Gökyüzü sadece uçmaktan korkanların sınırıdır
Süper Üye
Offsets
Kod:
ViewWorld: 78D4E50
Gworld: 0x78EFCB4
Gnames = 0x75FC340
//Libue Method
Uworld = Read<UINT>(Base + 0x78EFCB4) + 60
Gnames =Read<UINT>(Base + 0x75FC340) + 176
//--ViewWorld Method
Uworld = Read<UINT>(ViewWorldBase + 110180)+ 60;
Gnames = Read<UINT>(ViewWorldBase - 2984720)+ 176;
CurrentWeapon : 6572
ShootWeapon : 3532
Health : 2396
bDead : 2456
PlayerName: 1640
Nation : 1652
TeamID : 1680
Position : 336
uMyObject(LocalPawn) : 848
RootComponent(PlayerWorld) : 364
Mesh(BoneOffset) : 832
Minlod(tmpOffset) : 1504
BodyOffset(ActorOffset): 320
IsBotOffset: 1800
PlayerController: 10748
CharacterMovement: 836
LastUpdateVelocity = 592
PlayerCameraManager: 864
CameraCache: 880
CurrentStates: 2704
ReplicatedMovement: 128
VehicleCommon: 1756
HPMax: 420
HP : 424
FuelMax: 444
Fuel: 448
ItemId: 1004
LootBox[
itemBase: 1668
boxItemsCount: 1672
]NO-RECOIL
Kod:
if (Settings.NoRecoil)
{
var CurrentWeapon = Mem.ReadMemory<uint>(uMyObject + 6572);
if (CurrentWeapon != 0)
{
var ShootWeapon= Mem.ReadMemory<uint>(CurrentWeapon + 3532);
if (ShootWeapon != 0)
{
Mem.WriteMemory<float>(ShootWeapon + 2120, 0f);
Mem.WriteMemory<float>(ShootWeapon + 2124, 0f);
Mem.WriteMemory<float>(ShootWeapon + 2128, 0f);
}
}
}INSTANT HIT
Kod:
if(Settings.InstantHit)
{
var CurrentWeapon = Mem.ReadMemory<uint>(uMyObject + 6572);
if (CurrentWeapon != 0)
{
var ShootWeapon= Mem.ReadMemory<uint>(CurrentWeapon + 3532);
if (ShootWeapon!= 0)
{
var insrd = Mem.ReadMemory<float>(ShootWeapon+ 1028);
if(insrd != 600000.0f&&insrd !=0.0f)
{
Mem.WriteMemory<float>(ShootWeapon+ 1028, 600000.0f);
}
}
}
}HACK SCRIPT
AOB & Offsets
AOB & Offsets
Kod:
--IPADVIEW--
Offset: 3CB57A4
SCAN: 00 00 B4 43 5C 5C 93 03 80 FA 75 03 30 48
REPLACE: 00 00 82 43 5C 5C 93 03 80 FA 75 03 30 48
--INSTANT HIT --
Offset: 3D4E064
SCAN: 4E 8A 38 EE E0 00 DD E5 01 00 10 E3 23 00 00 1A 00 91 84
REPLACE: 00 00 00 00 E0 00 DD E5 01 00 10 E3 23 00 00 1A 00 91 84
--NO-RECOIL--
Offset: 13DFC8C
SCAN: 50 0A 84 ED 2C 00 96 E5 00 00 50 E3 31
REPLACE: 00 00 00 00 2C 00 96 E5 00 00 50 E3 31
--SMALL CROSSHAIR--
Offset: 1E49E4C
SCAN: 00 0A 90 1D 10 0A 10 EE 1E FF 2F E1 70 1B 90 E5 00 00 A0 E3
REPLACE: 01 00 00 00 10 0A 10 EE 1E FF 2F E1 70 1B 90 E5 00 00 A0 E3
--NO HEADSHOT--
Offset: 0x40F2810
SCAN: CD CC CC 3D 00 00 00 00 D8 F2 7E 03 CC F2 7E 03 C0 F2 7E 03
REPLACE: 00 00 20 42 00 00 00 00 D8 F2 7E 03 CC F2 7E 03 C0 F2 7E 03
--NIGHT MODE--
Offset: 0x32E4BF8
SCAN: 42 2A B1 EE 58 0A 8D ED 59 1A 8D ED 5A
REPLACE 00 00 00 00 58 0A 8D ED 59 1A 8D ED 5A
--LUFFY HAND--
Offset: 0x28EEDEC
SCAN: A9 99 F4 F3 F6 0D 40 F3 AB 89 F4 F3 E5
REPLACE 00 00 00 00 F6 0D 40 F3 AB 89 F4 F3 E5
--NO GRASS--
Offset: 0x28C5E28
SCAN: 00 00 53 E3 2E 00 00 0A 3A 1A DF ED 5F 46 C3
REPLACE 00 00 00 00 2E 00 00 0A 3A 1A DF ED 5F 46 C3
--NO TREE--
Offset: 0x3DBB59C
SCAN: 10 FA F1 EE 26 00 00 DA C6 0A B1 EE 0D 1A 96 ED
REPLACE 00 00 00 00 26 00 00 DA C6 0A B1 EE 0D 1A 96 ED
--BLACK BODY--
Offset: 0x3171358
SCAN: 17 B7 D1 38 00 00 00 00 D0 4C 2D E9 10 B0 8D E2
REPLACE 00 00 E0 40 00 00 00 00 D0 4C 2D E9 10 B0 8D E2
--BLACK SKY--
Pattern:3F7857C
SCAN: 5A 00 00 EA 00 00 00 00 00 F0 20 E3 00 F0 20 E3 00 F0 20 E3
REPLACE 5A 00 00 EA AD C5 27 B7 00 F0 20 E3 00 F0 20 E3 00 F0 20 E3
--X-EFFECT--
Offset: 1BD4B90
SCAN: 05 0A 28 EE 18 70 8D E5 14 50 8D E5 10 50 8D E5
REPLACE 00 00 00 00 18 70 8D E5 14 50 8D E5 10 50 8D E5CT SCRIPT
Kod:
<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="38">
<CheatEntries/>
<UserdefinedSymbols/>
<LuaScript>
--Author 0xPrince
------PUBGM V1.9------
--/\/\/\/\/\--Features--/\/\/\/\/\--
