Ys IX: Monstrum Nox

[ToucheYou]

This works with useable items but not with accessories or any category on "other" section.

Ah, you're right, my bad. I have uploaded the updated table in my previous post: viewtopic.php?p=201663#p201663

I'm still relatively early in the game so further tests might be needed.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[Zozinhu]

This works with useable items but not with accessories or any category on "other" section.

Ah, you're right, my bad. I have uploaded the updated table in my previous post: viewtopic.php?p=201663#p201663

I'm still relatively early in the game so further tests might be needed.

You rock!! Thanks for this.

[Zozinhu]

Is it possible to make a code for meals benefit never run out of time?

[SmokeyJuan]

Is it possible to make a code for meals benefit never run out of time?

This would definitely come in handy!

[Sora3100]

Made a small table that let's you change party size as you see fit, the ability to use the hidden 4th slot (not that it works very well in this game), and the "Dana mode" leftover from the previous game.
Best used in combination with DhaosCollider's "Party Members Modifier"

[Cyber]

Always Monstrum Form (doesn't work in certain cases)

Code: Select all

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat

 
 
aobscanmodule(alwaysmonstrum_aob,ys9.exe,48 8B 92 58 60 11 00 48 89 44 24 20) // should be unique
alloc(newmem,$100,alwaysmonstrum_aob)

label(return)
label(alwaysmonstrum1_code)
label(alwaysmonstrum2_code)
label(alwaysmonstrum3_code)

registersymbol(alwaysmonstrum1_code)
registersymbol(alwaysmonstrum2_code)
registersymbol(alwaysmonstrum3_code)
registersymbol(alwaysmonstrum_aob)

newmem:
  jmp return

newmem2:
  mov rax,[r13+0000FB20]
  jmp return2

newmem3:
  jmp return3

alwaysmonstrum1_code:
  readmem(alwaysmonstrum_aob-9a,6)

alwaysmonstrum2_code:
  readmem(alwaysmonstrum_aob+13,9)

alwaysmonstrum3_code:
  readmem(alwaysmonstrum_aob+168,6)

//
alwaysmonstrum_aob-9a:
  jmp newmem
  nop
return:

alwaysmonstrum_aob+13:
  jmp newmem2
  nop 4
return2:

alwaysmonstrum_aob+168:
  jmp newmem3
  nop
return3:

alwaysmonstrum_aob+450:
  db 0F 57 C0 90

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
alwaysmonstrum_aob-9a:
  readmem(alwaysmonstrum1_code,6)

alwaysmonstrum_aob+13:
  readmem(alwaysmonstrum2_code,9)

alwaysmonstrum_aob+168:
  readmem(alwaysmonstrum3_code,6)

alwaysmonstrum_aob+450:
  db F3 0F 10 00

unregistersymbol(*)
dealloc(*)


{
// ORIGINAL CODE - INJECTION POINT: ys9.exe+32F370

ys9.exe+32F33B: 0F 28 CB                 - movaps xmm1,xmm3
ys9.exe+32F33E: 0F C6 D4 55              - shufps xmm2,xmm4,55
ys9.exe+32F342: F3 0F 5C 0D 7A 01 3D 00  - subss xmm1,[ys9.exe+6FF4C4]
ys9.exe+32F34A: F3 0F 58 1D 7A F7 3C 00  - addss xmm3,[ys9.exe+6FEACC]
ys9.exe+32F352: 0F 28 C4                 - movaps xmm0,xmm4
ys9.exe+32F355: F3 0F 11 54 24 64        - movss [rsp+64],xmm2
ys9.exe+32F35B: 0F C6 C4 FF              - shufps xmm0,xmm4,-01
ys9.exe+32F35F: F3 0F 11 44 24 6C        - movss [rsp+6C],xmm0
ys9.exe+32F365: F3 0F 11 4C 24 68        - movss [rsp+68],xmm1
ys9.exe+32F36B: F3 0F 11 5D 88           - movss [rbp-78],xmm3
// ---------- INJECTING HERE ----------
ys9.exe+32F370: 48 8B 92 58 60 11 00     - mov rdx,[rdx+00116058]
// ---------- DONE INJECTING  ----------
ys9.exe+32F377: 48 89 44 24 20           - mov [rsp+20],rax
ys9.exe+32F37C: E8 5F 3B FE FF           - call ys9.exe+312EE0
ys9.exe+32F381: 85 C0                    - test eax,eax
ys9.exe+32F383: 74 0D                    - je ys9.exe+32F392
ys9.exe+32F385: 49 8B 85 20 FB 00 00     - mov rax,[r13+0000FB20]
ys9.exe+32F38C: FF 80 68 BC 0E 00        - inc [rax+000EBC68]
ys9.exe+32F392: 39 3D F8 7E 46 00        - cmp [ys9.exe+797290],edi
ys9.exe+32F398: 0F 84 1D 01 00 00        - je ys9.exe+32F4BB
ys9.exe+32F39E: 40 38 3D 69 7D 46 00     - cmp [ys9.exe+79710E],dil
ys9.exe+32F3A5: 0F 84 EF 03 00 00        - je ys9.exe+32F79A
}

