LOST EPIC
Re: LOST EPIC
Update for 1.2.3???
-
- Expert Cheater
- Posts: 195
- Joined: Mon May 21, 2018 1:18 am
- Reputation: 25
Re: LOST EPIC
hmmm apprently I didnt upload the table here bleh... anyway refer to my tables post
-
- Expert Cheater
- Posts: 195
- Joined: Mon May 21, 2018 1:18 am
- Reputation: 25
-
- Expert Cheater
- Posts: 195
- Joined: Mon May 21, 2018 1:18 am
- Reputation: 25
Re: LOST EPIC
This may be a bit of an ask, but is there any chance someone could look into a "buffs don't expire" script?
Added: it's pretty easy to find the initial address with a decrease/increase search, but I have 0 idea what to do with this. I've tried figuring out pointers and such and just sucked at it lol.
Double added: each address is 4 bytes with an offset of 12 bytes, and there are 5 addresses for buffs, followed immediately by debuffs. I don't know how big the debuff region is, but I'm guessing it's the same size? It's unlikely that you'll get more than 2 at a time, tho, so idk how easy it'll be to research. I just know that freezing the debuff address causes the debuff to immediately expire, so there's that!
Added: it's pretty easy to find the initial address with a decrease/increase search, but I have 0 idea what to do with this. I've tried figuring out pointers and such and just sucked at it lol.
Double added: each address is 4 bytes with an offset of 12 bytes, and there are 5 addresses for buffs, followed immediately by debuffs. I don't know how big the debuff region is, but I'm guessing it's the same size? It's unlikely that you'll get more than 2 at a time, tho, so idk how easy it'll be to research. I just know that freezing the debuff address causes the debuff to immediately expire, so there's that!
-
- What is cheating?
- Posts: 1
- Joined: Sat Jan 15, 2022 1:23 am
- Reputation: 0
-
- Expert Cheater
- Posts: 57
- Joined: Tue Nov 28, 2017 1:29 pm
- Reputation: 4
Re: LOST EPIC
Thanks Algester. Any chance to have inventory editor option?
Re: LOST EPIC
inventory editor is hard because there is no clear cut value on what we are looking at CharaParam seems to look into last entity attacked and then there is a "loot" pool tied to that entity where it drops items other than that I have been using the inventory dupe option
all working cheats are now inside "personal cheats" I have only been using the original table as a notation for helping me find the codes needed to the tables to work so I only got the all consumables set to 9 only to work there
@Shirokaido
do a deep search in the Chara function with mono features on there is an array that is meant for buffs but exactly how should they be formatted should help you figuring it out I tried but since I don't know what exactly what I was looking for was hard
I however discovered how giving yourself skills work part of the shingi array should have a varialble called "learned?" it is infact not a "learned?" value but is a unlocked flag at 0 it will not show anything to you but you will still need to adjust the offsets manually for each slot
all working cheats are now inside "personal cheats" I have only been using the original table as a notation for helping me find the codes needed to the tables to work so I only got the all consumables set to 9 only to work there
@Shirokaido
do a deep search in the Chara function with mono features on there is an array that is meant for buffs but exactly how should they be formatted should help you figuring it out I tried but since I don't know what exactly what I was looking for was hard
I however discovered how giving yourself skills work part of the shingi array should have a varialble called "learned?" it is infact not a "learned?" value but is a unlocked flag at 0 it will not show anything to you but you will still need to adjust the offsets manually for each slot
-
- Expert Cheater
- Posts: 195
- Joined: Mon May 21, 2018 1:18 am
- Reputation: 25
Re: LOST EPIC
Funny to see you outside of the discord ;]Algester wrote: ↑Wed Jan 19, 2022 5:09 am~snip~
@Shirokaido
do a deep search in the Chara function with mono features on there is an array that is meant for buffs but exactly how should they be formatted should help you figuring it out I tried but since I don't know what exactly what I was looking for was hard
I however discovered how giving yourself skills work part of the shingi array should have a varialble called "learned?" it is infact not a "learned?" value but is a unlocked flag at 0 it will not show anything to you but you will still need to adjust the offsets manually for each slot
The explanation I posted here is crap. If you want, I can dm you or hop in the server to explain better, screenshots included. I kinda burned myself out on this game, so I'm not playing as much as when I posted.
