Re: RAGE2 [Engine:APEX]
Posted: Fri May 24, 2019 8:58 pm
The table script DOES THE EXACT SAME THING. And if you go to first page, here, you can see that YES T_T. How about you fucking search for a change, eh? Thank you.
Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2757</ID>
<Description>"Test"</Description>
<Options moHideChildren="1"/>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(_Exp,RAGE2.exe,F3 0F 10 83 C4 01 00 00 F3 0F 11 45) // should be unique
alloc(ExpMem,$1000,RAGE2.exe)
alloc(_EXP1,8)
alloc(_EXP2,8)
alloc(_EXP3,8)
registersymbol(_EXP1)
registersymbol(_EXP2)
registersymbol(_EXP3)
registersymbol(_Exp)
ExpMem:
cmp [rbx+1b8],000075E0
je ExperienceBar1
cmp [rbx+1b8],000075D7
je ExperienceBar2
cmp [rbx+1b8],000075DB
je ExperienceBar3
jmp code
ExperienceBar1:
mov [_EXP1],rbx
jmp code
ExperienceBar2:
mov [_EXP2],rbx
jmp code
ExperienceBar3:
mov [_EXP3],rbx
jmp code
code:
movss xmm0,[rbx+000001C4]
jmp return
_Exp:
jmp ExpMem
nop
nop
nop
return:
registersymbol(_Exp)
_EXP1:
dd 0
_EXP2:
dd 0
_EXP3:
dd 0
[DISABLE]
_Exp:
db F3 0F 10 83 C4 01 00 00
unregistersymbol(_Exp)
unregistersymbol(_EXP1)
unregistersymbol(_EXP2)
unregistersymbol(_EXP3)
dealloc(_EXP1)
dealloc(_EXP2)
dealloc(_EXP3)
dealloc(ExpMem)
{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+B1A02C
"RAGE2.exe"+B1A002: 0F 84 DA 00 00 00 - je RAGE2.exe+B1A0E2
"RAGE2.exe"+B1A008: 48 83 C1 0C - add rcx,0C
"RAGE2.exe"+B1A00C: 48 3B CA - cmp rcx,rdx
"RAGE2.exe"+B1A00F: 75 EF - jne RAGE2.exe+B1A000
"RAGE2.exe"+B1A011: B8 FF FF FF FF - mov eax,FFFFFFFF
"RAGE2.exe"+B1A016: 89 45 20 - mov [rbp+20],eax
"RAGE2.exe"+B1A019: 4C 8D 45 20 - lea r8,[rbp+20]
"RAGE2.exe"+B1A01D: 48 8D 15 64 BF BF 01 - lea rdx,[RAGE2.exe+2715F88]
"RAGE2.exe"+B1A024: 48 8B CF - mov rcx,rdi
"RAGE2.exe"+B1A027: E8 14 D1 07 00 - call RAGE2.exe+B97140
// ---------- INJECTING HERE ----------
"RAGE2.exe"+B1A02C: F3 0F 10 83 C4 01 00 00 - movss xmm0,[rbx+000001C4]
// ---------- DONE INJECTING ----------
"RAGE2.exe"+B1A034: F3 0F 11 45 20 - movss [rbp+20],xmm0
"RAGE2.exe"+B1A039: 4C 8D 45 20 - lea r8,[rbp+20]
"RAGE2.exe"+B1A03D: 48 8D 15 2C BE BF 01 - lea rdx,[RAGE2.exe+2715E70]
"RAGE2.exe"+B1A044: 48 8B CF - mov rcx,rdi
"RAGE2.exe"+B1A047: E8 F4 D2 07 00 - call RAGE2.exe+B97340
"RAGE2.exe"+B1A04C: 8B D6 - mov edx,esi
"RAGE2.exe"+B1A04E: 48 8B CB - mov rcx,rbx
"RAGE2.exe"+B1A051: E8 3A 9B E1 FF - call RAGE2.exe+933B90
"RAGE2.exe"+B1A056: F3 0F 11 45 20 - movss [rbp+20],xmm0
"RAGE2.exe"+B1A05B: 4C 8D 45 20 - lea r8,[rbp+20]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>2767</ID>
<Description>"Char 1"</Description>
<Options moHideChildren="1"/>
<LastState Value="" RealAddress="00000000"/>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>2758</ID>
<Description>"Experience"</Description>
<VariableType>Float</VariableType>
<Address>_EXP1</Address>
<Offsets>
<Offset>1c4</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2761</ID>
