Phasmophobia
Re: Phasmophobia
how long did it take you to create a cheat on this game
Re: Phasmophobia
For this game it's quite "simple" because the engine is Unity so we have access to mono features. It can take minutes but also hours/days for the most tricky ones.
We just have to explore (using Mono dissector or .Net Info from cheat engine), then check the classes in Assembly-CSharp.dll, the methods/offsets and analyze the corresponding memory part. Change it, try, expect a crash, do it again, until we have something good.
For example, we want to know how to not die, first step is to search something related to the Player, then the method that can kill us (KillPlayer), and after, play with the memory. Can use break points to debug, use offsets to identify the good memory address, replace a part with code that does nothing (nop) etc...
Of course several things can happen in parallel, so we just have to dig more and follow the code
Re: Phasmophobia
I've been pretty busy lately... But i will look into adding new hacks and or merging tables with @Zephroit 's
Re: Phasmophobia
can you say me what software do you use for create cheat because i want start to create a cheat but i don't know how and where do start
Re: Phasmophobia
For what exactly?
I use Cheat engine for making my Phasmophobia hacks
and i use C# in visual studio for making hacks for open assembly games.
Re: Phasmophobia
For my biggest hack... maybe a month total. But it had different versions.
Its one of those "Practice makes perfect" things. The more you do it, the more natural and
quick it will be. I suggest doing all the research you can on how Assembly code works, And how
UnityEngine games work.
Re: Phasmophobia
ok nice thanksCoderbox1 wrote: ↑Fri Jun 18, 2021 3:52 pmFor my biggest hack... maybe a month total. But it had different versions.
Its one of those "Practice makes perfect" things. The more you do it, the more natural and
quick it will be. I suggest doing all the research you can on how Assembly code works, And how
UnityEngine games work.
-
- What is cheating?
- Posts: 1
- Joined: Sat Jul 10, 2021 2:15 am
- Reputation: 0
Re: Phasmophobia
Is there one for the newest update?GreenHouse wrote: ↑Thu Oct 01, 2020 9:20 amThe anticheat does nothing if you do what I said.
EDIT: Here's a quick script to make the shop free. Enjoy I guessCode: Select all
<?xml version="1.0" encoding="utf-8"?> <CheatTable> <CheatEntries> <CheatEntry> <ID>1</ID> <Description>"Free Store"</Description> <LastState Activated="1"/> <VariableType>Auto Assembler Script</VariableType> <AssemblerScript>[ENABLE] {$lua} if syntaxcheck then return end if process and readInteger(process) ~= 0 then mono_initialize() LaunchMonoDataCollector() else local msg = 'No process detected.' print(msg) error(msg) end {$asm} aobscanregion(get_Price,StoreManager:BuyButton,StoreManager:BuyButton+150,48 63 49 48) aobscanregion(get_PriceSub,StoreManager:BuyButton,StoreManager:BuyButton+150,2B D0) registersymbol(get_Price) registersymbol(get_PriceSub) get_Price: db 48 31 C0 90 get_PriceSub: db 90 90 [DISABLE] get_Price: db 48 63 49 48 get_PriceSub: db 2B D0 unregistersymbol(get_Price) unregistersymbol(get_PriceSub) </AssemblerScript> </CheatEntry> </CheatEntries> </CheatTable>
Re: Phasmophobia
You can try this onegeovanniyoboy wrote: ↑Sat Jul 10, 2021 2:18 amIs there one for the newest update?GreenHouse wrote: ↑Thu Oct 01, 2020 9:20 amThe anticheat does nothing if you do what I said.
