0
"Toggle Compact View"
Auto Assembler Script
[ENABLE]
{$lua}
if syntaxcheck then return end
if not toggleCompactView then
function toggleCompactView(sender, forceEnable)
local isCompactMode = not (compactViewMenuItem.Caption == 'Compact View Mode')
if forceEnable ~= nil then
isCompactMode = not forceEnable
end
synchronize(function()
compactViewMenuItem.Caption = isCompactMode and 'Compact View Mode' or 'Full View Mode'
getMainForm().Splitter1.Visible = isCompactMode
getMainForm().Panel4.Visible = isCompactMode
getMainForm().Panel5.Visible = isCompactMode
end)
end
end
if not createCompactViewMenu then
function createCompactViewMenu()
if isCompactMenuCreated then return end
synchronize(function()
local mainMenu = getMainForm().Menu.Items
compactViewMenuItem = createMenuItem(mainMenu)
compactViewMenuItem.Caption = 'Compact View Mode'
compactViewMenuItem.OnClick = toggleCompactView
mainMenu.add(compactViewMenuItem)
end)
isCompactMenuCreated = true
end
end
createCompactViewMenu()
toggleCompactView(nil, true)
[DISABLE]
{$lua}
if toggleCompactView then
toggleCompactView(nil, false)
end
1
"Toggle Scripts"
0080FF
Auto Assembler Script
[ENABLE]
{$lua}
if (syntaxcheck) then return end
synchronize(function()
getLuaEngine().menuItem5.doClick()
getLuaEngine().Close()
end)
local enableBattleScripts = {
0, -- "Toggle Compact View"
11, -- "Fast de-balance"
13, -- "BE gen. multiplier"
16, -- "BU gen. multiplier"
19, -- "Get Gold / set item amount"
3, -- "Damage multiplier"
38, -- "Get SP"
46, -- "Get last stat data (circular update)"
8, -- "SH Gen multiplier"
22, -- "Sync. gold/item amt. to real data when purchase / get"
23, -- "inf. drone ammo / Nikki DLC ammo / some grenades in hand"
27, -- "inf. smart mines in hand"
24, -- "Also fix display ammo amount"
}
local addressList = getAddressList()
synchronize(function()
for _, id in ipairs(enableBattleScripts) do
local memRec = addressList.getMemoryRecordByID(id)
if memRec and not memRec.Active then
memRec.Active = true
sleep(30)
end
addressList.refresh()
end
end)
synchronize(function() getLuaEngine().Close() end)
[DISABLE]
{$lua}
if (syntaxcheck) then return end
synchronize(function()
getLuaEngine().menuItem5.doClick()
getLuaEngine().Close()
end)
local disableBattleScripts = {
24, -- "Also fix display ammo amount"
27, -- "inf. smart mines in hand"
23, -- "inf. drone ammo / Nikki DLC ammo / some grenades in hand"
33, -- "Set amount+"
22, -- "Sync. gold/item amt. to real data when purchase / get"
8, -- "SH Gen multiplier"
46, -- "Get last stat data (circular update)"
38, -- "Get SP"
3, -- "Damage multiplier"
19, -- "Get Gold / set item amount"
16, -- "BU gen. multiplier"
13, -- "BE gen. multiplier"
11, -- "Fast de-balance"
0, -- "Toggle Compact View"
}
local addressList = getAddressList()
synchronize(function()
for _, id in ipairs(disableBattleScripts) do
local memRec = addressList.getMemoryRecordByID(id)
if memRec and memRec.Active then
memRec.Active = false
sleep(30)
end
addressList.refresh()
end
end)
synchronize(function() getLuaEngine().Close() end)
-- Comments:
-- ID: 0, Description: "Toggle Compact View", Depth: 0
-- ID: 3, Description: "Damage multiplier", Depth: 0
-- ID: 8, Description: "SH Gen multiplier", Depth: 0
-- ID: 11, Description: "Fast de-balance", Depth: 0
-- ID: 13, Description: "BE gen. multiplier", Depth: 0
-- ID: 16, Description: "BU gen. multiplier", Depth: 0
-- ID: 19, Description: "Get Gold / set item amount", Depth: 0
-- ID: 22, Description: "Sync. gold/item amt. to real data when purchase / get", Depth: 1
-- ID: 23, Description: "inf. drone ammo / Nikki DLC ammo / some grenades in hand", Depth: 2
-- ID: 24, Description: "Also fix display ammo amount", Depth: 3
-- ID: 27, Description: "inf. smart mines in hand", Depth: 2
-- ID: 33, Description: "Set amount+", Depth: 1
-- ID: 38, Description: "Get SP", Depth: 0
-- ID: 46, Description: "Get last stat data (circular update)", Depth: 0
2
"Wait around 1 minute/move around to enable cheat after game loaded"
8000FF
1
3
"Damage multiplier"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-13
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_DAMAGE_MULTI,$process,F3 0F 5F C8 41 0F 28 C0 F3 0F 58 C7 0F 2F C1) // should be unique
alloc(newmem,$1000)
label(code)
label(return vf_damage_to_player vf_damage_to_enemy vf_min_hp is_fast_de_shield vf_min_hp_ratio)
newmem:
code:
// ************************
maxss xmm1,xmm0
movaps xmm0,xmm8
// ************************
// Start
vxorps xmm15,xmm15, xmm15
vucomiss xmm7, xmm15
jae code_pre
movaps xmm15, [vf_damage_to_player]
movaps xmm14, xmm7
vshufps xmm14, xmm14, xmm14, 0
vmulps xmm14, xmm14, xmm15
cmp dword ptr [rdi+154], 0
je to_enemy
movss xmm7, xmm14
jmp code_pre
to_enemy:
vshufps xmm14, xmm14, xmm14, 1
movss xmm7, xmm14
// End
code_pre:
// ************************
addss xmm0,xmm7
// ************************
// Start
cmp dword ptr [rdi+154], 0
je @F
vmovss xmm15, dword ptr [rdi+120]
vmovss xmm14, [vf_min_hp_ratio]
vmulss xmm14, xmm14, xmm15
vmovss xmm15, [vf_min_hp]
vucomiss xmm15, xmm14
jae check_min_hp
movaps xmm15, xmm14
check_min_hp:
vucomiss xmm0, xmm15
jae @F
movaps xmm0, xmm15
//mov dword ptr [rdi+148], 0
@@:
// End
// ************************
comiss xmm0,xmm1
// ************************
jmp return
align 10 cc
vf_damage_to_player:
dd (float)0.75
vf_damage_to_enemy:
dd (float)1
dd 0 0
vf_min_hp:
dd (float)1405
is_fast_de_shield:
dd 0
vf_min_hp_ratio:
dd (float)0.66
INJECT_DAMAGE_MULTI:
jmp far newmem
nop
return:
registersymbol(INJECT_DAMAGE_MULTI vf_damage_to_player vf_damage_to_enemy vf_min_hp is_fast_de_shield vf_min_hp_ratio)
[DISABLE]
INJECT_DAMAGE_MULTI:
db F3 0F 5F C8 41 0F 28 C0 F3 0F 58 C7 0F 2F C1
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A4E548
"SB-Win64-Shipping.exe"+1A4E519: F3 44 0F 10 87 1C 01 00 00 - movss xmm8,[rdi+0000011C]
