im working on it
![Smile :)](./images/smilies/icon_e_smile.gif)
What was the issue? How do you fix it?cfemen wrote: ↑Tue Aug 20, 2019 8:23 pmmh floppy script is working, but still the problem that games crashes after new scenes.
looks like somehow the script cant find the AOBs anymore very strange...
i try to monitor and debug the functions there im injecting to check whats going on.
edit : k i maybe have found the problem
god script is working fine, the problem seems to be on the script for tapes
Code: Select all
[ENABLE]
aobscanmodule(aobXP,RAD.exe,01 83 BC 01 00 00) // should be unique
alloc(newmem,$1000,"RAD.exe"+5F0EAD)
label(code)
label(return)
newmem:
code:
add [rbx+000001BC],(int)1000
jmp return
aobXP:
jmp newmem
nop
return:
registersymbol(aobXP)
[DISABLE]
aobXP:
db 01 83 BC 01 00 00
unregistersymbol(aobXP)
dealloc(newmem)
I think I know what the problem is.cfemen wrote: ↑Tue Aug 20, 2019 9:50 pmstill issues
...
edit : currently u can only use my table to max out tapes and floppys, then deactivate script.
pick up 2 floppys or tapes = maxed
the first item will always use a different method, and i dont know why, coz this you need 2 items to activate the script :/
and i cant find this method coz i only have access to the pointer if i picked up atleast 1 floppy/tape.
but i have a idea, starting with tapes to search for it, use merchs to decrease it then i can check the different method on first item pickup
Code: Select all
[ENABLE]
aobscanmodule(aobSpikeTimer,RAD.exe,F3 0F 11 44 BE 08) // should be unique
alloc(newmem,$1000,"RAD.exe"+6B6010)
label(code)
label(return)
newmem:
code:
mov [rsi+rdi*4+08],(float)0
jmp return
aobSpikeTimer:
jmp newmem
nop
return:
registersymbol(aobSpikeTimer)
[DISABLE]
aobSpikeTimer:
db F3 0F 11 44 BE 08
unregistersymbol(aobSpikeTimer)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "RAD.exe"+6B6010
"RAD.exe"+6B5FF0: 75 05 - jne RAD.exe+6B5FF7
"RAD.exe"+6B5FF2: 49 3B F7 - cmp rsi,r15
"RAD.exe"+6B5FF5: 74 72 - je RAD.exe+6B6069
"RAD.exe"+6B5FF7: 48 8B 36 - mov rsi,[rsi]
"RAD.exe"+6B5FFA: 48 8D 3C 80 - lea rdi,[rax+rax*4]
"RAD.exe"+6B5FFE: F3 0F 10 44 BE 08 - movss xmm0,[rsi+rdi*4+08]
"RAD.exe"+6B6004: 0F 2F C6 - comiss xmm0,xmm6
"RAD.exe"+6B6007: 76 0F - jna RAD.exe+6B6018
"RAD.exe"+6B6009: F3 0F 5C C7 - subss xmm0,xmm7
"RAD.exe"+6B600D: 0F 2F C6 - comiss xmm0,xmm6
// ---------- INJECTING HERE ----------
"RAD.exe"+6B6010: F3 0F 11 44 BE 08 - movss [rsi+rdi*4+08],xmm0
// ---------- DONE INJECTING ----------
"RAD.exe"+6B6016: 77 33 - ja RAD.exe+6B604B
"RAD.exe"+6B6018: 4C 63 F3 - movsxd r14,ebx
"RAD.exe"+6B601B: 41 8D 5E 01 - lea ebx,[r14+01]
"RAD.exe"+6B601F: 89 5C 24 28 - mov [rsp+28],ebx
"RAD.exe"+6B6023: 41 3B DC - cmp ebx,r12d
"RAD.exe"+6B6026: 7E 1A - jle RAD.exe+6B6042
"RAD.exe"+6B6028: 41 8B D6 - mov edx,r14d
"RAD.exe"+6B602B: 48 8D 4C 24 20 - lea rcx,[rsp+20]
"RAD.exe"+6B6030: E8 EB 6D B7 FF - call RAD.exe+22CE20
"RAD.exe"+6B6035: 8B 5C 24 28 - mov ebx,[rsp+28]
}
I've added a line to it so you can technically level infinitely and gain every single endo and exo-mutation you can from leveling.stuffy wrote: ↑Wed Aug 21, 2019 2:29 amHere's the code for Rad XP (quick mutation level)
You can change the (int)1000 to whatever. Works best if you set it at 100 for the first few levels. Otherwise you end up missing mutations if you multi-overlevel your xp.
Spoiler
original code is: add [rbx+000001BC],eaxCode: Select all
[ENABLE] aobscanmodule(aobXP,RAD.exe,01 83 BC 01 00 00) // should be unique alloc(newmem,$1000,"RAD.exe"+5F0EAD) label(code) label(return) newmem: code: add [rbx+000001BC],(int)1000 jmp return aobXP: jmp newmem nop return: registersymbol(aobXP) [DISABLE] aobXP: db 01 83 BC 01 00 00 unregistersymbol(aobXP) dealloc(newmem)
Code: Select all
[ENABLE]
aobscanmodule(aobXP,RAD.exe,01 83 BC 01 00 00) // should be unique
alloc(newmem,$1000,"RAD.exe"+5F0EAD)
label(code)
label(return)
newmem:
code:
add [rbx+000001BC],(int)10000
mov [rbx+000001B4],0
jmp return
aobXP:
jmp newmem
nop
return:
registersymbol(aobXP)
[DISABLE]
aobXP:
db 01 83 BC 01 00 00
unregistersymbol(aobXP)
dealloc(newmem)
Users browsing this forum: Baidu [Spider], DotBot, eflores984, Google [Bot], Myth666, sosim