EDIT: Here's a quick script to make the shop free. Enjoy I guessCode: Select all
<?xml version="1.0" encoding="utf-8"?> <CheatTable> <CheatEntries> <CheatEntry> <ID>1</ID> <Description>"Free Store"</Description> <LastState Activated="1"/> <VariableType>Auto Assembler Script</VariableType> <AssemblerScript>[ENABLE] {$lua} if syntaxcheck then return end if process and readInteger(process) ~= 0 then mono_initialize() LaunchMonoDataCollector() else local msg = 'No process detected.' print(msg) error(msg) end {$asm} aobscanregion(get_Price,StoreManager:BuyButton,StoreManager:BuyButton+150,48 63 49 48) aobscanregion(get_PriceSub,StoreManager:BuyButton,StoreManager:BuyButton+150,2B D0) registersymbol(get_Price) registersymbol(get_PriceSub) get_Price: db 48 31 C0 90 get_PriceSub: db 90 90 [DISABLE] get_Price: db 48 63 49 48 get_PriceSub: db 2B D0 unregistersymbol(get_Price) unregistersymbol(get_PriceSub) </AssemblerScript> </CheatEntry> </CheatEntries> </CheatTable>
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>43966</ID>
<Description>"Free Store"</Description>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
{$lua}
if syntaxcheck then return end
if process and readInteger(process) ~= 0 then
mono_initialize()
LaunchMonoDataCollector()
else
local msg = 'No process detected.'
print(msg)
error(msg)
end
{$asm}
aobscanregion(get_Price,StoreManager.BuyButton,StoreManager.BuyButton+150,2B 41 18)
aobscanregion(get_PriceSub,StoreManager.BuyButton,StoreManager.BuyButton+150,8B D0)
registersymbol(get_Price)
registersymbol(get_PriceSub)
get_Price:
db 90 90 90
get_PriceSub:
db 8B D0
[DISABLE]
get_Price:
db 2B 41 18
get_PriceSub:
db 8B D0
unregistersymbol(get_Price)
unregistersymbol(get_PriceSub)
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
Re: Phasmophobia
Hello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT
Re: Phasmophobia
Hi der_wild!der_wild wrote: ↑Fri Jul 16, 2021 10:18 amHello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT
It's a pleasure.
To answer you, as far as I know, it's only for client, others can't see it.
I don't think we can make it visible to others, at least not with cheat engine, maybe doable with code injection by changing directly the source code.
Maybe it was just a coincidence if they could see it, most probably because of a ghost event or something.
But here's a more recent version for Show Ghost (should always see it with this one)
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>43980</ID>
<Description>"Show Ghost v2 (no blinking)"</Description>
<Options moHideChildren="1"/>
<LastState/>
<Color>008000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Phasmophobia.exe
Author : Zephirot
Mono : Assembly-CSharp.dll -> GhostAI:Update()
}
[ENABLE]
//aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
alloc(newmem,$1000,SHOWGHOST)
alloc(original_SHOWGHOST_bytes,7)
registersymbol(original_SHOWGHOST_bytes)
label(code)
label(return)
label(_GhostAI2)
registersymbol(_GhostAI2)
original_SHOWGHOST_bytes:
readmem(SHOWGHOST,7)
newmem:
code:
mov [_GhostAI2],rbx
cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01
jmp return
_GhostAI2:
dq 0
SHOWGHOST:
jmp newmem
nop 2
return:
registersymbol(SHOWGHOST)
aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique
alloc(newmem2,$1000,GTIMER)
label(code2)
label(return2)
newmem2:
code2:
//comiss xmm0,xmm6
movss [rbx+00000090],xmm6
jmp return2
GTIMER:
jmp newmem2
nop 6
return2:
registersymbol(GTIMER)
aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique
alloc(newmem3,$1000,GJUMP)
label(code3)
label(return3)
newmem3:
code3:
jne GameAssembly.dll+1C05CD1 //je GameAssembly.dll+1C05CD1
jmp return3
GJUMP:
jmp newmem3
nop
return3:
registersymbol(GJUMP)
[DISABLE]
SHOWGHOST:
//db 80 BF 98 00 00 00 00
readmem(original_SHOWGHOST_bytes,7)
unregistersymbol(SHOWGHOST)
unregistersymbol(_GhostAI2)
unregistersymbol(original_SHOWGHOST_bytes)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B92: 74 27 - je GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01 - mov rax,[GameAssembly.dll+29A4780]
GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00 - mov rdx,[rax+000000B8]
GameAssembly.dll+10E2BA2: 48 8B 02 - mov rax,[rdx]
GameAssembly.dll+10E2BA5: 48 85 C0 - test rax,rax
GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00 - je GameAssembly.dll+10E2EAF
GameAssembly.dll+10E2BAE: 80 78 69 00 - cmp byte ptr [rax+69],00
GameAssembly.dll+10E2BB2: 75 07 - jne GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2BB4: 33 D2 - xor edx,edx
GameAssembly.dll+10E2BB6: E8 15 71 67 00 - call ऩजछढजदडछडनज.थणदनडञनझढणच
// ---------- INJECTING HERE ----------
GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00 - cmp byte ptr [rbx+00000098],00
// ---------- DONE INJECTING ----------
GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00 - je GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00 - movss xmm6,[rbx+00000094]
GameAssembly.dll+10E2BD0: 33 C9 - xor ecx,ecx
GameAssembly.dll+10E2BD2: E8 79 E0 87 FF - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+10E2BD7: F3 0F 5C F0 - subss xmm6,xmm0
GameAssembly.dll+10E2BDB: 0F 57 C0 - xorps xmm0,xmm0
GameAssembly.dll+10E2BDE: 0F 2F C6 - comiss xmm0,xmm6
GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00 - movss [rbx+00000094],xmm6
GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00 - jbe GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01 - movss xmm6,[GameAssembly.dll+211E4B0]
}
GTIMER:
db 0F 2F C6 F3 0F 11 B3 90 00 00 00
unregistersymbol(GTIMER)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2
GameAssembly.dll+1268898: 33 D2 - xor edx,edx
GameAssembly.dll+126889A: E8 51 BA A2 00 - call ठदञनडचछनऩनठ.णणथछचणझडजनध
SHOWGHOST: E9 5C 77 54 02 - jmp 7FFC0EDD0000
GameAssembly.dll+12688A4: 66 90 - nop 2
GameAssembly.dll+12688A6: 0F 84 96 00 00 00 - je GameAssembly.dll+1268942
GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00 - movss xmm6,[rbx+00000090]
GameAssembly.dll+12688B4: 33 C9 - xor ecx,ecx
GameAssembly.dll+12688B6: E8 F5 FA 7C FF - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+12688BB: F3 0F 5C F0 - subss xmm6,xmm0
GameAssembly.dll+12688BF: 0F 57 C0 - xorps xmm0,xmm0
// ---------- INJECTING HERE ----------
GameAssembly.dll+12688C2: 0F 2F C6 - comiss xmm0,xmm6
// ---------- DONE INJECTING ----------
GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00 - movss [rbx+00000090],xmm6
GameAssembly.dll+12688CD: 76 73 - jna GameAssembly.dll+1268942
GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01 - movss xmm6,[GameAssembly.dll+27E51C0]
GameAssembly.dll+12688D7: 45 33 C0 - xor r8d,r8d
GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01 - movss xmm0,[GameAssembly.dll+2D597F0]
GameAssembly.dll+12688E2: 0F 28 CE - movaps xmm1,xmm6
GameAssembly.dll+12688E5: E8 C6 1C 77 FF - call UnityEngine.Random.Range
GameAssembly.dll+12688EA: 45 33 C0 - xor r8d,r8d
GameAssembly.dll+12688ED: 0F 28 C8 - movaps xmm1,xmm0
GameAssembly.dll+12688F0: 48 8B CB - mov rcx,rbx
}
GJUMP:
db 0F 84 B9 00 00 00
unregistersymbol(GJUMP)
dealloc(newmem3)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12
GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00 - mov [rsi+10],00000001
GameAssembly.dll+1C05BEF: 48 8B 5C 24 40 - mov rbx,[rsp+40]
GameAssembly.dll+1C05BF4: 48 8B 74 24 48 - mov rsi,[rsp+48]
GameAssembly.dll+1C05BF9: 48 83 C4 30 - add rsp,30
GameAssembly.dll+1C05BFD: 5F - pop rdi
GameAssembly.dll+1C05BFE: C3 - ret
GameAssembly.dll+1C05BFF: 83 F8 01 - cmp eax,01
GameAssembly.dll+1C05C02: 0F 85 97 00 00 00 - jne GameAssembly.dll+1C05C9F
GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF - mov [rsi+10],FFFFFFFF
GameAssembly.dll+1C05C0F: 48 85 FF - test rdi,rdi
// ---------- INJECTING HERE ----------
GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00 - je GameAssembly.dll+1C05CD1
// ---------- DONE INJECTING ----------
GameAssembly.dll+1C05C18: C6 47 70 00 - mov byte ptr [rdi+70],00
GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01 - mov rax,[GameAssembly.dll+319E8D8]
GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00 - mov rcx,[rax+000000B8]
GameAssembly.dll+1C05C2A: 48 8B 01 - mov rax,[rcx]
GameAssembly.dll+1C05C2D: 48 85 C0 - test rax,rax
GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00 - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C36: 48 8B 40 18 - mov rax,[rax+18]
GameAssembly.dll+1C05C3A: 48 85 C0 - test rax,rax
GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00 - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C43: 48 8B 40 10 - mov rax,[rax+10]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>43981</ID>
<Description>"ghost Is Appeared"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
<LastState Value="0" RealAddress="1F7D9021B00"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>70</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>43982</ID>
<Description>"appear Timer"</Description>
<LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>90</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Re: Phasmophobia
Good day zephirot!zephirot wrote: ↑Fri Jul 16, 2021 6:44 pmHi der_wild!der_wild wrote: ↑Fri Jul 16, 2021 10:18 amHello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT
It's a pleasure.
