Genshin Impact CE Bypass

Upload your cheat tables here (No requests)
Post Reply
willdan48
What is cheating?
What is cheating?
Posts: 2
Joined: Sat Oct 10, 2020 10:36 pm
Reputation: 0

Re: Genshin Impact CE Bypass

Post by willdan48 »

MGGA wrote:
Sat Oct 03, 2020 10:49 pm
 after i checked the project files, it has missing static library files.
so open libcapcom and libelevate projects and compile it, you will get libcapcom.lib and libelevate.lib.
open genshinbypass project and add those library files through "library directories" under vc++ directories, compile it and you get an injector.
if you have dll file contains cheats, use it and inject it to GenshinImpact.exe (this file is protected but the injector can bypass it as it claims).
one more thing, in constants.h you need to change/rename "the #define WINDOW_TITLE "原神" to your language (e.g. for english is "the #define WINDOW_TITLE "Genshin Impact").

goodluck.
dunno cant compile libcapcom and libelevate... can you share the lib?

How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

i've Been using this for about 3days and already reached AR18.

ESP Box Treasure and Freeze Enemy
Num1 Activate
Num2 Deactivate
CE Script Cheat

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
  <CheatEntries>
    <CheatEntry>
      <ID>141</ID>
      <Description>"ESP Hack"</Description>
      <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
      <LastState Value="" RealAddress="00000000"/>
      <Color>0000FF</Color>
      <GroupHeader>1</GroupHeader>
      <Hotkeys>
        <Hotkey>
          <Action>Activate</Action>
          <Keys>
            <Key>97</Key>
          </Keys>
          <ID>0</ID>
        </Hotkey>
        <Hotkey>
          <Action>Deactivate</Action>
          <Keys>
            <Key>98</Key>
          </Keys>
          <ID>1</ID>
        </Hotkey>
      </Hotkeys>
      <CheatEntries>
        <CheatEntry>
          <ID>127</ID>
          <Description>"Monster Level"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(lvesp,UserAssembly.dll,0F 87 E1 00 00 00 48 8B 8B) // should be unique

lvesp:
  db 0F 84 E1 00 00 00

registersymbol(lvesp)

[DISABLE]

lvesp:
  db 0F 87 E1 00 00 00

unregistersymbol(lvesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125A79D

"UserAssembly.dll"+125A76E: 48 8B 43 50              -  mov rax,[rbx+50]
"UserAssembly.dll"+125A772: 48 85 C0                 -  test rax,rax
"UserAssembly.dll"+125A775: 0F 84 62 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A77B: 48 8B 8B F0 00 00 00     -  mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A782: F3 0F 10 B0 9C 01 00 00  -  movss xmm6,[rax+0000019C]
"UserAssembly.dll"+125A78A: 48 85 C9                 -  test rcx,rcx
"UserAssembly.dll"+125A78D: 0F 84 4A 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A793: 33 D2                    -  xor edx,edx
"UserAssembly.dll"+125A795: E8 96 3C BB FF           -  call UserAssembly.dll+E0E430
"UserAssembly.dll"+125A79A: 0F 2F F0                 -  comiss xmm6,xmm0
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125A79D: 0F 87 E1 00 00 00        -  ja UserAssembly.dll+125A884
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+125A7A3: 48 8B 8B F0 00 00 00     -  mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A7AA: C6 83 B0 00 00 00 01     -  mov byte ptr [rbx+000000B0],01
"UserAssembly.dll"+125A7B1: 48 85 C9                 -  test rcx,rcx
"UserAssembly.dll"+125A7B4: 0F 84 23 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A7BA: 33 D2                    -  xor edx,edx
"UserAssembly.dll"+125A7BC: E8 5F 3E BB FF           -  call UserAssembly.dll+E0E620
"UserAssembly.dll"+125A7C1: 0F 2F C6                 -  comiss xmm0,xmm6
"UserAssembly.dll"+125A7C4: 0F 57 FF                 -  xorps xmm7,xmm7
"UserAssembly.dll"+125A7C7: 77 12                    -  ja UserAssembly.dll+125A7DB
"UserAssembly.dll"+125A7C9: F3 0F 5C 35 3B 62 72 03  -  subss xmm6,[UserAssembly.dll+4980A0C]
}
</AssemblerScript>
        </CheatEntry>
        <CheatEntry>
          <ID>159</ID>
          <Description>"Monster Healthbar"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(hpesp,UserAssembly.dll,76 07 C6 83 C9 00 00 00 01 33 D2 48 8B CB E8 E2) // should be unique

hpesp:
  db 74 07

registersymbol(hpesp)

[DISABLE]

hpesp:
  db 76 07

unregistersymbol(hpesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125921B

"UserAssembly.dll"+12591E9: E8 32 32 AE 02              -  call UserAssembly.dll+3D3C420
"UserAssembly.dll"+12591EE: 84 C0                       -  test al,al
"UserAssembly.dll"+12591F0: 0F 85 BC 00 00 00           -  jne UserAssembly.dll+12592B2
"UserAssembly.dll"+12591F6: 48 8B 43 50                 -  mov rax,[rbx+50]
"UserAssembly.dll"+12591FA: 48 85 C0                    -  test rax,rax
"UserAssembly.dll"+12591FD: 0F 84 6D 03 00 00           -  je UserAssembly.dll+1259570
"UserAssembly.dll"+1259203: F3 0F 10 83 8C 00 00 00     -  movss xmm0,[rbx+0000008C]
"UserAssembly.dll"+125920B: 0F 29 74 24 50              -  movaps [rsp+50],xmm6
"UserAssembly.dll"+1259210: F3 0F 10 B0 9C 01 00 00     -  movss xmm6,[rax+0000019C]
"UserAssembly.dll"+1259218: 0F 2F C6                    -  comiss xmm0,xmm6
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125921B: 76 07                       -  jna UserAssembly.dll+1259224
"UserAssembly.dll"+125921D: C6 83 C9 00 00 00 01        -  mov byte ptr [rbx+000000C9],01
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1259224: 33 D2                       -  xor edx,edx
"UserAssembly.dll"+1259226: 48 8B CB                    -  mov rcx,rbx
"UserAssembly.dll"+1259229: E8 E2 1E 9A 00              -  call UserAssembly.dll+1BFB110
"UserAssembly.dll"+125922E: 0F 2F C6                    -  comiss xmm0,xmm6
"UserAssembly.dll"+1259231: 0F 28 74 24 50              -  movaps xmm6,[rsp+50]
"UserAssembly.dll"+1259236: 0F 97 C0                    -  seta al
"UserAssembly.dll"+1259239: 88 83 C8 00 00 00           -  mov [rbx+000000C8],al
"UserAssembly.dll"+125923F: EB 71                       -  jmp UserAssembly.dll+12592B2
"UserAssembly.dll"+1259241: 45 33 C0                    -  xor r8d,r8d
"UserAssembly.dll"+1259244: BA 54 39 00 00              -  mov edx,00003954
}
</AssemblerScript>
        </CheatEntry>
        <CheatEntry>
          <ID>142</ID>
          <Description>"Box Treasure"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(boxesp,UserAssembly.dll,74 1C 48 85 C0 0F 84 CF) // should be unique
aobscanmodule(boxespdist,UserAssembly.dll,74 E2 33 D2 48 8B CF) // should be unique

boxesp:
  db 75 1C
boxespdist:
  db 75 E2

registersymbol(boxesp)
registersymbol(boxespdist)

[DISABLE]

boxesp:
  db 74 1C
boxespdist:
  db 74 E2

unregistersymbol(boxesp)
unregistersymbol(boxespdist)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6ED77

"UserAssembly.dll"+1C6ED4E: 48 8B 52 20                    -  mov rdx,[rdx+20]
"UserAssembly.dll"+1C6ED52: 48 85 D2                       -  test rdx,rdx
"UserAssembly.dll"+1C6ED55: 0F 84 F6 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED5B: 3B 5A 18                       -  cmp ebx,[rdx+18]
"UserAssembly.dll"+1C6ED5E: 0F 83 DD 00 00 00              -  jae UserAssembly.dll+1C6EE41
"UserAssembly.dll"+1C6ED64: 48 63 CB                       -  movsxd  rcx,ebx
"UserAssembly.dll"+1C6ED67: 48 8B 54 CA 20                 -  mov rdx,[rdx+rcx*8+20]
"UserAssembly.dll"+1C6ED6C: 48 85 D2                       -  test rdx,rdx
"UserAssembly.dll"+1C6ED6F: 0F 84 DC 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED75: 85 DB                          -  test ebx,ebx
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6ED77: 74 1C                          -  je UserAssembly.dll+1C6ED95
"UserAssembly.dll"+1C6ED79: 48 85 C0                       -  test rax,rax
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1C6ED7C: 0F 84 CF 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED82: 8B 52 10                       -  mov edx,[rdx+10]
"UserAssembly.dll"+1C6ED85: 45 33 C0                       -  xor r8d,r8d
"UserAssembly.dll"+1C6ED88: 48 8B C8                       -  mov rcx,rax
"UserAssembly.dll"+1C6ED8B: E8 90 A1 00 00                 -  call UserAssembly.dll+1C78F20
"UserAssembly.dll"+1C6ED90: 0F B6 E8                       -  movzx ebp,al
"UserAssembly.dll"+1C6ED93: EB 1A                          -  jmp UserAssembly.dll+1C6EDAF
"UserAssembly.dll"+1C6ED95: 48 85 C0                       -  test rax,rax
"UserAssembly.dll"+1C6ED98: 0F 84 B3 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED9E: 8B 52 10                       -  mov edx,[rdx+10]
}

