Game Engine: Rage
Game Version: 1207.60
Game/Steam Website: [Link]
Options Required:
A walk/jog/run movement modification like in the examples given below. It would be awesome if we could toggle to a specific movement speed no matter where we are since the game restricts this way too much(e.g. in camp, buildings, etc.). It would also make the First Person mode way more enjoyable since you can't toggle walk in First Person. Usually Cielos makes these for almost every game but he seems to be unavailable currently
Other Info:
Here are some examples i extracted from the tables that Cielos made for various games:
Please refer to the full code attached in the dedicated CE Table below each game (or directly from Cielos' thread) as i probably didn't include some important lines due to my lack of programming knowledge.
Assassin's Creed Odyssey - Assassin's Creed Odyssey v1.3.0 +21 (table Update18.3)
Cielos wrote: ↑Mon Oct 01, 2018 6:53 pmmovement mod key
- activate movement mod first.
- funny they either set the walk speed too slow or too fast... this time the walk speed is too fast that makes the walking animation looks unnatural for my taste.. (*updated* after game patch v1.03, they fixed the walk speed, now it back to the usual "too slow for me")
- applies to on-foot and horse riding.
- hold X1 Mouse Button and move to walk.
- hold X2 Mouse Button and move to jog, the normal running speed, which is slower than the default sprint-like moving speed.
- you can change the keys by editing the entries "walk key" and "jogging key".
- by script default, the walking speed is 0.3 (faster than the game's own walk key), can be changed via the entry "walk speed"; the jogging is 0.68, can be changed via the entry "jogging speed".
ignore horse speed limit
- activate movement mod first.
- when activated, ignore the horse speed limit in town or near town.
Code: Select all
<CheatEntry>
<ID>4909</ID>
<Description>"movement mod"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(cJmpIfNoHouseSpeedLimitedChkNeededAOB,ACOdyssey.exe,E8 ** ** ** ** 84 ** 74 ** F3 ** ** ** ** ** F3 ** ** ** ** ** 0F 2F ** 76 ** F3 ** ** ** ** ** 49)
registersymbol(cJmpIfNoHouseSpeedLimitedChkNeededAOB)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>4351</ID>
<Description>"movement mod key .5"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
define(walkkeyiddefault,05)
define(jogkeyiddefault,06)
define(walkspeedmultiplier,(float)0.3)
define(jogspeedmultiplier,(float)0.68)
//aobscanmodule(movementSpeedWritesAOB,ACOdyssey.exe,41 ** ** ** 00 00 f3 0f 11 ** ** ** 00 00 e8)
//registersymbol(movementSpeedWritesAOB)
aobscanmodule(movementSpeedWritesAOB,ACOdyssey.exe,41 ** 2b ** 00 00 f3 0f 11 ** ** ** 00 00 e8)
registersymbol(movementSpeedWritesAOB)
label(bWalkKeyID)
registersymbol(bWalkKeyID)
label(bJogKeyID)
registersymbol(bJogKeyID)
label(bWalkKeyPressed)
registersymbol(bWalkKeyPressed)
label(dWalkSpeedMultiplier)
registersymbol(dWalkSpeedMultiplier)
alloc(newmem,2048,movementSpeedWritesAOB) //"ACOdyssey.exe"+338979D)
label(originalcode_walkkey)
registersymbol(originalcode_walkkey)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov r8,bWalkKeyPressed
cmp byte ptr [r8],1
jne end
sub rsp,10
movdqu dqword [rsp],xmm1
xorps xmm1,xmm1
comiss xmm0,xmm1
je @f
mov r8,dWalkSpeedMultiplier
movss xmm0,[r8]
@@:
movdqu xmm1,dqword [rsp]
add rsp,10
end:
originalcode_walkkey:
readmem(movementSpeedWritesAOB,14)
//mov r8d,0000002B
//movss [rbx+000002B0],xmm0
exit:
jmp movementSpeedWritesAOB+e //"ACOdyssey.exe"+33897AB
///
bWalkKeyID:
dd walkkeyiddefault
bJogKeyID:
dd jogkeyiddefault
bWalkKeyPressed:
dd 0
dWalkSpeedMultiplier:
dd walkspeedmultiplier
dd walkspeedmultiplier
dd jogspeedmultiplier
///
movementSpeedWritesAOB: //"ACOdyssey.exe"+338979D:
jmp newmem