To answer you, as far as I know, it's only for client, others can't see it.
I don't think we can make it visible to others, at least not with cheat engine, maybe doable with code injection by changing directly the source code.
Maybe it was just a coincidence if they could see it, most probably because of a ghost event or something.
But here's a more recent version for Show Ghost (should always see it with this one)
Code: Select all
<?xml version="1.0" encoding="utf-8"?> <CheatTable> <CheatEntries> <CheatEntry> <ID>43980</ID> <Description>"Show Ghost v2 (no blinking)"</Description> <Options moHideChildren="1"/> <LastState/> <Color>008000</Color> <VariableType>Auto Assembler Script</VariableType> <AssemblerScript>{ Game : Phasmophobia.exe Author : Zephirot Mono : Assembly-CSharp.dll -> GhostAI:Update() } [ENABLE] //aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique alloc(newmem,$1000,SHOWGHOST) alloc(original_SHOWGHOST_bytes,7) registersymbol(original_SHOWGHOST_bytes) label(code) label(return) label(_GhostAI2) registersymbol(_GhostAI2) original_SHOWGHOST_bytes: readmem(SHOWGHOST,7) newmem: code: mov [_GhostAI2],rbx cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01 jmp return _GhostAI2: dq 0 SHOWGHOST: jmp newmem nop 2 return: registersymbol(SHOWGHOST) aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique alloc(newmem2,$1000,GTIMER) label(code2) label(return2) newmem2: code2: //comiss xmm0,xmm6 movss [rbx+00000090],xmm6 jmp return2 GTIMER: jmp newmem2 nop 6 return2: registersymbol(GTIMER) aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique alloc(newmem3,$1000,GJUMP) label(code3) label(return3) newmem3: code3: jne GameAssembly.dll+1C05CD1 //je GameAssembly.dll+1C05CD1 jmp return3 GJUMP: jmp newmem3 nop return3: registersymbol(GJUMP) [DISABLE] SHOWGHOST: //db 80 BF 98 00 00 00 00 readmem(original_SHOWGHOST_bytes,7) unregistersymbol(SHOWGHOST) unregistersymbol(_GhostAI2) unregistersymbol(original_SHOWGHOST_bytes) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB GameAssembly.dll+10E2B92: 74 27 - je GameAssembly.dll+10E2BBB GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01 - mov rax,[GameAssembly.dll+29A4780] GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00 - mov rdx,[rax+000000B8] GameAssembly.dll+10E2BA2: 48 8B 02 - mov rax,[rdx] GameAssembly.dll+10E2BA5: 48 85 C0 - test rax,rax GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00 - je GameAssembly.dll+10E2EAF GameAssembly.dll+10E2BAE: 80 78 69 00 - cmp byte ptr [rax+69],00 GameAssembly.dll+10E2BB2: 75 07 - jne GameAssembly.dll+10E2BBB GameAssembly.dll+10E2BB4: 33 D2 - xor edx,edx GameAssembly.dll+10E2BB6: E8 15 71 67 00 - call ऩजछढजदडछडनज.थणदनडञनझढणच // ---------- INJECTING HERE ---------- GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00 - cmp byte ptr [rbx+00000098],00 // ---------- DONE INJECTING ---------- GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00 - je GameAssembly.dll+10E2D04 GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00 - movss xmm6,[rbx+00000094] GameAssembly.dll+10E2BD0: 33 C9 - xor ecx,ecx GameAssembly.dll+10E2BD2: E8 79 E0 87 FF - call UnityEngine.Time.get_deltaTime GameAssembly.dll+10E2BD7: F3 0F 5C F0 - subss xmm6,xmm0 GameAssembly.dll+10E2BDB: 0F 57 C0 - xorps xmm0,xmm0 GameAssembly.dll+10E2BDE: 0F 2F C6 - comiss xmm0,xmm6 GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00 - movss [rbx+00000094],xmm6 GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00 - jbe GameAssembly.dll+10E2D04 GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01 - movss xmm6,[GameAssembly.dll+211E4B0] } GTIMER: db 0F 2F C6 F3 0F 11 B3 90 00 00 00 unregistersymbol(GTIMER) dealloc(newmem2) { // ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2 GameAssembly.dll+1268898: 33 D2 - xor edx,edx GameAssembly.dll+126889A: E8 51 BA A2 00 - call ठदञनडचछनऩनठ.