0 "Enable" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-10-29 Author : seneeki This script sets the rest of the scripts up to be used } [enable] aobscanmodule(gbl_usr_mgr,SO6.exe,41 ** ** ** ** ** ** 4d ** ** ** ** ** ** 48 ** ** 8B ** 49 ** 0C ** 48 ** ** 74 ** 48 ** ** 0f ** ** ** ** ** 48) aobscanmodule(on_ent_hit,SO6.exe,41 ** ** ** 89 ** ** C3 CC E9) alloc(gummem,$1000,gbl_usr_mgr+7) alloc(oehmem,$1000,on_ent_hit+4) label(gum_exit ohkil ohkill pl_char opre_exit gum_ret ub_ptr Nina Raymond Laeticia Albaird ubcycle oeh_exit oeh_ret infhp OHK inf_hp) registersymbol(on_ent_hit oeh_ret OHK inf_hp gbl_usr_mgr gum_ret ub_ptr Nina Raymond Laeticia Albaird ubcycle) gummem: mov [ub_ptr+0],r8 gum_ret: readmem(gbl_usr_mgr+7,7) jmp gum_exit ub_ptr: dq 0 align 8,c3 Raymond: dq 0 align 8,c3 Nina: dq 0 align 8,c3 Laeticia: dq 0 align 8,c3 Albaird: dq 0 align 8,c3 ubcycle: dq 0 align 8,c3 OHK: dw 0 align 1,c3 inf_hp: dw 0 align 1,c3 gbl_usr_mgr+7: jmp gummem nop 2 gum_exit: oehmem: cmp [Raymond],rcx jne @f jmp pl_char @@: cmp [Laeticia],rcx jne @f jmp pl_char @@: cmp [Albaird],rcx je pl_char jmp ohkill ohkil: mov [rcx+10],0 jmp opre_exit infhp: mov [rcx+10],r9d jmp opre_exit ohkill: cmp byte ptr [OHK],1 jne oeh_ret jmp ohkil pl_char: cmp byte ptr [inf_hp+0],1 je infhp oeh_ret: readmem(on_ent_hit+4,5) readmem(on_ent_hit+9,2) jmp oeh_exit on_ent_hit+4: jmp oehmem opre_exit: db c3 cc oeh_exit: [disable] gbl_usr_mgr+7: readmem(gum_ret,7) on_ent_hit+4: readmem(oeh_ret,7) unregistersymbol(*) dealloc(*) 1 "Enable" Auto Assembler Script {$lua} if syntaxcheck then return end [enable] function regSym(alMem,sym) alMem = allocateMemory(0x8) registerSymbol(sym,alMem) end function unregSym(alMem,sym) deAlloc(alMem) unregisterSymbol(sym) alMem = nil end char = {'Raymond','Laeticia','Albaird','Nina'} function setChar() if readInteger('[ub_ptr]') ~= nil then local ub = readPointer('[ub_ptr]+1790') writePointer('ubcycle',ub) ub =readPointer('[ubcycle]+8') writePointer('Raymond',ub+0x20) ub =readPointer('[ubcycle]+20') writePointer('Laeticia',ub+0x20) ub =readPointer('[ubcycle]+48') writePointer('Nina',ub+0x20) ub =readPointer('[ubcycle]+90') writePointer('Albaird',ub+0x20) end end pt_tmr = createTimer() pt_tmr.setInterval(2000) pt_tmr.onTimer = setChar [disable] pt_tmr.destroy() 2 "Lua Skeleton" Auto Assembler Script {$lua} if syntaxcheck then return end [enable] [disable] 10 "Pointers" 1 16 "Party" 1 4 "Raymond" 0 1

