Перейти к содержанию

Dark Souls ADD ITEM


Рекомендуемые сообщения

Скрипты:

1. ID of the highlighted object

Скрытый текст

{ Game   : DARKSOULS.exe
  Version: 
  Date   : 2016-05-09
  Author : Garik66

  This script does blah blah blah
}

[ENABLE]
aobscanmodule(Slot,DARKSOULS.exe,89 90 E4 01 00 00 E8) // should be unique
aobscanmodule(Quantity,DARKSOULS.exe,8B 48 08 89 4C 24 10)
alloc(newmem,$1000)
label(newmem1)
label(code)
label(code1)
label(return)
label(return1)
label(IDSlot)
label(IDItem)
registersymbol(IDItem)
registersymbol(Slot)
registersymbol(Quantity)

newmem:
  mov [IDSlot],edx

code:
  mov [eax+000001E4],edx
  jmp return

newmem1:
  cmp esi,[IDSlot]
  jne code1
  push [eax+04]
  pop [IDItem]

code1:
  mov ecx,[eax+08]
  mov [esp+10],ecx
  jmp return1

IDSlot:
dd 0
IDItem:
dd 0

Slot:
  jmp newmem
  db 90
return:

Quantity:
  jmp newmem1
  db 90 90
return1:

[DISABLE]
Slot:
  db 89 90 E4 01 00 00
  Quantity:
  db 8B 48 08 89 4C 24 10

unregistersymbol(IDItem)
unregistersymbol(Quantity)
unregistersymbol(Slot)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "DARKSOULS.exe"+86AFD9

"DARKSOULS.exe"+86AFB6: 8B 8E 00 01 00 00     -  mov ecx,[esi+00000100]
"DARKSOULS.exe"+86AFBC: 3B CB                 -  cmp ecx,ebx
"DARKSOULS.exe"+86AFBE: 7C 14                 -  jl DARKSOULS.exe+86AFD4
"DARKSOULS.exe"+86AFC0: 8B 96 38 01 00 00     -  mov edx,[esi+00000138]
"DARKSOULS.exe"+86AFC6: 8B 52 04              -  mov edx,[edx+04]
"DARKSOULS.exe"+86AFC9: 03 CF                 -  add ecx,edi
"DARKSOULS.exe"+86AFCB: 8B 0C 8A              -  mov ecx,[edx+ecx*4]
"DARKSOULS.exe"+86AFCE: 8B 50 04              -  mov edx,[eax+04]
"DARKSOULS.exe"+86AFD1: 8B 14 8A              -  mov edx,[edx+ecx*4]
"DARKSOULS.exe"+86AFD4: A1 D0 56 37 01        -  mov eax,[DARKSOULS.exe+F756D0]
// ---------- INJECTING HERE ----------
"DARKSOULS.exe"+86AFD9: 89 90 E4 01 00 00     -  mov [eax+000001E4],edx
// ---------- DONE INJECTING  ----------
"DARKSOULS.exe"+86AFDF: E8 2C DB FF FF        -  call DARKSOULS.exe+868B10
"DARKSOULS.exe"+86AFE4: 68 F0 1A 1C 01        -  push DARKSOULS.exe+DC1AF0
"DARKSOULS.exe"+86AFE9: 8B CE                 -  mov ecx,esi
"DARKSOULS.exe"+86AFEB: E8 D0 93 B1 FF        -  call DARKSOULS.exe+3843C0
"DARKSOULS.exe"+86AFF0: 3B C3                 -  cmp eax,ebx
"DARKSOULS.exe"+86AFF2: 74 24                 -  je DARKSOULS.exe+86B018
"DARKSOULS.exe"+86AFF4: 83 EC 08              -  sub esp,08
"DARKSOULS.exe"+86AFF7: 8B CC                 -  mov ecx,esp
"DARKSOULS.exe"+86AFF9: C7 41 04 02 00 00 00  -  mov [ecx+04],00000002
"DARKSOULS.exe"+86B000: C7 01 E1 2E 00 00     -  mov [ecx],00002EE1
}
{
// ORIGINAL CODE - INJECTION POINT: "DARKSOULS.exe"+80B910

"DARKSOULS.exe"+80B8EE: 3B B7 18 01 00 00     -  cmp esi,[edi+00000118]
"DARKSOULS.exe"+80B8F4: 7D 08                 -  jnl DARKSOULS.exe+80B8FE
"DARKSOULS.exe"+80B8F6: 8B 87 20 01 00 00     -  mov eax,[edi+00000120]
"DARKSOULS.exe"+80B8FC: EB 06                 -  jmp DARKSOULS.exe+80B904
"DARKSOULS.exe"+80B8FE: 8B 87 24 01 00 00     -  mov eax,[edi+00000124]
"DARKSOULS.exe"+80B904: 03 C3                 -  add eax,ebx
"DARKSOULS.exe"+80B906: 85 C0                 -  test eax,eax
"DARKSOULS.exe"+80B908: 74 4E                 -  je DARKSOULS.exe+80B958
"DARKSOULS.exe"+80B90A: 80 78 10 00           -  cmp byte ptr [eax+10],00
"DARKSOULS.exe"+80B90E: 74 48                 -  je DARKSOULS.exe+80B958
// ---------- INJECTING HERE ----------
"DARKSOULS.exe"+80B910: 8B 48 08              -  mov ecx,[eax+08]
"DARKSOULS.exe"+80B913: 89 4C 24 10           -  mov [esp+10],ecx
// ---------- DONE INJECTING  ----------
"DARKSOULS.exe"+80B917: 8B 48 04              -  mov ecx,[eax+04]
"DARKSOULS.exe"+80B91A: 8B 00                 -  mov eax,[eax]
"DARKSOULS.exe"+80B91C: E8 EF F2 FF FF        -  call DARKSOULS.exe+80AC10
"DARKSOULS.exe"+80B921: F3 0F 2A 4C 24 10     -  cvtsi2ss xmm1,[esp+10]
"DARKSOULS.exe"+80B927: F3 0F 5A C0           -  cvtss2sd xmm0,xmm0
"DARKSOULS.exe"+80B92B: F3 0F 5A C9           -  cvtss2sd xmm1,xmm1
"DARKSOULS.exe"+80B92F: F2 0F 59 C1           -  mulsd xmm0,xmm1
"DARKSOULS.exe"+80B933: F2 0F 5A C0           -  cvtsd2ss xmm0,xmm0
"DARKSOULS.exe"+80B937: 0F 2F 05 B0 73 15 01  -  comiss xmm0,[DARKSOULS.exe+D573B0]
"DARKSOULS.exe"+80B93E: 76 18                 -  jna DARKSOULS.exe+80B958
}