"SB-Win64-Shipping.exe"+1A4E522: BA 1B 00 00 00 - mov edx,0000001B
"SB-Win64-Shipping.exe"+1A4E527: 48 8B CF - mov rcx,rdi
"SB-Win64-Shipping.exe"+1A4E52A: E8 B1 FC FF FF - call "SB-Win64-Shipping.exe"+1A4E1E0
"SB-Win64-Shipping.exe"+1A4E52F: 84 C0 - test al,al
"SB-Win64-Shipping.exe"+1A4E531: 74 0A - je "SB-Win64-Shipping.exe"+1A4E53D
"SB-Win64-Shipping.exe"+1A4E533: F3 0F 10 05 6D 94 D3 04 - movss xmm0,["SB-Win64-Shipping.exe"+67879A8]
"SB-Win64-Shipping.exe"+1A4E53B: EB 03 - jmp "SB-Win64-Shipping.exe"+1A4E540
"SB-Win64-Shipping.exe"+1A4E53D: 0F 57 C0 - xorps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4E540: F3 0F 10 8F C4 02 00 00 - movss xmm1,[rdi+000002C4]
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A4E548: F3 0F 5F C8 - maxss xmm1,xmm0
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A4E54C: 41 0F 28 C0 - movaps xmm0,xmm8
"SB-Win64-Shipping.exe"+1A4E550: F3 0F 58 C7 - addss xmm0,xmm7
"SB-Win64-Shipping.exe"+1A4E554: 0F 2F C1 - comiss xmm0,xmm1
"SB-Win64-Shipping.exe"+1A4E557: 76 0B - jna "SB-Win64-Shipping.exe"+1A4E564
"SB-Win64-Shipping.exe"+1A4E559: 0F 28 C8 - movaps xmm1,xmm0
"SB-Win64-Shipping.exe"+1A4E55C: F3 0F 5D 8F 20 01 00 00 - minss xmm1,[rdi+00000120]
"SB-Win64-Shipping.exe"+1A4E564: B9 01 00 00 00 - mov ecx,00000001
"SB-Win64-Shipping.exe"+1A4E569: E8 72 34 21 00 - call "SB-Win64-Shipping.exe"+1C619E0
"SB-Win64-Shipping.exe"+1A4E56E: F3 0F 11 87 1C 01 00 00 - movss [rdi+0000011C],xmm0
"SB-Win64-Shipping.exe"+1A4E576: F3 0F 10 8F 20 01 00 00 - movss xmm1,[rdi+00000120]
}
4
"multiplier to player"
0
C08000
Float
vf_damage_to_player
5
"multiplier to enemy"
0
C08000
Float
vf_damage_to_enemy
6
"min. HP"
0
C08000
Float
vf_min_hp
7
"min. HP ratio"
0
C08000
Float
vf_min_hp_ratio
8
"SH Gen multiplier"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-12
Author : bbfxo@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_INF_SH,$process,F3 0F 58 CF 0F 2F CE) // should be unique
alloc(newmem,$1000,INJECT_INF_SH)
label(code)
label(return vf_sh_gen_multi is_null_enemy_sh)
newmem:
cmp dword ptr [rdi+154], 0
je to_enemy
vxorps xmm15, xmm15, xmm15
vucomiss xmm7, xmm15
jb to_damage
mulss xmm7, dword ptr [vf_sh_gen_multi]
jmp code
to_damage:
divss xmm7, dword ptr [vf_sh_gen_multi]
jmp code
to_enemy:
cmp dword ptr [is_null_enemy_sh], 1
jne code
movss xmm7, [vf_m100000]
code:
addss xmm1,xmm7
comiss xmm1,xmm6
jmp return
align 10 cc
vf_sh_gen_multi:
dd (float)3.33333333333
is_null_enemy_sh:
dd 1
vf_m100000:
dd (float)-100000
INJECT_INF_SH:
jmp newmem
nop 2
return:
registersymbol(INJECT_INF_SH vf_sh_gen_multi is_null_enemy_sh)
[DISABLE]
INJECT_INF_SH:
db F3 0F 58 CF 0F 2F CE
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A4E80A
"SB-Win64-Shipping.exe"+1A4E7DD: E8 FE F9 FF FF - call "SB-Win64-Shipping.exe"+1A4E1E0
"SB-Win64-Shipping.exe"+1A4E7E2: 84 C0 - test al,al
"SB-Win64-Shipping.exe"+1A4E7E4: 0F 85 70 08 00 00 - jne "SB-Win64-Shipping.exe"+1A4F05A
"SB-Win64-Shipping.exe"+1A4E7EA: BA 03 00 00 00 - mov edx,00000003
"SB-Win64-Shipping.exe"+1A4E7EF: 48 8B CF - mov rcx,rdi
"SB-Win64-Shipping.exe"+1A4E7F2: E8 E9 F9 FF FF - call "SB-Win64-Shipping.exe"+1A4E1E0
"SB-Win64-Shipping.exe"+1A4E7F7: 84 C0 - test al,al
"SB-Win64-Shipping.exe"+1A4E7F9: 0F 85 5B 08 00 00 - jne "SB-Win64-Shipping.exe"+1A4F05A
"SB-Win64-Shipping.exe"+1A4E7FF: F3 0F 10 97 34 01 00 00 - movss xmm2,[rdi+00000134]
"SB-Win64-Shipping.exe"+1A4E807: 0F 28 CA - movaps xmm1,xmm2
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A4E80A: F3 0F 58 CF - addss xmm1,xmm7
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A4E80E: 0F 2F CE - comiss xmm1,xmm6
"SB-Win64-Shipping.exe"+1A4E811: 77 05 - ja "SB-Win64-Shipping.exe"+1A4E818
"SB-Win64-Shipping.exe"+1A4E813: 0F 57 C0 - xorps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4E816: EB 0C - jmp "SB-Win64-Shipping.exe"+1A4E824
"SB-Win64-Shipping.exe"+1A4E818: F3 0F 10 87 38 01 00 00 - movss xmm0,[rdi+00000138]
"SB-Win64-Shipping.exe"+1A4E820: F3 0F 5D C1 - minss xmm0,xmm1
"SB-Win64-Shipping.exe"+1A4E824: F3 0F 2C C0 - cvttss2si eax,xmm0
"SB-Win64-Shipping.exe"+1A4E828: 66 0F 6E C0 - movd xmm0,eax
"SB-Win64-Shipping.exe"+1A4E82C: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4E82F: F3 0F 11 87 34 01 00 00 - movss [rdi+00000134],xmm0
}
9
"multiplier"
0
C08000
Float
vf_sh_gen_multi
10
"Fast enemy shield broke?"
0:No
1:Yes
0
C08000
4 Bytes
is_null_enemy_sh
11
"Fast de-balance"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-13
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_FAST_DE_BALANCE,$process,F3 0F 10 97 48 01 00 00 0F 28 C2 F3 0F 58 C7) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
cmp dword ptr [rdi+00000154], 0
jne code
movss xmm15, [rdi+00000148]
vxorps xmm14, xmm14, xmm14
vucomiss xmm15, xmm14
jbe code
vmovss xmm15, [vf_1]
vmovss [rdi+00000148], xmm15
vmovss [rdi+0000014C], xmm15
code:
movss xmm2,[rdi+00000148]
movaps xmm0,xmm2
addss xmm0,xmm7
jmp return
align 10 cc
vf_1:
dd (float)1
INJECT_FAST_DE_BALANCE:
jmp far newmem
nop
return:
registersymbol(INJECT_FAST_DE_BALANCE)
[DISABLE]
INJECT_FAST_DE_BALANCE:
db F3 0F 10 97 48 01 00 00 0F 28 C2 F3 0F 58 C7
unregistersymbol(INJECT_FAST_DE_BALANCE)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A4E907
"SB-Win64-Shipping.exe"+1A4E8D9: EB 0F - jmp "SB-Win64-Shipping.exe"+1A4E8EA
"SB-Win64-Shipping.exe"+1A4E8DB: 0F 28 C2 - movaps xmm0,xmm2
"SB-Win64-Shipping.exe"+1A4E8DE: F3 0F 5D 87 34 01 00 00 - minss xmm0,[rdi+00000134]
"SB-Win64-Shipping.exe"+1A4E8E6: F3 0F 2C C0 - cvttss2si eax,xmm0
"SB-Win64-Shipping.exe"+1A4E8EA: 0F 2E DA - ucomiss xmm3,xmm2
"SB-Win64-Shipping.exe"+1A4E8ED: 66 0F 6E C0 - movd xmm0,eax
"SB-Win64-Shipping.exe"+1A4E8F1: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4E8F4: F3 0F 11 87 34 01 00 00 - movss [rdi+00000134],xmm0
