HELLDIVERS 2

Upload your cheat tables here (No requests)
BlazedBeard95
Noobzor
Noobzor
Posts: 13
Joined: Mon May 06, 2024 10:00 pm
Reputation: 4

Re: HELLDIVERS 2

Post by BlazedBeard95 »

Anyone have a weapon editor that allows you to edit weapon fire rate and magazine size?

How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1

kamisama
Noobzor
Noobzor
Posts: 8
Joined: Thu May 09, 2024 11:02 pm
Reputation: 8

Re: HELLDIVERS 2

Post by kamisama »

Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}

fallout11
Expert Cheater
Expert Cheater
Posts: 53
Joined: Tue Apr 30, 2024 11:17 am
Reputation: 16

Re: HELLDIVERS 2

Post by fallout11 »

XxDarkus101Xx wrote:
Mon Jun 10, 2024 11:18 am
One of the cheat menus on unknowncheats had no overheat and it worked for all energy weapons including the sickle but not the quasar cannon (well properly) so I know it’s possible. We just have to find a code for it. Also hope anybody can make a cheat function for them including the quasar cannon and the also make a cheat for no reload on the air bust rocket launcher
The Quasar cannon has an internal timer (server-side), it's not actually a heat-producing weapon like the sickle or laser cannon.
For a straight-forward no overhead on actual heat-producing weapons like the sickle, scythe, laser cannon, etc.:
Spoiler
[ENABLE]
aobscanmodule(aob_ImmaChargingMahLasor,game.dll,F3 41 0F 11 08 8B 49)
registersymbol(aob_ImmaChargingMahLasor)

aob_ImmaChargingMahLasor+4:
db 28

[DISABLE]
aob_ImmaChargingMahLasor:
db F3 41 0F 11 08

unregistersymbol(aob_ImmaChargingMahLasor)

For instant-chargeup on weapons like the railcannon or arc thrower:
Spoiler
[ENABLE]
aobscanmodule(aob_RailgunCharge,game.dll,F3 43 0F 11 44 3E 04)
registersymbol(aob_RailgunCharge)
assert(aob_RailgunCharge+3E, 45 0F 2F D9)
alloc(newmem,1024)
label(return)

newmem:
mov [r14+r15+04], (float)2.999999
movss xmm0, [r14+r15+04]
test r12b,r12b
je far return+2E
comiss xmm10,xmm9
jmp far return

aob_RailgunCharge:
jmp far newmem
nop 2
return:

[DISABLE]
aob_RailgunCharge:
db F3 43 0F 11 44 3E 04 45 84 E4 74 32 45 0F 2F D1

unregistersymbol(aob_RailgunCharge)
dealloc(newmem_example)

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

kamisama wrote:
Tue Jun 11, 2024 1:20 am
Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}
How in the world do you add this to one of the table???

kamisama
Noobzor
Noobzor
Posts: 8
Joined: Thu May 09, 2024 11:02 pm
Reputation: 8

Re: HELLDIVERS 2

Post by kamisama »

XxDarkus101Xx wrote:
Tue Jun 11, 2024 4:03 am
kamisama wrote:
Tue Jun 11, 2024 1:20 am
Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}
How in the world do you add this to one of the table???
open cheat engine, CTRL + ALT + A then copy and paste. Voila

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

fallout11 wrote:
Tue Jun 11, 2024 2:31 am
XxDarkus101Xx wrote:
Mon Jun 10, 2024 11:18 am
One of the cheat menus on unknowncheats had no overheat and it worked for all energy weapons including the sickle but not the quasar cannon (well properly) so I know it’s possible. We just have to find a code for it. Also hope anybody can make a cheat function for them including the quasar cannon and the also make a cheat for no reload on the air bust rocket launcher
The Quasar cannon has an internal timer (server-side), it's not actually a heat-producing weapon like the sickle or laser cannon.
For a straight-forward no overhead on actual heat-producing weapons like the sickle, scythe, laser cannon, etc.:
Spoiler
[ENABLE]
aobscanmodule(aob_ImmaChargingMahLasor,game.dll,F3 41 0F 11 08 8B 49)
registersymbol(aob_ImmaChargingMahLasor)

aob_ImmaChargingMahLasor+4:
db 28

[DISABLE]
aob_ImmaChargingMahLasor:
db F3 41 0F 11 08

unregistersymbol(aob_ImmaChargingMahLasor)

For instant-chargeup on weapons like the railcannon or arc thrower:
Spoiler
[ENABLE]
aobscanmodule(aob_RailgunCharge,game.dll,F3 43 0F 11 44 3E 04)
registersymbol(aob_RailgunCharge)
assert(aob_RailgunCharge+3E, 45 0F 2F D9)
alloc(newmem,1024)
label(return)

newmem:
mov [r14+r15+04], (float)2.999999
movss xmm0, [r14+r15+04]
test r12b,r12b
je far return+2E
comiss xmm10,xmm9
jmp far return

aob_RailgunCharge:
jmp far newmem
nop 2
return:

[DISABLE]
aob_RailgunCharge:
db F3 43 0F 11 44 3E 04 45 84 E4 74 32 45 0F 2F D1

unregistersymbol(aob_RailgunCharge)
dealloc(newmem_example)
Well really wish there was a way to make a cheat function for the quasar cannon to like make it shoot instantly like a no reload but at least the no over heat works

