213
"Hook Pointers"
Auto Assembler Script
define(address,World:WorldEventUpdateTime+20 )
define(bytes,48 8B F1 48 8B 86 78 01 00 00)
define(address5,ItemValue:get_Texture+31)
define(bytes5,F3 0F 10 46 28)
define(address9,ItemActionRanged:OnHoldingUpdate+18 )
define(bytes9,48 8B F9 48 8B F2)
[ENABLE]
{$lua}
if syntaxcheck then return end
if process and readInteger(process) ~= 0 then
mono_initialize()
LaunchMonoDataCollector()
else
local msg = 'No process detected.'
print(msg)
error(msg)
end
{$asm}
// ---------------------------------------------------------------------------
assert(address,bytes)
alloc(newmem,$1000,World:WorldEventUpdateTime+20)
registersymbol(GameManagerPNTR)
alloc(GameManagerPNTR,8,World:WorldEventUpdateTime+20)
registersymbol(WorldPNTR)
alloc(WorldPNTR,8,World:WorldEventUpdateTime+20)
registersymbol(EntityPlayerLocalPNTR)
alloc(EntityPlayerLocalPNTR,8,World:WorldEventUpdateTime+20)
label(code)
label(return)
newmem:
mov [GameManagerPNTR],rdi
mov [WorldPNTR],rcx
mov rsi,[rcx+90]
mov [EntityPlayerLocalPNTR],rsi
code:
mov rsi,rcx
mov rax,[rsi+00000178]
jmp return
address:
jmp newmem
nop 5
return:
// ---------------------------------------------------------------------------
assert(address5,bytes5)
alloc(newmem5,$1000,ItemValue:get_Texture+31)
registersymbol(handItemPNTR)
alloc(handItemPNTR,8,ItemValue:get_Texture+31)
label(code5)
label(return5)
newmem5:
mov [handItemPNTR],rsi
code5:
movss xmm0,[rsi+28]
jmp return5
address5:
jmp newmem5
return5:
// ---------------------------------------------------------------------------
assert(address9,bytes9)
alloc(newmem9,$1000,ItemActionRanged:OnHoldingUpdate+18 )
registersymbol(ItemActionDataRangedPNTR)
alloc(ItemActionDataRangedPNTR,8,ItemActionRanged:OnHoldingUpdate+18)
label(code9)
label(return9)
newmem9:
mov [ItemActionDataRangedPNTR],rdx
code9:
mov rdi,rcx
mov rsi,rdx
jmp return9
address9:
jmp newmem9
nop
return9:
// ---------------------------------------------------------------------------
[DISABLE]
address:
db bytes
dealloc(newmem)
unregistersymbol(GameManagerPNTR)
dealloc(GameManagerPNTR)
unregistersymbol(WorldPNTR)
dealloc(WorldPNTR)
unregistersymbol(EntityPlayerLocalPNTR)
dealloc(EntityPlayerLocalPNTR)
// ---------------------------------------------------------------------------
address5:
db bytes5
dealloc(newmem5)
unregistersymbol(handItemPNTR)
dealloc(handItemPNTR)
// ---------------------------------------------------------------------------
address9:
db bytes9
dealloc(newmem9)
unregistersymbol(ItemActionDataRangedPNTR)
dealloc(ItemActionDataRangedPNTR)
217
"Pointer Dev"
1
214
"Game Manager"
1
8 Bytes
GameManagerPNTR
0
215
"World"
1
8 Bytes
WorldPNTR
0
222
"EntityPlayerLocal"
1
8 Bytes
EntityPlayerLocalPNTR
0
228
"Player EntityStats"
1
8 Bytes
EntityPlayerLocalPNTR
5b0
234
"Progression"
1
8 Bytes
EntityPlayerLocalPNTR
5c0
229
"m_localPlayerId"
1
4 Bytes
EntityPlayerLocalPNTR
7c
5b0
257
"ItemActionDataRangedPNTR"
1
8 Bytes
ItemActionDataRangedPNTR
0
268
"handItemPNTR"
1
8 Bytes
handItemPNTR
0
237
"Player"
0000FF
1
235
"ExpToNextLevel"
4 Bytes
EntityPlayerLocalPNTR
3c
5c0
236
"ExpDeficit"
4 Bytes
EntityPlayerLocalPNTR
40
5c0
238
"Level"
4 Bytes
EntityPlayerLocalPNTR
44
5c0
239
"SkillPoints"
4 Bytes
EntityPlayerLocalPNTR
48
5c0
244
"Fly Mode"
0:Off
1:On
Byte
EntityPlayerLocalPNTR
28
60
245
"No Collision (Needs Fly Mode)"
0:Off
1:On
Byte
EntityPlayerLocalPNTR
28
70
246
"Ignored By AI"
0:Off
1:On
Byte
EntityPlayerLocalPNTR
307
261
"Stats"
0080FF
1
260
"killedZombies"
0:Off
1:On
4 Bytes
EntityPlayerLocalPNTR
79c
262
"killedPlayers"
0:Off
1:On
4 Bytes
EntityPlayerLocalPNTR
7a0
263
"Deaths"
0:Off
1:On
4 Bytes
EntityPlayerLocalPNTR
794
264
"Crafted Items"
0:Off
1:On
4 Bytes
EntityPlayerLocalPNTR
9ec
265
"longestLife"
0:Off
1:On
Float
EntityPlayerLocalPNTR
9f0
266
"currentLife"
0:Off
1:On
Float
EntityPlayerLocalPNTR
9f4
267
"totalTimePlayed"
0:Off
1:On
Float
EntityPlayerLocalPNTR
9f8
270
"Hand Item"
008000
1
273
"Quality"
4 Bytes
handItemPNTR
30
269
"SelectedAmmoTypeIndex"
0:Norm
1:HP
2:AP
Byte
handItemPNTR
25
276
"Meta (Ammo, etc?)"
4 Bytes
handItemPNTR
2c
274
"Seed"
2 Bytes
handItemPNTR
25
275
"UseTimes (Durability)"
Float
handItemPNTR
28
224
"World"
008000
1
218
"World Time"
8 Bytes
WorldPNTR
178
219
"Dawn Hour"
4 Bytes
WorldPNTR
180
220
"Dusk Hour"
4 Bytes
WorldPNTR
184
221
"Next World Event Time"
8 Bytes
WorldPNTR
1c8
225
"Is Event Blood Moon"
Byte
WorldPNTR
1c0
231
"Scripts"
1
204
"Health (Avoids One Shots)"
0000FF
Auto Assembler Script
define(address,EntityAlive:get_Health+f )
define(bytes,48 8B 80 B0 05 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityAlive:get_Health+f )
label(code)
label(return)
newmem:
mov rax,[rax+000005B0] // EntityStats
cmp [rax+91],1 // m_isEntityPlayer
jne return
mov rcx,[rax+10] // Health (type: Stat)
movss xmm0, [rcx+20] // m_baseMax (type: System.Single)
movss [rcx+2c], xmm0 // m_value (type: System.Single)
code:
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// mov rax,[rax+000005B0]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityAlive:get_Health+f
2E2864CCD6: 00 00 - add [rax],al
2E2864CCD8: 00 00 - add [rax],al
2E2864CCDA: 00 00 - add [rax],al
2E2864CCDC: 00 00 - add [rax],al
2E2864CCDE: 00 00 - add [rax],al
2E2864CCE0: 55 - push rbp
2E2864CCE1: 48 8B EC - mov rbp,rsp
2E2864CCE4: 48 83 EC 30 - sub rsp,30
2E2864CCE8: 48 89 4D F8 - mov [rbp-08],rcx
2E2864CCEC: 48 8B C1 - mov rax,rcx
// ---------- INJECTING HERE ----------
2E2864CCEF: 48 8B 80 B0 05 00 00 - mov rax,[rax+000005B0]
// ---------- DONE INJECTING ----------
2E2864CCF6: 48 8B 40 10 - mov rax,[rax+10]
2E2864CCFA: 48 8B C8 - mov rcx,rax
2E2864CCFD: 83 38 00 - cmp dword ptr [rax],00
2E2864CD00: 48 8D 64 24 00 - lea rsp,[rsp+00]
2E2864CD05: 90 - nop
2E2864CD06: 49 BB 40 CD 64 28 2E 00 00 00 - mov r11,0000002E2864CD40
2E2864CD10: 41 FF D3 - call r11
2E2864CD13: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2E2864CD17: F2 0F 2C C0 - cvttsd2si eax,xmm0
2E2864CD1B: 48 8D 65 00 - lea rsp,[rbp+00]
}
241
"Stamina "
0000FF
Auto Assembler Script
define(address,EntityAlive:get_Stamina+f )
define(bytes,48 8B 80 B0 05 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityAlive:get_Stamina+f )
label(code)
label(return)
newmem:
mov rax,[rax+000005B0] // EntityStats
cmp [rax+91],1 // m_isEntityPlayer
jne return
mov rcx,[rax+18]
movss xmm0, [rcx+20] // m_baseMax (type: System.Single)
movss [rcx+2c], xmm0 // m_value (type: System.Single)
code:
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// mov rax,[rax+000005B0]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityAlive:get_Stamina+f
22BDFCE43: 05 04 03 01 50 - add eax,50010304
22BDFCE48: 00 00 - add [rax],al
22BDFCE4A: 00 00 - add [rax],al
22BDFCE4C: 00 00 - add [rax],al
22BDFCE4E: 00 00 - add [rax],al
22BDFCE50: 55 - push rbp
22BDFCE51: 48 8B EC - mov rbp,rsp
22BDFCE54: 48 83 EC 30 - sub rsp,30
22BDFCE58: 48 89 4D F8 - mov [rbp-08],rcx
22BDFCE5C: 48 8B C1 - mov rax,rcx
