Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to find adresses from Cheat Table?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
lewis08
How do I cheat?
Reputation: 0

Joined: 18 Jul 2023
Posts: 8
PostPosted: Thu Jul 20, 2023 7:56 am    Post subject: How to find adresses from Cheat Table? Reply with quote
Hi, i have a CT which i found from Internet. I want to extract the adresses of some of the features to make a external trainer. How can i find the 4byte (int) adresses of the features of CT. For example Race-Engine Power-Engine Power Rate [Player] ?

Here is the CT in Notepad (paste it in notepad and change extension to .CT, i cannot upload CT directly since its too large)
Code:

<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="38">
  <CheatEntries>
    <CheatEntry>
      <ID>0</ID>
      <Description>"F1 22 - Game Version 1.10+"</Description>
      <Options moHideChildren="1"/>
      <LastState Value="" RealAddress="00000000"/>
      <GroupHeader>1</GroupHeader>
      <CheatEntries>
        <CheatEntry>
          <ID>161</ID>
          <Description>"Career"</Description>
          <Options moHideChildren="1"/>
          <LastState/>
          <Color>0080FF</Color>
          <VariableType>Auto Assembler Script</VariableType>
          <AssemblerScript>[ENABLE]
aobScanModule(PerkFundAOB,F1_22.exe, 48 8B 81 B8 02 00 00 45 33 C9)
aobScanModule(TeamMoneyAOB,F1_22.exe, 48 8B 81 98 02 00 00 45 33 C9)
aobScanModule(ResourceAOB,F1_22.exe, 48 8B 00 8B 40 04 48 8B CD)
aobScanModule(ResourceAddAOB,F1_22.exe, 48 C7 44 24 28 00 00 00 00 01 68 04)
aobScanModule(RivalryAOB,F1_22.exe, 8B 47 34 4C 8D 45 A8)
aobScanModule(DAcclaimAOB,F1_22.exe, F3 0F 5D 51 0C EB 03 0F 57 D2 48 8B CD)
aobScanModule(TAcclaimAOB,F1_22.exe, F3 0F 10 73 38 49 8B CA)
alloc(CareerMem,1024,ResourceAOB)
label(PerkFundReturn)
label(TeamMoneyReturn)
label(ResourceReturn)
label(ResourceAddReturn)
label(RivalryReturn)
label(DAcclaimReturn)
label(TAcclaimReturn)
label(PerkFundCode)
label(TeamMoneyCode)
label(ResourceCode)
label(ResourceAddCode)
label(ResourceAddCPUCode)
label(RivalryCode)
label(DAcclaimCode)
label(TAcclaimCode)
label(CareerData)
label(ResourceRate)
label(ResourceCPURate)
registersymbol(CareerData)
registersymbol(ResourceRate)
registersymbol(ResourceCPURate)
registersymbol(PerkFundAOB)
registersymbol(TeamMoneyAOB)
registersymbol(ResourceAOB)
registersymbol(ResourceAddAOB)
registersymbol(RivalryAOB)
registersymbol(DAcclaimAOB)
registersymbol(TAcclaimAOB)

CareerMem:

PerkFundCode:
  mov [CareerData+10], rcx
  add r9d,[rcx+10]
  add rcx,58
  jmp PerkFundReturn

TeamMoneyCode:
  mov [CareerData], rcx
  add r9d,[rcx+10]
  add rcx,58
  jmp TeamMoneyReturn

ResourceCode:
  mov rax,[rax]
  mov [CareerData+20], rax
  mov eax,[rax+04]
  jmp ResourceReturn

ResourceAddCode:
  mov qword ptr [rsp+28],00000000
  test ebp,ebp
  js ResourceAddReturn
  cvtsi2sd xmm0,ebp
  push rdi
  mov rdi,[CareerData+20]
  cmp rdi,rax
  jne ResourceAddCPUCode
  pop rdi
  mulsd xmm0,[ResourceRate]
  cvtsd2si ebp,xmm0
  jmp ResourceAddReturn
ResourceAddCPUCode:
  pop rdi
  mulsd xmm0,[ResourceCPURate]
  cvtsd2si ebp,xmm0
  jmp ResourceAddReturn

RivalryCode:
  mov [CareerData+50], rdi
  mov eax,[rdi+34]
  lea r8,[rbp-58]
  jmp RivalryReturn

DAcclaimCode:
  minss xmm2,[rcx+0C]
  mov [CareerData+30], rcx
  jmp DAcclaimReturn