Re: LOST EPIC
new Update dropped I'll get the update as soon as I can probably
Re: LOST EPIC
here are some things of note CChara.UpdateAddEffect handles the buffs
GameAssembly.dll+10F6465 - F3 0F10 74 F7 24 - movss xmm6,[rdi+rsi*8+24]
this seems to be handling the timer logic to load the buffs in a structure array of some sort
this handles the counting logic for the buff time so far I'm still not yet sure how to get a structure for the buff array so you can give yourself some buffs as need be? but this is where I'm injecting to "freeze" the buff times its far from perfect but eh, negative buffs work on "overtime" basis if the value is frozen you do not get the debuffs neccessarily IE the debuff only works after per 100 ticks
GameAssembly.dll+10F64A0 - F3 0F11 74 F7 24 - movss [rdi+rsi*8+24],xmm6
Infinite Tiddings (not sure if "really" needed but hey?)
Buff Slots AoB
I fixed the Infinite Shingi a bit hopefully this won't look into items as your shingi value on future update
anima gain Multiplier (you can not get more than 255 or it will crash the game)
This will lock the value of currently equiped consumables
COmbo? code
Attack Speed? (I mean its currently useless)
GameAssembly.dll+10F6465 - F3 0F10 74 F7 24 - movss xmm6,[rdi+rsi*8+24]
this seems to be handling the timer logic to load the buffs in a structure array of some sort
this handles the counting logic for the buff time so far I'm still not yet sure how to get a structure for the buff array so you can give yourself some buffs as need be? but this is where I'm injecting to "freeze" the buff times its far from perfect but eh, negative buffs work on "overtime" basis if the value is frozen you do not get the debuffs neccessarily IE the debuff only works after per 100 ticks
GameAssembly.dll+10F64A0 - F3 0F11 74 F7 24 - movss [rdi+rsi*8+24],xmm6
Infinite Tiddings (not sure if "really" needed but hey?)
Code: Select all
[ENABLE]
aobscanmodule(Tiddings,GameAssembly.dll,29 48 68 B8 39 8E E3 38) // should be unique
alloc(newmem,$1000,Tiddings)
label(code)
label(return)
newmem:
add [rax+68],#0
code:
//sub [rax+68],ecx
mov eax,38E38E39
jmp return
Tiddings:
jmp newmem
nop 3
return:
[DISABLE]
Tiddings:
db 29 48 68 B8 39 8E E3 38
dealloc(newmem)
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10518</ID>
<Description>"BuffAoB"</Description>
<Options moHideChildren="1"/>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-07
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(BuffAoB,GameAssembly.dll,8B 44 F2 20 FF C8) // should be unique
alloc(newmem,$1000,BuffAoB)
label(code)
label(return)
label(Buffbase)
newmem:
code:
mov [Buffbase],rdx
mov eax,[rdx+rsi*8+20]
dec eax
jmp return
Buffbase:
dq 0
BuffAoB:
jmp newmem
nop
return:
registersymbol(Buffbase)
[DISABLE]
BuffAoB:
db 8B 44 F2 20 FF C8
unregistersymbol(Buffbase)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10F64D4
GameAssembly.dll+10F64A0: F3 0F 11 74 F7 24 - movss [rdi+rsi*8+24],xmm6
GameAssembly.dll+10F64A6: 48 8B 93 A8 03 00 00 - mov rdx,[rbx+000003A8]
GameAssembly.dll+10F64AD: 48 85 D2 - test rdx,rdx
GameAssembly.dll+10F64B0: 0F 84 99 09 00 00 - je GameAssembly.dll+10F6E4F
GameAssembly.dll+10F64B6: 44 3B 7A 18 - cmp r15d,[rdx+18]
GameAssembly.dll+10F64BA: 0F 83 85 0A 00 00 - jae GameAssembly.dll+10F6F45
GameAssembly.dll+10F64C0: 44 38 64 F2 34 - cmp [rdx+rsi*8+34],r12l
GameAssembly.dll+10F64C5: 0F 85 91 05 00 00 - jne GameAssembly.dll+10F6A5C
GameAssembly.dll+10F64CB: 48 85 D2 - test rdx,rdx
GameAssembly.dll+10F64CE: 0F 84 7B 09 00 00 - je GameAssembly.dll+10F6E4F
// ---------- INJECTING HERE ----------
GameAssembly.dll+10F64D4: 8B 44 F2 20 - mov eax,[rdx+rsi*8+20]
// ---------- DONE INJECTING ----------
GameAssembly.dll+10F64D8: FF C8 - dec eax
GameAssembly.dll+10F64DA: 83 F8 1F - cmp eax,1F
GameAssembly.dll+10F64DD: 0F 87 79 05 00 00 - ja GameAssembly.dll+10F6A5C
GameAssembly.dll+10F64E3: 48 98 - cdqe
GameAssembly.dll+10F64E5: 42 0F B6 84 28 80 6F 0F 01 - movzx eax,byte ptr [rax+r13+010F6F80]
GameAssembly.dll+10F64EE: 41 8B 8C 85 68 6F 0F 01 - mov ecx,[r13+rax*4+010F6F68]
