Mortal Kombat 11 - table v: 1.0.8 CT

[ModEngine]

Mortal Kombat 11 - table v: 1.0.8 CT
Game Name: Mortal Kombat 11
Game Vendor: Steam
Game Version: 0.188-15-CL137535
Game Process: MK11.exe
Game File Version: 1.0.0.0


Made by
SunBeam
Beefsquatch


Features:

Features

• I2CETState
  Saves and loads table state (i.e.: what memory records are enabled).
  Uses named states (i.e.: 'default', 'testState', or 'SuperCheated'), if no name is given then 'default' is used.
  • Save Table State : Default
  • Save Table State : Casual
  • Save Table State : Full
  • Save Table State : Test
  • Load Table State : Default
  • Load Table State : Casual
  • Load Table State : Full
  • Load Table State : Test
• I2CETeleporter
  • Teleport To: Waypoint
  • Teleport: Back
  • Save Location (saves location to local file)
  • Helpers
    • Generate Memory Records (helper script for generating "teleport to save" scripts from saves)
    • Zero Camera Rotation Angle
    • Write Saves To File
    • Print Saves
    • Rename Save
    • Read From File
    • Delete Save
• Pointers
• Hitbox Hook { SunBeam }
• Health Wrt. Hook
• Defence Hook
• Instant Win { SunBeam }
• Freeze Round Timer
• Action Hold Hook
• Super Speed
• Vial Timer Hook
• Blindfold Show Hook { SunBeam }
• Premium Shop Cost Hook ( Use This At Your Own Risk! )

Other Features:

• Auto Table Updater
• Auto Attach to process
• Simple Logger (with levels)
• Debug Section:
  • Helpers:
    • Print Game Module Info
    • Print Game Module Version
    • Enable Compact Mode
    • Disable Compact Mode
    • Set Logger Level : WARN (Default)
    • Set Logger Level : INFO
    • Set Logger Level : DEBUG
    • Set Logger Level : TRACE
  • All hooks have their own section, check scripts for real hook names.

Versions:

Table Versions Info

• v 1.0.1: Initial release
• v 1.0.2: Updated to latest game version.
• v 1.0.3:
  • Changed:
    • "Krypt Unlocker" now includes Orbs.
  • Added:
    • I2CETeleporter
    • Hitbox Hook { SunBeam }
    • Defence Hook
    • Instant Win { SunBeam }
    • Action Hold Hook
• v 1.0.4:
  • Changed:
    • "Krypt Unlocker" now only uses flag to stop values from decreasing.
  • Added:
    • Krypt Orb Cost Hook (Used to set Koins amount)
    • Super Speed
    • Vial Timer Hook
    • Blindfold Show Hook { SunBeam }
• v 1.0.5:
  • Table Updated to latest Steam version.
  • Added:
    • Premium Shop Cost Hook ( Use This At Your Own Risk! )
• v 1.0.6: Updated to latest game version (0.1.103-10-CLI34469).
• v 1.0.7:
  • Table Updated to latest Steam version.
  • Removed:
    • Krypt Unlocker
    • Krypt Orb Cost Hook
• v 1.0.8:
  • Table Updated to latest Steam version.

Current Table:




Errors and Bugs:

Errors and Bugs, follow these steps

1. [Link]
2. Open CE and open the settings window (Edit -> Settings).
   Then check that you are allowing Lua scripts to run, you can select any one of the three shown here.
   [Link]
3. Click Ok and then close CE.
4. Start the game.
5. Open the CE table file by double clicking it.
   Give the table a second to load, run the Lua scripts, and attach to the game.
   • [Link], if not auto attached.
6. Print the game module infromation.
   [Link]
7. Set the Logger level to "Debug".
   [Link]
8. Activate the "Main Hooks".
   [Link]
   Activate any of the scripts/hooks that you wish to use.
   You can also load the table state "test".
9. If error is during deactivation of scripts, then deactivate all scripts.
   You can load the table state "none".
10. Copy all the output text of the CE's "Lua Engine" window.
    [Link]
11. Post the output text here in side code blocks. i.e. [code][/code]
    [Link]

If you find anything you want to know more about how it works (the Lua stuff, or any of the AA scripts), just let me know.

