FearLess Cheat Engine

Posted: **Sun Sep 16, 2018 9:14 pm**

Hello guys,i was testing auto dodge script in the "Tables" page but it don't work anymore in the new update,can someone update it?

Here che script (The creator is predprey)

Edit:cheat engine says:"The array of byte named aob_dodgeBranch could not be found".

Code: Select all

[ENABLE]

aobscanmodule(aob_grabFunc,AOT2_EU.exe,48 89 5C 24 30 49 8B 98) // should be unique

aobscanmodule(aob_dodgeBranch,AOT2_EU.exe,8B 83 30 03 00 00 D0 E8 A8 01 0F 84 12 04) // should be unique

alloc(newmem_grabFunc,$100,"AOT2_EU.exe"+82F37E)

alloc(isGrabbing,$4,"AOT2_EU.exe"+82F37E)



registersymbol(aob_grabFunc)

registersymbol(aob_dodgeBranch)

registersymbol(isGrabbing)



newmem_grabFunc:

  cmp [isGrabbing],0

  jne short @f

  mov [isGrabbing],4 // Counter for Pressing Button

@@:

  add rsp,20

  pop rdi

  pop rax

  jmp aob_dodgeBranch



isGrabbing:

  db 00 00 00 00



aob_grabFunc:

  jmp newmem_grabFunc



////////////////////////////////////////////////////////////////////////////////////////////////////



aobscanmodule(aob_hookDriveFlag,AOT2_EU.exe,48 C1 E8 16 A8 01 74 04) // should be unique

alloc(newmem_hookDriveFlag,$100,"AOT2_EU.exe"+85F3C4)



label(return_hookDriveFlag)



newmem_hookDriveFlag:

  shr rax,16

  cmp [isGrabbing],0

  je short @f

  or al,01

@@:

  test al,01

  jmp return_hookDriveFlag



aob_hookDriveFlag:

  jmp newmem_hookDriveFlag

  nop

return_hookDriveFlag:

registersymbol(aob_hookDriveFlag)



////////////////////////////////////////////////////////////////////////////////////////////////////



aobscanmodule(aob_dinputScan,AOT2_EU.exe,44 38 AC 88 FC 00 00 00) // should be unique

alloc(newmem_dinputScan,$100,"AOT2_EU.exe"+DCF2A7)



label(exit_dinputScan)

label(originalcode)

label(return_dinputScan)



newmem_dinputScan:

  cmp [isGrabbing],0

  je short originalcode

  push rbx

  mov rbx,[r12+08] //Button Settings Array

@@:

  cmp byte ptr [rbx+1C],r11l //Jump Button DInput ScanCode

  jne short @f

  cmp [rax+rcx*4+FC],80 //Button already held awaiting game read

  je short @f

  mov [rax+rcx*4+000000FC],0000000001000180

  dec [isGrabbing]

exit_dinputScan:

  pop rbx

originalcode:

  cmp [rax+rcx*4+000000FC],r13l

  jmp return_dinputScan



aob_dinputScan:

  jmp newmem_dinputScan

  nop

  nop

  nop

return_dinputScan:

registersymbol(aob_dinputScan)



[DISABLE]

aob_grabFunc:

  db 48 89 5C 24 30



unregistersymbol(aob_grabFunc)

unregistersymbol(aob_dodgeBranch)

unregistersymbol(isGrabbing)

dealloc(newmem_grabFunc)

dealloc(isGrabbing)



{

// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+82F37E



"AOT2_EU.exe"+82F362: 48 83 EC 20              -  sub rsp,20

"AOT2_EU.exe"+82F366: F7 02 00 00 02 00        -  test [rdx],20000

"AOT2_EU.exe"+82F36C: 48 8B F9                 -  mov rdi,rcx

"AOT2_EU.exe"+82F36F: 77 08                    -  ja AOT2_EU.exe+82F379

"AOT2_EU.exe"+82F371: 33 C0                    -  xor eax,eax

"AOT2_EU.exe"+82F373: 48 83 C4 20              -  add rsp,20

"AOT2_EU.exe"+82F377: 5F                       -  pop rdi

"AOT2_EU.exe"+82F378: C3                       -  ret

"AOT2_EU.exe"+82F379: 45 85 C9                 -  test r9d,r9d

"AOT2_EU.exe"+82F37C: 75 F3                    -  jne AOT2_EU.exe+82F371

// ---------- INJECTING HERE ----------

"AOT2_EU.exe"+82F37E: 48 89 5C 24 30           -  mov [rsp+30],rbx

// ---------- DONE INJECTING  ----------

"AOT2_EU.exe"+82F383: 49 8B 98 F8 00 00 00     -  mov rbx,[r8+000000F8]

"AOT2_EU.exe"+82F38A: 8B 83 30 03 00 00        -  mov eax,[rbx+00000330]

"AOT2_EU.exe"+82F390: C0 E8 03                 -  shr al,03

"AOT2_EU.exe"+82F393: A8 01                    -  test al,01

"AOT2_EU.exe"+82F395: 74 0B                    -  je AOT2_EU.exe+82F3A2

"AOT2_EU.exe"+82F397: 48 8B 83 08 02 00 00     -  mov rax,[rbx+00000208]

"AOT2_EU.exe"+82F39E: 48 8B 58 08              -  mov rbx,[rax+08]

"AOT2_EU.exe"+82F3A2: 48 8B 83 10 02 00 00     -  mov rax,[rbx+00000210]

