Death Stranding: Director's Cut [Engine:Decima]

[Juices842]

You have that already in the [ Lua Stuff ] section. See the "Restore Structure Durability - Interaction Point" tree. I don't think the offsets are correct, but just double-click each (e.g.: Metal Added) and click the > arrow for the offset till you see the value you know you have on-screen.

As you click, the red rectangle will change value. When you see your known value (yeah, you must've added something, so it's not 0), you'll know the offset. Then tell us these offsets. I think the others are +4 away from the previous one (Metals +4 = Ceramics +4 = Chemicals +4 = Alloys).

how do i go about updating some of these pointers? i followed method but didn't find anything going in both directions

[6D44] BBAffectionPoints (the memory region has nothing but a lot of ??)
[1DC08] BBStress
DSWeatherSystem / ResetWeather


this is the correct pointers for these
[01B34] Chiral Crystals > 509E2398 (found this manually)
[0138] Endurance > 0140
[0100] Max. Stamina Copy > 0104
[47B0] Battery > 4810

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[SunBeam]

I will be releasing an update shortly. Still optimizing some logic so everything will then be at your fingertips.

[NeatWolf]

I will be releasing an update shortly. Still optimizing some logic so everything will then be at your fingertips.

Thanks, I'm glad I began playing DS-DC right on time

[indent]
I had a look at the available Tables here and wanted to contribute by adding a few extra coords for teleporting to well-known positions early in the game (mostly MULES outposts) - yet as per today I can't find the list I was having a look right a dozen of hours ago. Did it get deleted? EDIT: I found the thread, locations were hidden inside a spoiler tag [/indent]

Teleporting (via the RigidBody component position) has just one downside: it makes it very apparent you're cheating due to the walk distance not being updated accordingly. I got a bit lost in the debug section, but I believe adding the Vector3 difference between the old and new position, plus maybe 2 * Random.Range(0, _dist) could be a good starting point. Little can be done with the time, especially online.

An alternative would be to just keep falling "in place" for a couple of seconds to add both time and distance.

One little feature I'd add in the wishlist would be instantly refilling the bladder - or freezing it at some value the game would consider enough to repopulate the environment with nice fantasy-like mushrooms

[Juices842]

One little feature I'd add in the wishlist would be instantly refilling the bladder - or freezing it at some value the game would consider enough to repopulate the environment with nice fantasy-like mushrooms

im pretty sure its a float value between 0-1000, same as your displayed value. i remember using someones cheat that let you pee anywhere on the original

[NeatWolf]

One little feature I'd add in the wishlist would be instantly refilling the bladder - or freezing it at some value the game would consider enough to repopulate the environment with nice fantasy-like mushrooms

im pretty sure its a float value between 0-1000, same as your displayed value. i remember using someones cheat that let you pee anywhere on the original

Yes, but since that'd be just another value bound to the same chain of pointers...
I wouldn't go so far as that'd be griefing - even if I'm pretty sure it's already possible to glitch the no pee-no weapons volumes even without cheating.

Double thinking about that, a few zones are already so heavy littered with user-created indicators that almost feels like you're a ball in a pinball - they're no better than MULES when talking about addictions (to likes, this time).

So, yeah, maybe a nice mushroom would be meaningful sometimes, especially when you can't dismantle the offending litter

[egigol]

I will be releasing an update shortly. Still optimizing some logic so everything will then be at your fingertips.

Thank you very very much

[Juices842]

I will be releasing an update shortly. Still optimizing some logic so everything will then be at your fingertips.

any chance you could convert this invisibility cheat to directors cut while you have the game still installed? it is for v1.06. i dont have any need for the invulnerability, your god mode is perfect for that.

found elsewhere.

[SunBeam]

any chance you could convert this invisibility cheat to directors cut while you have the game still installed?