GameAssembly.dll+10F64F6: 49 03 CD - add rcx,r13
GameAssembly.dll+10F64F9: FF E1 - jmp rcx
GameAssembly.dll+10F64FB: 48 85 D2 - test rdx,rdx
GameAssembly.dll+10F64FE: 0F 84 4B 09 00 00 - je GameAssembly.dll+10F6E4F
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>10517</ID>
<Description>"Slot 1"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>20</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>10527</ID>
<Description>"Current Duration"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>24</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>10519</ID>
<Description>"Slot 2"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>38</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>10526</ID>
<Description>"Current Duration"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>3C</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>10520</ID>
<Description>"Slot 3"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>50</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>10525</ID>
<Description>"Current Duration"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>54</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>10521</ID>
<Description>"Slot 4"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>68</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>10524</ID>
<Description>"Current Duration"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>6C</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>10522</ID>
<Description>"Slot 5"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>80</Offset>
</Offsets>
<CheatEntries>
<CheatEntry>
<ID>10523</ID>
<Description>"Current Duration"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Buffbase</Address>
<Offsets>
<Offset>84</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-07
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(ShingiCombo,GameAssembly.dll,89 44 B1 20 8B D6) // should be unique
alloc(newmem,$1000,ShingiCombo)
label(code)
label(return)
newmem:
mov eax,[rcx+rsi*4+20]
code:
mov [rcx+rsi*4+20],eax
mov edx,esi
jmp return
ShingiCombo:
jmp newmem
nop
return:
registersymbol(ShingiCombo)
[DISABLE]
ShingiCombo:
db 89 44 B1 20 8B D6
unregistersymbol(ShingiCombo)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10F624D
GameAssembly.dll+10F6234: 8B FE - mov edi,esi
GameAssembly.dll+10F6236: 3B 71 18 - cmp esi,[rcx+18]
GameAssembly.dll+10F6239: 73 70 - jae GameAssembly.dll+10F62AB
GameAssembly.dll+10F623B: 8B 44 B1 20 - mov eax,[rcx+rsi*4+20]
GameAssembly.dll+10F623F: 85 C0 - test eax,eax
GameAssembly.dll+10F6241: 7E 18 - jle GameAssembly.dll+10F625B
GameAssembly.dll+10F6243: 48 85 C9 - test rcx,rcx
GameAssembly.dll+10F6246: 74 5D - je GameAssembly.dll+10F62A5
GameAssembly.dll+10F6248: FF C8 - dec eax
GameAssembly.dll+10F624A: 45 33 C0 - xor r8d,r8d
// ---------- INJECTING HERE ----------
GameAssembly.dll+10F624D: 89 44 B1 20 - mov [rcx+rsi*4+20],eax
// ---------- DONE INJECTING ----------
GameAssembly.dll+10F6251: 8B D6 - mov edx,esi
GameAssembly.dll+10F6253: 48 8B CB - mov rcx,rbx
GameAssembly.dll+10F6256: E8 25 CC FE FF - call CChara.SetShingiCoolTime
GameAssembly.dll+10F625B: 48 8B 8B 68 08 00 00 - mov rcx,[rbx+00000868]
GameAssembly.dll+10F6262: 48 85 C9 - test rcx,rcx
GameAssembly.dll+10F6265: 74 10 - je GameAssembly.dll+10F6277
GameAssembly.dll+10F6267: 3B 79 18 - cmp edi,[rcx+18]
GameAssembly.dll+10F626A: 73 4F - jae GameAssembly.dll+10F62BB
GameAssembly.dll+10F626C: 48 69 C7 88 00 00 00 - imul rax,rdi,00000088
GameAssembly.dll+10F6273: 8B 6C 08 20 - mov ebp,[rax+rcx+20]
}
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10549</ID>
<Description>"Anima Gain Multiplier"</Description>
<Options moHideChildren="1"/>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-14
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(animagainAoB,GameAssembly.dll,01 73 6C 8B 4B 70) // should be unique
alloc(animamult,4)
alloc(newmem,$1000,animagainAoB)
label(code)
label(return)
animamult:
dd #1
newmem:
code:
push edx
push esi
imul esi,[animamult]
add [rbx+6C],esi
pop esi