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6EDFA

"UserAssembly.dll"+1C6EDCF: 48 8B CF              -  mov rcx,rdi
"UserAssembly.dll"+1C6EDD2: E8 29 FB FF FF        -  call UserAssembly.dll+1C6E900
"UserAssembly.dll"+1C6EDD7: C6 87 A0 00 00 00 01  -  mov byte ptr [rdi+000000A0],01
"UserAssembly.dll"+1C6EDDE: 48 8B 6C 24 38        -  mov rbp,[rsp+38]
"UserAssembly.dll"+1C6EDE3: 48 8B 5C 24 30        -  mov rbx,[rsp+30]
"UserAssembly.dll"+1C6EDE8: 48 8B 74 24 40        -  mov rsi,[rsp+40]
"UserAssembly.dll"+1C6EDED: 48 83 C4 20           -  add rsp,20
"UserAssembly.dll"+1C6EDF1: 5F                    -  pop rdi
"UserAssembly.dll"+1C6EDF2: C3                    -  ret
"UserAssembly.dll"+1C6EDF3: 80 BF A0 00 00 00 00  -  cmp byte ptr [rdi+000000A0],00
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6EDFA: 74 E2                 -  je UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EDFC: 33 D2                 -  xor edx,edx
"UserAssembly.dll"+1C6EDFE: 48 8B CF              -  mov rcx,rdi
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1C6EE01: E8 3A 09 00 00        -  call UserAssembly.dll+1C6F740
"UserAssembly.dll"+1C6EE06: C6 87 A0 00 00 00 00  -  mov byte ptr [rdi+000000A0],00
"UserAssembly.dll"+1C6EE0D: EB CF                 -  jmp UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EE0F: 45 33 C0              -  xor r8d,r8d
"UserAssembly.dll"+1C6EE12: BA 9C 40 00 00        -  mov edx,0000409C
"UserAssembly.dll"+1C6EE17: 33 C9                 -  xor ecx,ecx
"UserAssembly.dll"+1C6EE19: E8 62 F3 13 00        -  call UserAssembly.dll+1DAE180
"UserAssembly.dll"+1C6EE1E: 48 85 C0              -  test rax,rax
"UserAssembly.dll"+1C6EE21: 74 2E                 -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6EE23: 45 33 C0              -  xor r8d,r8d
}
</AssemblerScript>
          <Hotkeys>
            <Hotkey>
              <Action>Activate</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Deactivate</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
    <CheatEntry>
      <ID>131</ID>
      <Description>"Game Speedhack"</Description>
      <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
      <LastState/>
      <Color>0000FF</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(speed,UnityPlayer.dll,F3 0F 10 81 0C 03 00 00 C3) // should be unique
alloc(newmem,$1000,speed)

label(code)
label(return)

alloc(Doublespeedv,12)

newmem:

code:
  movss xmm0,[rcx+0000030C]
  mov [Doublespeedv],rcx
  jmp return

speed:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(speed)
registersymbol(Doublespeedv)

/*--------------------------------------------------------------------------------------------*/

aobscanmodule(doublespeed,UnityPlayer.dll,8B 87 0C 03 00 00 89 01 80) // should be unique
alloc(newmem2,$1000,doublespeed)

label(code2)
label(return2)

alloc(OnDoublespeed,2048)
alloc(etcDoublespeed,2048)
alloc(XDoublespeed,2048)

alloc(MyDoublespeedv2,12)
alloc(EtcDoublespeedv,12)
alloc(XDoublespeedv,12)
registersymbol(MyDoublespeedv2)
registersymbol(EtcDoublespeedv)
registersymbol(XDoublespeedv)

newmem2:
  cmp rdi,[Doublespeedv]
  je OnDoublespeed
  cmp byte ptr [rdi+328],01
  je etcDoublespeed
  mov eax,[EtcDoublespeedv]
  jmp return2

  etcDoublespeed:
  cmp byte ptr [rdi+358],00
  jne XDoublespeed
  mov eax,[EtcDoublespeedv]
  jmp return2

  XDoublespeed:
  mov eax,[XDoublespeedv]
  jmp return2

  OnDoublespeed:
  mov eax,[MyDoublespeedv2]
  jmp return2

code2:
  mov eax,[rdi+0000030C]
  jmp return2

MyDoublespeedv2:
  dd (float)1
EtcDoublespeedv:
  dd (float)1
XDoublespeedv:
  dd (float)1

doublespeed:
  jmp newmem2
  nop
return2:
registersymbol(doublespeed)

[DISABLE]

speed:
  db F3 0F 10 81 0C 03 00 00

unregistersymbol(speed)
dealloc(newmem)

/*-------------------------*/

doublespeed:
  db 8B 87 0C 03 00 00

unregistersymbol(doublespeed)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B2F1E0

"UnityPlayer.dll"+B2F1D6: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D7: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D8: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D9: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DA: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DB: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DC: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DD: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DE: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DF: CC                       -  int 3 
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B2F1E0: F3 0F 10 81 0C 03 00 00  -  movss xmm0,[rcx+0000030C]
// ---------- DONE INJECTING  ----------
"UnityPlayer.dll"+B2F1E8: C3                       -  ret 
"UnityPlayer.dll"+B2F1E9: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EA: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EB: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EC: CC                       -  int 3 
"UnityPlayer.dll"+B2F1ED: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EE: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EF: CC                       -  int 3 
"UnityPlayer.dll"+B2F1F0: 80 B9 3D 01 00 00 00     -  cmp byte ptr [rcx+0000013D],00
"UnityPlayer.dll"+B2F1F7: 75 03                    -  jne UnityPlayer.dll+B2F1FC
}

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B26298

"UnityPlayer.dll"+B2626F: 48 8B CF                 -  mov rcx,rdi
"UnityPlayer.dll"+B26272: E8 39 34 00 00           -  call UnityPlayer.dll+B296B0
"UnityPlayer.dll"+B26277: 83 BF EC 00 00 00 00     -  cmp dword ptr [rdi+000000EC],00
"UnityPlayer.dll"+B2627E: 74 20                    -  je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B26280: 48 8B 87 98 04 00 00     -  mov rax,[rdi+00000498]
"UnityPlayer.dll"+B26287: 48 85 C0                 -  test rax,rax
"UnityPlayer.dll"+B2628A: 74 14                    -  je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B2628C: 48 8B 88 F0 00 00 00     -  mov rcx,[rax+000000F0]
"UnityPlayer.dll"+B26293: 48 85 C9                 -  test rcx,rcx
"UnityPlayer.dll"+B26296: 74 08                    -  je UnityPlayer.dll+B262A0
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B26298: 8B 87 0C 03 00 00        -  mov eax,[rdi+0000030C]
// ---------- DONE INJECTING  ----------
"UnityPlayer.dll"+B2629E: 89 01                    -  mov [rcx],eax
"UnityPlayer.dll"+B262A0: 80 BF D0 00 00 00 00     -  cmp byte ptr [rdi+000000D0],00
"UnityPlayer.dll"+B262A7: 0F 84 81 02 00 00        -  je UnityPlayer.dll+B2652E
"UnityPlayer.dll"+B262AD: 45 84 FF                 -  test r15l,r15l
"UnityPlayer.dll"+B262B0: 74 22                    -  je UnityPlayer.dll+B262D4
"UnityPlayer.dll"+B262B2: 48 8B 87 20 01 00 00     -  mov rax,[rdi+00000120]
"UnityPlayer.dll"+B262B9: 80 B8 A4 00 00 00 00     -  cmp byte ptr [rax+000000A4],00
"UnityPlayer.dll"+B262C0: 75 1F                    -  jne UnityPlayer.dll+B262E1
"UnityPlayer.dll"+B262C2: 80 BF D1 00 00 00 00     -  cmp byte ptr [rdi+000000D1],00
"UnityPlayer.dll"+B262C9: 75 16                    -  jne UnityPlayer.dll+B262E1
}
</AssemblerScript>
      <Hotkeys>
        <Hotkey>
          <Action>Activate</Action>
          <Keys>
            <Key>97</Key>
          </Keys>
          <ID>0</ID>
          <ActivateSound TTS="EN">Activated</ActivateSound>
        </Hotkey>
        <Hotkey>
          <Action>Deactivate</Action>
          <Keys>
            <Key>98</Key>
          </Keys>
          <ID>1</ID>
          <DeactivateSound TTS="EN">Deactivated</DeactivateSound>
        </Hotkey>
      </Hotkeys>
      <CheatEntries>
        <CheatEntry>
          <ID>133</ID>
          <Description>"Player Speed"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
2:x2
3:x3
4:x4
5:x5
</DropDownList>
          <LastState Value="1" RealAddress="7FF954592800"/>
          <VariableType>Float</VariableType>
          <Address>MyDoublespeedv2</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>112</Key>
              </Keys>
              <Value>1</Value>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>113</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
        <CheatEntry>
          <ID>132</ID>
          <Description>"Freeze Enemy"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
0:ON
</DropDownList>
          <LastState Value="1" RealAddress="7FF954592818"/>
          <Color>000000</Color>
          <VariableType>Float</VariableType>
          <Address>XDoublespeedv</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Activate</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
            <Hotkey>
              <Action>Deactivate</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <ID>2</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <Value>1</Value>
              <ID>3</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
        <CheatEntry>
          <ID>134</ID>
          <Description>"Etc"</Description>
          <LastState Value="1" RealAddress="7FF95459280C"/>
          <VariableType>Float</VariableType>
          <Address>EtcDoublespeedv</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>112</Key>
              </Keys>
              <Value>1</Value>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>113</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
  <UserdefinedSymbols>
    <SymbolEntry>
      <Name>inject</Name>
      <Address>25DB40D0000</Address>
    </SymbolEntry>
    <SymbolEntry>
      <Name>newmem</Name>
      <Address>004D0000</Address>
    </SymbolEntry>
  </UserdefinedSymbols>
  <Comments>Special thanks:
- ammjun
- CracyShoot
</Comments>
</CheatTable>

