80
"Godmode 10K Lock"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-22
Author : Apocalypticx
This script does lock health at 10000
}
[ENABLE]
aobscanmodule(godmode,nwmain.exe,0F B7 81 F0 00 00 00) // should be unique
alloc(newmem,$1000,godmode)
label(code)
label(return)
label(god)
newmem:
pushfq
cmp [rcx+00000108],1
je god
popfq
code:
movzx eax,word ptr [rcx+000000F0]
jmp return
god:
popfq
movzx eax,word ptr [rcx+000000F0]
mov [rcx+000000F0],(int)10000
jmp return
godmode:
jmp newmem
nop
nop
return:
registersymbol(godmode)
[DISABLE]
godmode:
db 0F B7 81 F0 00 00 00
unregistersymbol(godmode)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CNWSObject::GetCurrentHitPoints+5
nwmain.CNWSObject::GetCasterLevel+1D8: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1D9: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DA: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DB: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DC: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DD: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DE: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DF: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints: 83 FA 01 - cmp edx,01
nwmain.CNWSObject::GetCurrentHitPoints+3: 75 08 - jne nwmain.CNWSObject::GetCurrentHitPoints+D
// ---------- INJECTING HERE ----------
nwmain.CNWSObject::GetCurrentHitPoints+5: 0F B7 81 F0 00 00 00 - movzx eax,word ptr [rcx+000000F0]
// ---------- DONE INJECTING ----------
nwmain.CNWSObject::GetCurrentHitPoints+C: C3 - ret
nwmain.CNWSObject::GetCurrentHitPoints+D: 0F B7 81 F8 00 00 00 - movzx eax,word ptr [rcx+000000F8]
nwmain.CNWSObject::GetCurrentHitPoints+14: 66 03 81 F0 00 00 00 - add ax,[rcx+000000F0]
nwmain.CNWSObject::GetCurrentHitPoints+1B: C3 - ret
nwmain.CNWSObject::GetCurrentHitPoints+1C: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1D: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1E: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1F: CC - int 3
nwmain.CNWSObject::GetDamageImmunity: 80 FA 20 - cmp dl,20
nwmain.CNWSObject::GetDamageImmunity+3: 73 1C - jae nwmain.CNWSObject::GetDamageImmunity+21
}
81
"One Hit Kill"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-22
Author : Apocalypticx
This script does one hit kill
}
[ENABLE]
aobscanmodule(onehitkill,nwmain.exe,0F B7 81 F8 00 00 00) // should be unique
alloc(newmem,$1000,onehitkill)
label(code)
label(return)
label(doonehit)
newmem:
pushfq
cmp [rcx+00000108],1
jne doonehit
popfq
code:
movzx eax,word ptr [rcx+000000F8]
jmp return
doonehit:
popfq
mov word ptr [rcx+000000F8],(int)1
movzx eax,word ptr [rcx+000000F8]
jmp return
onehitkill:
jmp newmem
nop
nop
return:
registersymbol(onehitkill)
[DISABLE]
onehitkill:
db 0F B7 81 F8 00 00 00
unregistersymbol(onehitkill)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CNWSObject::GetCurrentHitPoints+D
nwmain.CNWSObject::GetCasterLevel+1DA: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DB: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DC: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DD: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DE: CC - int 3
