[Help]About "binding of isaac: repentance" cheats in this game

Add topics here with methods, analysis, code snippets, mods etc. for a certain game that normally won't make it in the Tables or Requests sections.
Post Reply
IkariShinji
What is cheating?
What is cheating?
Posts: 3
Joined: Thu Mar 31, 2022 6:42 am
Reputation: 0

[Help]About "binding of isaac: repentance" cheats in this game

Post by IkariShinji »

I've recently been trying to use Cheat Engine to modify the binding of isaac:repentance game, but I'm running into two issues that annoy me a lot.
1. I found the CT Table written by other people through Google, I can understand the content of the script, but I don't know how the injection point of this script is found?

Code: Select all

{ Game   : isaac-ng.exe
  Version:
  Date   : 2021-04-12
  Author : Akira Fudo
}

[ENABLE]

aobscanmodule(RandomItemSpawn,isaac-ng.exe,8B 40 44 C1 E8 0D 24) // should be unique
alloc(newmem,$1000)

label(code)
label(return)
label(randomItem)

newmem:

code:
  push rcx
  mov rcx,[randomItem]
  mov [eax+44],rcx
  mov eax,[eax+44]
  shr eax,0D
  pop rcx
  jmp return

randomItem:
  dq (int)2

RandomItemSpawn:
  jmp newmem
  nop
return:
registersymbol(RandomItemSpawn)
registersymbol(randomItem)

[DISABLE]

RandomItemSpawn:
  db 8B 40 44 C1 E8 0D

unregistersymbol(RandomItemSpawn)
unregistersymbol(randomItem)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: isaac-ng.exe+315C7A

isaac-ng.exe+315C51: 8B 87 60 01 00 00  - mov eax,[edi+00000160]
isaac-ng.exe+315C57: 25 00 40 00 00     - and eax,00004000
isaac-ng.exe+315C5C: 83 C8 00           - or eax,00
isaac-ng.exe+315C5F: 75 41              - jne isaac-ng.exe+315CA2
isaac-ng.exe+315C61: 39 86 70 B4 01 00  - cmp [esi+0001B470],eax
isaac-ng.exe+315C67: 75 39              - jne isaac-ng.exe+315CA2
isaac-ng.exe+315C69: 39 86 A8 B6 01 00  - cmp [esi+0001B6A8],eax
isaac-ng.exe+315C6F: 75 31              - jne isaac-ng.exe+315CA2
isaac-ng.exe+315C71: 8B 86 90 81 01 00  - mov eax,[esi+00018190]
isaac-ng.exe+315C77: 8B 40 04           - mov eax,[eax+04]
// ---------- INJECTING HERE ----------
isaac-ng.exe+315C7A: 8B 40 44           - mov eax,[eax+44]
// ---------- DONE INJECTING  ----------
isaac-ng.exe+315C7D: C1 E8 0D           - shr eax,0D
isaac-ng.exe+315C80: 24 01              - and al,01
isaac-ng.exe+315C82: 3A 87 F8 1E 00 00  - cmp al,[edi+00001EF8]
isaac-ng.exe+315C88: 74 18              - je isaac-ng.exe+315CA2
isaac-ng.exe+315C8A: 8B CF              - mov ecx,edi
isaac-ng.exe+315C8C: 84 C0              - test al,al
isaac-ng.exe+315C8E: 74 07              - je isaac-ng.exe+315C97
isaac-ng.exe+315C90: E8 3B 72 04 00     - call isaac-ng.exe+35CED0
isaac-ng.exe+315C95: EB 05              - jmp isaac-ng.exe+315C9C
isaac-ng.exe+315C97: E8 C4 73 04 00     - call isaac-ng.exe+35D060
}
2. I tried to modify Isaac's properties, but it didn't work.
[Link]
I've changed this value, but when I go back to the game, it's back to how it was.
[Link]
I've tried many ways but it still doesn't work, can anyone tell me what's going on? I really appreciate your answer.