"SB-Win64-Shipping.exe"+1A4E8FC: 0F 84 58 07 00 00 - je "SB-Win64-Shipping.exe"+1A4F05A
"SB-Win64-Shipping.exe"+1A4E902: E9 FA FC FF FF - jmp "SB-Win64-Shipping.exe"+1A4E601
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A4E907: F3 0F 10 97 48 01 00 00 - movss xmm2,[rdi+00000148]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A4E90F: 0F 28 C2 - movaps xmm0,xmm2
"SB-Win64-Shipping.exe"+1A4E912: F3 0F 58 C7 - addss xmm0,xmm7
"SB-Win64-Shipping.exe"+1A4E916: 0F 2F C6 - comiss xmm0,xmm6
"SB-Win64-Shipping.exe"+1A4E919: 77 05 - ja "SB-Win64-Shipping.exe"+1A4E920
"SB-Win64-Shipping.exe"+1A4E91B: 0F 57 C0 - xorps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4E91E: EB 08 - jmp "SB-Win64-Shipping.exe"+1A4E928
"SB-Win64-Shipping.exe"+1A4E920: F3 0F 5D 87 4C 01 00 00 - minss xmm0,[rdi+0000014C]
"SB-Win64-Shipping.exe"+1A4E928: F3 0F 2C C0 - cvttss2si eax,xmm0
"SB-Win64-Shipping.exe"+1A4E92C: 66 0F 6E C8 - movd xmm1,eax
"SB-Win64-Shipping.exe"+1A4E930: 0F 5B C9 - cvtdq2ps xmm1,xmm1
}
12
"Impacts "# of executed" achievement: not counted in"
8000FF
1
13
"BE gen. multiplier"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-13
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_BE_MULTI,$process,F3 0F 58 E2 33 C9) // should be unique
alloc(newmem,$1000,INJECT_BE_MULTI)
label(code)
label(return vf_be_multi vf_min_be)
newmem:
// Start inject code
cmp dword ptr [rdi+154], 0
je code_pre
vxorps xmm15, xmm15, xmm15
vucomiss xmm2, xmm15
jb to_decrease
mulss xmm2, dword ptr [vf_be_multi]
jmp code_pre
to_decrease:
divss xmm2, dword ptr [vf_be_multi]
code_pre:
// End inject code
code:
addss xmm4,xmm2
// Start inject code
cmp dword ptr [rdi+154], 0
je @F
vmovss xmm15, [vf_min_be]
vucomiss xmm4, xmm15
jae @F
movaps xmm4, xmm15
@@:
//End inject code
xor ecx,ecx
jmp return
align 10 cc
vf_be_multi:
dd (float)3.333333333
vf_min_be:
dd (float)666
INJECT_BE_MULTI:
jmp newmem
nop
return:
registersymbol(INJECT_BE_MULTI vf_be_multi vf_min_be)
[DISABLE]
INJECT_BE_MULTI:
db F3 0F 58 E2 33 C9
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A4EA99
"SB-Win64-Shipping.exe"+1A4EA6F: 4C 8D 97 50 01 00 00 - lea r10,[rdi+00000150]
"SB-Win64-Shipping.exe"+1A4EA76: 44 0F 28 C0 - movaps xmm8,xmm0
"SB-Win64-Shipping.exe"+1A4EA7A: F3 0F 10 26 - movss xmm4,[rsi]
"SB-Win64-Shipping.exe"+1A4EA7E: 41 0F 28 C8 - movaps xmm1,xmm8
"SB-Win64-Shipping.exe"+1A4EA82: F3 0F 2C CF - cvttss2si ecx,xmm7
"SB-Win64-Shipping.exe"+1A4EA86: E8 D5 60 21 00 - call "SB-Win64-Shipping.exe"+1C64B60
"SB-Win64-Shipping.exe"+1A4EA8B: 49 8B F2 - mov rsi,r10
"SB-Win64-Shipping.exe"+1A4EA8E: 66 0F 6E D0 - movd xmm2,eax
"SB-Win64-Shipping.exe"+1A4EA92: 0F 5B D2 - cvtdq2ps xmm2,xmm2
"SB-Win64-Shipping.exe"+1A4EA95: F3 0F 58 D7 - addss xmm2,xmm7
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A4EA99: F3 0F 58 E2 - addss xmm4,xmm2
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A4EA9D: 33 C9 - xor ecx,ecx
"SB-Win64-Shipping.exe"+1A4EA9F: F3 0F 2C D4 - cvttss2si edx,xmm4
"SB-Win64-Shipping.exe"+1A4EAA3: 85 D2 - test edx,edx
"SB-Win64-Shipping.exe"+1A4EAA5: 7F 04 - jg "SB-Win64-Shipping.exe"+1A4EAAB
"SB-Win64-Shipping.exe"+1A4EAA7: 8B C1 - mov eax,ecx
"SB-Win64-Shipping.exe"+1A4EAA9: EB 0D - jmp "SB-Win64-Shipping.exe"+1A4EAB8
"SB-Win64-Shipping.exe"+1A4EAAB: F3 0F 2C 87 54 01 00 00 - cvttss2si eax,[rdi+00000154]
"SB-Win64-Shipping.exe"+1A4EAB3: 3B D0 - cmp edx,eax
"SB-Win64-Shipping.exe"+1A4EAB5: 0F 4C C2 - cmovl eax,edx
"SB-Win64-Shipping.exe"+1A4EAB8: 66 0F 6E C0 - movd xmm0,eax
}
14
"multiplier"
0
C08000
Float
vf_be_multi
15
"min."
0
C08000
Float
vf_min_be
16
"BU gen. multiplier"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-17
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_BU_MULTI,$process,F3 0F 58 E0 F3 0F 2C CC) // should be unique
alloc(newmem,$1000,INJECT_BU_MULTI)
label(code)
label(return vf_min_bu vf_bu_multi)
newmem:
code:
mulss xmm0, [vf_bu_multi]
// *** orogin code start
addss xmm4,xmm0
// *** orogin code end
vmovss xmm14, [vf_min_bu]
vucomiss xmm4, xmm14
jae @F
movss xmm4, xmm14
@@:
// *** orogin code start
cvttss2si ecx,xmm4
jmp return
align 10 cc
vf_min_bu:
dd (float)900
vf_bu_multi:
dd (float)4
INJECT_BU_MULTI:
jmp newmem
nop 3
return:
registersymbol(INJECT_BU_MULTI vf_min_bu vf_bu_multi)
[DISABLE]
INJECT_BU_MULTI:
db F3 0F 58 E0 F3 0F 2C CC
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A4EC7F
"SB-Win64-Shipping.exe"+1A4EC55: 4C 8D 97 60 01 00 00 - lea r10,[rdi+00000160]
"SB-Win64-Shipping.exe"+1A4EC5C: 44 0F 28 C0 - movaps xmm8,xmm0
"SB-Win64-Shipping.exe"+1A4EC60: F3 0F 10 26 - movss xmm4,[rsi]
"SB-Win64-Shipping.exe"+1A4EC64: 41 0F 28 C8 - movaps xmm1,xmm8
"SB-Win64-Shipping.exe"+1A4EC68: F3 0F 2C CF - cvttss2si ecx,xmm7
"SB-Win64-Shipping.exe"+1A4EC6C: E8 EF 5E 21 00 - call "SB-Win64-Shipping.exe"+1C64B60
"SB-Win64-Shipping.exe"+1A4EC71: 49 8B F2 - mov rsi,r10
"SB-Win64-Shipping.exe"+1A4EC74: 66 0F 6E C0 - movd xmm0,eax
"SB-Win64-Shipping.exe"+1A4EC78: 0F 5B C0 - cvtdq2ps xmm0,xmm0
"SB-Win64-Shipping.exe"+1A4EC7B: F3 0F 58 C7 - addss xmm0,xmm7
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A4EC7F: F3 0F 58 E0 - addss xmm4,xmm0
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A4EC83: F3 0F 2C CC - cvttss2si ecx,xmm4
"SB-Win64-Shipping.exe"+1A4EC87: 85 C9 - test ecx,ecx
"SB-Win64-Shipping.exe"+1A4EC89: 7F 04 - jg "SB-Win64-Shipping.exe"+1A4EC8F
"SB-Win64-Shipping.exe"+1A4EC8B: 33 C9 - xor ecx,ecx
"SB-Win64-Shipping.exe"+1A4EC8D: EB 0F - jmp "SB-Win64-Shipping.exe"+1A4EC9E
"SB-Win64-Shipping.exe"+1A4EC8F: F3 0F 2C 87 64 01 00 00 - cvttss2si eax,[rdi+00000164]
"SB-Win64-Shipping.exe"+1A4EC97: 3B C8 - cmp ecx,eax
"SB-Win64-Shipping.exe"+1A4EC99: 0F 4C C1 - cmovl eax,ecx
"SB-Win64-Shipping.exe"+1A4EC9C: 8B C8 - mov ecx,eax
"SB-Win64-Shipping.exe"+1A4EC9E: 66 0F 6E C1 - movd xmm0,ecx
}
17
"min."
