21
"[X] <== Victoria 3 (1.1.0) - 0d2e - Achievement Table"
FF0000
1
13
"[X] <== Achievements when using console commands"
C08000
Auto Assembler Script
{ Game : victoria3.exe
Version:
Date : 2022-10-26
Author : Nameless
This script does blah blah blah
}
{
1.0.3
victoria3.exe+1698580 - 48 83 EC 28 - sub rsp,28
Shows 110, 111, 112, 113, 114 and 119 checked for 0
}
[ENABLE]
aobscanmodule(Achievements,victoria3.exe,0F B6 80 12 01 00 00 48)
aobscanmodule(DebugEnabled_aob,victoria3.exe,0F 94 C0 20 87 11 01 00 00)
aobscanmodule(ConsoleUsed_aob,victoria3.exe,C6 80 13 01 00 00 00 32)
alloc(newmem,$1000,Achievements)
label(code)
label(return)
label(pAchievementBase)
label(debugEnabled)
label(return_debugEnabled)
label(consoleUsed)
label(return_consoleUsed)
registersymbol(Achievements)
registersymbol(pAchievementBase)
newmem:
mov [pAchievementBase],rax
mov byte ptr [rax+111],01 // set "Debug not set"
mov byte ptr [rax+113],01 // set "Console not used"
code:
movzx eax,byte ptr [rax+00000112]
jmp return
debugEnabled:
mov [pAchievementBase],rdi // Save base pointer
mov byte ptr [rdi+111],01 // set "Debug not set"?
mov byte ptr [rdi+113],01 // set "Console not used"?
//sete al // original code
//and [rdi+00000111],al // original code
jmp return_debugEnabled
consoleUsed:
//mov byte ptr [rax+00000113],00 // original code
mov [pAchievementBase],rax // Save base pointer
mov byte ptr [rax+111],01 // set "Debug not set"
mov byte ptr [rax+113],01 // set "Console not used"
jmp return_consoleUsed
// Variables
pAchievementBase:
dq 0
// Hack points
Achievements:
jmp newmem
nop 2
return:
DebugEnabled_aob:
jmp debugEnabled
nop 4
return_debugEnabled:
ConsoleUsed_aob:
jmp consoleUsed
nop 2
return_consoleUsed:
[DISABLE]
Achievements:
db 0F B6 80 12 01 00 00
DebugEnabled_aob:
db 0F 94 C0 20 87 11 01 00 00
ConsoleUsed_aob:
db C6 80 13 01 00 00 00
unregistersymbol(Achievements)
unregistersymbol(pAchievementBase)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: victoria3.exe+AB718F
victoria3.exe+AB716F: CC - int 3
victoria3.exe+AB7170: 4C 89 44 24 18 - mov [rsp+18],r8
victoria3.exe+AB7175: 53 - push rbx
victoria3.exe+AB7176: 48 83 EC 20 - sub rsp,20
victoria3.exe+AB717A: 48 8B DA - mov rbx,rdx
victoria3.exe+AB717D: E8 0E 0B BE 00 - call victoria3.exe+1697C90
victoria3.exe+AB7182: 80 3D 1E 96 48 02 00 - cmp byte ptr [victoria3.exe+2F407A7],00
victoria3.exe+AB7189: 74 04 - je victoria3.exe+AB718F
victoria3.exe+AB718B: 32 C0 - xor al,al
victoria3.exe+AB718D: EB 07 - jmp victoria3.exe+AB7196
// ---------- INJECTING HERE ----------
victoria3.exe+AB718F: 0F B6 80 12 01 00 00 - movzx eax,byte ptr [rax+00000112]
// ---------- DONE INJECTING ----------
victoria3.exe+AB7196: 48 8D 54 24 40 - lea rdx,[rsp+40]
victoria3.exe+AB719B: 88 44 24 40 - mov [rsp+40],al
victoria3.exe+AB719F: 48 8B CB - mov rcx,rbx
victoria3.exe+AB71A2: E8 99 2A B4 FF - call victoria3.exe+5F9C40
victoria3.exe+AB71A7: B0 01 - mov al,01
victoria3.exe+AB71A9: 48 83 C4 20 - add rsp,20
victoria3.exe+AB71AD: 5B - pop rbx
victoria3.exe+AB71AE: C3 - ret
victoria3.exe+AB71AF: CC - int 3
victoria3.exe+AB71B0: 4C 89 44 24 18 - mov [rsp+18],r8
}
20
"Debug"
0000EE
1
14
"112 - Ironman"
0
Byte
pAchievementBase
112
15
"110 - "Nac" mods not used?"