णणथछचणझडजनध SHOWGHOST: E9 5C 77 54 02 - jmp 7FFC0EDD0000 GameAssembly.dll+12688A4: 66 90 - nop 2 GameAssembly.dll+12688A6: 0F 84 96 00 00 00 - je GameAssembly.dll+1268942 GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00 - movss xmm6,[rbx+00000090] GameAssembly.dll+12688B4: 33 C9 - xor ecx,ecx GameAssembly.dll+12688B6: E8 F5 FA 7C FF - call UnityEngine.Time.get_deltaTime GameAssembly.dll+12688BB: F3 0F 5C F0 - subss xmm6,xmm0 GameAssembly.dll+12688BF: 0F 57 C0 - xorps xmm0,xmm0 // ---------- INJECTING HERE ---------- GameAssembly.dll+12688C2: 0F 2F C6 - comiss xmm0,xmm6 // ---------- DONE INJECTING ---------- GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00 - movss [rbx+00000090],xmm6 GameAssembly.dll+12688CD: 76 73 - jna GameAssembly.dll+1268942 GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01 - movss xmm6,[GameAssembly.dll+27E51C0] GameAssembly.dll+12688D7: 45 33 C0 - xor r8d,r8d GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01 - movss xmm0,[GameAssembly.dll+2D597F0] GameAssembly.dll+12688E2: 0F 28 CE - movaps xmm1,xmm6 GameAssembly.dll+12688E5: E8 C6 1C 77 FF - call UnityEngine.Random.Range GameAssembly.dll+12688EA: 45 33 C0 - xor r8d,r8d GameAssembly.dll+12688ED: 0F 28 C8 - movaps xmm1,xmm0 GameAssembly.dll+12688F0: 48 8B CB - mov rcx,rbx } GJUMP: db 0F 84 B9 00 00 00 unregistersymbol(GJUMP) dealloc(newmem3) { // ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12 GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00 - mov [rsi+10],00000001 GameAssembly.dll+1C05BEF: 48 8B 5C 24 40 - mov rbx,[rsp+40] GameAssembly.dll+1C05BF4: 48 8B 74 24 48 - mov rsi,[rsp+48] GameAssembly.dll+1C05BF9: 48 83 C4 30 - add rsp,30 GameAssembly.dll+1C05BFD: 5F - pop rdi GameAssembly.dll+1C05BFE: C3 - ret GameAssembly.dll+1C05BFF: 83 F8 01 - cmp eax,01 GameAssembly.dll+1C05C02: 0F 85 97 00 00 00 - jne GameAssembly.dll+1C05C9F GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF - mov [rsi+10],FFFFFFFF GameAssembly.dll+1C05C0F: 48 85 FF - test rdi,rdi // ---------- INJECTING HERE ---------- GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00 - je GameAssembly.dll+1C05CD1 // ---------- DONE INJECTING ---------- GameAssembly.dll+1C05C18: C6 47 70 00 - mov byte ptr [rdi+70],00 GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01 - mov rax,[GameAssembly.dll+319E8D8] GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00 - mov rcx,[rax+000000B8] GameAssembly.dll+1C05C2A: 48 8B 01 - mov rax,[rcx] GameAssembly.dll+1C05C2D: 48 85 C0 - test rax,rax GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00 - je GameAssembly.dll+1C05CD1 GameAssembly.dll+1C05C36: 48 8B 40 18 - mov rax,[rax+18] GameAssembly.dll+1C05C3A: 48 85 C0 - test rax,rax GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00 - je GameAssembly.dll+1C05CD1 GameAssembly.dll+1C05C43: 48 8B 40 10 - mov rax,[rax+10] } </AssemblerScript> <CheatEntries> <CheatEntry> <ID>43981</ID> <Description>"ghost Is Appeared"</Description> <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO 1:YES </DropDownList> <LastState Value="0" RealAddress="1F7D9021B00"/> <ShowAsSigned>0</ShowAsSigned> <VariableType>4 Bytes</VariableType> <Address>_GhostAI2</Address> <Offsets> <Offset>70</Offset> </Offsets> <CheatEntries> <CheatEntry> <ID>43982</ID> <Description>"appear Timer"</Description> <LastState Value="1.14349854" RealAddress="1F7D9021B20"/> <ShowAsSigned>0</ShowAsSigned> <VariableType>Float</VariableType> <Address>_GhostAI2</Address> <Offsets> <Offset>90</Offset> </Offsets> </CheatEntry> </CheatEntries> </CheatEntry> </CheatEntries> </CheatEntry> </CheatEntries> </CheatTable>
