192
"[X] <== Medieval Dynasty | 0.2.0.2 | Table v5"
1
4
"[X] <= Inventory Screen "
Auto Assembler Script
{ Game : Medieval_Dynasty-Win64-Shipping.exe
Version:
Date : 2020-09-20
Author : User
This script does blah blah blah
}
[ENABLE]
aobscanmodule(OnInventorySelected,Medieval_Dynasty-Win64-Shipping.exe,48 89 5C 24 20 55 56 41 56 48 83 EC 70) // should be unique
alloc(newmem,$1000,"Medieval_Dynasty-Win64-Shipping.exe"+20B9519)
label(code)
label(return)
label(idxItem)
label(itemSize)
label(pInventory)
label(pInventoryBlock)
label(pItem)
label(pScreenType)
label(pScreen)
label(pScreenPtr)
label(numItems)
label(numScreenItems)
label(pWindow)
registersymbol(idxItem)
registersymbol(itemSize)
registersymbol(numItems)
registersymbol(pInventory)
registersymbol(pInventoryBlock)
registersymbol(pItem)
registersymbol(pScreenType)
registersymbol(pScreen)
registersymbol(pScreenPtr)
registersymbol(numScreenItems)
registersymbol(pWindow)
newmem:
idxItem:
dq 0
pInventory:
dq 0
pInventoryBlock:
dq 0
pItem:
dq 0
numItems:
dq 0
itemSize:
dq 0
pScreenType:
dq 0
pScreen:
dq 0
pScreenPtr:
dq 0
numScreenItems:
dq 0
pWindow:
dq 0
code:
mov [rsp+20],rbx // original
{ r8 - index }
{ rcx - inventory pointer }
{ rdx - screen type? }
push rax
push rbx
push r13
mov [pWindow], rdx
mov rax, [rdx+78]
mov [pScreen], rax
// mov r13, [rax] { screen type? }
mov r13d, dword ptr [rax+3C] { size of structure }
mov [itemSize], r13d
mov rax, [rcx]
mov [pScreenPtr], rax
mov eax, dword ptr [rcx+8]
mov [numScreenItems], eax
// Begin specific screens
cmp r13d, 30 // need better detection mechanism
jne exitcode
mov [idxItem], r8d
mov eax, dword ptr [rcx+8]
mov [numItems], eax
mov rax, rcx
sub rax, B8 { offset to beginning of inventory block }
mov [pInventoryBlock], rax
mov rax, [rcx]
mov [pInventory], rax
xor rbx, rbx
mov ebx,r8d
imul ebx, r13d
{imul rbx,r8d,r13d}
add rax,ebx
mov [pItem], rax
exitcode:
pop r13
pop rbx
pop rax
jmp return
OnInventorySelected:
jmp code
return:
registersymbol(OnInventorySelected)
[DISABLE]
OnInventorySelected:
db 48 89 5C 24 20
unregistersymbol(OnInventorySelected)
unregistersymbol(idxItem)
unregistersymbol(pInventory)
unregistersymbol(pItem)
unregistersymbol(numItems)
unregistersymbol(itemSize)
unregistersymbol(pScreenType)
unregistersymbol(pScreen)
unregistersymbol(pWindow)
unregistersymbol(pInventoryBlock)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Medieval_Dynasty-Win64-Shipping.exe"+20B9519
"Medieval_Dynasty-Win64-Shipping.exe"+20B9508: 5B - pop rbx
"Medieval_Dynasty-Win64-Shipping.exe"+20B9509: C3 - ret
"Medieval_Dynasty-Win64-Shipping.exe"+20B950A: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B950B: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B950C: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B950D: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B950E: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B950F: CC - int 3
