DOOM Eternal [Engine:idTech 7]

[Slendahmon]

Please forgive me as I'm a complete noob in this lol. How do I apply what I downloaded to the game so I can use the console cmds?
Edit: figured it out. Much easier than I thought lol.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[vx342]

Game CTD when activating noclip/notarget option. Unrestricted Console Command is fine.

PS: Gamedate return Mar 13 2020

[Darkedone02]

Can we have a cheat that allow us to still pick stuff up while we have god mode and infinite ammo on?

[korvaldr]

I would kill for just some extra lives, the game difficulty spiked and I burnt through my stock. :/

[Gopo]

I'll have a look through the commands for anything to boost XP gain. That's one that I'm particularly interested in.

[rowjack1993]

Can we have a cheat that allow us to still pick stuff up while we have god mode and infinite ammo on?

which cheat is infinite ammo?

[Darkedone02]

Can we have a cheat that allow us to still pick stuff up while we have god mode and infinite ammo on?

which cheat is infinite ammo?

they already said it here, god for god mode, g_infiniteammo 1 is infinite ammo.

[SunBeam]

Amazing thanks! Now I'm playing more with console commands than playing the actual game.

That's what developers need to understand. The already-game-saturated-for-years player is used to using cheats in single player one way or another. It makes the whole experience much enjoyable. Especially in this game where you're considered "an angel", a bad-ass, the only one fighting the demons after vanishing from Mars. So god mode, infinite ammo and all that shit is part of being a bad ass Another thing developers need to understand is there isn't too much work involved if they fucking SEPARATE single player from multi-player in 2 different executables. They're easier to maintain, depending on which needs an update. But noo.. marketing and management demands cross-code in 1 single .exe, so they don't look stupid in front of the rest of the developers "yo, dude, 2 exes is so 90s..". The stupid shit people revolve to when faced with shallow e-belittling..

noclip and notarget script crashes the lowly Beth Launcher version of the game.

I did mention in the first post the word Steam. I don't own the Beth version. Let's try first by uploading your DOOMEternalx64vk.exe someplace (e.g.: mediafire) and linking it here. If it doesn't run on my end (will replace the Steam one with yours), then I might need you to dump it from memory. I'll instruct how. Lastly, I will post some screenshots on how to do it yourself in the future, as I will not maintain this table through the updates. So, people, sober up and make backups, as well as either learning how to update a table -OR- bring in someone who knows.

Game CTD when activating noclip/notarget option. Unrestricted Console Command is fine.

PS: Gamedate return Mar 13 2020

You're not playing the Steam version, that's why. The script hard-codes specific addresses, hence in your .exe they might be different. Here's an example:



That's why.

Can we have a cheat that allow us to still pick stuff up while we have god mode and infinite ammo on?

In the Wolfenstein games I've done this in the process is cumbersome. You need to find out where your HP, Shield, individual ammo, throwables, pick-ables and so on are located. Once you do, you need to find the code where the current is compared to the max. Then instruct the game code to run the "is lower than max" branch anyway. That gets your shit picked-up and so on. Here's how shit looks like in Youngblood, to make a point why this is cumbersome:

I would kill for just some extra lives, the game difficulty spiked and I burnt through my stock. :/

If your OCD is playing without god, then sorry.. each to their own.

[XxDarkus101Xx]

I hope you guys can add a "No Recoil" and "No Spread" option. I would like to kill my demons with deadly precision.

[bloodaxis]

Experience multipliers would be pretty great for unlocking skins early, everything else is already in the console commands/flings trainer. Thanks for your work too sunbeam.

[SunBeam]

For those of you who want to modify the Add 'noclip' & 'notarget' Commands to suit your Bethesda executable, this is what you need:

• a reference to the cmdSystem pointer

Code: Select all

AddCommands:
sub rsp,38
lea r9,[szNoclipDesc]                   // "enables no clipping"
mov dword ptr [rsp+28],200000
mov r8,[qwNoclipFunc]                   // noclip function
mov [rsp+20],0
lea rdx,[szNoclipCmd]                   // "noclip"
mov rcx,[DOOMEternalx64vk.exe+3B6E028]  // cmdSystem <-- THIS!
mov rax,[rcx]                           // cmdSystem->cmdSystemLocal
call qword ptr [rax+18]                 // cmdSystemLocal->AddCommand
..
ret

In the Steam version, that pointer is DOOMEternalx64vk.exe+3B6E028. But what about Bethesda executable? Well.. we start from the Steam executable. I've provided a link below, whereas I've stripped all IAT, so you won't need to put it in the game's folder; just download it and put it ANYWHERE (your Desktop, etc.). Note that dumped doesn't mean it will run; as in this is not a crack. Just so it's clear for everyone.

Steam 1.0 dumped .exe ⥂ [Link] (pass: sunbeam)
Bethesda 1.0 dumped .exe ⥂ [Link] (pass: sunbeam)

[ ^ Added the Bethesda dump as well. ]

To start doing what I mentioned above, you will need x64dbg and Cheat Engine. You'll see why both. I really recommend people who know what they're doing to do this. If you're a newbie and still want to do it, then please don't spam the topic with noob questions. The purpose of this is to instruct, not to teach basics.

x64dbg ⥂ [Link]
Cheat Engine 7.0 ⥂

Load your exe in x64dbg and hit EP (press F9 one time). You should be here:



Click on 'Symbols' tab, then right-click the exe, then 'Follow in Dissassembler'. You should be here:



[NOTE: The addresses might be different due to [Link]. So please don't hyper-ventilate over the thought that "I don't see the SAME address", OK? It's normal.]

