23935
"=================="
1
23930
"=== Update 13/07/19 ==="
808080
Auto Assembler Script
[ENABLE]
{$lua}
if not syntaxcheck then
function cycleFullCompact( sender, force )
local state = not( compactmenuitem.Caption == 'Compact View Mode' )
if force ~= nil then
state = not force
end
compactmenuitem.Caption = state and 'Compact View Mode' or 'Full View Mode'
getMainForm().Splitter1.Visible = state
getMainForm().Panel4.Visible = state
getMainForm().Panel5.Visible = state
end
function addCompactMenu()
if compactmenualreadyexists then return end
local parent = getMainForm().Menu.Items
compactmenuitem = createMenuItem( parent )
parent.add( compactmenuitem )
compactmenuitem.Caption = 'Compact View Mode'
compactmenuitem.OnClick = cycleFullCompact
compactmenualreadyexists = 'yes'
end
addCompactMenu()
cycleFullCompact( nil, true )
end
[DISABLE]
{$lua}
if not syntaxcheck then
cycleFullCompact( nil, false )
end
23936
"=================="
1
24878
"------> Sushi-Maki <------"
FF00FF
1
24881
"[ In Battle ]"
0000FF
1
295
"Infinite Gas"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(UNGAS,AOT2_EU.exe,D1 F3 0F 11 91 50 02 00 00) // should be unique
registersymbol(UNGAS)
alloc(newmem,$1000,UNGAS)
label(code)
label(return)
newmem:
code:
//movss [rcx+00000250],xmm2
jmp return
UNGAS+01:
jmp newmem
nop
nop
nop
return:
[DISABLE]
UNGAS+01:
db F3 0F 11 91 50 02 00 00
unregistersymbol(UNGAS)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+3F878
"AOT2_AS.exe"+3F84C: 0F 28 C2 - movaps xmm0,xmm2
"AOT2_AS.exe"+3F84F: F3 0F 5D C1 - minss xmm0,xmm1
"AOT2_AS.exe"+3F853: 0F 28 C8 - movaps xmm1,xmm0
"AOT2_AS.exe"+3F856: F3 0F 58 89 50 02 00 00 - addss xmm1,dword ptr [rcx+00000250]
"AOT2_AS.exe"+3F85E: F3 0F 10 81 54 02 00 00 - movss xmm0,[rcx+00000254]
"AOT2_AS.exe"+3F866: 0F 2F C8 - comiss xmm1,xmm0
"AOT2_AS.exe"+3F869: 72 09 - jb AOT2_AS.exe+3F874
"AOT2_AS.exe"+3F86B: F3 0F 11 81 50 02 00 00 - movss [rcx+00000250],xmm0
"AOT2_AS.exe"+3F873: C3 - ret
"AOT2_AS.exe"+3F874: F3 0F 5F D1 - maxss xmm2,xmm1
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+3F878: F3 0F 11 91 50 02 00 00 - movss [rcx+00000250],xmm2
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+3F880: C3 - ret
"AOT2_AS.exe"+3F881: CC - int 3
"AOT2_AS.exe"+3F882: CC - int 3
"AOT2_AS.exe"+3F883: CC - int 3
"AOT2_AS.exe"+3F884: CC - int 3
"AOT2_AS.exe"+3F885: CC - int 3
"AOT2_AS.exe"+3F886: CC - int 3
"AOT2_AS.exe"+3F887: CC - int 3
"AOT2_AS.exe"+3F888: CC - int 3
"AOT2_AS.exe"+3F889: CC - int 3
}
296
"Infinite Blades Durability"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(UNswood,AOT2_EU.exe,F3 0F 11 80 30 02 00 00 76) // should be unique
registersymbol(UNswood)
alloc(newmem,$1000,UNswood)
label(code)
label(return)
newmem:
code:
//movss [rax+00000230],xmm0
jmp return
UNswood:
jmp newmem
nop
nop
nop
return:
[DISABLE]
UNswood:
db F3 0F 11 80 30 02 00 00
unregistersymbol(UNswood)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+985AA0
"AOT2_AS.exe"+985A77: 0F 28 C7 - movaps xmm0,xmm7
"AOT2_AS.exe"+985A7A: F3 0F 5D C2 - minss xmm0,xmm2
"AOT2_AS.exe"+985A7E: 0F 28 D0 - movaps xmm2,xmm0
"AOT2_AS.exe"+985A81: F3 0F 58 90 30 02 00 00 - addss xmm2,dword ptr [rax+00000230]
"AOT2_AS.exe"+985A89: F3 0F 10 80 34 02 00 00 - movss xmm0,[rax+00000234]
"AOT2_AS.exe"+985A91: 0F 2F D0 - comiss xmm2,xmm0
"AOT2_AS.exe"+985A94: 73 07 - jae AOT2_AS.exe+985A9D
"AOT2_AS.exe"+985A96: 0F 28 C7 - movaps xmm0,xmm7
"AOT2_AS.exe"+985A99: F3 0F 5F C2 - maxss xmm0,xmm2
"AOT2_AS.exe"+985A9D: 0F 2F DF - comiss xmm3,xmm7
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+985AA0: F3 0F 11 80 30 02 00 00 - movss [rax+00000230],xmm0
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+985AA8: 76 26 - jna AOT2_AS.exe+985AD0
"AOT2_AS.exe"+985AAA: 48 8B 83 D8 01 00 00 - mov rax,[rbx+000001D8]
"AOT2_AS.exe"+985AB1: F3 0F 10 80 30 02 00 00 - movss xmm0,[rax+00000230]
"AOT2_AS.exe"+985AB9: F3 0F 58 C6 - addss xmm0,xmm6
"AOT2_AS.exe"+985ABD: F3 0F 2C C0 - cvttss2si eax,xmm0
"AOT2_AS.exe"+985AC1: 85 C0 - test eax,eax
"AOT2_AS.exe"+985AC3: 7F 0B - jg AOT2_AS.exe+985AD0
"AOT2_AS.exe"+985AC5: 48 81 8B E8 00 00 00 00 00 80 00 - or qword ptr [rbx+000000E8],00800000
"AOT2_AS.exe"+985AD0: 8B 83 80 03 00 00 - mov eax,[rbx+00000380]
"AOT2_AS.exe"+985AD6: 44 8B FF - mov r15d,edi
}
297
"Infinite Ammos"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(UNAMMO,AOT2_EU.exe,66 41 89 88 E4 01 00 00) // should be unique
registersymbol(UNAMMO)
alloc(newmem,$1000,UNAMMO)
label(code)
label(return)
newmem:
code:
//mov [r8+000001E4],cx
jmp return
UNAMMO:
jmp newmem
nop
nop
nop
return:
[DISABLE]
UNAMMO:
db 66 41 89 88 E4 01 00 00
unregistersymbol(UNAMMO)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+9CC7F3
"AOT2_AS.exe"+9CC7CA: F3 0F 10 05 2E 6C 17 01 - movss xmm0,[AOT2_AS.exe+1B43400]
"AOT2_AS.exe"+9CC7D2: 8B 48 10 - mov ecx,[rax+10]
"AOT2_AS.exe"+9CC7D5: 48 0F BA E1 18 - bt rcx,18
"AOT2_AS.exe"+9CC7DA: 73 03 - jae AOT2_AS.exe+9CC7DF
"AOT2_AS.exe"+9CC7DC: 0F 57 C0 - xorps xmm0,xmm0
"AOT2_AS.exe"+9CC7DF: 41 0F B7 88 E4 01 00 00 - movzx ecx,word ptr [r8+000001E4]
"AOT2_AS.exe"+9CC7E7: 66 85 C9 - test cx,cx
"AOT2_AS.exe"+9CC7EA: 74 0F - je AOT2_AS.exe+9CC7FB
"AOT2_AS.exe"+9CC7EC: F3 0F 2C C0 - cvttss2si eax,xmm0
"AOT2_AS.exe"+9CC7F0: 66 2B C8 - sub cx,ax
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+9CC7F3: 66 41 89 88 E4 01 00 00 - mov [r8+000001E4],cx
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+9CC7FB: 66 FF C2 - inc dx
"AOT2_AS.exe"+9CC7FE: 66 41 89 90 F8 01 00 00 - mov [r8+000001F8],dx
"AOT2_AS.exe"+9CC806: C3 - ret
"AOT2_AS.exe"+9CC807: CC - int 3
"AOT2_AS.exe"+9CC808: CC - int 3
"AOT2_AS.exe"+9CC809: CC - int 3
"AOT2_AS.exe"+9CC80A: CC - int 3
"AOT2_AS.exe"+9CC80B: CC - int 3
"AOT2_AS.exe"+9CC80C: CC - int 3
"AOT2_AS.exe"+9CC80D: CC - int 3
}
332
"Showdown Equipment Always Available"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-13
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT3,AOT2_EU.exe,41 0F B7 B8 26 07 00 00) // should be unique
registersymbol(INJECT3)
alloc(newmem,$1000,INJECT3)
label(code)
label(return)
newmem:
mov byte [r8+00000726],9
code:
movzx edi,word ptr [r8+00000726]
jmp return
INJECT3:
jmp newmem
nop
nop
nop
return:
[DISABLE]
INJECT3:
db 41 0F B7 B8 26 07 00 00
unregistersymbol(INJECT3)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+E06A20
"AOT2_AS.exe"+E069F9: 76 04 - jna AOT2_AS.exe+E069FF
"AOT2_AS.exe"+E069FB: 48 8D 04 C8 - lea rax,[rax+rcx*8]
"AOT2_AS.exe"+E069FF: 48 8B 00 - mov rax,[rax]
"AOT2_AS.exe"+E06A02: 48 8B 50 40 - mov rdx,[rax+40]
