3872
"Unlimited Health"
Auto Assembler Script
[ENABLE]
//aobscanmodule(health,EoCApp.exe,8B 83 28 03 00 00 85)
aobscanmodule(health,EoCApp.exe,8B 83 30 03 00 00 85 F6 79 04 33 F6)
alloc(newmem,$1000,health)
label(code)
label(return)
label(cheat)
newmem:
mov rax,[rbx+30]
cmp [rax+00],'Huma'
jne @f
cmp [rax+04],'nMal'
jne @f
cmp [rax+08],'eHer'
jne @f
jmp cheat
@@:
cmp [rax+04],'nFem'
jne @f
cmp [rax+08],'aleH'
jne @f
jmp cheat
@@:
cmp [rax+00],'Play'
jne code
cmp word ptr [rax+04],'er'
jne code
cmp byte ptr [rax+06],'_'
jne code
cheat:
mov eax,[rbx+00000330]
mov esi,eax
jmp return
code:
mov eax,[rbx+00000330]
jmp return
health:
jmp newmem
nop
return:
registersymbol(health)
[DISABLE]
health:
db 8B 83 30 03 00 00
unregistersymbol(health)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12C2904
"EoCApp.exe"+12C28DD: E8 CE 8C 3F 00 - call EoCApp.exe+16BB5B0
"EoCApp.exe"+12C28E2: 33 D2 - xor edx,edx
"EoCApp.exe"+12C28E4: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+12C28E7: E8 F4 90 3F 00 - call EoCApp.exe+16BB9E0
"EoCApp.exe"+12C28EC: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+12C28EF: E8 2C D4 3E 00 - call EoCApp.exe+16AFD20
"EoCApp.exe"+12C28F4: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+12C28F7: E8 34 D6 3E 00 - call EoCApp.exe+16AFF30
"EoCApp.exe"+12C28FC: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+12C28FF: E8 0C D1 3E 00 - call EoCApp.exe+16AFA10
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12C2904: 8B 83 28 03 00 00 - mov eax,[rbx+00000328]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12C290A: 85 F6 - test esi,esi
"EoCApp.exe"+12C290C: 79 04 - jns EoCApp.exe+12C2912
"EoCApp.exe"+12C290E: 33 F6 - xor esi,esi
"EoCApp.exe"+12C2910: EB 05 - jmp EoCApp.exe+12C2917
"EoCApp.exe"+12C2912: 3B F0 - cmp esi,eax
"EoCApp.exe"+12C2914: 0F 4F F0 - cmovg esi,eax
"EoCApp.exe"+12C2917: 39 B3 D8 01 00 00 - cmp [rbx+000001D8],esi
"EoCApp.exe"+12C291D: 74 5A - je EoCApp.exe+12C2979
"EoCApp.exe"+12C291F: 89 B3 D8 01 00 00 - mov [rbx+000001D8],esi
"EoCApp.exe"+12C2925: 48 8D 54 24 40 - lea rdx,[rsp+40]
}
3868
"Unlimited Action Points"
Auto Assembler Script
[ENABLE]
aobscanmodule(actions,EoCApp.exe,8B 80 F0 01 00 00 48 8B)
alloc(newmem,$1000,actions)
label(code)
label(return)
label(cheat)
newmem:
mov rbx,[rax+30]
cmp [rbx+00],'Huma'
jne @f
cmp [rbx+04],'nMal'
jne @f
cmp [rbx+08],'eHer'
jne @f
jmp cheat
@@:
cmp [rbx+04],'nFem'
jne @f
cmp [rbx+08],'aleH'
jne @f
jmp cheat
@@:
cmp [rbx+00],'Play'
jne code
cmp word ptr [rbx+04],'er'
jne code
cmp byte ptr [rbx+06],'_'
jne code
cheat:
mov [rax+000001F0],#20
code:
mov eax,[rax+000001F0]
jmp return
actions:
jmp newmem
nop
return:
registersymbol(actions)
[DISABLE]
actions:
db 8B 80 F0 01 00 00
unregistersymbol(actions)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12C0E73
"EoCApp.exe"+12C0E50: 49 8B C9 - mov rcx,r9
"EoCApp.exe"+12C0E53: E8 C8 81 08 FF - call EoCApp.exe+349020
"EoCApp.exe"+12C0E58: 48 85 C0 - test rax,rax
"EoCApp.exe"+12C0E5B: 74 27 - je EoCApp.exe+12C0E84
"EoCApp.exe"+12C0E5D: 48 8B D0 - mov rdx,rax
"EoCApp.exe"+12C0E60: 48 8B CF - mov rcx,rdi
"EoCApp.exe"+12C0E63: E8 48 2D 12 00 - call EoCApp.exe+13E3BB0
"EoCApp.exe"+12C0E68: 84 C0 - test al,al
"EoCApp.exe"+12C0E6A: 74 18 - je EoCApp.exe+12C0E84
"EoCApp.exe"+12C0E6C: 48 8B 83 20 01 00 00 - mov rax,[rbx+00000120]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12C0E73: 8B 80 F0 01 00 00 - mov eax,[rax+000001F0]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12C0E79: 48 8B 5C 24 68 - mov rbx,[rsp+68]
"EoCApp.exe"+12C0E7E: 48 83 C4 50 - add rsp,50
"EoCApp.exe"+12C0E82: 5F - pop rdi
"EoCApp.exe"+12C0E83: C3 - ret
"EoCApp.exe"+12C0E84: 48 8B 8B 20 01 00 00 - mov rcx,[rbx+00000120]
"EoCApp.exe"+12C0E8B: 33 D2 - xor edx,edx
"EoCApp.exe"+12C0E8D: 48 8B 5C 24 68 - mov rbx,[rsp+68]
"EoCApp.exe"+12C0E92: 48 83 C4 50 - add rsp,50
"EoCApp.exe"+12C0E96: 5F - pop rdi
"EoCApp.exe"+12C0E97: E9 84 E8 41 00 - jmp EoCApp.exe+16DF720
}
3883
"Unlimited Carry Weight"
Auto Assembler Script
[ENABLE]
aobscanmodule(weight,EoCApp.exe,E8 ?? ?? ?? ?? 0F AF C3 66 0F 6E C0)
alloc(newmem,$1000,weight)
label(code)
label(return)
newmem:
mov eax,#99999
code:
movd xmm0,eax
cvtdq2ps xmm0,xmm0
jmp return
weight+08:
jmp newmem
nop
nop
return:
registersymbol(weight)
[DISABLE]
weight+08:
db 66 0F 6E C0 0F 5B C0
unregistersymbol(weight)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+16B765A
"EoCApp.exe"+16B7639: 74 0A - je EoCApp.exe+16B7645
"EoCApp.exe"+16B763B: 4D 8B 00 - mov r8,[r8]
"EoCApp.exe"+16B763E: 4D 85 C0 - test r8,r8
"EoCApp.exe"+16B7641: 75 F2 - jne EoCApp.exe+16B7635
"EoCApp.exe"+16B7643: EB 06 - jmp EoCApp.exe+16B764B
"EoCApp.exe"+16B7645: F3 41 0F 10 48 10 - movss xmm1,[r8+10]
"EoCApp.exe"+16B764B: 40 0F B6 D7 - movzx edx,dil
"EoCApp.exe"+16B764F: 48 8B CE - mov rcx,rsi
"EoCApp.exe"+16B7652: E8 19 AF 02 00 - call EoCApp.exe+16E2570
"EoCApp.exe"+16B7657: 0F AF C3 - imul eax,ebx
// ---------- INJECTING HERE ----------
"EoCApp.exe"+16B765A: 66 0F 6E C0 - movd xmm0,eax
"EoCApp.exe"+16B765E: 0F 5B C0 - cvtdq2ps xmm0,xmm0
// ---------- DONE INJECTING ----------
"EoCApp.exe"+16B7661: F3 0F 59 C1 - mulss xmm0,xmm1
"EoCApp.exe"+16B7665: F3 0F 58 C2 - addss xmm0,xmm2
"EoCApp.exe"+16B7669: FF 15 69 CC 2C 00 - call qword ptr [EoCApp.exe+19842D8]
"EoCApp.exe"+16B766F: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"EoCApp.exe"+16B7674: 48 8B 74 24 38 - mov rsi,[rsp+38]
"EoCApp.exe"+16B7679: F3 0F 2C C0 - cvttss2si eax,xmm0
"EoCApp.exe"+16B767D: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+16B7681: 5F - pop rdi
"EoCApp.exe"+16B7682: C3 - ret
"EoCApp.exe"+16B7683: CC - int 3
}
10316
"Unlimited Source Points"
Auto Assembler Script
[ENABLE]
aobscanmodule(sourcePoints,EoCApp.exe,41 8B 85 EC 01 00 00 03 C6 48 83 C4 28 41 5D 5E C3 CC CC CC CC CC CC CC 4C) // should be unique
alloc(newmem,$1000,"EoCApp.exe"+182A908)
label(code)
label(return)
newmem:
code:
mov [r13+000001EC],#99
mov eax,[r13+000001EC]
jmp return
sourcePoints:
jmp newmem
nop
nop
return:
registersymbol(sourcePoints)
[DISABLE]
sourcePoints:
db 41 8B 85 EC 01 00 00
unregistersymbol(sourcePoints)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+182A908
"EoCApp.exe"+182A8DF: 8B 80 5C 02 00 00 - mov eax,[rax+0000025C]
"EoCApp.exe"+182A8E5: 03 F0 - add esi,eax
"EoCApp.exe"+182A8E7: 48 FF C3 - inc rbx
"EoCApp.exe"+182A8EA: 48 3B DD - cmp rbx,rbp
"EoCApp.exe"+182A8ED: 72 B1 - jb EoCApp.exe+182A8A0
"EoCApp.exe"+182A8EF: 4C 8B 7C 24 20 - mov r15,[rsp+20]
"EoCApp.exe"+182A8F4: 48 8B 7C 24 50 - mov rdi,[rsp+50]
"EoCApp.exe"+182A8F9: 48 8B 6C 24 48 - mov rbp,[rsp+48]
"EoCApp.exe"+182A8FE: 48 8B 5C 24 40 - mov rbx,[rsp+40]
"EoCApp.exe"+182A903: 4C 8B 74 24 58 - mov r14,[rsp+58]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+182A908: 41 8B 85 EC 01 00 00 - mov eax,[r13+000001EC]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+182A90F: 03 C6 - add eax,esi
"EoCApp.exe"+182A911: 48 83 C4 28 - add rsp,28
"EoCApp.exe"+182A915: 41 5D - pop r13
"EoCApp.exe"+182A917: 5E - pop rsi
"EoCApp.exe"+182A918: C3 - ret
"EoCApp.exe"+182A919: CC - int 3
"EoCApp.exe"+182A91A: CC - int 3
"EoCApp.exe"+182A91B: CC - int 3
"EoCApp.exe"+182A91C: CC - int 3
"EoCApp.exe"+182A91D: CC - int 3
}
3552
"No Cooldown"
Auto Assembler Script
[ENABLE]
aobscanmodule(cooldown,EoCApp.exe,F3 0F 10 4B 34 76)
cooldown:
db 0F 57 C9 90 90
registersymbol(cooldown)
[DISABLE]
cooldown:
db F3 0F 10 4B 34
unregistersymbol(cooldown)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+110A967
"EoCApp.exe"+110A940: 48 8B 47 30 - mov rax,[rdi+30]
"EoCApp.exe"+110A944: 48 8D 57 30 - lea rdx,[rdi+30]
"EoCApp.exe"+110A948: 44 0F B7 40 FA - movzx r8d,word ptr [rax-06]
"EoCApp.exe"+110A94D: E8 CE 06 B8 FF - call EoCApp.exe+C8B020
"EoCApp.exe"+110A952: 48 89 6F 30 - mov [rdi+30],rbp
"EoCApp.exe"+110A956: 40 B5 01 - mov bpl,01
"EoCApp.exe"+110A959: 44 38 63 30 - cmp [rbx+30],r12l
"EoCApp.exe"+110A95D: 74 23 - je EoCApp.exe+110A982
"EoCApp.exe"+110A95F: F3 0F 10 47 38 - movss xmm0,[rdi+38]
"EoCApp.exe"+110A964: 0F 2F C6 - comiss xmm0,xmm6
// ---------- INJECTING HERE ----------
"EoCApp.exe"+110A967: F3 0F 10 4B 34 - movss xmm1,[rbx+34]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+110A96C: 76 0B - jna EoCApp.exe+110A979
"EoCApp.exe"+110A96E: 0F 2E CE - ucomiss xmm1,xmm6
"EoCApp.exe"+110A971: 7A 06 - jp EoCApp.exe+110A979
"EoCApp.exe"+110A973: 75 04 - jne EoCApp.exe+110A979
"EoCApp.exe"+110A975: C6 47 3C 01 - mov byte ptr [rdi+3C],01
"EoCApp.exe"+110A979: F3 0F 11 4F 38 - movss [rdi+38],xmm1
"EoCApp.exe"+110A97E: 44 88 63 30 - mov [rbx+30],r12l
"EoCApp.exe"+110A982: 0F B6 43 44 - movzx eax,byte ptr [rbx+44]
"EoCApp.exe"+110A986: 3A 47 3D - cmp al,[rdi+3D]
"EoCApp.exe"+110A989: 74 18 - je EoCApp.exe+110A9A3
}
3595
"Unlimited Durability"
Auto Assembler Script
[ENABLE]
aobscanmodule(durability,EoCApp.exe,7D 1D 29 B3 ?? ?? ?? ?? 8B 83)
alloc(durability_backup,6)
durability_backup:
readmem(durability+2,6)
durability+2:
db 90 90 90 90 90 90
durability+E:
db 90 90 90 90
registersymbol(durability)
registersymbol(durability_backup)
[DISABLE]
durability+2:
readmem(durability_backup,6)
durability+E:
db 41 0F 48 C6
unregistersymbol(durability)
dealloc(durability_backup)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+1711C8F
"EoCApp.exe"+1711C72: B8 1F 85 EB 51 - mov eax,51EB851F
"EoCApp.exe"+1711C77: 41 F7 E8 - imul r8d
"EoCApp.exe"+1711C7A: C1 FA 05 - sar edx,05
"EoCApp.exe"+1711C7D: 8B CA - mov ecx,edx
"EoCApp.exe"+1711C7F: C1 E9 1F - shr ecx,1F
"EoCApp.exe"+1711C82: 03 D1 - add edx,ecx
"EoCApp.exe"+1711C84: 6B CA 64 - imul ecx,edx,64
"EoCApp.exe"+1711C87: 44 2B C1 - sub r8d,ecx
"EoCApp.exe"+1711C8A: 44 3B C5 - cmp r8d,ebp
"EoCApp.exe"+1711C8D: 7D 1D - jnl EoCApp.exe+1711CAC
// ---------- INJECTING HERE ----------
"EoCApp.exe"+1711C8F: 29 B3 00 02 00 00 - sub [rbx+00000200],esi
// ---------- DONE INJECTING ----------
"EoCApp.exe"+1711C95: 8B 83 00 02 00 00 - mov eax,[rbx+00000200]
"EoCApp.exe"+1711C9B: 41 0F 48 C6 - cmovs eax,r14d
"EoCApp.exe"+1711C9F: C6 83 FD 01 00 00 01 - mov byte ptr [rbx+000001FD],01
"EoCApp.exe"+1711CA6: 89 83 00 02 00 00 - mov [rbx+00000200],eax
"EoCApp.exe"+1711CAC: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"EoCApp.exe"+1711CB1: 48 8B 6C 24 38 - mov rbp,[rsp+38]
"EoCApp.exe"+1711CB6: 48 8B 74 24 40 - mov rsi,[rsp+40]
"EoCApp.exe"+1711CBB: 48 8B 7C 24 48 - mov rdi,[rsp+48]
"EoCApp.exe"+1711CC0: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+1711CC4: 41 5E - pop r14
}
3567
"Unlimited Items"
Auto Assembler Script
[ENABLE]
//aobscanmodule(items,EoCApp.exe,3B DE 7C 2A 2B DE)
aobscanmodule(items,EoCApp.exe,3B DD 7C 28 2B DD)
items:
db 31 ED 90 90 90 90
registersymbol(items)
[DISABLE]
items:
db 3B DD 7C 28 2B DD
unregistersymbol(items)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+1437E75
"EoCApp.exe"+1437E4B: 48 83 EC 20 - sub rsp,20
"EoCApp.exe"+1437E4F: 8B F2 - mov esi,edx
"EoCApp.exe"+1437E51: 48 8B 11 - mov rdx,[rcx]
"EoCApp.exe"+1437E54: 48 8B 0D 85 73 B5 00 - mov rcx,[EoCApp.exe+1F8F1E0]
"EoCApp.exe"+1437E5B: 48 81 C1 00 01 00 00 - add rcx,00000100
"EoCApp.exe"+1437E62: E8 99 1A F1 FF - call EoCApp.exe+1349900
"EoCApp.exe"+1437E67: 48 8B F8 - mov rdi,rax
"EoCApp.exe"+1437E6A: 48 85 C0 - test rax,rax
"EoCApp.exe"+1437E6D: 74 34 - je EoCApp.exe+1437EA3
"EoCApp.exe"+1437E6F: 8B 98 6C 01 00 00 - mov ebx,[rax+0000016C]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+1437E75: 3B DE - cmp ebx,esi
"EoCApp.exe"+1437E77: 7C 2A - jl EoCApp.exe+1437EA3
"EoCApp.exe"+1437E79: 2B DE - sub ebx,esi
// ---------- DONE INJECTING ----------
"EoCApp.exe"+1437E7B: 48 8B C8 - mov rcx,rax
"EoCApp.exe"+1437E7E: 8B D3 - mov edx,ebx
"EoCApp.exe"+1437E80: E8 BB E6 E6 FF - call EoCApp.exe+12A6540
"EoCApp.exe"+1437E85: 85 DB - test ebx,ebx
"EoCApp.exe"+1437E87: 75 08 - jne EoCApp.exe+1437E91
"EoCApp.exe"+1437E89: 48 8B CF - mov rcx,rdi
"EoCApp.exe"+1437E8C: E8 FF 08 E7 FF - call EoCApp.exe+12A8790
"EoCApp.exe"+1437E91: B0 01 - mov al,01
"EoCApp.exe"+1437E93: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"EoCApp.exe"+1437E98: 48 8B 74 24 38 - mov rsi,[rsp+38]
}
3863
"Unlimited Inventory Split"
Auto Assembler Script
{ Game : EoCApp.exe
Version: 1.0
Date : 09-16-17
Author : Slynderdale
}
[ENABLE]
aobscanmodule(split,EoCApp.exe,29 ?? 6C 01 00 00 48)
alloc(split_save,6)
split_save:
readmem(split,6)
split:
db 90 90 90 90 90 90
registersymbol(split)
registersymbol(split_save)
[DISABLE]
split:
readmem(split_save,6)
unregistersymbol(split)
unregistersymbol(split_save)
{
// ORIGINAL CODE - INJECTION POINT: EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16D5
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16A2: 4C 8B 0D E740B500 - mov r9,[7FF750F5C4A0]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16A9: 4D 8B C2 - mov r8,r10
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16AC: 48 C7 44 24 28 00000000 - mov [rsp+28],00000000
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16B5: 48 8B D5 - mov rdx,rbp
