196
"Infinite Health - numpad 2"
80000008
Auto Assembler Script
//Assassin's Creed 4: Black Flag
//Infinite Health PRO (Sunbeam Recommendation)
//Steve Andrew
[enable]
alloc(OriginalBytes,1024)
aobscan(NewHealthAddress,8a 8e x x x x f6 c1 08 74 x 8b ce)
registersymbol(NewHealthAddress)
registersymbol(OriginalBytes)
OriginalBytes:
readmem(NewHealthAddress,11)
//AC4BFSP.exe+E76008:
NewHealthAddress:
or byte [esi+d4],8
db 90 90 90 90
[disable]
NewHealthAddress:
readmem(OriginalBytes,11)
//mov cl,[esi+xx]
//test cl,08
//je x
unregistersymbol(NewHealthAddress)
unregistersymbol(OriginalBytes)
Toggle Activation
98
0
63
"Unlimited Breath - numpad 2"
80000008
Auto Assembler Script
//Daijobu was here
[ENABLE]
alloc(breath_,256)
label(original)
label(exit)
//------------
label(breath_aob)
registersymbol(breath_aob)
aobscan(aob_breath,8B 41 0C D9 80 80 00 00 00) //"AC4BFSP.exe"+E67553
//------------
breath_:
mov [eax+00000080],(float)1.0
original:
db D9 80 80 00 00 00
//------------
jmp exit
//------------
aob_breath+3: //"AC4BFSP.exe"+E67556
breath_aob:
jmp breath_
db 90
exit:
//------------
[DISABLE]
dealloc(breath_)
breath_aob:
db D9 80 80 00 00 00
//fld dword ptr [eax+00000080]
unregistersymbol(breath_aob)
Toggle Activation
98
0
37
"Stealth - numpad 2"
80000008
Auto Assembler Script
//Assassins Creed 4: Black Flag
//Stealth Mode (Pro Version)
//[Credit To: ColdFusion73]
[enable]
aobscan(StealthPRO,e8 ? ? ? ? 84 c0 75 ? 8b 4d ? 38 81 ? ? ? ? 75)
registersymbol(StealthPRO)
//AC4BFSP.exe+1285e74:
StealthPRO+7:
db eb
[disable]
StealthPRO+7:
db 75
unregistersymbol(StealthPRO)
Toggle Activation
98
0
17
"Camera Manipulation = numpad 1"
80000008
Auto Assembler Script
{
Game : AC4BFSP.exe
Date : 2013-12-05
Author : mgr.inz.Player
}
[ENABLE]
globalalloc(cameraManip,2048)
aobscanmodule(CurrentCameraPreset,AC4BFSP.exe,8B 48 4C 8B 41 08 8B 31) // should be unique
registersymbol(CurrentCameraPreset)
label(cameraPresetPtr)
registersymbol(cameraPresetPtr)
aobscanmodule(normalizedvectorAOB,AC4BFSP.exe,B9 x x x x C7 05 x x x x 00 00 00 00 E8 x x x x 6a 00)
label(normalizedvector)
[normalizedvectorAOB+1]+30:
normalizedvector:
createthread(thread)
label(thread)
label(disableThread)
registersymbol(disableThread)
label(Forward)
label(Backward)
label(StrafeLeft)
label(StrafeRight)
label(minusone)
label(mult)
CurrentCameraPreset:
jmp cameraManip
nop
cameraManip:
mov ecx,[eax+4C] //orig
mov eax,[ecx]
mov [cameraPresetPtr],eax
mov eax,[ecx+08] //orig
jmp CurrentCameraPreset+6
thread:
push #5
call sleep
cmp dword ptr [cameraPresetPtr],00
je thread
push #73 // I forward
call GetAsyncKeyState
test ax,ax
jz @f
call Forward
@@:
push #75 // K backward
call GetAsyncKeyState
test ax,ax
jz @f
call Backward
@@:
push #74 // J StrafeLeft
call GetAsyncKeyState
test ax,ax
jz @f
call StrafeLeft
@@:
push #76 // L StrafeRight
call GetAsyncKeyState
test ax,ax
jz @f
call StrafeRight
@@:
test byte ptr [disableThread],01
jz thread
ret
Forward:
mov eax,[cameraPresetPtr]
movaps xmm0,[normalizedvector]
mulps xmm0,[mult]
addps xmm0,[eax+10]
movaps [eax+10],xmm0
ret
Backward:
mov eax,[cameraPresetPtr]
movaps xmm0,[eax+10]
movaps xmm1,[normalizedvector]
mulps xmm1,[mult]
subps xmm0,xmm1
movaps [eax+10],xmm0
ret
StrafeLeft:
mov eax,[cameraPresetPtr]
movaps xmm0,[eax+10]