///********************************************************///
/*
aobscanmodule(horseMovementSpeedWritesAOB,ACOdyssey.exe,41 ** E0 ** ** ** F3 0F 11 ** ** ** ** ** E8)
registersymbol(horseMovementSpeedWritesAOB)
alloc(newmem2,2048,horseMovementSpeedWritesAOB) //"ACOdyssey.exe"+33FAE07)
label(originalcode2_walkkey)
registersymbol(originalcode2_walkkey)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
mov r8,bWalkKeyPressed
cmp byte ptr [r8],1
jne end2
sub rsp,10
movdqu dqword [rsp],xmm1
xorps xmm1,xmm1
comiss xmm0,xmm1
je @f
mov r8,dWalkSpeedMultiplier
movss xmm0,[r8]
@@:
movdqu xmm1,dqword [rsp]
add rsp,10
end2:
originalcode2_walkkey:
readmem(horseMovementSpeedWritesAOB,14)
//mov r8d,000000E0
//movss [rbx+000002E0],xmm0
exit2:
jmp horseMovementSpeedWritesAOB+e //"ACOdyssey.exe"+33FAE15
///
horseMovementSpeedWritesAOB: //"ACOdyssey.exe"+33FAE07:
jmp newmem2
///********************************************************///
aobscanmodule(movementSpeedWritesInAutoMoveAOB,ACOdyssey.exe,C7 ** ** ** ** ** 00 00 80 3F 66 ** ** ** ** ** ** ** 48 ** ** ** ** ** ** E8 ** ** ** ** C7 ** ** ** ** ** ** ** ** ** 48)
registersymbol(movementSpeedWritesInAutoMoveAOB)
alloc(newmem6,2048,movementSpeedWritesInAutoMoveAOB) //"ACOdyssey.exe"+33FB0FC)
label(originalcode6_walkkey)
registersymbol(originalcode6_walkkey)
label(exit6)
newmem6: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(movementSpeedWritesInAutoMoveAOB,18)
//mov [rbx+2b0],3F800000
//movdqa [rbx+2a0],xmm2
mov rcx,bWalkKeyPressed
cmp byte ptr [rcx],1
jne end6
mov rcx,dWalkSpeedMultiplier
mov ecx,[rcx]
db 89 8B
readmem(movementSpeedWritesInAutoMoveAOB+2,4)
//mov [rbx+2b0],ecx
end6:
jmp exit6
originalcode6_walkkey:
readmem(movementSpeedWritesInAutoMoveAOB,18)
//mov [rbx+000002B0],3F800000
//movdqa [rbx+000002A0],xmm2
exit6:
jmp movementSpeedWritesInAutoMoveAOB+12 //"ACOdyssey.exe"+33FB10E
///
movementSpeedWritesInAutoMoveAOB: //"ACOdyssey.exe"+33FB0FC:
jmp newmem6
///********************************************************///
/*
aobscanmodule(horseMovementSpeedWritesInAutoMoveAOB,ACOdyssey.exe,C7 ** ** ** ** ** 00 00 80 3F 66 ** ** ** ** ** ** ** 48 ** ** ** ** ** ** E8 ** ** ** ** C7 ** ** ** ** ** ** ** ** ** 41)
registersymbol(horseMovementSpeedWritesInAutoMoveAOB)
alloc(newmem11,2048,horseMovementSpeedWritesInAutoMoveAOB) //"ACOdyssey.exe"+33FB18E)
label(originalcode11_walkkey)
registersymbol(originalcode11_walkkey)
label(exit11)
newmem11: //this is allocated memory, you have read,write,execute access
//place your code here
readmem(horseMovementSpeedWritesInAutoMoveAOB,18)
//mov [rbx+2e0],3F800000
//movdqa [rbx+2d0],xmm2
mov rcx,bWalkKeyPressed
cmp byte ptr [rcx],1
jne end11
mov rcx,dWalkSpeedMultiplier
mov ecx,[rcx]
db 89 8B
readmem(horseMovementSpeedWritesInAutoMoveAOB+2,4)
//mov [rbx+2e0],ecx
end11:
jmp exit11
originalcode11_walkkey:
readmem(horseMovementSpeedWritesInAutoMoveAOB,18)
//mov [rbx+000002E0],3F800000
//movdqa [rbx+000002D0],xmm2
exit11:
jmp horseMovementSpeedWritesInAutoMoveAOB+12 //"ACOdyssey.exe"+33FB1A0
///
horseMovementSpeedWritesInAutoMoveAOB: //"ACOdyssey.exe"+33FB18E:
jmp newmem11
///********************************************************///
alloc(newmem17,2048,cJmpIfNoHouseSpeedLimitedChkNeededAOB-11) //"ACOdyssey.exe"+1E3DBF7)
label(originalcode17_walkkey)
registersymbol(originalcode17_walkkey)
label(exit17)
newmem17: //this is allocated memory, you have read,write,execute access
//place your code here
mov rcx,bWalkKeyPressed
cmp byte ptr [rcx],1
jne @f
mov rcx,pPlayer
test rcx,rcx
jz @f
cmp [rcx+10],r15
jne @f
//mov edx,(float)12
//movd xmm1,edx
//comiss xmm1,[rsp+30]
//jbe @f
mov edx,(float)15
mov rcx,dWalkSpeedMultiplier
movd xmm1,edx
mulss xmm1,[rcx]
comiss xmm1,[rsp+30]
jae @f
movss [rsp+30],xmm1
//mov edx,(float)15
