10
"Script: Globals"
80000008
Auto Assembler Script
{
Globals:
1000: pGold (gold at offset 28)
1004: pHP (hp at offset 118, mp at 1A8)
2000: pGold_ESI (esi value when in routine that sets pGold (when playing game), could be base pointer)
2004: pGold_ESI_2 (esi value when in routine that sets pGold (when upgrading keep), could be base pointer)
2008: pHP_ESI (esi value on hp loaded each frame), could be base pointer
200C: pHP_ECX (ebx value on hp loaded each frame), could be base pointer
3000: bInfiniteMP
3004: bGodMode
3008: bOneHItKill
300C: bLongPlatforms
3010: bInfiniteMultiJump
3014: bUndead (hp goes to 1 but not lower)
3018: bInfiniteFlightTime
301C: bNoSpellDelay
3020: bInvincibility - set timer like you've just been hit and are invulnerable
3024: bKillAllEnbemies
}
globalalloc(globals,$100000)
[ENABLE]
[DISABLE]
9
"IMPORTANT Script: HP Each frame (sets player pointer)"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-03
Author : Jason
Reads HP each frame (32 bit integer)
}
[ENABLE]
aobscan(INJECT_HP_EACH_FRAME,8B 83 18 01 00 00 8B 55) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mov [globals+1004],ebx
mov [globals+2008],esi
mov eax,[ebx+00000118]
jmp return
INJECT_HP_EACH_FRAME:
jmp code
nop
return:
registersymbol(INJECT_HP_EACH_FRAME)
[DISABLE]
INJECT_HP_EACH_FRAME:
db 8B 83 18 01 00 00
unregistersymbol(INJECT_HP_EACH_FRAME)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 097D90BF
097D9097: 8B 40 44 - mov eax,[eax+44]
097D909A: FF 50 08 - call dword ptr [eax+08]
097D909D: 8B 87 F4 00 00 00 - mov eax,[edi+000000F4]
097D90A3: 89 45 E8 - mov [ebp-18],eax
097D90A6: B9 54 3C 4A 5E - mov ecx,mscorlib.ni.dll+413C54
097D90AB: E8 24 90 38 F7 - call 00B620D4
097D90B0: 89 45 E4 - mov [ebp-1C],eax
097D90B3: B9 54 3C 4A 5E - mov ecx,mscorlib.ni.dll+413C54
097D90B8: E8 17 90 38 F7 - call 00B620D4
097D90BD: 8B F0 - mov esi,eax
// ---------- INJECTING HERE ----------
097D90BF: 8B 83 18 01 00 00 - mov eax,[ebx+00000118]
// ---------- DONE INJECTING ----------
097D90C5: 8B 55 E4 - mov edx,[ebp-1C]
097D90C8: 89 42 04 - mov [edx+04],eax
097D90CB: 89 55 D8 - mov [ebp-28],edx
097D90CE: 8B CB - mov ecx,ebx
097D90D0: 8B 01 - mov eax,[ecx]
097D90D2: 8B 40 64 - mov eax,[eax+64]
097D90D5: FF 50 0C - call dword ptr [eax+0C]
097D90D8: 89 46 04 - mov [esi+04],eax
097D90DB: 56 - push esi
097D90DC: 8B 4D D8 - mov ecx,[ebp-28]
}
1
"IMPORTANT Script: Player HUD Update (sets stats pointer)"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-02
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_PLAYER_HUD_UPDATE,8B 40 28 89 45 EC 83 7D) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
globalalloc(globals,$100000)
newmem:
code:
mov [globals+1000],eax // pPlayer
mov eax,[eax+28]
mov [ebp-14],eax
jmp return
INJECT_PLAYER_HUD_UPDATE:
jmp code
nop
return:
registersymbol(INJECT_PLAYER_HUD_UPDATE)
[DISABLE]
INJECT_PLAYER_HUD_UPDATE:
db 8B 40 28 89 45 EC
unregistersymbol(INJECT_PLAYER_HUD_UPDATE)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0F52423A
0F52421E: 50 - push eax
0F52421F: 8B 4D F0 - mov ecx,[ebp-10]
0F524222: 33 D2 - xor edx,edx
0F524224: E8 3C C2 CF 4F - call clr.dll+10465
0F524229: 8B D0 - mov edx,eax
0F52422B: 8B CE - mov ecx,esi
0F52422D: 8B 01 - mov eax,[ecx]
0F52422F: 8B 40 44 - mov eax,[eax+44]
0F524232: FF 50 08 - call dword ptr [eax+08]
0F524235: A1 F4 33 82 04 - mov eax,[048233F4]
// ---------- INJECTING HERE ----------
0F52423A: 8B 40 28 - mov eax,[eax+28]
0F52423D: 89 45 EC - mov [ebp-14],eax
// ---------- DONE INJECTING ----------
0F524240: 83 7D EC 00 - cmp dword ptr [ebp-14],00
0F524244: 7D 05 - jnl 0F52424B
0F524246: 33 D2 - xor edx,edx
0F524248: 89 55 EC - mov [ebp-14],edx
0F52424B: 8B B7 EC 00 00 00 - mov esi,[edi+000000EC]
0F524251: E8 4A E5 E8 4E - call mscorlib.ni.dll+3227A0
0F524256: 50 - push eax
0F524257: 8B 4D EC - mov ecx,[ebp-14]
0F52425A: 33 D2 - xor edx,edx
0F52425C: E8 04 C2 CF 4F - call clr.dll+10465
Entire function seems to be RogueCastle.PlayerHUDObj:Update
RogueCastle.PlayerHUDObj::Update - 55 - push ebp
RogueCastle.PlayerHUDObj::Update+1- 8B EC - mov ebp,esp
RogueCastle.PlayerHUDObj::Update+3- 57 - push edi
RogueCastle.PlayerHUDObj::Update+4- 56 - push esi
RogueCastle.PlayerHUDObj::Update+5- 53 - push ebx
RogueCastle.PlayerHUDObj::Update+6- 83 EC 1C - sub esp,1C
RogueCastle.PlayerHUDObj::Update+9- 33 C0 - xor eax,eax
RogueCastle.PlayerHUDObj::Update+B- 89 45 F0 - mov [ebp-10],eax
RogueCastle.PlayerHUDObj::Update+E- 89 45 EC - mov [ebp-14],eax
RogueCastle.PlayerHUDObj::Update+11- 8B F9 - mov edi,ecx
RogueCastle.PlayerHUDObj::Update+13- 8B DA - mov ebx,edx
RogueCastle.PlayerHUDObj::Update+15- A1 F4338204 - mov eax,[048233F4] : [23D07CDC]
RogueCastle.PlayerHUDObj::Update+1A- 8B 40 2C - mov eax,[eax+2C]
RogueCastle.PlayerHUDObj::Update+1D- 89 45 F0 - mov [ebp-10],eax
RogueCastle.PlayerHUDObj::Update+20- 83 7D F0 00 - cmp dword ptr [ebp-10],00
RogueCastle.PlayerHUDObj::Update+24- 7D 05 - jnl RogueCastle.PlayerHUDObj::Update+2B
RogueCastle.PlayerHUDObj::Update+26- 33 D2 - xor edx,edx
RogueCastle.PlayerHUDObj::Update+28- 89 55 F0 - mov [ebp-10],edx
RogueCastle.PlayerHUDObj::Update+2B- 8B B7 E4000000 - mov esi,[edi+000000E4]
RogueCastle.PlayerHUDObj::Update+31- E8 82E5E84E - call mscorlib.ni.dll+3227A0
RogueCastle.PlayerHUDObj::Update+36- 50 - push eax
RogueCastle.PlayerHUDObj::Update+37- 8B 4D F0 - mov ecx,[ebp-10]
RogueCastle.PlayerHUDObj::Update+3A- 33 D2 - xor edx,edx
RogueCastle.PlayerHUDObj::Update+3C- E8 3CC2CF4F - call clr.dll+10465
RogueCastle.PlayerHUDObj::Update+41- 8B D0 - mov edx,eax
RogueCastle.PlayerHUDObj::Update+43- 8B CE - mov ecx,esi
RogueCastle.PlayerHUDObj::Update+45- 8B 01 - mov eax,[ecx] // ECX important here? ESI?
RogueCastle.PlayerHUDObj::Update+47- 8B 40 44 - mov eax,[eax+44]
RogueCastle.PlayerHUDObj::Update+4A- FF 50 08 - call dword ptr [eax+08]
RogueCastle.PlayerHUDObj::Update+4D- A1 F4338204 - mov eax,[048233F4] : [23D07CDC]
RogueCastle.PlayerHUDObj::Update+52- 8B 40 28 - mov eax,[eax+28] // load current gold
RogueCastle.PlayerHUDObj::Update+55- 89 45 EC - mov [ebp-14],eax
RogueCastle.PlayerHUDObj::Update+58- 83 7D EC 00 - cmp dword ptr [ebp-14],00
RogueCastle.PlayerHUDObj::Update+5C- 7D 05 - jnl RogueCastle.PlayerHUDObj::Update+63
RogueCastle.PlayerHUDObj::Update+5E- 33 D2 - xor edx,edx
RogueCastle.PlayerHUDObj::Update+60- 89 55 EC - mov [ebp-14],edx
RogueCastle.PlayerHUDObj::Update+63- 8B B7 EC000000 - mov esi,[edi+000000EC]
RogueCastle.PlayerHUDObj::Update+69- E8 4AE5E84E - call mscorlib.ni.dll+3227A0
RogueCastle.PlayerHUDObj::Update+6E- 50 - push eax
RogueCastle.PlayerHUDObj::Update+6F- 8B 4D EC - mov ecx,[ebp-14]
RogueCastle.PlayerHUDObj::Update+72- 33 D2 - xor edx,edx
RogueCastle.PlayerHUDObj::Update+74- E8 04C2CF4F - call clr.dll+10465
RogueCastle.PlayerHUDObj::Update+79- 8B D0 - mov edx,eax
RogueCastle.PlayerHUDObj::Update+7B- 8B CE - mov ecx,esi
RogueCastle.PlayerHUDObj::Update+7D- 8B 01 - mov eax,[ecx]
RogueCastle.PlayerHUDObj::Update+7F- 8B 40 44 - mov eax,[eax+44]
RogueCastle.PlayerHUDObj::Update+82- FF 50 08 - call dword ptr [eax+08]
RogueCastle.PlayerHUDObj::Update+85- 8B 87 F4000000 - mov eax,[edi+000000F4]
RogueCastle.PlayerHUDObj::Update+8B- 89 45 E8 - mov [ebp-18],eax
RogueCastle.PlayerHUDObj::Update+8E- B9 543C4A5E - mov ecx,mscorlib.ni.dll+413C54
RogueCastle.PlayerHUDObj::Update+93- E8 54DE66F1 - call 00B920D4
RogueCastle.PlayerHUDObj::Update+98- 89 45 E4 - mov [ebp-1C],eax
RogueCastle.PlayerHUDObj::Update+9B- B9 543C4A5E - mov ecx,mscorlib.ni.dll+413C54
RogueCastle.PlayerHUDObj::Update+A0- E8 47DE66F1 - call 00B920D4
RogueCastle.PlayerHUDObj::Update+A5- 8B F0 - mov esi,eax
RogueCastle.PlayerHUDObj::Update+A7- 8B 83 18010000 - mov eax,[ebx+00000118]
RogueCastle.PlayerHUDObj::Update+AD- 8B 55 E4 - mov edx,[ebp-1C]
RogueCastle.PlayerHUDObj::Update+B0- 89 42 04 - mov [edx+04],eax
RogueCastle.PlayerHUDObj::Update+B3- 89 55 D8 - mov [ebp-28],edx
RogueCastle.PlayerHUDObj::Update+B6- 8B CB - mov ecx,ebx
RogueCastle.PlayerHUDObj::Update+B8- 8B 01 - mov eax,[ecx]
RogueCastle.PlayerHUDObj::Update+BA- 8B 40 64 - mov eax,[eax+64]
RogueCastle.PlayerHUDObj::Update+BD- FF 50 0C - call dword ptr [eax+0C]
RogueCastle.PlayerHUDObj::Update+C0- 89 46 04 - mov [esi+04],eax
RogueCastle.PlayerHUDObj::Update+C3- 56 - push esi
RogueCastle.PlayerHUDObj::Update+C4- 8B 4D D8 - mov ecx,[ebp-28]
RogueCastle.PlayerHUDObj::Update+C7- 8B 15 68948204 - mov edx,[04829468] : [038BD91C]
RogueCastle.PlayerHUDObj::Update+CD- E8 56E3E84E - call mscorlib.ni.dll+322610
RogueCastle.PlayerHUDObj::Update+D2- 8B D0 - mov edx,eax
RogueCastle.PlayerHUDObj::Update+D4- 8B 4D E8 - mov ecx,[ebp-18]
RogueCastle.PlayerHUDObj::Update+D7- 8B 01 - mov eax,[ecx]
RogueCastle.PlayerHUDObj::Update+D9- 8B 40 44 - mov eax,[eax+44]
RogueCastle.PlayerHUDObj::Update+DC- FF 50 08 - call dword ptr [eax+08]
RogueCastle.PlayerHUDObj::Update+DF- 8B 87 FC000000 - mov eax,[edi+000000FC]
RogueCastle.PlayerHUDObj::Update+E5- 89 45 E0 - mov [ebp-20],eax
RogueCastle.PlayerHUDObj::Update+E8- B9 C8B3495E - mov ecx,mscorlib.ni.dll+40B3C8
RogueCastle.PlayerHUDObj::Update+ED- E8 FADD66F1 - call 00B920D4
RogueCastle.PlayerHUDObj::Update+F2- 8B F0 - mov esi,eax
RogueCastle.PlayerHUDObj::Update+F4- B9 C8B3495E - mov ecx,mscorlib.ni.dll+40B3C8
RogueCastle.PlayerHUDObj::Update+F9- E8 EEDD66F1 - call 00B920D4
RogueCastle.PlayerHUDObj::Update+FE- 89 45 DC - mov [ebp-24],eax
RogueCastle.PlayerHUDObj::Update+101- D9 83 A8010000 - fld dword ptr [ebx+000001A8]
RogueCastle.PlayerHUDObj::Update+107- D9 5E 04 - fstp dword ptr [esi+04]
RogueCastle.PlayerHUDObj::Update+10A- 8B CB - mov ecx,ebx
RogueCastle.PlayerHUDObj::Update+10C- E8 07FDDAFF - call RogueCastle.PlayerObj::get_MaxMana
RogueCastle.PlayerHUDObj::Update+111- 8B 45 DC - mov eax,[ebp-24]
RogueCastle.PlayerHUDObj::Update+114- D9 58 04 - fstp dword ptr [eax+04]
RogueCastle.PlayerHUDObj::Update+117- 50 - push eax
RogueCastle.PlayerHUDObj::Update+118- 8B CE - mov ecx,esi
RogueCastle.PlayerHUDObj::Update+11A- 8B 15 68948204 - mov edx,[04829468] : [038BD91C]
RogueCastle.PlayerHUDObj::Update+120- E8 03E3E84E - call mscorlib.ni.dll+322610
RogueCastle.PlayerHUDObj::Update+125- 8B D0 - mov edx,eax
RogueCastle.PlayerHUDObj::Update+127- 8B 4D E0 - mov ecx,[ebp-20]
RogueCastle.PlayerHUDObj::Update+12A- 8B 01 - mov eax,[ecx]
RogueCastle.PlayerHUDObj::Update+12C- 8B 40 44 - mov eax,[eax+44]
RogueCastle.PlayerHUDObj::Update+12F- FF 50 08 - call dword ptr [eax+08]
RogueCastle.PlayerHUDObj::Update+132- 8B CF - mov ecx,edi
RogueCastle.PlayerHUDObj::Update+134- 8B D3 - mov edx,ebx
RogueCastle.PlayerHUDObj::Update+136- FF 15 0070280F - call dword ptr [0F287000] : [RogueCastle.PlayerHUDObj::UpdatePlayerHP]
RogueCastle.PlayerHUDObj::Update+13C- 8B CF - mov ecx,edi
RogueCastle.PlayerHUDObj::Update+13E- 8B D3 - mov edx,ebx
RogueCastle.PlayerHUDObj::Update+140- FF 15 0C70280F - call dword ptr [0F28700C] : [RogueCastle.PlayerHUDObj::UpdatePlayerMP]
RogueCastle.PlayerHUDObj::Update+146- 8D 65 F4 - lea esp,[ebp-0C]
RogueCastle.PlayerHUDObj::Update+149- 5B - pop ebx
RogueCastle.PlayerHUDObj::Update+14A- 5E - pop esi
RogueCastle.PlayerHUDObj::Update+14B- 5F - pop edi
RogueCastle.PlayerHUDObj::Update+14C- 5D - pop ebp
RogueCastle.PlayerHUDObj::Update+14D- C3 - ret
}
48
"+ CHEATS"
80000008
1
19
"CHEAT: Infinite MP (set to 1)"
80000008
4 Bytes
globals+3000
21
"CHEAT: Infinite HP (set to 1)"
80000008
4 Bytes
globals+3004
50
"CHEAT: Undead (set to 1)"
80000008
4 Bytes
globals+3014
89
"CHEAT: Invincible (set to 1)"
80000008
4 Bytes
globals+3020
22
"CHEAT: One Hit Kill (set to 1)"
80000008
4 Bytes
globals+3008
26
"CHEAT: Platform Timer (set to 1)"
80000008
4 Bytes
globals+300C
49
"CHEAT: Infinite Multi-jump (set to 1)"
80000008
4 Bytes
globals+3010
52
"CHEAT: Infinite Flight Time (set to 1)"
80000008
4 Bytes
globals+3018
84
"CHEAT: No spell Delay (set to 1)"
80000008
4 Bytes
globals+301C
46
"+ Stats"
80000008
1
72
"+ Class, Traits, Spells (double-click <script> for ids) ------>"
80000008
Auto Assembler Script
{
Classes:
0 - Knight
1 - Mage
2 - Barbarian
3 - Knave
4 - Shinobi
5 - Miner
6 - Spellthief
7 - Lich
8 - Paladin
9 - Archmage
10 - Barbarian Queen
11 - Assassin
12 - Hokage
13 - Spelunkette
14 - Spellsword
15 - Lich Queen
16 - Dragon (fly, no attack (x does spell))
17 - Traitor (special is several axes front, up and behind, but -30HP)
Spells:
0 - None
1 - Dagger
2 - Axe
3 - ?Bomb? - drops bomb in front of you that explodes after a few seconds
4 - Time Stop
5 - ?
6 - Quantum Translocator
7 - ? Drains 7 mana ?
8 - Chakram
9 - Scythe
10 - Blade Wall
11 - Flame Barrier
12 - Conflux
13 - Dragon Fire
14 - ?Multi-dagger? - launches 5 daggers in slightly different directions in front of you
15 - Dragon Fire 2 - goes further, even wrapping around passages to another room (up to 1 full screen)
Traits: (X means I don't like, * means interesting)
X 1 - Color Blind: You can't see colors.
2 - Gay: You are a fan of the man.
X 3 - Near-Sighted: Anything far away is blurry.
X 4 - Far-Sighted: Anything close-up is blurry.
X 5 - Dyslexia: You hvae trboule raednig tinhgs.
6 - Gigantism: You are huge.
* 7 - Dwarfism: You are tiny. (possibly get to some areas normally not?)
8 - Baldness: You are bald
* 9 - Endomorph: You can't get knocked back.
X 10 - Ectomorph: Hits send you flying.
X 11 - Alzheimers: Where are you?
12 - Dextrocardia: MP + HP pools swapped.
* 13 - ADHD: You move faster.
14 - Coprolalia: %#&@!
* 15 - O.C.D.: Break stuff to restore MP.
* 16 - Hypergonadism: You knock enemies out of the park.
17 - Muscle Wk.: You can't knock enemies back.
18 - Stereo Blind: You can't see in #D.
19 - I.B.S.: You fart a lot.
X 20 - Vertigo: Everything is upside down.
X 21 - Tunnel Vision: No early indicators.
22 - Ambivevous: Spells come out your back.
? 23 - P.A.D.: No foot pulse.
24 - Alcktorophobia: You are scared of chickens.
25 - Hypochondriac: Exaggerate the damage you take.
X 26 - Dementia: You see things that aren't there.
* 27 - Flexible: You turn while fighting.
28 - Eid. Mem.: Remember enemy placement.
29 - Nostalgic: Everything is old-timey.
X 30 - C.I.P.: No visible health bar.
31 - Savant: Randomized spells.
32 - The One: There is no spork.
33 - Clumsy: You break stuff and have no balance.
* 34 - EHS: Platforms stay open.
35 - Glaucoma: It's so dark.
36 - NULL
37 - NULL
}
[ENABLE]
[DISABLE]
70
"pStats->Trait 1"
80000008
Float
globals+1000
98
69
"pStats->Trait 2"
80000008
Float
globals+1000
9C
65
"pStats->Class"
80000008
Byte
globals+1000
70
101
"pStats->Spell"
80000008
Byte
globals+1000
6F
Increase Value
123
1
0
118
"+ Wizard Spells"
80000008
1
109
"pPlayer->WizardSpellList->Count (might crash if over 4)"
80000008
4 Bytes
globals+1004
C
194
110
"pPlayer->WizardSpellList->Spell1"
80000008
Byte
globals+1004
8
4
194
113
"pPlayer->WizardSpellList->Spell2"
80000008
Byte
globals+1004
9
4
194
112
"pPlayer->WizardSpellList->Spell3"
80000008
Byte
globals+1004
A
4
194
111
"pPlayer->WizardSpellList->Spelll4"
80000008
Byte
globals+1004
B
4
194
114
"pPlayer->WizardSpellList->Spelll5"
80000008
Byte
globals+1004
C
4
194
115
"pPlayer->WizardSpellList->Spelll6"
80000008
Byte
globals+1004
D
4
194
116
"pPlayer->WizardSpellList->Spelll7"
80000008
Byte
globals+1004
E
4
194
117
"pPlayer->WizardSpellList->Spelll8"
80000008
Byte
globals+1004
F
4
194
3
"pStats->Gold"
80000008
4 Bytes
globals+1000
28
60
"pStats->Bonus Health"
80000008
4 Bytes
globals+1000
38
61
"pStats->Bonus Strength"
80000008
4 Bytes
globals+1000
3C
62
"pStats->Bonus Mana"
80000008
4 Bytes
globals+1000
40
63
"pStats->Bonus Defense"
80000008
4 Bytes
globals+1000
44
64
"pStats->Bonus Weight"
80000008
4 Bytes
globals+1000
48
66
"pStats->Lich Health"
80000008
4 Bytes
globals+1000
4C
67
"pStats->Lich Mana"
80000008
4 Bytes
globals+1000
50
68
"pStats->Lich Health Mod"
80000008
4 Bytes
globals+1000
54
100
"pStats->Bonus Magic"
80000008
4 Bytes
globals+1000
4C
12
"pPlayer->Current HP"
80000008
4 Bytes
globals+1004
118
16
"pPlayer->Current MP"
80000008
Float
globals+1004
1A8
79
"pPlayer->Jump Height"
80000008
Float
globals+1004
11C
78
"pPlayer->Double Jump Height"
80000008
Float
globals+1004
124
13
"Script: Undead"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-03
Author : Jason
Three locations checking for player health 0 after getting hit.
}
[ENABLE]
aobscan(INJECT_UNDEAD1,83 BE 18 01 00 00 00 7D) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+3014],1
jne skip // cheat not enabled
cmp esi,[globals+1004]
jne skip // not player
cmp dword ptr [esi+00000118],00
jg skip // no need if it's over 0
mov dword ptr [esi+00000118],01
skip:
cmp dword ptr [esi+00000118],00
jmp return
INJECT_UNDEAD1:
jmp code
nop
nop
return:
registersymbol(INJECT_UNDEAD1)
aobscan(INJECT_UNDEAD2,83 BB 18 01 00 00 00 7E 64) // should be unique
alloc(newmem2,$1000)
label(code2)
label(return2)
newmem2:
code2:
cmp dword ptr [ebx+00000118],00
jmp return2
INJECT_UNDEAD2:
jmp code2
nop
nop
return2:
registersymbol(INJECT_UNDEAD2)
aobscan(INJECT_UNDEAD3,83 BB 18 01 00 00 00 0F 8F) // should be unique
alloc(newmem5,$1000)
label(code5)
label(return5)
newmem5:
code5:
cmp dword ptr [ebx+00000118],00
jmp return5
INJECT_UNDEAD3:
jmp code5
nop
nop
return5:
registersymbol(INJECT_UNDEAD3)
[DISABLE]
INJECT_UNDEAD1:
db 83 BE 18 01 00 00 00
unregistersymbol(INJECT_UNDEAD1)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0F0D3099
0F0D307D: 8B 01 - mov eax,[ecx]
0F0D307F: 8B 40 64 - mov eax,[eax+64]
0F0D3082: FF 50 0C - call dword ptr [eax+0C]
0F0D3085: 3B D8 - cmp ebx,eax
0F0D3087: 7E 10 - jle 0F0D3099
0F0D3089: 8B CE - mov ecx,esi
0F0D308B: 8B 01 - mov eax,[ecx]
0F0D308D: 8B 40 64 - mov eax,[eax+64]
0F0D3090: FF 50 0C - call dword ptr [eax+0C]
0F0D3093: 89 86 18 01 00 00 - mov [esi+00000118],eax
// ---------- INJECTING HERE ----------
0F0D3099: 83 BE 18 01 00 00 00 - cmp dword ptr [esi+00000118],00
// ---------- DONE INJECTING ----------
0F0D30A0: 7D 08 - jnl 0F0D30AA
0F0D30A2: 33 D2 - xor edx,edx
0F0D30A4: 89 96 18 01 00 00 - mov [esi+00000118],edx
0F0D30AA: 5B - pop ebx
0F0D30AB: 5E - pop esi
0F0D30AC: 5D - pop ebp
0F0D30AD: C3 - ret
0F0D30AE: 00 00 - add [eax],al
0F0D30B0: 68 3F 09 0F 00 - push 000F093F
0F0D30B5: 00 00 - add [eax],al
}
INJECT_UNDEAD2:
db 83 BB 18 01 00 00 00
unregistersymbol(INJECT_UNDEAD2)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: 097C604F
097C6025: 8B 93 18 01 00 00 - mov edx,[ebx+00000118]
097C602B: 2B 55 EC - sub edx,[ebp-14]
097C602E: 8B CB - mov ecx,ebx
097C6030: E8 33 D0 90 05 - call 0F0D3068
097C6035: 8B 95 CC FE FF FF - mov edx,[ebp-00000134]
097C603B: B9 94 C4 0A 0F - mov ecx,0F0AC494
097C6040: E8 A9 23 A5 55 - call clr.dll+83EE
097C6045: 89 85 C8 FE FF FF - mov [ebp-00000138],eax
097C604B: 85 C0 - test eax,eax
097C604D: 74 6D - je 097C60BC
// ---------- INJECTING HERE ----------
097C604F: 83 BB 18 01 00 00 00 - cmp dword ptr [ebx+00000118],00
// ---------- DONE INJECTING ----------
097C6056: 7E 64 - jle 097C60BC
097C6058: 8B CB - mov ecx,ebx
097C605A: FF 15 B4 19 0A 0F - call dword ptr [0F0A19B4]
097C6060: DB 45 EC - fild dword ptr [ebp-14]
097C6063: D9 9D B8 FE FF FF - fstp dword ptr [ebp-00000148]
097C6069: D9 85 B8 FE FF FF - fld dword ptr [ebp-00000148]
097C606F: DE C9 - fmulp st(1),st(0)
097C6071: DD 9D AC FE FF FF - fstp qword ptr [ebp-00000154]
097C6077: F2 0F 10 85 AC FE FF FF - movsd xmm0,[ebp-00000154]
097C607F: F2 0F 2C F8 - cvttsd2si edi,xmm0
}
INJECT_UNDEAD3:
db 83 BB 18 01 00 00 00
unregistersymbol(INJECT_UNDEAD3)
dealloc(newmem5)
{
// ORIGINAL CODE - INJECTION POINT: 097C6442
097C6414: 8B CB - mov ecx,ebx
097C6416: E8 A5 59 01 00 - call 097DBDC0
097C641B: EB 25 - jmp 097C6442
097C641D: 8B CB - mov ecx,ebx
097C641F: E8 54 80 74 00 - call 09F0E478
097C6424: D8 0D 18 6C 7C 09 - fmul dword ptr [097C6C18]
097C642A: DD 9D AC FE FF FF - fstp qword ptr [ebp-00000154]
097C6430: F2 0F 10 85 AC FE FF FF - movsd xmm0,[ebp-00000154]
097C6438: F2 0F 2C C0 - cvttsd2si eax,xmm0
097C643C: 89 83 D4 01 00 00 - mov [ebx+000001D4],eax
// ---------- INJECTING HERE ----------
097C6442: 83 BB 18 01 00 00 00 - cmp dword ptr [ebx+00000118],00
// ---------- DONE INJECTING ----------
097C6449: 0F 8F 15 02 00 00 - jg 097C6664
097C644F: 8B 0D F4 33 6D 04 - mov ecx,[046D33F4]
097C6455: 39 09 - cmp [ecx],ecx
097C6457: E8 B4 D1 00 00 - call 097D3610
097C645C: 83 F8 03 - cmp eax,03
097C645F: 0F 85 C9 00 00 00 - jne 097C652E
097C6465: 8B CB - mov ecx,ebx
097C6467: 8B 01 - mov eax,[ecx]
097C6469: 8B 40 64 - mov eax,[eax+64]
097C646C: FF 50 0C - call dword ptr [eax+0C]
}
45
"Script: Infinite Multi-jump"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-05
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_MULTIJUMP2,80 BE 2C 01 00 00 00 0F 84 * 01 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+3010],1
jne skip
mov byte ptr [esi+0000012C],01
skip:
cmp byte ptr [esi+0000012C],00 // original code
jmp return
INJECT_MULTIJUMP2:
jmp code
nop
nop
return:
registersymbol(INJECT_MULTIJUMP2)
[DISABLE]
INJECT_MULTIJUMP2:
db 80 BE 2C 01 00 00 00
unregistersymbol(INJECT_MULTIJUMP2)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0A795F22
0A795EFD: 39 09 - cmp [ecx],ecx
0A795EFF: E8 F4 F0 14 00 - call 0A8E4FF8
0A795F04: 85 C0 - test eax,eax
0A795F06: 75 1A - jne 0A795F22
0A795F08: 8B 0D 24 34 59 04 - mov ecx,[04593424]
0A795F0E: BA 0B 00 00 00 - mov edx,0000000B
0A795F13: 39 09 - cmp [ecx],ecx
0A795F15: E8 DE F0 14 00 - call 0A8E4FF8
0A795F1A: 85 C0 - test eax,eax
0A795F1C: 0F 84 09 02 00 00 - je 0A79612B
// ---------- INJECTING HERE ----------
0A795F22: 80 BE 2C 01 00 00 00 - cmp byte ptr [esi+0000012C],00
// ---------- DONE INJECTING ----------
0A795F29: 0F 84 FC 01 00 00 - je 0A79612B
0A795F2F: D9 86 D8 01 00 00 - fld dword ptr [esi+000001D8]
0A795F35: D9 EE - fldz
0A795F37: DF F1 - fcomip st(0),st(1)
0A795F39: DD D8 - fstp st(0)
0A795F3B: 0F 8A EA 01 00 00 - jp 0A79612B
0A795F41: 0F 82 E4 01 00 00 - jb 0A79612B
0A795F47: C7 86 28 01 00 00 02 00 00 00 - mov [esi+00000128],00000002
0A795F51: D9 86 1C 01 00 00 - fld dword ptr [esi+0000011C]
0A795F57: D9 E0 - fchs
}
18
"Script: MP"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-03
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_MP_CHANGE,D9 45 F8 DF F1 DD D8 7A 0F) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
// cheat?