 

2. Add Item

Скрытый текст

{ Game   : DARKSOULS.exe
  Version: 
  Date   : 2016-05-09
  Author : Garik66

  This script does blah blah blah
}

[ENABLE]
aobscanmodule(Item,DARKSOULS.exe,CA 8B 74 24 24 39 31) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
label(TypeItem)
registersymbol(TypeItem)
label(IDItem1)
registersymbol(IDItem1)
label(Sum)
registersymbol(Sum)
label(Durability)
registersymbol(Durability)
label(flag)
registersymbol(flag)
registersymbol(Item)

newmem:
  mov esi,[esp+24]
  cmp [ecx],esi
  cmp [flag],1
  jne code
  cmp [ecx],FFFFFFFF
  jne code
  push [TypeItem]
  pop [ecx]
  push [IDItem1]
  pop [ecx+04]
  push [Sum]
  pop [ecx+08]
  mov [ecx+10],1
  push [Durability]
  pop [ecx+14]
  mov [flag],0

code:
  jmp return

TypeItem:
dd 0
IDItem1:
dd 0
Sum:
dd 1
Durability:
dd 0
flag:
dd 0

Item+01:
  jmp newmem
  nop
return:

[DISABLE]
Item+01:
  db 8B 74 24 24 39 31

unregistersymbol(TypeItem)
unregistersymbol(IDItem1)
unregistersymbol(Sum)
unregistersymbol(Durability)
unregistersymbol(flag)
unregistersymbol(Item)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "DARKSOULS.exe"+809DD8

"DARKSOULS.exe"+809DB4: 85 C0                    -  test eax,eax
"DARKSOULS.exe"+809DB6: 7C 20                    -  jl DARKSOULS.exe+809DD8
"DARKSOULS.exe"+809DB8: 3B 85 10 01 00 00        -  cmp eax,[ebp+00000110]
"DARKSOULS.exe"+809DBE: 7D 18                    -  jnl DARKSOULS.exe+809DD8
"DARKSOULS.exe"+809DC0: 3B 85 18 01 00 00        -  cmp eax,[ebp+00000118]
"DARKSOULS.exe"+809DC6: 7D 08                    -  jnl DARKSOULS.exe+809DD0
"DARKSOULS.exe"+809DC8: 8B 8D 20 01 00 00        -  mov ecx,[ebp+00000120]
"DARKSOULS.exe"+809DCE: EB 06                    -  jmp DARKSOULS.exe+809DD6
"DARKSOULS.exe"+809DD0: 8B 8D 24 01 00 00        -  mov ecx,[ebp+00000124]
"DARKSOULS.exe"+809DD6: 03 CA                    -  add ecx,edx
// ---------- INJECTING HERE ----------
"DARKSOULS.exe"+809DD8: 8B 74 24 24              -  mov esi,[esp+24]
"DARKSOULS.exe"+809DDC: 39 31                    -  cmp [ecx],esi
// ---------- DONE INJECTING  ----------
"DARKSOULS.exe"+809DDE: 75 05                    -  jne DARKSOULS.exe+809DE5
"DARKSOULS.exe"+809DE0: 39 79 04                 -  cmp [ecx+04],edi
"DARKSOULS.exe"+809DE3: 74 0B                    -  je DARKSOULS.exe+809DF0
"DARKSOULS.exe"+809DE5: 40                       -  inc eax
"DARKSOULS.exe"+809DE6: 83 C2 1C                 -  add edx,1C
"DARKSOULS.exe"+809DE9: 3B C3                    -  cmp eax,ebx
"DARKSOULS.exe"+809DEB: 7C C5                    -  jl DARKSOULS.exe+809DB2
"DARKSOULS.exe"+809DED: 83 C8 FF                 -  or eax,-01
"DARKSOULS.exe"+809DF0: 5F                       -  pop edi
"DARKSOULS.exe"+809DF1: 5E                       -  pop esi
}

 

Видео:

 

Табличка: 

// Таблицу выложил в 4 теме (см. ссылку вверху).

Изменено пользователем Garik66
  • Плюс 3
Ссылка на комментарий
Поделиться на другие сайты

×
×
  • Создать...

Важная информация

Находясь на нашем сайте, Вы автоматически соглашаетесь соблюдать наши Условия использования.