95
"Scripts"
FF8000
1
49
"Get playerBase"
Auto Assembler Script
[ENABLE]
aobscanmodule(aobHealth,Ruiner-Win64-Shipping.exe,F3 0F 11 81 DC 08 00 00 E9 ?? ?? ?? ?? C3)
alloc(healthMem,$1000,"Ruiner-Win64-Shipping.exe"+1E2489)
globalalloc(playerBase,8)
label(code)
label(return)
playerBase:
dq 0
healthMem:
pushfq
cmp [rcx+1C],1
jne code
cmp [rcx+1D0],0
jne code
mov [playerBase],rcx
code:
popfq
movss [rcx+000008DC],xmm0
jmp return
aobHealth:
jmp healthMem
nop
nop
nop
return:
registersymbol(aobHealth)
[DISABLE]
aobHealth:
db F3 0F 11 81 DC 08 00 00
unregistersymbol(aobHealth)
unregistersymbol(playerBase)
dealloc(healthMem)
dealloc(playerBase)
{
// ORIGINAL CODE - INJECTION POINT: "Ruiner-Win64-Shipping.exe"+1E2489
"Ruiner-Win64-Shipping.exe"+1E2456: 76 20 - jna Ruiner-Win64-Shipping.exe+1E2478
"Ruiner-Win64-Shipping.exe"+1E2458: 0F 28 C1 - movaps xmm0,xmm1
"Ruiner-Win64-Shipping.exe"+1E245B: F3 0F 58 81 DC 08 00 00 - addss xmm0,[rcx+000008DC]
"Ruiner-Win64-Shipping.exe"+1E2463: F3 0F 5D 81 D8 08 00 00 - minss xmm0,[rcx+000008D8]
"Ruiner-Win64-Shipping.exe"+1E246B: F3 0F 11 81 DC 08 00 00 - movss [rcx+000008DC],xmm0
"Ruiner-Win64-Shipping.exe"+1E2473: E9 78 06 04 00 - jmp Ruiner-Win64-Shipping.exe+222AF0
"Ruiner-Win64-Shipping.exe"+1E2478: 73 1C - jae Ruiner-Win64-Shipping.exe+1E2496
"Ruiner-Win64-Shipping.exe"+1E247A: 0F 28 C1 - movaps xmm0,xmm1
"Ruiner-Win64-Shipping.exe"+1E247D: F3 0F 58 81 DC 08 00 00 - addss xmm0,[rcx+000008DC]
"Ruiner-Win64-Shipping.exe"+1E2485: F3 0F 5F C2 - maxss xmm0,xmm2
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+1E2489: F3 0F 11 81 DC 08 00 00 - movss [rcx+000008DC],xmm0
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+1E2491: E9 BA 06 04 00 - jmp Ruiner-Win64-Shipping.exe+222B50
"Ruiner-Win64-Shipping.exe"+1E2496: C3 - ret
"Ruiner-Win64-Shipping.exe"+1E2497: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E2498: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E2499: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E249A: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E249B: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E249C: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E249D: CC - int 3
"Ruiner-Win64-Shipping.exe"+1E249E: CC - int 3
}
50
"playerBase"
1
FF8080
4 Bytes
[playerBase]
104
"Health (Max.)"
Float
[playerBase]+8D8
51
"Health (Current)"
Float
[playerBase]+8DC
105
"Energy (Max.)"
Float
[playerBase]+B48
106
"Energy (Current)"
Float
[playerBase]+B4C
107
"Dashes (Max.)"
