Dead Island 2 Uncut Patch
Posted: Sat Apr 22, 2023 10:31 pm
For those unfortunate souls that live in censored areas such as germany, here's an uncut patch, made via patching two bytes of memory.
Feel free to use this and / or all the info in your own tables / trainers, be it unpaid / paid what have you, just give credits where credits are due.
As a cheat table:
Feel free to use this and / or all the info in your own tables / trainers, be it unpaid / paid what have you, just give credits where credits are due.
Uncut Patch (enable in main menu before joining the game) - AutoAssemble
// Game Executable : DeadIsland-Win64-Shipping.exe
// Author : supex0
// Executable Version: 4.25.0.0
// Module Version :
// Script Date : 2023-04-23
// Created with : customAOBInjectionTemplates version: 1.3.9
[ENABLE]
aobscanmodule(aob_uncut_patch,DeadIsland-Win64-Shipping.exe,B3 01 48 8B BC 24 A8 00 00 00)
registersymbol(aob_uncut_patch)
aob_uncut_patch:
xor ebx,ebx
[DISABLE]
aob_uncut_patch:
db B3 01 48 8B BC 24 A8 00 00 00
unregistersymbol(aob_uncut_patch)
dealloc(newmem_uncut_patch)
{
// ORIGINAL CODE - INJECTION POINT: DeadIsland-Win64-Shipping.exe+139C171
DeadIsland-Win64-Shipping.exe+139C110: 41 0F B6 C8 - movzx ecx,r8l
DeadIsland-Win64-Shipping.exe+139C114: 41 C1 E8 08 - shr r8d,08
DeadIsland-Win64-Shipping.exe+139C118: 45 33 04 89 - xor r8d,[r9+rcx*4]
DeadIsland-Win64-Shipping.exe+139C11C: 48 8D 4D 30 - lea rcx,[rbp+30]
DeadIsland-Win64-Shipping.exe+139C120: E8 6B 58 6C FF - call DeadIsland-Win64-Shipping.exe+A61990
DeadIsland-Win64-Shipping.exe+139C125: 8B F8 - mov edi,eax
DeadIsland-Win64-Shipping.exe+139C127: F7 D7 - not edi
DeadIsland-Win64-Shipping.exe+139C129: 48 63 45 D8 - movsxd rax,dword ptr [rbp-28]
DeadIsland-Win64-Shipping.exe+139C12D: 49 8B CC - mov rcx,r12
DeadIsland-Win64-Shipping.exe+139C130: 4C 8B 74 24 58 - mov r14,[rsp+58]
DeadIsland-Win64-Shipping.exe+139C135: 49 8D 14 84 - lea rdx,[r12+rax*4]
DeadIsland-Win64-Shipping.exe+139C139: 4C 3B E2 - cmp r12,rdx
DeadIsland-Win64-Shipping.exe+139C13C: 74 0F - je DeadIsland-Win64-Shipping.exe+139C14D
DeadIsland-Win64-Shipping.exe+139C13E: 66 90 - nop 2
DeadIsland-Win64-Shipping.exe+139C140: 39 39 - cmp [rcx],edi
DeadIsland-Win64-Shipping.exe+139C142: 74 2D - je DeadIsland-Win64-Shipping.exe+139C171
DeadIsland-Win64-Shipping.exe+139C144: 48 83 C1 04 - add rcx,04
DeadIsland-Win64-Shipping.exe+139C148: 48 3B CA - cmp rcx,rdx
DeadIsland-Win64-Shipping.exe+139C14B: 75 F3 - jne DeadIsland-Win64-Shipping.exe+139C140
DeadIsland-Win64-Shipping.exe+139C14D: 48 63 4D E8 - movsxd rcx,dword ptr [rbp-18]
DeadIsland-Win64-Shipping.exe+139C151: 49 8B C5 - mov rax,r13
DeadIsland-Win64-Shipping.exe+139C154: 48 8D 14 8D 00 00 00 00 - lea rdx,[rcx*4+00000000]
DeadIsland-Win64-Shipping.exe+139C15C: 49 03 D5 - add rdx,r13
DeadIsland-Win64-Shipping.exe+139C15F: 4C 3B EA - cmp r13,rdx
DeadIsland-Win64-Shipping.exe+139C162: 74 0D - je DeadIsland-Win64-Shipping.exe+139C171
DeadIsland-Win64-Shipping.exe+139C164: 39 38 - cmp [rax],edi
DeadIsland-Win64-Shipping.exe+139C166: 74 3F - je DeadIsland-Win64-Shipping.exe+139C1A7
DeadIsland-Win64-Shipping.exe+139C168: 48 83 C0 04 - add rax,04
DeadIsland-Win64-Shipping.exe+139C16C: 48 3B C2 - cmp rax,rdx
DeadIsland-Win64-Shipping.exe+139C16F: 75 F3 - jne DeadIsland-Win64-Shipping.exe+139C164
