<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="42">
<CheatEntries>
<CheatEntry>
<ID>1199950548</ID>
<Description>"范围"</Description>
<Options moHideChildren="1"/>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>1199950542</ID>
<Description>"范围HOOK1"</Description>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : crossfire.exe
Version:
Date : 2025-07-17
Author : Administrator
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(INJECT,crossfire.exe,F3 0F 11 44 24 2C 48 8D 4C) // should be unique
alloc(newmem,$1000,INJECT)
label(code)
label(return)
newmem:
mov eax,[crossfire.exe+4F8]
cmp [rcx+0000019C],eax//更新要改
jne code
movss xmm0,[crossfire.exe+500]
mulss xmm0,[crossfire.exe+500]
code:
movss [rsp+2C],xmm0
jmp return
INJECT:
jmp newmem
nop
return:
registersymbol(newmem)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 44 24 2C
unregistersymbol(newmem)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: crossfire.exe+25FC61
crossfire.exe+25FC2D: E8 DE 3C DF FF - call crossfire.WebView::CFWebViewCallback::RequestResource+D670
crossfire.exe+25FC32: 48 8B 4C 24 30 - mov rcx,[rsp+30]
crossfire.exe+25FC37: 4C 8B C1 - mov r8,rcx
crossfire.exe+25FC3A: 48 8D 54 24 38 - lea rdx,[rsp+38]
crossfire.exe+25FC3F: 48 8B C8 - mov rcx,rax
crossfire.exe+25FC42: E8 89 3C DF FF - call crossfire.WebView::CFWebViewCallback::RequestResource+D630
crossfire.exe+25FC47: 48 8B 44 24 70 - mov rax,[rsp+70]
crossfire.exe+25FC4C: 48 8B 4C 24 70 - mov rcx,[rsp+70]
crossfire.exe+25FC51: F3 0F 10 80 70 01 00 00 - movss xmm0,[rax+00000170]
crossfire.exe+25FC59: F3 0F 59 81 70 01 00 00 - mulss xmm0,[rcx+00000170]
// ---------- INJECTING HERE ----------
crossfire.exe+25FC61: F3 0F 11 44 24 2C - movss [rsp+2C],xmm0
// ---------- DONE INJECTING ----------
crossfire.exe+25FC67: 48 8D 4C 24 38 - lea rcx,[rsp+38]
crossfire.exe+25FC6C: E8 5F 3E DF FF - call crossfire.WebView::CFWebViewCallback::RequestResource+D830
crossfire.exe+25FC71: F3 0F 10 4C 24 2C - movss xmm1,[rsp+2C]
crossfire.exe+25FC77: 0F 2F C8 - comiss xmm1,xmm0
crossfire.exe+25FC7A: 76 0A - jna crossfire.exe+25FC86
crossfire.exe+25FC7C: C7 44 24 28 01 00 00 00 - mov [rsp+28],00000001
crossfire.exe+25FC84: EB 08 - jmp crossfire.exe+25FC8E
crossfire.exe+25FC86: C7 44 24 28 00 00 00 00 - mov [rsp+28],00000000
crossfire.exe+25FC8E: 8A 44 24 28 - mov al,[rsp+28]
crossfire.exe+25FC92: 48 83 C4 68 - add rsp,68
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>1199950544</ID>
<Description>"范围HOOK2"</Description>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : crossfire.exe
Version:
Date : 2025-07-17
Author : Administrator
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(INJECT,crossfire.exe,F3 0F 11 52 08 F3 0F 11 4A 0C F3 0F 11 42 10 F3 0F 10 92 9C 01 00) // 后面四位偏移
alloc(newmem1,$1000,INJECT)
label(code)
label(return)
newmem1:
mov eax,[crossfire.exe+4F8]
cmp [rdx+0000019C],eax//更新要改
jne code
subss xmm2,[crossfire.exe+500]
subss xmm1,[crossfire.exe+500]
subss xmm0,[crossfire.exe+500]
code:
movss [rdx+08],xmm2
jmp return
INJECT:
jmp newmem1
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 52 08
