Page 6 of 9
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 5:59 pm
by KS212
Ah yes, the Shrine does give a costume pretty much almost all the time if you drop 100k. If you drop 99k, it gives the other gear pieces.
Just note that there seems to be diminishing returns after a while. I sat there for some hours dropping about 50 mil coins in... it eventually started giving only Augments.
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 6:03 pm
by WaluigIsHere
Mordino wrote: ↑Thu Apr 25, 2019 5:49 pm
Anfraxx wrote: ↑Thu Apr 25, 2019 5:42 pm
For this they are a general cost of 5k aren't they?
Do you just search 5000 and then work through in bulk?
Yes, just like tutorial in previous pages told me. I think that the values you have to leave are the ones starting from 4. To be safe, just select all values starting from 4, and change them. Pretty sure they are the ones you need(thanks for this advice to a Stalker4589 guy from pages before).
WaluigIsHere wrote: ↑Thu Apr 25, 2019 5:24 pm
Have you succeeded to hack the Kronika respawn stuff to get coins ?
Didn't try. Have enough coins from the kronika's chest.
Oh, right. DO NOT FORGET TO CHANGE VALUES BACK AS THEY WERE(after testing them).
The values aren't getting back to normal after reseting the game ? What's the downsides of not changing them back ?
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 6:05 pm
by Anfraxx
Mordino wrote: ↑Thu Apr 25, 2019 5:49 pm
Anfraxx wrote: ↑Thu Apr 25, 2019 5:42 pm
For this they are a general cost of 5k aren't they?
Do you just search 5000 and then work through in bulk?
Yes, just like tutorial in previous pages told me. I think that the values you have to leave are the ones starting from 4. To be safe, just select all values starting from 4, and change them. Pretty sure they are the ones you need(thanks for this advice to a Stalker4589 guy from pages before).
WaluigIsHere wrote: ↑Thu Apr 25, 2019 5:24 pm
Have you succeeded to hack the Kronika respawn stuff to get coins ?
Didn't try. Have enough coins from the kronika's chest.
Oh, right. DO NOT FORGET TO CHANGE VALUES BACK AS THEY WERE(after testing them).
I need to find a Kronika chest I think, Would you say search for a change to 1 koin then change it to negative?
Which guide are we talking about on what page there are a few now haha.
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 6:32 pm
by Mordino
WaluigIsHere wrote: ↑Thu Apr 25, 2019 6:03 pm
The values aren't getting back to normal after reseting the game ? What's the downsides of not changing them back ?
Not all of them, afaik. Well, I read about game crashing and all that. Don't know anything more.
Anfraxx wrote: ↑Thu Apr 25, 2019 6:05 pm
I need to find a Kronika chest I think, Would you say search for a change to 1 koin then change it to negative?
Which guide are we talking about on what page there are a few now haha.
Pages 2 and 3 are the juicy ones. :p Yeah, pick something like 100 results, change them, check, change them back to 5000 or whatever, delete them, check next batch. When you find that 1 value, you change it to -9999999 or whatever. It will change to another number in CE, don't mind it. Just look away from the chest and check it again it will be minus.
UPD: Finally hacked hearts without crashing system. 2B9DAFE8 was the adress. I don't know if it will help in any way. :]
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 6:34 pm
by Lashley
Possible to edit easy fatality tokens?
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 7:47 pm
by Anfraxx
Koin one for me with the Kronika chest was AE645210
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 8:07 pm
by andawra
KS212 wrote: ↑Thu Apr 25, 2019 5:59 pm
Ah yes, the Shrine does give a costume pretty much almost all the time if you drop 100k. If you drop 99k, it gives the other gear pieces.
Just note that there seems to be diminishing returns after a while. I sat there for some hours dropping about 50 mil coins in... it eventually started giving only Augments.
Yea because there is no such thing as duplicate costumes, so instead of a costume that you already own it gives you an augment for that character.
Anyone got a handle on changing coordinates in the krypt yet? Don't need to do all kinds of grinds to get past walls and doors if you can just teleport through them.
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 9:23 pm
by WaluigIsHere
Do you think that there's multiple Kronika's chest everyday at random locations ?
I hope it wasn't unique
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 9:36 pm
by Anfraxx
WaluigIsHere wrote: ↑Thu Apr 25, 2019 9:23 pm
Do you think that there's multiple Kronika's chest everyday at random locations ?
I hope it wasn't unique
I've found 4 so far and 3 of them all this evening.
Re: Mortal Kombat 11
Posted: Thu Apr 25, 2019 10:55 pm
by WaluigIsHere
Finally succeeded to get them all, I'm pretty proud since I'm a newbie.
Let's wait for our ban friends.