"Medieval_Dynasty-Win64-Shipping.exe"+20B9510: 48 85 C9 - test rcx,rcx
"Medieval_Dynasty-Win64-Shipping.exe"+20B9513: 0F 84 A1 01 00 00 - je Medieval_Dynasty-Win64-Shipping.exe+20B96BA
// ---------- INJECTING HERE ----------
"Medieval_Dynasty-Win64-Shipping.exe"+20B9519: 48 89 5C 24 20 - mov [rsp+20],rbx
// ---------- DONE INJECTING ----------
"Medieval_Dynasty-Win64-Shipping.exe"+20B951E: 55 - push rbp
"Medieval_Dynasty-Win64-Shipping.exe"+20B951F: 56 - push rsi
"Medieval_Dynasty-Win64-Shipping.exe"+20B9520: 41 56 - push r14
"Medieval_Dynasty-Win64-Shipping.exe"+20B9522: 48 83 EC 70 - sub rsp,70
"Medieval_Dynasty-Win64-Shipping.exe"+20B9526: 8B 82 80 00 00 00 - mov eax,[rdx+00000080]
"Medieval_Dynasty-Win64-Shipping.exe"+20B952C: 48 8B D9 - mov rbx,rcx
"Medieval_Dynasty-Win64-Shipping.exe"+20B952F: 48 89 BC 24 90 00 00 00 - mov [rsp+00000090],rdi
"Medieval_Dynasty-Win64-Shipping.exe"+20B9537: 4D 8B F1 - mov r14,r9
"Medieval_Dynasty-Win64-Shipping.exe"+20B953A: 48 8B 7A 78 - mov rdi,[rdx+78]
"Medieval_Dynasty-Win64-Shipping.exe"+20B953E: 41 8B E8 - mov ebp,r8d
}
8
"Last Selected Item ==>"
008000
1
pItem
0
9
"Item Type ID?"
1
4 Bytes
+0
12
"Unknown"
C0C0C0
4 Bytes
+4
13
"Item Count"
4 Bytes
+8
14
"Index"
4 Bytes
+C
15
"Equipped"
4 Bytes
+10
16
"Unknown"
1
C0C0C0
4 Bytes
+14
17
"Unknown"
C0C0C0
Float
+18
18
"Freshness"
Float
+1c
19
"Unknown"
C0C0C0
4 Bytes
+20
20
"Durability"
Float
+24
21
"Max Durability"
Float
+28
22
"Unknown"
C0C0C0
4 Bytes
+2c
15835
"Max Weight"
Float
pInventoryBlock
C8
15837
"Unknown Max Weight"
Float
pInventoryBlock
CC
15836
"Current Weight"
Float
pInventoryBlock
D0
129
"Number of Inventory Items"
4 Bytes
numItems
24
"Inventory ==>"
008000
1
pInventory
0
25
"[1]"
1
+30*0
26
"Item Type ID"
1
4 Bytes
+0
27
"4 Bytes"
4 Bytes
+4
28
"Item Count"
4 Bytes
+8
29
"Index"
4 Bytes
+C
30
"Equipped"
4 Bytes
+10
31
"4 Bytes"
1
4 Bytes
+14
32
"Float"
Float
+18
33
"Freshness"
Float
+1c
34
"4 Bytes"
4 Bytes
+20
35
"Durability"
Float
+24
36
"Max Durability"
Float
+28
37
"4 Bytes"
4 Bytes
+2c
38
"[2]"
1
+30*1
39
"Item Type ID"
1
4 Bytes
+0
40
"4 Bytes"
4 Bytes
+4
41
"Item Count"
4 Bytes
+8
42
"Index"
4 Bytes
+C
43
"Equipped"
4 Bytes
+10
44
"4 Bytes"
1
4 Bytes
+14
45
"Float"
Float
+18
46
"Freshness"
Float
+1c
47
"4 Bytes"
4 Bytes
+20
48
"Durability"
Float
+24
49
"Max Durability"
Float
+28
50
"4 Bytes"
4 Bytes
+2c
51
"[3]"
1
+30*2
52
"Item Type ID"
1
4 Bytes
+0
53
"4 Bytes"
4 Bytes
+4
54
"Item Count"
4 Bytes
+8
55
"Index"
4 Bytes
+C
56
"Equipped"
4 Bytes
+10
57
"4 Bytes"
1
4 Bytes
+14
58
"Float"
Float
+18
59
"Freshness"
Float
+1c
60
"4 Bytes"
4 Bytes
+20
61