--IPADVIEW--
--INSTANT HIT --
--NO-RECOIL--
--SMALL CROSSHAIR--
--NO HEADSHOT--
--NIGHT MODE--
--LUFFY HAND--
--NO GRASS--
--NO TREE--
--BLACK BODY--
--BLACK SKY--
--X-EFFECT--
--/\/\/\/\/\--Features--/\/\/\/\/\--
dbk_initialize()
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
if getOpenedProcessID() then openProcess(getOpenedProcessID()) end
dbk_writesIgnoreWriteProtection(true)
local isEmuVbox = false
local startRange = 0
local endRange = 0x7ffffffff
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------------Helper------------------
-----------/\/\/\/\/\/\/\/\/\/-----------
--Shared By 0xPrince
function UpdateStatus(Upstatus,bLog,bSpeak)
StatusText.Caption = "Status: "..Upstatus
if (bSpeak==true) then
speak(Upstatus)
end
if (bLog == true) then
print("Log: "..Upstatus)
end
end
--------------------------------------------
function ClearOutput()
GetLuaEngine().MenuItem5.doClick()
end
--------------------------------------------
function StrToByte(strbytes)
local retbyte = {}
for hex in string.gmatch(strbytes, "%S+") do
local size = #retbyte + 1
retbyte[size] = tonumber(hex, 16)
end
return retbyte
end
--------------------------------------------
function AOBScanAA(script, symbol)
local success,disableInfo = autoAssemble(script)
if not success then return nil, disableInfo end
local addr = getAddress(symbol)
autoAssemble(script, disableInfo)
return addr
end
function AOBScanRegion(start, stop,bytestr)
local script = ([[
[ENABLE]
aobscanregion(luaAOBScanRegionSymbol,%X,%X,%s)
registersymbol(luaAOBScanRegionSymbol)
[DISABLE]
unregistersymbol(luaAOBScanRegionSymbol)
]]):format(getAddress(start), getAddress(stop), bytestr)
return AOBScanAA(script, 'luaAOBScanRegionSymbol')
end
function RepAob(search, replace)
local aob = AOBScan(search)
if aob then
for i=0,aob.Count-1 do
autoAssemble(aob[i]..':\ndb '..replace)
end
aob.Destroy()
return true
else
return false
end
end
--------------------------------------------
function VerifyBaseAdr(baseaddr)
if(readInteger(baseaddr)==1179403647) then
return true
else
return false
end
end
function FindLibBase(sRange,eRange,HeaderPattern)
baseaddr = AOBScanRegion(sRange,eRange,HeaderPattern)
if(baseaddr==0) then
messageDialog("Error:1 :Lib Base Address not found!", mtError, mbOK)
os.exit()
closeCE()
return 0
else
return baseaddr
end
end
function GetLibBaseAddr(SPointer,sRange,eRange,HeaderPattern)
if(isEmuVbox ==true)then
return 0
end
local baseaddr = readInteger(SPointer)
if(baseaddr==0) then
return FindLibBase(sRange,eRange,HeaderPattern)
end
if(VerifyBaseAdr(baseaddr)==true) then
return baseaddr;
else
return FindLibBase(sRange,eRange,HeaderPattern)
end
return 0
end
--------------------------------------------
local Uebaseaddr=0
function MemoryManager(Offset,FeatureName,OrgBytes, RepBytes,bEnable)
if(Uebaseaddr==0)then
Uebaseaddr= GetLibBaseAddr(0xE0C36E8,startRange,endRange,"7F 45 4C 46 01 01 01 00 00 00 00 00 00 00 00 00 03 00 28 00 01 00 00 00 00 00 00 00 34 00 00 00 24 66 67")
end
if(Uebaseaddr==0)then
UpdateStatus("Base Address Zero "..FeatureName)
return
end
if bEnable == true then
UpdateStatus("Activating "..FeatureName)
if(isEmuVbox == true) then
if(RepAob(OrgBytes,RepBytes) ==false) then
UpdateStatus(FeatureName.." Pattern Not Found")
return
end
else
writeBytes(Uebaseaddr+Offset, StrToByte(RepBytes))
end
UpdateStatus(FeatureName .." Activated")
else
UpdateStatus("Deactivating "..FeatureName)
if(isEmuVbox == true) then
stat = RepAob(RepBytes,OrgBytes)
else
writeBytes(Uebaseaddr+Offset, StrToByte(OrgBytes))
end
UpdateStatus(FeatureName .." Deactivated")
end
end