Hide HUD (damage/healing data is shown) - hold CAPS or L3 to show HUD

Code: Select all

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat

 
 
aobscanmodule(hudless_aob,ys9.exe,8B 88 70 EA 3E 00 ** ** ** ** ** 48 8B 8E 78 C6 00 00) // should be unique
alloc(newmem,$100,hudless_aob)

label(code)
label(HUDHotkeyLuaThread)
registersymbol(HUDHotkeyLuaThread)

newmem:
  push ebx
  mov bl,[HUDHotkeyLuaThread]
  test bl,bl
  pop ebx
  jz code
  mov rcx,[rsi+0000C678]
  jmp hudless_aob+12

code:
  mov rcx,[rsi+0000C678]
  jmp hudless_aob+17

HUDHotkeyLuaThread:
  dd 0

hudless_aob+b:
  jmp newmem
  nop 2

registersymbol(hudless_aob)

{$lua}
local function hotkeyLuaThread(thread)
       local addr = getAddressSafe('HUDHotkeyLuaThread')
       while RunHotkeyLuaThread do
              if addr then
                      local xcs = getXBox360ControllerState()
                      if xcs.GAMEPAD_LEFT_THUMB then
                         writeBytes(addr, 1)
                      elseif isKeyPressed(VK_CAPITAL) then
                         writeBytes(addr, 1)
                      else
                         writeBytes(addr, 0)
                      end
              else
                 addr = getAddressSafe('HUDHotkeyLuaThread')
              end
       end
       thread.terminate()
end
---------------------------------
if syntaxcheck then return end
RunHotkeyLuaThread = true
createThread(hotkeyLuaThread)
{$asm}

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
{$lua}
if syntaxcheck then return end
RunHotkeyLuaThread = false
{$asm}

hudless_aob+b:
  db 48 8B 8E 78 C6 00 00

unregistersymbol(hudless_aob)
unregistersymbol(HUDHotkeyLuaThread)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: ys9.exe+2D1E96

ys9.exe+2D1E65: 89 44 24 20           - mov [rsp+20],eax
ys9.exe+2D1E69: 48 8D 4F 10           - lea rcx,[rdi+10]
ys9.exe+2D1E6D: E8 4E D1 12 00        - call ys9.exe+3FEFC0
ys9.exe+2D1E72: E9 09 05 00 00        - jmp ys9.exe+2D2380
ys9.exe+2D1E77: 89 44 24 20           - mov [rsp+20],eax
ys9.exe+2D1E7B: 48 8D 4F 10           - lea rcx,[rdi+10]
ys9.exe+2D1E7F: E8 3C D1 12 00        - call ys9.exe+3FEFC0
ys9.exe+2D1E84: 48 8B 86 78 C6 00 00  - mov rax,[rsi+0000C678]
ys9.exe+2D1E8B: 8B 88 70 EA 3E 00     - mov ecx,[rax+003EEA70]
ys9.exe+2D1E91: E8 3A 79 0D 00        - call ys9.exe+3A97D0
// ---------- INJECTING HERE ----------
ys9.exe+2D1E96: 48 8B 8E 78 C6 00 00  - mov rcx,[rsi+0000C678]
// ---------- DONE INJECTING  ----------
ys9.exe+2D1E9D: E8 5E 03 03 00        - call ys9.exe+302200
ys9.exe+2D1EA2: E8 69 1E DB FF        - call ys9.exe+83D10
ys9.exe+2D1EA7: 48 8B F8              - mov rdi,rax
ys9.exe+2D1EAA: E8 A1 CD DA FF        - call ys9.exe+7EC50
ys9.exe+2D1EAF: 8B 58 10              - mov ebx,[rax+10]
ys9.exe+2D1EB2: E8 99 CD DA FF        - call ys9.exe+7EC50
ys9.exe+2D1EB7: 44 8B 40 14           - mov r8d,[rax+14]
ys9.exe+2D1EBB: 8B 07                 - mov eax,[rdi]
ys9.exe+2D1EBD: 3B C3                 - cmp eax,ebx
ys9.exe+2D1EBF: 74 5B                 - je ys9.exe+2D1F1C
}

