Phasmophobia

Ask about cheats/tables for single player games here
supersel
Noobzor
Noobzor
Posts: 7
Joined: Sun Apr 25, 2021 8:30 am
Reputation: 1

Re: Phasmophobia

Post by supersel »

how long did it take you to create a cheat on this game

zephirot
Expert Cheater
Expert Cheater
Posts: 72
Joined: Wed Oct 28, 2020 8:48 pm
Reputation: 50

Re: Phasmophobia

Post by zephirot »

supersel wrote:
Wed Jun 16, 2021 12:48 pm
how long did it take you to create a cheat on this game
For this game it's quite "simple" because the engine is Unity so we have access to mono features. It can take minutes but also hours/days for the most tricky ones.
We just have to explore (using Mono dissector or .Net Info from cheat engine), then check the classes in Assembly-CSharp.dll, the methods/offsets and analyze the corresponding memory part. Change it, try, expect a crash, do it again, until we have something good.

For example, we want to know how to not die, first step is to search something related to the Player, then the method that can kill us (KillPlayer), and after, play with the memory. Can use break points to debug, use offsets to identify the good memory address, replace a part with code that does nothing (nop) etc...

Image

Of course several things can happen in parallel, so we just have to dig more and follow the code :lol:

Coderbox1
Noobzor
Noobzor
Posts: 11
Joined: Thu Mar 11, 2021 3:27 pm
Reputation: 4

Re: Phasmophobia

Post by Coderbox1 »

I've been pretty busy lately... But i will look into adding new hacks and or merging tables with @Zephroit 's

supersel
Noobzor
Noobzor
Posts: 7
Joined: Sun Apr 25, 2021 8:30 am
Reputation: 1

Re: Phasmophobia

Post by supersel »

can you say me what software do you use for create cheat because i want start to create a cheat but i don't know how and where do start

Coderbox1
Noobzor
Noobzor
Posts: 11
Joined: Thu Mar 11, 2021 3:27 pm
Reputation: 4

Re: Phasmophobia

Post by Coderbox1 »

supersel wrote:
Fri Jun 18, 2021 12:46 pm
can you say me what software do you use for create cheat because i want start to create a cheat but i don't know how and where do start
For what exactly?
I use Cheat engine for making my Phasmophobia hacks
and i use C# in visual studio for making hacks for open assembly games.

Coderbox1
Noobzor
Noobzor
Posts: 11
Joined: Thu Mar 11, 2021 3:27 pm
Reputation: 4

Re: Phasmophobia

Post by Coderbox1 »

supersel wrote:
Wed Jun 16, 2021 12:48 pm
how long did it take you to create a cheat on this game
For my biggest hack... maybe a month total. But it had different versions.
Its one of those "Practice makes perfect" things. The more you do it, the more natural and
quick it will be. I suggest doing all the research you can on how Assembly code works, And how
UnityEngine games work.

supersel
Noobzor
Noobzor
Posts: 7
Joined: Sun Apr 25, 2021 8:30 am
Reputation: 1

Re: Phasmophobia

Post by supersel »

Coderbox1 wrote:
Fri Jun 18, 2021 3:52 pm
supersel wrote:
Wed Jun 16, 2021 12:48 pm
how long did it take you to create a cheat on this game
For my biggest hack... maybe a month total. But it had different versions.
Its one of those "Practice makes perfect" things. The more you do it, the more natural and
quick it will be. I suggest doing all the research you can on how Assembly code works, And how
UnityEngine games work.
ok nice thanks

geovanniyoboy
What is cheating?
What is cheating?
Posts: 1
Joined: Sat Jul 10, 2021 2:15 am
Reputation: 0

Re: Phasmophobia

Post by geovanniyoboy »

GreenHouse wrote:
Thu Oct 01, 2020 9:20 am
nikola899 wrote:
Thu Oct 01, 2020 8:48 am
Im pretty sure that devs are looking this thread, they added anti cheat, and changed the code..
The anticheat does nothing if you do what I said.
EDIT: Here's a quick script to make the shop free. Enjoy I guess :P

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>1</ID>
      <Description>"Free Store"</Description>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
{$lua}
if syntaxcheck then return end
if process and readInteger(process) ~= 0 then
    mono_initialize()
    LaunchMonoDataCollector()
else
    local msg = 'No process detected.'
    print(msg)
    error(msg)
end
{$asm}
aobscanregion(get_Price,StoreManager:BuyButton,StoreManager:BuyButton+150,48 63 49 48)
aobscanregion(get_PriceSub,StoreManager:BuyButton,StoreManager:BuyButton+150,2B D0)
registersymbol(get_Price)
registersymbol(get_PriceSub)

get_Price:
db 48 31 C0 90

get_PriceSub:
db 90 90

[DISABLE]
get_Price:
db 48 63 49 48

get_PriceSub:
db 2B D0

unregistersymbol(get_Price)
unregistersymbol(get_PriceSub)
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Is there one for the newest update?