TAcclaimCode:
  movss xmm6,[rbx+38]
  mov [CareerData+40], rbx
  jmp TAcclaimReturn

ResourceRate:
  dq 3FF0000000000000

ResourceCPURate:
  dq 3FF0000000000000

CareerData:
  dd 0

PerkFundAOB+60:
  jmp PerkFundCode
  db 90 90 90
PerkFundReturn:

TeamMoneyAOB+60:
  jmp TeamMoneyCode
  db 90 90 90
TeamMoneyReturn:

ResourceAOB:
  jmp ResourceCode
  db 90
ResourceReturn:

ResourceAddAOB:
  jmp ResourceAddCode
  db 90 90 90 90
ResourceAddReturn:

RivalryAOB:
  jmp RivalryCode
  db 90 90
RivalryReturn:

DAcclaimAOB:
  jmp DAcclaimCode
DAcclaimReturn:

TAcclaimAOB:
  jmp TAcclaimCode
TAcclaimReturn:

[DISABLE]
PerkFundAOB+60:
  db 44 03 49 10 48 83 C1 58
TeamMoneyAOB+60:
  db 44 03 49 10 48 83 C1 58
ResourceAOB:
  db 48 8B 00 8B 40 04
ResourceAddAOB:
  db 48 C7 44 24 28 00 00 00 00
RivalryAOB:
  db 8B 47 34 4C 8D 45 A8
DAcclaimAOB:
  db F3 0F 5D 51 0C
TAcclaimAOB:
  db F3 0F 10 73 38
unregistersymbol(CareerData)
unregistersymbol(ResourceRate)
unregistersymbol(ResourceCPURate)
unregistersymbol(PerkFundAOB)
unregistersymbol(TeamMoneyAOB)
unregistersymbol(ResourceAOB)
unregistersymbol(ResourceAddAOB)
unregistersymbol(RivalryAOB)
unregistersymbol(DAcclaimAOB)
unregistersymbol(TAcclaimAOB)
dealloc(CareerMem)