nwmain.CNWSObject::GetCasterLevel+1DF: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints: 83 FA 01 - cmp edx,01
nwmain.CNWSObject::GetCurrentHitPoints+3: 75 08 - jne nwmain.CNWSObject::GetCurrentHitPoints+D
nwmain.CNWSObject::GetCurrentHitPoints+5: 0F B7 81 F0 00 00 00 - movzx eax,word ptr [rcx+000000F0]
nwmain.CNWSObject::GetCurrentHitPoints+C: C3 - ret
// ---------- INJECTING HERE ----------
nwmain.CNWSObject::GetCurrentHitPoints+D: 0F B7 81 F8 00 00 00 - movzx eax,word ptr [rcx+000000F8]
// ---------- DONE INJECTING ----------
nwmain.CNWSObject::GetCurrentHitPoints+14: 66 03 81 F0 00 00 00 - add ax,[rcx+000000F0]
nwmain.CNWSObject::GetCurrentHitPoints+1B: C3 - ret
nwmain.CNWSObject::GetCurrentHitPoints+1C: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1D: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1E: CC - int 3
nwmain.CNWSObject::GetCurrentHitPoints+1F: CC - int 3
nwmain.CNWSObject::GetDamageImmunity: 80 FA 20 - cmp dl,20
nwmain.CNWSObject::GetDamageImmunity+3: 73 1C - jae nwmain.CNWSObject::GetDamageImmunity+21
nwmain.CNWSObject::GetDamageImmunity+5: 48 8B 81 10 02 00 00 - mov rax,[rcx+00000210]
nwmain.CNWSObject::GetDamageImmunity+C: 0F B6 D2 - movzx edx,dl
}
90
"Infinite Inventory"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-26
Author : Apocalypticx
This script does infinite inventory
}
[ENABLE]
aobscanmodule(infiniteinv,nwmain.exe,89 83 64 04 00 00 E9) // should be unique
alloc(newmem,$1000,infiniteinv)
label(code)
label(return)
newmem:
code:
jmp return
infiniteinv:
jmp newmem
nop
return:
registersymbol(infiniteinv)
[DISABLE]
infiniteinv:
db 89 83 64 04 00 00
unregistersymbol(infiniteinv)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CNWSCreature::AIActionItemCastSpell+7BC
nwmain.CNWSCreature::AIActionItemCastSpell+794: 0F 87 07 01 00 00 - ja nwmain.CNWSCreature::AIActionItemCastSpell+8A1
nwmain.CNWSCreature::AIActionItemCastSpell+79A: 48 98 - cdqe
nwmain.CNWSCreature::AIActionItemCastSpell+79C: 48 8D 15 7D E0 CA FF - lea rdx,[nwmain.exe]
nwmain.CNWSCreature::AIActionItemCastSpell+7A3: 8B 8C 82 E0 21 35 00 - mov ecx,[rdx+rax*4+003521E0]
nwmain.CNWSCreature::AIActionItemCastSpell+7AA: 48 03 CA - add rcx,rdx
nwmain.CNWSCreature::AIActionItemCastSpell+7AD: FF E1 - jmp rcx
nwmain.CNWSCreature::AIActionItemCastSpell+7AF: 8B 83 64 04 00 00 - mov eax,[rbx+00000464]
nwmain.CNWSCreature::AIActionItemCastSpell+7B5: 83 F8 01 - cmp eax,01
nwmain.CNWSCreature::AIActionItemCastSpell+7B8: 7E 0D - jle nwmain.CNWSCreature::AIActionItemCastSpell+7C7
nwmain.CNWSCreature::AIActionItemCastSpell+7BA: FF C8 - dec eax
// ---------- INJECTING HERE ----------
nwmain.CNWSCreature::AIActionItemCastSpell+7BC: 89 83 64 04 00 00 - mov [rbx+00000464],eax
// ---------- DONE INJECTING ----------
nwmain.CNWSCreature::AIActionItemCastSpell+7C2: E9 DA 00 00 00 - jmp nwmain.CNWSCreature::AIActionItemCastSpell+8A1
nwmain.CNWSCreature::AIActionItemCastSpell+7C7: 44 89 7E 0C - mov [rsi+0C],r15d
nwmain.CNWSCreature::AIActionItemCastSpell+7CB: 44 39 BB 54 01 00 00 - cmp [rbx+00000154],r15d
nwmain.CNWSCreature::AIActionItemCastSpell+7D2: 0F 85 C9 00 00 00 - jne nwmain.CNWSCreature::AIActionItemCastSpell+8A1