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)
[Link]
P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?
Re: Phasmophobia
Hello againder_wild wrote: ↑Sat Jul 17, 2021 5:07 pm
Good day zephirot!
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)
[Link]
P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?
Oh yes it's because you have to copy and paste directly in cheat engine, not to paste in a script.
Just do select all, copy, move to cheat engine window and Ctrl-V
It will add the script + children below it.
If you want to paste in a script, just remove this part for the top
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>43980</ID>
<Description>"Show Ghost v2 (no blinking)"</Description>
<Options moHideChildren="1"/>
<LastState/>
<Color>008000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>
Code: Select all
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>43981</ID>
<Description>"ghost Is Appeared"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
<LastState Value="0" RealAddress="1F7D9021B00"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>70</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>43982</ID>
<Description>"appear Timer"</Description>
<LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>90</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Re: Phasmophobia
zephirot wrote: ↑Sun Jul 18, 2021 11:12 amHello againder_wild wrote: ↑Sat Jul 17, 2021 5:07 pm
Good day zephirot!
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)
[Link]
P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?
Oh yes it's because you have to copy and paste directly in cheat engine, not to paste in a script.
Just do select all, copy, move to cheat engine window and Ctrl-V
It will add the script + children below it.
If you want to paste in a script, just remove this part for the topand this part for the bottomCode: Select all
<?xml version="1.0" encoding="utf-8"?> <CheatTable> <CheatEntries> <CheatEntry> <ID>43980</ID> <Description>"Show Ghost v2 (no blinking)"</Description> <Options moHideChildren="1"/> <LastState/> <Color>008000</Color> <VariableType>Auto Assembler Script</VariableType> <AssemblerScript>
But you won't have the 2 children ("ghost Is Appeared" and "appear Timer"), even if it's not really necessary, mostly for debugging/updating etc...Code: Select all
</AssemblerScript> <CheatEntries> <CheatEntry> <ID>43981</ID> <Description>"ghost Is Appeared"</Description> <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO 1:YES </DropDownList> <LastState Value="0" RealAddress="1F7D9021B00"/> <ShowAsSigned>0</ShowAsSigned> <VariableType>4 Bytes</VariableType> <Address>_GhostAI2</Address> <Offsets> <Offset>70</Offset> </Offsets> <CheatEntries> <CheatEntry> <ID>43982</ID> <Description>"appear Timer"</Description> <LastState Value="1.14349854" RealAddress="1F7D9021B20"/> <ShowAsSigned>0</ShowAsSigned> <VariableType>Float</VariableType> <Address>_GhostAI2</Address> <Offsets> <Offset>90</Offset> </Offsets> </CheatEntry> </CheatEntries> </CheatEntry> </CheatEntries> </CheatEntry> </CheatEntries> </CheatTable>
hello, Thanks for the explanation on how to add the script correctly. But everything worked on a fresh version until recently. probably there was some kind of update for the game, as the new version of the script for "SHOW GHOST" crashed the game((( But the old version is fine.
