Code:
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>26295</ID>
<Description>"Move Ballistas/Mortar"</Description>
<Options moHideChildren="1" moActivateChildrenAsWell="1"/>
<LastState Value="" RealAddress="00000000"/>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>26293</ID>
<Description>"ForwardAxis"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Mordhau-Win64-Shipping.exe
Version:
Date : 2022-12-17
Author : josep
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(bAddForwardAxis,Mordhau-Win64-Shipping.exe,40 38 AB 99 08 00 00) // should be unique
alloc(newmem,$1000,"Mordhau-Win64-Shipping.exe"+14A7F03)
label(code)
label(return)
newmem:
code:
mov [rbx+00000899],#1
cmp [rbx+00000899],bpl
jmp return
bAddForwardAxis:
jmp newmem
nop 2
return:
registersymbol(bAddForwardAxis)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bAddForwardAxis:
db 40 38 AB 99 08 00 00
unregistersymbol(bAddForwardAxis)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Mordhau-Win64-Shipping.exe"+14A7F03
"Mordhau-Win64-Shipping.exe"+14A7EDD: 4C 39 04 D0 - cmp [rax+rdx*8],r8
"Mordhau-Win64-Shipping.exe"+14A7EE1: 75 20 - jne Mordhau-Win64-Shipping.exe+14A7F03
"Mordhau-Win64-Shipping.exe"+14A7EE3: 0F 2E F7 - ucomiss xmm6,xmm7
"Mordhau-Win64-Shipping.exe"+14A7EE6: 74 1B - je Mordhau-Win64-Shipping.exe+14A7F03
"Mordhau-Win64-Shipping.exe"+14A7EE8: F3 0F 11 B6 AC 05 00 00 - movss [rsi+000005AC],xmm6
"Mordhau-Win64-Shipping.exe"+14A7EF0: 48 85 FF - test rdi,rdi
"Mordhau-Win64-Shipping.exe"+14A7EF3: 74 0E - je Mordhau-Win64-Shipping.exe+14A7F03
"Mordhau-Win64-Shipping.exe"+14A7EF5: 48 8B CF - mov rcx,rdi
"Mordhau-Win64-Shipping.exe"+14A7EF8: E8 63 79 12 00 - call Mordhau-Win64-Shipping.exe+15CF860
"Mordhau-Win64-Shipping.exe"+14A7EFD: 89 86 B0 05 00 00 - mov [rsi+000005B0],eax
// ---------- INJECTING HERE ----------
"Mordhau-Win64-Shipping.exe"+14A7F03: 40 38 AB 99 08 00 00 - cmp [rbx+00000899],bpl
// ---------- DONE INJECTING ----------
"Mordhau-Win64-Shipping.exe"+14A7F0A: 0F 84 47 01 00 00 - je Mordhau-Win64-Shipping.exe+14A8057
"Mordhau-Win64-Shipping.exe"+14A7F10: 0F 2E F7 - ucomiss xmm6,xmm7
"Mordhau-Win64-Shipping.exe"+14A7F13: 0F 84 3E 01 00 00 - je Mordhau-Win64-Shipping.exe+14A8057
"Mordhau-Win64-Shipping.exe"+14A7F19: 48 8B 03 - mov rax,[rbx]
"Mordhau-Win64-Shipping.exe"+14A7F1C: 48 8B CB - mov rcx,rbx
"Mordhau-Win64-Shipping.exe"+14A7F1F: FF 90 30 06 00 00 - call qword ptr [rax+00000630]
"Mordhau-Win64-Shipping.exe"+14A7F25: 48 8B F8 - mov rdi,rax
"Mordhau-Win64-Shipping.exe"+14A7F28: 48 85 C0 - test rax,rax
"Mordhau-Win64-Shipping.exe"+14A7F2B: 0F 84 91 00 00 00 - je Mordhau-Win64-Shipping.exe+14A7FC2
"Mordhau-Win64-Shipping.exe"+14A7F31: E8 8A 16 27 00 - call Mordhau-Win64-Shipping.exe+17195C0
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>26294</ID>
<Description>"RightAxis"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Mordhau-Win64-Shipping.exe
Version:
Date : 2022-12-17
Author : josep
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(bAddRightAxis,Mordhau-Win64-Shipping.exe,80 BB 9A 08 00 00 00) // should be unique
alloc(newmem,$1000,"Mordhau-Win64-Shipping.exe"+14A8126)
label(code)
label(return)
newmem:
code:
mov [rbx+0000089A],#1
cmp byte ptr [rbx+0000089A],00
jmp return
bAddRightAxis:
jmp newmem
nop 2
return:
registersymbol(bAddRightAxis)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
bAddRightAxis:
db 80 BB 9A 08 00 00 00