nwmain.CNWSCreature::AIActionItemCastSpell+7D8: 41 BC 01 00 00 00 - mov r12d,00000001
nwmain.CNWSCreature::AIActionItemCastSpell+7DE: E9 BE 00 00 00 - jmp nwmain.CNWSCreature::AIActionItemCastSpell+8A1
nwmain.CNWSCreature::AIActionItemCastSpell+7E3: BF 01 00 00 00 - mov edi,00000001
nwmain.CNWSCreature::AIActionItemCastSpell+7E8: 8B 93 98 03 00 00 - mov edx,[rbx+00000398]
nwmain.CNWSCreature::AIActionItemCastSpell+7EE: 83 FA 05 - cmp edx,05
nwmain.CNWSCreature::AIActionItemCastSpell+7F1: 0F 8C AA 00 00 00 - jl nwmain.CNWSCreature::AIActionItemCastSpell+8A1
}
84
"Enable Debugmode"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-26
Author : Apocalypticx
This script does enable debug mode
}
[ENABLE]
aobscanmodule(debugmode,nwmain.exe,8B 80 F0 00 01 00) // should be unique
alloc(newmem,$1000,debugmode)
label(code)
label(return)
label(DebugModeAdd)
newmem:
push rbx
mov rbx,[DebugModeAdd]
mov [rax+000100F0],rbx
pop rbx
code:
mov eax,[rax+000100F0]
jmp return
DebugModeAdd:
db 0
debugmode:
jmp newmem
nop
return:
registersymbol(debugmode)
registersymbol(DebugModeAdd)
[DISABLE]
debugmode:
db 8B 80 F0 00 01 00
unregistersymbol(DebugModeAdd)
unregistersymbol(debugmode)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CServerExoApp::GetDebugMode+4
nwmain.CServerExoApp::GetDamageBonusLimit+17: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+18: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+19: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1A: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1B: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1C: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1D: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1E: CC - int 3
nwmain.CServerExoApp::GetDamageBonusLimit+1F: CC - int 3
nwmain.CServerExoApp::GetDebugMode: 48 8B 41 08 - mov rax,[rcx+08]
// ---------- INJECTING HERE ----------
nwmain.CServerExoApp::GetDebugMode+4: 8B 80 F0 00 01 00 - mov eax,[rax+000100F0]
// ---------- DONE INJECTING ----------
nwmain.CServerExoApp::GetDebugMode+A: C3 - ret
nwmain.CServerExoApp::GetDebugMode+B: CC - int 3
nwmain.CServerExoApp::GetDebugMode+C: CC - int 3
nwmain.CServerExoApp::GetDebugMode+D: CC - int 3
nwmain.CServerExoApp::GetDebugMode+E: CC - int 3
nwmain.CServerExoApp::GetDebugMode+F: CC - int 3
nwmain.CServerExoApp::GetDifficultyOption: 48 8B 49 08 - mov rcx,[rcx+08]
nwmain.CServerExoApp::GetDifficultyOption+4: E9 07 3C 00 00 - jmp nwmain.CServerExoAppInternal::GetDifficultyOption
nwmain.CServerExoApp::GetDifficultyOption+9: CC - int 3
nwmain.CServerExoApp::GetDifficultyOption+A: CC - int 3
}
85
"DebugModeAdd"
0
Byte
DebugModeAdd
94
"dm_allspells 1=On 0=Off"
4 Bytes
nwmain.exe+12C1A80
92
"Edit Skills (Concentration)"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-26
Author : Apocalypticx
This script does infinite skills
}
[ENABLE]
aobscanmodule(infiniteskills,nwmain.exe,66 83 BF 1E 01 00 00 02 0F 82 B7) // should be unique
alloc(newmem,$1000,infiniteskills)
label(code)
label(return)
label(EditSkills)
newmem:
push rax
mov rax,[EditSkills]
mov [rdi+0000011E],rax
pop rax
code:
cmp word ptr [rdi+0000011E],02
jmp return
EditSkills:
dd 0
infiniteskills:
jmp newmem
nop
nop
nop
return:
registersymbol(infiniteskills)
registersymbol(EditSkills)
[DISABLE]
infiniteskills:
db 66 83 BF 1E 01 00 00 02
unregistersymbol(EditSkills)
unregistersymbol(infiniteskills)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.exe+721DAC
nwmain.exe+721D86: 0F B7 D6 - movzx edx,si
nwmain.exe+721D89: 48 8B CB - mov rcx,rbx
nwmain.exe+721D8C: E8 1F F4 B2 FF - call nwmain.CNWClass::IsSkillClassSkill
nwmain.exe+721D91: 85 C0 - test eax,eax
nwmain.exe+721D93: 74 17 - je nwmain.exe+721DAC
nwmain.exe+721D95: BD 01 00 00 00 - mov ebp,00000001
nwmain.exe+721D9A: 66 39 AF 1E 01 00 00 - cmp [rdi+0000011E],bp
nwmain.exe+721DA1: EB 11 - jmp nwmain.exe+721DB4
nwmain.exe+721DA3: 45 85 FF - test r15d,r15d
nwmain.exe+721DA6: 0F 84 C5 00 00 00 - je nwmain.exe+721E71
// ---------- INJECTING HERE ----------
nwmain.exe+721DAC: 66 83 BF 1E 01 00 00 02 - cmp word ptr [rdi+0000011E],02
// ---------- DONE INJECTING ----------
nwmain.exe+721DB4: 0F 82 B7 00 00 00 - jb nwmain.exe+721E71
nwmain.exe+721DBA: BA 1E 00 00 00 - mov edx,0000001E
nwmain.exe+721DBF: 48 8D 0D 53 98 58 00 - lea rcx,[nwmain.exe+CAB619]
nwmain.exe+721DC6: 49 B8 52 26 02 86 4C FE 63 AF - mov r8,AF63FE4C86022652
nwmain.exe+721DD0: E8 9B DB B3 FF - call nwmain.CNWRules::fnv1a
nwmain.exe+721DD5: 48 8B 0D 0C 84 A4 00 - mov rcx,[nwmain.g_pRules]
nwmain.exe+721DDC: 41 B8 03 00 00 00 - mov r8d,00000003
nwmain.exe+721DE2: 48 8B D0 - mov rdx,rax
nwmain.exe+721DE5: E8 76 79 B3 FF - call nwmain.CNWRules::GetRulesetIntEntry
nwmain.exe+721DEA: 48 8B CF - mov rcx,rdi
}
93
"EditSkills"
0
4 Bytes
EditSkills
61
"Edit Stats (Use Charisma)"
Auto Assembler Script
{ Game : Neverwinter Nights: Enhanced Edition v88.8193.36-11 [6fc1316d]
Version:
Date : 2024-02-16
Author : Apocalypticx
This script does edit stats
}
[ENABLE]
aobscanmodule(stats,nwmain.exe,0F B6 9E 1C 01 00 00 0F B6 96 83 00 00 00 48 8B CF E8 AF) // should be unique
alloc(newmem,$1000,stats)
label(code)
label(return)
label(EditStats)
newmem:
push rbx
mov rbx,[EditStats]
mov [rsi+0000011C],rbx
pop rbx
code:
movzx ebx,byte ptr [rsi+0000011C]
jmp return
EditStats:
dd 0
stats:
jmp newmem
nop
nop
return:
registersymbol(stats)
registersymbol(EditStats)
[DISABLE]
stats:
db 0F B6 9E 1C 01 00 00
unregistersymbol(EditStats)
unregistersymbol(stats)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.exe+81F06B
nwmain.exe+81F033: BA 17 00 00 00 - mov edx,00000017
nwmain.exe+81F038: 49 B8 52 26 02 86 4C FE 63 AF - mov r8,AF63FE4C86022652
nwmain.exe+81F042: 48 8D 0D 50 C5 48 00 - lea rcx,[nwmain.exe+CAB599]
nwmain.exe+81F049: E8 22 09 A4 FF - call nwmain.CNWRules::fnv1a
nwmain.exe+81F04E: 41 B8 12 00 00 00 - mov r8d,00000012
nwmain.exe+81F054: 48 8B D0 - mov rdx,rax
nwmain.exe+81F057: 48 8B 0D 8A B1 94 00 - mov rcx,[nwmain.g_pRules]
nwmain.exe+81F05E: E8 FD A6 A3 FF - call nwmain.CNWRules::GetRulesetIntEntry
nwmain.exe+81F063: 3B D8 - cmp ebx,eax
nwmain.exe+81F065: 0F 8D 2B 01 00 00 - jnl nwmain.exe+81F196
// ---------- INJECTING HERE ----------
nwmain.exe+81F06B: 0F B6 9E 1C 01 00 00 - movzx ebx,byte ptr [rsi+0000011C]
// ---------- DONE INJECTING ----------