For editing/updating

Just extract the CEA table files in to a folder named "ceaFiles" for running local files instead of the table files.
See this Lua extension with helper tools for extracting the table files into folders used by my Lua modules:
[Link]

Older Table Versions:

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[hunghung7514]

Here's a Krypt unlocker based on SunBeams findings.
This will Unlock all chests and doors and set the chest cost to 1 for all types, but you have to approach the chest twice to see the change. But there is something that resets some of the chests when I reloaded the game and it doesn't work on those.

Code: Select all

{
	Process			: MK11.exe  -  (x64)
	Module			: MK11.exe
	Game Title		: MK11
	Game Version	: 1.0.0.0
	CE Version		: 6.83
	Script Version	: 0.0.1
	Date			: 04/26/19
	Author			: ShyTwig16
	Name			: KryptChestCheckHook

	Krypt Chest Check Hook
}

{$STRICT}

define(address, MK11.exe+8E5DD1F)
define(bytes, 83 BB 28 04 00 00 FF)

////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobKryptChestCheckHook, MK11.exe, F7xxxxxxxxxxxxxxxxxx0F85xxxxxxxx83xxxxxxxxxxxx74xx83xxxxxxxxxxxx74xx83xxxxxxxxxxxx0F85xxxxxxxx83xxxxxxxxxxxx0F85xxxxxxxx83)
define(injKryptChestCheckHook, aobKryptChestCheckHook+10)
assert(injKryptChestCheckHook, bytes)
registerSymbol(injKryptChestCheckHook)

alloc(memKryptChestCheckHook, 0x400, injKryptChestCheckHook)

label(ptrKryptChestCheckHook)
registerSymbol(ptrKryptChestCheckHook)

label(n_code)
label(o_code)
label(exit)
label(return)

memKryptChestCheckHook:
	ptrKryptChestCheckHook:
		dq 0
	align 10 CC
	n_code:
		push rax
		mov [ptrKryptChestCheckHook],rbx
		or byte ptr [rbx+D0],08
		cmp dword ptr [rbx+488],00
		je @f
			mov dword ptr [rbx+488],01
			jmp o_code
		@@:
		cmp dword ptr [rbx+4B8],00
		je @f
			mov dword ptr [rbx+4B8],01
			jmp o_code
		@@:
		mov rax,[rbx+1C8]
		test rax,rax
		jz o_code
			cmp dword ptr [rax+10],00
			je @f
				mov dword ptr [rax+10],01
				jmp o_code
			@@:
	o_code:
		cmp dword ptr [rbx+00000428],-01
	exit:
		pop rax
		jmp return


////
//// ---------- Injection Point ----------
injKryptChestCheckHook:
	jmp n_code
	nop
	nop
	return:


////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injKryptChestCheckHook:
	db bytes

unregisterSymbol(injKryptChestCheckHook)

unregisterSymbol(ptrKryptChestCheckHook)

dealloc(memKryptChestCheckHook)

