
//cmp byte ptr [ebp+5f],0 //Uncomment one of these and recommment active one if its
//jne +5 //Not working or if trying to single out NPC's as well
//cmp byte ptr [ebp+10],32
//jne +5

mov eax,7d0 //2000 I think its the most you can have
mov [ebp+2d4],eax //So your HP bar will always look full/be full
jmp HealthRet

DATA.exe+A91BED:
jmp InfiniteHealth
nop
HealthRet:

[disable]

DATA.exe+A91BED:
mov [ebp+2D4],eax

dealloc(InfiniteHealth)


Anti Poisoned/Cursed:
Code:

//Dark Souls: Prepare To Die Edition
//Anti Poisoned/Cursed/etc
//Steve Andrew
[enable]
alloc(AntiPoisonedCursed,64)
label(PoisonedCursedRet)

AntiPoisonedCursed:
mov eax,c8 //200 is no poison/curse/etc buildup
mov [edx+ecx*4+300],eax
jmp PoisonedCursedRet

DATA.exe+A90C15:
jmp AntiPoisonedCursed
nop
nop
PoisonedCursedRet:

[disable]

DATA.exe+A90C15:
mov [edx+ecx*4+300],eax

dealloc(AntiPoisonedCursed)


Free Roam Player:
Code:

//Dark Souls: Prepare To Die Edition
//Free Roam Player
//Steve Andrew
[enable]
alloc(TeleportHack,256)
alloc(KeyHandlerThread,512)
label(MoveLeft)
label(MoveRight)
label(MoveForward)
label(MoveBackward)
label(MoveUpward)
label(MoveDownward)
label(QuitKeyHandler)
label(FreeRoamOff)
label(Toggle)
label(Toggler)
label(AlreadyGotCoords)
label(RoamSpeed)
label(NotPlayer)
label(NewCoordsPlayer)
label(OffsetTheZ)
label(TeleRet)
registersymbol(RoamSpeed)
registersymbol(NewCoordsPlayer)
registersymbol(FreeRoamOff)
createthread(KeyHandlerThread)

TeleportHack:
push eax
cmp [Toggler],1
jne NotPlayer
mov eax,[DATA.exe+F49020]
test eax,eax
je NotPlayer
mov eax,[eax+18]
test eax,eax
je NotPlayer
cmp eax,esi
jne NotPlayer
pop eax

cmp [NewCoordsPlayer],0
jne AlreadyGotCoords

movq [NewCoordsPlayer+8],xmm0 //move Y and unknown first since already in xmm0
movq xmm0,[esp] //X + Z

//Push xmm1
sub esp,10
movdqu dqword [esp],xmm1

movups xmm1,[OffsetTheZ]
addps xmm0,xmm1 //Lift the player up a bit :)

//Pop xmm1
movdqu xmm1,dqword [esp]
add esp,10

movq [NewCoordsPlayer],xmm0

AlreadyGotCoords:
movq xmm0,[NewCoordsPlayer]
movq [esi+10],xmm0
movq xmm0,[NewCoordsPlayer+8]
movq [esi+18],xmm0
movdqa xmm0,[DATA.exe+D059B0] //original instruction
jmp TeleRet

NotPlayer:
pop eax
movdqa xmm0,[DATA.exe+D059B0] //original instruction
jmp TeleRet

//NewCoords = X, NewCoords+4 = Z
//NewCoords+8 = Y, NewCoords+C = unknown
NewCoordsPlayer:
dd 0 0 0 0

OffsetTheZ:
dd 0
dd (float)1.0
dd 0 0

DATA.exe+AE72E5:
jmp TeleportHack
db 90 90 90
TeleRet:

KeyHandlerThread:
push 0a
call Sleep

cmp [FreeRoamOff],1
je QuitKeyHandler

push 70 //F1
call GetAsyncKeyState
and eax,8000
test eax,eax
jne Toggle

cmp [Toggler],1
jne KeyHandlerThread

push 64
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft

push 68
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveForward

push 66
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveRight

push 62
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveBackward

push 6b
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveUpward

push 6d
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveDownward
jmp KeyHandlerThread