// ---------- INJECTING HERE ----------
22BDFCE5F: 48 8B 80 B0 05 00 00 - mov rax,[rax+000005B0]
// ---------- DONE INJECTING ----------
22BDFCE66: 48 8B 40 18 - mov rax,[rax+18]
22BDFCE6A: 48 8B C8 - mov rcx,rax
22BDFCE6D: 83 38 00 - cmp dword ptr [rax],00
22BDFCE70: 48 8D 64 24 00 - lea rsp,[rsp+00]
22BDFCE75: 90 - nop
22BDFCE76: 49 BB 40 3B E0 11 02 00 00 00 - mov r11,0000000211E03B40
22BDFCE80: 41 FF D3 - call r11
22BDFCE83: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
22BDFCE87: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
22BDFCE8B: 48 8D 65 00 - lea rsp,[rbp+00]
}
243
"Food & Water "
0000FF
Auto Assembler Script
define(address,EntityAlive:get_Stamina+16 )
define(bytes,48 8B 40 18 48 8B C8)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityAlive:get_Stamina+16 )
label(code)
label(return)
newmem:
cmp [rax+91],1 // m_isEntityPlayer
jne return
mov rcx,[rax+30] // Food
movss xmm0, [rcx+20] // m_baseMax
movss [rcx+2c], xmm0 // m_value
mov rcx,[rax+28] // Water
movss xmm0, [rcx+20] // m_baseMax
movss [rcx+2c], xmm0 // m_value
code:
mov rax,[rax+18]
mov rcx,rax
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// mov rax,[rax+18]
// mov rcx,rax
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityAlive:get_Stamina+16
4C437DBD2A: 00 00 - add [rax],al
4C437DBD2C: 00 00 - add [rax],al
4C437DBD2E: 00 00 - add [rax],al
4C437DBD30: 55 - push rbp
4C437DBD31: 48 8B EC - mov rbp,rsp
4C437DBD34: 48 83 EC 30 - sub rsp,30
4C437DBD38: 48 89 4D F8 - mov [rbp-08],rcx
4C437DBD3C: 48 8B C1 - mov rax,rcx
4C437DBD3F: E9 BC 42 71 F9 - jmp 4C3CEF0000
4C437DBD44: 66 90 - nop 2
// ---------- INJECTING HERE ----------
4C437DBD46: 48 8B 40 18 - mov rax,[rax+18]
4C437DBD4A: 48 8B C8 - mov rcx,rax
// ---------- DONE INJECTING ----------
4C437DBD4D: 83 38 00 - cmp dword ptr [rax],00
4C437DBD50: 48 8D 64 24 00 - lea rsp,[rsp+00]
4C437DBD55: 90 - nop
4C437DBD56: 49 BB D0 59 A4 53 4C 00 00 00 - mov r11,0000004C53A459D0
4C437DBD60: 41 FF D3 - call r11
4C437DBD63: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
4C437DBD67: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
4C437DBD6B: 48 8D 65 00 - lea rsp,[rbp+00]
4C437DBD6F: 5D - pop rbp
4C437DBD70: C3 - ret
}
199
"Nice Weather"
0000FF
Auto Assembler Script
define(address,EntityStats:UpdateWeatherStats+381 )
define(bytes,F2 0F 5C C1 F2 0F 5A E8)
define(address2,EntityStats:UpdateWeatherStats+343 )
define(bytes2,F3 0F 11 AE A0 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityStats:UpdateWeatherStats+381 )
label(code)
label(return)
newmem:
code:
//subsd xmm0,xmm1
cvtsd2ss xmm5,xmm0
jmp return
address:
jmp newmem
nop 3
return:
assert(address2,bytes2)
alloc(newmem2,$1000,EntityStats:UpdateWeatherStats+343 )
label(code2)
label(return2)
newmem2:
code2:
movss xmm5,[Nice]
movss [rsi+000000A0],xmm5
jmp return2
Nice:
dq (float)70
address2:
jmp newmem2
nop 3
return2:
[DISABLE]
address:
db bytes
// subsd xmm0,xmm1
// cvtsd2ss xmm5,xmm0
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityStats:UpdateWeatherStats+381
2EEDA635FB: F3 0F 10 86 A0 00 00 00 - movss xmm0,[rsi+000000A0]
2EEDA63603: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA63607: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
2EEDA6360B: F3 0F 11 6D 94 - movss [rbp-6C],xmm5
2EEDA63610: F3 0F 10 86 A0 00 00 00 - movss xmm0,[rsi+000000A0]
2EEDA63618: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA6361C: 48 B8 08 8E 76 2C 2F 00 00 00 - mov rax,0000002F2C768E08
2EEDA63626: 48 63 00 - movsxd rax,dword ptr [rax]
2EEDA63629: F3 0F 2A C8 - cvtsi2ss xmm1,eax
2EEDA6362D: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
// ---------- INJECTING HERE ----------
2EEDA63631: F2 0F 5C C1 - subsd xmm0,xmm1
2EEDA63635: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
// ---------- DONE INJECTING ----------
2EEDA63639: F3 0F 11 AE A0 00 00 00 - movss [rsi+000000A0],xmm5
2EEDA63641: F3 0F 10 45 94 - movss xmm0,[rbp-6C]
2EEDA63646: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA6364A: F2 0F 11 85 50 FF FF FF - movsd [rbp-000000B0],xmm0
2EEDA63652: F3 0F 10 05 B6 05 00 00 - movss xmm0,[2EEDA63C10]
2EEDA6365A: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA6365E: F2 0F 11 85 48 FF FF FF - movsd [rbp-000000B8],xmm0
2EEDA63666: 48 8B 46 70 - mov rax,[rsi+70]
2EEDA6366A: 48 8B C8 - mov rcx,rax
2EEDA6366D: 83 38 00 - cmp dword ptr [rax],00
}
address2:
db bytes2
// movss [rsi+000000A0],xmm5
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: EntityStats:UpdateWeatherStats+343
2EEDA635C5: 90 - nop
2EEDA635C6: 49 BB 90 3F A6 ED 2E 00 00 00 - mov r11,0000002EEDA63F90
2EEDA635D0: 41 FF D3 - call r11
2EEDA635D3: 40 88 86 84 00 00 00 - mov [rsi+00000084],al
2EEDA635DA: 48 8B CE - mov rcx,rsi
2EEDA635DD: 90 - nop
2EEDA635DE: 49 BB 10 45 A6 ED 2E 00 00 00 - mov r11,0000002EEDA64510
2EEDA635E8: 41 FF D3 - call r11
2EEDA635EB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA635EF: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
// ---------- INJECTING HERE ----------
2EEDA635F3: F3 0F 11 AE A0 00 00 00 - movss [rsi+000000A0],xmm5
// ---------- DONE INJECTING ----------
2EEDA635FB: F3 0F 10 86 A0 00 00 00 - movss xmm0,[rsi+000000A0]
2EEDA63603: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA63607: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
2EEDA6360B: F3 0F 11 6D 94 - movss [rbp-6C],xmm5
2EEDA63610: F3 0F 10 86 A0 00 00 00 - movss xmm0,[rsi+000000A0]
2EEDA63618: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
2EEDA6361C: 48 B8 08 8E 76 2C 2F 00 00 00 - mov rax,0000002F2C768E08
2EEDA63626: 48 63 00 - movsxd rax,dword ptr [rax]
2EEDA63629: F3 0F 2A C8 - cvtsi2ss xmm1,eax
2EEDA6362D: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
}
279
"No Fall Damage"
0000FF
Auto Assembler Script
define(address,EntityPlayerLocal:FallImpact+12 )
define(bytes,F3 0F 11 8D D0 FE FF FF)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityPlayerLocal:FallImpact+12 )
label(code)
label(return)
newmem:
movss xmm1,[zero]
code:
movss [rbp-00000130],xmm1
jmp return
zero:
dq (float)0
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// movss [rbp-00000130],xmm1
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityPlayerLocal:FallImpact+12
5D4B1DD683: 05 04 03 01 50 - add eax,50010304
5D4B1DD688: 00 00 - add [rax],al
5D4B1DD68A: 00 00 - add [rax],al
5D4B1DD68C: 00 00 - add [rax],al
5D4B1DD68E: 00 00 - add [rax],al
5D4B1DD690: 55 - push rbp
5D4B1DD691: 48 8B EC - mov rbp,rsp
5D4B1DD694: 48 81 EC 90 01 00 00 - sub rsp,00000190
5D4B1DD69B: 48 89 75 F8 - mov [rbp-08],rsi
5D4B1DD69F: 48 8B F1 - mov rsi,rcx
// ---------- INJECTING HERE ----------
5D4B1DD6A2: F3 0F 11 8D D0 FE FF FF - movss [rbp-00000130],xmm1
// ---------- DONE INJECTING ----------
5D4B1DD6AA: C7 85 E0 FE FF FF 00 00 00 00 - mov [rbp-00000120],00000000
5D4B1DD6B4: C7 85 E4 FE FF FF 00 00 00 00 - mov [rbp-0000011C],00000000
5D4B1DD6BE: C7 85 E8 FE FF FF 00 00 00 00 - mov [rbp-00000118],00000000