function StartProcess(sender)
local ProcName = getRef(sender.Tag).EmuProcName
isEmuVbox = getRef(sender.Tag).Vbox
startRange =getRef(sender.Tag).StartRange
endRange =getRef(sender.Tag).EndRange
local p = io.popen('tasklist /fi "IMAGENAME eq '..ProcName..'.exe" /fi "MEMUSAGE gt 200000" /nh', 'r');
local procInfo = p:read('*a');
p:close();
local pid = procInfo:match('%d+');
pid = tonumber(pid);
if(pid == nil)then
messageDialog("Game Must Be Running!!", mtError, mbOK)
else
openProcess(pid)
EmuSelection.hide()
ShowMainForm()
EmuSelection.close()
end
end
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------------Helper------------------
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------Main Function--------------
-----------/\/\/\/\/\/\/\/\/\/-----------
function ecnirp(sender)
ClearOutput()
local BEnable = getRef(sender.Tag).Param
--Shared By 0xPrince
-----IPad View--------
if checkbox_getState(IpadChk)== 1 then
MemoryManager(0x3CB57A4,"IPad View",'00 00 B4 43 5C 5C 93 03 80 FA 75 03 30 48','00 00 82 43 5C 5C 93 03 80 FA 75 03 30 48',BEnable)
end
-----No Recoil--------
if checkbox_getState(NoRecChk)== 1 then
MemoryManager(0x13DFC8C,"No Recoil",'50 0A 84 ED 2C 00 96 E5 00 00 50 E3 31','00 00 00 00 2C 00 96 E5 00 00 50 E3 31',BEnable)
end
-----NIGHT MODE--------
if checkbox_getState(NgtModChk)== 1 then
MemoryManager(0x32E4BF8,"Night Mode",'42 2A B1 EE 58 0A 8D ED 59 1A 8D ED 5A','00 00 00 00 58 0A 8D ED 59 1A 8D ED 5A',BEnable)
end
-----X HIT--------
if checkbox_getState(XhitChk)== 1 then
MemoryManager(0x1BD4B90,"X hit",'05 0A 28 EE 18 70 8D E5 14 50 8D E5 10 50 8D E5','00 00 00 00 18 70 8D E5 14 50 8D E5 10 50 8D E5',BEnable)
end
-----NO TREE--------
if checkbox_getState(NoTreeChk)== 1 then
MemoryManager(0x3DBB59C,"No Tree",'10 FA F1 EE 26 00 00 DA C6 0A B1 EE 0D 1A 96 ED','00 00 00 00 26 00 00 DA C6 0A B1 EE 0D 1A 96 ED',BEnable)
end
-----Luffy Hand--------
if checkbox_getState(LfyHndChk)== 1 then
MemoryManager(0x28EEDEC,"Luffy Hand",'A9 99 F4 F3 F6 0D 40 F3 AB 89 F4 F3 E5','00 00 00 00 F6 0D 40 F3 AB 89 F4 F3 E5',BEnable)
end
-----Instant Hit--------
if checkbox_getState(SMLCrosChk)== 1 then
MemoryManager(0x3D4E064,"Instant Hit",'4E 8A 38 EE E0 00 DD E5 01 00 10 E3 23 00 00','00 00 00 00 E0 00 DD E5 01 00 10 E3 23 00 00',BEnable)
end
-----No Headshot--------
if checkbox_getState(NoHsChk)== 1 then
MemoryManager(0x40F2810,"No Headshot",'CD CC CC 3D 00 00 00 00 D8 F2 7E 03 CC F2 7E 03 C0 F2 7E 03','00 00 20 42 00 00 00 00 D8 F2 7E 03 CC F2 7E 03 C0 F2 7E 03',BEnable)
end
-----NO GRASS--------
if checkbox_getState(NoGrsChk)== 1 then
MemoryManager(0x28C5E28,"No Grass",'00 00 53 E3 2E 00 00 0A 3A 1A DF ED 5F 46 C3','00 00 00 00 2E 00 00 0A 3A 1A DF ED 5F 46 C3',BEnable)
end
-----BLACK SKY--------
if checkbox_getState(BlkSkyChk)== 1 then
MemoryManager(0x3F7857C,"Black Sky",'5A 00 00 EA 00 00 00 00 00 F0 20 E3 00 F0 20 E3 00 F0 20 E3','5A 00 00 EA AD C5 27 B7 00 F0 20 E3 00 F0 20 E3 00 F0 20 E3',BEnable)
end
-----BLACK BODY--------
if checkbox_getState(BlkBdyChk)== 1 then
MemoryManager(0x3171358,"Black Body",'17 B7 D1 38 00 00 00 00 D0 4C 2D E9 10 B0 8D E2','00 00 E0 40 00 00 00 00 D0 4C 2D E9 10 B0 8D E2',BEnable)
end
-----Small Crosshair--------
if checkbox_getState(SMLCrosChk)== 1 then
MemoryManager(0x1E49E4C,"Small Crosshair",'00 0A 90 1D 10 0A 10 EE 1E FF 2F E1 70 1B 90 E5 00 00 A0 E3','01 00 00 00 10 0A 10 EE 1E FF 2F E1 70 1B 90 E5 00 00 A0 E3',BEnable)
end
return true
end
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------Main Function--------------
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------/\/\/\/\/\/\/\/\/\/-------------