zephirot
Expert Cheater
Expert Cheater
Posts: 72
Joined: Wed Oct 28, 2020 8:48 pm
Reputation: 50

Re: Phasmophobia

Post by zephirot »

geovanniyoboy wrote:
Sat Jul 10, 2021 2:18 am
GreenHouse wrote:
Thu Oct 01, 2020 9:20 am
nikola899 wrote:
Thu Oct 01, 2020 8:48 am
Im pretty sure that devs are looking this thread, they added anti cheat, and changed the code..
The anticheat does nothing if you do what I said.
EDIT: Here's a quick script to make the shop free. Enjoy I guess :P

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>1</ID>
      <Description>"Free Store"</Description>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
{$lua}
if syntaxcheck then return end
if process and readInteger(process) ~= 0 then
    mono_initialize()
    LaunchMonoDataCollector()
else
    local msg = 'No process detected.'
    print(msg)
    error(msg)
end
{$asm}
aobscanregion(get_Price,StoreManager:BuyButton,StoreManager:BuyButton+150,48 63 49 48)
aobscanregion(get_PriceSub,StoreManager:BuyButton,StoreManager:BuyButton+150,2B D0)
registersymbol(get_Price)
registersymbol(get_PriceSub)

get_Price:
db 48 31 C0 90

get_PriceSub:
db 90 90

[DISABLE]
get_Price:
db 48 63 49 48

get_PriceSub:
db 2B D0

unregistersymbol(get_Price)
unregistersymbol(get_PriceSub)
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Is there one for the newest update?
You can try this one

Code: Select all


<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43966</ID>
      <Description>"Free Store"</Description>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
{$lua}
if syntaxcheck then return end
if process and readInteger(process) ~= 0 then
    mono_initialize()
    LaunchMonoDataCollector()
else
    local msg = 'No process detected.'
    print(msg)
    error(msg)
end
{$asm}
aobscanregion(get_Price,StoreManager.BuyButton,StoreManager.BuyButton+150,2B 41 18)
aobscanregion(get_PriceSub,StoreManager.BuyButton,StoreManager.BuyButton+150,8B D0)
registersymbol(get_Price)
registersymbol(get_PriceSub)

get_Price:
db 90 90 90

get_PriceSub:
db 8B D0

[DISABLE]
get_Price:
db 2B 41 18

get_PriceSub:
db 8B D0

unregistersymbol(get_Price)
unregistersymbol(get_PriceSub)
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>


der_wild
What is cheating?
What is cheating?
Posts: 3
Joined: Fri Jul 16, 2021 10:02 am
Reputation: 0

Re: Phasmophobia

Post by der_wild »

Hello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT

zephirot
Expert Cheater
Expert Cheater
Posts: 72
Joined: Wed Oct 28, 2020 8:48 pm
Reputation: 50

Re: Phasmophobia

Post by zephirot »

der_wild wrote:
Fri Jul 16, 2021 10:18 am
Hello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT
Hi der_wild!
It's a pleasure.
To answer you, as far as I know, it's only for client, others can't see it.
I don't think we can make it visible to others, at least not with cheat engine, maybe doable with code injection by changing directly the source code.
Maybe it was just a coincidence if they could see it, most probably because of a ghost event or something.

But here's a more recent version for Show Ghost (should always see it with this one)

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43980</ID>
      <Description>"Show Ghost v2 (no blinking)"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Author : Zephirot
  Mono   : Assembly-CSharp.dll -&gt; GhostAI:Update()
}

[ENABLE]

//aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
alloc(newmem,$1000,SHOWGHOST)

alloc(original_SHOWGHOST_bytes,7)
registersymbol(original_SHOWGHOST_bytes)

label(code)
label(return)
label(_GhostAI2)
registersymbol(_GhostAI2)

original_SHOWGHOST_bytes:
readmem(SHOWGHOST,7)

newmem:

code:
  mov [_GhostAI2],rbx
  cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01
  jmp return

_GhostAI2:
dq 0

SHOWGHOST:
  jmp newmem
  nop 2
return:
registersymbol(SHOWGHOST)

aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique
alloc(newmem2,$1000,GTIMER)

label(code2)
label(return2)

newmem2:

code2:
  //comiss xmm0,xmm6
  movss [rbx+00000090],xmm6
  jmp return2

GTIMER:
  jmp newmem2
  nop 6
return2:
registersymbol(GTIMER)

aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique
alloc(newmem3,$1000,GJUMP)

label(code3)
label(return3)

newmem3:

code3:
  jne GameAssembly.dll+1C05CD1 //je GameAssembly.dll+1C05CD1
  jmp return3