Re: Phasmophobia
Hi! Indeed there was an update and one part of the script had an issue with an address.der_wild wrote: ↑Thu Jul 22, 2021 6:49 pmhello, Thanks for the explanation on how to add the script correctly. But everything worked on a fresh version until recently. probably there was some kind of update for the game, as the new version of the script for "SHOW GHOST" crashed the game((( But the old version is fine.
This version should work.
Maybe it will be stable between updates, will keep an eye on the last part!
Enjoy
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>43980</ID>
<Description>"Show Ghost v2 (no blinking)"</Description>
<Options moHideChildren="1"/>
<LastState/>
<Color>008000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Phasmophobia.exe
Author : Zephirot
Mono : Assembly-CSharp.dll -> GhostAI:Update()
}
[ENABLE]
//aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
alloc(newmem,$1000,SHOWGHOST)
alloc(original_SHOWGHOST_bytes,7)
registersymbol(original_SHOWGHOST_bytes)
label(code)
label(return)
label(_GhostAI2)
registersymbol(_GhostAI2)
original_SHOWGHOST_bytes:
readmem(SHOWGHOST,7)
newmem:
code:
mov [_GhostAI2],rbx
cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01
jmp return
_GhostAI2:
dq 0
SHOWGHOST:
jmp newmem
nop 2
return:
registersymbol(SHOWGHOST)
aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique
alloc(newmem2,$1000,GTIMER)
label(code2)
label(return2)
newmem2:
code2:
//comiss xmm0,xmm6
movss [rbx+00000090],xmm6
jmp return2
GTIMER:
jmp newmem2
nop 6
return2:
registersymbol(GTIMER)
// XXXXXXXXX.MoveNext
aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique
alloc(newmem3,$1000,GJUMP)
label(code3)
label(return3)
newmem3:
code3:
//jne GameAssembly.dll+1C05CD1 // je GameAssembly.dll+1C05CD1
//db 0F 85 B9 00 00 00 // db 0F 84 B9 00 00 00
jne GJUMP+BF
jmp return3
GJUMP:
jmp newmem3
nop
return3:
registersymbol(GJUMP)
[DISABLE]
SHOWGHOST:
//db 80 BF 98 00 00 00 00
readmem(original_SHOWGHOST_bytes,7)
unregistersymbol(SHOWGHOST)
unregistersymbol(_GhostAI2)
unregistersymbol(original_SHOWGHOST_bytes)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B92: 74 27 - je GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01 - mov rax,[GameAssembly.dll+29A4780]
GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00 - mov rdx,[rax+000000B8]
GameAssembly.dll+10E2BA2: 48 8B 02 - mov rax,[rdx]
GameAssembly.dll+10E2BA5: 48 85 C0 - test rax,rax
GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00 - je GameAssembly.dll+10E2EAF
GameAssembly.dll+10E2BAE: 80 78 69 00 - cmp byte ptr [rax+69],00
GameAssembly.dll+10E2BB2: 75 07 - jne GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2BB4: 33 D2 - xor edx,edx
GameAssembly.dll+10E2BB6: E8 15 71 67 00 - call ऩजछढजदडछडनज.थणदनडञनझढणच
// ---------- INJECTING HERE ----------
GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00 - cmp byte ptr [rbx+00000098],00
// ---------- DONE INJECTING ----------
GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00 - je GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00 - movss xmm6,[rbx+00000094]
GameAssembly.dll+10E2BD0: 33 C9 - xor ecx,ecx
GameAssembly.dll+10E2BD2: E8 79 E0 87 FF - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+10E2BD7: F3 0F 5C F0 - subss xmm6,xmm0
GameAssembly.dll+10E2BDB: 0F 57 C0 - xorps xmm0,xmm0
GameAssembly.dll+10E2BDE: 0F 2F C6 - comiss xmm0,xmm6
GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00 - movss [rbx+00000094],xmm6
GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00 - jbe GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01 - movss xmm6,[GameAssembly.dll+211E4B0]
}
GTIMER:
db 0F 2F C6 F3 0F 11 B3 90 00 00 00