5D4B1DD6C8: C7 85 F0 FE FF FF 00 00 00 00 - mov [rbp-00000110],00000000
5D4B1DD6D2: C7 85 F4 FE FF FF 00 00 00 00 - mov [rbp-0000010C],00000000
5D4B1DD6DC: 33 C0 - xor eax,eax
5D4B1DD6DE: 48 89 85 F8 FE FF FF - mov [rbp-00000108],rax
5D4B1DD6E5: 48 89 85 00 FF FF FF - mov [rbp-00000100],rax
5D4B1DD6EC: 48 8B 8E E0 00 00 00 - mov rcx,[rsi+000000E0]
5D4B1DD6F3: 33 D2 - xor edx,edx
}
206
"Speed Hack"
0000FF
Auto Assembler Script
define(address,EntityPlayerLocal:GetSpeedModifier+ab )
define(bytes,48 8B 75 F8 48 8D 65 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityPlayerLocal:GetSpeedModifier+ab )
label(code)
label(return)
newmem:
movss xmm0,[Fast]
code:
mov rsi,[rbp-08]
lea rsp,[rbp+00]
jmp return
Fast:
dq (float)5
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// mov rsi,[rbp-08]
// lea rsp,[rbp+00]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityPlayerLocal:GetSpeedModifier+ab
231F54882B: E9 2B 00 00 00 - jmp 231F54885B
231F548830: 48 8B CE - mov rcx,rsi
231F548833: 66 66 90 - nop 3
231F548836: 49 BB 75 88 54 1F 23 00 00 00 - mov r11,000000231F548875
231F548840: 41 FF D3 - call r11
231F548843: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
231F548847: F3 0F 10 8E D0 0C 00 00 - movss xmm1,[rsi+00000CD0]
231F54884F: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
231F548853: F2 0F 59 C1 - mulsd xmm0,xmm1
231F548857: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
// ---------- INJECTING HERE ----------
231F54885B: 48 8B 75 F8 - mov rsi,[rbp-08]
231F54885F: 48 8D 65 00 - lea rsp,[rbp+00]
// ---------- DONE INJECTING ----------
231F548863: 5D - pop rbp
231F548864: C3 - ret
231F548865: 00 00 - add [rax],al
231F548867: 00 01 - add [rcx],al
231F548869: 04 02 - add al,02
231F54886B: 05 04 03 01 50 - add eax,50010304
231F548870: 00 00 - add [rax],al
231F548872: 00 00 - add [rax],al
231F548874: 00 E8 - add al,ch
231F548876: A6 - cmpsb
}
212
"Zombie No Digging"
Auto Assembler Script
define(address,EntityMoveHelper:DigStart+13 )
define(bytes,48 8B F2 48 8B 47 60)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityMoveHelper:DigStart+13 )
label(code)
label(return)
newmem:
mov rdx,0
code:
mov rsi,rdx
mov rax,[rdi+60]
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// mov rsi,rdx
// mov rax,[rdi+60]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityMoveHelper:DigStart+13
A955706918: 00 00 - add [rax],al
A95570691A: 00 00 - add [rax],al
A95570691C: 00 00 - add [rax],al
A95570691E: 00 00 - add [rax],al
A955706920: 55 - push rbp
A955706921: 48 8B EC - mov rbp,rsp
A955706924: 48 83 EC 60 - sub rsp,60
A955706928: 48 89 75 F0 - mov [rbp-10],rsi
A95570692C: 48 89 7D F8 - mov [rbp-08],rdi
A955706930: 48 8B F9 - mov rdi,rcx
// ---------- INJECTING HERE ----------
A955706933: 48 8B F2 - mov rsi,rdx
A955706936: 48 8B 47 60 - mov rax,[rdi+60]
// ---------- DONE INJECTING ----------
A95570693A: 48 05 90 01 00 00 - add rax,00000190
A955706940: 48 63 08 - movsxd rcx,dword ptr [rax]
A955706943: 89 4D E0 - mov [rbp-20],ecx
A955706946: 48 63 48 04 - movsxd rcx,dword ptr [rax+04]
A95570694A: 89 4D E4 - mov [rbp-1C],ecx
A95570694D: 48 63 40 08 - movsxd rax,dword ptr [rax+08]
A955706951: 89 45 E8 - mov [rbp-18],eax
A955706954: 48 8D 87 1C 01 00 00 - lea rax,[rdi+0000011C]
A95570695B: 48 63 4D E0 - movsxd rcx,dword ptr [rbp-20]
A95570695F: 89 08 - mov [rax],ecx
}
278
"Zombies Alway Raging"
Auto Assembler Script
define(address,EntityAlive:get_Raging+4a )
define(bytes,48 8B 75 F8 48 8D 65 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityAlive:get_Raging+4a )
label(code)
label(return)
newmem:
mov eax,0
code:
mov rsi,[rbp-08]
lea rsp,[rbp+00]
jmp return
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// mov rsi,[rbp-08]
// lea rsp,[rbp+00]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityAlive:get_Raging+4a
5C8C5F1E08: 41 FF D3 - call r11
5C8C5F1E0B: 85 C0 - test eax,eax
5C8C5F1E0D: 74 19 - je 5C8C5F1E28
5C8C5F1E0F: 48 8B 86 B0 00 00 00 - mov rax,[rsi+000000B0]
5C8C5F1E16: 48 8B 40 18 - mov rax,[rax+18]
5C8C5F1E1A: 48 8B C8 - mov rcx,rax
5C8C5F1E1D: 48 8B 00 - mov rax,[rax]
5C8C5F1E20: FF 90 68 02 00 00 - call qword ptr [rax+00000268]
5C8C5F1E26: EB 02 - jmp 5C8C5F1E2A
5C8C5F1E28: 33 C0 - xor eax,eax
// ---------- INJECTING HERE ----------
5C8C5F1E2A: 48 8B 75 F8 - mov rsi,[rbp-08]
5C8C5F1E2E: 48 8D 65 00 - lea rsp,[rbp+00]
// ---------- DONE INJECTING ----------
5C8C5F1E32: 5D - pop rbp
5C8C5F1E33: C3 - ret
5C8C5F1E34: 00 00 - add [rax],al
5C8C5F1E36: 00 00 - add [rax],al
5C8C5F1E38: 01 04 02 - add [rdx+rax],eax
5C8C5F1E3B: 05 04 03 01 50 - add eax,50010304
5C8C5F1E40: 00 00 - add [rax],al
5C8C5F1E42: 00 00 - add [rax],al
5C8C5F1E44: 00 00 - add [rax],al
5C8C5F1E46: 00 00 - add [rax],al
}
115
"Infinite Durability"
FF0000
Auto Assembler Script
{ Game : 7daystodie.exe
Version:
Date : 2020-07-14
Author : moo
This script does blah blah blah
}
define(address,ItemActionDynamic:hitTarget+626 )
define(bytes,F2 0F 10 85 48 FC FF FF)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,ItemActionDynamic:hitTarget+626 )
label(code)
label(return)
newmem:
code:
movsd xmm0,[zero]
jmp return
zero:
dq (double)0
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// movsd xmm0,[rbp-000003B8]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: ItemActionDynamic:hitTarget+626
1C1DB92641: 4C 8B 85 30 FF FF FF - mov r8,[rbp-000000D0]
1C1DB92648: 4C 89 85 40 FF FF FF - mov [rbp-000000C0],r8
1C1DB9264F: 48 89 44 24 28 - mov [rsp+28],rax
1C1DB92654: F2 0F 10 D0 - movsd xmm2,xmm0
1C1DB92658: F2 0F 5A D2 - cvtsd2ss xmm2,xmm2
1C1DB9265C: 66 90 - nop 2
1C1DB9265E: 49 BB 87 67 25 02 1C 00 00 00 - mov r11,0000001C02256787
1C1DB92668: 41 FF D3 - call r11
1C1DB9266B: F3 0F 5A C8 - cvtss2sd xmm1,xmm0
1C1DB9266F: 48 8B 85 58 FC FF FF - mov rax,[rbp-000003A8]
// ---------- INJECTING HERE ----------
1C1DB92676: F2 0F 10 85 48 FC FF FF - movsd xmm0,[rbp-000003B8]
// ---------- DONE INJECTING ----------
1C1DB9267E: F2 0F 58 C1 - addsd xmm0,xmm1
1C1DB92682: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
1C1DB92686: F3 0F 11 68 28 - movss [rax+28],xmm5
1C1DB9268B: 49 8B 47 18 - mov rax,[r15+18]
1C1DB9268F: C6 40 73 00 - mov byte ptr [rax+73],00
1C1DB92693: 48 8B 47 10 - mov rax,[rdi+10]
1C1DB92697: 48 85 C0 - test rax,rax
1C1DB9269A: 0F 84 AD 02 00 00 - je 1C1DB9294D
1C1DB926A0: 48 8B 4F 10 - mov rcx,[rdi+10]
1C1DB926A4: 66 90 - nop 2
}
114
"Ranged Infinite Durability"
FF0000
Auto Assembler Script
{ Game : 7daystodie.exe
Version:
Date : 2020-07-14
Author : moo
This script does blah blah blah
}
define(address,ItemActionRanged:ExecuteAction+8ee )
define(bytes,F2 0F 10 85 50 FD FF FF)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,ItemActionRanged:ExecuteAction+8ee )
label(code)
label(return)
newmem:
code:
movsd xmm0,[zero]
jmp return
zero:
dq (double)0
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// movsd xmm0,[rbp-000002B0]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: ItemActionRanged:ExecuteAction+8ee