movaps xmm1,[normalizedvector]
mulps xmm1,[mult]
shufps xmm1,xmm1,01
mulss xmm1,[minusone]
addps xmm0,xmm1
movq [eax+10],xmm0
ret
StrafeRight:
mov eax,[cameraPresetPtr]
movaps xmm0,[eax+10]
movq xmm1,[normalizedvector]
mulps xmm1,[mult]
mulss xmm1,[minusone]
shufps xmm1,xmm1,01
addps xmm0,xmm1
movq [eax+10],xmm0
ret
cameraPresetPtr:
dd 0
disableThread:
db 00
minusone:
dd (float)-1
cameraManip+7E0:
mult:
dd (float)0.04
dd (float)0.04
dd (float)0.04
dd (float)0.04
[DISABLE]
CurrentCameraPreset:
db 8B 48 4C 8B 41 08
disableThread:
db 01
unregistersymbol(CurrentCameraPreset)
unregistersymbol(cameraPresetPtr)
unregistersymbol(disableThread)
Toggle Activation
97
0
42
"Toggle Freecam = numpad 3"
80000008
Auto Assembler Script
{
Game : AC4BFSP.exe
Date : 2013-12-05
Author : mgr.inz.Player
}
[ENABLE]
aobscanmodule(CameraPositionUpdate,AC4BFSP.exe,0F 29 46 10 0F 28 47 20 0F 29 46 20 D9 87 C8) // should be unique
registersymbol(CameraPositionUpdate)
CameraPositionUpdate:
db 90 90 90 90
[DISABLE]
CameraPositionUpdate:
db 0F 29 46 10
unregistersymbol(CameraPositionUpdate)
Toggle Activation
99
0
43
"Controls: I J K L"
80000008
1
293
"FOV"
80000008
Float
cameraPresetPtr
30
Decrease Value
189
0.05
0
Increase Value
187
0.05
1
Set Value
8
.76
2
44
"OTHER"
80000008
1
19
"CamX"
80000008
Float
cameraPresetPtr
10
Increase Value
102
0.4
0
Decrease Value
100
0.4
1
Increase Value
17
102
2
2
Decrease Value
17
100
2
3
20
"CamY"
80000008
Float
cameraPresetPtr
14
Increase Value
104
0.4
0
Decrease Value
98
0.4
1
21
"CamZ"
80000008
Float
cameraPresetPtr
18
Increase Value
105
0.4
0
Decrease Value
99
0.4
1
Decrease Value
85
.2
2
Increase Value
79
.2
3
Increase Value
17
79
2
4
Decrease Value
17
85
2
5
198
"ToggleHud - numpad 5"
80000008
Auto Assembler Script
[enable]
alloc(KeyHandlerThread,4096)
aobscan(PointerAndCallFinder,55 8b ec 8b 45 08 83 f8 01 74 x 83 F8 02 75 x 8b 0d)
aobscan(PointerAndCallFinder2,55 8b ec 56 57 8b 7d 08 57 8b F1 e8 x x x x 84 c0 74 x 8b 4e)
aobscan(PointerAndCallFinder3,55 8b ec 80 7d 08 00 53 56 8b f1 8b 9e d8 x x x 8b 0d)
registersymbol(KeyHandlerThread)
CreateThread(KeyHandlerThread)
label(KeyHandlerOff)
registersymbol(KeyHandlerOff)
label(ExitKeyHandler)
label(ToggleHUD)
label(ToggleHUD_exit)
label(bHUD)
registersymbol(bHUD)
label(IncreaseWantedLevel)
label(IncreaseWantedLevel_exit)
label(DecreaseWantedLevel)
label(DecreaseWantedLevel_exit)
label(ToggleHudECXValue)
label(ToggleHudOnCall)
label(ToggleHudOffCall)
label(WantedLevelECXValue)
label(IncreaseWantedLevelCall)
label(DecreaseWantedLevelCall)
label(SkipInitialization)
label(ReconstructCallOrJump)
KeyHandlerThread+500:
KeyHandlerOff:
dd 0
bHUD:
dd 0
ToggleHudECXValue:
dd 0
ToggleHudOnCall:
dd 0
ToggleHudOffCall:
dd 0
WantedLevelECXValue:
dd 0
IncreaseWantedLevelCall:
dd 0
DecreaseWantedLevelCall:
dd 0
KeyHandlerThread:
push 0a
call kernel32.Sleep
cmp [ToggleHudECXValue],0
jne SkipInitialization
mov eax,PointerAndCallFinder
mov ecx,[eax+12] //Toggle Hud ECX Ptr Value (needs to be in ECX)
mov [ToggleHudECXValue],ecx
add eax,25
push eax
call ReconstructCallOrJump
mov [ToggleHudOnCall],eax
add eax,10
mov [ToggleHudOffCall],eax
mov eax,PointerAndCallFinder2
mov [IncreaseWantedLevelCall],eax
add eax,40
mov [DecreaseWantedLevelCall],eax
mov eax,PointerAndCallFinder3
