Metro Exodus No clip

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
Metalcorpse
What is cheating?
What is cheating?
Posts: 2
Joined: Sat Sep 26, 2020 3:39 am
Reputation: 0

Metro Exodus No clip

Post by Metalcorpse »

Hello everyone, I play Metro Exodus through Steam and was having fun with the No Clip ability from a table I found here, but recently the game was patched and no cheat engine file works anymore on it. I know they removed the DRM from the game but im not sure if thats the issue. I tried to activate the no clip option but I was able to find this error.

Im not a programmer by any means so I wont know how to fix this, maybe if its a bit of code I copy and paste. I apologize to the more experienced users here for a lack of understanding to this, but I really enjoy this game :cry:

<< Lua error in the script at line 3:[string "local syntaxcheck,memrec=... ..."]:33: attempt to index a nil value (local 't')>>

Admins if not allowed plz tell me.

This is the script used,




Code: Select all

{$STRICT}

{$lua}

if syntaxcheck then return end

[ENABLE]

function _readInteger( Input )
  -- thanks, Pox!
  local Value = readInteger( Input )
  if Value < 0x80000000 then return Value
  else return Value - 0x100000000 end
end

function aobScanEx( aob, p, a, n, s, e, pb )
  local p, a, n, s, e = p or '*X*W', a or fsmNotAligned, n or '0', s or 0x0, e or 0xffffffffffffffff
  local ms = pb and createMemScan( pb ) or createMemScan()
  local fl = createFoundList( ms )
  ms.firstScan( soExactValue, vtByteArray, nil, aob, nil, s, e, p, a, n, true, false, false, false )
  ms.waitTillDone()
  fl.initialize()
  local result = nil
  if fl ~= nil and fl.getCount() > 0 then
    result = createStringlist()
    for i = 1, fl.getCount() do result.add( fl.getAddress( i - 1 ) ) end
  end
  fl.destroy()
  ms.destroy()
  return result
end

local gameProcess = 'MetroExodus.exe'
local gameModule = getAddress( gameProcess )
local t = aobScanEx( '48837B??0074??807B??000F94D084C075??85??74??F3', nil, nil, nil, gameModule, gameModule + getModuleSize( gameProcess ) )
local NoClip = tonumber( t[0], 16 )
unregisterSymbol( 'NoClip' )
registerSymbol( 'NoClip', NoClip, true )
local t = aobScanEx( '488B0D????????4885C90F84????????488B51??48895C24??48897C24??4885D274', nil, nil, nil, gameModule, gameModule + getModuleSize( gameProcess ) )
t = tonumber( t[0], 16 )
local PhysX = readQword( t + _readInteger( t + 0x3 ) + 0x7 )
unregisterSymbol( 'PhysX' )
registerSymbol( 'PhysX', PhysX, true )

autoAssemble([[

  alloc( MovementHook, 0x1000, MetroExodus.exe )
  registersymbol( MovementHook )

  label( goback )
  label( skip )
  label( subGetAsyncKeyState )
  label( fraction )

  label( ZLock )
  registersymbol( ZLock )

  label( back )

  MovementHook:

  push rdx
  mov rdx,PhysX
  mov rdx,[rdx+28] // leads to Player
  mov rdx,[rdx+758]
  mov rdx,[rdx+10]
  cmp rbx,rdx
  pop rdx
  jnz goback

    mov [ZLock],rbx
    mov byte ptr [rbx+30],4

    mov rax,PhysX
    mov rax,[rax+28] // leads to Player
    test rax,rax
    jz goback

      cmp [rax+938],0 // check if camera vector is initialized
      jz goback

        push rax
        push rbx
        push rdx
        push rsi
        push rdi
        push rbp
        push r8
        push r9
        push r10
        push r11
        push r12
        push r13
        push r14
        push r15

          push rcx
          xor r10,r10

          mov r11,1 // FORWARD
          mov ecx,'W'
          call short subGetAsyncKeyState

          mov r11,2 // BACKWARD
          mov ecx,'S'
          call short subGetAsyncKeyState

          mov r11,4 // STRAFE LEFT
          mov ecx,'A'
          call short subGetAsyncKeyState

          mov r11,8 // STRAFE RIGHT
          mov ecx,'D'
          call short subGetAsyncKeyState

          mov r11,10 // FASTER
          mov ecx,10 // Shift
          call short subGetAsyncKeyState

          mov r11,20 // Z UP
          mov ecx,20 // Space
          call short subGetAsyncKeyState

          mov r11,40 // Z DOWN
          mov ecx,11 // Ctrl
          call short subGetAsyncKeyState

          pop rcx
          test r10,r10
          jz skip

            mov rdi,PhysX
            mov rdi,[rdi+28]
            mov rbx,rdi
            mov rdi,[rdi+928] // camera vector (already normalized)
            test rdi,rdi
            jz skip

            movups xmm1,[rdi+C0]
            xorps xmm15,xmm15 // this register will temporary keep sum of four vectors    (forward, backward,  strafe left,  strafe right)

		    test r10,01 // forward
		    jz +4
		    addps xmm15,xmm1

		    test r10,02 // backward
		    jz +4
		    subps xmm15,xmm1

		    // calc rotatedLeftBy90 vector
		    shufps xmm1,xmm1,06  //  camera struct (X,Z,Y), Z is up-down axis
                                 //  now xmm1 contains (Y,Z,X)
            xorps xmm2,xmm2
		    subss xmm2,xmm1
		    movss xmm1,xmm2 //  now xmm1 contains (-Y,Z,X); rotatedLeftBy90deg in Z-axis