1C01B1B847: 4C 8B 85 80 FE FF FF - mov r8,[rbp-00000180]
1C01B1B84E: 4C 89 85 90 FE FF FF - mov [rbp-00000170],r8
1C01B1B855: 48 89 44 24 28 - mov [rsp+28],rax
1C01B1B85A: F2 0F 10 D0 - movsd xmm2,xmm0
1C01B1B85E: F2 0F 5A D2 - cvtsd2ss xmm2,xmm2
1C01B1B862: 48 8D 6D 00 - lea rbp,[rbp+00]
1C01B1B866: 49 BB 87 67 25 02 1C 00 00 00 - mov r11,0000001C02256787
1C01B1B870: 41 FF D3 - call r11
1C01B1B873: F3 0F 5A C8 - cvtss2sd xmm1,xmm0
1C01B1B877: 48 8B 85 60 FD FF FF - mov rax,[rbp-000002A0]
// ---------- INJECTING HERE ----------
1C01B1B87E: F2 0F 10 85 50 FD FF FF - movsd xmm0,[rbp-000002B0]
// ---------- DONE INJECTING ----------
1C01B1B886: F2 0F 58 C1 - addsd xmm0,xmm1
1C01B1B88A: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
1C01B1B88E: F3 0F 11 68 28 - movss [rax+28],xmm5
1C01B1B893: 49 8B 46 10 - mov rax,[r14+10]
1C01B1B897: 48 8B C8 - mov rcx,rax
1C01B1B89A: 83 38 00 - cmp dword ptr [rax],00
1C01B1B89D: 90 - nop
1C01B1B89E: 49 BB F4 6F D0 1E 1C 00 00 00 - mov r11,0000001C1ED06FF4
1C01B1B8A8: 41 FF D3 - call r11
1C01B1B8AB: 48 8B C8 - mov rcx,rax
}
42
"Ranged Ammo No Decrease"
FF0000
Auto Assembler Script
define(address,ItemActionRanged:ConsumeAmmo+2f)
define(bytes,FF C9)
define(on,90 90)
[ENABLE]
assert(address,bytes)
address:
db on
[DISABLE]
address:
db bytes
277
"Fire Rate STUPID v2"
FF0000
Auto Assembler Script
define(address,ItemActionRanged:OnHoldingUpdate+15c )
define(bytes,F3 41 0F 10 97 68 01 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,ItemActionRanged:OnHoldingUpdate+15c )
label(code)
label(return)
newmem:
// r15 = ItemActionDataRanged
movss xmm2,[zero]
movss [r15+00000168],xmm2
code:
//movss xmm2,[r15+00000168]
jmp return
zero:
// increase this number to slow rate of fire
// m60 with some skills - 0.1315238327
dq (float)0
address:
jmp newmem
nop 4
return:
[DISABLE]
address:
db bytes
dealloc(newmem)
255
"Crosshair Zeroed"
FF0000
Auto Assembler Script
define(address,EntityPlayerLocal:Update+1c35 )
define(bytes,F3 0F 10 8B E8 00 00 00)
define(address2,ItemActionRanged:updateAccuracy+87e )
define(bytes2,F3 41 0F 10 87 E8 00 00 00)
define(address5,ItemActionRanged:updateAccuracy+a0b )
define(bytes5,F3 0F 11 AE E8 00 00 00)
define(address9,ItemActionRanged:updateAccuracy+a3e )
define(bytes9,F3 0F 10 86 E8 00 00 00)
define(address14,EntityPlayerLocal:guiDrawCrosshair+4ca )
define(bytes14,F3 0F 10 88 E8 00 00 00)
define(address20,EntityPlayerLocal:guiDrawCrosshair+78f )
define(bytes20,F3 0F 10 88 E8 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityPlayerLocal:Update+1c35 )
label(code)
label(return)
newmem:
movss xmm1,[zero]
code:
movss xmm1,[rbx+000000E8]
jmp return
zero:
dq (float)0
address:
jmp newmem
nop 3
return:
assert(address2,bytes2)
alloc(newmem2,$1000,ItemActionRanged:updateAccuracy+87e )
label(code2)
label(return2)
newmem2:
movss xmm0,[zero2]
code2:
movss xmm0,[r15+000000E8]
jmp return2
zero2:
dq (float)0
address2:
jmp newmem2
nop 4
return2:
assert(address5,bytes5)
alloc(newmem5,$1000,ItemActionRanged:updateAccuracy+a0b )
label(code5)
label(return5)
newmem5:
movss xmm5,[zero3]
code5:
movss [rsi+000000E8],xmm5
jmp return5
zero3:
dq (float)0
address5:
jmp newmem5
nop 3
return5:
assert(address9,bytes9)
alloc(newmem9,$1000,ItemActionRanged:updateAccuracy+a3e )
label(code9)
label(return9)
newmem9:
movss xmm0,[zero4]
code9:
movss xmm0,[rsi+000000E8]
jmp return9
zero4:
dq (float)0
address9:
jmp newmem9
nop 3
return9:
assert(address14,bytes14)
alloc(newmem14,$1000,EntityPlayerLocal:guiDrawCrosshair+4ca )
label(code14)
label(return14)
newmem14:
movss xmm1,[zero5]
code14:
movss xmm1,[rax+000000E8]
jmp return14
zero5:
dq (float)0
address14:
jmp newmem14
nop 3
return14:
assert(address20,bytes20)
alloc(newmem20,$1000,EntityPlayerLocal:guiDrawCrosshair+78f )
label(code20)
label(return20)
newmem20:
movss xmm1,[zero6]
code20:
movss xmm1,[rax+000000E8]
jmp return20
zero6:
dq (float)0
address20:
jmp newmem20
nop 3
return20:
[DISABLE]
address:
db bytes
// movss xmm1,[rbx+000000E8]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityPlayerLocal:Update+1c35
7F79B04AC0: 4D 85 E4 - test r12,r12
7F79B04AC3: 74 20 - je 7F79B04AE5
7F79B04AC5: 49 8B 04 24 - mov rax,[r12]
7F79B04AC9: 48 8B 00 - mov rax,[rax]
7F79B04ACC: 48 8B 40 10 - mov rax,[rax+10]
7F79B04AD0: 48 8B 40 18 - mov rax,[rax+18]
7F79B04AD4: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7F79B04ADE: 48 3B C1 - cmp rax,rcx
7F79B04AE1: 74 02 - je 7F79B04AE5
7F79B04AE3: 33 DB - xor ebx,ebx
// ---------- INJECTING HERE ----------
7F79B04AE5: F3 0F 10 8B E8 00 00 00 - movss xmm1,[rbx+000000E8]
// ---------- DONE INJECTING ----------
7F79B04AED: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
7F79B04AF1: F2 0F 10 85 28 FC FF FF - movsd xmm0,[rbp-000003D8]
7F79B04AF9: F2 0F 59 C1 - mulsd xmm0,xmm1
7F79B04AFD: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
7F79B04B01: F3 41 0F 11 AE 6C 0C 00 00 - movss [r14+00000C6C],xmm5
7F79B04B0A: E9 7C 02 00 00 - jmp 7F79B04D8B
7F79B04B0F: 48 8D 86 9C 01 00 00 - lea rax,[rsi+0000019C]
7F79B04B16: 48 63 08 - movsxd rcx,dword ptr [rax]
7F79B04B19: 89 8D 40 FE FF FF - mov [rbp-000001C0],ecx
7F79B04B1F: 48 63 48 04 - movsxd rcx,dword ptr [rax+04]
}
address2:
db bytes2
// movss xmm0,[r15+000000E8]
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: ItemActionRanged:updateAccuracy+87e
7FC0E69479: 48 85 FF - test rdi,rdi
7FC0E6947C: 74 20 - je 7FC0E6949E
7FC0E6947E: 48 8B 07 - mov rax,[rdi]
7FC0E69481: 48 8B 00 - mov rax,[rax]
7FC0E69484: 48 8B 40 10 - mov rax,[rax+10]
7FC0E69488: 48 8B 40 18 - mov rax,[rax+18]
7FC0E6948C: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7FC0E69496: 48 3B C1 - cmp rax,rcx
7FC0E69499: 74 03 - je 7FC0E6949E
7FC0E6949B: 45 33 FF - xor r15d,r15d
// ---------- INJECTING HERE ----------
7FC0E6949E: F3 41 0F 10 87 E8 00 00 00 - movss xmm0,[r15+000000E8]
// ---------- DONE INJECTING ----------
7FC0E694A7: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FC0E694AB: F2 0F 11 85 60 FE FF FF - movsd [rbp-000001A0],xmm0
7FC0E694B3: F3 0F 10 85 74 FE FF FF - movss xmm0,[rbp-0000018C]
7FC0E694BB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FC0E694BF: F2 0F 11 85 58 FE FF FF - movsd [rbp-000001A8],xmm0
7FC0E694C7: 48 8D AD 00 00 00 00 - lea rbp,[rbp+00000000]
7FC0E694CE: 49 BB C0 45 F5 0B 7F 00 00 00 - mov r11,0000007F0BF545C0
7FC0E694D8: 41 FF D3 - call r11
7FC0E694DB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FC0E694DF: F2 0F 11 85 50 FE FF FF - movsd [rbp-000001B0],xmm0
}
address5:
db bytes5
// movss [rsi+000000E8],xmm5
dealloc(newmem5)
{
// ORIGINAL CODE - INJECTION POINT: ItemActionRanged:updateAccuracy+a0b
7FC0E695FB: F2 0F 59 DC - mulsd xmm3,xmm4
7FC0E695FF: F2 0F 59 D3 - mulsd xmm2,xmm3
7FC0E69603: F2 0F 5A D2 - cvtsd2ss xmm2,xmm2
7FC0E69607: F2 0F 5A C9 - cvtsd2ss xmm1,xmm1
7FC0E6960B: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