i've been using the same bypass, the difference is it automatically attach to the process "winlogon.exe" credit goes to person i get this, forgot the name on the other forums and can't find it anymore
i also used the script on a modified Undetected CE, by renaming it to csrss.exe

CE Script Bypass

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
  <CheatEntries>
	<CheatEntry>
	  <ID>0</ID>
	  <Description>"CE Bypass"</Description>
	  <LastState/>
	  <VariableType>Auto Assembler Script</VariableType>
	  <AssemblerScript>{ Game   : Genshin Impact
  Date   : 2020-09-30
  Credit : naythefirst
}
 
[ENABLE]
globalAlloc(newmem,8)
label(bypazz)
 
newmem:
push rdi
sub rsp,20
mov edx,5
mov rcx,bypazz
call KERNEL32.WinExec
add rsp,20
pop rdi
ret
 
bypazz:
db 'C:\Program Files\Cheat Engine 7.1\csrss.exe',0
createthread(newmem)
 
[DISABLE]
dealloc(newmem)
</AssemblerScript>
	</CheatEntry>
  </CheatEntries>
  <UserdefinedSymbols>
	<SymbolEntry>
	  <Name>inject</Name>
	  <Address>25DB40D0000</Address>
	</SymbolEntry>
  </UserdefinedSymbols>
  <UserdefinedSymbols/>
  <LuaScript>local AutoAT = nil
local AutoATInterval = 1000
local AutoATTicks = 0
local AutoATTickMax = 5000
game = 'winlogon.exe'
local function AutoAT_tick(timer)
	if getProcessIDFromProcessName(game) ~= nil then
		timer.destroy()
		openProcess(game)
	elseif AutoATTickMax &gt; 0 and AutoATTicks &gt;= AutoATTickMax then
		timer.destroy()
	end
	AutoATTicks = AutoATTicks + 1
end
AutoAT = createTimer(MainForm)
AutoAT.Interval = AutoATInterval
AutoAT.OnTimer = AutoAT_tick
</LuaScript>
</CheatTable>
i think they banned you because of abnormal status record of your account to their database, not by detecting your cheat attached to the game process.
if you use it moderately not to obvious, your account wont be banned.

Use it at your own risk. i'm not liable for the loss of your account. just use dummy account.
Last edited by rhizzu on Tue Oct 13, 2020 9:27 am, edited 1 time in total.
Top
mingming2122
Noobzor
Noobzor
Posts: 6
Joined: Mon Oct 12, 2020 3:00 pm
Reputation: 0

Re: Genshin Impact CE Bypass

Post by mingming2122 »

rhizzu wrote:
Tue Oct 13, 2020 6:38 am
 i've Been using this for about 3days and already reached AR18.

ESP Box Treasure and Freeze Enemy
Num1 Activate
Num2 Deactivate
CE Script Cheat
<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
<CheatEntries>
<CheatEntry>
<ID>141</ID>
<Description>"ESP Hack"</Description>
<Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<Hotkeys>
<Hotkey>
<Action>Activate</Action>
<Keys>
<Key>97</Key>
</Keys>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Deactivate</Action>
<Keys>
<Key>98</Key>
</Keys>
<ID>1</ID>
</Hotkey>
</Hotkeys>
<CheatEntries>
<CheatEntry>
<ID>127</ID>
<Description>"Monster Level"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : GenshinImpact.exe
Version:
Date : 2020-10-07
Author : MGGA

This script does blah blah blah
}

[ENABLE]

aobscanmodule(lvesp,UserAssembly.dll,0F 87 E1 00 00 00 48 8B 8B) // should be unique

lvesp:
db 0F 84 E1 00 00 00

registersymbol(lvesp)

[DISABLE]

lvesp:
db 0F 87 E1 00 00 00

unregistersymbol(lvesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125A79D

"UserAssembly.dll"+125A76E: 48 8B 43 50 - mov rax,[rbx+50]
"UserAssembly.dll"+125A772: 48 85 C0 - test rax,rax
"UserAssembly.dll"+125A775: 0F 84 62 01 00 00 - je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A77B: 48 8B 8B F0 00 00 00 - mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A782: F3 0F 10 B0 9C 01 00 00 - movss xmm6,[rax+0000019C]
"UserAssembly.dll"+125A78A: 48 85 C9 - test rcx,rcx
"UserAssembly.dll"+125A78D: 0F 84 4A 01 00 00 - je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A793: 33 D2 - xor edx,edx
"UserAssembly.dll"+125A795: E8 96 3C BB FF - call UserAssembly.dll+E0E430
"UserAssembly.dll"+125A79A: 0F 2F F0 - comiss xmm6,xmm0
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125A79D: 0F 87 E1 00 00 00 - ja UserAssembly.dll+125A884
// ---------- DONE INJECTING ----------
"UserAssembly.dll"+125A7A3: 48 8B 8B F0 00 00 00 - mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A7AA: C6 83 B0 00 00 00 01 - mov byte ptr [rbx+000000B0],01
"UserAssembly.dll"+125A7B1: 48 85 C9 - test rcx,rcx
"UserAssembly.dll"+125A7B4: 0F 84 23 01 00 00 - je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A7BA: 33 D2 - xor edx,edx
"UserAssembly.dll"+125A7BC: E8 5F 3E BB FF - call UserAssembly.dll+E0E620
"UserAssembly.dll"+125A7C1: 0F 2F C6 - comiss xmm0,xmm6
"UserAssembly.dll"+125A7C4: 0F 57 FF - xorps xmm7,xmm7
"UserAssembly.dll"+125A7C7: 77 12 - ja UserAssembly.dll+125A7DB
"UserAssembly.dll"+125A7C9: F3 0F 5C 35 3B 62 72 03 - subss xmm6,[UserAssembly.dll+4980A0C]
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>159</ID>
<Description>"Monster Healthbar"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : GenshinImpact.exe
Version:
Date : 2020-10-07
Author : MGGA

This script does blah blah blah
}

[ENABLE]

aobscanmodule(hpesp,UserAssembly.dll,76 07 C6 83 C9 00 00 00 01 33 D2 48 8B CB E8 E2) // should be unique

hpesp:
db 74 07

registersymbol(hpesp)

[DISABLE]

hpesp:
db 76 07

unregistersymbol(hpesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125921B

"UserAssembly.dll"+12591E9: E8 32 32 AE 02 - call UserAssembly.dll+3D3C420
"UserAssembly.dll"+12591EE: 84 C0 - test al,al
"UserAssembly.dll"+12591F0: 0F 85 BC 00 00 00 - jne UserAssembly.dll+12592B2
"UserAssembly.dll"+12591F6: 48 8B 43 50 - mov rax,[rbx+50]
"UserAssembly.dll"+12591FA: 48 85 C0 - test rax,rax
"UserAssembly.dll"+12591FD: 0F 84 6D 03 00 00 - je UserAssembly.dll+1259570
"UserAssembly.dll"+1259203: F3 0F 10 83 8C 00 00 00 - movss xmm0,[rbx+0000008C]
"UserAssembly.dll"+125920B: 0F 29 74 24 50 - movaps [rsp+50],xmm6
"UserAssembly.dll"+1259210: F3 0F 10 B0 9C 01 00 00 - movss xmm6,[rax+0000019C]
"UserAssembly.dll"+1259218: 0F 2F C6 - comiss xmm0,xmm6
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125921B: 76 07 - jna UserAssembly.dll+1259224
"UserAssembly.dll"+125921D: C6 83 C9 00 00 00 01 - mov byte ptr [rbx+000000C9],01
// ---------- DONE INJECTING ----------
"UserAssembly.dll"+1259224: 33 D2 - xor edx,edx
"UserAssembly.dll"+1259226: 48 8B CB - mov rcx,rbx
"UserAssembly.dll"+1259229: E8 E2 1E 9A 00 - call UserAssembly.dll+1BFB110
"UserAssembly.dll"+125922E: 0F 2F C6 - comiss xmm0,xmm6
"UserAssembly.dll"+1259231: 0F 28 74 24 50 - movaps xmm6,[rsp+50]
"UserAssembly.dll"+1259236: 0F 97 C0 - seta al
"UserAssembly.dll"+1259239: 88 83 C8 00 00 00 - mov [rbx+000000C8],al
"UserAssembly.dll"+125923F: EB 71 - jmp UserAssembly.dll+12592B2
"UserAssembly.dll"+1259241: 45 33 C0 - xor r8d,r8d
"UserAssembly.dll"+1259244: BA 54 39 00 00 - mov edx,00003954
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>142</ID>
<Description>"Box Treasure"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : GenshinImpact.exe
Version:
Date : 2020-10-07
Author : MGGA