0
C08000
Float
vf_min_bu
18
"multiplier"
0
C08000
Float
vf_bu_multi
19
"Get Gold / set item amount"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-12
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_GET_MONEY,$process,44 03 71 34 8B 4D E4 F7 D1 21 4D F0 48 8D 4D E0 E8 23) // should be unique
alloc(newmem,$1000,INJECT_GET_MONEY)
label(code)
label(return i_base_money_addr i_base_money_tag is_chk_ammo_amt is_chk_smart_mine is_sonic_bomb is_grenade is_p_grenade)
newmem:
cmp [rcx+20], 00018E43
jne chk_ammos_pre
mov [i_base_money_addr], rcx
mov dword ptr [i_base_money_tag], 00018E43
//push r15
//mov r15d, [rcx+20]
//mov [i_base_money_tag], r15d
//pop r15
jmp code
chk_ammos_pre:
cmp dword ptr [is_chk_ammo_amt], 1
jne chk_others
cmp dword ptr [rcx+20], 012DE46F // 一般彈
je chk_ammo_normal
cmp dword ptr [rcx+20], 01285ED4 // 爆破彈
je chk_ammo_blast
cmp dword ptr [rcx+20], 012DE3A4 // 衝擊
je chk_ammo_imp
cmp dword ptr [rcx+20], 012DE467 // 散彈
je chk_ammo_dis
cmp dword ptr [rcx+20], 01285282 // 剌針
je chk_ammo_stinger
cmp dword ptr [rcx+20], 012D4F30 // nikki game ammo
je chk_ammo_nikki_mission
jmp code
chk_others:
cmp dword ptr [is_chk_smart_mine], 1
jne @F
cmp dword ptr [rcx+20], 00CD7AAA // 智慧地雷
je chk_smart_mine
@@:
cmp dword ptr [is_sonic_bomb], 1
jne @F
cmp dword ptr [rcx+20], 00CD74CC // Sonic grenade
je chk_sonic_bomb
@@:
cmp dword ptr [is_grenade], 1
jne @F
cmp dword ptr [rcx+20], 01330AA8 // Electric grenade
je chk_grenade
@@:
cmp dword ptr [is_p_grenade], 1
jne @F
cmp dword ptr [rcx+20], 0132F95C // Pulse grenade
je chk_p_grenade
@@:
jmp code
chk_ammo:
cmp dword ptr [rcx+34], 3
jbe @F
mov dword ptr [rcx+34], 3
mov dword ptr [rcx+38], 3
@@:
cmp dword ptr [rcx+34], 3
je code
mov dword ptr [rcx+34], 3
mov dword ptr [rcx+38], 3
jmp code
chk_ammo_blast:
cmp dword ptr [rcx+34], 3
jbe @F
mov dword ptr [rcx+34], 3
mov dword ptr [rcx+38], 3
@@:
cmp dword ptr [rcx+34], 3
je code
mov dword ptr [rcx+34], 3
mov dword ptr [rcx+38], 3
jmp code
chk_ammo_normal:
cmp dword ptr [rcx+34], #30
jbe @F
mov dword ptr [rcx+34], #30
mov dword ptr [rcx+38], #30
@@:
cmp dword ptr [rcx+34], #30
je code
mov dword ptr [rcx+34], #30
mov dword ptr [rcx+38], #30
jmp code
chk_ammo_dis:
cmp dword ptr [rcx+34], B
jbe @F
mov dword ptr [rcx+34], B
mov dword ptr [rcx+38], B
@@:
cmp dword ptr [rcx+34], B
je code
mov dword ptr [rcx+34], B
mov dword ptr [rcx+38], B
jmp code
chk_ammo_imp:
cmp dword ptr [rcx+34], 7
jbe @F
mov dword ptr [rcx+34], 7
mov dword ptr [rcx+38], 7
@@:
cmp dword ptr [rcx+34], 7
je code
mov dword ptr [rcx+34], 7
mov dword ptr [rcx+38], 7
jmp code
chk_ammo_stinger:
cmp dword ptr [rcx+34], 1F
jbe @F
mov dword ptr [rcx+34], 1F
mov dword ptr [rcx+38], 1F
@@:
cmp dword ptr [rcx+34], 1F
je code
mov dword ptr [rcx+34], 1F
mov dword ptr [rcx+38], 1F
jmp code
chk_ammo_nikki_mission:
cmp dword ptr [rcx+34], #60
jbe @F
mov dword ptr [rcx+34], #60
mov dword ptr [rcx+38], #60
@@:
cmp dword ptr [rcx+34], #60
je code
mov dword ptr [rcx+34], #60
mov dword ptr [rcx+38], #60
jmp code
chk_smart_mine:
chk_sonic_bomb:
chk_grenade:
mov dword ptr [rcx+38], 2
jmp code
chk_p_grenade:
mov dword ptr [rcx+38], 3
jmp code
code:
add r14d,[rcx+34]
mov ecx,[rbp-1C]
jmp return
align 10 cc
i_base_money_addr:
dq 0
i_base_money_tag:
dd 0
is_chk_ammo_amt:
dd 1
is_chk_smart_mine:
dd 0
is_sonic_bomb:
dd 0
is_grenade:
dd 0
is_p_grenade:
dd 0
INJECT_GET_MONEY:
jmp newmem
nop 2
return:
registersymbol(INJECT_GET_MONEY i_base_money_addr i_base_money_tag is_chk_ammo_amt is_chk_smart_mine is_sonic_bomb is_grenade is_p_grenade)
[DISABLE]
INJECT_GET_MONEY:
db 44 03 71 34 8B 4D E4
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1C28C98
"SB-Win64-Shipping.exe"+1C28C79: 74 0D - je "SB-Win64-Shipping.exe"+1C28C88
"SB-Win64-Shipping.exe"+1C28C7B: 8B 80 60 01 00 00 - mov eax,[rax+00000160]
"SB-Win64-Shipping.exe"+1C28C81: 83 F8 FF - cmp eax,-01
"SB-Win64-Shipping.exe"+1C28C84: 75 CA - jne "SB-Win64-Shipping.exe"+1C28C50
"SB-Win64-Shipping.exe"+1C28C86: EB 14 - jmp "SB-Win64-Shipping.exe"+1C28C9C
"SB-Win64-Shipping.exe"+1C28C88: 48 85 C0 - test rax,rax
"SB-Win64-Shipping.exe"+1C28C8B: 48 8D 48 10 - lea rcx,[rax+10]
"SB-Win64-Shipping.exe"+1C28C8F: 49 0F 44 CC - cmove rcx,r12
"SB-Win64-Shipping.exe"+1C28C93: 48 85 C9 - test rcx,rcx
"SB-Win64-Shipping.exe"+1C28C96: 74 04 - je "SB-Win64-Shipping.exe"+1C28C9C
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1C28C98: 44 03 71 34 - add r14d,[rcx+34]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1C28C9C: 8B 4D E4 - mov ecx,[rbp-1C]
"SB-Win64-Shipping.exe"+1C28C9F: F7 D1 - not ecx
"SB-Win64-Shipping.exe"+1C28CA1: 21 4D F0 - and [rbp-10],ecx
"SB-Win64-Shipping.exe"+1C28CA4: 48 8D 4D E0 - lea rcx,[rbp-20]
"SB-Win64-Shipping.exe"+1C28CA8: E8 23 CA 21 FF - call "SB-Win64-Shipping.exe"+E456D0
"SB-Win64-Shipping.exe"+1C28CAD: 48 8B 4D E8 - mov rcx,[rbp-18]
"SB-Win64-Shipping.exe"+1C28CB1: 8B 45 F4 - mov eax,[rbp-0C]
"SB-Win64-Shipping.exe"+1C28CB4: 3B 41 18 - cmp eax,[rcx+18]
"SB-Win64-Shipping.exe"+1C28CB7: 0F 8C 23 FF FF FF - jl "SB-Win64-Shipping.exe"+1C28BE0
"SB-Win64-Shipping.exe"+1C28CBD: 48 8B BC 24 90 00 00 00 - mov rdi,[rsp+00000090]
}
20
"Usage: open in equip menu"
8000FF
1
21
"Re-active when die / reload / data incorrect"
8000FF
1
22
"Sync. gold/item amt. to real data when purchase / get"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-12
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_SET_GOLD,$process,74 0C 48 8B 0B 48 85 C9 74 04 44 03 71 6C) // should be unique