unregistersymbol(INJECT)
dealloc(newmem1)
{
// ORIGINAL CODE - INJECTION POINT: crossfire.exe+18F5AD
crossfire.exe+18F566: 0F 87 E4 00 00 00 - ja crossfire.exe+18F650
crossfire.exe+18F56C: F3 41 0F 10 10 - movss xmm2,[r8]
crossfire.exe+18F571: F3 0F 11 92 9C 01 00 00 - movss [rdx+0000019C],xmm2
crossfire.exe+18F579: F3 41 0F 10 48 04 - movss xmm1,[r8+04]
crossfire.exe+18F57F: F3 0F 11 8A A0 01 00 00 - movss [rdx+000001A0],xmm1
crossfire.exe+18F587: F3 41 0F 10 40 08 - movss xmm0,[r8+08]
crossfire.exe+18F58D: F3 0F 11 82 A4 01 00 00 - movss [rdx+000001A4],xmm0
crossfire.exe+18F595: F3 0F 5C 92 74 01 00 00 - subss xmm2,[rdx+00000174]
crossfire.exe+18F59D: F3 0F 5C 8A 78 01 00 00 - subss xmm1,[rdx+00000178]
crossfire.exe+18F5A5: F3 0F 5C 82 7C 01 00 00 - subss xmm0,[rdx+0000017C]
// ---------- INJECTING HERE ----------
crossfire.exe+18F5AD: F3 0F 11 52 08 - movss [rdx+08],xmm2
// ---------- DONE INJECTING ----------
crossfire.exe+18F5B2: F3 0F 11 4A 0C - movss [rdx+0C],xmm1
crossfire.exe+18F5B7: F3 0F 11 42 10 - movss [rdx+10],xmm0
crossfire.exe+18F5BC: F3 0F 10 92 74 01 00 00 - movss xmm2,[rdx+00000174]
crossfire.exe+18F5C4: F3 0F 10 8A 78 01 00 00 - movss xmm1,[rdx+00000178]
crossfire.exe+18F5CC: F3 0F 10 82 7C 01 00 00 - movss xmm0,[rdx+0000017C]
crossfire.exe+18F5D4: F3 0F 58 92 9C 01 00 00 - addss xmm2,[rdx+0000019C]
crossfire.exe+18F5DC: F3 0F 58 8A A0 01 00 00 - addss xmm1,[rdx+000001A0]
crossfire.exe+18F5E4: F3 0F 58 82 A4 01 00 00 - addss xmm0,[rdx+000001A4]
crossfire.exe+18F5EC: F3 0F 11 52 14 - movss [rdx+14],xmm2
crossfire.exe+18F5F1: F3 0F 11 4A 18 - movss [rdx+18],xmm1
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>1199950546</ID>
<Description>"范围HOOK3"</Description>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : crossfire.exe
Version:
Date : 2025-07-17
Author : Administrator
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(INJECT,crossfire.exe,F3 0F 58 92 C4 01 00 00) // 后四位偏移要改
alloc(newmem2,$1000,INJECT)
label(code)
label(return)
newmem2:
mov eax,[crossfire.exe+4F8]
cmp [rdx+0000019C],eax//更新要改
jne code
movss xmm2,[crossfire.exe+500]
movss xmm1,[crossfire.exe+500]
movss xmm0,[crossfire.exe+500]
code:
addss xmm2,[rdx+000001C4]//更新要改
jmp return
INJECT:
jmp newmem2
nop 3
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 58 92 C4 01 00 00
unregistersymbol(INJECT)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: crossfire.exe+18F5D4
crossfire.exe+18F58D: F3 0F 11 82 A4 01 00 00 - movss [rdx+000001A4],xmm0
crossfire.exe+18F595: F3 0F 5C 92 74 01 00 00 - subss xmm2,[rdx+00000174]
crossfire.exe+18F59D: F3 0F 5C 8A 78 01 00 00 - subss xmm1,[rdx+00000178]
crossfire.exe+18F5A5: F3 0F 5C 82 7C 01 00 00 - subss xmm0,[rdx+0000017C]
crossfire.exe+18F5AD: F3 0F 11 52 08 - movss [rdx+08],xmm2
crossfire.exe+18F5B2: F3 0F 11 4A 0C - movss [rdx+0C],xmm1
crossfire.exe+18F5B7: F3 0F 11 42 10 - movss [rdx+10],xmm0
crossfire.exe+18F5BC: F3 0F 10 92 74 01 00 00 - movss xmm2,[rdx+00000174]
crossfire.exe+18F5C4: F3 0F 10 8A 78 01 00 00 - movss xmm1,[rdx+00000178]