cmp [globals+3000],1
jne skip
fst dword ptr [ebp-08]
fst dword ptr [esi+000001A8]
skip:
fld dword ptr [ebp-08]
fcomip st(0),st(1)
jmp return
INJECT_MP_CHANGE:
jmp code
return:
registersymbol(INJECT_MP_CHANGE)
[DISABLE]
INJECT_MP_CHANGE:
db D9 45 F8 DF F1
unregistersymbol(INJECT_MP_CHANGE)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0F0D3548
0F0D3528: DF F1 - fcomip st(0),st(1)
0F0D352A: DD D8 - fstp st(0)
0F0D352C: 7A 0A - jp 0F0D3538
0F0D352E: 76 08 - jna 0F0D3538
0F0D3530: D9 EE - fldz
0F0D3532: D9 9E A8 01 00 00 - fstp dword ptr [esi+000001A8]
0F0D3538: D9 86 A8 01 00 00 - fld dword ptr [esi+000001A8]
0F0D353E: 8B CE - mov ecx,esi
0F0D3540: D9 5D F8 - fstp dword ptr [ebp-08]
0F0D3543: E8 78 FB FF FF - call 0F0D30C0
// ---------- INJECTING HERE ----------
// at this point st(0) has max mana and [ebp-08] has the new mana we set to
// this compares it with max and skips the code below that fetches
// max mana again and stores it instead
0F0D3548: D9 45 F8 - fld dword ptr [ebp-08]
0F0D354B: DF F1 - fcomip st(0),st(1)
// ---------- DONE INJECTING ----------
0F0D354D: DD D8 - fstp st(0)
0F0D354F: 7A 0F - jp 0F0D3560
0F0D3551: 76 0D - jna 0F0D3560
0F0D3553: 8B CE - mov ecx,esi
0F0D3555: E8 66 FB FF FF - call 0F0D30C0
0F0D355A: D9 9E A8 01 00 00 - fstp dword ptr [esi+000001A8]
0F0D3560: 59 - pop ecx
0F0D3561: 5E - pop esi
0F0D3562: 5D - pop ebp
0F0D3563: C2 04 00 - ret 0004
}
20
"Script: Damage"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-03
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_HP_Set,89 96 18 01 00 00 8B 9E) // should be unique
alloc(newmem,$1000)
label(code)
label(notPlayer)
label(done)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp esi,[globals+1004] // is it player?
jne notPlayer
// is cheat enabled?
cmp dword ptr [globals+3004],1
jne done
cmp edx,[esi+00000118]
jg done
mov edx,[esi+00000118]
jmp done
notPlayer:
// is cheat enabled?
cmp dword ptr [globals+3008],1
jne done
// +44 should be 0 for enemies (except platform, bouncy spike, etc that can't be hurt?) (actually 1 for boss)
//cmp dword ptr [esi+00000044],0
//jne done
// +D0 should be 3 for enemies (2 for player, 1 for platform)
cmp dword ptr [esi+000000D0],3
jne done
cmp edx,0
jle done
xor edx,edx
mov [esi+00000118],edx
done:
mov [esi+00000118],edx
jmp return
INJECT_HP_Set:
jmp code
nop
return:
registersymbol(INJECT_HP_Set)
[DISABLE]
INJECT_HP_Set:
db 89 96 18 01 00 00
unregistersymbol(INJECT_HP_Set)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0F0D306F
0F0D305E: 00 00 - add [eax],al
0F0D3060: 38 3F - cmp [edi],bh
0F0D3062: 09 0F - or [edi],ecx
0F0D3064: 00 09 - add [ecx],cl
0F0D3066: 0A 0F - or cl,[edi]
0F0D3068: 55 - push ebp
0F0D3069: 8B EC - mov ebp,esp
0F0D306B: 56 - push esi
0F0D306C: 53 - push ebx
0F0D306D: 8B F1 - mov esi,ecx
// ---------- INJECTING HERE ----------
0F0D306F: 89 96 18 01 00 00 - mov [esi+00000118],edx
// ---------- DONE INJECTING ----------
0F0D3075: 8B 9E 18 01 00 00 - mov ebx,[esi+00000118]
0F0D307B: 8B CE - mov ecx,esi
0F0D307D: 8B 01 - mov eax,[ecx]
0F0D307F: 8B 40 64 - mov eax,[eax+64]
0F0D3082: FF 50 0C - call dword ptr [eax+0C]
0F0D3085: 3B D8 - cmp ebx,eax
0F0D3087: 7E 10 - jle 0F0D3099
0F0D3089: 8B CE - mov ecx,esi
0F0D308B: 8B 01 - mov eax,[ecx]
0F0D308D: 8B 40 64 - mov eax,[eax+64]
RogueCastle.CharacterObj::set_CurrentHealth - 55 - push ebp
RogueCastle.CharacterObj::set_CurrentHealth+1- 8B EC - mov ebp,esp
RogueCastle.CharacterObj::set_CurrentHealth+3- 56 - push esi
RogueCastle.CharacterObj::set_CurrentHealth+4- 53 - push ebx
RogueCastle.CharacterObj::set_CurrentHealth+5- 8B F1 - mov esi,ecx
RogueCastle.CharacterObj::set_CurrentHealth+7- 89 96 18010000 - mov [esi+00000118],edx // inject
RogueCastle.CharacterObj::set_CurrentHealth+D- 8B 9E 18010000 - mov ebx,[esi+00000118]
RogueCastle.CharacterObj::set_CurrentHealth+13- 8B CE - mov ecx,esi
RogueCastle.CharacterObj::set_CurrentHealth+15- 8B 01 - mov eax,[ecx]
RogueCastle.CharacterObj::set_CurrentHealth+17- 8B 40 64 - mov eax,[eax+64]
RogueCastle.CharacterObj::set_CurrentHealth+1A- FF 50 0C - call dword ptr [eax+0C] // get max health
RogueCastle.CharacterObj::set_CurrentHealth+1D- 3B D8 - cmp ebx,eax
RogueCastle.CharacterObj::set_CurrentHealth+1F- 7E 10 - jle RogueCastle.CharacterObj::set_CurrentHealth+31 // jmp if less than max
RogueCastle.CharacterObj::set_CurrentHealth+21- 8B CE - mov ecx,esi
RogueCastle.CharacterObj::set_CurrentHealth+23- 8B 01 - mov eax,[ecx]
RogueCastle.CharacterObj::set_CurrentHealth+25- 8B 40 64 - mov eax,[eax+64]
RogueCastle.CharacterObj::set_CurrentHealth+28- FF 50 0C - call dword ptr [eax+0C] // get max health again
RogueCastle.CharacterObj::set_CurrentHealth+2B- 89 86 18010000 - mov [esi+00000118],eax // store as max
RogueCastle.CharacterObj::set_CurrentHealth+31- 83 BE 18010000 00 - cmp dword ptr [esi+00000118],00
RogueCastle.CharacterObj::set_CurrentHealth+38- 7D 08 - jnl RogueCastle.CharacterObj::set_CurrentHealth+42
RogueCastle.CharacterObj::set_CurrentHealth+3A- 33 D2 - xor edx,edx
RogueCastle.CharacterObj::set_CurrentHealth+3C- 89 96 18010000 - mov [esi+00000118],edx
RogueCastle.CharacterObj::set_CurrentHealth+42- 5B - pop ebx
RogueCastle.CharacterObj::set_CurrentHealth+43- 5E - pop esi
RogueCastle.CharacterObj::set_CurrentHealth+44- 5D - pop ebp
RogueCastle.CharacterObj::set_CurrentHealth+45- C3 - ret
}
25
"Script: Platform Timer"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-04
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_PLATFORM_TIMER,D9 9F 08 02 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+300C],1
jne skip
fstp st(0) // throw out value that has been lowered
fld dword ptr [edi+00000208] // load existing value
skip:
fstp dword ptr [edi+00000208]
jmp return
INJECT_PLATFORM_TIMER:
jmp code
nop
return:
registersymbol(INJECT_PLATFORM_TIMER)
[DISABLE]
INJECT_PLATFORM_TIMER:
db D9 9F 08 02 00 00
unregistersymbol(INJECT_PLATFORM_TIMER)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 09DB3AA9
09DB3A89: 8B 51 04 - mov edx,[ecx+04]
09DB3A8C: 89 45 E0 - mov [ebp-20],eax
09DB3A8F: 89 55 E4 - mov [ebp-1C],edx
09DB3A92: DF 6D E0 - fild qword ptr [ebp-20]
09DB3A95: DD 5D E0 - fstp qword ptr [ebp-20]
09DB3A98: DD 45 E0 - fld qword ptr [ebp-20]
09DB3A9B: DC 0D 10 3C DB 09 - fmul qword ptr [09DB3C10]
09DB3AA1: D9 5D E8 - fstp dword ptr [ebp-18]
09DB3AA4: D9 45 E8 - fld dword ptr [ebp-18]
09DB3AA7: DE E9 - fsubp st(1),st(0)
// ---------- INJECTING HERE ----------
09DB3AA9: D9 9F 08 02 00 00 - fstp dword ptr [edi+00000208]
// ---------- DONE INJECTING ----------
09DB3AAF: D9 87 08 02 00 00 - fld dword ptr [edi+00000208]
09DB3AB5: D9 05 18 3C DB 09 - fld dword ptr [09DB3C18]
09DB3ABB: DF F1 - fcomip st(0),st(1)
09DB3ABD: DD D8 - fstp st(0)
09DB3ABF: 0F 8A 8A 00 00 00 - jp 09DB3B4F
09DB3AC5: 0F 82 84 00 00 00 - jb 09DB3B4F
09DB3ACB: 80 BF 11 02 00 00 00 - cmp byte ptr [edi+00000211],00
09DB3AD2: 75 7B - jne 09DB3B4F
09DB3AD4: C6 87 11 02 00 00 01 - mov byte ptr [edi+00000211],01
09DB3ADB: D9 EE - fldz
}
53
"Script: Flight Time"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-05
Author : Jason
This lowers flight time
}
[ENABLE]
aobscan(INJECT_FLIGHT_TIMER,D8 A8 C4 01 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+3018],1
jne skip
fstp st(0) // throw away value to subtract
fldz // load 0.0 to subtract instead
skip:
fsubr dword ptr [eax+000001C4]
jmp return
INJECT_FLIGHT_TIMER:
jmp code
nop
return:
registersymbol(INJECT_FLIGHT_TIMER)
[DISABLE]
INJECT_FLIGHT_TIMER:
db D8 A8 C4 01 00 00
unregistersymbol(INJECT_FLIGHT_TIMER)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0A63E3BB
0A63E388: D8 A8 E0 01 00 00 - fsubr dword ptr [eax+000001E0]
0A63E38E: D9 98 E0 01 00 00 - fstp dword ptr [eax+000001E0]
0A63E394: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0A63E39A: 80 B8 A4 02 00 00 00 - cmp byte ptr [eax+000002A4],00
0A63E3A1: 74 67 - je 0A63E40A
0A63E3A3: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0A63E3A9: 83 B8 28 01 00 00 09 - cmp dword ptr [eax+00000128],09
0A63E3B0: 74 15 - je 0A63E3C7
0A63E3B2: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0A63E3B8: D9 45 F0 - fld dword ptr [ebp-10]
// ---------- INJECTING HERE ----------
0A63E3BB: D8 A8 C4 01 00 00 - fsubr dword ptr [eax+000001C4]
// ---------- DONE INJECTING ----------
0A63E3C1: D9 98 C4 01 00 00 - fstp dword ptr [eax+000001C4]
0A63E3C7: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0A63E3CD: D9 80 C4 01 00 00 - fld dword ptr [eax+000001C4]
0A63E3D3: D9 EE - fldz
0A63E3D5: DF F1 - fcomip st(0),st(1)
0A63E3D7: DD D8 - fstp st(0)
0A63E3D9: 7A 2F - jp 0A63E40A
0A63E3DB: 72 2D - jb 0A63E40A
0A63E3DD: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0A63E3E3: 83 B8 28 01 00 00 09 - cmp dword ptr [eax+00000128],09
}
85
"Script: Spell Delay"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-06
Author : Jason
Each frame loads the spell cast delay
}
[ENABLE]
aobscan(SCRIPT_SPELL_DELAY,D9 80 30 02 00 00 D9 EE DF F1 DD D8 7A 17) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+301C],1
jne skip
fldz
fstp dword ptr [eax+00000230]
skip:
fld dword ptr [eax+00000230]
jmp return
SCRIPT_SPELL_DELAY:
jmp code
nop
return:
registersymbol(SCRIPT_SPELL_DELAY)
[DISABLE]
SCRIPT_SPELL_DELAY:
db D9 80 30 02 00 00
unregistersymbol(SCRIPT_SPELL_DELAY)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0EBC428F
0EBC4267: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0EBC426D: D9 80 A8 01 00 00 - fld dword ptr [eax+000001A8]
0EBC4273: D9 EE - fldz
0EBC4275: DF F1 - fcomip st(0),st(1)
0EBC4277: DD D8 - fstp st(0)
0EBC4279: 7A 0E - jp 0EBC4289
0EBC427B: 72 0C - jb 0EBC4289
0EBC427D: 8B 8D 74 FF FF FF - mov ecx,[ebp-0000008C]
0EBC4283: FF 15 C4 1A A5 0E - call dword ptr [0EA51AC4]
0EBC4289: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
// ---------- INJECTING HERE ----------
0EBC428F: D9 80 30 02 00 00 - fld dword ptr [eax+00000230]
// ---------- DONE INJECTING ----------
0EBC4295: D9 EE - fldz
0EBC4297: DF F1 - fcomip st(0),st(1)
0EBC4299: DD D8 - fstp st(0)
0EBC429B: 7A 17 - jp 0EBC42B4
0EBC429D: 73 15 - jae 0EBC42B4
0EBC429F: 8B 85 74 FF FF FF - mov eax,[ebp-0000008C]
0EBC42A5: D9 45 F0 - fld dword ptr [ebp-10]
0EBC42A8: D8 A8 30 02 00 00 - fsubr dword ptr [eax+00000230]
0EBC42AE: D9 98 30 02 00 00 - fstp dword ptr [eax+00000230]
0EBC42B4: 8B 8D 74 FF FF FF - mov ecx,[ebp-0000008C]
}
90
"Script: Invincibility Flag (get hit first)"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-06
Author : Jason
Check invincibility timer
}
[ENABLE]
aobscan(INJECT_INVINCIBLE,83 B8 D4 01 00 00 00 0F 8F) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
newmem:
code:
cmp dword ptr [globals+3020],1
jne skip
cmp dword ptr [eax+000001D4],0
jg skip
mov dword ptr [eax+000001D4],1
skip:
cmp dword ptr [eax+000001D4],00
jmp return
INJECT_INVINCIBLE:
jmp code
nop
nop
return:
registersymbol(INJECT_INVINCIBLE)
[DISABLE]
INJECT_INVINCIBLE:
db 83 B8 D4 01 00 00 00
unregistersymbol(INJECT_INVINCIBLE)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0D338F52
0D338F1F: 83 F8 04 - cmp eax,04
0D338F22: 74 15 - je 0D338F39
0D338F24: 8B 8D 74 FD FF FF - mov ecx,[ebp-0000028C]
0D338F2A: FF 15 94 03 1F 03 - call dword ptr [031F0394]
0D338F30: 83 F8 0A - cmp eax,0A
0D338F33: 0F 85 06 05 00 00 - jne 0D33943F
0D338F39: 8B 85 7C FD FF FF - mov eax,[ebp-00000284]
0D338F3F: 83 B8 28 01 00 00 03 - cmp dword ptr [eax+00000128],03
0D338F46: 0F 84 F3 04 00 00 - je 0D33943F
0D338F4C: 8B 85 7C FD FF FF - mov eax,[ebp-00000284]
// ---------- INJECTING HERE ----------
0D338F52: 83 B8 D4 01 00 00 00 - cmp dword ptr [eax+000001D4],00
// ---------- DONE INJECTING ----------
0D338F59: 0F 8F E0 04 00 00 - jg 0D33943F
0D338F5F: 8B 95 74 FD FF FF - mov edx,[ebp-0000028C]
0D338F65: B9 9C C8 AE 0D - mov ecx,0DAEC89C
0D338F6A: E8 7F F4 93 52 - call clr.dll+83EE
0D338F6F: 85 C0 - test eax,eax
0D338F71: 74 13 - je 0D338F86
0D338F73: 80 B8 FB 01 00 00 00 - cmp byte ptr [eax+000001FB],00
0D338F7A: 74 0A - je 0D338F86
0D338F7C: 8D 65 F4 - lea esp,[ebp-0C]
0D338F7F: 5B - pop ebx
}
119
"Script: No Charon's Toll (just script, no flag)"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-18
Author : Jason
Here's where Charon's toll is exacted, at least when I used an idol.
}
[ENABLE]
aobscan(INJECT_CHARONS_TOLL,2B C3 89 41 28) // should be unique
INJECT_CHARONS_TOLL:
nop
nop
registersymbol(INJECT_CHARONS_TOLL)
[DISABLE]
INJECT_CHARONS_TOLL:
db 2B C3
unregistersymbol(INJECT_CHARONS_TOLL)
{
// ORIGINAL CODE - INJECTION POINT: 092CE936
092CE914: DE E1 - fsubrp st(1),st(0)
092CE916: D8 4D D8 - fmul dword ptr [ebp-28]
092CE919: 8B 0D F4 33 18 04 - mov ecx,[041833F4]
092CE91F: 8B 41 28 - mov eax,[ecx+28]
092CE922: D9 C0 - fld st(0)
092CE924: DD 5D C8 - fstp qword ptr [ebp-38]
092CE927: DD 45 C8 - fld qword ptr [ebp-38]
092CE92A: DD 5D C8 - fstp qword ptr [ebp-38]
092CE92D: F2 0F 10 45 C8 - movsd xmm0,[ebp-38]
092CE932: F2 0F 2C D8 - cvttsd2si ebx,xmm0
// ---------- INJECTING HERE ----------
092CE936: 2B C3 - sub eax,ebx
// ---------- DONE INJECTING ----------
092CE938: 89 41 28 - mov [ecx+28],eax
092CE93B: 83 79 28 00 - cmp dword ptr [ecx+28],00
092CE93F: 7D 05 - jnl 092CE946
092CE941: 33 D2 - xor edx,edx
092CE943: 89 51 28 - mov [ecx+28],edx
092CE946: D9 EE - fldz
092CE948: DF F1 - fcomip st(0),st(1)
092CE94A: DD D8 - fstp st(0)
092CE94C: 7A 63 - jp 092CE9B1
092CE94E: 73 61 - jae 092CE9B1
092CE950: 8B 86 90 00 00 00 - mov eax,[esi+00000090]
}
30
"+ Script: Kill Enemies"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-04
Author : Jason
This checks health each frame, last part of RogueCastle.EnemyObj::Update
procedure.
0078 is pointer to name:
0004: String length
0008: Unicode string
'EnemyBouncySpike_Character'
}
[ENABLE]
aobscan(INJECT_KillEnemies,83 BB 18 01 00 00 00 7F) // should be unique
alloc(newmem,$1000)
globalalloc(globals,$100000)
globals+10000:
dd 0 0 0 0 0 0 0 0
label(sBouncyName)
label(sTrapName)
label(sTurretName)
label(iNextTriggerTime)
label(iMsBetweenTriggers)
label(code)
label(notBouncy)
label(notTrap)
label(notTurret)
label(done)
label(killIt)
label(DoesStringMatch)
label(DoesStringMatch_loop)
label(DoesStringMatch_done)
label(return)
newmem:
iNextTriggerTime:
dd 0
iMsBetweenTriggers:
dd 100
sBouncyName:
db 'EnemyBouncySpike_Character' 0
sTrapName:
db 'EnemySpikeTrap_Character' 0
sTurretName:
db 'EnemyTurretFire_Character' 0
code:
pushad // save all registers and flags
mov edx,[ebx+0078]
add edx,8
push edx // push start of unicode bytes
push sBouncyName // push our ASCII string to compare to
call DoesStringMatch
test eax,eax
jnz notBouncy
// they match, so check cheat flag and kill if set
inc [globals+10004]
cmp dword ptr [globals+3010],1 // bKillBouncySpikes
je killIt
jmp done
notBouncy:
push edx // push start of unicode bytes
push sTrapName // push our ASCII string to compare to
call DoesStringMatch
test eax,eax
jnz notTrap
// they match, so check cheat flag and kill if set
inc [globals+10008]
cmp dword ptr [globals+3014],1 // bKillTraps
je killIt
jmp done
notTrap:
push edx // push start of unicode bytes
push sTurretName // push our ASCII string to compare to
call DoesStringMatch
test eax,eax
jnz notTurret
// they match, so check cheat flag and kill if set
cmp dword ptr [globals+3018],1 // bKillTurrets
je killIt
jmp done
notTurret:
cmp dword ptr [globals+3024],1 // bKillAllEnemies
jne done
cmp dword ptr [ebx+000000D0],3 // enemy?
jne done
jmp killIt
done:
popad
cmp dword ptr [ebx+00000118],00
jmp return
killIt:
// first we need to see if enough time has passed since the last kill
mov ebp,esp
sub esp,4 // room for current GetTickCount result
pushad // save what registers
call GetTickCount
mov [ebp-4],eax // GetTickCount
popad
mov eax,[ebp-4]
mov esp,ebp
cmp eax,[iNextTriggerTime] // is it time yet?
