Monster Hunter World (Steam)

[Rakenson]

Made an account just for this table, great work to Cal and Squall and Marcus.

Coming from pre Iceborne I would love to see Hunting Horn Infinite Buffs again if anyone has that updated. Thanks.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[Hours&Hours]

Thx for your hard work.
Just wanna report an issue where the function Inf Stamina cannot be disabled when actived.

[Lifid8719]

CRC bypass MHW Version 400974 10.12.01

run program, follow instructions, leave running until you are ready to quit game

password:
frf

best,
Cal

What happens if I close the program after closing the game, instead of closing it when I'm about to close the game?

[wylcos]

i cant find some listed functions such as "unlock charms" or "inf cannon fire"
Have they been removed?

[Shadowria]

after double checking, i was putting too much info into my script and it was bleeding elseware. I lowered the number of pages and am doing a bit more stability testing.

Do you think there is anything that can be done for those already affected or should we just start with trying to get back to where we were on an older save?

[alabrand]

after double checking, i was putting too much info into my script and it was bleeding elseware. I lowered the number of pages and am doing a bit more stability testing.

I love the work you've put in but the earlier version completely bricked my save, like the other person said is there any hope at all of being able to fix that?

[pox911]

Do you think there is anything that can be done for those already affected or should we just start with trying to get back to where we were on an older save?

without fully understanding what this section of memory that i bled into does, there might not be an easy way. I do apologize for the inconvenience i have caused.

edit: maybe comparing it to two different newly created characters, some stuff could be copy and pasted if the game was never shut down. Just a random thought.

This one should be a bit more stable. I reduced the pages from 23 to 10 so it doesnt come close to bleeding into the other memory areas. So far i have had no crashes in my testing with this version.

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>19053</ID>
      <Description>"Fill Shop With Many Items"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]

aobscanmodule(ShopOverrideAOB,MonsterHunterWorld.exe,41 8B 96 48 31 00 00) // should be unique
alloc(newmem,$1000,"MonsterHunterWorld.exe"+1F8A9674)

label(code)
label(return)
label(ShopData)
registersymbol(ShopData)

newmem:
  push rax
  push rbx
  push rcx
  mov edx,[ShopData]
  imul edx,6E

  xor rax,rax
  mov rcx,6E
  lea rbx,[r14+2948]

  _Loop:
  mov [rbx+rax*8],edx
  mov [rbx+rax*8+4],edx
  inc [rbx+rax*8]
  inc rax
  inc edx
  cmp rax,rcx
  jl _Loop
code:
  mov edx,rcx
  pop rcx
  pop rbx
  pop rax

  jmp return
  ShopData:

ShopOverrideAOB:
  jmp newmem
  nop
  nop
return:
registersymbol(ShopOverrideAOB)

[DISABLE]

ShopOverrideAOB:
  db 41 8B 96 48 31 00 00

unregistersymbol(ShopOverrideAOB)
unregistersymbol(ShopData)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "MonsterHunterWorld.exe"+1F8A9674

"MonsterHunterWorld.exe"+1F8A9652: 48 8D 14 C1              -  lea rdx,[rcx+rax*8]
"MonsterHunterWorld.exe"+1F8A9656: 48 85 C0                 -  test rax,rax
"MonsterHunterWorld.exe"+1F8A9659: 75 03                    -  jne MonsterHunterWorld.exe+1F8A965E
"MonsterHunterWorld.exe"+1F8A965B: 4C 89 EA                 -  mov rdx,r13
"MonsterHunterWorld.exe"+1F8A965E: 49 0F 44 CD              -  cmove rcx,r13
"MonsterHunterWorld.exe"+1F8A9662: 49 89 D0                 -  mov r8,rdx
"MonsterHunterWorld.exe"+1F8A9665: 49 29 C8                 -  sub r8,rcx
"MonsterHunterWorld.exe"+1F8A9668: 4D 89 F1                 -  mov r9,r14
"MonsterHunterWorld.exe"+1F8A966B: 49 C1 F8 03              -  sar r8,03
"MonsterHunterWorld.exe"+1F8A966F: E8 CC 17 3E E2           -  call MonsterHunterWorld.exe+1C8AE40
// ---------- INJECTING HERE ----------
"MonsterHunterWorld.exe"+1F8A9674: 41 8B 96 48 31 00 00     -  mov edx,[r14+00003148]
// ---------- DONE INJECTING  ----------
"MonsterHunterWorld.exe"+1F8A967B: 41 89 96 1C 29 00 00     -  mov [r14+0000291C],edx
"MonsterHunterWorld.exe"+1F8A9682: EB 06                    -  jmp MonsterHunterWorld.exe+1F8A968A
"MonsterHunterWorld.exe"+1F8A9684: 8B 91 1C 29 00 00        -  mov edx,[rcx+0000291C]
"MonsterHunterWorld.exe"+1F8A968A: 49 8B 8E F8 28 00 00     -  mov rcx,[r14+000028F8]
"MonsterHunterWorld.exe"+1F8A9691: E8 7A 07 11 E1           -  call MonsterHunterWorld.exe+9B9E10
"MonsterHunterWorld.exe"+1F8A9696: 41 8B 86 48 29 00 00     -  mov eax,[r14+00002948]
"MonsterHunterWorld.exe"+1F8A969D: 4C 8D 44 24 60           -  lea r8,[rsp+60]
"MonsterHunterWorld.exe"+1F8A96A2: 48 8B 0D 97 AE 63 E5     -  mov rcx,[MonsterHunterWorld.exe+4EE4540]
"MonsterHunterWorld.exe"+1F8A96A9: 48 8D 54 24 20           -  lea rdx,[rsp+20]
"MonsterHunterWorld.exe"+1F8A96AE: 45 31 C9                 -  xor r9d,r9d
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>19055</ID>
          <Description>"Chunk Index"</Description>
          <VariableType>4 Bytes</VariableType>
          <Address>ShopData</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

[jasonthe13]

is there no 100% affinity ?

[overmage]

Hello, can there be an option to edit current lucky voucher count under Pointers? Thank you for the hard work!

[Gallardo]

Hello, wanted to ask if it's possible to add back the endemic life code from seikur0s table. It was incredibly helpful with catching new pets and making your room look cool.

[Bianco]

When using your code to buy a specific item, my 1200h of game has been thrown away and I would like to know if there is any way to solve this please and be able to play again with my main character.

[s23301955]

Do you think there is anything that can be done for those already affected or should we just start with trying to get back to where we were on an older save?

without fully understanding what this section of memory that i bled into does, there might not be an easy way. I do apologize for the inconvenience i have caused.

edit: maybe comparing it to two different newly created characters, some stuff could be copy and pasted if the game was never shut down. Just a random thought.

This one should be a bit more stable. I reduced the pages from 23 to 10 so it doesnt come close to bleeding into the other memory areas. So far i have had no crashes in my testing with this version.

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>19053</ID>
      <Description>"Fill Shop With Many Items"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]

aobscanmodule(ShopOverrideAOB,MonsterHunterWorld.exe,41 8B 96 48 31 00 00) // should be unique
alloc(newmem,$1000,"MonsterHunterWorld.exe"+1F8A9674)

label(code)
label(return)
label(ShopData)
registersymbol(ShopData)

newmem:
  push rax
  push rbx
  push rcx
  mov edx,[ShopData]
  imul edx,6E

  xor rax,rax
  mov rcx,6E
  lea rbx,[r14+2948]

  _Loop:
  mov [rbx+rax*8],edx
  mov [rbx+rax*8+4],edx
  inc [rbx+rax*8]
  inc rax
  inc edx
  cmp rax,rcx
  jl _Loop
code:
  mov edx,rcx
  pop rcx
  pop rbx
  pop rax

  jmp return
  ShopData:

ShopOverrideAOB:
  jmp newmem
  nop
  nop
return:
registersymbol(ShopOverrideAOB)

[DISABLE]

ShopOverrideAOB:
  db 41 8B 96 48 31 00 00

unregistersymbol(ShopOverrideAOB)
unregistersymbol(ShopData)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "MonsterHunterWorld.exe"+1F8A9674

"MonsterHunterWorld.exe"+1F8A9652: 48 8D 14 C1              -  lea rdx,[rcx+rax*8]
"MonsterHunterWorld.exe"+1F8A9656: 48 85 C0                 -  test rax,rax
"MonsterHunterWorld.exe"+1F8A9659: 75 03                    -  jne MonsterHunterWorld.exe+1F8A965E
"MonsterHunterWorld.exe"+1F8A965B: 4C 89 EA                 -  mov rdx,r13
"MonsterHunterWorld.exe"+1F8A965E: 49 0F 44 CD              -  cmove rcx,r13
"MonsterHunterWorld.exe"+1F8A9662: 49 89 D0                 -  mov r8,rdx
"MonsterHunterWorld.exe"+1F8A9665: 49 29 C8                 -  sub r8,rcx
"MonsterHunterWorld.exe"+1F8A9668: 4D 89 F1                 -  mov r9,r14
"MonsterHunterWorld.exe"+1F8A966B: 49 C1 F8 03              -  sar r8,03
"MonsterHunterWorld.exe"+1F8A966F: E8 CC 17 3E E2           -  call MonsterHunterWorld.exe+1C8AE40
// ---------- INJECTING HERE ----------
"MonsterHunterWorld.exe"+1F8A9674: 41 8B 96 48 31 00 00     -  mov edx,[r14+00003148]
// ---------- DONE INJECTING  ----------
"MonsterHunterWorld.exe"+1F8A967B: 41 89 96 1C 29 00 00     -  mov [r14+0000291C],edx
"MonsterHunterWorld.exe"+1F8A9682: EB 06                    -  jmp MonsterHunterWorld.exe+1F8A968A
"MonsterHunterWorld.exe"+1F8A9684: 8B 91 1C 29 00 00        -  mov edx,[rcx+0000291C]
"MonsterHunterWorld.exe"+1F8A968A: 49 8B 8E F8 28 00 00     -  mov rcx,[r14+000028F8]
"MonsterHunterWorld.exe"+1F8A9691: E8 7A 07 11 E1           -  call MonsterHunterWorld.exe+9B9E10
"MonsterHunterWorld.exe"+1F8A9696: 41 8B 86 48 29 00 00     -  mov eax,[r14+00002948]
"MonsterHunterWorld.exe"+1F8A969D: 4C 8D 44 24 60           -  lea r8,[rsp+60]
"MonsterHunterWorld.exe"+1F8A96A2: 48 8B 0D 97 AE 63 E5     -  mov rcx,[MonsterHunterWorld.exe+4EE4540]
"MonsterHunterWorld.exe"+1F8A96A9: 48 8D 54 24 20           -  lea rdx,[rsp+20]
"MonsterHunterWorld.exe"+1F8A96AE: 45 31 C9                 -  xor r9d,r9d
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>19055</ID>
          <Description>"Chunk Index"</Description>
          <VariableType>4 Bytes</VariableType>
          <Address>ShopData</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

is there any way to clear botanical research's box?
i think the box have some problem
make the reward screen crash


if i press sell buttom,it will deduct a lot of money

[templarum]

Do you think there is anything that can be done for those already affected or should we just start with trying to get back to where we were on an older save?

without fully understanding what this section of memory that i bled into does, there might not be an easy way. I do apologize for the inconvenience i have caused.

edit: maybe comparing it to two different newly created characters, some stuff could be copy and pasted if the game was never shut down. Just a random thought.

This one should be a bit more stable. I reduced the pages from 23 to 10 so it doesnt come close to bleeding into the other memory areas. So far i have had no crashes in my testing with this version.

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>19053</ID>
      <Description>"Fill Shop With Many Items"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]

aobscanmodule(ShopOverrideAOB,MonsterHunterWorld.exe,41 8B 96 48 31 00 00) // should be unique
alloc(newmem,$1000,"MonsterHunterWorld.exe"+1F8A9674)

label(code)
label(return)
label(ShopData)
registersymbol(ShopData)

newmem:
  push rax
  push rbx
  push rcx
  mov edx,[ShopData]
  imul edx,6E

  xor rax,rax
  mov rcx,6E
  lea rbx,[r14+2948]

  _Loop:
  mov [rbx+rax*8],edx
  mov [rbx+rax*8+4],edx
  inc [rbx+rax*8]
  inc rax
  inc edx
  cmp rax,rcx
  jl _Loop
code:
  mov edx,rcx
  pop rcx
  pop rbx
  pop rax

  jmp return
  ShopData:

ShopOverrideAOB:
  jmp newmem
  nop
  nop
return:
registersymbol(ShopOverrideAOB)

[DISABLE]

ShopOverrideAOB:
  db 41 8B 96 48 31 00 00

unregistersymbol(ShopOverrideAOB)
unregistersymbol(ShopData)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "MonsterHunterWorld.exe"+1F8A9674

"MonsterHunterWorld.exe"+1F8A9652: 48 8D 14 C1              -  lea rdx,[rcx+rax*8]
"MonsterHunterWorld.exe"+1F8A9656: 48 85 C0                 -  test rax,rax
"MonsterHunterWorld.exe"+1F8A9659: 75 03                    -  jne MonsterHunterWorld.exe+1F8A965E
"MonsterHunterWorld.exe"+1F8A965B: 4C 89 EA                 -  mov rdx,r13
"MonsterHunterWorld.exe"+1F8A965E: 49 0F 44 CD              -  cmove rcx,r13
"MonsterHunterWorld.exe"+1F8A9662: 49 89 D0                 -  mov r8,rdx
"MonsterHunterWorld.exe"+1F8A9665: 49 29 C8                 -  sub r8,rcx
"MonsterHunterWorld.exe"+1F8A9668: 4D 89 F1                 -  mov r9,r14
"MonsterHunterWorld.exe"+1F8A966B: 49 C1 F8 03              -  sar r8,03
"MonsterHunterWorld.exe"+1F8A966F: E8 CC 17 3E E2           -  call MonsterHunterWorld.exe+1C8AE40
// ---------- INJECTING HERE ----------
"MonsterHunterWorld.exe"+1F8A9674: 41 8B 96 48 31 00 00     -  mov edx,[r14+00003148]
// ---------- DONE INJECTING  ----------
"MonsterHunterWorld.exe"+1F8A967B: 41 89 96 1C 29 00 00     -  mov [r14+0000291C],edx
"MonsterHunterWorld.exe"+1F8A9682: EB 06                    -  jmp MonsterHunterWorld.exe+1F8A968A
"MonsterHunterWorld.exe"+1F8A9684: 8B 91 1C 29 00 00        -  mov edx,[rcx+0000291C]
"MonsterHunterWorld.exe"+1F8A968A: 49 8B 8E F8 28 00 00     -  mov rcx,[r14+000028F8]
"MonsterHunterWorld.exe"+1F8A9691: E8 7A 07 11 E1           -  call MonsterHunterWorld.exe+9B9E10
"MonsterHunterWorld.exe"+1F8A9696: 41 8B 86 48 29 00 00     -  mov eax,[r14+00002948]
"MonsterHunterWorld.exe"+1F8A969D: 4C 8D 44 24 60           -  lea r8,[rsp+60]
"MonsterHunterWorld.exe"+1F8A96A2: 48 8B 0D 97 AE 63 E5     -  mov rcx,[MonsterHunterWorld.exe+4EE4540]
"MonsterHunterWorld.exe"+1F8A96A9: 48 8D 54 24 20           -  lea rdx,[rsp+20]
"MonsterHunterWorld.exe"+1F8A96AE: 45 31 C9                 -  xor r9d,r9d
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>19055</ID>
          <Description>"Chunk Index"</Description>
          <VariableType>4 Bytes</VariableType>
          <Address>ShopData</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

is there any way to clear botanical research's box?
i think the box have some problem
make the reward screen crash


if i press sell buttom,it will deduct a lot of money

If your issue is that it will deduct a lot of money, just have it deducted and then edit your money value back to what you had previously.

[Tnes]

Hello, wanted to ask if it's possible to add back the endemic life code from seikur0s table. It was incredibly helpful with catching new pets and making your room look cool.

With sizes too!

Do you think there is anything that can be done for those already affected or should we just start with trying to get back to where we were on an older save?

without fully understanding what this section of memory that i bled into does, there might not be an easy way. I do apologize for the inconvenience i have caused.

edit: maybe comparing it to two different newly created characters, some stuff could be copy and pasted if the game was never shut down. Just a random thought.

This one should be a bit more stable. I reduced the pages from 23 to 10 so it doesnt come close to bleeding into the other memory areas. So far i have had no crashes in my testing with this version.

This reminds me to back before iceborne when someone tried to do this too, he mentioned that he couldn't increase the number of pages without it fucking the game up in other ways. I'm not sure if its the same case here, but it might be best to not increase the page number at all.

[karenaki]

i cant find some listed functions such as "unlock charms" or "inf cannon fire"
Have they been removed?

would love inf cannon fire and unlock charms as well