crossfire.exe+18F5CC: F3 0F 10 82 7C 01 00 00 - movss xmm0,[rdx+0000017C]
// ---------- INJECTING HERE ----------
crossfire.exe+18F5D4: F3 0F 58 92 9C 01 00 00 - addss xmm2,[rdx+0000019C]
// ---------- DONE INJECTING ----------
crossfire.exe+18F5DC: F3 0F 58 8A A0 01 00 00 - addss xmm1,[rdx+000001A0]
crossfire.exe+18F5E4: F3 0F 58 82 A4 01 00 00 - addss xmm0,[rdx+000001A4]
crossfire.exe+18F5EC: F3 0F 11 52 14 - movss [rdx+14],xmm2
crossfire.exe+18F5F1: F3 0F 11 4A 18 - movss [rdx+18],xmm1
crossfire.exe+18F5F6: F3 0F 11 42 1C - movss [rdx+1C],xmm0
crossfire.exe+18F5FB: 0F B6 82 64 01 00 00 - movzx eax,byte ptr [rdx+00000164]
crossfire.exe+18F602: 3C 02 - cmp al,02
crossfire.exe+18F604: 74 04 - je crossfire.exe+18F60A
crossfire.exe+18F606: 3C 09 - cmp al,09
crossfire.exe+18F608: 75 26 - jne crossfire.exe+18F630
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>1199950549</ID>
<Description>"位置 8金头 17银头"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>crossfire.exe+4F8</Address>
</CheatEntry>
<CheatEntry>
<ID>1199950543</ID>
<Description>"范围大小"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>crossfire.exe+500</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
<CheatCodes>
<CodeEntry>
<Description>替换了 call qword ptr [rax+00001458]</Description>
<AddressString>cshell_x64.dll+17B3D94</AddressString>
<Before>
<Byte>C6</Byte>
<Byte>48</Byte>
<Byte>8D</Byte>
<Byte>55</Byte>
<Byte>A0</Byte>
</Before>
<Actual>
<Byte>FF</Byte>
<Byte>90</Byte>
<Byte>58</Byte>
<Byte>14</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</Actual>
<After>
<Byte>E8</Byte>
<Byte>E1</Byte>
<Byte>03</Byte>
<Byte>A4</Byte>
<Byte>FE</Byte>
</After>
</CodeEntry>
<CodeEntry>
<Description>替换了 mov [cshell_x64.dll+32DDCE8],al</Description>
<AddressString>cshell_x64.dll+17E2AB9</AddressString>
<Before>
<Byte>90</Byte>
<Byte>F8</Byte>
<Byte>04</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</Before>
<Actual>
<Byte>88</Byte>
<Byte>05</Byte>
<Byte>29</Byte>
<Byte>B2</Byte>
<Byte>AF</Byte>
<Byte>01</Byte>
</Actual>
<After>
<Byte>BB</Byte>
<Byte>04</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</After>
</CodeEntry>
<CodeEntry>
<Description>替换了 je cshell_x64.dll+D2967D</Description>
<AddressString>cshell_x64.dll+D29503</AddressString>
<Before>
<Byte>00</Byte>
<Byte>00</Byte>
<Byte>48</Byte>
<Byte>85</Byte>
<Byte>D2</Byte>
</Before>
<Actual>
<Byte>0F</Byte>
<Byte>84</Byte>
<Byte>74</Byte>
<Byte>01</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</Actual>
<After>
<Byte>48</Byte>
<Byte>8B</Byte>
<Byte>0D</Byte>
<Byte>10</Byte>
<Byte>14</Byte>
</After>
</CodeEntry>
<CodeEntry>
<Description>替换了 call qword ptr [rax+00001458]</Description>
<AddressString>cshell_x64.dll+17B3D94</AddressString>
<Before>
<Byte>C6</Byte>
<Byte>48</Byte>
<Byte>8D</Byte>
<Byte>55</Byte>
<Byte>A0</Byte>
</Before>
<Actual>
<Byte>FF</Byte>
<Byte>90</Byte>
<Byte>58</Byte>
<Byte>14</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</Actual>
<After>
<Byte>E8</Byte>
<Byte>E1</Byte>
<Byte>03</Byte>
<Byte>A4</Byte>
<Byte>FE</Byte>
</After>
</CodeEntry>
</CheatCodes>
<UserdefinedSymbols/>
</CheatTable>
|