jna done
// ok, we need to kill it, store last kill time and set health to 0
add eax,[iMsBetweenTriggers]
mov [iNextTriggerTime],eax
mov dword ptr [ebx+00000118],0
mov esp,ebp
jmp done
nop
nop
nop
nop
nop
nop
nop
nop
DoesStringMatch: // DoTheyMatch(pUnicodeString, pAsciiString)
push ebp
mov ebp,esp
push esi
push edi
inc [globals+10000]
mov esi,[ebp+8] // ascii in source
mov edi,[ebp+c] // unicode in destination
xor eax,eax
DoesStringMatch_loop:
mov al, byte ptr [esi]
test al,al
jz DoesStringMatch_done
cmp al, byte ptr [edi]
jne DoesStringMatch_done // non-zero character will be returned
inc esi
inc edi
inc edi
jmp DoesStringMatch_loop
DoesStringMatch_done:
pop edi
pop esi
pop ebp
ret 0008
INJECT_KillEnemies:
jmp code
nop
nop
return:
registersymbol(INJECT_KillEnemies)
[DISABLE]
INJECT_KillEnemies:
db 83 BB 18 01 00 00 00
unregistersymbol(INJECT_KillEnemies)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0EBC175F
0EBC1732: 39 09 - cmp [ecx],ecx
0EBC1734: FF 15 E0 52 C5 0E - call dword ptr [0EC552E0]
0EBC173A: 8B 8B 5C 01 00 00 - mov ecx,[ebx+0000015C]
0EBC1740: 8B 95 0C FF FF FF - mov edx,[ebp-000000F4]
0EBC1746: 39 09 - cmp [ecx],ecx
0EBC1748: FF 15 E0 52 C5 0E - call dword ptr [0EC552E0]
0EBC174E: 80 BB D8 00 00 00 00 - cmp byte ptr [ebx+000000D8],00
0EBC1755: 74 08 - je 0EBC175F
0EBC1757: 8B CB - mov ecx,ebx
0EBC1759: FF 15 A8 C7 9F 0E - call dword ptr [0E9FC7A8]
// ---------- INJECTING HERE ----------
0EBC175F: 83 BB 18 01 00 00 00 - cmp dword ptr [ebx+00000118],00
// ---------- DONE INJECTING ----------
0EBC1766: 7F 21 - jg 0EBC1789
0EBC1768: 80 BB 2D 01 00 00 00 - cmp byte ptr [ebx+0000012D],00
0EBC176F: 75 18 - jne 0EBC1789
0EBC1771: 80 BB F6 01 00 00 00 - cmp byte ptr [ebx+000001F6],00
0EBC1778: 75 0F - jne 0EBC1789
0EBC177A: 8B CB - mov ecx,ebx
0EBC177C: BA 01 00 00 00 - mov edx,00000001
0EBC1781: 8B 01 - mov eax,[ecx]
0EBC1783: 8B 40 68 - mov eax,[eax+68]
0EBC1786: FF 50 0C - call dword ptr [eax+0C]
}
{
Entire function (injection near end):
RogueCastle.EnemyObj::Update - 55 - push ebp
RogueCastle.EnemyObj::Update+1- 8B EC - mov ebp,esp
RogueCastle.EnemyObj::Update+3- 57 - push edi
RogueCastle.EnemyObj::Update+4- 56 - push esi
RogueCastle.EnemyObj::Update+5- 53 - push ebx
RogueCastle.EnemyObj::Update+6- 81 EC F4000000 - sub esp,000000F4
RogueCastle.EnemyObj::Update+C- 8B F1 - mov esi,ecx
RogueCastle.EnemyObj::Update+E- 8D BD 20FFFFFF - lea edi,[ebp-000000E0]
RogueCastle.EnemyObj::Update+14- B9 34000000 - mov ecx,00000034
RogueCastle.EnemyObj::Update+19- 33 C0 - xor eax,eax
RogueCastle.EnemyObj::Update+1B- F3 AB - repe stosd
RogueCastle.EnemyObj::Update+1D- 8B CE - mov ecx,esi
RogueCastle.EnemyObj::Update+1F- 89 95 0CFFFFFF - mov [ebp-000000F4],edx
RogueCastle.EnemyObj::Update+25- 8B D9 - mov ebx,ecx
RogueCastle.EnemyObj::Update+27- 8B 85 0CFFFFFF - mov eax,[ebp-000000F4]
RogueCastle.EnemyObj::Update+2D- 3A 40 10 - cmp al,[eax+10]
RogueCastle.EnemyObj::Update+30- 8D 48 10 - lea ecx,[eax+10]
RogueCastle.EnemyObj::Update+33- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+35- 8B 51 04 - mov edx,[ecx+04]
RogueCastle.EnemyObj::Update+38- 89 85 00FFFFFF - mov [ebp-00000100],eax
RogueCastle.EnemyObj::Update+3E- 89 95 04FFFFFF - mov [ebp-000000FC],edx
RogueCastle.EnemyObj::Update+44- DF AD 00FFFFFF - fild qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+4A- DD 9D 00FFFFFF - fstp qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+50- DD 85 00FFFFFF - fld qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+56- DC 0D A017BC0E - fmul qword ptr [0EBC17A0] : [(double)0.0000]
RogueCastle.EnemyObj::Update+5C- D9 5D F0 - fstp dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+5F- D9 83 E0010000 - fld dword ptr [ebx+000001E0]
RogueCastle.EnemyObj::Update+65- D9EE - fldz
RogueCastle.EnemyObj::Update+67- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+69- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+6B- 7A 16 - jp RogueCastle.EnemyObj::Update+83
RogueCastle.EnemyObj::Update+6D- 73 14 - jae RogueCastle.EnemyObj::Update+83
RogueCastle.EnemyObj::Update+6F- D9 45 F0 - fld dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+72- D8 AB E0010000 - fsubr dword ptr [ebx+000001E0]
RogueCastle.EnemyObj::Update+78- D9 9B E0010000 - fstp dword ptr [ebx+000001E0]
RogueCastle.EnemyObj::Update+7E- E9 4B080000 - jmp RogueCastle.EnemyObj::Update+8CE
RogueCastle.EnemyObj::Update+83- D9 83 C8010000 - fld dword ptr [ebx+000001C8]
RogueCastle.EnemyObj::Update+89- D9EE - fldz
RogueCastle.EnemyObj::Update+8B- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+8D- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+8F- 7A 11 - jp RogueCastle.EnemyObj::Update+A2
RogueCastle.EnemyObj::Update+91- 73 0F - jae RogueCastle.EnemyObj::Update+A2
RogueCastle.EnemyObj::Update+93- D9 45 F0 - fld dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+96- D8 AB C8010000 - fsubr dword ptr [ebx+000001C8]
RogueCastle.EnemyObj::Update+9C- D9 9B C8010000 - fstp dword ptr [ebx+000001C8]
RogueCastle.EnemyObj::Update+A2- D9 83 CC010000 - fld dword ptr [ebx+000001CC]
RogueCastle.EnemyObj::Update+A8- D9EE - fldz
RogueCastle.EnemyObj::Update+AA- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+AC- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+AE- 7A 11 - jp RogueCastle.EnemyObj::Update+C1
RogueCastle.EnemyObj::Update+B0- 73 0F - jae RogueCastle.EnemyObj::Update+C1
RogueCastle.EnemyObj::Update+B2- D9 45 F0 - fld dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+B5- D8 AB CC010000 - fsubr dword ptr [ebx+000001CC]
RogueCastle.EnemyObj::Update+BB- D9 9B CC010000 - fstp dword ptr [ebx+000001CC]
RogueCastle.EnemyObj::Update+C1- D9 83 C8010000 - fld dword ptr [ebx+000001C8]
RogueCastle.EnemyObj::Update+C7- D9EE - fldz
RogueCastle.EnemyObj::Update+C9- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+CB- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+CD- 0F8A 3B010000 - jp RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+D3- 0F82 35010000 - jb RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+D9- D9 83 CC010000 - fld dword ptr [ebx+000001CC]
RogueCastle.EnemyObj::Update+DF- D9EE - fldz
RogueCastle.EnemyObj::Update+E1- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+E3- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+E5- 0F8A 23010000 - jp RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+EB- 0F82 1D010000 - jb RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+F1- 80 BB D8000000 00 - cmp byte ptr [ebx+000000D8],00
RogueCastle.EnemyObj::Update+F8- 0F85 10010000 - jne RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+FE- D9 83 E4000000 - fld dword ptr [ebx+000000E4]
RogueCastle.EnemyObj::Update+104- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+106- D9EE - fldz
RogueCastle.EnemyObj::Update+108- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+10A- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+10C- 7A 1C - jp RogueCastle.EnemyObj::Update+12A
RogueCastle.EnemyObj::Update+10E- 76 1A - jna RogueCastle.EnemyObj::Update+12A
RogueCastle.EnemyObj::Update+110- D8 05 A817BC0E - fadd dword ptr [0EBC17A8] : [(float)15.0000]
RogueCastle.EnemyObj::Update+116- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+11C- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+122- D9 9B E4000000 - fstp dword ptr [ebx+000000E4]
RogueCastle.EnemyObj::Update+128- EB 28 - jmp RogueCastle.EnemyObj::Update+152
RogueCastle.EnemyObj::Update+12A- D9EE - fldz
RogueCastle.EnemyObj::Update+12C- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+12E- 7B 04 - jnp RogueCastle.EnemyObj::Update+134
RogueCastle.EnemyObj::Update+130- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+132- EB 1E - jmp RogueCastle.EnemyObj::Update+152
RogueCastle.EnemyObj::Update+134- 72 04 - jb RogueCastle.EnemyObj::Update+13A
RogueCastle.EnemyObj::Update+136- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+138- EB 18 - jmp RogueCastle.EnemyObj::Update+152
RogueCastle.EnemyObj::Update+13A- D8 25 B017BC0E - fsub dword ptr [0EBC17B0] : [(float)15.0000]
RogueCastle.EnemyObj::Update+140- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+146- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+14C- D9 9B E4000000 - fstp dword ptr [ebx+000000E4]
RogueCastle.EnemyObj::Update+152- D9 83 E0000000 - fld dword ptr [ebx+000000E0]
RogueCastle.EnemyObj::Update+158- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+15A- D9EE - fldz
RogueCastle.EnemyObj::Update+15C- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+15E- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+160- 7A 1C - jp RogueCastle.EnemyObj::Update+17E
RogueCastle.EnemyObj::Update+162- 76 1A - jna RogueCastle.EnemyObj::Update+17E
RogueCastle.EnemyObj::Update+164- D8 05 B817BC0E - fadd dword ptr [0EBC17B8] : [(float)15.0000]
RogueCastle.EnemyObj::Update+16A- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+170- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+176- D9 9B E0000000 - fstp dword ptr [ebx+000000E0]
RogueCastle.EnemyObj::Update+17C- EB 28 - jmp RogueCastle.EnemyObj::Update+1A6
RogueCastle.EnemyObj::Update+17E- D9EE - fldz
RogueCastle.EnemyObj::Update+180- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+182- 7B 04 - jnp RogueCastle.EnemyObj::Update+188
RogueCastle.EnemyObj::Update+184- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+186- EB 1E - jmp RogueCastle.EnemyObj::Update+1A6
RogueCastle.EnemyObj::Update+188- 72 04 - jb RogueCastle.EnemyObj::Update+18E
RogueCastle.EnemyObj::Update+18A- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+18C- EB 18 - jmp RogueCastle.EnemyObj::Update+1A6
RogueCastle.EnemyObj::Update+18E- D8 25 C017BC0E - fsub dword ptr [0EBC17C0] : [(float)15.0000]
RogueCastle.EnemyObj::Update+194- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+19A- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+1A0- D9 9B E0000000 - fstp dword ptr [ebx+000000E0]
RogueCastle.EnemyObj::Update+1A6- D9 83 E4000000 - fld dword ptr [ebx+000000E4]
RogueCastle.EnemyObj::Update+1AC- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+1AE- D9 05 C817BC0E - fld dword ptr [0EBC17C8] : ["fff@"]
RogueCastle.EnemyObj::Update+1B4- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+1B6- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1B8- 7B 04 - jnp RogueCastle.EnemyObj::Update+1BE
RogueCastle.EnemyObj::Update+1BA- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1BC- EB 1C - jmp RogueCastle.EnemyObj::Update+1DA
RogueCastle.EnemyObj::Update+1BE- 77 04 - ja RogueCastle.EnemyObj::Update+1C4
RogueCastle.EnemyObj::Update+1C0- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1C2- EB 16 - jmp RogueCastle.EnemyObj::Update+1DA
RogueCastle.EnemyObj::Update+1C4- D9 05 D017BC0E - fld dword ptr [0EBC17D0] : [(float)-3.6000]
RogueCastle.EnemyObj::Update+1CA- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+1CC- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1CE- 7A 0A - jp RogueCastle.EnemyObj::Update+1DA
RogueCastle.EnemyObj::Update+1D0- 73 08 - jae RogueCastle.EnemyObj::Update+1DA
RogueCastle.EnemyObj::Update+1D2- D9EE - fldz
RogueCastle.EnemyObj::Update+1D4- D9 9B E4000000 - fstp dword ptr [ebx+000000E4]
RogueCastle.EnemyObj::Update+1DA- D9 83 E0000000 - fld dword ptr [ebx+000000E0]
RogueCastle.EnemyObj::Update+1E0- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+1E2- D9 05 D817BC0E - fld dword ptr [0EBC17D8] : ["fff@"]
RogueCastle.EnemyObj::Update+1E8- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+1EA- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1EC- 7B 04 - jnp RogueCastle.EnemyObj::Update+1F2
RogueCastle.EnemyObj::Update+1EE- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1F0- EB 1C - jmp RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+1F2- 77 04 - ja RogueCastle.EnemyObj::Update+1F8
RogueCastle.EnemyObj::Update+1F4- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+1F6- EB 16 - jmp RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+1F8- D9 05 E017BC0E - fld dword ptr [0EBC17E0] : [(float)-3.6000]
RogueCastle.EnemyObj::Update+1FE- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+200- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+202- 7A 0A - jp RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+204- 73 08 - jae RogueCastle.EnemyObj::Update+20E
RogueCastle.EnemyObj::Update+206- D9EE - fldz
RogueCastle.EnemyObj::Update+208- D9 9B E0000000 - fstp dword ptr [ebx+000000E0]
RogueCastle.EnemyObj::Update+20E- 80 BB 2D010000 00 - cmp byte ptr [ebx+0000012D],00
RogueCastle.EnemyObj::Update+215- 0F85 B3060000 - jne RogueCastle.EnemyObj::Update+8CE
RogueCastle.EnemyObj::Update+21B- 80 BB F5010000 00 - cmp byte ptr [ebx+000001F5],00
RogueCastle.EnemyObj::Update+222- 0F85 A6060000 - jne RogueCastle.EnemyObj::Update+8CE
RogueCastle.EnemyObj::Update+228- 8D 95 68FFFFFF - lea edx,[ebp-00000098]
RogueCastle.EnemyObj::Update+22E- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+230- E8 D302E6FF - call DS2DEngine.GameObj::get_Position
RogueCastle.EnemyObj::Update+235- 8B 8B 4C010000 - mov ecx,[ebx+0000014C]
RogueCastle.EnemyObj::Update+23B- 8D 95 60FFFFFF - lea edx,[ebp-000000A0]
RogueCastle.EnemyObj::Update+241- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+243- E8 C002E6FF - call DS2DEngine.GameObj::get_Position
RogueCastle.EnemyObj::Update+248- 8D 85 68FFFFFF - lea eax,[ebp-00000098]
RogueCastle.EnemyObj::Update+24E- 83 EC 08 - sub esp,08
RogueCastle.EnemyObj::Update+251- F3 0F7E 00 - movq xmm0,[eax]
RogueCastle.EnemyObj::Update+255- 66 0FD6 04 24 - movq [esp],xmm0
RogueCastle.EnemyObj::Update+25A- 8D 85 60FFFFFF - lea eax,[ebp-000000A0]
RogueCastle.EnemyObj::Update+260- 83 EC 08 - sub esp,08
RogueCastle.EnemyObj::Update+263- F3 0F7E 00 - movq xmm0,[eax]
RogueCastle.EnemyObj::Update+267- 66 0FD6 04 24 - movq [esp],xmm0
RogueCastle.EnemyObj::Update+26C- E8 E7A8FFFF - call DS2DEngine.CDGMath::DistanceBetweenPts
RogueCastle.EnemyObj::Update+271- D9 9B 78010000 - fstp dword ptr [ebx+00000178]
RogueCastle.EnemyObj::Update+277- D9 83 78010000 - fld dword ptr [ebx+00000178]
RogueCastle.EnemyObj::Update+27D- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+27F- DB 83 84010000 - fild dword ptr [ebx+00000184]
RogueCastle.EnemyObj::Update+285- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+28B- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+291- D9C0 - fld st(0)
RogueCastle.EnemyObj::Update+293- DFF2 - fcomip st(0),st(2)
RogueCastle.EnemyObj::Update+295- DDD9 - fstp st(1)
RogueCastle.EnemyObj::Update+297- 7A 10 - jp RogueCastle.EnemyObj::Update+2A9
RogueCastle.EnemyObj::Update+299- 73 0E - jae RogueCastle.EnemyObj::Update+2A9
RogueCastle.EnemyObj::Update+29B- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+29D- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+29F- 33 D2 - xor edx,edx
RogueCastle.EnemyObj::Update+2A1- 89 93 28010000 - mov [ebx+00000128],edx
RogueCastle.EnemyObj::Update+2A7- EB 7C - jmp RogueCastle.EnemyObj::Update+325
RogueCastle.EnemyObj::Update+2A9- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+2AB- 7A 28 - jp RogueCastle.EnemyObj::Update+2D5
RogueCastle.EnemyObj::Update+2AD- 76 26 - jna RogueCastle.EnemyObj::Update+2D5
RogueCastle.EnemyObj::Update+2AF- DB 83 7C010000 - fild dword ptr [ebx+0000017C]
RogueCastle.EnemyObj::Update+2B5- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+2BB- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+2C1- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+2C3- 7A 10 - jp RogueCastle.EnemyObj::Update+2D5
RogueCastle.EnemyObj::Update+2C5- 77 0E - ja RogueCastle.EnemyObj::Update+2D5
RogueCastle.EnemyObj::Update+2C7- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+2C9- C7 83 28010000 01000000 - mov [ebx+00000128],00000001
RogueCastle.EnemyObj::Update+2D3- EB 50 - jmp RogueCastle.EnemyObj::Update+325
RogueCastle.EnemyObj::Update+2D5- DB 83 7C010000 - fild dword ptr [ebx+0000017C]
RogueCastle.EnemyObj::Update+2DB- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+2E1- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+2E7- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+2E9- 7B 04 - jnp RogueCastle.EnemyObj::Update+2EF
RogueCastle.EnemyObj::Update+2EB- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+2ED- EB 2C - jmp RogueCastle.EnemyObj::Update+31B
RogueCastle.EnemyObj::Update+2EF- 77 04 - ja RogueCastle.EnemyObj::Update+2F5
RogueCastle.EnemyObj::Update+2F1- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+2F3- EB 26 - jmp RogueCastle.EnemyObj::Update+31B
RogueCastle.EnemyObj::Update+2F5- DB 83 80010000 - fild dword ptr [ebx+00000180]
RogueCastle.EnemyObj::Update+2FB- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+301- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+307- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+309- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+30B- 7A 0E - jp RogueCastle.EnemyObj::Update+31B
RogueCastle.EnemyObj::Update+30D- 77 0C - ja RogueCastle.EnemyObj::Update+31B
RogueCastle.EnemyObj::Update+30F- C7 83 28010000 02000000 - mov [ebx+00000128],00000002
RogueCastle.EnemyObj::Update+319- EB 0A - jmp RogueCastle.EnemyObj::Update+325
RogueCastle.EnemyObj::Update+31B- C7 83 28010000 03000000 - mov [ebx+00000128],00000003
RogueCastle.EnemyObj::Update+325- D9 83 E8010000 - fld dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+32B- D9EE - fldz
RogueCastle.EnemyObj::Update+32D- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+32F- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+331- 7A 5C - jp RogueCastle.EnemyObj::Update+38F
RogueCastle.EnemyObj::Update+333- 73 5A - jae RogueCastle.EnemyObj::Update+38F
RogueCastle.EnemyObj::Update+335- 8B 83 58010000 - mov eax,[ebx+00000158]
RogueCastle.EnemyObj::Update+33B- 3B 83 5C010000 - cmp eax,[ebx+0000015C]
RogueCastle.EnemyObj::Update+341- 75 4C - jne RogueCastle.EnemyObj::Update+38F
RogueCastle.EnemyObj::Update+343- D9 83 E8010000 - fld dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+349- 8B 85 0CFFFFFF - mov eax,[ebp-000000F4]
RogueCastle.EnemyObj::Update+34F- 8D 48 10 - lea ecx,[eax+10]
RogueCastle.EnemyObj::Update+352- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+354- 8B 51 04 - mov edx,[ecx+04]
RogueCastle.EnemyObj::Update+357- 89 85 00FFFFFF - mov [ebp-00000100],eax
RogueCastle.EnemyObj::Update+35D- 89 95 04FFFFFF - mov [ebp-000000FC],edx
RogueCastle.EnemyObj::Update+363- DF AD 00FFFFFF - fild qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+369- DD 9D 00FFFFFF - fstp qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+36F- DD 85 00FFFFFF - fld qword ptr [ebp-00000100]
RogueCastle.EnemyObj::Update+375- DC 0D E817BC0E - fmul qword ptr [0EBC17E8] : [(double)0.0000]
RogueCastle.EnemyObj::Update+37B- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+381- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+387- DEE9 - fsubp st(1),st(0)
RogueCastle.EnemyObj::Update+389- D9 9B E8010000 - fstp dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+38F- D9 83 E8010000 - fld dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+395- D9EE - fldz
RogueCastle.EnemyObj::Update+397- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+399- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+39B- 7A 12 - jp RogueCastle.EnemyObj::Update+3AF
RogueCastle.EnemyObj::Update+39D- 72 10 - jb RogueCastle.EnemyObj::Update+3AF
RogueCastle.EnemyObj::Update+39F- 80 BB F2010000 00 - cmp byte ptr [ebx+000001F2],00
RogueCastle.EnemyObj::Update+3A6- 74 07 - je RogueCastle.EnemyObj::Update+3AF
RogueCastle.EnemyObj::Update+3A8- C6 83 F2010000 00 - mov byte ptr [ebx+000001F2],00
RogueCastle.EnemyObj::Update+3AF- 80 7B 46 00 - cmp byte ptr [ebx+46],00
RogueCastle.EnemyObj::Update+3B3- 0F85 8E000000 - jne RogueCastle.EnemyObj::Update+447
RogueCastle.EnemyObj::Update+3B9- 80 BB F1010000 00 - cmp byte ptr [ebx+000001F1],00
RogueCastle.EnemyObj::Update+3C0- 75 40 - jne RogueCastle.EnemyObj::Update+402
RogueCastle.EnemyObj::Update+3C2- 8D BD 38FFFFFF - lea edi,[ebp-000000C8]
RogueCastle.EnemyObj::Update+3C8- 8D 73 60 - lea esi,[ebx+60]
RogueCastle.EnemyObj::Update+3CB- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+3CF- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+3D3- D9 85 38FFFFFF - fld dword ptr [ebp-000000C8]
RogueCastle.EnemyObj::Update+3D9- D9EE - fldz
RogueCastle.EnemyObj::Update+3DB- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+3DD- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+3DF- 7A 13 - jp RogueCastle.EnemyObj::Update+3F4
RogueCastle.EnemyObj::Update+3E1- 76 11 - jna RogueCastle.EnemyObj::Update+3F4
RogueCastle.EnemyObj::Update+3E3- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+3E5- BA 01000000 - mov edx,00000001
RogueCastle.EnemyObj::Update+3EA- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+3EC- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+3EF- FF 50 18 - call dword ptr [eax+18]
RogueCastle.EnemyObj::Update+3F2- EB 53 - jmp RogueCastle.EnemyObj::Update+447
RogueCastle.EnemyObj::Update+3F4- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+3F6- 33 D2 - xor edx,edx
RogueCastle.EnemyObj::Update+3F8- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+3FA- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+3FD- FF 50 18 - call dword ptr [eax+18]
RogueCastle.EnemyObj::Update+400- EB 45 - jmp RogueCastle.EnemyObj::Update+447
RogueCastle.EnemyObj::Update+402- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+404- E8 37F4E5FF - call DS2DEngine.GameObj::get_X
RogueCastle.EnemyObj::Update+409- 8B 8B 4C010000 - mov ecx,[ebx+0000014C]
RogueCastle.EnemyObj::Update+40F- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+415- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+417- E8 24F4E5FF - call DS2DEngine.GameObj::get_X
RogueCastle.EnemyObj::Update+41C- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+422- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+424- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+426- 7A 13 - jp RogueCastle.EnemyObj::Update+43B
RogueCastle.EnemyObj::Update+428- 76 11 - jna RogueCastle.EnemyObj::Update+43B
RogueCastle.EnemyObj::Update+42A- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+42C- BA 01000000 - mov edx,00000001
RogueCastle.EnemyObj::Update+431- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+433- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+436- FF 50 18 - call dword ptr [eax+18]
RogueCastle.EnemyObj::Update+439- EB 0C - jmp RogueCastle.EnemyObj::Update+447
RogueCastle.EnemyObj::Update+43B- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+43D- 33 D2 - xor edx,edx
RogueCastle.EnemyObj::Update+43F- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+441- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+444- FF 50 18 - call dword ptr [eax+18]
RogueCastle.EnemyObj::Update+447- 8B 83 58010000 - mov eax,[ebx+00000158]
RogueCastle.EnemyObj::Update+44D- 80 78 10 00 - cmp byte ptr [eax+10],00
RogueCastle.EnemyObj::Update+451- 75 6C - jne RogueCastle.EnemyObj::Update+4BF
RogueCastle.EnemyObj::Update+453- 80 BB F2010000 00 - cmp byte ptr [ebx+000001F2],00
RogueCastle.EnemyObj::Update+45A- 75 63 - jne RogueCastle.EnemyObj::Update+4BF
RogueCastle.EnemyObj::Update+45C- 8B 83 EC010000 - mov eax,[ebx+000001EC]
RogueCastle.EnemyObj::Update+462- 83 F8 04 - cmp eax,04
RogueCastle.EnemyObj::Update+465- 73 34 - jae RogueCastle.EnemyObj::Update+49B
RogueCastle.EnemyObj::Update+467- FF 24 85 F017BC0E - jmp dword ptr [eax*4+0EBC17F0]
RogueCastle.EnemyObj::Update+46E- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+470- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+472- 8B 40 68 - mov eax,[eax+68]
RogueCastle.EnemyObj::Update+475- FF 50 18 - call dword ptr [eax+18]
RogueCastle.EnemyObj::Update+478- EB 21 - jmp RogueCastle.EnemyObj::Update+49B
RogueCastle.EnemyObj::Update+47A- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+47C- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+47E- 8B 40 68 - mov eax,[eax+68]
RogueCastle.EnemyObj::Update+481- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+484- EB 15 - jmp RogueCastle.EnemyObj::Update+49B
RogueCastle.EnemyObj::Update+486- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+488- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+48A- 8B 40 6C - mov eax,[eax+6C]
RogueCastle.EnemyObj::Update+48D- FF 10 - call dword ptr [eax]
RogueCastle.EnemyObj::Update+48F- EB 0A - jmp RogueCastle.EnemyObj::Update+49B
RogueCastle.EnemyObj::Update+491- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+493- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+495- 8B 40 6C - mov eax,[eax+6C]
RogueCastle.EnemyObj::Update+498- FF 50 04 - call dword ptr [eax+04]
RogueCastle.EnemyObj::Update+49B- 80 BB F2010000 00 - cmp byte ptr [ebx+000001F2],00