---------Emulator Selection Controls----------
--------------/\/\/\/\/\/\/\/\/\/-------------
EmuSelection = createForm(true)
EmuSelection.Caption = 'PUBGM HACK SCRIPT 1.9'
EmuSelection.Width = 360
EmuSelection.Height = 200
GameloopSel = createButton(EmuSelection)
GameloopParamData={}
GameloopParamData.EmuProcName = "aow_exe"
GameloopParamData.Vbox = false
GameloopParamData.StartRange = 0x26000000
GameloopParamData.EndRange = 0x60000000
GameloopSel.Tag=createRef(GameloopParamData)
GameloopSel.Left = 12
GameloopSel.Top = 17
GameloopSel.Width = 331
GameloopSel.Height = 33
GameloopSel.onClick = StartProcess
GameloopSel.Caption = 'Gameloop'
SmartGaGaSel = createButton(EmuSelection)
SmartGaGaParamData={}
SmartGaGaParamData.EmuProcName = "AndroidProcess"
SmartGaGaParamData.Vbox = false
SmartGaGaParamData.StartRange = 0x70000000
SmartGaGaParamData.EndRange = 0x90000000
SmartGaGaSel.Tag=createRef(SmartGaGaParamData)
SmartGaGaSel.Left = 12
SmartGaGaSel.Top = 61
SmartGaGaSel.Width = 331
SmartGaGaSel.Height = 33
SmartGaGaSel.onClick = StartProcess
SmartGaGaSel.Caption = 'SmartGaGa'
LdPlayerSel = createButton(EmuSelection)
LdPlayerParamData={}
LdPlayerParamData.EmuProcName = "LdVBoxHeadless"
LdPlayerParamData.Vbox = true
LdPlayerParamData.StartRange = 0x0
LdPlayerParamData.EndRange = 0x7ffffffff
LdPlayerSel.Tag=createRef(LdPlayerParamData)
LdPlayerSel .Left = 12
LdPlayerSel .Top = 105
LdPlayerSel .Width = 331
LdPlayerSel .Height = 33
LdPlayerSel .onClick = StartProcess
LdPlayerSel .Caption = 'Ld Player'
MemuSel = createButton(EmuSelection)
MemuParamData={}
MemuParamData.EmuProcName = "MEmuHeadless"
MemuParamData.Vbox = true
MemuParamData.StartRange = 0x0
MemuParamData.EndRange = 0x7ffffffff
MemuSel.Tag=createRef(LdPlayerParamData)
MemuSel .Left = 12
MemuSel .Top = 149
MemuSel .Width = 331
MemuSel .Height = 33
MemuSel .onClick = StartProcess
MemuSel .Caption = 'Memu'
--------------/\/\/\/\/\/\/\/\/\/-------------
---------Emulator Selection Controls----------
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------Main Form Controls--------------
--------------/\/\/\/\/\/\/\/\/\/-------------
--MAINFORM
function ShowMainForm()
MainForm = createForm(true)
MainForm.Caption = ''
MainForm.Width = 427
MainForm.Height = 245
MainForm.Color = 0x242422
MainTitle = createLabel(MainForm)
MainTitle.Caption = 'PUBGM HACK SCRIPT 1.9'
MainTitle.Left = 75
MainTitle.Top = 10
MainTitle.Font.Color = 0xffFF
MainTitle.Font.Size = 17
--IPADVIEW CHECKBOX
IpadChk = createCheckBox( MainForm );
IpadChk.Left = 40
IpadChk.Top = 60
IpadChk.Focused = false
IpadChk.focus = false
Ipadlb = createLabel(MainForm)
Ipadlb.Caption = 'IPad View'
Ipadlb.Left = IpadChk.Left+19
Ipadlb.Top = IpadChk.Top+2
Ipadlb.Font.Color = 0xffffff
--NO-RECOIL CHECKBOX
NoRecChk = createCheckBox( MainForm );
NoRecChk.Caption = ''
NoRecChk.Left = IpadChk.Left+75
NoRecChk.Top = IpadChk.Top
NoReclb = createLabel(MainForm)
NoReclb.Caption = 'No Recoil'
NoReclb.Left = NoRecChk.Left+19
NoReclb.Top = IpadChk.Top+2
NoReclb.Font.Color = 0xffffff
--NIGHT MODE CHECKBOX
NgtModChk = createCheckBox( MainForm );
NgtModChk.Caption = ''
NgtModChk.Left = NoRecChk.Left+90
NgtModChk.Top = IpadChk.Top
NgtModlb = createLabel(MainForm)
NgtModlb.Caption = 'Night Mode'
NgtModlb.Left = NgtModChk.Left+19
NgtModlb.Top = IpadChk.Top+2
NgtModlb.Font.Color = 0xffffff
--X HIT CHECKBOX
XhitChk = createCheckBox( MainForm );
XhitChk.Caption = ''
XhitChk.Left = NgtModChk.Left+90
XhitChk.Top = NgtModChk.Top
Xhitlb = createLabel(MainForm)
Xhitlb.Caption = 'X Hit'
Xhitlb.Left = XhitChk.Left+19