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

kamisama wrote:
Tue Jun 11, 2024 4:07 am
XxDarkus101Xx wrote:
Tue Jun 11, 2024 4:03 am
kamisama wrote:
Tue Jun 11, 2024 1:20 am
Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}
How in the world do you add this to one of the table???
open cheat engine, CTRL + ALT + A then copy and paste. Voila
Then click execute right? Or assign to current table then hit the little box? That’s what I did and nothing happened. Maybe I did something wrong

fallout11
Expert Cheater
Expert Cheater
Posts: 53
Joined: Tue Apr 30, 2024 11:17 am
Reputation: 16

Re: HELLDIVERS 2

Post by fallout11 »

Game patch has been pushed back to Thursday, June 13th (despite Arrowhead saying today would be the day on Discord early last week).
[Link]

XxDarkus101Xx, you add the text to a current table (or make a new one and insert the code), hit okay, then run the table (hit the little box after starting the game with your bypass).

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

fallout11 wrote:
Tue Jun 11, 2024 11:22 am
Game patch has been pushed back to Thursday, June 13th (despite Arrowhead saying today would be the day on Discord early last week).
[Link]

XxDarkus101Xx, you add the text to a current table (or make a new one and insert the code), hit okay, then run the table (hit the little box after starting the game with your bypass).
Gotcha I will try that when I get home

ParadoxChris
What is cheating?
What is cheating?
Posts: 3
Joined: Wed Jan 15, 2020 11:28 pm
Reputation: 1

Re: HELLDIVERS 2

Post by ParadoxChris »

kamisama wrote:
Tue Jun 11, 2024 1:20 am
Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}
what do i change in this to edit the weapon?

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

fallout11 wrote:
Tue Jun 11, 2024 11:22 am
Game patch has been pushed back to Thursday, June 13th (despite Arrowhead saying today would be the day on Discord early last week).
[Link]

XxDarkus101Xx, you add the text to a current table (or make a new one and insert the code), hit okay, then run the table (hit the little box after starting the game with your bypass).
ok I added the edit weapon cheat to the table and I hit the little box and its toggled on but there is nothing going on. What do I do afterwards???

kamisama
Noobzor
Noobzor
Posts: 8
Joined: Thu May 09, 2024 11:02 pm
Reputation: 8

Re: HELLDIVERS 2

Post by kamisama »

XxDarkus101Xx wrote:
Tue Jun 11, 2024 11:06 am
kamisama wrote:
Tue Jun 11, 2024 4:07 am
XxDarkus101Xx wrote:
Tue Jun 11, 2024 4:03 am

How in the world do you add this to one of the table???
open cheat engine, CTRL + ALT + A then copy and paste. Voila
Then click execute right? Or assign to current table then hit the little box? That’s what I did and nothing happened. Maybe I did something wrong
I will share my Table here, it's a combination of different tables so i'm not taking credits
Attachments
Temp Fix.CT
(61.33 KiB) Downloaded 269 times

XxDarkus101Xx
Expert Cheater
Expert Cheater
Posts: 102
Joined: Wed Apr 24, 2019 2:12 am
Reputation: 10

Re: HELLDIVERS 2

Post by XxDarkus101Xx »

kamisama wrote:
Wed Jun 12, 2024 12:34 am
XxDarkus101Xx wrote:
Tue Jun 11, 2024 11:06 am
kamisama wrote:
Tue Jun 11, 2024 4:07 am


open cheat engine, CTRL + ALT + A then copy and paste. Voila
Then click execute right? Or assign to current table then hit the little box? That’s what I did and nothing happened. Maybe I did something wrong
I will share my Table here, it's a combination of different tables so i'm not taking credits
Thanks man wish we can have no reload for the airburst rocket launcher. That would be so much cool but I don't know if there's a way to do it

MonitorAnon
What is cheating?
What is cheating?
Posts: 4
Joined: Sun May 26, 2024 7:13 pm
Reputation: 0

Re: HELLDIVERS 2

Post by MonitorAnon »

kamisama wrote:
Wed Jun 12, 2024 12:34 am
XxDarkus101Xx wrote:
Tue Jun 11, 2024 11:06 am
kamisama wrote:
Tue Jun 11, 2024 4:07 am
open cheat engine, CTRL + ALT + A then copy and paste. Voila
Then click execute right? Or assign to current table then hit the little box? That’s what I did and nothing happened. Maybe I did something wrong
I will share my Table here, it's a combination of different tables so i'm not taking credits
Cool. That's helpful. Just wonder, what does the "New Reload" mean in this table?

ScherzicScherzo
Novice Cheater
Novice Cheater
Posts: 22
Joined: Sat Dec 25, 2021 11:40 am
Reputation: 1

Re: HELLDIVERS 2

Post by ScherzicScherzo »

Too much goddamn fog. Is there a way one of you code wizards could figure out how to remove that shit via CE. Tired of not being able to see five feet in front of my face on these goddamn planets.

Post Reply

Who is online

Users browsing this forum: AhrefsBot, Aliver, bigkorban, coreytrigun, ctl3d32, DotBot, flarejune, Google [Bot], Google Adsense [Bot], Ninomae Tako'nis