RogueCastle.EnemyObj::Update+4A2- 74 1B - je RogueCastle.EnemyObj::Update+4BF
RogueCastle.EnemyObj::Update+4A4- 8B 83 58010000 - mov eax,[ebx+00000158]
RogueCastle.EnemyObj::Update+4AA- 8B 40 0C - mov eax,[eax+0C]
RogueCastle.EnemyObj::Update+4AD- 83 78 18 02 - cmp dword ptr [eax+18],02
RogueCastle.EnemyObj::Update+4B1- 75 0C - jne RogueCastle.EnemyObj::Update+4BF
RogueCastle.EnemyObj::Update+4B3- D9 83 88010000 - fld dword ptr [ebx+00000188]
RogueCastle.EnemyObj::Update+4B9- D9 9B E8010000 - fstp dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+4BF- 8B 83 58010000 - mov eax,[ebx+00000158]
RogueCastle.EnemyObj::Update+4C5- 80 78 10 00 - cmp byte ptr [eax+10],00
RogueCastle.EnemyObj::Update+4C9- 75 4A - jne RogueCastle.EnemyObj::Update+515
RogueCastle.EnemyObj::Update+4CB- 80 BB F2010000 00 - cmp byte ptr [ebx+000001F2],00
RogueCastle.EnemyObj::Update+4D2- 74 41 - je RogueCastle.EnemyObj::Update+515
RogueCastle.EnemyObj::Update+4D4- D9 83 E8010000 - fld dword ptr [ebx+000001E8]
RogueCastle.EnemyObj::Update+4DA- D9EE - fldz
RogueCastle.EnemyObj::Update+4DC- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+4DE- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+4E0- 7A 33 - jp RogueCastle.EnemyObj::Update+515
RogueCastle.EnemyObj::Update+4E2- 73 31 - jae RogueCastle.EnemyObj::Update+515
RogueCastle.EnemyObj::Update+4E4- 8B 83 5C010000 - mov eax,[ebx+0000015C]
RogueCastle.EnemyObj::Update+4EA- 80 78 10 00 - cmp byte ptr [eax+10],00
RogueCastle.EnemyObj::Update+4EE- 75 25 - jne RogueCastle.EnemyObj::Update+515
RogueCastle.EnemyObj::Update+4F0- 8B 83 5C010000 - mov eax,[ebx+0000015C]
RogueCastle.EnemyObj::Update+4F6- 8D 93 58010000 - lea edx,[ebx+00000158]
RogueCastle.EnemyObj::Update+4FC- E8 EF076550 - call clr.dll+1B70
RogueCastle.EnemyObj::Update+501- 8B 8B 58010000 - mov ecx,[ebx+00000158]
RogueCastle.EnemyObj::Update+507- 8B 93 60010000 - mov edx,[ebx+00000160]
RogueCastle.EnemyObj::Update+50D- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+50F- FF 15 D452C50E - call dword ptr [0EC552D4] : [DS2DEngine.LogicBlock::RunLogicBlock]
RogueCastle.EnemyObj::Update+515- 80 BB D8000000 00 - cmp byte ptr [ebx+000000D8],00
RogueCastle.EnemyObj::Update+51C- 74 70 - je RogueCastle.EnemyObj::Update+58E
RogueCastle.EnemyObj::Update+51E- D9 83 C8010000 - fld dword ptr [ebx+000001C8]
RogueCastle.EnemyObj::Update+524- D9EE - fldz
RogueCastle.EnemyObj::Update+526- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+528- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+52A- 7A 62 - jp RogueCastle.EnemyObj::Update+58E
RogueCastle.EnemyObj::Update+52C- 72 60 - jb RogueCastle.EnemyObj::Update+58E
RogueCastle.EnemyObj::Update+52E- D9 83 CC010000 - fld dword ptr [ebx+000001CC]
RogueCastle.EnemyObj::Update+534- D9EE - fldz
RogueCastle.EnemyObj::Update+536- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+538- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+53A- 7A 52 - jp RogueCastle.EnemyObj::Update+58E
RogueCastle.EnemyObj::Update+53C- 72 50 - jb RogueCastle.EnemyObj::Update+58E
RogueCastle.EnemyObj::Update+53E- D9 43 60 - fld dword ptr [ebx+60]
RogueCastle.EnemyObj::Update+541- D9EE - fldz
RogueCastle.EnemyObj::Update+543- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+545- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+547- 7A 09 - jp RogueCastle.EnemyObj::Update+552
RogueCastle.EnemyObj::Update+549- 73 07 - jae RogueCastle.EnemyObj::Update+552
RogueCastle.EnemyObj::Update+54B- D9E8 - fld1
RogueCastle.EnemyObj::Update+54D- D9 5B 60 - fstp dword ptr [ebx+60]
RogueCastle.EnemyObj::Update+550- EB 14 - jmp RogueCastle.EnemyObj::Update+566
RogueCastle.EnemyObj::Update+552- D9 43 60 - fld dword ptr [ebx+60]
RogueCastle.EnemyObj::Update+555- D9EE - fldz
RogueCastle.EnemyObj::Update+557- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+559- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+55B- 7A 09 - jp RogueCastle.EnemyObj::Update+566
RogueCastle.EnemyObj::Update+55D- 76 07 - jna RogueCastle.EnemyObj::Update+566
RogueCastle.EnemyObj::Update+55F- C7 43 60 000080BF - mov [ebx+60],BF800000
RogueCastle.EnemyObj::Update+566- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+568- E8 D3F2E5FF - call DS2DEngine.GameObj::get_X
RogueCastle.EnemyObj::Update+56D- D9 43 60 - fld dword ptr [ebx+60]
RogueCastle.EnemyObj::Update+570- D9 43 38 - fld dword ptr [ebx+38]
RogueCastle.EnemyObj::Update+573- D8 4D F0 - fmul dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+576- DEC9 - fmulp st(1),st(0)
RogueCastle.EnemyObj::Update+578- DEC1 - faddp
RogueCastle.EnemyObj::Update+57A- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+580- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+586- D9 5B 48 - fstp dword ptr [ebx+48]
RogueCastle.EnemyObj::Update+589- E9 1D010000 - jmp RogueCastle.EnemyObj::Update+6AB
RogueCastle.EnemyObj::Update+58E- 80 BB 2C010000 00 - cmp byte ptr [ebx+0000012C],00
RogueCastle.EnemyObj::Update+595- 75 0D - jne RogueCastle.EnemyObj::Update+5A4
RogueCastle.EnemyObj::Update+597- 80 BB D8000000 00 - cmp byte ptr [ebx+000000D8],00
RogueCastle.EnemyObj::Update+59E- 0F85 07010000 - jne RogueCastle.EnemyObj::Update+6AB
RogueCastle.EnemyObj::Update+5A4- 8D 95 58FFFFFF - lea edx,[ebp-000000A8]
RogueCastle.EnemyObj::Update+5AA- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+5AC- E8 57FFE5FF - call DS2DEngine.GameObj::get_Position
RogueCastle.EnemyObj::Update+5B1- 8D BD 50FFFFFF - lea edi,[ebp-000000B0]
RogueCastle.EnemyObj::Update+5B7- 8D 73 60 - lea esi,[ebx+60]
RogueCastle.EnemyObj::Update+5BA- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+5BE- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+5C2- 8D BD 28FFFFFF - lea edi,[ebp-000000D8]
RogueCastle.EnemyObj::Update+5C8- 8D B5 50FFFFFF - lea esi,[ebp-000000B0]
RogueCastle.EnemyObj::Update+5CE- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+5D2- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+5D6- D9 43 38 - fld dword ptr [ebx+38]
RogueCastle.EnemyObj::Update+5D9- D8 4D F0 - fmul dword ptr [ebp-10]
RogueCastle.EnemyObj::Update+5DC- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+5E2- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+5E8- 8D BD 30FFFFFF - lea edi,[ebp-000000D0]
RogueCastle.EnemyObj::Update+5EE- 0F57 C0 - xorps xmm0,xmm0
RogueCastle.EnemyObj::Update+5F1- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+5F5- D9 85 28FFFFFF - fld dword ptr [ebp-000000D8]
RogueCastle.EnemyObj::Update+5FB- D8C9 - fmul st(0),st(1)
RogueCastle.EnemyObj::Update+5FD- D9 9D 30FFFFFF - fstp dword ptr [ebp-000000D0]
RogueCastle.EnemyObj::Update+603- D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
RogueCastle.EnemyObj::Update+609- DEC9 - fmulp st(1),st(0)
RogueCastle.EnemyObj::Update+60B- D9 9D 34FFFFFF - fstp dword ptr [ebp-000000CC]
RogueCastle.EnemyObj::Update+611- 8D BD 48FFFFFF - lea edi,[ebp-000000B8]
RogueCastle.EnemyObj::Update+617- 8D B5 30FFFFFF - lea esi,[ebp-000000D0]
RogueCastle.EnemyObj::Update+61D- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+621- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+625- 8D BD 18FFFFFF - lea edi,[ebp-000000E8]
RogueCastle.EnemyObj::Update+62B- 8D B5 58FFFFFF - lea esi,[ebp-000000A8]
RogueCastle.EnemyObj::Update+631- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+635- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+639- 8D BD 10FFFFFF - lea edi,[ebp-000000F0]
RogueCastle.EnemyObj::Update+63F- 8D B5 48FFFFFF - lea esi,[ebp-000000B8]
RogueCastle.EnemyObj::Update+645- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+649- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+64D- 8D BD 20FFFFFF - lea edi,[ebp-000000E0]
RogueCastle.EnemyObj::Update+653- 0F57 C0 - xorps xmm0,xmm0
RogueCastle.EnemyObj::Update+656- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+65A- D9 85 18FFFFFF - fld dword ptr [ebp-000000E8]
RogueCastle.EnemyObj::Update+660- D8 85 10FFFFFF - fadd dword ptr [ebp-000000F0]
RogueCastle.EnemyObj::Update+666- D9 9D 20FFFFFF - fstp dword ptr [ebp-000000E0]
RogueCastle.EnemyObj::Update+66C- D9 85 1CFFFFFF - fld dword ptr [ebp-000000E4]
RogueCastle.EnemyObj::Update+672- D8 85 14FFFFFF - fadd dword ptr [ebp-000000EC]
RogueCastle.EnemyObj::Update+678- D9 9D 24FFFFFF - fstp dword ptr [ebp-000000DC]
RogueCastle.EnemyObj::Update+67E- 8D BD 40FFFFFF - lea edi,[ebp-000000C0]
RogueCastle.EnemyObj::Update+684- 8D B5 20FFFFFF - lea esi,[ebp-000000E0]
RogueCastle.EnemyObj::Update+68A- F3 0F7E 06 - movq xmm0,[esi]
RogueCastle.EnemyObj::Update+68E- 66 0FD6 07 - movq [edi],xmm0
RogueCastle.EnemyObj::Update+692- 8D 85 40FFFFFF - lea eax,[ebp-000000C0]
RogueCastle.EnemyObj::Update+698- 83 EC 08 - sub esp,08
RogueCastle.EnemyObj::Update+69B- F3 0F7E 00 - movq xmm0,[eax]
RogueCastle.EnemyObj::Update+69F- 66 0FD6 04 24 - movq [esp],xmm0
RogueCastle.EnemyObj::Update+6A4- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+6A6- E8 65A539FF - call DS2DEngine.GameObj::set_Position
RogueCastle.EnemyObj::Update+6AB- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+6AD- E8 8EF1E5FF - call DS2DEngine.GameObj::get_X
RogueCastle.EnemyObj::Update+6B2- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+6B8- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+6BB- 8D 55 E0 - lea edx,[ebp-20]
RogueCastle.EnemyObj::Update+6BE- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+6C4- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+6C6- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+6C9- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+6CC- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+6D2- DB 45 E0 - fild dword ptr [ebp-20]
RogueCastle.EnemyObj::Update+6D5- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+6DB- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+6E1- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+6E3- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+6E5- 7A 2D - jp RogueCastle.EnemyObj::Update+714
RogueCastle.EnemyObj::Update+6E7- 76 2B - jna RogueCastle.EnemyObj::Update+714
RogueCastle.EnemyObj::Update+6E9- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+6EF- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+6F2- 8D 55 D0 - lea edx,[ebp-30]
RogueCastle.EnemyObj::Update+6F5- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+6F7- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+6FA- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+6FD- DB 45 D0 - fild dword ptr [ebp-30]
RogueCastle.EnemyObj::Update+700- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+706- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+70C- D9 5B 48 - fstp dword ptr [ebx+48]
RogueCastle.EnemyObj::Update+70F- E9 82000000 - jmp RogueCastle.EnemyObj::Update+796
RogueCastle.EnemyObj::Update+714- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+716- E8 25F1E5FF - call DS2DEngine.GameObj::get_X
RogueCastle.EnemyObj::Update+71B- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+721- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+724- 8D 55 C0 - lea edx,[ebp-40]
RogueCastle.EnemyObj::Update+727- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+72D- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+72F- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+732- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+735- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+73B- 8B 45 C0 - mov eax,[ebp-40]
RogueCastle.EnemyObj::Update+73E- 03 45 C8 - add eax,[ebp-38]
RogueCastle.EnemyObj::Update+741- 89 85 08FFFFFF - mov [ebp-000000F8],eax
RogueCastle.EnemyObj::Update+747- DB 85 08FFFFFF - fild dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+74D- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+753- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+759- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+75B- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+75D- 7A 37 - jp RogueCastle.EnemyObj::Update+796
RogueCastle.EnemyObj::Update+75F- 73 35 - jae RogueCastle.EnemyObj::Update+796
RogueCastle.EnemyObj::Update+761- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+767- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+76A- 8D 55 B0 - lea edx,[ebp-50]
RogueCastle.EnemyObj::Update+76D- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+76F- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+772- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+775- 8B 45 B0 - mov eax,[ebp-50]
RogueCastle.EnemyObj::Update+778- 03 45 B8 - add eax,[ebp-48]
RogueCastle.EnemyObj::Update+77B- 89 85 08FFFFFF - mov [ebp-000000F8],eax
RogueCastle.EnemyObj::Update+781- DB 85 08FFFFFF - fild dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+787- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+78D- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+793- D9 5B 48 - fstp dword ptr [ebx+48]
RogueCastle.EnemyObj::Update+796- D9 43 4C - fld dword ptr [ebx+4C]
RogueCastle.EnemyObj::Update+799- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+79F- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+7A2- 8D 55 A0 - lea edx,[ebp-60]
RogueCastle.EnemyObj::Update+7A5- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7AB- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+7AD- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+7B0- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+7B3- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7B9- DB 45 A4 - fild dword ptr [ebp-5C]
RogueCastle.EnemyObj::Update+7BC- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7C2- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7C8- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+7CA- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+7CC- 7A 2D - jp RogueCastle.EnemyObj::Update+7FB
RogueCastle.EnemyObj::Update+7CE- 76 2B - jna RogueCastle.EnemyObj::Update+7FB
RogueCastle.EnemyObj::Update+7D0- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+7D6- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+7D9- 8D 55 90 - lea edx,[ebp-70]
RogueCastle.EnemyObj::Update+7DC- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+7DE- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+7E1- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+7E4- DB 45 94 - fild dword ptr [ebp-6C]
RogueCastle.EnemyObj::Update+7E7- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7ED- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+7F3- D9 5B 4C - fstp dword ptr [ebx+4C]
RogueCastle.EnemyObj::Update+7F6- E9 87000000 - jmp RogueCastle.EnemyObj::Update+882
RogueCastle.EnemyObj::Update+7FB- D9 43 4C - fld dword ptr [ebx+4C]
RogueCastle.EnemyObj::Update+7FE- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+804- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+807- 8D 55 80 - lea edx,[ebp-80]
RogueCastle.EnemyObj::Update+80A- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+810- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+812- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+815- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+818- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+81E- 8B 45 84 - mov eax,[ebp-7C]
RogueCastle.EnemyObj::Update+821- 03 45 8C - add eax,[ebp-74]
RogueCastle.EnemyObj::Update+824- 89 85 08FFFFFF - mov [ebp-000000F8],eax
RogueCastle.EnemyObj::Update+82A- DB 85 08FFFFFF - fild dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+830- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+836- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+83C- DFF1 - fcomip st(0),st(1)
RogueCastle.EnemyObj::Update+83E- DDD8 - fstp st(0)
RogueCastle.EnemyObj::Update+840- 7A 40 - jp RogueCastle.EnemyObj::Update+882
RogueCastle.EnemyObj::Update+842- 73 3E - jae RogueCastle.EnemyObj::Update+882
RogueCastle.EnemyObj::Update+844- 8B 83 F8000000 - mov eax,[ebx+000000F8]
RogueCastle.EnemyObj::Update+84A- 8B 48 30 - mov ecx,[eax+30]
RogueCastle.EnemyObj::Update+84D- 8D 95 70FFFFFF - lea edx,[ebp-00000090]
RogueCastle.EnemyObj::Update+853- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+855- 8B 40 38 - mov eax,[eax+38]
RogueCastle.EnemyObj::Update+858- FF 50 1C - call dword ptr [eax+1C]
RogueCastle.EnemyObj::Update+85B- 8B 85 74FFFFFF - mov eax,[ebp-0000008C]
RogueCastle.EnemyObj::Update+861- 03 85 7CFFFFFF - add eax,[ebp-00000084]
RogueCastle.EnemyObj::Update+867- 89 85 08FFFFFF - mov [ebp-000000F8],eax
RogueCastle.EnemyObj::Update+86D- DB 85 08FFFFFF - fild dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+873- D9 9D 08FFFFFF - fstp dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+879- D9 85 08FFFFFF - fld dword ptr [ebp-000000F8]
RogueCastle.EnemyObj::Update+87F- D9 5B 4C - fstp dword ptr [ebx+4C]
RogueCastle.EnemyObj::Update+882- 8B 83 58010000 - mov eax,[ebx+00000158]
RogueCastle.EnemyObj::Update+888- 3B 83 5C010000 - cmp eax,[ebx+0000015C]
RogueCastle.EnemyObj::Update+88E- 75 16 - jne RogueCastle.EnemyObj::Update+8A6
RogueCastle.EnemyObj::Update+890- 8B 8B 58010000 - mov ecx,[ebx+00000158]
RogueCastle.EnemyObj::Update+896- 8B 95 0CFFFFFF - mov edx,[ebp-000000F4]
RogueCastle.EnemyObj::Update+89C- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+89E- FF 15 E052C50E - call dword ptr [0EC552E0] : [DS2DEngine.LogicBlock::Update]
RogueCastle.EnemyObj::Update+8A4- EB 28 - jmp RogueCastle.EnemyObj::Update+8CE
RogueCastle.EnemyObj::Update+8A6- 8B 8B 58010000 - mov ecx,[ebx+00000158]
RogueCastle.EnemyObj::Update+8AC- 8B 95 0CFFFFFF - mov edx,[ebp-000000F4]
RogueCastle.EnemyObj::Update+8B2- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+8B4- FF 15 E052C50E - call dword ptr [0EC552E0] : [DS2DEngine.LogicBlock::Update]
RogueCastle.EnemyObj::Update+8BA- 8B 8B 5C010000 - mov ecx,[ebx+0000015C]
RogueCastle.EnemyObj::Update+8C0- 8B 95 0CFFFFFF - mov edx,[ebp-000000F4]
RogueCastle.EnemyObj::Update+8C6- 39 09 - cmp [ecx],ecx
RogueCastle.EnemyObj::Update+8C8- FF 15 E052C50E - call dword ptr [0EC552E0] : [DS2DEngine.LogicBlock::Update]
RogueCastle.EnemyObj::Update+8CE- 80 BB D8000000 00 - cmp byte ptr [ebx+000000D8],00
RogueCastle.EnemyObj::Update+8D5- 74 08 - je RogueCastle.EnemyObj::Update+8DF
RogueCastle.EnemyObj::Update+8D7- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+8D9- FF 15 A8C79F0E - call dword ptr [0E9FC7A8] : [RogueCastle.EnemyObj::CheckGroundCollision]
RogueCastle.EnemyObj::Update+8DF- 83 BB 18010000 00 - cmp dword ptr [ebx+00000118],00
RogueCastle.EnemyObj::Update+8E6- 7F 21 - jg RogueCastle.EnemyObj::Update+909
RogueCastle.EnemyObj::Update+8E8- 80 BB 2D010000 00 - cmp byte ptr [ebx+0000012D],00
RogueCastle.EnemyObj::Update+8EF- 75 18 - jne RogueCastle.EnemyObj::Update+909
RogueCastle.EnemyObj::Update+8F1- 80 BB F6010000 00 - cmp byte ptr [ebx+000001F6],00
RogueCastle.EnemyObj::Update+8F8- 75 0F - jne RogueCastle.EnemyObj::Update+909
RogueCastle.EnemyObj::Update+8FA- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+8FC- BA 01000000 - mov edx,00000001
RogueCastle.EnemyObj::Update+901- 8B 01 - mov eax,[ecx]
RogueCastle.EnemyObj::Update+903- 8B 40 68 - mov eax,[eax+68]
RogueCastle.EnemyObj::Update+906- FF 50 0C - call dword ptr [eax+0C]
RogueCastle.EnemyObj::Update+909- 8B CB - mov ecx,ebx
RogueCastle.EnemyObj::Update+90B- 8B 95 0CFFFFFF - mov edx,[ebp-000000F4]
RogueCastle.EnemyObj::Update+911- E8 5254FFFF - call RogueCastle.CharacterObj::Update
RogueCastle.EnemyObj::Update+916- 8D 65 F4 - lea esp,[ebp-0C]
RogueCastle.EnemyObj::Update+919- 5B - pop ebx
RogueCastle.EnemyObj::Update+91A- 5E - pop esi
RogueCastle.EnemyObj::Update+91B- 5F - pop edi
RogueCastle.EnemyObj::Update+91C- 5D - pop ebp
RogueCastle.EnemyObj::Update+91D- C3 - ret
}
37
"CHEAT: Kill Turrets (set to 1)"
80000008
4 Bytes
globals+3018
34
"CHEAT: Kill Bouncy Spikes (set to 1)"
80000008
4 Bytes
globals+3010
35
"CHEAT: Kill Spike Traps (set to 1)"
80000008
4 Bytes
globals+3014
96
"CHEAT: Kill ALL ENEMIES (set to 1)"
80000008
4 Bytes
globals+3024
73
"Script: Unlock Equipment (ONE-TIME, enabling assembles and disabling runs)"
80000008
Auto Assembler Script
[ENABLE]
globalalloc(ONETIME_UNLOCK_EQUIPMENT,$1000)
globalalloc(globals,$100000)
label(unlockSet)
label(done)
ONETIME_UNLOCK_EQUIPMENT:
dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ONETIME_UNLOCK_EQUIPMENT+100:
mov esi,[globals+1000] // RogueCastle.PlayerStats pointer
test esi,esi
jz done // null pointer
mov esi,[esi+4] // m_blueprintArray
test esi,esi
jz done // null pointer
cmp dword ptr [esi+C], 5 // _size (there are 5 equipment types)
jne done
mov esi,[esi+4] // _items, "Number of Elements" is 8, but only 5 are set
mov ecx,[esi+c]
call unlockSet
//mov [ONETIME_UNLOCK_EQUIPMENT],eax // for testing
//ret // for testing
mov ecx,[esi+10]
call unlockSet
mov ecx,[esi+14]
call unlockSet
mov ecx,[esi+18]
call unlockSet
mov ecx,[esi+1c]
call unlockSet
done:
ret
unlockSet:
push edi
push esi
push ecx
cld
mov [ONETIME_UNLOCK_EQUIPMENT+4],ecx
lea esi,[ecx+4] // "Number of Elements"
lea edi,[ecx+8] // first array element
mov ecx,[esi] // load # of elements
// testing: store data and return
{
mov [ONETIME_UNLOCK_EQUIPMENT+8],esi
mov [ONETIME_UNLOCK_EQUIPMENT+c],edi
mov [ONETIME_UNLOCK_EQUIPMENT+10],ecx
mov eax,[edi]
mov [ONETIME_UNLOCK_EQUIPMENT+14],eax
pop ecx
pop esi
pop edi
ret
}
mov eax,3 // 3 means unlocked and bought (1 shows "New!", 2 is normal ready to buy)
rep stosb
pop ecx
pop esi
pop edi
xor eax,eax
ret
[DISABLE]
CreateThread(ONETIME_UNLOCK_EQUIPMENT+100) // execute on disable to allow debugging
74
"Script: Unlock Runes (ONE-TIME, enabling assembles and disabling runs)"
80000008
Auto Assembler Script
[ENABLE]
globalalloc(ONETIME_UNLOCK_RUNES,$1000)
globalalloc(globals,$100000)
label(done)
label(unlockSet)
label(unlockSet_done)
ONETIME_UNLOCK_RUNES:
dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ONETIME_UNLOCK_RUNES+100:
mov esi,[globals+1000] // RogueCastle.PlayerStats pointer
test esi,esi
jz done // null pointer
mov esi,[esi+8] // m_runeArray
test esi,esi
jz done // null pointer
cmp dword ptr [esi+C], 5 // _size (there are 5 equipment types)
jne done
mov esi,[esi+4] // _items, "Number of Elements" is 8, but only 5 are set
mov ecx,[esi+c]
call unlockSet
//mov [ONETIME_UNLOCK_RUNES],eax // for testing
//ret // for testing
mov ecx,[esi+10]
call unlockSet
mov ecx,[esi+14]
call unlockSet
mov ecx,[esi+18]
call unlockSet
mov ecx,[esi+1c]
call unlockSet
done:
ret
unlockSet:
push edi
push esi
push ecx
test ecx,ecx
jz unlockSet_done
cld
mov [ONETIME_UNLOCK_RUNES+4],ecx
lea esi,[ecx+4] // "Number of Elements"
lea edi,[ecx+8] // first array element
mov ecx,[esi] // load # of elements
// testing: store data and return
{
mov [ONETIME_UNLOCK_RUNES+8],esi
mov [ONETIME_UNLOCK_RUNES+c],edi
mov [ONETIME_UNLOCK_RUNES+10],ecx
mov eax,[edi]
mov [ONETIME_UNLOCK_RUNES+14],eax
pop ecx
pop esi
pop edi
ret
}
mov eax,3 // 3 means unlocked and bought (1 shows "New!", 2 is normal ready to buy)
rep stosb
unlockSet_done:
pop ecx
pop esi
pop edi
xor eax,eax
ret
[DISABLE]
CreateThread(ONETIME_UNLOCK_RUNES+100) // execute on disable to allow debugging
47
"+ TEST"
C0C0C0
1
11
"pHP"
1
80000008
4 Bytes
globals+1004
92
"pPlayer->Current HP"
80000008
4 Bytes
globals+1004
118
98
"pPlayer->Current X"
80000008
Float
globals+1004
48
99
"pPlayer->Current Y"
80000008
Float
globals+1004
4C
27
"INFO"
80000008
Auto Assembler Script
{
We want to save 'RogueCastle.EnemyObj_Platform
0014: Could be type enumerator:
16: Turret
19: Eyeball
32: FireWizard
24: Fireball
143: Player
33: Platform
57: BouncySpike (also 44)
001C: Float set only for bouncy spike
0038: Float set only for bouncy spike
0044: Flags - 0 for enemies, 1 for player 00010001 for platform and bouncy spike (can be damaged by player?)
0078: POINTER TO NAME
0004: String Length
0008: String
EnemyEyeballIdle_Character
EnemyWizardIdle_Character
EnemyGhostIdle_Character
PlayerIdle_Character
EnemyPlatform_Character
EnemyBouncySpike_Character
00B8: Another id? 48:Eyeball, 59:FireWizard, 60:Fireball, 286:Player, 66:Platform, 114:BouncySpike (88 also), 32: turret
00BC: Another id? 48:Eyeball, 80:FireWizard, 73:Fireball, 172:Player, 46:Platform, 114:BouncySpike (88 also), 58: turret
00D0: 3 for enemies, 2 for player, 1 for platform
00D8: Flags? 01000000 for turret, 01000100 for bouncy spike
0114: Float for player, 0 for others
0118: 60 for player, 1 for everyone else
0124: Float for player, 0 for others
0120: 0 for player, 12:eyeball, 32:FireWizard,35:Fireball, 999:Platform (use?), 10:Turret, 5: RogueCastle.EnemyObj_BouncySpike
012C: seems to be flags, 00000100 for enemies, 01000001 for player, 00010000 for platform, 01000100 for bouncyspike, 00010000 for bouncy spike and turret?
013C: Flags? FF0000FF for player, enemies and platform, FFFFFFFF for bouncy spike
0163: 0 for playerform, 3 for player, 35 for enemies (flags?)