{
//// Injection Point: MK11.exe+8E5DD1F  -  0000000148E5DD1F
//// AOB address: 0000000148E5DD0F  -  MK11.exe+8E5DD0F
//// Process: MK11.exe  -  0000000140000000
//// Module: MK11.exe  -  0000000140000000
//// Module Size: 0000000017EBE000
MK11.exe+8E5DCCE:  48 8B 0C 24                 -  mov rcx,[rsp]                      
MK11.exe+8E5DCD2:  48 8D 64 24 08              -  lea rsp,[rsp+08]                   
MK11.exe+8E5DCD7:  9D                          -  popfq                              
MK11.exe+8E5DCD8:  53                          -  push rbx                           
MK11.exe+8E5DCD9:  48 8D 1D F0DF2101           -  lea rbx,[14A07BCD0]                [245C8948]
MK11.exe+8E5DCE0:  48 87 1C 24                 -  xchg [rsp],rbx                     
MK11.exe+8E5DCE4:  C3                          -  ret                                
MK11.exe+8E5DCE5:  4C 8D 3D B03B5C0E           -  lea r15,[15742189C]                [8D4C3289]
MK11.exe+8E5DCEC:  41 FF E3                    -  jmp r11                            
MK11.exe+8E5DCEF:  3D 48894C24                 -  cmp eax,244C8948                   [(float)-0.0304]
MK11.exe+8E5DCF4:  08 53 48                    -  or [rbx+48],dl                     
MK11.exe+8E5DCF7:  83 EC 70                    -  sub esp,70                         
MK11.exe+8E5DCFA:  48 89 CB                    -  mov rbx,rcx                        
MK11.exe+8E5DCFD:  31 D2                       -  xor edx,edx                        
MK11.exe+8E5DCFF:  31 C9                       -  xor ecx,ecx                        
MK11.exe+8E5DD01:  E8 3AB25DF7                 -  call 140438F40                     
MK11.exe+8E5DD06:  48 85 C0                    -  test rax,rax                       
MK11.exe+8E5DD09:  0F84 47050000               -  je 148E5E256                       
MK11.exe+8E5DD0F:  F7 83 D0000000 00000200     -  test [rbx+000000D0],20000          <<<--- AOB Starts Here
MK11.exe+8E5DD19:  0F85 37050000               -  jne 148E5E256                      
////  INJECTING START  ----------------------------------------------------------
MK11.exe+8E5DD1F:  83 BB 28040000 FF           -  cmp dword ptr [rbx+00000428],-01   
////  INJECTING END  ----------------------------------------------------------
MK11.exe+8E5DD26:  74 30                       -  je 148E5DD58                       
MK11.exe+8E5DD28:  83 BB 58040000 FF           -  cmp dword ptr [rbx+00000458],-01   
MK11.exe+8E5DD2F:  74 27                       -  je 148E5DD58                       
MK11.exe+8E5DD31:  83 BB 88040000 00           -  cmp dword ptr [rbx+00000488],00    
MK11.exe+8E5DD38:  0F85 18050000               -  jne 148E5E256                      
MK11.exe+8E5DD3E:  83 BB B8040000 00           -  cmp dword ptr [rbx+000004B8],00    
MK11.exe+8E5DD45:  0F85 0B050000               -  jne 148E5E256                      
MK11.exe+8E5DD4B:  83 BB E8040000 00           -  cmp dword ptr [rbx+000004E8],00    
MK11.exe+8E5DD52:  0F85 FE040000               -  jne 148E5E256                      
MK11.exe+8E5DD58:  48 89 6C 24 68              -  mov [rsp+68],rbp                   
MK11.exe+8E5DD5D:  48 8B 2D 1C5320FA           -  mov rbp,[143063080]                [74E4B940]
MK11.exe+8E5DD64:  48 89 AC 24 98000000        -  mov [rsp+00000098],rbp             
MK11.exe+8E5DD6C:  48 85 ED                    -  test rbp,rbp                       
MK11.exe+8E5DD6F:  0F84 DC040000               -  je 148E5E251                       
MK11.exe+8E5DD75:  48 89 D9                    -  mov rcx,rbx                        
MK11.exe+8E5DD78:  E8 D3EB98F7                 -  call 1407EC950                     
MK11.exe+8E5DD7D:  83 F8 05                    -  cmp eax,05                         
MK11.exe+8E5DD80:  0F84 CB040000               -  je 148E5E251                       
MK11.exe+8E5DD86:  48 83 BB C8010000 00        -  cmp qword ptr [rbx+000001C8],00    
MK11.exe+8E5DD8E:  0F85 BD040000               -  jne 148E5E251                      
//// Template: I2CEA_AOBFullInjectionWithValues
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}

If you want it to only approach the chest once use this script as well.

Code: Select all

{
	Process			: MK11.exe  -  (x64)
	Module			: MK11.exe
	Game Title		: MK11
	Game Version	: 1.0.0.0
	CE Version		: 6.83
	Script Version	: 0.0.1
	Date			: 04/25/19
	Author			: ShyTwig16
	Name			: KryptChestReadHook

	Krypt Chest Read Hook
}

{$STRICT}

define(address, MK11.exe+8E87480)
define(bytes, 8B 96 88 04 00 00)

////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobKryptChestReadHook, MK11.exe, 48xxxxFFxx8Bxxxxxxxxxx8Bxxxxxxxxxx8Bxxxxxxxxxx41xxxxxx75)
define(injKryptChestReadHook, aobKryptChestReadHook+5)
assert(injKryptChestReadHook, bytes)
registerSymbol(injKryptChestReadHook)

alloc(memKryptChestReadHook, 0x400, injKryptChestReadHook)

label(intKryptChestReadHook)
registerSymbol(intKryptChestReadHook)

label(ptrKryptChestReadHook)
registerSymbol(ptrKryptChestReadHook)

label(n_code)
label(o_code)
label(exit)
label(return)

memKryptChestReadHook:
	intKryptChestReadHook:
		dd (int)1
	align 10
	ptrKryptChestReadHook:
		dq 0
	align 10 CC
	n_code:
		mov [ptrKryptChestReadHook],rsi
		mov edx,[intKryptChestReadHook]
		cmp dword ptr [rsi+488],00
		je @f
			mov [rsi+488],edx
			jmp o_code
		@@:
		cmp dword ptr [rsi+4B8],00
		je @f
			mov [rsi+4B8],edx
			jmp o_code
		@@:
	o_code:
		mov edx,[rsi+00000488]
	exit:
		jmp return


