State of Decay 2 - Windows Store (Legit)

Upload your cheat tables here (No requests)
Post Reply
zjkzjy
Noobzor
Noobzor
Posts: 6
Joined: Fri Mar 03, 2017 12:42 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by zjkzjy »

isosplx wrote:
Tue Jul 12, 2022 7:05 am
aanpsx wrote:
Fri Jul 08, 2022 12:47 pm
 Well...
...
...
Modified your table for clarity and additional options.
Hope this Helps.

...Updated
The game stops working :|

How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1
Top
User avatar
isosplx
Expert Cheater
Expert Cheater
Posts: 174
Joined: Mon Sep 14, 2020 2:57 am
Reputation: 82

Re: State of Decay 2 - Windows Store (Legit)

Post by isosplx »

zjkzjy wrote:
Sun Aug 07, 2022 11:47 am
isosplx wrote:
Tue Jul 12, 2022 7:05 am
aanpsx wrote:
Fri Jul 08, 2022 12:47 pm
 Well...
...
...
Modified your table for clarity and additional options.
Hope this Helps.

...Updated
The game stops working :|
Likewise
Top
kaka50
Expert Cheater
Expert Cheater
Posts: 59
Joined: Sat Aug 19, 2017 3:24 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by kaka50 »

Thank you
Top
picture
What is cheating?
What is cheating?
Posts: 4
Joined: Sun May 21, 2017 7:21 am
Reputation: 1

Re: State of Decay 2 - Windows Store (Legit)

Post by picture »

plz Update 30
Top
IvanMoody
Noobzor
Noobzor
Posts: 7
Joined: Sat Feb 23, 2019 3:17 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by IvanMoody »

BSWoolfe wrote:
Sun Jul 17, 2022 7:05 pm
IvanMoody wrote:
Sat Jul 16, 2022 11:23 am
 Brow, you're a legend!!! I've been searching a useful table like this for weeks. I was givin up already...
I still need to try to see if actually works in my game, but I reckon it will =)
I can confirm that the table works on the latest version of the game. Checked what is called "on yourself".
Yeah, it was working indeed.
Unfortunately Update 30: Forever Communities is not compatible anymore = /

It was good though, while it lasted.
Just waiting and hopefully someone will update the table and will start working again =D
Top
IvanMoody
Noobzor
Noobzor
Posts: 7
Joined: Sat Feb 23, 2019 3:17 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by IvanMoody »

aanpsx wrote:
Fri Jul 08, 2022 12:47 pm
 Well...
Image
Hey, nice job man.
Your table was really amazing, I used it a lot! Unfortunately Update 30: Forever Communities made it obsolete. If you can update it, you do have my vote.
Stay safe, man 8-) :D
Top
User avatar
isosplx
Expert Cheater
Expert Cheater
Posts: 174
Joined: Mon Sep 14, 2020 2:57 am
Reputation: 82

Re: State of Decay 2 - Windows Store (Legit)

Post by isosplx »

IvanMoody wrote:
Tue Aug 23, 2022 6:58 am
 Hey, nice job man.
Your table was really amazing, I used it a lot! Unfortunately Update 30: Forever Communities made it obsolete. If you can update it, you do have my vote.
Stay safe, man 8-) :D
Here is a semi-table.
Some of the Inventory Options might crash the game, such as Keeping x999 Stack Activate while playing.
Attachments
StateOfDecay2-Win64-Shipping.CT
Gray Options Do Not Work. Some Inventory Options Might Crash Game.
(315.45 KiB) Downloaded 1822 times
Top
IvanMoody
Noobzor
Noobzor
Posts: 7
Joined: Sat Feb 23, 2019 3:17 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by IvanMoody »

isosplx wrote:
Wed Aug 24, 2022 3:03 am
 Here is a semi-table.
Some of the Inventory Options might crash the game, such as Keeping x999 Stack Activate while playing.
It's working again.
For everyone looking for a working table compatible with the Update 30: Forever Communities, this is the one!

Credits to Isosplx for that.
Top
User avatar
isosplx
Expert Cheater
Expert Cheater
Posts: 174
Joined: Mon Sep 14, 2020 2:57 am
Reputation: 82

Re: State of Decay 2 - Windows Store (Legit)

Post by isosplx »

IvanMoody wrote:
Wed Aug 24, 2022 7:52 am
isosplx wrote:
Wed Aug 24, 2022 3:03 am
 Here is a semi-table.
Some of the Inventory Options might crash the game, such as Keeping x999 Stack Activate while playing.
It's working again.
For everyone looking for a working table compatible with the Update 30: Forever Communities, this is the one!

Credits to Isosplx for that.
All credit be to the most High, and the table makers.
Top
Alberkicki
Noobzor
Noobzor
Posts: 5
Joined: Fri Aug 26, 2022 7:43 am
Reputation: 1

Re: State of Decay 2 - Windows Store (Legit)

Post by Alberkicki »

just a heads up "no blood plague" is broken, it doesnt display the progression but your survivors still contract it. i've had four survivors die of blood plague with the cheat active.
Top
IvanMoody
Noobzor
Noobzor
Posts: 7
Joined: Sat Feb 23, 2019 3:17 pm
Reputation: 6

Re: State of Decay 2 - Windows Store (Legit)

Post by IvanMoody »

Alberkicki wrote:
Fri Aug 26, 2022 7:45 am
 just a heads up "no blood plague" is broken, it doesnt display the progression but your survivors still contract it. i've had four survivors die of blood plague with the cheat active.
That's weird. It works fine for me.
The only things I miss are the Max Skill and the Teleport Feature.
Last edited by IvanMoody on Mon Sep 05, 2022 9:31 am, edited 1 time in total.
Top
picture
What is cheating?
What is cheating?
Posts: 4
Joined: Sun May 21, 2017 7:21 am
Reputation: 1

Re: State of Decay 2 - Windows Store (Legit)

Post by picture »

Ranged weapon is broken for me.
Top
Nhut_uraki
What is cheating?
What is cheating?
Posts: 1
Joined: Fri Sep 02, 2022 4:27 pm
Reputation: 0

Re: State of Decay 2 - Windows Store (Legit)

Post by Nhut_uraki »

IvanMoody wrote:
Fri Sep 02, 2022 4:58 am
Alberkicki wrote:
Fri Aug 26, 2022 7:45 am
 just a heads up "no blood plague" is broken, it doesnt display the progression but your survivors still contract it. i've had four survivors die of blood plague with the cheat active.
Thats weird. I works fine for me.
The only things I miss are the Max Skill and the Teleport Feature.
instant loot
instant survey
show zombieon map
inf durability weapon
inf ammo
zero weight
instant creation and update
instant max skill

that not working!
Top
User avatar
xXLashkeXx
Expert Cheater
Expert Cheater
Posts: 86
Joined: Mon May 22, 2017 4:08 pm
Reputation: 63

Re: State of Decay 2 - Windows Store (Legit)

Post by xXLashkeXx »

Nhut_uraki wrote:
Fri Sep 02, 2022 4:37 pm
 instant loot
instant survey
show zombieon map
inf durability weapon
inf ammo
zero weight
instant creation and update
instant max skill

that not working!
Show Zombies on mini Map

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-24
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}
define(Yes_Map1,db 40 B6 01 90)
define(No_Map1,db 40 0F 93 C6)
define(Yes_Map3,db 90 90)
define(No_Map3,db 74 04)
define(bytes_Map2,db 48 8B 0C 0F E8 60 86 FB FF)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

aobscanmodule(PSX_Map2,$process,48 8B 0C 0F E8 ** ** ** ** 0F B6 C8 40 84 F6)//StateOfDecay2-Win64-Shipping.exe+712DD7
alloc(newmem_Map2,$1000,PSX_Map2)
label(code_Map2,_Map2)
registersymbol(PSX_Map2,code_Map2,_Map2)
newmem_Map2:
  mov [_Map2],rcx  //main pointer
  mov [_Map2+8],rax
  mov [_Map2+10],rbx
  mov [_Map2+18],rcx
  mov [_Map2+20],rdx
  mov [_Map2+28],rdi
  mov [_Map2+30],rsi
  mov [_Map2+38],r8
  mov [_Map2+40],r9
  mov [_Map2+48],r10
  mov [_Map2+50],r11
  mov [_Map2+58],r12
  mov [_Map2+60],r13
  mov [_Map2+68],r14
  mov [_Map2+70],r15
//================== inject here
  mov rcx,[rdi+rcx]
  mov eax,0
  jmp return_Map2
exit_Map2:
//==================
  //mov rax,[_Map2+8]
  //mov rbx,[_Map2+10]
  //mov rcx,[_Map2+18]
  //mov rdx,[_Map2+20]
  //mov rdi,[_Map2+28]
  //mov rsi,[_Map2+30]
  //mov r8,[_Map2+38]
  //mov r9,[_Map2+40]
  //mov r10,[_Map2+48]
  //mov r11,[_Map2+50]
  //mov r12,[_Map2+58]
  //mov r13,[_Map2+60]
  //mov r14,[_Map2+68]
  //mov r15,[_Map2+70]
//==================
code_Map2:
  readmem(PSX_Map2,9)
//mov rcx,[rdi+rcx]
//call StateOfDecay2-Win64-Shipping.exe+6CB440
  jmp return_Map2
  psx
_Map2:
  8b
PSX_Map2:
  jmp newmem_Map2
  nop 4
return_Map2:
//
//aobscanmodule(PSX_Map1,$process,44 0F 2F C6 40 0F 93 C6 48 8B 8B)//40 0F 93 C6 48 8B 8B ** ** ** ** 48 8B 0C 0F) //StateOfDecay2-Win64-Shipping.exe+712DCC -- Original Code
aobscanmodule(PSX_Map1,$process,44 0F 2F C6 40 0F 93) //Temporary Fix
registersymbol(PSX_Map1)
PSX_Map1+4:
  Yes_Map1
//
aobscanmodule(PSX_Map3,$process,74 04 B0 01 EB 02 32 C0 40 84 F6 75 22)//StateOfDecay2-Win64-Shipping.exe+712DF2
registersymbol(PSX_Map3)
PSX_Map3:
  Yes_Map3