7FC0E6960F: 48 8D AD 00 00 00 00 - lea rbp,[rbp+00000000]
7FC0E69616: 49 BB 60 49 78 0E 7F 00 00 00 - mov r11,0000007F0E784960
7FC0E69620: 41 FF D3 - call r11
7FC0E69623: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FC0E69627: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
// ---------- INJECTING HERE ----------
7FC0E6962B: F3 0F 11 AE E8 00 00 00 - movss [rsi+000000E8],xmm5
// ---------- DONE INJECTING ----------
7FC0E69633: 48 8B F7 - mov rsi,rdi
7FC0E69636: 48 85 FF - test rdi,rdi
7FC0E69639: 0F 84 1F 00 00 00 - je 7FC0E6965E
7FC0E6963F: 48 8B 07 - mov rax,[rdi]
7FC0E69642: 48 8B 00 - mov rax,[rax]
7FC0E69645: 48 8B 40 10 - mov rax,[rax+10]
7FC0E69649: 48 8B 40 18 - mov rax,[rax+18]
7FC0E6964D: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7FC0E69657: 48 3B C1 - cmp rax,rcx
7FC0E6965A: 74 02 - je 7FC0E6965E
}
address9:
db bytes9
// movss xmm0,[rsi+000000E8]
dealloc(newmem9)
{
// ORIGINAL CODE - INJECTION POINT: ItemActionRanged:updateAccuracy+a3e
7FC0E69636: 48 85 FF - test rdi,rdi
7FC0E69639: 0F 84 1F 00 00 00 - je 7FC0E6965E
7FC0E6963F: 48 8B 07 - mov rax,[rdi]
7FC0E69642: 48 8B 00 - mov rax,[rax]
7FC0E69645: 48 8B 40 10 - mov rax,[rax+10]
7FC0E69649: 48 8B 40 18 - mov rax,[rax+18]
7FC0E6964D: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7FC0E69657: 48 3B C1 - cmp rax,rcx
7FC0E6965A: 74 02 - je 7FC0E6965E
7FC0E6965C: 33 F6 - xor esi,esi
// ---------- INJECTING HERE ----------
7FC0E6965E: F3 0F 10 86 E8 00 00 00 - movss xmm0,[rsi+000000E8]
// ---------- DONE INJECTING ----------
7FC0E69666: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FC0E6966A: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
7FC0E6966E: 48 8B 75 E8 - mov rsi,[rbp-18]
7FC0E69672: 48 8B 7D F0 - mov rdi,[rbp-10]
7FC0E69676: 4C 8B 7D F8 - mov r15,[rbp-08]
7FC0E6967A: 48 8D 65 00 - lea rsp,[rbp+00]
7FC0E6967E: 5D - pop rbp
7FC0E6967F: C3 - ret
7FC0E69680: 00 00 - add [rax],al
7FC0E69682: 70 41 - jo 7FC0E696C5
}
address14:
db bytes14
// movss xmm1,[rax+000000E8]
dealloc(newmem14)
{
// ORIGINAL CODE - INJECTION POINT: EntityPlayerLocal:guiDrawCrosshair+4ca
7FBD580494: 48 8B 85 D0 F4 FF FF - mov rax,[rbp-00000B30]
7FBD58049B: 48 8B 00 - mov rax,[rax]
7FBD58049E: 48 8B 00 - mov rax,[rax]
7FBD5804A1: 48 8B 40 10 - mov rax,[rax+10]
7FBD5804A5: 48 8B 40 18 - mov rax,[rax+18]
7FBD5804A9: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7FBD5804B3: 48 3B C1 - cmp rax,rcx
7FBD5804B6: 74 0B - je 7FBD5804C3
7FBD5804B8: 48 C7 85 C8 F4 FF FF 00 00 00 00 - mov qword ptr [rbp-00000B38],00000000
7FBD5804C3: 48 8B 85 C8 F4 FF FF - mov rax,[rbp-00000B38]
// ---------- INJECTING HERE ----------
7FBD5804CA: F3 0F 10 88 E8 00 00 00 - movss xmm1,[rax+000000E8]
// ---------- DONE INJECTING ----------
7FBD5804D2: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
7FBD5804D6: F2 0F 10 85 D8 F4 FF FF - movsd xmm0,[rbp-00000B28]
7FBD5804DE: F2 0F 59 C1 - mulsd xmm0,xmm1
7FBD5804E2: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
7FBD5804E6: F3 0F 11 AD 1C FE FF FF - movss [rbp-000001E4],xmm5
7FBD5804EE: F3 0F 10 85 1C FE FF FF - movss xmm0,[rbp-000001E4]
7FBD5804F6: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FBD5804FA: F2 0F 11 85 98 F4 FF FF - movsd [rbp-00000B68],xmm0
7FBD580502: 48 8D 6D 00 - lea rbp,[rbp+00]
7FBD580506: 49 BB C0 89 57 02 7F 00 00 00 - mov r11,0000007F025789C0
}
address20:
db bytes20
// movss xmm1,[rax+000000E8]
dealloc(newmem20)
{
// ORIGINAL CODE - INJECTION POINT: EntityPlayerLocal:guiDrawCrosshair+78f
7FBD580759: 48 8B 85 B0 F4 FF FF - mov rax,[rbp-00000B50]
7FBD580760: 48 8B 00 - mov rax,[rax]
7FBD580763: 48 8B 00 - mov rax,[rax]
7FBD580766: 48 8B 40 10 - mov rax,[rax+10]
7FBD58076A: 48 8B 40 18 - mov rax,[rax+18]
7FBD58076E: 48 B9 58 1D 33 7E 7F 00 00 00 - mov rcx,0000007F7E331D58
7FBD580778: 48 3B C1 - cmp rax,rcx
7FBD58077B: 74 0B - je 7FBD580788
7FBD58077D: 48 C7 85 C8 F4 FF FF 00 00 00 00 - mov qword ptr [rbp-00000B38],00000000
7FBD580788: 48 8B 85 C8 F4 FF FF - mov rax,[rbp-00000B38]
// ---------- INJECTING HERE ----------
7FBD58078F: F3 0F 10 88 E8 00 00 00 - movss xmm1,[rax+000000E8]
// ---------- DONE INJECTING ----------
7FBD580797: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
7FBD58079B: F2 0F 10 85 C0 F4 FF FF - movsd xmm0,[rbp-00000B40]
7FBD5807A3: F2 0F 59 C1 - mulsd xmm0,xmm1
7FBD5807A7: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
7FBD5807AB: F3 0F 11 AD 04 F5 FF FF - movss [rbp-00000AFC],xmm5
7FBD5807B3: F3 0F 10 85 04 F5 FF FF - movss xmm0,[rbp-00000AFC]
7FBD5807BB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
7FBD5807BF: F2 0F 11 85 98 F4 FF FF - movsd [rbp-00000B68],xmm0
7FBD5807C7: 48 8D AD 00 00 00 00 - lea rbp,[rbp+00000000]
7FBD5807CE: 49 BB C0 89 57 02 7F 00 00 00 - mov r11,0000007F025789C0
}
230
"One Hit Kills"
FF0000
Auto Assembler Script
{
RCX = entity taking damage
r15+4c = entity id doing the damage
}
define(address,EntityAlive:damageEntityLocal+2b )
define(bytes,4C 8B E9 4D 8B F0)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityAlive:damageEntityLocal+2b )
label(code)
label(return)
newmem:
push rax
mov rax,EntityPlayerLocalPNTR
cmp rcx,[rax] // player taking damage, do nothing
je code
movsxd r13,DWORD PTR [r15+4c] // entity id doing damage
mov r14,[rax]
mov r14,[r14+5b0]
movsxd r14,DWORD PTR [r14+7c] // player id
cmp r13,r14 // player not doing the damage, do nothing
jne code
mov r14,[rcx+5b0] // entitystats
mov r14,[r14+10] // health
mov [r14+2c],0 // value
code:
pop rax
mov r13,rcx
mov r14,r8
jmp return
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// mov r13,rcx
// mov r14,r8
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: EntityAlive:damageEntityLocal+2b
54D5887D31: 48 8B EC - mov rbp,rsp
54D5887D34: 48 81 EC C0 0D 00 00 - sub rsp,00000DC0
54D5887D3B: 48 89 5D C8 - mov [rbp-38],rbx
54D5887D3F: 48 89 75 D0 - mov [rbp-30],rsi
54D5887D43: 48 89 7D D8 - mov [rbp-28],rdi
54D5887D47: 4C 89 65 E0 - mov [rbp-20],r12
54D5887D4B: 4C 89 6D E8 - mov [rbp-18],r13
54D5887D4F: 4C 89 75 F0 - mov [rbp-10],r14
54D5887D53: 4C 89 7D F8 - mov [rbp-08],r15
54D5887D57: 48 89 55 C0 - mov [rbp-40],rdx
// ---------- INJECTING HERE ----------
54D5887D5B: 4C 8B E9 - mov r13,rcx
54D5887D5E: 4D 8B F0 - mov r14,r8
// ---------- DONE INJECTING ----------
54D5887D61: 4C 89 8D B0 F2 FF FF - mov [rbp-00000D50],r9
54D5887D68: 33 C0 - xor eax,eax
54D5887D6A: 48 89 85 78 F3 FF FF - mov [rbp-00000C88],rax
54D5887D71: 48 89 85 80 F3 FF FF - mov [rbp-00000C80],rax
54D5887D78: 48 89 85 88 F3 FF FF - mov [rbp-00000C78],rax
54D5887D7F: 48 89 85 90 F3 FF FF - mov [rbp-00000C70],rax
54D5887D86: 48 89 85 98 F3 FF FF - mov [rbp-00000C68],rax
54D5887D8D: 48 89 85 A0 F3 FF FF - mov [rbp-00000C60],rax
54D5887D94: 48 89 85 A8 F3 FF FF - mov [rbp-00000C58],rax
54D5887D9B: 48 89 85 B0 F3 FF FF - mov [rbp-00000C50],rax
}
282
"No Recoil"
FF0000
Auto Assembler Script
define(address,EntityPlayerLocal:OnFired+7ee )
define(bytes,F2 0F 58 C1 F2 0F 5A E8)