nwmain.exe+81F072: 0F B6 96 83 00 00 00 - movzx edx,byte ptr [rsi+00000083]
nwmain.exe+81F079: 48 8B CF - mov rcx,rdi
nwmain.exe+81F07C: E8 AF ED FF FF - call nwmain.exe+81DE30
nwmain.exe+81F081: 3A C3 - cmp al,bl
nwmain.exe+81F083: 0F 87 0D 01 00 00 - ja nwmain.exe+81F196
nwmain.exe+81F089: 0F B6 9E 1C 01 00 00 - movzx ebx,byte ptr [rsi+0000011C]
nwmain.exe+81F090: 0F B6 96 83 00 00 00 - movzx edx,byte ptr [rsi+00000083]
nwmain.exe+81F097: 48 8B CF - mov rcx,rdi
nwmain.exe+81F09A: E8 91 ED FF FF - call nwmain.exe+81DE30
nwmain.exe+81F09F: 2A D8 - sub bl,al
}
62
"EditStats"
0
4 Bytes
EditStats
78
"Edit Exp"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-22
Author : Apocalypticx
This script does edit exp
}
[ENABLE]
aobscanmodule(exp,nwmain.exe,8B 4C 88 28 39 8E B8 00 00 00) // should be unique
alloc(newmem,$1000,exp)
label(code)
label(return)
label(EditExp)
newmem:
push ebx
mov ebx,[EditExp]
mov [rsi+000000B8],ebx
pop ebx
code:
mov ecx,[rax+rcx*4+28]
cmp [rsi+000000B8],ecx
jmp return
EditExp:
dd 0
exp:
jmp newmem
nop
nop
nop
nop
nop
return:
registersymbol(exp)
registersymbol(EditExp)
[DISABLE]
exp:
db 8B 4C 88 28 39 8E B8 00 00 00
unregistersymbol(EditExp)
unregistersymbol(exp)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CNWSCreatureStats::CanLevelUp+179
nwmain.CNWSCreatureStats::CanLevelUp+150: 0F B6 C2 - movzx eax,dl
nwmain.CNWSCreatureStats::CanLevelUp+153: 48 69 C8 88 01 00 00 - imul rcx,rax,00000188
nwmain.CNWSCreatureStats::CanLevelUp+15A: 42 0F B6 84 11 6D 02 00 00 - movzx eax,byte ptr [rcx+r10+0000026D]
nwmain.CNWSCreatureStats::CanLevelUp+163: 0F B6 C0 - movzx eax,al
nwmain.CNWSCreatureStats::CanLevelUp+166: FF C2 - inc edx
nwmain.CNWSCreatureStats::CanLevelUp+168: 03 D8 - add ebx,eax
nwmain.CNWSCreatureStats::CanLevelUp+16A: 41 3B D0 - cmp edx,r8d
nwmain.CNWSCreatureStats::CanLevelUp+16D: 7C D8 - jl nwmain.CNWSCreatureStats::CanLevelUp+147
nwmain.CNWSCreatureStats::CanLevelUp+16F: 48 8B 05 E2 0E DF 00 - mov rax,[nwmain.g_pRules]
nwmain.CNWSCreatureStats::CanLevelUp+176: 0F B6 CB - movzx ecx,bl
// ---------- INJECTING HERE ----------
nwmain.CNWSCreatureStats::CanLevelUp+179: 8B 4C 88 28 - mov ecx,[rax+rcx*4+28]
// ---------- DONE INJECTING ----------
nwmain.CNWSCreatureStats::CanLevelUp+17D: 39 8E B8 00 00 00 - cmp [rsi+000000B8],ecx
nwmain.CNWSCreatureStats::CanLevelUp+183: 72 10 - jb nwmain.CNWSCreatureStats::CanLevelUp+195
nwmain.CNWSCreatureStats::CanLevelUp+185: B8 01 00 00 00 - mov eax,00000001
nwmain.CNWSCreatureStats::CanLevelUp+18A: 48 8B 5C 24 38 - mov rbx,[rsp+38]
nwmain.CNWSCreatureStats::CanLevelUp+18F: 48 83 C4 20 - add rsp,20
nwmain.CNWSCreatureStats::CanLevelUp+193: 5E - pop rsi
nwmain.CNWSCreatureStats::CanLevelUp+194: C3 - ret
nwmain.CNWSCreatureStats::CanLevelUp+195: 48 8B 5C 24 38 - mov rbx,[rsp+38]
nwmain.CNWSCreatureStats::CanLevelUp+19A: 33 C0 - xor eax,eax
nwmain.CNWSCreatureStats::CanLevelUp+19C: 48 83 C4 20 - add rsp,20
}
79
"EditExp"
0
4 Bytes
EditExp
66
"Edit Gold"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-18
Author : Apocalypticx
This script does edit gold
}
[ENABLE]
aobscanmodule(gold,nwmain.exe,39 86 A8 08 00 00) // should be unique
alloc(newmem,$1000,gold)
label(code)
