Far Cry New Dawn - table v: 1.0.13 CT

Upload your cheat tables here (No requests)
User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.7 CT

Post by l0wb1t »

aobscanmodule(_BulletCoord,FC_m64.dll,48 8B 07 45 31 C0 41 0F)

Last bullet hit Coordinates. That's fun when you Teleport to it.

Code: Select all

cmp [rax+30],(float)1
jne codeBulletCoord
mov [_pBulletCoords],rdi
push rdx
mov rdx,[rdi+30]
mov [_xPosBullet],rdx
mov rdx,[rdi+34]
mov [_yPosBullet],rdx
mov rdx,[rdi+38]
mov [_zPosBullet],rdx
pop rdx


How to use this cheat table?
  1. Install Cheat Engine
  2. Double-click the .CT file in order to open it.
  3. Click the PC icon in Cheat Engine in order to select the game process.
  4. Keep the list.
  5. Activate the trainer options by checking boxes or setting values from 0 to 1

TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Far Cry New Dawn - table v: 1.0.7 CT

Post by TimFun13 »

l0wb1t wrote:
Sun Mar 17, 2019 7:01 pm
...
That float wasn't the same for me, but this is what I came up with. I'm curious if it works on your version.

Code: Select all

{
	Process			: FarCryNewDawn.exe  -  (x64)
	Module			: FC_m64.dll
	Game Title		: Far Cry: New Dawn
	Game Version	: 1.0.0.0
	CE Version		: 6.83
	Script Version	: 0.0.1
	Date			: 03/17/19
	Author			: ShyTwig16
	Name			: BulletCoordHook

	Bullet Coord Hook

	x : +30
	Z : +34
	Y : +38
}

{$STRICT}

define(address, FC_m64.dll+FA7EABC)
define(bytes, 48 8B 07 45 31 C0)

////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobBulletCoordHook, FC_m64.dll, 0F28xxE8xxxxxxxx48xxxx45xxxx41xxxxxx48xxxxFF)
define(injBulletCoordHook, aobBulletCoordHook+8)
assert(injBulletCoordHook, bytes)
registerSymbol(injBulletCoordHook)

alloc(memBulletCoordHook, 0x400, injBulletCoordHook)

label(ptrBulletCoordHook)
registerSymbol(ptrBulletCoordHook)

label(n_code)
label(o_code)
label(exit)
label(return)

memBulletCoordHook:
	ptrBulletCoordHook:
		dq 0
	align 10 CC
	n_code:
		pushfq
		mov rax,[ptrWeaponClipHook]
		test rax,rax
		jz o_code
			mov rax,[rax+60]
			test rax,rax
			jz o_code
				cmp [rdi+50],rax
				jne o_code
					mov [ptrBulletCoordHook],rdi
	o_code:
		mov rax,[rdi]
		xor r8d,r8d
	exit:
		popfq
		jmp return


////
//// ---------- Injection Point ----------
injBulletCoordHook:
	jmp n_code
	nop
	return:


////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injBulletCoordHook:
	db bytes

unregisterSymbol(injBulletCoordHook)

unregisterSymbol(ptrBulletCoordHook)

dealloc(memBulletCoordHook)