IkariShinji
What is cheating?
What is cheating?
Posts: 3
Joined: Thu Mar 31, 2022 6:42 am
Reputation: 0

Re: [Help]About "binding of isaac: repentance" cheats in this game

Post by IkariShinji »

The first script is about automatically generating random items, I don't know how to find this function without stealing someone else's script.

User avatar
Akira
Table Makers
Table Makers
Posts: 1268
Joined: Fri May 24, 2019 2:04 am
Reputation: 1675

Re: [Help]About "binding of isaac: repentance" cheats in this game

Post by Akira »

IkariShinji wrote:
Thu Mar 31, 2022 7:18 am
Author : Akira Fudo
That's my script ;)

I had found a class which holds a lot of useful values and tested what each value does and when I found the value which triggers the items to spawn I simply found out what accessed it and made a script with one of the addresses which accessed it.

IkariShinji
What is cheating?
What is cheating?
Posts: 3
Joined: Thu Mar 31, 2022 6:42 am
Reputation: 0

Re: [Help]About "binding of isaac: repentance" cheats in this game

Post by IkariShinji »

Akira wrote:
Tue Apr 12, 2022 11:13 pm
IkariShinji wrote:
Thu Mar 31, 2022 7:18 am
Author : Akira Fudo
That's my script ;)

I had found a class which holds a lot of useful values and tested what each value does and when I found the value which triggers the items to spawn I simply found out what accessed it and made a script with one of the addresses which accessed it.
extremely grateful :D 。But where is this value found? I'm curious how this idea was discovered.

User avatar
Akira
Table Makers
Table Makers
Posts: 1268
Joined: Fri May 24, 2019 2:04 am
Reputation: 1675

Re: [Help]About "binding of isaac: repentance" cheats in this game

Post by Akira »

IkariShinji wrote:
Wed Apr 27, 2022 2:46 am
extremely grateful :D 。But where is this value found? I'm curious how this idea was discovered.
:|

Lets take a look at this (from a completely different game):

Code: Select all

Class /Script/LF.LFCharacterStatusComponent
[      B8] FloatProperty /Script/LF.LFCharacterStatusComponent:DefaultMaxHealth
[      BC] FloatProperty /Script/LF.LFCharacterStatusComponent:DefaultDamage
[      C0] ArrayProperty /Script/LF.LFCharacterStatusComponent:EquipmentStatus
[      D0] ArrayProperty /Script/LF.LFCharacterStatusComponent:CharacterStatus
[      E0] FloatProperty /Script/LF.LFCharacterStatusComponent:CharacterHealth
[      E4] FloatProperty /Script/LF.LFCharacterStatusComponent:CharacterStamina
[      E8] ArrayProperty /Script/LF.LFCharacterStatusComponent:ExtraStatuses 
[      F8] MapProperty /Script/LF.LFCharacterStatusComponent:MaxStatusMap
[       0] EnumProperty /Script/LF.LFCharacterStatusComponent:MaxStatusMap.MaxStatusMap_Key
[       1] EnumProperty /Script/LF.LFCharacterStatusComponent:MaxStatusMap.MaxStatusMap
Here we have the LFCharacterStatusComponent class which has few useful values.
On the left side you see the offsets, for example offset E0 is the CharacterHealth and E4 is the CharacterStamina, as you can see they are just 4 Bytes away from each other.
So I scan for example for the CharacterHealth and when I got it I can also get the other values.
I can just take the value address of CharacterHealth and increase it by 4 Bytes to get the CharacterStamina.

Now in the binding of isaac we do not have a offset dump, so we don't know the function names and also not their offsets.
So we just scan for the health (hearts) value for example and when we have it we can take a look at the values which are next to it (best to use the structure dissect for a better overview), ofc we gotte change these values and/or find out what accesses 'em to find out if they are useful in anyway.
That's pretty much all I did, well ofc I made some scripts for the stuff after I had found it.

Post Reply

Who is online

Users browsing this forum: No registered users