12344
"Pause Camera AOB [Page Down]"
80000008
Auto Assembler Script
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(exit)
aobscan(aobCamera, 00 0F 28 46 10 0F 29 45 C0)
label(_aobCamera)
registersymbol(aobCamera)
registersymbol(_aobCamera)
//aobCamera:
//_aobCamera:
newmem:
// x-axis address
mov [_aobCamera],esi
movaps xmm0,[esi+10]
movaps [ebp-40],xmm0
//Original code
//AC4BFSP.ReadData+29BB4B - 0F28 46 10 - movaps xmm0,[esi+10]
//AC4BFSP.ReadData+29BB4F - 0F29 45 C0 - movaps [ebp-40],xmm0
//Oringal AOB - 0F 28 46 10 0F 29 45 C0
jmp exit
exit:
jmp returnhere
// Define variable
_aobCamera:
dd 0
//
aobCamera+01:
jmp newmem
nop
nop
nop
returnhere:
[DISABLE]
dealloc(newmem)
aobCamera+01:
movaps xmm0,[esi+10]
movaps [ebp-40],xmm0
unregistersymbol(aobCamera)
unregistersymbol(_aobCamera)
Toggle Activation
34
0
12345
"X [Numpad 4,6]"
80000008
Float
_aobCamera
10
Decrease Value
100
0.15
0
Increase Value
102
0.15
1
Increase Value
17
102
1
2
Decrease Value
17
100
1
3
Increase Value
18
102
0.01
4
Decrease Value
18
100
0.01
5
12346
"Y [Numpad 2,8]"
80000008
Float
_aobCamera
14
Increase Value
104
0.15
0
Decrease Value
98
0.15
1
Increase Value
17
104
1
2
Decrease Value
17
98
1
3
Increase Value
18
104
0.01
4
Decrease Value
18
98
0.01
5
12347
"Z [Numpad 3,9]"
80000008
Float
_aobCamera
18
Increase Value
105
0.15
0
Decrease Value
99
0.15
1
Increase Value
17
105
1
2
Decrease Value
17
99
1
3
Increase Value
18
105
0.01
4
Decrease Value
18
99
0.01
5
12348
"FOV [KP_Minus, KP_Plus] (default=0.77)"
80000008
Float
_aobCamera
34
Decrease Value
109
0.02
0
Increase Value
107
0.02
1
Set Value
17
109
0.3
2
Set Value
17
107
0.77
3
12349
"Zrot [J,L]"
80000008
Float
_aobCamera
2C
Decrease Value
76
0.01
0
Increase Value
74
0.01
1
Decrease Value
17
76
0.1
2
Increase Value
17
74
0.1
3
Decrease Value
18
76
0.001
4
Increase Value
18
74
0.001
5
12350
"Yrot [I,K]"
80000008
Float
_aobCamera
28
Increase Value
73
0.01
1
Decrease Value
75
0.01
0
Increase Value
17
73
0.1
2
Decrease Value
17
75
0.1
3
Increase Value
18
73
0.001
4
Decrease Value
18
75
0.001
5
12351
"Xrot [O , .]"