4 Bytes
[playerBase]+C8C
108
"Dashes (Current)"
4 Bytes
[playerBase]+C90
97
"Weapon Ammo"
Auto Assembler Script
[ENABLE]
aobscanmodule(aobAmmo,Ruiner-Win64-Shipping.exe,FF 8B 04 06 00 00)
registersymbol(aobAmmo)
aobAmmo:
db 90 90 90 90 90 90
aobAmmo+4E:
db 90 90 90 90 90 90
[DISABLE]
aobAmmo:
db FF 8B 04 06 00 00
aobAmmo+4E:
db FF 8B 00 06 00 00
unregistersymbol(aobAmmo)
{
// ORIGINAL CODE - INJECTION POINT: "Ruiner-Win64-Shipping.exe"+21B15D
"Ruiner-Win64-Shipping.exe"+21B132: 48 83 EC 20 - sub rsp,20
"Ruiner-Win64-Shipping.exe"+21B136: 48 8B 81 50 04 00 00 - mov rax,[rcx+00000450]
"Ruiner-Win64-Shipping.exe"+21B13D: 48 8B D9 - mov rbx,rcx
"Ruiner-Win64-Shipping.exe"+21B140: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B143: 74 0F - je Ruiner-Win64-Shipping.exe+21B154
"Ruiner-Win64-Shipping.exe"+21B145: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B14D: 74 05 - je Ruiner-Win64-Shipping.exe+21B154
"Ruiner-Win64-Shipping.exe"+21B14F: E8 6C F6 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B154: 80 BB 58 04 00 00 00 - cmp byte ptr [rbx+00000458],00
"Ruiner-Win64-Shipping.exe"+21B15B: 75 06 - jne Ruiner-Win64-Shipping.exe+21B163
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+21B15D: FF 8B 04 06 00 00 - dec [rbx+00000604]
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+21B163: 48 8B 83 50 04 00 00 - mov rax,[rbx+00000450]
"Ruiner-Win64-Shipping.exe"+21B16A: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B16D: 74 0F - je Ruiner-Win64-Shipping.exe+21B17E
"Ruiner-Win64-Shipping.exe"+21B16F: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B177: 74 05 - je Ruiner-Win64-Shipping.exe+21B17E
"Ruiner-Win64-Shipping.exe"+21B179: E8 42 F6 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B17E: 80 BB 58 04 00 00 00 - cmp byte ptr [rbx+00000458],00
"Ruiner-Win64-Shipping.exe"+21B185: 75 2A - jne Ruiner-Win64-Shipping.exe+21B1B1
"Ruiner-Win64-Shipping.exe"+21B187: 48 8B 83 50 04 00 00 - mov rax,[rbx+00000450]
"Ruiner-Win64-Shipping.exe"+21B18E: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B191: 74 0F - je Ruiner-Win64-Shipping.exe+21B1A2
"Ruiner-Win64-Shipping.exe"+21B193: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B19B: 74 05 - je Ruiner-Win64-Shipping.exe+21B1A2
"Ruiner-Win64-Shipping.exe"+21B19D: E8 1E F6 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B1A2: 80 BB 59 04 00 00 00 - cmp byte ptr [rbx+00000459],00
"Ruiner-Win64-Shipping.exe"+21B1A9: 75 06 - jne Ruiner-Win64-Shipping.exe+21B1B1
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+21B1AB: FF 8B 00 06 00 00 - dec [rbx+00000600]
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+21B1B1: F7 83 E8 05 00 00 00 01 00 00 - test [rbx+000005E8],0100