alloc(newmem,$1000)
label(code)
label(return is_set_real_item_amount i_set_real_amount_to i_set_real_amount_to2 i_real_amount_threshold)
newmem:
// **** Original code start
reassemble(INJECT_SET_GOLD)
mov rcx,[rbx]
test rcx,rcx
reassemble(INJECT_SET_GOLD+8)
// **** Original code end
push r15
push r14
//mov r15d, [i_base_money_tag]
cmp dword ptr [rcx+58], 00018E43
jne endp
mov r15, i_base_money_addr
mov r15, [r15]
//test r15, r15
//jz endp
mov r14, [r15+34]
cmp r14, [rcx+6C]
je endp
mov [rcx+6C], r14
mov [rcx+70], r14
endp:
pop r14
pop r15
chk_items:
// ammos
push rax
mov rax, is_chk_ammo_amt
cmp dword ptr [rax], 1
pop rax
jne @F
cmp dword ptr [rcx+58], 012DE46F
je chk_ammo_normal
cmp dword ptr [rcx+58], 01285ED4
je chk_ammo_blast
cmp dword ptr [rcx+58], 012DE3A4
je chk_ammo_imp
cmp dword ptr [rcx+58], 012DE467
je chk_ammo_dis
cmp dword ptr [rcx+58], 01285282
je chk_ammo_stinger
cmp dword ptr [rcx+58], 012D4F30
je chk_ammo_nikki_mission
@@:
cmp dword ptr [is_set_real_item_amount], 1
jne chk_others
push r15
mov r15d, [i_real_amount_threshold]
cmp dword ptr [rcx+6C], r15d
jbe end_set_amt
mov r15d, [i_set_real_amount_to2]
cmp dword ptr [rcx+6C], r15d
jae end_set_amt
cmp dword ptr [rcx+6C], 64
jb @F
mov [rcx+6C], r15d
jmp end_set_amt
@@:
mov r15d, [i_set_real_amount_to]
cmp dword ptr [rcx+6C], r15d
jae end_set_amt
mov dword ptr [rcx+6C], r15d
end_set_amt:
pop r15
chk_others:
push rax
mov rax, is_chk_smart_mine
cmp dword ptr [rax], 1
pop rax
je chk_smart_mine
push rax
mov rax, is_sonic_bomb
cmp dword ptr [rax], 1
pop rax
je chk_sonic_bomb
push rax
mov rax, is_grenade
cmp dword ptr [rax], 1
pop rax
je chk_grenade
jmp code
chk_ammo_blast:
cmp dword ptr [rcx+6C], 3
jbe @F
mov dword ptr [rcx+6C], 3
mov dword ptr [rcx+70], 3
@@:
cmp dword ptr [rcx+6C], 3
je code
mov dword ptr [rcx+6C], 3
mov dword ptr [rcx+70], 3
jmp code
chk_ammo_normal:
cmp dword ptr [rcx+6C], #30
jbe @F
mov dword ptr [rcx+6C], #30
mov dword ptr [rcx+70], #30
@@:
cmp dword ptr [rcx+6C], #30
je code
mov dword ptr [rcx+6C], #30
mov dword ptr [rcx+70], #30
jmp code
chk_ammo_dis:
cmp dword ptr [rcx+6C], B
jbe @F
mov dword ptr [rcx+6C], B
mov dword ptr [rcx+70], B
@@:
cmp dword ptr [rcx+6C], B
je code
mov dword ptr [rcx+6C], B
mov dword ptr [rcx+70], B
jmp code
chk_ammo_imp:
cmp dword ptr [rcx+6C], 7
jbe @F
mov dword ptr [rcx+6C], 7
mov dword ptr [rcx+70], 7
@@:
cmp dword ptr [rcx+6C], 7
je code
mov dword ptr [rcx+6C], 7
mov dword ptr [rcx+70], 7
jmp code
chk_ammo_stinger:
cmp dword ptr [rcx+6C], 1F
jbe @F
mov dword ptr [rcx+6C], 1F
mov dword ptr [rcx+70], 1F
@@:
cmp dword ptr [rcx+6C], 1F
je code
mov dword ptr [rcx+6C], 1F
mov dword ptr [rcx+70], 1F
jmp code
chk_ammo_nikki_mission:
cmp dword ptr [rcx+6C], #60
jbe @F
mov dword ptr [rcx+6C], #60
mov dword ptr [rcx+70], #60
@@:
cmp dword ptr [rcx+6C], #60
je code
mov dword ptr [rcx+6C], #60
mov dword ptr [rcx+70], #60
jmp code
chk_smart_mine:
cmp dword ptr [rcx+58], 00CD7AAA // 智慧地雷
jne @F
mov dword ptr [rcx+70], 2
@@:
jmp code
chk_sonic_bomb:
cmp dword ptr [rcx+58], 00CD74CC // Sonic
jne @F
mov dword ptr [rcx+70], 2
@@:
jmp code
chk_grenade:
cmp dword ptr [rcx+58], 01330AA8 // Electric
jne @F
mov dword ptr [rcx+70], 3
@@:
jmp code
code:
//je "SB-Win64-Shipping.exe"+1BCA59A
//reassemble(INJECT_SET_GOLD)
add r14d,[rcx+6C]
jmp return
align 10 cc
is_set_real_item_amount:
dd 1
i_real_amount_threshold:
dd 2
i_set_real_amount_to:
dd 53
i_set_real_amount_to2:
dd #800
INJECT_SET_GOLD:
jmp far newmem
return:
registersymbol(INJECT_SET_GOLD is_set_real_item_amount i_set_real_amount_to i_set_real_amount_to2 i_real_amount_threshold)
[DISABLE]
INJECT_SET_GOLD:
db 74 0C 48 8B 0B 48 85 C9 74 04 44 03 71 6C
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1BCA58C
"SB-Win64-Shipping.exe"+1BCA56F: EB 29 - jmp "SB-Win64-Shipping.exe"+1BCA59A
"SB-Win64-Shipping.exe"+1BCA571: 48 85 C0 - test rax,rax
"SB-Win64-Shipping.exe"+1BCA574: 48 8D 58 10 - lea rbx,[rax+10]
"SB-Win64-Shipping.exe"+1BCA578: 49 0F 44 DC - cmove rbx,r12
"SB-Win64-Shipping.exe"+1BCA57C: 48 85 DB - test rbx,rbx
"SB-Win64-Shipping.exe"+1BCA57F: 74 19 - je "SB-Win64-Shipping.exe"+1BCA59A
"SB-Win64-Shipping.exe"+1BCA581: 48 8B 0B - mov rcx,[rbx]
"SB-Win64-Shipping.exe"+1BCA584: 48 8B 01 - mov rax,[rcx]
"SB-Win64-Shipping.exe"+1BCA587: FF 50 28 - call qword ptr [rax+28]
"SB-Win64-Shipping.exe"+1BCA58A: 84 C0 - test al,al
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1BCA58C: 74 0C - je "SB-Win64-Shipping.exe"+1BCA59A
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1BCA58E: 48 8B 0B - mov rcx,[rbx]
"SB-Win64-Shipping.exe"+1BCA591: 48 85 C9 - test rcx,rcx
"SB-Win64-Shipping.exe"+1BCA594: 74 04 - je "SB-Win64-Shipping.exe"+1BCA59A
"SB-Win64-Shipping.exe"+1BCA596: 44 03 71 6C - add r14d,[rcx+6C]
"SB-Win64-Shipping.exe"+1BCA59A: 48 83 C5 10 - add rbp,10
"SB-Win64-Shipping.exe"+1BCA59E: 49 3B EF - cmp rbp,r15
"SB-Win64-Shipping.exe"+1BCA5A1: 0F 85 19 FF FF FF - jne "SB-Win64-Shipping.exe"+1BCA4C0
"SB-Win64-Shipping.exe"+1BCA5A7: 48 8B 7C 24 38 - mov rdi,[rsp+38]
"SB-Win64-Shipping.exe"+1BCA5AC: 48 8B 74 24 70 - mov rsi,[rsp+70]
"SB-Win64-Shipping.exe"+1BCA5B1: 48 8B 6C 24 68 - mov rbp,[rsp+68]
}
23
"inf. drone ammo / Nikki DLC ammo / some grenades in hand"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-13
Author : bbfox@https://opencheattables.com
}
[ENABLE]
is_chk_ammo_amt:
dd 1
is_grenade:
dd 1