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Map2,code_Map2,_Map2)
//dealloc(newmem_Map2)
PSX_Map2:
  readmem(code_Map2,9)
//mov rcx,[rdi+rcx]
//call StateOfDecay2-Win64-Shipping.exe+6CB440
unregistersymbol(PSX_Map1)
PSX_Map1+4:
  No_Map1
unregistersymbol(PSX_Map3)
PSX_Map3:
  No_Map3

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DD7

StateOfDecay2-Win64-Shipping.exe+712D80: F3 0F 10 44 24 44     - movss xmm0,[rsp+44]
StateOfDecay2-Win64-Shipping.exe+712D86: F3 0F 5C 45 C4        - subss xmm0,[rbp-3C]
StateOfDecay2-Win64-Shipping.exe+712D8B: F3 0F 10 74 24 40     - movss xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712D91: F3 0F 5C 75 C0        - subss xmm6,[rbp-40]
StateOfDecay2-Win64-Shipping.exe+712D96: F3 0F 59 F6           - mulss xmm6,xmm6
StateOfDecay2-Win64-Shipping.exe+712D9A: F3 0F 59 C0           - mulss xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+712D9E: F3 0F 58 F0           - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+712DA2: 48 8B 0C 0F           - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF        - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0           - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60              - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10     - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05                 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE              - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04                 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6           - comiss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6           - setae sil
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F           - mov rcx,[rdi+rcx]
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF        - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8              - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C                 - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00     - cmp [rbx+000007A8],al
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01                 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02                 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0                 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4              - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D                 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9                 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00     - cmp [rbx+000007A8],cl
StateOfDecay2-Win64-Shipping.exe+712E0E: 74 11                 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E10: 4D 8B C5              - mov r8,r13
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DCC

StateOfDecay2-Win64-Shipping.exe+712D77: F2 0F 10 00           - movsd xmm0,[rax]
StateOfDecay2-Win64-Shipping.exe+712D7B: F2 0F 11 45 C0        - movsd [rbp-40],xmm0
StateOfDecay2-Win64-Shipping.exe+712D80: F3 0F 10 44 24 44     - movss xmm0,[rsp+44]
StateOfDecay2-Win64-Shipping.exe+712D86: F3 0F 5C 45 C4        - subss xmm0,[rbp-3C]
StateOfDecay2-Win64-Shipping.exe+712D8B: F3 0F 10 74 24 40     - movss xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712D91: F3 0F 5C 75 C0        - subss xmm6,[rbp-40]
StateOfDecay2-Win64-Shipping.exe+712D96: F3 0F 59 F6           - mulss xmm6,xmm6
StateOfDecay2-Win64-Shipping.exe+712D9A: F3 0F 59 C0           - mulss xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+712D9E: F3 0F 58 F0           - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+712DA2: 48 8B 0C 0F           - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF        - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0           - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60              - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10     - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05                 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE              - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04                 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6           - comiss xmm8,xmm6
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6           - setae sil
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F           - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF        - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8              - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C                 - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00     - cmp [rbx+000007A8],al
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01                 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02                 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0                 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4              - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D                 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9                 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00     - cmp [rbx+000007A8],cl
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DF2

StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF        - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0           - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60              - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10     - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05                 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE              - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04                 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6           - comiss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6           - setae sil
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F           - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF        - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8              - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0                 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C                 - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00     - cmp [rbx+000007A8],al
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04                 - je StateOfDecay2-Win64-Shipping.exe+712DF8
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01                 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02                 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0                 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6              - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4              - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D                 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9                 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19                 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00     - cmp [rbx+000007A8],cl
StateOfDecay2-Win64-Shipping.exe+712E0E: 74 11                 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E10: 4D 8B C5              - mov r8,r13
StateOfDecay2-Win64-Shipping.exe+712E13: 48 8D 54 24 40        - lea rdx,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712E18: 48 8B 4D D0           - mov rcx,[rbp-30]
StateOfDecay2-Win64-Shipping.exe+712E1C: E8 9F 16 F6 FF        - call StateOfDecay2-Win64-Shipping.exe+6744C0
StateOfDecay2-Win64-Shipping.exe+712E21: 48 8B 8B A0 06 00 00  - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712E28: 33 F6                 - xor esi,esi
StateOfDecay2-Win64-Shipping.exe+712E2A: 40 38 74 0F 0E        - cmp [rdi+rcx+0E],sil
StateOfDecay2-Win64-Shipping.exe+712E2F: 0F 84 22 01 00 00     - je StateOfDecay2-Win64-Shipping.exe+712F57
StateOfDecay2-Win64-Shipping.exe+712E35: 84 C0                 - test al,al
}
Instant Creation/Upgrades

Code: Select all

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

//aobscanmodule(aobUpgrade,StateOfDecay2-Win64-Shipping.exe,F3 0F ? ? F3 41 ? ? ? 48 8B ? F3 0F ? ? ? ? 44 8B) //Original Code
aobscanmodule(aobUpgrade,StateOfDecay2-Win64-Shipping.exe,F3 0F 58 C7 F3 41 0F) //Temporary Fix
alloc(newmem,$100,aobUpgrade)

label(code)
label(return)

newmem:
  push 49742400
  movss xmm7,[rsp]
  add rsp,08

code:
  addss xmm0,xmm7
  movss [r15],xmm0
  jmp return

aobUpgrade:
  jmp newmem
  nop 4
return:
registersymbol(aobUpgrade)

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

aobUpgrade:
  db F3 0F 58 C7 F3 41 0F 11 07

unregistersymbol(aobUpgrade)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+40E86F

"StateOfDecay2-Win64-Shipping.exe"+40E844: 49 8B C9              -  mov rcx,r9
"StateOfDecay2-Win64-Shipping.exe"+40E847: E8 84 33 00 00        -  call StateOfDecay2-Win64-Shipping.exe+411BD0
"StateOfDecay2-Win64-Shipping.exe"+40E84C: 90                    -  nop 
"StateOfDecay2-Win64-Shipping.exe"+40E84D: 41 0F 2F F8           -  comiss xmm7,xmm8
"StateOfDecay2-Win64-Shipping.exe"+40E851: 0F 86 F8 00 00 00     -  jbe StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E857: 49 8B 9E 00 FE FF FF  -  mov rbx,[r14-00000200]
"StateOfDecay2-Win64-Shipping.exe"+40E85E: 48 85 DB              -  test rbx,rbx
"StateOfDecay2-Win64-Shipping.exe"+40E861: 0F 84 E8 00 00 00     -  je StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E867: F3 41 0F 10 1F        -  movss xmm3,[r15]
"StateOfDecay2-Win64-Shipping.exe"+40E86C: 0F 28 C3              -  movaps xmm0,xmm3
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+40E86F: F3 0F 58 C7           -  addss xmm0,xmm7
"StateOfDecay2-Win64-Shipping.exe"+40E873: F3 41 0F 11 07        -  movss [r15],xmm0
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+40E878: 48 8B 03              -  mov rax,[rbx]
"StateOfDecay2-Win64-Shipping.exe"+40E87B: F3 0F 11 44 24 20     -  movss [rsp+20],xmm0
"StateOfDecay2-Win64-Shipping.exe"+40E881: 44 8B C7              -  mov r8d,edi
"StateOfDecay2-Win64-Shipping.exe"+40E884: 48 8B D6              -  mov rdx,rsi
"StateOfDecay2-Win64-Shipping.exe"+40E887: 48 8B CB              -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+40E88A: FF 90 38 02 00 00     -  call qword ptr [rax+00000238]
"StateOfDecay2-Win64-Shipping.exe"+40E890: 84 C0                 -  test al,al
"StateOfDecay2-Win64-Shipping.exe"+40E892: 0F 84 B7 00 00 00     -  je StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E898: 49 8B 16              -  mov rdx,[r14]
"StateOfDecay2-Win64-Shipping.exe"+40E89B: 8B 86 C8 07 00 00     -  mov eax,[rsi+000007C8]
}
Quick Survey

Code: Select all

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                              //Original Code
//============================================================================\\
//aobscanmodule(q1,$process,72 1C 0F B6 4B ?? 40 3A CD)
//aobscanmodule(q2,$process,77 16 F3 0F 10 35 ?? ?? ?? ?? 41 B0 01)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Test
//============================================================================\\
//aobscanmodule(q1,$process,72 1C 0F) //B6 4B ?? 40 3A CD)
//aobscanmodule(q2,$process,77 16 F3 0F 10) //35 ?? ?? ?? ?? 41 B0 01)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                              //Temporary Fix
//============================================================================\\
aobscanmodule(q1,$process,90 90 0F 28 CC)
aobscanmodule(q2,$process,90 90 F3 0F 10 46 30)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

q1:
db 90 90
q2:
db 90 90

registersymbol(q1)
registersymbol(q2)

