https://store.steampowered.com/app/9...querors_Blade/
Oh what a game, what a lovely game!
No input sanitisation, so there is possibly dupe glitch on either market or auction, so you can dig in deeper if you want.
Pretty much all player and bot coordinates and most of cooldowns are also client sided, so yeah, already saw couple of guys who abuse poor cheat engine's default speedhack.
But anyway, enough talking, here's the release:
Code:
{ Game : proven_ground_client.exe
Version: 31337
Date : 2019-02-10
Author : :^)
Like people said on d1scord - machinegun bow dlc :^)
}
[ENABLE]
aobscanmodule(INJECT,proven_ground_client.exe,F3 0F 58 49 04 F3 0F 11 49 04 C3)
alloc(newmem,$1000,"proven_ground_client.exe"+1920B86)
label(code)
label(return)
newmem:
addss xmm1,dword ptr [rcx+04] //fiddle around with the add amount, works different on different classes
addss xmm1,dword ptr [rcx+04] //or use "sophisticated" float multiplication or whatever you wish
addss xmm1,dword ptr [rcx+04]
addss xmm1,dword ptr [rcx+04]
addss xmm1,dword ptr [rcx+04]
addss xmm1,dword ptr [rcx+04]
addss xmm1,dword ptr [rcx+04]
code:
addss xmm1,dword ptr [rcx+04]
jmp return
INJECT:
jmp newmem
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db F3 0F 58 49 04
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "proven_ground_client.exe"+1920B86
"proven_ground_client.exe"+1920B78: CC - int 3
"proven_ground_client.exe"+1920B79: CC - int 3
"proven_ground_client.exe"+1920B7A: CC - int 3
"proven_ground_client.exe"+1920B7B: CC - int 3
"proven_ground_client.exe"+1920B7C: CC - int 3
"proven_ground_client.exe"+1920B7D: CC - int 3
"proven_ground_client.exe"+1920B7E: CC - int 3
"proven_ground_client.exe"+1920B7F: CC - int 3
"proven_ground_client.exe"+1920B80: 80 79 08 00 - cmp byte ptr [rcx+08],00
"proven_ground_client.exe"+1920B84: 75 0A - jne proven_ground_client.exe+1920B90
// ---------- INJECTING HERE ----------
"proven_ground_client.exe"+1920B86: F3 0F 58 49 04 - addss xmm1,dword ptr [rcx+04]
// ---------- DONE INJECTING ----------
"proven_ground_client.exe"+1920B8B: F3 0F 11 49 04 - movss [rcx+04],xmm1
"proven_ground_client.exe"+1920B90: C3 - ret
"proven_ground_client.exe"+1920B91: CC - int 3
"proven_ground_client.exe"+1920B92: CC - int 3
"proven_ground_client.exe"+1920B93: CC - int 3
"proven_ground_client.exe"+1920B94: CC - int 3
"proven_ground_client.exe"+1920B95: CC - int 3
"proven_ground_client.exe"+1920B96: CC - int 3
"proven_ground_client.exe"+1920B97: CC - int 3
"proven_ground_client.exe"+1920B98: CC - int 3
}