{
//// Injection Point: FC_m64.dll+FA7EABC  -  000007FEAAF7EABC
//// AOB address: 000007FEAAF7EAB4  -  FC_m64.dll+FA7EAB4
//// Process: FarCryNewDawn.exe  -  000000013F460000
//// Module: FC_m64.dll  -  000007FE9B500000
//// Module Size: 000000001B123000
FC_m64.dll+FA7EA73:  FF C3                       -  inc ebx                            
FC_m64.dll+FA7EA75:  48 C1 E8 20                 -  shr rax,20                         
FC_m64.dll+FA7EA79:  0FBA F0 1F                  -  btr eax,1F                         
FC_m64.dll+FA7EA7D:  39 C3                       -  cmp ebx,eax                        
FC_m64.dll+FA7EA7F:  72 BF                       -  jb 7FEAAF7EA40                     
FC_m64.dll+FA7EA81:  49 83 C7 20                 -  add r15,20                         
FC_m64.dll+FA7EA85:  4D 39 E7                    -  cmp r15,r12                        
FC_m64.dll+FA7EA88:  0F85 32FFFFFF               -  jne 7FEAAF7E9C0                    
FC_m64.dll+FA7EA8E:  41 83 CD FF                 -  or r13d,-01                        
FC_m64.dll+FA7EA92:  4C 8D 77 68                 -  lea r14,[rdi+68]                   
FC_m64.dll+FA7EA96:  48 8B 5D B8                 -  mov rbx,[rbp-48]                   
FC_m64.dll+FA7EA9A:  48 8B 4D C0                 -  mov rcx,[rbp-40]                   
FC_m64.dll+FA7EA9E:  48 8B 43 08                 -  mov rax,[rbx+08]                   
FC_m64.dll+FA7EAA2:  80 7C C8 10 00              -  cmp byte ptr [rax+rcx*8+10],00     
FC_m64.dll+FA7EAA7:  74 13                       -  je 7FEAAF7EABC                     
FC_m64.dll+FA7EAA9:  F3 41 0F59 F2               -  mulss xmm6,xmm10                   
FC_m64.dll+FA7EAAE:  41 B0 01                    -  mov r8l,01                         
FC_m64.dll+FA7EAB1:  48 89 F9                    -  mov rcx,rdi                        
FC_m64.dll+FA7EAB4:  0F28 CE                     -  movaps xmm1,xmm6                   <<<--- AOB Starts Here
FC_m64.dll+FA7EAB7:  E8 344A1EF1                 -  call 7FE9C1634F0                   
////  INJECTING START  ----------------------------------------------------------
FC_m64.dll+FA7EABC:  48 8B 07                    -  mov rax,[rdi]                      
FC_m64.dll+FA7EABF:  45 31 C0                    -  xor r8d,r8d                        
////  INJECTING END  ----------------------------------------------------------
FC_m64.dll+FA7EAC2:  41 0F28 C9                  -  movaps xmm1,xmm9                   
FC_m64.dll+FA7EAC6:  48 89 F9                    -  mov rcx,rdi                        
FC_m64.dll+FA7EAC9:  FF 90 90000000              -  call qword ptr [rax+00000090]      
FC_m64.dll+FA7EACF:  83 7F 58 FF                 -  cmp dword ptr [rdi+58],-01         
FC_m64.dll+FA7EAD3:  75 09                       -  jne 7FEAAF7EADE                    
FC_m64.dll+FA7EAD5:  8B 05 298C22F5              -  mov eax,[7FEA01A7704]              [AB3FB98A]
FC_m64.dll+FA7EADB:  89 47 58                    -  mov [rdi+58],eax                   
FC_m64.dll+FA7EADE:  48 8B 07                    -  mov rax,[rdi]                      
FC_m64.dll+FA7EAE1:  48 89 F9                    -  mov rcx,rdi                        
FC_m64.dll+FA7EAE4:  4C 8B 65 C8                 -  mov r12,[rbp-38]                   
FC_m64.dll+FA7EAE8:  4C 89 E2                    -  mov rdx,r12                        
FC_m64.dll+FA7EAEB:  FF 90 88000000              -  call qword ptr [rax+00000088]      
FC_m64.dll+FA7EAF1:  41 B0 01                    -  mov r8l,01                         
FC_m64.dll+FA7EAF4:  0F28 CF                     -  movaps xmm1,xmm7                   
FC_m64.dll+FA7EAF7:  48 89 F9                    -  mov rcx,rdi                        
FC_m64.dll+FA7EAFA:  E8 F1491EF1                 -  call 7FE9C1634F0                   
FC_m64.dll+FA7EAFF:  41 0F28 C8                  -  movaps xmm1,xmm8                   
FC_m64.dll+FA7EB03:  48 89 F9                    -  mov rcx,rdi                        
FC_m64.dll+FA7EB06:  E8 85551EF1                 -  call 7FE9C164090                   
//// Template: I2CEA_AOBFullInjection
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}


TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Far Cry New Dawn - table v: 1.0.8 CT

Post by TimFun13 »

Table Updated:
  • v 1.0.8: Added: "Teleport To: Last Shot (Bullet Coordinates) { l0wb1t }" in "I2CETeleporter".
    And updated Lua modules.