define(address2,EntityPlayerLocal:OnFired+8c6 )
define(bytes2,F2 0F 58 C1 F2 0F 5A E8)
define(address5,EntityPlayerLocal:OnFired+98e )
define(bytes5,F2 0F 58 C1 F2 0F 5A E8)
define(address9,EntityPlayerLocal:OnFired+a56 )
define(bytes9,F2 0F 58 C1 F2 0F 5A E8)
define(address14,EntityPlayerLocal:shakeCamera+c )
define(bytes14,48 8B F1 48 89 55 F0)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,EntityPlayerLocal:OnFired+7ee )
label(code)
label(return)
newmem:
code:
addsd xmm0,xmm1
movss xmm0,[zero]
cvtsd2ss xmm5,xmm0
jmp return
zero:
dq (float)0
address:
jmp newmem
nop 3
return:
// ---------------------------------------------------------------------------
assert(address2,bytes2)
alloc(newmem2,$1000,EntityPlayerLocal:OnFired+8c6 )
label(code2)
label(return2)
newmem2:
code2:
addsd xmm0,xmm1
movss xmm0,[zero]
cvtsd2ss xmm5,xmm0
jmp return2
address2:
jmp newmem2
nop 3
return2:
// ---------------------------------------------------------------------------
assert(address5,bytes5)
alloc(newmem5,$1000,EntityPlayerLocal:OnFired+98e )
label(code5)
label(return5)
newmem5:
code5:
addsd xmm0,xmm1
movss xmm0,[zero]
cvtsd2ss xmm5,xmm0
jmp return5
address5:
jmp newmem5
nop 3
return5:
// ---------------------------------------------------------------------------
assert(address9,bytes9)
alloc(newmem9,$1000,EntityPlayerLocal:OnFired+a56 )
label(code9)
label(return9)
newmem9:
code9:
addsd xmm0,xmm1
movss xmm0,[zero]
cvtsd2ss xmm5,xmm0
jmp return9
address9:
jmp newmem9
nop 3
return9:
// ---------------------------------------------------------------------------
assert(address14,bytes14)
alloc(newmem14,$1000,EntityPlayerLocal:shakeCamera+c )
label(code14)
label(return14)
newmem14:
movss xmm2,[zero2]
movss xmm3,[zero2]
code14:
mov rsi,rcx
mov [rbp-10],rdx
jmp return14
zero2:
dq (float)0
address14:
jmp newmem14
nop 2
return14:
// ---------------------------------------------------------------------------
[DISABLE]
address:
db bytes
dealloc(newmem)
// ---------------------------------------------------------------------------
address2:
db bytes2
dealloc(newmem2)
// ---------------------------------------------------------------------------
address5:
db bytes5
dealloc(newmem5)
// ---------------------------------------------------------------------------
address9:
db bytes9
dealloc(newmem9)
// ---------------------------------------------------------------------------
address14:
db bytes14
dealloc(newmem14)
289
"Buffs Bad Never"
FF00FF
Auto Assembler Script
define(address,BuffClass:UpdateTimer+33 )
define(bytes,F3 0F 10 87 A0 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,BuffClass:UpdateTimer+33 )
label(code)
label(return)
newmem:
movsxd r8,dword ptr [rdi+000000A8] // EnumDamageTypes
cmp r8,0 // maybe only bad ??
je code
movss xmm0,[zero]
jmp return
code:
movss xmm0,[rdi+000000A0]
jmp return
zero:
dq (float)1
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// movss xmm0,[rdi+000000A0]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: BuffClass:UpdateTimer+33
163FBCC9B0: 48 8B F9 - mov rdi,rcx
163FBCC9B3: 48 8B F2 - mov rsi,rdx
163FBCC9B6: 83 3E 00 - cmp dword ptr [rsi],00
163FBCC9B9: 8B 56 24 - mov edx,[rsi+24]
163FBCC9BC: FF C2 - inc edx
163FBCC9BE: 48 8B CE - mov rcx,rsi
163FBCC9C1: 83 3E 00 - cmp dword ptr [rsi],00
163FBCC9C4: 66 90 - nop 2
163FBCC9C6: 49 BB 10 CB BC 3F 16 00 00 00 - mov r11,000000163FBCCB10
163FBCC9D0: 41 FF D3 - call r11
// ---------- INJECTING HERE ----------
163FBCC9D3: F3 0F 10 87 A0 00 00 00 - movss xmm0,[rdi+000000A0]
// ---------- DONE INJECTING ----------
163FBCC9DB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
163FBCC9DF: 66 0F 57 C9 - xorpd xmm1,xmm1
163FBCC9E3: 66 0F 2F C8 - comisd xmm1,xmm0
163FBCC9E7: 0F 8A D6 00 00 00 - jp 163FBCCAC3
163FBCC9ED: 0F 83 D0 00 00 00 - jae 163FBCCAC3
163FBCC9F3: 83 3E 00 - cmp dword ptr [rsi],00
163FBCC9F6: 8B 4E 24 - mov ecx,[rsi+24]
163FBCC9F9: 48 8D 64 24 00 - lea rsp,[rsp+00]
163FBCC9FE: 49 BB 60 0F 22 B1 15 00 00 00 - mov r11,00000015B1220F60
163FBCCA08: 41 FF D3 - call r11
}
290
"Buffs Good Forever"
FF00FF
Auto Assembler Script
define(address,BuffClass:UpdateTimer+1e )
define(bytes,48 8B CE 83 3E 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,BuffClass:UpdateTimer+1e )
label(code)
label(return)
newmem:
movsxd r8,dword ptr [rdi+000000A8] // EnumDamageTypes
cmp r8,0 // maybe only bad ??
jne code
//movsxd rdx,[zero]
movsxd rdx,[rdi+000000A0]
code:
mov rcx,rsi
cmp dword ptr [rsi],00
jmp return
zero:
dq (float)1
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// mov rcx,rsi
// cmp dword ptr [rsi],00
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: BuffClass:UpdateTimer+1e
36A98754A0: 55 - push rbp
36A98754A1: 48 8B EC - mov rbp,rsp
36A98754A4: 48 83 EC 50 - sub rsp,50
36A98754A8: 48 89 75 F0 - mov [rbp-10],rsi
36A98754AC: 48 89 7D F8 - mov [rbp-08],rdi
36A98754B0: 48 8B F9 - mov rdi,rcx
36A98754B3: 48 8B F2 - mov rsi,rdx
36A98754B6: 83 3E 00 - cmp dword ptr [rsi],00
36A98754B9: 8B 56 24 - mov edx,[rsi+24]
36A98754BC: FF C2 - inc edx
// ---------- INJECTING HERE ----------
36A98754BE: 48 8B CE - mov rcx,rsi
36A98754C1: 83 3E 00 - cmp dword ptr [rsi],00
// ---------- DONE INJECTING ----------
36A98754C4: 66 90 - nop 2
36A98754C6: 49 BB 60 B2 30 20 37 00 00 00 - mov r11,000000372030B260
36A98754D0: 41 FF D3 - call r11
36A98754D3: F3 0F 10 87 A0 00 00 00 - movss xmm0,[rdi+000000A0]
36A98754DB: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
36A98754DF: 66 0F 57 C9 - xorpd xmm1,xmm1
36A98754E3: 66 0F 2F C8 - comisd xmm1,xmm0
36A98754E7: 0F 8A D6 00 00 00 - jp 36A98755C3
36A98754ED: 0F 83 D0 00 00 00 - jae 36A98755C3
36A98754F3: 83 3E 00 - cmp dword ptr [rsi],00
}
94
"Trader 24/7"
008000
Auto Assembler Script
{ Game : 7daystodie.exe
Version:
Date : 2020-07-13
Author : moo
This script does blah blah blah
}
define(address,TraderArea:SetClosed+43 )
define(bytes,C7 85 10 FF FF FF 00 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,TraderArea:SetClosed+43 )
label(code)
label(return)
newmem:
code:
mov r8,0
mov r9,0
mov [rbp-00000188],r8
mov [rbp-00000190],r9
mov [rbp-000000F0],00000000
jmp return
address:
jmp newmem
nop 5
return:
[DISABLE]
address:
db bytes
// mov [rbp-000000F0],00000000
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: TraderArea:SetClosed+43
C7287C9EEF: 48 89 75 D0 - mov [rbp-30],rsi
C7287C9EF3: 48 89 7D D8 - mov [rbp-28],rdi
C7287C9EF7: 4C 89 65 E0 - mov [rbp-20],r12
C7287C9EFB: 4C 89 6D E8 - mov [rbp-18],r13
C7287C9EFF: 4C 89 75 F0 - mov [rbp-10],r14
C7287C9F03: 4C 89 7D F8 - mov [rbp-08],r15
C7287C9F07: 48 89 8D 88 FE FF FF - mov [rbp-00000178],rcx
C7287C9F0E: 48 89 95 80 FE FF FF - mov [rbp-00000180],rdx
C7287C9F15: 4C 89 85 78 FE FF FF - mov [rbp-00000188],r8
C7287C9F1C: 4C 89 8D 70 FE FF FF - mov [rbp-00000190],r9
// ---------- INJECTING HERE ----------
C7287C9F23: C7 85 10 FF FF FF 00 00 00 00 - mov [rbp-000000F0],00000000
// ---------- DONE INJECTING ----------
