Wave Cannon modifiers for 1.0.7
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>231</ID>
<Description>"Instant max Wave Cannon Charge"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : RTypeFinal2-Win64-Shipping.exe
Version:
Date : 2021-10-16
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(highbeam,RTypeFinal2-Win64-Shipping.exe,48 89 83 4C 04 00 00) // should be unique
alloc(newmem,$1000,highbeam)
label(code)
label(return)
newmem:
code:
mov [rbx+0000044C],(float)9999
jmp return
highbeam:
jmp newmem
nop 2
return:
registersymbol(highbeam)
[DISABLE]
highbeam:
db 48 89 83 4C 04 00 00
unregistersymbol(highbeam)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: RTypeFinal2-Win64-Shipping.exe+1485AE2
RTypeFinal2-Win64-Shipping.exe+1485AC0: 48 8B 0F - mov rcx,[rdi]
RTypeFinal2-Win64-Shipping.exe+1485AC3: 48 85 C9 - test rcx,rcx
RTypeFinal2-Win64-Shipping.exe+1485AC6: 74 09 - je RTypeFinal2-Win64-Shipping.exe+1485AD1
RTypeFinal2-Win64-Shipping.exe+1485AC8: 48 8B 01 - mov rax,[rcx]
RTypeFinal2-Win64-Shipping.exe+1485ACB: FF 90 50 06 00 00 - call qword ptr [rax+00000650]
RTypeFinal2-Win64-Shipping.exe+1485AD1: 48 83 C7 08 - add rdi,08
RTypeFinal2-Win64-Shipping.exe+1485AD5: 48 3B FE - cmp rdi,rsi
RTypeFinal2-Win64-Shipping.exe+1485AD8: 75 E6 - jne RTypeFinal2-Win64-Shipping.exe+1485AC0
RTypeFinal2-Win64-Shipping.exe+1485ADA: 33 C0 - xor eax,eax
RTypeFinal2-Win64-Shipping.exe+1485ADC: 39 83 70 04 00 00 - cmp [rbx+00000470],eax
// ---------- INJECTING HERE ----------
RTypeFinal2-Win64-Shipping.exe+1485AE2: 48 89 83 4C 04 00 00 - mov [rbx+0000044C],rax
// ---------- DONE INJECTING ----------
RTypeFinal2-Win64-Shipping.exe+1485AE9: 66 89 83 64 04 00 00 - mov [rbx+00000464],ax
RTypeFinal2-Win64-Shipping.exe+1485AF0: 7F 29 - jg RTypeFinal2-Win64-Shipping.exe+1485B1B
RTypeFinal2-Win64-Shipping.exe+1485AF2: C7 83 48 04 00 00 01 00 00 00 - mov [rbx+00000448],00000001
RTypeFinal2-Win64-Shipping.exe+1485AFC: 48 8B CB - mov rcx,rbx
RTypeFinal2-Win64-Shipping.exe+1485AFF: C7 83 54 04 00 00 FF FF FF FF - mov [rbx+00000454],FFFFFFFF
RTypeFinal2-Win64-Shipping.exe+1485B09: 48 89 83 58 04 00 00 - mov [rbx+00000458],rax
RTypeFinal2-Win64-Shipping.exe+1485B10: 48 8B 03 - mov rax,[rbx]
RTypeFinal2-Win64-Shipping.exe+1485B13: FF 90 C0 09 00 00 - call qword ptr [rax+000009C0]
RTypeFinal2-Win64-Shipping.exe+1485B19: EB 17 - jmp RTypeFinal2-Win64-Shipping.exe+1485B32
RTypeFinal2-Win64-Shipping.exe+1485B1B: C7 83 48 04 00 00 00 01 00 00 - mov [rbx+00000448],00000100
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>232</ID>
<Description>"Instant Loop Charge"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : RTypeFinal2-Win64-Shipping.exe
Version:
Date : 2021-10-16
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(beamAoB,RTypeFinal2-Win64-Shipping.exe,F3 0F 11 B7 4C 04 00 00) // should be unique
alloc(newmem,$1000,beamAoB)
label(code)
label(return)
newmem:
code:
add [rdi+0000044C],(float)10000
//movss [rdi+0000044C],xmm6
jmp return
beamAoB:
jmp newmem
nop 3
return:
registersymbol(beamAoB)
[DISABLE]
beamAoB:
db F3 0F 11 B7 4C 04 00 00
unregistersymbol(beamAoB)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: RTypeFinal2-Win64-Shipping.exe+1499A62
RTypeFinal2-Win64-Shipping.exe+1499A2C: C6 87 65 04 00 00 01 - mov byte ptr [rdi+00000465],01
RTypeFinal2-Win64-Shipping.exe+1499A33: E9 86 00 00 00 - jmp RTypeFinal2-Win64-Shipping.exe+1499ABE
RTypeFinal2-Win64-Shipping.exe+1499A38: 48 63 87 58 04 00 00 - movsxd rax,dword ptr [rdi+00000458]
RTypeFinal2-Win64-Shipping.exe+1499A3F: F3 41 0F 59 B4 87 D0 51 02 04 - mulss xmm6,[r15+rax*4+040251D0]
RTypeFinal2-Win64-Shipping.exe+1499A49: 8D 50 01 - lea edx,[rax+01]
RTypeFinal2-Win64-Shipping.exe+1499A4C: 66 0F 6E C2 - movd xmm0,edx
RTypeFinal2-Win64-Shipping.exe+1499A50: 0F 5B C0 - cvtdq2ps xmm0,xmm0