User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.7 CT

Post by l0wb1t »

ShyTwig16 wrote:
Sun Mar 17, 2019 10:29 pm
That float wasn't the same for me, but this is what I came up with. I'm curious if it works on your version.
Yeah, it may failes soon or later, i did not played much, yet need to check that more. The aggressions i become because of the not working VEH Debugger are extreme :D And this "shit" windows debugger, crashes after some time, sometimes faster, sometimes it takes a while, but it happens all the time. Also, wenn i open the debugger before the game has loaded, lets say in main menu, and load the map, it crashes without any error msg. i tried bypassing it but i failed so far.

One Hit Vehicle Kills (doesn't affect the Vehicle you actually drive, or driven (last one)

aobscanmodule(_OneHitVehicleKills,FC_m64.dll,F3 0F 10 BE 48 01 00 00)


Usage:

Code: Select all

OneHitVehicleKillsMem:
mov [_pEnemyVehicle],rsi
cmp [_enableOHVK],1
jne codeOneHitVehicleKills
cmp rsi,[_pVehicleHealth]
je codeOneHitVehicleKills
cmp [rsi+00000148],(float)1
jle codeOneHitVehicleKills
mov [rsi+00000148],(float)0
mov [rsi+00000150],(float)0

jmp returnOneHitVehicleKills

codeOneHitVehicleKills:
  movss xmm7,[rsi+00000148]
  jmp returnOneHitVehicleKills
i get the "_pVehicleHealth" Pointer for compare from here

aobscanmodule(_InfiniteVehicleHealth,FC_m64.dll,48 8B 10 FF 92 20 03 00 00 8B)

Code: Select all

  mov rdx,[rax] // RAX Contains VehicleHealthBase Pointer for only our Vehicle
  call qword ptr [rdx+00000320]
I also noticed, at RAX+150 is a float 1.0 value, if yous et this to 0 when doing one hit kills, the vehicle instantly explodes, but it misses the explosion animation somehow then. That's why i haven't added it to the code. looks shit. But without, the vehicle starts burning first and then explode.

What you could add aswell is Jam Enemys Weapons. I have it done by forcing all their Clips to 0. Yeah pretty basic, but funny. Only annoying thing is, as soon you switch weapons, the Pointer for compare differs, so the switched weapon becomes 0 aswell. lol
But when you use it with NoReload it's fine.

Constantly accessing ammo code

Code: Select all

aobscanmodule(_JamEnemysWeapon,FC_m64.dll,48 8B 01 FF 90 E0 01 00 00 48 8B 8B D8) 
The Pointer i use for compare

Code: Select all

aobscanmodule(_MagazineBase,FC_m64.dll,48 8B 17 48 89 F9 FF 92 80 01)
MagazineBaseMem:
  mov [_pMagazineBase],rdi
  cmp [_enableNoReload],1
  jne codeMagazineBase
  push ecx
  mov ecx,[_MaxClipSize]
  mov [rdi+00000180],ecx
  pop ecx

codeMagazineBase:
  mov rdx,[rdi] // RDI Contains MagazineBasePointer
  mov rcx,rdi
Oh and not sure if you already make use of that. The MaxClipSize (visual) i use this for proper no reload.

Code: Select all

aobscanmodule(_GetMaxClipSize,FC_m64.dll,8B 53 0C 88 43 01)
  mov edx,[rbx+0C]
  mov [rbx+01],al
Last edited by l0wb1t on Tue Mar 19, 2019 9:10 am, edited 1 time in total.

TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Far Cry New Dawn - table v: 1.0.7 CT

Post by TimFun13 »

l0wb1t wrote:
Mon Mar 18, 2019 7:46 am
...
Thanks, I'll do some poking around.

l0wb1t wrote:
Mon Mar 18, 2019 7:46 am
...