GJUMP:
  jmp newmem3
  nop
return3:
registersymbol(GJUMP)

[DISABLE]

SHOWGHOST:
  //db 80 BF 98 00 00 00 00
  readmem(original_SHOWGHOST_bytes,7)

unregistersymbol(SHOWGHOST)
unregistersymbol(_GhostAI2)
unregistersymbol(original_SHOWGHOST_bytes)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB

GameAssembly.dll+10E2B92: 74 27                    - je GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01     - mov rax,[GameAssembly.dll+29A4780]
GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00     - mov rdx,[rax+000000B8]
GameAssembly.dll+10E2BA2: 48 8B 02                 - mov rax,[rdx]
GameAssembly.dll+10E2BA5: 48 85 C0                 - test rax,rax
GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00        - je GameAssembly.dll+10E2EAF
GameAssembly.dll+10E2BAE: 80 78 69 00              - cmp byte ptr [rax+69],00
GameAssembly.dll+10E2BB2: 75 07                    - jne GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2BB4: 33 D2                    - xor edx,edx
GameAssembly.dll+10E2BB6: E8 15 71 67 00           - call ऩजछढजदडछडनज.थणदनडञनझढणच
// ---------- INJECTING HERE ----------
GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00     - cmp byte ptr [rbx+00000098],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00        - je GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00  - movss xmm6,[rbx+00000094]
GameAssembly.dll+10E2BD0: 33 C9                    - xor ecx,ecx
GameAssembly.dll+10E2BD2: E8 79 E0 87 FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+10E2BD7: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+10E2BDB: 0F 57 C0                 - xorps xmm0,xmm0
GameAssembly.dll+10E2BDE: 0F 2F C6                 - comiss xmm0,xmm6
GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00  - movss [rbx+00000094],xmm6
GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00        - jbe GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01  - movss xmm6,[GameAssembly.dll+211E4B0]
}
GTIMER:
  db 0F 2F C6 F3 0F 11 B3 90 00 00 00

unregistersymbol(GTIMER)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2

GameAssembly.dll+1268898: 33 D2                    - xor edx,edx
GameAssembly.dll+126889A: E8 51 BA A2 00           - call ठदञनडचछनऩनठ.णणथछचणझडजनध
SHOWGHOST: E9 5C 77 54 02           - jmp 7FFC0EDD0000
GameAssembly.dll+12688A4: 66 90                    - nop 2
GameAssembly.dll+12688A6: 0F 84 96 00 00 00        - je GameAssembly.dll+1268942
GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00  - movss xmm6,[rbx+00000090]
GameAssembly.dll+12688B4: 33 C9                    - xor ecx,ecx
GameAssembly.dll+12688B6: E8 F5 FA 7C FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+12688BB: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+12688BF: 0F 57 C0                 - xorps xmm0,xmm0
// ---------- INJECTING HERE ----------
GameAssembly.dll+12688C2: 0F 2F C6                 - comiss xmm0,xmm6
// ---------- DONE INJECTING  ----------
GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00  - movss [rbx+00000090],xmm6
GameAssembly.dll+12688CD: 76 73                    - jna GameAssembly.dll+1268942
GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01  - movss xmm6,[GameAssembly.dll+27E51C0]
GameAssembly.dll+12688D7: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01  - movss xmm0,[GameAssembly.dll+2D597F0]
GameAssembly.dll+12688E2: 0F 28 CE                 - movaps xmm1,xmm6
GameAssembly.dll+12688E5: E8 C6 1C 77 FF           - call UnityEngine.Random.Range
GameAssembly.dll+12688EA: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688ED: 0F 28 C8                 - movaps xmm1,xmm0
GameAssembly.dll+12688F0: 48 8B CB                 - mov rcx,rbx
}
GJUMP:
  db 0F 84 B9 00 00 00

unregistersymbol(GJUMP)
dealloc(newmem3)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12

GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00  - mov [rsi+10],00000001
GameAssembly.dll+1C05BEF: 48 8B 5C 24 40        - mov rbx,[rsp+40]
GameAssembly.dll+1C05BF4: 48 8B 74 24 48        - mov rsi,[rsp+48]
GameAssembly.dll+1C05BF9: 48 83 C4 30           - add rsp,30
GameAssembly.dll+1C05BFD: 5F                    - pop rdi
GameAssembly.dll+1C05BFE: C3                    - ret 
GameAssembly.dll+1C05BFF: 83 F8 01              - cmp eax,01
GameAssembly.dll+1C05C02: 0F 85 97 00 00 00     - jne GameAssembly.dll+1C05C9F
GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF  - mov [rsi+10],FFFFFFFF
GameAssembly.dll+1C05C0F: 48 85 FF              - test rdi,rdi
// ---------- INJECTING HERE ----------
GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00     - je GameAssembly.dll+1C05CD1
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1C05C18: C6 47 70 00           - mov byte ptr [rdi+70],00
GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01  - mov rax,[GameAssembly.dll+319E8D8]
GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00  - mov rcx,[rax+000000B8]
GameAssembly.dll+1C05C2A: 48 8B 01              - mov rax,[rcx]
GameAssembly.dll+1C05C2D: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C36: 48 8B 40 18           - mov rax,[rax+18]
GameAssembly.dll+1C05C3A: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C43: 48 8B 40 10           - mov rax,[rax+10]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>43981</ID>
          <Description>"ghost Is Appeared"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
          <LastState Value="0" RealAddress="1F7D9021B00"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>_GhostAI2</Address>
          <Offsets>
            <Offset>70</Offset>
          </Offsets>
          <CheatEntries>
            <CheatEntry>
              <ID>43982</ID>
              <Description>"appear Timer"</Description>
              <LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
              <ShowAsSigned>0</ShowAsSigned>
              <VariableType>Float</VariableType>
              <Address>_GhostAI2</Address>
              <Offsets>
                <Offset>90</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

der_wild
What is cheating?
What is cheating?
Posts: 3
Joined: Fri Jul 16, 2021 10:02 am
Reputation: 0

Re: Phasmophobia

Post by der_wild »

zephirot wrote:
Fri Jul 16, 2021 6:44 pm
der_wild wrote:
Fri Jul 16, 2021 10:18 am
Hello, thanks to the authors for the excellent work, efforts, and also for the support in the form of updating the tables. I have a question. When I click the SHOW GHOST option, only I can see it, but sometimes in the next game other players also see the ghost,this rarely happens. How should this option work? Is it possible to make the ghost visible to other players too by clicking this option? I use Phasmophobia_Release_and_Beta_v14.1.CT
Hi der_wild!
It's a pleasure.
To answer you, as far as I know, it's only for client, others can't see it.
I don't think we can make it visible to others, at least not with cheat engine, maybe doable with code injection by changing directly the source code.
Maybe it was just a coincidence if they could see it, most probably because of a ghost event or something.

But here's a more recent version for Show Ghost (should always see it with this one)

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43980</ID>
      <Description>"Show Ghost v2 (no blinking)"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Author : Zephirot
  Mono   : Assembly-CSharp.dll -&gt; GhostAI:Update()
}

[ENABLE]

//aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
alloc(newmem,$1000,SHOWGHOST)

alloc(original_SHOWGHOST_bytes,7)
registersymbol(original_SHOWGHOST_bytes)

label(code)
label(return)
label(_GhostAI2)
registersymbol(_GhostAI2)

original_SHOWGHOST_bytes:
readmem(SHOWGHOST,7)

newmem:

code:
  mov [_GhostAI2],rbx
  cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01
  jmp return

_GhostAI2:
dq 0

SHOWGHOST:
  jmp newmem
  nop 2
return:
registersymbol(SHOWGHOST)

aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique
alloc(newmem2,$1000,GTIMER)

label(code2)
label(return2)

newmem2:

code2:
  //comiss xmm0,xmm6
  movss [rbx+00000090],xmm6
  jmp return2

GTIMER:
  jmp newmem2
  nop 6
return2:
registersymbol(GTIMER)

aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique
alloc(newmem3,$1000,GJUMP)

label(code3)
label(return3)

newmem3:

code3:
  jne GameAssembly.dll+1C05CD1 //je GameAssembly.dll+1C05CD1
  jmp return3

GJUMP:
  jmp newmem3
  nop
return3:
registersymbol(GJUMP)

[DISABLE]

SHOWGHOST:
  //db 80 BF 98 00 00 00 00
  readmem(original_SHOWGHOST_bytes,7)

unregistersymbol(SHOWGHOST)
unregistersymbol(_GhostAI2)
unregistersymbol(original_SHOWGHOST_bytes)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB

GameAssembly.dll+10E2B92: 74 27                    - je GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01     - mov rax,[GameAssembly.dll+29A4780]
GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00     - mov rdx,[rax+000000B8]
GameAssembly.dll+10E2BA2: 48 8B 02                 - mov rax,[rdx]
GameAssembly.dll+10E2BA5: 48 85 C0                 - test rax,rax
GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00        - je GameAssembly.dll+10E2EAF
GameAssembly.dll+10E2BAE: 80 78 69 00              - cmp byte ptr [rax+69],00
GameAssembly.dll+10E2BB2: 75 07                    - jne GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2BB4: 33 D2                    - xor edx,edx
GameAssembly.dll+10E2BB6: E8 15 71 67 00           - call ऩजछढजदडछडनज.थणदनडञनझढणच
// ---------- INJECTING HERE ----------
GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00     - cmp byte ptr [rbx+00000098],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00        - je GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00  - movss xmm6,[rbx+00000094]
GameAssembly.dll+10E2BD0: 33 C9                    - xor ecx,ecx
GameAssembly.dll+10E2BD2: E8 79 E0 87 FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+10E2BD7: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+10E2BDB: 0F 57 C0                 - xorps xmm0,xmm0
GameAssembly.dll+10E2BDE: 0F 2F C6                 - comiss xmm0,xmm6
GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00  - movss [rbx+00000094],xmm6
GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00        - jbe GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01  - movss xmm6,[GameAssembly.dll+211E4B0]
}
GTIMER:
  db 0F 2F C6 F3 0F 11 B3 90 00 00 00