label(return)
label(EditGold)
newmem:
push ebx
mov ebx,[EditGold]
mov [rsi+000008A8],ebx
pop ebx
code:
cmp [rsi+000008A8],eax
jmp return
EditGold:
dd 0
gold:
jmp newmem
nop
return:
registersymbol(gold)
registersymbol(EditGold)
[DISABLE]
gold:
db 39 86 A8 08 00 00
unregistersymbol(EditGold)
unregistersymbol(gold)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.CNWSMessage::TestPlayerUpdateDifferences+4AC
nwmain.CNWSMessage::TestPlayerUpdateDifferences+485: B8 00 04 00 00 - mov eax,00000400
nwmain.CNWSMessage::TestPlayerUpdateDifferences+48A: 66 41 09 04 24 - or [r12],ax
nwmain.CNWSMessage::TestPlayerUpdateDifferences+48F: 48 8B 4C 24 60 - mov rcx,[rsp+60]
nwmain.CNWSMessage::TestPlayerUpdateDifferences+494: 4D 8B C6 - mov r8,r14
nwmain.CNWSMessage::TestPlayerUpdateDifferences+497: 48 8B D6 - mov rdx,rsi
nwmain.CNWSMessage::TestPlayerUpdateDifferences+49A: E8 B1 50 FE FF - call nwmain.CNWSMessage::ComputeLastUpdate_GuiFeats
nwmain.CNWSMessage::TestPlayerUpdateDifferences+49F: 85 C0 - test eax,eax
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4A1: 74 06 - je nwmain.CNWSMessage::TestPlayerUpdateDifferences+4A9
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4A3: 66 41 83 0C 24 04 - or word ptr [r12],04
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4A9: 41 8B 06 - mov eax,[r14]
// ---------- INJECTING HERE ----------
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4AC: 39 86 A8 08 00 00 - cmp [rsi+000008A8],eax
// ---------- DONE INJECTING ----------
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4B2: 75 4E - jne nwmain.CNWSMessage::TestPlayerUpdateDifferences+502
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4B4: 48 8B CE - mov rcx,rsi
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4B7: E8 C4 23 EE FF - call nwmain.CNWSCreature::GetArmorClass
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4BC: 66 41 39 46 04 - cmp [r14+04],ax
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4C1: 75 3F - jne nwmain.CNWSMessage::TestPlayerUpdateDifferences+502
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4C3: 41 0F BF 46 08 - movsx eax,word ptr [r14+08]
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4C8: 3B 86 88 09 00 00 - cmp eax,[rsi+00000988]
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4CE: 75 32 - jne nwmain.CNWSMessage::TestPlayerUpdateDifferences+502
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4D0: 83 BE 84 09 00 00 01 - cmp dword ptr [rsi+00000984],01
nwmain.CNWSMessage::TestPlayerUpdateDifferences+4D7: 74 29 - je nwmain.CNWSMessage::TestPlayerUpdateDifferences+502
}
67
"EditGold"
0
4 Bytes
EditGold
74
"Teleport K=Store L=Tele"
Auto Assembler Script
{ Game : nwmain.exe
Version:
Date : 2024-02-22
Author : Apocalypticx
This script does store and teleport K=Store L=Teleport
}
[ENABLE]
aobscanmodule(storetele,nwmain.exe,F2 0F 10 87 D0 02 00 00 F2) // should be unique
alloc(newmem,$1000,storetele)
label(code)
label(return)
label(keychecker)
label(storexyz)
label(doteleport)
label(PlayerX)
label(PlayerY)
label(PlayerZ)
newmem:
pushfq //save the flags
cmp [rdi+00000238],1 //compare against me
je keychecker //jumnp to keychecking code