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16B8: 48 89 4C 24 20 - mov [rsp+20],rcx
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16BD: 48 8B 88 D0000000 - mov rcx,[rax+000000D0]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16C4: E8 37B3FEFF - call 7FF7503F3710
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16C9: 48 8B D8 - mov rbx,rax
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16CC: 48 85 C0 - test rax,rax
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16CF: 0F84 BB000000 - je 7FF7504084A0
// ---------- INJECTING HERE ----------
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16D5: 29 B7 6C010000 - sub [rdi+0000016C],esi
// ---------- DONE INJECTING ----------
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16DB: 48 BD 00000000FFFF3F00 - mov rbp,003FFFFF00000000
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16E5: 48 8B 8F 60010000 - mov rcx,[rdi+00000160]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16EC: 48 3B 0D 9D40B500 - cmp rcx,[7FF750F5C4A0]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16F3: 74 3A - je 7FF75040843F
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16F5: 48 85 CD - test rbp,rcx
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16F8: 74 35 - je 7FF75040843F
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C16FA: 48 8B 15 FF6DBB00 - mov rdx,[7FF750FBF210]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C1701: 3B 4A 1C - cmp ecx,[rdx+1C]
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C1704: 73 30 - jae 7FF750408446
EoCApp.gr::GrannyAnimationSourceReader::ReadGlobal+5C1706: 48 8B 42 30 - mov rax,[rdx+30]
}
4038
"Increase Movement Speed"
Auto Assembler Script
[ENABLE]
aobscanmodule(movement,EoCApp.exe,8D 47 0A 84 C9)
label(movement_speed)
movement:
db 90 90 90
db B8
movement_speed:
dd #200
registersymbol(movement)
registersymbol(movement_speed)
[DISABLE]
movement:
db 8D 47 0A 84 C9 0F 44 C7
unregistersymbol(movement)
unregistersymbol(movement_speed)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+16DEAD0
"EoCApp.exe"+16DEAA8: 74 0D - je EoCApp.exe+16DEAB7
"EoCApp.exe"+16DEAAA: 41 F7 81 7C 01 00 00 00 80 00 00 - test [r9+0000017C],8000
"EoCApp.exe"+16DEAB5: 75 7A - jne EoCApp.exe+16DEB31
"EoCApp.exe"+16DEAB7: 49 83 C0 08 - add r8,08
"EoCApp.exe"+16DEABB: 4D 3B C2 - cmp r8,r10
"EoCApp.exe"+16DEABE: 75 D0 - jne EoCApp.exe+16DEA90
"EoCApp.exe"+16DEAC0: BA 50 00 00 00 - mov edx,00000050
"EoCApp.exe"+16DEAC5: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+16DEAC8: E8 03 BE FD FF - call EoCApp.exe+16BA8D0
"EoCApp.exe"+16DEACD: 0F B6 C8 - movzx ecx,al
// ---------- INJECTING HERE ----------
"EoCApp.exe"+16DEAD0: 8D 47 0A - lea eax,[rdi+0A]
"EoCApp.exe"+16DEAD3: 84 C9 - test cl,cl
// ---------- DONE INJECTING ----------
"EoCApp.exe"+16DEAD5: 0F 44 C7 - cmove eax,edi
"EoCApp.exe"+16DEAD8: 48 8B 5C 24 48 - mov rbx,[rsp+48]
"EoCApp.exe"+16DEADD: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+16DEAE1: 5F - pop rdi
"EoCApp.exe"+16DEAE2: C3 - ret
"EoCApp.exe"+16DEAE3: 48 2B C6 - sub rax,rsi
"EoCApp.exe"+16DEAE6: 48 C1 F8 03 - sar rax,03
"EoCApp.exe"+16DEAEA: 83 F8 FF - cmp eax,-01
"EoCApp.exe"+16DEAED: 0F 84 EA FE FF FF - je EoCApp.exe+16DE9DD
"EoCApp.exe"+16DEAF3: 48 63 C8 - movsxd rcx,eax
}
4039
"Movement Speed"
4 Bytes
movement_speed
3545
"Selected Character"
Auto Assembler Script
[ENABLE]
aobscanmodule(selected_unit,EoCApp.exe,48 8B 03 BA 00 02 10 00)
alloc(newmem,$1000,selected_unit)
label(code)
label(return)
label(player_ptr)
newmem:
code:
mov rax,player_ptr
mov [rax],rbx
mov rax,[rbx]
mov edx,00100200
jmp return
player_ptr:
dq 0
selected_unit:
jmp code
nop
nop
nop
return:
registersymbol(selected_unit)
registersymbol(player_ptr)
[DISABLE]
selected_unit:
db 48 8B 03 BA 00 02 10 00
unregistersymbol(selected_unit)
unregistersymbol(player_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+F41A08
"EoCApp.exe"+F419E6: 75 4A - jne EoCApp.exe+F41A32
"EoCApp.exe"+F419E8: 83 FF 01 - cmp edi,01
"EoCApp.exe"+F419EB: 74 45 - je EoCApp.exe+F41A32
"EoCApp.exe"+F419ED: 83 BB 10 03 00 00 00 - cmp dword ptr [rbx+00000310],00
"EoCApp.exe"+F419F4: 7F 3C - jg EoCApp.exe+F41A32
"EoCApp.exe"+F419F6: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+F419F9: E8 B2 C5 FF FF - call EoCApp.exe+F3DFB0
"EoCApp.exe"+F419FE: 8B 0D EC 35 25 01 - mov ecx,[EoCApp.exe+2194FF0]
"EoCApp.exe"+F41A04: 39 08 - cmp [rax],ecx
"EoCApp.exe"+F41A06: 74 2A - je EoCApp.exe+F41A32
// ---------- INJECTING HERE ----------
"EoCApp.exe"+F41A08: 48 8B 03 - mov rax,[rbx]
"EoCApp.exe"+F41A0B: BA 00 02 10 00 - mov edx,00100200
// ---------- DONE INJECTING ----------
"EoCApp.exe"+F41A10: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+F41A13: FF 90 88 00 00 00 - call qword ptr [rax+00000088]
"EoCApp.exe"+F41A19: 84 C0 - test al,al
"EoCApp.exe"+F41A1B: 75 15 - jne EoCApp.exe+F41A32
"EoCApp.exe"+F41A1D: E8 CE B7 F2 FF - call EoCApp.exe+E6D1F0
"EoCApp.exe"+F41A22: 48 8B 7C 24 38 - mov rdi,[rsp+38]
"EoCApp.exe"+F41A27: 84 C0 - test al,al
"EoCApp.exe"+F41A29: 0F 95 C0 - setne al
"EoCApp.exe"+F41A2C: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+F41A30: 5B - pop rbx
}
3496
"Base Address"
1
Array of byte
0
player_ptr
0
10276
"Is GM (BACKUP YOUR SAVES)"
Binary
6
1
0
+C1
3499
"Attributes"
1
3500
"Base Address"
1
Array of byte
0
player_ptr
0
320
3501
"Strength"
4 Bytes
+0
3502
"Finesse"
4 Bytes
+4
3503
"Intelligence"
4 Bytes
+8
3504
"Constitution"
4 Bytes
+c
3505
"Memory"
4 Bytes
+10
3506
"Wits"
4 Bytes
+14
3507
"Stats"
1
3508
"Base Address"
1
Array of byte
0
player_ptr
0
138
3509
"Current Vitality"
4 Bytes
+1D8
3547
"Maximum Vitality"
4 Bytes
+328
3510
"Action Points"
4 Bytes
+1F0
3511
"Source Points"
4 Bytes
+1EC
3512
"Experience"
4 Bytes
+1F8
3873
"?"
4 Bytes
+36C
10161
"Unit Name"
String
64
0
0
1
+30
0
3608
"Skills"
1
3609
"Base Address"
1
Array of byte
0
player_ptr
0
340
3610
"Warfare"
4 Bytes
+0
3612
"Huntsman"
4 Bytes
+4
3613
"Scoundrel"
4 Bytes
+8
3614
"Single-Handed"
4 Bytes
+C
3615
"Two-Handed"
4 Bytes
+10
3616
"Retribution"
4 Bytes
+14
3617
"Ranged"
4 Bytes
+18
3618
"???"
4 Bytes
+1C
3619
"???"
4 Bytes
+20
3620
"???"
4 Bytes
+24
3621
"???"
4 Bytes
+28
3622
"???"
4 Bytes
+2C
3625
"???"
4 Bytes
+30
3626
"Pyrokinetic"
4 Bytes
+34
3627
"Hydrosophist"
4 Bytes
+38
3628
"Aerotheurge"
4 Bytes
+3C
3629
"Geomancer"
4 Bytes
+40
3630
"Necromancer"
4 Bytes
+44
3631
"Summoning"
4 Bytes
+48
3632
"Polymorph"
4 Bytes
+4C
3633
"Telekinesis"
4 Bytes
+50
3634
"???"
4 Bytes
+54
3635
"Sneaking"
4 Bytes
+58
3636
"???"
4 Bytes
+5C
3637
"Thievery"
4 Bytes
+60
3638
"Lore Master"
4 Bytes
+64
3639
"???"
4 Bytes
+68
3640
"Bartering"
4 Bytes
+6C
3641
"???"
4 Bytes
+70
3642
"???"
4 Bytes
+74
3643
"???"
4 Bytes
+78
3644
"Persuasion"
4 Bytes
+7C
3645
"Leadership"
4 Bytes
+80
3646
"Lucky Charm"
4 Bytes
+84
3647
"Dual Wielding"
4 Bytes
+88
3648
"???"
4 Bytes
+8C
3649
"Perseverance"
4 Bytes
+90
3650
"???"
4 Bytes
+94
3651
"???"
4 Bytes
+98
3517
"Points"
1
3518
"Base Address"
1
Array of byte
0
player_ptr
18
3549
"Attributes"
4 Bytes
+2E8
3520
"Combat Abilities"
4 Bytes
+2EC
3521
"Civil Abilities"
4 Bytes
+2F0
3522
"Talents"
4 Bytes
+2F4
10169
"Tags"
1
10135
"Base Address"
1
Array of byte
0
player_ptr
0
10170
"Number of Active Tags"
4 Bytes
+4AC
10137
"List of Tags"
1
Array of byte
0
+4A0
0
10138
"Max Size (Don't Touch)"
4 Bytes
-8
10139
"Tag 1 Address"
1
8 Bytes
+0
10140
""
String
128
0
0
1
+0
0
10141
"Tag 2 Address"
1
8 Bytes
+8
10142
""
String
128
0
0
1
+0
0
10143
"Tag 3 Address"
1
8 Bytes
+10
10144
""
String
128
0
0
1
+0
0
10145
"Tag 4 Address"
1
8 Bytes
+18
10146
""
String
128
0
0
1
+0
0
10147
"Tag 5 Address"
1
8 Bytes
+20
10148
""
String
128
0
0
1
+0
0
10149
"Tag 6 Address"
1
8 Bytes
+28
10150
""
String
128
0
0
1
+0
0
10151
"Tag 7 Address"
1
8 Bytes
+30
10152
""
String
128
0
0
1
+0
0
10153
"Tag 8 Address"
1
8 Bytes
+38
10154
""
String
128
0
0
1
+0
0
10155
"Tag 9 Address"
1
8 Bytes
+40
10156
""
String
128
0
0
1
+0
0
10157
"Tag 10 Address"
1
8 Bytes
+48
10158
""
String
128
0
0
1
+0
0
10165
"Tag 11 Address"
1
8 Bytes
+50
10166
""
String
128
0
0
1
+0
0
10167
"Tag 12 Address"
1
8 Bytes
+58
10168
""
String
128
0
0
1
+0
0
3574
"Last Item Moved in Backpack"
Auto Assembler Script
[ENABLE]
//aobscanmodule(last_item,EoCApp.exe,4C 8B E0 4C 89 7C 24)
aobscanmodule(last_item,EoCApp.exe,4C 8B E0 4C 89 7D)
alloc(newmem,$1000,last_item)
label(code)
label(return)
label(last_item_ptr)
label(last_item_bkp)
newmem:
mov r12,last_item_ptr
mov [r12],rax
code:
last_item_bkp:
readmem(last_item,7)
jmp return
last_item_ptr:
dq 0
last_item:
jmp newmem
nop
nop
return:
registersymbol(last_item)
registersymbol(last_item_ptr)
registersymbol(last_item_bkp)
[DISABLE]
last_item:
readmem(last_item_bkp,7)
unregistersymbol(last_item)
unregistersymbol(last_item_ptr)
unregistersymbol(last_item_bkp)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+142CB7D
"EoCApp.exe"+142CB4D: 8B 54 3A 08 - mov edx,[rdx+rdi+08]
"EoCApp.exe"+142CB51: 48 81 C1 00 01 00 00 - add rcx,00000100
"EoCApp.exe"+142CB58: E8 53 FF EF FF - call EoCApp.exe+132CAB0
"EoCApp.exe"+142CB5D: 4C 8B E8 - mov r13,rax
"EoCApp.exe"+142CB60: 48 8B 46 30 - mov rax,[rsi+30]
"EoCApp.exe"+142CB64: 41 B0 01 - mov r8l,01
"EoCApp.exe"+142CB67: 48 8B 0D 72 26 B6 00 - mov rcx,[EoCApp.exe+1F8F1E0]
"EoCApp.exe"+142CB6E: 48 81 C1 00 01 00 00 - add rcx,00000100
"EoCApp.exe"+142CB75: 8B 14 07 - mov edx,[rdi+rax]
"EoCApp.exe"+142CB78: E8 13 CC F1 FF - call EoCApp.exe+1349790
// ---------- INJECTING HERE ----------
"EoCApp.exe"+142CB7D: 4C 8B E0 - mov r12,rax
"EoCApp.exe"+142CB80: 4C 89 7C 24 60 - mov [rsp+60],r15
// ---------- DONE INJECTING ----------
"EoCApp.exe"+142CB85: 48 8B 46 30 - mov rax,[rsi+30]
"EoCApp.exe"+142CB89: 44 38 7C 38 19 - cmp [rax+rdi+19],r15l
"EoCApp.exe"+142CB8E: 74 72 - je EoCApp.exe+142CC02
"EoCApp.exe"+142CB90: 48 8B 0D 49 26 B6 00 - mov rcx,[EoCApp.exe+1F8F1E0]
"EoCApp.exe"+142CB97: 41 B0 01 - mov r8l,01
"EoCApp.exe"+142CB9A: 8B 54 38 04 - mov edx,[rax+rdi+04]
"EoCApp.exe"+142CB9E: 48 81 C1 00 01 00 00 - add rcx,00000100
"EoCApp.exe"+142CBA5: E8 E6 CB F1 FF - call EoCApp.exe+1349790
"EoCApp.exe"+142CBAA: 48 8B D8 - mov rbx,rax
"EoCApp.exe"+142CBAD: 48 85 C0 - test rax,rax
}
3573
"Base Address"
1
String
0
0
0
1
last_item_ptr
0
3526
"Name (don't change)"
String
64
0
0
1
+138
0
3572
"Quantity"
4 Bytes
+16C
3541
"Current Durability"
4 Bytes
+140
200
3867
"Sell Value"
4 Bytes
+148
3C
18
4060
"Level"
4 Bytes
+22C
3668
"Equipment Name"
String
64
0
0
1
+D0
0
40
3667
"Equipment Address"
String
0
0
0
1
+140
0
2915
"Level"
4 Bytes
+C
2783
"Durability"
4 Bytes
+200
2788
"Rarity"
String
32
0
0
1
+208
0
2789
"Rarity Address"
1
8 Bytes
+208
10179
"Mouseover Item Editor"
Auto Assembler Script
[ENABLE]
aobscanmodule(mouseover_item,EoCApp.exe,4C 8B 02 4D 85 C0 74 ??)
alloc(newmem,$1000,mouseover_item)
label(code)
label(return)
label(mouseover_item_ptr)
newmem:
mov r8,[rdx]
test r8,r8
je return
test rcx,rcx
jne code
nop
mov rcx,mouseover_item_ptr
mov [rcx],r8
xor rcx,rcx
code:
test r8,r8
jmp return
mouseover_item_ptr:
dq 0
mouseover_item:
jmp newmem
nop
return:
registersymbol(mouseover_item)
registersymbol(mouseover_item_ptr)
[DISABLE]
mouseover_item:
db 4C 8B 02 4D 85 C0
unregistersymbol(mouseover_item)
unregistersymbol(mouseover_item_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+171F0C0
"EoCApp.exe"+171F0A0: 4D 8B C8 - mov r9,r8
"EoCApp.exe"+171F0A3: 4C 2B CA - sub r9,rdx
"EoCApp.exe"+171F0A6: 8B C8 - mov ecx,eax
"EoCApp.exe"+171F0A8: 49 83 C1 07 - add r9,07
"EoCApp.exe"+171F0AC: 49 C1 E9 03 - shr r9,03
"EoCApp.exe"+171F0B0: 49 3B D0 - cmp rdx,r8
"EoCApp.exe"+171F0B3: 4C 0F 47 C8 - cmova r9,rax
"EoCApp.exe"+171F0B7: 4D 85 C9 - test r9,r9
"EoCApp.exe"+171F0BA: 74 1C - je EoCApp.exe+171F0D8
"EoCApp.exe"+171F0BC: 0F 1F 40 00 - nop [rax+00]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+171F0C0: 4C 8B 02 - mov r8,[rdx]
"EoCApp.exe"+171F0C3: 4D 85 C0 - test r8,r8
// ---------- DONE INJECTING ----------
"EoCApp.exe"+171F0C6: 74 04 - je EoCApp.exe+171F0CC
"EoCApp.exe"+171F0C8: 41 03 40 6C - add eax,[r8+6C]
"EoCApp.exe"+171F0CC: 48 83 C2 08 - add rdx,08
"EoCApp.exe"+171F0D0: 48 FF C1 - inc rcx
"EoCApp.exe"+171F0D3: 49 3B C9 - cmp rcx,r9
"EoCApp.exe"+171F0D6: 75 E8 - jne EoCApp.exe+171F0C0
"EoCApp.exe"+171F0D8: B9 03 00 00 00 - mov ecx,00000003
"EoCApp.exe"+171F0DD: 3B C1 - cmp eax,ecx
"EoCApp.exe"+171F0DF: 0F 4F C1 - cmovg eax,ecx
"EoCApp.exe"+171F0E2: C3 - ret
}
10222
"Item Stats"
1
10223
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10181
"Durability"
4 Bytes
+18
10272
"Weight"
4 Bytes
+14C
10202
"Sockets"
4 Bytes
+6C
10194
"Maximum Action Points"
4 Bytes
+48
10193
"Start Action Points"
4 Bytes
+4C
10195
"Turn Action Points"
4 Bytes
+50
10196
"Accuracy"
4 Bytes
+54
10197
"Dodge"
4 Bytes
+58
10198
"Life Steal"
4 Bytes
+5C
10199
"Critical Chance"
4 Bytes
+60
10200
"Chance to Hit"
4 Bytes
+64
10213
"Movement"
4 Bytes
+98
10214
"Initiative"
4 Bytes
+9C
10182
"???"