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
Quick Search

Code: Select all

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Original Code
//============================================================================\\
//aobscanmodule(kssg,$process,F3 0F 5F 35 ?? ?? ?? ?? E8 ?? ?? ?? ?? 90)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Temporary Fix
//============================================================================\\
aobscanmodule(kssg,$process,F3 0F 5F 35) //F3 0F 5D 35 35 17 FD 02
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

kssg:
minss xmm6,[StateOfDecay2-Win64-Shipping.exe+335688C]

registersymbol(kssg)

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
Zero Weight

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-10
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

define(Yes_ZeroWeight,db 0F 57 C0 90)
define(No_ZeroWeight,db F3 0F 59 C6)

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Original Code
//============================================================================\\
//aobscanmodule(PSX_ZeroWeight,StateOfDecay2-Win64-Shipping.exe,F3 0F 59 C6 F3 0F 58 ** 49 83 ** 08 ** ** ** ** ** ** 0F 85) //StateOfDecay2-Win64-Shipping.exe+435E20
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Temporary Fix
//============================================================================\\
aobscanmodule(PSX_ZeroWeight,$process,F3 0F 59 C6 F3 0F 58 ** 49 83 **) //0F 57 C0 90 F3 0F 58 F8
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

registersymbol(PSX_ZeroWeight)
PSX_ZeroWeight:
  Yes_ZeroWeight

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

unregistersymbol(PSX_ZeroWeight)
PSX_ZeroWeight:
  No_ZeroWeight

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+435E20

StateOfDecay2-Win64-Shipping.exe+435DD5: 48 8B 49 30              - mov rcx,[rcx+30]
StateOfDecay2-Win64-Shipping.exe+435DD9: 48 85 C9                 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+435DDC: 75 F2                    - jne StateOfDecay2-Win64-Shipping.exe+435DD0
StateOfDecay2-Win64-Shipping.exe+435DDE: 49 8B DC                 - mov rbx,r12
StateOfDecay2-Win64-Shipping.exe+435DE1: 4C 39 A3 00 01 00 00     - cmp [rbx+00000100],r12
StateOfDecay2-Win64-Shipping.exe+435DE8: 75 0C                    - jne StateOfDecay2-Win64-Shipping.exe+435DF6
StateOfDecay2-Win64-Shipping.exe+435DEA: 48 8B 03                 - mov rax,[rbx]
StateOfDecay2-Win64-Shipping.exe+435DED: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+435DF0: FF 90 D0 02 00 00        - call qword ptr [rax+000002D0]
StateOfDecay2-Win64-Shipping.exe+435DF6: 48 8B 8B 00 01 00 00     - mov rcx,[rbx+00000100]
StateOfDecay2-Win64-Shipping.exe+435DFD: 48 8B 01                 - mov rax,[rcx]
StateOfDecay2-Win64-Shipping.exe+435E00: FF 90 30 02 00 00        - call qword ptr [rax+00000230]
StateOfDecay2-Win64-Shipping.exe+435E06: 3C 03                    - cmp al,03
StateOfDecay2-Win64-Shipping.exe+435E08: 75 06                    - jne StateOfDecay2-Win64-Shipping.exe+435E10
StateOfDecay2-Win64-Shipping.exe+435E0A: 41 0F 28 F0              - movaps xmm6,xmm8
StateOfDecay2-Win64-Shipping.exe+435E0E: EB 04                    - jmp StateOfDecay2-Win64-Shipping.exe+435E14
StateOfDecay2-Win64-Shipping.exe+435E10: 41 0F 28 F1              - movaps xmm6,xmm9
StateOfDecay2-Win64-Shipping.exe+435E14: 48 8B 07                 - mov rax,[rdi]
StateOfDecay2-Win64-Shipping.exe+435E17: 48 8B CF                 - mov rcx,rdi
StateOfDecay2-Win64-Shipping.exe+435E1A: FF 90 F0 01 00 00        - call qword ptr [rax+000001F0]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+435E20: F3 0F 59 C6              - mulss xmm0,xmm6
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+435E24: F3 0F 58 F8              - addss xmm7,xmm0
StateOfDecay2-Win64-Shipping.exe+435E28: 49 83 C6 08              - add r14,08
StateOfDecay2-Win64-Shipping.exe+435E2C: 48 FF C5                 - inc rbp
StateOfDecay2-Win64-Shipping.exe+435E2F: 49 3B EF                 - cmp rbp,r15
StateOfDecay2-Win64-Shipping.exe+435E32: 0F 85 58 FF FF FF        - jne StateOfDecay2-Win64-Shipping.exe+435D90
StateOfDecay2-Win64-Shipping.exe+435E38: 48 85 F6                 - test rsi,rsi
StateOfDecay2-Win64-Shipping.exe+435E3B: 74 09                    - je StateOfDecay2-Win64-Shipping.exe+435E46
StateOfDecay2-Win64-Shipping.exe+435E3D: 48 8B CE                 - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+435E40: E8 CB BE A4 00           - call StateOfDecay2-Win64-Shipping.exe+E81D10
StateOfDecay2-Win64-Shipping.exe+435E45: 90                       - nop 
StateOfDecay2-Win64-Shipping.exe+435E46: 0F 28 C7                 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+435E49: EB 03                    - jmp StateOfDecay2-Win64-Shipping.exe+435E4E
StateOfDecay2-Win64-Shipping.exe+435E4B: 0F 57 C0                 - xorps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+435E4E: 4C 8D 9C 24 80 00 00 00  - lea r11,[rsp+00000080]
StateOfDecay2-Win64-Shipping.exe+435E56: 49 8B 5B 30              - mov rbx,[r11+30]
StateOfDecay2-Win64-Shipping.exe+435E5A: 49 8B 6B 40              - mov rbp,[r11+40]
StateOfDecay2-Win64-Shipping.exe+435E5E: 49 8B 73 48              - mov rsi,[r11+48]
StateOfDecay2-Win64-Shipping.exe+435E62: 0F 28 74 24 70           - movaps xmm6,[rsp+70]
StateOfDecay2-Win64-Shipping.exe+435E67: 0F 28 7C 24 60           - movaps xmm7,[rsp+60]
StateOfDecay2-Win64-Shipping.exe+435E6C: 45 0F 28 43 D0           - movaps xmm8,[r11-30]
}
Unlimited Health/Stamina

Code: Select all

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Original Code
//============================================================================\\
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 19)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 69 F8)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 ?9 ?? F? FF)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 ? 48 8B ? E8 ? ? ? ? 44 0F ? ? 44 0F)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

//============================================================================\\
                                //Temporary Fix
//============================================================================\\
aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 ? 48 8B ? E8 ? ? ? ? 44 0F)
//============================================================================\\

/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

alloc(healthCode,$100,aobHealth)

label(code)
label(return)
label(unlimitedHealth)
label(unlimitedStamina)
label(maxToCurrent)
label(ptrRCX)

healthCode:
  cmp [unlimitedHealth],0
  je staminaCode
  lea rcx,[rsi+00000190]//Current Health
  call maxToCurrent

staminaCode:
  cmp [unlimitedStamina],0
  je code
  lea rcx,[rsi+000001B8]//Current Stamina
  call maxToCurrent

code:
  mov dl,01
  mov rcx,rsi
  mov [ptrRCX],rcx
  jmp return

maxToCurrent:
  sub rbx,#20
  movdqu [rbx],xmm0
  movss xmm0,[rcx+0C]
  movss [rcx+08],xmm0
  movdqu xmm0,[rbx]
  add rbx,#20
  ret

unlimitedHealth:
  dd 0

unlimitedStamina:
  dd 0

ptrRCX:
  dd 0

aobHealth:
  jmp healthCode
return:
registersymbol(aobHealth)
registersymbol(unlimitedHealth)
registersymbol(unlimitedStamina)
registersymbol(maxToCurrent)
registersymbol(ptrRCX)

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

aobHealth:
  db B2 01 48 8B CE

unregistersymbol(ptrRCX)
unregistersymbol(maxToCurrent)
unregistersymbol(unlimitedStamina)
unregistersymbol(unlimitedHealth)
unregistersymbol(aobHealth)
dealloc(healthCode)

{ NEW
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+1EFCCD

StateOfDecay2-Win64-Shipping.exe+1EFCA6: 74 0F                    - je StateOfDecay2-Win64-Shipping.exe+1EFCB7
StateOfDecay2-Win64-Shipping.exe+1EFCA8: C6 83 A8 02 00 00 01     - mov byte ptr [rbx+000002A8],01
StateOfDecay2-Win64-Shipping.exe+1EFCAF: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCB2: E8 49 8B 00 00           - call StateOfDecay2-Win64-Shipping.exe+1F8800
StateOfDecay2-Win64-Shipping.exe+1EFCB7: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCBA: E8 C1 68 0B 00           - call StateOfDecay2-Win64-Shipping.exe+2A6580
StateOfDecay2-Win64-Shipping.exe+1EFCBF: 33 D2                    - xor edx,edx
StateOfDecay2-Win64-Shipping.exe+1EFCC1: 48 8B CE                 - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+1EFCC4: E8 87 40 FC FF           - call StateOfDecay2-Win64-Shipping.exe+1B3D50
StateOfDecay2-Win64-Shipping.exe+1EFCC9: 44 0F 28 C8              - movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+1EFCCD: B2 01                    - mov dl,01
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+1EFCCF: 48 8B CE                 - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+1EFCD2: E8 79 40 FC FF           - call StateOfDecay2-Win64-Shipping.exe+1B3D50
StateOfDecay2-Win64-Shipping.exe+1EFCD7: 44 0F 28 D0              - movaps xmm10,xmm0
StateOfDecay2-Win64-Shipping.exe+1EFCDB: 44 0F 2F 8E 18 01 00 00  - comiss xmm9,[rsi+00000118]
StateOfDecay2-Win64-Shipping.exe+1EFCE3: 73 1D                    - jae StateOfDecay2-Win64-Shipping.exe+1EFD02
StateOfDecay2-Win64-Shipping.exe+1EFCE5: 44 38 B3 A9 02 00 00     - cmp [rbx+000002A9],r14l
StateOfDecay2-Win64-Shipping.exe+1EFCEC: 75 1B                    - jne StateOfDecay2-Win64-Shipping.exe+1EFD09
StateOfDecay2-Win64-Shipping.exe+1EFCEE: 48 8B D3                 - mov rdx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCF1: 48 8B CF                 - mov rcx,rdi
StateOfDecay2-Win64-Shipping.exe+1EFCF4: E8 F7 6C 0B 00           - call StateOfDecay2-Win64-Shipping.exe+2A69F0
}