unregistersymbol(bAddRightAxis)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Mordhau-Win64-Shipping.exe"+14A8126
"Mordhau-Win64-Shipping.exe"+14A8101: 75 23 - jne Mordhau-Win64-Shipping.exe+14A8126
"Mordhau-Win64-Shipping.exe"+14A8103: 0F 57 C0 - xorps xmm0,xmm0
"Mordhau-Win64-Shipping.exe"+14A8106: 0F 2E F0 - ucomiss xmm6,xmm0
"Mordhau-Win64-Shipping.exe"+14A8109: 74 1B - je Mordhau-Win64-Shipping.exe+14A8126
"Mordhau-Win64-Shipping.exe"+14A810B: F3 0F 11 B6 B4 05 00 00 - movss [rsi+000005B4],xmm6
"Mordhau-Win64-Shipping.exe"+14A8113: 48 85 FF - test rdi,rdi
"Mordhau-Win64-Shipping.exe"+14A8116: 74 0E - je Mordhau-Win64-Shipping.exe+14A8126
"Mordhau-Win64-Shipping.exe"+14A8118: 48 8B CF - mov rcx,rdi
"Mordhau-Win64-Shipping.exe"+14A811B: E8 40 77 12 00 - call Mordhau-Win64-Shipping.exe+15CF860
"Mordhau-Win64-Shipping.exe"+14A8120: 89 86 B8 05 00 00 - mov [rsi+000005B8],eax
// ---------- INJECTING HERE ----------
"Mordhau-Win64-Shipping.exe"+14A8126: 80 BB 9A 08 00 00 00 - cmp byte ptr [rbx+0000089A],00
// ---------- DONE INJECTING ----------
"Mordhau-Win64-Shipping.exe"+14A812D: 0F 84 95 00 00 00 - je Mordhau-Win64-Shipping.exe+14A81C8
"Mordhau-Win64-Shipping.exe"+14A8133: 48 8B 8B 30 01 00 00 - mov rcx,[rbx+00000130]
"Mordhau-Win64-Shipping.exe"+14A813A: 48 85 C9 - test rcx,rcx
"Mordhau-Win64-Shipping.exe"+14A813D: 74 0C - je Mordhau-Win64-Shipping.exe+14A814B
"Mordhau-Win64-Shipping.exe"+14A813F: 48 8D 54 24 30 - lea rdx,[rsp+30]
"Mordhau-Win64-Shipping.exe"+14A8144: E8 B7 9B AF 01 - call Mordhau-Win64-Shipping.exe+2FA1D00
"Mordhau-Win64-Shipping.exe"+14A8149: EB 1D - jmp Mordhau-Win64-Shipping.exe+14A8168
"Mordhau-Win64-Shipping.exe"+14A814B: 8B 05 2F 0B 03 04 - mov eax,[Mordhau-Win64-Shipping.exe+54D8C80]
"Mordhau-Win64-Shipping.exe"+14A8151: F2 0F 10 05 1F 0B 03 04 - movsd xmm0,[Mordhau-Win64-Shipping.exe+54D8C78]
"Mordhau-Win64-Shipping.exe"+14A8159: 89 44 24 28 - mov [rsp+28],eax
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>26297</ID>
<Description>"Ignore Turn Limit"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Mordhau-Win64-Shipping.exe
Version:
Date : 2022-12-17
Author : josep
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(IgnoreTurnLimit,Mordhau-Win64-Shipping.exe,F3 0F 10 85 A8 08 00 00) // should be unique
alloc(newmem,$1000,"Mordhau-Win64-Shipping.exe"+147509B)
label(code)
label(return)
newmem:
code:
mov [rbp+000008A8],(float)-1
movss xmm0,[rbp+000008A8]
jmp return
IgnoreTurnLimit:
jmp newmem
nop 3
return:
registersymbol(IgnoreTurnLimit)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
IgnoreTurnLimit:
db F3 0F 10 85 A8 08 00 00
unregistersymbol(IgnoreTurnLimit)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Mordhau-Win64-Shipping.exe"+147509B
"Mordhau-Win64-Shipping.exe"+1475078: 41 0F 2F C0 - comiss xmm0,xmm8
"Mordhau-Win64-Shipping.exe"+147507C: 73 04 - jae Mordhau-Win64-Shipping.exe+1475082
"Mordhau-Win64-Shipping.exe"+147507E: F3 0F 58 C7 - addss xmm0,xmm7
"Mordhau-Win64-Shipping.exe"+1475082: F3 0F 58 C6 - addss xmm0,xmm6
"Mordhau-Win64-Shipping.exe"+1475086: 0F 28 CF - movaps xmm1,xmm7
"Mordhau-Win64-Shipping.exe"+1475089: E8 82 46 38 00 - call Mordhau-Win64-Shipping.exe+17F9710
"Mordhau-Win64-Shipping.exe"+147508E: 0F 28 F0 - movaps xmm6,xmm0
"Mordhau-Win64-Shipping.exe"+1475091: 41 0F 2F F0 - comiss xmm6,xmm8
"Mordhau-Win64-Shipping.exe"+1475095: 73 04 - jae Mordhau-Win64-Shipping.exe+147509B