80000008
Float
_aobCamera
24
Increase Value
79
0.01
1
Decrease Value
190
0.01
0
Increase Value
17
79
0.1
2
Decrease Value
17
190
0.1
3
Increase Value
18
79
0.001
4
Decrease Value
18
190
0.001
5
12352
"Arot [U , M]"
80000008
Float
_aobCamera
20
Increase Value
85
0.01
1
Decrease Value
77
0.01
0
Increase Value
17
85
0.1
2
Decrease Value
17
77
0.1
3
Increase Value
18
85
0.001
4
Decrease Value
18
77
0.001
5
12353
"Pause script AOB [Del]"
80000008
Auto Assembler Script
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(exit)
aobscan(aobPause, 83 B8 BC 08 00 00 00 7F 45)
label(_aobPause)
registersymbol(aobPause)
registersymbol(_aobPause)
newmem:
mov [_aobPause],eax
cmp dword ptr [eax+000008BC],00
{
AC4BFSP.ReadData+439F0F - 83 B8 BC080000 00 - cmp dword ptr [eax+000008BC],00
AOB - 83 B8 BC 08 00 00 00 7F 45
}
jmp exit
exit:
jmp returnhere
// Define variable
_aobPause:
dd 0
//
aobPause:
jmp newmem
nop
nop
returnhere:
[DISABLE]
dealloc(newmem)
aobPause:
cmp dword ptr [eax+000008BC],00
unregistersymbol(aobPause)
unregistersymbol(_aobPause)
Toggle Activation
46
0
12354
"Pause [P] (1-paused)"
80000008
4 Bytes
_aobPause
8BC
Set Value
80
1
1-paused
0
Set Value
16
80
0
0-unpaused
1
198
"ToggleHud = [numpad 5]"
80000008
Auto Assembler Script
[enable]
alloc(KeyHandlerThread,4096)
aobscan(PointerAndCallFinder,55 8b ec 8b 45 08 83 f8 01 74 x 83 F8 02 75 x 8b 0d)
aobscan(PointerAndCallFinder2,55 8b ec 56 57 8b 7d 08 57 8b F1 e8 x x x x 84 c0 74 x 8b 4e)
aobscan(PointerAndCallFinder3,55 8b ec 80 7d 08 00 53 56 8b f1 8b 9e d8 x x x 8b 0d)
registersymbol(KeyHandlerThread)
CreateThread(KeyHandlerThread)
label(KeyHandlerOff)
registersymbol(KeyHandlerOff)
label(ExitKeyHandler)
label(ToggleHUD)
label(ToggleHUD_exit)
label(bHUD)
registersymbol(bHUD)
label(IncreaseWantedLevel)
label(IncreaseWantedLevel_exit)
label(DecreaseWantedLevel)
label(DecreaseWantedLevel_exit)
label(ToggleHudECXValue)
label(ToggleHudOnCall)
label(ToggleHudOffCall)
label(WantedLevelECXValue)
label(IncreaseWantedLevelCall)
label(DecreaseWantedLevelCall)
label(SkipInitialization)
label(ReconstructCallOrJump)
KeyHandlerThread+500:
KeyHandlerOff:
dd 0
bHUD:
dd 0
ToggleHudECXValue:
dd 0
ToggleHudOnCall:
dd 0
ToggleHudOffCall:
dd 0
WantedLevelECXValue:
dd 0
IncreaseWantedLevelCall:
dd 0
DecreaseWantedLevelCall:
dd 0
KeyHandlerThread:
push 0a
call kernel32.Sleep
cmp [ToggleHudECXValue],0
jne SkipInitialization
mov eax,PointerAndCallFinder
mov ecx,[eax+12] //Toggle Hud ECX Ptr Value (needs to be in ECX)
mov [ToggleHudECXValue],ecx
add eax,25
push eax
call ReconstructCallOrJump
mov [ToggleHudOnCall],eax
add eax,10
mov [ToggleHudOffCall],eax
mov eax,PointerAndCallFinder2
mov [IncreaseWantedLevelCall],eax
add eax,40
mov [DecreaseWantedLevelCall],eax
mov eax,PointerAndCallFinder3
mov eax,[eax+13]
mov [WantedLevelECXValue],eax