Re: Mortal Kombat 11
Posted: Fri Apr 26, 2019 12:49 am
by SunBeam
Meanwhile, LOL:
Re: Mortal Kombat 11
Posted: Fri Apr 26, 2019 1:38 am
by WaluigIsHere
SunBeam wrote: ↑Fri Apr 26, 2019 12:49 am
Meanwhile, LOL:
HAHAHAHHAHAHAHAHHAHAHAAHAHAHAHHAHAH WHAT THE FUCK
Re: Mortal Kombat 11
Posted: Fri Apr 26, 2019 2:32 am
by TimFun13
Here's a Krypt unlocker, it just makes the Koin Chests cost 1.
Code: Select all
{
Process : MK11.exe - (x64)
Module : MK11.exe
Game Title : MK11
Game Version : 1.0.0.0
CE Version : 6.83
Script Version : 0.0.1
Date : 04/25/19
Author : ShyTwig16
Name : KryptChestReadHook
Krypt Chest Read Hook
}
{$STRICT}
define(address, MK11.exe+8E87480)
define(bytes, 8B 96 88 04 00 00)
////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobKryptChestReadHook, MK11.exe, 48xxxxFFxx8Bxxxxxxxxxx8Bxxxxxxxxxx8Bxxxxxxxxxx41xxxxxx75)
define(injKryptChestReadHook, aobKryptChestReadHook+5)
assert(injKryptChestReadHook, bytes)
registerSymbol(injKryptChestReadHook)
alloc(memKryptChestReadHook, 0x400, injKryptChestReadHook)
label(intKryptChestReadHook)
registerSymbol(intKryptChestReadHook)
label(ptrKryptChestReadHook)
registerSymbol(ptrKryptChestReadHook)
label(n_code)
label(o_code)
label(exit)
label(return)
memKryptChestReadHook:
intKryptChestReadHook:
dd (int)1
align 10
ptrKryptChestReadHook:
dq 0
align 10 CC
n_code:
mov [ptrKryptChestReadHook],rsi
mov edx,[intKryptChestReadHook]
mov [rsi+488],edx
o_code:
// mov edx,[rsi+00000488]
exit:
jmp return
////
//// ---------- Injection Point ----------
injKryptChestReadHook:
jmp n_code
nop
return:
////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injKryptChestReadHook:
db bytes
unregisterSymbol(injKryptChestReadHook)
unregisterSymbol(intKryptChestReadHook)
unregisterSymbol(ptrKryptChestReadHook)
dealloc(memKryptChestReadHook)
{
//// Injection Point: MK11.exe+8E87480 - 0000000148E87480
//// AOB address: 0000000148E8747B - MK11.exe+8E8747B
//// Process: MK11.exe - 0000000140000000
//// Module: MK11.exe - 0000000140000000
//// Module Size: 0000000017EBE000
MK11.exe+8E87439: C1 E8 0F - shr eax,0F
MK11.exe+8E8743C: F6 D0 - not al
MK11.exe+8E8743E: 24 01 - and al,01
MK11.exe+8E87440: 48 8B 5C 24 30 - mov rbx,[rsp+30]
MK11.exe+8E87445: 48 8B 74 24 38 - mov rsi,[rsp+38]
MK11.exe+8E8744A: 48 83 C4 20 - add rsp,20
MK11.exe+8E8744E: 5F - pop rdi
MK11.exe+8E8744F: C3 - ret
MK11.exe+8E87450: 48 89 F1 - mov rcx,rsi
MK11.exe+8E87453: E8 383C96F7 - call 1407EB090
MK11.exe+8E87458: 41 89 C0 - mov r8d,eax
MK11.exe+8E8745B: FF C8 - dec eax
MK11.exe+8E8745D: 83 F8 16 - cmp eax,16
MK11.exe+8E87460: 77 1E - ja 148E87480
MK11.exe+8E87462: 48 63 C8 - movsxd rcx,eax
MK11.exe+8E87465: 48 8D 05 948B17F7 - lea rax,[140000000] [00905A4D]
MK11.exe+8E8746C: 0FB6 8C 08 4CBE7E00 - movzx ecx,byte ptr [rax+rcx+007EBE4C]
MK11.exe+8E87474: 8B 94 88 44BE7E00 - mov edx,[rax+rcx*4+007EBE44]
MK11.exe+8E8747B: 48 01 C2 - add rdx,rax <<<--- AOB Starts Here
MK11.exe+8E8747E: FF E2 - jmp rdx
//// INJECTING START ----------------------------------------------------------
