Re: Darksiders 3 - Unreal Engine 4 Console, Dumper and more..
Posted: Thu Nov 29, 2018 7:47 am
Updated main post with the table. Get it there
Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/
Code: Select all
Darksiders3-Win64-Shipping.exe+32BCA0 - 40 53 - push rbx
Darksiders3-Win64-Shipping.exe+32BCA2 - 48 83 EC 30 - sub rsp,30 { 48 }
Darksiders3-Win64-Shipping.exe+32BCA6 - 48 8B D9 - mov rbx,rcx
Darksiders3-Win64-Shipping.exe+32BCA9 - 0F29 74 24 20 - movaps [rsp+20],xmm6
Code: Select all
Darksiders3-Win64-Shipping.exe+32BCF2 - 48 8D 54 24 40 - lea rdx,[rsp+40]
Darksiders3-Win64-Shipping.exe+32BCF7 - E8 44B0EBFF - call Darksiders3-Win64-Shipping.exe+1E6D40
Code: Select all
Darksiders3-Win64-Shipping.exe+1E6E54 - 48 8B CB - mov rcx,rbx
Darksiders3-Win64-Shipping.exe+1E6E57 - E8 D4C15300 - call Darksiders3-Win64-Shipping.exe+723030 <-- F8 over this
Darksiders3-Win64-Shipping.exe+1E6E5C - 48 85 C0 - test rax,rax <-- stop here
Code: Select all
[310180] Widget_HUD_C Transient.GameEngine_1.DS3GameInstance_C_1.Widget_HUD_C_1 0x0000026EAD42D0C0
Code: Select all
Darksiders3-Win64-Shipping.exe+1E6E61 - 48 8B 53 08 - mov rdx,[rbx+08]
Darksiders3-Win64-Shipping.exe+1E6E65 - 48 8B C8 - mov rcx,rax
Darksiders3-Win64-Shipping.exe+1E6E68 - E8 F3F15100 - call Darksiders3-Win64-Shipping.exe+706060
Darksiders3-Win64-Shipping.exe+1E6E6D - 48 85 C0 - test rax,rax <-- stop here
Code: Select all
[050377] Function Widget_HUD.Widget_HUD_C.Update Health 0x0000026E86B98F80
Code: Select all
Darksiders3-Win64-Shipping.exe+1E6EA2 - 48 8B D8 - mov rbx,rax
Darksiders3-Win64-Shipping.exe+1E6EA5 - E8 D6F15100 - call Darksiders3-Win64-Shipping.exe+706080
Darksiders3-Win64-Shipping.exe+1E6EAA - 4C 8B 0B - mov r9,[rbx]
Code: Select all
Darksiders3-Win64-Shipping.exe+7060F8 - 4C 8D 05 31EAA501 - lea r8,[Darksiders3-Win64-Shipping.exe+2164B30] { ["Failed to find function %s in %"] }
Code: Select all
Darksiders3-Win64-Shipping.exe+1E6EAA - 4C 8B 0B - mov r9,[rbx]
Darksiders3-Win64-Shipping.exe+1E6EAD - 4D 8B C7 - mov r8,r15
Darksiders3-Win64-Shipping.exe+1E6EB0 - 48 8B D0 - mov rdx,rax
Darksiders3-Win64-Shipping.exe+1E6EB3 - 48 8B CB - mov rcx,rbx
Darksiders3-Win64-Shipping.exe+1E6EB6 - 41 FF 91 F8010000 - call qword ptr [r9+000001F8] <-- here
Code: Select all
Line 68357: [070345] Function BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode | 0x000002341E888F80
Code: Select all
Darksiders3-Win64-Shipping.exe+32BCF2 - 48 8D 54 24 40 - lea rdx,[rsp+40]
Darksiders3-Win64-Shipping.exe+32BCF7 - E8 44B0EBFF - call Darksiders3-Win64-Shipping.exe+1E6D40
Code: Select all
Darksiders3-Win64-Shipping.exe+1E6EA5 - E8 D6F15100 - call Darksiders3-Win64-Shipping.exe+706080
Darksiders3-Win64-Shipping.exe+1E6EAA - 4C 8B 0B - mov r9,[rbx] <-- stop here
Code: Select all
[050266] Function Widget_HUD.Widget_HUD_C.Update Health 0x000001C78C7C8440
Code: Select all
[069023] Function BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode 0x000001C7B2A51A80
Code: Select all
[050266] Function Widget_HUD.Widget_HUD_C.Update Health 0x000001C78C7C8440
Line 67780: [069023] Function BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode 0x000001C7B2A51A80