"Durability"
Float
+24
62
"Max Durability"
Float
+28
63
"4 Bytes"
4 Bytes
+2c
64
"[4]"
1
+30*3
65
"Item Type ID"
1
4 Bytes
+0
66
"4 Bytes"
4 Bytes
+4
67
"Item Count"
4 Bytes
+8
68
"Index"
4 Bytes
+C
69
"Equipped"
4 Bytes
+10
70
"4 Bytes"
1
4 Bytes
+14
71
"Float"
Float
+18
72
"Freshness"
Float
+1c
73
"4 Bytes"
4 Bytes
+20
74
"Durability"
Float
+24
75
"Max Durability"
Float
+28
76
"4 Bytes"
4 Bytes
+2c
77
"[5]"
1
+30*4
78
"Item Type ID"
1
4 Bytes
+0
79
"4 Bytes"
4 Bytes
+4
80
"Item Count"
4 Bytes
+8
81
"Index"
4 Bytes
+C
82
"Equipped"
4 Bytes
+10
83
"4 Bytes"
1
4 Bytes
+14
84
"Float"
Float
+18
85
"Freshness"
Float
+1c
86
"4 Bytes"
4 Bytes
+20
87
"Durability"
Float
+24
88
"Max Durability"
Float
+28
89
"4 Bytes"
4 Bytes
+2c
90
"[6]"
1
+30*5
91
"Item Type ID"
1
4 Bytes
+0
92
"4 Bytes"
4 Bytes
+4
93
"Item Count"
4 Bytes
+8
94
"Index"
4 Bytes
+C
95
"Equipped"
4 Bytes
+10
96
"4 Bytes"
1
4 Bytes
+14
97
"Float"
Float
+18
98
"Freshness"
Float
+1c
99
"4 Bytes"
4 Bytes
+20
100
"Durability"
Float
+24
101
"Max Durability"
Float
+28
102
"4 Bytes"
4 Bytes
+2c
103
"[7]"
1
+30*6
104
"Item Type ID"
1
4 Bytes
+0
105
"4 Bytes"
4 Bytes
+4
106
"Item Count"
4 Bytes
+8
107
"Index"
4 Bytes
+C
108
"Equipped"
4 Bytes
+10
109
"4 Bytes"
1
4 Bytes
+14
110
"Float"
Float
+18
111
"Freshness"
Float
+1c
112
"4 Bytes"
4 Bytes
+20
113
"Durability"
Float
+24
114
"Max Durability"
Float
+28
115
"4 Bytes"
4 Bytes
+2c
116
"[8]"
1
+30*7
117
"Item Type ID"
1
4 Bytes
+0
118
"4 Bytes"
4 Bytes
+4
119
"Item Count"
4 Bytes
+8
120
"Index"
4 Bytes
+C
121
"Equipped"
4 Bytes
+10
122
"4 Bytes"
1
4 Bytes
+14
123
"Float"
Float
+18
124
"Freshness"
Float
+1c
125
"4 Bytes"
4 Bytes
+20
126
"Durability"
Float
+24
127
"Max Durability"
Float
+28
128
"4 Bytes"
4 Bytes
+2c
15817
"Misc Pointers =>"
C0C0C0
1
133
"Window"
1
8 Bytes
pWindow
132
"Screen"
1
8 Bytes
pScreen
134
"Item Size"
8 Bytes
itemSize
130
"Num Screen Items"
4 Bytes
numScreenItems
131
"Screen Pointer"
1
8 Bytes
pScreenPtr
15818
"[X] <= Find Player"
Auto Assembler Script
{ Game : Medieval_Dynasty-Win64-Shipping.exe
Version:
Date : 2020-09-22
Author : User
This script does blah blah blah
}
[ENABLE]
aobscanmodule(AccessCharacters,Medieval_Dynasty-Win64-Shipping.exe,41 FF 54 C5 00 48 85 DB) // should be unique
alloc(newmem,$1000,AccessCharacters)
label(code)
label(return)
label(pCharacter)
newmem:
pCharacter:
dq 0
code:
push RAX
mov rax, r8
sub rax, rcx
cmp rax, 6A0
pop RAX
jne exitcode
mov [pCharacter], rcx
exitcode:
call qword ptr [r13+rax*8+00]
jmp return
AccessCharacters:
jmp code
return:
registersymbol(AccessCharacters)
registersymbol(pCharacter)
[DISABLE]
AccessCharacters:
db 41 FF 54 C5 00
unregistersymbol(AccessCharacters)
unregistersymbol(pCharacter)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Medieval_Dynasty-Win64-Shipping.exe"+D5A566