For platform:
0208: m_retractCounter
020C: RetractDelay (3.0)
0210: m_isExtended
0211: m_blinkedWarning
}
[ENABLE]
[DISABLE]
2
"pStats"
1
80000008
4 Bytes
globals+1000
91
"pStats->Gold"
80000008
4 Bytes
globals+1000
28
17
"Test: MP Update"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-03
Author : Jason
Called to update MP
}
[ENABLE]
aobscan(INJECT_MP_UPDATE,D9 9E A8 01 00 00 59) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
fstp dword ptr [esi+000001A8]
jmp return
INJECT_MP_UPDATE:
jmp code
nop
return:
registersymbol(INJECT_MP_UPDATE)
[DISABLE]
INJECT_MP_UPDATE:
db D9 9E A8 01 00 00
unregistersymbol(INJECT_MP_UPDATE)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0F0D355A
0F0D353E: 8B CE - mov ecx,esi
0F0D3540: D9 5D F8 - fstp dword ptr [ebp-08]
0F0D3543: E8 78 FB FF FF - call 0F0D30C0
0F0D3548: D9 45 F8 - fld dword ptr [ebp-08]
0F0D354B: DF F1 - fcomip st(0),st(1)
0F0D354D: DD D8 - fstp st(0)
0F0D354F: 7A 0F - jp 0F0D3560
0F0D3551: 76 0D - jna 0F0D3560
0F0D3553: 8B CE - mov ecx,esi
0F0D3555: E8 66 FB FF FF - call 0F0D30C0
// ---------- INJECTING HERE ----------
0F0D355A: D9 9E A8 01 00 00 - fstp dword ptr [esi+000001A8]
// ---------- DONE INJECTING ----------
0F0D3560: 59 - pop ecx
0F0D3561: 5E - pop esi
0F0D3562: 5D - pop ebp
0F0D3563: C2 04 00 - ret 0004
Full routine:
RogueCastle.PlayerObj::set_CurrentMana - 55 - push ebp
RogueCastle.PlayerObj::set_CurrentMana+1- 8B EC - mov ebp,esp
RogueCastle.PlayerObj::set_CurrentMana+3- 56 - push esi
RogueCastle.PlayerObj::set_CurrentMana+4- 50 - push eax
RogueCastle.PlayerObj::set_CurrentMana+5- 8B F1 - mov esi,ecx
RogueCastle.PlayerObj::set_CurrentMana+7- D9 45 08 - fld dword ptr [ebp+08]
RogueCastle.PlayerObj::set_CurrentMana+A- D9 9E A8010000 - fstp dword ptr [esi+000001A8] // when using MP
RogueCastle.PlayerObj::set_CurrentMana+10- D9 86 A8010000 - fld dword ptr [esi+000001A8]
RogueCastle.PlayerObj::set_CurrentMana+16- D9EE - fldz
RogueCastle.PlayerObj::set_CurrentMana+18- DFF1 - fcomip st(0),st(1)
RogueCastle.PlayerObj::set_CurrentMana+1A- DDD8 - fstp st(0)
RogueCastle.PlayerObj::set_CurrentMana+1C- 7A 0A - jp RogueCastle.PlayerObj::set_CurrentMana+28
RogueCastle.PlayerObj::set_CurrentMana+1E- 76 08 - jna RogueCastle.PlayerObj::set_CurrentMana+28
RogueCastle.PlayerObj::set_CurrentMana+20- D9EE - fldz
RogueCastle.PlayerObj::set_CurrentMana+22- D9 9E A8010000 - fstp dword ptr [esi+000001A8]
RogueCastle.PlayerObj::set_CurrentMana+28- D9 86 A8010000 - fld dword ptr [esi+000001A8]
RogueCastle.PlayerObj::set_CurrentMana+2E- 8B CE - mov ecx,esi
RogueCastle.PlayerObj::set_CurrentMana+30- D9 5D F8 - fstp dword ptr [ebp-08] // store temporarily
RogueCastle.PlayerObj::set_CurrentMana+33- E8 78FBFFFF - call RogueCastle.PlayerObj::get_MaxMana // get max mana to compare
RogueCastle.PlayerObj::set_CurrentMana+38- D9 45 F8 - fld dword ptr [ebp-08]
RogueCastle.PlayerObj::set_CurrentMana+3B- DFF1 - fcomip st(0),st(1)
RogueCastle.PlayerObj::set_CurrentMana+3D- DDD8 - fstp st(0)
RogueCastle.PlayerObj::set_CurrentMana+3F- 7A 0F - jp RogueCastle.PlayerObj::set_CurrentMana+50
RogueCastle.PlayerObj::set_CurrentMana+41- 76 0D - jna RogueCastle.PlayerObj::set_CurrentMana+50
RogueCastle.PlayerObj::set_CurrentMana+43- 8B CE - mov ecx,esi
RogueCastle.PlayerObj::set_CurrentMana+45- E8 66FBFFFF - call RogueCastle.PlayerObj::get_MaxMana
RogueCastle.PlayerObj::set_CurrentMana+4A- D9 9E A8010000 - fstp dword ptr [esi+000001A8]
RogueCastle.PlayerObj::set_CurrentMana+50- 59 - pop ecx
RogueCastle.PlayerObj::set_CurrentMana+51- 5E - pop esi
RogueCastle.PlayerObj::set_CurrentMana+52- 5D - pop ebp
RogueCastle.PlayerObj::set_CurrentMana+53- C2 0400 - ret 0004
}
24
"TEST_PlatformRetractEachFrame"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-04
Author : Jason
For platforms, loads retract counter each frame
}
[ENABLE]
aobscan(TEST_PlatformRetractEachFrame,00 D9 87 08 02 00 00 D9 EE) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
fld dword ptr [edi+00000208]
jmp return
TEST_PlatformRetractEachFrame+01:
jmp code
nop
return:
registersymbol(TEST_PlatformRetractEachFrame)
[DISABLE]
TEST_PlatformRetractEachFrame+01:
db D9 87 08 02 00 00
unregistersymbol(TEST_PlatformRetractEachFrame)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 09DB3A60
09DB3A3C: 8D 88 98 00 00 00 - lea ecx,[eax+00000098]
09DB3A42: D9 41 04 - fld dword ptr [ecx+04]
09DB3A45: D9 05 08 3C DB 09 - fld dword ptr [09DB3C08]
09DB3A4B: DF F1 - fcomip st(0),st(1)
09DB3A4D: DD D8 - fstp st(0)
09DB3A4F: 7A 07 - jp 09DB3A58
09DB3A51: 75 05 - jne 09DB3A58
09DB3A53: BA 01 00 00 00 - mov edx,00000001
09DB3A58: 85 D2 - test edx,edx
09DB3A5A: 0F 85 6A 01 00 00 - jne 09DB3BCA
// ---------- INJECTING HERE ----------
09DB3A60: D9 87 08 02 00 00 - fld dword ptr [edi+00000208]
// ---------- DONE INJECTING ----------
09DB3A66: D9 EE - fldz
09DB3A68: DF F1 - fcomip st(0),st(1)
09DB3A6A: DD D8 - fstp st(0)
09DB3A6C: 0F 8A 79 01 00 00 - jp 09DB3BEB
09DB3A72: 0F 83 73 01 00 00 - jae 09DB3BEB
09DB3A78: D9 87 08 02 00 00 - fld dword ptr [edi+00000208]
09DB3A7E: 8B 45 EC - mov eax,[ebp-14]
09DB3A81: 3A 40 10 - cmp al,[eax+10]
09DB3A84: 8D 48 10 - lea ecx,[eax+10]
09DB3A87: 8B 01 - mov eax,[ecx]
}
31
"globals+10000 - Calls"
80000008
4 Bytes
globals+10000
32
"globals+10004 - bouncies"
80000008
4 Bytes
globals+10004
33
"globals+10008 - traps"
80000008
4 Bytes
globals+10008
36
"globals+1000c - not found"
80000008
4 Bytes
globals+1000c
42
"Test: MultiJump Counter"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-05
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_MULTIJUMP,01 00 00 0F B6 BE A6 02 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
movzx edi,byte ptr [esi+000002A6]
jmp return
INJECT_MULTIJUMP+03:
jmp code
nop
nop
return:
registersymbol(INJECT_MULTIJUMP)
[DISABLE]
INJECT_MULTIJUMP+03:
db 0F B6 BE A6 02 00 00
unregistersymbol(INJECT_MULTIJUMP)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0A796168
0A79613D: 85 C0 - test eax,eax
0A79613F: 75 1A - jne 0A79615B
0A796141: 8B 0D 24 34 59 04 - mov ecx,[04593424]
0A796147: BA 0B 00 00 00 - mov edx,0000000B
0A79614C: 39 09 - cmp [ecx],ecx
0A79614E: E8 A5 EE 14 00 - call 0A8E4FF8
0A796153: 85 C0 - test eax,eax
0A796155: 0F 84 D5 01 00 00 - je 0A796330
0A79615B: 80 BE 2C 01 00 00 00 - cmp byte ptr [esi+0000012C],00
0A796162: 0F 85 C8 01 00 00 - jne 0A796330
// ---------- INJECTING HERE ----------
0A796168: 0F B6 BE A6 02 00 00 - movzx edi,byte ptr [esi+000002A6]
// ---------- DONE INJECTING ----------
0A79616F: 8B CE - mov ecx,esi
0A796171: FF 15 74 1D 8A 0D - call dword ptr [0D8A1D74]
0A796177: 3B C7 - cmp eax,edi
0A796179: 0F 8E B1 01 00 00 - jng 0A796330
0A79617F: D9 86 D8 01 00 00 - fld dword ptr [esi+000001D8]
0A796185: D9 EE - fldz
0A796187: DF F1 - fcomip st(0),st(1)
0A796189: DD D8 - fstp st(0)
0A79618B: 0F 8A 9F 01 00 00 - jp 0A796330
0A796191: 0F 82 99 01 00 00 - jb 0A796330
0A7958C0 - 68 27740A24 - push 240A7427
0A7958C5 - 19 8A 0D558BEC - sbb [edx-1374AAF3],ecx
0A7958CB - 57 - push edi
0A7958CC - 56 - push esi
0A7958CD - 53 - push ebx
0A7958CE - 81 EC D0000000 - sub esp,000000D0
0A7958D4 - 8B F1 - mov esi,ecx
0A7958D6 - 8D 7D B8 - lea edi,[ebp-48]
0A7958D9 - B9 0E000000 - mov ecx,0000000E
0A7958DE - 33 C0 - xor eax,eax
0A7958E0 - F3 AB - repe stosd
0A7958E2 - 8B CE - mov ecx,esi
0A7958E4 - 8B F1 - mov esi,ecx
0A7958E6 - 80 3D 7E3B9700 00 - cmp byte ptr [00973B7E],00
0A7958ED - 0F85 85000000 - jne 0A795978
0A7958F3 - 8D 7D E8 - lea edi,[ebp-18]
0A7958F6 - 0F57 C0 - xorps xmm0,xmm0
0A7958F9 - 66 0FD6 07 - movq [edi],xmm0
0A7958FD - 8D 45 E8 - lea eax,[ebp-18]
0A795900 - 83 EC 08 - sub esp,08
0A795903 - F3 0F7E 00 - movq xmm0,[eax]
0A795907 - 66 0FD6 04 24 - movq [esp],xmm0
0A79590C - B9 54000000 - mov ecx,00000054
0A795911 - E8 F2FF1400 - call InputSystem.InputManager::JustPressed
0A795916 - 85 C0 - test eax,eax
0A795918 - 74 5E - je 0A795978
0A79591A - B9 FE3F095E - mov ecx,mscorlib.ni.dll+3FFE
0A79591F - BA 03000000 - mov edx,00000003
0A795924 - E8 93C81CF6 - call 009621BC
0A795929 - 8B F8 - mov edi,eax
0A79592B - FF 35 C0AB5904 - push [0459ABC0] : [1B6AD80C]
0A795931 - 8B CF - mov ecx,edi
0A795933 - 33 D2 - xor edx,edx
0A795935 - E8 DD2AA854 - call clr.dll+8417
0A79593A - FF 35 C4AB5904 - push [0459ABC4] : [1B6AD824]
0A795940 - 8B CF - mov ecx,edi
0A795942 - BA 01000000 - mov edx,00000001
0A795947 - E8 CB2AA854 - call clr.dll+8417
0A79594C - FF 35 C8AB5904 - push [0459ABC8] : [1B6AD83C]
0A795952 - 8B CF - mov ecx,edi
0A795954 - BA 02000000 - mov edx,00000002
0A795959 - E8 B92AA854 - call clr.dll+8417
0A79595E - 8B CF - mov ecx,edi
0A795960 - E8 EBB7FFFF - call 0A791150
0A795965 - 8B 86 F8000000 - mov eax,[esi+000000F8]
0A79596B - 8B 48 68 - mov ecx,[eax+68]
0A79596E - 8B D6 - mov edx,esi
0A795970 - 39 09 - cmp [ecx],ecx
0A795972 - FF 15 80BD1909 - call dword ptr [0919BD80]
0A795978 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A79597E - BA 09000000 - mov edx,00000009
0A795983 - 39 09 - cmp [ecx],ecx
0A795985 - E8 6EF61400 - call InputSystem.InputMap::JustPressed
0A79598A - 85 C0 - test eax,eax
0A79598C - 74 6C - je 0A7959FA
0A79598E - A1 F4335904 - mov eax,[045933F4] : [1C778C18]
0A795993 - 80 78 7C 00 - cmp byte ptr [eax+7C],00
0A795997 - 74 61 - je 0A7959FA
0A795999 - 8B 86 F8000000 - mov eax,[esi+000000F8]
0A79599F - 8B 40 30 - mov eax,[eax+30]
0A7959A2 - 8B 48 10 - mov ecx,[eax+10]
0A7959A5 - 8B 15 D4995904 - mov edx,[045999D4] : [036B9808]
0A7959AB - E8 D0B2BE53 - call System.String::Equals
0A7959B0 - 85 C0 - test eax,eax
0A7959B2 - 75 46 - jne 0A7959FA
0A7959B4 - 8B 86 F8000000 - mov eax,[esi+000000F8]
0A7959BA - 8B 40 30 - mov eax,[eax+30]
0A7959BD - 8B 48 10 - mov ecx,[eax+10]
0A7959C0 - 8B 15 04A05904 - mov edx,[0459A004] : [03755F20]
0A7959C6 - E8 B5B2BE53 - call System.String::Equals
0A7959CB - 85 C0 - test eax,eax
0A7959CD - 75 2B - jne 0A7959FA
0A7959CF - 8B 86 F8000000 - mov eax,[esi+000000F8]
0A7959D5 - 8B 40 30 - mov eax,[eax+30]
0A7959D8 - 8B 48 10 - mov ecx,[eax+10]
0A7959DB - 8B 15 08A05904 - mov edx,[0459A008] : [03755F38]
0A7959E1 - E8 9AB2BE53 - call System.String::Equals
0A7959E6 - 85 C0 - test eax,eax
0A7959E8 - 75 10 - jne 0A7959FA
0A7959EA - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A7959F0 - 33 D2 - xor edx,edx
0A7959F2 - 39 09 - cmp [ecx],ecx
0A7959F4 - FF 15 CC028A0D - call dword ptr [0D8A02CC]
0A7959FA - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A795A01 - 0F84 11010000 - je 0A795B18
0A795A07 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795A0D - BA 0D000000 - mov edx,0000000D
0A795A12 - 39 09 - cmp [ecx],ecx
0A795A14 - E8 6FFDE9FF - call 0A635788
0A795A19 - 85 C0 - test eax,eax
0A795A1B - 0F84 B0000000 - je 0A795AD1
0A795A21 - 8B CE - mov ecx,esi
0A795A23 - FF 15 901C8A0D - call dword ptr [0D8A1C90]
0A795A29 - 85 C0 - test eax,eax
0A795A2B - 0F84 A0000000 - je 0A795AD1
0A795A31 - 8B 86 4C010000 - mov eax,[esi+0000014C]
0A795A37 - 80 78 1C 00 - cmp byte ptr [eax+1C],00
0A795A3B - 0F85 90000000 - jne 0A795AD1
0A795A41 - D9 86 A8010000 - fld dword ptr [esi+000001A8]
0A795A47 - D9 05 8872790A - fld dword ptr [0A797288] : [(float)25.0000]
0A795A4D - DFF1 - fcomip st(0),st(1)
0A795A4F - DDD8 - fstp st(0)
0A795A51 - 7A 5B - jp 0A795AAE
0A795A53 - 77 59 - ja 0A795AAE
0A795A55 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795A5C - 74 05 - je 0A795A63
0A795A5E - D9EE - fldz
0A795A60 - D9 5E 38 - fstp dword ptr [esi+38]
0A795A63 - 83 BE 28010000 07 - cmp dword ptr [esi+00000128],07
0A795A6A - 75 15 - jne 0A795A81
0A795A6C - D9EE - fldz
0A795A6E - D9 5E 38 - fstp dword ptr [esi+38]
0A795A71 - D9EE - fldz
0A795A73 - D9 9E E0000000 - fstp dword ptr [esi+000000E0]
0A795A79 - D9EE - fldz
0A795A7B - D9 9E E4000000 - fstp dword ptr [esi+000000E4]
0A795A81 - C7 86 28010000 06000000 - mov [esi+00000128],00000006
0A795A8B - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795A91 - BA 0D000000 - mov edx,0000000D
0A795A96 - 39 09 - cmp [ecx],ecx
0A795A98 - E8 5BF51400 - call InputSystem.InputMap::JustPressed
0A795A9D - 85 C0 - test eax,eax
0A795A9F - 74 77 - je 0A795B18
0A795AA1 - 8B 0D CCAB5904 - mov ecx,[0459ABCC] : [1B6AD854]
0A795AA7 - E8 0C015705 - call DS2DEngine.SoundManager::PlaySound
0A795AAC - EB 6A - jmp 0A795B18
0A795AAE - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795AB4 - BA 0D000000 - mov edx,0000000D
0A795AB9 - 39 09 - cmp [ecx],ecx
0A795ABB - E8 38F51400 - call InputSystem.InputMap::JustPressed
0A795AC0 - 85 C0 - test eax,eax
0A795AC2 - 74 54 - je 0A795B18
0A795AC4 - 8B 0D D0AB5904 - mov ecx,[0459ABD0] : [1B6AD888]
0A795ACA - E8 E9005705 - call DS2DEngine.SoundManager::PlaySound
0A795ACF - EB 47 - jmp 0A795B18
0A795AD1 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795AD8 - 75 36 - jne 0A795B10
0A795ADA - 80 BE A4020000 00 - cmp byte ptr [esi+000002A4],00
0A795AE1 - 74 21 - je 0A795B04
0A795AE3 - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A795AEA - 75 0C - jne 0A795AF8
0A795AEC - C7 86 28010000 09000000 - mov [esi+00000128],00000009
0A795AF6 - EB 20 - jmp 0A795B18
0A795AF8 - C7 86 28010000 07000000 - mov [esi+00000128],00000007
0A795B02 - EB 14 - jmp 0A795B18
0A795B04 - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A795B0E - EB 08 - jmp 0A795B18
0A795B10 - 33 D2 - xor edx,edx
0A795B12 - 89 96 28010000 - mov [esi+00000128],edx
0A795B18 - 83 BE 28010000 06 - cmp dword ptr [esi+00000128],06
0A795B1F - 0F84 8B030000 - je 0A795EB0 : [MSVCR100._getmainargs+61]
0A795B25 - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A795B2C - 0F84 7E030000 - je 0A795EB0 : [MSVCR100._getmainargs+61]
0A795B32 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795B38 - BA 14000000 - mov edx,00000014
0A795B3D - 39 09 - cmp [ecx],ecx
0A795B3F - E8 44FCE9FF - call 0A635788
0A795B44 - 85 C0 - test eax,eax
0A795B46 - 75 46 - jne 0A795B8E
0A795B48 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795B4E - BA 15000000 - mov edx,00000015
0A795B53 - 39 09 - cmp [ecx],ecx
0A795B55 - E8 2EFCE9FF - call 0A635788
0A795B5A - 85 C0 - test eax,eax
0A795B5C - 75 30 - jne 0A795B8E
0A795B5E - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795B64 - BA 16000000 - mov edx,00000016
0A795B69 - 39 09 - cmp [ecx],ecx
0A795B6B - E8 18FCE9FF - call 0A635788
0A795B70 - 85 C0 - test eax,eax
0A795B72 - 75 1A - jne 0A795B8E
0A795B74 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795B7A - BA 17000000 - mov edx,00000017
0A795B7F - 39 09 - cmp [ecx],ecx
0A795B81 - E8 02FCE9FF - call 0A635788
0A795B86 - 85 C0 - test eax,eax
0A795B88 - 0F84 08030000 - je 0A795E96
0A795B8E - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795B95 - 74 0A - je 0A795BA1
0A795B97 - C7 86 28010000 01000000 - mov [esi+00000128],00000001
0A795BA1 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795BA7 - BA 16000000 - mov edx,00000016
0A795BAC - 39 09 - cmp [ecx],ecx
0A795BAE - E8 D5FBE9FF - call 0A635788
0A795BB3 - 85 C0 - test eax,eax
0A795BB5 - 75 16 - jne 0A795BCD
0A795BB7 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795BBD - BA 17000000 - mov edx,00000017
0A795BC2 - 39 09 - cmp [ecx],ecx
0A795BC4 - E8 BFFBE9FF - call 0A635788
0A795BC9 - 85 C0 - test eax,eax
0A795BCB - 74 27 - je 0A795BF4
0A795BCD - 80 BE B2020000 00 - cmp byte ptr [esi+000002B2],00
0A795BD4 - 74 09 - je 0A795BDF : [mscorlib.ni.dll+D0E8D9]
0A795BD6 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795BDD - 74 15 - je 0A795BF4
0A795BDF - D9E8 - fld1
0A795BE1 - D9 5E 60 - fstp dword ptr [esi+60]
0A795BE4 - 8B CE - mov ecx,esi
0A795BE6 - FF 15 A41D8A0D - call dword ptr [0D8A1DA4]
0A795BEC - D9 5E 38 - fstp dword ptr [esi+38]
0A795BEF - E9 83000000 - jmp 0A795C77
0A795BF4 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795BFA - BA 14000000 - mov edx,00000014
0A795BFF - 39 09 - cmp [ecx],ecx
0A795C01 - E8 82FBE9FF - call 0A635788
0A795C06 - 85 C0 - test eax,eax
0A795C08 - 75 16 - jne 0A795C20
0A795C0A - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795C10 - BA 15000000 - mov edx,00000015
0A795C15 - 39 09 - cmp [ecx],ecx
0A795C17 - E8 6CFBE9FF - call 0A635788
0A795C1C - 85 C0 - test eax,eax
0A795C1E - 74 52 - je 0A795C72 : [mscorlib.ni.dll+D0EED9]
0A795C20 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795C26 - BA 16000000 - mov edx,00000016
0A795C2B - 39 09 - cmp [ecx],ecx
0A795C2D - E8 56FBE9FF - call 0A635788
0A795C32 - 85 C0 - test eax,eax
0A795C34 - 75 3C - jne 0A795C72 : [mscorlib.ni.dll+D0EED9]
0A795C36 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795C3C - BA 17000000 - mov edx,00000017
0A795C41 - 39 09 - cmp [ecx],ecx
0A795C43 - E8 40FBE9FF - call 0A635788
0A795C48 - 85 C0 - test eax,eax
0A795C4A - 75 26 - jne 0A795C72 : [mscorlib.ni.dll+D0EED9]
0A795C4C - 80 BE B1020000 00 - cmp byte ptr [esi+000002B1],00
0A795C53 - 74 09 - je 0A795C5E
0A795C55 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795C5C - 74 14 - je 0A795C72 : [mscorlib.ni.dll+D0EED9]
0A795C5E - C7 46 60 000080BF - mov [esi+60],BF800000
0A795C65 - 8B CE - mov ecx,esi
0A795C67 - FF 15 A41D8A0D - call dword ptr [0D8A1DA4]
0A795C6D - D9 5E 38 - fstp dword ptr [esi+38]
0A795C70 - EB 05 - jmp 0A795C77
0A795C72 - D9EE - fldz
0A795C74 - D9 5E 38 - fstp dword ptr [esi+38]
0A795C77 - 80 3D 783B9700 00 - cmp byte ptr [00973B78],00
0A795C7E - 75 5B - jne 0A795CDB
0A795C80 - 80 3D 7E3B9700 00 - cmp byte ptr [00973B7E],00
0A795C87 - 75 52 - jne 0A795CDB
0A795C89 - A1 A08A5904 - mov eax,[04598AA0] : [036177F8]
0A795C8E - 83 78 04 00 - cmp dword ptr [eax+04],00
0A795C92 - 0F86 E9150000 - jbe 0A797281
0A795C98 - 8D 48 08 - lea ecx,[eax+08]
0A795C9B - BA A0000000 - mov edx,000000A0
0A795CA0 - E8 CBFF1400 - call Microsoft.Xna.Framework.Input.KeyboardState::get_Item
0A795CA5 - 83 F8 01 - cmp eax,01
0A795CA8 - 74 10 - je 0A795CBA
0A795CAA - B9 00010000 - mov ecx,00000100
0A795CAF - 33 D2 - xor edx,edx
0A795CB1 - E8 2AF61400 - call InputSystem.InputManager::Pressed
0A795CB6 - 85 C0 - test eax,eax
0A795CB8 - 74 21 - je 0A795CDB
0A795CBA - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795CC1 - 74 18 - je 0A795CDB
0A795CC3 - D9 46 38 - fld dword ptr [esi+38]
0A795CC6 - D8 8E 04020000 - fmul dword ptr [esi+00000204]
0A795CCC - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A795CD2 - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A795CD8 - D9 5E 38 - fstp dword ptr [esi+38]
0A795CDB - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A795CE1 - 39 09 - cmp [ecx],ecx
0A795CE3 - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A795CE9 - 85 C0 - test eax,eax
0A795CEB - 74 64 - je 0A795D51
0A795CED - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A795CF3 - 39 09 - cmp [ecx],ecx
0A795CF5 - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A795CFB - 85 C0 - test eax,eax
0A795CFD - 0F84 C3000000 - je 0A795DC6
0A795D03 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795D09 - 8D 95 38FFFFFF - lea edx,[ebp-000000C8]
0A795D0F - 39 09 - cmp [ecx],ecx
0A795D11 - E8 CAA11B05 - call RogueCastle.PlayerStats::get_Traits
0A795D16 - D9 85 38FFFFFF - fld dword ptr [ebp-000000C8]
0A795D1C - D9 05 9072790A - fld dword ptr [0A797290] : [(float)27.0000]
0A795D22 - DFF1 - fcomip st(0),st(1)
0A795D24 - DDD8 - fstp st(0)
0A795D26 - 7A 02 - jp 0A795D2A
0A795D28 - 74 27 - je 0A795D51
0A795D2A - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795D30 - 8D 95 30FFFFFF - lea edx,[ebp-000000D0]
0A795D36 - 39 09 - cmp [ecx],ecx
0A795D38 - E8 A3A11B05 - call RogueCastle.PlayerStats::get_Traits
0A795D3D - D9 85 34FFFFFF - fld dword ptr [ebp-000000CC]
0A795D43 - D9 05 9872790A - fld dword ptr [0A797298] : [(float)27.0000]
0A795D49 - DFF1 - fcomip st(0),st(1)
0A795D4B - DDD8 - fstp st(0)
0A795D4D - 7A 77 - jp 0A795DC6
0A795D4F - 75 75 - jne 0A795DC6
0A795D51 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795D57 - BA 16000000 - mov edx,00000016
0A795D5C - 39 09 - cmp [ecx],ecx
0A795D5E - E8 25FAE9FF - call 0A635788
0A795D63 - 85 C0 - test eax,eax
0A795D65 - 75 16 - jne 0A795D7D
0A795D67 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795D6D - BA 17000000 - mov edx,00000017
0A795D72 - 39 09 - cmp [ecx],ecx
0A795D74 - E8 0FFAE9FF - call 0A635788
0A795D79 - 85 C0 - test eax,eax
0A795D7B - 74 0E - je 0A795D8B
0A795D7D - 8B CE - mov ecx,esi
0A795D7F - 33 D2 - xor edx,edx
0A795D81 - 8B 01 - mov eax,[ecx]
0A795D83 - 8B 40 38 - mov eax,[eax+38]
0A795D86 - FF 50 18 - call dword ptr [eax+18]
0A795D89 - EB 3B - jmp 0A795DC6
0A795D8B - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795D91 - BA 14000000 - mov edx,00000014
0A795D96 - 39 09 - cmp [ecx],ecx
0A795D98 - E8 EBF9E9FF - call 0A635788
0A795D9D - 85 C0 - test eax,eax
0A795D9F - 75 16 - jne 0A795DB7
0A795DA1 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795DA7 - BA 15000000 - mov edx,00000015
0A795DAC - 39 09 - cmp [ecx],ecx
0A795DAE - E8 D5F9E9FF - call 0A635788
0A795DB3 - 85 C0 - test eax,eax
0A795DB5 - 74 0F - je 0A795DC6
0A795DB7 - 8B CE - mov ecx,esi
0A795DB9 - BA 01000000 - mov edx,00000001
0A795DBE - 8B 01 - mov eax,[ecx]
0A795DC0 - 8B 40 38 - mov eax,[eax+38]
0A795DC3 - FF 50 18 - call dword ptr [eax+18]
0A795DC6 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795DCD - 0F84 DD000000 - je 0A795EB0 : [MSVCR100._getmainargs+61]
0A795DD3 - 8B 86 4C010000 - mov eax,[esi+0000014C]
0A795DD9 - 3B 86 50010000 - cmp eax,[esi+00000150]
0A795DDF - 0F85 CB000000 - jne 0A795EB0 : [MSVCR100._getmainargs+61]
0A795DE5 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A795DEB - 39 09 - cmp [ecx],ecx
0A795DED - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A795DF3 - 85 C0 - test eax,eax
0A795DF5 - 0F84 B5000000 - je 0A795EB0 : [MSVCR100._getmainargs+61]