pop edx
mov ecx,[rbx+70]
jmp return
animagainAoB:
jmp newmem
nop
return:
registersymbol(animamult)
[DISABLE]
animagainAoB:
db 01 73 6C 8B 4B 70
unregistersymbol(animamult)
dealloc(animagainAoB)
dealloc(animamult)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+11CA797
GameAssembly.dll+11CA775: 84 C0 - test al,al
GameAssembly.dll+11CA777: 74 1E - je GameAssembly.dll+11CA797
GameAssembly.dll+11CA779: 48 8B 0D D8 B2 65 00 - mov rcx,[GameAssembly.dll+1825A58]
GameAssembly.dll+11CA780: E8 9B 42 8D FF - call GameAssembly.dll+A9EA20
GameAssembly.dll+11CA785: 48 85 C0 - test rax,rax
GameAssembly.dll+11CA788: 74 4B - je GameAssembly.dll+11CA7D5
GameAssembly.dll+11CA78A: 45 33 C0 - xor r8d,r8d
GameAssembly.dll+11CA78D: 8B D6 - mov edx,esi
GameAssembly.dll+11CA78F: 48 8B C8 - mov rcx,rax
GameAssembly.dll+11CA792: E8 39 1B FB FF - call GameAssembly.dll+117C2D0
// ---------- INJECTING HERE ----------
GameAssembly.dll+11CA797: 01 73 6C - add [rbx+6C],esi
// ---------- DONE INJECTING ----------
GameAssembly.dll+11CA79A: 8B 4B 70 - mov ecx,[rbx+70]
GameAssembly.dll+11CA79D: B8 FF FF FF 7F - mov eax,7FFFFFFF
GameAssembly.dll+11CA7A2: 2B C6 - sub eax,esi
GameAssembly.dll+11CA7A4: 3B C8 - cmp ecx,eax
GameAssembly.dll+11CA7A6: 7D 16 - jnl GameAssembly.dll+11CA7BE
GameAssembly.dll+11CA7A8: 8D 04 31 - lea eax,[rcx+rsi]
GameAssembly.dll+11CA7AB: 89 43 70 - mov [rbx+70],eax
GameAssembly.dll+11CA7AE: 48 8B 5C 24 30 - mov rbx,[rsp+30]
GameAssembly.dll+11CA7B3: 48 8B 74 24 38 - mov rsi,[rsp+38]
GameAssembly.dll+11CA7B8: 48 83 C4 20 - add rsp,20
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>10545</ID>
<Description>"Multiplier"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">1:x1
4:x4
8:x8
12:x12
16:x16
32:x32
64:x64
128:x128
256:x256
512:x512
</DropDownList>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>animamult</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Code: Select all
[ENABLE]
aobscanmodule(ConsumableItemAoB,GameAssembly.dll,89 43 08 48 8B 05 27 36 6E 00) // should be unique
alloc(newmem,$1000,ConsumableItemAoB)
label(code)
label(return)
newmem:
add [rbx+08],#0 //change 0 if you want to add items
code:
//mov [rbx+08],eax
mov rax,[GameAssembly.dll+18528E8]
jmp return
ConsumableItemAoB:
jmp newmem
nop 5
return:
registersymbol(ConsumableItemAoB)
[DISABLE]
ConsumableItemAoB:
db 89 43 08 48 8B 05 27 36 6E 00
unregistersymbol(ConsumableItemAoB)
dealloc(newmem)
Code: Select all
[ENABLE]
aobscanmodule(Combo,GameAssembly.dll,F3 0F 11 81 58 04 00 00) // should be unique
alloc(newmem,$1000,Combo)
label(code)
label(return)
newmem:
mov [rcx+00000458],(float)900.0
code:
movss [rcx+00000458],xmm0
jmp return
Combo:
jmp newmem
nop 3
return:
[DISABLE]
Combo:
db F3 0F 11 81 58 04 00 00
dealloc(newmem)
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10563</ID>
<Description>"Auto Assemble script"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-17
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(AttkSpeed,GameAssembly.dll,F3 0F 11 B3 54 06 00 00 0F) // should be unique
alloc(newmem,$1000,AttkSpeed)
label(code)
label(return)
label(AttackSpeed)
newmem:
code:
movss xmm6,[AttackSpeed]
movss [rbx+00000654],xmm6
jmp return
AttackSpeed:
dq (float)1
AttkSpeed:
jmp newmem
nop 3
return:
registersymbol(AttkSpeed)
registersymbol(AttackSpeed) //Add AttackSpeed address Manually on the cheat table and set it to a float value
[DISABLE]
AttkSpeed:
db F3 0F 11 B3 54 06 00 00
unregistersymbol(AttackSpeed)
unregistersymbol(AttkSpeed)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+10DBC42
GameAssembly.dll+10DBC11: 44 0F 2E C0 - ucomiss xmm8,xmm0
GameAssembly.dll+10DBC15: 7A 14 - jp GameAssembly.dll+10DBC2B
GameAssembly.dll+10DBC17: 75 12 - jne GameAssembly.dll+10DBC2B
GameAssembly.dll+10DBC19: F3 44 0F 10 83 40 06 00 00 - movss xmm8,[rbx+00000640]
GameAssembly.dll+10DBC22: F3 44 0F 5C 05 55 A5 33 00 - subss xmm8,[GameAssembly.dll+1416180]
GameAssembly.dll+10DBC2B: 0F 2E F8 - ucomiss xmm7,xmm0
GameAssembly.dll+10DBC2E: 7A 12 - jp GameAssembly.dll+10DBC42