C7287C9F2D: C7 85 14 FF FF FF 00 00 00 00 - mov [rbp-000000EC],00000000
C7287C9F37: C7 85 18 FF FF FF 00 00 00 00 - mov [rbp-000000E8],00000000
C7287C9F41: C7 85 1C FF FF FF 00 00 00 00 - mov [rbp-000000E4],00000000
C7287C9F4B: C7 85 20 FF FF FF 00 00 00 00 - mov [rbp-000000E0],00000000
C7287C9F55: 0F B6 85 78 FE FF FF - movzx eax,byte ptr [rbp-00000188]
C7287C9F5C: 48 8B 95 88 FE FF FF - mov rdx,[rbp-00000178]
C7287C9F63: 40 88 42 4C - mov [rdx+4C],al
C7287C9F67: 48 85 D2 - test rdx,rdx
C7287C9F6A: 0F 84 17 0A 00 00 - je C7287CA987
C7287C9F70: 48 63 42 10 - movsxd rax,dword ptr [rdx+10]
}
181
"Quest Instant Complete"
008000
Auto Assembler Script
{ Game : 7DaysToDie.exe
Version:
Date : 2020-07-16
Author : moo
This script does blah blah blah
}
define(address,Quest:CheckForCompletion+3f )
define(bytes,49 63 86 80 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,Quest:CheckForCompletion+3f )
label(code)
label(return)
newmem:
code:
mov [r14+00000080],2
movsxd rax,dword ptr [r14+00000080]
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// movsxd rax,dword ptr [r14+00000080]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Quest:CheckForCompletion+3f
6D9E482B0F: 48 89 75 D0 - mov [rbp-30],rsi
6D9E482B13: 48 89 7D D8 - mov [rbp-28],rdi
6D9E482B17: 4C 89 65 E0 - mov [rbp-20],r12
6D9E482B1B: 4C 89 6D E8 - mov [rbp-18],r13
6D9E482B1F: 4C 89 75 F0 - mov [rbp-10],r14
6D9E482B23: 4C 89 7D F8 - mov [rbp-08],r15
6D9E482B27: 4C 8B F1 - mov r14,rcx
6D9E482B2A: 48 89 95 B8 FE FF FF - mov [rbp-00000148],rdx
6D9E482B31: 4C 89 85 B0 FE FF FF - mov [rbp-00000150],r8
6D9E482B38: 4C 89 8D A8 FE FF FF - mov [rbp-00000158],r9
// ---------- INJECTING HERE ----------
6D9E482B3F: 49 63 86 80 00 00 00 - movsxd rax,dword ptr [r14+00000080]
// ---------- DONE INJECTING ----------
6D9E482B46: 83 F8 01 - cmp eax,01
6D9E482B49: 74 10 - je 6D9E482B5B
6D9E482B4B: 49 63 86 80 00 00 00 - movsxd rax,dword ptr [r14+00000080]
6D9E482B52: 83 F8 02 - cmp eax,02
6D9E482B55: 0F 85 C8 11 00 00 - jne 6D9E483D23
6D9E482B5B: 49 8B 46 10 - mov rax,[r14+10]
6D9E482B5F: 48 85 C0 - test rax,rax
6D9E482B62: 0F 84 BB 11 00 00 - je 6D9E483D23
6D9E482B68: 49 8B 4E 18 - mov rcx,[r14+18]
6D9E482B6C: 66 90 - nop 2
}
116
"Vehicle Infinite Fuel"
8000FF
Auto Assembler Script
{ Game : 7daystodie.exe
Version:
Date : 2020-07-14
Author : moo
This script does blah blah blah
}
define(address,VPFuelTank:HandleEvent+16 )
define(bytes,F3 0F 11 5D D0)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,VPFuelTank:HandleEvent+16 )
label(code)
label(return)
newmem:
code:
movss xmm3,[zero]
movss [rbp-30],xmm3
jmp return
zero:
dq (float)0
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// movss [rbp-30],xmm3
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: VPFuelTank:HandleEvent+16
17400A4FCFA: 00 00 - add [rax],al
17400A4FCFC: 00 00 - add [rax],al
17400A4FCFE: 00 00 - add [rax],al
17400A4FD00: 55 - push rbp
17400A4FD01: 48 8B EC - mov rbp,rsp
17400A4FD04: 48 83 EC 50 - sub rsp,50
17400A4FD08: 48 89 75 F0 - mov [rbp-10],rsi
17400A4FD0C: 48 89 7D F8 - mov [rbp-08],rdi
17400A4FD10: 48 8B F9 - mov rdi,rcx
17400A4FD13: 48 8B F2 - mov rsi,rdx
// ---------- INJECTING HERE ----------
17400A4FD16: F3 0F 11 5D D0 - movss [rbp-30],xmm3
// ---------- DONE INJECTING ----------
17400A4FD1B: 48 8B 07 - mov rax,[rdi]
17400A4FD1E: FF 90 80 00 00 00 - call qword ptr [rax+00000080]
17400A4FD24: 85 C0 - test eax,eax
17400A4FD26: 74 18 - je 17400A4FD40
17400A4FD28: 48 8B CF - mov rcx,rdi
17400A4FD2B: 33 D2 - xor edx,edx
17400A4FD2D: 90 - nop
17400A4FD2E: 49 BB 66 10 A1 00 74 01 00 00 - mov r11,0000017400A11066
17400A4FD38: 41 FF D3 - call r11
17400A4FD3B: E9 C1 00 00 00 - jmp 17400A4FE01
}
118
"Vehicle No Damage"
8000FF
Auto Assembler Script
define(address,Vehicle:GetHealth+2e )
define(bytes,48 8D 65 00 5D)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,Vehicle:GetHealth+2e )
label(code)
label(return)
newmem:
code:
lea rsp,[rbp+00]
pop rbp
mov rax,1770
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// lea rsp,[rbp+00]
// pop rbp
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Vehicle:GetHealth+2e
17400A5AF7C: 48 8B C1 - mov rax,rcx
17400A5AF7F: 48 8B 40 28 - mov rax,[rax+28]
17400A5AF83: 48 8B C8 - mov rcx,rax
17400A5AF86: 48 8B 00 - mov rax,[rax]
17400A5AF89: FF 90 70 06 00 00 - call qword ptr [rax+00000670]
17400A5AF8F: 48 8B C8 - mov rcx,rax
17400A5AF92: 48 8B D1 - mov rdx,rcx
17400A5AF95: 33 C0 - xor eax,eax
17400A5AF97: 83 FA 01 - cmp edx,01
17400A5AF9A: 48 0F 4F C1 - cmovg rax,rcx
// ---------- INJECTING HERE ----------
17400A5AF9E: 48 8D 65 00 - lea rsp,[rbp+00]
17400A5AFA2: 5D - pop rbp
// ---------- DONE INJECTING ----------
17400A5AFA3: C3 - ret
17400A5AFA4: 00 00 - add [rax],al
17400A5AFA6: 00 00 - add [rax],al
17400A5AFA8: 01 04 02 - add [rdx+rax],eax
17400A5AFAB: 05 04 03 01 50 - add eax,50010304
17400A5AFB0: 00 00 - add [rax],al
17400A5AFB2: 00 00 - add [rax],al
17400A5AFB4: 00 00 - add [rax],al
17400A5AFB6: 00 00 - add [rax],al
17400A5AFB8: 00 00 - add [rax],al
}
284
"Instant Scrap"
Auto Assembler Script
define(address,ItemActionEntryScrap:OnActivated+26e )
define(bytes,F3 41 0F 10 84 24 64 03 00 00)
define(address2,ItemActionEntryScrap:OnActivated+45f )
define(bytes2,F3 41 0F 10 84 24 64 03 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,ItemActionEntryScrap:OnActivated+26e )
label(code)
label(return)
newmem:
code:
movss xmm0,[zero]
jmp return
zero:
dq (float)0
address:
jmp newmem
nop 5
return:
assert(address2,bytes2)
alloc(newmem2,$1000,ItemActionEntryScrap:OnActivated+45f )
label(code2)
label(return2)
newmem2:
code2:
movss xmm0,[zero]
jmp return2
address2:
jmp newmem2
nop 5
return2:
[DISABLE]
address:
db bytes
dealloc(newmem)
address2:
db bytes2
dealloc(newmem2)
292
"Craft Stations Dont Consume Fuel Items"
Auto Assembler Script
define(address,TileEntityWorkstation:HandleFuel+19c )
define(bytes,FF C9 89 48 18)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,TileEntityWorkstation:HandleFuel+19c )
label(code)
label(return)
newmem:
code:
//dec ecx
mov [rax+18],ecx
jmp return
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
// dec ecx
// mov [rax+18],ecx
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: TileEntityWorkstation:HandleFuel+19c
368A282530: 0F 86 9C 01 00 00 - jbe 368A2826D2
368A282536: 48 8B 40 20 - mov rax,[rax+20]
368A28253A: 48 63 40 18 - movsxd rax,dword ptr [rax+18]
368A28253E: 85 C0 - test eax,eax
368A282540: 0F 8E 98 00 00 00 - jng 368A2825DE
368A282546: 48 8B 47 70 - mov rax,[rdi+70]
368A28254A: 83 78 18 00 - cmp dword ptr [rax+18],00
368A28254E: 0F 86 77 01 00 00 - jbe 368A2826CB
368A282554: 48 8B 40 20 - mov rax,[rax+20]
368A282558: 48 63 48 18 - movsxd rcx,dword ptr [rax+18]
// ---------- INJECTING HERE ----------
368A28255C: FF C9 - dec ecx
368A28255E: 89 48 18 - mov [rax+18],ecx
// ---------- DONE INJECTING ----------
368A282561: F3 0F 10 87 C4 00 00 00 - movss xmm0,[rdi+000000C4]