0A795DFB - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A795E01 - 39 09 - cmp [ecx],ecx
0A795E03 - E8 88E64105 - call DS2DEngine.SpriteObj::get_SpriteName
0A795E08 - 8B C8 - mov ecx,eax
0A795E0A - 8B 15 D4AB5904 - mov edx,[0459ABD4] : [1B6AD8AC]
0A795E10 - E8 EBB3C153 - call System.String::op_Inequality
0A795E15 - 85 C0 - test eax,eax
0A795E17 - 0F84 93000000 - je 0A795EB0 : [MSVCR100._getmainargs+61]
0A795E1D - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A795E23 - 8B 15 D4AB5904 - mov edx,[0459ABD4] : [1B6AD8AC]
0A795E29 - 8B 01 - mov eax,[ecx]
0A795E2B - 8B 40 2C - mov eax,[eax+2C]
0A795E2E - FF 50 04 - call dword ptr [eax+04]
0A795E31 - 8B BE 60010000 - mov edi,[esi+00000160]
0A795E37 - 8B CE - mov ecx,esi
0A795E39 - FF 15 C48D1909 - call dword ptr [09198DC4]
0A795E3F - 8B D8 - mov ebx,eax
0A795E41 - 8B CE - mov ecx,esi
0A795E43 - E8 08CB1C05 - call DS2DEngine.ObjContainer::get_TotalFrames
0A795E48 - 50 - push eax
0A795E49 - 6A 00 - push 00
0A795E4B - 8B D3 - mov edx,ebx
0A795E4D - 8B CF - mov ecx,edi
0A795E4F - 39 09 - cmp [ecx],ecx
0A795E51 - E8 7AB0E9FF - call 0A630ED0
0A795E56 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A795E5C - 38 01 - cmp [ecx],al
0A795E5E - 8D 41 48 - lea eax,[ecx+48]
0A795E61 - D9 40 04 - fld dword ptr [eax+04]
0A795E64 - D8 05 A072790A - fadd dword ptr [0A7972A0] : [(float)4.0000]
0A795E6A - 83 EC 04 - sub esp,04
0A795E6D - D9 1C 24 - fstp dword ptr [esp]
0A795E70 - E8 3BF11A05 - call DS2DEngine.GameObj::set_Y
0A795E75 - 8B 86 60010000 - mov eax,[esi+00000160]
0A795E7B - C6 80 C4000000 01 - mov byte ptr [eax+000000C4],01
0A795E82 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A795E88 - 68 CDCCCC3D - push 3DCCCCCD
0A795E8D - 39 09 - cmp [ecx],ecx
0A795E8F - E8 5C111B05 - call DS2DEngine.SpriteObj::set_AnimationDelay
0A795E94 - EB 1A - jmp 0A795EB0 : [MSVCR100._getmainargs+61]
0A795E96 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795E9D - 74 08 - je 0A795EA7
0A795E9F - 33 D2 - xor edx,edx
0A795EA1 - 89 96 28010000 - mov [esi+00000128],edx
0A795EA7 - 6A 00 - push 00
0A795EA9 - 8B CE - mov ecx,esi
0A795EAB - E8 D0BFFFFF - call 0A791E80
0A795EB0 - 33 D2 - xor edx,edx
0A795EB2 - 89 55 F0 - mov [ebp-10],edx
0A795EB5 - 83 BE 28010000 06 - cmp dword ptr [esi+00000128],06
0A795EBC - 0F84 3C050000 - je 0A7963FE
0A795EC2 - 83 BE 28010000 07 - cmp dword ptr [esi+00000128],07
0A795EC9 - 0F84 2F050000 - je 0A7963FE
0A795ECF - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A795ED6 - 0F84 22050000 - je 0A7963FE
0A795EDC - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795EE2 - 39 09 - cmp [ecx],ecx
0A795EE4 - E8 57803D05 - call 0FB6DF40
0A795EE9 - 83 F8 10 - cmp eax,10
0A795EEC - 0F84 0C050000 - je 0A7963FE
0A795EF2 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795EF8 - BA 0A000000 - mov edx,0000000A
0A795EFD - 39 09 - cmp [ecx],ecx
0A795EFF - E8 F4F01400 - call InputSystem.InputMap::JustPressed
0A795F04 - 85 C0 - test eax,eax
0A795F06 - 75 1A - jne 0A795F22
0A795F08 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A795F0E - BA 0B000000 - mov edx,0000000B
0A795F13 - 39 09 - cmp [ecx],ecx
0A795F15 - E8 DEF01400 - call InputSystem.InputMap::JustPressed
0A795F1A - 85 C0 - test eax,eax
0A795F1C - 0F84 09020000 - je 0A79612B
0A795F22 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A795F29 - 0F84 FC010000 - je 0A79612B
0A795F2F - D9 86 D8010000 - fld dword ptr [esi+000001D8]
0A795F35 - D9EE - fldz
0A795F37 - DFF1 - fcomip st(0),st(1)
0A795F39 - DDD8 - fstp st(0)
0A795F3B - 0F8A EA010000 - jp 0A79612B
0A795F41 - 0F82 E4010000 - jb 0A79612B
0A795F47 - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A795F51 - D9 86 1C010000 - fld dword ptr [esi+0000011C]
0A795F57 - D9E0 - fchs
0A795F59 - 83 EC 04 - sub esp,04
0A795F5C - D9 1C 24 - fstp dword ptr [esp]
0A795F5F - 8B CE - mov ecx,esi
0A795F61 - E8 2AC0FFFF - call 0A791F90
0A795F66 - C6 86 A5020000 01 - mov byte ptr [esi+000002A5],01
0A795F6D - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795F73 - 8D 95 68FFFFFF - lea edx,[ebp-00000098]
0A795F79 - 39 09 - cmp [ecx],ecx
0A795F7B - E8 609F1B05 - call RogueCastle.PlayerStats::get_Traits
0A795F80 - D9 85 68FFFFFF - fld dword ptr [ebp-00000098]
0A795F86 - D9 05 A872790A - fld dword ptr [0A7972A8] : [(float)6.0000]
0A795F8C - DFF1 - fcomip st(0),st(1)
0A795F8E - DDD8 - fstp st(0)
0A795F90 - 7A 02 - jp 0A795F94
0A795F92 - 74 27 - je 0A795FBB
0A795F94 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795F9A - 8D 95 40FFFFFF - lea edx,[ebp-000000C0]
0A795FA0 - 39 09 - cmp [ecx],ecx
0A795FA2 - E8 399F1B05 - call RogueCastle.PlayerStats::get_Traits
0A795FA7 - D9 85 44FFFFFF - fld dword ptr [ebp-000000BC]
0A795FAD - D9 05 B072790A - fld dword ptr [0A7972B0] : [(float)6.0000]
0A795FB3 - DFF1 - fcomip st(0),st(1)
0A795FB5 - DDD8 - fstp st(0)
0A795FB7 - 7A 18 - jp 0A795FD1
0A795FB9 - 75 16 - jne 0A795FD1
0A795FBB - 8B 0D D8AB5904 - mov ecx,[0459ABD8] : [1B6AD8EC]
0A795FC1 - E8 F2FB5605 - call DS2DEngine.SoundManager::PlaySound
0A795FC6 - 8B 0D 9C995904 - mov ecx,[0459999C] : [0372A424]
0A795FCC - E8 E7FB5605 - call DS2DEngine.SoundManager::PlaySound
0A795FD1 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795FD7 - 8D 95 60FFFFFF - lea edx,[ebp-000000A0]
0A795FDD - 39 09 - cmp [ecx],ecx
0A795FDF - E8 FC9E1B05 - call RogueCastle.PlayerStats::get_Traits
0A795FE4 - D9 85 60FFFFFF - fld dword ptr [ebp-000000A0]
0A795FEA - D9 05 B872790A - fld dword ptr [0A7972B8] : [(float)7.0000]
0A795FF0 - DFF1 - fcomip st(0),st(1)
0A795FF2 - DDD8 - fstp st(0)
0A795FF4 - 7A 02 - jp 0A795FF8
0A795FF6 - 74 27 - je 0A79601F
0A795FF8 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A795FFE - 8D 95 48FFFFFF - lea edx,[ebp-000000B8]
0A796004 - 39 09 - cmp [ecx],ecx
0A796006 - E8 D59E1B05 - call RogueCastle.PlayerStats::get_Traits
0A79600B - D9 85 4CFFFFFF - fld dword ptr [ebp-000000B4]
0A796011 - D9 05 C072790A - fld dword ptr [0A7972C0] : [(float)7.0000]
0A796017 - DFF1 - fcomip st(0),st(1)
0A796019 - DDD8 - fstp st(0)
0A79601B - 7A 1A - jp 0A796037
0A79601D - 75 18 - jne 0A796037
0A79601F - 8B 0D DCAB5904 - mov ecx,[0459ABDC] : [1B6AD920]
0A796025 - E8 8EFB5605 - call DS2DEngine.SoundManager::PlaySound
0A79602A - 8B 0D 8C995904 - mov ecx,[0459998C] : [0372A33C]
0A796030 - E8 83FB5605 - call DS2DEngine.SoundManager::PlaySound
0A796035 - EB 16 - jmp 0A79604D
0A796037 - 8B 0D E0AB5904 - mov ecx,[0459ABE0] : [1B6AD954]
0A79603D - E8 76FB5605 - call DS2DEngine.SoundManager::PlaySound
0A796042 - 8B 0D 84995904 - mov ecx,[04599984] : [0372A2E4]
0A796048 - E8 6BFB5605 - call DS2DEngine.SoundManager::PlaySound
0A79604D - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796053 - 8D 95 58FFFFFF - lea edx,[ebp-000000A8]
0A796059 - 39 09 - cmp [ecx],ecx
0A79605B - E8 809E1B05 - call RogueCastle.PlayerStats::get_Traits
0A796060 - D9 85 58FFFFFF - fld dword ptr [ebp-000000A8]
0A796066 - D9 05 C872790A - fld dword ptr [0A7972C8] : [(float)19.0000]
0A79606C - DFF1 - fcomip st(0),st(1)
0A79606E - DDD8 - fstp st(0)
0A796070 - 7A 02 - jp 0A796074
0A796072 - 74 2F - je 0A7960A3
0A796074 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79607A - 8D 95 50FFFFFF - lea edx,[ebp-000000B0]
0A796080 - 39 09 - cmp [ecx],ecx
0A796082 - E8 599E1B05 - call RogueCastle.PlayerStats::get_Traits
0A796087 - D9 85 54FFFFFF - fld dword ptr [ebp-000000AC]
0A79608D - D9 05 D072790A - fld dword ptr [0A7972D0] : [(float)19.0000]
0A796093 - DFF1 - fcomip st(0),st(1)
0A796095 - DDD8 - fstp st(0)
0A796097 - 0F8A 82000000 - jp 0A79611F
0A79609D - 0F85 7C000000 - jne 0A79611F
0A7960A3 - 6A 65 - push 65
0A7960A5 - 8B 0D 5C8A5904 - mov ecx,[04598A5C] : [0359371C]
0A7960AB - 33 D2 - xor edx,edx
0A7960AD - 8B 01 - mov eax,[ecx]
0A7960AF - 8B 40 28 - mov eax,[eax+28]
0A7960B2 - FF 50 18 - call dword ptr [eax+18]
0A7960B5 - 83 F8 5B - cmp eax,5B
0A7960B8 - 7C 65 - jnge 0A79611F
0A7960BA - B9 FE3F095E - mov ecx,mscorlib.ni.dll+3FFE
0A7960BF - BA 03000000 - mov edx,00000003
0A7960C4 - E8 F3C01CF6 - call 009621BC
0A7960C9 - 8B F8 - mov edi,eax
0A7960CB - FF 35 C0AB5904 - push [0459ABC0] : [1B6AD80C]
0A7960D1 - 8B CF - mov ecx,edi
0A7960D3 - 33 D2 - xor edx,edx
0A7960D5 - E8 3D23A854 - call clr.dll+8417
0A7960DA - FF 35 C4AB5904 - push [0459ABC4] : [1B6AD824]
0A7960E0 - 8B CF - mov ecx,edi
0A7960E2 - BA 01000000 - mov edx,00000001
0A7960E7 - E8 2B23A854 - call clr.dll+8417
0A7960EC - FF 35 C8AB5904 - push [0459ABC8] : [1B6AD83C]
0A7960F2 - 8B CF - mov ecx,edi
0A7960F4 - BA 02000000 - mov edx,00000002
0A7960F9 - E8 1923A854 - call clr.dll+8417
0A7960FE - 8B CF - mov ecx,edi
0A796100 - E8 4BB0FFFF - call 0A791150
0A796105 - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A79610B - 39 09 - cmp [ecx],ecx
0A79610D - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A796113 - 8B C8 - mov ecx,eax
0A796115 - 8B D6 - mov edx,esi
0A796117 - 39 09 - cmp [ecx],ecx
0A796119 - FF 15 5CBD1909 - call dword ptr [0919BD5C]
0A79611F - C7 45 F0 01000000 - mov [ebp-10],00000001
0A796126 - E9 05020000 - jmp 0A796330
0A79612B - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796131 - BA 0A000000 - mov edx,0000000A
0A796136 - 39 09 - cmp [ecx],ecx
0A796138 - E8 BBEE1400 - call InputSystem.InputMap::JustPressed
0A79613D - 85 C0 - test eax,eax
0A79613F - 75 1A - jne 0A79615B
0A796141 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796147 - BA 0B000000 - mov edx,0000000B
0A79614C - 39 09 - cmp [ecx],ecx
0A79614E - E8 A5EE1400 - call InputSystem.InputMap::JustPressed
0A796153 - 85 C0 - test eax,eax
0A796155 - 0F84 D5010000 - je 0A796330
0A79615B - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00 // ? - seems to be 1 on ground
0A796162 - 0F85 C8010000 - jne 0A796330
0A796168 - 0FB6 BE A6020000 - movzx edi,byte ptr [esi+000002A6] // multijump counter
0A79616F - 8B CE - mov ecx,esi
0A796171 - FF 15 741D8A0D - call dword ptr [0D8A1D74]
0A796177 - 3B C7 - cmp eax,edi
0A796179 - 0F8E B1010000 - jng 0A796330
0A79617F - D9 86 D8010000 - fld dword ptr [esi+000001D8]
0A796185 - D9EE - fldz
0A796187 - DFF1 - fcomip st(0),st(1)
0A796189 - DDD8 - fstp st(0)
0A79618B - 0F8A 9F010000 - jp 0A796330
0A796191 - 0F82 99010000 - jb 0A796330
0A796197 - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A7961A1 - D9 86 24010000 - fld dword ptr [esi+00000124]
0A7961A7 - D9E0 - fchs
0A7961A9 - 83 EC 04 - sub esp,04
0A7961AC - D9 1C 24 - fstp dword ptr [esp]
0A7961AF - 8B CE - mov ecx,esi
0A7961B1 - E8 DABDFFFF - call 0A791F90
0A7961B6 - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A7961BC - 39 09 - cmp [ecx],ecx
0A7961BE - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A7961C4 - 8B D8 - mov ebx,eax
0A7961C6 - 8B CE - mov ecx,esi
0A7961C8 - E8 F3A41A05 - call DS2DEngine.GameObj::get_X
0A7961CD - 8D 55 D8 - lea edx,[ebp-28]
0A7961D0 - 8B CE - mov ecx,esi
0A7961D2 - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A7961D8 - 8B 01 - mov eax,[ecx]
0A7961DA - 8B 40 38 - mov eax,[eax+38]
0A7961DD - FF 50 1C - call dword ptr [eax+1C]
0A7961E0 - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A7961E6 - 8D 7D 80 - lea edi,[ebp-80]
0A7961E9 - 0F57 C0 - xorps xmm0,xmm0
0A7961EC - 66 0FD6 07 - movq [edi],xmm0
0A7961F0 - 83 EC 04 - sub esp,04
0A7961F3 - D9 1C 24 - fstp dword ptr [esp]
0A7961F6 - 8B 45 DC - mov eax,[ebp-24]
0A7961F9 - 8B 55 E4 - mov edx,[ebp-1C]
0A7961FC - 8D 44 10 0A - lea eax,[eax+edx+0A]
0A796200 - 89 85 2CFFFFFF - mov [ebp-000000D4],eax
0A796206 - DB 85 2CFFFFFF - fild dword ptr [ebp-000000D4]
0A79620C - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A796212 - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A796218 - 83 EC 04 - sub esp,04
0A79621B - D9 1C 24 - fstp dword ptr [esp]
0A79621E - 8D 4D 80 - lea ecx,[ebp-80]
0A796221 - E8 8ACA23FB - call Microsoft.Xna.Framework.Vector2::.ctor
0A796226 - 8D 45 80 - lea eax,[ebp-80]
0A796229 - 83 EC 08 - sub esp,08
0A79622C - F3 0F7E 00 - movq xmm0,[eax]
0A796230 - 66 0FD6 04 24 - movq [esp],xmm0
0A796235 - 8B CB - mov ecx,ebx
0A796237 - 39 09 - cmp [ecx],ecx
0A796239 - FF 15 2CBD1909 - call dword ptr [0919BD2C]
0A79623F - C6 86 A5020000 01 - mov byte ptr [esi+000002A5],01
0A796246 - FE 86 A6020000 - inc byte ptr [esi+000002A6]
0A79624C - 8B 0D E4AB5904 - mov ecx,[0459ABE4] : [1B6AD980]
0A796252 - E8 61F95605 - call DS2DEngine.SoundManager::PlaySound
0A796257 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79625D - 8D 95 78FFFFFF - lea edx,[ebp-00000088]
0A796263 - 39 09 - cmp [ecx],ecx
0A796265 - E8 769C1B05 - call RogueCastle.PlayerStats::get_Traits
0A79626A - D9 85 78FFFFFF - fld dword ptr [ebp-00000088]
0A796270 - D9 05 D872790A - fld dword ptr [0A7972D8] : [(float)19.0000]
0A796276 - DFF1 - fcomip st(0),st(1)
0A796278 - DDD8 - fstp st(0)
0A79627A - 7A 02 - jp 0A79627E
0A79627C - 74 2F - je 0A7962AD
0A79627E - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796284 - 8D 95 70FFFFFF - lea edx,[ebp-00000090]
0A79628A - 39 09 - cmp [ecx],ecx
0A79628C - E8 4F9C1B05 - call RogueCastle.PlayerStats::get_Traits
0A796291 - D9 85 74FFFFFF - fld dword ptr [ebp-0000008C]
0A796297 - D9 05 E072790A - fld dword ptr [0A7972E0] : [(float)19.0000]
0A79629D - DFF1 - fcomip st(0),st(1)
0A79629F - DDD8 - fstp st(0)
0A7962A1 - 0F8A 82000000 - jp 0A796329
0A7962A7 - 0F85 7C000000 - jne 0A796329
0A7962AD - 6A 65 - push 65
0A7962AF - 8B 0D 5C8A5904 - mov ecx,[04598A5C] : [0359371C]
0A7962B5 - 33 D2 - xor edx,edx
0A7962B7 - 8B 01 - mov eax,[ecx]
0A7962B9 - 8B 40 28 - mov eax,[eax+28]
0A7962BC - FF 50 18 - call dword ptr [eax+18]
0A7962BF - 83 F8 5B - cmp eax,5B
0A7962C2 - 7C 65 - jnge 0A796329
0A7962C4 - B9 FE3F095E - mov ecx,mscorlib.ni.dll+3FFE
0A7962C9 - BA 03000000 - mov edx,00000003
0A7962CE - E8 E9BE1CF6 - call 009621BC
0A7962D3 - 8B F8 - mov edi,eax
0A7962D5 - FF 35 C0AB5904 - push [0459ABC0] : [1B6AD80C]
0A7962DB - 8B CF - mov ecx,edi
0A7962DD - 33 D2 - xor edx,edx
0A7962DF - E8 3321A854 - call clr.dll+8417
0A7962E4 - FF 35 C4AB5904 - push [0459ABC4] : [1B6AD824]
0A7962EA - 8B CF - mov ecx,edi
0A7962EC - BA 01000000 - mov edx,00000001
0A7962F1 - E8 2121A854 - call clr.dll+8417
0A7962F6 - FF 35 C8AB5904 - push [0459ABC8] : [1B6AD83C]
0A7962FC - 8B CF - mov ecx,edi
0A7962FE - BA 02000000 - mov edx,00000002
0A796303 - E8 0F21A854 - call clr.dll+8417
0A796308 - 8B CF - mov ecx,edi
0A79630A - E8 41AEFFFF - call 0A791150
0A79630F - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A796315 - 39 09 - cmp [ecx],ecx
0A796317 - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A79631D - 8B C8 - mov ecx,eax
0A79631F - 8B D6 - mov edx,esi
0A796321 - 39 09 - cmp [ecx],ecx
0A796323 - FF 15 5CBD1909 - call dword ptr [0919BD5C]
0A796329 - C7 45 F0 01000000 - mov [ebp-10],00000001
0A796330 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A796337 - 0F85 C1000000 - jne 0A7963FE
0A79633D - 8B 86 4C010000 - mov eax,[esi+0000014C]
0A796343 - 3B 86 50010000 - cmp eax,[esi+00000150]
0A796349 - 0F85 9C000000 - jne 0A7963EB
0A79634F - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796355 - 39 09 - cmp [ecx],ecx
0A796357 - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A79635D - 85 C0 - test eax,eax
0A79635F - 0F84 86000000 - je 0A7963EB
0A796365 - D9 86 E4000000 - fld dword ptr [esi+000000E4]
0A79636B - D9EE - fldz
0A79636D - DFF1 - fcomip st(0),st(1)
0A79636F - DDD8 - fstp st(0)
0A796371 - 7A 36 - jp 0A7963A9
0A796373 - 73 34 - jae 0A7963A9
0A796375 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A79637B - 39 09 - cmp [ecx],ecx
0A79637D - E8 0EE14105 - call DS2DEngine.SpriteObj::get_SpriteName
0A796382 - 8B C8 - mov ecx,eax
0A796384 - 8B 15 E8AB5904 - mov edx,[0459ABE8] : [1B6AD9B0]
0A79638A - E8 71AEC153 - call System.String::op_Inequality
0A79638F - 85 C0 - test eax,eax
0A796391 - 74 16 - je 0A7963A9
0A796393 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A796399 - 8B 15 E8AB5904 - mov edx,[0459ABE8] : [1B6AD9B0]
0A79639F - 8B 01 - mov eax,[ecx]
0A7963A1 - 8B 40 2C - mov eax,[eax+2C]
0A7963A4 - FF 50 04 - call dword ptr [eax+04]
0A7963A7 - EB 42 - jmp 0A7963EB
0A7963A9 - D9 86 E4000000 - fld dword ptr [esi+000000E4]
0A7963AF - D9EE - fldz
0A7963B1 - DFF1 - fcomip st(0),st(1)
0A7963B3 - DDD8 - fstp st(0)
0A7963B5 - 7A 34 - jp 0A7963EB
0A7963B7 - 76 32 - jna 0A7963EB
0A7963B9 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A7963BF - 39 09 - cmp [ecx],ecx
0A7963C1 - E8 CAE04105 - call DS2DEngine.SpriteObj::get_SpriteName
0A7963C6 - 8B C8 - mov ecx,eax
0A7963C8 - 8B 15 ECAB5904 - mov edx,[0459ABEC] : [1B6AD9FC]
0A7963CE - E8 2DAEC153 - call System.String::op_Inequality
0A7963D3 - 85 C0 - test eax,eax
0A7963D5 - 74 14 - je 0A7963EB
0A7963D7 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A7963DD - 8B 15 ECAB5904 - mov edx,[0459ABEC] : [1B6AD9FC]
0A7963E3 - 8B 01 - mov eax,[ecx]
0A7963E5 - 8B 40 2C - mov eax,[eax+2C]
0A7963E8 - FF 50 04 - call dword ptr [eax+04]
0A7963EB - 83 BE 28010000 07 - cmp dword ptr [esi+00000128],07
0A7963F2 - 74 0A - je 0A7963FE
0A7963F4 - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A7963FE - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796404 - 39 09 - cmp [ecx],ecx
0A796406 - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A79640C - 85 C0 - test eax,eax
0A79640E - 0F85 73020000 - jne 0A796687
0A796414 - 83 BE 28010000 06 - cmp dword ptr [esi+00000128],06
0A79641B - 0F84 66020000 - je 0A796687
0A796421 - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A796428 - 0F84 59020000 - je 0A796687
0A79642E - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796434 - 39 09 - cmp [ecx],ecx
0A796436 - E8 057B3D05 - call 0FB6DF40
0A79643B - 83 F8 10 - cmp eax,10
0A79643E - 0F84 43020000 - je 0A796687
0A796444 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A79644A - BA 12000000 - mov edx,00000012
0A79644F - 39 09 - cmp [ecx],ecx
0A796451 - E8 A2EB1400 - call InputSystem.InputMap::JustPressed
0A796456 - 85 C0 - test eax,eax
0A796458 - 75 1A - jne 0A796474
0A79645A - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796460 - BA 13000000 - mov edx,00000013
0A796465 - 39 09 - cmp [ecx],ecx
0A796467 - E8 8CEB1400 - call InputSystem.InputMap::JustPressed
0A79646C - 85 C0 - test eax,eax
0A79646E - 0F84 85000000 - je 0A7964F9
0A796474 - 8B 05 C0335904 - mov eax,[045933C0] : [035942BC]
0A79647A - 80 78 18 00 - cmp byte ptr [eax+18],00
0A79647E - 74 79 - je 0A7964F9
0A796480 - 83 BE 28010000 02 - cmp dword ptr [esi+00000128],02
0A796487 - 75 70 - jne 0A7964F9
0A796489 - D9 86 D8010000 - fld dword ptr [esi+000001D8]
0A79648F - D9EE - fldz
0A796491 - DFF1 - fcomip st(0),st(1)
0A796493 - DDD8 - fstp st(0)
0A796495 - 7A 62 - jp 0A7964F9
0A796497 - 72 60 - jb 0A7964F9
0A796499 - 8B 86 54010000 - mov eax,[esi+00000154]
0A79649F - 8D 96 4C010000 - lea edx,[esi+0000014C]
0A7964A5 - E8 C6B6A754 - call clr.dll+1B70
0A7964AA - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7964B0 - 39 09 - cmp [ecx],ecx
0A7964B2 - E8 897A3D05 - call 0FB6DF40
0A7964B7 - 83 F8 06 - cmp eax,06
0A7964BA - 74 12 - je 0A7964CE
0A7964BC - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7964C2 - 39 09 - cmp [ecx],ecx
0A7964C4 - E8 777A3D05 - call 0FB6DF40
0A7964C9 - 83 F8 0E - cmp eax,0E
0A7964CC - 75 08 - jne 0A7964D6
0A7964CE - 8B CE - mov ecx,esi
0A7964D0 - FF 15 341B8A0D - call dword ptr [0D8A1B34]
0A7964D6 - 80 BE AC020000 00 - cmp byte ptr [esi+000002AC],00
0A7964DD - 74 08 - je 0A7964E7
0A7964DF - 8B CE - mov ecx,esi
0A7964E1 - FF 15 881A8A0D - call dword ptr [0D8A1A88]
0A7964E7 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A7964ED - 39 09 - cmp [ecx],ecx
0A7964EF - E8 AC983D05 - call 0FB6FDA0
0A7964F4 - E9 8E010000 - jmp 0A796687
0A7964F9 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7964FF - BA 0C000000 - mov edx,0000000C
0A796504 - 39 09 - cmp [ecx],ecx
0A796506 - E8 EDEA1400 - call InputSystem.InputMap::JustPressed
0A79650B - 85 C0 - test eax,eax
0A79650D - 0F84 74010000 - je 0A796687
0A796513 - 83 BE 28010000 02 - cmp dword ptr [esi+00000128],02
0A79651A - 0F85 9F000000 - jne 0A7965BF
0A796520 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796526 - BA 12000000 - mov edx,00000012
0A79652B - 39 09 - cmp [ecx],ecx
0A79652D - E8 56F2E9FF - call 0A635788
0A796532 - 85 C0 - test eax,eax
0A796534 - 75 16 - jne 0A79654C
0A796536 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A79653C - BA 13000000 - mov edx,00000013
0A796541 - 39 09 - cmp [ecx],ecx
0A796543 - E8 40F2E9FF - call 0A635788
0A796548 - 85 C0 - test eax,eax
0A79654A - 74 13 - je 0A79655F
0A79654C - 8B 86 54010000 - mov eax,[esi+00000154]
0A796552 - 8D 96 4C010000 - lea edx,[esi+0000014C]
0A796558 - E8 13B6A754 - call clr.dll+1B70
0A79655D - EB 11 - jmp 0A796570
0A79655F - 8B 86 50010000 - mov eax,[esi+00000150]
0A796565 - 8D 96 4C010000 - lea edx,[esi+0000014C]
0A79656B - E8 00B6A754 - call clr.dll+1B70
0A796570 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796576 - 39 09 - cmp [ecx],ecx
0A796578 - E8 C3793D05 - call 0FB6DF40
0A79657D - 83 F8 06 - cmp eax,06
0A796580 - 74 12 - je 0A796594
0A796582 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796588 - 39 09 - cmp [ecx],ecx
0A79658A - E8 B1793D05 - call 0FB6DF40
0A79658F - 83 F8 0E - cmp eax,0E
0A796592 - 75 08 - jne 0A79659C
0A796594 - 8B CE - mov ecx,esi
0A796596 - FF 15 341B8A0D - call dword ptr [0D8A1B34]
0A79659C - 80 BE AC020000 00 - cmp byte ptr [esi+000002AC],00
0A7965A3 - 74 08 - je 0A7965AD
0A7965A5 - 8B CE - mov ecx,esi
0A7965A7 - FF 15 881A8A0D - call dword ptr [0D8A1A88]
0A7965AD - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A7965B3 - 39 09 - cmp [ecx],ecx
0A7965B5 - E8 E6973D05 - call 0FB6FDA0
0A7965BA - E9 C8000000 - jmp 0A796687
0A7965BF - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A7965C6 - 75 09 - jne 0A7965D1