unregistersymbol(GTIMER)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2

GameAssembly.dll+1268898: 33 D2                    - xor edx,edx
GameAssembly.dll+126889A: E8 51 BA A2 00           - call ठदञनडचछनऩनठ.णणथछचणझडजनध
SHOWGHOST: E9 5C 77 54 02           - jmp 7FFC0EDD0000
GameAssembly.dll+12688A4: 66 90                    - nop 2
GameAssembly.dll+12688A6: 0F 84 96 00 00 00        - je GameAssembly.dll+1268942
GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00  - movss xmm6,[rbx+00000090]
GameAssembly.dll+12688B4: 33 C9                    - xor ecx,ecx
GameAssembly.dll+12688B6: E8 F5 FA 7C FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+12688BB: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+12688BF: 0F 57 C0                 - xorps xmm0,xmm0
// ---------- INJECTING HERE ----------
GameAssembly.dll+12688C2: 0F 2F C6                 - comiss xmm0,xmm6
// ---------- DONE INJECTING  ----------
GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00  - movss [rbx+00000090],xmm6
GameAssembly.dll+12688CD: 76 73                    - jna GameAssembly.dll+1268942
GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01  - movss xmm6,[GameAssembly.dll+27E51C0]
GameAssembly.dll+12688D7: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01  - movss xmm0,[GameAssembly.dll+2D597F0]
GameAssembly.dll+12688E2: 0F 28 CE                 - movaps xmm1,xmm6
GameAssembly.dll+12688E5: E8 C6 1C 77 FF           - call UnityEngine.Random.Range
GameAssembly.dll+12688EA: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688ED: 0F 28 C8                 - movaps xmm1,xmm0
GameAssembly.dll+12688F0: 48 8B CB                 - mov rcx,rbx
}
GJUMP:
  db 0F 84 B9 00 00 00

unregistersymbol(GJUMP)
dealloc(newmem3)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12

GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00  - mov [rsi+10],00000001
GameAssembly.dll+1C05BEF: 48 8B 5C 24 40        - mov rbx,[rsp+40]
GameAssembly.dll+1C05BF4: 48 8B 74 24 48        - mov rsi,[rsp+48]
GameAssembly.dll+1C05BF9: 48 83 C4 30           - add rsp,30
GameAssembly.dll+1C05BFD: 5F                    - pop rdi
GameAssembly.dll+1C05BFE: C3                    - ret 
GameAssembly.dll+1C05BFF: 83 F8 01              - cmp eax,01
GameAssembly.dll+1C05C02: 0F 85 97 00 00 00     - jne GameAssembly.dll+1C05C9F
GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF  - mov [rsi+10],FFFFFFFF
GameAssembly.dll+1C05C0F: 48 85 FF              - test rdi,rdi
// ---------- INJECTING HERE ----------
GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00     - je GameAssembly.dll+1C05CD1
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1C05C18: C6 47 70 00           - mov byte ptr [rdi+70],00
GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01  - mov rax,[GameAssembly.dll+319E8D8]
GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00  - mov rcx,[rax+000000B8]
GameAssembly.dll+1C05C2A: 48 8B 01              - mov rax,[rcx]
GameAssembly.dll+1C05C2D: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C36: 48 8B 40 18           - mov rax,[rax+18]
GameAssembly.dll+1C05C3A: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C43: 48 8B 40 10           - mov rax,[rax+10]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>43981</ID>
          <Description>"ghost Is Appeared"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
          <LastState Value="0" RealAddress="1F7D9021B00"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>_GhostAI2</Address>
          <Offsets>
            <Offset>70</Offset>
          </Offsets>
          <CheatEntries>
            <CheatEntry>
              <ID>43982</ID>
              <Description>"appear Timer"</Description>
              <LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
              <ShowAsSigned>0</ShowAsSigned>
              <VariableType>Float</VariableType>
              <Address>_GhostAI2</Address>
              <Offsets>
                <Offset>90</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Good day zephirot!
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)

[Link]

P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?