		    movaps xmm14,xmm1 // save for later

		    // for strafing we have to set Z to zero
		    mov eax,-1
		    movd xmm2,eax
		    shufps xmm2,xmm2,08
		    andps xmm1,xmm2 // now xmm1 contains (-Y,0,X)

		    test r10,04  // strafe left
		    jz +4
		    addps xmm15,xmm1

		    test r10,08 // strafe right
		    jz +4
		    subps xmm15,xmm1

		    // move in Z axis
		    mov eax,(float)1
		    movd xmm1,eax
		    shufps xmm1,xmm1,51 // now xmm1 contains (0,1,0)

		    test r10,20 // Z axis UP
		    jz +4
		    addps xmm15,xmm1

		    test r10,40 // Z axis DOWN
		    jz +4
		    subps xmm15,xmm1

		    movups xmm1,[rdi+C0] // camVect
		    movaps xmm2,xmm14 // rotLeft90camVect

		    movaps xmm14,xmm1

		    shufps xmm1,xmm1,09
		    shufps xmm2,xmm2,12
		    shufps xmm14,xmm14,12

		    mulps xmm1,xmm2
		    shufps xmm2,xmm2,12
		    mulps xmm14,xmm2

		    subps xmm1,xmm14
		    // xmm1 now has cross product of camVect and rotLeft90camVect, lets call it V1

		    movaps xmm14,xmm1
		    subss xmm14,xmm1
		    subss xmm14,xmm1
		    shufps xmm14,xmm14,06 // xmm14 now has rotRight90V1, lets call it V2

		    addps xmm1,xmm14 // sum of V1 and V2

		    // normalize
		    movaps xmm2,xmm1
		    mulps xmm2,xmm2
		    movss xmm14,xmm2
		    shufps xmm2,xmm2,21
		    addss xmm14,xmm2
		    movhlps xmm2,xmm2
		    addss xmm14,xmm2
		    sqrtss xmm14,xmm14
		    shufps xmm14,xmm14,0
		    divps xmm1,xmm14

		    movaps xmm1,xmm15 // xmm1 constains vector for No_Clip (sum of many vectors)
		    xorps xmm2,xmm2

		    mulps xmm15,xmm15
		    addss xmm2,xmm15
		    shufps xmm15,xmm15,E1
		    addss xmm2,xmm15
		    movhlps xmm15,xmm15
		    addss xmm2,xmm15
		    sqrtss xmm2,xmm2 // xmm2 contains No_Clip vector length

		    xorps xmm15,xmm15
		    comiss xmm2,xmm15 // deal with division by zero
		    je short skip

		    shufps xmm2,xmm2,00
		    divps xmm1,xmm2 // No_Clip vector is now normalized

		    // before we add this vector to playerPos, we have to reduce it a bit
		    movss xmm2,[fraction]
		    shufps xmm2,xmm2,00

		    // faster
		    test r10,10
		    jz +6
		    addps xmm2,xmm2
		    addps xmm2,xmm2
		    mulps xmm1,xmm2

		    // update player pos
		    mov rbx,[rbx+758]
		    test rbx,rbx
		    jz short skip

		      mov rbx,[rbx+10]

		      movups xmm2,[rbx+BC]
		      addps xmm2,xmm1
		      movq [rbx+BC],xmm2
		      movhlps xmm2,xmm2
		      movss [rbx+C4],xmm2
/*
		      pop r15
		      pop r14
		      pop r13
		      pop r12
		      pop r11
		      pop r10
		      pop r9
		      pop r8
		      pop rbp
		      pop rdi
		      pop rsi
		      pop rdx
		      pop rbx
		      pop rax
	          jmp back+3C
*/

      skip:
      pop r15
      pop r14
      pop r13
      pop r12
      pop r11
      pop r10
      pop r9
      pop r8
      pop rbp
      pop rdi
      pop rsi
      pop rdx
      pop rbx
      pop rax

      xor edi,edi

  goback:
  //movss xmm0,[rsp+40]
  cmp qword ptr [rbx+68],0
  jmp back

  db CC CC CC CC

  subGetAsyncKeyState:
    push r10
    push r11
    sub rsp,8
    call GetAsyncKeyState
    add rsp,8
    pop r11
    pop r10
    test ax,8000
    jz short @f
      or r10,r11
    @@:
    ret

  db CC CC CC CC

  fraction:
  dd (float)0.025
  ZLock:
  dq 0

  db CC CC CC CC

  NoClip:
  jmp MovementHook
  back:
]])

[DISABLE]

{$asm}

[ZLock]+34:
dd 08080000

[ZLock]+30:
db 0

NoClip:
cmp qword ptr [rbx+68],0

unregistersymbol( ZLock )
unregistersymbol( MovementHook )
dealloc( MovementHook )
unregistersymbol( PhysX )
unregistersymbol( NoClip )

User avatar
SunBeam
Administration
Administration
Posts: 3023
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 2156

Re: Metro Exodus No clip

Post by SunBeam »

What's the game version? What game client are you using? Those things matter. As for the script, it's the only one out there in my table. I've tried it a while ago on the Epic Game Store version and it worked fine. Guessing you're on Steam?..

Metalcorpse
What is cheating?
What is cheating?
Posts: 2
Joined: Sat Sep 26, 2020 3:39 am
Reputation: 0

Re: Metro Exodus No clip

Post by Metalcorpse »

Hi SunBeam, thanks for taking the time to reply. I bought the game through Steam. So far its just the most recently updated version through Steam, I cant seem to find a client version. Any way to find this? I went through steam and the game itself. So far I cant find anything that might be of help.

Post Reply

Who is online

Users browsing this forum: No registered users