Phasmophobia 0.5.2.1

Upload your cheat tables here (No requests)
Locked
MiikeHarrison
Novice Cheater
Novice Cheater
Posts: 15
Joined: Wed Dec 22, 2021 12:15 am
Reputation: 1

Re: Phasmophobia 0.5.1.0

Post by MiikeHarrison »

Mortal991 wrote:
Tue Jan 11, 2022 11:43 pm
MiikeHarrison wrote:
Tue Jan 11, 2022 9:13 pm
Anyone knows if we'll get an update for the 0.5.1.1 ? Thank y'all
I've just posted the updated ones right above your reply lol
I saw this but I don't know how to edit the original file lol
Do you have any link/tutorial or explanation ? That'd help me a lot ! Thank you !

How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1

User avatar
InsecureCheetah
Novice Cheater
Novice Cheater
Posts: 18
Joined: Mon Aug 10, 2020 9:06 pm
Reputation: 21

Re: Phasmophobia 0.5.1.0

Post by InsecureCheetah »

MiikeHarrison wrote:
Wed Jan 12, 2022 3:30 pm
Mortal991 wrote:
Tue Jan 11, 2022 11:43 pm
MiikeHarrison wrote:
Tue Jan 11, 2022 9:13 pm
Anyone knows if we'll get an update for the 0.5.1.1 ? Thank y'all
I've just posted the updated ones right above your reply lol
I saw this but I don't know how to edit the original file lol
Do you have any link/tutorial or explanation ? That'd help me a lot ! Thank you !
just press select all for each code and copy it then press ctrl + v in cheat engine, it will add it automatically
Last edited by InsecureCheetah on Fri Jan 14, 2022 1:16 am, edited 1 time in total.

SNP
What is cheating?
What is cheating?
Posts: 1
Joined: Wed Jan 12, 2022 2:33 pm
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by SNP »

Mortal991 wrote:
Tue Jan 11, 2022 12:51 am
Update 0.5.1.1: Infinite Stamina , Salt , Pictures , Walk/Sprint Hook and Throw Strength Hook (Everything else seems to work just fine)
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70101</ID>
      <Description>"Infinite Stamina"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,PlayerStamina.StartDraining)
define(bytes,80 79 3F 00 75 0F)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,PlayerStamina.StartDraining)

label(code)
label(return)

newmem:

code:
  cmp byte ptr [rcx+3F],00
  jmp GameAssembly.dll+2512C75
  jmp return

address:
  jmp newmem
  nop
return:

[DISABLE]

address:
  db bytes
  // cmp byte ptr [rcx+3F],00
  // jne GameAssembly.dll+2512C75

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: PlayerStamina.StartDraining

GameAssembly.dll+2512C56: CC                    - int 3 
GameAssembly.dll+2512C57: CC                    - int 3 
GameAssembly.dll+2512C58: CC                    - int 3 
GameAssembly.dll+2512C59: CC                    - int 3 
GameAssembly.dll+2512C5A: CC                    - int 3 
GameAssembly.dll+2512C5B: CC                    - int 3 
GameAssembly.dll+2512C5C: CC                    - int 3 
GameAssembly.dll+2512C5D: CC                    - int 3 
GameAssembly.dll+2512C5E: CC                    - int 3 
GameAssembly.dll+2512C5F: CC                    - int 3 
// ---------- INJECTING HERE ----------
PlayerStamina.StartDraining: 80 79 3F 00           - cmp byte ptr [rcx+3F],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+2512C64: 75 0F                 - jne GameAssembly.dll+2512C75
GameAssembly.dll+2512C66: C6 41 3C 01           - mov byte ptr [rcx+3C],01
GameAssembly.dll+2512C6A: C6 41 40 00           - mov byte ptr [rcx+40],00
GameAssembly.dll+2512C6E: C7 41 54 00 00 00 40  - mov [rcx+54],40000000
GameAssembly.dll+2512C75: C3                    - ret 
GameAssembly.dll+2512C76: CC                    - int 3 
GameAssembly.dll+2512C77: CC                    - int 3 
GameAssembly.dll+2512C78: CC                    - int 3 
GameAssembly.dll+2512C79: CC                    - int 3 
GameAssembly.dll+2512C7A: CC                    - int 3 
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70102</ID>
      <Description>"Infinite Salt (only 9 visible spots max"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11
}

define(address,SaltShaker.SpawnSalt+8E)
define(bytes,FF C8 89 47 50)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,SaltShaker.SpawnSalt+8E)

label(code)
label(return)

newmem:

code:
  //dec eax
  mov [rdi+50],eax
  jmp return

address:
  jmp newmem
return:

[DISABLE]

address:
  db bytes
  // dec eax
  // mov [rdi+50],eax

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1DA12FE

GameAssembly.dll+1DA12D3: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+1DA12D6: 48 8B 4D E7              - mov rcx,[rbp-19]
GameAssembly.dll+1DA12DA: E8 A1 D6 8E FF           - call ੭੧੭ੱ੧੯ੲ੨੯੫੪.੩ੳ੭੨੯੩੭ੰੲੴ੫
GameAssembly.dll+1DA12DF: 84 C0                    - test al,al
GameAssembly.dll+1DA12E1: 0F 84 1E 03 00 00        - je GameAssembly.dll+1DA1605
GameAssembly.dll+1DA12E7: 8B 47 50                 - mov eax,[rdi+50]
GameAssembly.dll+1DA12EA: 85 C0                    - test eax,eax
GameAssembly.dll+1DA12EC: 0F 8E 13 03 00 00        - jng GameAssembly.dll+1DA1605
GameAssembly.dll+1DA12F2: 4C 89 BC 24 E0 00 00 00  - mov [rsp+000000E0],r15
GameAssembly.dll+1DA12FA: 48 8B 4F 28              - mov rcx,[rdi+28]
// ---------- INJECTING HERE ----------
GameAssembly.dll+1DA12FE: FF C8                    - dec eax
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1DA1300: 89 47 50                 - mov [rdi+50],eax
GameAssembly.dll+1DA1303: 48 85 C9                 - test rcx,rcx
GameAssembly.dll+1DA1306: 0F 84 17 03 00 00        - je GameAssembly.dll+1DA1623
GameAssembly.dll+1DA130C: 33 D2                    - xor edx,edx
GameAssembly.dll+1DA130E: E8 6D 66 27 FF           - call UnityEngine.AudioSource.Play
GameAssembly.dll+1DA1313: 80 3D 78 40 EA 01 00     - cmp byte ptr [GameAssembly.dll+3C45392],00
GameAssembly.dll+1DA131A: 75 12                    - jne GameAssembly.dll+1DA132E
GameAssembly.dll+1DA131C: 8B 0D 8A 7F 4B 01        - mov ecx,[GameAssembly.dll+32592AC]
GameAssembly.dll+1DA1322: E8 19 91 35 FE           - call GameAssembly.dll+FA440
GameAssembly.dll+1DA1327: C6 05 64 40 EA 01 01     - mov byte ptr [GameAssembly.dll+3C45392],01
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70103</ID>
      <Description>"Infinite Pictures"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,HandCamera.NetworkTakePhoto+6)
define(bytes,83 79 68 00 48 8B D9)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,HandCamera.NetworkTakePhoto+6)

label(code)
label(return)

newmem:
mov [rcx+68],#10
jmp code

code:
  cmp dword ptr [rcx+68],00
  mov rbx,rcx
  jmp return

address:
  jmp newmem
  nop 2
return:

[DISABLE]

address:
  db bytes
  // cmp dword ptr [rcx+68],00
  // mov rbx,rcx

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1453A16

GameAssembly.dll+1453A01: 48 83 C4 20     - add rsp,20
GameAssembly.dll+1453A05: 5F              - pop rdi
GameAssembly.dll+1453A06: C3              - ret 
GameAssembly.dll+1453A07: E8 A4 6B CA FE  - call GameAssembly.dll+FA5B0
GameAssembly.dll+1453A0C: CC              - int 3 
GameAssembly.dll+1453A0D: CC              - int 3 
GameAssembly.dll+1453A0E: CC              - int 3 
GameAssembly.dll+1453A0F: CC              - int 3 
HandCamera.NetworkTakePhoto: 40 53           - push rbx
GameAssembly.dll+1453A12: 48 83 EC 20     - sub rsp,20
// ---------- INJECTING HERE ----------
GameAssembly.dll+1453A16: 83 79 68 00     - cmp dword ptr [rcx+68],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1453A1A: 48 8B D9        - mov rbx,rcx
GameAssembly.dll+1453A1D: C6 41 64 00     - mov byte ptr [rcx+64],00
GameAssembly.dll+1453A21: 7E 4C           - jle GameAssembly.dll+1453A6F
GameAssembly.dll+1453A23: 33 D2           - xor edx,edx
GameAssembly.dll+1453A25: E8 96 58 00 00  - call HandCamera.੭ੱ੯ੰ੭ੱ੬੥੭ੲ੨
GameAssembly.dll+1453A2A: 45 33 C0        - xor r8d,r8d
GameAssembly.dll+1453A2D: 48 8B D0        - mov rdx,rax
GameAssembly.dll+1453A30: 48 8B CB        - mov rcx,rbx
GameAssembly.dll+1453A33: E8 88 77 6B FF  - call UnityEngine.MonoBehaviour.StartCoroutine
GameAssembly.dll+1453A38: 48 8B 4B 58     - mov rcx,[rbx+58]
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44292</ID>
      <Description>"Walk/Sprint Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(walkaddress,FirstPersonController.GetInput+3E)
define(walkbytes,F3 0F 10 05 8A 1A DD 02)
define(sprintaddress,FirstPersonController.GetInput+34)
define(sprintbytes,F3 0F 10 05 98 1A DD 02)

[ENABLE]

assert(walkaddress,walkbytes)
alloc(walknewmem,$1000,FirstPersonController.GetInput+3E)
assert(sprintaddress,sprintbytes)
alloc(sprintnewmem,$1000,FirstPersonController.GetInput+34)
alloc(walk_speed,8)
alloc(sprint_speed,8)

label(walkcode)
label(walkreturn)
label(sprintcode)
label(sprintreturn)
registersymbol(sprint_speed walk_speed)

sprint_speed:
dq (float)3

sprintnewmem:

sprintcode:
  movss xmm0,[sprint_speed]
  jmp sprintreturn

sprintaddress:
  jmp sprintnewmem
  nop 3
sprintreturn:

///////////////////////////////////////////////////////////

walk_speed:
dq (float)1.6

walknewmem:

walkcode:
  movss xmm0,[walk_speed]
  jmp walkreturn

walkaddress:
  jmp walknewmem
  nop 3
walkreturn:

[DISABLE]

sprintaddress:
  db sprintbytes
  // movss xmm0,[GameAssembly.dll+2AF7010]
walkaddress:
  db walkbytes
  // movss xmm0,[GameAssembly.dll+2AF700C]

unregistersymbol(sprint_speed walk_speed)
dealloc(newmem sprint_speed walk_speed)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+349A54

GameAssembly.dll+349A2A: 80 3D 9B 16 1B 03 00           - cmp byte ptr [GameAssembly.dll+34FB0CC],00
GameAssembly.dll+349A31: 48 8B D9                       - mov rbx,rcx
GameAssembly.dll+349A34: 75 12                          - jne GameAssembly.dll+349A48
GameAssembly.dll+349A36: 8B 0D 10 D9 85 02              - mov ecx,[GameAssembly.dll+2BA734C]
GameAssembly.dll+349A3C: E8 5F B1 DA FF                 - call GameAssembly.dll+F4BA0
GameAssembly.dll+349A41: C6 05 84 16 1B 03 01           - mov byte ptr [GameAssembly.dll+34FB0CC],01
GameAssembly.dll+349A48: 80 7B 19 00                    - cmp byte ptr [rbx+19],00
GameAssembly.dll+349A4C: 75 10                          - jne GameAssembly.dll+349A5E
GameAssembly.dll+349A4E: 80 7B 1A 00                    - cmp byte ptr [rbx+1A],00
GameAssembly.dll+349A52: 74 0A                          - je GameAssembly.dll+349A5E
// ---------- INJECTING HERE ----------
GameAssembly.dll+349A54: F3 0F 10 05 B4 D5 7A 02        - movss xmm0,[GameAssembly.dll+2AF7010]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+349A5C: EB 08                          - jmp GameAssembly.dll+349A66
GameAssembly.dll+349A5E: F3 0F 10 05 A6 D5 7A 02        - movss xmm0,[GameAssembly.dll+2AF700C]
GameAssembly.dll+349A66: F3 0F 11 83 B8 00 00 00        - movss [rbx+000000B8],xmm0
GameAssembly.dll+349A6E: 80 7B 18 00                    - cmp byte ptr [rbx+18],00
GameAssembly.dll+349A72: 74 0A                          - je GameAssembly.dll+349A7E
GameAssembly.dll+349A74: C7 83 B8 00 00 00 00 00 00 00  - mov [rbx+000000B8],00000000
GameAssembly.dll+349A7E: 33 D2                          - xor edx,edx
GameAssembly.dll+349A80: 48 8D 4B 78                    - lea rcx,[rbx+78]
GameAssembly.dll+349A84: E8 77 2B C6 00                 - call GameAssembly.dll+FAC600
GameAssembly.dll+349A89: 0F 2F 05 D0 D4 7A 02           - comiss xmm0,[GameAssembly.dll+2AF6F60]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1479</ID>
          <Description>"Walk Speed"</Description>
          <LastState Value="1.600000024" RealAddress="7FF8A69A1000"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>walk_speed</Address>
        </CheatEntry>
        <CheatEntry>
          <ID>1481</ID>
          <Description>"Sprint Speed"</Description>
          <LastState Value="3" RealAddress="7FF8A69A1008"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>sprint_speed</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44293</ID>
      <Description>"Throw Strength Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(address,PCPropGrab.Drop+917)
define(bytes,F3 0F 10 15 B5 4E F6 01)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,PCPropGrab.Drop+875)
alloc(throw_strength,8)

label(code)
label(return)

throw_strength:
dq (float)0.150000006

newmem:

code:
  movss xmm2,[throw_strength]
  jmp return

address:
  jmp newmem
  nop 3
return:
registersymbol(throw_strength)

[DISABLE]

address:
  db bytes
  // movss xmm2,[GameAssembly.dll+2AF7010]

unregistersymbol(throw_strength)
dealloc(newmem throw_strength)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+182CD88