<Description>"Current Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP1</Address>
<Offsets>
<Offset>1c8</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2762</ID>
<Description>"Max Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP1</Address>
<Offsets>
<Offset>1cc</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>2768</ID>
<Description>"Char 2"</Description>
<Options moHideChildren="1"/>
<LastState Value="" RealAddress="00000000"/>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>2759</ID>
<Description>"Experience"</Description>
<VariableType>Float</VariableType>
<Address>_EXP2</Address>
<Offsets>
<Offset>1c4</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2763</ID>
<Description>"Current Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP2</Address>
<Offsets>
<Offset>1C8</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2764</ID>
<Description>"Max Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP2</Address>
<Offsets>
<Offset>1cC</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>2769</ID>
<Description>"Char 3"</Description>
<Options moHideChildren="1"/>
<LastState Value="" RealAddress="00000000"/>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>2760</ID>
<Description>"Experience"</Description>
<VariableType>Float</VariableType>
<Address>_EXP3</Address>
<Offsets>
<Offset>1c4</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2765</ID>
<Description>"Current Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP3</Address>
<Offsets>
<Offset>1c8</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2766</ID>
<Description>"Max Level"</Description>
<VariableType>4 Bytes</VariableType>
<Address>_EXP3</Address>
<Offsets>
<Offset>1cc</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2786</ID>
<Description>"KillCombo"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(_KillCombo,RAGE2.exe,66 0F 6E 46 58)
aobscanmodule(_KillComboMulti,RAGE2.exe,89 47 58 83 F8 0A)
alloc(KillComboMem,$1000,RAGE2.exe)
alloc(_pKillCombo,8)
alloc(_enableKillComboMultiplier,8)
registersymbol(_enableKillComboMultiplier)
registersymbol(_KillComboMulti)
registersymbol(_pKillCombo)
registersymbol(_KillCombo)
KillComboMem:
mov [_pKillCombo],rsi
code:
movd xmm0,[rsi+58]
jmp return
KillComboMultiMem:
cmp [_enableKillComboMultiplier],0
je codeKillComboMulti
cmp [_enableKillComboMultiplier],1
je Combo_X2
cmp [_enableKillComboMultiplier],2
je Combo_X4
cmp [_enableKillComboMultiplier],3
je Combo_X8
cmp [_enableKillComboMultiplier],4
je Combo_X16
Combo_X2:
add [rdi+58],#2
cmp eax,0A
jmp returnKillComboMulti
Combo_X4:
add [rdi+58],#4
cmp eax,0A
jmp returnKillComboMulti
Combo_X8:
add [rdi+58],#8
cmp eax,0A
jmp returnKillComboMulti
Combo_X16:
add [rdi+58],#16
cmp eax,0A
jmp returnKillComboMulti
codeKillComboMulti:
mov [rdi+58],eax
cmp eax,0A
jmp returnKillComboMulti
_KillCombo:
jmp KillComboMem
return:
_KillComboMulti:
jmp KillComboMultiMem
nop
returnKillComboMulti:
_pKillCombo:
dd 0
_enableKillComboMultiplier:
dd 0
[DISABLE]