//movd xmm1,edx
//comiss xmm1,[rsp+30]
//jne @f
//mov rcx,dWalkSpeedMultiplier
//mulss xmm1,[rcx]
//movss [rsp+30],xmm1
originalcode17_walkkey:
readmem(cJmpIfNoHouseSpeedLimitedChkNeededAOB-11,14)
//mov rcx,[rsp+48]
//lea rdx,[rsp+40]
//movzx r9d,al
exit17:
jmp cJmpIfNoHouseSpeedLimitedChkNeededAOB-3 //"ACOdyssey.exe"+1E3DC05
///
cJmpIfNoHouseSpeedLimitedChkNeededAOB-11: //"ACOdyssey.exe"+1E3DBF7:
jmp newmem17
///********************************************************///
label(bEndThread_walkKey_keylistener_mem)
registersymbol(bEndThread_walkKey_keylistener_mem)
alloc(walkKey_keylistener_mem,1024,"ACOdyssey.exe")
registersymbol(walkKey_keylistener_mem)
createthread(walkKey_keylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
walkKey_keylistener_mem:
sub rsp,28
keylistenerstart:
mov rcx,bWalkKeyID
mov rcx,[rcx]
//mov rcx,05 //X1 mouse button
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
mov rcx,bWalkKeyPressed
mov [rcx],ax
test ax,ax
jz @f
mov rcx,dWalkSpeedMultiplier
mov eax,[rcx+4]
mov [rcx],eax
jmp keylistenerend
@@:
mov rcx,bJogKeyID
mov rcx,[rcx]
//mov rcx,06 //X2 mouse button
//push rcx
call GetAsyncKeyState
//add rsp,08
shr ax,#15
mov rcx,bWalkKeyPressed
mov [rcx],ax
test ax,ax
jz @f
mov rcx,dWalkSpeedMultiplier
mov eax,[rcx+8]
mov [rcx],eax
jmp keylistenerend
keylistenerend:
mov rcx,#100
call Sleep
mov rbx,bEndThread_walkKey_keylistener_mem
cmp dword ptr [rbx],1
jne keylistenerstart
keylistenerexit:
add rsp,28
mov rbx,bEndThread_walkKey_keylistener_mem
mov dword ptr [rbx],2
ret
///
bEndThread_walkKey_keylistener_mem:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_walkKey_keylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_walkKey_keylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_walkKey_keylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_walkKey_keylistener_mem:
//dd 1
///********************************************************///
dealloc(newmem)
movementSpeedWritesAOB: //"ACOdyssey.exe"+338979D:
readmem(originalcode_walkkey,14)
//db 41 B8 2B 00 00 00 F3 0F 11 83 B0 02 00 00
//Alt: mov r8d,0000002B
//Alt: movss [rbx+000002B0],xmm0
unregistersymbol(originalcode_walkkey)
unregistersymbol(bWalkKeyID)
unregistersymbol(bJogKeyID)
unregistersymbol(bWalkKeyPressed)
unregistersymbol(dWalkSpeedMultiplier)
///********************************************************///
/*
dealloc(newmem2)
horseMovementSpeedWritesAOB: //"ACOdyssey.exe"+33FAE07:
readmem(originalcode2_walkkey,14)
//db 41 B8 E0 00 00 00 F3 0F 11 83 E0 02 00 00
//Alt: mov r8d,000000E0
//Alt: movss [rbx+000002E0],xmm0
unregistersymbol(originalcode2_walkkey)
///********************************************************///
dealloc(newmem6)
movementSpeedWritesInAutoMoveAOB: //"ACOdyssey.exe"+33FB0FC:
readmem(originalcode6_walkkey,18)
//db C7 83 B0 02 00 00 00 00 80 3F 66 0F 7F 93 A0 02 00 00
//Alt: mov [rbx+000002B0],3F800000
//Alt: movdqa [rbx+000002A0],xmm2
unregistersymbol(originalcode6_walkkey)
///********************************************************///
/*
dealloc(newmem11)
horseMovementSpeedWritesInAutoMoveAOB: //"ACOdyssey.exe"+33FB18E:
readmem(originalcode11_walkkey,18)
//db C7 83 E0 02 00 00 00 00 80 3F 66 0F 7F 93 D0 02 00 00
//Alt: mov [rbx+000002E0],3F800000
//Alt: movdqa [rbx+000002D0],xmm2
unregistersymbol(originalcode11_walkkey)
///********************************************************///
dealloc(newmem17)
cJmpIfNoHouseSpeedLimitedChkNeededAOB-11: //"ACOdyssey.exe"+1E3DBF7:
readmem(originalcode17_walkkey,14)
//db 48 8B 4C 24 48 48 8D 54 24 40 44 0F B6 C8
//Alt: mov rcx,[rsp+48]
//Alt: lea rdx,[rsp+40]
//Alt: movzx r9d,al
unregistersymbol(originalcode17_walkkey)
///********************************************************///
unregistersymbol(bEndThread_walkKey_keylistener_mem)