GameAssembly.dll+182CD5B: 48 8B D0                 - mov rdx,rax
GameAssembly.dll+182CD5E: E8 5D 77 30 FF           - call UnityEngine.Transform.get_forward
GameAssembly.dll+182CD63: 48 8B 0D D6 E5 CE 01     - mov rcx,[GameAssembly.dll+351B340]
GameAssembly.dll+182CD6A: F2 0F 10 30              - movsd xmm6,[rax]
GameAssembly.dll+182CD6E: F6 81 2F 01 00 00 02     - test byte ptr [rcx+0000012F],02
GameAssembly.dll+182CD75: 44 8B 70 08              - mov r14d,[rax+08]
GameAssembly.dll+182CD79: 74 0D                    - je GameAssembly.dll+182CD88
GameAssembly.dll+182CD7B: 39 B9 E0 00 00 00        - cmp [rcx+000000E0],edi
GameAssembly.dll+182CD81: 75 05                    - jne GameAssembly.dll+182CD88
GameAssembly.dll+182CD83: E8 F8 CB 84 FE           - call GameAssembly.il2cpp_runtime_class_init
// ---------- INJECTING HERE ----------
GameAssembly.dll+182CD88: F3 0F 10 15 80 A2 2C 01  - movss xmm2,[GameAssembly.dll+2AF7010]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+182CD90: 48 8D 55 F7              - lea rdx,[rbp-09]
GameAssembly.dll+182CD94: 45 33 C9                 - xor r9d,r9d
GameAssembly.dll+182CD97: F2 0F 11 75 F7           - movsd [rbp-09],xmm6
GameAssembly.dll+182CD9C: 48 8D 4D 07              - lea rcx,[rbp+07]
GameAssembly.dll+182CDA0: 44 89 75 FF              - mov [rbp-01],r14d
GameAssembly.dll+182CDA4: E8 F7 2B 78 FF           - call UnityEngine.Vector3.op_Multiply
GameAssembly.dll+182CDA9: 48 85 F6                 - test rsi,rsi
GameAssembly.dll+182CDAC: 0F 84 B0 01 00 00        - je GameAssembly.dll+182CF62
GameAssembly.dll+182CDB2: F2 0F 10 00              - movsd xmm0,[rax]
GameAssembly.dll+182CDB6: 48 8D 55 F7              - lea rdx,[rbp-09]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1507</ID>
          <Description>"Throw Strength"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>throw_strength</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Fixed Item store sell hack and Player Current Room
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44288</ID>
      <Description>"Item Store Sell Hack"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(address,StoreManager.SellButton+E8)
define(bytes,8B 40 18 4C 8B 05 A6 44 21 02)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,StoreManager.SellButton+E8)
alloc(sell_amount,10)

label(code)
label(return)

sell_amount:
dq 0

newmem:
push rsi
mov rsi,[sell_amount]
mov [rax+18],rsi
pop rsi
jmp code

code:
  mov eax,[rax+18]
  mov r8,[GameAssembly.dll+3C68878]
  jmp return

address:
  jmp newmem
  nop 5
return:
registersymbol(sell_amount)

[DISABLE]

address:
  db bytes
  // mov eax,[rax+18]
  // mov r8,[GameAssembly.dll+353A948]

unregistersymbol(sell_amount)
dealloc(newmem sell_amount)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+15DE8D8

GameAssembly.dll+15DE8B0: 8D 50 FF              - lea edx,[rax-01]
GameAssembly.dll+15DE8B3: E8 18 1B 69 00        - call GameAssembly.dll+1C703D0
GameAssembly.dll+15DE8B8: 4C 8B 05 59 B0 F6 01  - mov r8,[GameAssembly.dll+3549918]
GameAssembly.dll+15DE8BF: 33 D2                 - xor edx,edx
GameAssembly.dll+15DE8C1: 48 8B 0D 98 AE F3 01  - mov rcx,[GameAssembly.dll+3519760]
GameAssembly.dll+15DE8C8: E8 B3 D7 EF FF        - call GameAssembly.dll+14DC080
GameAssembly.dll+15DE8CD: 8B C8                 - mov ecx,eax
GameAssembly.dll+15DE8CF: 48 8B 43 28           - mov rax,[rbx+28]
GameAssembly.dll+15DE8D3: 48 85 C0              - test rax,rax
GameAssembly.dll+15DE8D6: 74 44                 - je GameAssembly.dll+15DE91C
// ---------- INJECTING HERE ----------
GameAssembly.dll+15DE8D8: 8B 40 18              - mov eax,[rax+18]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+15DE8DB: 4C 8B 05 66 C0 F5 01  - mov r8,[GameAssembly.dll+353A948]
GameAssembly.dll+15DE8E2: 99                    - cdq 
GameAssembly.dll+15DE8E3: 2B C2                 - sub eax,edx
GameAssembly.dll+15DE8E5: D1 F8                 - sar eax,1
GameAssembly.dll+15DE8E7: 8D 14 01              - lea edx,[rcx+rax]
GameAssembly.dll+15DE8EA: 48 8B 0D 6F AE F3 01  - mov rcx,[GameAssembly.dll+3519760]
GameAssembly.dll+15DE8F1: E8 DA 1A 69 00        - call GameAssembly.dll+1C703D0
GameAssembly.dll+15DE8F6: 33 D2                 - xor edx,edx
GameAssembly.dll+15DE8F8: 48 8B CB              - mov rcx,rbx
GameAssembly.dll+15DE8FB: E8 D0 62 00 00        - call StoreManager.UpdatePlayerMoneyText
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1503</ID>
          <Description>"Sell Price"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>sell_amount</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44328</ID>
      <Description>"Player Current Room Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11
}

define(address,Player.Update+B7)
define(bytes,48 8B BB 48 01 00 00)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,Player.Update+B7)
alloc(find_room,8)

label(code)
label(return)
registersymbol(find_room)

find_room:
dq 0

newmem:
mov [find_room],rbx
jmp code

code:
  mov rdi,[rbx+00000148]
  jmp return

address:
  jmp newmem
  nop 2
return:

[DISABLE]

address:
  db bytes
  // mov rax,[rbx+18]
  // mov [rsp+50],rdi

unregistersymbol(*)
dealloc(*)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+16CFBC7

GameAssembly.dll+16CFBA1: 83 B9 E0 00 00 00 00  - cmp dword ptr [rcx+000000E0],00
GameAssembly.dll+16CFBA8: 75 05                 - jne GameAssembly.dll+16CFBAF
GameAssembly.dll+16CFBAA: E8 01 F5 9A FE        - call GameAssembly.il2cpp_runtime_class_init
GameAssembly.dll+16CFBAF: 45 33 C0              - xor r8d,r8d
GameAssembly.dll+16CFBB2: 33 D2                 - xor edx,edx
GameAssembly.dll+16CFBB4: 48 8B CF              - mov rcx,rdi
GameAssembly.dll+16CFBB7: E8 B4 DA 43 FF        - call UnityEngine.Object.op_Inequality
GameAssembly.dll+16CFBBC: 84 C0                 - test al,al
GameAssembly.dll+16CFBBE: 74 57                 - je GameAssembly.dll+16CFC17
GameAssembly.dll+16CFBC0: 48 8B 93 F0 00 00 00  - mov rdx,[rbx+000000F0]
// ---------- INJECTING HERE ----------
GameAssembly.dll+16CFBC7: 48 8B BB 48 01 00 00  - mov rdi,[rbx+00000148]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+16CFBCE: 48 85 D2              - test rdx,rdx
GameAssembly.dll+16CFBD1: 74 4F                 - je GameAssembly.dll+16CFC22
GameAssembly.dll+16CFBD3: 45 33 C0              - xor r8d,r8d
GameAssembly.dll+16CFBD6: 48 8D 4C 24 30        - lea rcx,[rsp+30]
GameAssembly.dll+16CFBDB: E8 40 3B 91 FF        - call UnityEngine.CharacterController.get_velocity
GameAssembly.dll+16CFBE0: 33 D2                 - xor edx,edx
GameAssembly.dll+16CFBE2: 48 8D 4C 24 20        - lea rcx,[rsp+20]
GameAssembly.dll+16CFBE7: F2 0F 10 00           - movsd xmm0,[rax]
GameAssembly.dll+16CFBEB: F2 0F 11 44 24 20     - movsd [rsp+20],xmm0
GameAssembly.dll+16CFBF1: 8B 40 08              - mov eax,[rax+08]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>44329</ID>
          <Description>"Current Room"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>String</VariableType>
          <Length>25</Length>
          <Unicode>1</Unicode>
          <CodePage>0</CodePage>
          <ZeroTerminate>1</ZeroTerminate>
          <Address>find_room</Address>
          <Offsets>
            <Offset>14</Offset>
            <Offset>58</Offset>
            <Offset>50</Offset>
          </Offsets>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Cursed Items Anti-Break/Hunt (MusicBox/OuijaBoard/Haunted Mirror) for whoever needs it.
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70099</ID>
      <Description>"Cursed Items Anti-Break (Host Only)"</Description>
      <LastState/>
      <Color>0080FF</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,MusicBox.BreakMusicBox+2B)
define(bytes,80 7B 31 00 0F 85 EA 01 00 00)