GameAssembly.dll+10DBC30: 75 10 - jne GameAssembly.dll+10DBC42
GameAssembly.dll+10DBC32: F3 0F 10 BB 44 06 00 00 - movss xmm7,[rbx+00000644]
GameAssembly.dll+10DBC3A: F3 0F 58 3D 6E 4F 33 00 - addss xmm7,[GameAssembly.dll+1410BB0]
// ---------- INJECTING HERE ----------
GameAssembly.dll+10DBC42: F3 0F 11 B3 54 06 00 00 - movss [rbx+00000654],xmm6
// ---------- DONE INJECTING ----------
GameAssembly.dll+10DBC4A: 0F 28 C6 - movaps xmm0,xmm6
GameAssembly.dll+10DBC4D: 0F 28 74 24 50 - movaps xmm6,[rsp+50]
GameAssembly.dll+10DBC52: F3 44 0F 11 83 58 06 00 00 - movss [rbx+00000658],xmm8
GameAssembly.dll+10DBC5B: 44 0F 28 44 24 30 - movaps xmm8,[rsp+30]
GameAssembly.dll+10DBC61: F3 0F 11 BB 5C 06 00 00 - movss [rbx+0000065C],xmm7
GameAssembly.dll+10DBC69: 0F 28 7C 24 40 - movaps xmm7,[rsp+40]
GameAssembly.dll+10DBC6E: C6 83 60 06 00 00 00 - mov byte ptr [rbx+00000660],00
GameAssembly.dll+10DBC75: 48 83 C4 60 - add rsp,60
GameAssembly.dll+10DBC79: 5B - pop rbx
GameAssembly.dll+10DBC7A: C3 - ret
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
Re: LOST EPIC
Give me some more Time I think I can get the Mouse Over Material ID Working
I got Mouse Over Shingi FINALLY GOD
all I know I'm getting something from this r8d,[rax+rcx]
specifically the rcx part beyond that I'm lost
you guys can use this 2 opcode destinations to find the itemIDs I'm still trying to extrapulate how to get to the base mouseover thing
here's some Info I could possibly give
ItemID
400: Heoxillia's Great Anima
402: Neovonis' Great Anima
403: Lundrute's Great Anima
404: Ankah-vaye's Great Anima
405: Efufu-Paluno's Great Anima
406: Nozoth's Great Anima
407: TBD
408: TBD
409: TBD
update 1.2.5 is pushed will see if the table is still up to par
gah 1.2.5 seems like was another storage overhaul... that meant all of my progress was brought back to step 1
I got Mouse Over Shingi FINALLY GOD
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10559</ID>
<Description>"MouseOverItem Shingi"</Description>
<Options moHideChildren="1"/>
<LastState Activated="1"/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-22
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(MouseOverShingi,GameAssembly.dll,7A 44 8B 42 10 48 8D 4C 24 20) // should be unique
alloc(newmem,$1000,MouseOverShingi)
label(code)
label(return)
label(MouseOver2)
newmem:
code:
mov [MouseOver2],rdx
mov r8d,[rdx+10]
lea rcx,[rsp+20]
jmp return
MouseOver2:
db
MouseOverShingi+01:
jmp newmem
nop 4
return:
registersymbol(MouseOverShingi)
registersymbol(MouseOver2)
[DISABLE]
MouseOverShingi+01:
db 44 8B 42 10 48 8D 4C 24 20
unregistersymbol(MouseOver2)
unregistersymbol(MouseOverShingi)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+125D681
GameAssembly.dll+125D65C: 48 8B 4E 10 - mov rcx,[rsi+10]
GameAssembly.dll+125D660: 48 85 C9 - test rcx,rcx
GameAssembly.dll+125D663: 0F 84 92 00 00 00 - je GameAssembly.dll+125D6FB
GameAssembly.dll+125D669: 3B 79 18 - cmp edi,[rcx+18]
GameAssembly.dll+125D66C: 0F 83 8F 00 00 00 - jae GameAssembly.dll+125D701
GameAssembly.dll+125D672: 48 8B 54 F9 20 - mov rdx,[rcx+rdi*8+20]
GameAssembly.dll+125D677: 48 85 D2 - test rdx,rdx
GameAssembly.dll+125D67A: 74 7F - je GameAssembly.dll+125D6FB
GameAssembly.dll+125D67C: 48 85 C0 - test rax,rax
GameAssembly.dll+125D67F: 74 7A - je GameAssembly.dll+125D6FB
// ---------- INJECTING HERE ----------
GameAssembly.dll+125D681: 44 8B 42 10 - mov r8d,[rdx+10]
// ---------- DONE INJECTING ----------
GameAssembly.dll+125D685: 48 8D 4C 24 20 - lea rcx,[rsp+20]
GameAssembly.dll+125D68A: 48 8B D0 - mov rdx,rax
GameAssembly.dll+125D68D: 45 33 C9 - xor r9d,r9d
GameAssembly.dll+125D690: E8 2B 10 00 00 - call CShingiParam.Get
GameAssembly.dll+125D695: 4C 8D 9C 24 B0 00 00 00 - lea r11,[rsp+000000B0]
GameAssembly.dll+125D69D: 49 8B 73 18 - mov rsi,[r11+18]
GameAssembly.dll+125D6A1: 0F 10 00 - movups xmm0,[rax]
GameAssembly.dll+125D6A4: 0F 10 48 10 - movups xmm1,[rax+10]
GameAssembly.dll+125D6A8: 0F 11 03 - movups [rbx],xmm0
GameAssembly.dll+125D6AB: 0F 10 40 20 - movups xmm0,[rax+20]
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>10560</ID>