Raymond

0 5 "Health" 0 4 Bytes

+10

17 "Exp" 0 4 Bytes

+1e0

27 "Level" 0 4 Bytes

+c

30 "AP" 0 Float

+18

114 "AP" 0 Float

+1c

8 "Laeticia" 0 1

Laeticia

0 9 "Health" 0 4 Bytes

+10

19 "Exp" 0 4 Bytes

+1e0

29 "Level" 0 4 Bytes

+c

32 "AP" 0 Float

+1c

116 "Nina" 0 1

Nina

0 117 "Health" 0 4 Bytes

+10

118 "Exp" 0 4 Bytes

+1e0

119 "Level" 0 4 Bytes

+c

120 "AP" 0 Float

+18

121 "AP" 0 Float

+1c

6 "Albaird" 0 1

Albaird

0 7 "Health" 0 4 Bytes

+10

18 "Exp" 0 4 Bytes

+1e0

28 "Level" 0 4 Bytes

+c

33 "AP" 0 Float

+1c

13 "Scripts" 1 14 "Infinite Health" Auto Assembler Script [enable] inf_hp: db 1 [disable] inf_hp: db 0 24 "Exp Scripts" 1 23 "Instant Level on kill" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-10-29 Author : seneeki This script does blah blah blah } [ENABLE] aobscanmodule(exp_on_battle,SO6.exe,3B DD 73 22 45 84 E4) // should be unique alloc(eobmem,$1000,exp_on_battle) label(eob_exit) registersymbol(exp_on_battle) eobmem: cmp ebx,ebp jae SO6.exe+24E6DF test r12b,r12b mov ebx,ebp jmp eob_exit exp_on_battle: jmp eobmem nop 2 eob_exit: [DISABLE] exp_on_battle: db 3B DD 73 22 45 84 E4 unregistersymbol(*) dealloc(*) { // ORIGINAL CODE - INJECTION POINT: SO6.exe+24E6B9 SO6.exe+24E690: 44 88 64 24 70 - mov [rsp+70],r12b SO6.exe+24E695: E8 C2 3D E6 FF - call SO6.exe+B245C SO6.exe+24E69A: 44 8D 6E 08 - lea r13d,[rsi+08] SO6.exe+24E69E: 48 8B C8 - mov rcx,rax SO6.exe+24E6A1: 41 8B D5 - mov edx,r13d SO6.exe+24E6A4: E8 73 59 54 00 - call SO6.LZ4_versionString+8FBC SO6.exe+24E6A9: 41 8D 4F FF - lea ecx,[r15-01] SO6.exe+24E6AD: 8B 6C 88 04 - mov ebp,[rax+rcx*4+04] SO6.exe+24E6B1: 85 ED - test ebp,ebp SO6.exe+24E6B3: 0F 84 96 64 7A 00 - je SO6.exe+9F4B4F // ---------- INJECTING HERE ---------- SO6.exe+24E6B9: 3B DD - cmp ebx,ebp // ---------- DONE INJECTING ---------- exp_on_battle: 73 22 - jae SO6.exe+24E6DF SO6.exe+24E6BD: 45 84 E4 - test r12b,r12b SO6.exe+24E6C0: 75 4B - jne SO6.exe+24E70D SO6.exe+24E6C2: 89 9F F8 01 00 00 - mov [rdi+000001F8],ebx SO6.exe+24E6C8: 48 8B 5C 24 68 - mov rbx,[rsp+68] SO6.exe+24E6CD: 8B