unregistersymbol(GTIMER)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2
GameAssembly.dll+1268898: 33 D2 - xor edx,edx
GameAssembly.dll+126889A: E8 51 BA A2 00 - call ठदञनडचछनऩनठ.णणथछचणझडजनध
SHOWGHOST: E9 5C 77 54 02 - jmp 7FFC0EDD0000
GameAssembly.dll+12688A4: 66 90 - nop 2
GameAssembly.dll+12688A6: 0F 84 96 00 00 00 - je GameAssembly.dll+1268942
GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00 - movss xmm6,[rbx+00000090]
GameAssembly.dll+12688B4: 33 C9 - xor ecx,ecx
GameAssembly.dll+12688B6: E8 F5 FA 7C FF - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+12688BB: F3 0F 5C F0 - subss xmm6,xmm0
GameAssembly.dll+12688BF: 0F 57 C0 - xorps xmm0,xmm0
// ---------- INJECTING HERE ----------
GameAssembly.dll+12688C2: 0F 2F C6 - comiss xmm0,xmm6
// ---------- DONE INJECTING ----------
GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00 - movss [rbx+00000090],xmm6
GameAssembly.dll+12688CD: 76 73 - jna GameAssembly.dll+1268942
GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01 - movss xmm6,[GameAssembly.dll+27E51C0]
GameAssembly.dll+12688D7: 45 33 C0 - xor r8d,r8d
GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01 - movss xmm0,[GameAssembly.dll+2D597F0]
GameAssembly.dll+12688E2: 0F 28 CE - movaps xmm1,xmm6
GameAssembly.dll+12688E5: E8 C6 1C 77 FF - call UnityEngine.Random.Range
GameAssembly.dll+12688EA: 45 33 C0 - xor r8d,r8d
GameAssembly.dll+12688ED: 0F 28 C8 - movaps xmm1,xmm0
GameAssembly.dll+12688F0: 48 8B CB - mov rcx,rbx
}
GJUMP:
db 0F 84 B9 00 00 00
unregistersymbol(GJUMP)
dealloc(newmem3)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12
GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00 - mov [rsi+10],00000001
GameAssembly.dll+1C05BEF: 48 8B 5C 24 40 - mov rbx,[rsp+40]
GameAssembly.dll+1C05BF4: 48 8B 74 24 48 - mov rsi,[rsp+48]
GameAssembly.dll+1C05BF9: 48 83 C4 30 - add rsp,30
GameAssembly.dll+1C05BFD: 5F - pop rdi
GameAssembly.dll+1C05BFE: C3 - ret
GameAssembly.dll+1C05BFF: 83 F8 01 - cmp eax,01
GameAssembly.dll+1C05C02: 0F 85 97 00 00 00 - jne GameAssembly.dll+1C05C9F
GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF - mov [rsi+10],FFFFFFFF
GameAssembly.dll+1C05C0F: 48 85 FF - test rdi,rdi
// ---------- INJECTING HERE ----------
GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00 - je GameAssembly.dll+1C05CD1
// ---------- DONE INJECTING ----------
GameAssembly.dll+1C05C18: C6 47 70 00 - mov byte ptr [rdi+70],00
GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01 - mov rax,[GameAssembly.dll+319E8D8]
GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00 - mov rcx,[rax+000000B8]
GameAssembly.dll+1C05C2A: 48 8B 01 - mov rax,[rcx]
GameAssembly.dll+1C05C2D: 48 85 C0 - test rax,rax
GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00 - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C36: 48 8B 40 18 - mov rax,[rax+18]
GameAssembly.dll+1C05C3A: 48 85 C0 - test rax,rax
GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00 - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C43: 48 8B 40 10 - mov rax,[rax+10]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>43981</ID>
<Description>"ghost Is Appeared"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
<LastState Value="0" RealAddress="1DF605A5210"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>70</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>43982</ID>
<Description>"appear Timer"</Description>
<LastState Value="0.6719926596" RealAddress="1DF605A5230"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>_GhostAI2</Address>
<Offsets>
<Offset>90</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Who is online
Users browsing this forum: draklen2, jkl88, SemrushBot, xalgo