6
"Unlimited Crafting"
Auto Assembler Script
[ENABLE]
aobscanmodule(craftForFree,$process,0F 8E ?? ?? ?? ?? 83 ?? FF 0F 84)
craftForFree:
db 90 E9
registersymbol(craftForFree)
[DISABLE]
craftForFree:
db 0F 8E
unregistersymbol(craftForFree)
{
// ORIGINAL CODE - INJECTION POINT: AstroColony-Win64-Shipping.exe+14B92CD
AstroColony-Win64-Shipping.exe+14B92AB: 4C 3B C2 - cmp r8,rdx
AstroColony-Win64-Shipping.exe+14B92AE: 74 12 - je AstroColony-Win64-Shipping.exe+14B92C2
AstroColony-Win64-Shipping.exe+14B92B0: 48 3B 07 - cmp rax,[rdi]
AstroColony-Win64-Shipping.exe+14B92B3: 0F 84 49 01 00 00 - je AstroColony-Win64-Shipping.exe+14B9402
AstroColony-Win64-Shipping.exe+14B92B9: 48 83 C7 10 - add rdi,10
AstroColony-Win64-Shipping.exe+14B92BD: 48 3B FA - cmp rdi,rdx
AstroColony-Win64-Shipping.exe+14B92C0: 75 EE - jne AstroColony-Win64-Shipping.exe+14B92B0
AstroColony-Win64-Shipping.exe+14B92C2: BF FF FF FF FF - mov edi,FFFFFFFF
AstroColony-Win64-Shipping.exe+14B92C7: 41 8B 6E 08 - mov ebp,[r14+08]
AstroColony-Win64-Shipping.exe+14B92CB: 85 ED - test ebp,ebp
// ---------- INJECTING HERE ----------
AstroColony-Win64-Shipping.exe+14B92CD: 0F 8E 9E 00 00 00 - jng AstroColony-Win64-Shipping.exe+14B9371
// ---------- DONE INJECTING ----------
AstroColony-Win64-Shipping.exe+14B92D3: 83 FF FF - cmp edi,-01
AstroColony-Win64-Shipping.exe+14B92D6: 0F 84 95 00 00 00 - je AstroColony-Win64-Shipping.exe+14B9371
AstroColony-Win64-Shipping.exe+14B92DC: 48 8B 8E 08 01 00 00 - mov rcx,[rsi+00000108]
AstroColony-Win64-Shipping.exe+14B92E3: 48 63 DF - movsxd rbx,edi
AstroColony-Win64-Shipping.exe+14B92E6: 48 03 DB - add rbx,rbx
AstroColony-Win64-Shipping.exe+14B92E9: 8B 44 D9 08 - mov eax,[rcx+rbx*8+08]
AstroColony-Win64-Shipping.exe+14B92ED: 3B C5 - cmp eax,ebp
AstroColony-Win64-Shipping.exe+14B92EF: 44 8B C0 - mov r8d,eax
AstroColony-Win64-Shipping.exe+14B92F2: 44 0F 4D C5 - cmovge r8d,ebp
AstroColony-Win64-Shipping.exe+14B92F6: 41 2B C0 - sub eax,r8d
}
8
"Unlimited Item Use"
Auto Assembler Script
[ENABLE]
aobscanmodule(use,$process,FF ?? ?? 08 48 8B ?? E8 ?? ?? ?? ?? 48 8B ?? ?? ?? 00 00 83 7C ?? ?? 00 48 8B)
alloc(useBkp,4)
useBkp:
readmem(use,4)
use:
nop 4
registersymbol(use)
registersymbol(useBkp)
[DISABLE]
use:
readmem(useBkp,4)
unregistersymbol(use)
unregistersymbol(useBkp)
dealloc(useBkp)
{
// ORIGINAL CODE - INJECTION POINT: AstroColony-Win64-Shipping.exe+14B9516
AstroColony-Win64-Shipping.exe+14B94EE: 48 89 5C 24 40 - mov [rsp+40],rbx
AstroColony-Win64-Shipping.exe+14B94F3: 48 8B CF - mov rcx,rdi
AstroColony-Win64-Shipping.exe+14B94F6: 48 89 6C 24 48 - mov [rsp+48],rbp