Xhitlb.Top = XhitChk.Top+2
Xhitlb.Font.Color = 0xffffff
--Next Line
--NO TREE CHECKBOX
NoTreeChk = createCheckBox( MainForm );
NoTreeChk.Caption = ''
NoTreeChk.Color = 0xfff
NoTreeChk.Left = 40
NoTreeChk.Top = IpadChk.Top+20
NoTreelb = createLabel(MainForm)
NoTreelb.Caption = 'No Tree'
NoTreelb.Left = NoTreeChk.Left+19
NoTreelb.Top = NoTreeChk.Top+2
NoTreelb.Font.Color = 0xffffff
--LUFFY HAND CHECKBOX
LfyHndChk = createCheckBox( MainForm );
LfyHndChk.Caption = ''
LfyHndChk.Color = 0xfff
LfyHndChk.Left =NoTreeChk.Left +75
LfyHndChk.Top = NoTreeChk.Top
LfyHndlb = createLabel(MainForm)
LfyHndlb.Caption = 'Luffy Hand'
LfyHndlb.Left = LfyHndChk.Left+19
LfyHndlb.Top = LfyHndChk.Top+2
LfyHndlb.Font.Color = 0xffffff
--INSTANT HT CHECKBOX
InshtChk = createCheckBox( MainForm );
InshtChk.Caption = ''
InshtChk.Color = 0xfff
InshtChk.Left =LfyHndChk.Left +90
InshtChk.Top = LfyHndChk.Top
Inshtlb = createLabel(MainForm)
Inshtlb.Caption = 'Instant Hit'
Inshtlb.Left = InshtChk.Left+19
Inshtlb.Top = InshtChk.Top+2
Inshtlb.Font.Color = 0xffffff
--NO HEADSHOT CHECKBOX
NoHsChk = createCheckBox( MainForm );
NoHsChk.Caption = ''
NoHsChk.Color = 0xfff
NoHsChk.Left =InshtChk.Left +90
NoHsChk.Top = InshtChk.Top
NoHslb = createLabel(MainForm)
NoHslb.Caption = 'No Headshot'
NoHslb.Left = NoHsChk.Left+19
NoHslb.Top = NoHsChk.Top+2
NoHslb.Font.Color = 0xffffff
--Next Line
--NO GRASS CHECKBOX
NoGrsChk = createCheckBox( MainForm );
NoGrsChk.Caption = ''
NoGrsChk.Color = 0xfff
NoGrsChk.Left = 40
NoGrsChk.Top = NoTreeChk.Top+20
NoGrslb = createLabel(MainForm)
NoGrslb.Caption = 'No Grass'
NoGrslb.Left = NoGrsChk.Left+19
NoGrslb.Top = NoGrsChk.Top+2
NoGrslb.Font.Color = 0xffffff
--BLACK SKY CHECKBOX
BlkSkyChk = createCheckBox( MainForm );
BlkSkyChk.Caption = ''
BlkSkyChk.Color = 0xfff
BlkSkyChk.Left =NoGrsChk.Left +75
BlkSkyChk.Top = NoGrsChk.Top
BlkSkylb = createLabel(MainForm)
BlkSkylb.Caption = 'Black Sky'
BlkSkylb.Left = BlkSkyChk.Left+19
BlkSkylb.Top = BlkSkyChk.Top+2
BlkSkylb.Font.Color = 0xffffff
--BLACK BODY CHECKBOX
BlkBdyChk = createCheckBox( MainForm );
BlkBdyChk.Caption = ''
BlkBdyChk.Color = 0xfff
BlkBdyChk.Left =BlkSkyChk.Left +90
BlkBdyChk.Top = BlkSkyChk.Top
BlkBdylb = createLabel(MainForm)
BlkBdylb.Caption = 'Black Body'
BlkBdylb.Left = BlkBdyChk.Left+19
BlkBdylb.Top = BlkBdyChk.Top+2
BlkBdylb.Font.Color = 0xffffff
--SMALL CROSSHAIR
SMLCrosChk = createCheckBox( MainForm );
SMLCrosChk.Caption = ''
SMLCrosChk.Color = 0xfff
SMLCrosChk.Left =BlkBdyChk.Left +90
SMLCrosChk.Top = BlkBdyChk.Top
SMLCroslb = createLabel(MainForm)
SMLCroslb.Caption = 'Small Crosshair'
SMLCroslb.Left = SMLCrosChk.Left+19
SMLCroslb.Top = SMLCrosChk.Top+2
SMLCroslb.Font.Color = 0xffffff
-----Activate Btn-----
activatebtn = createButton(MainForm)
ActBtnParamData={}
ActBtnParamData.Param = true
activatebtn.Tag= createRef(ActBtnParamData)
activatebtn.Font.Color = 0x9b9b9b
activatebtn.Left = 15
activatebtn.Top = 140
activatebtn.Width = 395
activatebtn.Height = 37
activatebtn.onClick = ecnirp
activatebtn.Caption = 'Activate'
-----Deactivate Btn-----
Deactivatebtn = createButton(MainForm)
DeactBtnParamData={}
DeactBtnParamData.Param = false
Deactivatebtn.Tag=createRef(DeactBtnParamData)
Deactivatebtn.Left = activatebtn.Left
Deactivatebtn.Top = activatebtn.Top+40
Deactivatebtn.Width = 395
Deactivatebtn.Height = 37
Deactivatebtn.onClick = ecnirp
Deactivatebtn.Caption = 'Deactivate'
Deactivatebtn.Font.Color = 0xfffff
StatusText = createLabel(MainForm)
StatusText.Caption = 'Status: Ready'
StatusText.Left = 15
StatusText.Top = 223
StatusText.Font.Color = 0xffFFff
StatusText.Font.Size = 10