zephirot
Expert Cheater
Expert Cheater
Posts: 72
Joined: Wed Oct 28, 2020 8:48 pm
Reputation: 50

Re: Phasmophobia

Post by zephirot »

der_wild wrote:
Sat Jul 17, 2021 5:07 pm

Good day zephirot!
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)

[Link]

P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?
Hello again ;)
Oh yes it's because you have to copy and paste directly in cheat engine, not to paste in a script.
Just do select all, copy, move to cheat engine window and Ctrl-V
It will add the script + children below it.
If you want to paste in a script, just remove this part for the top

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43980</ID>
      <Description>"Show Ghost v2 (no blinking)"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>
and this part for the bottom

Code: Select all

</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>43981</ID>
          <Description>"ghost Is Appeared"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
          <LastState Value="0" RealAddress="1F7D9021B00"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>_GhostAI2</Address>
          <Offsets>
            <Offset>70</Offset>
          </Offsets>
          <CheatEntries>
            <CheatEntry>
              <ID>43982</ID>
              <Description>"appear Timer"</Description>
              <LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
              <ShowAsSigned>0</ShowAsSigned>
              <VariableType>Float</VariableType>
              <Address>_GhostAI2</Address>
              <Offsets>
                <Offset>90</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
But you won't have the 2 children ("ghost Is Appeared" and "appear Timer"), even if it's not really necessary, mostly for debugging/updating etc...

der_wild
What is cheating?
What is cheating?
Posts: 3
Joined: Fri Jul 16, 2021 10:02 am
Reputation: 0

Re: Phasmophobia

Post by der_wild »

zephirot wrote:
Sun Jul 18, 2021 11:12 am
der_wild wrote:
Sat Jul 17, 2021 5:07 pm

Good day zephirot!
Well, now I'll be in the know.
Thank you for the more recent version of the script. When I rewrote the lines of the script for more recent ones, the Cheat engine gave an error, but as I understand it, this is not a problem and does not affect anything, since after checking the operability, a ghost appeared, and there were no problems. I wish you good luck with your work and I am waiting for the new version of the script table)

[Link]

P.S Do you have a manual for the correct use of the table, that is, how and when to include the required script correctly?
Hello again ;)
Oh yes it's because you have to copy and paste directly in cheat engine, not to paste in a script.
Just do select all, copy, move to cheat engine window and Ctrl-V
It will add the script + children below it.
If you want to paste in a script, just remove this part for the top

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43980</ID>
      <Description>"Show Ghost v2 (no blinking)"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>
and this part for the bottom

Code: Select all

</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>43981</ID>
          <Description>"ghost Is Appeared"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
          <LastState Value="0" RealAddress="1F7D9021B00"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>_GhostAI2</Address>
          <Offsets>
            <Offset>70</Offset>
          </Offsets>
          <CheatEntries>
            <CheatEntry>
              <ID>43982</ID>
              <Description>"appear Timer"</Description>
              <LastState Value="1.14349854" RealAddress="1F7D9021B20"/>
              <ShowAsSigned>0</ShowAsSigned>
              <VariableType>Float</VariableType>
              <Address>_GhostAI2</Address>
              <Offsets>
                <Offset>90</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
But you won't have the 2 children ("ghost Is Appeared" and "appear Timer"), even if it's not really necessary, mostly for debugging/updating etc...

hello, Thanks for the explanation on how to add the script correctly. But everything worked on a fresh version until recently. probably there was some kind of update for the game, as the new version of the script for "SHOW GHOST" crashed the game((( But the old version is fine.

zephirot
Expert Cheater
Expert Cheater
Posts: 72
Joined: Wed Oct 28, 2020 8:48 pm
Reputation: 50

Re: Phasmophobia

Post by zephirot »

der_wild wrote:
Thu Jul 22, 2021 6:49 pm
hello, Thanks for the explanation on how to add the script correctly. But everything worked on a fresh version until recently. probably there was some kind of update for the game, as the new version of the script for "SHOW GHOST" crashed the game((( But the old version is fine.
Hi! Indeed there was an update and one part of the script had an issue with an address.
This version should work.
Maybe it will be stable between updates, will keep an eye on the last part!
Enjoy :)

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>43980</ID>
      <Description>"Show Ghost v2 (no blinking)"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Author : Zephirot
  Mono   : Assembly-CSharp.dll -&gt; GhostAI:Update()
}

[ENABLE]

//aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? 9? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
aobscanmodule(SHOWGHOST,GameAssembly.dll,80 ?? ?? 00 00 00 00 0F 84 ?? ?? 00 00 F3 0F 10 ?? 9? 00 00 00 33 C9 E8 ?? ?? ?? ?? F3 0F 5C F0 0F 57 C0 0F 2F C6 F3 0F 11 ??) // should be unique
alloc(newmem,$1000,SHOWGHOST)

alloc(original_SHOWGHOST_bytes,7)
registersymbol(original_SHOWGHOST_bytes)

label(code)
label(return)
label(_GhostAI2)
registersymbol(_GhostAI2)

original_SHOWGHOST_bytes:
readmem(SHOWGHOST,7)

newmem:

code:
  mov [_GhostAI2],rbx
  cmp byte ptr [rbx+000000A0],01 //cmp byte ptr [rbx+00000094],01
  jmp return

_GhostAI2:
dq 0

SHOWGHOST:
  jmp newmem
  nop 2
return:
registersymbol(SHOWGHOST)

aobscanmodule(GTIMER,GameAssembly.dll,0F 2F C6 F3 0F 11 B3 90 00 00 00 76) // should be unique
alloc(newmem2,$1000,GTIMER)

label(code2)
label(return2)

newmem2:

code2:
  //comiss xmm0,xmm6
  movss [rbx+00000090],xmm6
  jmp return2

GTIMER:
  jmp newmem2
  nop 6
return2:
registersymbol(GTIMER)

// XXXXXXXXX.MoveNext
aobscanmodule(GJUMP,GameAssembly.dll,0F 84 B9 00 00 00 C6 47) // should be unique
alloc(newmem3,$1000,GJUMP)

label(code3)
label(return3)

newmem3:

code3:
  //jne GameAssembly.dll+1C05CD1 // je GameAssembly.dll+1C05CD1
  //db 0F 85 B9 00 00 00         // db 0F 84 B9 00 00 00
  jne GJUMP+BF
  jmp return3

GJUMP:
  jmp newmem3
  nop
return3:
registersymbol(GJUMP)

[DISABLE]

SHOWGHOST:
  //db 80 BF 98 00 00 00 00
  readmem(original_SHOWGHOST_bytes,7)

unregistersymbol(SHOWGHOST)
unregistersymbol(_GhostAI2)
unregistersymbol(original_SHOWGHOST_bytes)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10E2BBB

GameAssembly.dll+10E2B92: 74 27                    - je GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2B94: 48 8B 05 E5 1B 8C 01     - mov rax,[GameAssembly.dll+29A4780]
GameAssembly.dll+10E2B9B: 48 8B 90 B8 00 00 00     - mov rdx,[rax+000000B8]
GameAssembly.dll+10E2BA2: 48 8B 02                 - mov rax,[rdx]
GameAssembly.dll+10E2BA5: 48 85 C0                 - test rax,rax
GameAssembly.dll+10E2BA8: 0F 84 01 03 00 00        - je GameAssembly.dll+10E2EAF
GameAssembly.dll+10E2BAE: 80 78 69 00              - cmp byte ptr [rax+69],00
GameAssembly.dll+10E2BB2: 75 07                    - jne GameAssembly.dll+10E2BBB
GameAssembly.dll+10E2BB4: 33 D2                    - xor edx,edx
GameAssembly.dll+10E2BB6: E8 15 71 67 00           - call ऩजछढजदडछडनज.थणदनडञनझढणच
// ---------- INJECTING HERE ----------
GameAssembly.dll+10E2BBB: 80 BB 98 00 00 00 00     - cmp byte ptr [rbx+00000098],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+10E2BC2: 0F 84 3C 01 00 00        - je GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BC8: F3 0F 10 B3 94 00 00 00  - movss xmm6,[rbx+00000094]
GameAssembly.dll+10E2BD0: 33 C9                    - xor ecx,ecx
GameAssembly.dll+10E2BD2: E8 79 E0 87 FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+10E2BD7: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+10E2BDB: 0F 57 C0                 - xorps xmm0,xmm0
GameAssembly.dll+10E2BDE: 0F 2F C6                 - comiss xmm0,xmm6
GameAssembly.dll+10E2BE1: F3 0F 11 B3 94 00 00 00  - movss [rbx+00000094],xmm6
GameAssembly.dll+10E2BE9: 0F 86 15 01 00 00        - jbe GameAssembly.dll+10E2D04
GameAssembly.dll+10E2BEF: F3 0F 10 35 B9 B8 03 01  - movss xmm6,[GameAssembly.dll+211E4B0]
}
GTIMER:
  db 0F 2F C6 F3 0F 11 B3 90 00 00 00

unregistersymbol(GTIMER)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+12688C2