</AssemblerScript>
          <CheatEntries>
            <CheatEntry>
              <ID>175</ID>
              <Description>"Note: Values will only update on Team HQ overview screen except Rivals which updates on the Rivals screen"</Description>
              <LastState Value="" RealAddress="00000000"/>
              <Color>408000</Color>
              <GroupHeader>1</GroupHeader>
            </CheatEntry>
            <CheatEntry>
              <ID>162</ID>
              <Description>"Team Money"</Description>
              <Color>0080FF</Color>
              <VariableType>4 Bytes</VariableType>
              <Address>CareerData</Address>
              <Offsets>
                <Offset>10</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>163</ID>
              <Description>"Perk Fund (Only valid in Driver Career)"</Description>
              <Color>0080FF</Color>
              <VariableType>4 Bytes</VariableType>
              <Address>CareerData+10</Address>
              <Offsets>
                <Offset>10</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>164</ID>
              <Description>"Resource Points"</Description>
              <Color>0080FF</Color>
              <VariableType>4 Bytes</VariableType>
              <Address>CareerData+20</Address>
              <Offsets>
                <Offset>4</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>165</ID>
              <Description>"Team Acclaim"</Description>
              <Color>0080FF</Color>
              <VariableType>Float</VariableType>
              <Address>CareerData+40</Address>
              <Offsets>
                <Offset>38</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>166</ID>
              <Description>"Player Acclaim"</Description>
              <Color>0080FF</Color>
              <VariableType>Float</VariableType>
              <Address>CareerData+30</Address>
              <Offsets>
                <Offset>30</Offset>
              </Offsets>
            </CheatEntry>
            <CheatEntry>
              <ID>167</ID>
              <Description>"Resource Gain Rate [Player]"</Description>
              <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Gain
0.25:25%
0.5:50%
0.75:75%
0.9:90%
0.95:95%
1:Normal Gain
1.05:105%
1.10:110%
1.15:115%
1.20:120%
1.25:125%
1.5:150%
2:Double Gain
</DropDownList>
              <Color>FF0000</Color>
              <VariableType>Double</VariableType>
              <Address>ResourceRate</Address>
            </CheatEntry>
            <CheatEntry>
              <ID>168</ID>
              <Description>"Resource Gain Rate [Computer]"</Description>
              <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Gain
0.25:25%
0.5:50%
0.75:75%
0.9:90%
0.95:95%
1:Normal Gain
1.05:105%
1.10:110%
1.15:115%
1.20:120%
1.25:125%
1.5:150%
2:Double Gain
</DropDownList>
              <Color>FF0000</Color>
              <VariableType>Double</VariableType>
              <Address>ResourceCPURate</Address>
            </CheatEntry>
            <CheatEntry>
              <ID>169</ID>
              <Description>"Rivals (Only valid when you have a rival)"</Description>
              <LastState Value="" RealAddress="00000000"/>
              <Color>0000FF</Color>
              <GroupHeader>1</GroupHeader>
              <CheatEntries>
                <CheatEntry>
                  <ID>276</ID>
                  <Description>"Rival"</Description>
                  <DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">07:Lewis Hamilton
15:Valtteri Bottas
09:Max Verstappen
14:Sergio Perez
02:Daniel Ricciardo
54:Lando Norris
19:Lance Stroll
13:Sebastian Vettel
03:Fernando Alonso
17:Esteban Ocon
58:Charles Leclerc
00:Carlos Sainz
59:Pierre Gasly
94:Yuki Tsunoda
06:Kimi Räikkönen
74:Antonio Giovinazzi
81:Mick Schumacher
50:George Russell
63:Nicholas Latifi
47:Sean Galael
91:Dan Ticktum
80:Guanyu Zhou
82:Callum Ilott
92:Marcus Armstrong
93:Christian Lundgaard
95:Jehan Daruvala
49:Yuki Tsunoda
96:Suilherme Samaia
56:Luis Delétraz
97:Pedro Piquet
78:Nobuharu Matsushita
98:Felipe Drugovich
45:Artem Markelov
88:Giuliano Alesi
99:Robert Shwartzman
100:Roy Nissany
101:Marino Sato
53:Luca Ghiotto
71:Jack Tremblay
21:Martin Giles
22:Alex Murray
23:Lucas Roth
24:Igor Correia
25:Sophie Levasseur
26:Jonas Schiffer
27:Alain Forest
28:Jay Letourneau
29:Esto Saari
30:Yasar Atiyeh
31:Callisto Calabresi
32:Naota Izumi
33:Howard Clarke
35:Marie Laursen
36:Flavio Nieves
37:Peter Belousov
38:Klimek Michalski
39:Santiago Moreno
90:Michael Schumacher
77:Ayrton Senna
109:Jenson Button
04:Felipe Massa
110:David Coulthard
111:Nico Rosberg
11:Kevin Magnussen
112:Oscar Piastri
113:Liam Lawson
114:Juri Vips
115:Theo Pourchaire
116:Richard Verschoor
117:Lirim Zendeli
123:Enzo Fittipaldi
118:David Beckmann
89:Ralph Boschung
121:Alessio Deledda
122:Bent Viscaal
34:Wilhelm Kaufmann
70:Rashid Nair
76:Alain Prost
10:Nico Hulkenberg
125:Mark Webber
126:Jacques Villeneuve
</DropDownList>
                  <Color>0000FF</Color>
                  <VariableType>Byte</VariableType>
                  <Address>CareerData+50</Address>
                  <Offsets>
                    <Offset>2</Offset>
                  </Offsets>
                </CheatEntry>
                <CheatEntry>
                  <ID>171</ID>
                  <Description>"Player Points"</Description>
                  <Color>0000FF</Color>
                  <VariableType>4 Bytes</VariableType>
                  <Address>CareerData+50</Address>
                  <Offsets>
                    <Offset>30</Offset>
                  </Offsets>
                </CheatEntry>
                <CheatEntry>
                  <ID>172</ID>
                  <Description>"Rival Points"</Description>
                  <Color>0000FF</Color>
                  <VariableType>4 Bytes</VariableType>
                  <Address>CareerData+50</Address>
                  <Offsets>
                    <Offset>38</Offset>
                  </Offsets>
                </CheatEntry>
                <CheatEntry>
                  <ID>173</ID>
                  <Description>"Acclaim Gain"</Description>
                  <Color>0000FF</Color>
                  <VariableType>4 Bytes</VariableType>
                  <Address>CareerData+50</Address>
                  <Offsets>
                    <Offset>10</Offset>
                  </Offsets>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>277</ID>
              <Description>"Instant R&amp;D Development"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>0080FF</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(RNDAOB,F1_22.exe, 48 8B 87 98 00 00 00 80 78 FC 03)
alloc(RNDMem,512,RNDAOB)
label(Return)
registersymbol(RNDAOB)