_KillCombo:
db 66 0F 6E 46 58
_KillComboMulti:
db 89 47 58 83 F8 0A
unregistersymbol(_KillCombo)
unregistersymbol(_pKillCombo)
unregistersymbol(_KillComboMulti)
unregistersymbol(_enableKillComboMultiplier)
dealloc(_enableKillComboMultiplier)
dealloc(_pKillCombo)
dealloc(KillComboMem)
{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+9B4C49
"RAGE2.exe"+9B4C19: 4C 8B 4D 7F - mov r9,[rbp+7F]
"RAGE2.exe"+9B4C1D: 4C 8B 45 D7 - mov r8,[rbp-29]
"RAGE2.exe"+9B4C21: B9 B3 EC F5 B7 - mov ecx,B7F5ECB3
"RAGE2.exe"+9B4C26: E8 B5 3D 81 FF - call RAGE2.exe+1C89E0
"RAGE2.exe"+9B4C2B: F3 0F 10 46 48 - movss xmm0,[rsi+48]
"RAGE2.exe"+9B4C30: F3 0F 58 46 3C - addss xmm0,dword ptr [rsi+3C]
"RAGE2.exe"+9B4C35: F3 0F 11 45 67 - movss [rbp+67],xmm0
"RAGE2.exe"+9B4C3A: C6 45 6B 02 - mov byte ptr [rbp+6B],02
"RAGE2.exe"+9B4C3E: C7 45 77 35 72 97 AE - mov [rbp+77],AE977235
"RAGE2.exe"+9B4C45: C6 45 7B 03 - mov byte ptr [rbp+7B],03
// ---------- INJECTING HERE ----------
"RAGE2.exe"+9B4C49: 66 0F 6E 46 58 - movd xmm0,[rsi+58]
// ---------- DONE INJECTING ----------
"RAGE2.exe"+9B4C4E: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"RAGE2.exe"+9B4C51: F3 0F 11 45 7F - movss [rbp+7F],xmm0
"RAGE2.exe"+9B4C56: C6 85 83 00 00 00 02 - mov byte ptr [rbp+00000083],02
"RAGE2.exe"+9B4C5D: C7 45 D7 DA 16 B2 B1 - mov [rbp-29],B1B216DA
"RAGE2.exe"+9B4C64: C6 45 DB 03 - mov byte ptr [rbp-25],03
"RAGE2.exe"+9B4C68: 44 89 64 24 38 - mov [rsp+38],r12d
"RAGE2.exe"+9B4C6D: 44 89 64 24 30 - mov [rsp+30],r12d
"RAGE2.exe"+9B4C72: 48 8B 45 67 - mov rax,[rbp+67]
"RAGE2.exe"+9B4C76: 48 89 44 24 28 - mov [rsp+28],rax
"RAGE2.exe"+9B4C7B: 48 8B 45 77 - mov rax,[rbp+77]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>2787</ID>
<Description>"Kill Combo"</Description>
<LastState Value="7" RealAddress="1E5FAFAA478"/>
<VariableType>4 Bytes</VariableType>
<Address>_pKillCombo</Address>
<Offsets>
<Offset>58</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>2789</ID>
<Description>"Kill Combo Multiplier"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Default
1:Kill Combo X2
2:Kill Combo X4
3:Kill Combo X8
4:Kill Combo X16
</DropDownList>
<LastState Value="2" RealAddress="7FF7F2AA1008"/>
<VariableType>Byte</VariableType>
<Address>_enableKillComboMultiplier</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2799</ID>
<Description>"OverdriveMod"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(_OverdriveMultiplier,RAGE2.exe,0F 11 02 0F 10 45 27)
aobscanmodule(_OverdriveTimerBase,RAGE2.exe,F3 41 0F 10 48 0C 41)
alloc(OverdriveMultiplierMem,$1000,RAGE2.exe)
alloc(_OverDriveMultiplierVar,8)
alloc(_pOverdriveTimer,8)
registersymbol(_pOverdriveTimer)
registersymbol(_OverdriveTimerBase)
registersymbol(_OverDriveMultiplierVar)
registersymbol(_OverdriveMultiplier)
OverdriveMultiplierMem:
codeOverdriveMultiplier:
movups [rdx],xmm0
movups xmm0,[rbp+27]
cmp rdx,[_pOverdriveTimer]
jne returnOverdriveMultiplier
fld [rdx+C]
fld [_OverDriveMultiplierVar]