"AOT2_AS.exe"+E06A06: 48 85 D2 - test rdx,rdx
"AOT2_AS.exe"+E06A09: 0F 84 87 00 00 00 - je AOT2_AS.exe+E06A96
"AOT2_AS.exe"+E06A0F: 48 8B 8A 58 02 00 00 - mov rcx,[rdx+00000258]
"AOT2_AS.exe"+E06A16: 48 85 C9 - test rcx,rcx
"AOT2_AS.exe"+E06A19: 74 7B - je AOT2_AS.exe+E06A96
"AOT2_AS.exe"+E06A1B: 48 89 7C 24 40 - mov [rsp+40],rdi
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+E06A20: 41 0F B7 B8 26 07 00 00 - movzx edi,word ptr [r8+00000726]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+E06A28: E8 F3 02 BB FF - call AOT2_AS.exe+9B6D20
"AOT2_AS.exe"+E06A2D: 48 8B 15 AC 24 0C 01 - mov rdx,[AOT2_AS.exe+1EC8EE0]
"AOT2_AS.exe"+E06A34: 44 8B C0 - mov r8d,eax
"AOT2_AS.exe"+E06A37: 0F B6 8A DD 00 00 00 - movzx ecx,byte ptr [rdx+000000DD]
"AOT2_AS.exe"+E06A3E: 48 C1 E1 09 - shl rcx,09
"AOT2_AS.exe"+E06A42: 44 0F B6 8C 11 52 28 00 00 - movzx r9d,byte ptr [rcx+rdx+00002852]
"AOT2_AS.exe"+E06A4B: 48 8B 4B 18 - mov rcx,[rbx+18]
"AOT2_AS.exe"+E06A4F: 48 83 79 58 00 - cmp qword ptr [rcx+58],00
"AOT2_AS.exe"+E06A54: 74 0B - je AOT2_AS.exe+E06A61
"AOT2_AS.exe"+E06A56: 48 8B 49 60 - mov rcx,[rcx+60]
}
325
"Infinite Showdown Equipment (on rescue missions)"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-12
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+9B6CE1)
define(bytes,F3 0F 10 42 04)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+9B6CE1)
label(code)
label(return)
registersymbol(spw)
alloc(spw,4)
newmem:
mov [spw],rdx
mov dword [rdx+4],(float)400
code:
movss xmm0,[rdx+04]
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movss xmm0,[rdx+04]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+9B6CE1
"AOT2_AS.exe"+9B6CB0: 0F 5A CA - vcvtps2pd xmm1,xmm2
"AOT2_AS.exe"+9B6CB3: 0F B6 88 D0 0A 00 00 - movzx ecx,byte ptr [rax+00000AD0]
"AOT2_AS.exe"+9B6CBA: 66 0F 6E C1 - movd xmm0,ecx
"AOT2_AS.exe"+9B6CBE: F3 0F E6 C0 - cvtdq2pd xmm0,xmm0,xmm0
"AOT2_AS.exe"+9B6CC2: F2 0F 59 C3 - mulsd xmm0,xmm3
"AOT2_AS.exe"+9B6CC6: F2 0F 5C C8 - subsd xmm1,xmm0
"AOT2_AS.exe"+9B6CCA: 66 0F 5A D1 - cvtpd2ps xmm2,xmm1
"AOT2_AS.exe"+9B6CCE: 49 8B 80 D8 01 00 00 - mov rax,[r8+000001D8]
"AOT2_AS.exe"+9B6CD5: F7 80 A8 02 00 00 00 02 00 00 - test [rax+000002A8],0200
"AOT2_AS.exe"+9B6CDF: 77 34 - ja AOT2_AS.exe+9B6D15
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+9B6CE1: F3 0F 10 42 04 - movss xmm0,[rdx+04]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+9B6CE6: 0F 57 DB - xorps xmm3,xmm3
"AOT2_AS.exe"+9B6CE9: 0F 2F C3 - comiss xmm0,xmm3
"AOT2_AS.exe"+9B6CEC: 72 10 - jb AOT2_AS.exe+9B6CFE
"AOT2_AS.exe"+9B6CEE: 0F 28 CA - movaps xmm1,xmm2
"AOT2_AS.exe"+9B6CF1: F3 0F 59 CC - mulss xmm1,xmm4
"AOT2_AS.exe"+9B6CF5: F3 0F 5C C1 - subss xmm0,xmm1
"AOT2_AS.exe"+9B6CF9: F3 0F 11 42 04 - movss [rdx+04],xmm0
"AOT2_AS.exe"+9B6CFE: F3 0F 10 42 08 - movss xmm0,[rdx+08]
"AOT2_AS.exe"+9B6D03: 0F 2F C3 - comiss xmm0,xmm3
"AOT2_AS.exe"+9B6D06: 72 0D - jb AOT2_AS.exe+9B6D15
}
289
"Partners Skills No Cooldown"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Fskill,AOT2_EU.exe,F3 0F 10 43 14 F3 0F 5C C7) // should be unique
registersymbol(Fskill)
alloc(newmem,$1000,Fskill)
label(code)
label(return)
newmem:
mov dword [rbx+14],(float)0.0
code:
movss xmm0,[rbx+14]
jmp return
Fskill:
jmp newmem
return:
[DISABLE]
Fskill:
db F3 0F 10 43 14
unregistersymbol(Fskill)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+9C4C1C
"AOT2_AS.exe"+9C4BF9: 74 37 - je AOT2_AS.exe+9C4C32
"AOT2_AS.exe"+9C4BFB: 48 8B 80 F0 00 00 00 - mov rax,[rax+000000F0]
"AOT2_AS.exe"+9C4C02: 48 85 C0 - test rax,rax
"AOT2_AS.exe"+9C4C05: 74 2B - je AOT2_AS.exe+9C4C32
"AOT2_AS.exe"+9C4C07: 80 B8 9A 00 00 00 08 - cmp byte ptr [rax+0000009A],08
"AOT2_AS.exe"+9C4C0E: 74 22 - je AOT2_AS.exe+9C4C32
"AOT2_AS.exe"+9C4C10: 8B 40 08 - mov eax,[rax+08]
"AOT2_AS.exe"+9C4C13: 48 C1 E8 08 - shr rax,08
"AOT2_AS.exe"+9C4C17: 40 84 C6 - test sil,al
"AOT2_AS.exe"+9C4C1A: 75 16 - jne AOT2_AS.exe+9C4C32
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+9C4C1C: F3 0F 10 43 14 - movss xmm0,[rbx+14]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+9C4C21: F3 0F 5C C7 - subss xmm0,xmm7
"AOT2_AS.exe"+9C4C25: 0F 2F F0 - comiss xmm6,xmm0
"AOT2_AS.exe"+9C4C28: F3 0F 11 43 14 - movss [rbx+14],xmm0
"AOT2_AS.exe"+9C4C2D: 76 03 - jna AOT2_AS.exe+9C4C32
"AOT2_AS.exe"+9C4C2F: 89 6B 14 - mov [rbx+14],ebp
"AOT2_AS.exe"+9C4C32: 48 8B 82 80 03 00 00 - mov rax,[rdx+00000380]
"AOT2_AS.exe"+9C4C39: 48 B9 02 00 00 00 10 00 00 00 - mov rcx,0000001000000002
"AOT2_AS.exe"+9C4C43: 48 23 C1 - and rax,rcx
"AOT2_AS.exe"+9C4C46: 48 3B C1 - cmp rax,rcx
"AOT2_AS.exe"+9C4C49: 0F 85 13 01 00 00 - jne AOT2_AS.exe+9C4D62
}
252
"Battle Alert Signal Infinite Duration"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2018-04-05
Author : Jeffrey
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Stime,AOT2_EU.exe,F3 0F 11 81 54 01 00 00) // should be unique
registersymbol(Stime)
alloc(newmem,$1000,Stime)
label(code)
label(return)
newmem:
code:
//movss [rcx+00000154],xmm0
jmp return
Stime:
jmp newmem
nop
nop
nop
return:
[DISABLE]
Stime:
db F3 0F 11 81 54 01 00 00
unregistersymbol(Stime)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+AC1493
"AOT2_AS.exe"+AC1467: 0F 2F D0 - comiss xmm2,xmm0
"AOT2_AS.exe"+AC146A: 4C 89 68 E8 - mov [rax-18],r13
"AOT2_AS.exe"+AC146E: 4C 89 70 E0 - mov [rax-20],r14
"AOT2_AS.exe"+AC1472: 45 8D 6C 24 01 - lea r13d,[r12+01]
"AOT2_AS.exe"+AC1477: 4C 89 78 D8 - mov [rax-28],r15
"AOT2_AS.exe"+AC147B: 0F 86 8B 04 00 00 - jbe AOT2_AS.exe+AC190C
"AOT2_AS.exe"+AC1481: 0F 28 C2 - movaps xmm0,xmm2
"AOT2_AS.exe"+AC1484: F3 0F 5C C1 - subss xmm0,xmm1
"AOT2_AS.exe"+AC1488: F3 0F 10 0D 50 68 9C 00 - movss xmm1,[AOT2_AS.exe+1487CE0]
"AOT2_AS.exe"+AC1490: 0F 2F D1 - comiss xmm2,xmm1
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+AC1493: F3 0F 11 81 54 01 00 00 - movss [rcx+00000154],xmm0
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+AC149B: 0F 86 6B 04 00 00 - jbe AOT2_AS.exe+AC190C
"AOT2_AS.exe"+AC14A1: 0F 2F C8 - comiss xmm1,xmm0
"AOT2_AS.exe"+AC14A4: 0F 82 62 04 00 00 - jb AOT2_AS.exe+AC190C
"AOT2_AS.exe"+AC14AA: 44 38 A1 8F 00 00 00 - cmp [rcx+0000008F],r12l
"AOT2_AS.exe"+AC14B1: 74 0D - je AOT2_AS.exe+AC14C0
"AOT2_AS.exe"+AC14B3: E8 08 1C 33 00 - call AOT2_AS.exe+DF30C0
"AOT2_AS.exe"+AC14B8: 85 C0 - test eax,eax
"AOT2_AS.exe"+AC14BA: 0F 84 4C 04 00 00 - je AOT2_AS.exe+AC190C
"AOT2_AS.exe"+AC14C0: 48 8D 55 67 - lea rdx,[rbp+67]
"AOT2_AS.exe"+AC14C4: 4C 89 65 67 - mov [rbp+67],r12
}
24895
"-> Deactivation doesn't work."