{ OLD
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+2400CD

"StateOfDecay2-Win64-Shipping.exe"+2400A6: 74 0F                    -  je StateOfDecay2-Win64-Shipping.exe+2400B7
"StateOfDecay2-Win64-Shipping.exe"+2400A8: C6 83 A0 02 00 00 01     -  mov byte ptr [rbx+000002A0],01
"StateOfDecay2-Win64-Shipping.exe"+2400AF: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400B2: E8 79 B0 00 00           -  call StateOfDecay2-Win64-Shipping.exe+24B130
"StateOfDecay2-Win64-Shipping.exe"+2400B7: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400BA: E8 C1 7E 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+2F7F80
"StateOfDecay2-Win64-Shipping.exe"+2400BF: 33 D2                    -  xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+2400C1: 48 8B CE                 -  mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+2400C4: E8 27 50 FC FF           -  call StateOfDecay2-Win64-Shipping.exe+2050F0
"StateOfDecay2-Win64-Shipping.exe"+2400C9: 44 0F 28 C8              -  movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+2400CD: B2 01                    -  mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+2400CF: 48 8B CE                 -  mov rcx,rsi
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+2400D2: E8 19 50 FC FF           -  call StateOfDecay2-Win64-Shipping.exe+2050F0
"StateOfDecay2-Win64-Shipping.exe"+2400D7: 44 0F 28 D0              -  movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+2400DB: 44 0F 2F 8E 18 01 00 00  -  comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+2400E3: 73 1D                    -  jae StateOfDecay2-Win64-Shipping.exe+240102
"StateOfDecay2-Win64-Shipping.exe"+2400E5: 44 38 B3 A1 02 00 00     -  cmp [rbx+000002A1],r14l
"StateOfDecay2-Win64-Shipping.exe"+2400EC: 75 1B                    -  jne StateOfDecay2-Win64-Shipping.exe+240109
"StateOfDecay2-Win64-Shipping.exe"+2400EE: 48 8B D3                 -  mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400F1: 48 8B CF                 -  mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+2400F4: E8 77 82 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+2F8370
"StateOfDecay2-Win64-Shipping.exe"+2400F9: C6 83 A1 02 00 00 01     -  mov byte ptr [rbx+000002A1],01
}

{ OLD
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+243EFD

"StateOfDecay2-Win64-Shipping.exe"+243ED6: 74 0F                    -  je StateOfDecay2-Win64-Shipping.exe+243EE7
"StateOfDecay2-Win64-Shipping.exe"+243ED8: C6 83 A8 02 00 00 01     -  mov byte ptr [rbx+000002A8],01
"StateOfDecay2-Win64-Shipping.exe"+243EDF: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243EE2: E8 69 B1 00 00           -  call StateOfDecay2-Win64-Shipping.exe+24F050
"StateOfDecay2-Win64-Shipping.exe"+243EE7: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243EEA: E8 61 96 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+2FD550
"StateOfDecay2-Win64-Shipping.exe"+243EEF: 33 D2                    -  xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+243EF1: 48 8B CE                 -  mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+243EF4: E8 77 F8 FB FF           -  call StateOfDecay2-Win64-Shipping.exe+203770
"StateOfDecay2-Win64-Shipping.exe"+243EF9: 44 0F 28 C8              -  movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+243EFD: B2 01                    -  mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+243EFF: 48 8B CE                 -  mov rcx,rsi
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+243F02: E8 69 F8 FB FF           -  call StateOfDecay2-Win64-Shipping.exe+203770
"StateOfDecay2-Win64-Shipping.exe"+243F07: 44 0F 28 D0              -  movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+243F0B: 44 0F 2F 8E 18 01 00 00  -  comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+243F13: 73 1D                    -  jae StateOfDecay2-Win64-Shipping.exe+243F32
"StateOfDecay2-Win64-Shipping.exe"+243F15: 44 38 B3 A9 02 00 00     -  cmp [rbx+000002A9],r14l
"StateOfDecay2-Win64-Shipping.exe"+243F1C: 75 1B                    -  jne StateOfDecay2-Win64-Shipping.exe+243F39
"StateOfDecay2-Win64-Shipping.exe"+243F1E: 48 8B D3                 -  mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243F21: 48 8B CF                 -  mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+243F24: E8 17 9A 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+2FD940
"StateOfDecay2-Win64-Shipping.exe"+243F29: C6 83 A9 02 00 00 01     -  mov byte ptr [rbx+000002A9],01
}

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+1E528D

B2 01 48 8B CE E8 19 50 FC FF

B2 01 48 8B CE E8 69 F8 FB FF

B2 01 48 8B CE E8 79 ED FB FF

B2 01 48 8B CE E8 ?9 ?? F? FF

"StateOfDecay2-Win64-Shipping.exe"+1E5266: 74 0F                    -  je StateOfDecay2-Win64-Shipping.exe+1E5277
"StateOfDecay2-Win64-Shipping.exe"+1E5268: C6 83 A8 02 00 00 01     -  mov byte ptr [rbx+000002A8],01
"StateOfDecay2-Win64-Shipping.exe"+1E526F: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E5272: E8 19 B2 00 00           -  call StateOfDecay2-Win64-Shipping.exe+1F0490
"StateOfDecay2-Win64-Shipping.exe"+1E5277: 48 8B CB                 -  mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E527A: E8 81 94 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+29E700
"StateOfDecay2-Win64-Shipping.exe"+1E527F: 33 D2                    -  xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+1E5281: 48 8B CE                 -  mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+1E5284: E8 87 ED FB FF           -  call StateOfDecay2-Win64-Shipping.exe+1A4010
"StateOfDecay2-Win64-Shipping.exe"+1E5289: 44 0F 28 C8              -  movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+1E528D: B2 01                    -  mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+1E528F: 48 8B CE                 -  mov rcx,rsi
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+1E5292: E8 79 ED FB FF           -  call StateOfDecay2-Win64-Shipping.exe+1A4010
"StateOfDecay2-Win64-Shipping.exe"+1E5297: 44 0F 28 D0              -  movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+1E529B: 44 0F 2F 8E 18 01 00 00  -  comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+1E52A3: 73 1D                    -  jae StateOfDecay2-Win64-Shipping.exe+1E52C2
"StateOfDecay2-Win64-Shipping.exe"+1E52A5: 44 38 B3 A9 02 00 00     -  cmp [rbx+000002A9],r14l
"StateOfDecay2-Win64-Shipping.exe"+1E52AC: 75 1B                    -  jne StateOfDecay2-Win64-Shipping.exe+1E52C9
"StateOfDecay2-Win64-Shipping.exe"+1E52AE: 48 8B D3                 -  mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E52B1: 48 8B CF                 -  mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+1E52B4: E8 37 98 0B 00           -  call StateOfDecay2-Win64-Shipping.exe+29EAF0
"StateOfDecay2-Win64-Shipping.exe"+1E52B9: C6 83 A9 02 00 00 01     -  mov byte ptr [rbx+000002A9],01
}
No Recoil

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-24
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

define(Yes_NoRecoil,db 1C)
define(No_NoRecoil,db 24)

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

aobscanmodule(PSX_NoRecoil,$process,F3 ** ** ** ** ** ** ** 0F 28 ** E8 ** ** ** ** 44 0F ** ** 0F 28 ** F3 ** ** ** ** E8)//F3 0F 10 B3 24 01 00 00 0F 28 C7)//StateOfDecay2-Win64-Shipping.exe+6079EA
registersymbol(PSX_NoRecoil)
PSX_NoRecoil+4:
  Yes_NoRecoil

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

unregistersymbol(PSX_NoRecoil)
PSX_NoRecoil+4:
  No_NoRecoil

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+6079EA

StateOfDecay2-Win64-Shipping.exe+607988: 74 0A                    - je StateOfDecay2-Win64-Shipping.exe+607994
StateOfDecay2-Win64-Shipping.exe+60798A: F3 0F 10 BB 2C 01 00 00  - movss xmm7,[rbx+0000012C]
StateOfDecay2-Win64-Shipping.exe+607992: EB 4E                    - jmp StateOfDecay2-Win64-Shipping.exe+6079E2
StateOfDecay2-Win64-Shipping.exe+607994: F3 0F 10 BB 3C 01 00 00  - movss xmm7,[rbx+0000013C]
StateOfDecay2-Win64-Shipping.exe+60799C: EB 44                    - jmp StateOfDecay2-Win64-Shipping.exe+6079E2
StateOfDecay2-Win64-Shipping.exe+60799E: FF 15 1C 87 D7 02        - call qword ptr [StateOfDecay2-Win64-Shipping.exe+33800C0]
StateOfDecay2-Win64-Shipping.exe+6079A4: 66 0F 6E C0              - movd xmm0,eax
StateOfDecay2-Win64-Shipping.exe+6079A8: 0F 5B C0                 - cvtdq2ps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+6079AB: 40 84 F6                 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+6079AE: 74 12                    - je StateOfDecay2-Win64-Shipping.exe+6079C2
StateOfDecay2-Win64-Shipping.exe+6079B0: F3 0F 10 8B 2C 01 00 00  - movss xmm1,[rbx+0000012C]
StateOfDecay2-Win64-Shipping.exe+6079B8: F3 0F 10 BB 34 01 00 00  - movss xmm7,[rbx+00000134]
StateOfDecay2-Win64-Shipping.exe+6079C0: EB 10                    - jmp StateOfDecay2-Win64-Shipping.exe+6079D2
StateOfDecay2-Win64-Shipping.exe+6079C2: F3 0F 10 8B 3C 01 00 00  - movss xmm1,[rbx+0000013C]
StateOfDecay2-Win64-Shipping.exe+6079CA: F3 0F 10 BB 44 01 00 00  - movss xmm7,[rbx+00000144]
StateOfDecay2-Win64-Shipping.exe+6079D2: F3 0F 5C F9              - subss xmm7,xmm1
StateOfDecay2-Win64-Shipping.exe+6079D6: F3 0F 59 F8              - mulss xmm7,xmm0
StateOfDecay2-Win64-Shipping.exe+6079DA: F3 0F 59 FE              - mulss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+6079DE: F3 0F 58 F9              - addss xmm7,xmm1
StateOfDecay2-Win64-Shipping.exe+6079E2: F3 0F 59 3D FA AF DC 02  - mulss xmm7,[StateOfDecay2-Win64-Shipping.exe+33D29E4]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+6079EA: F3 0F 10 B3 24 01 00 00  - movss xmm6,[rbx+00000124]
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+6079F2: 0F 28 C7                 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+6079F5: E8 F2 35 62 02           - call StateOfDecay2-Win64-Shipping.exe+2C2AFEC
StateOfDecay2-Win64-Shipping.exe+6079FA: 44 0F 28 C0              - movaps xmm8,xmm0
StateOfDecay2-Win64-Shipping.exe+6079FE: 0F 28 C7                 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+607A01: F3 44 0F 59 C6           - mulss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+607A06: E8 F9 35 62 02           - call StateOfDecay2-Win64-Shipping.exe+2C2B004
StateOfDecay2-Win64-Shipping.exe+607A0B: 0F 28 7C 24 30           - movaps xmm7,[rsp+30]
StateOfDecay2-Win64-Shipping.exe+607A10: 40 84 F6                 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+607A13: 48 8B 74 24 68           - mov rsi,[rsp+68]
StateOfDecay2-Win64-Shipping.exe+607A18: 48 8B 5C 24 60           - mov rbx,[rsp+60]
StateOfDecay2-Win64-Shipping.exe+607A1D: F3 0F 59 C6              - mulss xmm0,xmm6
StateOfDecay2-Win64-Shipping.exe+607A21: 0F 28 74 24 40           - movaps xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+607A26: 75 07                    - jne StateOfDecay2-Win64-Shipping.exe+607A2F
StateOfDecay2-Win64-Shipping.exe+607A28: 0F 57 05 11 5D DA 02     - xorps xmm0,[StateOfDecay2-Win64-Shipping.exe+33AD740]
StateOfDecay2-Win64-Shipping.exe+607A2F: 41 0F 14 C0              - unpcklps xmm0,xmm8
StateOfDecay2-Win64-Shipping.exe+607A33: 48 8B D7                 - mov rdx,rdi
StateOfDecay2-Win64-Shipping.exe+607A36: 66 49 0F 7E C0           - movq r8,xmm0
StateOfDecay2-Win64-Shipping.exe+607A3B: 48 8B CD                 - mov rcx,rbp
StateOfDecay2-Win64-Shipping.exe+607A3E: E8 FD 45 FF FF           - call StateOfDecay2-Win64-Shipping.exe+5FC040
StateOfDecay2-Win64-Shipping.exe+607A43: 44 0F 28 44 24 20        - movaps xmm8,[rsp+20]
}
Temporary Fixes
Last edited by xXLashkeXx on Sat Sep 03, 2022 1:05 pm, edited 1 time in total.
Top
User avatar
xXLashkeXx
Expert Cheater
Expert Cheater
Posts: 86
Joined: Mon May 22, 2017 4:08 pm
Reputation: 63

Re: State of Decay 2 - Windows Store (Legit)

Post by xXLashkeXx »

xXLashkeXx wrote:
Fri Sep 02, 2022 6:40 pm
 Temporary Fixes
No Sway

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-25
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

define(bytes_Sway,db F3 0F 59 B1 E4 00 00 00)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

aobscanmodule(PSX_Sway,StateOfDecay2-Win64-Shipping.exe,F3 ** ** ** ** ** ** ** F3 ** ** ** F3 ** ** ** F3 ** ** ** F3 ** ** ** ** ** ** ** F3 ** ** ** F3 ** ** ** ** 44 0F ** ** ** ** F3)//F3 0F 59 B1 E4 00 00 00)//StateOfDecay2-Win64-Shipping.exe+620FAF
alloc(newmem_Sway,$1000,PSX_Sway)
label(code_Sway,_Sway)
registersymbol(PSX_Sway,code_Sway,_Sway)
newmem_Sway:
  mov [_Sway],rcx  //main pointer
  mov [_Sway+8],rax
  mov [_Sway+10],rbx
  mov [_Sway+18],rcx
  mov [_Sway+20],rdx
  mov [_Sway+28],rdi
  mov [_Sway+30],rsi
  mov [_Sway+38],r8
  mov [_Sway+40],r9
  mov [_Sway+48],r10
  mov [_Sway+50],r11
  mov [_Sway+58],r12
  mov [_Sway+60],r13
  mov [_Sway+68],r14
  mov [_Sway+70],r15
//================== inject here
  xorps xmm6,xmm6
exit_Sway:
//==================
  //mov rax,[_Sway+8]
  //mov rbx,[_Sway+10]
  //mov rcx,[_Sway+18]
  //mov rdx,[_Sway+20]
  //mov rdi,[_Sway+28]
  //mov rsi,[_Sway+30]
  //mov r8,[_Sway+38]
  //mov r9,[_Sway+40]
  //mov r10,[_Sway+48]
  //mov r11,[_Sway+50]
  //mov r12,[_Sway+58]
  //mov r13,[_Sway+60]
  //mov r14,[_Sway+68]
  //mov r15,[_Sway+70]
//==================
code_Sway:
  readmem(PSX_Sway,8)
//mulss xmm6,[rcx+000000E4]
  jmp return_Sway
  psx
_Sway:
  8b
PSX_Sway:
  jmp newmem_Sway
  nop 3
return_Sway:

[DISABLE]
unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Sway,code_Sway,_Sway)
//dealloc(newmem_Sway)
PSX_Sway:
  readmem(code_Sway,8)
//mulss xmm6,[rcx+000000E4]

{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+620FAF

StateOfDecay2-Win64-Shipping.exe+620F30: F3 0F 10 8C 24 84 00 00 00  - movss xmm1,[rsp+00000084]
StateOfDecay2-Win64-Shipping.exe+620F39: F3 0F 11 87 38 01 00 00     - movss [rdi+00000138],xmm0
StateOfDecay2-Win64-Shipping.exe+620F41: F3 0F 11 8F 4C 01 00 00     - movss [rdi+0000014C],xmm1
StateOfDecay2-Win64-Shipping.exe+620F49: F3 0F 10 BF 34 01 00 00     - movss xmm7,[rdi+00000134]
StateOfDecay2-Win64-Shipping.exe+620F51: 48 8D 8C 24 80 00 00 00     - lea rcx,[rsp+00000080]
StateOfDecay2-Win64-Shipping.exe+620F59: F3 44 0F 10 87 48 01 00 00  - movss xmm8,[rdi+00000148]
StateOfDecay2-Win64-Shipping.exe+620F62: F3 0F 10 B7 18 01 00 00     - movss xmm6,[rdi+00000118]
StateOfDecay2-Win64-Shipping.exe+620F6A: E8 B1 0E 97 00              - call StateOfDecay2-Win64-Shipping.exe+F91E20
StateOfDecay2-Win64-Shipping.exe+620F6F: 48 8B 8F 60 01 00 00        - mov rcx,[rdi+00000160]
StateOfDecay2-Win64-Shipping.exe+620F76: 48 8B AC 24 90 00 00 00     - mov rbp,[rsp+00000090]
StateOfDecay2-Win64-Shipping.exe+620F7E: 48 39 08                    - cmp [rax],rcx
StateOfDecay2-Win64-Shipping.exe+620F81: 7C 4C                       - jl StateOfDecay2-Win64-Shipping.exe+620FCF
StateOfDecay2-Win64-Shipping.exe+620F83: FF 15 37 F1 D5 02           - call qword ptr [StateOfDecay2-Win64-Shipping.exe+33800C0]
StateOfDecay2-Win64-Shipping.exe+620F89: F3 0F 10 87 00 01 00 00     - movss xmm0,[rdi+00000100]
StateOfDecay2-Win64-Shipping.exe+620F91: F3 0F 10 B7 04 01 00 00     - movss xmm6,[rdi+00000104]
StateOfDecay2-Win64-Shipping.exe+620F99: F3 0F 5C F0                 - subss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620F9D: 66 0F 6E D0                 - movd xmm2,eax
StateOfDecay2-Win64-Shipping.exe+620FA1: 48 8B 87 20 01 00 00        - mov rax,[rdi+00000120]
StateOfDecay2-Win64-Shipping.exe+620FA8: 0F 5B D2                    - cvtdq2ps xmm2,xmm2
StateOfDecay2-Win64-Shipping.exe+620FAB: 48 8B 48 28                 - mov rcx,[rax+28]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+620FAF: F3 0F 59 B1 E4 00 00 00     - mulss xmm6,[rcx+000000E4]
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+620FB7: F3 0F 58 F0                 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FBB: F3 0F 5C F0                 - subss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FBF: F3 0F 59 F2                 - mulss xmm6,xmm2
StateOfDecay2-Win64-Shipping.exe+620FC3: F3 0F 59 35 01 1A DB 02     - mulss xmm6,[StateOfDecay2-Win64-Shipping.exe+33D29CC]
StateOfDecay2-Win64-Shipping.exe+620FCB: F3 0F 58 F0                 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FCF: F3 41 0F 5C F9              - subss xmm7,xmm9
StateOfDecay2-Win64-Shipping.exe+620FD4: 44 0F 28 4C 24 30           - movaps xmm9,[rsp+30]
StateOfDecay2-Win64-Shipping.exe+620FDA: F3 45 0F 5C C2              - subss xmm8,xmm10
StateOfDecay2-Win64-Shipping.exe+620FDF: 44 0F 28 54 24 20           - movaps xmm10,[rsp+20]
StateOfDecay2-Win64-Shipping.exe+620FE5: F3 0F 59 FE                 - mulss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+620FE9: F3 44 0F 59 C6              - mulss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+620FEE: 0F 28 C7                    - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+620FF1: 0F 28 7C 24 50              - movaps xmm7,[rsp+50]
StateOfDecay2-Win64-Shipping.exe+620FF6: 41 0F 14 C0                 - unpcklps xmm0,xmm8
StateOfDecay2-Win64-Shipping.exe+620FFA: 44 0F 28 44 24 40           - movaps xmm8,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+621000: F2 0F 11 87 54 01 00 00     - movsd [rdi+00000154],xmm0
StateOfDecay2-Win64-Shipping.exe+621008: F2 0F 11 06                 - movsd [rsi],xmm0
StateOfDecay2-Win64-Shipping.exe+62100C: EB 0C                       - jmp StateOfDecay2-Win64-Shipping.exe+62101A
StateOfDecay2-Win64-Shipping.exe+62100E: F2 0F 10 05 D2 3E 7B 04     - movsd xmm0,[StateOfDecay2-Win64-Shipping.GNavigationMemory+6850]
StateOfDecay2-Win64-Shipping.exe+621016: F2 0F 11 02                 - movsd [rdx],xmm0
}
No Spread

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-10
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

define(bytes_Spread1,db F3 0F 11 83 FC 00 00 00)
define(bytes_Spread2,db F3 0F 11 87 FC 00 00 00)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

aobscanmodule(PSX_Spread1,$process,F3 ** ** ** ** ** ** ** 48 8B ** ** F3 ** ** ** ** ** ** ** 0F 2F)//F3 0F 11 83 FC 00 00 00 48)//StateOfDecay2-Win64-Shipping.exe+580F0B
alloc(newmem_Spread1,$1000,PSX_Spread1)
label(code_Spread1,_Spread1)
registersymbol(PSX_Spread1,code_Spread1,_Spread1)
newmem_Spread1:
  mov [_Spread1],rbx  //main pointer
  mov [_Spread1+8],rax
  mov [_Spread1+10],rbx
  mov [_Spread1+18],rcx
  mov [_Spread1+20],rdx
  mov [_Spread1+28],rdi
  mov [_Spread1+30],rsi
  mov [_Spread1+38],r8
  mov [_Spread1+40],r9
  mov [_Spread1+48],r10
  mov [_Spread1+50],r11
  mov [_Spread1+58],r12
  mov [_Spread1+60],r13
  mov [_Spread1+68],r14
  mov [_Spread1+70],r15
//================== inject here
  mov [rbx+FC],0
  jmp return_Spread1
exit_Spread1:
//==================
  //mov rax,[_Spread1+8]
  //mov rbx,[_Spread1+10]
  //mov rcx,[_Spread1+18]
  //mov rdx,[_Spread1+20]
  //mov rdi,[_Spread1+28]
  //mov rsi,[_Spread1+30]
  //mov r8,[_Spread1+38]
  //mov r9,[_Spread1+40]
  //mov r10,[_Spread1+48]
  //mov r11,[_Spread1+50]
  //mov r12,[_Spread1+58]
  //mov r13,[_Spread1+60]
  //mov r14,[_Spread1+68]
  //mov r15,[_Spread1+70]
//==================
code_Spread1:
  readmem(PSX_Spread1,8)
//movss [rbx+000000FC],xmm0
  jmp return_Spread1
  psx
_Spread1:
  8b
PSX_Spread1:
  jmp newmem_Spread1
  nop 3
return_Spread1:
//
aobscanmodule(PSX_Spread2,$process,F3 ** ** ** ** ** ** ** 0F 28 ** ** ** 48 83 ** ** 5F C3 48 89)//F3 0F 11 87 FC 00 00 00)//StateOfDecay2-Win64-Shipping.exe+59D82D
alloc(newmem_Spread2,$1000,PSX_Spread2)
label(code_Spread2,_Spread2)
registersymbol(PSX_Spread2,code_Spread2,_Spread2)
newmem_Spread2:
  mov [_Spread2],rdi  //main pointer
  mov [_Spread2+8],rax
  mov [_Spread2+10],rbx
  mov [_Spread2+18],rcx
  mov [_Spread2+20],rdx
  mov [_Spread2+28],rdi
  mov [_Spread2+30],rsi
  mov [_Spread2+38],r8
  mov [_Spread2+40],r9
  mov [_Spread2+48],r10
  mov [_Spread2+50],r11
  mov [_Spread2+58],r12
  mov [_Spread2+60],r13
  mov [_Spread2+68],r14
  mov [_Spread2+70],r15
//================== inject here
  mov [rdi+FC],0
  jmp return_Spread2
exit_Spread2:
//==================
  //mov rax,[_Spread2+8]
  //mov rbx,[_Spread2+10]
  //mov rcx,[_Spread2+18]
  //mov rdx,[_Spread2+20]
  //mov rdi,[_Spread2+28]
  //mov rsi,[_Spread2+30]
  //mov r8,[_Spread2+38]
  //mov r9,[_Spread2+40]
  //mov r10,[_Spread2+48]
  //mov r11,[_Spread2+50]
  //mov r12,[_Spread2+58]
  //mov r13,[_Spread2+60]
  //mov r14,[_Spread2+68]
  //mov r15,[_Spread2+70]
//==================
code_Spread2:
  readmem(PSX_Spread2,8)
//movss [rdi+000000FC],xmm0
  jmp return_Spread2
  psx
_Spread2:
  8b
PSX_Spread2:
  jmp newmem_Spread2
  nop 3
return_Spread2:
//

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Spread1,code_Spread1,_Spread1)
//dealloc(newmem_Spread1)
PSX_Spread1:
  readmem(code_Spread1,8)
//movss [rbx+000000FC],xmm0
PSX_Spread2:
  readmem(code_Spread2,8)
//movss [rdi+000000FC],xmm0

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+580F0B

StateOfDecay2-Win64-Shipping.exe+580E92: 48 85 FF                       - test rdi,rdi
StateOfDecay2-Win64-Shipping.exe+580E95: 0F 84 03 01 00 00              - je StateOfDecay2-Win64-Shipping.exe+580F9E
StateOfDecay2-Win64-Shipping.exe+580E9B: 84 D2                          - test dl,dl
StateOfDecay2-Win64-Shipping.exe+580E9D: 74 31                          - je StateOfDecay2-Win64-Shipping.exe+580ED0
StateOfDecay2-Win64-Shipping.exe+580E9F: 48 8B 47 28                    - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580EA3: F3 0F 10 80 94 01 00 00        - movss xmm0,[rax+00000194]
StateOfDecay2-Win64-Shipping.exe+580EAB: F3 0F 58 81 00 01 00 00        - addss xmm0,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+580EB3: 0F 2F 05 72 D4 D8 02           - comiss xmm0,[StateOfDecay2-Win64-Shipping.exe+330E32C]
StateOfDecay2-Win64-Shipping.exe+580EBA: F3 0F 11 81 00 01 00 00        - movss [rcx+00000100],xmm0
StateOfDecay2-Win64-Shipping.exe+580EC2: 76 16                          - jna StateOfDecay2-Win64-Shipping.exe+580EDA
StateOfDecay2-Win64-Shipping.exe+580EC4: C7 81 00 01 00 00 00 00 48 42  - mov [rcx+00000100],42480000
StateOfDecay2-Win64-Shipping.exe+580ECE: EB 0A                          - jmp StateOfDecay2-Win64-Shipping.exe+580EDA
StateOfDecay2-Win64-Shipping.exe+580ED0: C7 81 00 01 00 00 00 00 80 3F  - mov [rcx+00000100],3F800000
StateOfDecay2-Win64-Shipping.exe+580EDA: 48 8B 47 28                    - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580EDE: F3 0F 10 89 00 01 00 00        - movss xmm1,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+580EE6: F3 0F 10 80 8C 01 00 00        - movss xmm0,[rax+0000018C]
StateOfDecay2-Win64-Shipping.exe+580EEE: F3 0F 58 05 16 F1 D6 02        - addss xmm0,[StateOfDecay2-Win64-Shipping.exe+32F000C]
StateOfDecay2-Win64-Shipping.exe+580EF6: E8 03 50 5F 02                 - call StateOfDecay2-Win64-Shipping.exe+2B75EFE
StateOfDecay2-Win64-Shipping.exe+580EFB: F3 0F 5C 05 09 F1 D6 02        - subss xmm0,[StateOfDecay2-Win64-Shipping.exe+32F000C]
StateOfDecay2-Win64-Shipping.exe+580F03: F3 0F 58 83 FC 00 00 00        - addss xmm0,[rbx+000000FC]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+580F0B: F3 0F 11 83 FC 00 00 00        - movss [rbx+000000FC],xmm0
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+580F13: 48 8B 47 28                    - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580F17: F3 0F 10 88 84 01 00 00        - movss xmm1,[rax+00000184]
StateOfDecay2-Win64-Shipping.exe+580F1F: 0F 2F C1                       - comiss xmm0,xmm1
StateOfDecay2-Win64-Shipping.exe+580F22: 76 08                          - jna StateOfDecay2-Win64-Shipping.exe+580F2C
StateOfDecay2-Win64-Shipping.exe+580F24: F3 0F 11 8B FC 00 00 00        - movss [rbx+000000FC],xmm1
StateOfDecay2-Win64-Shipping.exe+580F2C: 8B 83 FC 00 00 00              - mov eax,[rbx+000000FC]
StateOfDecay2-Win64-Shipping.exe+580F32: 0F 57 C9                       - xorps xmm1,xmm1
StateOfDecay2-Win64-Shipping.exe+580F35: 89 83 0C 01 00 00              - mov [rbx+0000010C],eax
StateOfDecay2-Win64-Shipping.exe+580F3B: C7 83 04 01 00 00 00 00 00 00  - mov [rbx+00000104],00000000
StateOfDecay2-Win64-Shipping.exe+580F45: 48 8B 47 28                    - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580F49: F3 0F 10 90 8C 01 00 00        - movss xmm2,[rax+0000018C]
StateOfDecay2-Win64-Shipping.exe+580F51: F3 0F 58 90 7C 01 00 00        - addss xmm2,[rax+0000017C]
StateOfDecay2-Win64-Shipping.exe+580F59: F3 0F 10 98 84 01 00 00        - movss xmm3,[rax+00000184]
StateOfDecay2-Win64-Shipping.exe+580F61: F3 0F 10 A0 9C 01 00 00        - movss xmm4,[rax+0000019C]
StateOfDecay2-Win64-Shipping.exe+580F69: F3 0F 10 80 A4 01 00 00        - movss xmm0,[rax+000001A4]
StateOfDecay2-Win64-Shipping.exe+580F71: F3 0F 5C DA                    - subss xmm3,xmm2
StateOfDecay2-Win64-Shipping.exe+580F75: 0F 2F D9                       - comiss xmm3,xmm1
StateOfDecay2-Win64-Shipping.exe+580F78: 76 10                          - jna StateOfDecay2-Win64-Shipping.exe+580F8A
StateOfDecay2-Win64-Shipping.exe+580F7A: F3 0F 10 8B FC 00 00 00        - movss xmm1,[rbx+000000FC]
StateOfDecay2-Win64-Shipping.exe+580F82: F3 0F 5C CA                    - subss xmm1,xmm2
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+59D82D

StateOfDecay2-Win64-Shipping.exe+59D7CC: 48 8B D0                 - mov rdx,rax
StateOfDecay2-Win64-Shipping.exe+59D7CF: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+59D7D2: 41 FF 90 B8 05 00 00     - call qword ptr [r8+000005B8]
StateOfDecay2-Win64-Shipping.exe+59D7D9: 48 8B C8                 - mov rcx,rax
StateOfDecay2-Win64-Shipping.exe+59D7DC: E8 0F D3 FF FF           - call StateOfDecay2-Win64-Shipping.exe+59AAF0
StateOfDecay2-Win64-Shipping.exe+59D7E1: 48 8B 5C 24 40           - mov rbx,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+59D7E6: 84 C0                    - test al,al
StateOfDecay2-Win64-Shipping.exe+59D7E8: 75 4B                    - jne StateOfDecay2-Win64-Shipping.exe+59D835
StateOfDecay2-Win64-Shipping.exe+59D7EA: F3 0F 10 9F 08 01 00 00  - movss xmm3,[rdi+00000108]
StateOfDecay2-Win64-Shipping.exe+59D7F2: 0F 57 C0                 - xorps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+59D7F5: 0F 2E D8                 - ucomiss xmm3,xmm0
StateOfDecay2-Win64-Shipping.exe+59D7F8: 74 3B                    - je StateOfDecay2-Win64-Shipping.exe+59D835
StateOfDecay2-Win64-Shipping.exe+59D7FA: F3 0F 58 B7 04 01 00 00  - addss xmm6,[rdi+00000104]
StateOfDecay2-Win64-Shipping.exe+59D802: 48 8B 87 10 01 00 00     - mov rax,[rdi+00000110]
StateOfDecay2-Win64-Shipping.exe+59D809: F3 0F 10 8F 0C 01 00 00  - movss xmm1,[rdi+0000010C]
StateOfDecay2-Win64-Shipping.exe+59D811: F3 0F 11 B7 04 01 00 00  - movss [rdi+00000104],xmm6
StateOfDecay2-Win64-Shipping.exe+59D819: 0F 28 C6                 - movaps xmm0,xmm6
StateOfDecay2-Win64-Shipping.exe+59D81C: 48 8B 48 28              - mov rcx,[rax+28]
StateOfDecay2-Win64-Shipping.exe+59D820: F3 0F 10 91 7C 01 00 00  - movss xmm2,[rcx+0000017C]
StateOfDecay2-Win64-Shipping.exe+59D828: E8 93 0C 00 00           - call StateOfDecay2-Win64-Shipping.exe+59E4C0
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+59D82D: F3 0F 11 87 FC 00 00 00  - movss [rdi+000000FC],xmm0
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+59D835: 0F 28 74 24 20           - movaps xmm6,[rsp+20]
StateOfDecay2-Win64-Shipping.exe+59D83A: 48 83 C4 30              - add rsp,30
StateOfDecay2-Win64-Shipping.exe+59D83E: 5F                       - pop rdi
StateOfDecay2-Win64-Shipping.exe+59D83F: C3                       - ret
StateOfDecay2-Win64-Shipping.exe+59D840: 48 89 5C 24 08           - mov [rsp+08],rbx
StateOfDecay2-Win64-Shipping.exe+59D845: 48 89 74 24 10           - mov [rsp+10],rsi
StateOfDecay2-Win64-Shipping.exe+59D84A: 57                       - push rdi
StateOfDecay2-Win64-Shipping.exe+59D84B: 48 83 EC 20              - sub rsp,20
StateOfDecay2-Win64-Shipping.exe+59D84F: 48 8B B1 00 01 00 00     - mov rsi,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+59D856: 48 8B F9                 - mov rdi,rcx
StateOfDecay2-Win64-Shipping.exe+59D859: 8B DA                    - mov ebx,edx
StateOfDecay2-Win64-Shipping.exe+59D85B: 48 8B 4E 30              - mov rcx,[rsi+30]
StateOfDecay2-Win64-Shipping.exe+59D85F: 48 85 C9                 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+59D862: 74 13                    - je StateOfDecay2-Win64-Shipping.exe+59D877
StateOfDecay2-Win64-Shipping.exe+59D864: 48 83 B9 00 01 00 00 00  - cmp qword ptr [rcx+00000100],00
StateOfDecay2-Win64-Shipping.exe+59D86C: 75 09                    - jne StateOfDecay2-Win64-Shipping.exe+59D877
StateOfDecay2-Win64-Shipping.exe+59D86E: 48 8B 01                 - mov rax,[rcx]
StateOfDecay2-Win64-Shipping.exe+59D871: FF 90 D0 02 00 00        - call qword ptr [rax+000002D0]
StateOfDecay2-Win64-Shipping.exe+59D877: 8B D3                    - mov edx,ebx
StateOfDecay2-Win64-Shipping.exe+59D879: 88 5E 5C                 - mov [rsi+5C],bl
}
Silent Shot

Code: Select all

{======================
Author   : aanpsx
Date     : 2021-06-24
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

define(Yes_SilenceGun,db 31 C0 90 90 90 90)
define(No_SilenceGun,db 8B 81 D8 02 00 00)

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

aobscanmodule(PSX_SilenceGun,$process,8B ** ** ** ** ** 41 89 ** C3 ** 40 53 48 83 ** ** 48 8B ** ** 45 33 ** 48 85 ** 49 8B ** 41 0F ** ** 4C ** ** 4C ** ** ** 48 8D ** ** ** E8 ** ** ** ** 48 8B ** 48 89 ** 48 83 ** ** 5B C3 ** ** ** ** ** ** ** ** ** ** ** ** 40 53 48 83 ** ** 48 8B ** ** 45 33 ** 48 85 ** 49 8B ** 41 0F ** ** 4C ** ** 4C ** ** ** E8)//8B 81 D8 02 00 00 41 89)//StateOfDecay2-Win64-Shipping.exe+9C55B5
registersymbol(PSX_SilenceGun)
PSX_SilenceGun:
  Yes_SilenceGun

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

unregistersymbol(PSX_SilenceGun)
PSX_SilenceGun:
  No_SilenceGun

{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+9C55B5

StateOfDecay2-Win64-Shipping.exe+9C5592: C3                 - ret 
StateOfDecay2-Win64-Shipping.exe+9C5593: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5594: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5595: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5596: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5597: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5598: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C5599: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559A: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559B: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559C: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559D: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559E: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C559F: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C55A0: 48 8B 42 20        - mov rax,[rdx+20]
StateOfDecay2-Win64-Shipping.exe+9C55A4: 45 33 C9           - xor r9d,r9d
StateOfDecay2-Win64-Shipping.exe+9C55A7: 48 85 C0           - test rax,rax
StateOfDecay2-Win64-Shipping.exe+9C55AA: 41 0F 95 C1        - setne r9l
StateOfDecay2-Win64-Shipping.exe+9C55AE: 4C 03 C8           - add r9,rax
StateOfDecay2-Win64-Shipping.exe+9C55B1: 4C 89 4A 20        - mov [rdx+20],r9
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+9C55B5: 8B 81 D8 02 00 00  - mov eax,[rcx+000002D8]
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+9C55BB: 41 89 00           - mov [r8],eax
StateOfDecay2-Win64-Shipping.exe+9C55BE: C3                 - ret 
StateOfDecay2-Win64-Shipping.exe+9C55BF: CC                 - int 3 
StateOfDecay2-Win64-Shipping.exe+9C55C0: 40 53              - push rbx
StateOfDecay2-Win64-Shipping.exe+9C55C2: 48 83 EC 20        - sub rsp,20
StateOfDecay2-Win64-Shipping.exe+9C55C6: 48 8B 42 20        - mov rax,[rdx+20]
StateOfDecay2-Win64-Shipping.exe+9C55CA: 45 33 C9           - xor r9d,r9d
StateOfDecay2-Win64-Shipping.exe+9C55CD: 48 85 C0           - test rax,rax
StateOfDecay2-Win64-Shipping.exe+9C55D0: 49 8B D8           - mov rbx,r8
StateOfDecay2-Win64-Shipping.exe+9C55D3: 41 0F 95 C1        - setne r9l
StateOfDecay2-Win64-Shipping.exe+9C55D7: 4C 03 C8           - add r9,rax
StateOfDecay2-Win64-Shipping.exe+9C55DA: 4C 89 4A 20        - mov [rdx+20],r9
StateOfDecay2-Win64-Shipping.exe+9C55DE: 48 8D 54 24 38     - lea rdx,[rsp+38]
StateOfDecay2-Win64-Shipping.exe+9C55E3: E8 98 5B 93 FF     - call StateOfDecay2-Win64-Shipping.exe+2FB180
StateOfDecay2-Win64-Shipping.exe+9C55E8: 48 8B 08           - mov rcx,[rax]
StateOfDecay2-Win64-Shipping.exe+9C55EB: 48 89 0B           - mov [rbx],rcx
StateOfDecay2-Win64-Shipping.exe+9C55EE: 48 83 C4 20        - add rsp,20
StateOfDecay2-Win64-Shipping.exe+9C55F2: 5B                 - pop rbx
StateOfDecay2-Win64-Shipping.exe+9C55F3: C3                 - ret 
StateOfDecay2-Win64-Shipping.exe+9C55F4: CC                 - int 3 
}
Inf Ammo

Code: Select all

{======================
Author   : aanpsx
Date     : 2022-05-31
Game     : StateOfDecay2-Win64-Shipping.exe
Version  : 1.0.0.0
======================}

//===== [_InfAmmo] ======
define(inject_InfAmmo,StateOfDecay2-Win64-Shipping.exe+4AA34D)
define(Yes_InfAmmo,db 90 90 90)
define(No_InfAmmo,db 41 2B CE)

[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
--memrec.Description='Ubah_Text_Disini'
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}

//===== [_InfAmmo] ======
//aobscanmodule(PSX_InfAmmo,StateOfDecay2-Win64-Shipping.exe,41 2B ** 89 ** ** 89 ** ** ** ** ** ** 48 8D)//StateOfDecay2-Win64-Shipping.exe+4AA34D
aobscanmodule(PSX_InfAmmo,StateOfDecay2-Win64-Shipping.exe,41 2B ** 89 ** ** 89 ** ** ** ** ** **) //Temporary Fix
registersymbol(PSX_InfAmmo)
PSX_InfAmmo:
  Yes_InfAmmo
//

[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
--memrec.Description='Ubah_Text_Disini'
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}

//===== [_InfAmmo] ======
unregistersymbol(PSX_InfAmmo)
PSX_InfAmmo:
  No_InfAmmo
//

//===== [_InfAmmo] ======
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+4AA34D

StateOfDecay2-Win64-Shipping.exe+4AA30B: 0F 1F 44 00 00           - nop dword ptr [rax+rax+00]
StateOfDecay2-Win64-Shipping.exe+4AA310: 48 3B C8                 - cmp rcx,rax
StateOfDecay2-Win64-Shipping.exe+4AA313: 74 0B                    - je StateOfDecay2-Win64-Shipping.exe+4AA320
StateOfDecay2-Win64-Shipping.exe+4AA315: 48 8B 49 30              - mov rcx,[rcx+30]
StateOfDecay2-Win64-Shipping.exe+4AA319: 48 85 C9                 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+4AA31C: 75 F2                    - jne StateOfDecay2-Win64-Shipping.exe+4AA310
StateOfDecay2-Win64-Shipping.exe+4AA31E: 33 D2                    - xor edx,edx
StateOfDecay2-Win64-Shipping.exe+4AA320: 48 8B CD                 - mov rcx,rbp
StateOfDecay2-Win64-Shipping.exe+4AA323: E8 48 DA 00 00           - call StateOfDecay2-Win64-Shipping.exe+4B7D70
StateOfDecay2-Win64-Shipping.exe+4AA328: 85 C0                    - test eax,eax
StateOfDecay2-Win64-Shipping.exe+4AA32A: 40 0F 9F C5              - setg bpl
StateOfDecay2-Win64-Shipping.exe+4AA32E: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA331: E8 EA 89 00 00           - call StateOfDecay2-Win64-Shipping.exe+4B2D20
StateOfDecay2-Win64-Shipping.exe+4AA336: 44 8B 78 50              - mov r15d,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA33A: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA33D: E8 1E 89 00 00           - call StateOfDecay2-Win64-Shipping.exe+4B2C60
StateOfDecay2-Win64-Shipping.exe+4AA342: 48 8B F8                 - mov rdi,rax
StateOfDecay2-Win64-Shipping.exe+4AA345: 8B 48 50                 - mov ecx,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA348: 41 3B CE                 - cmp ecx,r14d
StateOfDecay2-Win64-Shipping.exe+4AA34B: 7C 27                    - jl StateOfDecay2-Win64-Shipping.exe+4AA374
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+4AA34D: 41 2B CE                 - sub ecx,r14d
// ---------- DONE INJECTING  ----------
StateOfDecay2-Win64-Shipping.exe+4AA350: 89 48 50                 - mov [rax+50],ecx
StateOfDecay2-Win64-Shipping.exe+4AA353: 89 8C 24 88 00 00 00     - mov [rsp+00000088],ecx
StateOfDecay2-Win64-Shipping.exe+4AA35A: 48 8D 48 58              - lea rcx,[rax+58]
StateOfDecay2-Win64-Shipping.exe+4AA35E: 48 8D 94 24 88 00 00 00  - lea rdx,[rsp+00000088]
StateOfDecay2-Win64-Shipping.exe+4AA366: E8 A5 AF C8 FF           - call StateOfDecay2-Win64-Shipping.exe+135310
StateOfDecay2-Win64-Shipping.exe+4AA36B: C6 47 28 01              - mov byte ptr [rdi+28],01
StateOfDecay2-Win64-Shipping.exe+4AA36F: 41 B6 01                 - mov r14l,01
StateOfDecay2-Win64-Shipping.exe+4AA372: EB 03                    - jmp StateOfDecay2-Win64-Shipping.exe+4AA377
StateOfDecay2-Win64-Shipping.exe+4AA374: 45 32 F6                 - xor r14l,r14l
StateOfDecay2-Win64-Shipping.exe+4AA377: 48 8B CB                 - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA37A: E8 A1 89 00 00           - call StateOfDecay2-Win64-Shipping.exe+4B2D20
StateOfDecay2-Win64-Shipping.exe+4AA37F: 8B 78 50                 - mov edi,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA382: 45 84 F6                 - test r14l,r14l
StateOfDecay2-Win64-Shipping.exe+4AA385: 0F 84 04 01 00 00        - je StateOfDecay2-Win64-Shipping.exe+4AA48F
StateOfDecay2-Win64-Shipping.exe+4AA38B: E8 C0 BF 2A 00           - call StateOfDecay2-Win64-Shipping.exe+756350
StateOfDecay2-Win64-Shipping.exe+4AA390: F3 0F 10 B0 E4 00 00 00  - movss xmm6,[rax+000000E4]
StateOfDecay2-Win64-Shipping.exe+4AA398: 48 8B 4B 70              - mov rcx,[rbx+70]
StateOfDecay2-Win64-Shipping.exe+4AA39C: E8 2F 74 C7 02           - call StateOfDecay2-Win64-Shipping.exe+31217D0
StateOfDecay2-Win64-Shipping.exe+4AA3A1: 66 0F 6E 80 64 01 00 00  - movd xmm0,[rax+00000164]
StateOfDecay2-Win64-Shipping.exe+4AA3A9: 0F 5B C0                 - cvtdq2ps xmm0,xmm0
}
Top
Post Reply

Return to “Tables”

Who is online

Users browsing this forum: admantx, AhrefsBot, Bing [Bot], Google [Bot], Madanach01, Paascal, quantum2000, streifer, tee18675, vbay