0000: 0F B0 4F 6D B7 C7 01 00 00 00 B0 4F 6D B7 C7 01
0010: 00 00 21 7F 66 03 00 7F 66 03 00 00 00 00 00 07
0020: 86 00 00 00 00 80 75 8A B7 C7 01 00 00 5F 00 80
0030: 80 8A B7 C7 01 00 00 19 20 F0 16 5F FA C7 01 00
0040: 00 0B 00 00 00 80 80 8A B7 C7 01 00 00 1C 70 17
0050: 19 FA C7 01 00 00 17 16 19 00 80 80 8A B7 C7 01
0060: 00 00 13 00 00 00 00 00 00 00 00 00 00 00 1C 30
0070: AF 12 FA C7 01 00 00 00 B0 4F 6D B7 C7 01 00 00
0080: 16 06 DB 00 00 00 5F 00 00 80 8A B7 C7 01 00 00
0090: 19 20 F0 16 5F FA C7 01 00 00 0B 00 00 00 00 80
00A0: 8A B7 C7 01 00 00 1C 70 17 19 FA C7 01 00 00 17
00B0: 16 19 00 00 80 8A B7 C7 01 00 00 14 00 00 00 00
00C0: 00 00 00 00 00 00 00 1C 90 E7 12 FA C7 01 00 00
00D0: 00 B0 4F 6D B7 C7 01 00 00 27 16 04 0B 53
000001C7B31C3EA0: 0F // +0x1
000001C7B31C3EA1: B0 4F 6D B7 C7 01 00 00 // +0x8
--> [069029] NameProperty BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode.EnteringCinematicTag 0x000001C7B76D4FB0
000001C7B31C3EA9: 00 // +0x1
000001C7B31C3EAA: B0 4F 6D B7 C7 01 00 00 // +0x8
--> [069029] NameProperty BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode.EnteringCinematicTag 0x000001C7B76D4FB0
Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // [0x000001C7B76D4FB0+0x44] == 0000000000000008
Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
000001C7B31C3EB2: 21 // +0x1
000001C7B31C3EB3: 7F 66 03 00 7F 66 03 00 00 00 00 00 // +0xC (find function)
000001C7B31C3EBF: 07 // +0x1
000001C7B31C3EC0: 86 // +0x4
000001C7B31C3EC4: 00 // +0x1
000001C7B31C3EC5: 80 75 8A B7 C7 01 00 00 // +0x8
--> [069024] BoolProperty BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode.On 0x000001C7B78A7580
Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // [0x000001C7B78A7580+0x44] == 0000000000000000
Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
000001C7B31C3ECD: 5F // +0x1
000001C7B31C3ECE: 00 // +0x1
000001C7B31C3ECF: 80 80 8A B7 C7 01 00 00 // +0x8
--> [069047] ObjectProperty BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode.CallFunc_GetDarksiders3Player_ReturnValue1 0x000001C7B78A8080
Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // [0x000001C7B78A8080+0x44] == 0000000000000018
Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
000001C7B31C3ED7: 19 // +0x1
000001C7B31C3ED8: 20 // +0x1
000001C7B31C3ED9: F0 16 5F FA C7 01 00 00 // +0x8
--> [043132] Darksiders3Util Darksiders3.Default__Darksiders3Util 0x000001C7FA5F16F0
000001C7B31C3EED: 1C // +0x1
000001C7B31C3EEE: 70 17 19 FA C7 01 00 00 // +0x8
--> [017569] Function Darksiders3.Darksiders3Util.GetDarksiders3Player 0x000001C7FA191770
000001C7B31C3EF6: 17 // +0x1 +0x1
//GetCharacterFromPlayerController ;) (use PlayerController as RCX)
Darksiders3-Win64-Shipping.exe+208180 - 40 57 - push rdi
Darksiders3-Win64-Shipping.exe+208182 - 48 83 EC 20 - sub rsp,20 { 32 }
Darksiders3-Win64-Shipping.exe+208186 - 48 8B 81 90060000 - mov rax,[rcx+00000690] //
RCX --> [056850] Player_Controller_C World.World.PersistentLevel.Player_Controller_C_1 0x000001C78A7E4970
--> RAX: 0
Darksiders3-Win64-Shipping.exe+20818D - 48 8B F9 - mov rdi,rcx
Darksiders3-Win64-Shipping.exe+208190 - 48 85 C0 - test rax,rax
..