define(address1,OuijaBoard.BreakBoard+24)
define(bytes1,80 7F 31 00 0F 85 02 06 00 00)

define(address2,HauntedMirror.BreakItem+24)
define(bytes2,80 7B 31 00 0F 85 F2 01 00 00)


[ENABLE]
//------------------------------------------------------------
assert(address,bytes)
alloc(newmem,$100,MusicBox.BreakMusicBox+2B)

label(code)
label(return)

newmem:

code:
  cmp byte ptr [rbx+31],02
  jne GameAssembly.dll+1682CEF
  jmp return

address:
  jmp newmem
  nop 5
return:

//------------------------------------------------------------
assert(address1,bytes1)
alloc(newmem1,$100,OuijaBoard.BreakBoard+24)

label(code1)
label(return1)

newmem1:

code1:
  cmp byte ptr [rdi+31],02
  jne GameAssembly.dll+141EE60
  jmp return1

address1:
  jmp newmem
  nop 5
return1:
//------------------------------------------------------------
assert(address2,bytes2)
alloc(newmem2,$100,HauntedMirror.BreakItem+24)

label(code2)
label(return2)

newmem2:

code2:
  cmp byte ptr [rbx+31],01
  jne GameAssembly.dll+20A6AE0
  jmp return2

address2:
  jmp newmem2
  nop 5
return2:

[DISABLE]

address:
  db bytes

address1:
 db bytes1

address2:
db bytes2
  // cmp byte ptr [rbx+31],00
  // jne GameAssembly.dll+1EC881F

dealloc(*)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1EC862B

MusicBox.BreakMusicBox: 48 89 5C 24 18        - mov [rsp+18],rbx
GameAssembly.dll+1EC8605: 57                    - push rdi
GameAssembly.dll+1EC8606: 48 83 EC 50           - sub rsp,50
GameAssembly.dll+1EC860A: 80 3D 2A 50 D8 01 00  - cmp byte ptr [GameAssembly.dll+3C4D63B],00
GameAssembly.dll+1EC8611: 48 8B D9              - mov rbx,rcx
GameAssembly.dll+1EC8614: 0F B6 FA              - movzx edi,dl
GameAssembly.dll+1EC8617: 75 12                 - jne GameAssembly.dll+1EC862B
GameAssembly.dll+1EC8619: 8B 0D 85 58 41 01     - mov ecx,[GameAssembly.dll+32DDEA4]
GameAssembly.dll+1EC861F: E8 EC 8E 22 FE        - call GameAssembly.dll+F1510
GameAssembly.dll+1EC8624: C6 05 10 50 D8 01 01  - mov byte ptr [GameAssembly.dll+3C4D63B],01
// ---------- INJECTING HERE ----------
GameAssembly.dll+1EC862B: 80 7B 31 00           - cmp byte ptr [rbx+31],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1EC862F: 0F 85 EA 01 00 00     - jne GameAssembly.dll+1EC881F
GameAssembly.dll+1EC8635: 80 7B 32 00           - cmp byte ptr [rbx+32],00
GameAssembly.dll+1EC8639: 0F 84 E0 01 00 00     - je GameAssembly.dll+1EC881F
GameAssembly.dll+1EC863F: 48 89 6C 24 60        - mov [rsp+60],rbp
GameAssembly.dll+1EC8644: 48 89 74 24 68        - mov [rsp+68],rsi
GameAssembly.dll+1EC8649: 48 8B 43 38           - mov rax,[rbx+38]
GameAssembly.dll+1EC864D: 48 85 C0              - test rax,rax
GameAssembly.dll+1EC8650: 0F 84 D4 01 00 00     - je GameAssembly.dll+1EC882A
GameAssembly.dll+1EC8656: 48 8B 50 30           - mov rdx,[rax+30]
GameAssembly.dll+1EC865A: 48 85 D2              - test rdx,rdx
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

how to insert this one on CT?

User avatar
InsecureCheetah
Novice Cheater
Novice Cheater
Posts: 18
Joined: Mon Aug 10, 2020 9:06 pm
Reputation: 21

Re: Phasmophobia 0.5.1.0

Post by InsecureCheetah »

SNP wrote:
Thu Jan 13, 2022 4:09 pm
Mortal991 wrote:
Tue Jan 11, 2022 12:51 am
Update 0.5.1.1: Infinite Stamina , Salt , Pictures , Walk/Sprint Hook and Throw Strength Hook (Everything else seems to work just fine)
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70101</ID>
      <Description>"Infinite Stamina"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,PlayerStamina.StartDraining)
define(bytes,80 79 3F 00 75 0F)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,PlayerStamina.StartDraining)

label(code)
label(return)

newmem:

code:
  cmp byte ptr [rcx+3F],00
  jmp GameAssembly.dll+2512C75
  jmp return

address:
  jmp newmem
  nop
return:

[DISABLE]

address:
  db bytes
  // cmp byte ptr [rcx+3F],00
  // jne GameAssembly.dll+2512C75

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: PlayerStamina.StartDraining

GameAssembly.dll+2512C56: CC                    - int 3 
GameAssembly.dll+2512C57: CC                    - int 3 
GameAssembly.dll+2512C58: CC                    - int 3 
GameAssembly.dll+2512C59: CC                    - int 3 
GameAssembly.dll+2512C5A: CC                    - int 3 
GameAssembly.dll+2512C5B: CC                    - int 3 
GameAssembly.dll+2512C5C: CC                    - int 3 
GameAssembly.dll+2512C5D: CC                    - int 3 
GameAssembly.dll+2512C5E: CC                    - int 3 
GameAssembly.dll+2512C5F: CC                    - int 3 
// ---------- INJECTING HERE ----------
PlayerStamina.StartDraining: 80 79 3F 00           - cmp byte ptr [rcx+3F],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+2512C64: 75 0F                 - jne GameAssembly.dll+2512C75
GameAssembly.dll+2512C66: C6 41 3C 01           - mov byte ptr [rcx+3C],01
GameAssembly.dll+2512C6A: C6 41 40 00           - mov byte ptr [rcx+40],00
GameAssembly.dll+2512C6E: C7 41 54 00 00 00 40  - mov [rcx+54],40000000
GameAssembly.dll+2512C75: C3                    - ret 
GameAssembly.dll+2512C76: CC                    - int 3 
GameAssembly.dll+2512C77: CC                    - int 3 
GameAssembly.dll+2512C78: CC                    - int 3 
GameAssembly.dll+2512C79: CC                    - int 3 
GameAssembly.dll+2512C7A: CC                    - int 3 
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70102</ID>
      <Description>"Infinite Salt (only 9 visible spots max"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11
}

define(address,SaltShaker.SpawnSalt+8E)
define(bytes,FF C8 89 47 50)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,SaltShaker.SpawnSalt+8E)

label(code)
label(return)

newmem:

code:
  //dec eax
  mov [rdi+50],eax
  jmp return

address:
  jmp newmem
return:

[DISABLE]

address:
  db bytes
  // dec eax
  // mov [rdi+50],eax

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1DA12FE

GameAssembly.dll+1DA12D3: 45 33 C0                 - xor r8d,r8d
GameAssembly.dll+1DA12D6: 48 8B 4D E7              - mov rcx,[rbp-19]
GameAssembly.dll+1DA12DA: E8 A1 D6 8E FF           - call ੭੧੭ੱ੧੯ੲ੨੯੫੪.੩ੳ੭੨੯੩੭ੰੲੴ੫
GameAssembly.dll+1DA12DF: 84 C0                    - test al,al
GameAssembly.dll+1DA12E1: 0F 84 1E 03 00 00        - je GameAssembly.dll+1DA1605
GameAssembly.dll+1DA12E7: 8B 47 50                 - mov eax,[rdi+50]
GameAssembly.dll+1DA12EA: 85 C0                    - test eax,eax
GameAssembly.dll+1DA12EC: 0F 8E 13 03 00 00        - jng GameAssembly.dll+1DA1605
GameAssembly.dll+1DA12F2: 4C 89 BC 24 E0 00 00 00  - mov [rsp+000000E0],r15
GameAssembly.dll+1DA12FA: 48 8B 4F 28              - mov rcx,[rdi+28]
// ---------- INJECTING HERE ----------
GameAssembly.dll+1DA12FE: FF C8                    - dec eax
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1DA1300: 89 47 50                 - mov [rdi+50],eax
GameAssembly.dll+1DA1303: 48 85 C9                 - test rcx,rcx
GameAssembly.dll+1DA1306: 0F 84 17 03 00 00        - je GameAssembly.dll+1DA1623
GameAssembly.dll+1DA130C: 33 D2                    - xor edx,edx
GameAssembly.dll+1DA130E: E8 6D 66 27 FF           - call UnityEngine.AudioSource.Play
GameAssembly.dll+1DA1313: 80 3D 78 40 EA 01 00     - cmp byte ptr [GameAssembly.dll+3C45392],00
GameAssembly.dll+1DA131A: 75 12                    - jne GameAssembly.dll+1DA132E
GameAssembly.dll+1DA131C: 8B 0D 8A 7F 4B 01        - mov ecx,[GameAssembly.dll+32592AC]
GameAssembly.dll+1DA1322: E8 19 91 35 FE           - call GameAssembly.dll+FA440
GameAssembly.dll+1DA1327: C6 05 64 40 EA 01 01     - mov byte ptr [GameAssembly.dll+3C45392],01
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70103</ID>
      <Description>"Infinite Pictures"</Description>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,HandCamera.NetworkTakePhoto+6)
define(bytes,83 79 68 00 48 8B D9)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,HandCamera.NetworkTakePhoto+6)

label(code)
label(return)

newmem:
mov [rcx+68],#10
jmp code

code:
  cmp dword ptr [rcx+68],00
  mov rbx,rcx
  jmp return

address:
  jmp newmem
  nop 2
return:

[DISABLE]

address:
  db bytes
  // cmp dword ptr [rcx+68],00
  // mov rbx,rcx

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1453A16

GameAssembly.dll+1453A01: 48 83 C4 20     - add rsp,20
GameAssembly.dll+1453A05: 5F              - pop rdi
GameAssembly.dll+1453A06: C3              - ret 
GameAssembly.dll+1453A07: E8 A4 6B CA FE  - call GameAssembly.dll+FA5B0
GameAssembly.dll+1453A0C: CC              - int 3 
GameAssembly.dll+1453A0D: CC              - int 3 
GameAssembly.dll+1453A0E: CC              - int 3 
GameAssembly.dll+1453A0F: CC              - int 3 
HandCamera.NetworkTakePhoto: 40 53           - push rbx
GameAssembly.dll+1453A12: 48 83 EC 20     - sub rsp,20
// ---------- INJECTING HERE ----------
GameAssembly.dll+1453A16: 83 79 68 00     - cmp dword ptr [rcx+68],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1453A1A: 48 8B D9        - mov rbx,rcx
GameAssembly.dll+1453A1D: C6 41 64 00     - mov byte ptr [rcx+64],00
GameAssembly.dll+1453A21: 7E 4C           - jle GameAssembly.dll+1453A6F
GameAssembly.dll+1453A23: 33 D2           - xor edx,edx
GameAssembly.dll+1453A25: E8 96 58 00 00  - call HandCamera.੭ੱ੯ੰ੭ੱ੬੥੭ੲ੨
GameAssembly.dll+1453A2A: 45 33 C0        - xor r8d,r8d
GameAssembly.dll+1453A2D: 48 8B D0        - mov rdx,rax
GameAssembly.dll+1453A30: 48 8B CB        - mov rcx,rbx
GameAssembly.dll+1453A33: E8 88 77 6B FF  - call UnityEngine.MonoBehaviour.StartCoroutine
GameAssembly.dll+1453A38: 48 8B 4B 58     - mov rcx,[rbx+58]
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44292</ID>
      <Description>"Walk/Sprint Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(walkaddress,FirstPersonController.GetInput+3E)
define(walkbytes,F3 0F 10 05 8A 1A DD 02)
define(sprintaddress,FirstPersonController.GetInput+34)
define(sprintbytes,F3 0F 10 05 98 1A DD 02)

[ENABLE]

assert(walkaddress,walkbytes)
alloc(walknewmem,$1000,FirstPersonController.GetInput+3E)
assert(sprintaddress,sprintbytes)
alloc(sprintnewmem,$1000,FirstPersonController.GetInput+34)
alloc(walk_speed,8)
alloc(sprint_speed,8)

label(walkcode)
label(walkreturn)
label(sprintcode)
label(sprintreturn)
registersymbol(sprint_speed walk_speed)

sprint_speed:
dq (float)3

sprintnewmem:

sprintcode:
  movss xmm0,[sprint_speed]
  jmp sprintreturn

sprintaddress:
  jmp sprintnewmem
  nop 3
sprintreturn:

///////////////////////////////////////////////////////////

walk_speed:
dq (float)1.6

walknewmem:

walkcode:
  movss xmm0,[walk_speed]
  jmp walkreturn

walkaddress:
  jmp walknewmem
  nop 3
walkreturn:

[DISABLE]

sprintaddress:
  db sprintbytes
  // movss xmm0,[GameAssembly.dll+2AF7010]
walkaddress:
  db walkbytes
  // movss xmm0,[GameAssembly.dll+2AF700C]

unregistersymbol(sprint_speed walk_speed)
dealloc(newmem sprint_speed walk_speed)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+349A54