This script does blah blah blah
}

[ENABLE]

aobscanmodule(boxesp,UserAssembly.dll,74 1C 48 85 C0 0F 84 CF) // should be unique
aobscanmodule(boxespdist,UserAssembly.dll,74 E2 33 D2 48 8B CF) // should be unique

boxesp:
db 75 1C
boxespdist:
db 75 E2

registersymbol(boxesp)
registersymbol(boxespdist)

[DISABLE]

boxesp:
db 74 1C
boxespdist:
db 74 E2

unregistersymbol(boxesp)
unregistersymbol(boxespdist)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6ED77

"UserAssembly.dll"+1C6ED4E: 48 8B 52 20 - mov rdx,[rdx+20]
"UserAssembly.dll"+1C6ED52: 48 85 D2 - test rdx,rdx
"UserAssembly.dll"+1C6ED55: 0F 84 F6 00 00 00 - je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED5B: 3B 5A 18 - cmp ebx,[rdx+18]
"UserAssembly.dll"+1C6ED5E: 0F 83 DD 00 00 00 - jae UserAssembly.dll+1C6EE41
"UserAssembly.dll"+1C6ED64: 48 63 CB - movsxd rcx,ebx
"UserAssembly.dll"+1C6ED67: 48 8B 54 CA 20 - mov rdx,[rdx+rcx*8+20]
"UserAssembly.dll"+1C6ED6C: 48 85 D2 - test rdx,rdx
"UserAssembly.dll"+1C6ED6F: 0F 84 DC 00 00 00 - je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED75: 85 DB - test ebx,ebx
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6ED77: 74 1C - je UserAssembly.dll+1C6ED95
"UserAssembly.dll"+1C6ED79: 48 85 C0 - test rax,rax
// ---------- DONE INJECTING ----------
"UserAssembly.dll"+1C6ED7C: 0F 84 CF 00 00 00 - je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED82: 8B 52 10 - mov edx,[rdx+10]
"UserAssembly.dll"+1C6ED85: 45 33 C0 - xor r8d,r8d
"UserAssembly.dll"+1C6ED88: 48 8B C8 - mov rcx,rax
"UserAssembly.dll"+1C6ED8B: E8 90 A1 00 00 - call UserAssembly.dll+1C78F20
"UserAssembly.dll"+1C6ED90: 0F B6 E8 - movzx ebp,al
"UserAssembly.dll"+1C6ED93: EB 1A - jmp UserAssembly.dll+1C6EDAF
"UserAssembly.dll"+1C6ED95: 48 85 C0 - test rax,rax
"UserAssembly.dll"+1C6ED98: 0F 84 B3 00 00 00 - je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED9E: 8B 52 10 - mov edx,[rdx+10]
}

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6EDFA

"UserAssembly.dll"+1C6EDCF: 48 8B CF - mov rcx,rdi
"UserAssembly.dll"+1C6EDD2: E8 29 FB FF FF - call UserAssembly.dll+1C6E900
"UserAssembly.dll"+1C6EDD7: C6 87 A0 00 00 00 01 - mov byte ptr [rdi+000000A0],01
"UserAssembly.dll"+1C6EDDE: 48 8B 6C 24 38 - mov rbp,[rsp+38]
"UserAssembly.dll"+1C6EDE3: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"UserAssembly.dll"+1C6EDE8: 48 8B 74 24 40 - mov rsi,[rsp+40]
"UserAssembly.dll"+1C6EDED: 48 83 C4 20 - add rsp,20
"UserAssembly.dll"+1C6EDF1: 5F - pop rdi
"UserAssembly.dll"+1C6EDF2: C3 - ret
"UserAssembly.dll"+1C6EDF3: 80 BF A0 00 00 00 00 - cmp byte ptr [rdi+000000A0],00
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6EDFA: 74 E2 - je UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EDFC: 33 D2 - xor edx,edx
"UserAssembly.dll"+1C6EDFE: 48 8B CF - mov rcx,rdi
// ---------- DONE INJECTING ----------
"UserAssembly.dll"+1C6EE01: E8 3A 09 00 00 - call UserAssembly.dll+1C6F740
"UserAssembly.dll"+1C6EE06: C6 87 A0 00 00 00 00 - mov byte ptr [rdi+000000A0],00
"UserAssembly.dll"+1C6EE0D: EB CF - jmp UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EE0F: 45 33 C0 - xor r8d,r8d
"UserAssembly.dll"+1C6EE12: BA 9C 40 00 00 - mov edx,0000409C
"UserAssembly.dll"+1C6EE17: 33 C9 - xor ecx,ecx
"UserAssembly.dll"+1C6EE19: E8 62 F3 13 00 - call UserAssembly.dll+1DAE180
"UserAssembly.dll"+1C6EE1E: 48 85 C0 - test rax,rax
"UserAssembly.dll"+1C6EE21: 74 2E - je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6EE23: 45 33 C0 - xor r8d,r8d
}
</AssemblerScript>
<Hotkeys>
<Hotkey>
<Action>Activate</Action>
<Keys>
<Key>97</Key>
</Keys>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Deactivate</Action>
<Keys>
<Key>98</Key>
</Keys>
<ID>1</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>131</ID>
<Description>"Game Speedhack"</Description>
<Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
<LastState/>
<Color>0000FF</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : GenshinImpact.exe
Version:
Date : 2020-10-07
Author : MGGA

This script does blah blah blah
}

[ENABLE]

aobscanmodule(speed,UnityPlayer.dll,F3 0F 10 81 0C 03 00 00 C3) // should be unique
alloc(newmem,$1000,speed)

label(code)
label(return)

alloc(Doublespeedv,12)

newmem:

code:
movss xmm0,[rcx+0000030C]
mov [Doublespeedv],rcx
jmp return

speed:
jmp newmem
nop
nop
nop
return:
registersymbol(speed)
registersymbol(Doublespeedv)

/*--------------------------------------------------------------------------------------------*/

aobscanmodule(doublespeed,UnityPlayer.dll,8B 87 0C 03 00 00 89 01 80) // should be unique
alloc(newmem2,$1000,doublespeed)

label(code2)
label(return2)

alloc(OnDoublespeed,2048)
alloc(etcDoublespeed,2048)
alloc(XDoublespeed,2048)

alloc(MyDoublespeedv2,12)
alloc(EtcDoublespeedv,12)
alloc(XDoublespeedv,12)
registersymbol(MyDoublespeedv2)
registersymbol(EtcDoublespeedv)
registersymbol(XDoublespeedv)

newmem2:
cmp rdi,[Doublespeedv]
je OnDoublespeed
cmp byte ptr [rdi+328],01
je etcDoublespeed
mov eax,[EtcDoublespeedv]
jmp return2

etcDoublespeed:
cmp byte ptr [rdi+358],00
jne XDoublespeed
mov eax,[EtcDoublespeedv]
jmp return2

XDoublespeed:
mov eax,[XDoublespeedv]
jmp return2

OnDoublespeed:
mov eax,[MyDoublespeedv2]
jmp return2

code2:
mov eax,[rdi+0000030C]
jmp return2

MyDoublespeedv2:
dd (float)1
EtcDoublespeedv:
dd (float)1
XDoublespeedv:
dd (float)1

doublespeed:
jmp newmem2
nop
return2:
registersymbol(doublespeed)

[DISABLE]

speed:
db F3 0F 10 81 0C 03 00 00

unregistersymbol(speed)
dealloc(newmem)

/*-------------------------*/

doublespeed:
db 8B 87 0C 03 00 00

unregistersymbol(doublespeed)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B2F1E0