SkipInitialization:
cmp [KeyHandlerOff],1
je ExitKeyHandler
push 65 //VK_NUMPAD5
call GetAsyncKeyState
test ax,ax
jne ToggleHUD
jmp KeyHandlerThread
ReconstructCallOrJump: //void RCJ(void *AddressOfCallOrJump){};
mov eax,[esp+4]
add eax,[eax+1]
add eax,5
ret 4
ToggleHUD:
mov ecx,[ToggleHudECXValue]
test ecx,ecx
je ToggleHUD_exit
mov ecx,[ecx]
xor [bHUD],1
cmp [bHUD],0
je @f
push 0E
call dword [ToggleHudOnCall]
jmp ToggleHUD_exit
@@:
push 0E
call dword [ToggleHudOffCall]
ToggleHUD_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
IncreaseWantedLevel:
mov ecx,[WantedLevelECXValue]
test ecx,ecx
je IncreaseWantedLevel_exit
mov ecx,[ecx]
push 1
call dword [IncreaseWantedLevelCall]
IncreaseWantedLevel_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
DecreaseWantedLevel:
mov ecx,[WantedLevelECXValue]
test ecx,ecx
je DecreaseWantedLevel_exit
mov ecx,[ecx]
push 1
call dword [DecreaseWantedLevelCall]
DecreaseWantedLevel_exit:
push C8
call kernel32.Sleep
jmp KeyHandlerThread
ExitKeyHandler:
ret
[disable]
KeyHandlerOff:
dd 1
unregistersymbol(bHUD)
unregistersymbol(KeyHandlerOff)
unregistersymbol(KeyHandlerThread)
Activate
97
0
Deactivate
18
97
1
12221
"====================================="
80000008
1
196
"Infinite Health = [numpad 1]"
80000008
Auto Assembler Script
//Assassin's Creed 4: Black Flag
//Infinite Health PRO (Sunbeam Recommendation)
//Steve Andrew
[enable]
alloc(OriginalBytes,1024)
aobscan(NewHealthAddress,8a 8e x x x x f6 c1 08 74 x 8b ce)
registersymbol(NewHealthAddress)
registersymbol(OriginalBytes)
OriginalBytes:
readmem(NewHealthAddress,11)
//AC4BFSP.exe+E76008:
NewHealthAddress:
or byte [esi+d4],8
db 90 90 90 90
[disable]
NewHealthAddress:
readmem(OriginalBytes,11)
//mov cl,[esi+xx]
//test cl,08
//je x
unregistersymbol(NewHealthAddress)
unregistersymbol(OriginalBytes)
Toggle Activation
97
0
63
"Unlimited Breath = [numpad 1]"
80000008
Auto Assembler Script
//Daijobu was here
[ENABLE]
alloc(breath_,256)
label(original)
label(exit)
//------------
label(breath_aob)
registersymbol(breath_aob)
aobscan(aob_breath,8B 41 0C D9 80 80 00 00 00) //"AC4BFSP.exe"+E67553
//------------
breath_:
mov [eax+00000080],(float)1.0
original:
db D9 80 80 00 00 00
//------------
jmp exit
//------------
aob_breath+3: //"AC4BFSP.exe"+E67556
breath_aob:
jmp breath_
db 90
exit:
//------------
[DISABLE]
dealloc(breath_)
breath_aob:
db D9 80 80 00 00 00
//fld dword ptr [eax+00000080]
unregistersymbol(breath_aob)
Toggle Activation
97
0
37
"Stealth = [numpad 1]"
80000008
Auto Assembler Script
//Assassins Creed 4: Black Flag
//Stealth Mode (Pro Version)
//[Credit To: ColdFusion73]
[enable]
aobscan(StealthPRO,e8 ? ? ? ? 84 c0 75 ? 8b 4d ? 38 81 ? ? ? ? 75)
registersymbol(StealthPRO)
//AC4BFSP.exe+1285e74:
StealthPRO+7:
db eb
[disable]
StealthPRO+7:
db 75
