If Celios didn't make the worst fucking spaghetti ASM code in the world, I could update it. I tried to but gave up. Here's the code:
Code: Select all
[ENABLE]
///*******************************************///
//current ammo clip read on fine aim / on reload / after rload until next exit fine aim
aobscanmodule(ammoClipReadOnAimReloadAOB,re2.exe,48 ** ** A0 00 00 00 48 ** ** 74 ** 48 ** ** ** 48 ** ** 74 ** 48 ** ** ** 48 ** ** 74 ** 8B ** 20 48 ** ** ** ** 48 ** ** ** 5F C3)
registersymbol(ammoClipReadOnAimReloadAOB)
label(pAmmo)
registersymbol(pAmmo)
label(dAmmoClipMax)
registersymbol(dAmmoClipMax)
alloc(newmem,2048,ammoClipReadOnAimReloadAOB+1e) //"re2.exe"+E993E19)
label(returnhere)
label(originalcode_ammoClipReadOnAimReloadAOB)
registersymbol(originalcode_ammoClipReadOnAimReloadAOB)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rcx
mov rcx,pAmmo
mov [rcx],rax
mov byte ptr [rcx+8],1
cmp byte ptr [rcx+c],0
je end
//mov byte ptr [rcx+c],0
mov rbx,dAmmoClipMax
mov ebx,[rbx]
test ebx,ebx
jg @f
mov ebx,2
@@:
cmp [rax+20],ebx
jge end
cmp dword ptr [rax+14],9 //SLS 60
jne @f
//mov ebx,5
//mov edi,[rax+18]
//shr edi,1
//test dil,dil //Quick Loader
mov edi,[rax+18]
and edi,2
cmp edi,2 //Quick Loader
jne doinc
@@:
cmp dword ptr [rax+14],4 //Quickdraw Army
je doinc
@@:
cmp dword ptr [rax+14],b //W-870
jne @f
mov edi,[rax+18]
and edi,1
cmp edi,1
jne doinc
inc [rax+20]
jmp doinc
@@:
jmp customammoclipassign
doinc:
cmp byte ptr [rcx+c],1
jne end
inc [rax+20]
cmp [rax+20],ebx
jle end
customammoclipassign:
mov [rax+20],ebx
end:
mov byte ptr [rcx+c],0
pop rcx
originalcode_ammoClipReadOnAimReloadAOB:
readmem(ammoClipReadOnAimReloadAOB+1e,8)
//mov eax,[rax+20]
//mov rbx,[rsp+30]
exit:
jmp returnhere
//code from here to '[DISABLE]' will be used to enable the cheat
//have ammo pouch to reload flag fetchED, const
aobscanmodule(ammoPouchReadCallerForReloadFlagFetchCAOB,re2.exe, 74 27 48 ? ? ? 48 ? ? 74 1E 8B 4A 1C EB 1B)
registersymbol(ammoPouchReadCallerForReloadFlagFetchCAOB)
alloc(newmem,2048,ammoPouchReadCallerForReloadFlagFetchCAOB+15) //"re2.exe"+C30F42D)
label(returnhere)
label(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
registersymbol(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
label(ammopouchexit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov al,1
originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB:
readmem(ammoPouchReadCallerForReloadFlagFetchCAOB+15,7)
//movzx ecx,al
//mov rax,[rbx+50]
ammopouchexit:
jmp returnhere
///
ammoPouchReadCallerForReloadFlagFetchCAOB+15: //"re2.exe"+C30F42D:
jmp newmem
nop
nop
returnhere:
///**************************************///
//cjmp1 to skip ammo/ammopouch chk on ammo/ammopouch cal after reload, before 1st ammopouch read after reload
//aobscanmodule(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB,re2.exe,F2 ** ** ** ** ** 0F 11 ** ** ** E8 ** ** ** ** 0F B6 D0 48 ** ** ** 48 ** ** ** 48 ** ** 0F 85 ** ** ** ** 49 BC FF FF FF FF FF FF FF 7F 85 ** 0F 84)
aobscanmodule(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB,re2.exe, F2 0F 11 4C 24 ? 0F 11 44 24 ? E8 ? ? ? ? 0F B6 D0 48 8B 43 50 48 8B 48 18 48 85 C9 0F 85 ? ? ? ? 49 BC ? ? ? ? ? ? ? ? 0F 1F 40 00)
registersymbol(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
alloc(newmem2,2048,haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24) //"re2.exe"+C30FC4B)
label(returnhere2)
label(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
registersymbol(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
push rbx
mov rbx,pAmmo
mov byte ptr [rbx+c],1
test edx,edx
jnz @f
mov edx,1
//inc byte ptr [rbx+c]
@@:
pop rbx
originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB:
readmem(haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24,10)