MK11.exe+8E87480: 8B 96 88040000 - mov edx,[rsi+00000488]
//// INJECTING END ----------------------------------------------------------
MK11.exe+8E87486: 8B 8E B8040000 - mov ecx,[rsi+000004B8]
MK11.exe+8E8748C: 8B 86 E8040000 - mov eax,[rsi+000004E8]
MK11.exe+8E87492: 41 83 F8 0C - cmp r8d,0C
MK11.exe+8E87496: 75 3C - jne 148E874D4
MK11.exe+8E87498: 85 C9 - test ecx,ecx
MK11.exe+8E8749A: 7E 1A - jle 148E874B6
MK11.exe+8E8749C: C7 07 02000000 - mov [rdi],00000002
MK11.exe+8E874A2: B0 01 - mov al,01
MK11.exe+8E874A4: 89 0B - mov [rbx],ecx
MK11.exe+8E874A6: 48 8B 5C 24 30 - mov rbx,[rsp+30]
MK11.exe+8E874AB: 48 8B 74 24 38 - mov rsi,[rsp+38]
MK11.exe+8E874B0: 48 83 C4 20 - add rsp,20
MK11.exe+8E874B4: 5F - pop rdi
MK11.exe+8E874B5: C3 - ret
MK11.exe+8E874B6: 85 C0 - test eax,eax
MK11.exe+8E874B8: 7E 24 - jle 148E874DE
MK11.exe+8E874BA: C7 07 03000000 - mov [rdi],00000003
MK11.exe+8E874C0: 89 03 - mov [rbx],eax
MK11.exe+8E874C2: B0 01 - mov al,01
MK11.exe+8E874C4: 48 8B 5C 24 30 - mov rbx,[rsp+30]
//// Template: I2CEA_AOBFullInjection
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}
Re: Mortal Kombat 11
Posted: Fri Apr 26, 2019 2:42 am
by SunBeam
And the reveal:
According to my search, there are 437 UObjects of type "Krypt_STI_CY_Design.MK11KryptStaticActor.MK11KryptComponent0". Imagine now for a moment that you were to write an iterator that'd retrieve all such UObjects, then check if the chests have a certain object id, then filter those 437 so you get all chests in the map. And then instantly set all amounts to 1. In 1 run of a function
Just imagine...
@
Tim: Be kind and do a "find out what accesses this" and check this out:
Code: Select all
MK11.exe+8E5DD0F - F7 83 D0000000 00000200 - test [rbx+000000D0],20000 { ("Actx ") }
MK11.exe+8E5DD19 - 0F85 37050000 - jne MK11.exe+8E5E256
MK11.exe+8E5DD1F - 83 BB 28040000 FF - cmp dword ptr [rbx+00000428],-01 { 255 } // ??
MK11.exe+8E5DD26 - 74 30 - je MK11.exe+8E5DD58
MK11.exe+8E5DD28 - 83 BB 58040000 FF - cmp dword ptr [rbx+00000458],-01 { 255 } // ??
MK11.exe+8E5DD2F - 74 27 - je MK11.exe+8E5DD58
MK11.exe+8E5DD31 - 83 BB 88040000 00 - cmp dword ptr [rbx+00000488],00 { 0 } // Koins
MK11.exe+8E5DD38 - 0F85 18050000 - jne MK11.exe+8E5E256
MK11.exe+8E5DD3E - 83 BB B8040000 00 - cmp dword ptr [rbx+000004B8],00 { 0 } // Ermac Skulls
MK11.exe+8E5DD45 - 0F85 0B050000 - jne MK11.exe+8E5E256
MK11.exe+8E5DD4B - 83 BB E8040000 00 - cmp dword ptr [rbx+000004E8],00 { 0 } // ??
MK11.exe+8E5DD52 - 0F85 FE040000 - jne MK11.exe+8E5E256
Playing with 0x428 and 0x458 setting them to -1 will decrease the coin price for the loot chest
You can do even lower than -1; I think past that the engine won't bother updating the value anymore.
BR,
Sun
Re: Mortal Kombat 11
Posted: Fri Apr 26, 2019 2:51 am
by TimFun13
SunBeam wrote: ↑Fri Apr 26, 2019 12:49 am
...
does being little make you harder to hit, or is the hitbox still the same? It's still awesomely hilarious either way.
And here's a "Freeze round timer".