"AOT2_EU.exe"+82F3A9: 48 83 78 38 00           -  cmp qword ptr [rax+38],00

"AOT2_EU.exe"+82F3AE: 74 0D                    -  je AOT2_EU.exe+82F3BD

}



////////////////////////////////////////////////////////////////////////////////////////////////////



aob_hookDriveFlag:

  db 48 C1 E8 16 A8 01



unregistersymbol(aob_hookDriveFlag)

dealloc(newmem_hookDriveFlag)



{

// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+85F3C4



"AOT2_EU.exe"+85F39F: 74 04                          -  je AOT2_EU.exe+85F3A5

"AOT2_EU.exe"+85F3A1: 0F BA EA 09                    -  bts edx,09

"AOT2_EU.exe"+85F3A5: 48 B9 01 00 00 00 00 00 00 04  -  mov rcx,0400000000000001

"AOT2_EU.exe"+85F3AF: 49 8B C0                       -  mov rax,r8

"AOT2_EU.exe"+85F3B2: 48 23 C1                       -  and rax,rcx

"AOT2_EU.exe"+85F3B5: 8B CA                          -  mov ecx,edx

"AOT2_EU.exe"+85F3B7: 0F BA E9 0A                    -  bts ecx,0A

"AOT2_EU.exe"+85F3BB: 48 85 C0                       -  test rax,rax

"AOT2_EU.exe"+85F3BE: 49 8B C0                       -  mov rax,r8

"AOT2_EU.exe"+85F3C1: 0F 44 CA                       -  cmove ecx,edx

// ---------- INJECTING HERE ----------

"AOT2_EU.exe"+85F3C4: 48 C1 E8 16                    -  shr rax,16

"AOT2_EU.exe"+85F3C8: A8 01                          -  test al,01

// ---------- DONE INJECTING  ----------

"AOT2_EU.exe"+85F3CA: 74 04                          -  je AOT2_EU.exe+85F3D0

"AOT2_EU.exe"+85F3CC: 0F BA E9 0A                    -  bts ecx,0A

"AOT2_EU.exe"+85F3D0: 49 C1 E8 3A                    -  shr r8,3A

"AOT2_EU.exe"+85F3D4: 41 F6 C0 01                    -  test r8l,01

"AOT2_EU.exe"+85F3D8: 74 04                          -  je AOT2_EU.exe+85F3DE

"AOT2_EU.exe"+85F3DA: 0F BA E9 14                    -  bts ecx,14

"AOT2_EU.exe"+85F3DE: 8B C1                          -  mov eax,ecx

"AOT2_EU.exe"+85F3E0: C3                             -  ret

"AOT2_EU.exe"+85F3E1: CC                             -  int 3

"AOT2_EU.exe"+85F3E2: CC                             -  int 3

}



////////////////////////////////////////////////////////////////////////////////////////////////////



aob_dinputScan:

  db 44 38 AC 88 FC 00 00 00



unregistersymbol(aob_dinputScan)

dealloc(newmem_dinputScan)



{

// ORIGINAL CODE - INJECTION POINT: "AOT2_EU.exe"+DCF2A7



"AOT2_EU.exe"+DCF286: 45 8B F5                 -  mov r14d,r13d

"AOT2_EU.exe"+DCF289: 45 8B FD                 -  mov r15d,r13d

"AOT2_EU.exe"+DCF28C: 0F 1F 40 00              -  nop [rax+00]

"AOT2_EU.exe"+DCF290: 0F B6 45 00              -  movzx eax,byte ptr [rbp+00]

"AOT2_EU.exe"+DCF294: 45 8B CD                 -  mov r9d,r13d

"AOT2_EU.exe"+DCF297: 8B 56 FC                 -  mov edx,[rsi-04]

"AOT2_EU.exe"+DCF29A: 44 8B D8                 -  mov r11d,eax

"AOT2_EU.exe"+DCF29D: 8B 1E                    -  mov ebx,[rsi]

"AOT2_EU.exe"+DCF29F: 48 8D 0C 40              -  lea rcx,[rax+rax*2]

"AOT2_EU.exe"+DCF2A3: 49 8B 04 24              -  mov rax,[r12]

// ---------- INJECTING HERE ----------

"AOT2_EU.exe"+DCF2A7: 44 38 AC 88 FC 00 00 00  -  cmp [rax+rcx*4+000000FC],r13l

// ---------- DONE INJECTING  ----------

"AOT2_EU.exe"+DCF2AF: 7D 6C                    -  jnl AOT2_EU.exe+DCF31D

"AOT2_EU.exe"+DCF2B1: 85 DB                    -  test ebx,ebx

"AOT2_EU.exe"+DCF2B3: 75 62                    -  jne AOT2_EU.exe+DCF317

"AOT2_EU.exe"+DCF2B5: B9 80 00 00 00           -  mov ecx,00000080

"AOT2_EU.exe"+DCF2BA: 83 FF 01                 -  cmp edi,01

"AOT2_EU.exe"+DCF2BD: 74 4C                    -  je AOT2_EU.exe+DCF30B

"AOT2_EU.exe"+DCF2BF: B8 00 02 00 00           -  mov eax,00000200

"AOT2_EU.exe"+DCF2C4: 44 3B D0                 -  cmp r10d,eax

"AOT2_EU.exe"+DCF2C7: 0F 44 C1                 -  cmove eax,ecx

"AOT2_EU.exe"+DCF2CA: 3B D0                    -  cmp edx,eax

}

Posted: **Sun Sep 16, 2018 9:34 pm**

^ Use code blocks next time.
[code][/code]

FearLess Cheat Engine

Attack on titan 2 auto dodge rework request

Attack on titan 2 auto dodge rework request

Re: Attack on titan 2 auto dodge rework request