GameAssembly.dll+349A2A: 80 3D 9B 16 1B 03 00           - cmp byte ptr [GameAssembly.dll+34FB0CC],00
GameAssembly.dll+349A31: 48 8B D9                       - mov rbx,rcx
GameAssembly.dll+349A34: 75 12                          - jne GameAssembly.dll+349A48
GameAssembly.dll+349A36: 8B 0D 10 D9 85 02              - mov ecx,[GameAssembly.dll+2BA734C]
GameAssembly.dll+349A3C: E8 5F B1 DA FF                 - call GameAssembly.dll+F4BA0
GameAssembly.dll+349A41: C6 05 84 16 1B 03 01           - mov byte ptr [GameAssembly.dll+34FB0CC],01
GameAssembly.dll+349A48: 80 7B 19 00                    - cmp byte ptr [rbx+19],00
GameAssembly.dll+349A4C: 75 10                          - jne GameAssembly.dll+349A5E
GameAssembly.dll+349A4E: 80 7B 1A 00                    - cmp byte ptr [rbx+1A],00
GameAssembly.dll+349A52: 74 0A                          - je GameAssembly.dll+349A5E
// ---------- INJECTING HERE ----------
GameAssembly.dll+349A54: F3 0F 10 05 B4 D5 7A 02        - movss xmm0,[GameAssembly.dll+2AF7010]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+349A5C: EB 08                          - jmp GameAssembly.dll+349A66
GameAssembly.dll+349A5E: F3 0F 10 05 A6 D5 7A 02        - movss xmm0,[GameAssembly.dll+2AF700C]
GameAssembly.dll+349A66: F3 0F 11 83 B8 00 00 00        - movss [rbx+000000B8],xmm0
GameAssembly.dll+349A6E: 80 7B 18 00                    - cmp byte ptr [rbx+18],00
GameAssembly.dll+349A72: 74 0A                          - je GameAssembly.dll+349A7E
GameAssembly.dll+349A74: C7 83 B8 00 00 00 00 00 00 00  - mov [rbx+000000B8],00000000
GameAssembly.dll+349A7E: 33 D2                          - xor edx,edx
GameAssembly.dll+349A80: 48 8D 4B 78                    - lea rcx,[rbx+78]
GameAssembly.dll+349A84: E8 77 2B C6 00                 - call GameAssembly.dll+FAC600
GameAssembly.dll+349A89: 0F 2F 05 D0 D4 7A 02           - comiss xmm0,[GameAssembly.dll+2AF6F60]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1479</ID>
          <Description>"Walk Speed"</Description>
          <LastState Value="1.600000024" RealAddress="7FF8A69A1000"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>walk_speed</Address>
        </CheatEntry>
        <CheatEntry>
          <ID>1481</ID>
          <Description>"Sprint Speed"</Description>
          <LastState Value="3" RealAddress="7FF8A69A1008"/>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>sprint_speed</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44293</ID>
      <Description>"Throw Strength Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(address,PCPropGrab.Drop+917)
define(bytes,F3 0F 10 15 B5 4E F6 01)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,PCPropGrab.Drop+875)
alloc(throw_strength,8)

label(code)
label(return)

throw_strength:
dq (float)0.150000006

newmem:

code:
  movss xmm2,[throw_strength]
  jmp return

address:
  jmp newmem
  nop 3
return:
registersymbol(throw_strength)

[DISABLE]

address:
  db bytes
  // movss xmm2,[GameAssembly.dll+2AF7010]

unregistersymbol(throw_strength)
dealloc(newmem throw_strength)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+182CD88

GameAssembly.dll+182CD5B: 48 8B D0                 - mov rdx,rax
GameAssembly.dll+182CD5E: E8 5D 77 30 FF           - call UnityEngine.Transform.get_forward
GameAssembly.dll+182CD63: 48 8B 0D D6 E5 CE 01     - mov rcx,[GameAssembly.dll+351B340]
GameAssembly.dll+182CD6A: F2 0F 10 30              - movsd xmm6,[rax]
GameAssembly.dll+182CD6E: F6 81 2F 01 00 00 02     - test byte ptr [rcx+0000012F],02
GameAssembly.dll+182CD75: 44 8B 70 08              - mov r14d,[rax+08]
GameAssembly.dll+182CD79: 74 0D                    - je GameAssembly.dll+182CD88
GameAssembly.dll+182CD7B: 39 B9 E0 00 00 00        - cmp [rcx+000000E0],edi
GameAssembly.dll+182CD81: 75 05                    - jne GameAssembly.dll+182CD88
GameAssembly.dll+182CD83: E8 F8 CB 84 FE           - call GameAssembly.il2cpp_runtime_class_init
// ---------- INJECTING HERE ----------
GameAssembly.dll+182CD88: F3 0F 10 15 80 A2 2C 01  - movss xmm2,[GameAssembly.dll+2AF7010]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+182CD90: 48 8D 55 F7              - lea rdx,[rbp-09]
GameAssembly.dll+182CD94: 45 33 C9                 - xor r9d,r9d
GameAssembly.dll+182CD97: F2 0F 11 75 F7           - movsd [rbp-09],xmm6
GameAssembly.dll+182CD9C: 48 8D 4D 07              - lea rcx,[rbp+07]
GameAssembly.dll+182CDA0: 44 89 75 FF              - mov [rbp-01],r14d
GameAssembly.dll+182CDA4: E8 F7 2B 78 FF           - call UnityEngine.Vector3.op_Multiply
GameAssembly.dll+182CDA9: 48 85 F6                 - test rsi,rsi
GameAssembly.dll+182CDAC: 0F 84 B0 01 00 00        - je GameAssembly.dll+182CF62
GameAssembly.dll+182CDB2: F2 0F 10 00              - movsd xmm0,[rax]
GameAssembly.dll+182CDB6: 48 8D 55 F7              - lea rdx,[rbp-09]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1507</ID>
          <Description>"Throw Strength"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>Float</VariableType>
          <Address>throw_strength</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Fixed Item store sell hack and Player Current Room
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44288</ID>
      <Description>"Item Store Sell Hack"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2021-09-20
  Author : joeyc

  This script does blah blah blah
}

define(address,StoreManager.SellButton+E8)
define(bytes,8B 40 18 4C 8B 05 A6 44 21 02)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,StoreManager.SellButton+E8)
alloc(sell_amount,10)

label(code)
label(return)

sell_amount:
dq 0

newmem:
push rsi
mov rsi,[sell_amount]
mov [rax+18],rsi
pop rsi
jmp code

code:
  mov eax,[rax+18]
  mov r8,[GameAssembly.dll+3C68878]
  jmp return

address:
  jmp newmem
  nop 5
return:
registersymbol(sell_amount)

[DISABLE]

address:
  db bytes
  // mov eax,[rax+18]
  // mov r8,[GameAssembly.dll+353A948]

unregistersymbol(sell_amount)
dealloc(newmem sell_amount)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+15DE8D8

GameAssembly.dll+15DE8B0: 8D 50 FF              - lea edx,[rax-01]
GameAssembly.dll+15DE8B3: E8 18 1B 69 00        - call GameAssembly.dll+1C703D0
GameAssembly.dll+15DE8B8: 4C 8B 05 59 B0 F6 01  - mov r8,[GameAssembly.dll+3549918]
GameAssembly.dll+15DE8BF: 33 D2                 - xor edx,edx
GameAssembly.dll+15DE8C1: 48 8B 0D 98 AE F3 01  - mov rcx,[GameAssembly.dll+3519760]
GameAssembly.dll+15DE8C8: E8 B3 D7 EF FF        - call GameAssembly.dll+14DC080
GameAssembly.dll+15DE8CD: 8B C8                 - mov ecx,eax
GameAssembly.dll+15DE8CF: 48 8B 43 28           - mov rax,[rbx+28]
GameAssembly.dll+15DE8D3: 48 85 C0              - test rax,rax
GameAssembly.dll+15DE8D6: 74 44                 - je GameAssembly.dll+15DE91C
// ---------- INJECTING HERE ----------
GameAssembly.dll+15DE8D8: 8B 40 18              - mov eax,[rax+18]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+15DE8DB: 4C 8B 05 66 C0 F5 01  - mov r8,[GameAssembly.dll+353A948]
GameAssembly.dll+15DE8E2: 99                    - cdq 
GameAssembly.dll+15DE8E3: 2B C2                 - sub eax,edx
GameAssembly.dll+15DE8E5: D1 F8                 - sar eax,1
GameAssembly.dll+15DE8E7: 8D 14 01              - lea edx,[rcx+rax]
GameAssembly.dll+15DE8EA: 48 8B 0D 6F AE F3 01  - mov rcx,[GameAssembly.dll+3519760]
GameAssembly.dll+15DE8F1: E8 DA 1A 69 00        - call GameAssembly.dll+1C703D0
GameAssembly.dll+15DE8F6: 33 D2                 - xor edx,edx
GameAssembly.dll+15DE8F8: 48 8B CB              - mov rcx,rbx
GameAssembly.dll+15DE8FB: E8 D0 62 00 00        - call StoreManager.UpdatePlayerMoneyText
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1503</ID>
          <Description>"Sell Price"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>4 Bytes</VariableType>
          <Address>sell_amount</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>44328</ID>
      <Description>"Player Current Room Hook"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11
}