"UnityPlayer.dll"+B2F1D6: CC - int 3
"UnityPlayer.dll"+B2F1D7: CC - int 3
"UnityPlayer.dll"+B2F1D8: CC - int 3
"UnityPlayer.dll"+B2F1D9: CC - int 3
"UnityPlayer.dll"+B2F1DA: CC - int 3
"UnityPlayer.dll"+B2F1DB: CC - int 3
"UnityPlayer.dll"+B2F1DC: CC - int 3
"UnityPlayer.dll"+B2F1DD: CC - int 3
"UnityPlayer.dll"+B2F1DE: CC - int 3
"UnityPlayer.dll"+B2F1DF: CC - int 3
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B2F1E0: F3 0F 10 81 0C 03 00 00 - movss xmm0,[rcx+0000030C]
// ---------- DONE INJECTING ----------
"UnityPlayer.dll"+B2F1E8: C3 - ret
"UnityPlayer.dll"+B2F1E9: CC - int 3
"UnityPlayer.dll"+B2F1EA: CC - int 3
"UnityPlayer.dll"+B2F1EB: CC - int 3
"UnityPlayer.dll"+B2F1EC: CC - int 3
"UnityPlayer.dll"+B2F1ED: CC - int 3
"UnityPlayer.dll"+B2F1EE: CC - int 3
"UnityPlayer.dll"+B2F1EF: CC - int 3
"UnityPlayer.dll"+B2F1F0: 80 B9 3D 01 00 00 00 - cmp byte ptr [rcx+0000013D],00
"UnityPlayer.dll"+B2F1F7: 75 03 - jne UnityPlayer.dll+B2F1FC
}

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B26298

"UnityPlayer.dll"+B2626F: 48 8B CF - mov rcx,rdi
"UnityPlayer.dll"+B26272: E8 39 34 00 00 - call UnityPlayer.dll+B296B0
"UnityPlayer.dll"+B26277: 83 BF EC 00 00 00 00 - cmp dword ptr [rdi+000000EC],00
"UnityPlayer.dll"+B2627E: 74 20 - je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B26280: 48 8B 87 98 04 00 00 - mov rax,[rdi+00000498]
"UnityPlayer.dll"+B26287: 48 85 C0 - test rax,rax
"UnityPlayer.dll"+B2628A: 74 14 - je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B2628C: 48 8B 88 F0 00 00 00 - mov rcx,[rax+000000F0]
"UnityPlayer.dll"+B26293: 48 85 C9 - test rcx,rcx
"UnityPlayer.dll"+B26296: 74 08 - je UnityPlayer.dll+B262A0
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B26298: 8B 87 0C 03 00 00 - mov eax,[rdi+0000030C]
// ---------- DONE INJECTING ----------
"UnityPlayer.dll"+B2629E: 89 01 - mov [rcx],eax
"UnityPlayer.dll"+B262A0: 80 BF D0 00 00 00 00 - cmp byte ptr [rdi+000000D0],00
"UnityPlayer.dll"+B262A7: 0F 84 81 02 00 00 - je UnityPlayer.dll+B2652E
"UnityPlayer.dll"+B262AD: 45 84 FF - test r15l,r15l
"UnityPlayer.dll"+B262B0: 74 22 - je UnityPlayer.dll+B262D4
"UnityPlayer.dll"+B262B2: 48 8B 87 20 01 00 00 - mov rax,[rdi+00000120]
"UnityPlayer.dll"+B262B9: 80 B8 A4 00 00 00 00 - cmp byte ptr [rax+000000A4],00
"UnityPlayer.dll"+B262C0: 75 1F - jne UnityPlayer.dll+B262E1
"UnityPlayer.dll"+B262C2: 80 BF D1 00 00 00 00 - cmp byte ptr [rdi+000000D1],00
"UnityPlayer.dll"+B262C9: 75 16 - jne UnityPlayer.dll+B262E1
}
</AssemblerScript>
<Hotkeys>
<Hotkey>
<Action>Activate</Action>
<Keys>
<Key>97</Key>
</Keys>
<ID>0</ID>
<ActivateSound TTS="EN">Activated</ActivateSound>
</Hotkey>
<Hotkey>
<Action>Deactivate</Action>
<Keys>
<Key>98</Key>
</Keys>
<ID>1</ID>
<DeactivateSound TTS="EN">Deactivated</DeactivateSound>
</Hotkey>
</Hotkeys>
<CheatEntries>
<CheatEntry>
<ID>133</ID>
<Description>"Player Speed"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
2:x2
3:x3
4:x4
5:x5
</DropDownList>
<LastState Value="1" RealAddress="7FF954592800"/>
<VariableType>Float</VariableType>
<Address>MyDoublespeedv2</Address>
<Hotkeys>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>112</Key>
</Keys>
<Value>1</Value>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>113</Key>
</Keys>
<Value>0</Value>
<ID>1</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
<CheatEntry>
<ID>132</ID>
<Description>"Freeze Enemy"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
0:ON
</DropDownList>
<LastState Value="1" RealAddress="7FF954592818"/>
<Color>000000</Color>
<VariableType>Float</VariableType>
<Address>XDoublespeedv</Address>
<Hotkeys>
<Hotkey>
<Action>Activate</Action>
<Keys>
<Key>97</Key>
</Keys>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>97</Key>
</Keys>
<Value>0</Value>
<ID>1</ID>
</Hotkey>
<Hotkey>
<Action>Deactivate</Action>
<Keys>
<Key>98</Key>
</Keys>
<ID>2</ID>
</Hotkey>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>98</Key>
</Keys>
<Value>1</Value>
<ID>3</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
<CheatEntry>
<ID>134</ID>
<Description>"Etc"</Description>
<LastState Value="1" RealAddress="7FF95459280C"/>
<VariableType>Float</VariableType>
<Address>EtcDoublespeedv</Address>
<Hotkeys>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>112</Key>
</Keys>
<Value>1</Value>
<ID>0</ID>
</Hotkey>
<Hotkey>
<Action>Set Value</Action>
<Keys>
<Key>113</Key>
</Keys>
<Value>0</Value>
<ID>1</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
<UserdefinedSymbols>
<SymbolEntry>
<Name>inject</Name>
<Address>25DB40D0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>newmem</Name>
<Address>004D0000</Address>
</SymbolEntry>
</UserdefinedSymbols>
<Comments>Special thanks:
- ammjun
- CracyShoot
</Comments>
</CheatTable>

i've been using the same bypass, the difference is it automatically attach to the process "winlogon.exe" credit goes to person i get this, forgot the name on the other forums and can't find it anymore
i also used the script on a modified Undetected CE, by renaming it to csrss.exe

CE Script Bypass
<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
<CheatEntries>
<CheatEntry>
<ID>0</ID>
<Description>"CE Bypass"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Genshin Impact
Date : 2020-09-30
Credit : naythefirst
}

[ENABLE]
globalAlloc(newmem,8)
label(bypazz)

newmem:
push rdi
sub rsp,20
mov edx,5
mov rcx,bypazz
call KERNEL32.WinExec
add rsp,20
pop rdi
ret

bypazz:
db 'C:\Program Files\Cheat Engine 7.1\csrss.exe',0
createthread(newmem)

[DISABLE]
dealloc(newmem)
</AssemblerScript>
</CheatEntry>
</CheatEntries>
<UserdefinedSymbols>
<SymbolEntry>
<Name>inject</Name>
<Address>25DB40D0000</Address>
</SymbolEntry>
</UserdefinedSymbols>
<UserdefinedSymbols/>
<LuaScript>local AutoAT = nil
local AutoATInterval = 1000
local AutoATTicks = 0
local AutoATTickMax = 5000
game = 'winlogon.exe'
local function AutoAT_tick(timer)
if getProcessIDFromProcessName(game) ~= nil then
timer.destroy()
openProcess(game)
elseif AutoATTickMax &gt; 0 and AutoATTicks &gt;= AutoATTickMax then
timer.destroy()
end
AutoATTicks = AutoATTicks + 1
end
AutoAT = createTimer(MainForm)
AutoAT.Interval = AutoATInterval
AutoAT.OnTimer = AutoAT_tick
</LuaScript>
</CheatTable>
i think they banned you because of abnormal status record of your account to their database, not by detecting your cheat attached to the game process.
if you use it moderately not to obvious, your account wont be banned.

