Page 1 of 1

[Request] Dungeons of Edera

Posted: Sat Sep 12, 2020 6:23 pm
by Woulya
Game Name: Dungeons of Edera
Game Engine: Unreal Engine 4
Game Version: 0.8.4 or newer
Options Required: unlimited life, mana, endurance, gold, damage multiplier
Steam Website:
Other Info:

Trying to make a table, stuck on silly stuff because everything seems global.


Found out :
- Endurance = 110 (float) or (4byte : 1121714176)
- Mana = 60 (float) or (4byte : 1114636288)
-Life = didnt search on float yet (4byte : 1065353216)

Here is the AOB scan you'll get for endurance, Mana or Life (that's why I'm saying it's global) :

Code: Select all

{ Game   : DoE-Win64-Shipping.exe
  Version: 
  Date   : 2020-09-12
  Author : PC

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,VCRUNTIME140.dll,89 08 C3 0F 1F 00) // should be unique
alloc(newmem,$1000,"VCRUNTIME140.dll"+13BA)

label(code)
label(return)

newmem:

code:
  mov [rax],ecx
  ret 
  nop dword ptr [rax]
  jmp return

INJECT:
  jmp newmem
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db 89 08 C3 0F 1F 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "VCRUNTIME140.dll"+13BA

"VCRUNTIME140.dll"+139D: C3                             -  ret 
"VCRUNTIME140.dll"+139E: 66 90                          -  nop 2
"VCRUNTIME140.dll"+13A0: 4C 8B 02                       -  mov r8,[rdx]
"VCRUNTIME140.dll"+13A3: 0F B7 4A 08                    -  movzx ecx,word ptr [rdx+08]
"VCRUNTIME140.dll"+13A7: 44 0F B6 4A 0A                 -  movzx r9d,byte ptr [rdx+0A]
"VCRUNTIME140.dll"+13AC: 4C 89 00                       -  mov [rax],r8
"VCRUNTIME140.dll"+13AF: 66 89 48 08                    -  mov [rax+08],cx
"VCRUNTIME140.dll"+13B3: 44 88 48 0A                    -  mov [rax+0A],r9l
"VCRUNTIME140.dll"+13B7: C3                             -  ret 
"VCRUNTIME140.dll"+13B8: 8B 0A                          -  mov ecx,[rdx]
// ---------- INJECTING HERE ----------
"VCRUNTIME140.dll"+13BA: 89 08                          -  mov [rax],ecx
"VCRUNTIME140.dll"+13BC: C3                             -  ret 
"VCRUNTIME140.dll"+13BD: 0F 1F 00                       -  nop dword ptr [rax]
// ---------- DONE INJECTING  ----------
"VCRUNTIME140.dll"+13C0: 8B 0A                          -  mov ecx,[rdx]
"VCRUNTIME140.dll"+13C2: 44 0F B6 42 04                 -  movzx r8d,byte ptr [rdx+04]
"VCRUNTIME140.dll"+13C7: 89 08                          -  mov [rax],ecx
"VCRUNTIME140.dll"+13C9: 44 88 40 04                    -  mov [rax+04],r8l
"VCRUNTIME140.dll"+13CD: C3                             -  ret 
"VCRUNTIME140.dll"+13CE: 66 90                          -  nop 2
"VCRUNTIME140.dll"+13D0: 8B 0A                          -  mov ecx,[rdx]
"VCRUNTIME140.dll"+13D2: 44 0F B7 42 04                 -  movzx r8d,word ptr [rdx+04]
"VCRUNTIME140.dll"+13D7: 89 08                          -  mov [rax],ecx
"VCRUNTIME140.dll"+13D9: 66 44 89 40 04                 -  mov [rax+04],r8w
}
I also tried to find pointers, stuck again. I don't really know UE Engine :'(
Hope everything could be useful for help !

Cheers

Re: [Request] Dungeons of Edera

Posted: Mon Sep 14, 2020 3:07 am
by HakariTenrai
Did you have any luck locking the stamina or health? I have tried searching "all" for "unknown value" - and then swinging my weapons a few times, and doing a search for "decreased value", then when the stamina refills, I search for "increased value" - I can usually get it down to around three to four codes - and I can lock them... my stamina will not go down... but the moment I either go into or come out of a dungeon, the game crashes. I don't know anything about pointers, or AOB scans... I'm a complete novice at using cheat engine - if anyone could explain I'd be grateful.