dealloc(walkKey_keylistener_mem)
unregistersymbol(walkKey_keylistener_mem)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>4475</ID>
<Description>"walk key"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
11:CTRL key
12:ALT key
14:CAPS LOCK key
04:Middle Mouse Button
05:X1 Mouse Button
06:X2 Moust Button
</DropDownList>
<LastState Value="05" RealAddress="1019F4005D"/>
<ShowAsHex>1</ShowAsHex>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>bWalkKeyID</Address>
<CheatEntries>
<CheatEntry>
<ID>4353</ID>
<Description>"speed"</Description>
<LastState Value="0.3000000119" RealAddress="1019F4006D"/>
<Color>008000</Color>
<VariableType>Float</VariableType>
<Address>dWalkSpeedMultiplier+4</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>2102</ID>
<Description>"jogging key"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
11:CTRL key
12:ALT key
14:CAPS LOCK key
04:Middle Mouse Button
05:X1 Mouse Button
06:X2 Moust Button
</DropDownList>
<LastState Value="06" RealAddress="1019F40061"/>
<ShowAsHex>1</ShowAsHex>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>bJogKeyID</Address>
<CheatEntries>
<CheatEntry>
<ID>4404</ID>
<Description>"speed"</Description>
<LastState Value="0.6800000072" RealAddress="1019F40071"/>
<Color>008000</Color>
<VariableType>Float</VariableType>
<Address>dWalkSpeedMultiplier+8</Address>
<Hotkeys>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>6</Key>
<Key>82</Key>
</Keys>
<Value>0.68</Value>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>6</Key>
<Key>66</Key>
</Keys>
<Value>0.55</Value>
<ID>1</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>4908</ID>
<Description>"ignore horse speed limit .2"</Description>
<LastState Activated="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
//aobscanmodule(cJmpIfNoHouseSpeedLimitedChkNeededAOB,ACOdyssey.exe,E8 ** ** ** ** 84 ** 74 ** F3 ** ** ** ** ** F3 ** ** ** ** ** 0F 2F ** 76 ** F3 ** ** ** ** ** 49)
//registersymbol(cJmpIfNoHouseSpeedLimitedChkNeededAOB)
cJmpIfNoHouseSpeedLimitedChkNeededAOB+7: //"ACOdyssey.exe"+1E3DC0F:
db EB
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
cJmpIfNoHouseSpeedLimitedChkNeededAOB+7: //"ACOdyssey.exe"+1E3DC0F:
db 74
//Alt: je
/*
ACOdyssey.exe+1E3DB87 - 42 89 04 31 - mov [rcx+r14],eax
ACOdyssey.exe+1E3DB8B - B8 10000000 - mov eax,00000010 { 16 }
ACOdyssey.exe+1E3DB90 - 42 8B 0C 30 - mov ecx,[rax+r14]
ACOdyssey.exe+1E3DB94 - 39 4B 5C - cmp [rbx+5C],ecx
ACOdyssey.exe+1E3DB97 - 75 37 - jne ACOdyssey.exe+1E3DBD0
ACOdyssey.exe+1E3DB99 - F0 FF 43 58 - lock inc [rbx+58]
ACOdyssey.exe+1E3DB9D - 49 8B 87 A0010000 - mov rax,[r15+000001A0]
ACOdyssey.exe+1E3DBA4 - 45 33 C0 - xor r8d,r8d
ACOdyssey.exe+1E3DBA7 - 48 8B 4B 50 - mov rcx,[rbx+50]
ACOdyssey.exe+1E3DBAB - 48 8B 50 10 - mov rdx,[rax+10]
ACOdyssey.exe+1E3DBAF - E8 1CD2AFFE - call ACOdyssey.exe+93ADD0
ACOdyssey.exe+1E3DBB4 - 48 85 C0 - test rax,rax
ACOdyssey.exe+1E3DBB7 - 0F95 C0 - setne al
ACOdyssey.exe+1E3DBBA - F0 FF 4B 58 - lock dec [rbx+58]
ACOdyssey.exe+1E3DBBE - 84 C0 - test al,al
ACOdyssey.exe+1E3DBC0 - 74 33 - je ACOdyssey.exe+1E3DBF5
ACOdyssey.exe+1E3DBC2 - B8 01000000 - mov eax,00000001 { 1 }
ACOdyssey.exe+1E3DBC7 - EB 2E - jmp ACOdyssey.exe+1E3DBF7
ACOdyssey.exe+1E3DBC9 - 0F1F 80 00000000 - nop [rax+00000000]
ACOdyssey.exe+1E3DBD0 - 8B 43 58 - mov eax,[rbx+58]
ACOdyssey.exe+1E3DBD3 - A9 0000F07F - test eax,7FF00000 { 2146435072 }
ACOdyssey.exe+1E3DBD8 - 75 17 - jne ACOdyssey.exe+1E3DBF1
ACOdyssey.exe+1E3DBDA - B8 01000000 - mov eax,00000001 { 1 }
ACOdyssey.exe+1E3DBDF - F0 0FC1 43 58 - lock xadd [rbx+58],eax
ACOdyssey.exe+1E3DBE4 - FF C0 - inc eax
ACOdyssey.exe+1E3DBE6 - A9 0000F07F - test eax,7FF00000 { 2146435072 }
ACOdyssey.exe+1E3DBEB - 74 B0 - je ACOdyssey.exe+1E3DB9D
ACOdyssey.exe+1E3DBED - F0 FF 4B 58 - lock dec [rbx+58]