C6 - mov eax,esi SO6.exe+24E6CF: 48 83 C4 20 - add rsp,20 SO6.exe+24E6D3: 41 5F - pop r15 SO6.exe+24E6D5: 41 5E - pop r14 SO6.exe+24E6D7: 41 5D - pop r13 } 25 "Exp Multiplier" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-10-29 Author : seneeki This script does blah blah blah } [ENABLE] aobscanmodule(exp_gain_kill,SO6.exe,75 4b 89 9F F8 01 00 00 48 8b) // should be unique alloc(egkmem,$1000,exp_gain_kill+2) label(egk_exit exp_multi) registersymbol(exp_gain_kill exp_multi) egkmem: {$luacode tmp=EBX} writeInteger('[Raymond]+1e0',tmp) writeInteger('[Laeticia]+1e0',tmp) writeInteger('[Albaird]+1e0',tmp) {$asm} imul ebx,[exp_multi] mov [rdi+000001F8],ebx jmp egk_exit exp_multi: dw 1 align 2,c3 exp_gain_kill+2: jmp egkmem nop egk_exit: [DISABLE] exp_gain_kill+2: db 89 9F F8 01 00 00 unregistersymbol(*) dealloc(*) { // ORIGINAL CODE - INJECTION POINT: SO6.exe+24E71B SO6.exe+24E6F7: E8 20 59 54 00 - call SO6.LZ4_versionString+8FBC SO6.exe+24E6FC: 41 8D 4F FF - lea ecx,[r15-01] SO6.exe+24E700: 8B 6C 88 04 - mov ebp,[rax+rcx*4+04] SO6.exe+24E704: 85 ED - test ebp,ebp SO6.exe+24E706: 75 B1 - jne SO6.exe+24E6B9 SO6.exe+24E708: E9 3D 64 7A 00 - jmp SO6.exe+9F4B4A SO6.exe+24E70D: 41 B0 01 - mov r8b,01 SO6.exe+24E710: 41 8B D7 - mov edx,r15d SO6.exe+24E713: 48 8B CF - mov rcx,rdi SO6.exe+24E716: E8 69 21 F0 FF - call SO6.exe+150884 // ---------- INJECTING HERE ---------- SO6.exe+24E71B: 89 9F F8 01 00 00 - mov [rdi+000001F8],ebx // ---------- DONE INJECTING ---------- SO6.exe+24E721: 89 AF FC 01 00 00 - mov [rdi+000001FC],ebp SO6.exe+24E727: EB 9F - jmp SO6.exe+24E6C8 SO6.exe+24E729: CC - int 3 SO6.exe+24E72A: CC - int 3 SO6.exe+24E72B: CC - int 3 SO6.exe+24E72C: E9 0A A4 A5 04 - jmp SO6.exe+4CA8B3B SO6.exe+24E731: 91 - xchg eax,ecx SO6.exe+24E732: 5A - pop rdx SO6.exe+24E733: E9 8C E6 05 00 - jmp SO6.exe+2ACDC4 SO6.exe+24E738: B9 0F 86 FD C1 - mov ecx,C1FD860F } 26 "Multiplication Factor" 1:Normal Rate 2:Double Rate 3:Triple Rate 5:Fast Levelling 10:Faster Levelling 20:Very Fast Levelling 50:Extreme Powerlevelling 100:Ludicrous Powerlevelling 0 2 Bytes