808080
1
290
"Always Combat Items x9"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Fitem,AOT2_EU.exe,41 0F B7 94 79 EC 06 00 00) // should be unique
registersymbol(Fitem)
alloc(newmem,$1000,Fitem)
label(code)
label(return)
newmem:
mov byte [r9+rdi*2+000006EC],9
code:
movzx edx,word ptr [r9+rdi*2+000006EC]
jmp return
Fitem:
jmp newmem
nop
nop
nop
nop
return:
[DISABLE]
Fitem:
db 41 0F B7 94 79 EC 06 00 00
unregistersymbol(Fitem)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+E02D6C
"AOT2_AS.exe"+E02D45: 41 8B C3 - mov eax,r11d
"AOT2_AS.exe"+E02D48: 41 80 79 0F 00 - cmp byte ptr [r9+0F],00
"AOT2_AS.exe"+E02D4D: 0F 95 C0 - setne al
"AOT2_AS.exe"+E02D50: 85 C0 - test eax,eax
"AOT2_AS.exe"+E02D52: 74 18 - je AOT2_AS.exe+E02D6C
"AOT2_AS.exe"+E02D54: 48 63 C7 - movsxd rax,edi
"AOT2_AS.exe"+E02D57: 48 6B C8 0E - imul rcx,rax,0E
"AOT2_AS.exe"+E02D5B: 48 8B 05 8E 61 0C 01 - mov rax,[AOT2_AS.exe+1EC8EF0]
"AOT2_AS.exe"+E02D62: 0F B6 94 01 D5 15 0C 00 - movzx edx,byte ptr [rcx+rax+000C15D5]
"AOT2_AS.exe"+E02D6A: EB 09 - jmp AOT2_AS.exe+E02D75
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+E02D6C: 41 0F B7 94 79 EC 06 00 00 - movzx edx,word ptr [r9+rdi*2+000006EC]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+E02D75: 4D 85 D2 - test r10,r10
"AOT2_AS.exe"+E02D78: 74 0D - je AOT2_AS.exe+E02D87
"AOT2_AS.exe"+E02D7A: 42 83 7C 13 10 20 - cmp dword ptr [rbx+r10+10],20
"AOT2_AS.exe"+E02D80: 74 05 - je AOT2_AS.exe+E02D87
"AOT2_AS.exe"+E02D82: 42 89 54 13 14 - mov [rbx+r10+14],edx
"AOT2_AS.exe"+E02D87: 8B D7 - mov edx,edi
"AOT2_AS.exe"+E02D89: 49 8B C9 - mov rcx,r9
"AOT2_AS.exe"+E02D8C: E8 4F 6F D5 FF - call AOT2_AS.exe+B59CE0
"AOT2_AS.exe"+E02D91: 48 8B 4E 68 - mov rcx,[rsi+68]
"AOT2_AS.exe"+E02D95: 48 85 C9 - test rcx,rcx
}
19
"Titan Timer"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-11
Author : FakePixv
This script does infinite titan time
}
[ENABLE]
aobscanmodule(INF_TITAN_TIME,AOT2_EU.exe,C2 F3 41 0F 11 41 04) // should be unique
alloc(INFINITE_TIME,$1000,"AOT2_EU.exe"+A21CD0)
label(code)
label(return)
INFINITE_TIME:
mov [r9+04],(float)25
jmp return
code:
movss [r9+04],xmm0
jmp return
INF_TITAN_TIME+01:
jmp INFINITE_TIME
nop
return:
registersymbol(INF_TITAN_TIME)
[DISABLE]
INF_TITAN_TIME+01:
db F3 41 0F 11 41 04
unregistersymbol(INF_TITAN_TIME)
dealloc(INFINITE_TIME)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+A21CD0
"AOT2_EU.exe"+A21CA7: 85 C0 - test eax,eax
"AOT2_EU.exe"+A21CA9: 74 5C - je AOT2_EU.exe+A21D07
"AOT2_EU.exe"+A21CAB: 49 8B 80 D8 01 00 00 - mov rax,[r8+000001D8]
"AOT2_EU.exe"+A21CB2: F7 80 A8 02 00 00 00 04 00 00 - test [rax+000002A8],0400
"AOT2_EU.exe"+A21CBC: 77 49 - ja AOT2_EU.exe+A21D07
"AOT2_EU.exe"+A21CBE: F3 41 0F 10 41 04 - movss xmm0,[r9+04]
"AOT2_EU.exe"+A21CC4: 0F 57 C9 - xorps xmm1,xmm1
"AOT2_EU.exe"+A21CC7: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+A21CCA: 72 0A - jb AOT2_EU.exe+A21CD6
"AOT2_EU.exe"+A21CCC: F3 0F 5C C2 - subss xmm0,xmm2
// ---------- INJECTING HERE ----------
"AOT2_EU.exe"+A21CD0: F3 41 0F 11 41 04 - movss [r9+04],xmm0
// ---------- DONE INJECTING ----------
"AOT2_EU.exe"+A21CD6: F3 41 0F 10 41 08 - movss xmm0,[r9+08]
"AOT2_EU.exe"+A21CDC: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+A21CDF: 72 0A - jb AOT2_EU.exe+A21CEB
"AOT2_EU.exe"+A21CE1: F3 0F 5C C2 - subss xmm0,xmm2
"AOT2_EU.exe"+A21CE5: F3 41 0F 11 41 08 - movss [r9+08],xmm0
"AOT2_EU.exe"+A21CEB: F3 41 0F 10 41 0C - movss xmm0,[r9+0C]
"AOT2_EU.exe"+A21CF1: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+A21CF4: 72 11 - jb AOT2_EU.exe+A21D07
"AOT2_EU.exe"+A21CF6: 41 83 79 10 00 - cmp dword ptr [r9+10],00
"AOT2_EU.exe"+A21CFB: 74 0A - je AOT2_EU.exe+A21D07
}
Activate
37
Enable
0
Activate
Deactivate
39
Disable
1
Deactivate
24894
"[Hotkeys] -> [Left Arrow (kb) - ON] | [Right Arrow (kb) - OFF]"
808080
1
327
"Battle using the Final Battle System +"
0074E8
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-12
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+E06251)
define(bytes,44 8B 00 EB 03)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+E06251)
label(code)
label(return)
newmem:
mov byte [rax],1
mov dword [rax+4],(float)400
mov dword [rax+8],(float)400
code:
mov r8d,[rax]
jmp AOT2_EU.exe+E06259
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// mov r8d,[rax]
// jmp AOT2_EU.exe+E06259
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+E06251
"AOT2_AS.exe"+E06222: 41 0F B6 8A DD 00 00 00 - movzx ecx,byte ptr [r10+000000DD]
"AOT2_AS.exe"+E0622A: 48 39 88 98 0F 00 00 - cmp [rax+00000F98],rcx
"AOT2_AS.exe"+E06231: 48 8B 80 A8 0F 00 00 - mov rax,[rax+00000FA8]
"AOT2_AS.exe"+E06238: 76 04 - jna AOT2_AS.exe+E0623E
"AOT2_AS.exe"+E0623A: 48 8D 04 C8 - lea rax,[rax+rcx*8]
"AOT2_AS.exe"+E0623E: 48 8B 00 - mov rax,[rax]
"AOT2_AS.exe"+E06241: 4C 8B 48 40 - mov r9,[rax+40]
"AOT2_AS.exe"+E06245: 49 8B 81 58 02 00 00 - mov rax,[r9+00000258]
"AOT2_AS.exe"+E0624C: 48 85 C0 - test rax,rax
"AOT2_AS.exe"+E0624F: 74 05 - je AOT2_AS.exe+E06256
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+E06251: 44 8B 00 - mov r8d,[rax]
"AOT2_AS.exe"+E06254: EB 03 - jmp AOT2_AS.exe+E06259
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+E06256: 45 33 C0 - xor r8d,r8d
"AOT2_AS.exe"+E06259: 48 8B C1 - mov rax,rcx
"AOT2_AS.exe"+E0625C: 48 C1 E0 09 - shl rax,09
"AOT2_AS.exe"+E06260: 42 80 BC 10 52 28 00 00 02 - cmp byte ptr [rax+r10+00002852],02
"AOT2_AS.exe"+E06269: 75 47 - jne AOT2_AS.exe+E062B2
"AOT2_AS.exe"+E0626B: 49 8B 81 D8 01 00 00 - mov rax,[r9+000001D8]
"AOT2_AS.exe"+E06272: 48 85 C0 - test rax,rax
"AOT2_AS.exe"+E06275: 74 3B - je AOT2_AS.exe+E062B2
"AOT2_AS.exe"+E06277: 83 B8 E0 01 00 00 00 - cmp dword ptr [rax+000001E0],00
"AOT2_AS.exe"+E0627E: 74 32 - je AOT2_AS.exe+E062B2
}
328
"Awakening Ability Value"
0075EA
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-13
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INPO,AOT2_EU.exe,8B 84 08 08 10 00 00) // should be unique
registersymbol(INPO)
alloc(newmem,$1000,INPO)
label(code)
label(return)
newmem:
mov word [rax+rcx+00001008],#999
code:
mov eax,[rax+rcx+00001008]
jmp return
INPO:
jmp newmem
nop
nop
return:
[DISABLE]
INPO:
db 8B 84 08 08 10 00 00
unregistersymbol(INPO)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1184CE
"AOT2_AS.exe"+1184BC: CC - int 3
"AOT2_AS.exe"+1184BD: CC - int 3
"AOT2_AS.exe"+1184BE: CC - int 3
"AOT2_AS.exe"+1184BF: CC - int 3
"AOT2_AS.exe"+1184C0: 83 FA 38 - cmp edx,38
"AOT2_AS.exe"+1184C3: 72 03 - jb AOT2_AS.exe+1184C8
"AOT2_AS.exe"+1184C5: 33 C0 - xor eax,eax
"AOT2_AS.exe"+1184C7: C3 - ret
"AOT2_AS.exe"+1184C8: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1184CA: 48 C1 E0 06 - shl rax,06
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1184CE: 8B 84 08 08 10 00 00 - mov eax,[rax+rcx+00001008]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1184D5: C3 - ret