unregistersymbol(StealthPRO)
Toggle Activation
97
0
300
"Sun Position"
0000FF
Auto Assembler Script
[ENABLE]
aobscan(sunPosition, F3 0F 11 41 30 5D C2 04 00 CC 55 8B EC F3 0F 10 49 x F3)
label(pSunPosition)
label(_sunPosition)
registersymbol(pSunPosition)
registersymbol(_sunPosition)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [pSunPosition],ecx
jmp exit
originalcode:
movss [ecx+30],xmm0
exit:
jmp returnhere
///
pSunPosition:
dd 0
///
sunPosition:
_sunPosition:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
_sunPosition:
movss [ecx+30],xmm0
unregistersymbol(pSunPosition)
unregistersymbol(_sunPosition)
301
"Sun Position"
0000FF
Float
pSunPosition
30
Increase Value
18
221
10
2
Decrease Value
18
219
10
3
302
"Time of Day script"
004080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscan(timeofdayread1AOB,8B 86 B4000000 83 78 08 00 7F ** 0FB6)
registersymbol(timeofdayread1AOB)
aobscan(timeofdayread2AOB,8B 86 B4000000 83 78 08 00 7F ** 84 C9)
registersymbol(timeofdayread2AOB)
aobscan(timeofdayspeedwriteAOB,D9 9E 40 01 00 00 F3 0F 10 86 40 01 00 00)
registersymbol(timeofdayspeedwriteAOB)
label(pTimeOfDay)
registersymbol(pTimeOfDay)
label(pTimeOfDaySpeed)
registersymbol(pTimeOfDaySpeed)
label(fMySpeed)
registersymbol(fMySpeed)
label(bTimeOfDaySpeedControl)
registersymbol(bTimeOfDaySpeedControl)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(newmem2)
label(returnhere2)
label(originalcode2)
label(exit2)
label(newmem6)
label(returnhere6)
label(originalcode6)
label(exit6)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov eax,[esi+000000B4]
mov [pTimeOfDay],eax
originalcode:
//mov eax,[esi+000000B4]
exit:
jmp returnhere
///
newmem2:
mov eax,[esi+000000B4]
mov [pTimeOfDay],eax
originalcode2:
//mov eax,[esi+000000B4]
exit2:
jmp returnhere2
///
newmem6:
mov [pTimeOfDaySpeed],esi
cmp byte ptr [bTimeOfDaySpeedControl],1
jne originalcode6
fstp dword ptr [esi+00000140]
fld dword ptr [fMySpeed]
originalcode6:
fstp dword ptr [esi+00000140]
exit6:
jmp returnhere6
///
pTimeOfDay:
dd 0
pTimeOfDaySpeed:
dd 0
fMySpeed:
dd (float)0.0
bTimeOfDaySpeedControl:
db 0
///
timeofdayread1AOB: //"AC4BFSP.exe"+1A5896:
jmp newmem
nop
returnhere:
timeofdayread2AOB: //"AC4BFSP.exe"+1A5D49:
jmp newmem2
nop
returnhere2:
timeofdayspeedwriteAOB: //"AC4BFSP.exe"+1A5CEA:
jmp newmem6
nop
returnhere6:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
timeofdayread1AOB: //"AC4BFSP.exe"+1A5896:
db 8B 86 B4 00 00 00
//Alt: mov eax,[esi+000000B4]
unregistersymbol(timeofdayread1AOB)
timeofdayread2AOB: //"AC4BFSP.exe"+1A5D49:
db 8B 86 B4 00 00 00
//Alt: mov eax,[esi+000000B4]
unregistersymbol(timeofdayread2AOB)
timeofdayspeedwriteAOB: //"AC4BFSP.exe"+1A5CEA:
db D9 9E 40 01 00 00
//Alt: fstp dword ptr [esi+00000140]
unregistersymbol(timeofdayspeedwriteAOB)