exp_multi

15 "One Hit Kills" Auto Assembler Script [enable] OHK: db 1 [disable] OHK: db 0 22 "Ignore Fol Requirement (shop, inn)" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-10-29 Author : seneeki This script iugnores Fol requirements when making a purchase } [ENABLE] aobscanmodule(free_shop_items,SO6.exe,0F 85 90 00 00 00 48 8B 46) aobscanmodule(free_inn_stays,SO6.exe,79 2F 48 8B 0D 70 B4 20 F1) alloc(fismem,$1000,free_inn_stays) alloc(fsimem,$1000,free_shop_items) label(fsi_exit fsi_ret fis_exit fis_ret) registersymbol(free_shop_items fsi_ret free_inn_stays fis_ret) fsimem: jmp SO6.exe+CFC004 jmp fsi_exit fsi_ret: readmem(free_shop_items,6) jmp fsi_exit free_shop_items: jmp fsimem nop fsi_exit: fismem: jmp SO6.exe+11278910 fis_ret: readmem(free_inn_stays+2,7) jmp fis_exit free_inn_stays: jmp fismem nop 4 fis_exit: [DISABLE] free_shop_items: readmem(fsi_ret,6) free_inn_stays: db 79 2f readmem(fis_ret,7) unregistersymbol(*) dealloc(*) 115 "Unlimited AP and VA" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-11-03 Author : seneeki This script does blah blah blah } [ENABLE] aobscanmodule(bg_ap_remove,SO6.exe,F0 F3 0F 11 73 1C) // should be unique alloc(bgarmem,$1000,bg_ap_remove) label(bgar_exit) registersymbol(bg_ap_remove) bgarmem: movss xmm6,[rbx+18] movss [rbx+1C],xmm6 jmp bgar_exit bg_ap_remove+01: jmp bgarmem bgar_exit: [DISABLE] bg_ap_remove+01: db F3 0F 11 73 1C unregistersymbol(*) dealloc(*) { // ORIGINAL CODE - INJECTION POINT: SO6.exe+3E1FE46 SO6.exe+3E1FE22: 48 8D 3D 50 69 9E 0B - lea rdi,[SO6.exe+F806779] SO6.exe+3E1FE29: 80 27 8B - and byte ptr [rdi],-75 SO6.exe+3E1FE2C: 84 C0 - test al,al SO6.exe+3E1FE2E: 75 1B - jne SO6.exe+3E1FE4B SO6.exe+3E1FE30: F3 0F 10 43 1C - movss xmm0,[rbx+1C] SO6.exe+3E1FE35: F3 0F 5C C7 - subss xmm0,xmm7 SO6.exe+3E1FE39: 0F 2F F0 - comiss xmm6,xmm0 SO6.exe+3E1FE3C: 77 08 - ja SO6.exe+3E1FE46 SO6.exe+3E1FE3E: F3 0F 5D 43 18 - minss xmm0,[rbx+18] SO6.exe+3E1FE43: 0F 28 F0 - movaps xmm6,xmm0 // ---------- INJECTING HERE ---------- SO6.exe+3E1FE46: F3 0F 11 73 1C - movss [rbx+1C],xmm6 // ---------- DONE INJECTING ---------- SO6.exe+3E1FE4B: 48 8B 5C 24 50 - mov rbx,[rsp+50] SO6.exe+3E1FE50: 0F 28 74 24 30 - movaps xmm6,[rsp+30] SO6.exe+3E1FE55: 0F 28 7C 24 20 - movaps xmm7,[rsp+20] SO6.exe+3E1FE5A: 48 83 C4 40 - add rsp,40 SO6.exe+3E1FE5E: 5F - pop rdi SO6.exe+3E1FE5F: C3 - ret SO6.exe+3E1FE60: CC - int 3 SO6.exe+3E1FE61: 00 00 - add [rax],al SO6.exe+3E1FE63: 00 00 - add [rax],al SO6.exe+3E1FE65: 00 00 - add [rax],al } 38 "Inventory Editor" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-10-29 Author : seneeki This script does blah blah blah } [ENABLE] aobscanmodule(inv_on_hover,SO6.exe,8B 43 30 48 8B 5C 24 60) // should be unique alloc(iohmem,$1000,inv_on_hover) label(ioh_exit ioh_ret inv_base inv_off) registersymbol(inv_on_hover ioh_ret inv_base inv_off) iohmem: mov [inv_base+0],rbx mov [inv_off+0],30 ioh_ret: readmem(inv_on_hover,8) jmp ioh_exit inv_base: dq 0 align 8,c3 inv_off: dq 0 align 8,c3 inv_on_hover: jmp iohmem nop 3 ioh_exit: [DISABLE] inv_on_hover: readmem(ioh_ret,8) unregistersymbol(*) dealloc(*) { // ORIGINAL CODE - INJECTION POINT: SO6.exe+259F1B SO6.exe+259EF6: 80 7B 4C 00 - cmp byte ptr [rbx+4C],00 SO6.exe+259EFA: 75 E4 - jne SO6.exe+259EE0 SO6.exe+259EFC: 40 F6 C6 02 - test sil,02 SO6.exe+259F00: 0F 85 B4 E0 79 00 - jne SO6.exe+9F7FBA SO6.exe+259F06: 48 85 ED - test rbp,rbp SO6.exe+259F09: 0F 85 BA E0 79 00 - jne SO6.exe+9F7FC9 SO6.exe+259F0F: 48 8B CB - mov rcx,rbx SO6.exe+259F12: E8 BD CE 23 00 - call SO6.exe+496DD4 SO6.exe+259F17: 84 C0 - test al,al SO6.exe+259F19: 74 56 - je SO6.exe+259F71 // ---------- INJECTING HERE ---------- SO6.exe+259F1B: 8B 43 30 - mov eax,[rbx+30] // ---------- DONE INJECTING ---------- SO6.exe+259F1E: 48 8B 5C 24 60 - mov rbx,[rsp+60] SO6.exe+259F23: 48 83 C4 20 - add rsp,20 SO6.exe+259F27: 41 5F - pop r15 SO6.exe+259F29: 41 5E - pop r14 SO6.exe+259F2B: 5F - pop rdi SO6.exe+259F2C: 5E - pop rsi SO6.exe+259F2D: 5D - pop rbp SO6.exe+259F2E: C3 - ret SO6.exe+259F2F: 8B C7 - mov eax,edi SO6.exe+259F31: EB EB - jmp SO6.exe+259F1E } 35 "Highllighted Item" 0 Binary 0 1 0