RNDMem:
  mov rax,[rdi+00000098]
  mov byte ptr [rax-04],3
  jmp Return

RNDAOB:
  jmp RNDMem
  db 90 90
Return:

[DISABLE]
RNDAOB:
  db 48 8B 87 98 00 00 00
unregistersymbol(RNDAOB)
dealloc(RNDMem)

</AssemblerScript>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
        <CheatEntry>
          <ID>2</ID>
          <Description>"Race"</Description>
          <LastState Value="" RealAddress="00000000"/>
          <Color>408000</Color>
          <GroupHeader>1</GroupHeader>
          <CheatEntries>
            <CheatEntry>
              <ID>3</ID>
              <Description>"Note: CPU values will be used on player car while the CPU is in control of the car."</Description>
              <LastState Value="" RealAddress="00000000"/>
              <Color>000080</Color>
              <GroupHeader>1</GroupHeader>
            </CheatEntry>
            <CheatEntry>
              <ID>4</ID>
              <Description>"Engine Power"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(BHPAOB,F1_22.exe, F3 0F 59 83 4C 25 00 00)
alloc(BHPMem,512,BHPAOB)
label(Return)
label(CPUCode)
label(BHPRate)
label(BHPCPURate)
registersymbol(BHPRate)
registersymbol(BHPCPURate)
registersymbol(BHPAOB)

BHPMem:
  mulss xmm0,[rbx+0000254C]
  mov rax,[rbx+8]
  cmp dword ptr [rax+F0],1
  je CPUCode
  mulss xmm0,[BHPRate]
  jmp Return

CPUCode:
  mulss xmm0,[BHPCPURate]
  jmp Return

BHPRate:
  dd 3F800000

BHPCPURate:
  dd 3F800000

BHPAOB:
  jmp BHPMem
  db 90 90 90
Return:

[DISABLE]
BHPAOB:
  db F3 0F 59 83 4C 25 00 00
unregistersymbol(BHPRate)
unregistersymbol(BHPCPURate)
unregistersymbol(BHPAOB)
dealloc(BHPMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>5</ID>
                  <Description>"Engine Power Rate [Player]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0.75:75% Power
0.80:80% Power
0.85:85% Power
0.90:90% Power
0.95:95% Power
1:Normal Power
1.05:105% Power
1.10:110% Power
1.15:115% Power
1.20:120% Power
1.25:125% Power
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>BHPRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>147</ID>
                  <Description>"Engine Power Rate [Computer]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0.75:75% Power
0.80:80% Power
0.85:85% Power
0.90:90% Power
0.95:95% Power
1:Normal Power
1.05:105% Power
1.10:110% Power
1.15:115% Power
1.20:120% Power
1.25:125% Power
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>BHPCPURate</Address>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>260</ID>
              <Description>"Engine Wear"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(Engine_ICE_AOB,F1_22.exe, F3 0F 58 A3 00 25 00 00)
aobScanModule(Engine_MGUK_AOB,F1_22.exe, F3 0F 58 87 10 25 00 00)
aobScanModule(Engine_MGUH_AOB,F1_22.exe, F3 0F 58 83 0C 25 00 00)
aobScanModule(Engine_ES_AOB,F1_22.exe, F3 0F 11 87 08 25 00 00)
aobScanModule(Engine_TC_AOB,F1_22.exe, F3 0F 58 83 04 25 00 00)
aobScanModule(Engine_CE_AOB,F1_22.exe, F3 0F 59 CD F3 0F 58 D9)
aobScanModule(Engine_Gearbox_AOB1,F1_22.exe, F3 0F 59 87 CC 9B 00 00 F3 0F 58 F0)
aobScanModule(Engine_Gearbox_AOB2,F1_22.exe, F3 0F 59 8F CC 9B 00 00)
aobScanModule(Engine_Gearbox_AOB3,F1_22.exe, F3 0F 59 84 24 C0 00 00 00 F3 0F 58 F0)
aobScanModule(Engine_Gearbox_AOB4,F1_22.exe, F3 0F 11 93 1C 07 00 00)
alloc(EngineMem,8192,Engine_ICE_AOB)
label(EngineRate)
label(Engine_ICE)
label(Engine_MGUK)
label(Engine_MGUH)
label(Engine_ES)
label(Engine_TC)
label(Engine_CE)
label(Engine_Gearbox1)
label(Engine_Gearbox2)
label(Engine_Gearbox3)
label(Engine_Gearbox4)
label(Return_ICE)
label(Return_MGUK)
label(Return_MGUH)
label(Return_ES)
label(Return_TC)
label(Return_CE)
label(Return_Gearbox1)
label(Return_Gearbox2)
label(Return_Gearbox3)
label(Return_Gearbox4)
registersymbol(EngineRate)
registersymbol(Engine_ICE_AOB)
registersymbol(Engine_MGUK_AOB)
registersymbol(Engine_MGUH_AOB)
registersymbol(Engine_ES_AOB)
registersymbol(Engine_TC_AOB)
registersymbol(Engine_CE_AOB)
registersymbol(Engine_Gearbox_AOB1)
registersymbol(Engine_Gearbox_AOB2)
registersymbol(Engine_Gearbox_AOB3)
registersymbol(Engine_Gearbox_AOB4)