Code: Select all
{
Process : MK11.exe - (x64)
Module : MK11.exe
Game Title : MK11
Game Version : 1.0.0.0
CE Version : 6.83
Script Version : 0.0.1
Date : 04/25/19
Author : ShyTwig16
Name : RoundTimerWrtHook
Round Timer Wrt Hook
}
{$STRICT}
define(address, MK11.exe+78C3E70)
define(bytes, 89 91 48 07 00 00)
////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobRoundTimerWrtHook, MK11.exe, 899148070000C381xxxxxxxxxx5xF7xxxx41)
define(injRoundTimerWrtHook, aobRoundTimerWrtHook)
assert(injRoundTimerWrtHook, bytes)
registerSymbol(injRoundTimerWrtHook)
alloc(memRoundTimerWrtHook, 0x400, injRoundTimerWrtHook)
label(ptrRoundTimerWrtHook)
registerSymbol(ptrRoundTimerWrtHook)
label(n_code)
label(o_code)
label(exit)
label(return)
memRoundTimerWrtHook:
ptrRoundTimerWrtHook:
dq 0
align 10 CC
n_code:
pushfq
mov [ptrRoundTimerWrtHook],rcx
cmp [rcx+748],edx
jl o_code
mov edx,[rcx+748]
o_code:
mov [rcx+00000748],edx
exit:
popfq
jmp return
////
//// ---------- Injection Point ----------
injRoundTimerWrtHook:
jmp n_code
nop
return:
////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injRoundTimerWrtHook:
db bytes
unregisterSymbol(injRoundTimerWrtHook)
unregisterSymbol(ptrRoundTimerWrtHook)
dealloc(memRoundTimerWrtHook)
{
//// Injection Point: MK11.exe+78C3E70 - 00000001478C3E70
//// AOB address: 00000001478C3E70 - MK11.exe+78C3E70
//// Process: MK11.exe - 0000000140000000
//// Module: MK11.exe - 0000000140000000
//// Module Size: 0000000017EBE000
MK11.exe+78C3E26: 48 87 04 24 - xchg [rsp],rax
MK11.exe+78C3E2A: 48 0F44 0D 3EF4CBFB - cmove rcx,[143583270] [00000000]
MK11.exe+78C3E32: C3 - ret
MK11.exe+78C3E33: A9 2E369DE9 - test eax,E99D362E [00000000]
MK11.exe+78C3E38: AF - scasd
MK11.exe+78C3E39: 40 76 0C - jna 1478C3E48
MK11.exe+78C3E3C: 3D 4C8B0424 - cmp eax,24048B4C [00000000]
MK11.exe+78C3E41: 48 89 0C 24 - mov [rsp],rcx
MK11.exe+78C3E45: 41 57 - push r15
MK11.exe+78C3E47: 48 C7 C1 FFFFFFFF - mov rcx,FFFFFFFF [00000000]
MK11.exe+78C3E4E: 48 C1 E1 20 - shl rcx,20
MK11.exe+78C3E52: 41 BF FFFFFFFF - mov r15d,FFFFFFFF [00000000]
MK11.exe+78C3E58: 4C 31 F9 - xor rcx,r15
MK11.exe+78C3E5B: 41 5F - pop r15
MK11.exe+78C3E5D: 4C 29 C1 - sub rcx,r8
MK11.exe+78C3E60: 49 87 C8 - xchg r8,rcx
MK11.exe+78C3E61: 87 C8 - xchg eax,ecx
MK11.exe+78C3E62: C8 488D 0D - enter 8D48,0D
MK11.exe+78C3E66: 58 - pop rax
MK11.exe+78C3E67: A1 7A0DFFE1290F1F00 - mov eax,[1F0F29E1FF0D7A]
//// INJECTING START ----------------------------------------------------------
MK11.exe+78C3E70: 89 91 48070000 - mov [rcx+00000748],edx <<<--- AOB Starts Here
//// INJECTING END ----------------------------------------------------------
MK11.exe+78C3E76: C3 - ret
MK11.exe+78C3E77: 81 E6 1B9D1732 - and esi,32179D1B [00000000]
MK11.exe+78C3E7D: 5D - pop rbp
MK11.exe+78C3E7E: F7 14 24 - not [rsp]
MK11.exe+78C3E81: 41 51 - push r9
MK11.exe+78C3E83: 44 8B 4C 24 08 - mov r9d,[rsp+08]
MK11.exe+78C3E88: 81 DE F463CF63 - sbb esi,63CF63F4 [00000000]
MK11.exe+78C3E8E: 48 83 C4 F8 - add rsp,-08
MK11.exe+78C3E92: 48 89 04 24 - mov [rsp],rax
MK11.exe+78C3E96: 41 54 - push r12
MK11.exe+78C3E98: 41 51 - push r9
MK11.exe+78C3E9A: 41 BC 4EE295B4 - mov r12d,B495E24E [010A5C68]
MK11.exe+78C3EA0: 41 B9 BAFED047 - mov r9d,47D0FEBA [EEEF91C8]
MK11.exe+78C3EA6: 45 01 E1 - add r9d,r12d
MK11.exe+78C3EA9: 45 89 CC - mov r12d,r9d
MK11.exe+78C3EAC: B8 5E010372 - mov eax,7203015E [00040010]
MK11.exe+78C3EB1: 41 81 F4 D46C45F8 - xor r12d,F8456CD4 [00000000]
MK11.exe+78C3EB8: 44 0FAC E0 0A - shrd eax,r12d,0A
MK11.exe+78C3EBD: 44 0FA4 E0 03 - shld eax,r12d,03
MK11.exe+78C3EC2: 41 C1 EC 10 - shr r12d,10
//// Template: I2CEA_AOBFullInjection
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}