define(address,Player.Update+B7)
define(bytes,48 8B BB 48 01 00 00)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,Player.Update+B7)
alloc(find_room,8)

label(code)
label(return)
registersymbol(find_room)

find_room:
dq 0

newmem:
mov [find_room],rbx
jmp code

code:
  mov rdi,[rbx+00000148]
  jmp return

address:
  jmp newmem
  nop 2
return:

[DISABLE]

address:
  db bytes
  // mov rax,[rbx+18]
  // mov [rsp+50],rdi

unregistersymbol(*)
dealloc(*)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+16CFBC7

GameAssembly.dll+16CFBA1: 83 B9 E0 00 00 00 00  - cmp dword ptr [rcx+000000E0],00
GameAssembly.dll+16CFBA8: 75 05                 - jne GameAssembly.dll+16CFBAF
GameAssembly.dll+16CFBAA: E8 01 F5 9A FE        - call GameAssembly.il2cpp_runtime_class_init
GameAssembly.dll+16CFBAF: 45 33 C0              - xor r8d,r8d
GameAssembly.dll+16CFBB2: 33 D2                 - xor edx,edx
GameAssembly.dll+16CFBB4: 48 8B CF              - mov rcx,rdi
GameAssembly.dll+16CFBB7: E8 B4 DA 43 FF        - call UnityEngine.Object.op_Inequality
GameAssembly.dll+16CFBBC: 84 C0                 - test al,al
GameAssembly.dll+16CFBBE: 74 57                 - je GameAssembly.dll+16CFC17
GameAssembly.dll+16CFBC0: 48 8B 93 F0 00 00 00  - mov rdx,[rbx+000000F0]
// ---------- INJECTING HERE ----------
GameAssembly.dll+16CFBC7: 48 8B BB 48 01 00 00  - mov rdi,[rbx+00000148]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+16CFBCE: 48 85 D2              - test rdx,rdx
GameAssembly.dll+16CFBD1: 74 4F                 - je GameAssembly.dll+16CFC22
GameAssembly.dll+16CFBD3: 45 33 C0              - xor r8d,r8d
GameAssembly.dll+16CFBD6: 48 8D 4C 24 30        - lea rcx,[rsp+30]
GameAssembly.dll+16CFBDB: E8 40 3B 91 FF        - call UnityEngine.CharacterController.get_velocity
GameAssembly.dll+16CFBE0: 33 D2                 - xor edx,edx
GameAssembly.dll+16CFBE2: 48 8D 4C 24 20        - lea rcx,[rsp+20]
GameAssembly.dll+16CFBE7: F2 0F 10 00           - movsd xmm0,[rax]
GameAssembly.dll+16CFBEB: F2 0F 11 44 24 20     - movsd [rsp+20],xmm0
GameAssembly.dll+16CFBF1: 8B 40 08              - mov eax,[rax+08]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>44329</ID>
          <Description>"Current Room"</Description>
          <ShowAsSigned>0</ShowAsSigned>
          <VariableType>String</VariableType>
          <Length>25</Length>
          <Unicode>1</Unicode>
          <CodePage>0</CodePage>
          <ZeroTerminate>1</ZeroTerminate>
          <Address>find_room</Address>
          <Offsets>
            <Offset>14</Offset>
            <Offset>58</Offset>
            <Offset>50</Offset>
          </Offsets>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Cursed Items Anti-Break/Hunt (MusicBox/OuijaBoard/Haunted Mirror) for whoever needs it.
Spoiler

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>70099</ID>
      <Description>"Cursed Items Anti-Break (Host Only)"</Description>
      <LastState/>
      <Color>0080FF</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript Async="1">{ Game   : Phasmophobia.exe
  Version: 
  Date   : 2022-01-11

}

define(address,MusicBox.BreakMusicBox+2B)
define(bytes,80 7B 31 00 0F 85 EA 01 00 00)

define(address1,OuijaBoard.BreakBoard+24)
define(bytes1,80 7F 31 00 0F 85 02 06 00 00)

define(address2,HauntedMirror.BreakItem+24)
define(bytes2,80 7B 31 00 0F 85 F2 01 00 00)


[ENABLE]
//------------------------------------------------------------
assert(address,bytes)
alloc(newmem,$100,MusicBox.BreakMusicBox+2B)

label(code)
label(return)

newmem:

code:
  cmp byte ptr [rbx+31],02
  jne GameAssembly.dll+1682CEF
  jmp return

address:
  jmp newmem
  nop 5
return:

//------------------------------------------------------------
assert(address1,bytes1)
alloc(newmem1,$100,OuijaBoard.BreakBoard+24)

label(code1)
label(return1)

newmem1:

code1:
  cmp byte ptr [rdi+31],02
  jne GameAssembly.dll+141EE60
  jmp return1

address1:
  jmp newmem
  nop 5
return1:
//------------------------------------------------------------
assert(address2,bytes2)
alloc(newmem2,$100,HauntedMirror.BreakItem+24)

label(code2)
label(return2)

newmem2:

code2:
  cmp byte ptr [rbx+31],01
  jne GameAssembly.dll+20A6AE0
  jmp return2

address2:
  jmp newmem2
  nop 5
return2:

[DISABLE]

address:
  db bytes

address1:
 db bytes1

address2:
db bytes2
  // cmp byte ptr [rbx+31],00
  // jne GameAssembly.dll+1EC881F