mov eax,[eax+13]
mov [WantedLevelECXValue],eax
SkipInitialization:
cmp [KeyHandlerOff],1
je ExitKeyHandler
push 65 //VK_NUMPAD5
call GetAsyncKeyState
test ax,ax
jne ToggleHUD
jmp KeyHandlerThread
ReconstructCallOrJump: //void RCJ(void *AddressOfCallOrJump){};
mov eax,[esp+4]
add eax,[eax+1]
add eax,5
ret 4
ToggleHUD:
mov ecx,[ToggleHudECXValue]
test ecx,ecx
je ToggleHUD_exit
mov ecx,[ecx]
xor [bHUD],1
cmp [bHUD],0
je @f
push 0E
call dword [ToggleHudOnCall]
jmp ToggleHUD_exit
@@:
push 0E
call dword [ToggleHudOffCall]
ToggleHUD_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
IncreaseWantedLevel:
mov ecx,[WantedLevelECXValue]
test ecx,ecx
je IncreaseWantedLevel_exit
mov ecx,[ecx]
push 1
call dword [IncreaseWantedLevelCall]
IncreaseWantedLevel_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
DecreaseWantedLevel:
mov ecx,[WantedLevelECXValue]
test ecx,ecx
je DecreaseWantedLevel_exit
mov ecx,[ecx]
push 1
call dword [DecreaseWantedLevelCall]
DecreaseWantedLevel_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
ExitKeyHandler:
ret
[disable]
KeyHandlerOff:
dd 1
unregistersymbol(bHUD)
unregistersymbol(KeyHandlerOff)
unregistersymbol(KeyHandlerThread)
Activate
97
0
Deactivate
18
97
1
291
"Time of Day - numpad 6"
80000008
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
label(pTimeOfDay)
registersymbol(pTimeOfDay)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov [pTimeOfDay],eax
jmp exit
originalcode:
movss [eax],xmm0
mov eax,[esi+000000B4]
exit:
jmp returnhere
///
pTimeOfDay:
dd 0
///
"AC4BFSP.exe"+BABBE:
jmp newmem
nop
nop
nop
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AC4BFSP.exe"+BABBE:
movss [eax],xmm0
mov eax,[esi+000000B4]
unregistersymbol(pTimeOfDay)
Activate
102
0
Deactivate
18
102
1
Deactivate
27
2
Deactivate
9
3
292
"Time of Day"
80000008
Float
pTimeOfDay
0
Increase Value
221
.25
0
Decrease Value
219
.25
1
Increase Value
17
221
.75
2
Decrease Value
17
219
.75
3
135
"Sun Position - numpad 7"
80000008
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
label(pSunPosition)
registersymbol(pSunPosition)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov [pSunPosition],ecx
jmp exit
originalcode:
movss [ecx+30],xmm0
exit:
jmp returnhere
///
pSunPosition:
dd 0
///
"AC4BFSP.exe"+4CF6B6:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AC4BFSP.exe"+4CF6B6:
movss [ecx+30],xmm0
unregistersymbol(pSunPosition)
Activate
103
0
Deactivate
18
103
1
Deactivate
27
2
Deactivate
9
3
162
"Sun Position"
80000008
Float
pSunPosition
30
Increase Value
18
221
10
2
Decrease Value
18
219
10
3
297
"FOV (-) and (+)"
80000008
Float
cameraPresetPtr
34
Decrease Value
189
0.05
0
Increase Value
187
0.05
1
Set Value
8
.76
2
Code :movss [eax],xmm0
005A59BE
AC4BFSP.exe
1A59BE
00
F3
0F
58
00
F3
0F
11
00
8B
86
B4
00
00
Code :movss [eax],xmm0
004BABBE
AC4BFSP.exe
BABBE
00
F3
0F
58
00
F3
0F
11
00
8B
86
B4
00
00
Code :fstp dword ptr [esi+34]
006AAB95
AC4BFSP.exe
2AAB95
B9
80
3E
85
02
D9
5E
34
E8
63
4C
6A
00
Countdown
04C70000
AmmoAddress
01081D31
pistolsfiredcheckAOB
012E4BE9
pistolammoclipmaxreadAOB
012D0557
pPistols
07CF00C5
InstantCooldowns
0143CDEF
cameraManip
0FE30000
pTimeOfDay
0E0D001A
CurrentCameraPreset
006A2D34
cameraPresetPtr
0FE30115
disableThread
0FE30119
KeyHandlerOff
0FE70500
bHUD
0FE70504