4 Bytes
+1C
10220
"Attributes"
1
10221
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10183
"Strength"
4 Bytes
+20
10184
"Finesse"
4 Bytes
+24
10185
"Intelligence"
4 Bytes
+28
10186
"Constitution"
4 Bytes
+2C
10187
"Memory"
4 Bytes
+30
10188
"Wits"
4 Bytes
+34
10191
"Vitality"
4 Bytes
+40
10226
"Combat Abilities"
1
10227
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10232
"Warfare"
4 Bytes
+AC
10233
"Huntsman"
4 Bytes
+B0
10234
"Scoundrel"
4 Bytes
+B4
10235
"Single-Handed"
4 Bytes
+B8
10236
"Two-Handed"
4 Bytes
+BC
10238
"Ranged"
4 Bytes
+C4
10247
"Pyrokinetic"
4 Bytes
+E0
10248
"Hydrosophist"
4 Bytes
+E4
10249
"Aerotheurge"
4 Bytes
+E8
10250
"Geomancer"
4 Bytes
+EC
10251
"Necromancer"
4 Bytes
+F0
10252
"Summoning"
4 Bytes
+F4
10253
"Polymorph"
4 Bytes
+F8
10267
"Dual Wielding"
4 Bytes
+134
10268
"Wand"
4 Bytes
+138
10269
"Perseverance"
4 Bytes
+13C
10224
"Civil Abilities"
1
10225
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10254
"Telekinesis"
4 Bytes
+FC
10255
"Blacksmithing"
4 Bytes
+100
10231
"Sneaking"
4 Bytes
+104
10256
"Pickpocketing"
4 Bytes
+108
10257
"Thievery"
4 Bytes
+10C
10258
"Loremaster"
4 Bytes
+110
10259
"Crafting"
4 Bytes
+114
10260
"Bartering"
4 Bytes
+118
10261
"Charm"
4 Bytes
+11C
10262
"Intimidate"
4 Bytes
+120
10263
"Reason"
4 Bytes
+124
10264
"Persuasion"
4 Bytes
+128
10265
"Leadership"
4 Bytes
+12C
10266
"Lucky Charm"
4 Bytes
+130
10270
"Rune Crafting"
4 Bytes
+140
10271
"Brew Master"
4 Bytes
+144
10242
"Other Abilities"
1
10243
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10237
"Retribution"
4 Bytes
+C0
10239
"Shieldbearer"
4 Bytes
+C8
10240
"Reflexes"
4 Bytes
+CC
10241
"Physical Armor"
4 Bytes
+D0
10244
"Magic Armor"
4 Bytes
+D4
10245
"Vitality"
4 Bytes
+D8
10246
"Sourcery"
4 Bytes
+DC
10218
"Resistances"
1
10219
"Base Address"
String
0
0
0
1
mouseover_item_ptr
0
10203
"Fire Resistance"
4 Bytes
+70
10204
"Air Resistance"
4 Bytes
+74
10205
"Water Resistance"
4 Bytes
+78
10206
"Earth Resistance"
4 Bytes
+7C
10207
"Poison Resistance"
4 Bytes
+80
10208
"Tenebrium Resistance"
4 Bytes
+84
10209
"Piercing Resistance"
4 Bytes
+88
10210
"Corrosive Resistance"
4 Bytes
+8C
10211
"Physical Resistance"
4 Bytes
+90
10212
"Magic Resistance"
4 Bytes
+94
4059
"Treat Containers as New"
Auto Assembler Script
[ENABLE]
aobscanmodule(trigger_magic_find,EoCApp.exe,75 30 48 8B 01 FF 50 50 48 05)
trigger_magic_find:
db 90 90
registersymbol(trigger_magic_find)
aobscanmodule(magic_find_2,EoCApp.exe,0F B6 81 88 00 00 00 4C 8B ?? ?? ?? ?? A8 10)
magic_find_2:
db 31 C0 90 90 90 90 90
registersymbol(magic_find_2)
[DISABLE]
trigger_magic_find:
db 75 30
unregistersymbol(trigger_magic_find)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12AAE67
"EoCApp.exe"+12AAE4C: CC - int 3
"EoCApp.exe"+12AAE4D: CC - int 3
"EoCApp.exe"+12AAE4E: CC - int 3
"EoCApp.exe"+12AAE4F: CC - int 3
"EoCApp.exe"+12AAE50: 48 89 5C 24 08 - mov [rsp+08],rbx
"EoCApp.exe"+12AAE55: 57 - push rdi
"EoCApp.exe"+12AAE56: 48 83 EC 20 - sub rsp,20
"EoCApp.exe"+12AAE5A: F6 81 88 00 00 00 10 - test byte ptr [rcx+00000088],10
"EoCApp.exe"+12AAE61: 48 8B FA - mov rdi,rdx
"EoCApp.exe"+12AAE64: 48 8B D9 - mov rbx,rcx
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12AAE67: 75 30 - jne EoCApp.exe+12AAE99
"EoCApp.exe"+12AAE69: 48 8B 01 - mov rax,[rcx]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12AAE6C: FF 50 50 - call qword ptr [rax+50]
"EoCApp.exe"+12AAE6F: 48 05 E8 04 00 00 - add rax,000004E8
"EoCApp.exe"+12AAE75: 33 D2 - xor edx,edx
"EoCApp.exe"+12AAE77: 44 8B 40 14 - mov r8d,[rax+14]
"EoCApp.exe"+12AAE7B: 4D 85 C0 - test r8,r8
"EoCApp.exe"+12AAE7E: 74 19 - je EoCApp.exe+12AAE99
"EoCApp.exe"+12AAE80: 48 8B 48 08 - mov rcx,[rax+08]
"EoCApp.exe"+12AAE84: 48 8B 01 - mov rax,[rcx]
"EoCApp.exe"+12AAE87: 83 78 08 01 - cmp dword ptr [rax+08],01
"EoCApp.exe"+12AAE8B: 74 19 - je EoCApp.exe+12AAEA6
}
magic_find_2:
db 0F B6 81 88 00 00 00
unregistersymbol(magic_find_2)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12AAED8
"EoCApp.exe"+12AAEC9: CC - int 3
"EoCApp.exe"+12AAECA: CC - int 3
"EoCApp.exe"+12AAECB: CC - int 3
"EoCApp.exe"+12AAECC: CC - int 3
"EoCApp.exe"+12AAECD: CC - int 3
"EoCApp.exe"+12AAECE: CC - int 3
"EoCApp.exe"+12AAECF: CC - int 3
"EoCApp.exe"+12AAED0: 41 54 - push r12
"EoCApp.exe"+12AAED2: 41 56 - push r14
"EoCApp.exe"+12AAED4: 48 83 EC 68 - sub rsp,68
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12AAED8: 0F B6 81 88 00 00 00 - movzx eax,byte ptr [rcx+00000088]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12AAEDF: 4C 8B E2 - mov r12,rdx
"EoCApp.exe"+12AAEE2: 4C 8B F1 - mov r14,rcx
"EoCApp.exe"+12AAEE5: A8 10 - test al,10
"EoCApp.exe"+12AAEE7: 0F 85 4C 05 00 00 - jne EoCApp.exe+12AB439
"EoCApp.exe"+12AAEED: 0C 10 - or al,10
"EoCApp.exe"+12AAEEF: 48 89 7C 24 50 - mov [rsp+50],rdi
"EoCApp.exe"+12AAEF4: 88 81 88 00 00 00 - mov [rcx+00000088],al
"EoCApp.exe"+12AAEFA: 4C 89 7C 24 40 - mov [rsp+40],r15
"EoCApp.exe"+12AAEFF: E8 6C 05 00 00 - call EoCApp.exe+12AB470
"EoCApp.exe"+12AAF04: 49 8B 86 58 01 00 00 - mov rax,[r14+00000158]
}
3666
"Find Item in New Container"
Auto Assembler Script
[ENABLE]
aobscanmodule(magic4,EoCApp.exe,48 8B 8C 24 D0 00 00 00 41 8B D5)
alloc(newmem,$1000,magic4)
label(code)
label(return)
label(spawnId)
newmem:
cmp rsi,1
je code
mov rax,spawnId
//inc [rax]
mov eax,[rax]
code:
mov rcx,[rsp+000000D0]
jmp return
spawnId:
dd #531
magic4:
jmp newmem
nop
nop
nop
return:
registersymbol(magic4)
registersymbol(spawnId)
[DISABLE]
magic4:
db 48 8B 8C 24 D0 00 00 00
unregistersymbol(magic4)
unregistersymbol(spawnId)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12A6894
"EoCApp.exe"+12A6868: 4D 89 73 E0 - mov [r11-20],r14
"EoCApp.exe"+12A686C: 49 89 43 B8 - mov [r11-48],rax
"EoCApp.exe"+12A6870: 48 8D 8B B0 01 00 00 - lea rcx,[rbx+000001B0]
"EoCApp.exe"+12A6877: 48 8B 83 B0 01 00 00 - mov rax,[rbx+000001B0]
"EoCApp.exe"+12A687E: 45 8B F1 - mov r14d,r9d
"EoCApp.exe"+12A6881: 4D 89 7B D8 - mov [r11-28],r15
"EoCApp.exe"+12A6885: 4D 89 6B D0 - mov [r11-30],r13
"EoCApp.exe"+12A6889: 4D 89 6B C0 - mov [r11-40],r13
"EoCApp.exe"+12A688D: 4D 89 6B C8 - mov [r11-38],r13
"EoCApp.exe"+12A6891: FF 50 28 - call qword ptr [rax+28]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12A6894: 48 8B 8C 24 D0 00 00 00 - mov rcx,[rsp+000000D0]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12A689C: 41 8B D5 - mov edx,r13d
"EoCApp.exe"+12A689F: 48 85 C9 - test rcx,rcx
"EoCApp.exe"+12A68A2: 74 07 - je EoCApp.exe+12A68AB
"EoCApp.exe"+12A68A4: 48 8B 91 20 01 00 00 - mov rdx,[rcx+00000120]
"EoCApp.exe"+12A68AB: 4C 8B 05 0E 8A CE 00 - mov r8,[EoCApp.exe+1F8F2C0]
"EoCApp.exe"+12A68B2: 4C 8D 4C 24 60 - lea r9,[rsp+60]
"EoCApp.exe"+12A68B7: 4C 89 6C 24 40 - mov [rsp+40],r13
"EoCApp.exe"+12A68BC: 48 8D 8B B0 01 00 00 - lea rcx,[rbx+000001B0]
"EoCApp.exe"+12A68C3: 44 88 6C 24 38 - mov [rsp+38],r13l
"EoCApp.exe"+12A68C8: 48 89 54 24 30 - mov [rsp+30],rdx
}
3660
"Item ID (Correct IDs are -9)"
0:_SharedSubTables
1:ST_WandNormal
2:ST_StaffNormal
3:ST_TwoHandedNormal
4:ST_OneHandedNormal
5:ST_RangedNormal
6:ST_WeaponNormal
7:ST_WeaponMagic
8:ST_WeaponRare
9:ST_WeaponLegendary
10:ST_ClothArmor
11:ST_LightArmor
12:ST_HeavyArmor
13:ST_MageArmor
14:ST_ArmorNormal
15:ST_RingAmuletBelt
16:ST_RingAmuletBeltMagic
17:ST_RingAmuletBeltRare
18:ST_RingAmuletBeltLegendary
19:ST_ArmorMagic
20:ST_ArmorRare
21:ST_ArmorLegendary
22:ST_Trader_WandNormal
23:ST_Trader_StaffNormal
24:ST_Trader_TwoHandedNormal
25:ST_Trader_OneHandedNormal
26:ST_Trader_RangedNormal
27:ST_Trader_ClothArmor
28:ST_Trader_LightArmor
29:ST_Trader_HeavyArmor
30:ST_Trader_MageArmor
31:ST_Trader_RingAmuletBeltNormal
32:ST_Trader_WeaponNormal
33:ST_Trader_ArmorNormal
34:ST_AllPotions
35:ST_AllPotionsSpecial
36:ST_Ingredients
37:ST_Grenades
38:ST_Arrows
39:ST_GrenadeIngredients
40:ST_ArrowIngredients
41:ST_Scroll
42:ST_RareIngredient
43:ST_PaperWork
44:ST_SmallThings
45:ST_KitchenThings
46:ST_Trader_WeaponWizard
47:ST_Trader_WeaponArcher
48:ST_Trader_WeaponWarrior
49:ST_Trader_WeaponRogue
50:ST_WeaponGenTrader
51:ST_ArmorGenTrader
52:ST_WeaponGenMagicTrader
53:ST_ArmorGenMagicTrader
54:ST_ArrowArcherTrader
55:ST_IngredientsTrader
56:ST_PotionsTrader
57:ST_TavernKeepNPC
58:ST_HerbTrader
59:ST_WorldDrop
60:ST_SkillbookAir
61:ST_SkillbookEarth
62:ST_SkillbookFire
63:ST_SkillbookNecromancy
64:ST_SkillbookRanger
65:ST_SkillbookRogue
66:ST_SkillbookWarrior
67:ST_SkillbookWater
68:ST_SkillbookPolymorph
69:ST_SkillbookSummoning
70:ST_SkillbookStarter
71:ST_SkillbookEarly
72:ST_SkillbookMid
73:ST_SkillbookLate
74:ST_Skillbook
75:ST_Skillbook_FireTrainer
76:ST_Skillbook_WaterTrainer
77:ST_Skillbook_AirTrainer
78:ST_Skillbook_EarthTrainer
79:ST_Skillbook_NecromancyTrainer
80:ST_Skillbook_RangerTrainer
81:ST_Skillbook_RogueTrainer
82:ST_Skillbook_WarriorTrainer
83:ST_Skillbook_SummoningTrainer
84:ST_Skillbook_PolymorphTrainer
85:ST_Neo_AllPotions
86:ST_Neo_LegendaryPotions
87:ST_Neo_Gear_Normal
88:ST_Neo_Gear_Normal_Uncommon
89:ST_Legendary_2_Group_1
90:ST_Legendary_2_Group_2
91:ST_Legendary_2_Group_3
92:ST_Legendary_2_Group_4
93:ST_Legendary_2_Group_5
94:ST_Legendary_2_Group_6
95:ST_Legendary_2_Group_7
96:ST_Legendary_2_Group_8
97:ST_Legendary_2_Group_9
98:ST_Legendary_2_Group_10
99:ST_Legendary_2_Group_12
100:ST_Legendary_2_Group_13
101:ST_Legendary_2_Group_14
102:ST_Legendary_2_Group_15
103:ST_Legendary_2
104:ST_Legendary_3_Group_1
105:ST_Legendary_3_Group_2
106:ST_Legendary_3_Group_3
107:ST_Legendary_3_Group_4
108:ST_Legendary_3_Group_5
109:ST_Legendary_3_Group_6
110:ST_Legendary_3_Group_7
111:ST_Legendary_3_Group_8
112:ST_Legendary_3_Group_9
113:ST_Legendary_3_Group_10
114:ST_Legendary_3_Group_11
115:ST_Legendary_3_Group_14
116:ST_Legendary_3_Group_15
117:ST_Legendary_3_Group_16
118:ST_Legendary_3_Group_17
119:ST_Legendary_3_Group_18
120:ST_Legendary_3_Group_19
121:ST_Legendary_3_Group_20
122:ST_Legendary_3_Group_21
123:ST_Legendary_3
124:ST_Medium_Group_1
125:ST_Medium_Group_2
126:ST_Medium_Group_3
127:ST_Medium_Group_4
128:ST_Medium_Group_5
129:ST_Medium_Group_6
130:ST_Medium_Group_7
131:ST_Medium_Group_8
132:ST_Medium_Group_9
133:ST_Medium_Group_10
134:ST_Medium_Group_11
135:ST_Medium_Group_12
136:ST_Medium_Group_13
137:ST_Medium_Group_14
138:ST_Medium_Group_15
139:ST_Medium_Group_17
140:ST_Medium_Group_18
141:ST_Medium_Group_19
142:ST_Medium_Group_20
143:ST_Medium_Group_21
144:ST_Medium_Group_22
145:ST_Medium_Group_23
146:ST_Medium_Group_24
147:ST_Small_Group_1
148:ST_Small_Group_2
149:ST_Small_Group_3
150:ST_Small_Group_4
151:ST_Small_Group_5
152:ST_Small_Group_6
153:ST_Small_Group_7
154:ST_Small_Group_8
155:ST_Small_Group_9
156:ST_Small_Group_10
157:ST_Small_Group_11
158:ST_Small_Group_12
159:ST_Small_Group_13
160:ST_Small_Group_14
161:ST_Small_Group_16
162:ST_Small_Group_17
163:ST_Small_Group_18
164:ST_Small_Group_19
165:ST_Small_Group_20
166:ST_Small_Group_21
167:ST_Small_Group_22
168:ST_Small_Group_23
169:ST_Small_Group_24
170:ST_Small_Group_25
171:ST_Small_Group_26
172:ST_Small_Group_27
173:ST_Small_Group_28
174:ST_Generic_Group_1_Characters
175:ST_Generic_Group_1
176:ST_Generic_Group_2
177:ST_Generic_Group_3
178:ST_Generic_Group_4
179:ST_Generic_Group_5
180:ST_Generic_ExtraGroup_6
181:ST_Generic_ExtraGroup_7
182:ST_RandomLootJunk
183:ST_RandomLootJunkCharacters
184:ST_RandomLootSuper