Hide HUD (damage/healing data is hidden) - hold CAPS or L3 to show HUD

Code: Select all

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat

 
 
aobscanmodule(hudless_aob,ys9.exe,8B 88 70 EA 3E 00 ** ** ** ** ** 48 8B 8E 78 C6 00 00) // should be unique
alloc(newmem,$100,hudless_aob)

aobscanmodule(hudless2_aob,ys9.exe,4C 8B DC 49 89 5B 10 49 89 6B 18 56 57 41 56 48 81 EC A0) // should be unique
alloc(newmem2,$100,hudless2_aob)

label(code)
label(code2)
label(return2)
label(HUDHotkeyLuaThread)
registersymbol(HUDHotkeyLuaThread)

newmem:
  push ebx
  mov bl,[HUDHotkeyLuaThread]
  test bl,bl
  pop ebx
  jz code
  mov rcx,[rsi+0000C678]
  jmp hudless_aob+12

code:
  mov rcx,[rsi+0000C678]
  jmp hudless_aob+17

HUDHotkeyLuaThread:
  dd 0

//
newmem2:

code2:
  ret
  mov r11,rsp
  mov [r11+10],rbx
  jmp return2

//
hudless_aob+b:
  jmp newmem
  nop 2

hudless2_aob:
  jmp newmem2
  nop 2
return2:

registersymbol(hudless_aob)
registersymbol(hudless2_aob)

{$lua}
local function hotkeyLuaThread(thread)
       local addr = getAddressSafe('HUDHotkeyLuaThread')
       while RunHotkeyLuaThread do
              if addr then
                      local xcs = getXBox360ControllerState()
                      if xcs.GAMEPAD_LEFT_THUMB then
                         writeBytes(addr, 1)
                      elseif isKeyPressed(VK_CAPITAL) then
                         writeBytes(addr, 1)
                      else
                         writeBytes(addr, 0)
                      end
              else
                 addr = getAddressSafe('HUDHotkeyLuaThread')
              end
       end
       thread.terminate()
end
---------------------------------
if syntaxcheck then return end
RunHotkeyLuaThread = true
createThread(hotkeyLuaThread)
{$asm}

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
{$lua}
if syntaxcheck then return end
RunHotkeyLuaThread = false
{$asm}

hudless_aob+b:
  db 48 8B 8E 78 C6 00 00

hudless2_aob:
  db 4C 8B DC 49 89 5B 10

unregistersymbol(hudless_aob)
unregistersymbol(HUDHotkeyLuaThread)
unregistersymbol(hudless2_aob)
dealloc(newmem2)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: ys9.exe+2D1E96