Replace as follows:

invisibility, part 1:

Code: Select all

{
  Game   : ds.exe
  Version: 
  Date   : 2022-04-21
  Author : pc
  Update : SunBeam
}

[ENABLE]

aobscanmodule(InvisibilityAOB,ds.exe,C4 C1 7A 11 86 04 02 00 00 41) // should be unique
alloc(newmem,$1000,InvisibilityAOB)

label(code)
label(return)
label(hop)

newmem:
  mov [r14+204],4B18967F
  jmp short hop
code:
  vmovss [r14+204],xmm0
hop:
  jmp return

InvisibilityAOB:
  jmp newmem
  nop 4
return:
registersymbol(InvisibilityAOB)

[DISABLE]

InvisibilityAOB:
  db C4 C1 7A 11 86 04 02 00 00

unregistersymbol(InvisibilityAOB)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: ds.exe+2990E1B

ds.exe+2990DE5: C5 FB 5A D8                 - vcvtsd2ss xmm3,xmm0,xmm0
ds.exe+2990DE9: C5 F3 5A E9                 - vcvtsd2ss xmm5,xmm1,xmm1
ds.exe+2990DED: C4 C1 7B 10 0F              - vmovsd xmm1,[r15]
ds.exe+2990DF2: C5 F3 5C 90 70 02 00 00     - vsubsd xmm2,xmm1,[rax+00000270]
ds.exe+2990DFA: C5 EB 5A C2                 - vcvtsd2ss xmm0,xmm2,xmm2
ds.exe+2990DFE: C4 E3 59 21 E0 00           - vinsertps xmm4,xmm4,xmm0,00
ds.exe+2990E04: C4 E3 59 21 E3 10           - vinsertps xmm4,xmm4,xmm3,10
ds.exe+2990E0A: C4 E3 59 21 E5 20           - vinsertps xmm4,xmm4,xmm5,20
ds.exe+2990E10: C4 E3 59 40 C4 7F           - vdpps xmm0,xmm4,xmm4,7F
ds.exe+2990E16: E8 9C 63 18 01              - call ds.exe+3B171B7
// ---------- INJECTING HERE ----------
ds.exe+2990E1B: C4 C1 7A 11 86 04 02 00 00  - vmovss [r14+00000204],xmm0
// ---------- DONE INJECTING  ----------
ds.exe+2990E24: 41 8B 86 B4 01 00 00        - mov eax,[r14+000001B4]
ds.exe+2990E2B: C1 E8 1A                    - shr eax,1A
ds.exe+2990E2E: A8 01                       - test al,01
ds.exe+2990E30: 0F 84 2B 01 00 00           - je ds.exe+2990F61
ds.exe+2990E36: 49 8B 86 88 03 00 00        - mov rax,[r14+00000388]
ds.exe+2990E3D: 48 8B 78 48                 - mov rdi,[rax+48]
ds.exe+2990E41: 45 39 66 24                 - cmp [r14+24],r12d
ds.exe+2990E45: 0F 85 EB 00 00 00           - jne ds.exe+2990F36
ds.exe+2990E4B: C4 41 78 2F 86 80 01 00 00  - vcomiss xmm8,[r14+00000180]
ds.exe+2990E54: 0F 82 DC 00 00 00           - jb ds.exe+2990F36
}

invisibility, part 2:

Code: Select all

{
  Game   : ds.exe
  Version: 
  Date   : 2022-04-21
  Author : pc
  Update : SunBeam
}

[ENABLE]

aobscanmodule(Invisibility2AOB,ds.exe,83 BF 10 01 00 00 05 0F 85 8F) // should be unique
alloc(newmem,$1000,Invisibility2AOB)

label(code)
label(return)

newmem:
  mov [rdi+110],3
code:
  cmp dword ptr [rdi+110],5
  jmp return

Invisibility2AOB:
  jmp newmem
  nop 2
return:
registersymbol(Invisibility2AOB)

[DISABLE]

Invisibility2AOB:
  db 83 BF 10 01 00 00 05

unregistersymbol(Invisibility2AOB)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: ds.exe+2AD3369