//mov r12,7FFFFFFFFFFFFFFF
exit2:
jmp returnhere2
///
haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24: //"re2.exe"+C30FC4B:
jmp newmem2
nop
nop
nop
nop
nop
returnhere2:
///**************************************///
aobscanmodule(itemIDsReadForAltAmmoPresenceAOB,re2.exe,8B ** ** EB 02 ** C0 48 ** ** 75 ** 41 ** ** 18 0F 94)
registersymbol(itemIDsReadForAltAmmoPresenceAOB)
itemIDsReadForAltAmmoPresenceAOB+10: //"re2.exe"+B9F3E92:
db 90 B0 01
///**************************************///
aobscanmodule(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,re2.exe,48 ** ** ** 75 ** 48 ** ** 74 ** 39 ** ** 0F 84)
registersymbol(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB)
alloc(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,8,re2.exe)
registersymbol(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB)
originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB:
readmem(cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e,6)
///
cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e: //"re2.exe"+C311C6D:
db 90 90 90 90 90 90
///**************************************///
aobscanmodule(ammoPouchChkForEmptyingBarrelAnimAOB,re2.exe,0F 85 ? ? ? ? 41 8B 46 10 3B D0 )
registersymbol(ammoPouchChkForEmptyingBarrelAnimAOB)
alloc(newmem7,2048,ammoPouchChkForEmptyingBarrelAnimAOB+6) //"re2.exe"+FDEA1E)
label(returnhere7)
label(originalcode7_ammoPouchChkForEmptyingBarrelAnimAOB)
registersymbol(originalcode7_ammoPouchChkForEmptyingBarrelAnimAOB)
label(exit7)
newmem7: //this is allocated memory, you have read,write,execute access
//place your code here
//mov rdi,"re2.exe"+EBA207
//cmp [rsp+48],rdi
//jne @f
readmem(ammoPouchChkForEmptyingBarrelAnimAOB+6,4)
//cmp [r14+10],edx
jge @f
readmem(ammoPouchChkForEmptyingBarrelAnimAOB+6,1)
db 89
readmem(ammoPouchChkForEmptyingBarrelAnimAOB+8,2)
//mov [r14+10],edx
originalcode7_ammoPouchChkForEmptyingBarrelAnimAOB:
readmem(ammoPouchChkForEmptyingBarrelAnimAOB+6,9)
//cmp [r14+10],edx
//cmovl edx,[r14+10]
exit7:
jmp returnhere7
///
ammoPouchChkForEmptyingBarrelAnimAOB+6: //"re2.exe"+FDEA1E:
jmp newmem7
nop 4
returnhere7:
///**************************************///
pAmmo:
dq 0
dq 0
dAmmoClipMax:
dq 1
dq 0
dq 0
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
ammoPouchReadCallerForReloadFlagFetchCAOB+15: //"re2.exe"+C30F42D:
readmem(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB,7)
//db 0F B6 C8 48 8B 43 50
//Alt: movzx ecx,al
//Alt: mov rax,[rbx+50]
unregistersymbol(originalcode_ammoPouchReadCallerForReloadFlagFetchCAOB)
///**************************************///
dealloc(newmem2)
haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB+24: //"re2.exe"+C30FC4B:
readmem(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB,10)
//db 49 BC FF FF FF FF FF FF FF 7F
//Alt: mov r12,7FFFFFFFFFFFFFFF
unregistersymbol(originalcode2_haveAmmoPouchChkBeforeAmmoAPouchCallAfterReloadAOB)
///**************************************///
itemIDsReadForAltAmmoPresenceAOB+10: //"re2.exe"+B9F3E92:
db 0F 94 D0
//Alt: sete al
///**************************************///
cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB+e: //"re2.exe"+C311C6D:
readmem(originalcode6_cJmpIfNoAltAmmoPouchForChangeAfterAlrAmmoChangeAOB,6)
//db 0F 84 09 02 00 00
//Alt: je re2.exe+C311E7C
///**************************************///
dealloc(newmem7)
ammoPouchChkForEmptyingBarrelAnimAOB+6: //"re2.exe"+FDEA1E:
readmem(originalcode7_ammoPouchChkForEmptyingBarrelAnimAOB,9)
//db 41 39 56 10 41 0F 4C 56 10
//Alt: cmp [r14+10],edx
//Alt: cmovl edx,[r14+10]
unregistersymbol(originalcode7_ammoPouchChkForEmptyingBarrelAnimAOB)
///**************************************///
Everything is updated and carried over proper and the offsets are updated, but it just crashes when you reload.