ys9.exe+2D1E65: 89 44 24 20           - mov [rsp+20],eax
ys9.exe+2D1E69: 48 8D 4F 10           - lea rcx,[rdi+10]
ys9.exe+2D1E6D: E8 4E D1 12 00        - call ys9.exe+3FEFC0
ys9.exe+2D1E72: E9 09 05 00 00        - jmp ys9.exe+2D2380
ys9.exe+2D1E77: 89 44 24 20           - mov [rsp+20],eax
ys9.exe+2D1E7B: 48 8D 4F 10           - lea rcx,[rdi+10]
ys9.exe+2D1E7F: E8 3C D1 12 00        - call ys9.exe+3FEFC0
ys9.exe+2D1E84: 48 8B 86 78 C6 00 00  - mov rax,[rsi+0000C678]
ys9.exe+2D1E8B: 8B 88 70 EA 3E 00     - mov ecx,[rax+003EEA70]
ys9.exe+2D1E91: E8 3A 79 0D 00        - call ys9.exe+3A97D0
// ---------- INJECTING HERE ----------
ys9.exe+2D1E96: 48 8B 8E 78 C6 00 00  - mov rcx,[rsi+0000C678]
// ---------- DONE INJECTING  ----------
ys9.exe+2D1E9D: E8 5E 03 03 00        - call ys9.exe+302200
ys9.exe+2D1EA2: E8 69 1E DB FF        - call ys9.exe+83D10
ys9.exe+2D1EA7: 48 8B F8              - mov rdi,rax
ys9.exe+2D1EAA: E8 A1 CD DA FF        - call ys9.exe+7EC50
ys9.exe+2D1EAF: 8B 58 10              - mov ebx,[rax+10]
ys9.exe+2D1EB2: E8 99 CD DA FF        - call ys9.exe+7EC50
ys9.exe+2D1EB7: 44 8B 40 14           - mov r8d,[rax+14]
ys9.exe+2D1EBB: 8B 07                 - mov eax,[rdi]
ys9.exe+2D1EBD: 3B C3                 - cmp eax,ebx
ys9.exe+2D1EBF: 74 5B                 - je ys9.exe+2D1F1C
}

[kagamine_len]

the auto flash guard doesn't count as flash guard...after a lot tries, i just realiaze it can't finish 100 flash guard achievement

[kagamine_len]

nvm, i figure it out. using easy flash move or infinite flash move time, then keep press R1 will get that achievement easily, no need to edit the auto flash guard

[axellslade]

Anyone capable of doing a free camera code?

[chasede]

Hey guys, since I didn't find a lot of simple things I wanted, I made them myself. Enjoy.

Food Timer doesn't decrease
1/3 less SP usage (can change to 1/4 less, etc.. So that you don't have to wear the relevant accessory)
1.5x longer flash guard (can change to another multiplier. So that you don't have to wear the relevant accessory).
Change item quantity to 84 upon highlighting in shop
" " 7 " "
" " 499 " "
Infinite Item Usage
10x nox gain (can change multiplier to whatever)

The "Change item quantity upon highlighting in shop" is the most robust way of changing item amount, I've found. In any shop screen (either buying or selling), scrolling onto an item will change that item's amount.

For infinite item usage, watch out. Selling an item with that on makes it so you don't get money (change in money is calculated by change in inventory by the game). Mostly just use it for consumables I'd say.

10x nox gain works for the nox meter (for triggering events), but doesn't get recorded in the total nox aquired in your journal.

Cheers!

[aQua]

Will this works with v1.0.6 without any issue?

[Atmogenic]

Will this works with v1.0.6 without any issue?

not had any issues so far but i am early into the game

[Nova77]

Monstrum Gifts:

Code: Select all

      <ByteLength>32</ByteLength>
      <Address>"ys9.exe"+007D0CE8</Address>
      <Offsets>
        <Offset>99C</Offset>
        <Offset>10</Offset>
      </Offsets>

Crimson Line, Heaven's Run, etc.

It's stored as 32 bytes. The first eight is whether gifts are enabled, and then 6 sets of 4 for each gift. 1 is disabled, 0 is enabled.

Example:

Game Start:

0100000000000000010000000100000001000000010000000100000001000000

After Crimson Line:

0000000000000000000000000100000001000000010000000100000001000000

[Siggymas]

Add some options..

Thanks for the table, waiting for 100% drop rate...

Try this new table..

hello does anyone know how to modify how many quantity number for the item of book skills??

i like it to be 5 amount only.

[StormRay]

Hello , Thanks , hmm is there any way to make it work with my old CE version , coz table need 7.1+ to work and i don't have it , nor want the tedious way to get it "safety" ,
Like making the table think i have 7,x or CE itself or something? thanks whoever can give some help , cheers : )

Edit: To add i tried old versions of the table and none works every ask for CE version 7.1+