ACOdyssey.exe+1E3DBF1 - F3 90 - repe nop
ACOdyssey.exe+1E3DBF3 - EB DB - jmp ACOdyssey.exe+1E3DBD0
ACOdyssey.exe+1E3DBF5 - 33 C0 - xor eax,eax
ACOdyssey.exe+1E3DBF7 - 48 8B 4C 24 48 - mov rcx,[rsp+48]
ACOdyssey.exe+1E3DBFC - 48 8D 54 24 40 - lea rdx,[rsp+40]
ACOdyssey.exe+1E3DC01 - 44 0FB6 C8 - movzx r9d,al
ACOdyssey.exe+1E3DC05 - 4D 8B C7 - mov r8,r15
cJmpIfNotHouseSpeedLimitedAOB- E8 A36FFDFF - call ACOdyssey.exe+1E14BB0
ACOdyssey.exe+1E3DC0D - 84 C0 - test al,al
ACOdyssey.exe+1E3DC0F - 74 17 - je ACOdyssey.exe+1E3DC28
ACOdyssey.exe+1E3DC11 - F3 0F10 4C 24 40 - movss xmm1,[rsp+40]
ACOdyssey.exe+1E3DC17 - F3 0F10 44 24 30 - movss xmm0,[rsp+30]
ACOdyssey.exe+1E3DC1D - 0F2F C1 - comiss xmm0,xmm1
ACOdyssey.exe+1E3DC20 - 76 06 - jna ACOdyssey.exe+1E3DC28
ACOdyssey.exe+1E3DC22 - F3 0F11 4C 24 30 - movss [rsp+30],xmm1
ACOdyssey.exe+1E3DC28 - 49 8B CF - mov rcx,r15
ACOdyssey.exe+1E3DC2B - E8 00127300 - call ACOdyssey.exe+256EE30
ACOdyssey.exe+1E3DC30 - 48 8B D8 - mov rbx,rax
ACOdyssey.exe+1E3DC33 - 48 85 C0 - test rax,rax
ACOdyssey.exe+1E3DC36 - 0F84 9B000000 - je ACOdyssey.exe+1E3DCD7
ACOdyssey.exe+1E3DC3C - 4D 85 FF - test r15,r15
ACOdyssey.exe+1E3DC3F - 0F84 92000000 - je ACOdyssey.exe+1E3DCD7
ACOdyssey.exe+1E3DC45 - 65 48 8B 0C 25 58000000 - mov rcx,gs:[00000058] { 88 }
ACOdyssey.exe+1E3DC4E - B8 14000000 - mov eax,00000014 { 20 }
ACOdyssey.exe+1E3DC53 - 4E 8B 34 E9 - mov r14,[rcx+r13*8]
ACOdyssey.exe+1E3DC57 - 8B C8 - mov ecx,eax
ACOdyssey.exe+1E3DC59 - 42 8B 04 30 - mov eax,[rax+r14]
ACOdyssey.exe+1E3DC5D - A8 01 - test al,01 { 1 }
ACOdyssey.exe+1E3DC5F - 75 15 - jne ACOdyssey.exe+1E3DC76
ACOdyssey.exe+1E3DC61 - 83 C8 01 - or eax,01 { 1 }
ACOdyssey.exe+1E3DC64 - 42 89 04 31 - mov [rcx+r14],eax
ACOdyssey.exe+1E3DC68 - E8 C38E96FE - call ACOdyssey.exe+7A6B30
ACOdyssey.exe+1E3DC6D - B9 10000000 - mov ecx,00000010 { 16 }
ACOdyssey.exe+1E3DC72 - 42 89 04 31 - mov [rcx+r14],eax
ACOdyssey.exe+1E3DC76 - B8 10000000 - mov eax,00000010 { 16 }
ACOdyssey.exe+1E3DC7B - 42 8B 0C 30 - mov ecx,[rax+r14]
ACOdyssey.exe+1E3DC7F - 39 4B 5C - cmp [rbx+5C],ecx
ACOdyssey.exe+1E3DC82 - 75 2E - jne ACOdyssey.exe+1E3DCB2
ACOdyssey.exe+1E3DC84 - F0 FF 43 58 - lock inc [rbx+58]
ACOdyssey.exe+1E3DC88 - 49 8B 87 A0010000 - mov rax,[r15+000001A0]
ACOdyssey.exe+1E3DC8F - 45 33 C0 - xor r8d,r8d
ACOdyssey.exe+1E3DC92 - 48 8B 4B 50 - mov rcx,[rbx+50]
ACOdyssey.exe+1E3DC96 - 48 8B 50 10 - mov rdx,[rax+10]
ACOdyssey.exe+1E3DC9A - E8 31D1AFFE - call ACOdyssey.exe+93ADD0
ACOdyssey.exe+1E3DC9F - 48 85 C0 - test rax,rax
*/
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>RESIDENT EVIL 2 - RESIDENT EVIL 2 +19 +1 (table Update14.3)
Code: Select all
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>13019</ID>
<Description>"key"</Description>
<Options moHideChildren="1"/>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
11:CTRL key
12:ALT key
14:CAPS LOCK key
04:Middle Mouse Button
05:X1 Mouse Button
06:X2 Moust Button
</DropDownList>
<ShowAsHex>1</ShowAsHex>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>bUniversalItemKeyID</Address>
<CheatEntries>
<CheatEntry>
<ID>13020</ID>
<Description>""</Description>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>+4</Address>
<CheatEntries>
<CheatEntry>
<ID>13021</ID>
<Description>""</Description>
<Color>008000</Color>
<VariableType>Float</VariableType>
<Address>+4</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>13005</ID>
<Description>"slow walk key .2"</Description>
<Options moHideChildren="1"/>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
//move float read, 0<>1, r8==b
define(walkkeyiddefault,14)
aobscanmodule(someFloatRead1AOB,re2.exe,E8 ** ** ** ** 48 ** ** ** 5B C3 0F 57 C0 48 ** ** ** 5B C3 F3 ** ** ** ** 48 ** ** ** 5B C3)
registersymbol(someFloatRead1AOB)
