HELLDIVERS 2

[gir489]

Why does the damage mod effect melee i cannot do any melee damage when its turned on?

Fixed.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[Beanguy420]

Why does the damage mod effect melee i cannot do any melee damage when its turned on?

So the id for melee is 333. thanks.
Fixed.

[gir489]

Why does the damage mod effect melee i cannot do any melee damage when its turned on?

Fixed.

So the id for melee is 333. thanks.

The throwing knife is 388, too. I forgot to add that as well.

[Cogitationis]

Cfemen's page shows "No attachments" for HD2 CT, how did you guys download it??

his patreon lets you join the discord and then the discord lets you download the bypass, then when you install the bypass and launch the game it will open your web browser to the discord page which authenticates you after a few seconds. Then you can open your table of choice, enable stuff, and close it.

[0CrossTrigger0]

Fixed.

So the id for melee is 333. thanks.

The throwing knife is 388, too. I forgot to add that as well.

The super damage doesn't include the Purifier...

[ZoDDeL]

So the id for melee is 333. thanks.

The throwing knife is 388, too. I forgot to add that as well.

The super damage doesn't include the Purifier...

purifier

bullet = 21
explosion = 191


p.s.
instant extraction shuttle cooldown script does not work currently.
maybe gir489 will fix this. i hate searching time float / floats reaching 100% shit

[Bai_88]

The throwing knife is 388, too. I forgot to add that as well.

The super damage doesn't include the Purifier...

purifier

bullet = 21
explosion = 191


p.s.
instant extraction shuttle cooldown script does not work currently.
maybe gir489 will fix this. i hate searching time float / floats reaching 100% shit

Which Code that give super demolition and enemy stagger ??
i remember I do some quick editing on your old table but this new table I forgot which one that give the boost

[ZoDDeL]

Which Code that give super demolition and enemy stagger ??
i remember I do some quick editing on your old table but this new table I forgot which one that give the boost

just search stagger with ctrl+f

[gir489]

instant extraction shuttle cooldown script does not work currently.

I didn't know, because I never use it. I fixed it.

[samipuma]

I remember seeing that you might get flagged if you pick up reqs/medals/Super Creds during a mission because of the lack of gameguard, is that still a fear we should have?

[excilomat]

Anyone know the Pointer for 1st Stratagem change?

And here's the Weapon Edit (credit to gir489)

Code: Select all

{ Game   : helldivers2.exe
  Version: 
  Date   : 2024-03-21
  Author : cfe

  This script does blah blah blah
}
{$c}
extern int *pWeapon;
extern int *pFirerate;
extern int *fSpeed;
char debug_string[400];
extern __cdecl int sprintf(char *, char *, ...);
extern __cdecl void OutputDebugStringA(const char* lpOutputString);
{$asm}

[ENABLE]

globalalloc(fSpeed,4)
fSpeed:
dd (float)2
globalalloc(pWeapon,8)
pWeapon:
dq 0
globalalloc(pFirerate,8)
pFirerate:
dq 0

aobscanmodule(aobReadWeapon3,game.dll,66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0) // should be unique
alloc(newmem4,$1000)

label(code4)
label(return4)

newmem4:

code4:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  // original code start
  movd xmm0,[rax+04]
  mov r8,r14
  mov edx,[r15+0C]
  cvtdq2ps xmm0,xmm0
  // original code end
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return4

aobReadWeapon3:
  jmp far newmem4
  nop
return4:
registersymbol(aobReadWeapon3)

aobscanmodule(aobBlitzerFire,game.dll,0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00) // should be unique
alloc(newmem5,$1000)

label(code5)
label(return5)

newmem5:

code5:
  push rbx
  push rcx
  mov rbx,pFirerate
  lea rcx,[rax-4]
  mov [rbx],rcx
  pop rcx
  pop rbx
  movups xmm1,[rax+10]
  lea rcx,[rbp+000000B0]
  movaps [rbp+000000B0],xmm0
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return5

aobBlitzerFire:
  jmp far newmem5
  nop 4
return5:
registersymbol(aobBlitzerFire)

aobscanmodule(aobBlitzerDamage,game.dll,44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6) // should be unique
alloc(newmem6,$1000)

label(code6)
label(return6)

newmem6:

code6:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  mov r15d,[rdx+24]
  mov rdx,r14
  movd xmm6,[rax+04]
  cvtdq2ps xmm6,xmm6
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return6