// ---------- INJECTING HERE ----------
DeadIsland-Win64-Shipping.exe+139C171: B3 01 - mov bl,01
// ---------- DONE INJECTING ----------
DeadIsland-Win64-Shipping.exe+139C173: 48 8B BC 24 A8 00 00 00 - mov rdi,[rsp+000000A8]
DeadIsland-Win64-Shipping.exe+139C17B: 48 85 F6 - test rsi,rsi
DeadIsland-Win64-Shipping.exe+139C17E: 74 08 - je DeadIsland-Win64-Shipping.exe+139C188
DeadIsland-Win64-Shipping.exe+139C180: 48 8B CE - mov rcx,rsi
DeadIsland-Win64-Shipping.exe+139C183: E8 08 E5 A9 00 - call DeadIsland-Win64-Shipping.exe+1E3A690
DeadIsland-Win64-Shipping.exe+139C188: 49 8B CD - mov rcx,r13
DeadIsland-Win64-Shipping.exe+139C18B: E8 00 E5 A9 00 - call DeadIsland-Win64-Shipping.exe+1E3A690
DeadIsland-Win64-Shipping.exe+139C190: 49 8B CC - mov rcx,r12
DeadIsland-Win64-Shipping.exe+139C193: E8 F8 E4 A9 00 - call DeadIsland-Win64-Shipping.exe+1E3A690
DeadIsland-Win64-Shipping.exe+139C198: 0F B6 C3 - movzx eax,bl
DeadIsland-Win64-Shipping.exe+139C19B: 48 83 C4 60 - add rsp,60
DeadIsland-Win64-Shipping.exe+139C19F: 41 5D - pop r13
DeadIsland-Win64-Shipping.exe+139C1A1: 41 5C - pop r12
DeadIsland-Win64-Shipping.exe+139C1A3: 5E - pop rsi
DeadIsland-Win64-Shipping.exe+139C1A4: 5B - pop rbx
DeadIsland-Win64-Shipping.exe+139C1A5: 5D - pop rbp
DeadIsland-Win64-Shipping.exe+139C1A6: C3 - ret
DeadIsland-Win64-Shipping.exe+139C1A7: 32 DB - xor bl,bl
DeadIsland-Win64-Shipping.exe+139C1A9: EB C8 - jmp DeadIsland-Win64-Shipping.exe+139C173
DeadIsland-Win64-Shipping.exe+139C1AB: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1AC: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1AD: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1AE: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1AF: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1B0: 0F 57 C0 - xorps xmm0,xmm0
DeadIsland-Win64-Shipping.exe+139C1B3: 0F 2F 81 78 01 00 00 - comiss xmm0,[rcx+00000178]
DeadIsland-Win64-Shipping.exe+139C1BA: 0F 93 C0 - setae al
DeadIsland-Win64-Shipping.exe+139C1BD: C3 - ret
DeadIsland-Win64-Shipping.exe+139C1BE: CC - int 3
DeadIsland-Win64-Shipping.exe+139C1BF: CC - int 3
}
Additional info behind PlayerCensorshipTracker
The way censorship is being handled is simple: The main executable file has an RCData-entry with either one of the two GUIDs:
When looking at the executable you'll find both GUIDs as strings located directly near the function's literal name: "PlayerCensorshipTracker":
PlayerCensorshipTracker checks the RCData embedded string against both of the fixed strings and sets a boolean in the register RBX (bl to be precise) accordingly.
The code above fixes it so that when the censored version is joining a game, it will force the boolean to false.
In theory, you could easily patch your executable via tools like Resource Hacker to edit the RCData entry to the uncensored string.
Code: Select all
{E73AE21F-9D45-4EC0-A87B-E43C95AADA74} = censored
{6F25E1B9-A759-40CC-84E9-8BD415305942} = uncensored
PlayerCensorshipTracker checks the RCData embedded string against both of the fixed strings and sets a boolean in the register RBX (bl to be precise) accordingly.
The code above fixes it so that when the censored version is joining a game, it will force the boolean to false.
In theory, you could easily patch your executable via tools like Resource Hacker to edit the RCData entry to the uncensored string.