"AOT2_AS.exe"+1184D6: CC - int 3
"AOT2_AS.exe"+1184D7: CC - int 3
"AOT2_AS.exe"+1184D8: CC - int 3
"AOT2_AS.exe"+1184D9: CC - int 3
"AOT2_AS.exe"+1184DA: CC - int 3
"AOT2_AS.exe"+1184DB: CC - int 3
"AOT2_AS.exe"+1184DC: CC - int 3
"AOT2_AS.exe"+1184DD: CC - int 3
"AOT2_AS.exe"+1184DE: CC - int 3
}
329
"Training Value"
0080FF
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-13
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(ipoint,AOT2_EU.exe,0F B7 70 04 E8 B7 E3 14 FF) // should be unique
registersymbol(ipoint)
alloc(newmem,$1000,ipoint)
label(code)
label(return)
newmem:
mov word [rax+4],#500
mov byte [rax+6],4
code:
movzx esi,word ptr [rax+04]
call AOT2_EU.exe+14860
jmp return
ipoint:
jmp newmem
nop
nop
nop
nop
return:
[DISABLE]
ipoint:
db 0F B7 70 04 E8 B7 E3 14 FF
unregistersymbol(ipoint)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+EC64A0
"AOT2_AS.exe"+EC6477: 4C 8B 06 - mov r8,[rsi]
"AOT2_AS.exe"+EC647A: BA 87 00 00 00 - mov edx,00000087
"AOT2_AS.exe"+EC647F: 48 8B CE - mov rcx,rsi
"AOT2_AS.exe"+EC6482: 48 89 45 B0 - mov [rbp-50],rax
"AOT2_AS.exe"+EC6486: 41 FF 50 10 - call qword ptr [r8+10]
"AOT2_AS.exe"+EC648A: 89 44 24 70 - mov [rsp+70],eax
"AOT2_AS.exe"+EC648E: BA 86 00 00 00 - mov edx,00000086
"AOT2_AS.exe"+EC6493: 48 8B 45 98 - mov rax,[rbp-68]
"AOT2_AS.exe"+EC6497: 41 B8 01 00 00 00 - mov r8d,00000001
"AOT2_AS.exe"+EC649D: 48 8B CF - mov rcx,rdi
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+EC64A0: 0F B7 70 04 - movzx esi,word ptr [rax+04]
"AOT2_AS.exe"+EC64A4: E8 B7 E3 14 FF - call AOT2_AS.exe+14860
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+EC64A9: 4D 8B 06 - mov r8,[r14]
"AOT2_AS.exe"+EC64AC: BA 86 00 00 00 - mov edx,00000086
"AOT2_AS.exe"+EC64B1: 49 8B CE - mov rcx,r14
"AOT2_AS.exe"+EC64B4: 48 89 45 28 - mov [rbp+28],rax
"AOT2_AS.exe"+EC64B8: 41 FF 50 10 - call qword ptr [r8+10]
"AOT2_AS.exe"+EC64BC: 4C 8B 75 A0 - mov r14,[rbp-60]
"AOT2_AS.exe"+EC64C0: 41 B8 04 00 00 00 - mov r8d,00000004
"AOT2_AS.exe"+EC64C6: 89 45 90 - mov [rbp-70],eax
"AOT2_AS.exe"+EC64C9: 4D 85 F6 - test r14,r14
"AOT2_AS.exe"+EC64CC: 0F 84 E0 00 00 00 - je AOT2_AS.exe+EC65B2
}
24882
"[ Out of Battle ]"
008000
1
318
"Player Data"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-12
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Pdata,AOT2_EU.exe,0F B6 41 08 C3 CC CC CC CC CC CC CC CC CC CC CC 80) // should be unique
registersymbol(Pdata)
alloc(newmem,$1000,Pdata)
registersymbol(pt)
alloc(pt,8)
label(code)
label(return)
label(zzz)
label(skill)
registersymbol(skill)
newmem:
mov [pt],rcx
cmp byte [skill],1
je zzz
code:
movzx eax,byte ptr [rcx+08]
ret
jmp return
zzz:
mov dword [rcx+10+8],ffffffff
mov dword [rcx+14+8],ffffffff
mov dword [rcx+18+8],003fffff
mov dword [rcx+1c+8],fffffff0
mov dword [rcx+20+8],ffffffff
mov dword [rcx+24+8],07ff8fff
mov dword [rcx+28+8],f0000700
mov dword [rcx+2c+8],00073fff
jmp code
skill:
db 0
Pdata:
jmp newmem
return:
[DISABLE]
Pdata:
db 0F B6 41 08 C3
unregistersymbol(Pdata)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1172F0
"AOT2_AS.exe"+1172E3: 88 01 - mov [rcx],al
"AOT2_AS.exe"+1172E5: 48 8B C1 - mov rax,rcx
"AOT2_AS.exe"+1172E8: C3 - ret
"AOT2_AS.exe"+1172E9: CC - int 3
"AOT2_AS.exe"+1172EA: CC - int 3
"AOT2_AS.exe"+1172EB: CC - int 3
"AOT2_AS.exe"+1172EC: CC - int 3
"AOT2_AS.exe"+1172ED: CC - int 3
"AOT2_AS.exe"+1172EE: CC - int 3
"AOT2_AS.exe"+1172EF: CC - int 3
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1172F0: 0F B6 41 08 - movzx eax,byte ptr [rcx+08]
"AOT2_AS.exe"+1172F4: C3 - ret
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1172F5: CC - int 3
"AOT2_AS.exe"+1172F6: CC - int 3
"AOT2_AS.exe"+1172F7: CC - int 3
"AOT2_AS.exe"+1172F8: CC - int 3
"AOT2_AS.exe"+1172F9: CC - int 3
"AOT2_AS.exe"+1172FA: CC - int 3
"AOT2_AS.exe"+1172FB: CC - int 3
"AOT2_AS.exe"+1172FC: CC - int 3
"AOT2_AS.exe"+1172FD: CC - int 3
"AOT2_AS.exe"+1172FE: CC - int 3
}
24871
"Current Character"
808000
1
6
"Name"
00:Eren
01:Mikasa
02:Armin
03:Reiner
04:Bertolt
05:Annie
06:Jean
07:Conny
08:Sasha
09:Christa
0A:Ymir
0B:Livai
0C:Hansi
0D:Erwin
0E:Marco
0F:Thomas
10:Mihna
11:Mike
12:Auruo
13:Petra
14:Gunther
15:Erd
16:Moblit
17:Ian
18:Rico
19:Mitabi
1A:Naile
1B:Marlowe
1C:Hitch
1D:Hannes
1E:Pixis
1F:Keith
20:Kitz
21:Zackley
22:Nanaba
23:Gelgar
24:Daz
25:Avatar
26:Hooded/Cloaked Avatar
1
FF8000
Byte
pt
+8
46
"Level / Rank (-1)"
FF8000
Byte
pt
84+18
43
"Experience"
FF8000
4 Bytes
pt
98
24872
"Stats"
808000
1
45
"Strength"
FF8000
Byte
pt
88
7
"Dexterity"
FF8000
Byte
pt
8a
8
"Concentration"
FF8000
Byte
pt
8c
9
"Agility"
FF8000
Byte
pt
8e
10
"Health"
FF8000
Byte
pt
90
11
"Leadership"
FF8000
Byte
pt
92
24873
"Skills"
808000
1
234
"Equipe All Skills"
0:OFF
1:ON
FF8000
Byte
skill
Set Value
38
1
0
All Skills Activated
Set Value
40
0
1
All Skills Deactivated
24886
"[Hotkeys] -> [Up Arrow (kb)] - ON] | [Down Arrow (kb) - OFF]"
808080
1
24874
"Equipment"
808000
1
304
"Blades Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+1198A6)
define(bytes,0F B6 4C 08 09)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+1198A6)
label(code)
label(return)
newmem:
mov byte [rax+rcx+9],#198
mov byte [rax+rcx+a],#1
code:
movzx ecx,byte ptr [rax+rcx+09]
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+09]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1198A6
"AOT2_AS.exe"+11988B: C3 - ret
"AOT2_AS.exe"+11988C: CC - int 3
"AOT2_AS.exe"+11988D: CC - int 3
"AOT2_AS.exe"+11988E: CC - int 3
"AOT2_AS.exe"+11988F: CC - int 3
"AOT2_AS.exe"+119890: 8B C2 - mov eax,edx
"AOT2_AS.exe"+119892: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+119898: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+11989C: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+1198A1: 80 7C 08 0A 00 - cmp byte ptr [rax+rcx+0A],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1198A6: 0F B6 4C 08 09 - movzx ecx,byte ptr [rax+rcx+09]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1198AB: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+1198AF: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+1198B1: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+1198B4: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1198B6: C3 - ret
"AOT2_AS.exe"+1198B7: CC - int 3
"AOT2_AS.exe"+1198B8: CC - int 3
"AOT2_AS.exe"+1198B9: CC - int 3
"AOT2_AS.exe"+1198BA: CC - int 3
"AOT2_AS.exe"+1198BB: CC - int 3
}
305
"Scabbards / Canisters Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+1197D9)
define(bytes,0F B6 8C 08 C9 18 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+1197D9)
label(code)
label(return)
newmem:
mov byte [rax+rcx+000018C9],#198
mov byte [rax+rcx+000018Ca],#1
code:
movzx ecx,byte ptr [rax+rcx+000018C9]
jmp return
address:
jmp newmem
nop
nop
nop