Use it at your own risk. i'm not liable for the loss of your account. just use dummy account.
how to use?
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

mingming2122 wrote:
Tue Oct 13, 2020 6:43 am
 how to use?
just copy the code to the notepad and save it anynameyoulike.ct
normal CE might ban your account be sure not to play with your main account
Top
mingming2122
Noobzor
Noobzor
Posts: 6
Joined: Mon Oct 12, 2020 3:00 pm
Reputation: 0

Re: Genshin Impact CE Bypass

Post by mingming2122 »

rhizzu wrote:
Tue Oct 13, 2020 6:49 am
mingming2122 wrote:
Tue Oct 13, 2020 6:43 am
 how to use?
just copy the code to the notepad and save it anynameyoulike.ct
normal CE might ban your account be sure not to play with your main account
can bypass for not cd skill and physical strength?
Top
devilangelsoul
Novice Cheater
Novice Cheater
Posts: 19
Joined: Tue May 15, 2018 4:48 pm
Reputation: 0

Re: Genshin Impact CE Bypass

Post by devilangelsoul »

mingming2122 wrote:
Mon Oct 12, 2020 3:04 pm
Natsume wrote:
Mon Oct 12, 2020 1:49 pm
akirayo wrote:
Mon Oct 12, 2020 2:47 am

i use extreme injector acc get banned 15 year, use CE acc only 1 month lol
Extreme Injector doesn't have kernel mode, use Xenos injector.
how to use?
how use injector????
Top
omer
Novice Cheater
Novice Cheater
Posts: 16
Joined: Wed Jun 28, 2017 1:33 pm
Reputation: 2

Re: Genshin Impact CE Bypass

Post by omer »

akirayo wrote:
Mon Oct 12, 2020 9:14 pm
omer wrote:
Mon Oct 12, 2020 8:07 pm
CrewMaster wrote:
Mon Oct 12, 2020 6:04 pm
You sure you did not active other cheats like damage hack?
yes am sure %100 i dont use damage hack or any others only no cd and esp
r u using private cheat engine? or download version?
İ use download version and what about cheat engine private version is safe ?
Top
geshinHacks
Cheater
Cheater
Posts: 43
Joined: Fri Oct 09, 2020 12:54 pm
Reputation: 1

Re: Genshin Impact CE Bypass

Post by geshinHacks »

Anyone have
No fall down Address

or even
other new cheat address

i am very keen for new cheat to be find :)
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

mingming2122 wrote:
Tue Oct 13, 2020 7:20 am
rhizzu wrote:
Tue Oct 13, 2020 6:49 am
mingming2122 wrote:
Tue Oct 13, 2020 6:43 am
 how to use?
just copy the code to the notepad and save it anynameyoulike.ct
normal CE might ban your account be sure not to play with your main account
can bypass for not cd skill and physical strength?
not sure if it safe to use no cd and damage multiplier, freeze enemy is already godlike no need to use damage multiplier, if you want to instaban use damage multiplier.

devilangelsoul wrote:
Tue Oct 13, 2020 8:01 am
mingming2122 wrote:
Mon Oct 12, 2020 3:04 pm
Natsume wrote:
Mon Oct 12, 2020 1:49 pm

Extreme Injector doesn't have kernel mode, use Xenos injector.
how to use?
how use injector????
CE
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

omer wrote:
Tue Oct 13, 2020 8:15 am
akirayo wrote:
Mon Oct 12, 2020 9:14 pm
omer wrote:
Mon Oct 12, 2020 8:07 pm

yes am sure %100 i dont use damage hack or any others only no cd and esp
r u using private cheat engine? or download version?
İ use download version and what about cheat engine private version is safe ?
doesn't mean you use private you are safe, it is how you use your cheat.
Top
devilangelsoul
Novice Cheater
Novice Cheater
Posts: 19
Joined: Tue May 15, 2018 4:48 pm
Reputation: 0

Re: Genshin Impact CE Bypass

Post by devilangelsoul »

devilangelsoul wrote:
Tue Oct 13, 2020 8:01 am
mingming2122 wrote:
Mon Oct 12, 2020 3:04 pm

how to use?
how use injector????
CE
[/quote]


can explain me how please?
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

devilangelsoul wrote:
Tue Oct 13, 2020 8:41 am
devilangelsoul wrote:
Tue Oct 13, 2020 8:01 am
mingming2122 wrote:
Mon Oct 12, 2020 3:04 pm

how to use?
how use injector????
CE

can explain me how please?
[/quote]

follow the instruction on the first of the page..
the script i share just copy the code and paste it on notepad. save it on any filename you like but the file extension must be .ct
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

sacredcrowds wrote:
Tue Oct 13, 2020 8:44 am
 Hi Guys i just moded and bypassed my own CE MOD, But i need the codes for Esp and Freeze enemies. Someone can share ??
thanks
Click here
Top
almago
Novice Cheater
Novice Cheater
Posts: 23
Joined: Mon May 04, 2020 8:16 am
Reputation: 2

Re: Genshin Impact CE Bypass

Post by almago »

rhizzu wrote:
Tue Oct 13, 2020 6:38 am
 i've Been using this for about 3days and already reached AR18.

ESP Box Treasure and Freeze Enemy
Num1 Activate
Num2 Deactivate
CE Script Cheat

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
  <CheatEntries>
    <CheatEntry>
      <ID>141</ID>
      <Description>"ESP Hack"</Description>
      <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
      <LastState Value="" RealAddress="00000000"/>
      <Color>0000FF</Color>
      <GroupHeader>1</GroupHeader>
      <Hotkeys>
        <Hotkey>
          <Action>Activate</Action>
          <Keys>
            <Key>97</Key>
          </Keys>
          <ID>0</ID>
        </Hotkey>
        <Hotkey>
          <Action>Deactivate</Action>
          <Keys>
            <Key>98</Key>
          </Keys>
          <ID>1</ID>
        </Hotkey>
      </Hotkeys>
      <CheatEntries>
        <CheatEntry>
          <ID>127</ID>
          <Description>"Monster Level"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(lvesp,UserAssembly.dll,0F 87 E1 00 00 00 48 8B 8B) // should be unique

lvesp:
  db 0F 84 E1 00 00 00

registersymbol(lvesp)

[DISABLE]

lvesp:
  db 0F 87 E1 00 00 00

unregistersymbol(lvesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125A79D

"UserAssembly.dll"+125A76E: 48 8B 43 50              -  mov rax,[rbx+50]
"UserAssembly.dll"+125A772: 48 85 C0                 -  test rax,rax
"UserAssembly.dll"+125A775: 0F 84 62 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A77B: 48 8B 8B F0 00 00 00     -  mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A782: F3 0F 10 B0 9C 01 00 00  -  movss xmm6,[rax+0000019C]
"UserAssembly.dll"+125A78A: 48 85 C9                 -  test rcx,rcx
"UserAssembly.dll"+125A78D: 0F 84 4A 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A793: 33 D2                    -  xor edx,edx
"UserAssembly.dll"+125A795: E8 96 3C BB FF           -  call UserAssembly.dll+E0E430
"UserAssembly.dll"+125A79A: 0F 2F F0                 -  comiss xmm6,xmm0
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125A79D: 0F 87 E1 00 00 00        -  ja UserAssembly.dll+125A884
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+125A7A3: 48 8B 8B F0 00 00 00     -  mov rcx,[rbx+000000F0]
"UserAssembly.dll"+125A7AA: C6 83 B0 00 00 00 01     -  mov byte ptr [rbx+000000B0],01
"UserAssembly.dll"+125A7B1: 48 85 C9                 -  test rcx,rcx
"UserAssembly.dll"+125A7B4: 0F 84 23 01 00 00        -  je UserAssembly.dll+125A8DD
"UserAssembly.dll"+125A7BA: 33 D2                    -  xor edx,edx
"UserAssembly.dll"+125A7BC: E8 5F 3E BB FF           -  call UserAssembly.dll+E0E620
"UserAssembly.dll"+125A7C1: 0F 2F C6                 -  comiss xmm0,xmm6
"UserAssembly.dll"+125A7C4: 0F 57 FF                 -  xorps xmm7,xmm7
"UserAssembly.dll"+125A7C7: 77 12                    -  ja UserAssembly.dll+125A7DB
"UserAssembly.dll"+125A7C9: F3 0F 5C 35 3B 62 72 03  -  subss xmm6,[UserAssembly.dll+4980A0C]
}
</AssemblerScript>
        </CheatEntry>
        <CheatEntry>
          <ID>159</ID>
          <Description>"Monster Healthbar"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(hpesp,UserAssembly.dll,76 07 C6 83 C9 00 00 00 01 33 D2 48 8B CB E8 E2) // should be unique

hpesp:
  db 74 07

registersymbol(hpesp)

[DISABLE]

hpesp:
  db 76 07

unregistersymbol(hpesp)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+125921B