"Ruiner-Win64-Shipping.exe"+21B1BB: 75 1B - jne Ruiner-Win64-Shipping.exe+21B1D8
"Ruiner-Win64-Shipping.exe"+21B1BD: 48 8B 8B 50 04 00 00 - mov rcx,[rbx+00000450]
"Ruiner-Win64-Shipping.exe"+21B1C4: 48 85 C9 - test rcx,rcx
"Ruiner-Win64-Shipping.exe"+21B1C7: 74 0F - je Ruiner-Win64-Shipping.exe+21B1D8
"Ruiner-Win64-Shipping.exe"+21B1C9: 48 8B 01 - mov rax,[rcx]
"Ruiner-Win64-Shipping.exe"+21B1CC: 48 83 C4 20 - add rsp,20
"Ruiner-Win64-Shipping.exe"+21B1D0: 5B - pop rbx
"Ruiner-Win64-Shipping.exe"+21B1D1: 48 FF A0 A8 08 00 00 - jmp qword ptr [rax+000008A8]
"Ruiner-Win64-Shipping.exe"+21B1D8: 48 83 C4 20 - add rsp,20
}
96
"Melee Durability"
Auto Assembler Script
[ENABLE]
aobscanmodule(aobMelee,Ruiner-Win64-Shipping.exe,E8 A0 F5 03 00 80 BB 58 04 00 00 00 75 06 FF 8B 04 06 00 00)
registersymbol(aobMelee)
//aobscanmodule(aobMelee2,Ruiner-Win64-Shipping.exe,FF 8B 00 06 00 00 48)
//registersymbol(aobMelee2)
aobMelee+E:
db 90 90 90 90 90 90
aobMelee+5C:
db 90 90 90 90 90 90
[DISABLE]
aobMelee+E:
db FF 8B 04 06 00 00
aobMelee+5C:
db FF 8B 00 06 00 00
unregistersymbol(aobMelee)
//unregistersymbol(aobMelee2)
{
// ORIGINAL CODE - INJECTION POINT: "Ruiner-Win64-Shipping.exe"+21B229
"Ruiner-Win64-Shipping.exe"+21B200: 48 8B D9 - mov rbx,rcx
"Ruiner-Win64-Shipping.exe"+21B203: 74 78 - je Ruiner-Win64-Shipping.exe+21B27D
"Ruiner-Win64-Shipping.exe"+21B205: 48 8B 81 50 04 00 00 - mov rax,[rcx+00000450]
"Ruiner-Win64-Shipping.exe"+21B20C: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B20F: 74 0F - je Ruiner-Win64-Shipping.exe+21B220
"Ruiner-Win64-Shipping.exe"+21B211: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B219: 74 05 - je Ruiner-Win64-Shipping.exe+21B220
"Ruiner-Win64-Shipping.exe"+21B21B: E8 A0 F5 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B220: 80 BB 58 04 00 00 00 - cmp byte ptr [rbx+00000458],00
"Ruiner-Win64-Shipping.exe"+21B227: 75 06 - jne Ruiner-Win64-Shipping.exe+21B22F
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+21B229: FF 8B 04 06 00 00 - dec [rbx+00000604]
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+21B22F: 48 8B 83 50 04 00 00 - mov rax,[rbx+00000450]
"Ruiner-Win64-Shipping.exe"+21B236: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B239: 74 0F - je Ruiner-Win64-Shipping.exe+21B24A
"Ruiner-Win64-Shipping.exe"+21B23B: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B243: 74 05 - je Ruiner-Win64-Shipping.exe+21B24A
"Ruiner-Win64-Shipping.exe"+21B245: E8 76 F5 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B24A: 80 BB 58 04 00 00 00 - cmp byte ptr [rbx+00000458],00
"Ruiner-Win64-Shipping.exe"+21B251: 75 2A - jne Ruiner-Win64-Shipping.exe+21B27D