185:ST_RewardCombat_Group_1
186:ST_RewardCombat_Group_2
187:ST_RewardCombat_Group_3
188:ST_RewardCombat_Group_4
189:ST_RewardCombat_Group_5
190:ST_RewardCombat_Group_6
191:ST_RewardCombat_Group_7
192:ST_RewardCombat_Group_8
193:ST_RewardCombat_Group_9
194:ST_RewardCombat_Group_10
195:ST_RewardCombat_Group_11
196:ST_RewardCombat_Group_12
197:ST_RewardCombat_Group_13
198:ST_RewardCombat_Group_14
199:ST_RewardCombat_Group_15
200:ST_RewardCombat_Group_16
201:ST_RewardCombat_Group_17
202:ST_RewardCombat_Group_18
203:ST_RewardCombat_Group_19
204:ST_RewardCombat_Group_20
205:ST_RewardCombat_Group_21
206:ST_RewardCombat_Group_22
207:ST_RewardCombat_Group_23
208:ST_RewardCombat_Group_24
209:ST_Wheat
210:ST_Flour
211:ST_Potato
212:ST_Hide_Animal
213:ST_WoodenStick
214:ST_WoodenBranch
215:ST_Scraps_Cloth
216:ST_Scraps_Leather
217:ST_Carrot
218:ST_Apple
219:ST_Grapes
220:ST_WaterMelon
221:ST_Tomato
222:ST_Bread
223:ST_Orange
224:ST_Pumpkin
225:_Specific
226:Specific_Arrow
227:Specific_Grenade
228:Specific_GrenadeArrowScroll
229:Specific_Rune
230:Specific_Trinket
231:Specific_PilgrimShell
232:Specific_SmallGold
233:Specific_Precious
234:Specific_Painting
235:Specific_PaintingCollection
236:Specific_OrangeCollection
237:Specific_TeaCollection
238:Specific_DrudCollection
239:Specific_BoozeCollection
240:Specific_HealingPotion
241:Specific_Potion
242:Specific_SpecialPotion
243:Specific_Ingredient
244:Specific_NormalBooks
245:Specific_Food
246:Specific_AlcoholDrink
247:Specific_Drink
248:Specific_ResurrectScroll
249:Specific_IdentifyingGlass
250:Specific_RepairHammer
251:Specific_AtaraxianDrops
252:Specific_AtaraxianDropsJunk
253:QuestRewards
254:ST_QuestReward_Tiny_Choice_Extra
255:ST_QuestReward_Easy_Choice_Extra
256:ST_QuestReward_Medium_Choice_Extra
257:ST_QuestReward_High_Choice_Extra
258:ST_QuestReward_RG_1
259:ST_QuestReward_RG_2
260:ST_QuestReward_RG_3
261:ST_QuestReward_RG_4
262:ST_QuestReward_RG_5
263:ST_QuestReward_RG_6
264:ST_QuestReward_Tiny_Choice_1
265:ST_QuestReward_Tiny_Choice_2
266:ST_QuestReward_Tiny_Choice_3
267:ST_QuestReward_Tiny_Choice_4
268:ST_QuestReward_Tiny_Choice_5
269:ST_QuestReward_Tiny_Choice_6
270:ST_QuestReward_Tiny_Choice_7
271:ST_QuestReward_Easy_Choice_1
272:ST_QuestReward_Easy_Choice_2
273:ST_QuestReward_Easy_Choice_3
274:ST_QuestReward_Easy_Choice_4
275:ST_QuestReward_Easy_Choice_5
276:ST_QuestReward_Medium_Choice_1
277:ST_QuestReward_Medium_Choice_2
278:ST_QuestReward_Medium_Choice_3
279:ST_QuestReward_Medium_Choice_4
280:ST_QuestReward_Medium_Choice_5
281:ST_QuestReward_Medium_Choice_6
282:ST_QuestReward_Hard_Choice_1
283:ST_QuestReward_Hard_Choice_2
284:ST_QuestReward_Hard_Choice_3
285:ST_QuestReward_Hard_Choice_4
286:ST_QuestReward_Hard_Choice_5
287:ST_QuestReward_Hard_Choice_6
288:ST_QuestReward_Impossible_Choice_1
289:ST_QuestReward_Impossible_Choice_2
290:ST_QuestReward_Impossible_Choice_3
291:ST_QuestReward_Impossible_Choice_4
292:ST_QuestReward_Impossible_Choice_5
293:ST_QuestReward_Impossible_Choice_6
294:QuestReward_Fixed_Tiny
295:QuestReward_Fixed_Easy
296:QuestReward_Fixed_Medium
297:QuestReward_Fixed_Hard
298:QuestReward_Fixed_Impossible
299:QuestReward_Choice_Tiny
300:QuestReward_Choice_Easy
301:QuestReward_Choice_Medium
302:QuestReward_Choice_Hard
303:QuestReward_Choice_Impossible
304:_Containers
305:GenericContainer
306:Cont_Barrel
307:Cont_Crate
308:Cont_Basket
309:Cont_Vase
310:Cont_TreeTrunk
311:Cont_TrollDroppings
312:Cont_Henhouse
313:Cont_BonePile
314:Creatures_Bonepile
315:Cont_CupboardCloset
316:Cont_Bedchest
317:Cont_Toychest
318:Cont_KitchenCupboard
319:RichKitchenTreasure
320:Cont_BasketVeggies
321:Cont_Beehive
322:Cont_BirdNest
323:Cont_BoarNest
324:Cont_RabbitHole
325:Cont_GenericTomb
326:SackOfGore
327:RottingCorpse
328:Corpse
329:CorpseForceDrop
330:Coffin
331:Cont_Straw
332:Cont_WheatSack
333:Cont_Bookcase
334:Cont_Desk
335:Cont_Woodpile
336:Cont_Fishpile
337:Cont_Fishpile_Voidwoken
338:Cont_PotatoSack
339:Cont_BottleRack
340:FUR_Blacksmith_Crate
341:FUR_Kitchen_Shelf
342:FUR_Blacksmith_Shelf
343:Cont_EternalContainer
344:Cont_EternalDesk
345:_GenericCharacters
346:GenericNpc
347:CombatLeader
348:GenericEnemy
349:GenericEnemyUndead
350:GenericEnemyDark
351:Zombie
352:Warrior
353:Cleric
354:Ranger
355:Wizard
356:UnarmedMonster
357:SourcePuppet
358:ElementalFire
359:ElementalEarth
360:ElementalAir
361:ElementalWater
362:DeathKnight
363:Demon
364:DemonForceDrop
365:Hellhound
366:TinyBoss
367:MiniBoss
368:MegaBoss
369:TraderSkill
370:WarriorTrader
371:RogueTrader
372:ArcherTrader
373:WizardTrader
374:TraderMagic
375:TraderPotions
376:FoodTrader
377:IngredientTrader
378:TraderAlchemy
379:TavernTrader
380:TraderEquipment
381:_GenericObjects
382:Junk
383:Ingredient
384:Food
385:RewardCombat
386:RewardTiny
387:RewardSmall
388:RewardMedium
389:RewardBig
390:OnlyGold
391:GoldPile
392:OnlyGoldSmall
393:OnlyTraderGold
394:Empty
395:_Animals
396:ST_AnimalShared
397:ST_EarthAnimalEssence
398:ST_WaterAnimalEssence
399:Animals_Undead
400:Animals_Frog
401:Animals_Squirrel
402:Animals_Bear
403:Animals_Boar
404:Animals_Bull
405:Animals_Cat
406:Animals_Cow
407:Animals_Crab
408:Animals_Deer
409:Animals_Dog
410:Animals_Slug_Fire
411:Animals_Slug_Poison
412:Animals_Slug_Water
413:Animals_Pig
414:Animals_Pig_Flaming
415:Animals_Rabbit
416:Animals_Rat
417:Animals_Chicken
418:Animals_Owl
419:Animals_Condor
420:Animals_Sheep
421:Animals_Insect
422:Animals_Spider
423:Animals_Spider_Sewer
424:Animals_Tiger
425:Animals_Wolf
426:Robot
427:Automaton_Air
428:Automaton_Fire
429:Animals_Crocodile_A
430:Animals_Shark_A
431:Animals_Turtle
432:Animals_Voidling
433:Animals_Void_VampireBat
434:Animals_Voidwoken
435:Creatures_Voidwoken_Grunt
436:Creatures_Undead_Scarecrow
437:SourceOrb
438:Creatures_Terracotta_Guardian
439:NAT_Voideggs
440:VoidwokenTree
441:ShamblingMoundTree
442:Creatures_Raanaar_Hound
443:Creatures_Blob
444:_Luck
445:Luck1
446:Luck2
447:Luck3
448:Luck4
449:LuckTop
450:Luck5
451:Luck6
452:Luck7
453:Luck8
454:Luck9
455:Luck10
456:_MushroomClusters
457:Mushroom_Amadouvier
458:Mushroom_AmethystDeceiver
459:Mushroom_Boletus
460:Mushroom_Calocera
461:Mushroom_Chanterelle
462:Mushroom_Puffball
463:Mushroom_TrumpetOfDeath
464:VoideggCluster
465:_Cheat
466:CheatRecipeBooks
467:TEST_Generation
468:TEST_Runes
469:CheatSwooshWeapons
470:CheatBooksFire
471:CheatBooksWater
472:CheatBooksAir
473:CheatBooksEarth
474:CheatBooksNecromancy
475:CheatBooksRanger
476:CheatBooksRogue
477:CheatBooksWarrior
478:CheatBooksSummoning
479:CheatBooksPolymorph
480:CheatBooksSkillcrafting
481:CheatBooks
482:CheatArrows
483:CheatGrenades
484:CheatAccessories
485:CheatDaggers
486:Cheat2HSwords
487:CheatBows
488:CheatCrossbows
489:Cheat1HSwords
490:CheatWands
491:Cheat1HAxes
492:Cheat1HMaces
493:Cheat2HAxes
494:Cheat2HMaces
495:CheatSpears
496:CheatStaves
497:CheatShields
498:CheatShieldsAllRarities
499:CheatAllWeapons
500:CheatPotions
501:CheatMageArmor
502:CheatCivilianArmor
503:CheatHeavyArmor
504:CheatLightArmor
505:CheatRuneCrafting
506:CheatRuneCombinations
507:CheatRuneFraming
508:CheatPotionsMixing
509:CheatPotionsCrafting
510:CheatGrenadesCrafting
511:CheatArrowCrafting
512:CheatScrollCrafting
513:CheatSkillbooksCrafting
514:CheatWeaponCrafting
515:CheatGearCrafting
516:CheatFoodCrafting
517:CheatArenaLeather
518:CheatArenaPlate
519:CheatArenaRobe
520:CheatArenaRogue
521:CheatArenaRanger
522:CheatArenaWarrior
523:CheatArenaMage
524:DM_Rogue
525:DM_Ranger
526:DM_Warrior
527:DM_Mage
528:Equip
529:EquipMagic
530:EquipRare
531:EquipLegendary
532:EquipAllRarities
533:Arena
534:Gauntlet_Mechant
535:ArenaMode_ConsumableTrader
536:ArenaMode_ArmsTrader
537:ArenaTrader
538:_PAX_Arena
539:ArenaLoot
540:ArenaLootBig
541:ArenaLoot_Ammo
542:ArenaLoot_Healing
543:ArenaLoot_Utility
544:_ArtReference
545:ArtRef_Light
546:ArtRef_Heavy
547:ArtRef_Mage
548:ArtRef_Light_Uncommon
549:ArtRef_Heavy_Uncommon
550:ArtRef_Mage_Uncommon
551:ArtRef_Light_Rare
552:ArtRef_Heavy_Rare
553:ArtRef_Mage_Rare
554:ArtRef_Light_Epic
555:ArtRef_Heavy_Epic
556:ArtRef_Mage_Epic
557:CheatElementalWeapons
558:_General
559:ST_SourceSkillBook
560:ARX_LoreMasterReward
561:Gen_ResurrectScroll
562:_FortJoy
563:ReferenceWeapons
564:FTJ_StartingGearFighter
565:FTJ_StartingGearAll
566:ST_FTJ_ClothArmor
567:ST_FTJ_MageArmor
568:ST_FTJ_Arrow
569:ST_FTJ_Grenade
570:ST_FTJ_Tool
571:ST_FTJ_Scroll
572:ST_FTJ_GrenadeArrowScroll
573:ST_FTJ_Specific_Junk
574:ST_FTJ_Neo_RandomJunk_Group_1
575:ST_FTJ_Neo_RandomJunk_Group_2
576:ST_FTJ_Neo_RandomJunk_Group_3
577:ST_FTJ_Neo_RandomJunk_Group_4
578:ST_FTJ_Neo_RandomJunk_Group_5
579:ST_FTJ_Neo_RandomJunk_Group_6
580:ST_FTJ_Neo_RandomJunk_Group_7
581:ST_FTJ_Neo_RandomJunk_Group_8
582:ST_FTJ_Neo_RandomJunk_Group_9
583:ST_FTJ_Neo_RandomJunk_Group_10
584:ST_FTJ_Neo_RandomJunk_Group_11
585:ST_FTJ_Neo_RandomJunk_Group_12
586:ST_TUT_Junk
587:TUT_TutorialGear
588:TUT_Enemy
589:TUT_Container
590:TUT_EvidenceChest
591:FTJ_GenericChild
592:FTJ_GenericNpc
593:FTJ_Margo
594:FTJ_LootJunk
595:FTJ_Chest_CuriousChest
596:FTJ_OutsideMagister_Crossbow
597:FTJ_CorneringMagister_Sword
598:FTJ_HarbourMagister
599:FTJ_SwampBuildup_A_Undead_Belt
600:FTJ_SW_ShelterBackSalamander
601:FTJ_SW_VWBoss_VoidWoken
602:FTJ_Alexandar
603:FTJ_Trompdoy
604:FTJ_WaterChest
605:FTJ_LootMedium
606:FTJ_LootSmall
607:FTJ_LootBig
608:FTJ_GenericPrisoner
609:FTJ_DwarfPrisoner
610:FTJ_LizardPrisoner
611:FTJ_HumanPrisoner
612:FTJ_Scavenger
613:FTJ_Scavenger_Present_Rope
614:FTJ_Scavenger_Present_Bell
615:FTJ_Scavenger_Present_Seed
616:FTJ_StartingAreaDeadMagister
617:FTJ_Tinkerer
618:FTJ_Griff_Trader
619:FTJ_Griff_Treasure
620:FTJ_BlackMarketDealer
621:FTJ_SkepticSoldier
622:FTJ_SW_Zaleskar
623:FTJ_SW_Gratiana
624:S_FTJ_SW_Kerban
625:S_FTJ_SW_Warrior_Squire
626:FTJ_SW_Gareth
627:FTJ_SW_WellSmall
628:FTJ_SW_WellMedium
629:FTJ_SW_WellLarge
630:FTJ_Doctor
631:FTJ_GhettoGuard
632:FTJ_Magister_Boss_Kniles
633:FTJ_ModyTreasure
634:FTJ_FlamingPigsGuardian
635:FTJ_SkillbookWater
636:FTJ_SkillbookFire
637:FTJ_SkillbookAir
638:FTJ_SkillbookEarth
639:FTJ_SkillbookNecromancy
640:FTJ_SkillbookRanger
641:FTJ_SkillbookRogue
642:FTJ_SkillbookWarrior
643:FTJ_SkillbookPolymorph
644:FTJ_SkillbookSummoning
645:FTJ_Skillbook_WarriorTrainer
646:FTJ_Skillbook_RogueTrainer
647:FTJ_Skillbook_RangerTrainer
648:FTJ_Skillbook_FireTrainer
649:FTJ_Skillbook_WaterTrainer
650:FTJ_Skillbook_AirTrainer
651:FTJ_Skillbook_EarthTrainer
652:FTJ_Skillbook_NecroTrainer
653:FTJ_SW_SeekersChest
654:FTJ_Windego
655:S_FTJ_RubbleContainer_001
656:FTJ_SW_BraccusArmoryReward
657:FTJ_SW_Radeka
658:FTJ_SpikedTurtle_Wand
659:FTJ_Brute_Slug_Axe
660:FTJ_Brute_Burro_Club
661:FTJ_BuriedTreasure_Bow
662:FTJ_Brute_Waltz_Staff
663:FTJ_Brute_Needle_Wand
664:FTJ_Magister_Hollind
665:FTJ_Magister_Trippel
666:FTJ_Magister_Orivand
667:FTJ_Gheist_Migo_UpperBody
668:FTJ_Gheist
669:FTJ_MagisterCarin
670:COS_PurgedDragon
671:_LadyVengeance
672:LV_SourceOrbTrader
673:LW_SeekerMerchant
674:S_LV_Seeker_Maeve
675:_Oil
676:OIL_DwarfBookSeller
677:OIL_HumanSmith
678:OIL_RaanaarChest1
679:OIL_RaanaarChest2
680:OIL_RocksCrate
681:_Dunes
682:RC_DU_BeachedShark
683:ST_WoodenBlocks
684:RC_GenericChild
685:_Driftwood
686:DW_Hobo
687:DW_TavernChef
688:RC_DW_Trader_EquipmentRangerWarrior
689:RC_DW_Trader_FireAirEarthPoly
690:RC_DW_Trader_PotionsIngredientsWaterSummonNecro