popfq //restore the flags
code:
movsd xmm0,[rdi+000002D0] //original instruction
jmp return //jump back to gamecode
keychecker:
popfq //restore the flags
movsd xmm0,[rdi+000002D0] //original instruction
pushfq //save the flags
push rax //push all regsiters affected by GetAsyncKeyState
push rcx
push rdx
push r8
push r9
push r10
push r11
sub rsp,28
mov rcx,4B
call GetAsyncKeyState
add rsp,28
pop r11 //restore all registers affaected by GetAsyncKeyState
pop r10
pop r9
pop r8
pop rdx
pop rcx
test ax,8001
pop rax
jnz storexyz //jump to our store routine
popfq //restore the flags
pushfq //save the flags
push rax //push all regsiters affected by GetAsyncKeyState
push rcx
push rdx
push r8
push r9
push r10
push r11
sub rsp,28
mov rcx,4C
call GetAsyncKeyState
add rsp,28
pop r11 //restore all registers affaected by GetAsyncKeyState
pop r10
pop r9
pop r8
pop rdx
pop rcx
test ax,8001
pop rax
jnz doteleport //jump to our teleport routine
popfq //restore the flags
jmp return //jump back to gamecode
storexyz:
popfq //restore flags
push rbx //save rbx on stack so we can use it
mov rbx,[rdi+000002D0] //move current X into rbx
mov [PlayerX],rbx //mov current X into our address
mov rbx,[rdi+000002D4] //move current Y into rbx
mov [PlayerY],rbx //move current Y into our address
mov rbx,[rdi+000002D8] //mov current Z into rbx
mov [PlayerZ],rbx //mov current Z into our address
pop rbx //restore rbx from the stack
jmp return //jump back to gamecode
doteleport:
popfq //restore flags
push rbx //save rbx on stack so we can use it
mov rbx,[PlayerX] //move current X into rbx
mov [rdi+000002D0],rbx //move current X into Player X position
mov rbx,[PlayerY] //move Current Y into rbx
mov [rdi+000002D4],rbx //move current Y into Player Y position
mov rbx,[PlayerZ] //move current Z into rbx
mov [rdi+000002D8],rbx //move current Z into Player Z position
pop rbx //restore rbx from the stack
jmp return //jump back to gamecode
PlayerX:
dd 0
PlayerY:
dd 0
PlayerZ:
dd 0
storetele:
jmp newmem
nop
nop
nop
return:
registersymbol(storetele)
registersymbol(PlayerX)
registersymbol(PlayerY)
registersymbol(PlayerZ)
[DISABLE]
storetele:
db F2 0F 10 87 D0 02 00 00
unregistersymbol(PlayerX)
unregistersymbol(PlayerY)
unregistersymbol(PlayerZ)
unregistersymbol(storetele)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.exe+737A2A
nwmain.exe+7379EF: 45 0F 57 E4 - xorps xmm12,xmm12
nwmain.exe+7379F3: F3 44 0F 10 35 C4 B9 51 00 - movss xmm14,["nwmain.`InstanceLookup::List<DataPump>::active'::`2'::`dynamic atexit destructor for 's''"+6940]
nwmain.exe+7379FC: 83 BF 08 03 00 00 00 - cmp dword ptr [rdi+00000308],00
nwmain.exe+737A03: 0F 85 67 01 00 00 - jne nwmain.exe+737B70
nwmain.exe+737A09: 45 0F 28 EB - movaps xmm13,xmm11
nwmain.exe+737A0D: 83 BF E8 02 00 00 01 - cmp dword ptr [rdi+000002E8],01
nwmain.exe+737A14: 75 09 - jne nwmain.exe+737A1F
nwmain.exe+737A16: F3 44 0F 10 2D E5 EF 5B 00 - movss xmm13,[nwmain.exe+CF6A04]
nwmain.exe+737A1F: 45 0F 57 D2 - xorps xmm10,xmm10
nwmain.exe+737A23: 48 8B 9F B0 02 00 00 - mov rbx,[rdi+000002B0]
// ---------- INJECTING HERE ----------
nwmain.exe+737A2A: F2 0F 10 87 D0 02 00 00 - movsd xmm0,[rdi+000002D0]