aobBlitzerDamage:
  jmp far newmem6
  nop
return6:
registersymbol(aobBlitzerDamage)


aobscanmodule(aobFireRate,game.dll,48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0 0F 11 49 90 0F 10 48 B0 0F 11 41 A0 0F 10 40 C0 0F 11 49 B0 0F 10 48 D0 0F 11 41 C0 0F 10 40 E0 0F 11 49 D0 0F 10 48 F0 0F 11 41 E0 0F 11 49 F0 49 2B D5 75 AE 0F 10 00 0F 10 48 10 0F 11 01 0F 10 40 20 0F 11 49 10 0F 10 48 30 0F 11 41 20 0F 10 40 40 0F 11 49 30 0F 10 48 50) // should be unique
alloc(newmem7,$1000)

label(code7)
label(return7)

newmem7:

code7:
  push rbx
  mov ebx,[rax+8]
  test ebx,ebx
  je short @f
   mov rbx,pFirerate
   mov [rbx],rax
  @@:
  pop rbx
  lea rax,[rax+00000080]
  movups [rcx-80],xmm0
  movups xmm0,[rax-60]
{$ccode}
sprintf(debug_string, "pFirerate_address: %p", (int*)pFirerate);
OutputDebugStringA(debug_string);
{$asm}
  jmp return7

aobFireRate:
  jmp far newmem7
  nop
return7:
registersymbol(aobFireRate)


aobscanmodule(aobReadDMG,game.dll,F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem8,$1000)

label(code8)
label(return8)

newmem8:

code8:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm9,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return8

aobReadDMG:
  jmp far newmem8
  nop 3
return8:
registersymbol(aobReadDMG)

aobscanmodule(aobDamageSpecial,game.dll,F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04) // should be unique
alloc(newmem9,$1000)

label(code9)
label(return9)

newmem9:

code9:
  push rbx
  mov rbx,pWeapon
  mov [rbx],rax
  pop rbx
  movss xmm14,[rbp+000001F8]
  mov r8,r14
  movd xmm0,[rax+04]
{$ccode}
sprintf(debug_string, "pWeapon_address: %p", (int*)pWeapon);
OutputDebugStringA(debug_string);
{$asm}
  jmp return9

aobDamageSpecial:
  jmp far newmem9
  nop 3
return9:
registersymbol(aobDamageSpecial)

[DISABLE]



aobReadWeapon3:
  db 66 0F 6E 40 04 4D 8B C6 41 8B 57 0C 0F 5B C0

unregistersymbol(aobReadWeapon3)
dealloc(newmem4)


aobBlitzerFire:
  db 0F 10 48 10 48 8D 8D B0 00 00 00 0F 29 85 B0 00 00 00

unregistersymbol(aobBlitzerFire)
dealloc(newmem5)

aobBlitzerDamage:
  db 44 8B 7A 24 49 8B D6 66 0F 6E 70 04 0F 5B F6

unregistersymbol(aobBlitzerDamage)
dealloc(newmem6)



{
// ORIGINAL CODE - INJECTION POINT: game.dll+CFDA33

game.dll+CFDA0A: 8B 85 F0 00 00 00        - mov eax,[rbp+000000F0]
game.dll+CFDA10: 48 89 54 24 60           - mov [rsp+60],rdx
game.dll+CFDA15: 85 C0                    - test eax,eax
game.dll+CFDA17: 74 08                    - je game.dll+CFDA21
game.dll+CFDA19: 4D 8B AC C0 70 FD C9 01  - mov r13,[r8+rax*8+01C9FD70]
game.dll+CFDA21: 8B 4A 3C                 - mov ecx,[rdx+3C]
game.dll+CFDA24: 49 8B C6                 - mov rax,r14
game.dll+CFDA27: 85 C9                    - test ecx,ecx
game.dll+CFDA29: 74 08                    - je game.dll+CFDA33
game.dll+CFDA2B: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
// ---------- INJECTING HERE ----------
game.dll+CFDA33: 41 8B 7D 3C              - mov edi,[r13+3C]
// ---------- DONE INJECTING  ----------
game.dll+CFDA37: 49 8B D6                 - mov rdx,r14
game.dll+CFDA3A: 66 0F 6E 70 04           - movd xmm6,[rax+04]
game.dll+CFDA3F: 0F 5B F6                 - cvtdq2ps xmm6,xmm6
game.dll+CFDA42: 85 FF                    - test edi,edi
game.dll+CFDA44: 74 08                    - je game.dll+CFDA4E
game.dll+CFDA46: 49 8B 94 F8 80 F0 C9 01  - mov rdx,[r8+rdi*8+01C9F080]
game.dll+CFDA4E: 49 8B C6                 - mov rax,r14
game.dll+CFDA51: 85 C9                    - test ecx,ecx
game.dll+CFDA53: 74 08                    - je game.dll+CFDA5D
game.dll+CFDA55: 49 8B 84 C8 80 F0 C9 01  - mov rax,[r8+rcx*8+01C9F080]
}
aobFireRate:
  db 48 8D 80 80 00 00 00 0F 11 41 80 0F 10 40 A0