691:S_RC_DW_TavernBouncer
692:DW_TavernKeeper
693:DW_TavernWaitress
694:DW_TraderHunter
695:DW_TraderGeneral
696:DW_TraderFish
697:DW_TraderFish_Workers
698:DW_Trader_UnderTavern
699:DW_Healer
700:DW_Bard
701:DW_PaladinQuarterMaster
702:DW_ArenaMaster
703:DW_GenericMagister
704:DW_PaladinNurse
705:DW_GenericMafia
706:RC_DW_Gardener_Overseer
707:DW_Ryker
708:DW_FalseProphet
709:DW_Grisha
710:DW_Dorotya
711:DW_LuteMaker
712:DW_CommonerDwarf_Fletcher
713:DW_IdlingMagister_2_Trade
714:RC_DW_SmugglingCacheStaff
715:RC_DW_SmugglingCacheMaceAndAxe
716:RC_DW_SmugglingCacheCrossBow
717:RC_DW_SurpriseDate_LizardDagger
718:RC_DW_DT_GarvanSuppliesContent
719:RC_DW_RichMerchant
720:RC_DW_RichMerchantChest
721:RC_DW_FishermanLocker
722:RC_DW_MeistrGuard_Axe
723:RC_Dorotya_Daggers
724:RC_SourceLichStaff_01
725:RC_SourceLichStaff_02
726:RC_DW_SourceLich_Necromancy
727:RC_DW_SourceLich_Earth
728:RC_DW_SourceLich_Ranger
729:RC_DW_SourceLich_Rogue
730:RC_DW_SourceLich_Warrior
731:RC_DW_SourceLich_Random
732:RC_DF_SourceLichSourceBook
733:RC_DW_SkillBook
734:RC_DW_VC_VoidChicks
735:RC_DW_Lohar_CoverTheTracks_Completed
736:RC_WC_BombScientist
737:RC_WC_MordusBeatenTreasure
738:_MIL
739:RC_MIL_DwarfWolf
740:RC_MIL_DwarfWolfM
741:ST_Livewood
742:Cont_WoodPile_Livewood
743:Cont_Trunk_Livewood
744:_GY
745:RC_GY_Qanna
746:RC_GY_Memorial_Dwarf
747:RC_GY_Memorial_Human
748:RC_GY_Memorial_Elf
749:RC_GY_Memorial_Lizard
750:RC_GY_RykersSpider_Reward
751:RC_GY_WronglyBuried_SkellyTrader
752:_DF
753:RC_Almira_Trader
754:RC_DF_UndeadTrader
755:S_RC_DF_Paladin_WarriorTrader
756:RC_DF_PolyLovers_RecipeTrader
757:RC_DF_Troll_Grog
758:RC_DF_Troll_Marg
759:_BF
760:RC_BF_CorneredSourcererHannag
761:RC_BF_Mhordkan
762:RC_BF_Mhordkan2
763:RC_BF_DemonHunter
764:RC_BF_DemonHunter_Trade
765:_BI
766:RC_BI_Bride
767:RC_BI_DwarfDemonTrader_Trade
768:RC_BI_DwarfDemonTrader_Treasure
769:RC_BI_LizardDemonLeader_Trade
770:RC_BI_LizardDemonLeader_Treasure
771:_COS
772:COS_WizardTempleGloves
773:COS_CrabShield
774:COS_DelorusBow
775:COS_ResurrectionPreventionStaff
776:COS_DispelCowl
777:COS_AlexandarStaff
778:COS_ElfTempleAxe
779:COS_DwarfTempleHelmet
780:COS_SpymasterSignet
781:COS_Trayde
782:COS_Jawbone
783:COS_DunaPriestess
784:COS_LizardMonkTrader
785:COS_LostKnight
786:COS_BR_DreamerWaterTrader
787:COS_BR_Alchemist
788:COS_BR_Quatermaster
789:COS_BR_UndeadTrader
790:COS_AcademyBookcase
791:_ARX
792:ARX_Cont_MagisterBookcase
793:RC_ARX_GenericPaladin
794:ARX_KemmMansion_Lady
795:ARX_Trader_Smith
796:ARX_Trader_Fletcher
797:ARX_Trader_Alchemist
798:ARX_Trader_Generalist
799:ARX_Trader_ShadyMerchant
800:ARX_Trader_CreepyCraftsman
801:ARX_Trader_Souvenir
802:ARX_Trader_AntiqueChief
803:ARX_Trader_Antique
804:ARX_Trader_Antique_Small
805:ARX_Trader_Books
806:ARX_Trader_Painting
807:ARX_Seasoned_HotKettle
808:ARX_MerchantEstate_Trader
809:ARX_MerchantEstate_Trader_VIP
810:ARX_Trader_Magic
811:RC_ARX_GenericMagister
812:RC_ARX_GenericCivilian
813:RC_Source_BodyPart
814:ARX_Trader_Cheese
815:ARX_Trader_Cheese_VIP
816:ARX_TraderCat
817:ARX_ThievesGuild_Leader
818:ARX_SourcePuppet
819:ARX_Neighborhood_TheFence
820:ARX_Outskirts_RichPilgrim
821:ARX_Loremaster
822:ARX_FishBarrel
4 Bytes
spawnId
10282
"Set Treasure Level"
Auto Assembler Script
[ENABLE]
//aobscanmodule(treasure_level,EoCApp.exe,8B AE 28 02 00 00 85)
aobscanmodule(treasure_level,EoCApp.exe,8B AE 28 02 00 00 85)
label(treasure_level_value)
treasure_level:
db 90 BD
treasure_level_value:
dd #10
registersymbol(treasure_level)
registersymbol(treasure_level_value)
[DISABLE]
treasure_level:
db 8B AE 28 02 00 00
unregistersymbol(treasure_level)
unregistersymbol(treasure_level_value)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12D3B93
"EoCApp.exe"+12D3B72: 48 85 C0 - test rax,rax
"EoCApp.exe"+12D3B75: 74 0C - je EoCApp.exe+12D3B83
"EoCApp.exe"+12D3B77: 48 8B C8 - mov rcx,rax
"EoCApp.exe"+12D3B7A: E8 51 D1 03 00 - call EoCApp.exe+1310CD0
"EoCApp.exe"+12D3B7F: 8B E8 - mov ebp,eax
"EoCApp.exe"+12D3B81: EB 16 - jmp EoCApp.exe+12D3B99
"EoCApp.exe"+12D3B83: 48 8B 0D D6 5D D0 00 - mov rcx,[EoCApp.exe+1FD9960]
"EoCApp.exe"+12D3B8A: E8 E1 A9 0B 00 - call EoCApp.exe+138E570
"EoCApp.exe"+12D3B8F: 8B E8 - mov ebp,eax
"EoCApp.exe"+12D3B91: EB 06 - jmp EoCApp.exe+12D3B99
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12D3B93: 8B AE 28 02 00 00 - mov ebp,[rsi+00000228]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12D3B99: 85 ED - test ebp,ebp
"EoCApp.exe"+12D3B9B: 79 15 - jns EoCApp.exe+12D3BB2
"EoCApp.exe"+12D3B9D: 4D 85 D2 - test r10,r10
"EoCApp.exe"+12D3BA0: 74 10 - je EoCApp.exe+12D3BB2
"EoCApp.exe"+12D3BA2: 4C 8B C6 - mov r8,rsi
"EoCApp.exe"+12D3BA5: 49 8B D6 - mov rdx,r14
"EoCApp.exe"+12D3BA8: 49 8B CA - mov rcx,r10
"EoCApp.exe"+12D3BAB: E8 70 78 15 00 - call EoCApp.exe+142B420
"EoCApp.exe"+12D3BB0: 8B E8 - mov ebp,eax
"EoCApp.exe"+12D3BB2: 48 8B 1D A7 1A CA 00 - mov rbx,[EoCApp.exe+1F75660]
}
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12B95E0
"EoCApp.exe"+12B95BD: 48 85 C0 - test rax,rax
"EoCApp.exe"+12B95C0: 74 0D - je EoCApp.exe+12B95CF
"EoCApp.exe"+12B95C2: 48 8B C8 - mov rcx,rax
"EoCApp.exe"+12B95C5: E8 36 B8 03 00 - call EoCApp.exe+12F4E00
"EoCApp.exe"+12B95CA: 44 8B E0 - mov r12d,eax
"EoCApp.exe"+12B95CD: EB 18 - jmp EoCApp.exe+12B95E7
"EoCApp.exe"+12B95CF: 48 8B 0D 22 D1 CE 00 - mov rcx,[EoCApp.exe+1FA66F8]
"EoCApp.exe"+12B95D6: E8 55 7B 0B 00 - call EoCApp.exe+1371130
"EoCApp.exe"+12B95DB: 44 8B E0 - mov r12d,eax
"EoCApp.exe"+12B95DE: EB 07 - jmp EoCApp.exe+12B95E7
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12B95E0: 45 8B A6 28 02 00 00 - mov r12d,[r14+00000228]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12B95E7: 45 85 E4 - test r12d,r12d
"EoCApp.exe"+12B95EA: 79 16 - jns EoCApp.exe+12B9602
"EoCApp.exe"+12B95EC: 4D 85 D2 - test r10,r10
"EoCApp.exe"+12B95EF: 74 11 - je EoCApp.exe+12B9602
"EoCApp.exe"+12B95F1: 4D 8B C6 - mov r8,r14
"EoCApp.exe"+12B95F4: 49 8B D7 - mov rdx,r15
"EoCApp.exe"+12B95F7: 49 8B CA - mov rcx,r10
"EoCApp.exe"+12B95FA: E8 01 33 15 00 - call EoCApp.exe+140C900
"EoCApp.exe"+12B95FF: 44 8B E0 - mov r12d,eax
"EoCApp.exe"+12B9602: 4C 89 6C 24 40 - mov [rsp+40],r13
}
10281
"Treasure Level"
4 Bytes
treasure_level_value
4037
"Print Global Variables"
Auto Assembler Script
[ENABLE]
{ old aobscanmodule
aobscanmodule(globals,EoCApp.exe,83 FB ?? 75 ?? 48 8B ?? ?? ?? ?? ?? 33 D2)
old code not sure how to fix
if success then
globals = getAddress("globals") + 23
globals = readInteger(globals) + globals + 20
end
}
{$lua}
if syntaxcheck then return end
local success = autoAssemble([[
aobscanmodule(globals,EoCApp.exe,83 FB ?? 77 ?? 48 B9 ?? ?? ?? ?? ?? ?? ?? ?? 48 0F A3 D9 73 ?? 48 8B ?? ?? ?? ?? ?? 0F 57 C9)
registersymbol(globals)
]])
local globals = "EoCApp.exe+298EAB8"
local variables = readPointer(globals)
variables = readPointer(variables + 0x2E0)
local size = readInteger(variables) - 1
variables = readPointer(variables + 0x8)
for i = 0, size do
local variable = readPointer(variables + i * 8)
repeat
local name = readString(readPointer(variable + 0x8))
local address = variable + 0x10
local value = readFloat(address)
local result = string.format("%012X %s (%0.3f)", address, name, value)
print(result)
variable = readPointer(variable)
until variable == 0
end
assert(false)
{$asm}
[DISABLE]
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+16AD5B7
"EoCApp.exe"+16AD592: FF 15 40 6D 2D 00 - call qword ptr [EoCApp.exe+19842D8]
"EoCApp.exe"+16AD598: F3 0F 2C C0 - cvttss2si eax,xmm0
"EoCApp.exe"+16AD59C: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+16AD5A0: 5B - pop rbx
"EoCApp.exe"+16AD5A1: C3 - ret
"EoCApp.exe"+16AD5A2: 83 FB 22 - cmp ebx,22
"EoCApp.exe"+16AD5A5: 77 50 - ja EoCApp.exe+16AD5F7
"EoCApp.exe"+16AD5A7: 48 B9 50 00 00 00 04 00 00 00 - mov rcx,0000000400000050
"EoCApp.exe"+16AD5B1: 48 0F A3 D9 - bt rcx,rbx
"EoCApp.exe"+16AD5B5: 73 40 - jae EoCApp.exe+16AD5F7
// ---------- INJECTING HERE ----------
"EoCApp.exe"+16AD5B7: 48 8B 05 2A 1B 8E 00 - mov rax,[EoCApp.exe+1F8F0E8]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+16AD5BE: 33 D2 - xor edx,edx
"EoCApp.exe"+16AD5C0: 48 8B 0D F9 B6 87 00 - mov rcx,[EoCApp.exe+1F28CC0]
"EoCApp.exe"+16AD5C7: 0F 57 C9 - xorps xmm1,xmm1
"EoCApp.exe"+16AD5CA: 4C 8B 88 E0 02 00 00 - mov r9,[rax+000002E0]
"EoCApp.exe"+16AD5D1: 48 8B C1 - mov rax,rcx
"EoCApp.exe"+16AD5D4: 45 8B 01 - mov r8d,[r9]
"EoCApp.exe"+16AD5D7: 49 F7 F0 - div r8
"EoCApp.exe"+16AD5DA: 49 8B 41 08 - mov rax,[r9+08]
"EoCApp.exe"+16AD5DE: 4C 8B 04 D0 - mov r8,[rax+rdx*8]
"EoCApp.exe"+16AD5E2: 4D 85 C0 - test r8,r8
}
4062
"Print Treasure Identifiers"
Auto Assembler Script
[ENABLE]
{$lua}
if syntaxcheck then return end
local success = autoAssemble([[
aobscanmodule(treasure,EoCApp.exe,48 8B 35 ?? ?? ?? ?? 8B FA 48 81)
registersymbol(treasure)
]])
local treasure = "EoCApp.exe+298EAB8" -- "EoCApp.exe+1F900E8"
if success then
treasure = getAddress("treasure") + 3
treasure = readInteger(treasure) + treasure + 4
end
treasure = readPointer(treasure) + 0x1B0
local size = readInteger(treasure + 0x40) - 1
treasure = readPointer(treasure + 0x10)
for i = 0, size do
local item = readPointer(i * 8 + treasure)
local name = readString(readPointer(item))
print(i..":"..name)
end
assert(false)
{$asm}
[DISABLE]
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+1794BEE
"EoCApp.exe"+1794BC8: 48 FF 60 08 - jmp qword ptr [rax+08]
"EoCApp.exe"+1794BCC: 48 FF 20 - jmp qword ptr [rax]
"EoCApp.exe"+1794BCF: CC - int 3
"EoCApp.exe"+1794BD0: 48 89 5C 24 08 - mov [rsp+08],rbx
"EoCApp.exe"+1794BD5: 48 89 74 24 18 - mov [rsp+18],rsi
"EoCApp.exe"+1794BDA: 57 - push rdi
"EoCApp.exe"+1794BDB: 48 83 EC 50 - sub rsp,50
"EoCApp.exe"+1794BDF: 48 8B 05 92 98 6C 00 - mov rax,[EoCApp.exe+1E5E478]
"EoCApp.exe"+1794BE6: 48 33 C4 - xor rax,rsp
"EoCApp.exe"+1794BE9: 48 89 44 24 48 - mov [rsp+48],rax
// ---------- INJECTING HERE ----------
"EoCApp.exe"+1794BEE: 48 8B 35 F3 B4 7F 00 - mov rsi,[EoCApp.exe+1F900E8]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+1794BF5: 8B FA - mov edi,edx
"EoCApp.exe"+1794BF7: 48 81 C6 B0 01 00 00 - add rsi,000001B0
"EoCApp.exe"+1794BFE: 48 8B CE - mov rcx,rsi
"EoCApp.exe"+1794C01: 48 8B 06 - mov rax,[rsi]
"EoCApp.exe"+1794C04: FF 50 20 - call qword ptr [rax+20]
"EoCApp.exe"+1794C07: 48 8B D8 - mov rbx,rax
"EoCApp.exe"+1794C0A: 48 85 C0 - test rax,rax
"EoCApp.exe"+1794C0D: 0F 84 1F 01 00 00 - je EoCApp.exe+1794D32
"EoCApp.exe"+1794C13: 45 33 C0 - xor r8d,r8d
"EoCApp.exe"+1794C16: 48 C7 44 24 40 0F 00 00 00 - mov [rsp+40],0000000F
}
10313
"Screen Settings"
1
10301
"Base Address"
String
0
0
0
1
EoCApp.exe+1F63448
0
10304
"Show HUD"
1
Byte
+1A
10307
"Rotate Map"
1
Byte
+D8
10306
"Unit Highlights"
0:Off
1:Circle
2:Cutout
3:Both
Byte
+BE0
10312
"Toggle Combat Highlights"
Byte
+BF4
10305
"Highlight Object Color"
String
0
0
0
1
+1090
10308
"Red"
Float
+0
10310
"Green"
Float
+4
10311
"Blue"
Float
+8
3523
"Ignore This"
C0C0C0
1
3465
"Current Combat Unit"
Auto Assembler Script
[ENABLE]
aobscanmodule(combat_turn,EoCApp.exe,8B 80 6C 01 00 00 48)
alloc(newmem,$1000,combat_turn)
label(code)
label(return)
label(combat_turn_ptr)
newmem:
mov rbx,combat_turn_ptr
mov [rbx],rax
code:
mov eax,[rax+0000016C]
jmp return
combat_turn_ptr:
dq 0
combat_turn:
jmp newmem
nop
return:
registersymbol(combat_turn)
registersymbol(combat_turn_ptr)