////
//// ---------- Injection Point ----------
injKryptChestReadHook:
	jmp n_code
	nop
	return:


////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injKryptChestReadHook:
	db bytes

unregisterSymbol(injKryptChestReadHook)

unregisterSymbol(intKryptChestReadHook)

unregisterSymbol(ptrKryptChestReadHook)

dealloc(memKryptChestReadHook)

{
//// Injection Point: MK11.exe+8E87480  -  0000000148E87480
//// AOB address: 0000000148E8747B  -  MK11.exe+8E8747B
//// Process: MK11.exe  -  0000000140000000
//// Module: MK11.exe  -  0000000140000000
//// Module Size: 0000000017EBE000
MK11.exe+8E87439:  C1 E8 0F                    -  shr eax,0F                         
MK11.exe+8E8743C:  F6 D0                       -  not al                             
MK11.exe+8E8743E:  24 01                       -  and al,01                          
MK11.exe+8E87440:  48 8B 5C 24 30              -  mov rbx,[rsp+30]                   
MK11.exe+8E87445:  48 8B 74 24 38              -  mov rsi,[rsp+38]                   
MK11.exe+8E8744A:  48 83 C4 20                 -  add rsp,20                         
MK11.exe+8E8744E:  5F                          -  pop rdi                            
MK11.exe+8E8744F:  C3                          -  ret                                
MK11.exe+8E87450:  48 89 F1                    -  mov rcx,rsi                        
MK11.exe+8E87453:  E8 383C96F7                 -  call 1407EB090                     
MK11.exe+8E87458:  41 89 C0                    -  mov r8d,eax                        
MK11.exe+8E8745B:  FF C8                       -  dec eax                            
MK11.exe+8E8745D:  83 F8 16                    -  cmp eax,16                         
MK11.exe+8E87460:  77 1E                       -  ja 148E87480                       
MK11.exe+8E87462:  48 63 C8                    -  movsxd  rcx,eax                    
MK11.exe+8E87465:  48 8D 05 948B17F7           -  lea rax,[140000000]                [00905A4D]
MK11.exe+8E8746C:  0FB6 8C 08 4CBE7E00         -  movzx ecx,byte ptr [rax+rcx+007EBE4C]
MK11.exe+8E87474:  8B 94 88 44BE7E00           -  mov edx,[rax+rcx*4+007EBE44]       
MK11.exe+8E8747B:  48 01 C2                    -  add rdx,rax                        <<<--- AOB Starts Here
MK11.exe+8E8747E:  FF E2                       -  jmp rdx                            
////  INJECTING START  ----------------------------------------------------------
MK11.exe+8E87480:  8B 96 88040000              -  mov edx,[rsi+00000488]             
////  INJECTING END  ----------------------------------------------------------
MK11.exe+8E87486:  8B 8E B8040000              -  mov ecx,[rsi+000004B8]             
MK11.exe+8E8748C:  8B 86 E8040000              -  mov eax,[rsi+000004E8]             
MK11.exe+8E87492:  41 83 F8 0C                 -  cmp r8d,0C                         
MK11.exe+8E87496:  75 3C                       -  jne 148E874D4                      
MK11.exe+8E87498:  85 C9                       -  test ecx,ecx                       
MK11.exe+8E8749A:  7E 1A                       -  jle 148E874B6                      
MK11.exe+8E8749C:  C7 07 02000000              -  mov [rdi],00000002                 
MK11.exe+8E874A2:  B0 01                       -  mov al,01                          
MK11.exe+8E874A4:  89 0B                       -  mov [rbx],ecx                      
MK11.exe+8E874A6:  48 8B 5C 24 30              -  mov rbx,[rsp+30]                   
MK11.exe+8E874AB:  48 8B 74 24 38              -  mov rsi,[rsp+38]                   
MK11.exe+8E874B0:  48 83 C4 20                 -  add rsp,20                         
MK11.exe+8E874B4:  5F                          -  pop rdi                            
MK11.exe+8E874B5:  C3                          -  ret                                
MK11.exe+8E874B6:  85 C0                       -  test eax,eax                       
MK11.exe+8E874B8:  7E 24                       -  jle 148E874DE                      
MK11.exe+8E874BA:  C7 07 03000000              -  mov [rdi],00000003                 
MK11.exe+8E874C0:  89 03                       -  mov [rbx],eax                      
MK11.exe+8E874C2:  B0 01                       -  mov al,01                          
MK11.exe+8E874C4:  48 8B 5C 24 30              -  mov rbx,[rsp+30]                   
//// Template: I2CEA_AOBFullInjection
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}