is_p_grenade:
dd 1
aobscanmodule(INJECT_INF_DRONE_AMMO,$process,41 8B 57 34 41 0F 10 07 49 8B 5F 20 41 2B D4) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
push rax
mov rax, is_chk_ammo_amt
cmp dword ptr [rax], 1
pop rax
jne code
cmp dword ptr [r15+20], 012DE46F // 一般彈
je @F
cmp dword ptr [r15+20], 01285ED4 // 爆破彈
je @F
cmp dword ptr [r15+20], 012DE3A4 // 衝擊
je @F
cmp dword ptr [r15+20], 012DE467 // 散彈
je @F
cmp dword ptr [r15+20], 01285282 // 剌針
je @F
cmp dword ptr [r15+20], 012D4F30 // nikki game ammo
je @F
jmp code
@@:
xor r12d, r12d
jmp code
code:
mov edx,[r15+34]
movups xmm0,[r15]
mov rbx,[r15+20]
sub edx,r12d
jmp return
INJECT_INF_DRONE_AMMO:
jmp far newmem
nop
return:
registersymbol(INJECT_INF_DRONE_AMMO)
[DISABLE]
is_chk_ammo_amt:
dd 0
is_grenade:
dd 0
is_p_grenade:
dd 0
INJECT_INF_DRONE_AMMO:
db 41 8B 57 34 41 0F 10 07 49 8B 5F 20 41 2B D4
unregistersymbol(INJECT_INF_DRONE_AMMO)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1C27FDD
"SB-Win64-Shipping.exe"+1C27FA9: 0F 84 4A 04 00 00 - je "SB-Win64-Shipping.exe"+1C283F9
"SB-Win64-Shipping.exe"+1C27FAF: 48 89 B4 24 18 01 00 00 - mov [rsp+00000118],rsi
"SB-Win64-Shipping.exe"+1C27FB7: 33 F6 - xor esi,esi
"SB-Win64-Shipping.exe"+1C27FB9: 4C 89 BC 24 E0 00 00 00 - mov [rsp+000000E0],r15
"SB-Win64-Shipping.exe"+1C27FC1: 4C 69 F8 68 01 00 00 - imul r15,rax,00000168
"SB-Win64-Shipping.exe"+1C27FC8: 4D 03 7E 40 - add r15,[r14+40]
"SB-Win64-Shipping.exe"+1C27FCC: 4D 8D 7F 10 - lea r15,[r15+10]
"SB-Win64-Shipping.exe"+1C27FD0: 4C 0F 44 FE - cmove r15,rsi
"SB-Win64-Shipping.exe"+1C27FD4: 4D 85 FF - test r15,r15
"SB-Win64-Shipping.exe"+1C27FD7: 0F 84 0C 04 00 00 - je "SB-Win64-Shipping.exe"+1C283E9
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1C27FDD: 41 8B 57 34 - mov edx,[r15+34]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1C27FE1: 41 0F 10 07 - movups xmm0,[r15]
"SB-Win64-Shipping.exe"+1C27FE5: 49 8B 5F 20 - mov rbx,[r15+20]
"SB-Win64-Shipping.exe"+1C27FE9: 41 2B D4 - sub edx,r12d
"SB-Win64-Shipping.exe"+1C27FEC: 45 39 67 34 - cmp [r15+34],r12d
"SB-Win64-Shipping.exe"+1C27FF0: 48 89 BC 24 20 01 00 00 - mov [rsp+00000120],rdi
"SB-Win64-Shipping.exe"+1C27FF8: 0F 42 D6 - cmovb edx,esi
"SB-Win64-Shipping.exe"+1C27FFB: 48 89 5D CF - mov [rbp-31],rbx
"SB-Win64-Shipping.exe"+1C27FFF: 41 89 57 34 - mov [r15+34],edx
"SB-Win64-Shipping.exe"+1C28003: 0F 11 45 DF - movups [rbp-21],xmm0
"SB-Win64-Shipping.exe"+1C28007: 40 38 75 7F - cmp [rbp+7F],sil
}
24
"Also fix display ammo amount"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-14
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_AMMO3,$process,41 8B 01 2B C5 41 39 29 0F 46 C7 41 89 01) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
push rax
mov rax, is_chk_ammo_amt
cmp dword ptr [rax], 1
pop rax
jne code
cmp dword ptr [rdx+58], 012DE46F
je @F
cmp dword ptr [rdx+58], 01285ED4
je @F
cmp dword ptr [rdx+58], 012DE3A4
je @F
cmp dword ptr [rdx+58], 012DE467
je @F
cmp dword ptr [rdx+58], 01285282
je @F
cmp dword ptr [rdx+58], 012D4F30
je @F
jmp chk_others
@@:
xor ebp, ebp
jmp code
chk_others:
push rax
mov rax, is_chk_smart_mine
cmp dword ptr [rax], 1
pop rax
je chk_smart_mine
push rax
mov rax, is_sonic_bomb
cmp dword ptr [rax], 1
pop rax
je chk_sonic_bomb
push rax
mov rax, is_grenade
cmp dword ptr [rax], 1
pop rax
je chk_grenade
jmp code
chk_smart_mine:
cmp dword ptr [rdx+58], 00CD7AAA // 智慧地雷
jne @F
mov dword ptr [rdx+70], 2
xor ebp, ebp
@@:
//jmp code
chk_sonic_bomb:
cmp dword ptr [rdx+58], 00CD74CC
jne @F
mov dword ptr [rdx+70], 2
xor ebp, ebp
@@:
//jmp code
chk_grenade:
cmp dword ptr [rdx+58], 01330AA8
jne @F
mov dword ptr [rdx+70], 3
xor ebp, ebp
@@:
//jmp code
code:
mov eax,[r9]
sub eax,ebp
cmp [r9],ebp
cmovbe eax,edi
mov [r9],eax
jmp return
INJECT_AMMO3:
jmp far newmem
return:
registersymbol(INJECT_AMMO3)
[DISABLE]
INJECT_AMMO3:
db 41 8B 01 2B C5 41 39 29 0F 46 C7 41 89 01
unregistersymbol(INJECT_AMMO3)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1BC8991
"SB-Win64-Shipping.exe"+1BC896B: 74 C3 - je "SB-Win64-Shipping.exe"+1BC8930
"SB-Win64-Shipping.exe"+1BC896D: 44 8B 42 6C - mov r8d,[rdx+6C]
"SB-Win64-Shipping.exe"+1BC8971: 4C 8D 4A 70 - lea r9,[rdx+70]
"SB-Win64-Shipping.exe"+1BC8975: 44 0F B6 94 24 90 00 00 00 - movzx r10d,byte ptr [rsp+00000090]
"SB-Win64-Shipping.exe"+1BC897E: 44 2B C5 - sub r8d,ebp
"SB-Win64-Shipping.exe"+1BC8981: 39 6A 6C - cmp [rdx+6C],ebp
"SB-Win64-Shipping.exe"+1BC8984: 44 0F 46 C7 - cmovbe r8d,edi
"SB-Win64-Shipping.exe"+1BC8988: 44 89 42 6C - mov [rdx+6C],r8d
"SB-Win64-Shipping.exe"+1BC898C: 45 84 D2 - test r10b,r10b
"SB-Win64-Shipping.exe"+1BC898F: 74 0E - je "SB-Win64-Shipping.exe"+1BC899F
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1BC8991: 41 8B 01 - mov eax,[r9]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1BC8994: 2B C5 - sub eax,ebp
"SB-Win64-Shipping.exe"+1BC8996: 41 39 29 - cmp [r9],ebp
"SB-Win64-Shipping.exe"+1BC8999: 0F 46 C7 - cmovbe eax,edi
"SB-Win64-Shipping.exe"+1BC899C: 41 89 01 - mov [r9],eax
"SB-Win64-Shipping.exe"+1BC899F: 45 39 01 - cmp [r9],r8d
"SB-Win64-Shipping.exe"+1BC89A2: 76 03 - jna "SB-Win64-Shipping.exe"+1BC89A7
"SB-Win64-Shipping.exe"+1BC89A4: 45 89 01 - mov [r9],r8d
"SB-Win64-Shipping.exe"+1BC89A7: 0F B6 84 24 98 00 00 00 - movzx eax,byte ptr [rsp+00000098]
"SB-Win64-Shipping.exe"+1BC89AF: 45 0F B6 CE - movzx r9d,r14b
"SB-Win64-Shipping.exe"+1BC89B3: 88 44 24 28 - mov [rsp+28],al
}
25
"E. grenade?"