[DISABLE]
combat_turn:
db 8B 80 6C 01 00 00
unregistersymbol(combat_turn)
unregistersymbol(combat_turn_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+F3D707
"EoCApp.exe"+F3D6DF: 48 8D 54 24 38 - lea rdx,[rsp+38]
"EoCApp.exe"+F3D6E4: E8 D7 9D 03 00 - call EoCApp.exe+F774C0
"EoCApp.exe"+F3D6E9: 84 C0 - test al,al
"EoCApp.exe"+F3D6EB: 75 13 - jne EoCApp.exe+F3D700
"EoCApp.exe"+F3D6ED: 48 8B 8B F8 00 00 00 - mov rcx,[rbx+000000F8]
"EoCApp.exe"+F3D6F4: 33 D2 - xor edx,edx
"EoCApp.exe"+F3D6F6: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+F3D6FA: 5B - pop rbx
"EoCApp.exe"+F3D6FB: E9 60 2F 28 00 - jmp EoCApp.exe+11C0660
"EoCApp.exe"+F3D700: 48 8B 83 F8 00 00 00 - mov rax,[rbx+000000F8]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+F3D707: 8B 80 6C 01 00 00 - mov eax,[rax+0000016C]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+F3D70D: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+F3D711: 5B - pop rbx
"EoCApp.exe"+F3D712: C3 - ret
"EoCApp.exe"+F3D713: CC - int 3
"EoCApp.exe"+F3D714: CC - int 3
"EoCApp.exe"+F3D715: CC - int 3
"EoCApp.exe"+F3D716: CC - int 3
"EoCApp.exe"+F3D717: CC - int 3
"EoCApp.exe"+F3D718: CC - int 3
"EoCApp.exe"+F3D719: CC - int 3
}
3466
"Base Address"
Array of byte
0
combat_turn_ptr
0
3468
"Vitality"
4 Bytes
+154
3467
"Action Points"
4 Bytes
+16c
3473
"Source Points"
4 Bytes
+168
3471
"Experience"
4 Bytes
+174
3484
"Get Attributes"
Auto Assembler Script
[ENABLE]
aobscanmodule(get_attributes,EoCApp.exe,20 48 63 D2 8B 04 90 C3 CC)
registersymbol(get_attributes)
[DISABLE]
unregistersymbol(get_attributes)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+11930A7
"EoCApp.exe"+1193098: CC - int 3
"EoCApp.exe"+1193099: CC - int 3
"EoCApp.exe"+119309A: CC - int 3
"EoCApp.exe"+119309B: CC - int 3
"EoCApp.exe"+119309C: CC - int 3
"EoCApp.exe"+119309D: CC - int 3
"EoCApp.exe"+119309E: CC - int 3
"EoCApp.exe"+119309F: CC - int 3
"EoCApp.exe"+11930A0: 48 8B 41 20 - mov rax,[rcx+20]
"EoCApp.exe"+11930A4: 48 63 D2 - movsxd rdx,edx
// ---------- INJECTING HERE ----------
"EoCApp.exe"+11930A7: 8B 04 90 - mov eax,[rax+rdx*4]
"EoCApp.exe"+11930AA: C3 - ret
"EoCApp.exe"+11930AB: CC - int 3
// ---------- DONE INJECTING ----------
"EoCApp.exe"+11930AC: CC - int 3
"EoCApp.exe"+11930AD: CC - int 3
"EoCApp.exe"+11930AE: CC - int 3
"EoCApp.exe"+11930AF: CC - int 3
"EoCApp.exe"+11930B0: CC - int 3
"EoCApp.exe"+11930B1: CC - int 3
"EoCApp.exe"+11930B2: CC - int 3
"EoCApp.exe"+11930B3: CC - int 3
"EoCApp.exe"+11930B4: CC - int 3
"EoCApp.exe"+11930B5: CC - int 3
}
3487
"XP"
Auto Assembler Script
[ENABLE]
aobscanmodule(xp,EoCApp.exe,41 8B 85 74 01 00 00)
registersymbol(xp)
[DISABLE]
unregistersymbol(xp)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+1084798
"EoCApp.exe"+1084771: 3A C1 - cmp al,cl
"EoCApp.exe"+1084773: 74 23 - je EoCApp.exe+1084798
"EoCApp.exe"+1084775: 88 8D F6 00 00 00 - mov [rbp+000000F6],cl
"EoCApp.exe"+108477B: 48 0F BA EA 15 - bts rdx,15
"EoCApp.exe"+1084780: C0 E1 05 - shl cl,05
"EoCApp.exe"+1084783: 41 32 C8 - xor cl,r8l
"EoCApp.exe"+1084786: 48 89 95 E0 00 00 00 - mov [rbp+000000E0],rdx
"EoCApp.exe"+108478D: 80 E1 20 - and cl,20
"EoCApp.exe"+1084790: 41 32 C8 - xor cl,r8l
"EoCApp.exe"+1084793: 41 88 4C 24 61 - mov [r12+61],cl
// ---------- INJECTING HERE ----------
"EoCApp.exe"+1084798: 41 8B 85 74 01 00 00 - mov eax,[r13+00000174]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+108479F: 41 39 44 24 78 - cmp [r12+78],eax
"EoCApp.exe"+10847A4: 74 16 - je EoCApp.exe+10847BC
"EoCApp.exe"+10847A6: 48 83 CA 10 - or rdx,10
"EoCApp.exe"+10847AA: 89 85 18 01 00 00 - mov [rbp+00000118],eax
"EoCApp.exe"+10847B0: 48 89 95 E0 00 00 00 - mov [rbp+000000E0],rdx
"EoCApp.exe"+10847B7: 41 89 44 24 78 - mov [r12+78],eax
"EoCApp.exe"+10847BC: 45 0F B6 44 24 61 - movzx r8d,byte ptr [r12+61]
"EoCApp.exe"+10847C2: 41 0F B6 8E B9 00 00 00 - movzx ecx,byte ptr [r14+000000B9]
"EoCApp.exe"+10847CA: 41 0F B6 C0 - movzx eax,r8l
"EoCApp.exe"+10847CE: C0 E8 06 - shr al,06
}
3540
"Unlimited Durability"
Auto Assembler Script
[ENABLE]
aobscanmodule(durability,EoCApp.exe,29 BB 7C 01 00 00)
durability:
db 90 90 90 90 90 90
registersymbol(durability)
[DISABLE]
durability:
db 29 BB 7C 01 00 00
unregistersymbol(durability)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+11B621B
"EoCApp.exe"+11B61FE: B8 1F 85 EB 51 - mov eax,51EB851F
"EoCApp.exe"+11B6203: 41 F7 E8 - imul r8d
"EoCApp.exe"+11B6206: C1 FA 05 - sar edx,05
"EoCApp.exe"+11B6209: 8B CA - mov ecx,edx
"EoCApp.exe"+11B620B: C1 E9 1F - shr ecx,1F
"EoCApp.exe"+11B620E: 03 D1 - add edx,ecx
"EoCApp.exe"+11B6210: 6B CA 64 - imul ecx,edx,64
"EoCApp.exe"+11B6213: 44 2B C1 - sub r8d,ecx
"EoCApp.exe"+11B6216: 44 3B C6 - cmp r8d,esi
"EoCApp.exe"+11B6219: 7D 1E - jnl EoCApp.exe+11B6239
// ---------- INJECTING HERE ----------
"EoCApp.exe"+11B621B: 29 BB 7C 01 00 00 - sub [rbx+0000017C],edi
// ---------- DONE INJECTING ----------
"EoCApp.exe"+11B6221: 8B 83 7C 01 00 00 - mov eax,[rbx+0000017C]
"EoCApp.exe"+11B6227: 3B C5 - cmp eax,ebp
"EoCApp.exe"+11B6229: C6 83 79 01 00 00 01 - mov byte ptr [rbx+00000179],01
"EoCApp.exe"+11B6230: 0F 4C C5 - cmovl eax,ebp
"EoCApp.exe"+11B6233: 89 83 7C 01 00 00 - mov [rbx+0000017C],eax
"EoCApp.exe"+11B6239: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"EoCApp.exe"+11B623E: 48 8B 6C 24 38 - mov rbp,[rsp+38]
"EoCApp.exe"+11B6243: 48 8B 74 24 40 - mov rsi,[rsp+40]
"EoCApp.exe"+11B6248: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+11B624C: 5F - pop rdi
}
3497
"Player Pointers"
Auto Assembler Script
[ENABLE]
aobscanmodule(player,EoCApp.exe,93 00 00 00 0F 1F 40 00 4C 8B 2B 49 8B CD 49 8B 45 00)
alloc(newmem,$1000,player)
label(code)
label(return)
label(player_ptr)
newmem:
mov rcx,player_ptr
mov [rcx],r13
code:
mov rcx,r13
mov rax,[r13+00]
jmp return
player_ptr:
dq 0
player+0B:
jmp newmem
nop
nop
return:
registersymbol(player)
registersymbol(player_ptr)
[DISABLE]
player+0B:
db 49 8B CD 49 8B 45 00
unregistersymbol(player)
unregistersymbol(player_ptr)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+1074813
"EoCApp.exe"+10747EA: E8 31 24 E4 FF - call EoCApp.exe+EB6C20
"EoCApp.exe"+10747EF: 48 85 C0 - test rax,rax
"EoCApp.exe"+10747F2: 0F 84 AB 00 00 00 - je EoCApp.exe+10748A3
"EoCApp.exe"+10747F8: 48 8B 58 50 - mov rbx,[rax+50]
"EoCApp.exe"+10747FC: 8B 48 5C - mov ecx,[rax+5C]
"EoCApp.exe"+10747FF: 48 8D 3C CB - lea rdi,[rbx+rcx*8]
"EoCApp.exe"+1074803: 48 3B FB - cmp rdi,rbx
"EoCApp.exe"+1074806: 0F 84 93 00 00 00 - je EoCApp.exe+107489F
"EoCApp.exe"+107480C: 0F 1F 40 00 - nop [rax+00]
"EoCApp.exe"+1074810: 4C 8B 2B - mov r13,[rbx]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+1074813: 49 8B CD - mov rcx,r13
"EoCApp.exe"+1074816: 49 8B 45 00 - mov rax,[r13+00]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+107481A: FF 90 A8 00 00 00 - call qword ptr [rax+000000A8]
"EoCApp.exe"+1074820: 49 8B CD - mov rcx,r13
"EoCApp.exe"+1074823: F2 0F 10 00 - movsd xmm0,[rax]
"EoCApp.exe"+1074827: F2 0F 11 45 D7 - movsd [rbp-29],xmm0
"EoCApp.exe"+107482C: 8B 40 08 - mov eax,[rax+08]
"EoCApp.exe"+107482F: 89 45 DF - mov [rbp-21],eax
"EoCApp.exe"+1074832: E8 89 FA EC FF - call EoCApp.exe+F442C0
"EoCApp.exe"+1074837: 84 C0 - test al,al
"EoCApp.exe"+1074839: 74 0C - je EoCApp.exe+1074847
"EoCApp.exe"+107483B: 48 8D 55 D7 - lea rdx,[rbp-29]
}
3456
"Full Action Points (enemy too)"
Auto Assembler Script
[ENABLE]
aobscanmodule(max_ap,EoCApp.exe,7E 06 89 BB 6C 01 00 00)
max_ap:
db 90 90
registersymbol(max_ap)
[DISABLE]
max_ap:
db 7E 06
unregistersymbol(max_ap)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+11C08D9
"EoCApp.exe"+11C08B9: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"EoCApp.exe"+11C08BC: F3 0F 5E D0 - divss xmm2,xmm0
"EoCApp.exe"+11C08C0: 0F 2F CA - comiss xmm1,xmm2
"EoCApp.exe"+11C08C3: 76 02 - jna EoCApp.exe+11C08C7
"EoCApp.exe"+11C08C5: FF C7 - inc edi
"EoCApp.exe"+11C08C7: 40 84 ED - test bpl,bpl
"EoCApp.exe"+11C08CA: 8B C7 - mov eax,edi
"EoCApp.exe"+11C08CC: 48 8B 6C 24 30 - mov rbp,[rsp+30]
"EoCApp.exe"+11C08D1: 75 0E - jne EoCApp.exe+11C08E1
"EoCApp.exe"+11C08D3: 39 BB 6C 01 00 00 - cmp [rbx+0000016C],edi
// ---------- INJECTING HERE ----------
"EoCApp.exe"+11C08D9: 7E 06 - jle EoCApp.exe+11C08E1
"EoCApp.exe"+11C08DB: 89 BB 6C 01 00 00 - mov [rbx+0000016C],edi
// ---------- DONE INJECTING ----------
"EoCApp.exe"+11C08E1: 48 8B 5C 24 48 - mov rbx,[rsp+48]
"EoCApp.exe"+11C08E6: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+11C08EA: 5F - pop rdi
"EoCApp.exe"+11C08EB: C3 - ret
"EoCApp.exe"+11C08EC: CC - int 3
"EoCApp.exe"+11C08ED: CC - int 3
"EoCApp.exe"+11C08EE: CC - int 3
"EoCApp.exe"+11C08EF: CC - int 3
"EoCApp.exe"+11C08F0: CC - int 3
"EoCApp.exe"+11C08F1: CC - int 3
}
3542
"Full Durability"
Auto Assembler Script
[ENABLE]
aobscanmodule(full_durability,EoCApp.exe,8B 83 7C 01 00 00 41 39)
alloc(newmem,$1000,full_durability)
label(code)
label(return)
newmem:
mov rax,[rbx+1A8]
mov eax,[rax+184]
mov [rbx+0000017C],eax
code:
//mov eax,[rbx+0000017C]
jmp return
full_durability:
jmp newmem
nop
return:
registersymbol(full_durability)
[DISABLE]
full_durability:
db 8B 83 7C 01 00 00
unregistersymbol(full_durability)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+10736FD
"EoCApp.exe"+10736D1: 24 01 - and al,01
"EoCApp.exe"+10736D3: C0 E0 06 - shl al,06
"EoCApp.exe"+10736D6: 41 08 86 9F 00 00 00 - or [r14+0000009F],al
"EoCApp.exe"+10736DD: 41 0F B6 86 9F 00 00 00 - movzx eax,byte ptr [r14+0000009F]
"EoCApp.exe"+10736E5: C0 E8 06 - shr al,06
"EoCApp.exe"+10736E8: 24 01 - and al,01
"EoCApp.exe"+10736EA: 88 45 96 - mov [rbp-6A],al
"EoCApp.exe"+10736ED: 49 8B 9F E0 00 00 00 - mov rbx,[r15+000000E0]
"EoCApp.exe"+10736F4: 48 85 DB - test rbx,rbx
"EoCApp.exe"+10736F7: 0F 84 B4 00 00 00 - je EoCApp.exe+10737B1
// ---------- INJECTING HERE ----------
"EoCApp.exe"+10736FD: 8B 83 7C 01 00 00 - mov eax,[rbx+0000017C]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+1073703: 41 39 46 54 - cmp [r14+54],eax
"EoCApp.exe"+1073707: 74 15 - je EoCApp.exe+107371E
"EoCApp.exe"+1073709: 81 4C 24 20 00 80 00 00 - or [rsp+20],00008000
"EoCApp.exe"+1073711: 8B 83 7C 01 00 00 - mov eax,[rbx+0000017C]
"EoCApp.exe"+1073717: 41 89 46 54 - mov [r14+54],eax
"EoCApp.exe"+107371B: 89 45 A4 - mov [rbp-5C],eax
"EoCApp.exe"+107371E: 48 8B CB - mov rcx,rbx
"EoCApp.exe"+1073721: E8 BA 76 14 00 - call EoCApp.exe+11BADE0
"EoCApp.exe"+1073726: 41 39 46 6C - cmp [r14+6C],eax
"EoCApp.exe"+107372A: 74 17 - je EoCApp.exe+1073743
}
3568
"Inventory"
Auto Assembler Script
[ENABLE]
aobscanmodule(inventory,EoCApp.exe,8B 87 6C 01 00 00 39)
registersymbol(inventory)
[DISABLE]
unregistersymbol(inventory)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+142B9A9
"EoCApp.exe"+142B986: 74 05 - je EoCApp.exe+142B98D
"EoCApp.exe"+142B988: 8B 40 0C - mov eax,[rax+0C]
"EoCApp.exe"+142B98B: EB 06 - jmp EoCApp.exe+142B993
"EoCApp.exe"+142B98D: 8B 87 2C 02 00 00 - mov eax,[rdi+0000022C]
"EoCApp.exe"+142B993: 39 43 60 - cmp [rbx+60],eax
"EoCApp.exe"+142B996: 74 11 - je EoCApp.exe+142B9A9
"EoCApp.exe"+142B998: 49 0F BA EF 12 - bts r15,12
"EoCApp.exe"+142B99D: 89 44 24 68 - mov [rsp+68],eax
"EoCApp.exe"+142B9A1: 4C 89 7C 24 50 - mov [rsp+50],r15
"EoCApp.exe"+142B9A6: 89 43 60 - mov [rbx+60],eax
// ---------- INJECTING HERE ----------
