RAGE 2 [Engine:APEX]

Upload your cheat tables here (No requests)
Post Reply
User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: RAGE2 [Engine:APEX]

Post by SunBeam »

The table script DOES THE EXACT SAME THING. And if you go to first page, here, you can see that YES T_T. How about you fucking search for a change, eh? Thank you.

How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

OK seems like what i've posted isn't really super speed. it has something to do with the physics. i notice, objects start flipping around the area when changing the value to 3 xD may this is the reason why the game freezes. So yeah, still no good movement speed :(

Value 1.85 seems to be ok
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

Did someone already posted this?

EXP Mod, Level mod

Image


may someone can test if it works. Copy-Paste into CE, activate and press tab

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>2757</ID>
      <Description>"Test"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
aobscanmodule(_Exp,RAGE2.exe,F3 0F 10 83 C4 01 00 00 F3 0F 11 45) // should be unique
alloc(ExpMem,$1000,RAGE2.exe)
alloc(_EXP1,8)
alloc(_EXP2,8)
alloc(_EXP3,8)
registersymbol(_EXP1)
registersymbol(_EXP2)
registersymbol(_EXP3)
registersymbol(_Exp)

ExpMem:
cmp [rbx+1b8],000075E0
je ExperienceBar1
cmp [rbx+1b8],000075D7
je ExperienceBar2
cmp [rbx+1b8],000075DB
je ExperienceBar3
jmp code

ExperienceBar1:
mov [_EXP1],rbx
jmp code
ExperienceBar2:
mov [_EXP2],rbx
jmp code
ExperienceBar3:
mov [_EXP3],rbx
jmp code

code:
  movss xmm0,[rbx+000001C4]
  jmp return

_Exp:
  jmp ExpMem
  nop
  nop
  nop
return:
registersymbol(_Exp)


_EXP1:
dd 0
_EXP2:
dd 0
_EXP3:
dd 0
[DISABLE]

_Exp:
  db F3 0F 10 83 C4 01 00 00

unregistersymbol(_Exp)
unregistersymbol(_EXP1)
unregistersymbol(_EXP2)
unregistersymbol(_EXP3)
dealloc(_EXP1)
dealloc(_EXP2)
dealloc(_EXP3)
dealloc(ExpMem)

{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+B1A02C

"RAGE2.exe"+B1A002: 0F 84 DA 00 00 00        -  je RAGE2.exe+B1A0E2
"RAGE2.exe"+B1A008: 48 83 C1 0C              -  add rcx,0C
"RAGE2.exe"+B1A00C: 48 3B CA                 -  cmp rcx,rdx
"RAGE2.exe"+B1A00F: 75 EF                    -  jne RAGE2.exe+B1A000
"RAGE2.exe"+B1A011: B8 FF FF FF FF           -  mov eax,FFFFFFFF
"RAGE2.exe"+B1A016: 89 45 20                 -  mov [rbp+20],eax
"RAGE2.exe"+B1A019: 4C 8D 45 20              -  lea r8,[rbp+20]
"RAGE2.exe"+B1A01D: 48 8D 15 64 BF BF 01     -  lea rdx,[RAGE2.exe+2715F88]
"RAGE2.exe"+B1A024: 48 8B CF                 -  mov rcx,rdi
"RAGE2.exe"+B1A027: E8 14 D1 07 00           -  call RAGE2.exe+B97140
// ---------- INJECTING HERE ----------
"RAGE2.exe"+B1A02C: F3 0F 10 83 C4 01 00 00  -  movss xmm0,[rbx+000001C4]
// ---------- DONE INJECTING  ----------
"RAGE2.exe"+B1A034: F3 0F 11 45 20           -  movss [rbp+20],xmm0
"RAGE2.exe"+B1A039: 4C 8D 45 20              -  lea r8,[rbp+20]
"RAGE2.exe"+B1A03D: 48 8D 15 2C BE BF 01     -  lea rdx,[RAGE2.exe+2715E70]
"RAGE2.exe"+B1A044: 48 8B CF                 -  mov rcx,rdi
"RAGE2.exe"+B1A047: E8 F4 D2 07 00           -  call RAGE2.exe+B97340
"RAGE2.exe"+B1A04C: 8B D6                    -  mov edx,esi
"RAGE2.exe"+B1A04E: 48 8B CB                 -  mov rcx,rbx
"RAGE2.exe"+B1A051: E8 3A 9B E1 FF           -  call RAGE2.exe+933B90
"RAGE2.exe"+B1A056: F3 0F 11 45 20           -  movss [rbp+20],xmm0
"RAGE2.exe"+B1A05B: 4C 8D 45 20              -  lea r8,[rbp+20]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>2767</ID>
          <Description>"Char 1"</Description>
          <Options moHideChildren="1"/>
          <LastState Value="" RealAddress="00000000"/>
          <GroupHeader>1</GroupHeader>
          <CheatEntries>
            <CheatEntry>
              <ID>2758</ID>
              <Description>"Experience"</Description>
              <VariableType>Float</VariableType>
              <Address>_EXP1</Address>
              <Offsets>
                <Offset>1c4</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2761</ID>
              <Description>"Current Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP1</Address>
              <Offsets>
                <Offset>1c8</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2762</ID>
              <Description>"Max Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP1</Address>
              <Offsets>
                <Offset>1cc</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
        <CheatEntry>
          <ID>2768</ID>
          <Description>"Char 2"</Description>
          <Options moHideChildren="1"/>
          <LastState Value="" RealAddress="00000000"/>
          <GroupHeader>1</GroupHeader>
          <CheatEntries>
            <CheatEntry>
              <ID>2759</ID>
              <Description>"Experience"</Description>
              <VariableType>Float</VariableType>
              <Address>_EXP2</Address>
              <Offsets>
                <Offset>1c4</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2763</ID>
              <Description>"Current Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP2</Address>
              <Offsets>
                <Offset>1C8</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2764</ID>
              <Description>"Max Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP2</Address>
              <Offsets>
                <Offset>1cC</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
        <CheatEntry>
          <ID>2769</ID>
          <Description>"Char 3"</Description>
          <Options moHideChildren="1"/>
          <LastState Value="" RealAddress="00000000"/>
          <GroupHeader>1</GroupHeader>
          <CheatEntries>
            <CheatEntry>
              <ID>2760</ID>
              <Description>"Experience"</Description>
              <VariableType>Float</VariableType>
              <Address>_EXP3</Address>
              <Offsets>
                <Offset>1c4</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2765</ID>
              <Description>"Current Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP3</Address>
              <Offsets>
                <Offset>1c8</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>2766</ID>
              <Description>"Max Level"</Description>
              <VariableType>4 Bytes</VariableType>
              <Address>_EXP3</Address>
              <Offsets>
                <Offset>1cc</Offset>
              </Offsets>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>


All i got so far
Spoiler
Image
Image
Last edited by l0wb1t on Sat May 25, 2019 8:52 am, edited 4 times in total.
Top
User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: RAGE2 [Engine:APEX]

Post by SunBeam »

^ Nope, fire away :) Working with pigeon on a custom noclip. He's done the freecam part quite nicely, it's just a matter of me doing it in ASM + adjusting the player's relative coordinates based on the sector the player is currently in and camera coordinates. Will post when done.
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

Kill Combo Multiplier
Image

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>2786</ID>
      <Description>"KillCombo"</Description>
      <Options moHideChildren="1"/>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
aobscanmodule(_KillCombo,RAGE2.exe,66 0F 6E 46 58)
aobscanmodule(_KillComboMulti,RAGE2.exe,89 47 58 83 F8 0A)
alloc(KillComboMem,$1000,RAGE2.exe)

alloc(_pKillCombo,8)
alloc(_enableKillComboMultiplier,8)
registersymbol(_enableKillComboMultiplier)
registersymbol(_KillComboMulti)
registersymbol(_pKillCombo)
registersymbol(_KillCombo)


KillComboMem:
mov [_pKillCombo],rsi
code:
  movd xmm0,[rsi+58]
  jmp return

KillComboMultiMem:
 cmp [_enableKillComboMultiplier],0
 je codeKillComboMulti
 cmp [_enableKillComboMultiplier],1
 je Combo_X2
 cmp [_enableKillComboMultiplier],2
 je Combo_X4
 cmp [_enableKillComboMultiplier],3
 je Combo_X8
 cmp [_enableKillComboMultiplier],4
 je Combo_X16

Combo_X2:
add [rdi+58],#2
cmp eax,0A
jmp returnKillComboMulti


Combo_X4:
add [rdi+58],#4
cmp eax,0A
jmp returnKillComboMulti

Combo_X8:
add [rdi+58],#8
cmp eax,0A
jmp returnKillComboMulti

Combo_X16:
add [rdi+58],#16
cmp eax,0A
jmp returnKillComboMulti




codeKillComboMulti:
  mov [rdi+58],eax
  cmp eax,0A
  jmp returnKillComboMulti



_KillCombo:
  jmp KillComboMem
return:

_KillComboMulti:
  jmp KillComboMultiMem
  nop
returnKillComboMulti:

_pKillCombo:
dd 0
_enableKillComboMultiplier:
dd 0
[DISABLE]

_KillCombo:
  db 66 0F 6E 46 58
_KillComboMulti:
  db 89 47 58 83 F8 0A


unregistersymbol(_KillCombo)
unregistersymbol(_pKillCombo)
unregistersymbol(_KillComboMulti)
unregistersymbol(_enableKillComboMultiplier)
dealloc(_enableKillComboMultiplier)
dealloc(_pKillCombo)
dealloc(KillComboMem)

{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+9B4C49

"RAGE2.exe"+9B4C19: 4C 8B 4D 7F           -  mov r9,[rbp+7F]
"RAGE2.exe"+9B4C1D: 4C 8B 45 D7           -  mov r8,[rbp-29]
"RAGE2.exe"+9B4C21: B9 B3 EC F5 B7        -  mov ecx,B7F5ECB3
"RAGE2.exe"+9B4C26: E8 B5 3D 81 FF        -  call RAGE2.exe+1C89E0
"RAGE2.exe"+9B4C2B: F3 0F 10 46 48        -  movss xmm0,[rsi+48]
"RAGE2.exe"+9B4C30: F3 0F 58 46 3C        -  addss xmm0,dword ptr [rsi+3C]
"RAGE2.exe"+9B4C35: F3 0F 11 45 67        -  movss [rbp+67],xmm0
"RAGE2.exe"+9B4C3A: C6 45 6B 02           -  mov byte ptr [rbp+6B],02
"RAGE2.exe"+9B4C3E: C7 45 77 35 72 97 AE  -  mov [rbp+77],AE977235
"RAGE2.exe"+9B4C45: C6 45 7B 03           -  mov byte ptr [rbp+7B],03
// ---------- INJECTING HERE ----------
"RAGE2.exe"+9B4C49: 66 0F 6E 46 58        -  movd xmm0,[rsi+58]
// ---------- DONE INJECTING  ----------
"RAGE2.exe"+9B4C4E: 0F 5B C0              -  cvtdq2ps xmm0,xmm0
"RAGE2.exe"+9B4C51: F3 0F 11 45 7F        -  movss [rbp+7F],xmm0
"RAGE2.exe"+9B4C56: C6 85 83 00 00 00 02  -  mov byte ptr [rbp+00000083],02
"RAGE2.exe"+9B4C5D: C7 45 D7 DA 16 B2 B1  -  mov [rbp-29],B1B216DA
"RAGE2.exe"+9B4C64: C6 45 DB 03           -  mov byte ptr [rbp-25],03
"RAGE2.exe"+9B4C68: 44 89 64 24 38        -  mov [rsp+38],r12d
"RAGE2.exe"+9B4C6D: 44 89 64 24 30        -  mov [rsp+30],r12d
"RAGE2.exe"+9B4C72: 48 8B 45 67           -  mov rax,[rbp+67]
"RAGE2.exe"+9B4C76: 48 89 44 24 28        -  mov [rsp+28],rax
"RAGE2.exe"+9B4C7B: 48 8B 45 77           -  mov rax,[rbp+77]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>2787</ID>
          <Description>"Kill Combo"</Description>
          <LastState Value="7" RealAddress="1E5FAFAA478"/>
          <VariableType>4 Bytes</VariableType>
          <Address>_pKillCombo</Address>
          <Offsets>
            <Offset>58</Offset>
          </Offsets>
        </CheatEntry>
        <CheatEntry>
          <ID>2789</ID>
          <Description>"Kill Combo Multiplier"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Default
1:Kill Combo X2
2:Kill Combo X4
3:Kill Combo X8
4:Kill Combo X16
</DropDownList>
          <LastState Value="2" RealAddress="7FF7F2AA1008"/>
          <VariableType>Byte</VariableType>
          <Address>_enableKillComboMultiplier</Address>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Overdrive Mod
Image

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>2799</ID>
      <Description>"OverdriveMod"</Description>
      <Options moHideChildren="1"/>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>[ENABLE]
aobscanmodule(_OverdriveMultiplier,RAGE2.exe,0F 11 02 0F 10 45 27)
aobscanmodule(_OverdriveTimerBase,RAGE2.exe,F3 41 0F 10 48 0C 41)
alloc(OverdriveMultiplierMem,$1000,RAGE2.exe)
alloc(_OverDriveMultiplierVar,8)
alloc(_pOverdriveTimer,8)
registersymbol(_pOverdriveTimer)
registersymbol(_OverdriveTimerBase)
registersymbol(_OverDriveMultiplierVar)
registersymbol(_OverdriveMultiplier)


OverdriveMultiplierMem:


codeOverdriveMultiplier:
  movups [rdx],xmm0
  movups xmm0,[rbp+27]
  cmp rdx,[_pOverdriveTimer]
  jne returnOverdriveMultiplier
  fld [rdx+C]
  fld [_OverDriveMultiplierVar]
  faddp
  fstp [rdx+C]
  jmp returnOverdriveMultiplier

OverdriveTimerBaseMem:
mov [_pOverdriveTimer],r8
codeOverdriveTimerBase:
  movss xmm1,[r8+0C]
  jmp returnOverdriveTimerBase


_OverdriveMultiplier:
  jmp OverdriveMultiplierMem
  nop
  nop
returnOverdriveMultiplier:

_OverdriveTimerBase:
  jmp OverdriveTimerBaseMem
  nop
returnOverdriveTimerBase:

_OverDriveMultiplierVar:
dd (float)0
_pOverdriveTimer:
dd 0
[DISABLE]

_OverdriveMultiplier:
  db 0F 11 02 0F 10 45 27
_OverdriveTimerBase:
  db F3 41 0F 10 48 0C


unregistersymbol(_OverdriveMultiplier)
unregistersymbol(_OverDriveMultiplierVar)
unregistersymbol(_OverdriveTimerBase)
unregistersymbol(_pOverdriveTimer)
dealloc(_pOverdriveTimer)
dealloc(_OverDriveMultiplierVar)
dealloc(OverdriveMultiplierMem)

{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+66A38F

"RAGE2.exe"+66A367: C7 44 24 20 1F 00 00 00  -  mov [rsp+20],0000001F
"RAGE2.exe"+66A36F: 45 33 C9                 -  xor r9d,r9d
"RAGE2.exe"+66A372: 45 33 C0                 -  xor r8d,r8d
"RAGE2.exe"+66A375: 49 8B D3                 -  mov rdx,r11
"RAGE2.exe"+66A378: E8 73 2D CC FF           -  call RAGE2.exe+32D0F0
"RAGE2.exe"+66A37D: 48 8B 53 18              -  mov rdx,[rbx+18]
"RAGE2.exe"+66A381: 48 39 53 20              -  cmp [rbx+20],rdx
"RAGE2.exe"+66A385: 74 1E                    -  je RAGE2.exe+66A3A5
"RAGE2.exe"+66A387: 0F 10 45 07              -  movups xmm0,[rbp+07]
"RAGE2.exe"+66A38B: 0F 10 4D 17              -  movups xmm1,[rbp+17]
// ---------- INJECTING HERE ----------
"RAGE2.exe"+66A38F: 0F 11 02                 -  movups [rdx],xmm0
"RAGE2.exe"+66A392: 0F 10 45 27              -  movups xmm0,[rbp+27]
// ---------- DONE INJECTING  ----------
"RAGE2.exe"+66A396: 0F 11 4A 10              -  movups [rdx+10],xmm1
"RAGE2.exe"+66A39A: 0F 11 42 20              -  movups [rdx+20],xmm0
"RAGE2.exe"+66A39E: 48 83 43 18 30           -  add qword ptr [rbx+18],30
"RAGE2.exe"+66A3A3: EB 0D                    -  jmp RAGE2.exe+66A3B2
"RAGE2.exe"+66A3A5: 4C 8D 45 07              -  lea r8,[rbp+07]
"RAGE2.exe"+66A3A9: 48 8D 4B 10              -  lea rcx,[rbx+10]
"RAGE2.exe"+66A3AD: E8 1E DF A5 FF           -  call RAGE2.exe+C82D0
"RAGE2.exe"+66A3B2: 48 8B B4 24 A0 00 00 00  -  mov rsi,[rsp+000000A0]
"RAGE2.exe"+66A3BA: 0F 28 7C 24 70           -  movaps xmm7,[rsp+70]
"RAGE2.exe"+66A3BF: 4C 8D 9C 24 90 00 00 00  -  lea r11,[rsp+00000090]
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>2800</ID>
          <Description>"Overdrive Multiplier"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Default (10s)
10:Overdrive x2 (20s)
30:Overdrive x4 (40s)
50:Overdrive x6 (60s)
70:Overdrive x8 (80s)
110:Overdrive x12 (120s)
150:Overdrive x16 (160s)
</DropDownList>
          <LastState Value="150" RealAddress="7FF7F2AB1000"/>
          <VariableType>Float</VariableType>
          <Address>_OverDriveMultiplierVar</Address>
        </CheatEntry>
        <CheatEntry>
          <ID>2804</ID>
          <Description>"Overdrive Timer"</Description>
          <LastState Value="159.5332336" RealAddress="20A78A31C9C"/>
          <VariableType>Float</VariableType>
          <Address>_pOverdriveTimer</Address>
          <Offsets>
            <Offset>C</Offset>
          </Offsets>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Unlock All Vehicles

Code: Select all

[ENABLE]

aobscanmodule(_AllCarsAvailable,RAGE2.exe,A6 07 00 80 BF 01 0D 00 00 00) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B1CB08)

label(code)
label(return)

newmem:
mov byte ptr [rdi+00000D01],00
code:
  cmp byte ptr [rdi+00000D01],00
  jmp return

_AllCarsAvailable+03:
  jmp newmem
  nop
  nop
return:
registersymbol(_AllCarsAvailable)

[DISABLE]

_AllCarsAvailable+03:
  db 80 BF 01 0D 00 00 00

unregistersymbol(_AllCarsAvailable)
dealloc(newmem)
Unlock All Nanotrites

Code: Select all

[ENABLE]
aobscanmodule(_UnlockAllNanotrites,RAGE2.exe,41 0F B6 86 F9 01 00 00 84) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B13494)

label(code)
label(return)

newmem:
mov byte ptr [r14+000001F9],1
code:
  movzx eax,byte ptr [r14+000001F9]
  jmp return

_UnlockAllNanotrites:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(_UnlockAllNanotrites)

[DISABLE]

_UnlockAllNanotrites:
  db 41 0F B6 86 F9 01 00 00

unregistersymbol(_UnlockAllNanotrites)
dealloc(newmem)
Top
enhort
What is cheating?
What is cheating?
Posts: 3
Joined: Tue Jan 08, 2019 4:21 am
Reputation: 1

Re: RAGE2 [Engine:APEX]

Post by enhort »

Hello, thank you all for your work!
All i got so far
Please, share it with us.
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

Vehicle ESP/Health Bars

Image

Code: Select all

[ENABLE]

aobscanmodule(_ShowVehicleHealthBars,RAGE2.exe,80 B9 94 02 00 00 00 74 4D)
aobscanmodule(_HealthBarTimer,RAGE2.exe,F3 0F 58 81 90 02 00 00 0F)
alloc(ShowVehicleHealthBarsMem,$1000,"RAGE2.exe"+832080)
alloc(_enableVehicleESP,8)
registersymbol(_enableVehicleESP)
registersymbol(_HealthBarTimer)
registersymbol(_ShowVehicleHealthBars)

ShowVehicleHealthBarsMem:
cmp [_enableVehicleESP],1
jne codeShowVehicleHealthBars
mov byte ptr [rcx+00000294],01
codeShowVehicleHealthBars:
cmp byte ptr [rcx+00000294],00
  jmp returnShowVehicleHealthBars

HealthBarTimerMem:
cmp [_enableVehicleESP],1
jne codeHealthBarTimer
mov [rcx+00000290],0
codeHealthBarTimer:
  addss xmm0,dword ptr [rcx+00000290]
  jmp returnHealthBarTimer


_ShowVehicleHealthBars:
  jmp ShowVehicleHealthBarsMem
  nop
  nop
returnShowVehicleHealthBars:

_HealthBarTimer:
  jmp HealthBarTimerMem
  nop
  nop
  nop
returnHealthBarTimer:

_enableVehicleESP:
dd 1

[DISABLE]

_ShowVehicleHealthBars:
  db 80 B9 94 02 00 00 00
_HealthBarTimer:
  db F3 0F 58 81 90 02 00 00
unregistersymbol(_ShowVehicleHealthBars)
unregistersymbol(_HealthBarTimer)
unregistersymbol(_enableVehicleESP)
dealloc(_enableVehicleESP)
dealloc(ShowVehicleHealthBarsMem)
Unlock Vehicle Skins

Code: Select all

[ENABLE]

aobscanmodule(_UnlockVehicleSkins,RAGE2.exe,80 3A 00 0F 44 C8) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B1CB84)

label(code)
label(return)

newmem:
mov byte ptr [rdx],1
code:
  cmp byte ptr [rdx],00
  cmove ecx,eax
  jmp return

_UnlockVehicleSkins:
  jmp newmem
  nop
return:
registersymbol(_UnlockVehicleSkins)

[DISABLE]

_UnlockVehicleSkins:
  db 80 3A 00 0F 44 C8

unregistersymbol(_UnlockVehicleSkins)
dealloc(newmem)


My Table So Far
Spoiler
Image
Image
Image
Attachments
RAGE2.CT
CODEX - Table v 0.76
(312.58 KiB) Downloaded 204 times
Top
User avatar
m01s33nk0
Cheater
Cheater
Posts: 45
Joined: Tue May 09, 2017 3:11 pm
Reputation: 16

Re: RAGE2 [Engine:APEX]

Post by m01s33nk0 »

l0wb1t wrote:
Sat May 25, 2019 9:20 pm
Spoiler
Vehicle ESP/Health Bars

Image

Code: Select all

[ENABLE]

aobscanmodule(_ShowVehicleHealthBars,RAGE2.exe,80 B9 94 02 00 00 00 74 4D)
aobscanmodule(_HealthBarTimer,RAGE2.exe,F3 0F 58 81 90 02 00 00 0F)
alloc(ShowVehicleHealthBarsMem,$1000,"RAGE2.exe"+832080)
alloc(_enableVehicleESP,8)
registersymbol(_enableVehicleESP)
registersymbol(_HealthBarTimer)
registersymbol(_ShowVehicleHealthBars)

ShowVehicleHealthBarsMem:
cmp [_enableVehicleESP],1
jne codeShowVehicleHealthBars
mov byte ptr [rcx+00000294],01
codeShowVehicleHealthBars:
cmp byte ptr [rcx+00000294],00
  jmp returnShowVehicleHealthBars

HealthBarTimerMem:
cmp [_enableVehicleESP],1
jne codeHealthBarTimer
mov [rcx+00000290],0
codeHealthBarTimer:
  addss xmm0,dword ptr [rcx+00000290]
  jmp returnHealthBarTimer


_ShowVehicleHealthBars:
  jmp ShowVehicleHealthBarsMem
  nop
  nop
returnShowVehicleHealthBars:

_HealthBarTimer:
  jmp HealthBarTimerMem
  nop
  nop
  nop
returnHealthBarTimer:

_enableVehicleESP:
dd 1

[DISABLE]

_ShowVehicleHealthBars:
  db 80 B9 94 02 00 00 00
_HealthBarTimer:
  db F3 0F 58 81 90 02 00 00
unregistersymbol(_ShowVehicleHealthBars)
unregistersymbol(_HealthBarTimer)
unregistersymbol(_enableVehicleESP)
dealloc(_enableVehicleESP)
dealloc(ShowVehicleHealthBarsMem)
Unlock Vehicle Skins

Code: Select all

[ENABLE]

aobscanmodule(_UnlockVehicleSkins,RAGE2.exe,80 3A 00 0F 44 C8) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+B1CB84)

label(code)
label(return)

newmem:
mov byte ptr [rdx],1
code:
  cmp byte ptr [rdx],00
  cmove ecx,eax
  jmp return

_UnlockVehicleSkins:
  jmp newmem
  nop
return:
registersymbol(_UnlockVehicleSkins)

[DISABLE]

_UnlockVehicleSkins:
  db 80 3A 00 0F 44 C8

unregistersymbol(_UnlockVehicleSkins)
dealloc(newmem)


My Table So Far
Spoiler
Image
Image
Image
super! but on latest update unlock all vehicles don't working :( and can you provide script for unlimited items for merchants as separated CEA, pls?
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

m01s33nk0 wrote:
Sun May 26, 2019 12:22 am
 super! but on latest update unlock all vehicles don't working :( and can you provide script for unlimited items for merchants as separated CEA, pls?
Does the Script just wont tick?


Merchants Has Infinite to sell

Code: Select all

[ENABLE]

aobscanmodule(_MerchantsHasInfiniteItemsToSell,RAGE2.exe,41 8B 40 0C 89 42 0C 41 8B 40 14) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+AB2F06)

label(code)
label(return)

newmem:
mov eax,[r8+08],#999
mov eax,[r8+0C],#999
code:
  mov eax,[r8+0C]
  mov [rdx+0C],eax
  jmp return

_MerchantsHasInfiniteItemsToSell:
  jmp newmem
  nop
  nop
return:
registersymbol(_MerchantsHasInfiniteItemsToSell)

[DISABLE]

_MerchantsHasInfiniteItemsToSell:
  db 41 8B 40 0C 89 42 0C

unregistersymbol(_MerchantsHasInfiniteItemsToSell)
dealloc(newmem)
Unlock Map
Image

Code: Select all

[ENABLE]

aobscanmodule(_UnlockMap,RAGE2.exe,80 7A 28 00 7E 18) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+7EEFC2)


newmem:
mov byte ptr [rdx+28],3
code:
  cmp byte ptr [rdx+28],00
  jle _UnlockMap+1E
  jmp return

_UnlockMap:
  jmp newmem
  nop
return:
registersymbol(_UnlockMap)

[DISABLE]

_UnlockMap:
  db 80 7A 28 00 7E 18

unregistersymbol(_UnlockMap)
dealloc(newmem)
Player/Vehicle Engine Wireframe ESP
Image

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>2909</ID>
      <Description>"PlayerESP"</Description>
      <Options moHideChildren="1"/>
      <LastState Activated="1"/>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{ Game   : RAGE2.exe
  Version: 
  Date   : 2019-05-26
  Author : l0wb1

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(_PlayerESP,RAGE2.exe,49 8B 81 80 02 00 00 48) // should be unique
alloc(PlayerESPMem,$1000,"RAGE2.exe"+783446)
alloc(_pPlayerESP,8)
registersymbol(_pPlayerESP)
registersymbol(_PlayerESP)


PlayerESPMem:
mov [_pPlayerESP],r15
codePlayerESP:
  mov rax,[r9+00000280]
  jmp returnPlayerESP

_PlayerESP:
  jmp PlayerESPMem
  nop
  nop
returnPlayerESP:

_pPlayerESP:
dd 0
[DISABLE]

_PlayerESP:
  db 49 8B 81 80 02 00 00

unregistersymbol(_PlayerESP)
unregistersymbol(_pPlayerESP)
dealloc(_pPlayerESP)
dealloc(PlayerESPMem)

{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+783446

"RAGE2.exe"+78342A: F0 41 0F B1 48 08              - lock  cmpxchg [r8+08],ecx
"RAGE2.exe"+783430: 74 06                          -  je RAGE2.exe+783438
"RAGE2.exe"+783432: 8B D0                          -  mov edx,eax
"RAGE2.exe"+783434: 85 C0                          -  test eax,eax
"RAGE2.exe"+783436: EB EB                          -  jmp RAGE2.exe+783423
"RAGE2.exe"+783438: 85 D2                          -  test edx,edx
"RAGE2.exe"+78343A: 74 34                          -  je RAGE2.exe+783470
"RAGE2.exe"+78343C: 4C 8B 44 24 48                 -  mov r8,[rsp+48]
"RAGE2.exe"+783441: 4D 85 C0                       -  test r8,r8
"RAGE2.exe"+783444: 74 3B                          -  je RAGE2.exe+783481
// ---------- INJECTING HERE ----------
"RAGE2.exe"+783446: 49 8B 81 80 02 00 00           -  mov rax,[r9+00000280]
// ---------- DONE INJECTING  ----------
"RAGE2.exe"+78344D: 48 89 44 24 40                 -  mov [rsp+40],rax
"RAGE2.exe"+783452: 48 85 C0                       -  test rax,rax
"RAGE2.exe"+783455: 74 2A                          -  je RAGE2.exe+783481
"RAGE2.exe"+783457: 45 38 6F 28                    -  cmp [r15+28],r13l
"RAGE2.exe"+78345B: 74 1A                          -  je RAGE2.exe+783477
"RAGE2.exe"+78345D: F3 41 0F 10 87 90 00 00 00     -  movss xmm0,[r15+00000090]
"RAGE2.exe"+783466: F3 0F 11 80 B4 01 00 00        -  movss [rax+000001B4],xmm0
"RAGE2.exe"+78346E: EB 11                          -  jmp RAGE2.exe+783481
"RAGE2.exe"+783470: 4C 89 6C 24 48                 -  mov [rsp+48],r13
"RAGE2.exe"+783475: EB 0A                          -  jmp RAGE2.exe+783481
}
</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>2914</ID>
          <Description>"Player ESP"</Description>
          <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:Disabled
1:Enabled
</DropDownList>
          <LastState Value="1" RealAddress="25D71F919A8"/>
          <VariableType>Byte</VariableType>
          <Address>_pPlayerESP</Address>
          <Offsets>
            <Offset>28</Offset>
          </Offsets>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
Top
aberro
Noobzor
Noobzor
Posts: 5
Joined: Sun May 26, 2019 2:45 pm
Reputation: 0

Re: RAGE2 [Engine:APEX]

Post by aberro »

Could you please advice me... In short, I've stuck in Rage 2 inside bunker with all autosaves in that bunker and last manual save almost at beginning of the game (while currently I've completed most of map markers).
I've tried to glitch through textures (partially successful, as this bunker is surrounded by collision box, blocking everything), to cheat my map position (got almost 400k values that won't filter out), to find my running speed so I can ran through collision box (found something very close, but changing it doesn't do anything), everything without any luck.
Maybe you know what else I could do to get out of that bunker?
Top
User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: RAGE2 [Engine:APEX]

Post by SunBeam »

Spamming same post in 2 topics certainly won't ease me into it.
Top
aberro
Noobzor
Noobzor
Posts: 5
Joined: Sun May 26, 2019 2:45 pm
Reputation: 0

Re: RAGE2 [Engine:APEX]

Post by aberro »

Ok, I've deleted my comment from JC4 thread.
Top
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: RAGE2 [Engine:APEX]

Post by l0wb1t »

aberro wrote:
Sun May 26, 2019 2:53 pm
 Could you please advice me... In short, I've stuck in Rage 2 inside bunker with all autosaves in that bunker and last manual save almost at beginning of the game (while currently I've completed most of map markers).
I've tried to glitch through textures (partially successful, as this bunker is surrounded by collision box, blocking everything), to cheat my map position (got almost 400k values that won't filter out), to find my running speed so I can ran through collision box (found something very close, but changing it doesn't do anything), everything without any luck.
Maybe you know what else I could do to get out of that bunker?
Use my Table, then use Tele to random enemy / Teleport to Random Vehicle( Hotkey = MB4/MB5), keep spamming it.
Or just increase the Y Axis Coord which you can find inside the Pointers Header inside the Player's Header. That way you can teleport over the Bunker and land on the ground above.
Image


Skill Duration Timer (Tested with that Sprint thing)

Code: Select all

[ENABLE]
aobscanmodule(_AbilityDurationTimer,RAGE2.exe,1F F3 0F 10 49 58) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+6898CE)
newmem:
mov [rcx+58],(float)100
code:
  movss xmm1,[rcx+58]
  jmp return

_AbilityDurationTimer+01:
  jmp newmem
return:
registersymbol(_AbilityDurationTimer)

[DISABLE]

_AbilityDurationTimer+01:
  db F3 0F 10 49 58

unregistersymbol(_AbilityDurationTimer)
dealloc(newmem)
Top
aberro
Noobzor
Noobzor
Posts: 5
Joined: Sun May 26, 2019 2:45 pm
Reputation: 0

Re: RAGE2 [Engine:APEX]

Post by aberro »

Oh gosh finally, after a week of trials and fails! Thank you! I'll tell about it on reddit, there's more players who's stuck in that same place.
Top
User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: RAGE2 [Engine:APEX]

Post by SunBeam »

Oh, poor you... tell us the shit you used that got you in that situation. I doubt it was normal gameplay.
Top
Post Reply

Return to “Tables”

Who is online

Users browsing this forum: Boru, DotBot, Google [Bot], Google Adsense [Bot], JMC23, jonaaa, mikeronincheese, OwerKill, PrinnyHero, SavicusVonde