Earth Defence Force 4.1 loot script

[Djinn247]

I have no experience coding on CE.
I lately stumbled upon a script that someone made to automatically loot boxes dropped on the map.

It specifically picks up armor and weapon drops, which is really well made.
I want to change it so it only takes armor and nothing else.
The commented line says values for each box, but changing the number after the comma is not changing behavior.

Code: Select all

{
  Game : EDF41.exe
  Version:
  Date : 2016-11-13
  Author : user

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(LootArmorWeps,EDF41.exe,0F 2F C2 76 68) // should be unique
alloc(newmem,$1000,"EDF41.exe"+1AE9DF)

label(code)
label(return)

newmem:
 cmp [rdi+00000098],0 //lootbox: armor=1,wep=0,hp=2=3
 ja code //if hp, jump to normalcode (code:) and don't use custom
 comiss xmm0,xmm2 //check if loot crate is nearby
 ja EDF41.exe+1AEA4C //use reverse jump that evalutates crates as always "nearby"
 jmp return

code:
 comiss xmm0,xmm2
 jna EDF41.exe+1AEA4C
 jmp return

LootArmorWeps:
 jmp newmem 
return:
registersymbol(LootArmorWeps)

[DISABLE]

LootArmorWeps:
 db 0F 2F C2 76 68

unregistersymbol(LootArmorWeps)
dealloc(newmem) 

{ 
// ORIGINAL CODE - INJECTION POINT: "EDF41.exe"+1AE9DF 

"EDF41.exe"+1AE9B2: F3 0F 10 4C 24 28 - movss xmm1,[rsp+28] 
"EDF41.exe"+1AE9B8: F3 0F 59 D2 - mulss xmm2,xmm2 
"EDF41.exe"+1AE9BC: F3 41 0F 5C 47 04 - subss xmm0,[r15+04] 
"EDF41.exe"+1AE9C2: F3 41 0F 5C 4F 08 - subss xmm1,[r15+08] 
"EDF41.exe"+1AE9C8: F3 0F 59 C0 - mulss xmm0,xmm0 
"EDF41.exe"+1AE9CC: F3 0F 59 C9 - mulss xmm1,xmm1 
"EDF41.exe"+1AE9D0: F3 0F 58 D0 - addss xmm2,xmm0 
"EDF41.exe"+1AE9D4: 0F 28 C6 - movaps xmm0,xmm6 
"EDF41.exe"+1AE9D7: F3 0F 59 C6 - mulss xmm0,xmm6 
"EDF41.exe"+1AE9DB: F3 0F 58 D1 - addss xmm2,xmm1 
// ---------- INJECTING HERE ---------- 
"EDF41.exe"+1AE9DF: 0F 2F C2 - comiss xmm0,xmm2 
"EDF41.exe"+1AE9E2: 76 68 - jna EDF41.exe+1AEA4C 
// ---------- DONE INJECTING ---------- 
"EDF41.exe"+1AE9E4: 48 8B 05 B5 9A B1 00 - mov rax,[EDF41.exe+CC84A0] 
"EDF41.exe"+1AE9EB: 8B 48 38 - mov ecx,[rax+38] 
"EDF41.exe"+1AE9EE: 83 F9 FF - cmp ecx,-01 
"EDF41.exe"+1AE9F1: 74 31 - je EDF41.exe+1AEA24 
"EDF41.exe"+1AE9F3: 48 8B 40 20 - mov rax,[rax+20] 
"EDF41.exe"+1AE9F7: 48 8B 0C C8 - mov rcx,[rax+rcx*8] 
"EDF41.exe"+1AE9FB: 48 8B 51 10 - mov rdx,[rcx+10] 
"EDF41.exe"+1AE9FF: 48 63 42 08 - movsxd rax,dword ptr [rdx+08] 
"EDF41.exe"+1AEA03: 83 7C 10 5C 00 - cmp dword ptr [rax+rdx+5C],00 
"EDF41.exe"+1AEA08: 0F 95 C0 - setne al
}

[TimFun13]

I have no experience coding on CE.
I lately stumbled upon a script that someone made to automatically loot boxes dropped on the map.

It specifically picks up armor and weapon drops, which is really well made.
I want to change it so it only takes armor and nothing else.
The commented line says values for each box, but changing the number after the comma is not changing behavior.
...

You'll have to do some digging then, according to their notes it should only be working for "wep" (weapons I'm guessing), because armor is 1 and it jumps to the original code when any thing is above zero.

You can try enabling the script then open the memory view form (Ctrl+M), then hit Ctrl+G and paste in the injection symbol ("LootArmorWeps") and hit ok/enter to goto the address, then with the injected jump selected hit space to follow that and select the cmp [rdi+00000098],0 line and right click and select "see what addresses this instruction accesses" to see what values go through when you interact with the loot boxes; to see what values the armor and weapons actually are.