RTypeFinal2-Win64-Shipping.exe+1499A53: F3 0F 58 B7 4C 04 00 00 - addss xmm6,[rdi+0000044C]
RTypeFinal2-Win64-Shipping.exe+1499A5B: F3 0F 59 C2 - mulss xmm0,xmm2
RTypeFinal2-Win64-Shipping.exe+1499A5F: 0F 2F F0 - comiss xmm6,xmm0
// ---------- INJECTING HERE ----------
RTypeFinal2-Win64-Shipping.exe+1499A62: F3 0F 11 B7 4C 04 00 00 - movss [rdi+0000044C],xmm6
// ---------- DONE INJECTING ----------
RTypeFinal2-Win64-Shipping.exe+1499A6A: 72 5B - jb RTypeFinal2-Win64-Shipping.exe+1499AC7
RTypeFinal2-Win64-Shipping.exe+1499A6C: F3 0F 5C F0 - subss xmm6,xmm0
RTypeFinal2-Win64-Shipping.exe+1499A70: F3 41 0F 5E B4 87 D0 51 02 04 - divss xmm6,[r15+rax*4+040251D0]
RTypeFinal2-Win64-Shipping.exe+1499A7A: C6 87 4A 04 00 00 01 - mov byte ptr [rdi+0000044A],01
RTypeFinal2-Win64-Shipping.exe+1499A81: F3 0F 11 87 4C 04 00 00 - movss [rdi+0000044C],xmm0
RTypeFinal2-Win64-Shipping.exe+1499A89: 3B 97 60 04 00 00 - cmp edx,[rdi+00000460]
RTypeFinal2-Win64-Shipping.exe+1499A8F: 7C 17 - jl RTypeFinal2-Win64-Shipping.exe+1499AA8
RTypeFinal2-Win64-Shipping.exe+1499A91: 44 89 B7 50 04 00 00 - mov [rdi+00000450],r14d
RTypeFinal2-Win64-Shipping.exe+1499A98: C6 87 4B 04 00 00 01 - mov byte ptr [rdi+0000044B],01
RTypeFinal2-Win64-Shipping.exe+1499A9F: C6 87 64 04 00 00 01 - mov byte ptr [rdi+00000464],01
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
Ship Counter
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>233</ID>
<Description>"Infinite Lives"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : RTypeFinal2-Win64-Shipping.exe
Version: v1.0.7
Date : 2021-10-16
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(lives,RTypeFinal2-Win64-Shipping.exe,89 91 44 02 00 00 C3) // should be unique
alloc(newmem,$1000,lives)
label(code)
label(return)
newmem:
code:
mov [rcx+00000244],(int)99
jmp return
lives:
jmp newmem
nop
return:
registersymbol(lives)
[DISABLE]
lives:
db 89 91 44 02 00 00
unregistersymbol(lives)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: RTypeFinal2-Win64-Shipping.exe+EE1B80
RTypeFinal2-Win64-Shipping.exe+EE1B70: C6 81 96 02 00 00 01 - mov byte ptr [rcx+00000296],01
RTypeFinal2-Win64-Shipping.exe+EE1B77: C3 - ret
RTypeFinal2-Win64-Shipping.exe+EE1B78: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B79: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7A: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7B: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7C: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7D: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7E: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B7F: CC - int 3
// ---------- INJECTING HERE ----------
RTypeFinal2-Win64-Shipping.exe+EE1B80: 89 91 44 02 00 00 - mov [rcx+00000244],edx
// ---------- DONE INJECTING ----------
RTypeFinal2-Win64-Shipping.exe+EE1B86: C3 - ret
RTypeFinal2-Win64-Shipping.exe+EE1B87: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B88: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B89: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8A: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8B: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8C: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8D: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8E: CC - int 3
RTypeFinal2-Win64-Shipping.exe+EE1B8F: CC - int 3
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
now I'm stuck with Dose I have no clue what type of value it is but based on the table it should be float but searching for an approx value isnt giving me anything of that sort
@ndck76
I tried to crawled through your game instance AoB do you think the ship upgrades are located near that part? I did try to use cake-san's UE cheat engine script I did see player_bit1 and player_bit2 addresses