ds.exe+2AD3335: C5 7A 10 87 14 01 00 00  - vmovss xmm8,[rdi+00000114]
ds.exe+2AD333D: C5 C0 57 FF              - vxorps xmm7,xmm7,xmm7
ds.exe+2AD3341: C5 C8 57 F6              - vxorps xmm6,xmm6,xmm6
ds.exe+2AD3345: E8 B6 38 82 FF           - call ds.exe+22F6C00
ds.exe+2AD334A: 48 85 C0                 - test rax,rax
ds.exe+2AD334D: 74 08                    - je ds.exe+2AD3357
ds.exe+2AD334F: C5 FA 10 B0 20 02 00 00  - vmovss xmm6,[rax+00000220]
ds.exe+2AD3357: C5 BA 5F C6              - vmaxss xmm0,xmm8,xmm6
ds.exe+2AD335B: C5 F8 2F 05 A1 4C 0F 01  - vcomiss xmm0,[ds.exe+3BC8004]
ds.exe+2AD3363: 0F 86 9C 00 00 00        - jbe ds.exe+2AD3405
// ---------- INJECTING HERE ----------
ds.exe+2AD3369: 83 BF 10 01 00 00 05     - cmp dword ptr [rdi+00000110],05
// ---------- DONE INJECTING  ----------
ds.exe+2AD3370: 0F 85 8F 00 00 00        - jne ds.exe+2AD3405
ds.exe+2AD3376: 33 C0                    - xor eax,eax
ds.exe+2AD3378: 48 89 B4 24 38 01 00 00  - mov [rsp+00000138],rsi
ds.exe+2AD3380: 48 89 84 24 58 01 00 00  - mov [rsp+00000158],rax
ds.exe+2AD3388: 48 8D 94 24 38 01 00 00  - lea rdx,[rsp+00000138]
ds.exe+2AD3390: 48 89 84 24 48 01 00 00  - mov [rsp+00000148],rax
ds.exe+2AD3398: 88 84 24 58 01 00 00     - mov [rsp+00000158],al
ds.exe+2AD339F: 48 89 84 24 40 01 00 00  - mov [rsp+00000140],rax
ds.exe+2AD33A7: 48 8B 47 68              - mov rax,[rdi+68]
ds.exe+2AD33AB: 48 85 C0                 - test rax,rax
}

ignore hits/invulnerable:

Code: Select all

{
  Game   : ds.exe
  Version: 
  Date   : 2022-04-21
  Author : pc
  Update : SunBeam
}

[ENABLE]

aobscanmodule(IgnoreHitsAOB,ds.exe,84 C0 0F 84 51 04 00 00 8B 47) // should be unique
alloc(newmem,$1000,IgnoreHitsAOB)

label(code)
label(return)

newmem:
  xor al,al
code:
  test al,al
  je short @f
  jmp return
  @@:
  jmp ds.exe+271791A

IgnoreHitsAOB:
  jmp newmem
  nop 3
return:
registersymbol(IgnoreHitsAOB)

[DISABLE]

IgnoreHitsAOB:
  db 84 C0 0F 84 51 04 00 00

unregistersymbol(IgnoreHitsAOB)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: ds.exe+27174C1

ds.exe+271748D: 48 0F 44 CE              - cmove rcx,rsi
ds.exe+2717491: 48 85 C9                 - test rcx,rcx
ds.exe+2717494: 0F 84 80 04 00 00        - je ds.exe+271791A
ds.exe+271749A: 49 8B 8E B0 02 00 00     - mov rcx,[r14+000002B0]
ds.exe+27174A1: 48 8B 82 20 05 00 00     - mov rax,[rdx+00000520]
ds.exe+27174A8: 48 39 81 D0 53 00 00     - cmp [rcx+000053D0],rax
ds.exe+27174AF: 0F 85 65 04 00 00        - jne ds.exe+271791A
ds.exe+27174B5: 48 8B 02                 - mov rax,[rdx]
ds.exe+27174B8: 48 8B CA                 - mov rcx,rdx
ds.exe+27174BB: FF 90 38 01 00 00        - call qword ptr [rax+00000138]
// ---------- INJECTING HERE ----------
ds.exe+27174C1: 84 C0                    - test al,al
// ---------- DONE INJECTING  ----------
ds.exe+27174C3: 0F 84 51 04 00 00        - je ds.exe+271791A
ds.exe+27174C9: 8B 47 28                 - mov eax,[rdi+28]
ds.exe+27174CC: 48 89 9C 24 B0 01 00 00  - mov [rsp+000001B0],rbx
ds.exe+27174D4: 48 8D 5F 20              - lea rbx,[rdi+20]
ds.exe+27174D8: D1 E8                    - shr eax,1
ds.exe+27174DA: A8 01                    - test al,01
ds.exe+27174DC: 74 18                    - je ds.exe+27174F6
ds.exe+27174DE: 49 8B 8E B8 02 00 00     - mov rcx,[r14+000002B8]
ds.exe+27174E5: 48 8B D3                 - mov rdx,rbx
ds.exe+27174E8: 48 8B 01                 - mov rax,[rcx]
}

[NeatWolf]

I will be releasing an update shortly. Still optimizing some logic so everything will then be at your fingertips.

any chance you could convert this invisibility cheat to directors cut while you have the game still installed? it is for v1.06. i dont have any need for the invulnerability, your god mode is perfect for that.

found elsewhere.