faddp
fstp [rdx+C]
jmp returnOverdriveMultiplier
OverdriveTimerBaseMem:
mov [_pOverdriveTimer],r8
codeOverdriveTimerBase:
movss xmm1,[r8+0C]
jmp returnOverdriveTimerBase
_OverdriveMultiplier:
jmp OverdriveMultiplierMem
nop
nop
returnOverdriveMultiplier:
_OverdriveTimerBase:
jmp OverdriveTimerBaseMem
nop
returnOverdriveTimerBase:
_OverDriveMultiplierVar:
dd (float)0
_pOverdriveTimer:
dd 0
[DISABLE]
_OverdriveMultiplier:
db 0F 11 02 0F 10 45 27
_OverdriveTimerBase:
db F3 41 0F 10 48 0C
unregistersymbol(_OverdriveMultiplier)
unregistersymbol(_OverDriveMultiplierVar)
unregistersymbol(_OverdriveTimerBase)
unregistersymbol(_pOverdriveTimer)
dealloc(_pOverdriveTimer)
dealloc(_OverDriveMultiplierVar)
dealloc(OverdriveMultiplierMem)
{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+66A38F
"RAGE2.exe"+66A367: C7 44 24 20 1F 00 00 00 - mov [rsp+20],0000001F
"RAGE2.exe"+66A36F: 45 33 C9 - xor r9d,r9d
"RAGE2.exe"+66A372: 45 33 C0 - xor r8d,r8d
"RAGE2.exe"+66A375: 49 8B D3 - mov rdx,r11
"RAGE2.exe"+66A378: E8 73 2D CC FF - call RAGE2.exe+32D0F0
"RAGE2.exe"+66A37D: 48 8B 53 18 - mov rdx,[rbx+18]
"RAGE2.exe"+66A381: 48 39 53 20 - cmp [rbx+20],rdx
"RAGE2.exe"+66A385: 74 1E - je RAGE2.exe+66A3A5
"RAGE2.exe"+66A387: 0F 10 45 07 - movups xmm0,[rbp+07]
"RAGE2.exe"+66A38B: 0F 10 4D 17 - movups xmm1,[rbp+17]
// ---------- INJECTING HERE ----------
"RAGE2.exe"+66A38F: 0F 11 02 - movups [rdx],xmm0
"RAGE2.exe"+66A392: 0F 10 45 27 - movups xmm0,[rbp+27]
// ---------- DONE INJECTING ----------
"RAGE2.exe"+66A396: 0F 11 4A 10 - movups [rdx+10],xmm1
"RAGE2.exe"+66A39A: 0F 11 42 20 - movups [rdx+20],xmm0
"RAGE2.exe"+66A39E: 48 83 43 18 30 - add qword ptr [rbx+18],30
"RAGE2.exe"+66A3A3: EB 0D - jmp RAGE2.exe+66A3B2
"RAGE2.exe"+66A3A5: 4C 8D 45 07 - lea r8,[rbp+07]
"RAGE2.exe"+66A3A9: 48 8D 4B 10 - lea rcx,[rbx+10]
"RAGE2.exe"+66A3AD: E8 1E DF A5 FF - call RAGE2.exe+C82D0
"RAGE2.exe"+66A3B2: 48 8B B4 24 A0 00 00 00 - mov rsi,[rsp+000000A0]
"RAGE2.exe"+66A3BA: 0F 28 7C 24 70 - movaps xmm7,[rsp+70]
"RAGE2.exe"+66A3BF: 4C 8D 9C 24 90 00 00 00 - lea r11,[rsp+00000090]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>2800</ID>
<Description>"Overdrive Multiplier"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Default (10s)
10:Overdrive x2 (20s)
30:Overdrive x4 (40s)
50:Overdrive x6 (60s)
70:Overdrive x8 (80s)
110:Overdrive x12 (120s)
150:Overdrive x16 (160s)
</DropDownList>
<LastState Value="150" RealAddress="7FF7F2AB1000"/>
<VariableType>Float</VariableType>
<Address>_OverDriveMultiplierVar</Address>
</CheatEntry>
<CheatEntry>
<ID>2804</ID>
<Description>"Overdrive Timer"</Description>
<LastState Value="159.5332336" RealAddress="20A78A31C9C"/>
<VariableType>Float</VariableType>
<Address>_pOverdriveTimer</Address>
<Offsets>
<Offset>C</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
[ENABLE]
aobscanmodule(_AllCarsAvailable,RAGE2.exe,A6 07 00 80 BF 01 0D 00 00 00) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B1CB08)