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+000018C9]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1197D9
"AOT2_AS.exe"+1197BB: C3 - ret
"AOT2_AS.exe"+1197BC: CC - int 3
"AOT2_AS.exe"+1197BD: CC - int 3
"AOT2_AS.exe"+1197BE: CC - int 3
"AOT2_AS.exe"+1197BF: CC - int 3
"AOT2_AS.exe"+1197C0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1197C2: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+1197C8: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+1197CC: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+1197D1: 80 BC 08 CA 18 00 00 00 - cmp byte ptr [rax+rcx+000018CA],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1197D9: 0F B6 8C 08 C9 18 00 00 - movzx ecx,byte ptr [rax+rcx+000018C9]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1197E1: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+1197E5: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+1197E7: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+1197EA: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1197EC: C3 - ret
"AOT2_AS.exe"+1197ED: CC - int 3
"AOT2_AS.exe"+1197EE: CC - int 3
"AOT2_AS.exe"+1197EF: CC - int 3
"AOT2_AS.exe"+1197F0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1197F2: 48 C1 E0 06 - shl rax,06
}
306
"Omni-Directional Mobility Gears Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+119709)
define(bytes,0F B6 8C 08 89 31 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+119709)
label(code)
label(return)
newmem:
mov byte [rax+rcx+00003189],#198
mov byte [rax+rcx+0000318a],#1
code:
movzx ecx,byte ptr [rax+rcx+00003189]
jmp return
address:
jmp newmem
nop
nop
nop
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+00003189]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+119709
"AOT2_AS.exe"+1196EB: C3 - ret
"AOT2_AS.exe"+1196EC: CC - int 3
"AOT2_AS.exe"+1196ED: CC - int 3
"AOT2_AS.exe"+1196EE: CC - int 3
"AOT2_AS.exe"+1196EF: CC - int 3
"AOT2_AS.exe"+1196F0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1196F2: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+1196F8: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+1196FC: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+119701: 80 BC 08 8A 31 00 00 00 - cmp byte ptr [rax+rcx+0000318A],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+119709: 0F B6 8C 08 89 31 00 00 - movzx ecx,byte ptr [rax+rcx+00003189]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+119711: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+119715: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+119717: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+11971A: 8B C2 - mov eax,edx
"AOT2_AS.exe"+11971C: C3 - ret
"AOT2_AS.exe"+11971D: CC - int 3
"AOT2_AS.exe"+11971E: CC - int 3
"AOT2_AS.exe"+11971F: CC - int 3
"AOT2_AS.exe"+119720: 8B C2 - mov eax,edx
"AOT2_AS.exe"+119722: 48 C1 E0 06 - shl rax,06
}
307
"Gun Barrel Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+116446)
define(bytes,0F B6 4C 08 09)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+116446)
label(code)
label(return)
newmem:
mov byte [rax+rcx+09],#198
mov byte [rax+rcx+0a],#1
code:
movzx ecx,byte ptr [rax+rcx+09]
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+09]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+116446
"AOT2_AS.exe"+11642B: C3 - ret
"AOT2_AS.exe"+11642C: CC - int 3
"AOT2_AS.exe"+11642D: CC - int 3
"AOT2_AS.exe"+11642E: CC - int 3
"AOT2_AS.exe"+11642F: CC - int 3
"AOT2_AS.exe"+116430: 8B C2 - mov eax,edx
"AOT2_AS.exe"+116432: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+116438: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+11643C: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+116441: 80 7C 08 0A 00 - cmp byte ptr [rax+rcx+0A],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+116446: 0F B6 4C 08 09 - movzx ecx,byte ptr [rax+rcx+09]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+11644B: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+11644F: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+116451: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+116454: 8B C2 - mov eax,edx
"AOT2_AS.exe"+116456: C3 - ret
"AOT2_AS.exe"+116457: CC - int 3
"AOT2_AS.exe"+116458: CC - int 3
"AOT2_AS.exe"+116459: CC - int 3
"AOT2_AS.exe"+11645A: CC - int 3
"AOT2_AS.exe"+11645B: CC - int 3
}
308
"Ammo Belt / Canister Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+116309)
define(bytes,0F B6 8C 08 C9 18 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+116309)
label(code)
label(return)
newmem:
mov byte [rax+rcx+000018C9],#198
mov byte [rax+rcx+000018Ca],#1
code:
movzx ecx,byte ptr [rax+rcx+000018C9]
jmp return
address:
jmp newmem
nop
nop
nop
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+000018C9]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+116309
"AOT2_AS.exe"+1162EB: C3 - ret
"AOT2_AS.exe"+1162EC: CC - int 3
"AOT2_AS.exe"+1162ED: CC - int 3
"AOT2_AS.exe"+1162EE: CC - int 3
"AOT2_AS.exe"+1162EF: CC - int 3
"AOT2_AS.exe"+1162F0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1162F2: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+1162F8: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+1162FC: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+116301: 80 BC 08 CA 18 00 00 00 - cmp byte ptr [rax+rcx+000018CA],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+116309: 0F B6 8C 08 C9 18 00 00 - movzx ecx,byte ptr [rax+rcx+000018C9]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+116311: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+116315: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+116317: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+11631A: 8B C2 - mov eax,edx
"AOT2_AS.exe"+11631C: C3 - ret
"AOT2_AS.exe"+11631D: CC - int 3
"AOT2_AS.exe"+11631E: CC - int 3
"AOT2_AS.exe"+11631F: CC - int 3
"AOT2_AS.exe"+116320: 8B C2 - mov eax,edx
"AOT2_AS.exe"+116322: 48 C1 E0 06 - shl rax,06
}
309
"Anti-Personnel ODM Reinforcement"
FF8000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+1161C9)
define(bytes,0F B6 8C 08 89 31 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+1161C9)
label(code)
label(return)
newmem:
mov byte [rax+rcx+00003189],#198
mov byte [rax+rcx+0000318a],#1
code:
movzx ecx,byte ptr [rax+rcx+00003189]
jmp return
address:
jmp newmem
nop
nop
nop
return:
[DISABLE]
address:
db bytes
// movzx ecx,byte ptr [rax+rcx+00003189]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1161C9
"AOT2_AS.exe"+1161AB: C3 - ret
"AOT2_AS.exe"+1161AC: CC - int 3
"AOT2_AS.exe"+1161AD: CC - int 3
"AOT2_AS.exe"+1161AE: CC - int 3
"AOT2_AS.exe"+1161AF: CC - int 3
"AOT2_AS.exe"+1161B0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1161B2: 41 B8 C6 00 00 00 - mov r8d,000000C6
"AOT2_AS.exe"+1161B8: 48 C1 E0 06 - shl rax,06
"AOT2_AS.exe"+1161BC: BA 63 00 00 00 - mov edx,00000063
"AOT2_AS.exe"+1161C1: 80 BC 08 8A 31 00 00 00 - cmp byte ptr [rax+rcx+0000318A],00