label(bWalkKeyID)
registersymbol(bWalkKeyID)
label(bWalkKeyPressed)
registersymbol(bWalkKeyPressed)
alloc(newmem,2048,someFloatRead1AOB+14) //"re2.exe"+F58320D)
label(returnhere)
label(originalcode_someFloatRead1AOB)
registersymbol(originalcode_someFloatRead1AOB)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
cmp r8,b
jne @f
mov rbx,bWalkKeyPressed
cmp byte ptr [rbx],1
jne @f
mov rbx,dCustMoveSpeed
movss xmm0,[rbx]
jmp exit
originalcode_someFloatRead1AOB:
readmem(someFloatRead1AOB+14,5)
//movss xmm0,[rcx+10]
exit:
jmp returnhere
///
bWalkKeyID:
dd walkkeyiddefault
bWalkKeyPressed:
dd 0
dCustMoveSpeed:
dd (float)0.75
///
someFloatRead1AOB+14: //"re2.exe"+F58320D:
jmp newmem
returnhere:
///*****************************************///
//modified from ShyTwig16's lua keylistener script
//http://fearlessrevolution.com/viewtopic.php?f=4&t=6041&start=60#p62657
{$lua}
local function walkkeyLuaThread(thread2)
local addr2 = getAddressSafe('bWalkKeyPressed')
while RunWalkkeyLuaThreadLoop do
sleep(100)
if addr2 then
if ( isKeyPressed( readInteger('bWalkKeyID') ) ) then
writeBytes(addr2, 1)
else
writeBytes(addr2, 0)
end
else
addr2 = getAddressSafe('bWalkKeyPressed')
end
end
thread2.terminate()
-- while RunWalkkeyLuaThreadLoop do
-- if ( isKeyPressed(VK_CAPITAL) ) then
-- writeBytes("bWalkKeyPressed" ,1)
-- else
-- writeBytes("bWalkKeyPressed" ,0)
-- end
-- end
-- thread2.terminate()
end
----------------------------------
if syntaxcheck then return end
RunWalkkeyLuaThreadLoop = true
createThread(walkkeyLuaThread)
{$asm}
///*****************************************///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
{$lua}
if syntaxcheck then return end
RunWalkkeyLuaThreadLoop = false
{$asm}
///*****************************************///
dealloc(newmem)
someFloatRead1AOB+14: //"re2.exe"+F58320D:
readmem(originalcode_someFloatRead1AOB,5)
//db F3 0F 10 41 10
//Alt: movss xmm0,[rcx+10]
unregistersymbol(originalcode_someFloatRead1AOB)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>13006</ID>
<Description>"key"</Description>
<Options moHideChildren="1"/>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
11:CTRL key
12:ALT key
14:CAPS LOCK key
04:Middle Mouse Button
05:X1 Mouse Button
06:X2 Moust Button
</DropDownList>
<ShowAsHex>1</ShowAsHex>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>bWalkKeyID</Address>
<CheatEntries>
<CheatEntry>
<ID>13007</ID>
<Description>""</Description>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>+4</Address>
<CheatEntries>
<CheatEntry>
<ID>13008</ID>
<Description>""</Description>
<Color>008000</Color>
<VariableType>Float</VariableType>
<Address>+4</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>Shadow Of The Tomb Raider - Shadow of the Tomb Raider +16+1 (table Update11.3)
Cielos wrote: ↑Wed Sep 12, 2018 6:15 pmwalk key
- the awkward transition from idle pose to walk is still present in this instalment (you start with the ready-to-run animation, and suddenly switch back to walk animation), and turns out the whole module is the exact same, so here it is.
- when activated, hold the mod key to walk.
- you can choose from SHIFT, CTRL, ALT (default), or CAPS LOCK as the walk mod key, provided in the dropdown list.
- note that it's NOT done by modifying the walk behaviour of the game's default walk key, but manipulating the move speed directly instead. so you should have a separate key for this script's walk key that is different from the game's walk key. e.g. if you want to use ALT as this script walk key, make sure you've changed the game's walk key to a different key.
- if you don't like my prefer walk speed, you can change it via the "Speed" entry. by script default, it's slightly faster than the game own walk key speed, as it's too slow for me.