label(code)
label(return)
newmem:
mov byte ptr [rdi+00000D01],00
code:
cmp byte ptr [rdi+00000D01],00
jmp return
_AllCarsAvailable+03:
jmp newmem
nop
nop
return:
registersymbol(_AllCarsAvailable)
[DISABLE]
_AllCarsAvailable+03:
db 80 BF 01 0D 00 00 00
unregistersymbol(_AllCarsAvailable)
dealloc(newmem)
Code: Select all
[ENABLE]
aobscanmodule(_UnlockAllNanotrites,RAGE2.exe,41 0F B6 86 F9 01 00 00 84) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B13494)
label(code)
label(return)
newmem:
mov byte ptr [r14+000001F9],1
code:
movzx eax,byte ptr [r14+000001F9]
jmp return
_UnlockAllNanotrites:
jmp newmem
nop
nop
nop
return:
registersymbol(_UnlockAllNanotrites)
[DISABLE]
_UnlockAllNanotrites:
db 41 0F B6 86 F9 01 00 00
unregistersymbol(_UnlockAllNanotrites)
dealloc(newmem)
Please, share it with us.All i got so far
Code: Select all
[ENABLE]
aobscanmodule(_ShowVehicleHealthBars,RAGE2.exe,80 B9 94 02 00 00 00 74 4D)
aobscanmodule(_HealthBarTimer,RAGE2.exe,F3 0F 58 81 90 02 00 00 0F)
alloc(ShowVehicleHealthBarsMem,$1000,"RAGE2.exe"+832080)
alloc(_enableVehicleESP,8)
registersymbol(_enableVehicleESP)
registersymbol(_HealthBarTimer)
registersymbol(_ShowVehicleHealthBars)
ShowVehicleHealthBarsMem:
cmp [_enableVehicleESP],1
jne codeShowVehicleHealthBars
mov byte ptr [rcx+00000294],01
codeShowVehicleHealthBars:
cmp byte ptr [rcx+00000294],00
jmp returnShowVehicleHealthBars
HealthBarTimerMem:
cmp [_enableVehicleESP],1
jne codeHealthBarTimer
mov [rcx+00000290],0
codeHealthBarTimer:
addss xmm0,dword ptr [rcx+00000290]
jmp returnHealthBarTimer
_ShowVehicleHealthBars:
jmp ShowVehicleHealthBarsMem
nop
nop
returnShowVehicleHealthBars:
_HealthBarTimer:
jmp HealthBarTimerMem
nop
nop
nop
returnHealthBarTimer:
_enableVehicleESP:
dd 1
[DISABLE]
_ShowVehicleHealthBars:
db 80 B9 94 02 00 00 00
_HealthBarTimer:
db F3 0F 58 81 90 02 00 00
unregistersymbol(_ShowVehicleHealthBars)
unregistersymbol(_HealthBarTimer)
unregistersymbol(_enableVehicleESP)
dealloc(_enableVehicleESP)
dealloc(ShowVehicleHealthBarsMem)
Code: Select all
[ENABLE]
aobscanmodule(_UnlockVehicleSkins,RAGE2.exe,80 3A 00 0F 44 C8) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B1CB84)
label(code)
label(return)
newmem:
mov byte ptr [rdx],1
code:
cmp byte ptr [rdx],00
cmove ecx,eax
jmp return
_UnlockVehicleSkins:
jmp newmem
nop
return:
registersymbol(_UnlockVehicleSkins)
[DISABLE]
_UnlockVehicleSkins:
db 80 3A 00 0F 44 C8
unregistersymbol(_UnlockVehicleSkins)
dealloc(newmem)
super! but on latest update unlock all vehicles don't working and can you provide script for unlimited items for merchants as separated CEA, pls?l0wb1t wrote: ↑Sat May 25, 2019 9:20 pmSpoiler
Vehicle ESP/Health Bars
Unlock Vehicle SkinsCode: Select all