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1161C9: 0F B6 8C 08 89 31 00 00 - movzx ecx,byte ptr [rax+rcx+00003189]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1161D1: 41 0F 45 D0 - cmovne edx,r8d
"AOT2_AS.exe"+1161D5: 3B CA - cmp ecx,edx
"AOT2_AS.exe"+1161D7: 0F 46 D1 - cmovbe edx,ecx
"AOT2_AS.exe"+1161DA: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1161DC: C3 - ret
"AOT2_AS.exe"+1161DD: CC - int 3
"AOT2_AS.exe"+1161DE: CC - int 3
"AOT2_AS.exe"+1161DF: CC - int 3
"AOT2_AS.exe"+1161E0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1161E2: 48 C1 E0 06 - shl rax,06
}
302
"Money"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(MONEY,AOT2_EU.exe,8B 41 14 C3 CC CC CC CC CC CC CC CC CC CC CC CC 8B 41 10 44) // should be unique
registersymbol(MONEY)
alloc(newmem,$1000,"AOT2_EU.exe"+11CE30)
label(code)
label(return)
newmem:
mov dword [rcx+14],#99999999
code:
mov eax,[rcx+14]
ret
int 3
jmp return
MONEY:
jmp newmem
return:
[DISABLE]
MONEY:
db 8B 41 14 C3 CC
unregistersymbol(MONEY)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+11CE30
"AOT2_AS.exe"+11CE26: CC - int 3
"AOT2_AS.exe"+11CE27: CC - int 3
"AOT2_AS.exe"+11CE28: CC - int 3
"AOT2_AS.exe"+11CE29: CC - int 3
"AOT2_AS.exe"+11CE2A: CC - int 3
"AOT2_AS.exe"+11CE2B: CC - int 3
"AOT2_AS.exe"+11CE2C: CC - int 3
"AOT2_AS.exe"+11CE2D: CC - int 3
"AOT2_AS.exe"+11CE2E: CC - int 3
"AOT2_AS.exe"+11CE2F: CC - int 3
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+11CE30: 8B 41 14 - mov eax,[rcx+14]
"AOT2_AS.exe"+11CE33: C3 - ret
"AOT2_AS.exe"+11CE34: CC - int 3
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+11CE35: CC - int 3
"AOT2_AS.exe"+11CE36: CC - int 3
"AOT2_AS.exe"+11CE37: CC - int 3
"AOT2_AS.exe"+11CE38: CC - int 3
"AOT2_AS.exe"+11CE39: CC - int 3
"AOT2_AS.exe"+11CE3A: CC - int 3
"AOT2_AS.exe"+11CE3B: CC - int 3
"AOT2_AS.exe"+11CE3C: CC - int 3
"AOT2_AS.exe"+11CE3D: CC - int 3
"AOT2_AS.exe"+11CE3E: CC - int 3
}
24896
"Wings of Freedom Badges"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-11
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(suwa,AOT2_EU.exe,0F B7 81 0C 80 00 00 C3) // should be unique
registersymbol(suwa)
alloc(newmem,$1000,suwa)
label(code)
label(return)
newmem:
mov byte [rcx+00008008],#87
mov byte [rcx+0000800C],#200
code:
movzx eax,word ptr [rcx+0000800C]
jmp return
suwa:
jmp newmem
nop
nop
return:
[DISABLE]
suwa:
db 0F B7 81 0C 80 00 00
unregistersymbol(suwa)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+117720
"AOT2_AS.exe"+117710: 48 8D 81 08 80 00 00 - lea rax,[rcx+00008008]
"AOT2_AS.exe"+117717: C3 - ret
"AOT2_AS.exe"+117718: CC - int 3
"AOT2_AS.exe"+117719: CC - int 3
"AOT2_AS.exe"+11771A: CC - int 3
"AOT2_AS.exe"+11771B: CC - int 3
"AOT2_AS.exe"+11771C: CC - int 3
"AOT2_AS.exe"+11771D: CC - int 3
"AOT2_AS.exe"+11771E: CC - int 3
"AOT2_AS.exe"+11771F: CC - int 3
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+117720: 0F B7 81 0C 80 00 00 - movzx eax,word ptr [rcx+0000800C]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+117727: C3 - ret
"AOT2_AS.exe"+117728: CC - int 3
"AOT2_AS.exe"+117729: CC - int 3
"AOT2_AS.exe"+11772A: CC - int 3
"AOT2_AS.exe"+11772B: CC - int 3
"AOT2_AS.exe"+11772C: CC - int 3
"AOT2_AS.exe"+11772D: CC - int 3
"AOT2_AS.exe"+11772E: CC - int 3
"AOT2_AS.exe"+11772F: CC - int 3
"AOT2_AS.exe"+117730: 41 8B C0 - mov eax,r8d
}
303
"Materials"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-10
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(ITEM,AOT2_EU.exe,0F B7 84 D1 48 0A 01 00) // should be unique
registersymbol(ITEM)
alloc(newmem,$1000,ITEM)
label(code)
label(return)
label(xxx)
registersymbol(xxx)
label(items)
newmem:
cmp rdi,#114
jbe items
code:
movzx eax,word ptr [rcx+rdx*8+00010A48]
jmp return
items:
push ax
mov ax,[xxx]
mov [rcx+rdx*8+00010A48],ax
pop ax
jmp code
xxx:
dw #999
ITEM:
jmp newmem
nop
nop
nop
return:
[DISABLE]
ITEM:
db 0F B7 84 D1 48 0A 01 00
unregistersymbol(ITEM)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+1194B9
"AOT2_AS.exe"+1194A9: CC - int 3
"AOT2_AS.exe"+1194AA: CC - int 3
"AOT2_AS.exe"+1194AB: CC - int 3
"AOT2_AS.exe"+1194AC: CC - int 3
"AOT2_AS.exe"+1194AD: CC - int 3
"AOT2_AS.exe"+1194AE: CC - int 3
"AOT2_AS.exe"+1194AF: CC - int 3
"AOT2_AS.exe"+1194B0: 8B C2 - mov eax,edx
"AOT2_AS.exe"+1194B2: 48 8D 14 40 - lea rdx,[rax+rax*2]
"AOT2_AS.exe"+1194B6: 48 03 D2 - add rdx,rdx
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+1194B9: 0F B7 84 D1 48 0A 01 00 - movzx eax,word ptr [rcx+rdx*8+00010A48]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+1194C1: C3 - ret
"AOT2_AS.exe"+1194C2: CC - int 3
"AOT2_AS.exe"+1194C3: CC - int 3
"AOT2_AS.exe"+1194C4: CC - int 3
"AOT2_AS.exe"+1194C5: CC - int 3
"AOT2_AS.exe"+1194C6: CC - int 3
"AOT2_AS.exe"+1194C7: CC - int 3
"AOT2_AS.exe"+1194C8: CC - int 3
"AOT2_AS.exe"+1194C9: CC - int 3
"AOT2_AS.exe"+1194CA: CC - int 3
}
235
"Quantity"
808000
2 Bytes
xxx
24890
"Recapture The City Wall Materials"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-11
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Dmoney,AOT2_EU.exe,41 8B 88 78 62 18 00) // should be unique
registersymbol(Dmoney)
alloc(newmem,$1000,Dmoney)
label(code)
label(return)
newmem:
mov dword [r8+00186278],#99999999
code:
mov ecx,[r8+00186278]
jmp return
Dmoney:
jmp newmem
nop
nop
return:
[DISABLE]
Dmoney:
db 41 8B 88 78 62 18 00
unregistersymbol(Dmoney)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+EC2469
"AOT2_AS.exe"+EC243D: 66 0F 6E DE - movd xmm3,esi
"AOT2_AS.exe"+EC2441: 48 8D 4C 24 40 - lea rcx,[rsp+40]
"AOT2_AS.exe"+EC2446: 66 41 0F 6E D6 - movd xmm2,r14d
"AOT2_AS.exe"+EC244B: 48 8D 55 A0 - lea rdx,[rbp-60]
"AOT2_AS.exe"+EC244F: 48 89 4C 24 20 - mov [rsp+20],rcx
"AOT2_AS.exe"+EC2454: 48 8B C8 - mov rcx,rax
"AOT2_AS.exe"+EC2457: 0F 5B DB - cvtdq2ps xmm3,xmm3
"AOT2_AS.exe"+EC245A: 0F 5B D2 - cvtdq2ps xmm2,xmm2
"AOT2_AS.exe"+EC245D: E8 AE 84 24 00 - call AOT2_AS.exe+110A910
"AOT2_AS.exe"+EC2462: 4C 8B 05 8F 6A 00 01 - mov r8,[AOT2_AS.exe+1EC8EF8]
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+EC2469: 41 8B 88 78 62 18 00 - mov ecx,[r8+00186278]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+EC2470: C7 44 24 28 01 00 00 00 - mov [rsp+28],00000001
"AOT2_AS.exe"+EC2478: 44 89 7C 24 20 - mov [rsp+20],r15d
"AOT2_AS.exe"+EC247D: E8 5E 6D 23 00 - call AOT2_AS.exe+10F91E0
"AOT2_AS.exe"+EC2482: 4C 8B B4 24 D0 02 00 00 - mov r14,[rsp+000002D0]
"AOT2_AS.exe"+EC248A: 4C 8B AC 24 D8 02 00 00 - mov r13,[rsp+000002D8]
"AOT2_AS.exe"+EC2492: 4C 8B A4 24 E0 02 00 00 - mov r12,[rsp+000002E0]
"AOT2_AS.exe"+EC249A: 48 8B 9C 24 20 03 00 00 - mov rbx,[rsp+00000320]
"AOT2_AS.exe"+EC24A2: 48 8B 8D A0 01 00 00 - mov rcx,[rbp+000001A0]
"AOT2_AS.exe"+EC24A9: 48 33 CC - xor rcx,rsp
"AOT2_AS.exe"+EC24AC: E8 CF 47 9E FF - call AOT2_AS.exe+8A6C80
}
310