Now.. open Cheat Engine, target your exe, then open Memory Viewer and Ctrl+G. Paste in the address I mentioned in the "THIS!" note in the code snippet above. So we're here:



[NOTE: This is not an executable location, it's just to show you how to get from "DOOMEternalx64vk.exe+3B6E028" to the address we want to look at in x64dbg. Why? Because in x64dbg you can't use this format: DOOMEternalx64vk.exe+3B6E028. You have to give it the specific address, which is computed based on your exe's module base, ASLR, and so on and so forth.]

Now that you're there, press Ctrl+G and you'll see this:



So.. DOOMEternalx64vk.exe+3B6E028 == 7FF6DE48E028.

[NOTE: If you reload the exe in x64dbg or reboot your PC, then reload the exe in x64dbg.. then open CE and head again to DOOMEternalx64vk.exe+3B6E028.. when you press Ctrl+G you will probably see a different address. Nevertheless ending in 28, but still a DIFFERENT one than the last time you tried. Why? Because of ASLR. Simply put, the Window OS randomizes the location of your executable in memory. So its allocation base will shift based on OS' judgment. CE uses DOOMEternalx64vk.exe to point to this allocation in memory, so whenever ASLR kicks in, CE will always convert internally DOOMEternalx64vk.exe to the actual base. The only constant in this process is the offset So "3B6E028" added to that base CE always converts and properly gets will lead to the proper location in our newly reloaded process Now.. in x64dbg you don't have this artifice to help you. Which means you need to know the address or do several steps more to get to. The way I show it I think is much simpler.]

Copy that address, head back to x64dbg and click the bottom part (where you see Address, Value, Comments headers). Click inside there and Ctrl+G, then paste your address:



Select the first byte with your mouse, right-click and 'Find References':



I found 448:



Double-click one of them, say the first one:



If you look around it, you can see several strings. "Not allowed" or "%s is read only\n" or "%s can only be set on the command line\n".

What you can do now is open another x64dbg, load your Bethesda executable and follow the first few steps (load process in x64dbg, F9 to hit EP, click on Symbols tab, right-click on exe process, Follow in Disassembler), then right-click in the disassembler window (the top one) and pick Search For > Current Module > String references. Let x64dbg finish (it will take a bit, 1-2-3 minutes). Then in the list filter for either string above, making sure you find only 1 result (if more, investigate each).

And I found this in my 2nd x64dbg:



The reference address we used was between those 3 string references I mentioned. Now we found the same reference address, between the 3 string references, but in the Bethesda executable. So while the address we have in the Steam one is 7FF6DE48E028, the address we see in the Bethesda executable is 143B30628. Yes, yours will probably be looking different; like I said, don't panic, the goal here ISN'T HAVING THE SAME ADDRESSES as I do, but to understand the idea. So now.. we want to convert that address I found - 143B30628 - to CE standard.

Fire a 2nd CE, target your Bethesda executable (make sure you really pick the last DOOMEternalx64vk.exe process in the list, not the first). Then open Memory Viewer and Ctrl+G in top part to go to 143B30628. And I'm here:



So.. 143B30628 translates to DOOMEternalx64vk.exe+3B30628.

Conclusion:

• Steam: DOOMEternalx64vk.exe+3B6E028

• Bethesda: DOOMEternalx64vk.exe+3B30628

I've marked in red the differences, just to point out the offsets are different. Nothing else, no need to devise a pattern saying "the offset is 6E0 in Steam and 306 in Bethesda" cuz that would be awfully wrong. OK?

So now, in your table, you can head to the "Add 'noclip' & 'notarget' Commands" script, open it up, go to lines 39 and 48 and replace the pointers with the newly found ones, compatible with your Bethesda executable:



You've now fixed A PART OF THE SCRIPT. You still have to adjust the rest based on my explanations above. Just so you don't think it's enough to fix just that one pointer, mk?

All of the above is transcribed into this:

• to find the cmdSystem pointer, search for string references and filter the list to show only "%s can only be set on the command line\n" (including quotes)

• double-click on the reference and check the line 0x3C bytes below it

• the pointer is between the brackets []

[NOTE: You can toggle offsetting from the highlighted line going down by double-clicking the address in the first column:


to

]

And that's how you fix stuff in general: work with both executables, find references to the addresses you want to update, make use of strings to faster identify the executable code locations, then convert the address you found to CE format (base+offset). Update script. Bam.

As far as I'm concerned, if nothing changes drastically in the code around the AOB being scanned for in the Unrestrict Console Commands/CVars script, that should work for any client version out there and any update. But just in case something changes, remember to make a backup of your .exe/dumped .exe.

BR,
Sun

[SunBeam]

I hope you guys can add a "No Recoil" and "No Spread" option. I would like to kill my demons with deadly precision.

Experience multipliers would be pretty great for unlocking skins early, everything else is already in the console commands/flings trainer. Thanks for your work too sunbeam.

I'm not interested in that shit, sorry. What else custom you want you'll have to manage on your own: wait for updated trainers (which you obviously use) or Zanzer's table. Peace.

[vx342]

You're not playing the Steam version, that's why. The script hard-codes specific addresses, hence in your .exe they might be different. Here's an

My bad, i didn't read carefully the initial post. Thks anyway for your detailled report.

[Absoloot]

Am I missing something with the god command? It just locks my health to 20 and I can still take damage.

[SunBeam]

Am I missing something with the god command? It just locks my health to 20 and I can still take damage.

You have to redo it after every map load. When you exit a map, since game reinitializes all structures, it will also restore to default the structure where the god bool was set by you earlier. Short story: enable god after any map load/reload.