368A282569: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
368A28256D: F2 0F 11 45 D0 - movsd [rbp-30],xmm0
368A282572: 48 8B 47 70 - mov rax,[rdi+70]
368A282576: 83 78 18 00 - cmp dword ptr [rax+18],00
368A28257A: 0F 86 31 01 00 00 - jbe 368A2826B1
368A282580: 48 8B 50 20 - mov rdx,[rax+20]
368A282584: 48 8B CF - mov rcx,rdi
368A282587: 48 8D AD 00 00 00 00 - lea rbp,[rbp+00000000]
368A28258E: 49 BB D0 FC 66 0E 37 00 00 00 - mov r11,000000370E66FCD0
}
293
"Craft Stations Quick Smelt"
Auto Assembler Script
define(address,TileEntityWorkstation:HandleMaterialInput+2a )
define(bytes,F3 0F 11 8D 38 FF FF FF)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,TileEntityWorkstation:HandleMaterialInput+2a )
label(code)
label(return)
newmem:
movss xmm1,[min]
code:
movss [rbp-000000C8],xmm1
jmp return
min:
dq (float)600
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// movss [rbp-000000C8],xmm1
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: TileEntityWorkstation:HandleMaterialInput+2a
368A282C61: 48 8B EC - mov rbp,rsp
368A282C64: 48 81 EC 30 01 00 00 - sub rsp,00000130
368A282C6B: 48 89 5D C8 - mov [rbp-38],rbx
368A282C6F: 48 89 75 D0 - mov [rbp-30],rsi
368A282C73: 48 89 7D D8 - mov [rbp-28],rdi
368A282C77: 4C 89 65 E0 - mov [rbp-20],r12
368A282C7B: 4C 89 6D E8 - mov [rbp-18],r13
368A282C7F: 4C 89 75 F0 - mov [rbp-10],r14
368A282C83: 4C 89 7D F8 - mov [rbp-08],r15
368A282C87: 48 8B F1 - mov rsi,rcx
// ---------- INJECTING HERE ----------
368A282C8A: F3 0F 11 8D 38 FF FF FF - movss [rbp-000000C8],xmm1
// ---------- DONE INJECTING ----------
368A282C92: 66 0F 57 C0 - xorpd xmm0,xmm0
368A282C96: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
368A282C9A: F3 0F 11 6D 84 - movss [rbp-7C],xmm5
368A282C9F: 66 0F 57 C0 - xorpd xmm0,xmm0
368A282CA3: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
368A282CA7: F3 0F 11 6D 80 - movss [rbp-80],xmm5
368A282CAC: 66 0F 57 C0 - xorpd xmm0,xmm0
368A282CB0: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
368A282CB4: F3 0F 11 AD 64 FF FF FF - movss [rbp-0000009C],xmm5
368A282CBC: 66 0F 57 C0 - xorpd xmm0,xmm0
}
295
"Craft Instant"
Auto Assembler Script
define(address,XUiM_Recipes:GetRecipeCraftTime+db )
define(bytes,48 8B 75 F0 48 8B 7D F8)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,XUiM_Recipes:GetRecipeCraftTime+db )
label(code)
label(return)
newmem:
movss xmm0,[one]
code:
mov rsi,[rbp-10]
mov rdi,[rbp-08]
jmp return
one:
dq (float)0
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// mov rsi,[rbp-10]
// mov rdi,[rbp-08]
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: XUiM_Recipes:GetRecipeCraftTime+db
36AAF430AE: 4C 8B 45 D8 - mov r8,[rbp-28]
36AAF430B2: 4C 89 45 E8 - mov [rbp-18],r8
36AAF430B6: 48 89 44 24 28 - mov [rsp+28],rax
36AAF430BB: F2 0F 10 D0 - movsd xmm2,xmm0
36AAF430BF: F2 0F 5A D2 - cvtsd2ss xmm2,xmm2
36AAF430C3: 66 66 90 - nop 3
36AAF430C6: 49 BB 40 EA AE 8A 36 00 00 00 - mov r11,000000368AAEEA40
36AAF430D0: 41 FF D3 - call r11
36AAF430D3: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
36AAF430D7: F2 0F 5A C0 - cvtsd2ss xmm0,xmm0
// ---------- INJECTING HERE ----------
36AAF430DB: 48 8B 75 F0 - mov rsi,[rbp-10]
36AAF430DF: 48 8B 7D F8 - mov rdi,[rbp-08]
// ---------- DONE INJECTING ----------
36AAF430E3: 48 8D 65 00 - lea rsp,[rbp+00]
36AAF430E7: 5D - pop rbp
36AAF430E8: C3 - ret
36AAF430E9: 00 00 - add [rax],al
36AAF430EB: 00 00 - add [rax],al
36AAF430ED: 00 00 - add [rax],al
36AAF430EF: 00 01 - add [rcx],al
36AAF430F1: 04 02 - add al,02
36AAF430F3: 05 04 03 01 50 - add eax,50010304
36AAF430F8: 00 00 - add [rax],al
}
191
"Fast Loot"
000080
Auto Assembler Script
{ Game : 7DaysToDie.exe
Version:
Date : 2020-07-17
Author : moo
This script does blah blah blah
}
define(address,BlockLoot:OnBlockActivated+100 )
define(bytes,41 88 46 7A 49 8B CF)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,BlockLoot:OnBlockActivated+100 )
label(code)
label(return)
newmem:
mov al,1
code:
mov [r14+7A],al
mov rcx,r15
jmp return
address:
jmp newmem
nop 2
return:
[DISABLE]
address:
db bytes
// mov [r14+7A],al
// mov rcx,r15
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: BlockLoot:OnBlockActivated+100
838A575B54: 48 8B 06 - mov rax,[rsi]
838A575B57: FF 90 D8 07 00 00 - call qword ptr [rax+000007D8]
838A575B5D: 48 8B D5 - mov rdx,rbp
838A575B60: 48 83 C2 A0 - add rdx,-60
838A575B64: 49 8B CE - mov rcx,r14
838A575B67: 41 83 3E 00 - cmp dword ptr [r14],00
838A575B6B: 66 66 90 - nop 3
838A575B6E: 49 BB D0 A7 7C 83 83 00 00 00 - mov r11,00000083837CA7D0
838A575B78: 41 FF D3 - call r11
838A575B7B: 41 0F B6 46 6C - movzx eax,byte ptr [r14+6C]
// ---------- INJECTING HERE ----------
838A575B80: 41 88 46 7A - mov [r14+7A],al
838A575B84: 49 8B CF - mov rcx,r15
// ---------- DONE INJECTING ----------
838A575B87: 49 8B 07 - mov rax,[r15]
838A575B8A: FF 90 F8 01 00 00 - call qword ptr [rax+000001F8]
838A575B90: 4D 63 4E 28 - movsxd r9,dword ptr [r14+28]
838A575B94: 48 63 8E 4C 01 00 00 - movsxd rcx,dword ptr [rsi+0000014C]
838A575B9B: 48 89 4C 24 20 - mov [rsp+20],rcx
838A575BA0: 48 C7 44 24 28 00 00 00 00 - mov qword ptr [rsp+28],00000000
838A575BA9: 48 8B C8 - mov rcx,rax
838A575BAC: 48 8B D7 - mov rdx,rdi
838A575BAF: 4C 8B C5 - mov r8,rbp
838A575BB2: 49 83 C0 C0 - add r8,-40
}
189
"Fast Loot Respawn Items"
000080
Auto Assembler Script
{ Game : 7DaysToDie.exe
Version:
Date : 2020-07-17
Author : moo
This script does blah blah blah
}
define(address,LootManager:LootContainerOpened+23 )
define(bytes,4C 8B F9 48 8B FA)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,LootManager:LootContainerOpened+23 )
label(code)
label(return)
newmem:
mov [rdx+6c],0 // loot is gone
mov [rdx+7a],1 // loot never taken
code:
mov r15,rcx
mov rdi,rdx
jmp return
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// mov r15,rcx
// mov rdi,rdx
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: LootManager:LootContainerOpened+23
838A57A0CE: 00 00 - add [rax],al
838A57A0D0: 55 - push rbp
838A57A0D1: 48 8B EC - mov rbp,rsp
838A57A0D4: 48 81 EC 00 01 00 00 - sub rsp,00000100
838A57A0DB: 48 89 75 D0 - mov [rbp-30],rsi
838A57A0DF: 48 89 7D D8 - mov [rbp-28],rdi
838A57A0E3: 4C 89 65 E0 - mov [rbp-20],r12
838A57A0E7: 4C 89 6D E8 - mov [rbp-18],r13
838A57A0EB: 4C 89 75 F0 - mov [rbp-10],r14
838A57A0EF: 4C 89 7D F8 - mov [rbp-08],r15
// ---------- INJECTING HERE ----------
838A57A0F3: 4C 8B F9 - mov r15,rcx
838A57A0F6: 48 8B FA - mov rdi,rdx
// ---------- DONE INJECTING ----------
838A57A0F9: 49 8B F0 - mov rsi,r8
838A57A0FC: 4C 89 4D 80 - mov [rbp-80],r9
838A57A100: 33 C0 - xor eax,eax
838A57A102: 48 89 45 88 - mov [rbp-78],rax
838A57A106: 48 89 45 90 - mov [rbp-70],rax
838A57A10A: 49 8B 47 18 - mov rax,[r15+18]
838A57A10E: 48 8B C8 - mov rcx,rax
838A57A111: 48 8B 00 - mov rax,[rax]
838A57A114: FF 90 48 01 00 00 - call qword ptr [rax+00000148]
838A57A11A: 85 C0 - test eax,eax
}
Change of dec ecx
368A28255C
20
48
63
48
18
FF
C9
89
48
18
F3
0F