...Till then I'm on vacation

Have fun, where you going this time?


EDIT:
Does anyone know what this chest is?
[Link]
[Link]

Thank! Work like a charm.

[sixonesix]

...
UPD: Oh, and I fogrot, there is also one more door that unlocks with 3 amulets, down at the Kytinn Hive.

Try the table I posted you'll need to align the wheels but it will allow you to activate the unlock without the amulets.

Yeah, it does! Thanks! Even heads are highlighted as available to use option, but when I press E, nothing happends.

Spoiler

Will there be an update for that? Because I think all cool stuff from Krypt is exactly in Shang Tsung home. At least, someone on YouTube got really cool things there

Spoiler

[Stalker4589]

This is where I'm at. Require the heads to open shangs house and get the remaining chest. Currently sitting at 480 apparently out of 600 which I doubt

[sixonesix]

This is where I'm at. Require the heads to open shangs house and get the remaining chest. Currently sitting at 480 apparently out of 600 which I doubt

600 chests are such a big lie from NRS. I saw that interview too. I've opened ALL the available chests for 2 and 1/2 time, and didn't even got a 1/5 part of all the loot. Most of the stuff that I get is some useless trash, like augments or Tower of Time stuff.

[TimFun13]

...
Will there be an update for that? Because I think all cool stuff from Krypt is exactly in Shang Tsung home. At least, someone on YouTube got really cool things there

Spoiler

Yeah, the table is a work in progress; with SunBeams object dumper I should be able to find it.

[SunBeam]

@Tim: Just heading to home town for the Easter holiday. Good luck feeding the OCD freaks, you're in for it now Cheerios!

[TimFun13]

@Tim: Just heading to home town for the Easter holiday. Good luck feeding the OCD freaks, you're in for it now Cheerios!

Have fun, I know I love going to my home town. And with the object dumper it will make things a bit easier, but don't worry at some point I will say NO. And thanks again for the dll and the help.

[andawra]

Haha, when the free cheat tables are better than the paid $15 trainer that never gets updated or has features added.

[Stalker4589]

Looking good.

Would a No Clip be possible for the krypt?

[Anfraxx]

Finally succeeded to get them all, I'm pretty proud since I'm a newbie.



Let's wait for our ban friends.

how did you manage the hearts and green souls? I tried the green souls on the 2k bridge but got disconnected upon modifying.

Think someone said though that the heart chests can be modified.

[Stalker4589]

Finally succeeded to get them all, I'm pretty proud since I'm a newbie.



Let's wait for our ban friends.

how did you manage the hearts and green souls? I tried the green souls on the 2k bridge but got disconnected upon modifying.

Think someone said though that the heart chests can be modified.

Everything can be modified, if you got disconnected on the bridge souls you did something wrong.

[Anfraxx]

Finally succeeded to get them all, I'm pretty proud since I'm a newbie.



Let's wait for our ban friends.

how did you manage the hearts and green souls? I tried the green souls on the 2k bridge but got disconnected upon modifying.

Think someone said though that the heart chests can be modified.

Everything can be modified, if you got disconnected on the bridge souls you did something wrong.

I get disconnected when doing a batch on bridge or on a heart chest. So I know I'm doing something wrong, but not quite sure what.

I select a batch, change the value to 1, check if they have changed in game, if no I change the value back again and then delete them from the list, then start a new batch.

[Hornedreaperr]

Anyone else encountered an issue by moving any of the levers at the bottom of the area where you put the Dragon Amulet in? I can't seem to move them for whatever reason even though I was moving them fine in the past.

[KS212]

Its a classic throwback to MK1.