"UserAssembly.dll"+12591E9: E8 32 32 AE 02              -  call UserAssembly.dll+3D3C420
"UserAssembly.dll"+12591EE: 84 C0                       -  test al,al
"UserAssembly.dll"+12591F0: 0F 85 BC 00 00 00           -  jne UserAssembly.dll+12592B2
"UserAssembly.dll"+12591F6: 48 8B 43 50                 -  mov rax,[rbx+50]
"UserAssembly.dll"+12591FA: 48 85 C0                    -  test rax,rax
"UserAssembly.dll"+12591FD: 0F 84 6D 03 00 00           -  je UserAssembly.dll+1259570
"UserAssembly.dll"+1259203: F3 0F 10 83 8C 00 00 00     -  movss xmm0,[rbx+0000008C]
"UserAssembly.dll"+125920B: 0F 29 74 24 50              -  movaps [rsp+50],xmm6
"UserAssembly.dll"+1259210: F3 0F 10 B0 9C 01 00 00     -  movss xmm6,[rax+0000019C]
"UserAssembly.dll"+1259218: 0F 2F C6                    -  comiss xmm0,xmm6
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+125921B: 76 07                       -  jna UserAssembly.dll+1259224
"UserAssembly.dll"+125921D: C6 83 C9 00 00 00 01        -  mov byte ptr [rbx+000000C9],01
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1259224: 33 D2                       -  xor edx,edx
"UserAssembly.dll"+1259226: 48 8B CB                    -  mov rcx,rbx
"UserAssembly.dll"+1259229: E8 E2 1E 9A 00              -  call UserAssembly.dll+1BFB110
"UserAssembly.dll"+125922E: 0F 2F C6                    -  comiss xmm0,xmm6
"UserAssembly.dll"+1259231: 0F 28 74 24 50              -  movaps xmm6,[rsp+50]
"UserAssembly.dll"+1259236: 0F 97 C0                    -  seta al
"UserAssembly.dll"+1259239: 88 83 C8 00 00 00           -  mov [rbx+000000C8],al
"UserAssembly.dll"+125923F: EB 71                       -  jmp UserAssembly.dll+12592B2
"UserAssembly.dll"+1259241: 45 33 C0                    -  xor r8d,r8d
"UserAssembly.dll"+1259244: BA 54 39 00 00              -  mov edx,00003954
}
</AssemblerScript>
        </CheatEntry>
        <CheatEntry>
          <ID>142</ID>
          <Description>"Box Treasure"</Description>
          <LastState/>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(boxesp,UserAssembly.dll,74 1C 48 85 C0 0F 84 CF) // should be unique
aobscanmodule(boxespdist,UserAssembly.dll,74 E2 33 D2 48 8B CF) // should be unique

boxesp:
  db 75 1C
boxespdist:
  db 75 E2

registersymbol(boxesp)
registersymbol(boxespdist)

[DISABLE]

boxesp:
  db 74 1C
boxespdist:
  db 74 E2

unregistersymbol(boxesp)
unregistersymbol(boxespdist)

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6ED77

"UserAssembly.dll"+1C6ED4E: 48 8B 52 20                    -  mov rdx,[rdx+20]
"UserAssembly.dll"+1C6ED52: 48 85 D2                       -  test rdx,rdx
"UserAssembly.dll"+1C6ED55: 0F 84 F6 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED5B: 3B 5A 18                       -  cmp ebx,[rdx+18]
"UserAssembly.dll"+1C6ED5E: 0F 83 DD 00 00 00              -  jae UserAssembly.dll+1C6EE41
"UserAssembly.dll"+1C6ED64: 48 63 CB                       -  movsxd  rcx,ebx
"UserAssembly.dll"+1C6ED67: 48 8B 54 CA 20                 -  mov rdx,[rdx+rcx*8+20]
"UserAssembly.dll"+1C6ED6C: 48 85 D2                       -  test rdx,rdx
"UserAssembly.dll"+1C6ED6F: 0F 84 DC 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED75: 85 DB                          -  test ebx,ebx
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6ED77: 74 1C                          -  je UserAssembly.dll+1C6ED95
"UserAssembly.dll"+1C6ED79: 48 85 C0                       -  test rax,rax
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1C6ED7C: 0F 84 CF 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED82: 8B 52 10                       -  mov edx,[rdx+10]
"UserAssembly.dll"+1C6ED85: 45 33 C0                       -  xor r8d,r8d
"UserAssembly.dll"+1C6ED88: 48 8B C8                       -  mov rcx,rax
"UserAssembly.dll"+1C6ED8B: E8 90 A1 00 00                 -  call UserAssembly.dll+1C78F20
"UserAssembly.dll"+1C6ED90: 0F B6 E8                       -  movzx ebp,al
"UserAssembly.dll"+1C6ED93: EB 1A                          -  jmp UserAssembly.dll+1C6EDAF
"UserAssembly.dll"+1C6ED95: 48 85 C0                       -  test rax,rax
"UserAssembly.dll"+1C6ED98: 0F 84 B3 00 00 00              -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6ED9E: 8B 52 10                       -  mov edx,[rdx+10]
}

{
// ORIGINAL CODE - INJECTION POINT: "UserAssembly.dll"+1C6EDFA

"UserAssembly.dll"+1C6EDCF: 48 8B CF              -  mov rcx,rdi
"UserAssembly.dll"+1C6EDD2: E8 29 FB FF FF        -  call UserAssembly.dll+1C6E900
"UserAssembly.dll"+1C6EDD7: C6 87 A0 00 00 00 01  -  mov byte ptr [rdi+000000A0],01
"UserAssembly.dll"+1C6EDDE: 48 8B 6C 24 38        -  mov rbp,[rsp+38]
"UserAssembly.dll"+1C6EDE3: 48 8B 5C 24 30        -  mov rbx,[rsp+30]
"UserAssembly.dll"+1C6EDE8: 48 8B 74 24 40        -  mov rsi,[rsp+40]
"UserAssembly.dll"+1C6EDED: 48 83 C4 20           -  add rsp,20
"UserAssembly.dll"+1C6EDF1: 5F                    -  pop rdi
"UserAssembly.dll"+1C6EDF2: C3                    -  ret
"UserAssembly.dll"+1C6EDF3: 80 BF A0 00 00 00 00  -  cmp byte ptr [rdi+000000A0],00
// ---------- INJECTING HERE ----------
"UserAssembly.dll"+1C6EDFA: 74 E2                 -  je UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EDFC: 33 D2                 -  xor edx,edx
"UserAssembly.dll"+1C6EDFE: 48 8B CF              -  mov rcx,rdi
// ---------- DONE INJECTING  ----------
"UserAssembly.dll"+1C6EE01: E8 3A 09 00 00        -  call UserAssembly.dll+1C6F740
"UserAssembly.dll"+1C6EE06: C6 87 A0 00 00 00 00  -  mov byte ptr [rdi+000000A0],00
"UserAssembly.dll"+1C6EE0D: EB CF                 -  jmp UserAssembly.dll+1C6EDDE
"UserAssembly.dll"+1C6EE0F: 45 33 C0              -  xor r8d,r8d
"UserAssembly.dll"+1C6EE12: BA 9C 40 00 00        -  mov edx,0000409C
"UserAssembly.dll"+1C6EE17: 33 C9                 -  xor ecx,ecx
"UserAssembly.dll"+1C6EE19: E8 62 F3 13 00        -  call UserAssembly.dll+1DAE180
"UserAssembly.dll"+1C6EE1E: 48 85 C0              -  test rax,rax
"UserAssembly.dll"+1C6EE21: 74 2E                 -  je UserAssembly.dll+1C6EE51
"UserAssembly.dll"+1C6EE23: 45 33 C0              -  xor r8d,r8d
}
</AssemblerScript>
          <Hotkeys>
            <Hotkey>
              <Action>Activate</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Deactivate</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
    <CheatEntry>
      <ID>131</ID>
      <Description>"Game Speedhack"</Description>
      <Options moHideChildren="1" moDeactivateChildrenAsWell="1"/>
      <LastState/>
      <Color>0000FF</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : GenshinImpact.exe
  Version: 
  Date   : 2020-10-07
  Author : MGGA

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(speed,UnityPlayer.dll,F3 0F 10 81 0C 03 00 00 C3) // should be unique
alloc(newmem,$1000,speed)

label(code)
label(return)

alloc(Doublespeedv,12)

newmem:

code:
  movss xmm0,[rcx+0000030C]
  mov [Doublespeedv],rcx
  jmp return

speed:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(speed)
registersymbol(Doublespeedv)

/*--------------------------------------------------------------------------------------------*/

aobscanmodule(doublespeed,UnityPlayer.dll,8B 87 0C 03 00 00 89 01 80) // should be unique
alloc(newmem2,$1000,doublespeed)

label(code2)
label(return2)

alloc(OnDoublespeed,2048)
alloc(etcDoublespeed,2048)
alloc(XDoublespeed,2048)

alloc(MyDoublespeedv2,12)
alloc(EtcDoublespeedv,12)
alloc(XDoublespeedv,12)
registersymbol(MyDoublespeedv2)
registersymbol(EtcDoublespeedv)
registersymbol(XDoublespeedv)

newmem2:
  cmp rdi,[Doublespeedv]
  je OnDoublespeed
  cmp byte ptr [rdi+328],01
  je etcDoublespeed
  mov eax,[EtcDoublespeedv]
  jmp return2

  etcDoublespeed:
  cmp byte ptr [rdi+358],00
  jne XDoublespeed
  mov eax,[EtcDoublespeedv]
  jmp return2

  XDoublespeed:
  mov eax,[XDoublespeedv]
  jmp return2

  OnDoublespeed:
  mov eax,[MyDoublespeedv2]
  jmp return2

code2:
  mov eax,[rdi+0000030C]
  jmp return2

MyDoublespeedv2:
  dd (float)1
EtcDoublespeedv:
  dd (float)1
XDoublespeedv:
  dd (float)1

doublespeed:
  jmp newmem2
  nop
return2:
registersymbol(doublespeed)

[DISABLE]

speed:
  db F3 0F 10 81 0C 03 00 00

unregistersymbol(speed)
dealloc(newmem)

/*-------------------------*/

doublespeed:
  db 8B 87 0C 03 00 00

unregistersymbol(doublespeed)
dealloc(newmem2)