lbac = createLabel(MainForm)
lbac.Caption = '0xPrince'
lbac.Left = 370
lbac.Top = StatusText.Top
lbac.Font.Color = 0xffF
lbac.Font.Size = 9
end
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------Main Form Controls--------------
--------------/\/\/\/\/\/\/\/\/\/-------------
</LuaScript>
</CheatTable>EMULATOR BYPASS
AOB & Offsets
AOB & Offsets
Kod:
--Libanogs
Offset: 0x3716A
SCAN: 87 00 A8 03 A8 03 A8 03 91 00
REPLACE: 59 00 A8 03 A8 03 A8 03 91 00
Offset: 5E9B6
SCAN: 51 B1 0A 46 D1 F8 02 10 31 B1 12 88 22 B1
REPLACE: 51 B1 0A 46 D1 F8 01 10 31 B1 12 88 22 B1
Offset: 5E9D4
SCAN: 51 B1 0A 46 D1 F8 02 10 31 B1 12 88 22 B1
REPLACE: 51 B1 0A 46 D1 F8 01 10 31 B1 12 88 22 B1
--LibUE4
Offset: 0x740CA70
SCAN: 3C 35 00 00 00 00 00 00 3D 35 00 00 00 00 00 00 01 00
REPLACE: 3C 35 00 00 00 00 00 00 3D 35 00 00 00 00 00 00 00 00
Offset: 0x253ED18
SCAN: F0 4F 2D E9 1C B0 8D E2 14 D0 4D E2 00 A0 A0 E1 0C 06
REPLACE: 00 00 A0 E3 1E FF 2F E1
Offset: 0x255ACBC
SCAN: F0 48 2D E9 10 B0 8D E2 62 DF 4D E2 C8 01 9F E5 01 40
REPLACE: 00 00 A0 E3 1E FF 2F E1
Offset: 0x24C2412
SCAN: ED 03 70 4C 2D E9 10 B0 8D E2 10 D0 4D E2 00 40 A0 E1
REPLACE: ED 03 00 00 A0 E3 1E FF 2F E1CT SCRIPT
Kod:
<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="38">
<CheatEntries/>
<UserdefinedSymbols/>
<LuaScript>
--Author 0xPrince
------PUBGM V1.9 Emulator Bypass------
dbk_initialize()
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
if getOpenedProcessID() then openProcess(getOpenedProcessID()) end
dbk_writesIgnoreWriteProtection(true)
local isEmuVbox = false
local uestartRange = 0
local ueendRange = 0x7ffffffff
local anogstartRange = 0
local anogendRange = 0x7ffffffff
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------------Helper------------------
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------------------------------------
function ClearOutput()
GetLuaEngine().MenuItem5.doClick()
end
--------------------------------------------
function StrToByte(strbytes)
local retbyte = {}
for hex in string.gmatch(strbytes, "%S+") do
local size = #retbyte + 1
retbyte[size] = tonumber(hex, 16)
end
return retbyte
end
--------------------------------------------
function AOBScanAA(script, symbol)
local success,disableInfo = autoAssemble(script)
if not success then return nil, disableInfo end
local addr = getAddress(symbol)
autoAssemble(script, disableInfo)
return addr
end
function AOBScanRegion(start, stop,bytestr)
local script = ([[
[ENABLE]
aobscanregion(luaAOBScanRegionSymbol,%X,%X,%s)
registersymbol(luaAOBScanRegionSymbol)
[DISABLE]
unregistersymbol(luaAOBScanRegionSymbol)
]]):format(getAddress(start), getAddress(stop), bytestr)
return AOBScanAA(script, 'luaAOBScanRegionSymbol')
end
function RepAob(search, replace)
local aob = AOBScan(search)
if aob then
for i=0,aob.Count-1 do
autoAssemble(aob[i]..':\ndb '..replace)
end
aob.Destroy()
return true
else
return false
end
end
--------------------------------------------
function GetLibBaseAddr(SPointer,sRange,eRange,HeaderPattern)
if(isEmuVbox ==true)then
return 0
end
local baseaddr = readInteger(SPointer)
if(baseaddr==0) then
baseaddr = AOBScanRegion(sRange,eRange,HeaderPattern)
if(baseaddr==nil) then
messageDialog("Error:1 :Lib Base not found!", mtError, mbOK)
os.exit()
closeCE()
return 0
end
end
if(readInteger(baseaddr)==1179403647) then
return baseaddr
else
messageDialog("Error:2 :Lib Base not found!", mtError, mbOK)
os.exit()
closeCE()
return 0
end
return 0
end
--------------------------------------------
function WriteMemory(WriteAddress,OrgBytes, RepBytes)
if(isEmuVbox == true) then