Code: Select all
<CheatEntry>
<ID>12573</ID>
<Description>"walk key"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(runSpeedCalOnRunAOB,SOTTR.exe,F3 0F 58 ** ** 41 0F 2F C8 F3 0F 11 ** ** 76 ** C7 ** ** ** ** ** ** 48)
registersymbol(runSpeedCalOnRunAOB)
label(bWalkKeyPressed)
registersymbol(bWalkKeyPressed)
label(bWalkKeyID)
registersymbol(bWalkKeyID)
label(dCustMaxSpeed)
registersymbol(dCustMaxSpeed)
alloc(newmem,2048,runSpeedCalOnRunAOB+5)
label(returnhere)
label(originalcode_walkkey)
registersymbol(originalcode_walkkey)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov rdx,bWalkKeyPressed
cmp byte ptr [rdx],1
jne @f
mov rdx,dCustMaxSpeed
movss xmm8,[rdx]
originalcode_walkkey:
readmem(runSpeedCalOnRunAOB+5,9)
//comiss xmm1,xmm8
//movss [rdi+1C],xmm1
exit:
jmp returnhere
///
bWalkKeyPressed:
dd 0
bWalkKeyID:
dd 12 //Alt key
dCustMaxSpeed:
dd (float)0.64
///
runSpeedCalOnRunAOB+5:
jmp newmem
nop
nop
nop
nop
returnhere:
///****************************************///
alloc(newmem2,2048,runSpeedCalOnRunAOB+10)
label(returnhere2)
label(originalcode2_walkkey)
registersymbol(originalcode2_walkkey)
label(exit2)
newmem2: //this is allocated memory, you have read,write,execute access
//place your code here
db F3 44 0F 11
readmem(runSpeedCalOnRunAOB+11,2)
//movss [rdi+1c],xmm8
jmp exit2
originalcode2_walkkey:
readmem(runSpeedCalOnRunAOB+10,7)
//mov [rdi+1C],3F800000
exit2:
jmp returnhere2
///
runSpeedCalOnRunAOB+10:
jmp newmem2
nop
nop
returnhere2:
///****************************************///
label(bEndThread_walkKeylistener_mem)
registersymbol(bEndThread_walkKeylistener_mem)
alloc(walkKeylistener_mem,2048,"SOTTR.exe")
registersymbol(walkKeylistener_mem)
createthread(walkKeylistener_mem)
label(keylistenerstart)
label(keylistenerend)
label(keylistenerexit)
walkKeylistener_mem:
sub rsp,28
push rax
keylistenerstart:
mov rcx,bWalkKeyID
movzx rcx,byte ptr [rcx]
//mov rcx,14 //CAPS LOCK key //12 //ALT key
push rcx
call GetAsyncKeyState
add rsp,08
shr ax,#15
mov rcx,bWalkKeyPressed
mov [rcx],al
keylistenerend:
mov rcx,#100
call Sleep
cmp dword ptr [bEndThread_walkKeylistener_mem],1
jne keylistenerstart
keylistenerexit:
pop rax
add rsp,28
mov dword ptr [bEndThread_walkKeylistener_mem],2
ret
///
bEndThread_walkKeylistener_mem:
dd 0
///
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
//obtained from SubBeam's ACS script - start//
{$lua}
if( syntaxcheck == false ) then --actual execution
local starttime = getTickCount()
if readInteger( "bEndThread_walkKeylistener_mem" ) == 0 then --could be 2 already
writeInteger( "bEndThread_walkKeylistener_mem", 1 ) --tell the thread to kill itself
end
while( getTickCount() < starttime + 1000 ) and ( readInteger( "bEndThread_walkKeylistener_mem" ) ~=2 ) do --wait till it has finished
sleep( 20 )
end
if( getTickCount() > starttime + 1000 ) then --could happen when the window is shown
showMessage( 'Disabling the thread failed!' )
error( 'Thread disabling failed!' )
end
sleep( 1 )
end
{$asm}
//obtained from SubBeam's ACS script - end//
//bEndThread_walkKeylistener_mem:
//dd 1
///****************************************///
dealloc(newmem)
runSpeedCalOnRunAOB+5:
readmem(originalcode_walkkey,9)
//db 41 0F 2F C8 F3 0F 11 4F 1C
//Alt: comiss xmm1,xmm8
//Alt: movss [rdi+1C],xmm1
unregistersymbol(originalcode_walkkey)
unregistersymbol(bWalkKeyPressed)
unregistersymbol(bWalkKeyID)
unregistersymbol(dCustMaxSpeed)
///****************************************///
dealloc(newmem2)
runSpeedCalOnRunAOB+10:
readmem(originalcode2_walkkey,7)
//db C7 47 1C 00 00 80 3F
//Alt: mov [rdi+1C],3F800000
unregistersymbol(originalcode2_walkkey)
///****************************************///
unregistersymbol(bEndThread_walkKeylistener_mem)
dealloc(walkKeylistener_mem)
unregistersymbol(walkKeylistener_mem)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>12575</ID>
<Description>"key"</Description>
<DropDownList DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT key
11:CTRL key
12:ALT key
14:CAPS LOCK key
</DropDownList>