Code: Select all

// ...
mov [rsi+00000148],(float)0
mov [rsi+0000015],(float)0.1 // <<< is this +0x15 or should it be +0x150 ?
// ...
...
Is this offset +0x15 or should it be +0x150?

User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.8 CT

Post by l0wb1t »

150 is correct, my bad. And it needs set to be 0 not 0.1

TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by TimFun13 »

Table Updated:
  • v 1.0.9: "Vehicle Health Hook" changed to "Vehicle Health Dec. Hook { l0wb1t }" and now has flags for player vehicle only effects.

User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by l0wb1t »

Ok, Triggerbot works now as it should

Code: Select all

[ENABLE]
aobscanmodule(_Crosshair,FC_m64.dll,41 89 07 48 8B 56 18)
aobscanmodule(_WriteMouseButtonClick,DINPUT8.dll,0F 10 00 0F 11 02 8B) // should be unique
globalalloc(CrosshairMem,$1000,FC_m64.dll)
alloc(MouseMem,$1000,DINPUT8.dll)
alloc(_FlagCrosshair,8)
alloc(_enableTriggerbot,8)
alloc(_enableTriggerbotFF,8)
registersymbol(_enableTriggerbot)
registersymbol(_enableTriggerbotFF)
registersymbol(_WriteMouseButtonClick)
registersymbol(_FlagCrosshair)
registersymbol(_Crosshair)

CrosshairMem:
cmp rax,00000000FFFFFFFF
je codeCrosshair
cmp byte ptr [r15],#255
je codeCrosshair
cmp r12,0
je codeCrosshair
mov [_FlagCrosshair],rax
codeCrosshair:
  mov [r15],eax
  mov rdx,[rsi+18]
  jmp returnCrosshair


MouseMem:
mov byte ptr [DINPUT8.dll+3C0EC],#128
jmp returnMouse

codeMouse:
  movups xmm0,[rax]
  movups [rdx],xmm0
  cmp [_enableTriggerbot],1
  jne returnMouse
  mov byte ptr [DINPUT8.dll+3C0EC],0
  cmp [_FlagCrosshair],1
  je MouseMem
  cmp [_enableTriggerbotFF],1
  jne returnMouse
  cmp [_FlagCrosshair],2
  je MouseMem
  jmp returnMouse


_Crosshair:
  jmp CrosshairMem
  nop
  nop
returnCrosshair:

_WriteMouseButtonClick:
  jmp codeMouse
  nop
returnMouse:

_FlagCrosshair:
db 0
_enableTriggerbot:
dd 1
_enableTriggerbotFF:
dd 0
[DISABLE]
_Crosshair:
  db 41 89 07 48 8B 56 18
_WriteMouseButtonClick:
  db 0F 10 00 0F 11 02

unregistersymbol(_Crosshair)
unregistersymbol(_FlagCrosshair)
unregistersymbol(_WriteMouseButtonClick)
unregistersymbol(_enableTriggerbot)
unregistersymbol(_enableTriggerbotFF)
dealloc(MouseMem)
dealloc(_FlagCrosshair)
dealloc(CrosshairMem)
dealloc(_enableTriggerbot)
dealloc(_enableTriggerbotFF)

Baronbeef
What is cheating?
What is cheating?
Posts: 4
Joined: Mon Feb 18, 2019 8:57 am
Reputation: 1

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by Baronbeef »

What is this triggerbot?

l0wb1t wrote:
Wed Mar 20, 2019 4:53 pm
Ok, Triggerbot works now as it should

Code: Select all

[ENABLE]
aobscanmodule(_Crosshair,FC_m64.dll,41 89 07 48 8B 56 18)
aobscanmodule(_WriteMouseButtonClick,DINPUT8.dll,0F 10 00 0F 11 02 8B) // should be unique
globalalloc(CrosshairMem,$1000,FC_m64.dll)
alloc(MouseMem,$1000,DINPUT8.dll)
alloc(_FlagCrosshair,8)
alloc(_enableTriggerbot,8)
alloc(_enableTriggerbotFF,8)
registersymbol(_enableTriggerbot)
registersymbol(_enableTriggerbotFF)
registersymbol(_WriteMouseButtonClick)
registersymbol(_FlagCrosshair)
registersymbol(_Crosshair)