<Description>"ShingiID"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:None
1:Gale Slash
2:Piercing Dash
3:Spike Barrage
4:Arial Slash
5:Swift Dash
6:Spinning Slash
7:Scorching Burst
8:Spike Rush
9:Hailing Barrage
10:Hilt Smash
11:Burst of Rage
12:Piercing Assault
13:Mist Edge
14:Calamity Edge
15:Storm Saber
16:Swallow Thrust
17:Ray Stinger
18:Delta Raid
19:Ogre's Blade
20:Abyss Blade
22:Ogre Storm
30:Arial Edge 2
31:Spike Rush 2
32:Scorching Burst 2
33:Hilt Smash 2
50:Magic Breath
51:Magic Splash
52:Magic Enhancement
53:Magic Spark
54:Magic Laser
90:Overhead Cast
200:Bullet
201:Breath
202:Enhance Attack
203:Charge
205:Eruption
206:Bind
207:Heal
208:Reflection Ray
209:Antidote
210:Bullet Barrier
212:Enhance Defense
213:Laser Beam
214:Magic Shield
215:Scarring Rain
216:Decoy
217:Mirage
218:Light
219:Spark
400:Anger
401:Malice
402:Glee
403:Grudge
404:Fright
405:Hollow
406:Impulse
407:Grief
408:Pride
409:Reverie
410:Desire
411:Generosity
412:Noble
413:Greed
414:Hunger
415:Innocence
416:Bravery
430:Anger 2
431:Malice 2
432:Glee 2
433:Fright 2
434:Greed 2
500:Spiral Arrow
501:Quadruple Shot
502:Nihil Arrow
503:Shooting Star
504:Meteor Shower
505:Stardust Rain
506:Blast Shot
507:Sniper Arrow
508:Split Arrow
509:Batter's Swing
510:Support Fire
511:Trickster
512:Binding Arrow
513:Falconry
514:Meteor Strike
515:Cosmic Ray
516:Lucifer's Shot
517:Pheonix Arrow
518:Satelite Arrow
519:Vesper Cannon
530:Blast Shot 2
531:Nihil Arrow 2
532:Spiral Arrow 2
533:Meteor Shower 2
534:Stardust Rain 2
600:Bullet 2
601:Bind 2
602:Eruption 2
800:Arial Slash (Awakened)
801:Spike Rush (Awakened)
802:Burst of Rage (Awakened)
803:Mist Edge (Awakened)
804:Storm Saber (Awakaned)
805:Delta Raid (Awakened)
900:Malice (Awakened)
901:Grief (Awakened)
902:Impulse (Awakened)
903:Hollow (Awakened)
904:Generosity (Awakened)
905:Greed (Awakened)
1000:Quadruple Shot (Awakened)
1001:Blast Shot (Awakened)
1002:Nihil Arrow (Awakened)
1003:Trickster (Awakened)
1004:Vesper Cannon (Awakened)
1005:Lucifer Shot (Awakened)
</DropDownList>
<LastState Value="5" RealAddress="20132791CD0"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>10</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10561</ID>
<Description>"Shingi Level"</Description>
<LastState Value="2" RealAddress="20132791CD4"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>14</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10563</ID>
<Description>"m_Time"</Description>
<LastState Value="12182" RealAddress="20132791CE0"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>20</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10562</ID>
<Description>"m_bNew"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:False
1:True
</DropDownList>
<LastState Value="0" RealAddress="20132791CE8"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Byte</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>28</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10564</ID>
<Description>"Is Available"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:False
1:True
</DropDownList>
<LastState Value="1" RealAddress="20132791CEA"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Byte</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>2A</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10565</ID>
<Description>"Shingi idx"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:False
1:True
</DropDownList>
<LastState Value="93" RealAddress="20132791CEC"/>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>MouseOver2</Address>
<Offsets>
<Offset>2C</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
all I know I'm getting something from this r8d,[rax+rcx]
specifically the rcx part beyond that I'm lost
you guys can use this 2 opcode destinations to find the itemIDs I'm still trying to extrapulate how to get to the base mouseover thing
here's some Info I could possibly give
ItemID
400: Heoxillia's Great Anima
402: Neovonis' Great Anima
403: Lundrute's Great Anima
404: Ankah-vaye's Great Anima
405: Efufu-Paluno's Great Anima
406: Nozoth's Great Anima