0:No
1:Yes
0
C08000
4 Bytes
is_grenade
26
"P. grenade?"
0:No
1:Yes
0
C08000
4 Bytes
is_p_grenade
27
"inf. smart mines in hand"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-15
Author : bbfox@https://opencheattables.com
}
[ENABLE]
is_chk_smart_mine:
dd 1
aobscanmodule(INJECT_INF_SOME_USE_ITEMS,$process,41 8B 47 38 41 2B C4 45 39 67 38 0F 42 C6) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
push rax
mov rax, is_chk_smart_mine
cmp dword ptr [rax], 1
pop rax
je chk_smart_mine
push rax
mov rax, is_sonic_bomb
cmp dword ptr [rax], 1
pop rax
je chk_sonic_bomb
push rax
mov rax, is_grenade
cmp dword ptr [rax], 1
pop rax
je chk_grenade
jmp code
chk_smart_mine:
cmp dword ptr [r15+20], 00CD7AAA // 智慧地雷
jne @F
mov dword ptr [r15+38], 2
xor r12d, r12d
@@:
//jmp code
chk_sonic_bomb:
cmp dword ptr [r15+20], 00CD74CC
jne @F
mov dword ptr [r15+38], 2
xor r12d, r12d
@@:
//jmp code
chk_grenade:
cmp dword ptr [r15+20], 01330AA8
jne @F
mov dword ptr [r15+38], 3
xor r12d, r12d
@@:
//jmp code
code:
mov eax,[r15+38]
sub eax,r12d
cmp [r15+38],r12d
cmovb eax,esi
jmp return
INJECT_INF_SOME_USE_ITEMS:
jmp far newmem
return:
registersymbol(INJECT_INF_SOME_USE_ITEMS)
[DISABLE]
is_chk_smart_mine:
dd 0
INJECT_INF_SOME_USE_ITEMS:
db 41 8B 47 38 41 2B C4 45 39 67 38 0F 42 C6
unregistersymbol(INJECT_INF_SOME_USE_ITEMS)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1C2800D
"SB-Win64-Shipping.exe"+1C27FE5: 49 8B 5F 20 - mov rbx,[r15+20]
"SB-Win64-Shipping.exe"+1C27FE9: 41 2B D4 - sub edx,r12d
"SB-Win64-Shipping.exe"+1C27FEC: 45 39 67 34 - cmp [r15+34],r12d
"SB-Win64-Shipping.exe"+1C27FF0: 48 89 BC 24 20 01 00 00 - mov [rsp+00000120],rdi
"SB-Win64-Shipping.exe"+1C27FF8: 0F 42 D6 - cmovb edx,esi
"SB-Win64-Shipping.exe"+1C27FFB: 48 89 5D CF - mov [rbp-31],rbx
"SB-Win64-Shipping.exe"+1C27FFF: 41 89 57 34 - mov [r15+34],edx
"SB-Win64-Shipping.exe"+1C28003: 0F 11 45 DF - movups [rbp-21],xmm0
"SB-Win64-Shipping.exe"+1C28007: 40 38 75 7F - cmp [rbp+7F],sil
"SB-Win64-Shipping.exe"+1C2800B: 74 12 - je "SB-Win64-Shipping.exe"+1C2801F
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1C2800D: 41 8B 47 38 - mov eax,[r15+38]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1C28011: 41 2B C4 - sub eax,r12d
"SB-Win64-Shipping.exe"+1C28014: 45 39 67 38 - cmp [r15+38],r12d
"SB-Win64-Shipping.exe"+1C28018: 0F 42 C6 - cmovb eax,esi
"SB-Win64-Shipping.exe"+1C2801B: 41 89 47 38 - mov [r15+38],eax
"SB-Win64-Shipping.exe"+1C2801F: 41 39 57 38 - cmp [r15+38],edx
"SB-Win64-Shipping.exe"+1C28023: 76 04 - jna "SB-Win64-Shipping.exe"+1C28029
"SB-Win64-Shipping.exe"+1C28025: 41 89 57 38 - mov [r15+38],edx
"SB-Win64-Shipping.exe"+1C28029: 85 D2 - test edx,edx
"SB-Win64-Shipping.exe"+1C2802B: 0F 85 B5 02 00 00 - jne "SB-Win64-Shipping.exe"+1C282E6
"SB-Win64-Shipping.exe"+1C28031: 41 8B 86 98 00 00 00 - mov eax,[r14+00000098]
}
28
""Also fix display ammo amount" must on"
8000FF
1
29
"Enabled?"
0:No
1:Yes
0
C08000
4 Bytes
is_chk_smart_mine
30
"Chk ammo amount?"
0:No
1:Yes
0
C08000
4 Bytes
is_chk_ammo_amt
31
"Gold display /chk value #1"
0
FF8080
4 Bytes
i_base_money_addr
34
32
"Gold display value #2"
0
FF8080
4 Bytes
i_base_money_addr
38
33
"Set amount+"
1
34
"Enable item amount modification?"