inv_base

0 36 "Item Amount" 0 4 Bytes

+[inv_off]

110 "Hits multiplier" Auto Assembler Script { Game : SO6.exe Version: Date : 2022-11-03 Author : seneeki This script does blah blah blah } [ENABLE] aobscanmodule(bg_hit_count,SO6.exe,0F 4F D8 89 9F 54 14 00 00) // should be unique alloc(bhcmem,$1000,bg_hit_count) label(bhc_exit bhc_mul temp) registersymbol(bg_hit_count bhc_mul temp) bhcmem: mov [temp+0],rdi cmovg ebx,eax push ebx imul ebx,[bhc_mul+0] mov [rdi+00001454],ebx pop ebx jmp bhc_exit bhc_mul: dd 1 align 4,c3 temp: dq 0 align 8,c3 bg_hit_count: jmp bhcmem nop 4 bhc_exit: registersymbol(bg_hit_count) [DISABLE] bg_hit_count: db 0F 4F D8 89 9F 54 14 00 00 unregistersymbol(*) dealloc(*) { // ORIGINAL CODE - INJECTION POINT: SO6.exe+7177A5A SO6.exe+7177A3A: 89 D3 - mov ebx,edx SO6.exe+7177A3C: 48 89 CF - mov rdi,rcx SO6.exe+7177A3F: E8 D4 A3 FF F8 - call SO6.exe+171E18 SO6.exe+7177A44: BA 80 02 00 00 - mov edx,00000280 SO6.exe+7177A49: 48 89 C1 - mov rcx,rax SO6.exe+7177A4C: E8 83 FB FF F8 - call SO6.exe+1775D4 SO6.exe+7177A51: 31 C9 - xor ecx,ecx SO6.exe+7177A53: 85 DB - test ebx,ebx SO6.exe+7177A55: 0F 4E D9 - cmovle ebx,ecx SO6.exe+7177A58: 39 C3 - cmp ebx,eax // ---------- INJECTING HERE ---------- SO6.exe+7177A5A: 0F 4F D8 - cmovg ebx,eax // ---------- DONE INJECTING ---------- SO6.exe+7177A5D: 89 9F 54 14 00 00 - mov [rdi+00001454],ebx SO6.exe+7177A63: 85 DB - test ebx,ebx SO6.exe+7177A65: 7E 06 - jle SO6.exe+7177A6D SO6.exe+7177A67: 89 8F 58 14 00 00 - mov [rdi+00001458],ecx SO6.exe+7177A6D: 48 8B 5C 24 30 - mov rbx,[rsp+30] SO6.exe+7177A72: 48 83 C4 20 - add rsp,20 SO6.exe+7177A76: 5F - pop rdi SO6.exe+7177A77: C3 - ret SO6.exe+7177A78: CC - int 3 SO6.exe+7177A79: 0F 1F 80 00 00 00 00 - nop dword ptr [rax+00000000] } 111 "Exponential" 0 4 Bytes

bhc_mul

this table belongs to https://opencheattables.com https://opencheattables.com/viewtopic.php?t=480