Inf Bonding : Updated/add script to handle June 15, the day before midterm.
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>4257</ID>
<Description>"Bonding Remain >=1"</Description>
<Options moHideChildren="1" moActivateChildrenAsWell="1" moDeactivateChildrenAsWell="1"/>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(ToCS_BondingEQG1_AOB,ed8.exe,89 94 81 0C 16 00 00) // should be unique
registersymbol(ToCS_BondingEQG1_AOB)
alloc(newmem,$1000)
label(code)
label(return)
label(flag615)
registersymbol(flag615)
newmem:
mov [flag615],#0
cmp [ecx+0000161C],6
jne code
cmp [ecx+00001620],f
jne code
mov [flag615],#1
jmp @F
code:
cmp [flag615],#1
je @F
cmp edx,#1
jge @F
cmp eax,#9
je return
@@:
mov [ecx+eax*4+0000160C],edx
jmp return
flag615:
dd 0
ToCS_BondingEQG1_AOB:
jmp newmem
nop
nop
return:
[DISABLE]
ToCS_BondingEQG1_AOB:
db 89 94 81 0C 16 00 00
unregistersymbol(ToCS_BondingEQG1_AOB)
unregistersymbol(flag615)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ed8.exe"+1D069E
"ed8.exe"+1D068C: CC - int 3
"ed8.exe"+1D068D: CC - int 3
"ed8.exe"+1D068E: CC - int 3
"ed8.exe"+1D068F: CC - int 3
"ed8.exe"+1D0690: 55 - push ebp
"ed8.exe"+1D0691: 8B EC - mov ebp,esp
"ed8.exe"+1D0693: 8B 45 08 - mov eax,[ebp+08]
"ed8.exe"+1D0696: 83 F8 40 - cmp eax,40
"ed8.exe"+1D0699: 73 0A - jae ed8.exe+1D06A5
"ed8.exe"+1D069B: 8B 55 0C - mov edx,[ebp+0C]
// ---------- INJECTING HERE ----------
"ed8.exe"+1D069E: 89 94 81 0C 16 00 00 - mov [ecx+eax*4+0000160C],edx
// ---------- DONE INJECTING ----------
"ed8.exe"+1D06A5: 5D - pop ebp
"ed8.exe"+1D06A6: C2 08 00 - ret 0008
"ed8.exe"+1D06A9: CC - int 3
"ed8.exe"+1D06AA: CC - int 3
"ed8.exe"+1D06AB: CC - int 3
"ed8.exe"+1D06AC: CC - int 3
"ed8.exe"+1D06AD: CC - int 3
"ed8.exe"+1D06AE: CC - int 3
"ed8.exe"+1D06AF: CC - int 3
"ed8.exe"+1D06B0: 55 - push ebp
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>4359</ID>
<Description>"June 15 workaround"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>
[ENABLE]
aobscanmodule(ToCS_SetPoints4June15,ed8.exe,8B 84 81 0C 16 00 00) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
cmp [ecx+0000161C],6
jne code
cmp [ecx+00001620],f
jne code
cmp [ecx+00001630],3
jne code
cmp [ecx+00001634],3
jne code
mov [flag615],#1
mov [ecx+00001634],6
mov [ecx+00001630],6
code:
mov eax,[ecx+eax*4+0000160C]
jmp return
ToCS_SetPoints4June15:
jmp newmem
nop
nop
return:
registersymbol(ToCS_SetPoints4June15)
[DISABLE]
ToCS_SetPoints4June15:
db 8B 84 81 0C 16 00 00
unregistersymbol(ToCS_SetPoints4June15)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ed8.exe"+1D06BB
"ed8.exe"+1D06AB: CC - int 3
"ed8.exe"+1D06AC: CC - int 3
"ed8.exe"+1D06AD: CC - int 3
"ed8.exe"+1D06AE: CC - int 3
"ed8.exe"+1D06AF: CC - int 3
"ed8.exe"+1D06B0: 55 - push ebp
"ed8.exe"+1D06B1: 8B EC - mov ebp,esp
"ed8.exe"+1D06B3: 8B 45 08 - mov eax,[ebp+08]
"ed8.exe"+1D06B6: 83 F8 40 - cmp eax,40
"ed8.exe"+1D06B9: 73 0B - jae ed8.exe+1D06C6
// ---------- INJECTING HERE ----------
"ed8.exe"+1D06BB: 8B 84 81 0C 16 00 00 - mov eax,[ecx+eax*4+0000160C]
// ---------- DONE INJECTING ----------
"ed8.exe"+1D06C2: 5D - pop ebp
"ed8.exe"+1D06C3: C2 04 00 - ret 0004
"ed8.exe"+1D06C6: 33 C0 - xor eax,eax
"ed8.exe"+1D06C8: 5D - pop ebp
"ed8.exe"+1D06C9: C2 04 00 - ret 0004
"ed8.exe"+1D06CC: CC - int 3
"ed8.exe"+1D06CD: CC - int 3
"ed8.exe"+1D06CE: CC - int 3
"ed8.exe"+1D06CF: CC - int 3
"ed8.exe"+1D06D0: 55 - push ebp
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>4357</ID>
<Description>"6/15 Flag"</Description>
<VariableType>2 Bytes</VariableType>
<Address>flag615</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>