if(RepAob(OrgBytes,RepBytes) ==false) then
messageDialog("Bypass Pattern Not Found", mtWarning, mbOK)
return
end
else
writeBytes(WriteAddress, StrToByte(RepBytes))
end
end
function StartProcess(sender)
local ProcName = getRef(sender.Tag).EmuProcName
isEmuVbox = getRef(sender.Tag).Vbox
uestartRange =getRef(sender.Tag).UESRange
ueendRange =getRef(sender.Tag).UEERange
anogstartRange =getRef(sender.Tag).AnogSRange
anogendRange =getRef(sender.Tag).AnogERange
local p = io.popen('tasklist /fi "IMAGENAME eq '..ProcName..'.exe" /fi "MEMUSAGE gt 200000" /nh', 'r');
local procInfo = p:read('*a');
p:close();
local pid = procInfo:match('%d+');
pid = tonumber(pid);
if(pid == nil)then
messageDialog("Game Must Be Running!!", mtError, mbOK)
else
openProcess(pid)
EmuSelection.hide()
ShowMainForm()
EmuSelection.close()
end
end
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------------Helper------------------
-----------/\/\/\/\/\/\/\/\/\/-----------
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------Main Function--------------
-----------/\/\/\/\/\/\/\/\/\/-----------
function ecnirp(sender)
ClearOutput()
local Libuebaseaddr= GetLibBaseAddr(0xE0C36E8,uestartRange,ueendRange,"7F 45 4C 46 01 01 01 00 00 00 00 00 00 00 00 00 03 00 28 00 01 00 00 00 00 00 00 00 34 00 00 00 24 66 67")
local Libanogsbaseaddr =GetLibBaseAddr(0xE0C1228,anogstartRange, anogendRange, "7F 45 4C 46 01 01 01 00 00 00 00 00 00 00 00 00 03 00 28 00 01 00 00 00 00 00 00 00 34 00 00 00 08 BD 3C")
--Libanogs
WriteMemory(Libanogsbaseaddr + 0x3716A,'87 00 A8 03 A8 03 A8 03 91 00','59 00 A8 03 A8 03 A8 03 91 00')
WriteMemory(Libanogsbaseaddr + 0x5E9B6,'51 B1 0A 46 D1 F8 02 10 31 B1 12 88 22 B1','51 B1 0A 46 D1 F8 01 10 31 B1 12 88 22 B1')
WriteMemory(Libanogsbaseaddr + 0x5E9D4,'51 B1 0A 46 D1 F8 02 10 31 B1 12 88 22 B1','51 B1 0A 46 D1 F8 01 10 31 B1 12 88 22 B1')
--LibUE4
WriteMemory(Libuebaseaddr + 0x740CA70,'3C 35 00 00 00 00 00 00 3D 35 00 00 00 00 00 00 01 00','3C 35 00 00 00 00 00 00 3D 35 00 00 00 00 00 00 00 00')
WriteMemory(Libuebaseaddr + 0x253ED18,'F0 4F 2D E9 1C B0 8D E2 14 D0 4D E2 00 A0 A0 E1 0C 06','00 00 A0 E3 1E FF 2F E1')
WriteMemory(Libuebaseaddr + 0x255ACBC,'F0 48 2D E9 10 B0 8D E2 62 DF 4D E2 C8 01 9F E5 01 40','00 00 A0 E3 1E FF 2F E1')
WriteMemory(Libuebaseaddr + 0x24C2412,'ED 03 70 4C 2D E9 10 B0 8D E2 10 D0 4D E2 00 40 A0 E1','ED 03 00 00 A0 E3 1E FF 2F E1')
messageDialog("Game Bypassed", mtWarning, mbOK)
return true
--Shared By 0xPrince
end
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------Main Function--------------
-----------/\/\/\/\/\/\/\/\/\/-----------
--------------/\/\/\/\/\/\/\/\/\/-------------
---------Emulator Selection Controls----------
--------------/\/\/\/\/\/\/\/\/\/-------------
EmuSelection = createForm(true)
EmuSelection.Caption = 'PUBGM Emulator Bypass 1.9'
EmuSelection.Width = 360
EmuSelection.Height = 200
GameloopSel = createButton(EmuSelection)
GameloopParamData={}
GameloopParamData.EmuProcName = "aow_exe"
GameloopParamData.Vbox = false
GameloopParamData.UESRange = 0x26000000
GameloopParamData.UEERange = 0x60000000
GameloopParamData.AnogSRange = 0x35000000
GameloopParamData.AnogERange = 0x45000000
GameloopSel.Tag=createRef(GameloopParamData)
GameloopSel.Left = 12
GameloopSel.Top = 17
GameloopSel.Width = 331
GameloopSel.Height = 33
GameloopSel.onClick = StartProcess
GameloopSel.Caption = 'Gameloop'
SmartGaGaSel = createButton(EmuSelection)
SmartGaGaParamData={}
SmartGaGaParamData.EmuProcName = "AndroidProcess"
SmartGaGaParamData.Vbox = false
SmartGaGaParamData.UESRange = 0x70000000
SmartGaGaParamData.UEERange = 0x90000000