CrosshairMem:
cmp rax,00000000FFFFFFFF
je codeCrosshair
cmp byte ptr [r15],#255
je codeCrosshair
cmp r12,0
je codeCrosshair
mov [_FlagCrosshair],rax
codeCrosshair:
  mov [r15],eax
  mov rdx,[rsi+18]
  jmp returnCrosshair


MouseMem:
mov byte ptr [DINPUT8.dll+3C0EC],#128
jmp returnMouse

codeMouse:
  movups xmm0,[rax]
  movups [rdx],xmm0
  cmp [_enableTriggerbot],1
  jne returnMouse
  mov byte ptr [DINPUT8.dll+3C0EC],0
  cmp [_FlagCrosshair],1
  je MouseMem
  cmp [_enableTriggerbotFF],1
  jne returnMouse
  cmp [_FlagCrosshair],2
  je MouseMem
  jmp returnMouse


_Crosshair:
  jmp CrosshairMem
  nop
  nop
returnCrosshair:

_WriteMouseButtonClick:
  jmp codeMouse
  nop
returnMouse:

_FlagCrosshair:
db 0
_enableTriggerbot:
dd 1
_enableTriggerbotFF:
dd 0
[DISABLE]
_Crosshair:
  db 41 89 07 48 8B 56 18
_WriteMouseButtonClick:
  db 0F 10 00 0F 11 02

unregistersymbol(_Crosshair)
unregistersymbol(_FlagCrosshair)
unregistersymbol(_WriteMouseButtonClick)
unregistersymbol(_enableTriggerbot)
unregistersymbol(_enableTriggerbotFF)
dealloc(MouseMem)
dealloc(_FlagCrosshair)
dealloc(CrosshairMem)
dealloc(_enableTriggerbot)
dealloc(_enableTriggerbotFF)

User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by l0wb1t »

Baronbeef wrote:
Mon Mar 25, 2019 5:34 am
What is this triggerbot?
It starts firing the weapon, as soon you aim on an enemy. (this works also for aggressive animals)

Pre-Spotted Enemys on Radar. Some enemys also become the arrow over their body.

Code: Select all

[ENABLE]
aobscanmodule(_Spottet1,FC_m64.dll,0F B6 88 59 01 00 00 88)
aobscanmodule(_Spottet2,FC_m64.dll,80 B8 59 01 00 00 00 74 4A)
aobscanmodule(_Spottet3,FC_m64.dll,44 0F B6 B8 59 01 00 00)
aobscanmodule(_Spottet4,FC_m64.dll,80 B8 59 01 00 00 00 74 3F)
alloc(Spottet1Mem,$2000,FC_m64.dll)
registersymbol(_Spottet1)
registersymbol(_Spottet2)
registersymbol(_Spottet3)
registersymbol(_Spottet4)

{
169 = Icon Color (0 = White, 1 = Red)
198 = Time until Spot?
15F = Chams ?
159 = Spotted Flag ?
35C = Icon Size X
360 = Icon Size Y
3B8 = Icon Type (0 = White Circle) ?
}

Spottet1Mem:

//mov byte ptr [rax+00000158],#1
codeSpottet1:
mov byte ptr [rax+00000280],#1
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov byte ptr [rax+0000015A],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
  jmp returnSpottet1

Spottet2Mem:

codeSpottet2:
mov byte ptr [rax+00000280],#1
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov byte ptr [rax+0000015A],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
  jmp returnSpottet2

Spottet3Mem:

codeSpottet3:
mov byte ptr [rax+00000280],#1
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov byte ptr [rax+0000015A],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
  jmp returnSpottet3

Spottet4Mem:

codeSpottet4:
mov byte ptr [rax+00000280],#1
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov byte ptr [rax+0000015A],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
  jmp returnSpottet4


_Spottet1:
  jmp Spottet1Mem
  nop
  nop
returnSpottet1:
_Spottet2:
  jmp Spottet2Mem
  nop
  nop
returnSpottet2:

_Spottet3:
  jmp Spottet3Mem
  nop
  nop
  nop
returnSpottet3:

_Spottet4:
  jmp Spottet4Mem
  nop
  nop
returnSpottet4:

[DISABLE]

_Spottet1:
  db 0F B6 88 59 01 00 00
_Spottet2:
  db 80 B8 59 01 00 00 00
_Spottet3:
  db 44 0F B6 B8 59 01 00 00
_Spottet4:
  db 80 B8 59 01 00 00 00
unregistersymbol(_Spottet1)
unregistersymbol(_Spottet2)
unregistersymbol(_Spottet3)
unregistersymbol(_Spottet4)
dealloc(Spottet1Mem)

{
// ORIGINAL CODE - INJECTION POINT: "FC_m64.dll"+D0C747D

"FC_m64.dll"+D0C745B: 75 02                 -  jne FC_m64.dll+D0C745F
"FC_m64.dll"+D0C745D: 89 F2                 -  mov edx,esi
"FC_m64.dll"+D0C745F: 4C 8B 47 30           -  mov r8,[rdi+30]
"FC_m64.dll"+D0C7463: 88 57 1D              -  mov [rdi+1D],dl
"FC_m64.dll"+D0C7466: 49 8B 40 18           -  mov rax,[r8+18]
"FC_m64.dll"+D0C746A: 48 85 C0              -  test rax,rax
"FC_m64.dll"+D0C746D: 74 18                 -  je FC_m64.dll+D0C7487
"FC_m64.dll"+D0C746F: 0F B6 80 5B 01 00 00  -  movzx eax,byte ptr [rax+0000015B]
"FC_m64.dll"+D0C7476: 88 47 20              -  mov [rdi+20],al
"FC_m64.dll"+D0C7479: 49 8B 40 18           -  mov rax,[r8+18]
// ---------- INJECTING HERE ----------
"FC_m64.dll"+D0C747D: 0F B6 88 59 01 00 00  -  movzx ecx,byte ptr [rax+00000159]
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+D0C7484: 88 4F 14              -  mov [rdi+14],cl
"FC_m64.dll"+D0C7487: 84 D2                 -  test dl,dl
"FC_m64.dll"+D0C7489: 0F 85 51 01 00 00     -  jne FC_m64.dll+D0C75E0
"FC_m64.dll"+D0C748F: 49 8B 08              -  mov rcx,[r8]
"FC_m64.dll"+D0C7492: 48 85 C9              -  test rcx,rcx
"FC_m64.dll"+D0C7495: 74 12                 -  je FC_m64.dll+D0C74A9
"FC_m64.dll"+D0C7497: 48 8B 01              -  mov rax,[rcx]
"FC_m64.dll"+D0C749A: FF 50 70              -  call qword ptr [rax+70]
"FC_m64.dll"+D0C749D: 48 89 C1              -  mov rcx,rax
"FC_m64.dll"+D0C74A0: 48 8B 10              -  mov rdx,[rax]
}

Ouro
What is cheating?
What is cheating?
Posts: 2
Joined: Thu Mar 28, 2019 10:36 am
Reputation: 0

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by Ouro »

new update v1.05...

table 1.0.9 is not working

pressing main hooks gives this

I2CETLogger::CETlog - ERROR: aobScan:
Error with "TimeHook.CEA", AOB pattern not found: "FFxxxxF30F1000F3xxxxxxxx4Cxxxx74"

I2CETLogger::CETlog - ERROR: autoAssembleFile:
Error assembling file: "TimeHook.CEA"

I2CETLogger::CETlog - ERROR: autoAssembleFile:
Error assembling file: "_Main.CEA"

TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by TimFun13 »

Ouro wrote:
Thu Mar 28, 2019 10:38 am
...
My networking card went bad on my Gaming PC (using my kitchen PC now). And I have a big project at work, been working for 2 weeks with no off time and still have a few more days to go; so it might be a week or so before I can update this. But I'll get to before too long.

You can comment out that line in the "_Main.CEA" file, if you don't use the Time stuff. You'll need to extract it and put it in a "caeFiles" folder in the same directory a the CT, to get the CT to use that over the table file.