0
Byte
pAchievementBase
110
16
"111 - Debug not enabled"
0
Byte
pAchievementBase
111
17
"113 - console not used"
0
Byte
pAchievementBase
113
18
"114 - Unknown"
0
Byte
pAchievementBase
114
19
"119 - Unknown"
0
Byte
pAchievementBase
119
7
"[X] <== Toggle Debug Mode (Numpad 0)"
C08000
Auto Assembler Script
{ Game : victoria3.exe
Version:
Date : 2022-10-26
Author : Nameless
This script does blah blah blah
}
[ENABLE]
aobscanmodule(DebugMode,victoria3.exe,45 84 F6 0F 94 05 ?? ?? ?? ?? 48 8B 0D)
label(pDebug)
registersymbol(DebugMode)
registersymbol(pDebug)
DebugMode+(DWORD)[DebugMode+06]+0A:
pDebug:
db 1
[DISABLE]
pDebug:
db 0
unregistersymbol(DebugMode)
unregistersymbol(pDebug)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: victoria3.exe+18F0374
victoria3.exe+18F0344: 48 3B C3 - cmp rax,rbx
victoria3.exe+18F0347: 48 0F 47 D8 - cmova rbx,rax
victoria3.exe+18F034B: 48 8D 4B 01 - lea rcx,[rbx+01]
victoria3.exe+18F034F: E8 FC AA AE FE - call victoria3.exe+3DAE50
victoria3.exe+18F0354: 48 C7 47 18 10 00 00 00 - mov qword ptr [rdi+18],00000010
victoria3.exe+18F035C: 48 89 5F 20 - mov [rdi+20],rbx
victoria3.exe+18F0360: C5 F8 10 05 B0 D1 CE 00 - vmovups xmm0,[victoria3.exe+25DD518]
victoria3.exe+18F0368: C5 F8 11 00 - vmovups [rax],xmm0
victoria3.exe+18F036C: C6 40 10 00 - mov byte ptr [rax+10],00
victoria3.exe+18F0370: 48 89 47 08 - mov [rdi+08],rax
// ---------- INJECTING HERE ----------
victoria3.exe+18F0374: 45 84 F6 - test r14l,r14b
// ---------- DONE INJECTING ----------
victoria3.exe+18F0377: 0F 94 05 89 04 65 01 - sete byte ptr [victoria3.exe+2F40807]
victoria3.exe+18F037E: 48 8B 0D 2B B7 67 01 - mov rcx,[victoria3.exe+2F6BAB0]
victoria3.exe+18F0385: 48 8B 01 - mov rax,[rcx]
victoria3.exe+18F0388: FF 90 B0 00 00 00 - call qword ptr [rax+000000B0]
victoria3.exe+18F038E: 48 8B C7 - mov rax,rdi
victoria3.exe+18F0391: 48 8B 5C 24 58 - mov rbx,[rsp+58]
victoria3.exe+18F0396: 48 8B 6C 24 60 - mov rbp,[rsp+60]
victoria3.exe+18F039B: 48 83 C4 30 - add rsp,30
victoria3.exe+18F039F: 41 5E - pop r14
victoria3.exe+18F03A1: 5F - pop rdi
}
Toggle Activation
96
0
2
"[X] <== Player Country"
008000
Auto Assembler Script
{ Game : victoria3.exe
Version:
Date : 2022-10-25
Author : Nameless
This script does blah blah blah
}
[ENABLE]
aobscanmodule(PlayerCountry,victoria3.exe,48 8B 80 B8 15 00 00 48 89) // should be unique
// xx xx xx ?x xx xx xx xx xx // Find better aob, not one using offset
alloc(newmem,$1000,PlayerCountry)
label(code)
label(return)
label(pCountry)
registersymbol(PlayerCountry)
registersymbol(pCountry)
newmem:
mov [pCountry],rax
code:
mov rax,[rax+000015A8]
jmp return
pCountry:
dq 0
PlayerCountry:
jmp newmem
nop 2
return:
[DISABLE]
PlayerCountry:
db 48 8B 80 B8 15 00 00
unregistersymbol(PlayerCountry)
unregistersymbol(pCountry)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: victoria3.exe+FED91D
victoria3.exe+FED8FA: 3B 48 2C - cmp ecx,[rax+2C]
victoria3.exe+FED8FD: 73 17 - jae victoria3.exe+FED916
victoria3.exe+FED8FF: 48 8B 40 20 - mov rax,[rax+20]
victoria3.exe+FED903: 48 03 C9 - add rcx,rcx
victoria3.exe+FED906: 48 8B 44 C8 08 - mov rax,[rax+rcx*8+08]
victoria3.exe+FED90B: 48 85 C0 - test rax,rax
victoria3.exe+FED90E: 74 06 - je victoria3.exe+FED916
victoria3.exe+FED910: 44 39 40 18 - cmp [rax+18],r8d
victoria3.exe+FED914: 74 07 - je victoria3.exe+FED91D
victoria3.exe+FED916: 48 8B 05 03 DF F4 01 - mov rax,[victoria3.exe+2F3B820]
// ---------- INJECTING HERE ----------
victoria3.exe+FED91D: 48 8B 80 A8 15 00 00 - mov rax,[rax+000015A8]
// ---------- DONE INJECTING ----------
victoria3.exe+FED924: 48 89 02 - mov [rdx],rax
victoria3.exe+FED927: 48 8B C2 - mov rax,rdx
victoria3.exe+FED92A: C3 - ret
victoria3.exe+FED92B: CC - int 3
victoria3.exe+FED92C: CC - int 3
victoria3.exe+FED92D: CC - int 3
victoria3.exe+FED92E: CC - int 3
victoria3.exe+FED92F: CC - int 3
victoria3.exe+FED930: 40 53 - push rbx
victoria3.exe+FED932: 48 83 EC 20 - sub rsp,20
}
3
"Gold Reserve (x100.000)"
1
8 Bytes
pCountry
15B8
22
"Credit (x100.000)"
0
8 Bytes
pCountry
2050
23
"Infamy (x100.000)"
0
4 Bytes
pCountry
2450
4
"Radicals (Does nothing)"
0
4 Bytes
pCountry
132c
5
"Loyalists (Does nothing)"
0
4 Bytes
pCountry
1330