// ---------- DONE INJECTING ----------
nwmain.exe+737A32: F2 0F 11 44 24 48 - movsd [rsp+48],xmm0
nwmain.exe+737A38: 8B 87 D8 02 00 00 - mov eax,[rdi+000002D8]
nwmain.exe+737A3E: 89 44 24 50 - mov [rsp+50],eax
nwmain.exe+737A42: F3 0F 10 54 24 4C - movss xmm2,[rsp+4C]
nwmain.exe+737A48: F3 0F 10 5C 24 48 - movss xmm3,[rsp+48]
nwmain.exe+737A4E: 66 90 - nop 2
nwmain.exe+737A50: F2 0F 10 03 - movsd xmm0,[rbx]
nwmain.exe+737A54: 8B 43 08 - mov eax,[rbx+08]
nwmain.exe+737A57: 89 44 24 78 - mov [rsp+78],eax
nwmain.exe+737A5B: 0F 28 F8 - movaps xmm7,xmm0
}
71
"PlayerY"
0
Float
PlayerY
70
"PlayerX"
0
Float
PlayerX
72
"PlayerZ"
0
Float
PlayerZ
40
"Coordinates Tracker"
Auto Assembler Script
{ Game : Neverwinter Nights: Enhanced Edition v87.8193.35-40 [1a62445c]
Version:
Date : 2024-02-09
Author : Apocalypticx
This script does show coordinates
}
[ENABLE]
aobscanmodule(teleport,nwmain.exe,F2 0F 11 8F D0 02 00 00) // should be unique
alloc(newmem,$1000,teleport)
label(code)
label(return)
label(X)
label(Y)
label(Z)
label(tracker)
newmem:
pushfq
cmp [rdi+00000238],1
je tracker
popfq
code:
movsd [rdi+000002D0],xmm1
jmp return
tracker:
popfq
movsd [rdi+000002D0],xmm1
push rcx
mov rcx,[rdi+000002D0]
mov [X],rcx
mov rcx,[rdi+000002D4]
mov [Y],rcx
mov rcx,[rdi+000002D8]
mov [Z],rcx
pop rcx
jmp return
X:
dd 0
Y:
dd 0
Z:
dd 0
teleport:
jmp newmem
nop
nop
nop
return:
registersymbol(teleport)
registersymbol(X)
registersymbol(Y)
registersymbol(Z)
[DISABLE]
teleport:
db F2 0F 11 8F D0 02 00 00
unregistersymbol(X)
unregistersymbol(Y)
unregistersymbol(Z)
unregistersymbol(teleport)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: nwmain.exe+72C391
nwmain.exe+72C366: F3 0F 59 30 - mulss xmm6,[rax]
nwmain.exe+72C36A: 48 8D 44 24 48 - lea rax,[rsp+48]
nwmain.exe+72C36F: 48 89 44 24 20 - mov [rsp+20],rax
nwmain.exe+72C374: 4C 8D 4C 24 58 - lea r9,[rsp+58]
nwmain.exe+72C379: 4C 8D 44 24 38 - lea r8,[rsp+38]
nwmain.exe+72C37E: 0F 28 CE - movaps xmm1,xmm6
nwmain.exe+72C381: 48 8B CF - mov rcx,rdi
nwmain.exe+72C384: E8 A7 04 00 00 - call nwmain.exe+72C830
nwmain.exe+72C389: 8B F0 - mov esi,eax
nwmain.exe+72C38B: F2 0F 10 4C 24 38 - movsd xmm1,[rsp+38]
// ---------- INJECTING HERE ----------
nwmain.exe+72C391: F2 0F 11 8F D0 02 00 00 - movsd [rdi+000002D0],xmm1
// ---------- DONE INJECTING ----------
nwmain.exe+72C399: 8B 44 24 40 - mov eax,[rsp+40]
nwmain.exe+72C39D: 89 87 D8 02 00 00 - mov [rdi+000002D8],eax
nwmain.exe+72C3A3: F2 0F 11 4C 24 70 - movsd [rsp+70],xmm1
nwmain.exe+72C3A9: 89 44 24 78 - mov [rsp+78],eax
nwmain.exe+72C3AD: 48 8D 54 24 70 - lea rdx,[rsp+70]
nwmain.exe+72C3B2: 48 8B CF - mov rcx,rdi
nwmain.exe+72C3B5: E8 F6 4F FF FF - call nwmain.exe+7213B0
nwmain.exe+72C3BA: F2 0F 10 44 24 48 - movsd xmm0,[rsp+48]
nwmain.exe+72C3C0: F2 0F 11 44 24 70 - movsd [rsp+70],xmm0
nwmain.exe+72C3C6: 8B 44 24 50 - mov eax,[rsp+50]
}
42
"X"
0
Float
X
43
"Y"
0
Float
Y
44
"Z"
0
Float
Z
95
"No description"
Byte
21835A49C1A
Code :cmp eax,[rsi+00000988]
nwmain.exe+44CC58
41
0F
BF
46
08
3B
86
88
09
00
00
75
32
83
BE
84
Code :mov [rdi+00000988],eax
nwmain.exe+363FF5
E8
1B
4A
FC
FF
89
87
88
09
00
00
8B
AF
80
09
00
DMMenu
00494CF1