"EoCApp.exe"+142B9A9: 8B 87 6C 01 00 00 - mov eax,[rdi+0000016C]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+142B9AF: 39 43 58 - cmp [rbx+58],eax
"EoCApp.exe"+142B9B2: 74 10 - je EoCApp.exe+142B9C4
"EoCApp.exe"+142B9B4: 49 83 CF 04 - or r15,04
"EoCApp.exe"+142B9B8: 89 44 24 6C - mov [rsp+6C],eax
"EoCApp.exe"+142B9BC: 4C 89 7C 24 50 - mov [rsp+50],r15
"EoCApp.exe"+142B9C1: 89 43 58 - mov [rbx+58],eax
"EoCApp.exe"+142B9C4: 48 8B 87 88 01 00 00 - mov rax,[rdi+00000188]
"EoCApp.exe"+142B9CB: 4C 8D 63 70 - lea r12,[rbx+70]
"EoCApp.exe"+142B9CF: 49 39 04 24 - cmp [r12],rax
"EoCApp.exe"+142B9D3: 74 64 - je EoCApp.exe+142BA39
}
3546
"Full Vitality"
Auto Assembler Script
[ENABLE]
aobscanmodule(health,EoCApp.exe,00 00 00 00 48 8B 85 68 01 00 00 48 8B 0C D8 48 8B 01)
alloc(newmem,$1000,health)
label(code)
label(return)
newmem:
code:
mov rcx,[rax+rbx*8]
push rbx
mov rbx,[rcx+F8]
mov rax,[rbx+268]
mov [rbx+154],rax
pop rbx
mov rax,[rcx]
jmp return
health+0B:
jmp code
nop
nop
return:
registersymbol(health)
[DISABLE]
health+0B:
db 48 8B 0C D8 48 8B 01
unregistersymbol(health)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+F0ADF7
"EoCApp.exe"+F0ADC3: FF 90 A8 00 00 00 - call qword ptr [rax+000000A8]
"EoCApp.exe"+F0ADC9: 48 8B 2D 10 11 28 01 - mov rbp,[EoCApp.exe+218BEE0]
"EoCApp.exe"+F0ADD0: 8B FE - mov edi,esi
"EoCApp.exe"+F0ADD2: 4C 8B F8 - mov r15,rax
"EoCApp.exe"+F0ADD5: 48 8B DE - mov rbx,rsi
"EoCApp.exe"+F0ADD8: 44 8B B5 74 01 00 00 - mov r14d,[rbp+00000174]
"EoCApp.exe"+F0ADDF: 4D 85 F6 - test r14,r14
"EoCApp.exe"+F0ADE2: 0F 84 A3 00 00 00 - je EoCApp.exe+F0AE8B
"EoCApp.exe"+F0ADE8: 0F 1F 84 00 00 00 00 00 - nop [rax+rax+00000000]
"EoCApp.exe"+F0ADF0: 48 8B 85 68 01 00 00 - mov rax,[rbp+00000168]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+F0ADF7: 48 8B 0C D8 - mov rcx,[rax+rbx*8]
"EoCApp.exe"+F0ADFB: 48 8B 01 - mov rax,[rcx]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+F0ADFE: FF 90 A8 00 00 00 - call qword ptr [rax+000000A8]
"EoCApp.exe"+F0AE04: 48 8B 8D 68 01 00 00 - mov rcx,[rbp+00000168]
"EoCApp.exe"+F0AE0B: F2 0F 10 00 - movsd xmm0,[rax]
"EoCApp.exe"+F0AE0F: F2 0F 11 44 24 20 - movsd [rsp+20],xmm0
"EoCApp.exe"+F0AE15: 8B 40 08 - mov eax,[rax+08]
"EoCApp.exe"+F0AE18: 89 44 24 28 - mov [rsp+28],eax
"EoCApp.exe"+F0AE1C: 48 8B 0C D9 - mov rcx,[rcx+rbx*8]
"EoCApp.exe"+F0AE20: E8 9B 94 03 00 - call EoCApp.exe+F442C0
"EoCApp.exe"+F0AE25: 84 C0 - test al,al
"EoCApp.exe"+F0AE27: 74 15 - je EoCApp.exe+F0AE3E
}
3550
"Full Action Points"
Auto Assembler Script
[ENABLE]
aobscanmodule(actions,EoCApp.exe,39 BB 6C 01 00 00)
alloc(newmem,$1000,actions)
label(code)
label(return)
newmem:
push rax
mov rax,[rbx+30]
cmp dword ptr [rax],'Play'
jne code
cmp word ptr [rax+4],'er'
jne code
mov [rbx+0000016C],edi
code:
pop rax
cmp [rbx+0000016C],edi
jmp return
actions:
jmp newmem
nop
return:
registersymbol(actions)
[DISABLE]
actions:
db 39 BB 6C 01 00 00
unregistersymbol(actions)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+11C08D3
"EoCApp.exe"+11C08B6: 0F 5B D2 - cvtdq2ps xmm2,xmm2
"EoCApp.exe"+11C08B9: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"EoCApp.exe"+11C08BC: F3 0F 5E D0 - divss xmm2,xmm0
"EoCApp.exe"+11C08C0: 0F 2F CA - comiss xmm1,xmm2
"EoCApp.exe"+11C08C3: 76 02 - jna EoCApp.exe+11C08C7
"EoCApp.exe"+11C08C5: FF C7 - inc edi
"EoCApp.exe"+11C08C7: 40 84 ED - test bpl,bpl
"EoCApp.exe"+11C08CA: 8B C7 - mov eax,edi
"EoCApp.exe"+11C08CC: 48 8B 6C 24 30 - mov rbp,[rsp+30]
"EoCApp.exe"+11C08D1: 75 0E - jne EoCApp.exe+11C08E1
// ---------- INJECTING HERE ----------
"EoCApp.exe"+11C08D3: 39 BB 6C 01 00 00 - cmp [rbx+0000016C],edi
// ---------- DONE INJECTING ----------
"EoCApp.exe"+11C08D9: 7E 06 - jle EoCApp.exe+11C08E1
"EoCApp.exe"+11C08DB: 89 BB 6C 01 00 00 - mov [rbx+0000016C],edi
"EoCApp.exe"+11C08E1: 48 8B 5C 24 48 - mov rbx,[rsp+48]
"EoCApp.exe"+11C08E6: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+11C08EA: 5F - pop rdi
"EoCApp.exe"+11C08EB: C3 - ret
"EoCApp.exe"+11C08EC: CC - int 3
"EoCApp.exe"+11C08ED: CC - int 3
"EoCApp.exe"+11C08EE: CC - int 3
"EoCApp.exe"+11C08EF: CC - int 3
}
3652
"Luck"
Auto Assembler Script
[ENABLE]
aobscanmodule(luck,EoCApp.exe,45 03 BA 58 01 00 00)
registersymbol(luck)
[DISABLE]
unregistersymbol(luck)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12AB11A
"EoCApp.exe"+12AB0FD: 74 2E - je EoCApp.exe+12AB12D
"EoCApp.exe"+12AB0FF: 90 - nop
"EoCApp.exe"+12AB100: 4D 8B 10 - mov r10,[r8]
"EoCApp.exe"+12AB103: 41 8B 92 A8 01 00 00 - mov edx,[r10+000001A8]
"EoCApp.exe"+12AB10A: 85 D2 - test edx,edx
"EoCApp.exe"+12AB10C: 74 0C - je EoCApp.exe+12AB11A
"EoCApp.exe"+12AB10E: 48 8B CD - mov rcx,rbp
"EoCApp.exe"+12AB111: E8 2A 95 40 00 - call EoCApp.exe+16B4640
"EoCApp.exe"+12AB116: 84 C0 - test al,al
"EoCApp.exe"+12AB118: 74 07 - je EoCApp.exe+12AB121
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12AB11A: 45 03 BA 58 01 00 00 - add r15d,[r10+00000158]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12AB121: 49 83 C0 08 - add r8,08
"EoCApp.exe"+12AB125: 49 FF C1 - inc r9
"EoCApp.exe"+12AB128: 4D 3B CB - cmp r9,r11
"EoCApp.exe"+12AB12B: 75 D3 - jne EoCApp.exe+12AB100
"EoCApp.exe"+12AB12D: 48 8B B5 68 02 00 00 - mov rsi,[rbp+00000268]
"EoCApp.exe"+12AB134: 44 8B D7 - mov r10d,edi
"EoCApp.exe"+12AB137: 4C 8B 9D 70 02 00 00 - mov r11,[rbp+00000270]
"EoCApp.exe"+12AB13E: 66 90 - nop
"EoCApp.exe"+12AB140: 48 8B C6 - mov rax,rsi
"EoCApp.exe"+12AB143: 49 3B F3 - cmp rsi,r11
}
3653
"Skill Find 1"
Auto Assembler Script
[ENABLE]
aobscanmodule(skill_find_1,EoCApp.exe,44 89 84 A8 D4 00 00 00)
registersymbol(skill_find_1)
[DISABLE]
unregistersymbol(skill_find_1)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+16EBB1E
"EoCApp.exe"+16EBAF8: 33 DB - xor ebx,ebx
"EoCApp.exe"+16EBAFA: 48 8B 81 50 02 00 00 - mov rax,[rcx+00000250]
"EoCApp.exe"+16EBB01: 48 2B 81 48 02 00 00 - sub rax,[rcx+00000248]
"EoCApp.exe"+16EBB08: 48 C1 F8 03 - sar rax,03
"EoCApp.exe"+16EBB0C: 85 C0 - test eax,eax
"EoCApp.exe"+16EBB0E: 7F 04 - jg EoCApp.exe+16EBB14
"EoCApp.exe"+16EBB10: 8B C3 - mov eax,ebx
"EoCApp.exe"+16EBB12: EB 0A - jmp EoCApp.exe+16EBB1E
"EoCApp.exe"+16EBB14: 48 8B 81 48 02 00 00 - mov rax,[rcx+00000248]
"EoCApp.exe"+16EBB1B: 48 8B 00 - mov rax,[rax]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+16EBB1E: 44 89 84 A8 D4 00 00 00 - mov [rax+rbp*4+000000D4],r8d
// ---------- DONE INJECTING ----------
"EoCApp.exe"+16EBB26: 48 8B 46 48 - mov rax,[rsi+48]
"EoCApp.exe"+16EBB2A: 8B 14 A8 - mov edx,[rax+rbp*4]
"EoCApp.exe"+16EBB2D: 41 3B D0 - cmp edx,r8d
"EoCApp.exe"+16EBB30: 0F 84 04 01 00 00 - je EoCApp.exe+16EBC3A
"EoCApp.exe"+16EBB36: 4C 89 74 24 38 - mov [rsp+38],r14
"EoCApp.exe"+16EBB3B: 45 8B F0 - mov r14d,r8d
"EoCApp.exe"+16EBB3E: 44 2B F2 - sub r14d,edx
"EoCApp.exe"+16EBB41: 44 89 04 A8 - mov [rax+rbp*4],r8d
"EoCApp.exe"+16EBB45: 45 84 C9 - test r9l,r9l
"EoCApp.exe"+16EBB48: 0F 85 94 00 00 00 - jne EoCApp.exe+16EBBE2
}
3654
"Skill Find 2"
Auto Assembler Script
[ENABLE]
aobscanmodule(skill_find_2,EoCApp.exe,8B 04 88 48 8B 4C 24 40)
registersymbol(skill_find_2)
[DISABLE]
unregistersymbol(skill_find_2)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+F0B59A
"EoCApp.exe"+F0B573: 74 0C - je EoCApp.exe+F0B581
"EoCApp.exe"+F0B575: 48 8B 01 - mov rax,[rcx]
"EoCApp.exe"+F0B578: 48 3B C2 - cmp rax,rdx
"EoCApp.exe"+F0B57B: 74 04 - je EoCApp.exe+F0B581
"EoCApp.exe"+F0B57D: 66 44 89 20 - mov [rax],r12w
"EoCApp.exe"+F0B581: 48 8B 44 24 78 - mov rax,[rsp+78]
"EoCApp.exe"+F0B586: 48 8D 95 B4 07 00 00 - lea rdx,[rbp+000007B4]
"EoCApp.exe"+F0B58D: 48 03 D7 - add rdx,rdi
"EoCApp.exe"+F0B590: 48 63 CB - movsxd rcx,ebx
"EoCApp.exe"+F0B593: 48 8B 80 20 02 00 00 - mov rax,[rax+00000220]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+F0B59A: 8B 04 88 - mov eax,[rax+rcx*4]
"EoCApp.exe"+F0B59D: 48 8B 4C 24 40 - mov rcx,[rsp+40]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+F0B5A2: 03 84 11 C0 02 00 00 - add eax,[rcx+rdx+000002C0]
"EoCApp.exe"+F0B5A9: 8B 0A - mov ecx,[rdx]
"EoCApp.exe"+F0B5AB: 8B 94 3D E4 02 00 00 - mov edx,[rbp+rdi+000002E4]
"EoCApp.exe"+F0B5B2: 89 44 24 60 - mov [rsp+60],eax
"EoCApp.exe"+F0B5B6: 8B 84 3D 04 09 00 00 - mov eax,[rbp+rdi+00000904]
"EoCApp.exe"+F0B5BD: 3B C2 - cmp eax,edx
"EoCApp.exe"+F0B5BF: 75 1A - jne EoCApp.exe+F0B5DB
"EoCApp.exe"+F0B5C1: 3B C1 - cmp eax,ecx
"EoCApp.exe"+F0B5C3: 7E 07 - jle EoCApp.exe+F0B5CC
"EoCApp.exe"+F0B5C5: BF 29 00 00 00 - mov edi,00000029
}
3655
"Skill Find 3"
Auto Assembler Script
[ENABLE]
aobscanmodule(skill_find_3,EoCApp.exe,43 03 B4 BB D4 00 00 00)
registersymbol(skill_find_3)
[DISABLE]
unregistersymbol(skill_find_3)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+16E1F3A
"EoCApp.exe"+16E1F17: 74 35 - je EoCApp.exe+16E1F4E
"EoCApp.exe"+16E1F19: 0F 1F 80 00 00 00 00 - nop [rax+00000000]
"EoCApp.exe"+16E1F20: 4D 8B 19 - mov r11,[r9]
"EoCApp.exe"+16E1F23: 41 8B 93 A8 01 00 00 - mov edx,[r11+000001A8]
"EoCApp.exe"+16E1F2A: 85 D2 - test edx,edx
"EoCApp.exe"+16E1F2C: 74 0C - je EoCApp.exe+16E1F3A
"EoCApp.exe"+16E1F2E: 48 8B CD - mov rcx,rbp
"EoCApp.exe"+16E1F31: E8 0A 27 FD FF - call EoCApp.exe+16B4640
"EoCApp.exe"+16E1F36: 84 C0 - test al,al
"EoCApp.exe"+16E1F38: 74 08 - je EoCApp.exe+16E1F42
// ---------- INJECTING HERE ----------
"EoCApp.exe"+16E1F3A: 43 03 B4 BB D4 00 00 00 - add esi,[r11+r15*4+000000D4]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+16E1F42: 49 83 C1 08 - add r9,08
"EoCApp.exe"+16E1F46: 49 FF C2 - inc r10
"EoCApp.exe"+16E1F49: 4C 3B D3 - cmp r10,rbx
"EoCApp.exe"+16E1F4C: 75 D2 - jne EoCApp.exe+16E1F20
"EoCApp.exe"+16E1F4E: 41 83 FF 14 - cmp r15d,14
"EoCApp.exe"+16E1F52: 7C 15 - jl EoCApp.exe+16E1F69
"EoCApp.exe"+16E1F54: 41 83 FF 1F - cmp r15d,1F
"EoCApp.exe"+16E1F58: 7E 70 - jle EoCApp.exe+16E1FCA
"EoCApp.exe"+16E1F5A: 41 83 FF 21 - cmp r15d,21
"EoCApp.exe"+16E1F5E: 74 6A - je EoCApp.exe+16E1FCA
}
3656
"Skill Find 4"
Auto Assembler Script
[ENABLE]
aobscanmodule(skill_find_4,EoCApp.exe,44 8B 04 91 47 03 04 0E)
registersymbol(skill_find_4)
[DISABLE]
unregistersymbol(skill_find_4)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+146B351
"EoCApp.exe"+146B32D: 41 8B DC - mov ebx,r12d
"EoCApp.exe"+146B330: 8B 7C 24 78 - mov edi,[rsp+78]
"EoCApp.exe"+146B334: 49 83 C6 34 - add r14,34
"EoCApp.exe"+146B338: 80 7C 24 31 00 - cmp byte ptr [rsp+31],00
"EoCApp.exe"+146B33D: 75 32 - jne EoCApp.exe+146B371
"EoCApp.exe"+146B33F: 8B CB - mov ecx,ebx
"EoCApp.exe"+146B341: E8 DA B0 22 00 - call EoCApp.exe+1696420
"EoCApp.exe"+146B346: 48 8B 4E 48 - mov rcx,[rsi+48]
"EoCApp.exe"+146B34A: 4D 8B 4F 30 - mov r9,[r15+30]
"EoCApp.exe"+146B34E: 48 63 D3 - movsxd rdx,ebx
// ---------- INJECTING HERE ----------
"EoCApp.exe"+146B351: 44 8B 04 91 - mov r8d,[rcx+rdx*4]
"EoCApp.exe"+146B355: 47 03 04 0E - add r8d,[r14+r9]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+146B359: 44 3B C0 - cmp r8d,eax
"EoCApp.exe"+146B35C: 7E 0B - jle EoCApp.exe+146B369
"EoCApp.exe"+146B35E: 44 8B C0 - mov r8d,eax
"EoCApp.exe"+146B361: 44 89 64 24 60 - mov [rsp+60],r12d
"EoCApp.exe"+146B366: 41 8B FC - mov edi,r12d
"EoCApp.exe"+146B369: 43 0F B6 44 29 18 - movzx eax,byte ptr [r9+r13+18]
"EoCApp.exe"+146B36F: EB 0E - jmp EoCApp.exe+146B37F
"EoCApp.exe"+146B371: 49 8B 4F 30 - mov rcx,[r15+30]
"EoCApp.exe"+146B375: 42 0F B6 44 29 18 - movzx eax,byte ptr [rcx+r13+18]