407: TBD
408: TBD
409: TBD
update 1.2.5 is pushed will see if the table is still up to par
gah 1.2.5 seems like was another storage overhaul... that meant all of my progress was brought back to step 1
Re: LOST EPIC
word of caution with the update
1.2.5 storage overhaul storage dupe no longer works I know the initial injection was looking at CMaterialltemInvntory.Clear
this seems to be the Mouse Over Material logic... however Assembly deconstruction is a bit borked so I do now know what each offset means
Storage Dupe?
ok Update I got the Mouse Over in the Bag code to work that means we can now feasible dupe items as much as we want as long as we know the itemIDs in my main tables post Ishould have it updates to mostitems in 1.2.5 some of them arent implemented yet so I would advise on not spawning such items
1.2.5 storage overhaul storage dupe no longer works I know the initial injection was looking at CMaterialltemInvntory.Clear
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10573</ID>
<Description>"Maybe Mouse Over Material?"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-25
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(MatAmount,GameAssembly.dll,0F BF 41 02 25 FF 7F 00 00) // should be unique
alloc(newmem,$1000,MatAmount)
label(code)
label(return)
label(Mat)
registersymbol(Mat)
newmem:
code:
mov [Mat],rcx
movsx eax,word ptr [rcx+02]
and eax,00007FFF
jmp return
Mat:
dq
MatAmount:
jmp newmem
nop 4
return:
registersymbol(MatAmount)
[DISABLE]
MatAmount:
db 0F BF 41 02 25 FF 7F 00 00
unregistersymbol(MatAmount)
unregistersymbol(Mat)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+40D860
GameAssembly.dll+40D856: CC - int 3
GameAssembly.dll+40D857: CC - int 3
GameAssembly.dll+40D858: CC - int 3
GameAssembly.dll+40D859: CC - int 3
GameAssembly.dll+40D85A: CC - int 3
GameAssembly.dll+40D85B: CC - int 3
GameAssembly.dll+40D85C: CC - int 3
GameAssembly.dll+40D85D: CC - int 3
GameAssembly.dll+40D85E: CC - int 3
GameAssembly.dll+40D85F: CC - int 3
// ---------- INJECTING HERE ----------
GameAssembly.dll+40D860: 0F BF 41 02 - movsx eax,word ptr [rcx+02]
// ---------- DONE INJECTING ----------
GameAssembly.dll+40D864: 25 FF 7F 00 00 - and eax,00007FFF
GameAssembly.dll+40D869: C3 - ret
GameAssembly.dll+40D86A: CC - int 3
GameAssembly.dll+40D86B: CC - int 3
GameAssembly.dll+40D86C: CC - int 3
GameAssembly.dll+40D86D: CC - int 3
GameAssembly.dll+40D86E: CC - int 3
GameAssembly.dll+40D86F: CC - int 3
GameAssembly.dll+40D870: 81 21 00 00 FF 7F - and [rcx],7FFF0000
GameAssembly.dll+40D876: 09 11 - or [rcx],edx
}
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>10574</ID>
<Description>"Item Base?"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>2 Bytes</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>0</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10581</ID>
<Description>"Num of Item in Storage"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>2 Bytes</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>2</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10579</ID>
<Description>"Element"</Description>
<DropDownList DisplayValueAsItem="1">1:Fire
2:Ice
3:Electricity
4:Dark
5:Burn
6:Freeze
7:Paralyze
8:Poison
13:Vampire
15:Dex Down
16:Def Down
</DropDownList>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>2 Bytes</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>4</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10577</ID>
<Description>"Item ID?"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>2 Bytes</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>E</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10582</ID>
<Description>"Item ID?"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Byte</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>31</Offset>
</Offsets>
</CheatEntry>
<CheatEntry>
<ID>10575</ID>
<Description>"No description"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>Mat</Address>
<Offsets>
<Offset>24</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable>
Storage Dupe?