Toggle:
xor eax,eax
mov [NewCoordsPlayer],eax
xor [Toggler],1
push 96
call Sleep
jmp KeyHandlerThread

QuitKeyHandler:
ret

MoveLeft:
fld dword ptr [NewCoordsPlayer+8]
fsub dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer+8]
jmp KeyHandlerThread

MoveRight:
fld dword ptr [NewCoordsPlayer+8]
fadd dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer+8]
jmp KeyHandlerThread

MoveForward:
fld dword ptr [NewCoordsPlayer]
fsub dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer]
jmp KeyHandlerThread

MoveBackward:
fld dword ptr [NewCoordsPlayer]
fadd dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer]
jmp KeyHandlerThread

MoveUpward:
fld dword ptr [NewCoordsPlayer+4]
fadd dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer+4]
jmp KeyHandlerThread

MoveDownward:
fld dword ptr [NewCoordsPlayer+4]
fsub dword ptr [RoamSpeed]
fstp dword ptr [NewCoordsPlayer+4]
jmp KeyHandlerThread

RoamSpeed:
dd (float)0.1

Toggler:
dd 1

FreeRoamOff:
dd 0

[disable]

DATA.exe+AE72E5:
movdqa xmm0,[DATA.exe+D059B0]

FreeRoamOff:
dd 1

dealloc(TeleportHack)
unregistersymbol(RoamSpeed)
unregistersymbol(NewCoordsPlayer)
unregistersymbol(FreeRoamOff)


Monster Vac 1.1:
Code:

//Dark Souls: Prepare To Die Edition
//Monster Vac v1.1 [<Arrow Keys>] to move it, right CTRL: +Z, right: ALT -Z
//Steve Andrew [F3 to toggle ON/OFF while in-game]
[enable]
alloc(MonsterVac,256)
alloc(KeyHandlerThread,512)
label(MoveLeft)
label(Toggle)
label(QuitKeyHandler)
label(MonsterVacOff)
label(LeavePlayerAlone)
label(AlreadyGotCoords)
label(MoveSpeed)
label(Toggler)
label(NewCoords)
label(OffsetTheZ)
label(TeleRet)
registersymbol(MoveSpeed)
registersymbol(NewCoords)
registersymbol(MonsterVacOff)
createthread(KeyHandlerThread)

MonsterVac:
push eax
mov eax,[DATA.exe+F49020]
test eax,eax
je LeavePlayerAlone
mov eax,[eax+18]
test eax,eax
je LeavePlayerAlone
cmp eax,esi
je LeavePlayerAlone // ;)
pop eax

cmp [Toggler],1
jne AlreadyGotCoords
cmp [NewCoords],0 //If it hasn't gotten the player coordinates yet
je TeleRet
movq xmm0,[NewCoords]
movq [esi+10],xmm0
movq xmm0,[NewCoords+8]
movq [esi+18],xmm0
jmp TeleRet

LeavePlayerAlone:
pop eax
cmp [NewCoords],0
jne AlreadyGotCoords

//Push xmm1
sub esp,10
movdqu dqword [esp],xmm1

movups xmm1,[OffsetTheZ]
addps xmm0,xmm1 //Make the vac start right above the character :)

//Pop xmm1
movdqu xmm1,dqword [esp]
add esp,10

movq [NewCoords],xmm0
movq xmm0,[esp+8]
movq [NewCoords+8],xmm0

AlreadyGotCoords:
movq xmm0,[esp+8]
movq [esi+18],xmm0
jmp TeleRet

//NewCoords = X, NewCoords+4 = Z
//NewCoords+8 = Y, NewCoords+C = unknown
NewCoords:
dd 0 0 0 0

//lol couldn't just use addss as the z is +4 bytes in that xmm0 register
//adding 0 to the other 96 bits of xmm register results in no change right? :)
OffsetTheZ:
dd 0
dd (float)2.2
dd 0 0

DATA.exe+AE72DA:
jmp MonsterVac
db 90 90 90 90 90 90
TeleRet:

KeyHandlerThread:
push 0a
call Sleep

cmp [MonsterVacOff],1
je QuitKeyHandler

push 72
call GetAsyncKeyState
and eax,8000
test eax,eax
jne Toggle

cmp [Toggler],1
jne KeyHandlerThread

push 25
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft

push 27
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft+17 //Right

push 26
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft+2e //Forward

push 28
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft+45 //Backward

push a3
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft+5c //Upward

push a5
call GetAsyncKeyState
and eax,8000
test eax,eax
jne MoveLeft+73 //Downward
jmp KeyHandlerThread

QuitKeyHandler:
ret

MoveLeft:
fld dword ptr [NewCoords+8]
fsub dword ptr [MoveSpeed]
fstp dword ptr [NewCoords+8]
jmp KeyHandlerThread

//MoveRight:
fld dword ptr [NewCoords+8]
fadd dword ptr [MoveSpeed]
fstp dword ptr [NewCoords+8]
jmp KeyHandlerThread

//MoveForward:
fld dword ptr [NewCoords]
fsub dword ptr [MoveSpeed]
fstp dword ptr [NewCoords]
jmp KeyHandlerThread

//MoveBackward:
fld dword ptr [NewCoords]
fadd dword ptr [MoveSpeed]
fstp dword ptr [NewCoords]
jmp KeyHandlerThread

//MoveUpward:
fld dword ptr [NewCoords+4]
fadd dword ptr [MoveSpeed]
fstp dword ptr [NewCoords+4]
jmp KeyHandlerThread

//MoveDownward:
fld dword ptr [NewCoords+4]
fsub dword ptr [MoveSpeed]
fstp dword ptr [NewCoords+4]
jmp KeyHandlerThread

Toggle:
xor eax,eax
mov [NewCoords],eax
xor [Toggler],1
push 96
call Sleep
jmp KeyHandlerThread

MoveSpeed:
dd (float)0.1

Toggler:
dd 1

MonsterVacOff:
dd 0

[disable]

DATA.exe+AE72DA:
movq xmm0,[esp+8]
movq [esi+18],xmm0

MonsterVacOff:
dd 1

dealloc(MonsterVac)
unregistersymbol(MoveSpeed)
unregistersymbol(NewCoords)
unregistersymbol(MonsterVacOff)



I will be updating them to aobscan scripts as I finish locating/creating the last couple hacks I want for this game Wink

Free Roam Camera/Player and Monster Vac were tricky I had to use advanced floating point instructions that I wasn't too familiar with, but I came out on top Very Happy

I will add teleport save/goto locations when I have time, forgot to add it, but free movement is cool for now.

Check the floating point test, script thats on the bottom of the CT, I had an issue where I couldn't do an "addps" when the source operand was a memory location rather than another xmm register so I had to push/pop an xmm register just in case its used without being set later to prevent undesired effects/crashes

Alright that's it for now, let me know on the poll, or in a post which hacks you'd like to see next which haven't been posted yet! Very Happy

EDIT: added some pics of how the monster vac looks, will be uploading a video in short while too Razz

-
Steve Andrew
Attachments
Dark Souls FINAL v1.1-SteveAndrew.CT
(166.1 KiB) Downloaded 577 times

Hoorah
What is cheating?
What is cheating?
Posts: 2
Joined: Thu Apr 13, 2017 12:30 am
Reputation: 0

Re: Dark Souls +11 [With Teleport Hack + Monster Vac :)]

Post by Hoorah » Thu Apr 13, 2017 12:37 am

Doesn't seem functional, none of the scripts enable and no values are found. Only running Dsfix, DsMfix, and a few texture swaps on my client.

grnCookie
What is cheating?
What is cheating?
Posts: 1
Joined: Wed May 03, 2017 6:48 pm
Reputation: 0

Re: Dark Souls +11 [With Teleport Hack + Monster Vac :)]

Post by grnCookie » Wed May 03, 2017 6:52 pm

What would I need to change in order to make the keys for moving during freeroam the WASD keys?

Post Reply

Who is online

Users browsing this forum: awpmybae, Google [Bot], Google Adsense [Bot], jonaaa, krul, liuxuu007, zhang76t5