unregistersymbol(pTimeOfDay)
unregistersymbol(pTimeOfDaySpeed)
unregistersymbol(fMySpeed)
unregistersymbol(bTimeOfDaySpeedControl)
299
"Time of Day"
004080
Float
pTimeOfDay
0
Increase Value
221
.1
0
Decrease Value
219
.1
1
Increase Value
17
221
.5
2
Decrease Value
17
219
.5
3
Toggle Activation
106
4
304
"Speed (Night: 20, Day: 50)"
004080
Float
pTimeOfDaySpeed
140
305
"Speed Control"
004080
Auto Assembler Script
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
bTimeOfDaySpeedControl:
db 1
fMySpeed:
dd (float)0.0
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bTimeOfDaySpeedControl:
db 0
Toggle Activation
106
0
306
"My Speed"
004080
Float
fMySpeed
Set Value
110
96
0
Stop
0
Set Value
110
97
120
Slow
1
Set Value
110
98
50
Normal (Day)
2
Set Value
110
99
10
Fast
3
Set Value
110
100
0.5
Very Fast
4
307
"debug"
C0C0C0
1
15
"[Abstergo Challenge Cheats]"
000000
Auto Assembler Script
[ENABLE]
aobscan( pMenu_AOB,568BF18B0D????????8D86????????50E8????????8B0D????????68????????81C1????????56518D8E????????E8????????C705????????000000005EC3 )
label( pMenu )
registersymbol( pMenu )
[pMenu_AOB+35]:
pMenu:
aobscan( pBase_AOB, 558BEC8B450C85C074??837D080175??80B8F8070000000F94C18888F80700005DC3 )
label( pBase )
registersymbol( pBase )
pBase_AOB:
pBase:
alloc( ContextHook, 1024 )
registersymbol( ContextHook )
label( ContextHook_back )
label( pContext )
registersymbol( pContext )
ContextHook+500:
pContext:
dd 0
ContextHook:
mov [pContext],ecx
push esi
push edi
mov edi,ecx
mov eax,[edi+8]
jmp ContextHook_back
aobscan( dwContextHook_AOB, 56578BF98B47088B48088B71??E8 )
label( dwContextHook )
registersymbol( dwContextHook )
dwContextHook_AOB:
dwContextHook:
push ContextHook
ret
nop
ContextHook_back:
aobscan( DisableDisabler_AOB, B001EBC184C9 )
label( DisableDisabler )
registersymbol( DisableDisabler )
DisableDisabler_AOB:
DisableDisabler:
xor al,al
[DISABLE]
DisableDisabler:
mov al,1
dwContextHook:
push esi
push edi
mov edi,ecx
mov eax,[edi+8]
unregistersymbol( DisableDisabler )
unregistersymbol( dwContextHook )
unregistersymbol( pContext )
unregistersymbol( ContextHook )
unregistersymbol( pBase )
unregistersymbol( pMenu )
13
"[Cheats] (0 - locked; 1 - unlocked)"
80000008
1
14
"[1] Celestial Navigation"
80000008
4 Bytes
pMenu
FC
4
"[2] Arrr Matey!"
80000008
4 Bytes
pMenu
12C
5
"[3] No Quarter"
80000008
4 Bytes
pMenu
15C
6
"[4] Scourge Of The Seven Seas"
80000008
4 Bytes
pMenu
18C
12
"[5] Loaded To The Gunwale"
80000008
4 Bytes
pMenu
1BC
11
"[6] Poseidon's Will"
80000008
4 Bytes
pMenu
1EC
10
"[7] Dead Men Tell No Tales"
80000008
4 Bytes
pMenu
21C
9
"[8] Shiver Me Timbers!"
80000008
4 Bytes
pMenu
24C
8
"[9] Armed To The Teeth"
80000008
4 Bytes
pMenu
27C
7
"[10] Deceased Crew"
80000008
4 Bytes
pMenu
2AC
23
"[Debug]"
C0C0C0
1
294
"JumpLength for Spawned Debug Horse"
80000008