dealloc(*)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+1EC862B

MusicBox.BreakMusicBox: 48 89 5C 24 18        - mov [rsp+18],rbx
GameAssembly.dll+1EC8605: 57                    - push rdi
GameAssembly.dll+1EC8606: 48 83 EC 50           - sub rsp,50
GameAssembly.dll+1EC860A: 80 3D 2A 50 D8 01 00  - cmp byte ptr [GameAssembly.dll+3C4D63B],00
GameAssembly.dll+1EC8611: 48 8B D9              - mov rbx,rcx
GameAssembly.dll+1EC8614: 0F B6 FA              - movzx edi,dl
GameAssembly.dll+1EC8617: 75 12                 - jne GameAssembly.dll+1EC862B
GameAssembly.dll+1EC8619: 8B 0D 85 58 41 01     - mov ecx,[GameAssembly.dll+32DDEA4]
GameAssembly.dll+1EC861F: E8 EC 8E 22 FE        - call GameAssembly.dll+F1510
GameAssembly.dll+1EC8624: C6 05 10 50 D8 01 01  - mov byte ptr [GameAssembly.dll+3C4D63B],01
// ---------- INJECTING HERE ----------
GameAssembly.dll+1EC862B: 80 7B 31 00           - cmp byte ptr [rbx+31],00
// ---------- DONE INJECTING  ----------
GameAssembly.dll+1EC862F: 0F 85 EA 01 00 00     - jne GameAssembly.dll+1EC881F
GameAssembly.dll+1EC8635: 80 7B 32 00           - cmp byte ptr [rbx+32],00
GameAssembly.dll+1EC8639: 0F 84 E0 01 00 00     - je GameAssembly.dll+1EC881F
GameAssembly.dll+1EC863F: 48 89 6C 24 60        - mov [rsp+60],rbp
GameAssembly.dll+1EC8644: 48 89 74 24 68        - mov [rsp+68],rsi
GameAssembly.dll+1EC8649: 48 8B 43 38           - mov rax,[rbx+38]
GameAssembly.dll+1EC864D: 48 85 C0              - test rax,rax
GameAssembly.dll+1EC8650: 0F 84 D4 01 00 00     - je GameAssembly.dll+1EC882A
GameAssembly.dll+1EC8656: 48 8B 50 30           - mov rdx,[rax+30]
GameAssembly.dll+1EC865A: 48 85 D2              - test rdx,rdx
}
</AssemblerScript>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

how to insert this one on CT?
"just press select all for each code and copy it then press ctrl + v in cheat engine, it will add it automatically"

User avatar
InsecureCheetah
Novice Cheater
Novice Cheater
Posts: 18
Joined: Mon Aug 10, 2020 9:06 pm
Reputation: 21

Re: Phasmophobia 0.5.1.0

Post by InsecureCheetah »

*(deleted, added a refined one with a few more features in a new reply)*
Last edited by InsecureCheetah on Mon Jan 17, 2022 6:25 am, edited 2 times in total.

Javarob
What is cheating?
What is cheating?
Posts: 2
Joined: Fri Jan 14, 2022 4:20 pm
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by Javarob »

On the sell hack it gives me an error
(Error in line 15
(alloc(newmem,$1000,StoreManager.SellButton+E8)):Failure determining what StoreManager.SellButton+E8 means )
and if I delete this line it gives me more errors about other lines and then it doesn't want to compile, how to fix that?

User avatar
InsecureCheetah
Novice Cheater
Novice Cheater
Posts: 18
Joined: Mon Aug 10, 2020 9:06 pm
Reputation: 21

Re: Phasmophobia 0.5.1.0

Post by InsecureCheetah »

Javarob wrote:
Fri Jan 14, 2022 4:24 pm
On the sell hack it gives me an error
(Error in line 15
(alloc(newmem,$1000,StoreManager.SellButton+E8)):Failure determining what StoreManager.SellButton+E8 means )
and if I delete this line it gives me more errors about other lines and then it doesn't want to compile, how to fix that?
Enable mono features (which should be done automatically when you toggle the "Enable Hacks script")

MiikeHarrison
Novice Cheater
Novice Cheater
Posts: 15
Joined: Wed Dec 22, 2021 12:15 am
Reputation: 1

Re: Phasmophobia 0.5.1.0

Post by MiikeHarrison »

Mortal991 wrote:
Thu Jan 13, 2022 5:49 am
MiikeHarrison wrote:
Wed Jan 12, 2022 3:30 pm
Mortal991 wrote:
Tue Jan 11, 2022 11:43 pm


I've just posted the updated ones right above your reply lol
I saw this but I don't know how to edit the original file lol
Do you have any link/tutorial or explanation ? That'd help me a lot ! Thank you !
just press select all for each code and copy it then press ctrl + v in cheat engine, it will add it automatically
Thanks ! That helped me a lot ! I know how to do it now !

Javarob
What is cheating?
What is cheating?
Posts: 2
Joined: Fri Jan 14, 2022 4:20 pm
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by Javarob »

Mortal991 wrote:
Fri Jan 14, 2022 4:53 pm
Javarob wrote:
Fri Jan 14, 2022 4:24 pm
On the sell hack it gives me an error
(Error in line 15
(alloc(newmem,$1000,StoreManager.SellButton+E8)):Failure determining what StoreManager.SellButton+E8 means )
and if I delete this line it gives me more errors about other lines and then it doesn't want to compile, how to fix that?
Enable mono features (which should be done automatically when you toggle the "Enable Hacks script")
I did but it still doesn't work the only cheat I can activate is Player Coordinates Hook and I can see my coordinates change as I move so I know it actually sees the game properly but I don't know what is even wrong with it I suppose Enable Hacks script doesn't work for me at it's supposed to.

Lunaudio
Noobzor
Noobzor
Posts: 7
Joined: Sun Oct 17, 2021 3:27 pm
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by Lunaudio »

Is there a way to fix the Smudge Sticke Infinite uses?. it seems that the cheat works "fine", it even plays the animation of the smudge stick when you use it. However it seems that this is only a visual trick. Because if you use it during a hunt the ghost will kill you. This didn´t happen before the 0.5.1.1 update. Hope it gets fixed (For extra details this happens during solo play and multiplayer (Even if you are the host)) :shock:

cuu2011
Noobzor
Noobzor
Posts: 5
Joined: Sun Oct 25, 2020 8:50 pm
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by cuu2011 »

Damn that was fast

MiikeHarrison
Novice Cheater
Novice Cheater
Posts: 15
Joined: Wed Dec 22, 2021 12:15 am
Reputation: 1

Re: Phasmophobia 0.5.1.0

Post by MiikeHarrison »

Hey everyone,
I was wondering, I've been using these hacks for a few months so far, and instead of just waiting for people to update them (even though y'all really fast to do so) I was wondering, how can I learn to find them and do them on my own ? Like, how do you all do to get the values and to add them in headers and everything. I'd be glad to know how to do it on my own and to try (then) to find new "hacks" for the game and "actions" to edit to make them be different from the original game/value.

Thanks a lot ! Hope that some of y'all will be able to help ! Have a good one !

User avatar
BlackDragon2121
Expert Cheater
Expert Cheater
Posts: 51
Joined: Sat Jan 16, 2021 12:27 am
Reputation: 27

Re: Phasmophobia 0.5.1.0

Post by BlackDragon2121 »

MiikeHarrison wrote:
Sat Jan 22, 2022 1:34 am
Hey everyone,
I was wondering, I've been using these hacks for a few months so far, and instead of just waiting for people to update them (even though y'all really fast to do so) I was wondering, how can I learn to find them and do them on my own ? Like, how do you all do to get the values and to add them in headers and everything. I'd be glad to know how to do it on my own and to try (then) to find new "hacks" for the game and "actions" to edit to make them be different from the original game/value.

Thanks a lot ! Hope that some of y'all will be able to help ! Have a good one !
viewtopic.php?f=16&t=18794

lee_terry_jr
Expert Cheater
Expert Cheater
Posts: 107
Joined: Wed Oct 11, 2017 8:35 am
Reputation: 5

Re: Phasmophobia 0.5.1.0

Post by lee_terry_jr »

The shoulder light hack was the only 1 missing and was able to just copy/paste the one from the other table to get that. So, thanks for the update :)

Edit/Update: Had a temporary issue with 1 of the codes that was fixed with a restart of both the game and the table.

GarnetAnimations
Noobzor
Noobzor
Posts: 6
Joined: Fri May 29, 2020 10:16 am
Reputation: 0

Re: Phasmophobia 0.5.1.0

Post by GarnetAnimations »

Is the player coord thing not working for anyone else?

Locked

Who is online

Users browsing this forum: admantx, DotBot, Google Adsense [Bot], jogonzalez, knichi, Lallas, tampy