"EoCApp.exe"+146B37B: 45 8B 04 0E - mov r8d,[r14+rcx]
}
3662
"Check Luck"
Auto Assembler Script
[ENABLE]
aobscanmodule(check_luck,EoCApp.exe,8B B4 24 80 00 00 00 40)
registersymbol(check_luck)
[DISABLE]
unregistersymbol(check_luck)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12AB373
"EoCApp.exe"+12AB352: 49 8B CE - mov rcx,r14
"EoCApp.exe"+12AB355: 4C 8D 04 F8 - lea r8,[rax+rdi*8]
"EoCApp.exe"+12AB359: E8 D2 B4 FF FF - call EoCApp.exe+12A6830
"EoCApp.exe"+12AB35E: 84 C0 - test al,al
"EoCApp.exe"+12AB360: 0F B6 DB - movzx ebx,bl
"EoCApp.exe"+12AB363: B8 01 00 00 00 - mov eax,00000001
"EoCApp.exe"+12AB368: 0F 45 D8 - cmovne ebx,eax
"EoCApp.exe"+12AB36B: 48 FF C7 - inc rdi
"EoCApp.exe"+12AB36E: 48 3B FE - cmp rdi,rsi
"EoCApp.exe"+12AB371: 72 CD - jb EoCApp.exe+12AB340
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12AB373: 8B B4 24 80 00 00 00 - mov esi,[rsp+00000080]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12AB37A: 40 32 FF - xor dil,dil
"EoCApp.exe"+12AB37D: 83 FE 05 - cmp esi,05
"EoCApp.exe"+12AB380: 77 43 - ja EoCApp.exe+12AB3C5
"EoCApp.exe"+12AB382: 48 8D 15 77 4C D5 FE - lea rdx,[EoCApp.exe]
"EoCApp.exe"+12AB389: 48 63 C6 - movsxd rax,esi
"EoCApp.exe"+12AB38C: 8B 8C 82 44 B4 2A 01 - mov ecx,[rdx+rax*4+012AB444]
"EoCApp.exe"+12AB393: 48 03 CA - add rcx,rdx
"EoCApp.exe"+12AB396: FF E1 - jmp rcx
"EoCApp.exe"+12AB398: 4C 8D 05 09 EE C7 00 - lea r8,[EoCApp.exe+1F2A1A8]
"EoCApp.exe"+12AB39F: EB 2B - jmp EoCApp.exe+12AB3CC
}
3659
"Magic Find"
Auto Assembler Script
[ENABLE]
aobscanmodule(magic_find,EoCApp.exe,85 C9 0F 49 F1 EB)
magic_find:
db BE
dd #100
registersymbol(magic_find)
[DISABLE]
magic_find:
db 85 C9 0F 49 F1
unregistersymbol(magic_find)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+12AB2C0
"EoCApp.exe"+12AB29F: 49 3B DA - cmp rbx,r10
"EoCApp.exe"+12AB2A2: 75 CC - jne EoCApp.exe+12AB270
"EoCApp.exe"+12AB2A4: BA 69 00 00 00 - mov edx,00000069
"EoCApp.exe"+12AB2A9: 48 8B CD - mov rcx,rbp
"EoCApp.exe"+12AB2AC: E8 1F F6 40 00 - call EoCApp.exe+16BA8D0
"EoCApp.exe"+12AB2B1: 4C 8B 7C 24 38 - mov r15,[rsp+38]
"EoCApp.exe"+12AB2B6: 8D 4E 01 - lea ecx,[rsi+01]
"EoCApp.exe"+12AB2B9: 84 C0 - test al,al
"EoCApp.exe"+12AB2BB: 0F 44 CE - cmove ecx,esi
"EoCApp.exe"+12AB2BE: 8B F7 - mov esi,edi
// ---------- INJECTING HERE ----------
"EoCApp.exe"+12AB2C0: 85 C9 - test ecx,ecx
"EoCApp.exe"+12AB2C2: 0F 49 F1 - cmovns esi,ecx
// ---------- DONE INJECTING ----------
"EoCApp.exe"+12AB2C5: EB 5B - jmp EoCApp.exe+12AB322
"EoCApp.exe"+12AB2C7: 48 2B C6 - sub rax,rsi
"EoCApp.exe"+12AB2CA: 48 C1 F8 03 - sar rax,03
"EoCApp.exe"+12AB2CE: 83 F8 FF - cmp eax,-01
"EoCApp.exe"+12AB2D1: 0F 84 C7 FE FF FF - je EoCApp.exe+12AB19E
"EoCApp.exe"+12AB2D7: 48 63 C8 - movsxd rcx,eax
"EoCApp.exe"+12AB2DA: 48 8B 04 CE - mov rax,[rsi+rcx*8]
"EoCApp.exe"+12AB2DE: 48 63 08 - movsxd rcx,dword ptr [rax]
"EoCApp.exe"+12AB2E1: 48 8B 85 E8 00 00 00 - mov rax,[rbp+000000E8]
"EoCApp.exe"+12AB2E8: 48 8B 50 10 - mov rdx,[rax+10]
}
3908
"Global Variables"
1
3900
"Base Address"
String
0
0
0
1
EoCApp.exe+298EAB8
2E0
3901
"Size"
4 Bytes
+0
0
3902
"Item 1"
String
0
0
0
1
+0
0*8
8
3903
"Name"
String
64
0
0
1
+0
0
8
3904
"Value"
Float
+0
10
4023
"Item 1"
String
0
0
0
1
+0
0
4024
"Name"
String
64
0
0
1
+0
0
8
4025
"Value"
Float
+0
10
3905
"Item 2"
String
0
0
0
1
+0
1*8
8
3906
"Name"
String
64
0
0
1
+0
0
8
3907
"Value"
Float
+0
10
3909
"Item 3"
String
0
0
0
1
+0
2*8
8
3910
"Name"
String
64
0
0
1
+0
0
8
3911
"Value"
Float
+0
10
3912
"Item 4"
String
0
0
0
1
+0
3*8
8
3913
"Name"
String
64
0
0
1
+0
0
8
3914
"Value"
Float
+0
10
3915
"Item 5"
String
0
0
0
1
+0
4*8
8
3916
"Name"
String
64
0
0
1
+0
0
8
3917
"Value"
Float
+0
10
3918
"Item 6"
String
0
0
0
1
+0
5*8
8
3919
"Name"
String
64
0
0
1
+0
0
8
3920
"Value"
Float
+0
10
3921
"Item 7"
String
0
0
0
1
+0
6*8
8
3922
"Name"
String
64
0
0
1
+0
0
8
3923
"Value"
Float
+0
10
3924
"Item 8"
String
0
0
0
1
+0
7*8
8
3925
"Name"
String
64
0
0
1
+0
0
8
3926
"Value"
Float
+0
10
3927
"Item 9"
String
0
0
0
1
+0
8*8
8
3928
"Name"
String
64
0
0
1
+0
0
8
3929
"Value"
Float
+0
10
3930
"Item 10"
String
0
0
0
1
+0
9*8
8
3931
"Name"
String
64
0
0
1
+0
0
8
3932
"Value"
Float
+0
10
3933
"Item 11"
String
0
0
0
1
+0
10*8
8
3934
"Name"
String
64
0
0
1
+0
0
8
3935
"Value"
Float
+0
10
4026
"Item 1"
String
0
0
0
1
+0
0
4027
"Name"
String
64
0
0
1
+0
0
8
4028
"Value"
Float
+0
10
4029
"Item 1"
String
0
0
0
1
+0
0
4030
"Name"
String
64
0
0
1
+0
0
8
4031
"Value"
Float
+0
10
4032
"Item 1"
String
0
0
0
1
+0
0
4033
"Name"
String
64
0
0
1
+0
0
8
4034
"Value"
Float
+0
10
3936
"Item 12"
String
0
0
0
1
+0
11*8
8
3937
"Name"
String
64
0
0
1
+0
0
8
3938
"Value"
Float
+0
10
3939
"Item 13"
String
0
0
0
1
+0
12*8
8
3940
"Name"
String
64
0
0
1
+0
0
8
3941
"Value"
Float
+0
10
3942
"Item 14"
String
0
0
0
1
+0
13*8
8
3943
"Name"
String
64
0
0
1
+0
0
8
3944
"Value"
Float
+0
10
3945
"Item 15"
String
0
0
0
1
+0
14*8
8
3946
"Name"
String
64
0
0
1
+0
0
8
3947
"Value"
Float
+0
10
3948
"Item 16"
String
0
0
0
1
+0
15*8
8
3949
"Name"
String
64
0
0
1
+0
0
8
3950
"Value"
Float
+0
10
3951
"Item 17"
String
0
0
0
1
+0
16*8
8
3952
"Name"
String
64
0
0
1
+0
0
8
3953
"Value"
Float
+0
10
3954
"Item 18"
String
0
0
0
1
+0
17*8
8
3955
"Name"
String
64
0
0
1
+0
0
8
3956
"Value"
Float
+0
10
3957
"Item 19"
String
0
0
0
1
+0
18*8
8
3958
"Name"
String
64
0
0
1
+0
0
8
3959
"Value"
Float
+0
10
3960
"Item 20"
String
0
0
0
1
+0
19*8
8
3961
"Name"
String
64
0
0
1
+0
0
8
3962
"Value"
Float
+0
10
3963
"Item 21"
String
0
0
0
1
+0
20*8
8
3964
"Name"
String
64
0
0
1
+0
0
8
3965
"Value"
Float
+0
10
3966
"Item 22"
String
0
0
0
1
+0
21*8
8
3967
"Name"
String
64
0
0
1
+0
0
8
3968
"Value"
Float
+0
10
3969
"Item 23"
String
0
0
0
1
+0
22*8
8
3970
"Name"
String
64
0
0
1
+0
0
8
3971
"Value"
Float
+0
10
3972
"Item 24"
String
0
0
0
1
+0
23*8
8
3973
"Name"
String
64
0
0
1
+0
0
8
3974
"Value"
Float
+0
10
3975
"Item 25"
String
0
0
0
1
+0
24*8
8
3976
"Name"
String
64
0
0
1
+0
0
8
3977
"Value"
Float
+0
10
3978
"Item 26"
String
0
0
0
1
+0
25*8
8
3979
"Name"
String
64
0
0
1
+0
0
8
3980
"Value"
Float
+0
10
3981
"Item 27"
String
0
0
0
1
+0
26*8
8
3982
"Name"
String
64
0
0
1
+0
0
8
3983
"Value"
Float
+0
10
3984
"Item 28"
String
0
0
0
1
+0
27*8
8
3985
"Name"
String
64
0
0
1
+0
0
8
3986
"Value"
Float
+0
10
3987
"Item 29"
String
0
0
0
1
+0
28*8
8
3988
"Name"
String
64
0
0
1
+0
0
8
3989
"Value"
Float
+0
10
3990
"Item 30"
String
0
0
0
1
+0
29*8
8
3991
"Name"
String
64
0
0
1
+0
0
8
3992
"Value"
Float
+0
10
3993
"Item 31"
String
0
0
0
1
+0
30*8
8
3994
"Name"
String
64
0
0
1
+0
0
8
3995
"Value"
Float
+0
10
3996
"Item 32"
String
0
0
0
1
+0
31*8
8
3997
"Name"
String
64
0
0
1
+0
0
8
3998
"Value"
Float
+0
10
3999
"Item 33"
String
0
0
0
1
+0
32*8
8
4000
"Name"
String
64
0
0
1
+0
0
8
4001
"Value"
Float
+0
10
4002
"Item 34"
String
0
0
0
1
+0
33*8
8
4003
"Name"
String
64
0
0
1
+0
0
8
4004
"Value"
Float
+0
10
4005
"Item 35"
String
0
0
0
1
+0
34*8
8
4006
"Name"
String
64
0
0
1
+0
0
8
4007
"Value"
Float
+0
10
4008
"Item 36"
String
0
0
0
1
+0
35*8
8
4009
"Name"
String
64
0
0
1
+0
0
8
4010
"Value"
Float
+0
10
4011
"Item 37"
String
0
0
0
1
+0
36*8
8
4012
"Name"
String
64
0
0
1
+0
0
8
4013
"Value"
Float
+0
10
4014
"Item 38"
String
0
0
0
1
+0
37*8
8
4015
"Name"
String
64
0
0
1
+0
0
8
4016
"Value"
Float
+0
10
4017
"Item 39"
String
0
0
0
1
+0
38*8
8
4018
"Name"
String
64
0
0
1
+0
0
8
4019
"Value"
Float
+0
10
4020
"Item 40"
String
0
0
0
1
+0
39*8
8
4021
"Name"
String
64
0
0
1
+0
0
8
4022
"Value"
Float
+0
10
10273
"Always Trigger Lucky Charm"
Auto Assembler Script
{ Game : EoCApp.exe
Version:
Date : 2017-09-29
Author : deVars
This script does blah blah blah
}
[ENABLE]
aobscanmodule(lucky_charm_trigger,EoCApp.exe,0F B6 F8 84 C0 74 1C) // should be unique
alloc(newmem,$200,lucky_charm_trigger)
label(code)
label(return)
newmem:
code:
mov al,01
movzx edi,al
test al,al
jmp return
lucky_charm_trigger:
jmp code
return:
registersymbol(lucky_charm_trigger)
[DISABLE]
lucky_charm_trigger:
db 0F B6 F8 84 C0
unregistersymbol(lucky_charm_trigger)
dealloc(newmem)
10286
"Highlight People"
Auto Assembler Script
[ENABLE]
aobscanmodule(highlight_people,EoCApp.exe,0F B6 89 F4 0B 00 00)
registersymbol(highlight_people)
[DISABLE]
unregistersymbol(highlight_people)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+EA13EB
"EoCApp.exe"+EA13C7: 48 85 C0 - test rax,rax
"EoCApp.exe"+EA13CA: 74 05 - je EoCApp.exe+EA13D1
"EoCApp.exe"+EA13CC: 8B 40 40 - mov eax,[rax+40]
"EoCApp.exe"+EA13CF: EB 06 - jmp EoCApp.exe+EA13D7
"EoCApp.exe"+EA13D1: 8B 05 B5 9E 0B 01 - mov eax,[EoCApp.exe+1F5B28C]
"EoCApp.exe"+EA13D7: C1 E8 18 - shr eax,18
"EoCApp.exe"+EA13DA: 84 C0 - test al,al
"EoCApp.exe"+EA13DC: 75 28 - jne EoCApp.exe+EA1406
"EoCApp.exe"+EA13DE: 48 8B 0D A3 0F 0B 01 - mov rcx,[EoCApp.exe+1F52388]
"EoCApp.exe"+EA13E5: 8B 81 E0 0B 00 00 - mov eax,[rcx+00000BE0]
// ---------- INJECTING HERE ----------
"EoCApp.exe"+EA13EB: 0F B6 89 F4 0B 00 00 - movzx ecx,byte ptr [rcx+00000BF4]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+EA13F2: 89 07 - mov [rdi],eax
"EoCApp.exe"+EA13F4: 48 8B 44 24 50 - mov rax,[rsp+50]
"EoCApp.exe"+EA13F9: 88 08 - mov [rax],cl
"EoCApp.exe"+EA13FB: 48 8B 74 24 40 - mov rsi,[rsp+40]
"EoCApp.exe"+EA1400: 48 83 C4 20 - add rsp,20
"EoCApp.exe"+EA1404: 5F - pop rdi
"EoCApp.exe"+EA1405: C3 - ret
"EoCApp.exe"+EA1406: 80 BE E8 02 00 00 80 - cmp byte ptr [rsi+000002E8],-80
"EoCApp.exe"+EA140D: 73 53 - jae EoCApp.exe+EA1462
"EoCApp.exe"+EA140F: 48 8B 0D 62 72 12 01 - mov rcx,[EoCApp.exe+1FC8678]
}
10296
"Highlight Color"
Auto Assembler Script
[ENABLE]
aobscanmodule(highlight_color,EoCApp.exe,0F 10 0C C8 41 0F B6 45 3E)
registersymbol(highlight_color)
[DISABLE]
unregistersymbol(highlight_color)
{
// ORIGINAL CODE - INJECTION POINT: "EoCApp.exe"+2759FD
"EoCApp.exe"+2759D2: 75 10 - jne EoCApp.exe+2759E4
"EoCApp.exe"+2759D4: 66 41 39 46 08 - cmp [r14+08],ax
"EoCApp.exe"+2759D9: 74 09 - je EoCApp.exe+2759E4
"EoCApp.exe"+2759DB: 66 85 C0 - test ax,ax
"EoCApp.exe"+2759DE: 0F 85 12 01 00 00 - jne EoCApp.exe+275AF6
"EoCApp.exe"+2759E4: 48 8B 05 9D C9 CD 01 - mov rax,[EoCApp.exe+1F52388]
"EoCApp.exe"+2759EB: 49 63 4D 38 - movsxd rcx,dword ptr [r13+38]
"EoCApp.exe"+2759EF: 45 8B 7D 2C - mov r15d,[r13+2C]
"EoCApp.exe"+2759F3: 48 81 C1 E7 00 00 00 - add rcx,000000E7
"EoCApp.exe"+2759FA: 48 03 C9 - add rcx,rcx
// ---------- INJECTING HERE ----------
"EoCApp.exe"+2759FD: 0F 10 0C C8 - movups xmm1,[rax+rcx*8]
"EoCApp.exe"+275A01: 41 0F B6 45 3E - movzx eax,byte ptr [r13+3E]
// ---------- DONE INJECTING ----------
"EoCApp.exe"+275A06: F3 0F 11 4C 24 38 - movss [rsp+38],xmm1
"EoCApp.exe"+275A0C: 0F 28 C1 - movaps xmm0,xmm1
"EoCApp.exe"+275A0F: 0F C6 C1 55 - shufps xmm0,xmm1,55
"EoCApp.exe"+275A13: 0F C6 C9 AA - shufps xmm1,xmm1,-56
"EoCApp.exe"+275A17: F3 0F 11 4C 24 40 - movss [rsp+40],xmm1
"EoCApp.exe"+275A1D: F3 0F 11 44 24 3C - movss [rsp+3C],xmm0
"EoCApp.exe"+275A23: 4D 85 FF - test r15,r15
"EoCApp.exe"+275A26: 0F 84 CA 00 00 00 - je EoCApp.exe+275AF6
"EoCApp.exe"+275A2C: 33 FF - xor edi,edi
"EoCApp.exe"+275A2E: 44 0F B6 E0 - movzx r12d,al
}
10315
"No description"
4 Bytes
7FF4B2F2ADEC
gold
7FF7D20FCC25
inventory
7FF617F688C1
actions_save
7FF618840000
att_search
7FF6494E30A0
combat_turn
7FF7A088D707
combat_turn_ptr
7FF79F920021
last_item_moved
7FF7A08EE77B
last_item_moved_ptr
7FF79F910021
full_durability
7FF7A09C36FD