0A7965C8 - 6A 00 - push 00
0A7965CA - 8B CE - mov ecx,esi
0A7965CC - E8 AFB8FFFF - call 0A791E80
0A7965D1 - D9 86 E8010000 - fld dword ptr [esi+000001E8]
0A7965D7 - D9EE - fldz
0A7965D9 - DFF1 - fcomip st(0),st(1)
0A7965DB - DDD8 - fstp st(0)
0A7965DD - 7A 08 - jp 0A7965E7
0A7965DF - 73 06 - jae 0A7965E7
0A7965E1 - FF 86 EC010000 - inc [esi+000001EC]
0A7965E7 - D9 86 BC010000 - fld dword ptr [esi+000001BC]
0A7965ED - D9 9E E8010000 - fstp dword ptr [esi+000001E8]
0A7965F3 - 83 BE EC010000 00 - cmp dword ptr [esi+000001EC],00
0A7965FA - 75 13 - jne 0A79660F
0A7965FC - 8B 86 50010000 - mov eax,[esi+00000150]
0A796602 - 8D 96 4C010000 - lea edx,[esi+0000014C]
0A796608 - E8 63B5A754 - call clr.dll+1B70
0A79660D - EB 21 - jmp 0A796630
0A79660F - 8B 86 50010000 - mov eax,[esi+00000150]
0A796615 - 8D 96 4C010000 - lea edx,[esi+0000014C]
0A79661B - E8 50B5A754 - call clr.dll+1B70
0A796620 - 33 D2 - xor edx,edx
0A796622 - 89 96 EC010000 - mov [esi+000001EC],edx
0A796628 - D9EE - fldz
0A79662A - D9 9E E8010000 - fstp dword ptr [esi+000001E8]
0A796630 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796636 - 39 09 - cmp [ecx],ecx
0A796638 - E8 03793D05 - call 0FB6DF40
0A79663D - 83 F8 06 - cmp eax,06
0A796640 - 74 12 - je 0A796654
0A796642 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796648 - 39 09 - cmp [ecx],ecx
0A79664A - E8 F1783D05 - call 0FB6DF40
0A79664F - 83 F8 0E - cmp eax,0E
0A796652 - 75 08 - jne 0A79665C
0A796654 - 8B CE - mov ecx,esi
0A796656 - FF 15 341B8A0D - call dword ptr [0D8A1B34]
0A79665C - 80 BE AC020000 00 - cmp byte ptr [esi+000002AC],00
0A796663 - 74 08 - je 0A79666D
0A796665 - 8B CE - mov ecx,esi
0A796667 - FF 15 881A8A0D - call dword ptr [0D8A1A88]
0A79666D - 8B 86 60010000 - mov eax,[esi+00000160]
0A796673 - C6 80 C4000000 00 - mov byte ptr [eax+000000C4],00
0A79667A - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796680 - 39 09 - cmp [ecx],ecx
0A796682 - E8 19973D05 - call 0FB6FDA0
0A796687 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79668D - 39 09 - cmp [ecx],ecx
0A79668F - E8 3C751500 - call 0A8EDBD0
0A796694 - 85 C0 - test eax,eax
0A796696 - 0F84 73040000 - je 0A796B0F
0A79669C - 33 FF - xor edi,edi
0A79669E - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7966A4 - 39 09 - cmp [ecx],ecx
0A7966A6 - FF 15 C0C9A905 - call dword ptr [05A9C9C0]
0A7966AC - 83 F8 0F - cmp eax,0F
0A7966AF - 75 57 - jne 0A796708
0A7966B1 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7966B7 - BA 0C000000 - mov edx,0000000C
0A7966BC - 39 09 - cmp [ecx],ecx
0A7966BE - E8 C5F0E9FF - call 0A635788
0A7966C3 - 85 C0 - test eax,eax
0A7966C5 - 75 16 - jne 0A7966DD
0A7966C7 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7966CD - BA 18000000 - mov edx,00000018
0A7966D2 - 39 09 - cmp [ecx],ecx
0A7966D4 - E8 AFF0E9FF - call 0A635788
0A7966D9 - 85 C0 - test eax,eax
0A7966DB - 74 2B - je 0A796708
0A7966DD - D9 86 34020000 - fld dword ptr [esi+00000234]
0A7966E3 - D9EE - fldz
0A7966E5 - DFF1 - fcomip st(0),st(1)
0A7966E7 - DDD8 - fstp st(0)
0A7966E9 - 7A 1D - jp 0A796708
0A7966EB - 72 1B - jb 0A796708
0A7966ED - C7 86 34020000 CDCC4C3E - mov [esi+00000234],3E4CCCCD
0A7966F7 - 6A 00 - push 00
0A7966F9 - 8B CE - mov ecx,esi
0A7966FB - 33 D2 - xor edx,edx
0A7966FD - FF 15 401A8A0D - call dword ptr [0D8A1A40]
0A796703 - BF 01000000 - mov edi,00000001
0A796708 - D9 86 30020000 - fld dword ptr [esi+00000230]
0A79670E - D9EE - fldz
0A796710 - DFF1 - fcomip st(0),st(1)
0A796712 - DDD8 - fstp st(0)
0A796714 - 7A 02 - jp 0A796718
0A796716 - 73 12 - jae 0A79672A
0A796718 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79671E - 39 09 - cmp [ecx],ecx
0A796720 - E8 1B783D05 - call 0FB6DF40
0A796725 - 83 F8 10 - cmp eax,10
0A796728 - 75 60 - jne 0A79678A
0A79672A - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796730 - BA 18000000 - mov edx,00000018
0A796735 - 39 09 - cmp [ecx],ecx
0A796737 - E8 BCE81400 - call InputSystem.InputMap::JustPressed
0A79673C - 85 C0 - test eax,eax
0A79673E - 75 28 - jne 0A796768
0A796740 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796746 - 39 09 - cmp [ecx],ecx
0A796748 - E8 F3773D05 - call 0FB6DF40
0A79674D - 83 F8 10 - cmp eax,10
0A796750 - 75 38 - jne 0A79678A
0A796752 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796758 - BA 0C000000 - mov edx,0000000C
0A79675D - 39 09 - cmp [ecx],ecx
0A79675F - E8 94E81400 - call InputSystem.InputMap::JustPressed
0A796764 - 85 C0 - test eax,eax
0A796766 - 74 22 - je 0A79678A
0A796768 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79676E - 39 09 - cmp [ecx],ecx
0A796770 - E8 CB773D05 - call 0FB6DF40
0A796775 - 83 F8 10 - cmp eax,10
0A796778 - 75 04 - jne 0A79677E
0A79677A - 85 FF - test edi,edi
0A79677C - 75 0C - jne 0A79678A
0A79677E - 6A 00 - push 00
0A796780 - 8B CE - mov ecx,esi
0A796782 - 33 D2 - xor edx,edx
0A796784 - FF 15 401A8A0D - call dword ptr [0D8A1A40]
0A79678A - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796790 - BA 0D000000 - mov edx,0000000D
0A796795 - 39 09 - cmp [ecx],ecx
0A796797 - E8 5CE81400 - call InputSystem.InputMap::JustPressed
0A79679C - 85 C0 - test eax,eax
0A79679E - 0F84 E9020000 - je 0A796A8D
0A7967A4 - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A7967AA - 39 09 - cmp [ecx],ecx
0A7967AC - FF 15 90048A0D - call dword ptr [0D8A0490]
0A7967B2 - 8B F8 - mov edi,eax
0A7967B4 - 8B D7 - mov edx,edi
0A7967B6 - B9 E4D6CD0F - mov ecx,0FCDD6E4 : [01000200]
0A7967BB - E8 2E1CA854 - call clr.dll+83EE
0A7967C0 - 85 C0 - test eax,eax
0A7967C2 - 0F85 E1010000 - jne 0A7969A9
0A7967C8 - 8B D7 - mov edx,edi
0A7967CA - B9 60D4CD0F - mov ecx,0FCDD460 : [01000200]
0A7967CF - E8 1A1CA854 - call clr.dll+83EE
0A7967D4 - 85 C0 - test eax,eax
0A7967D6 - 0F85 CD010000 - jne 0A7969A9
0A7967DC - 8B D7 - mov edx,edi
0A7967DE - B9 B0DFCD0F - mov ecx,0FCDDFB0 : [01000200]
0A7967E3 - E8 061CA854 - call clr.dll+83EE
0A7967E8 - 85 C0 - test eax,eax
0A7967EA - 0F85 B9010000 - jne 0A7969A9
0A7967F0 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7967F6 - 39 09 - cmp [ecx],ecx
0A7967F8 - E8 43773D05 - call 0FB6DF40
0A7967FD - 83 F8 0E - cmp eax,0E
0A796800 - 75 21 - jne 0A796823
0A796802 - D9 86 30020000 - fld dword ptr [esi+00000230]
0A796808 - D9EE - fldz
0A79680A - DFF1 - fcomip st(0),st(1)
0A79680C - DDD8 - fstp st(0)
0A79680E - 7A 13 - jp 0A796823
0A796810 - 72 11 - jb 0A796823
0A796812 - 6A 01 - push 01
0A796814 - 8B CE - mov ecx,esi
0A796816 - 33 D2 - xor edx,edx
0A796818 - FF 15 401A8A0D - call dword ptr [0D8A1A40]
0A79681E - E9 97010000 - jmp 0A7969BA
0A796823 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796829 - 39 09 - cmp [ecx],ecx
0A79682B - E8 10773D05 - call 0FB6DF40
0A796830 - 83 F8 0F - cmp eax,0F
0A796833 - 75 0D - jne 0A796842
0A796835 - 8B CE - mov ecx,esi
0A796837 - FF 15 701A8A0D - call dword ptr [0D8A1A70]
0A79683D - E9 78010000 - jmp 0A7969BA
0A796842 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796848 - 39 09 - cmp [ecx],ecx
0A79684A - E8 F1763D05 - call 0FB6DF40
0A79684F - 83 F8 0B - cmp eax,0B
0A796852 - 75 33 - jne 0A796887
0A796854 - D9 86 A8010000 - fld dword ptr [esi+000001A8]
0A79685A - D9EE - fldz
0A79685C - DFF1 - fcomip st(0),st(1)
0A79685E - DDD8 - fstp st(0)
0A796860 - 7A 25 - jp 0A796887
0A796862 - 73 23 - jae 0A796887
0A796864 - 80 BE AC020000 00 - cmp byte ptr [esi+000002AC],00
0A79686B - 75 0D - jne 0A79687A
0A79686D - 8B CE - mov ecx,esi
0A79686F - FF 15 7C1A8A0D - call dword ptr [0D8A1A7C]
0A796875 - E9 40010000 - jmp 0A7969BA
0A79687A - 8B CE - mov ecx,esi
0A79687C - FF 15 881A8A0D - call dword ptr [0D8A1A88]
0A796882 - E9 33010000 - jmp 0A7969BA
0A796887 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79688D - 39 09 - cmp [ecx],ecx
0A79688F - E8 AC763D05 - call 0FB6DF40
0A796894 - 83 F8 09 - cmp eax,09
0A796897 - 75 0D - jne 0A7968A6
0A796899 - 8B CE - mov ecx,esi
0A79689B - FF 15 941A8A0D - call dword ptr [0D8A1A94]
0A7968A1 - E9 14010000 - jmp 0A7969BA
0A7968A6 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7968AC - 39 09 - cmp [ecx],ecx
0A7968AE - E8 8D763D05 - call 0FB6DF40
0A7968B3 - 83 F8 0C - cmp eax,0C
0A7968B6 - 75 0D - jne 0A7968C5
0A7968B8 - 8B CE - mov ecx,esi
0A7968BA - FF 15 A01A8A0D - call dword ptr [0D8A1AA0]
0A7968C0 - E9 F5000000 - jmp 0A7969BA
0A7968C5 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7968CB - 39 09 - cmp [ecx],ecx
0A7968CD - E8 6E763D05 - call 0FB6DF40
0A7968D2 - 83 F8 08 - cmp eax,08
0A7968D5 - 75 53 - jne 0A79692A
0A7968D7 - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A7968DE - 75 0D - jne 0A7968ED
0A7968E0 - 8B CE - mov ecx,esi
0A7968E2 - FF 15 C41A8A0D - call dword ptr [0D8A1AC4]
0A7968E8 - E9 CD000000 - jmp 0A7969BA
0A7968ED - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7968F3 - BA 12000000 - mov edx,00000012
0A7968F8 - 39 09 - cmp [ecx],ecx
0A7968FA - E8 89EEE9FF - call 0A635788
0A7968FF - 85 C0 - test eax,eax
0A796901 - 75 1A - jne 0A79691D
0A796903 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796909 - BA 13000000 - mov edx,00000013
0A79690E - 39 09 - cmp [ecx],ecx
0A796910 - E8 73EEE9FF - call 0A635788
0A796915 - 85 C0 - test eax,eax
0A796917 - 0F84 9D000000 - je 0A7969BA
0A79691D - 8B CE - mov ecx,esi
0A79691F - FF 15 B81A8A0D - call dword ptr [0D8A1AB8]
0A796925 - E9 90000000 - jmp 0A7969BA
0A79692A - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796930 - 39 09 - cmp [ecx],ecx
0A796932 - E8 09763D05 - call 0FB6DF40
0A796937 - 83 F8 0A - cmp eax,0A
0A79693A - 75 0A - jne 0A796946
0A79693C - 8B CE - mov ecx,esi
0A79693E - FF 15 D01A8A0D - call dword ptr [0D8A1AD0]
0A796944 - EB 74 - jmp 0A7969BA
0A796946 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A79694C - 39 09 - cmp [ecx],ecx
0A79694E - E8 ED753D05 - call 0FB6DF40
0A796953 - 83 F8 11 - cmp eax,11
0A796956 - 75 62 - jne 0A7969BA
0A796958 - D9 86 A8010000 - fld dword ptr [esi+000001A8]
0A79695E - D9 05 E872790A - fld dword ptr [0A7972E8] : [(float)30.0000]
0A796964 - DFF1 - fcomip st(0),st(1)
0A796966 - DDD8 - fstp st(0)
0A796968 - 7A 50 - jp 0A7969BA
0A79696A - 77 4E - ja 0A7969BA
0A79696C - D9 86 30020000 - fld dword ptr [esi+00000230]
0A796972 - D9EE - fldz
0A796974 - DFF1 - fcomip st(0),st(1)
0A796976 - DDD8 - fstp st(0)
0A796978 - 7A 40 - jp 0A7969BA
0A79697A - 72 3E - jb 0A7969BA
0A79697C - D9 86 A8010000 - fld dword ptr [esi+000001A8]
0A796982 - D8 25 F072790A - fsub dword ptr [0A7972F0] : [(float)30.0000]
0A796988 - 83 EC 04 - sub esp,04
0A79698B - D9 1C 24 - fstp dword ptr [esp]
0A79698E - 8B CE - mov ecx,esi
0A796990 - E8 7BCB1A05 - call RogueCastle.PlayerObj::set_CurrentMana
0A796995 - C7 86 30020000 0000003F - mov [esi+00000230],3F000000
0A79699F - 8B CE - mov ecx,esi
0A7969A1 - FF 15 E81A8A0D - call dword ptr [0D8A1AE8]
0A7969A7 - EB 11 - jmp 0A7969BA
0A7969A9 - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A7969B0 - 75 08 - jne 0A7969BA
0A7969B2 - 8B CE - mov ecx,esi
0A7969B4 - FF 15 C41A8A0D - call dword ptr [0D8A1AC4]
0A7969BA - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A7969C0 - 39 09 - cmp [ecx],ecx
0A7969C2 - E8 79753D05 - call 0FB6DF40
0A7969C7 - 83 F8 10 - cmp eax,10
0A7969CA - 75 49 - jne 0A796A15
0A7969CC - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A7969D3 - 74 26 - je 0A7969FB
0A7969D5 - C7 86 28010000 09000000 - mov [esi+00000128],00000009
0A7969DF - C6 86 DF000000 01 - mov byte ptr [esi+000000DF],01
0A7969E6 - C6 86 A4020000 01 - mov byte ptr [esi+000002A4],01
0A7969ED - 6A 00 - push 00
0A7969EF - 8B CE - mov ecx,esi
0A7969F1 - E8 9AB5FFFF - call 0A791F90
0A7969F6 - E9 92000000 - jmp 0A796A8D
0A7969FB - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A796A05 - C6 86 DF000000 00 - mov byte ptr [esi+000000DF],00
0A796A0C - C6 86 A4020000 00 - mov byte ptr [esi+000002A4],00
0A796A13 - EB 78 - jmp 0A796A8D
0A796A15 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796A1B - 39 09 - cmp [ecx],ecx
0A796A1D - E8 1E753D05 - call 0FB6DF40
0A796A22 - 83 F8 0D - cmp eax,0D
0A796A25 - 75 66 - jne 0A796A8D
0A796A27 - 80 BE B0020000 00 - cmp byte ptr [esi+000002B0],00
0A796A2E - 74 2E - je 0A796A5E
0A796A30 - 8B 0D F0AB5904 - mov ecx,[0459ABF0] : [1B6ADA48]
0A796A36 - E8 7DF15605 - call DS2DEngine.SoundManager::PlaySound
0A796A3B - C6 86 B0020000 00 - mov byte ptr [esi+000002B0],00
0A796A42 - 8B 4E 74 - mov ecx,[esi+74]
0A796A45 - BA 10000000 - mov edx,00000010
0A796A4A - 39 09 - cmp [ecx],ecx
0A796A4C - E8 DF91BF53 - call mscorlib.ni.dll+2FFC30
0A796A51 - 8B C8 - mov ecx,eax
0A796A53 - 33 D2 - xor edx,edx
0A796A55 - 39 09 - cmp [ecx],ecx
0A796A57 - E8 14E51A05 - call DS2DEngine.GameObj::set_Visible
0A796A5C - EB 2F - jmp 0A796A8D
0A796A5E - 8B 0D F4AB5904 - mov ecx,[0459ABF4] : [1B6ADA6C]
0A796A64 - E8 4FF15605 - call DS2DEngine.SoundManager::PlaySound
0A796A69 - C6 86 B0020000 01 - mov byte ptr [esi+000002B0],01
0A796A70 - 8B 4E 74 - mov ecx,[esi+74]
0A796A73 - BA 10000000 - mov edx,00000010
0A796A78 - 39 09 - cmp [ecx],ecx
0A796A7A - E8 B191BF53 - call mscorlib.ni.dll+2FFC30
0A796A7F - 8B C8 - mov ecx,eax
0A796A81 - BA 01000000 - mov edx,00000001
0A796A86 - 39 09 - cmp [ecx],ecx
0A796A88 - E8 E3E41A05 - call DS2DEngine.GameObj::set_Visible
0A796A8D - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796A93 - 39 09 - cmp [ecx],ecx
0A796A95 - E8 A6743D05 - call 0FB6DF40
0A796A9A - 83 F8 10 - cmp eax,10
0A796A9D - 75 70 - jne 0A796B0F
0A796A9F - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796AA5 - BA 0A000000 - mov edx,0000000A
0A796AAA - 39 09 - cmp [ecx],ecx
0A796AAC - E8 47E51400 - call InputSystem.InputMap::JustPressed
0A796AB1 - 85 C0 - test eax,eax
0A796AB3 - 75 16 - jne 0A796ACB
0A796AB5 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796ABB - BA 0B000000 - mov edx,0000000B
0A796AC0 - 39 09 - cmp [ecx],ecx
0A796AC2 - E8 31E51400 - call InputSystem.InputMap::JustPressed
0A796AC7 - 85 C0 - test eax,eax
0A796AC9 - 74 44 - je 0A796B0F
0A796ACB - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A796AD2 - 74 23 - je 0A796AF7
0A796AD4 - C7 86 28010000 09000000 - mov [esi+00000128],00000009
0A796ADE - C6 86 DF000000 01 - mov byte ptr [esi+000000DF],01
0A796AE5 - C6 86 A4020000 01 - mov byte ptr [esi+000002A4],01
0A796AEC - 6A 00 - push 00
0A796AEE - 8B CE - mov ecx,esi
0A796AF0 - E8 9BB4FFFF - call 0A791F90
0A796AF5 - EB 18 - jmp 0A796B0F
0A796AF7 - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A796B01 - C6 86 DF000000 00 - mov byte ptr [esi+000000DF],00
0A796B08 - C6 86 A4020000 00 - mov byte ptr [esi+000002A4],00
0A796B0F - 83 BE F4010000 00 - cmp dword ptr [esi+000001F4],00
0A796B16 - 0F8F B3040000 - jg 0A796FCF
0A796B1C - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A796B23 - 75 24 - jne 0A796B49
0A796B25 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A796B2C - 0F85 9D040000 - jne 0A796FCF
0A796B32 - 0FB6 BE A7020000 - movzx edi,byte ptr [esi+000002A7]
0A796B39 - 8B CE - mov ecx,esi
0A796B3B - FF 15 681D8A0D - call dword ptr [0D8A1D68]
0A796B41 - 3B C7 - cmp eax,edi
0A796B43 - 0F8E 86040000 - jng 0A796FCF
0A796B49 - 83 BE 28010000 06 - cmp dword ptr [esi+00000128],06
0A796B50 - 0F84 79040000 - je 0A796FCF
0A796B56 - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A796B5D - 0F84 6C040000 - je 0A796FCF
0A796B63 - 8B CE - mov ecx,esi
0A796B65 - FF 15 681D8A0D - call dword ptr [0D8A1D68]
0A796B6B - 85 C0 - test eax,eax
0A796B6D - 0F8E 5C040000 - jng 0A796FCF
0A796B73 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796B79 - BA 0E000000 - mov edx,0000000E
0A796B7E - 39 09 - cmp [ecx],ecx
0A796B80 - E8 73E41400 - call InputSystem.InputMap::JustPressed
0A796B85 - 85 C0 - test eax,eax
0A796B87 - 0F84 1A020000 - je 0A796DA7
0A796B8D - FE 86 A7020000 - inc byte ptr [esi+000002A7]
0A796B93 - C7 86 28010000 04000000 - mov [esi+00000128],00000004
0A796B9D - C6 86 DC000000 00 - mov byte ptr [esi+000000DC],00
0A796BA4 - D9 86 B4010000 - fld dword ptr [esi+000001B4]
0A796BAA - D8 0D F872790A - fmul dword ptr [0A7972F8] : [(float)1000.0000]
0A796BB0 - DD 9D 24FFFFFF - fstp qword ptr [ebp-000000DC]
0A796BB6 - F2 0F10 85 24FFFFFF - movsd xmm0,[ebp-000000DC]
0A796BBE - F2 0F2C C0 - cvttsd2si eax,xmm0
0A796BC2 - 89 86 F4010000 - mov [esi+000001F4],eax
0A796BC8 - D9 86 AC010000 - fld dword ptr [esi+000001AC]
0A796BCE - D8 0D 0073790A - fmul dword ptr [0A797300] : [(float)1000.0000]
0A796BD4 - DD 9D 24FFFFFF - fstp qword ptr [ebp-000000DC]
0A796BDA - F2 0F10 85 24FFFFFF - movsd xmm0,[ebp-000000DC]
0A796BE2 - F2 0F2C C0 - cvttsd2si eax,xmm0
0A796BE6 - 89 86 F0010000 - mov [esi+000001F0],eax
0A796BEC - C6 86 A8020000 01 - mov byte ptr [esi+000002A8],01
0A796BF3 - FF B6 B0010000 - push [esi+000001B0]
0A796BF9 - 8B CE - mov ecx,esi
0A796BFB - E8 80B2FFFF - call 0A791E80
0A796C00 - 68 000080BF - push BF800000
0A796C05 - 8B CE - mov ecx,esi
0A796C07 - FF 15 68211909 - call dword ptr [09192168]
0A796C0D - 6A 00 - push 00
0A796C0F - 8B CE - mov ecx,esi
0A796C11 - E8 7AB3FFFF - call 0A791F90
0A796C16 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796C1C - 39 09 - cmp [ecx],ecx
0A796C1E - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A796C24 - 85 C0 - test eax,eax
0A796C26 - 74 0E - je 0A796C36
0A796C28 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796C2E - 39 09 - cmp [ecx],ecx
0A796C30 - FF 15 0C2C8A0D - call dword ptr [0D8A2C0C]
0A796C36 - FF B6 F8010000 - push [esi+000001F8]
0A796C3C - 8B CE - mov ecx,esi
0A796C3E - E8 CDBB1C05 - call DS2DEngine.ObjContainer::set_AnimationDelay
0A796C43 - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A796C49 - 39 09 - cmp [ecx],ecx
0A796C4B - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A796C51 - 8B D8 - mov ebx,eax
0A796C53 - 8B CE - mov ecx,esi
0A796C55 - E8 669A1A05 - call DS2DEngine.GameObj::get_X
0A796C5A - 8D 55 C8 - lea edx,[ebp-38]
0A796C5D - 8B CE - mov ecx,esi
0A796C5F - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A796C65 - 8B 01 - mov eax,[ecx]
0A796C67 - 8B 40 60 - mov eax,[eax+60]
0A796C6A - FF 50 1C - call dword ptr [eax+1C]
0A796C6D - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A796C73 - 8D 7D 98 - lea edi,[ebp-68]
0A796C76 - 0F57 C0 - xorps xmm0,xmm0
0A796C79 - 66 0FD6 07 - movq [edi],xmm0
0A796C7D - 83 EC 04 - sub esp,04
0A796C80 - D9 1C 24 - fstp dword ptr [esp]
0A796C83 - 8B 45 CC - mov eax,[ebp-34]
0A796C86 - 03 45 D4 - add eax,[ebp-2C]
0A796C89 - 89 85 2CFFFFFF - mov [ebp-000000D4],eax
0A796C8F - DB 85 2CFFFFFF - fild dword ptr [ebp-000000D4]
0A796C95 - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A796C9B - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A796CA1 - 83 EC 04 - sub esp,04
0A796CA4 - D9 1C 24 - fstp dword ptr [esp]
0A796CA7 - 8D 4D 98 - lea ecx,[ebp-68]
0A796CAA - E8 01C023FB - call Microsoft.Xna.Framework.Vector2::.ctor
0A796CAF - 8D 45 98 - lea eax,[ebp-68]
0A796CB2 - 83 EC 08 - sub esp,08
0A796CB5 - F3 0F7E 00 - movq xmm0,[eax]
0A796CB9 - 66 0FD6 04 24 - movq [esp],xmm0
0A796CBE - 8B CB - mov ecx,ebx
0A796CC0 - BA 01000000 - mov edx,00000001
0A796CC5 - 39 09 - cmp [ecx],ecx
0A796CC7 - FF 15 38BD1909 - call dword ptr [0919BD38]
0A796CCD - 8B 0D F8AB5904 - mov ecx,[0459ABF8] : [1B6ADA90]
0A796CD3 - E8 E0EE5605 - call DS2DEngine.SoundManager::PlaySound
0A796CD8 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796CDE - 8D 55 90 - lea edx,[ebp-70]
0A796CE1 - 39 09 - cmp [ecx],ecx
0A796CE3 - E8 F8911B05 - call RogueCastle.PlayerStats::get_Traits
0A796CE8 - D9 45 90 - fld dword ptr [ebp-70]
0A796CEB - D9 05 0873790A - fld dword ptr [0A797308] : [(float)19.0000]
0A796CF1 - DFF1 - fcomip st(0),st(1)
0A796CF3 - DDD8 - fstp st(0)
0A796CF5 - 7A 02 - jp 0A796CF9
0A796CF7 - 74 29 - je 0A796D22
0A796CF9 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796CFF - 8D 55 88 - lea edx,[ebp-78]
0A796D02 - 39 09 - cmp [ecx],ecx
0A796D04 - E8 D7911B05 - call RogueCastle.PlayerStats::get_Traits
0A796D09 - D9 45 8C - fld dword ptr [ebp-74]
0A796D0C - D9 05 1073790A - fld dword ptr [0A797310] : [(float)19.0000]
0A796D12 - DFF1 - fcomip st(0),st(1)
0A796D14 - DDD8 - fstp st(0)
0A796D16 - 0F8A B3020000 - jp 0A796FCF
0A796D1C - 0F85 AD020000 - jne 0A796FCF
0A796D22 - 6A 65 - push 65
0A796D24 - 8B 0D 5C8A5904 - mov ecx,[04598A5C] : [0359371C]
0A796D2A - 33 D2 - xor edx,edx
0A796D2C - 8B 01 - mov eax,[ecx]
0A796D2E - 8B 40 28 - mov eax,[eax+28]
0A796D31 - FF 50 18 - call dword ptr [eax+18]
0A796D34 - 83 F8 5B - cmp eax,5B
0A796D37 - 0F8C 92020000 - jl 0A796FCF
0A796D3D - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A796D43 - 39 09 - cmp [ecx],ecx
0A796D45 - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A796D4B - 8B C8 - mov ecx,eax
0A796D4D - 8B D6 - mov edx,esi
0A796D4F - 39 09 - cmp [ecx],ecx
0A796D51 - FF 15 5CBD1909 - call dword ptr [0919BD5C]
0A796D57 - B9 FE3F095E - mov ecx,mscorlib.ni.dll+3FFE
0A796D5C - BA 03000000 - mov edx,00000003
0A796D61 - E8 56B41CF6 - call 009621BC
0A796D66 - 8B F8 - mov edi,eax
0A796D68 - FF 35 C0AB5904 - push [0459ABC0] : [1B6AD80C]
0A796D6E - 8B CF - mov ecx,edi
0A796D70 - 33 D2 - xor edx,edx
0A796D72 - E8 A016A854 - call clr.dll+8417
0A796D77 - FF 35 C4AB5904 - push [0459ABC4] : [1B6AD824]
0A796D7D - 8B CF - mov ecx,edi
0A796D7F - BA 01000000 - mov edx,00000001
0A796D84 - E8 8E16A854 - call clr.dll+8417
0A796D89 - FF 35 C8AB5904 - push [0459ABC8] : [1B6AD83C]
0A796D8F - 8B CF - mov ecx,edi
0A796D91 - BA 02000000 - mov edx,00000002
0A796D96 - E8 7C16A854 - call clr.dll+8417
0A796D9B - 8B CF - mov ecx,edi
0A796D9D - E8 AEA3FFFF - call 0A791150
0A796DA2 - E9 28020000 - jmp 0A796FCF
0A796DA7 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796DAD - BA 0F000000 - mov edx,0000000F
0A796DB2 - 39 09 - cmp [ecx],ecx