AstroColony-Win64-Shipping.exe+14B94FB: 40 32 ED - xor bpl,bpl
AstroColony-Win64-Shipping.exe+14B94FE: 48 89 74 24 50 - mov [rsp+50],rsi
AstroColony-Win64-Shipping.exe+14B9503: 4C 89 74 24 58 - mov [rsp+58],r14
AstroColony-Win64-Shipping.exe+14B9508: 45 0F B6 F1 - movzx r14d,r9l
AstroColony-Win64-Shipping.exe+14B950C: 41 8B DE - mov ebx,r14d
AstroColony-Win64-Shipping.exe+14B950F: 48 03 DB - add rbx,rbx
AstroColony-Win64-Shipping.exe+14B9512: 48 8B 34 D8 - mov rsi,[rax+rbx*8]
// ---------- INJECTING HERE ----------
AstroColony-Win64-Shipping.exe+14B9516: FF 4C D8 08 - dec [rax+rbx*8+08]
// ---------- DONE INJECTING ----------
AstroColony-Win64-Shipping.exe+14B951A: 48 8B D6 - mov rdx,rsi
AstroColony-Win64-Shipping.exe+14B951D: E8 4E 40 00 00 - call AstroColony-Win64-Shipping.exe+14BD570
AstroColony-Win64-Shipping.exe+14B9522: 48 8B 87 08 01 00 00 - mov rax,[rdi+00000108]
AstroColony-Win64-Shipping.exe+14B9529: 83 7C D8 08 00 - cmp dword ptr [rax+rbx*8+08],00
AstroColony-Win64-Shipping.exe+14B952E: 48 8B 5C 24 40 - mov rbx,[rsp+40]
AstroColony-Win64-Shipping.exe+14B9533: 7F 4C - jg AstroColony-Win64-Shipping.exe+14B9581
AstroColony-Win64-Shipping.exe+14B9535: 48 8B 07 - mov rax,[rdi]
AstroColony-Win64-Shipping.exe+14B9538: 41 0F B6 D6 - movzx edx,r14l
AstroColony-Win64-Shipping.exe+14B953C: 48 8B CF - mov rcx,rdi
AstroColony-Win64-Shipping.exe+14B953F: FF 90 28 03 00 00 - call qword ptr [rax+00000328]
}
9
"Unlimited Item Split"
Auto Assembler Script
[ENABLE]
aobscanmodule(split,$process,41 0F ?? ?? 2B D1 89)
split+04:
nop 2
registersymbol(split)
[DISABLE]
split+04:
db 2B D1
unregistersymbol(split)
{
// ORIGINAL CODE - INJECTION POINT: AstroColony-Win64-Shipping.exe+14B7F79
AstroColony-Win64-Shipping.exe+14B7F51: 4C 89 74 24 60 - mov [rsp+60],r14
AstroColony-Win64-Shipping.exe+14B7F56: 4C 8B F3 - mov r14,rbx
AstroColony-Win64-Shipping.exe+14B7F59: 49 C1 E6 04 - shl r14,04
AstroColony-Win64-Shipping.exe+14B7F5D: 4C 89 7C 24 30 - mov [rsp+30],r15
AstroColony-Win64-Shipping.exe+14B7F62: 43 8B 54 30 08 - mov edx,[r8+r14+08]
AstroColony-Win64-Shipping.exe+14B7F67: 8B CA - mov ecx,edx
AstroColony-Win64-Shipping.exe+14B7F69: 4B 8B 04 30 - mov rax,[r8+r14]
AstroColony-Win64-Shipping.exe+14B7F6D: 44 3B CA - cmp r9d,edx
AstroColony-Win64-Shipping.exe+14B7F70: 48 89 44 24 20 - mov [rsp+20],rax
AstroColony-Win64-Shipping.exe+14B7F75: 41 0F 4C C9 - cmovl ecx,r9d
// ---------- INJECTING HERE ----------
AstroColony-Win64-Shipping.exe+14B7F79: 2B D1 - sub edx,ecx
// ---------- DONE INJECTING ----------
AstroColony-Win64-Shipping.exe+14B7F7B: 89 4C 24 28 - mov [rsp+28],ecx