Float
29E77E4
22
"pContext"
1
80000008
4 Bytes
pContext
26
"Player_Index"
80000008
4 Bytes
pContext
9C
C
31
"Player_Health"
80000008
2 Bytes
pContext
FFFFFF68
14
90
1C
E8
C
25
"Player_HealthMax"
80000008
2 Bytes
pContext
FFFFFF6A
14
90
1C
E8
C
27
"Invisibility (0/1)"
80000008
Byte
pContext
28
E8
C
33
"Infinite Breath (XOR(0x10))"
1
80000008
Byte
pContext
FFFFFF6E
14
90
1C
E8
C
34
"God Mode (XOR(0x1))"
1
80000008
Byte
pContext
FFFFFF6E
14
90
1C
E8
C
45
"Naval Invisibility (1/0)"
80000008
Byte
pContext
54C
64
60
8
60
0
1674
8F4
5C
C
295
"Ship God Mode Status (0/1)"
80000008
Byte
pContext
3A5
64
60
8
60
0
1674
8F4
5C
C
296
"Ship God Mode Switch (0/FF)"
1
80000008
Byte
pContext
160
64
60
8
60
0
1674
8F4
5C
C
28
"ConflictPowerValue (0/2/8)"
80000008
4 Bytes
2AADC14
28
908
50
29
"PlayerStructure (not adjusted)"
1
80000008
4 Bytes
2AADC14
0
4
7F8
50
30
"PlayerIndex (value used in PlayerStructure to adjust)"
80000008
4 Bytes
2AC2F44
4
Code :fstp dword ptr [esi+34]
006AAB95
AC4BFSP.exe
2AAB95
B9
80
3E
85
02
D9
5E
34
E8
63
4C
6A
00
Code :movss [ecx+30],xmm0
0089CF06
AC4BFSP.exe
49CF06
F6
C4
44
7B
05
F3
0F
11
41
30
5D
C2
04
00
CC
Code :fstp dword ptr [esi+34]
006A7595
AC4BFSP.exe
2A7595
B9
F0
4D
AD
02
D9
5E
34
E8
33
3D
6C
00
Code :movaps xmm0,[esi+10] - x
006A2CFB
AC4BFSP.exe
2A2CFB
E8
B5
EE
18
00
0F
28
46
10
0F
29
45
C0
0F
Code :movq xmm0,[edi+10]
00525D8F
AC4BFSP.exe
125D8F
E8
31
04
17
00
F3
0F
7E
47
10
66
0F
D6
45
E0
Code :mov byte ptr [AC4BFSP.exe+23E9E64],01 - menu
00876849
AC4BFSP.exe
476849
E3
5B
C2
10
00
C6
05
64
9E
7E
02
01
5F
5E
8B
E5
5D
Code :cmp byte ptr [AC4BFSP.exe+23E9E64],00
008746DD
AC4BFSP.exe
4746DD
8F
6C
21
00
00
80
3D
64
9E
7E
02
00
74
12
C6
05
64
Code :mov byte ptr [AC4BFSP.exe+23E9E64],00
008746E6
AC4BFSP.exe
4746E6
7E
02
00
74
12
C6
05
64
9E
7E
02
00
5F
5E
8B
E5
5D
Code :cmp byte ptr [AC4BFSP.exe+49E5BA6],00 - menu2
005AFD65
AC4BFSP.exe
1AFD65
80
02
00
74
0D
80
3D
A6
5B
DE
04
00
75
04
84
DB
74
Code :mov byte ptr [AC4BFSP.exe+49E5BA6],al
0118BF9F
AC4BFSP.exe
D8BF9F
DE
04
0F
95
C0
A2
A6
5B
DE
04
8B
4E
08
85
C9
Code :cmp byte ptr [edx+eax+00000301],00 - hud?
012B6573
AC4BFSP.exe
EB6573
83
FA
13
74
0A
80
BC
02
01
03
00
00
00
74
24
8B
06
8B
Code :je AC4BFSP.exe+B298E5
00F298DD
AC4BFSP.exe
B298DD
E2
03
C1
E9
02
74
06
F3
AB
85
D2
74
Code :mov byte ptr [ecx+esi],01 - dsiable opcode removes hud
012C04ED
AC4BFSP.exe
EC04ED
83
F9
3F
77
04
C6
04
31
01
8B
4D
08
0F
B7
Code :cmp byte ptr [ecx+eax+00000301],00
012B31B5
AC4BFSP.exe
EB31B5
83
F9
13
74
0A
80
BC
01
01
03
00
00
00
74
08
8B
CE
5E
Change of mov ecx,[ebp+08]
012C04F1
AC4BFSP.exe
EC04F1
04
C6
04
31
01
8B
4D
08
0F
B7
41
1E
42
Change of mov ecx,[ecx+08] disables hud
012C04E5
AC4BFSP.exe
EC04E5
1F
23
C8
74
0C
8B
49
08
83
F9
3F
77
04
Change of mov eax,[ecx+08]
012C04D9
AC4BFSP.exe
EC04D9
41
18
8B
