Ok, so here is the script for increasing trophy score for getting diamonds. Checked that in Parque Fernando by harvesting a puma and blackbuck as diamondsd in couple of minutes and placing it in trophy lodge for completing the mission. You need to enable the script, spot the animal that you want to shoot (so you can see information of it in top right corner) and that's it. In the moment when you spot the animal, it will overwrite it's original trophy score value, so it wont affect all the animals on the map.
Code: Select all
[ENABLE]
aobscanmodule(trophy_rating,theHunterCotW_F.exe,40 F0 FF F3 0F 10 87 F0 01 00 00) // should be unique
alloc(newmem,$1000,"theHunterCotW_F.exe"+834FFC)
label(code)
label(return)
newmem:
mov [rdi+1F0],(float)9999 // <- inserting adjusted trophy score value
code:
movss xmm0,[rdi+000001F0]
jmp return
trophy_rating+03:
jmp newmem
nop
nop
nop
return:
registersymbol(trophy_rating)
[DISABLE]
trophy_rating+03:
db F3 0F 10 87 F0 01 00 00
unregistersymbol(trophy_rating)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "theHunterCotW_F.exe"+834FFC
"theHunterCotW_F.exe"+834FD5: 89 4D 0F - mov [rbp+0F],ecx
"theHunterCotW_F.exe"+834FD8: 0F B6 08 - movzx ecx,byte ptr [rax]
"theHunterCotW_F.exe"+834FDB: 0F B6 87 88 00 00 00 - movzx eax,byte ptr [rdi+00000088]
"theHunterCotW_F.exe"+834FE2: 83 E0 07 - and eax,07
"theHunterCotW_F.exe"+834FE5: 89 4D 13 - mov [rbp+13],ecx
"theHunterCotW_F.exe"+834FE8: 89 45 17 - mov [rbp+17],eax
"theHunterCotW_F.exe"+834FEB: 48 8B CF - mov rcx,rdi
"theHunterCotW_F.exe"+834FEE: 8B 87 00 02 00 00 - mov eax,[rdi+00000200]
"theHunterCotW_F.exe"+834FF4: 89 45 1B - mov [rbp+1B],eax
"theHunterCotW_F.exe"+834FF7: E8 F4 40 F0 FF - call theHunterCotW_F.exe+7390F0
// ---------- INJECTING HERE ----------
"theHunterCotW_F.exe"+834FFC: F3 0F 10 87 F0 01 00 00 - movss xmm0,[rdi+000001F0]
// ---------- DONE INJECTING ----------
"theHunterCotW_F.exe"+835004: F3 0F 10 8F 94 01 00 00 - movss xmm1,[rdi+00000194]
"theHunterCotW_F.exe"+83500C: 0F B6 C0 - movzx eax,al
"theHunterCotW_F.exe"+83500F: 89 45 1F - mov [rbp+1F],eax
"theHunterCotW_F.exe"+835012: 0F B6 87 8B 00 00 00 - movzx eax,byte ptr [rdi+0000008B]
"theHunterCotW_F.exe"+835019: 89 45 2F - mov [rbp+2F],eax
"theHunterCotW_F.exe"+83501C: 8B 07 - mov eax,[rdi]
"theHunterCotW_F.exe"+83501E: 89 45 33 - mov [rbp+33],eax
"theHunterCotW_F.exe"+835021: 48 8B 87 98 00 00 00 - mov rax,[rdi+00000098]
"theHunterCotW_F.exe"+835028: F3 0F 11 45 23 - movss [rbp+23],xmm0
"theHunterCotW_F.exe"+83502D: F3 0F 11 4D 27 - movss [rbp+27],xmm1
}
Also tried to mess with values that allow to swap animals, so I was able to make all the animals on the map as pumas or blackbuck in other moment, but values are very different after restarting the game and I can't find how to deal with it atm. So seems like I can't do anything here. But just in case if anyone here want to try to deal with it:
Code: Select all
{
// ORIGINAL CODE - INJECTION POINT: "theHunterCotW_F.exe"+7525A6
"theHunterCotW_F.exe"+752598: CC - int 3
"theHunterCotW_F.exe"+752599: CC - int 3
"theHunterCotW_F.exe"+75259A: CC - int 3
"theHunterCotW_F.exe"+75259B: CC - int 3
"theHunterCotW_F.exe"+75259C: CC - int 3
"theHunterCotW_F.exe"+75259D: CC - int 3
"theHunterCotW_F.exe"+75259E: CC - int 3
"theHunterCotW_F.exe"+75259F: CC - int 3
"theHunterCotW_F.exe"+7525A0: 40 53 - push rbx
"theHunterCotW_F.exe"+7525A2: 48 83 EC 60 - sub rsp,60
// ---------- INJECTING HERE ----------
"theHunterCotW_F.exe"+7525A6: 48 8B 81 B8 00 00 00 - mov rax,[rcx+000000B8]
// ---------- DONE INJECTING ----------
"theHunterCotW_F.exe"+7525AD: 48 8B D9 - mov rbx,rcx
"theHunterCotW_F.exe"+7525B0: 48 85 C0 - test rax,rax
"theHunterCotW_F.exe"+7525B3: 74 06 - je theHunterCotW_F.exe+7525BB
"theHunterCotW_F.exe"+7525B5: 0F B6 48 0C - movzx ecx,byte ptr [rax+0C]
"theHunterCotW_F.exe"+7525B9: EB 02 - jmp theHunterCotW_F.exe+7525BD
"theHunterCotW_F.exe"+7525BB: 33 C9 - xor ecx,ecx
"theHunterCotW_F.exe"+7525BD: 0F B6 C9 - movzx ecx,cl
"theHunterCotW_F.exe"+7525C0: 85 C9 - test ecx,ecx
"theHunterCotW_F.exe"+7525C2: 0F 84 BF 00 00 00 - je theHunterCotW_F.exe+752687
"theHunterCotW_F.exe"+7525C8: 83 F9 01 - cmp ecx,01
}
This instruction read value (pointer, to be correct) of every animal that currently loaded around the player position. So pumas have all the same value, all blackbucks have another value and so on. And if place before of it "mov [rcx+000000B8],#ParticularValueOfAnotherAnimal", move away (to another corner of the map), all the animals becomes different. But as I said, values are different after the game restart, I can't see if anything here write to [RCX+B8], for some reason game crashed if I try to send to RAX some specific value instead of [RCX+B8], and after looking inside of it in dissect data it doesn't like one or very few values that we can change... there is a lot of values that affect various aspects of animals such as rigging, animations, meshes, antlers, spotting information and so on... ¯\_(ツ)_/¯