"Ruiner-Win64-Shipping.exe"+21B253: 48 8B 83 50 04 00 00 - mov rax,[rbx+00000450]
"Ruiner-Win64-Shipping.exe"+21B25A: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+21B25D: 74 0F - je Ruiner-Win64-Shipping.exe+21B26E
"Ruiner-Win64-Shipping.exe"+21B25F: 48 83 B8 38 04 00 00 00 - cmp qword ptr [rax+00000438],00
"Ruiner-Win64-Shipping.exe"+21B267: 74 05 - je Ruiner-Win64-Shipping.exe+21B26E
"Ruiner-Win64-Shipping.exe"+21B269: E8 52 F5 03 00 - call Ruiner-Win64-Shipping.exe+25A7C0
"Ruiner-Win64-Shipping.exe"+21B26E: 80 BB 59 04 00 00 00 - cmp byte ptr [rbx+00000459],00
"Ruiner-Win64-Shipping.exe"+21B275: 75 06 - jne Ruiner-Win64-Shipping.exe+21B27D
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+21B277: FF 8B 00 06 00 00 - dec [rbx+00000600]
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+21B27D: 48 83 C4 20 - add rsp,20
"Ruiner-Win64-Shipping.exe"+21B281: 5B - pop rbx
"Ruiner-Win64-Shipping.exe"+21B282: C3 - ret
}
80
"Good Karma"
Auto Assembler Script
[ENABLE]
aobscanmodule(aobKarma,Ruiner-Win64-Shipping.exe,01 51 28 48 8B D9) // should be unique
alloc(karmaMem,$1000,"Ruiner-Win64-Shipping.exe"+180049)
label(code)
label(return)
karmaMem:
mov edx,#100000
code:
add [rcx+28],edx
mov rbx,rcx
jmp return
aobKarma:
jmp karmaMem
nop
return:
registersymbol(aobKarma)
[DISABLE]
aobKarma:
db 01 51 28 48 8B D9
unregistersymbol(aobKarma)
dealloc(karmaMem)
{
// ORIGINAL CODE - INJECTION POINT: "Ruiner-Win64-Shipping.exe"+180049
"Ruiner-Win64-Shipping.exe"+18003A: CC - int 3
"Ruiner-Win64-Shipping.exe"+18003B: CC - int 3
"Ruiner-Win64-Shipping.exe"+18003C: CC - int 3
"Ruiner-Win64-Shipping.exe"+18003D: CC - int 3
"Ruiner-Win64-Shipping.exe"+18003E: CC - int 3
"Ruiner-Win64-Shipping.exe"+18003F: CC - int 3
"Ruiner-Win64-Shipping.exe"+180040: 85 D2 - test edx,edx
"Ruiner-Win64-Shipping.exe"+180042: 7E 64 - jle Ruiner-Win64-Shipping.exe+1800A8
"Ruiner-Win64-Shipping.exe"+180044: 53 - push rbx
"Ruiner-Win64-Shipping.exe"+180045: 48 83 EC 20 - sub rsp,20
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+180049: 01 51 28 - add [rcx+28],edx
"Ruiner-Win64-Shipping.exe"+18004C: 48 8B D9 - mov rbx,rcx
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+18004F: 8B 81 D8 00 00 00 - mov eax,[rcx+000000D8]
"Ruiner-Win64-Shipping.exe"+180055: 39 41 2C - cmp [rcx+2C],eax
"Ruiner-Win64-Shipping.exe"+180058: 7D 49 - jnl Ruiner-Win64-Shipping.exe+1800A3
"Ruiner-Win64-Shipping.exe"+18005A: 66 0F 1F 44 00 00 - nop [rax+rax+00]
"Ruiner-Win64-Shipping.exe"+180060: 8B 4B 2C - mov ecx,[rbx+2C]
"Ruiner-Win64-Shipping.exe"+180063: 33 D2 - xor edx,edx
"Ruiner-Win64-Shipping.exe"+180065: 83 C1 01 - add ecx,01
"Ruiner-Win64-Shipping.exe"+180068: 78 21 - js Ruiner-Win64-Shipping.exe+18008B