<ShowAsHex>1</ShowAsHex>
<Color>008000</Color>
<VariableType>Byte</VariableType>
<Address>bWalkKeyID</Address>
</CheatEntry>
<CheatEntry>
<ID>12576</ID>
<Description>"speed"</Description>
<Color>008000</Color>
<VariableType>Float</VariableType>
<Address>dCustMaxSpeed</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>Control - Control +14 (table Update4.1)
Code: Select all
<CheatEntry>
<ID>111</ID>
<Description>"Walk Key"</Description>
<Options moHideChildren="1"/>
<Color>000080</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
define(walkkeyiddefault,12)
aobscanmodule(moveSpeedWriteAOB,Control_DX11.exe,F3 0F ** ** ** F3 0F ** ** ** ** 00 00 41 ** ** ** 44 ** ** ** ** ** 7A ** 75)
registersymbol(moveSpeedWriteAOB)
label(bWalkKeyMethod)
registersymbol(bWalkKeyMethod)
label(bWalkKeyPressed)
registersymbol(bWalkKeyPressed)
label(bWalkKeyID)
registersymbol(bWalkKeyID)
alloc(newmem,2048,moveSpeedWriteAOB) //"Control_DX11.exe"+32DB59)
label(returnhere)
label(originalcode_moveSpeedWriteAOB)
registersymbol(originalcode_moveSpeedWriteAOB)
label(exit)
newmem:
push rax
mov rax,bWalkKeyMethod
cmp byte ptr [rax],1
lea rax,[rax+4]
jne movemaxspeedmanipulate
cmp byte ptr [rax],1
jne walkkeynotpressing
cmp byte ptr [rax+1],1
je toggleend
mov byte ptr [rax+1],1
xor byte ptr [rax+2],1
jmp toggleend
walkkeynotpressing:
cmp byte ptr [rax+1],0
je toggleend
mov byte ptr [rax+1],0
toggleend:
lea rax,[rax+2]
movemaxspeedmanipulate:
cmp byte ptr [rax],1
jne end
mov rax,dMoveSpeedMultiplier
mulss xmm2,[rax]
end:
pop rax
originalcode_moveSpeedWriteAOB:
readmem(moveSpeedWriteAOB,5)
//movss [rdi+20],xmm2
exit:
jmp returnhere
///
bWalkKeyMethod:
dd 0 //0: hold, 1: toggle
bWalkKeyPressed:
dd 0
bWalkKeyID:
dd walkkeyiddefault
dMoveSpeedMultiplier:
dd (float)0.42
///
moveSpeedWriteAOB: //"Control_DX11.exe"+32DB59:
jmp newmem
returnhere:
///*****************************************///
//modified from ShyTwig16's lua keylistener script
//http://fearlessrevolution.com/viewtopic.php?f=4&t=6041&start=60#p62657
{$lua}
local function walkkeyLuaThread(thread2)
local addr2 = getAddressSafe('bWalkKeyPressed')
while RunWalkkeyLuaThreadLoop do
sleep(100)
if addr2 then
if ( isKeyPressed( readInteger('bWalkKeyID') ) ) then
writeBytes(addr2, 1)
else
writeBytes(addr2, 0)
end
else
addr2 = getAddressSafe('bWalkKeyPressed')
end
end
thread2.terminate()
-- while RunWalkkeyLuaThreadLoop do
-- if ( isKeyPressed(VK_CAPITAL) ) then
-- writeBytes("bWalkKeyPressed" ,1)
-- else
-- writeBytes("bWalkKeyPressed" ,0)
-- end
-- end
-- thread2.terminate()
end
----------------------------------
if syntaxcheck then return end
RunWalkkeyLuaThreadLoop = true
createThread(walkkeyLuaThread)
{$asm}
[DISABLE]
{$lua}
if syntaxcheck then return end
RunWalkkeyLuaThreadLoop = false
{$asm}
dealloc(newmem)
moveSpeedWriteAOB: //"Control_DX11.exe"+32DB59:
readmem(originalcode_moveSpeedWriteAOB,5)
//db F3 0F 11 57 20
//Alt: movss [rdi+20],xmm2
unregistersymbol(originalcode_moveSpeedWriteAOB)
unregistersymbol(bWalkKeyMethod)
unregistersymbol(bWalkKeyPressed)
unregistersymbol(bWalkKeyID)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>112</ID>
<Description>"Status"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Hold Key
1:Toggle Key
</DropDownList>
<Color>C08000</Color>
<VariableType>Byte</VariableType>
<Address>bWalkKeyMethod</Address>
</CheatEntry>
<CheatEntry>
<ID>113</ID>
<Description>"Key"</Description>
<Options moHideChildren="1"/>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">10:SHIFT
11:CTRL
12:ALT
14:CAPS LOCK
04:Middle Mouse
05:X1 Mouse
06:X2 Mouse
</DropDownList>
<ShowAsHex>1</ShowAsHex>
<Color>C08000</Color>
<VariableType>Byte</VariableType>
<Address>bWalkKeyID</Address>
</CheatEntry>
<CheatEntry>
<ID>114</ID>
<Description>"Speed"</Description>
<Color>C08000</Color>
<VariableType>Float</VariableType>
<Address>bWalkKeyID+4</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>All credits go to the amazing table maker Cielos and his incredible work here!
Best Regards