unregistersymbol(aobFireRate)
dealloc(newmem7)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04C9E

game.dll+D04C6B: 45 0F 57 C0                       - xorps xmm8,xmm8
game.dll+D04C6F: 4D 85 DB                          - test r11,r11
game.dll+D04C72: 0F 84 35 2B 00 00                 - je game.dll+D077AD
game.dll+D04C78: 49 8B C3                          - mov rax,r11
game.dll+D04C7B: 48 8D 8D F0 01 00 00              - lea rcx,[rbp+000001F0]
game.dll+D04C82: 41 8B D4                          - mov edx,r12d
game.dll+D04C85: 66 66 66 0F 1F 84 00 00 00 00 00  - nop word ptr [rax+rax+00000000]
game.dll+D04C90: 48 8D 89 80 00 00 00              - lea rcx,[rcx+00000080]
game.dll+D04C97: 0F 10 00                          - movups xmm0,[rax]
game.dll+D04C9A: 0F 10 48 10                       - movups xmm1,[rax+10]
// ---------- INJECTING HERE ----------
game.dll+D04C9E: 48 8D 80 80 00 00 00              - lea rax,[rax+00000080]
// ---------- DONE INJECTING  ----------
game.dll+D04CA5: 0F 11 41 80                       - movups [rcx-80],xmm0
game.dll+D04CA9: 0F 10 40 A0                       - movups xmm0,[rax-60]
game.dll+D04CAD: 0F 11 49 90                       - movups [rcx-70],xmm1
game.dll+D04CB1: 0F 10 48 B0                       - movups xmm1,[rax-50]
game.dll+D04CB5: 0F 11 41 A0                       - movups [rcx-60],xmm0
game.dll+D04CB9: 0F 10 40 C0                       - movups xmm0,[rax-40]
game.dll+D04CBD: 0F 11 49 B0                       - movups [rcx-50],xmm1
game.dll+D04CC1: 0F 10 48 D0                       - movups xmm1,[rax-30]
game.dll+D04CC5: 0F 11 41 C0                       - movups [rcx-40],xmm0
game.dll+D04CC9: 0F 10 40 E0                       - movups xmm0,[rax-20]
}
aobReadDMG:
  db F3 44 0F 10 8D F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobReadDMG)
dealloc(newmem8)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D06A0C

game.dll+D069E3: 8B 85 90 05 00 00           - mov eax,[rbp+00000590]
game.dll+D069E9: 85 C0                       - test eax,eax
game.dll+D069EB: 74 08                       - je game.dll+D069F5
game.dll+D069ED: 4D 8B BC C1 80 7D CA 01     - mov r15,[r9+rax*8+01CA7D80]
game.dll+D069F5: 8B 4F 3C                    - mov ecx,[rdi+3C]
game.dll+D069F8: 49 8B C6                    - mov rax,r14
game.dll+D069FB: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D06A00: 85 C9                       - test ecx,ecx
game.dll+D06A02: 74 08                       - je game.dll+D06A0C
game.dll+D06A04: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D06A0C: F3 44 0F 10 8D F8 01 00 00  - movss xmm9,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D06A15: 4D 8B C6                    - mov r8,r14
game.dll+D06A18: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D06A1D: 41 0F 28 C9                 - movaps xmm1,xmm9
game.dll+D06A21: 41 8B 57 3C                 - mov edx,[r15+3C]
game.dll+D06A25: F3 44 0F 11 4C 24 50        - movss [rsp+50],xmm9
game.dll+D06A2C: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D06A31: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D06A34: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D06A38: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D06A3E: 85 D2                       - test edx,edx
}
aobDamageSpecial:
  db F3 44 0F 10 B5 F8 01 00 00 4D 8B C6 66 0F 6E 40 04

unregistersymbol(aobDamageSpecial)
dealloc(newmem9)