Ouro
What is cheating?
What is cheating?
Posts: 2
Joined: Thu Mar 28, 2019 10:36 am
Reputation: 0

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by Ouro »

I'll just wait for you...
removing that line gives this

I2CETLogger::CETlog - ERROR: string "--[==========================================..."]:592:
Error with "PrincipalAxesHook.CEA", bytes don't match injection point.
At: 00007FFC4A159768
Got: 488B0848898D90000000
Read: 4889C24889F9E8FD778A
-------------------- CODE --------------------
7FFC4A159750 - 48 89 5C 24 08 - mov [rsp+08],rbx
7FFC4A159755 - 57 - push rdi
7FFC4A159756 - 48 83 EC 20 - sub rsp,20
7FFC4A15975A - 48 89 CF - mov rdi,rcx
7FFC4A15975D - 48 89 D3 - mov rbx,rdx
7FFC4A159760 - 48 89 D1 - mov rcx,rdx
7FFC4A159763 - E8 78FA60F4 - call 7FFC3E7691E0
7FFC4A159768 - 48 89 C2 - mov rdx,rax <<<---- Injection point
7FFC4A15976B - 48 89 F9 - mov rcx,rdi
7FFC4A15976E - E8 FD778AF3 - call 7FFC3DA00F70
7FFC4A159773 - 48 89 D9 - mov rcx,rbx
7FFC4A159776 - E8 B5EEA7F3 - call 7FFC3DBD8630
7FFC4A15977B - 48 8D 4F 28 - lea rcx,[rdi+28]
7FFC4A15977F - 8B 10 - mov edx,[rax]
7FFC4A159781 - 48 8B 5C 24 30 - mov rbx,[rsp+30]
7FFC4A159786 - 48 83 C4 20 - add rsp,20
------------------ CODE END ------------------

I2CETLogger::CETlog - ERROR: autoAssembleFile:
Error assembling file: "PrincipalAxesHook.CEA"

I2CETLogger::CETlog - ERROR: autoAssembleFile:
Error assembling file: "_Main.CEA"

User avatar
l0wb1t
Table Makers
Table Makers
Posts: 395
Joined: Mon May 29, 2017 4:16 pm
Reputation: 282

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by l0wb1t »

No Civilian Kill Penalty

Code: Select all

aobscanmodule(_NoCivilianKillPenalty,FC_m64.dll,40 56 41 56 48 83 EC 78 48 89)
just RET it. The Count is happening here:

Code: Select all

FC_m64.dll+C1BFAF2 - F3 0F58 46 7C         - addss xmm0,dword ptr [rsi+7C]
FC_m64.dll+C1BFAF7 - F2 0F10 70 38         - movsd xmm6,[rax+38]
FC_m64.dll+C1BFAFC - 66 0F5A F6            - cvtpd2ps xmm6,xmm6
FC_m64.dll+C1BFB00 - 0F2F F0               - comiss xmm6,xmm0
FC_m64.dll+C1BFB03 - 76 05                 - jna FC_m64.dll+C1BFB0A
FC_m64.dll+C1BFB05 - C6 07 01              - mov byte ptr [rdi],01 { 1 }
FC_m64.dll+C1BFB08 - EB 07                 - jmp FC_m64.dll+C1BFB11
FC_m64.dll+C1BFB0A - 0F2F F1               - comiss xmm6,xmm1
FC_m64.dll+C1BFB0D - 76 02                 - jna FC_m64.dll+C1BFB11
FC_m64.dll+C1BFB0F - FE 07                 - inc byte ptr [rdi]   <---------------Here it counts Up if Value is 1
FC_m64.dll+C1BFB11 - 48 8B 05 C8A0C7F8     - mov rax,[FC_m64.dll+4E39BE0] { (FDD7A780) }
FC_m64.dll+C1BFB18 - 48 85 C0              - test rax,rax
FC_m64.dll+C1BFB1B - 0F84 74020000         - je FC_m64.dll+C1BFD95
FC_m64.dll+C1BFB21 - 48 89 9C 24 90000000  - mov [rsp+00000090],rbx
FC_m64.dll+C1BFB29 - 48 8D 54 24 30        - lea rdx,[rsp+30]
FC_m64.dll+C1BFB2E - 31 DB                 - xor ebx,ebx
FC_m64.dll+C1BFB30 - 4C 89 7C 24 60        - mov [rsp+60],r15
FC_m64.dll+C1BFB35 - 4C 8D 78 50           - lea r15,[rax+50]
FC_m64.dll+C1BFB39 - 48 89 5C 24 30        - mov [rsp+30],rbx
FC_m64.dll+C1BFB3E - 4C 89 F9              - mov rcx,r15
FC_m64.dll+C1BFB41 - 48 89 5C 24 38        - mov [rsp+38],rbx
FC_m64.dll+C1BFB46 - 44 8D 4B 10           - lea r9d,[rbx+10]
FC_m64.dll+C1BFB4A - 44 8D 43 01           - lea r8d,[rbx+01]
FC_m64.dll+C1BFB4E - E8 AD80B0F4           - call FC_m64.dll+CC7C00
FC_m64.dll+C1BFB53 - 0FB6 07               - movzx eax,byte ptr [rdi]
FC_m64.dll+C1BFB56 - 84 C0                 - test al,al
FC_m64.dll+C1BFB58 - 0F84 E2000000         - je FC_m64.dll+C1BFC40
FC_m64.dll+C1BFB5E - 3A 46 78              - cmp al,[rsi+78]
FC_m64.dll+C1BFB61 - 0F83 E2000000         - jae FC_m64.dll+C1BFC49
FC_m64.dll+C1BFB67 - 48 8D 8C 24 A0000000  - lea rcx,[rsp+000000A0]
FC_m64.dll+C1BFB6F - FF 15 3362ACF8        - call qword ptr [FC_m64.dll+4C85DA8] { ->FC_m64.dll+24895C0 }
FC_m64.dll+C1BFB75 - 48 39 18              - cmp [rax],rbx
FC_m64.dll+C1BFB78 - 0F84 B8000000         - je FC_m64.dll+C1BFC36
FC_m64.dll+C1BFB7E - 31 D2                 - xor edx,edx
FC_m64.dll+C1BFB80 - 48 89 6C 24 70        - mov [rsp+70],rbp
FC_m64.dll+C1BFB85 - 8D 4B 70              - lea ecx,[rbx+70]
FC_m64.dll+C1BFB88 - E8 A3BAFCF3           - call FC_m64.dll+18B630
FC_m64.dll+C1BFB8D - 8D 53 2F              - lea edx,[rbx+2F]
FC_m64.dll+C1BFB90 - 41 B8 3E8F0200        - mov r8d,00028F3E { 167742 }
FC_m64.dll+C1BFB96 - 44 8D 4B 01           - lea r9d,[rbx+01]
FC_m64.dll+C1BFB9A - 48 89 C1              - mov rcx,rax
FC_m64.dll+C1BFB9D - E8 AEB92BF5           - call FC_m64.dll+147B550
FC_m64.dll+C1BFBA2 - 4C 8D 05 37031CF8     - lea r8,[FC_m64.dll+437FEE0] { ("KilledCivilian") }   <--- Obvious hm? :D

How about On Position Kill? :D

Code: Select all

aobscanmodule(_AimPositionCoord,FC_m64.dll,F3 45 0F 11 97 78 02 00 00)

Old Fisher
What is cheating?
What is cheating?
Posts: 2
Joined: Sat Mar 30, 2019 8:38 am
Reputation: 1

Re: Far Cry New Dawn - table v: 1.0.9 CT

Post by Old Fisher »

Ouro wrote:
Thu Mar 28, 2019 10:38 am
ETLogger::CETlog - ERROR: aobScan:
Error with "TimeHook.CEA", AOB pattern not found: "FFxxxxF30F1000F3xxxxxxxx4Cxxxx74"
Same here. Solution: don't use or enable CE's speedhack *before* activating the table.

Post Reply

Who is online

Users browsing this forum: admantx, avx, Cesurkarakus, cpeeler, Dfault, DotBot, Junkers80, MAKROZ, One