"Gifts"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-11
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(GIFT,AOT2_EU.exe,0F B7 84 D1 C8 52 01 00) // should be unique
registersymbol(GIFT)
alloc(newmem,$1000,GIFT)
label(code)
label(return)
label(gifts)
label(yyy)
registersymbol(yyy)
newmem:
cmp rdi,#49
jbe gifts
code:
movzx eax,word ptr [rcx+rdx*8+000152C8]
jmp return
gifts:
push ax
mov ax,[yyy]
mov [rcx+rdx*8+000152C8],ax
pop ax
jmp code
yyy:
db #99
GIFT:
jmp newmem
nop
nop
nop
return:
[DISABLE]
GIFT:
db 0F B7 84 D1 C8 52 01 00
unregistersymbol(GIFT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+119589
"AOT2_AS.exe"+119579: CC - int 3
"AOT2_AS.exe"+11957A: CC - int 3
"AOT2_AS.exe"+11957B: CC - int 3
"AOT2_AS.exe"+11957C: CC - int 3
"AOT2_AS.exe"+11957D: CC - int 3
"AOT2_AS.exe"+11957E: CC - int 3
"AOT2_AS.exe"+11957F: CC - int 3
"AOT2_AS.exe"+119580: 8B C2 - mov eax,edx
"AOT2_AS.exe"+119582: 48 8D 14 40 - lea rdx,[rax+rax*2]
"AOT2_AS.exe"+119586: 48 03 D2 - add rdx,rdx
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+119589: 0F B7 84 D1 C8 52 01 00 - movzx eax,word ptr [rcx+rdx*8+000152C8]
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+119591: C3 - ret
"AOT2_AS.exe"+119592: CC - int 3
"AOT2_AS.exe"+119593: CC - int 3
"AOT2_AS.exe"+119594: CC - int 3
"AOT2_AS.exe"+119595: CC - int 3
"AOT2_AS.exe"+119596: CC - int 3
"AOT2_AS.exe"+119597: CC - int 3
"AOT2_AS.exe"+119598: CC - int 3
"AOT2_AS.exe"+119599: CC - int 3
"AOT2_AS.exe"+11959A: CC - int 3
}
236
"Quantity"
808000
Byte
yyy
316
"Friendship (+1000)"
FF0000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2019-07-11
Author : Jeff
This script does blah blah blah
}
[ENABLE]
aobscanmodule(FRIENDY,AOT2_EU.exe,0F B7 50 40 85 C9 74 3C) // should be unique
registersymbol(FRIENDY)
alloc(newmem,$1000,FRIENDY)
label(code)
label(return)
newmem:
mov word [rax+40],#1000
code:
movzx edx,word ptr [rax+40]
test ecx,ecx
jmp return
FRIENDY:
jmp newmem
nop
return:
[DISABLE]
FRIENDY:
db 0F B7 50 40 85 C9
unregistersymbol(FRIENDY)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_AS.exe"+B06718
"AOT2_AS.exe"+B066E1: EB 07 - jmp AOT2_AS.exe+B066EA
"AOT2_AS.exe"+B066E3: 48 81 C1 50 1C 04 00 - add rcx,00041C50
"AOT2_AS.exe"+B066EA: 48 8B 05 DF 27 3C 01 - mov rax,[AOT2_AS.exe+1EC8ED0]
"AOT2_AS.exe"+B066F1: 4C 8B 09 - mov r9,[rcx]
"AOT2_AS.exe"+B066F4: 44 0F B7 83 98 00 00 00 - movzx r8d,word ptr [rbx+00000098]
"AOT2_AS.exe"+B066FC: 8B 40 08 - mov eax,[rax+08]
"AOT2_AS.exe"+B066FF: 0F B6 D0 - movzx edx,al
"AOT2_AS.exe"+B06702: 41 FF 91 F8 00 00 00 - call qword ptr [r9+000000F8]
"AOT2_AS.exe"+B06709: 0F B7 8B 9C 00 00 00 - movzx ecx,word ptr [rbx+0000009C]
"AOT2_AS.exe"+B06710: 44 0F B7 83 9A 00 00 00 - movzx r8d,word ptr [rbx+0000009A]
// ---------- INJECTING HERE ----------
"AOT2_AS.exe"+B06718: 0F B7 50 40 - movzx edx,word ptr [rax+40]
"AOT2_AS.exe"+B0671C: 85 C9 - test ecx,ecx
// ---------- DONE INJECTING ----------
"AOT2_AS.exe"+B0671E: 74 3C - je AOT2_AS.exe+B0675C
"AOT2_AS.exe"+B06720: 83 E9 01 - sub ecx,01
"AOT2_AS.exe"+B06723: 74 2D - je AOT2_AS.exe+B06752
"AOT2_AS.exe"+B06725: 83 E9 01 - sub ecx,01
"AOT2_AS.exe"+B06728: 74 1E - je AOT2_AS.exe+B06748
"AOT2_AS.exe"+B0672A: 83 E9 01 - sub ecx,01
"AOT2_AS.exe"+B0672D: 74 0F - je AOT2_AS.exe+B0673E
"AOT2_AS.exe"+B0672F: 83 F9 01 - cmp ecx,01
"AOT2_AS.exe"+B06732: 75 45 - jne AOT2_AS.exe+B06779
"AOT2_AS.exe"+B06734: 33 C0 - xor eax,eax
}
23938
"=================="
1
24875
"----> From 1.1 Build <----"
808080
1
24879
"/!\ Not Updated /!\"
0000FF
1
24000
"Infinite Dash & Multi-Attacks"
FF0000
Auto Assembler Script
[ENABLE]
aobscanmodule(Infinite_Dash_aob,AOT2_EU.exe,66 41 89 89 90 06 00 00)
alloc(Infinite_Dash,1024,Infinite_Dash_aob)
registersymbol(Infinite_Dash_aob)
label(return)
Infinite_Dash:
mov byte ptr [r9+690],5 //mov [r9+00000690],cx
jmp return
Infinite_Dash_aob:
jmp Infinite_Dash
nop
nop
nop
return:
[DISABLE]
Infinite_Dash_aob:
db 66 41 89 89 90 06 00 00
unregistersymbol(Infinite_Dash_aob)
dealloc(Infinite_Dash)
24850
"Titan Timer & Rage [(LT+Down) Turn ON] - [(LT+Up) Turn OFF]"
FF0000
1
14
"Disables Titan Timer"
008000
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2018-03-29
Author : Mr Space Shark
This script disables the titan timer
}
define(address,"AOT2_EU.exe"+8B553A)
define(bytes,F3 0F 11 41 04)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+8B553A)
label(code)
label(return)
newmem:
code:
nop
nop
nop
nop
nop
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movss [rcx+04],xmm0
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+8B553A
"AOT2_EU.exe"+8B5518: 48 8B 90 B8 02 00 00 - mov rdx,[rax+000002B8]
"AOT2_EU.exe"+8B551F: 48 85 D2 - test rdx,rdx
"AOT2_EU.exe"+8B5522: 74 05 - je AOT2_EU.exe+8B5529
"AOT2_EU.exe"+8B5524: F6 02 04 - test byte ptr [rdx],04
"AOT2_EU.exe"+8B5527: 77 29 - ja AOT2_EU.exe+8B5552
"AOT2_EU.exe"+8B5529: F3 0F 10 41 04 - movss xmm0,[rcx+04]
"AOT2_EU.exe"+8B552E: 0F 57 C9 - xorps xmm1,xmm1
"AOT2_EU.exe"+8B5531: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+8B5534: 72 09 - jb AOT2_EU.exe+8B553F
"AOT2_EU.exe"+8B5536: F3 0F 5C C2 - subss xmm0,xmm2
// ---------- INJECTING HERE ----------
"AOT2_EU.exe"+8B553A: F3 0F 11 41 04 - movss [rcx+04],xmm0
// ---------- DONE INJECTING ----------
"AOT2_EU.exe"+8B553F: F3 0F 10 41 08 - movss xmm0,[rcx+08]
"AOT2_EU.exe"+8B5544: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+8B5547: 72 09 - jb AOT2_EU.exe+8B5552
"AOT2_EU.exe"+8B5549: F3 0F 5C C2 - subss xmm0,xmm2
"AOT2_EU.exe"+8B554D: F3 0F 11 41 08 - movss [rcx+08],xmm0
"AOT2_EU.exe"+8B5552: C3 - ret
"AOT2_EU.exe"+8B5553: CC - int 3
"AOT2_EU.exe"+8B5554: CC - int 3
"AOT2_EU.exe"+8B5555: CC - int 3
"AOT2_EU.exe"+8B5556: CC - int 3
}
Toggle Activation
Titan Timer
0
Activate
Deactivate
Activate
1
Activate
Deactivate
2
24877
"Titan Rage"
0070DF
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2018-04-01
Author : Jeffrey
This script does blah blah blah
}
define(address,"AOT2_EU.exe"+8FA044)
define(bytes,0F BF 80 38 03 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+8FA044)
label(code)
label(return)
newmem:
mov word [rax+00000338],#1000
code:
movsx eax,word ptr [rax+00000338]
jmp return
address:
jmp newmem
nop
nop
return:
[DISABLE]
address:
db bytes
// movsx eax,word ptr [rax+00000338]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+8FA044
"AOT2_EU.exe"+8FA01C: 49 8B C5 - mov rax,r13
"AOT2_EU.exe"+8FA01F: 48 C1 E8 16 - shr rax,16
"AOT2_EU.exe"+8FA023: F3 0F 11 4F 68 - movss [rdi+68],xmm1
"AOT2_EU.exe"+8FA028: 40 84 C5 - test bpl,al
"AOT2_EU.exe"+8FA02B: 75 38 - jne AOT2_EU.exe+8FA065
"AOT2_EU.exe"+8FA02D: 48 8B 83 B0 01 00 00 - mov rax,[rbx+000001B0]
"AOT2_EU.exe"+8FA034: 0F 28 CE - movaps xmm1,xmm6
"AOT2_EU.exe"+8FA037: 0F B7 88 3A 03 00 00 - movzx ecx,word ptr [rax+0000033A]
"AOT2_EU.exe"+8FA03E: 66 44 3B E1 - cmp r12w,cx