{
// ORIGINAL CODE - INJECTION POINT: game.dll+D04F27

game.dll+D04EFD: 8B 85 F0 00 00 00           - mov eax,[rbp+000000F0]
game.dll+D04F03: 85 C0                       - test eax,eax
game.dll+D04F05: 74 08                       - je game.dll+D04F0F
game.dll+D04F07: 49 8B BC C1 80 7D CA 01     - mov rdi,[r9+rax*8+01CA7D80]
game.dll+D04F0F: 41 8B 4D 3C                 - mov ecx,[r13+3C]
game.dll+D04F13: 49 8B C6                    - mov rax,r14
game.dll+D04F16: 44 89 64 24 20              - mov [rsp+20],r12d
game.dll+D04F1B: 85 C9                       - test ecx,ecx
game.dll+D04F1D: 74 08                       - je game.dll+D04F27
game.dll+D04F1F: 49 8B 84 C9 90 70 CA 01     - mov rax,[r9+rcx*8+01CA7090]
// ---------- INJECTING HERE ----------
game.dll+D04F27: F3 44 0F 10 B5 F8 01 00 00  - movss xmm14,[rbp+000001F8]
// ---------- DONE INJECTING  ----------
game.dll+D04F30: 4D 8B C6                    - mov r8,r14
game.dll+D04F33: 66 0F 6E 40 04              - movd xmm0,[rax+04]
game.dll+D04F38: 41 0F 28 CE                 - movaps xmm1,xmm14
game.dll+D04F3C: 8B 57 3C                    - mov edx,[rdi+3C]
game.dll+D04F3F: F3 44 0F 11 74 24 4C        - movss [rsp+4C],xmm14
game.dll+D04F46: F3 41 0F 5E CA              - divss xmm1,xmm10
game.dll+D04F4B: 0F 5B C0                    - cvtdq2ps xmm0,xmm0
game.dll+D04F4E: F3 0F 59 C1                 - mulss xmm0,xmm1
game.dll+D04F52: F3 0F 11 44 24 24           - movss [rsp+24],xmm0
game.dll+D04F58: 85 D2                       - test edx,edx
}

yo i don't know whats happening here but changing the "FireRate base" changes the Projectile effect as a whole .. suddenly i was shooting Hellbombs or Exosuit Rockets or Bile
Tested with PLAS-1 Scorcher

[gir489]

I remember seeing that you might get flagged if you pick up reqs/medals/Super Creds during a mission because of the lack of gameguard, is that still a fear we should have?

While they could deterministically figure out you have game guard disabled (and potentially enact some kind of automated ban system based on that information), there currently is no system in place for this. The only thing that occurs as of right now for disabling game guard, is they just harass you, by freezing the game momentarily or permanently depending on several factors. In terms of difficulty in bypassing, GG ranks a 4. It's too invasive for what it is, and really abuses a lot of things to accomplish its goals, whereas moderate anti-cheats like EAC only require just a driver and not a rootkit. BattleEye and EAC comparatively rank about a 9. However, fully defeating GG ranks also a 9, as there are so many layers of obfuscation, it tries the same spiel that Rockstar does, where it lulls you into a false sense of accomplishment, by appearing to not be banned, yet Rockstar has you clocked from the start, and they ban you in waves. It's how they deal with sophisticated cheats like 2take1 and Stand. Anyone can basically just punch the anti-cheat in the mouth and make it shut up, but Rockstar has figured out other ways to clock and ban people. YimMenu, a cheat that I actively work on has a similar anti-cheat defeat method, however, we had a huge ban wave as well.

TL;DR: Not currently.

[XxDarkus101Xx]

I don’t know if I already asked this or what but no reload works for the recoiless rifle when you have the backpack on your back but it does not work for the airburst rocket launcher. Anybody know why? Has anyone tried to figure out a solution?

[0CrossTrigger0]

The throwing knife is 388, too. I forgot to add that as well.

The super damage doesn't include the Purifier...

purifier

bullet = 21
explosion = 191


p.s.
instant extraction shuttle cooldown script does not work currently.
maybe gir489 will fix this. i hate searching time float / floats reaching 100% shit

How do I add this one on the ct? Idk how

[mihete]

So, it's normal my game freezes momentarily after picking medals and SCs? I'm using Zodd's table and and the bypass he provided (thanks btw!).