"Medieval_Dynasty-Win64-Shipping.exe"+D5A545: 48 8B CE - mov rcx,rsi
"Medieval_Dynasty-Win64-Shipping.exe"+D5A548: FF 50 08 - call qword ptr [rax+08]
"Medieval_Dynasty-Win64-Shipping.exe"+D5A54B: 49 8B 46 20 - mov rax,[r14+20]
"Medieval_Dynasty-Win64-Shipping.exe"+D5A54F: 49 8B D6 - mov rdx,r14
"Medieval_Dynasty-Win64-Shipping.exe"+D5A552: 4D 8B 46 38 - mov r8,[r14+38]
"Medieval_Dynasty-Win64-Shipping.exe"+D5A556: 0F B6 08 - movzx ecx,byte ptr [rax]
"Medieval_Dynasty-Win64-Shipping.exe"+D5A559: 48 FF C0 - inc rax
"Medieval_Dynasty-Win64-Shipping.exe"+D5A55C: 49 89 46 20 - mov [r14+20],rax
"Medieval_Dynasty-Win64-Shipping.exe"+D5A560: 8B C1 - mov eax,ecx
"Medieval_Dynasty-Win64-Shipping.exe"+D5A562: 49 8B 4E 18 - mov rcx,[r14+18]
// ---------- INJECTING HERE ----------
"Medieval_Dynasty-Win64-Shipping.exe"+D5A566: 41 FF 54 C5 00 - call qword ptr [r13+rax*8+00]
// ---------- DONE INJECTING ----------
"Medieval_Dynasty-Win64-Shipping.exe"+D5A56B: 48 85 DB - test rbx,rbx
"Medieval_Dynasty-Win64-Shipping.exe"+D5A56E: 74 22 - je Medieval_Dynasty-Win64-Shipping.exe+D5A592
"Medieval_Dynasty-Win64-Shipping.exe"+D5A570: 48 85 FF - test rdi,rdi
"Medieval_Dynasty-Win64-Shipping.exe"+D5A573: 74 1D - je Medieval_Dynasty-Win64-Shipping.exe+D5A592
"Medieval_Dynasty-Win64-Shipping.exe"+D5A575: 48 8B 47 40 - mov rax,[rdi+40]
"Medieval_Dynasty-Win64-Shipping.exe"+D5A579: 48 C1 E8 24 - shr rax,24
"Medieval_Dynasty-Win64-Shipping.exe"+D5A57D: F6 D0 - not al
"Medieval_Dynasty-Win64-Shipping.exe"+D5A57F: A8 01 - test al,01
"Medieval_Dynasty-Win64-Shipping.exe"+D5A581: 74 0F - je Medieval_Dynasty-Win64-Shipping.exe+D5A592
"Medieval_Dynasty-Win64-Shipping.exe"+D5A583: 48 8B 07 - mov rax,[rdi]
}
15819
"Player =>"
1
pCharacter
0
15820
"Health"
Float
+680
15925
"Health 2?"
Float
+698
15821
"Food"
Float
+690
15822
"Water "
Float
+6A0
15823
"Endurance"
Float
+6A8
15824
"Condition"
Float
+68c
15845
"Temperature =>"
1
15825
"Temperature ( Kelvin | 293.15 K = 20 C = 68 F )"
Float
+72C
15826
"Temperature ( Kelvin | 293.15 K = 20 C = 68 F )"
Float
+730
15827
"Temperature ( Kelvin | 293.15 K = 20 C = 68 F )"
Float
+734
15828
"Temperature ( Kelvin | 293.15 K = 20 C = 68 F )"
Float
+738
15840
"Skill Points =>"
1
15838
"Mining"
4 Bytes
+1BC
15839
"Hunting"
4 Bytes
+21C
15841
"Farming"
4 Bytes
+27C
15842
"Diplomacy"
4 Bytes
+2DC
15843
"Survival"
4 Bytes
+33C
15844
"Crafting"
4 Bytes
+39C
15920
"Technology Points =>"
1
pCharacter
0
280
8e0
20
15921
"Building"
Float
+284
15922
"Survival"
Float
+288
15923
"Farming"
Float
+28c
15924
"Crafting"
Float
+290
15937
"Management =>"
1
pCharacter
0
280
8e0
20
15938
"Dynasty Points"
4 Bytes
+280
15816
"[X] <= Find Time Pointer"
FF8000
Auto Assembler Script
// Warning!