Just wondering - does that apply to BTs and "tar" zones enemies as well? Maybe I'm adventuring in areas I shouldn't, but would be cool to be able to have a breather sometimes (and interesting to have a better close-up look at BTs out of photo mode)

[SunBeam]

Meanwhile, on other forums.. there are several people who just love to compile AIO (all-in-one) packs with options from FRF tables and credit just the 2-3 people from their own forum, hoping to boost their visibility with stolen shit. "Guaranteeing the 'our' in source" my furry ass. I'd love to learn how crashin73331 figured out by himself a lot of the stuff in that table. Also this:



So.. if I don't post my updated table (which contains 90% of his intentions there), I guess we won't see an updated table on their end too. Right? Or maybe he's investigating Csimbi's table and stealing some more shit to add to that 'compilation'.

Last time I checked "guaranteeing 'our'" didn't mean appropriating the work of others. But that's just me.

Just a warm reminder in case you wonder why I've slowly stopped posting my work: 'cause others are just dying to use it in promoting their forums. And not cuz - as per some fuckwad's mad rants - I don't want to share my knowledge with people. No. Because I hate my work being used without permission (first) and crediting (second). In today's internet "credit is given where due" doesn't exist in a lot of people's actions; they behave as if crediting should only be given to those who stay quiet, don't care for or ask for it. That's when a person become eligible of being credited T_T. Fucked up psychology, if you ask me.

[NeatWolf]

Thanks for the updated invisibility cheat @SunBeam!
I'm not completely familiar with code injection but the second Invisibility script probably had a little oversight as wasn't using the "hop" label and throwing a syntax error.

Looking at Invis part 1, should we get rid of the declaration, or add it as per invis1 like this?

Code: Select all

label(hop)

newmem:
  mov [rdi+110],3
code:
  cmp dword ptr [rdi+110],5
hop:
  jmp return

I'm also getting this (Cheat Engine v7.4)


EDIT: apologies, we probably posted in the very same moment, I still hadn't read your post when replying.

That's - quite sad. I mean, there's no shame in admitting to use other people's code, especially if it's well written and exclusive :/
That's exactly the reason programmers get "jealous" of their code. Which isn't really jealousy. It's more like giving credit where it's due :/

[SunBeam]

the second Invisibility script probably had a little oversight as wasn't using the "hop" label

Yeah, forgot to remove it. Updated the second code snippet, should be fine now. You can re-copy-paste it.

I'm also getting this (Cheat Engine v7.4)

No idea where you're getting an error about a different offset than that in the script. Error says "je ds.exe+247F54A".. and in the 'ignore hits/invulnerable' script I posted you see "je ds.exe+271791A". What comes after the + is different in your picture, my point:



So re-copy-paste the code in 3rd snippet.

[NeatWolf]

No idea where you're getting an error about a different offset than that in the script. Error says "je ds.exe+247F54A".. and in the 'ignore hits/invulnerable' script I posted you see "je ds.exe+271791A". What comes after the + is different in your picture, my point:

So re-copy-paste the code in 3rd snippet.

You're right - I did it again right after posting and the line number/address was different.
Now it's

[SunBeam]

...

God damn far allocs... Here:

Code: Select all

newmem:
  xor al,al
code:
  test al,al
  je short @f
  jmp return
  @@:
  jmp ds.exe+271791A

Updated the 3rd code snippet as well. Just re-copy-paste.

[NeatWolf]

...

God damn far allocs... Here:

Code: Select all

newmem:
  xor al,al
code:
  test al,al
  je short @f
  jmp return
  @@:
  jmp ds.exe+271791A

Updated the 3rd code snippet as well. Just re-copy-paste.

Please don't hate me but we're still not there yet


Besides, you've already written a similar cheat - maybe we could just use that? I'm assuming you can't test the code at the moment - and there would be plenty more creative ways for you to spend your time - especially after what you revealed about it being regularly stolen and appropriated