But according to their notes, this should work.

Code: Select all

{
  Game : EDF41.exe
  Version:
  Date : 2016-11-13
  Author : user

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(LootArmorWeps,EDF41.exe,0F 2F C2 76 68) // should be unique
alloc(newmem,$1000,LootArmorWeps)

label(code)
label(return)

newmem:
 cmp [rdi+00000098],1 //lootbox: armor=1,wep=0,hp=2=3
 jne code //// if not armor, jump to the original code
 comiss xmm0,xmm2 //check if loot crate is nearby
 ja EDF41.exe+1AEA4C //use reverse jump that evalutates crates as always "nearby"
 jmp return

code:
 comiss xmm0,xmm2
 jna EDF41.exe+1AEA4C
 jmp return

LootArmorWeps:
 jmp newmem 
return:
registersymbol(LootArmorWeps)

[DISABLE]

LootArmorWeps:
 db 0F 2F C2 76 68

unregistersymbol(LootArmorWeps)
dealloc(newmem) 

{ 
// ORIGINAL CODE - INJECTION POINT: "EDF41.exe"+1AE9DF 

"EDF41.exe"+1AE9B2: F3 0F 10 4C 24 28 - movss xmm1,[rsp+28] 
"EDF41.exe"+1AE9B8: F3 0F 59 D2 - mulss xmm2,xmm2 
"EDF41.exe"+1AE9BC: F3 41 0F 5C 47 04 - subss xmm0,[r15+04] 
"EDF41.exe"+1AE9C2: F3 41 0F 5C 4F 08 - subss xmm1,[r15+08] 
"EDF41.exe"+1AE9C8: F3 0F 59 C0 - mulss xmm0,xmm0 
"EDF41.exe"+1AE9CC: F3 0F 59 C9 - mulss xmm1,xmm1 
"EDF41.exe"+1AE9D0: F3 0F 58 D0 - addss xmm2,xmm0 
"EDF41.exe"+1AE9D4: 0F 28 C6 - movaps xmm0,xmm6 
"EDF41.exe"+1AE9D7: F3 0F 59 C6 - mulss xmm0,xmm6 
"EDF41.exe"+1AE9DB: F3 0F 58 D1 - addss xmm2,xmm1 
// ---------- INJECTING HERE ---------- 
"EDF41.exe"+1AE9DF: 0F 2F C2 - comiss xmm0,xmm2 
"EDF41.exe"+1AE9E2: 76 68 - jna EDF41.exe+1AEA4C 
// ---------- DONE INJECTING ---------- 
"EDF41.exe"+1AE9E4: 48 8B 05 B5 9A B1 00 - mov rax,[EDF41.exe+CC84A0] 
"EDF41.exe"+1AE9EB: 8B 48 38 - mov ecx,[rax+38] 
"EDF41.exe"+1AE9EE: 83 F9 FF - cmp ecx,-01 
"EDF41.exe"+1AE9F1: 74 31 - je EDF41.exe+1AEA24 
"EDF41.exe"+1AE9F3: 48 8B 40 20 - mov rax,[rax+20] 
"EDF41.exe"+1AE9F7: 48 8B 0C C8 - mov rcx,[rax+rcx*8] 
"EDF41.exe"+1AE9FB: 48 8B 51 10 - mov rdx,[rcx+10] 
"EDF41.exe"+1AE9FF: 48 63 42 08 - movsxd rax,dword ptr [rdx+08] 
"EDF41.exe"+1AEA03: 83 7C 10 5C 00 - cmp dword ptr [rax+rdx+5C],00 
"EDF41.exe"+1AEA08: 0F 95 C0 - setne al
}

[jungletek]

FWIW, if you just want to auto-collect everything, you can just nop the conditional jump, like so:

Code: Select all

[ENABLE]
aobscanmodule(aobAutoPickup,EDF41.exe,76 68 48 8B 05 D5 9A B1 00)

aobAutoPickup:
registersymbol(aobAutoPickup)
  db 90 90

[DISABLE]
aobAutoPickup:
  db 76 68

unregistersymbol(aobAutoPickup)

[Renzection]

So i don't know how to read any of these scripts, but i'm looking for one that auto grabs everything (health armor and weapon boxes) and i don't know how to inject these so they work. Is there a tutorial or explaination how to install for use?

[Clankinator]

So i don't know how to read any of these scripts, but i'm looking for one that auto grabs everything (health armor and weapon boxes) and i don't know how to inject these so they work. Is there a tutorial or explaination how to install for use?

Hi,

i implemented this function in my cheattable here:

viewtopic.php?f=4&t=8777

Have fun with it