Code: Select all
{ Game : LOSTEPIC.exe
Version:
Date : 2022-03-25
Author : Algester
This script does blah blah blah
}
[ENABLE]
aobscanmodule(StorageDupe,GameAssembly.dll,81 23 FF FF 00 00) // should be unique
alloc(newmem,$1000,StorageDupe)
label(code)
label(return)
newmem:
code:
nop 6
//and [rbx],0000FFFF
jmp return
StorageDupe:
jmp newmem
nop
return:
registersymbol(StorageDupe)
[DISABLE]
StorageDupe:
db 81 23 FF FF 00 00
unregistersymbol(StorageDupe)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+40D8BB
GameAssembly.dll+40D891: 8B FA - mov edi,edx
GameAssembly.dll+40D893: 48 8B D9 - mov rbx,rcx
GameAssembly.dll+40D896: 75 1F - jne GameAssembly.dll+40D8B7
GameAssembly.dll+40D898: 48 8D 0D 11 72 46 01 - lea rcx,[GameAssembly.dll+1874AB0]
GameAssembly.dll+40D89F: E8 AC 24 DD FF - call GameAssembly.dll+1DFD50
GameAssembly.dll+40D8A4: 48 8D 0D 15 B0 46 01 - lea rcx,[GameAssembly.dll+18788C0]
GameAssembly.dll+40D8AB: E8 A0 24 DD FF - call GameAssembly.dll+1DFD50
GameAssembly.dll+40D8B0: C6 05 19 AA 50 01 01 - mov byte ptr [GameAssembly.dll+19182D0],01
GameAssembly.dll+40D8B7: 85 FF - test edi,edi
GameAssembly.dll+40D8B9: 78 16 - js GameAssembly.dll+40D8D1
// ---------- INJECTING HERE ----------
GameAssembly.dll+40D8BB: 81 23 FF FF 00 00 - and [rbx],0000FFFF
// ---------- DONE INJECTING ----------
GameAssembly.dll+40D8C1: C1 E7 10 - shl edi,10
GameAssembly.dll+40D8C4: 09 3B - or [rbx],edi
GameAssembly.dll+40D8C6: 48 8B 5C 24 30 - mov rbx,[rsp+30]
GameAssembly.dll+40D8CB: 48 83 C4 20 - add rsp,20
GameAssembly.dll+40D8CF: 5F - pop rdi
GameAssembly.dll+40D8D0: C3 - ret
GameAssembly.dll+40D8D1: 48 8B 0D D8 71 46 01 - mov rcx,[GameAssembly.dll+1874AB0]
GameAssembly.dll+40D8D8: F6 81 33 01 00 00 04 - test byte ptr [rcx+00000133],04
GameAssembly.dll+40D8DF: 74 0E - je GameAssembly.dll+40D8EF
GameAssembly.dll+40D8E1: 83 B9 E0 00 00 00 00 - cmp dword ptr [rcx+000000E0],00
}
Re: LOST EPIC
v1.3? just dropped and most of the AoB scans held also the table is ready just didint upload it yet cause I'm just tired
Re: LOST EPIC
Only Inf stamina and Inf Anima is working
Can someone update the table please
Thank you
Can someone update the table please
Thank you