GameAssembly.dll+1268898: 33 D2                    - xor edx,edx
GameAssembly.dll+126889A: E8 51 BA A2 00           - call ठदञनडचछनऩनठ.णणथछचणझडजनध
SHOWGHOST: E9 5C 77 54 02           - jmp 7FFC0EDD0000
GameAssembly.dll+12688A4: 66 90                    - nop 2
GameAssembly.dll+12688A6: 0F 84 96 00 00 00        - je GameAssembly.dll+1268942
GameAssembly.dll+12688AC: F3 0F 10 B3 90 00 00 00  - movss xmm6,[rbx+00000090]
GameAssembly.dll+12688B4: 33 C9                    - xor ecx,ecx
GameAssembly.dll+12688B6: E8 F5 FA 7C FF           - call UnityEngine.Time.get_deltaTime
GameAssembly.dll+12688BB: F3 0F 5C F0              - subss xmm6,xmm0
GameAssembly.dll+12688BF: 0F 57 C0                 - xorps xmm0,xmm0
// ---------- INJECTING HERE ----------
GameAssembly.dll+12688C2: 0F 2F C6                 - comiss xmm0,xmm6
// ---------- DONE INJECTING  ----------
GameAssembly.dll+12688C5: F3 0F 11 B3 90 00 00 00  - movss [rbx+00000090],xmm6
GameAssembly.dll+12688CD: 76 73                    - jna GameAssembly.dll+1268942
GameAssembly.dll+12688CF: F3 0F 10 35 E9 C8 57 01  - movss xmm6,[GameAssembly.dll+27E51C0]
GameAssembly.dll+12688D7: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688DA: F3 0F 10 05 0E 0F AF 01  - movss xmm0,[GameAssembly.dll+2D597F0]
GameAssembly.dll+12688E2: 0F 28 CE                 - movaps xmm1,xmm6
GameAssembly.dll+12688E5: E8 C6 1C 77 FF           - call UnityEngine.Random.Range
GameAssembly.dll+12688EA: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+12688ED: 0F 28 C8                 - movaps xmm1,xmm0
GameAssembly.dll+12688F0: 48 8B CB                 - mov rcx,rbx
}
GJUMP:
  db 0F 84 B9 00 00 00

unregistersymbol(GJUMP)
dealloc(newmem3)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1C05C12

GameAssembly.dll+1C05BE8: C7 46 10 01 00 00 00  - mov [rsi+10],00000001
GameAssembly.dll+1C05BEF: 48 8B 5C 24 40        - mov rbx,[rsp+40]
GameAssembly.dll+1C05BF4: 48 8B 74 24 48        - mov rsi,[rsp+48]
GameAssembly.dll+1C05BF9: 48 83 C4 30           - add rsp,30
GameAssembly.dll+1C05BFD: 5F                    - pop rdi
GameAssembly.dll+1C05BFE: C3                    - ret 
GameAssembly.dll+1C05BFF: 83 F8 01              - cmp eax,01
GameAssembly.dll+1C05C02: 0F 85 97 00 00 00     - jne GameAssembly.dll+1C05C9F
GameAssembly.dll+1C05C08: C7 46 10 FF FF FF FF  - mov [rsi+10],FFFFFFFF
GameAssembly.dll+1C05C0F: 48 85 FF              - test rdi,rdi
// ---------- INJECTING HERE ----------
GameAssembly.dll+1C05C12: 0F 84 B9 00 00 00     - je GameAssembly.dll+1C05CD1
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1C05C18: C6 47 70 00           - mov byte ptr [rdi+70],00
GameAssembly.dll+1C05C1C: 48 8B 05 B5 8C 59 01  - mov rax,[GameAssembly.dll+319E8D8]
GameAssembly.dll+1C05C23: 48 8B 88 B8 00 00 00  - mov rcx,[rax+000000B8]
GameAssembly.dll+1C05C2A: 48 8B 01              - mov rax,[rcx]
GameAssembly.dll+1C05C2D: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C30: 0F 84 9B 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C36: 48 8B 40 18           - mov rax,[rax+18]
GameAssembly.dll+1C05C3A: 48 85 C0              - test rax,rax
GameAssembly.dll+1C05C3D: 0F 84 8E 00 00 00     - je GameAssembly.dll+1C05CD1
GameAssembly.dll+1C05C43: 48 8B 40 10           - mov rax,[rax+10]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>43981</ID>
          <Description>"ghost Is Appeared"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:NO
1:YES
</DropDownList>
          <LastState Value="0" RealAddress="1DF605A5210"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>_GhostAI2</Address>
          <Offsets>
            <Offset>70</Offset>
          </Offsets>
          <CheatEntries>
            <CheatEntry>
              <ID>43982</ID>
              <Description>"appear Timer"</Description>
              <LastState Value="0.6719926596" RealAddress="1DF605A5230"/>
              <ShowAsSigned>0</ShowAsSigned>
              <VariableType>Float</VariableType>
              <Address>_GhostAI2</Address>
              <Offsets>
                <Offset>90</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Post Reply

Who is online

Users browsing this forum: alienrex, Baidu [Spider], emdasdas, Google [Bot], SlipperyEel, SmileyfaceSmile, ssdk01, ThePr⌀fessor