Darksiders3-Win64-Shipping.exe+20819A - 48 8B 99 48030000 - mov rbx,[rcx+00000348]
--> [396081] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x000001C7B2192AE0
Darksiders3-Win64-Shipping.exe+2081A1 - 48 85 DB - test rbx,rbx
..
ret
000001C7B31C3EF6: 19 // +0x1
000001C7B31C3EF9: 00 // +0x1
000001C7B31C3EFA: 80 80 8A B7 C7 01 00 00 // +0x8
--> [069047] ObjectProperty BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode.CallFunc_GetDarksiders3Player_ReturnValue1 0x000001C7B78A8080
Darksiders3-Win64-Shipping.exe+711D5C - 4C 63 41 44 - movsxd r8,dword ptr [rcx+44] // [0x000001C7B78A8080+0x44] == 0000000000000018
Darksiders3-Win64-Shipping.exe+711D60 - 4C 03 42 28 - add r8,[rdx+28]
Darksiders3-Win64-Shipping.exe+711D64 - 4C 89 42 38 - mov [rdx+38],r8
basically returns:
[396081] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x000001C7B2192AE0
000001C7B31C3F0E: 1C // +0x1
000001C7B31C3F0F: 30 AF 12 FA C7 01 00 00 // +0x8
--> [014614] Function GunfireRuntime.CharacterGunfire.AddTag 0x000001C7FA12AF30
000001C7B31C3F21: 06 // +0x1
000001C7B31C3F22: DB // +0x4 - - DB is an offset; leads to end of script
[069023] Function BP_DefaultStage.BP_DefaultStage_C.SetFuryGodMode 0x000001C7B2A51A80
Code: Select all
Darksiders3-Win64-Shipping.exe+3048AC - 49 8B CF - mov rcx,r15
Darksiders3-Win64-Shipping.exe+3048AF - FF 50 18 - call qword ptr [rax+18]
Darksiders3-Win64-Shipping.exe+3048B2 - 84 C0 - test al,al
Darksiders3-Win64-Shipping.exe+3048B4 - 0F84 D9070000 - je Darksiders3-Win64-Shipping.exe+305093
Code: Select all
Darksiders3-Win64-Shipping.exe+41EE92 - 88 8C 24 F0010000 - mov [rsp+000001F0],cl // force 1
Darksiders3-Win64-Shipping.exe+41EE99 - 48 8B CB - mov rcx,rbx
Darksiders3-Win64-Shipping.exe+41EE9C - 41 FF 91 F8010000 - call qword ptr [r9+000001F8]
Darksiders3-Win64-Shipping.exe+41EEA3 - 48 8D 94 24 08010000 - lea rdx,[rsp+00000108]
Darksiders3-Win64-Shipping.exe+41EEAB - 48 8B CD - mov rcx,rbp
Darksiders3-Win64-Shipping.exe+41EEAE - E8 2DFBDCFF - call Darksiders3-Win64-Shipping.exe+1EE9E0 // run func
Darksiders3-Win64-Shipping.exe+41EEB3 - 0FB6 84 24 F0010000 - movzx eax,byte ptr [rsp+000001F0] // retrieve bool
Code: Select all
[240383] Function Character_Fury.Character_Fury_C.FilterIncomingDamage 0x000002521C833A00
Code: Select all
[396259] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x00000252F17A9570
Code: Select all
Darksiders3-Win64-Shipping.exe+3048AF - FF 50 18 - call qword ptr [rax+18]
Darksiders3-Win64-Shipping.exe+3048B2 - 84 C0 - test al,al
Code: Select all
Darksiders3-Win64-Shipping.exe+41EEB3 - 0FB6 84 24 F0010000 - movzx eax,byte ptr [rsp+000001F0]
Code: Select all
00007FF61EA448AC | 49:8BCF | MOV RCX,R15 |
00007FF61EA448AF | FF50 18 | CALL QWORD PTR DS:[RAX+18] |
00007FF61EA448B2 | 84C0 | TEST AL,AL |
Code: Select all
00007FF61EA52AB0 | 48:895C24 10 | MOV QWORD PTR SS:[RSP+10],RBX |
00007FF61EA52AB5 | 57 | PUSH RDI |
00007FF61EA52AB6 | 48:83EC 20 | SUB RSP,20 |
00007FF61EA52ABA | 48:8D99 E0F8FFFF | LEA RBX,QWORD PTR DS:[RCX-720] | <--
00007FF61EA52AC1 | C64424 30 01 | MOV BYTE PTR SS:[RSP+30],1 |
Code: Select all
[396259] Character_Fury_C World.World.PersistentLevel.Character_Fury_C_1 0x00000252F17A9570
Code: Select all
[ENABLE]
aobscanmodule( HP_hk, Darksiders3-Win64-Shipping.exe, FF501884C00F84????????4D85ED740B488BD7498BCDE8????????4D )