[ENABLE] aobscanmodule(_ShowVehicleHealthBars,RAGE2.exe,80 B9 94 02 00 00 00 74 4D) aobscanmodule(_HealthBarTimer,RAGE2.exe,F3 0F 58 81 90 02 00 00 0F) alloc(ShowVehicleHealthBarsMem,$1000,"RAGE2.exe"+832080) alloc(_enableVehicleESP,8) registersymbol(_enableVehicleESP) registersymbol(_HealthBarTimer) registersymbol(_ShowVehicleHealthBars) ShowVehicleHealthBarsMem: cmp [_enableVehicleESP],1 jne codeShowVehicleHealthBars mov byte ptr [rcx+00000294],01 codeShowVehicleHealthBars: cmp byte ptr [rcx+00000294],00 jmp returnShowVehicleHealthBars HealthBarTimerMem: cmp [_enableVehicleESP],1 jne codeHealthBarTimer mov [rcx+00000290],0 codeHealthBarTimer: addss xmm0,dword ptr [rcx+00000290] jmp returnHealthBarTimer _ShowVehicleHealthBars: jmp ShowVehicleHealthBarsMem nop nop returnShowVehicleHealthBars: _HealthBarTimer: jmp HealthBarTimerMem nop nop nop returnHealthBarTimer: _enableVehicleESP: dd 1 [DISABLE] _ShowVehicleHealthBars: db 80 B9 94 02 00 00 00 _HealthBarTimer: db F3 0F 58 81 90 02 00 00 unregistersymbol(_ShowVehicleHealthBars) unregistersymbol(_HealthBarTimer) unregistersymbol(_enableVehicleESP) dealloc(_enableVehicleESP) dealloc(ShowVehicleHealthBarsMem)
Code: Select all
[ENABLE] aobscanmodule(_UnlockVehicleSkins,RAGE2.exe,80 3A 00 0F 44 C8) // should be unique alloc(newmem,$1000,"RAGE2.exe"+B1CB84) label(code) label(return) newmem: mov byte ptr [rdx],1 code: cmp byte ptr [rdx],00 cmove ecx,eax jmp return _UnlockVehicleSkins: jmp newmem nop return: registersymbol(_UnlockVehicleSkins) [DISABLE] _UnlockVehicleSkins: db 80 3A 00 0F 44 C8 unregistersymbol(_UnlockVehicleSkins) dealloc(newmem)
My Table So FarSpoiler
Does the Script just wont tick?
Code: Select all
[ENABLE]
aobscanmodule(_MerchantsHasInfiniteItemsToSell,RAGE2.exe,41 8B 40 0C 89 42 0C 41 8B 40 14) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+AB2F06)
label(code)
label(return)
newmem:
mov eax,[r8+08],#999
mov eax,[r8+0C],#999
code:
mov eax,[r8+0C]
mov [rdx+0C],eax
jmp return
_MerchantsHasInfiniteItemsToSell:
jmp newmem
nop
nop
return:
registersymbol(_MerchantsHasInfiniteItemsToSell)
[DISABLE]
_MerchantsHasInfiniteItemsToSell:
db 41 8B 40 0C 89 42 0C
unregistersymbol(_MerchantsHasInfiniteItemsToSell)
dealloc(newmem)
Code: Select all
[ENABLE]
aobscanmodule(_UnlockMap,RAGE2.exe,80 7A 28 00 7E 18) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+7EEFC2)
newmem:
mov byte ptr [rdx+28],3
code:
cmp byte ptr [rdx+28],00
jle _UnlockMap+1E
jmp return
_UnlockMap:
jmp newmem
nop
return:
registersymbol(_UnlockMap)
[DISABLE]
_UnlockMap:
db 80 7A 28 00 7E 18
unregistersymbol(_UnlockMap)
dealloc(newmem)
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2909</ID>
<Description>"PlayerESP"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : RAGE2.exe
Version:
Date : 2019-05-26
Author : l0wb1
This script does blah blah blah
}
[ENABLE]
aobscanmodule(_PlayerESP,RAGE2.exe,49 8B 81 80 02 00 00 48) // should be unique
alloc(PlayerESPMem,$1000,"RAGE2.exe"+783446)
alloc(_pPlayerESP,8)
registersymbol(_pPlayerESP)
registersymbol(_PlayerESP)
PlayerESPMem:
mov [_pPlayerESP],r15
codePlayerESP:
mov rax,[r9+00000280]
jmp returnPlayerESP
_PlayerESP:
jmp PlayerESPMem
nop
nop
returnPlayerESP:
_pPlayerESP:
dd 0
[DISABLE]
_PlayerESP:
db 49 8B 81 80 02 00 00
unregistersymbol(_PlayerESP)
unregistersymbol(_pPlayerESP)
dealloc(_pPlayerESP)
dealloc(PlayerESPMem)
{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+783446
"RAGE2.exe"+78342A: F0 41 0F B1 48 08 - lock cmpxchg [r8+08],ecx
"RAGE2.exe"+783430: 74 06 - je RAGE2.exe+783438
"RAGE2.exe"+783432: 8B D0 - mov edx,eax
"RAGE2.exe"+783434: 85 C0 - test eax,eax
"RAGE2.exe"+783436: EB EB - jmp RAGE2.exe+783423
"RAGE2.exe"+783438: 85 D2 - test edx,edx
"RAGE2.exe"+78343A: 74 34 - je RAGE2.exe+783470
"RAGE2.exe"+78343C: 4C 8B 44 24 48 - mov r8,[rsp+48]
"RAGE2.exe"+783441: 4D 85 C0 - test r8,r8
"RAGE2.exe"+783444: 74 3B - je RAGE2.exe+783481
// ---------- INJECTING HERE ----------
"RAGE2.exe"+783446: 49 8B 81 80 02 00 00 - mov rax,[r9+00000280]
// ---------- DONE INJECTING ----------
"RAGE2.exe"+78344D: 48 89 44 24 40 - mov [rsp+40],rax
"RAGE2.exe"+783452: 48 85 C0 - test rax,rax
"RAGE2.exe"+783455: 74 2A - je RAGE2.exe+783481
"RAGE2.exe"+783457: 45 38 6F 28 - cmp [r15+28],r13l
"RAGE2.exe"+78345B: 74 1A - je RAGE2.exe+783477
"RAGE2.exe"+78345D: F3 41 0F 10 87 90 00 00 00 - movss xmm0,[r15+00000090]
"RAGE2.exe"+783466: F3 0F 11 80 B4 01 00 00 - movss [rax+000001B4],xmm0
"RAGE2.exe"+78346E: EB 11 - jmp RAGE2.exe+783481
"RAGE2.exe"+783470: 4C 89 6C 24 48 - mov [rsp+48],r13
"RAGE2.exe"+783475: EB 0A - jmp RAGE2.exe+783481
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>2914</ID>
<Description>"Player ESP"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Disabled
1:Enabled
</DropDownList>
<LastState Value="1" RealAddress="25D71F919A8"/>
<VariableType>Byte</VariableType>
<Address>_pPlayerESP</Address>
<Offsets>
<Offset>28</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Use my Table, then use Tele to random enemy / Teleport to Random Vehicle( Hotkey = MB4/MB5), keep spamming it.aberro wrote: ↑Sun May 26, 2019 2:53 pmCould you please advice me... In short, I've stuck in Rage 2 inside bunker with all autosaves in that bunker and last manual save almost at beginning of the game (while currently I've completed most of map markers).
I've tried to glitch through textures (partially successful, as this bunker is surrounded by collision box, blocking everything), to cheat my map position (got almost 400k values that won't filter out), to find my running speed so I can ran through collision box (found something very close, but changing it doesn't do anything), everything without any luck.
Maybe you know what else I could do to get out of that bunker?
Code: Select all
[ENABLE]
aobscanmodule(_AbilityDurationTimer,RAGE2.exe,1F F3 0F 10 49 58) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+6898CE)
newmem:
mov [rcx+58],(float)100
code:
movss xmm1,[rcx+58]
jmp return
_AbilityDurationTimer+01:
jmp newmem
return:
registersymbol(_AbilityDurationTimer)
[DISABLE]
_AbilityDurationTimer+01:
db F3 0F 10 49 58
unregistersymbol(_AbilityDurationTimer)
dealloc(newmem)