0C
90
8B
41
08
8B
09
C1
F8
1F
Change of mov ecx,[ebx+esi*4]
012C0480
AC4BFSP.exe
EC0480
74
2D
33
F6
90
8B
0C
B3
85
C9
74
09
E8
Change of mov eax,[eax+34]
012C049B
AC4BFSP.exe
EC049B
EB
12
8B
04
B3
8B
40
34
83
F8
3F
77
07
Code :mov eax,[esi+34] - pause (1-paused, 0-unpaused)
00A23E50
AC4BFSP.exe
623E50
F3
0F
11
46
20
8B
46
34
8B
4E
3C
0F
57
Code :mov [esi+34],ecx
00A23E5B
AC4BFSP.exe
623E5B
0F
57
E4
03
C8
89
4E
34
33
C9
89
46
38
Code :cmp [esi+34],ecx
00A23E66
AC4BFSP.exe
623E66
46
38
89
4E
3C
39
4E
34
7E
0A
0F
28
C4
Code :cmp dword ptr [eax+000008BC],00
008410BF
AC4BFSP.exe
4410BF
74
51
8B
46
10
83
B8
BC
08
00
00
00
7F
45
57
33
C9
Code :cmp [eax+000008BC],edx
007B04CA
AC4BFSP.exe
3B04CA
5C
3B
C2
74
09
39
90
BC
08
00
00
0F
9F
C3
38
51
Code :cmp dword ptr [ecx+000008BC],00
008CA322
AC4BFSP.exe
4CA322
D8
0F
29
5D
E0
83
B9
BC
08
00
00
00
8D
B0
E0
07
00
Code :cmp dword ptr [esi+000008BC],00
009127C8
AC4BFSP.exe
5127C8
23
F2
83
E0
01
83
BE
BC
08
00
00
00
7E
06
8B
81
88
Code :cmp dword ptr [eax+34],00
0097FFAB
AC4BFSP.exe
57FFAB
08
00
00
74
06
83
78
34
00
7F
1F
F7
41
20
Code :cmp dword ptr [eax+000008BC],00
0051AB30
AC4BFSP.exe
11AB30
FF
85
C0
74
0B
83
B8
BC
08
00
00
00
0F
9F
45
FF
85
Code :cmp dword ptr [eax+000008BC],00
0087D9CA
AC4BFSP.exe
47D9CA
56
08
8B
42
5C
83
B8
BC
08
00
00
00
7F
1E
80
BE
47
Code :cmp dword ptr [eax+34],00
005AFD46
AC4BFSP.exe
1AFD46
FF
85
C0
74
07
83
78
34
00
0F
9F
C3
80
7D
Code :cmp [ecx+000008BC],eax
004887E2
AC4BFSP.exe
887E2
CC
CC
CC
33
C0
39
81
BC
08
00
00
0F
9E
C0
C3
CC
Code :cmp dword ptr [eax+000008BC],00
006B1CCF
AC4BFSP.exe
2B1CCF
FF
85
C0
74
12
83
B8
BC
08
00
00
00
0F
9E
C0
84
C0
Code :cmp [ecx+000008BC],eax
0045E272
AC4BFSP.exe
5E272
CC
CC
CC
33
C0
39
81
BC
08
00
00
0F
9F
C0
C3
CC
Code :cmp dword ptr [ecx+000008BC],00
005A75D7
AC4BFSP.exe
1A75D7
FF
FF
8B
4F
40
83
B9
BC
08
00
00
00
0F
9F
C2
0F
B6
Code :cmp dword ptr [ebx+000008BC],00
005A40CB
AC4BFSP.exe
1A40CB
C1
F8
1F
23
D8
83
BB
BC
08
00
00
00
7E
25
8B
47
08
Code :cmp dword ptr [eax+000008BC],00
006A6DCF
AC4BFSP.exe
2A6DCF
FF
85
C0
74
12
83
B8
BC
08
00
00
00
0F
9E
C0
84
C0
Code :cmp [edi+000008BC],ebx
007D66C8
AC4BFSP.exe
3D66C8
85
5B
01
00
00
39
9F
BC
08
00
00
0F
8F
4F
01
00
Code :cmp dword ptr [eax+000008BC],00
008746D0
AC4BFSP.exe
4746D0
84
79
21
00
00
83
B8
BC
08
00
00
00
0F
8F
6C
21
00
Code :cmp dword ptr [ecx+000008BC],00
012CBE2C
AC4BFSP.exe
ECBE2C
74
1D
8B
48
5C
83
B9
BC
08
00
00
00
7F
11
8B
0D
5C
Countdown
04C70000
AmmoAddress
01081D31
pistolsfiredcheckAOB
012E4BE9
pistolammoclipmaxreadAOB
012D0557
pPistols
07CF00C5
InstantCooldowns
0143CDEF
cameraManip
0D0E0000
_timeOfDay
005A697E
NewHealthAddress
0199E008
breath_aob
019900A6
StealthPRO
0102EFAD
KeyHandlerOff
1EFE0500
bHUD
1EFE0504
aobCamera
006A2CFA
_aobCamera
12440018
aobPause
008410BF
_aobPause
12450017