0:No
1:Yes
0
C08000
4 Bytes
is_set_real_item_amount
35
"cur. item amount must >? to trigger, ? ="
0
C08000
4 Bytes
i_real_amount_threshold
36
"Set amount to ?, if < 100. ? ="
0
C08000
4 Bytes
i_set_real_amount_to
37
"Set amount to ?, if amount > 100. ? ="
0
C08000
4 Bytes
i_set_real_amount_to2
38
"Get SP"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-12
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_GET_SP,$process,F3 0F 10 8A ?? 0? 00 00 F3 0F 58 C9 41 D1 FD F3 0F 58 CA) // should be unique
alloc(newmem,$1000)
alloc(INJECT_GET_SPo, 15)
label(code)
label(return i_base_sp_addr i_base_sp_offset)
INJECT_GET_SPo:
readmem(INJECT_GET_SP, 15)
newmem:
mov [i_base_sp_addr], rdx
push r15
mov r15, INJECT_GET_SPo+4
mov r15d, [r15]
mov [i_base_sp_offset], r15
pop r15
code:
//movss xmm1,[rdx+000002C0]
readmem(INJECT_GET_SP, 8)
addss xmm1,xmm1
sar r13d,1
jmp return
align 10 cc
i_base_sp_addr:
dq 0
i_base_sp_offset:
dd 0 0
INJECT_GET_SP:
jmp far newmem
nop
return:
registersymbol(INJECT_GET_SP i_base_sp_addr i_base_sp_offset)
registersymbol(INJECT_GET_SPo)
[DISABLE]
INJECT_GET_SP:
//db F3 0F 10 8A C0 02 00 00 F3 0F 58 C9 41 D1 FD
readmem(INJECT_GET_SPo, 15)
unregistersymbol(*)
dealloc(newmem)
dealloc(INJECT_GET_SPo)
unregistersymbol(INJECT_GET_SPo)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1E007DF
"SB-Win64-Shipping.exe"+1E0079A: F3 0F 10 15 2E 70 98 04 - movss xmm2,["SB-Win64-Shipping.exe"+67877D0]
"SB-Win64-Shipping.exe"+1E007A2: F3 0F 58 C9 - addss xmm1,xmm1
"SB-Win64-Shipping.exe"+1E007A6: 48 89 B4 24 F0 00 00 00 - mov [rsp+000000F0],rsi
"SB-Win64-Shipping.exe"+1E007AE: 48 89 BC 24 00 01 00 00 - mov [rsp+00000100],rdi
"SB-Win64-Shipping.exe"+1E007B6: 4C 89 A4 24 08 01 00 00 - mov [rsp+00000108],r12
"SB-Win64-Shipping.exe"+1E007BE: 4C 89 AC 24 C8 00 00 00 - mov [rsp+000000C8],r13
"SB-Win64-Shipping.exe"+1E007C6: F3 0F 58 CA - addss xmm1,xmm2
"SB-Win64-Shipping.exe"+1E007CA: 4C 89 BC 24 C0 00 00 00 - mov [rsp+000000C0],r15
"SB-Win64-Shipping.exe"+1E007D2: 0F 29 B4 24 B0 00 00 00 - movaps [rsp+000000B0],xmm6
"SB-Win64-Shipping.exe"+1E007DA: F3 44 0F 2D E9 - cvtss2si r13d,xmm1
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1E007DF: F3 0F 10 8A C0 02 00 00 - movss xmm1,[rdx+000002C0]
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1E007E7: F3 0F 58 C9 - addss xmm1,xmm1
"SB-Win64-Shipping.exe"+1E007EB: 41 D1 FD - sar r13d,1
"SB-Win64-Shipping.exe"+1E007EE: F3 0F 58 CA - addss xmm1,xmm2
"SB-Win64-Shipping.exe"+1E007F2: F3 44 0F 2D F9 - cvtss2si r15d,xmm1
"SB-Win64-Shipping.exe"+1E007F7: F3 0F 10 8A BC 02 00 00 - movss xmm1,[rdx+000002BC]
"SB-Win64-Shipping.exe"+1E007FF: F3 0F 58 C9 - addss xmm1,xmm1
"SB-Win64-Shipping.exe"+1E00803: 41 D1 FF - sar r15d,1
"SB-Win64-Shipping.exe"+1E00806: F3 0F 58 CA - addss xmm1,xmm2
"SB-Win64-Shipping.exe"+1E0080A: F3 0F 2D F1 - cvtss2si esi,xmm1
"SB-Win64-Shipping.exe"+1E0080E: D1 FE - sar esi,1
}
39
"Usage: open skill tree menu"
8000FF
1
40
"SP"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]-194
41
"SP EXP (modify this to get SP)"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]
42
"HP"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]-1A4
43
"SH"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]-18C
44
"BE"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]-170
45
"BU"
0
FF8080
Float
i_base_sp_addr
[i_base_sp_offset]-160
46
"Get last stat data (circular update)"
Auto Assembler Script
{ Game : SB-Win64-Shipping.exe
Version:
Date : 2025-06-15
Author : bbfox@https://opencheattables.com
}
[ENABLE]
aobscanmodule(INJECT_STATS_CNT,$process,44 01 61 14 41 8B 45 10 4C 63 4D 48 41 3B 45 3C) // should be unique
alloc(newmem,$1000)
label(code)
label(return i_base_stats_addr i_stat_idx)
newmem:
push r15
push r14
xor r14, r14
loop1:
mov r15, i_base_stats_addr
lea r15, [r15+r14*8]
cmp [r15], rcx
je endp
cmp [r15], 0
je write_data
inc r14
cmp r14, 4
jae write_data
jmp loop1
write_data:
mov r14, [i_stat_idx]
mov r15, i_base_stats_addr
lea r15, [r15+r14*8]
mov [r15], rcx
inc qword ptr [i_stat_idx]
cmp qword ptr [i_stat_idx], 4
jb endp
mov qword ptr [i_stat_idx], 0
endp:
pop r14
pop r15
code:
add [rcx+14],r12d
mov eax,[r13+10]
movsxd r9,dword ptr [rbp+48]
cmp eax,[r13+3C]
jmp return
align 10 cc
i_base_stats_addr:
dq 0 0 0 0
dq 0 0
i_stat_idx:
dq 0
INJECT_STATS_CNT:
jmp far newmem
nop 2
return:
registersymbol(INJECT_STATS_CNT i_base_stats_addr i_stat_idx)
[DISABLE]
INJECT_STATS_CNT:
db 44 01 61 14 41 8B 45 10 4C 63 4D 48 41 3B 45 3C
unregistersymbol(*)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "SB-Win64-Shipping.exe"+1A1D1DC
"SB-Win64-Shipping.exe"+1A1D1B8: 0F 1F 84 00 00 00 00 00 - nop dword ptr [rax+rax+00000000]
"SB-Win64-Shipping.exe"+1A1D1C0: 48 63 C8 - movsxd rcx,eax
"SB-Win64-Shipping.exe"+1A1D1C3: 48 8D 04 89 - lea rax,[rcx+rcx*4]
"SB-Win64-Shipping.exe"+1A1D1C7: 44 39 0C C2 - cmp [rdx+rax*8],r9d
"SB-Win64-Shipping.exe"+1A1D1CB: 48 8D 0C C2 - lea rcx,[rdx+rax*8]
"SB-Win64-Shipping.exe"+1A1D1CF: 74 0B - je "SB-Win64-Shipping.exe"+1A1D1DC
"SB-Win64-Shipping.exe"+1A1D1D1: 8B 41 20 - mov eax,[rcx+20]
"SB-Win64-Shipping.exe"+1A1D1D4: 83 F8 FF - cmp eax,-01
"SB-Win64-Shipping.exe"+1A1D1D7: 75 E7 - jne "SB-Win64-Shipping.exe"+1A1D1C0
"SB-Win64-Shipping.exe"+1A1D1D9: 49 8B CF - mov rcx,r15
// ---------- INJECTING HERE ----------
"SB-Win64-Shipping.exe"+1A1D1DC: 44 01 61 14 - add [rcx+14],r12d
// ---------- DONE INJECTING ----------
"SB-Win64-Shipping.exe"+1A1D1E0: 41 8B 45 10 - mov eax,[r13+10]
"SB-Win64-Shipping.exe"+1A1D1E4: 4C 63 4D 48 - movsxd r9,dword ptr [rbp+48]
"SB-Win64-Shipping.exe"+1A1D1E8: 41 3B 45 3C - cmp eax,[r13+3C]
"SB-Win64-Shipping.exe"+1A1D1EC: 74 4B - je "SB-Win64-Shipping.exe"+1A1D239
"SB-Win64-Shipping.exe"+1A1D1EE: 49 8B 4D 48 - mov rcx,[r13+48]
"SB-Win64-Shipping.exe"+1A1D1F2: 4D 8D 45 40 - lea r8,[r13+40]
"SB-Win64-Shipping.exe"+1A1D1F6: 49 63 55 50 - movsxd rdx,dword ptr [r13+50]
"SB-Win64-Shipping.exe"+1A1D1FA: 48 FF CA - dec rdx
"SB-Win64-Shipping.exe"+1A1D1FD: 49 23 D1 - and rdx,r9
"SB-Win64-Shipping.exe"+1A1D200: 48 85 C9 - test rcx,rcx
}
47
"next data position"
0
C08000
4 Bytes
i_stat_idx
48
"ID #0"
20022:# of executed
20027:# of perfect evade
20028:# of perfect parry
20031:# of kills
20042:# of completed achievenents?
0
FF8080
4 Bytes
i_base_stats_addr
10
49
"Value #0"
0
FF8080
4 Bytes
i_base_stats_addr
14
50
"ID #1"
ID #0
0
FF8080
4 Bytes
i_base_stats_addr+8
10
51
"Value #1"
0
FF8080
4 Bytes
i_base_stats_addr+8
14
52
"ID #2"
ID #0
0
FF8080
4 Bytes
i_base_stats_addr+10
10
53
"Value #3"
0
FF8080
4 Bytes
i_base_stats_addr+10
14
54
"ID #2"
ID #0
0
FF8080
4 Bytes
i_base_stats_addr+18
10
55
"Value #4"
0
FF8080
4 Bytes
i_base_stats_addr+18
14
56
"Stellar Blade™ / https://opencheattables.com"
009700
1
Change of sub edx,r12d
"SB-Win64-Shipping.exe"+1C27FE9
07
49
8B
5F
20
41
2B
D4
45
39
67
34
48