"AOT2_EU.exe"+8FA042: 7D 1C - jnl AOT2_EU.exe+8FA060
// ---------- INJECTING HERE ----------
"AOT2_EU.exe"+8FA044: 0F BF 80 38 03 00 00 - movsx eax,word ptr [rax+00000338]
// ---------- DONE INJECTING ----------
"AOT2_EU.exe"+8FA04B: 66 0F 6E C8 - movd xmm1,eax
"AOT2_EU.exe"+8FA04F: 0F BF C1 - movsx eax,cx
"AOT2_EU.exe"+8FA052: 0F 5B C9 - cvtdq2ps xmm1,xmm1
"AOT2_EU.exe"+8FA055: 66 0F 6E C0 - movd xmm0,eax
"AOT2_EU.exe"+8FA059: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"AOT2_EU.exe"+8FA05C: F3 0F 5E C8 - divss xmm1,xmm0
"AOT2_EU.exe"+8FA060: F3 0F 11 4F 70 - movss [rdi+70],xmm1
"AOT2_EU.exe"+8FA065: 48 8B 83 B0 01 00 00 - mov rax,[rbx+000001B0]
"AOT2_EU.exe"+8FA06C: 45 33 FF - xor r15d,r15d
"AOT2_EU.exe"+8FA06F: 44 8B 77 50 - mov r14d,[rdi+50]
}
13
"End Current Titan Form"
000080
Auto Assembler Script
{ Game : AOT2_EU.exe
Version:
Date : 2018-03-29
Author : Mr Space Shark
This script ends current titan form
}
define(address,"AOT2_EU.exe"+8B5529)
define(bytes,F3 0F 10 41 04)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"AOT2_EU.exe"+8B5529)
label(code)
label(return)
newmem:
code:
nop
nop
nop
nop
nop
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movss xmm0,[rcx+04]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+8B5529
"AOT2_EU.exe"+8B5508: A8 01 - test al,01
"AOT2_EU.exe"+8B550A: 75 46 - jne AOT2_EU.exe+8B5552
"AOT2_EU.exe"+8B550C: 49 8B 80 E0 01 00 00 - mov rax,[r8+000001E0]
"AOT2_EU.exe"+8B5513: 48 85 C0 - test rax,rax
"AOT2_EU.exe"+8B5516: 74 11 - je AOT2_EU.exe+8B5529
"AOT2_EU.exe"+8B5518: 48 8B 90 B8 02 00 00 - mov rdx,[rax+000002B8]
"AOT2_EU.exe"+8B551F: 48 85 D2 - test rdx,rdx
"AOT2_EU.exe"+8B5522: 74 05 - je AOT2_EU.exe+8B5529
"AOT2_EU.exe"+8B5524: F6 02 04 - test byte ptr [rdx],04
"AOT2_EU.exe"+8B5527: 77 29 - ja AOT2_EU.exe+8B5552
// ---------- INJECTING HERE ----------
"AOT2_EU.exe"+8B5529: F3 0F 10 41 04 - movss xmm0,[rcx+04]
// ---------- DONE INJECTING ----------
"AOT2_EU.exe"+8B552E: 0F 57 C9 - xorps xmm1,xmm1
"AOT2_EU.exe"+8B5531: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+8B5534: 72 09 - jb AOT2_EU.exe+8B553F
"AOT2_EU.exe"+8B5536: F3 0F 5C C2 - subss xmm0,xmm2
"AOT2_EU.exe"+8B553A: F3 0F 11 41 04 - movss [rcx+04],xmm0
"AOT2_EU.exe"+8B553F: F3 0F 10 41 08 - movss xmm0,[rcx+08]
"AOT2_EU.exe"+8B5544: 0F 2F C1 - comiss xmm0,xmm1
"AOT2_EU.exe"+8B5547: 72 09 - jb AOT2_EU.exe+8B5552
"AOT2_EU.exe"+8B5549: F3 0F 5C C2 - subss xmm0,xmm2
"AOT2_EU.exe"+8B554D: F3 0F 11 41 08 - movss [rcx+08],xmm0
}
Toggle Activation
End Titan Form
0
Activate
Deactivate
Activate
1
Deactivate
Deactivate
2
23945
"=================="
1
24855
"--------> Others <--------"
808080
1
24863
"-> For all others features, just use the Fling's Trainer for now."
0000FF
1
24864
"https://www.gamecopyworld.com/games/pc_attack_on_titan_2.shtml#Attack%20on%20Titan%202%20v1.0%20-%20v20190705%20+21%20TRAINER"
0000FF
1
24885
"=================="
1
24865
""
1
24893
"/!\ Read the Table Extras for more infos /!\"
000080
1
===============================================================================================
===============================================================================================
ALL CREDITS GO TO HSD602 FOR THE CODES FROM THE AS VERSION OF THE GAME,
AND TO FAKEPIXIV FOR THE TITAN TIMER.
I SIMPLY TRANSLATED AND CONVERTED THE CODES FROM AS VERSION TO EU VERSION OF THE GAME.
UNFORTUNATELY, I'M NOT AN EXPERT WITH CE SCRIPTS, SO THERE WILL BE NO UPDATES OR NEW CODES UNTIL HSD602 OR SOMEONE ELSE ADDS THEM, AND I'LL BE HAPPY TO ADD THEM TO THIS CHEAT TABLE.
===============================================================================================
===============================================================================================
Info: All 'orange color' codes should work but haven't been tested by Me, simply because I've not yet watched the season 3 of Shingeki no Kyojin and I don't want to spoil me (^_^)
So, if anyone knows what code does what, tell me on the Forum and i could update the descriptions for a better understanding for everyone.
===============================================================================================
Battle using the Final Battle System +
-> Increase the use of combat weapons in the battle (use Melee or Shooting attacks, in order to switch weapon type).
-> The advantages are used at the beginning without the need for rescue missions.
-> Disadvantages, the Player will pack himself up, people will become transparent,
and the Character Chapter Mode will be unable to fly because of the knife.
-> Tested in "Another Mode" but can't activate it in this Mode.
-> I've not started the new update, so i don't know what it does in New Modes.
===============================================================================================
Awakening Ability Value
-> Tested in "Another Mode" but can't see what it does.
-> I've not started the new update, so i don't know what it does in New Modes.
===============================================================================================
Training Value
-> Tested in "Another Mode" but can't activate it in this Mode.
-> I've not started the new update, so i don't know what it does in New Modes.
===============================================================================================
Player Data / Current Character / Names
-> For the 'Hooded/Cloaked Avatar', it's the character's model used during the prologue of
the game. So it'll only change your Avatar appearance during battles, and so, use Him only
when you've selected the Avatar before to avoid bugs ...
-> For the New Characters presents in this update, since i've not yet watched the season 3
I don't know who they are, and I don't want to for now (^_^)
===============================================================================================
Player Data / Skills / Equipe All Skills
-> To activate the code, go to your Skill Menu, press the [UP ARROW] key on your keyboard,
exit all Menus, then deactive the code by pressing [DOWN ARROW] key on your keyboard.
Once the code is deactivated, you can always disable the skills that you don't want.
===============================================================================================
Extra info: For the "Infinite Dash & Multi-Attacks" script from version 1.1 present in this CT, it was created by an User of this forum, but since the script is not signed, I can't ask him if he can update it. So, if someone know how to Update an aobscan script, i think it'll not be too difficult to have this Code updated for the actual CODEX version of the game.
===============================================================================================
===============================================================================================