SmartGaGaParamData.AnogSRange = 0x3400000
SmartGaGaParamData.AnogERange = 0x5400000
SmartGaGaSel.Tag=createRef(SmartGaGaParamData)
SmartGaGaSel.Left = 12
SmartGaGaSel.Top = 61
SmartGaGaSel.Width = 331
SmartGaGaSel.Height = 33
SmartGaGaSel.onClick = StartProcess
SmartGaGaSel.Caption = 'SmartGaGa'
LdPlayerSel = createButton(EmuSelection)
LdPlayerParamData={}
LdPlayerParamData.EmuProcName = "LdVBoxHeadless"
LdPlayerParamData.Vbox = true
LdPlayerParamData.UESRange = 0x0
LdPlayerParamData.UEERange = 0x7ffffffff
LdPlayerParamData.AnogSRange = 0x0
LdPlayerParamData.AnogERange = 0x7ffffffff
LdPlayerSel.Tag=createRef(LdPlayerParamData)
LdPlayerSel .Left = 12
LdPlayerSel .Top = 105
LdPlayerSel .Width = 331
LdPlayerSel .Height = 33
LdPlayerSel .onClick = StartProcess
LdPlayerSel .Caption = 'Ld Player'
MemuSel = createButton(EmuSelection)
MemuParamData={}
MemuParamData.EmuProcName = "MEmuHeadless"
MemuParamData.Vbox = true
MemuParamData.UESRange = 0x0
MemuParamData.UEERange = 0x7ffffffff
MemuParamData.AnogSRange = 0x0
MemuParamData.AnogERange = 0x7ffffffff
MemuSel.Tag=createRef(LdPlayerParamData)
MemuSel .Left = 12
MemuSel .Top = 149
MemuSel .Width = 331
MemuSel .Height = 33
MemuSel .onClick = StartProcess
MemuSel .Caption = 'Memu'
--------------/\/\/\/\/\/\/\/\/\/-------------
---------Emulator Selection Controls----------
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------Main Form Controls--------------
--------------/\/\/\/\/\/\/\/\/\/-------------
function ShowMainForm()
--MAINFORM
MainForm = createForm(true)
MainForm.Caption = ''
MainForm.Width = 427
MainForm.Height = 128
MainForm.Color = 0x242422
MainTitle = createLabel(MainForm)
MainTitle.Caption = 'PUBGM Emulator Bypass 1.9'
MainTitle.Left = 75
MainTitle.Top = 10
MainTitle.Font.Color = 0xffFF
MainTitle.Font.Size = 17
-----Activate Btn-----
activatebtn = createButton(MainForm)
activatebtn.Font.Color = 0x9b9b9b
activatebtn.Left = 15
activatebtn.Top = 60
activatebtn.Width = 395
activatebtn.Height = 37
activatebtn.onClick = ecnirp
activatebtn.Caption = 'Bypass'
lbac = createLabel(MainForm)
lbac.Caption = '0xPrince'
lbac.Left = 370
lbac.Top = 110
lbac.Font.Color = 0xffF
lbac.Font.Size = 9
end
--------------/\/\/\/\/\/\/\/\/\/-------------
--------------Main Form Controls--------------
--------------/\/\/\/\/\/\/\/\/\/-------------
</LuaScript>
</CheatTable>
Lib BaseAddress Pointers
Code:
libtprtBase = Read<UINT>(0xE0C0928);
libgnustl_sharedBase = Read<UINT>(0xE0C0AA8);
libgcloudcoreBase = Read<UINT>(0xE0C0DA8);
libTDataMasterBase = Read<UINT>(0xE0C0F28);
libgcloudBase = Read<UINT>(0xE0C10A8);
libanogsBase = Read<UINT>(0xE0C1228);
libGCloudVoiceBase = Read<UINT>(0xE0C13A8);
libhelpshiftlistenerBase = Read<UINT>(0xE0C1528);
libITOPBase = Read<UINT>(0xE0C16A8);
libigshareBase = Read<UINT>(0xE0C1828);
libijkffmpegBase = Read<UINT>(0xE0C21E8);
libswappyBase = Read<UINT>(0xE0C2AE8);
libvlinkBase = Read<UINT>(0xE0C2C68);
libINTLComplianceBase = Read<UINT>(0xE0C2DE8);
libPandoraVideoBase = Read<UINT>(0xE0C30E8);
libCrashSightCoreBase = Read<UINT>(0xE0C3268);
libUE4Base = Read<UINT>(0xE0C36E8);
libc++_sharedBase = Read<UINT>(0xE0C3928);
libmarsxlogBase = Read<UINT>(0xE0C3AA8);
libdiscord_connect_sdk_android = Read<UINT>(0xE0C3C28);
libCrashSightBase = Read<UINT>(0xE0C3E68);
libcubehawkBase = Read<UINT>(0xE0C3FE8);
libtgpaBase = Read<UINT>(0xE0C4168);Detection Offsets
Kod:
if(Read<int>(LibueBase + 0x7423610) != 1 && Read<int>(libue + 0x761A4AC) == 1)
{
//Login Screen
}
if(Read<int>(LibueBase + 0x7412DC8) == 1)
{
//--Lobby
}
if(Read<int>(LibueBase + 0x77802E8) == 1)
{
//--KRAFTON Screen
}