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B2F1E0

"UnityPlayer.dll"+B2F1D6: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D7: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D8: CC                       -  int 3 
"UnityPlayer.dll"+B2F1D9: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DA: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DB: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DC: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DD: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DE: CC                       -  int 3 
"UnityPlayer.dll"+B2F1DF: CC                       -  int 3 
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B2F1E0: F3 0F 10 81 0C 03 00 00  -  movss xmm0,[rcx+0000030C]
// ---------- DONE INJECTING  ----------
"UnityPlayer.dll"+B2F1E8: C3                       -  ret 
"UnityPlayer.dll"+B2F1E9: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EA: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EB: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EC: CC                       -  int 3 
"UnityPlayer.dll"+B2F1ED: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EE: CC                       -  int 3 
"UnityPlayer.dll"+B2F1EF: CC                       -  int 3 
"UnityPlayer.dll"+B2F1F0: 80 B9 3D 01 00 00 00     -  cmp byte ptr [rcx+0000013D],00
"UnityPlayer.dll"+B2F1F7: 75 03                    -  jne UnityPlayer.dll+B2F1FC
}

{
// ORIGINAL CODE - INJECTION POINT: "UnityPlayer.dll"+B26298

"UnityPlayer.dll"+B2626F: 48 8B CF                 -  mov rcx,rdi
"UnityPlayer.dll"+B26272: E8 39 34 00 00           -  call UnityPlayer.dll+B296B0
"UnityPlayer.dll"+B26277: 83 BF EC 00 00 00 00     -  cmp dword ptr [rdi+000000EC],00
"UnityPlayer.dll"+B2627E: 74 20                    -  je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B26280: 48 8B 87 98 04 00 00     -  mov rax,[rdi+00000498]
"UnityPlayer.dll"+B26287: 48 85 C0                 -  test rax,rax
"UnityPlayer.dll"+B2628A: 74 14                    -  je UnityPlayer.dll+B262A0
"UnityPlayer.dll"+B2628C: 48 8B 88 F0 00 00 00     -  mov rcx,[rax+000000F0]
"UnityPlayer.dll"+B26293: 48 85 C9                 -  test rcx,rcx
"UnityPlayer.dll"+B26296: 74 08                    -  je UnityPlayer.dll+B262A0
// ---------- INJECTING HERE ----------
"UnityPlayer.dll"+B26298: 8B 87 0C 03 00 00        -  mov eax,[rdi+0000030C]
// ---------- DONE INJECTING  ----------
"UnityPlayer.dll"+B2629E: 89 01                    -  mov [rcx],eax
"UnityPlayer.dll"+B262A0: 80 BF D0 00 00 00 00     -  cmp byte ptr [rdi+000000D0],00
"UnityPlayer.dll"+B262A7: 0F 84 81 02 00 00        -  je UnityPlayer.dll+B2652E
"UnityPlayer.dll"+B262AD: 45 84 FF                 -  test r15l,r15l
"UnityPlayer.dll"+B262B0: 74 22                    -  je UnityPlayer.dll+B262D4
"UnityPlayer.dll"+B262B2: 48 8B 87 20 01 00 00     -  mov rax,[rdi+00000120]
"UnityPlayer.dll"+B262B9: 80 B8 A4 00 00 00 00     -  cmp byte ptr [rax+000000A4],00
"UnityPlayer.dll"+B262C0: 75 1F                    -  jne UnityPlayer.dll+B262E1
"UnityPlayer.dll"+B262C2: 80 BF D1 00 00 00 00     -  cmp byte ptr [rdi+000000D1],00
"UnityPlayer.dll"+B262C9: 75 16                    -  jne UnityPlayer.dll+B262E1
}
</AssemblerScript>
      <Hotkeys>
        <Hotkey>
          <Action>Activate</Action>
          <Keys>
            <Key>97</Key>
          </Keys>
          <ID>0</ID>
          <ActivateSound TTS="EN">Activated</ActivateSound>
        </Hotkey>
        <Hotkey>
          <Action>Deactivate</Action>
          <Keys>
            <Key>98</Key>
          </Keys>
          <ID>1</ID>
          <DeactivateSound TTS="EN">Deactivated</DeactivateSound>
        </Hotkey>
      </Hotkeys>
      <CheatEntries>
        <CheatEntry>
          <ID>133</ID>
          <Description>"Player Speed"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
2:x2
3:x3
4:x4
5:x5
</DropDownList>
          <LastState Value="1" RealAddress="7FF954592800"/>
          <VariableType>Float</VariableType>
          <Address>MyDoublespeedv2</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>112</Key>
              </Keys>
              <Value>1</Value>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>113</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
        <CheatEntry>
          <ID>132</ID>
          <Description>"Freeze Enemy"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:OFF
0:ON
</DropDownList>
          <LastState Value="1" RealAddress="7FF954592818"/>
          <Color>000000</Color>
          <VariableType>Float</VariableType>
          <Address>XDoublespeedv</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Activate</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>97</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
            <Hotkey>
              <Action>Deactivate</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <ID>2</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>98</Key>
              </Keys>
              <Value>1</Value>
              <ID>3</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
        <CheatEntry>
          <ID>134</ID>
          <Description>"Etc"</Description>
          <LastState Value="1" RealAddress="7FF95459280C"/>
          <VariableType>Float</VariableType>
          <Address>EtcDoublespeedv</Address>
          <Hotkeys>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>112</Key>
              </Keys>
              <Value>1</Value>
              <ID>0</ID>
            </Hotkey>
            <Hotkey>
              <Action>Set Value</Action>
              <Keys>
                <Key>113</Key>
              </Keys>
              <Value>0</Value>
              <ID>1</ID>
            </Hotkey>
          </Hotkeys>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
  <UserdefinedSymbols>
    <SymbolEntry>
      <Name>inject</Name>
      <Address>25DB40D0000</Address>
    </SymbolEntry>
    <SymbolEntry>
      <Name>newmem</Name>
      <Address>004D0000</Address>
    </SymbolEntry>
  </UserdefinedSymbols>
  <Comments>Special thanks:
- ammjun
- CracyShoot
</Comments>
</CheatTable>

i've been using the same bypass, the difference is it automatically attach to the process "winlogon.exe" credit goes to person i get this, forgot the name on the other forums and can't find it anymore
i also used the script on a modified Undetected CE, by renaming it to csrss.exe

CE Script Bypass

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="31">
  <CheatEntries>
	<CheatEntry>
	  <ID>0</ID>
	  <Description>"CE Bypass"</Description>
	  <LastState/>
	  <VariableType>Auto Assembler Script</VariableType>
	  <AssemblerScript>{ Game   : Genshin Impact
  Date   : 2020-09-30
  Credit : naythefirst
}
 
[ENABLE]
globalAlloc(newmem,8)
label(bypazz)
 
newmem:
push rdi
sub rsp,20
mov edx,5
mov rcx,bypazz
call KERNEL32.WinExec
add rsp,20
pop rdi
ret
 
bypazz:
db 'C:\Program Files\Cheat Engine 7.1\csrss.exe',0
createthread(newmem)
 
[DISABLE]
dealloc(newmem)
</AssemblerScript>
	</CheatEntry>
  </CheatEntries>
  <UserdefinedSymbols>
	<SymbolEntry>
	  <Name>inject</Name>
	  <Address>25DB40D0000</Address>
	</SymbolEntry>
  </UserdefinedSymbols>
  <UserdefinedSymbols/>
  <LuaScript>local AutoAT = nil
local AutoATInterval = 1000
local AutoATTicks = 0
local AutoATTickMax = 5000
game = 'winlogon.exe'
local function AutoAT_tick(timer)
	if getProcessIDFromProcessName(game) ~= nil then
		timer.destroy()
		openProcess(game)
	elseif AutoATTickMax &gt; 0 and AutoATTicks &gt;= AutoATTickMax then
		timer.destroy()
	end
	AutoATTicks = AutoATTicks + 1
end
AutoAT = createTimer(MainForm)
AutoAT.Interval = AutoATInterval
AutoAT.OnTimer = AutoAT_tick
</LuaScript>
</CheatTable>
i think they banned you because of abnormal status record of your account to their database, not by detecting your cheat attached to the game process.
if you use it moderately not to obvious, your account wont be banned.

Use it at your own risk. i'm not liable for the loss of your account. just use dummy account.
are you using Player speed at all ?
Top
rhizzu
Noobzor
Noobzor
Posts: 10
Joined: Mon Oct 12, 2020 11:59 am
Reputation: 1

Re: Genshin Impact CE Bypass

Post by rhizzu »

almago wrote:
Tue Oct 13, 2020 9:50 am
 are you using Player speed at all ?
nope.. just the two of those i mentioned i only used.
Top
Post Reply

Return to “Tables”

Who is online

Users browsing this forum: AhrefsBot, Bing [Bot], firefly99, gabszap, Google [Bot], hasnanss1, HimoShifu, jonasbeckman, pacmaneatyou, pimphard, Prydain, yamisakura