Re: [Request] Dungeons of Edera

Posted: Mon Sep 14, 2020 1:07 pm
by Woulya
Hi,

I have been able to lock values, but since it's just the dynamic address, it's gonna change when you go into a dungeon (so have to do it again, and it's boring lol)

Re: [Request] Dungeons of Edera

Posted: Wed Sep 16, 2020 3:09 am
by HakariTenrai
Woulya wrote:
Mon Sep 14, 2020 1:07 pm
Hi,

I have been able to lock values, but since it's just the dynamic address, it's gonna change when you go into a dungeon (so have to do it again, and it's boring lol)
By any chance, did you figure out how to change (add) experience? With my limited knowledge, I have only been able to narrow xp down to as few as 32 possible addresses - however, right after changing any of them, the game crashes - If you've figured out the xp - I'd love to know what you did?

Re: [Request] Dungeons of Edera

Posted: Wed Sep 16, 2020 4:25 am
by PhCCRQQsd6Bi
HakariTenrai wrote:
Wed Sep 16, 2020 3:09 am
By any chance, did you figure out how to change (add) experience? With my limited knowledge, I have only been able to narrow xp down to as few as 32 possible addresses - however, right after changing any of them, the game crashes - If you've figured out the xp - I'd love to know what you did?
searching float. down to 23 found, only two round numbers are left. the higher number is exp at level 3. no clue what the lower number is, i see no change. the ui wont update till you get another kill. [Link]

Re: [Request] Dungeons of Edera

Posted: Wed Sep 16, 2020 10:13 am
by PhCCRQQsd6Bi
IF the pointers hold up.. has script to update the values as they change and keep your stats filled. when it starts shitting out errors on 'Lua Engine' turn off 'Show on Print' under 'View'
  • hp
    mp
    stam
    gold in stash

Re: [Request] Dungeons of Edera

Posted: Thu Sep 17, 2020 7:45 am
by HakariTenrai
PhCCRQQsd6Bi wrote:
Wed Sep 16, 2020 4:25 am
searching float. down to 23 found, only two round numbers are left. the higher number is exp at level 3. no clue what the lower number is, i see no change. the ui wont update till you get another kill. [Link]
Using this information I was able to figure out the exp - and the lvl cap, which is lvl 50... - Thank you, for the help :)
PhCCRQQsd6Bi wrote:
Wed Sep 16, 2020 10:13 am
IF the pointers hold up.. has script to update the values as they change and keep your stats filled. when it starts shitting out errors on 'Lua Engine' turn off 'Show on Print' under 'View'
  • hp
    mp
    stam
    gold in stash
I tried using the .ct - and the Lua Engine started spitting out errors, so I turned off 'Show on Print' under 'View' - but none of the other boxes do anything other than "ding" when I try to click them - the health, mana, and stamina all show "??".

Am I doing something wrong?

Re: [Request] Dungeons of Edera

Posted: Thu Sep 17, 2020 7:56 am
by PhCCRQQsd6Bi
HakariTenrai wrote:
Thu Sep 17, 2020 7:45 am
Am I doing something wrong?
nope. it just means the pointers are wrong. if you wanted to you could find some pointers that work for you and update the script. its a sloppy way to do things, i just dont know how to handle ue4.

Re: [Request] Dungeons of Edera

Posted: Thu Sep 17, 2020 8:32 am
by HakariTenrai
PhCCRQQsd6Bi wrote:
Thu Sep 17, 2020 7:56 am
nope. it just means the pointers are wrong. if you wanted to you could find some pointers that work for you and update the script. its a sloppy way to do things, i just dont know how to handle ue4.
Unfortunately, I have no idea at all how pointers work. All I can do, is to do a float scan for my health, then keep changing the state of my health, and doing searches based on the change - "value decreased", "value increased", "no change", ect... until I narrow down the code to just a few - in my case usually 4 that show the exact same results every single change - so I take those 4 codes, and lock them - that usually stops my health from going down during a mission - but... the problem is that the game freezes, and then stops responding every single time I start a new mission... it's... mind-numbingly tedious.

Re: [Request] Dungeons of Edera

Posted: Thu Sep 17, 2020 8:52 am
by PhCCRQQsd6Bi
HakariTenrai wrote:
Thu Sep 17, 2020 8:32 am
it's... mind-numbingly tedious.
yes. do what you did then change 1 at a time. the game visual wont update, get hit again and see if its the right one. when you find the real address that updates the health continue with pointer scan. tuts below

[Link]
[Link]