registersymbol( HP_hk )
label( HP_hk_o )
registersymbol( HP_hk_o )
label( hk_HP_exit )
alloc( hk_HP, 0x1000, Darksiders3-Win64-Shipping.exe )
registersymbol( hk_HP )
label( back )
hk_HP:
push rax
push rcx
lea rcx,[rcx-720] // adjust this to Character
mov rax,[LocalPlayer]
test rax,rax // just in case this is NULL when you enable it;
// if you break here, then enable script, interrupts occur
je short hk_HP_exit
mov rax,[rax+30] // PlayerController
cmp rcx,[rax+348] // Character
jne short hk_HP_exit // if not us, process HP
pop rcx // if us, restore RCX & RAX
pop rax
xor al,al
test al,al
jmp back // and exit (don't run function)
hk_HP_exit:
pop rcx
pop rax
HP_hk_o:
readmem( HP_hk, 5 )
jmp back
align 8 CC
HP_hk:
jmp hk_HP
back:
[DISABLE]
HP_hk:
readmem( HP_hk_o, 5 )
unregistersymbol( hk_HP )
dealloc( hk_HP )
unregistersymbol( HP_hk_o )
unregistersymbol( HP_hk )
Code: Select all
Line 408214: [409457] BlueprintGeneratedClass Item_Crystal_01.Item_Crystal_01_C 0x000002B8D16F2500
Code: Select all
Items:
Item_Crystal_Sin01.Item_Crystal_Sin01_C // Grand Lurcher Crystal
Item_Crystal_Sin00.Item_Crystal_Sin00_C// Grand Lurcher Crystal
Item_Crystal_01.Item_Crystal_01_C // Medium Lurcher Clump
Item_Lurcher.Item_Lurcher_C
Item_WrathShard_75pct.Item_WrathShard_75pct_C
Item_WrathShard_50pct.Item_WrathShard_50pct_C
Item_AdamantineShard_Base.Item_AdamantineShard_Base_C
Item_Soulmulet.Item_Soulmulet_C // Mysterious Stone Sigil
Item_Sinmulet.Item_Sinmulet_C // Talisman of Sin
Item_HumanStone.Item_HumanStone_C // The Bridge Stone
Item_HavocForm.Item_HavocForm_C // Mysterious Stone Sigil
Item_HumanTouchingTrophy_Gold.Item_HumanTouchingTrophy_Gold_C // Rider's Mercy
Item_HumanTouchingTrophy_Silver.Item_HumanTouchingTrophy_Silver_C // Rider's Mercy
Item_HumanTouchingTrophy_Lifetime.Item_HumanTouchingTrophy_Lifetime_C // Rider's Mercy
Item_HumanTouchingTrophy_Bronze.Item_HumanTouchingTrophy_Bronze_C // Rider's Mercy
Item_HealingCapacityEnhancement.Item_HealingCapacityEnhancement_C // Invigoration Core
Item_Health.Item_Health_C // Nephilim's Respite
Item_AdamantineShard_Pure.Item_AdamantineShard_Pure_C // Chunk of Adamantine
Item_Enhancement_Sloth_Base.Item_Enhancement_Sloth_Base_C // Juggernaut Enhancement
Item_Enhancement_DLCFlame_Angel1.Item_Enhancement_DLCFlame_Angel1_C // Flame Hollow Enhancement
Item_Enhancement_DLCFlame_Angel2.Item_Enhancement_DLCFlame_Angel2_C // same
Item_Enhancement_DLCFlame_Angel3.Item_Enhancement_DLCFlame_Angel3_C // same
Item_Enhancement_DLCFlame_Epic.Item_Enhancement_DLCFlame_Epic_C // same
Item_Enhancement_Pride_Base.Item_Enhancement_Pride_Base_C // Shade Enhancement
Item_Enhancement_Hydra_Base.Item_Enhancement_Hydra_Base_C // Chaos Enhancement
Item_Enhancement_Enoch_Base.Item_Enhancement_Enoch_Base_C // Enoch Enhancement
Characters:
Character_Skeleton_Shadow_BP_C
Character_Angel_Brute_C
Character_UndeadRaider_Plus_C
Character_Angel_Male_C
Character_LurcherDemon_Tier_1_C
Character_Vulgrim_C
Character_Skeleton_Fodder_BP_C
Character_Skeleton_Armored_BP_C
Character_Skeleton_Armored_Plus_BP_C
Character_UndeadAbomination_BP_C
Character_Undead_Champion_C
Character_Skeleton_Armored_Plus_Red_BP_C
Character_Skeleton_Shadow_Soldier_BP_C
Character_Abraxis_C
Character_Hollowlord_C