0A796DB4 - E8 3FE21400 - call InputSystem.InputMap::JustPressed
0A796DB9 - 85 C0 - test eax,eax
0A796DBB - 0F84 0E020000 - je 0A796FCF
0A796DC1 - FE 86 A7020000 - inc byte ptr [esi+000002A7]
0A796DC7 - FF B6 F8010000 - push [esi+000001F8]
0A796DCD - 8B CE - mov ecx,esi
0A796DCF - E8 3CBA1C05 - call DS2DEngine.ObjContainer::set_AnimationDelay
0A796DD4 - C7 86 28010000 04000000 - mov [esi+00000128],00000004
0A796DDE - C6 86 DC000000 00 - mov byte ptr [esi+000000DC],00
0A796DE5 - D9 86 B4010000 - fld dword ptr [esi+000001B4]
0A796DEB - D8 0D 1873790A - fmul dword ptr [0A797318] : [(float)1000.0000]
0A796DF1 - DD 9D 24FFFFFF - fstp qword ptr [ebp-000000DC]
0A796DF7 - F2 0F10 85 24FFFFFF - movsd xmm0,[ebp-000000DC]
0A796DFF - F2 0F2C C0 - cvttsd2si eax,xmm0
0A796E03 - 89 86 F4010000 - mov [esi+000001F4],eax
0A796E09 - D9 86 AC010000 - fld dword ptr [esi+000001AC]
0A796E0F - D8 0D 2073790A - fmul dword ptr [0A797320] : [(float)1000.0000]
0A796E15 - DD 9D 24FFFFFF - fstp qword ptr [ebp-000000DC]
0A796E1B - F2 0F10 85 24FFFFFF - movsd xmm0,[ebp-000000DC]
0A796E23 - F2 0F2C C0 - cvttsd2si eax,xmm0
0A796E27 - 89 86 F0010000 - mov [esi+000001F0],eax
0A796E2D - C6 86 A8020000 01 - mov byte ptr [esi+000002A8],01
0A796E34 - FF B6 B0010000 - push [esi+000001B0]
0A796E3A - 8B CE - mov ecx,esi
0A796E3C - E8 3FB0FFFF - call 0A791E80
0A796E41 - 68 0000803F - push 3F800000
0A796E46 - 8B CE - mov ecx,esi
0A796E48 - FF 15 68211909 - call dword ptr [09192168]
0A796E4E - 6A 00 - push 00
0A796E50 - 8B CE - mov ecx,esi
0A796E52 - E8 39B1FFFF - call 0A791F90
0A796E57 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796E5D - 39 09 - cmp [ecx],ecx
0A796E5F - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A796E65 - 85 C0 - test eax,eax
0A796E67 - 74 0E - je 0A796E77
0A796E69 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A796E6F - 39 09 - cmp [ecx],ecx
0A796E71 - FF 15 0C2C8A0D - call dword ptr [0D8A2C0C]
0A796E77 - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A796E7D - 39 09 - cmp [ecx],ecx
0A796E7F - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A796E85 - 8B D8 - mov ebx,eax
0A796E87 - 8B CE - mov ecx,esi
0A796E89 - E8 32981A05 - call DS2DEngine.GameObj::get_X
0A796E8E - 8D 55 B8 - lea edx,[ebp-48]
0A796E91 - 8B CE - mov ecx,esi
0A796E93 - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A796E99 - 8B 01 - mov eax,[ecx]
0A796E9B - 8B 40 60 - mov eax,[eax+60]
0A796E9E - FF 50 1C - call dword ptr [eax+1C]
0A796EA1 - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A796EA7 - 8D 7D B0 - lea edi,[ebp-50]
0A796EAA - 0F57 C0 - xorps xmm0,xmm0
0A796EAD - 66 0FD6 07 - movq [edi],xmm0
0A796EB1 - 83 EC 04 - sub esp,04
0A796EB4 - D9 1C 24 - fstp dword ptr [esp]
0A796EB7 - 8B 45 BC - mov eax,[ebp-44]
0A796EBA - 03 45 C4 - add eax,[ebp-3C]
0A796EBD - 89 85 2CFFFFFF - mov [ebp-000000D4],eax
0A796EC3 - DB 85 2CFFFFFF - fild dword ptr [ebp-000000D4]
0A796EC9 - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
0A796ECF - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
0A796ED5 - 83 EC 04 - sub esp,04
0A796ED8 - D9 1C 24 - fstp dword ptr [esp]
0A796EDB - 8D 4D B0 - lea ecx,[ebp-50]
0A796EDE - E8 CDBD23FB - call Microsoft.Xna.Framework.Vector2::.ctor
0A796EE3 - 8D 45 B0 - lea eax,[ebp-50]
0A796EE6 - 83 EC 08 - sub esp,08
0A796EE9 - F3 0F7E 00 - movq xmm0,[eax]
0A796EED - 66 0FD6 04 24 - movq [esp],xmm0
0A796EF2 - 8B CB - mov ecx,ebx
0A796EF4 - 33 D2 - xor edx,edx
0A796EF6 - 39 09 - cmp [ecx],ecx
0A796EF8 - FF 15 38BD1909 - call dword ptr [0919BD38]
0A796EFE - 8B 0D F8AB5904 - mov ecx,[0459ABF8] : [1B6ADA90]
0A796F04 - E8 AFEC5605 - call DS2DEngine.SoundManager::PlaySound
0A796F09 - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796F0F - 8D 55 A8 - lea edx,[ebp-58]
0A796F12 - 39 09 - cmp [ecx],ecx
0A796F14 - E8 C78F1B05 - call RogueCastle.PlayerStats::get_Traits
0A796F19 - D9 45 A8 - fld dword ptr [ebp-58]
0A796F1C - D9 05 2873790A - fld dword ptr [0A797328] : [(float)19.0000]
0A796F22 - DFF1 - fcomip st(0),st(1)
0A796F24 - DDD8 - fstp st(0)
0A796F26 - 7A 02 - jp 0A796F2A
0A796F28 - 74 29 - je 0A796F53
0A796F2A - 8B 0D F4335904 - mov ecx,[045933F4] : [1C778C18]
0A796F30 - 8D 55 A0 - lea edx,[ebp-60]
0A796F33 - 39 09 - cmp [ecx],ecx
0A796F35 - E8 A68F1B05 - call RogueCastle.PlayerStats::get_Traits
0A796F3A - D9 45 A4 - fld dword ptr [ebp-5C]
0A796F3D - D9 05 3073790A - fld dword ptr [0A797330] : [(float)19.0000]
0A796F43 - DFF1 - fcomip st(0),st(1)
0A796F45 - DDD8 - fstp st(0)
0A796F47 - 0F8A 82000000 - jp 0A796FCF
0A796F4D - 0F85 7C000000 - jne 0A796FCF
0A796F53 - 6A 65 - push 65
0A796F55 - 8B 0D 5C8A5904 - mov ecx,[04598A5C] : [0359371C]
0A796F5B - 33 D2 - xor edx,edx
0A796F5D - 8B 01 - mov eax,[ecx]
0A796F5F - 8B 40 28 - mov eax,[eax+28]
0A796F62 - FF 50 18 - call dword ptr [eax+18]
0A796F65 - 83 F8 5B - cmp eax,5B
0A796F68 - 7C 65 - jnge 0A796FCF
0A796F6A - 8B 8E F8000000 - mov ecx,[esi+000000F8]
0A796F70 - 39 09 - cmp [ecx],ecx
0A796F72 - FF 15 CC048A0D - call dword ptr [0D8A04CC]
0A796F78 - 8B C8 - mov ecx,eax
0A796F7A - 8B D6 - mov edx,esi
0A796F7C - 39 09 - cmp [ecx],ecx
0A796F7E - FF 15 5CBD1909 - call dword ptr [0919BD5C]
0A796F84 - B9 FE3F095E - mov ecx,mscorlib.ni.dll+3FFE
0A796F89 - BA 03000000 - mov edx,00000003
0A796F8E - E8 29B21CF6 - call 009621BC
0A796F93 - 8B F8 - mov edi,eax
0A796F95 - FF 35 C0AB5904 - push [0459ABC0] : [1B6AD80C]
0A796F9B - 8B CF - mov ecx,edi
0A796F9D - 33 D2 - xor edx,edx
0A796F9F - E8 7314A854 - call clr.dll+8417
0A796FA4 - FF 35 C4AB5904 - push [0459ABC4] : [1B6AD824]
0A796FAA - 8B CF - mov ecx,edi
0A796FAC - BA 01000000 - mov edx,00000001
0A796FB1 - E8 6114A854 - call clr.dll+8417
0A796FB6 - FF 35 C8AB5904 - push [0459ABC8] : [1B6AD83C]
0A796FBC - 8B CF - mov ecx,edi
0A796FBE - BA 02000000 - mov edx,00000002
0A796FC3 - E8 4F14A854 - call clr.dll+8417
0A796FC8 - 8B CF - mov ecx,edi
0A796FCA - E8 81A1FFFF - call 0A791150
0A796FCF - 83 BE 28010000 07 - cmp dword ptr [esi+00000128],07
0A796FD6 - 74 0D - je 0A796FE5
0A796FD8 - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A796FDF - 0F85 C9010000 - jne 0A7971AE
0A796FE5 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A796FEB - BA 10000000 - mov edx,00000010
0A796FF0 - 39 09 - cmp [ecx],ecx
0A796FF2 - E8 91E7E9FF - call 0A635788
0A796FF7 - 85 C0 - test eax,eax
0A796FF9 - 75 26 - jne 0A797021
0A796FFB - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A797001 - BA 11000000 - mov edx,00000011
0A797006 - 39 09 - cmp [ecx],ecx
0A797008 - E8 7BE7E9FF - call 0A635788
0A79700D - 85 C0 - test eax,eax
0A79700F - 75 10 - jne 0A797021
0A797011 - B9 00000010 - mov ecx,nvspcap.dll
0A797016 - 33 D2 - xor edx,edx
0A797018 - E8 C3E21400 - call InputSystem.InputManager::Pressed
0A79701D - 85 C0 - test eax,eax
0A79701F - 74 19 - je 0A79703A
0A797021 - 8B CE - mov ecx,esi
0A797023 - FF 15 A41D8A0D - call dword ptr [0D8A1DA4]
0A797029 - D9E0 - fchs
0A79702B - 83 EC 04 - sub esp,04
0A79702E - D9 1C 24 - fstp dword ptr [esp]
0A797031 - 8B CE - mov ecx,esi
0A797033 - E8 58AFFFFF - call 0A791F90
0A797038 - EB 5C - jmp 0A797096
0A79703A - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A797040 - BA 12000000 - mov edx,00000012
0A797045 - 39 09 - cmp [ecx],ecx
0A797047 - E8 3CE7E9FF - call 0A635788
0A79704C - 85 C0 - test eax,eax
0A79704E - 75 26 - jne 0A797076
0A797050 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A797056 - BA 13000000 - mov edx,00000013
0A79705B - 39 09 - cmp [ecx],ecx
0A79705D - E8 26E7E9FF - call 0A635788
0A797062 - 85 C0 - test eax,eax
0A797064 - 75 10 - jne 0A797076
0A797066 - B9 00000020 - mov ecx,20000000 : [FFFDFFF8]
0A79706B - 33 D2 - xor edx,edx
0A79706D - E8 6EE21400 - call InputSystem.InputManager::Pressed
0A797072 - 85 C0 - test eax,eax
0A797074 - 74 17 - je 0A79708D
0A797076 - 8B CE - mov ecx,esi
0A797078 - FF 15 A41D8A0D - call dword ptr [0D8A1DA4]
0A79707E - 83 EC 04 - sub esp,04
0A797081 - D9 1C 24 - fstp dword ptr [esp]
0A797084 - 8B CE - mov ecx,esi
0A797086 - E8 05AFFFFF - call 0A791F90
0A79708B - EB 09 - jmp 0A797096
0A79708D - 6A 00 - push 00
0A79708F - 8B CE - mov ecx,esi
0A797091 - E8 FAAEFFFF - call 0A791F90
0A797096 - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A79709D - 0F85 AE000000 - jne 0A797151
0A7970A3 - 8B 86 4C010000 - mov eax,[esi+0000014C]
0A7970A9 - 3B 86 50010000 - cmp eax,[esi+00000150]
0A7970AF - 0F85 9C000000 - jne 0A797151
0A7970B5 - 8B 8E 4C010000 - mov ecx,[esi+0000014C]
0A7970BB - 39 09 - cmp [ecx],ecx
0A7970BD - FF 15 302C8A0D - call dword ptr [0D8A2C30]
0A7970C3 - 85 C0 - test eax,eax
0A7970C5 - 0F84 86000000 - je 0A797151
0A7970CB - D9 86 E4000000 - fld dword ptr [esi+000000E4]
0A7970D1 - D9EE - fldz
0A7970D3 - DFF1 - fcomip st(0),st(1)
0A7970D5 - DDD8 - fstp st(0)
0A7970D7 - 7A 36 - jp 0A79710F
0A7970D9 - 73 34 - jae 0A79710F
0A7970DB - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A7970E1 - 39 09 - cmp [ecx],ecx
0A7970E3 - E8 A8D34105 - call DS2DEngine.SpriteObj::get_SpriteName
0A7970E8 - 8B C8 - mov ecx,eax
0A7970EA - 8B 15 E8AB5904 - mov edx,[0459ABE8] : [1B6AD9B0]
0A7970F0 - E8 0BA1C153 - call System.String::op_Inequality
0A7970F5 - 85 C0 - test eax,eax
0A7970F7 - 74 16 - je 0A79710F
0A7970F9 - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A7970FF - 8B 15 E8AB5904 - mov edx,[0459ABE8] : [1B6AD9B0]
0A797105 - 8B 01 - mov eax,[ecx]
0A797107 - 8B 40 2C - mov eax,[eax+2C]
0A79710A - FF 50 04 - call dword ptr [eax+04]
0A79710D - EB 42 - jmp 0A797151
0A79710F - D9 86 E4000000 - fld dword ptr [esi+000000E4]
0A797115 - D9EE - fldz
0A797117 - DFF1 - fcomip st(0),st(1)
0A797119 - DDD8 - fstp st(0)
0A79711B - 7A 34 - jp 0A797151
0A79711D - 72 32 - jb 0A797151
0A79711F - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A797125 - 39 09 - cmp [ecx],ecx
0A797127 - E8 64D34105 - call DS2DEngine.SpriteObj::get_SpriteName
0A79712C - 8B C8 - mov ecx,eax
0A79712E - 8B 15 ECAB5904 - mov edx,[0459ABEC] : [1B6AD9FC]
0A797134 - E8 C7A0C153 - call System.String::op_Inequality
0A797139 - 85 C0 - test eax,eax
0A79713B - 74 14 - je 0A797151
0A79713D - 8B 8E 60010000 - mov ecx,[esi+00000160]
0A797143 - 8B 15 ECAB5904 - mov edx,[0459ABEC] : [1B6AD9FC]
0A797149 - 8B 01 - mov eax,[ecx]
0A79714B - 8B 40 2C - mov eax,[eax+2C]
0A79714E - FF 50 04 - call dword ptr [eax+04]
0A797151 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A797157 - BA 0A000000 - mov edx,0000000A
0A79715C - 39 09 - cmp [ecx],ecx
0A79715E - E8 95DE1400 - call InputSystem.InputMap::JustPressed
0A797163 - 85 C0 - test eax,eax
0A797165 - 75 1A - jne 0A797181
0A797167 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A79716D - BA 0B000000 - mov edx,0000000B
0A797172 - 39 09 - cmp [ecx],ecx
0A797174 - E8 7FDE1400 - call InputSystem.InputMap::JustPressed
0A797179 - 85 C0 - test eax,eax
0A79717B - 0F84 F8000000 - je 0A797279
0A797181 - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A797188 - 0F84 EB000000 - je 0A797279
0A79718E - C7 86 28010000 02000000 - mov [esi+00000128],00000002
0A797198 - C6 86 DF000000 00 - mov byte ptr [esi+000000DF],00
0A79719F - C6 86 A4020000 00 - mov byte ptr [esi+000002A4],00
0A7971A6 - 8D 65 F4 - lea esp,[ebp-0C]
0A7971A9 - 5B - pop ebx
0A7971AA - 5E - pop esi
0A7971AB - 5F - pop edi
0A7971AC - 5D - pop ebp
0A7971AD - C3 - ret
0A7971AE - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7971B4 - BA 0A000000 - mov edx,0000000A
0A7971B9 - 39 09 - cmp [ecx],ecx
0A7971BB - E8 38DE1400 - call InputSystem.InputMap::JustPressed
0A7971C0 - 85 C0 - test eax,eax
0A7971C2 - 75 1A - jne 0A7971DE
0A7971C4 - 8B 0D 24345904 - mov ecx,[04593424] : [036319D8]
0A7971CA - BA 0B000000 - mov edx,0000000B
0A7971CF - 39 09 - cmp [ecx],ecx
0A7971D1 - E8 22DE1400 - call InputSystem.InputMap::JustPressed
0A7971D6 - 85 C0 - test eax,eax
0A7971D8 - 0F84 9B000000 - je 0A797279
0A7971DE - 80 BE 2C010000 00 - cmp byte ptr [esi+0000012C],00
0A7971E5 - 0F85 8E000000 - jne 0A797279
0A7971EB - 83 7D F0 00 - cmp dword ptr [ebp-10],00
0A7971EF - 0F85 84000000 - jne 0A797279
0A7971F5 - 0FB6 BE A6020000 - movzx edi,byte ptr [esi+000002A6]
0A7971FC - 8B CE - mov ecx,esi
0A7971FE - FF 15 741D8A0D - call dword ptr [0D8A1D74]
0A797204 - 3B C7 - cmp eax,edi
0A797206 - 7F 71 - jg 0A797279
0A797208 - D9 86 D8010000 - fld dword ptr [esi+000001D8]
0A79720E - D9EE - fldz
0A797210 - DFF1 - fcomip st(0),st(1)
0A797212 - DDD8 - fstp st(0)
0A797214 - 7A 63 - jp 0A797279
0A797216 - 72 61 - jb 0A797279
0A797218 - 8B CE - mov ecx,esi
0A79721A - FF 15 781C8A0D - call dword ptr [0D8A1C78]
0A797220 - 85 C0 - test eax,eax
0A797222 - 74 55 - je 0A797279
0A797224 - D9 86 C4010000 - fld dword ptr [esi+000001C4]
0A79722A - D9EE - fldz
0A79722C - DFF1 - fcomip st(0),st(1)
0A79722E - DDD8 - fstp st(0)
0A797230 - 7A 47 - jp 0A797279
0A797232 - 73 45 - jae 0A797279
0A797234 - 83 BE 28010000 07 - cmp dword ptr [esi+00000128],07
0A79723B - 74 3C - je 0A797279
0A79723D - 83 BE 28010000 09 - cmp dword ptr [esi+00000128],09
0A797244 - 74 33 - je 0A797279
0A797246 - 83 BE 28010000 06 - cmp dword ptr [esi+00000128],06
0A79724D - 74 2A - je 0A797279
0A79724F - 83 BE 28010000 08 - cmp dword ptr [esi+00000128],08
0A797256 - 74 21 - je 0A797279
0A797258 - 6A 00 - push 00
0A79725A - 8B CE - mov ecx,esi
0A79725C - E8 2FADFFFF - call 0A791F90
0A797261 - C7 86 28010000 07000000 - mov [esi+00000128],00000007
0A79726B - C6 86 DF000000 01 - mov byte ptr [esi+000000DF],01
0A797272 - C6 86 A4020000 01 - mov byte ptr [esi+000002A4],01
0A797279 - 8D 65 F4 - lea esp,[ebp-0C]
0A79727C - 5B - pop ebx
0A79727D - 5E - pop esi
0A79727E - 5F - pop edi
0A79727F - 5D - pop ebp
0A797280 - C3 - ret
}
43
"TEST: Infinite Multi-jump (not working)"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-05
Author : Jason
This script does blah blah blah
}
[ENABLE]
aobscan(INJECT_JUMPONGROUND,80 BE 2C 01 00 00 00 0F 85 C8) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
dd 1
code:
mov byte ptr [esi+0000012C],01
cmp byte ptr [esi+0000012C],00 // original code
jmp return
INJECT_JUMPONGROUND:
jmp code
nop
nop
return:
registersymbol(INJECT_JUMPONGROUND)
[DISABLE]
INJECT_JUMPONGROUND:
db 80 BE 2C 01 00 00 00
unregistersymbol(INJECT_JUMPONGROUND)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0A79615B
0A796136: 39 09 - cmp [ecx],ecx
0A796138: E8 BB EE 14 00 - call 0A8E4FF8
0A79613D: 85 C0 - test eax,eax
0A79613F: 75 1A - jne 0A79615B
0A796141: 8B 0D 24 34 59 04 - mov ecx,[04593424]
0A796147: BA 0B 00 00 00 - mov edx,0000000B
0A79614C: 39 09 - cmp [ecx],ecx
0A79614E: E8 A5 EE 14 00 - call 0A8E4FF8
0A796153: 85 C0 - test eax,eax
0A796155: 0F 84 D5 01 00 00 - je 0A796330
// ---------- INJECTING HERE ----------
0A79615B: 80 BE 2C 01 00 00 00 - cmp byte ptr [esi+0000012C],00 // 1 if on ground, 0 if in air
// ---------- DONE INJECTING ----------
0A796162: 0F 85 C8 01 00 00 - jne 0A796330 // allow jump
0A796168: 0F B6 BE A6 02 00 00 - movzx edi,byte ptr [esi+000002A6] // multijump counter
0A79616F: 8B CE - mov ecx,esi
0A796171: FF 15 74 1D 8A 0D - call dword ptr [0D8A1D74] // get max # of multijumps?
0A796177: 3B C7 - cmp eax,edi
0A796179: 0F 8E B1 01 00 00 - jng 0A796330 // allow jump
0A79617F: D9 86 D8 01 00 00 - fld dword ptr [esi+000001D8]
0A796185: D9 EE - fldz
0A796187: DF F1 - fcomip st(0),st(1)
0A796189: DD D8 - fstp st(0)
}
5
"Script: Keep Upgrade Gold"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-02
Author : Jason
Loads gold each frame when upgrading your keep.
NOTE: This crashed my game, maybe there's a jmp to 0974a0a5?
}
[ENABLE]
aobscan(INJECT_GOLD_KEEP,8B 58 28 8B CE E8) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
globalalloc(globals,$100000)
newmem:
code:
mov [globals+1000],eax
mov [globals+2004],esi // I think ESI is some kind of base pointer
mov ebx,[eax+28]
mov ecx,esi
jmp return
INJECT_GOLD_KEEP:
jmp code
return:
registersymbol(INJECT_GOLD_KEEP)
[DISABLE]
INJECT_GOLD_KEEP:
db 8B 58 28 8B CE
unregistersymbol(INJECT_GOLD_KEEP)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0974A0A2
0974A07B: FF 50 08 - call dword ptr [eax+08]
0974A07E: EB 0D - jmp 0974A08D
0974A080: 8B 86 E4 00 00 00 - mov eax,[esi+000000E4]
0974A086: C7 40 68 FF FF FF FF - mov [eax+68],FFFFFFFF
0974A08D: 8B 8E E4 00 00 00 - mov ecx,[esi+000000E4]
0974A093: 8B D7 - mov edx,edi
0974A095: 8B 01 - mov eax,[ecx]
0974A097: 8B 40 2C - mov eax,[eax+2C]
0974A09A: FF 50 08 - call dword ptr [eax+08]
0974A09D: A1 F4 33 82 04 - mov eax,[048233F4]
// ---------- INJECTING HERE ----------
0974A0A2: 8B 58 28 - mov ebx,[eax+28]
0974A0A5: 8B CE - mov ecx,esi
// ---------- DONE INJECTING ----------
0974A0A7: E8 F4 F8 FF FF - call 097499A0
0974A0AC: 3B C3 - cmp eax,ebx
0974A0AE: 7F 6F - jg 0974A11F
0974A0B0: 8B 86 FC 00 00 00 - mov eax,[esi+000000FC]
0974A0B6: 3B 86 0C 01 00 00 - cmp eax,[esi+0000010C]
0974A0BC: 7D 61 - jnl 0974A11F
0974A0BE: 8B 9E E8 00 00 00 - mov ebx,[esi+000000E8]
0974A0C4: 8B CE - mov ecx,esi
0974A0C6: E8 9D C1 B8 05 - call 0F2D6268
0974A0CB: D9 5B 34 - fstp dword ptr [ebx+34]
}
75
"pPlayer->JumpFlag"
80000008
Byte
globals+1004
12C
83
"TEST: Spell Cast delay (only works on "Y" spell, not 'B")"
80000008
Auto Assembler Script
{ Game : RogueLegacy.exe
Version:
Date : 2014-07-06
Author : Jason
This seems to check the spell cast delay when trying to cast a spell.
}
[ENABLE]
aobscan(TEST_SPELL_DELAY,21 D9 86 30 02 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(skip)
label(return)
globalalloc(globals,$100000)
newmem:
code:
cmp dword ptr [globals+301C],1
jne skip
fldz
fstp dword ptr [esi+00000230]
skip:
fld dword ptr [esi+00000230]
jmp return
TEST_SPELL_DELAY+01:
jmp code
nop
return:
registersymbol(TEST_SPELL_DELAY)
[DISABLE]
TEST_SPELL_DELAY+01:
db D9 86 30 02 00 00
unregistersymbol(TEST_SPELL_DELAY)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0EBCCDDA
0EBCCDB4: 8B D7 - mov edx,edi
0EBCCDB6: B9 08 CA CA 0E - mov ecx,0ECACA08
0EBCCDBB: E8 2E B6 64 50 - call clr.dll+83EE
0EBCCDC0: 85 C0 - test eax,eax
0EBCCDC2: 0F 85 B9 01 00 00 - jne 0EBCCF81
0EBCCDC8: 8B 0D F4 33 6D 04 - mov ecx,[046D33F4]
0EBCCDCE: 39 09 - cmp [ecx],ecx
0EBCCDD0: E8 6B 60 06 00 - call 0EC32E40
0EBCCDD5: 83 F8 0E - cmp eax,0E
0EBCCDD8: 75 21 - jne 0EBCCDFB
// ---------- INJECTING HERE ----------
0EBCCDDA: D9 86 30 02 00 00 - fld dword ptr [esi+00000230]
// ---------- DONE INJECTING ----------
0EBCCDE0: D9 EE - fldz
0EBCCDE2: DF F1 - fcomip st(0),st(1)
0EBCCDE4: DD D8 - fstp st(0)
0EBCCDE6: 7A 13 - jp 0EBCCDFB
0EBCCDE8: 72 11 - jb 0EBCCDFB
0EBCCDEA: 6A 01 - push 01
0EBCCDEC: 8B CE - mov ecx,esi
0EBCCDEE: 33 D2 - xor edx,edx
0EBCCDF0: FF 15 40 1A A5 0E - call dword ptr [0EA51A40]
0EBCCDF6: E9 97 01 00 00 - jmp 0EBCCF92
}
87
"m_airDashCount"
80000008
Byte
3CDA52F
88
"m_invincibleCounter"
1
80000008
4 Bytes
354A564
93
"m_dashCounter"
1
80000008
4 Bytes
354A580
94
"m_dashCooldownCounter"
1
80000008
4 Bytes
354A584
95
"m_startingAnimationDelay"
80000008
Float
354A588
102
"Classes and Spells"
80000008
Auto Assembler Script
{
Classes:
0 - Knight
1 - Mage
2 - Barbarian
3 - Knave
4 - Shinobi
5 - Miner
6 - Spellthief
7 - Lich
8 - Paladin
9 - Archmage
10 - Barbarian Queen
11 - Assassin
12 - Hokage
13 - Spelunkette
14 - Spellsword
15 - Lich Queen
16 - Dragon (fly, no attack (x does spell))
17 - Traitor (special is several axes front, up and behind, but -30HP)
Spells:
0 - None
1 - Dagger
2 - Axe
3 - ?Bomb? - drops bomb in front of you that explodes after a few seconds
4 - Time Stop
5 - ?
6 - Quantum Translocator
7 - ? Drains 7 mana ?
8 - Chakram
9 - Scythe
10 - Blade Wall
11 - Flame Barrier
12 - Conflux
13 - Dragon Fire
14 - ?Multi-dagger? - launches 5 daggers in slightly different directions in front of you
15 - Dragon Fire 2 - goes further, even wrapping around passages to another room (up to 1 full screen)
16
}
[ENABLE]
[DISABLE]
103
"GreenEnemyType"
80000008
4 Bytes
392A30C
104
"m_fairyChestText"
80000008
4 Bytes
392A310
105
"m_roomActivityCounter"
80000008
4 Bytes
392A338
106
"m_roomActivityCounter_2"
80000008
4 Bytes
392A33C
107
"m_roomActivityCounter_3"
80000008
4 Bytes
392A340
108
"m_roomActivityCounter_4"
80000008
4 Bytes
392A344
CHEAT_FLAGS
02630000
testtest
08390000
FTL_MAIN
03D40000
FLAG_OneSecondWeapons
028C000C
STATIC_MEMORY
03920000
VISITED
0DDE0000
VISITED_MARKFLAG
0DDE0F00
VISITED_ADDRESS
0DDE0F04
INJECT_WeaponSpeed
004202B6
INJECT_SystemConstant
004EA076
INJECT_Breach
004E8B1D
INJECT_TravelAnywhere_A
0047A894
INJECT_TravelAnywhere_B
0047A94D
INJECT_Oxygen
004E947E
INJECT_Fire
004AFF5F
STATIC_MAIN
00403774
STATIC_ENERGY
004EB642
FLAG_Oxygen
03D40000
FLAG_HealthOnTooltip
03D40004
FLAG_NoEnemyFire
03D40008
FLAG_FastWeapons
03D4000C
FLAG_GodCrew
03D40010
FLAG_OneHitCrewKill
03D40014
FLAG_CrewSkills
03D40018
FLAG_PowerlessEnemy
03D4001C
FLAG_PlayerSystems
03D40020
FLAG_Fireproof
03D40024
FLAG_NoHullBreach
03D40028
ADDR_Tooltip
03D40F00
ADDR_Damage
03D40F04
ADDR_HoverCrew
03D40F08
ADDR_PlayerShip
03D40F0C
ADDR_EnemyShip
03D40F10
KEYSTATES
03D41F00
CheckKeyPress
03D4302F
INJECT_ShipSystems
004CE07E
INJECT_FastWeapons
0041CCE6
INJECT_CrewDamage
0049E0E6
INJECT_Travel1
0046A41A
INJECT_Travel2
0046A479
INJECT_HoverCrew
00510A81
antidebug
042C0000
BASEPOINTER
0BB20000
CHEATS
0BE90000
INJECT_StaminaUse
0044E34A
globals
09170000
test
09E30000
INJECT_GOLD_KEEP
0A7DEB52
ONETIME_UNLOCK_EQUIPMENT
09B10000
ONETIME_UNLOCK_RUNES
09B11000
INJECT_PLATFORM_TIMER
09F446B1
INJECT_UNDEAD1
0EA83099
INJECT_UNDEAD2
097D4D9D
INJECT_UNDEAD3
097D5191
INJECT_FLIGHT_TIMER
0EBC39B3
INJECT_HP_Set
0ED1306F
INJECT_MULTIJUMP2
0D33DAE2
SCRIPT_SPELL_DELAY
0D3366F5
INJECT_KillEnemies
09B0C7B8
INJECT_INVINCIBLE
09B19772
INJECT_MP_CHANGE
0F333548
INJECT_HP_EACH_FRAME
0EFE8D77
INJECT_PLAYER_HUD_UPDATE
0EFE8D22
Info about this table: