RAGE 2 [Engine:APEX]

[skywolf23]

this save can unlock the Deluxe Version about BFG gun, Golden Skin, flag, blah blah , everything deluxe version have and the cheat code too, but you need to buy it from Wasteland Wizard to unlock it or using SunBeam CT
Work on Codex version not testing on steam version yet, because i dont have one LOL
chose Male Or Female save game, put it in to
C:\Users\*username*\Saved Games
*********THIS IS THE UNLOCKER SAVE SO IT WILL REPLACE YOUR CURRENT PROGRESS SO BACKUP OLD SAVE AND USE THIS IF YOU WANT*********

Ok i got to mess with this, less i missed something there is NO BFG in the base game. You get the skins the free cheats i do not think the mission triggered since i played past blackout and finished it and do not recall any mission pop up beyond what i already had via the story.

In the standard editions you have to find the wizzard, to unlock the cheats and buy them all in the collectors you get 3 4 cheats "free" he flies around the map and they expensive as hell. so yea a few free ones is a nice plus. but i think the unlocker only gets you the monster truck and etc skins despite the game saying you unlocked the BFG and the mission i think it needs to dl assets to make that happen.

Probably be modded by someone eventually. Simple sharing of game files likely.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[bloodaxis]

I unlocked the BFG by using that save at least, no cheats though.

[skywolf23]

hmm interesting. i dunno why what game version you running? steam epic or high seas?

Ok yea IF you load the one save he has it equipped, but if you load the save before that and leave town and goto the spot where it drops nothing happens no meter no BFG something is missing to trigger the event so you can go there pick it up yourself.

And is the bonus mission working? suspect that might also might be lacking assets.

[Wormhole Hobo]

Question, is there a way using CE to unlock the overdrive ability?

I guess as a function request for this table, it would be cool if you could unlock any/all abilities early on in the game.

Thanks in advance, I missed the prompt to activate overdrive in the intro, so now it is locked in my game. I tried the unlimited overdrive functions in the 2 trainers that are up, and from this table, but because the ability is not unlocked it still doesn't work.

[l0wb1t]

...
which ones are the FOV and zoom btw?

Camera FOV

Code: Select all

aobscanmodule(_FOV,RAGE2.exe,F3 0F 11 87 C0 00 00 00 45) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+5EB2B2)

label(code)
label(return)

newmem:

code:
  mov [rdi+000000C0],(float)1.5 
  jmp return

_FOV:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(_FOV)

[DISABLE]

_FOV:
  db F3 0F 11 87 C0 00 00 00

unregistersymbol(_FOV)
dealloc(newmem)

Character FOV

Code: Select all

[ENABLE]

aobscanmodule(_PlayerFOV,RAGE2.exe,F3 41 0F 10 86 E0 00 00 00 F3 0F) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+5EA64B)

label(code)
label(return)

newmem:
mov [r14+000000E0],(float)80
code:
  movss xmm0,[r14+000000E0]
  jmp return

_PlayerFOV:
  jmp newmem
  nop
  nop
  nop
  nop
return:
registersymbol(_PlayerFOV)

[DISABLE]

_PlayerFOV:
  db F3 41 0F 10 86 E0 00 00 00

unregistersymbol(_PlayerFOV)
dealloc(newmem)

[gir489]

Code: Select all

{ Game   : RAGE2.exe
  Version: 1.1
  Date   : 2019-05-19
  Author : gir489

  Infinite Augmentation Parts
}

[ENABLE]
aobscanmodule(ReadAugmentationParts,RAGE2.exe,8B 40 20 C3 33 C0 C3 CC CC CC CC CC CC CC CC CC CC 4C) // should be unique
registersymbol(ReadAugmentationParts)
alloc(newmem,256,"RAGE2.exe"+7421CF)

ReadAugmentationParts:
jmp newmem
nop

newmem:
cmp r11, 0
jne short @f
mov [rax+20], #10
@@:
mov eax,[rax+20]
ret
xor eax,eax
ret

[DISABLE]
unregistersymbol(ReadAugmentationParts)
dealloc(newmem)

ReadAugmentationParts:
  db 8B 40 20 C3 33 C0

{
// ORIGINAL CODE - INJECTION POINT: "RAGE2.exe"+7421CF

"RAGE2.exe"+7421B4: 48 8B 09              -  mov rcx,[rcx]
"RAGE2.exe"+7421B7: 80 79 19 00           -  cmp byte ptr [rcx+19],00
"RAGE2.exe"+7421BB: 74 E9                 -  je RAGE2.exe+7421A6
"RAGE2.exe"+7421BD: 49 3B C0              -  cmp rax,r8
"RAGE2.exe"+7421C0: 74 05                 -  je RAGE2.exe+7421C7
"RAGE2.exe"+7421C2: 3B 50 1C              -  cmp edx,[rax+1C]
"RAGE2.exe"+7421C5: 73 03                 -  jae RAGE2.exe+7421CA
"RAGE2.exe"+7421C7: 49 8B C0              -  mov rax,r8
"RAGE2.exe"+7421CA: 49 3B C0              -  cmp rax,r8
"RAGE2.exe"+7421CD: 74 04                 -  je RAGE2.exe+7421D3
// ---------- INJECTING HERE ----------
"RAGE2.exe"+7421CF: 8B 40 20              -  mov eax,[rax+20]
"RAGE2.exe"+7421D2: C3                    -  ret 
"RAGE2.exe"+7421D3: 33 C0                 -  xor eax,eax
// ---------- DONE INJECTING  ----------
"RAGE2.exe"+7421D5: C3                    -  ret 
"RAGE2.exe"+7421D6: CC                    -  int 3 
"RAGE2.exe"+7421D7: CC                    -  int 3 
"RAGE2.exe"+7421D8: CC                    -  int 3 
"RAGE2.exe"+7421D9: CC                    -  int 3 
"RAGE2.exe"+7421DA: CC                    -  int 3 
"RAGE2.exe"+7421DB: CC                    -  int 3 
"RAGE2.exe"+7421DC: CC                    -  int 3 
"RAGE2.exe"+7421DD: CC                    -  int 3 
"RAGE2.exe"+7421DE: CC                    -  int 3 
}

[l0wb1t]

Instant Aim

Code: Select all

[ENABLE]

aobscanmodule(_InstantAim,RAGE2.exe,F3 41 0F 59 96 F0 00 00 00) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+5EA52E)

label(code)
label(return)

newmem:
mov [r14+000000F0],(float)100
mov [r14+000000F4],(float)100
code:
  mulss xmm2,[r14+000000F0]
  jmp return

_InstantAim:
  jmp newmem
  nop
  nop
  nop
  nop
return:
registersymbol(_InstantAim)

[DISABLE]

_InstantAim:
  db F3 41 0F 59 96 F0 00 00 00

unregistersymbol(_InstantAim)
dealloc(newmem)

Super Weapon Zoom (enable While Playing, keep disabled during load)

Code: Select all

[ENABLE]

aobscanmodule(_AimCheck,RAGE2.exe,83 B8 E0 04 00 00 00)
aobscanmodule(_SuperZoom,RAGE2.exe,F3 0F 11 53 68 41)
alloc(AimCheckMem,$1000,"RAGE2.exe"+7F8EC7)
alloc(_IsPlayerAiming,8)
alloc(_enableSuperZoom,8)
registersymbol(_enableSuperZoom)
registersymbol(_SuperZoom)
registersymbol(_IsPlayerAiming)
registersymbol(_AimCheck)

AimCheckMem:
push rbx
mov rbx,[rax+000004E0]
mov [_IsPlayerAiming],rbx
pop rbx
codeAimCheck:
  cmp dword ptr [rax+000004E0],00
  jmp returnAimCheck

SuperZoomMem:
  cmp [_IsPlayerAiming],1
  jne codeSuperZoom
  cmp [_enableSuperZoom],1
  jne codeSuperZoom
  cmp r13,[_pHealthBase]
  jne codeSuperZoom
  mov dword ptr [rbx+68],(float)2
  jmp returnSuperZoom


codeSuperZoom:
  movss [rbx+68],xmm2
  jmp returnSuperZoom


_AimCheck:
  jmp AimCheckMem
  nop
  nop
returnAimCheck:

_SuperZoom:
  jmp SuperZoomMem
returnSuperZoom:

_IsPlayerAiming:
dd 0
_enableSuperZoom:
dd 1
[DISABLE]

_AimCheck:
  db 83 B8 E0 04 00 00 00
_SuperZoom:
  db F3 0F 11 53 68
unregistersymbol(_AimCheck)
unregistersymbol(_IsPlayerAiming)
unregistersymbol(_SuperZoom)
unregistersymbol(_enableSuperZoom)
dealloc(_enableSuperZoom)
dealloc(_IsPlayerAiming)
dealloc(AimCheckMem)

infinite Throwables

Code: Select all

[ENABLE]

aobscanmodule(_InfiniteThorwables,RAGE2.exe,49 3B C0 74 04 8B 40 20 C3 33 C0 C3 CC CC CC CC CC CC CC CC CC CC CC CC CC) // should be unique
alloc(newmem,$1000,RAGE2.exe)

label(code)
label(return)

newmem:
mov [rax+20],#5
code:
  cmp rax,r8
  je _InfiniteThorwables+9

  jmp return

_InfiniteThorwables:
  jmp newmem
return:
registersymbol(_InfiniteThorwables)

[DISABLE]

_InfiniteThorwables:
  db 49 3B C0 74 04

unregistersymbol(_InfiniteThorwables)
dealloc(newmem)

Map Marker Coords (but they don'T match with player coords at all )

Code: Select all

RAGE2.exe+599714 - 48 8B 81 00010000     - mov rax,[rcx+00000100]
RAGE2.exe+59971B - F3 0F10 18            - movss xmm3,[rax]
RAGE2.exe+59971F - 0F28 CB               - movaps xmm1,xmm3
RAGE2.exe+599722 - F3 0F10 50 04         - movss xmm2,[rax+04]
RAGE2.exe+599727 - F3 0F10 60 08         - movss xmm4,[rax+08]
RAGE2.exe+59972C - F3 0F11 64 24 50      - movss [rsp+50],xmm4
RAGE2.exe+599732 - 8B 44 24 50           - mov eax,[rsp+50]
RAGE2.exe+599736 - F2 0F10 44 24 48      - movsd xmm0,[rsp+48]
RAGE2.exe+59973C - F3 0F10 C1            - movss xmm0,xmm1
RAGE2.exe+599740 - 0F28 C8               - movaps xmm1,xmm0
RAGE2.exe+599743 - 0FC6 C9 E1            - shufps xmm1,xmm1,-1F { 225 }
RAGE2.exe+599747 - F3 0F10 CA            - movss xmm1,xmm2
RAGE2.exe+59974B - 0FC6 C9 E1            - shufps xmm1,xmm1,-1F { 225 }
RAGE2.exe+59974F - 0F28 D1               - movaps xmm2,xmm1
RAGE2.exe+599752 - EB 15                 - jmp RAGE2.exe+599769
RAGE2.exe+599754 - F2 0F10 50 28         - movsd xmm2,[rax+28] >>>>>>>>>>>HERE<<<<<<<<<<<<<
RAGE2.exe+599759 - 8B 40 30              - mov eax,[rax+30]
RAGE2.exe+59975C - 89 44 24 50           - mov [rsp+50],eax
RAGE2.exe+599760 - F3 0F10 64 24 50      - movss xmm4,[rsp+50]
RAGE2.exe+599766 - 0F28 DA               - movaps xmm3,xmm2
RAGE2.exe+599769 - F3 41 0F10 4E 08      - movss xmm1,[r14+08]
RAGE2.exe+59976F - F3 0F5C CC            - subss xmm1,xmm4
RAGE2.exe+599773 - F3 41 0F10 06         - movss xmm0,[r14]
RAGE2.exe+599778 - F3 0F5C C3            - subss xmm0,xmm3
RAGE2.exe+59977C - F3 0F59 C0            - mulss xmm0,xmm0
RAGE2.exe+599780 - F3 0F59 C9            - mulss xmm1,xmm1
RAGE2.exe+599784 - F3 0F58 C1            - addss xmm0,xmm1
RAGE2.exe+599788 - 0F2F 05 BD8E1902      - comiss xmm0,[RAGE2.exe+273264C] { (400.00) }

[bloodaxis]

And is the bonus mission working? suspect that might also might be lacking assets.

Don't think it is no, and yeah I was using the save where it was already acquired.

[LazerPazer]

any timer freezers foe races please))))

[SunBeam]

@l0wb1t: They won't match because the coordinates in this engine are relative to the position you first spawn to. You can be anywhere on the map; when you start the game, XYZ = 0,0,0. Then game uses those to calculate where you are; relative to that start position.

[l0wb1t]

@l0wb1t: They won't match because the coordinates in this engine are relative to the position you first spawn to. You can be anywhere on the map; when you start the game, XYZ = 0,0,0. Then game uses those to calculate where you are; relative to that start position.

Well that sucks.

Here's some Kind of Fly/Float mode

Code: Select all

[ENABLE]
aobscanmodule(_Float,RAGE2.exe,F3 41 0F 10 40 38 F3 0F 58) // should be unique
alloc(newmem,$1000,"RAGE2.exe"+AC081B)

label(code)
label(return)

newmem:
push rdx
mov rdx,[r8+60]
mov [rdx+84],(float)-20
pop rdx
code:
  movss xmm0,[r8+38]
  jmp return

_Float:
  jmp newmem
  nop
return:
registersymbol(_Float)

[DISABLE]

_Float:
  db F3 41 0F 10 40 38

unregistersymbol(_Float)
dealloc(newmem)

Script can be improved ofcourse by manually adding/substracting the height

[arnevehug]

For some reason I cannot enable the cheat menu. Anyone know why?

[SunBeam]

The Cheat Menu uses addresses from the first release of the game. It hasn't been updated. Hence why it's in Debug section of the table and you shouldn't be using it. If you also read a few pages back, I said most cheats' effects don't work, even if you turn cheat on. Yeah, you had your hopes high. Play the game and buy those cheats later on from the trader.

[briari2]

infinite ammo can now open?

[SunBeam]

How about you try?