// This script uses a little assembly hack.
// Saving this script will always give an error on the same line:
// aob_GetChar+(DWORD)[aob_GetChar+0B]+0F:
// Don't pay it any heed :)
//=========================================
[ENABLE]
//=========================================
// Getting selected character
// ==============================================
aobscanmodule(aob_time,Medieval_Dynasty-Win64-Shipping.exe,4D 8B 94 24 38 0C 00 00 48 8B 05 ?? ?? ?? ??) // should be unique
label(pRootTime)
registersymbol(pRootTime)
// Get static pointer value for Root Character
aob_time+(DWORD)[aob_time+0B]+0B+04:
pRootTime:
//=========================================
[DISABLE]
//=========================================
unregistersymbol(pRootTime)
{
// ORIGINAL CODE - INJECTION POINT: "Medieval_Dynasty-Win64-Shipping.exe"+2007330
"Medieval_Dynasty-Win64-Shipping.exe"+2007310: 33 F6 - xor esi,esi
"Medieval_Dynasty-Win64-Shipping.exe"+2007312: 45 32 FF - xor r15l,r15l
"Medieval_Dynasty-Win64-Shipping.exe"+2007315: 89 75 BB - mov [rbp-45],esi
"Medieval_Dynasty-Win64-Shipping.exe"+2007318: 44 89 7D BF - mov [rbp-41],r15d
"Medieval_Dynasty-Win64-Shipping.exe"+200731C: 8B DE - mov ebx,esi
"Medieval_Dynasty-Win64-Shipping.exe"+200731E: 89 5D B7 - mov [rbp-49],ebx
"Medieval_Dynasty-Win64-Shipping.exe"+2007321: 8B D6 - mov edx,esi
"Medieval_Dynasty-Win64-Shipping.exe"+2007323: 45 85 C9 - test r9d,r9d
"Medieval_Dynasty-Win64-Shipping.exe"+2007326: 7E 46 - jle Medieval_Dynasty-Win64-Shipping.exe+200736E
"Medieval_Dynasty-Win64-Shipping.exe"+2007328: 4D 8B 94 24 38 0C 00 00 - mov r10,[r12+00000C38]
// ---------- INJECTING HERE ----------
"Medieval_Dynasty-Win64-Shipping.exe"+2007330: 48 8B 05 49 B2 F3 01 - mov rax,[Medieval_Dynasty-Win64-Shipping.exe+3F42580]
// ---------- DONE INJECTING ----------
"Medieval_Dynasty-Win64-Shipping.exe"+2007337: 4D 8B C2 - mov r8,r10
"Medieval_Dynasty-Win64-Shipping.exe"+200733A: 66 0F 1F 44 00 00 - nop word ptr [rax+rax+00]
"Medieval_Dynasty-Win64-Shipping.exe"+2007340: 49 8B 08 - mov rcx,[r8]
"Medieval_Dynasty-Win64-Shipping.exe"+2007343: 48 39 81 78 02 00 00 - cmp [rcx+00000278],rax
"Medieval_Dynasty-Win64-Shipping.exe"+200734A: 74 0D - je Medieval_Dynasty-Win64-Shipping.exe+2007359
"Medieval_Dynasty-Win64-Shipping.exe"+200734C: FF C2 - inc edx
"Medieval_Dynasty-Win64-Shipping.exe"+200734E: 49 83 C0 08 - add r8,08
"Medieval_Dynasty-Win64-Shipping.exe"+2007352: 41 3B D1 - cmp edx,r9d
"Medieval_Dynasty-Win64-Shipping.exe"+2007355: 7C E9 - jl Medieval_Dynasty-Win64-Shipping.exe+2007340
"Medieval_Dynasty-Win64-Shipping.exe"+2007357: EB 15 - jmp Medieval_Dynasty-Win64-Shipping.exe+200736E
}
186
"Time =>"
1
pRootTime
278
270
2E0
128
187
"Year"
4 Bytes
+0
188
"Hour"
4 Bytes
+4
189
"Minutes"
4 Bytes
+8
190
"Seconds"
4 Bytes
+C