"Ruiner-Win64-Shipping.exe"+18006A: 44 8B 8B D4 00 00 00 - mov r9d,[rbx+000000D4]
"Ruiner-Win64-Shipping.exe"+180071: 44 8D 41 01 - lea r8d,[rcx+01]
}
213
"Get playerCoords"
Auto Assembler Script
[ENABLE]
aobscanmodule(aobCoords,Ruiner-Win64-Shipping.exe,F7 FF FF 48 85 C0 74 25 0F 28 88 90 02 00 00)
alloc(coordsMem,$1000,"Ruiner-Win64-Shipping.exe"+1D7850)
globalalloc(playerCoords,16)
label(code)
label(return)
playerCoords:
dq 00 00
coordsMem:
mov [playerCoords],rax
add [playerCoords],290
code:
movaps xmm1,[rax+00000290]
jmp return
aobCoords+08:
jmp coordsMem
nop
nop
return:
registersymbol(aobCoords)
[DISABLE]
aobCoords+08:
db 0F 28 88 90 02 00 00
unregistersymbol(aobCoords)
unregistersymbol(playerCoords)
dealloc(coordsMem)
dealloc(playerCoords)
{
// ORIGINAL CODE - INJECTION POINT: "Ruiner-Win64-Shipping.exe"+1D7850
"Ruiner-Win64-Shipping.exe"+1D782F: F3 0F 59 80 70 08 00 00 - mulss xmm0,[rax+00000870]
"Ruiner-Win64-Shipping.exe"+1D7837: F3 41 0F 11 00 - movss [r8],xmm0
"Ruiner-Win64-Shipping.exe"+1D783C: C3 - ret
"Ruiner-Win64-Shipping.exe"+1D783D: CC - int 3
"Ruiner-Win64-Shipping.exe"+1D783E: CC - int 3
"Ruiner-Win64-Shipping.exe"+1D783F: CC - int 3
"Ruiner-Win64-Shipping.exe"+1D7840: 48 83 EC 18 - sub rsp,18
"Ruiner-Win64-Shipping.exe"+1D7844: 48 8B 81 70 F7 FF FF - mov rax,[rcx-00000890]
"Ruiner-Win64-Shipping.exe"+1D784B: 48 85 C0 - test rax,rax
"Ruiner-Win64-Shipping.exe"+1D784E: 74 25 - je Ruiner-Win64-Shipping.exe+1D7875
// ---------- INJECTING HERE ----------
"Ruiner-Win64-Shipping.exe"+1D7850: 0F 28 88 90 02 00 00 - movaps xmm1,[rax+00000290]
// ---------- DONE INJECTING ----------
"Ruiner-Win64-Shipping.exe"+1D7857: 0F 28 C1 - movaps xmm0,xmm1
"Ruiner-Win64-Shipping.exe"+1D785A: F3 0F 11 0C 24 - movss [rsp],xmm1
"Ruiner-Win64-Shipping.exe"+1D785F: 0F C6 C1 55 - shufps xmm0,xmm1,55
"Ruiner-Win64-Shipping.exe"+1D7863: 0F C6 C9 AA - shufps xmm1,xmm1,-56
"Ruiner-Win64-Shipping.exe"+1D7867: F3 0F 11 4C 24 08 - movss [rsp+08],xmm1
"Ruiner-Win64-Shipping.exe"+1D786D: F3 0F 11 44 24 04 - movss [rsp+04],xmm0
"Ruiner-Win64-Shipping.exe"+1D7873: EB 17 - jmp Ruiner-Win64-Shipping.exe+1D788C
"Ruiner-Win64-Shipping.exe"+1D7875: F2 0F 10 05 9B FD F7 02 - movsd xmm0,[Ruiner-Win64-Shipping.exe+3157618]
"Ruiner-Win64-Shipping.exe"+1D787D: 8B 05 9D FD F7 02 - mov eax,[Ruiner-Win64-Shipping.exe+3157620]
"Ruiner-Win64-Shipping.exe"+1D7883: F2 0F 11 04 24 - movsd [rsp],xmm0
}
214
"X-Coord"
Float
[playerCoords]
215
"Y-Coord"
Float
[playerCoords]+4
216
"Z-Coord?"
Float
[playerCoords]+8
healthAddy
4C430000
energyAddy
50AC0000
karmaAmount
0BA20010
playerCoords
0BE20050
playerBase
0BE20040
Ruiner
Game Version: 1.03
Table Ver. 0.1 by jungletek (2017-11-20)