"Mordhau-Win64-Shipping.exe"+1475097: F3 0F 58 F7 - addss xmm6,xmm7
// ---------- INJECTING HERE ----------
"Mordhau-Win64-Shipping.exe"+147509B: F3 0F 10 85 A8 08 00 00 - movss xmm0,[rbp+000008A8]
// ---------- DONE INJECTING ----------
"Mordhau-Win64-Shipping.exe"+14750A3: 0F 28 7C 24 50 - movaps xmm7,[rsp+50]
"Mordhau-Win64-Shipping.exe"+14750A8: 41 0F 2F C0 - comiss xmm0,xmm8
"Mordhau-Win64-Shipping.exe"+14750AC: 44 0F 28 44 24 40 - movaps xmm8,[rsp+40]
"Mordhau-Win64-Shipping.exe"+14750B2: 72 1E - jb Mordhau-Win64-Shipping.exe+14750D2
"Mordhau-Win64-Shipping.exe"+14750B4: F3 0F 10 8D 9C 08 00 00 - movss xmm1,[rbp+0000089C]
"Mordhau-Win64-Shipping.exe"+14750BC: 0F 28 D1 - movaps xmm2,xmm1
"Mordhau-Win64-Shipping.exe"+14750BF: F3 0F 5C C8 - subss xmm1,xmm0
"Mordhau-Win64-Shipping.exe"+14750C3: F3 0F 58 D0 - addss xmm2,xmm0
"Mordhau-Win64-Shipping.exe"+14750C7: 0F 28 C6 - movaps xmm0,xmm6
"Mordhau-Win64-Shipping.exe"+14750CA: E8 B1 29 41 00 - call Mordhau-Win64-Shipping.exe+1887A80
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>26298</ID>
<Description>"move in warmup"</Description>
<LastState/>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : Mordhau-Win64-Shipping.exe
Version:
Date : 2022-12-18
Author : josep
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(allowmovewarmup,Mordhau-Win64-Shipping.exe,80 B9 89 06 00 00 00) // should be unique
alloc(newmem,$1000,"Mordhau-Win64-Shipping.exe"+15F2C16)
label(code)
label(return)
newmem:
code:
mov [rcx+00000689],#0
cmp byte ptr [rcx+00000689],00
jmp return
allowmovewarmup:
jmp newmem
nop 2
return:
registersymbol(allowmovewarmup)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
allowmovewarmup:
db 80 B9 89 06 00 00 00
unregistersymbol(allowmovewarmup)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Mordhau-Win64-Shipping.exe"+15F2C16
"Mordhau-Win64-Shipping.exe"+15F2C08: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C09: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0A: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0B: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0C: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0D: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0E: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C0F: CC - int 3
"Mordhau-Win64-Shipping.exe"+15F2C10: 40 53 - push rbx
"Mordhau-Win64-Shipping.exe"+15F2C12: 48 83 EC 20 - sub rsp,20
// ---------- INJECTING HERE ----------
"Mordhau-Win64-Shipping.exe"+15F2C16: 80 B9 89 06 00 00 00 - cmp byte ptr [rcx+00000689],00
// ---------- DONE INJECTING ----------
"Mordhau-Win64-Shipping.exe"+15F2C1D: 48 8B D9 - mov rbx,rcx
"Mordhau-Win64-Shipping.exe"+15F2C20: 74 2B - je Mordhau-Win64-Shipping.exe+15F2C4D
"Mordhau-Win64-Shipping.exe"+15F2C22: F3 0F 10 05 16 50 A4 02 - movss xmm0,[Mordhau-Win64-Shipping.exe+4037C40]
"Mordhau-Win64-Shipping.exe"+15F2C2A: 0F 2E 81 90 06 00 00 - ucomiss xmm0,[rcx+00000690]
"Mordhau-Win64-Shipping.exe"+15F2C31: 74 12 - je Mordhau-Win64-Shipping.exe+15F2C45
"Mordhau-Win64-Shipping.exe"+15F2C33: 48 8B 01 - mov rax,[rcx]
"Mordhau-Win64-Shipping.exe"+15F2C36: FF 90 38 06 00 00 - call qword ptr [rax+00000638]
"Mordhau-Win64-Shipping.exe"+15F2C3C: 0F 2F 83 90 06 00 00 - comiss xmm0,[rbx+00000690]
"Mordhau-Win64-Shipping.exe"+15F2C43: 73 08 - jae Mordhau-Win64-Shipping.exe+15F2C4D
"Mordhau-Win64-Shipping.exe"+15F2C45: B0 01 - mov al,01
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>