AstroColony-Win64-Shipping.exe+14B7F7F: 43 89 54 30 08 - mov [r8+r14+08],edx
AstroColony-Win64-Shipping.exe+14B7F84: 48 8B 07 - mov rax,[rdi]
AstroColony-Win64-Shipping.exe+14B7F87: 42 83 7C 30 08 00 - cmp dword ptr [rax+r14+08],00
AstroColony-Win64-Shipping.exe+14B7F8D: 7F 4E - jg AstroColony-Win64-Shipping.exe+14B7FDD
AstroColony-Win64-Shipping.exe+14B7F8F: 48 8B 06 - mov rax,[rsi]
AstroColony-Win64-Shipping.exe+14B7F92: 0F B6 D3 - movzx edx,bl
AstroColony-Win64-Shipping.exe+14B7F95: 48 8B CE - mov rcx,rsi
AstroColony-Win64-Shipping.exe+14B7F98: FF 90 28 03 00 00 - call qword ptr [rax+00000328]
AstroColony-Win64-Shipping.exe+14B7F9E: 8B 6F 08 - mov ebp,[rdi+08]
}
11
"Unlimited Technology"
Auto Assembler Script
[ENABLE]
aobscanmodule(tech,$process,29 02 41 8D 40 FE)
tech:
nop 2
registersymbol(tech)
[DISABLE]
tech:
db 29 02
unregistersymbol(tech)
{
// ORIGINAL CODE - INJECTION POINT: AstroColony-Win64-Shipping.exe+1425BE2
AstroColony-Win64-Shipping.exe+1425BB0: 48 83 C2 08 - add rdx,08
AstroColony-Win64-Shipping.exe+1425BB4: 48 3B D7 - cmp rdx,rdi
AstroColony-Win64-Shipping.exe+1425BB7: 75 E7 - jne AstroColony-Win64-Shipping.exe+1425BA0
AstroColony-Win64-Shipping.exe+1425BB9: 4C 89 74 24 28 - mov [rsp+28],r14
AstroColony-Win64-Shipping.exe+1425BBE: 4C 8D 35 3B A4 BD FE - lea r14,[AstroColony-Win64-Shipping.exe]
AstroColony-Win64-Shipping.exe+1425BC5: 66 66 66 0F 1F 84 00 00 00 00 00 - nop word ptr [rax+rax+00000000]
AstroColony-Win64-Shipping.exe+1425BD0: 44 0F B6 03 - movzx r8d,byte ptr [rbx]
AstroColony-Win64-Shipping.exe+1425BD4: 48 8B 85 E0 02 00 00 - mov rax,[rbp+000002E0]
AstroColony-Win64-Shipping.exe+1425BDB: 4A 8D 14 80 - lea rdx,[rax+r8*4]
AstroColony-Win64-Shipping.exe+1425BDF: 8B 43 04 - mov eax,[rbx+04]
// ---------- INJECTING HERE ----------
AstroColony-Win64-Shipping.exe+1425BE2: 29 02 - sub [rdx],eax
// ---------- DONE INJECTING ----------
AstroColony-Win64-Shipping.exe+1425BE4: 41 8D 40 FE - lea eax,[r8-02]
AstroColony-Win64-Shipping.exe+1425BE8: 83 F8 05 - cmp eax,05
AstroColony-Win64-Shipping.exe+1425BEB: 77 1D - ja AstroColony-Win64-Shipping.exe+1425C0A
AstroColony-Win64-Shipping.exe+1425BED: 48 98 - cdqe
AstroColony-Win64-Shipping.exe+1425BEF: 41 8B 8C 86 60 5C 42 01 - mov ecx,[r14+rax*4+01425C60]
AstroColony-Win64-Shipping.exe+1425BF7: 49 03 CE - add rcx,r14
AstroColony-Win64-Shipping.exe+1425BFA: FF E1 - jmp rcx
AstroColony-Win64-Shipping.exe+1425BFC: 48 8D 8D B8 02 00 00 - lea rcx,[rbp+000002B8]
AstroColony-Win64-Shipping.exe+1425C03: 33 D2 - xor edx,edx
AstroColony-Win64-Shipping.exe+1425C05: E8 46 B1 39 FF - call AstroColony-Win64-Shipping.exe+7C0D50
}