EngineMem:

Engine_ICE:
  mulss xmm4,[EngineRate]
  addss xmm4,[rbx+00002500]
  lea rcx,[rbx+00002500]
  mov [EngineRate+10],rcx
  lea rcx,[rbx+00002510]
  mov [EngineRate+20],rcx
  lea rcx,[rbx+0000250C]
  mov [EngineRate+30],rcx
  lea rcx,[rbx+00002508]
  mov [EngineRate+40],rcx
  lea rcx,[rbx+00002504]
  mov [EngineRate+50],rcx
  lea rcx,[rbx+00002514]
  mov [EngineRate+60],rcx
  jmp Return_ICE

Engine_MGUK:
  mulss xmm0,[EngineRate]
  addss xmm0,[rdi+00002510]
  jmp Return_MGUK

Engine_MGUH:
  mulss xmm0,[EngineRate]
  addss xmm0,[rbx+0000250C]
  jmp Return_MGUH

Engine_ES:
  mulss xmm4,[EngineRate]
  addss xmm4,[rdi+00002508]
  jmp Return_ES

Engine_TC:
  mulss xmm0,[EngineRate]
  addss xmm0,[rbx+00002504]
  jmp Return_TC

Engine_CE:
  mulss xmm1,xmm5
  mulss xmm1,[EngineRate]
  addss xmm3,xmm1
  jmp Return_CE

Engine_Gearbox1:
  mulss xmm0,[rdi+00009BBC]
  mulss xmm0,[EngineRate]
  jmp Return_Gearbox1

Engine_Gearbox2:
  mulss xmm1,[rdi+00009BBC]
  mulss xmm1,[EngineRate]
  jmp Return_Gearbox2

Engine_Gearbox3:
  mulss xmm0,[rsp+000000C0]
  mulss xmm0,[EngineRate]
  jmp Return_Gearbox3

Engine_Gearbox4:
  movss [rbx+0000071C],xmm2
  push rcx
  lea rcx,[rbx+0000071C]
  mov [EngineRate+70],rcx
  pop rcx
  jmp Return_Gearbox4

EngineRate:
  dd 3F800000

Engine_ICE_AOB:
  jmp Engine_ICE
  db 90 90 90
Return_ICE:

Engine_MGUK_AOB:
  jmp Engine_MGUK
  db 90 90 90
Return_MGUK:

Engine_MGUH_AOB:
  jmp Engine_MGUH
  db 90 90 90
Return_MGUH:

Engine_ES_AOB:
  jmp Engine_ES
  db 90 90 90
Return_ES:

Engine_TC_AOB:
  jmp Engine_TC
  db 90 90 90
Return_TC:

Engine_CE_AOB:
  jmp Engine_CE
  db 90 90 90
Return_CE:

Engine_Gearbox_AOB1:
  jmp Engine_Gearbox1
  db 90 90 90
Return_Gearbox1:

Engine_Gearbox_AOB2:
  jmp Engine_Gearbox2
  db 90 90 90
Return_Gearbox2:

Engine_Gearbox_AOB3:
  jmp Engine_Gearbox3
  db 90 90 90 90
Return_Gearbox3:

Engine_Gearbox_AOB4:
  jmp Engine_Gearbox4
  db 90 90 90
Return_Gearbox4:

[DISABLE]
Engine_ICE_AOB:
  db F3 0F 58 A3 00 25 00 00
Engine_MGUK_AOB:
  db F3 0F 58 87 10 25 00 00
Engine_MGUH_AOB:
  db F3 0F 58 83 0C 25 00 00
Engine_ES_AOB:
  db F3 0F 11 87 08 25 00 00
Engine_TC_AOB:
  db F3 0F 58 83 04 25 00 00
Engine_CE_AOB:
  db F3 0F 59 CD F3 0F 58 D9
Engine_Gearbox_AOB1:
  db F3 0F 59 87 CC 9B 00 00
Engine_Gearbox_AOB2:
  db F3 0F 59 8F CC 9B 00 00
Engine_Gearbox_AOB3:
  db F3 0F 59 84 24 C0 00 00 00
Engine_Gearbox_AOB4:
  db F3 0F 11 93 1C 07 00 00
unregistersymbol(EngineRate)
unregistersymbol(Engine_ICE_AOB)
unregistersymbol(Engine_MGUK_AOB)
unregistersymbol(Engine_MGUH_AOB)
unregistersymbol(Engine_ES_AOB)
unregistersymbol(Engine_TC_AOB)
unregistersymbol(Engine_CE_AOB)
unregistersymbol(Engine_Gearbox_AOB1)
unregistersymbol(Engine_Gearbox_AOB2)
unregistersymbol(Engine_Gearbox_AOB3)
unregistersymbol(Engine_Gearbox_AOB4)
dealloc(EngineMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>261</ID>
                  <Description>"Engine Wear Rate"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Wear
0.25:25% Wear
0.5:50% Wear
0.75:75% Wear
1:Normal Wear
1.25:125% Wear
1.5:150% Wear
1.75:175% Wear
2:Double Wear
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>EngineRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>262</ID>
                  <Description>"Current Engine Wear"</Description>
                  <LastState Value="" RealAddress="00000000"/>
                  <Color>408000</Color>
                  <GroupHeader>1</GroupHeader>
                  <CheatEntries>
                    <CheatEntry>
                      <ID>263</ID>
                      <Description>"Note: F2 cars does not have MGU-H/MGU-K/ES"</Description>
                      <LastState Value="" RealAddress="00000000"/>
                      <Color>408000</Color>
                      <GroupHeader>1</GroupHeader>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>264</ID>
                      <Description>"Motor Generator Unit - Heat (MGU-H)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+30</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>265</ID>
                      <Description>"Energy Store (ES)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+40</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>266</ID>
                      <Description>"Control Electronics (CE)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+60</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>267</ID>
                      <Description>"Internal Combustion Engine (ICE)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+10</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>268</ID>
                      <Description>"Motor Generator Unit - Kinetic (MGU-K)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+20</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>269</ID>
                      <Description>"Turbo Charger (TC)"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+50</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                    <CheatEntry>
                      <ID>270</ID>
                      <Description>"Gearbox"</Description>
                      <Color>0080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>EngineRate+70</Address>
                      <Offsets>
                        <Offset>0</Offset>
                      </Offsets>
                    </CheatEntry>
                  </CheatEntries>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>17</ID>
              <Description>"Grip Rate"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(GripAOB,F1_22.exe, F3 0F 11 84 AF 40 06 00 00)
aobScanModule(TimeAOB,F1_22.exe, 48 8B 4F 38 40 0F B6 D6 48 89)
alloc(GripMem,512,GripAOB)
label(GripReturn)
label(TimeReturn)
label(TimeCode)
label(GripCode)
label(GripStartCode)
label(CPUCode)
label(GripRate)
label(GripCPURate)
label(GripTimer)
label(GripStart)
label(SessionTimer)
registersymbol(GripRate)
registersymbol(GripCPURate)
registersymbol(GripTimer)
registersymbol(GripStart)
registersymbol(SessionTimer)
registersymbol(GripAOB)
registersymbol(TimeAOB)

GripMem:
  mov rcx,[r14]
  movss xmm12,[SessionTimer]
  comiss xmm12,[GripTimer]
  jb GripStartCode

GripCode:
  xorps xmm12,xmm12
  cmp dword ptr [rcx+F0],1
  je CPUCode
  mulss xmm0,[GripRate]
  movss [rdi+rbp*4+00000640],xmm0
  jmp GripReturn

CPUCode:
  mulss xmm0,[GripCPURate]
  movss [rdi+rbp*4+00000640],xmm0
  jmp GripReturn

GripStartCode:
  cmp dword ptr [GripStart],1
  jne GripCode
  xorps xmm12,xmm12
  mulss xmm0,[GripRate]
  movss [rdi+rbp*4+00000640],xmm0
  jmp GripReturn

TimeCode:
  mov rcx,[rdi+38]
  movzx edx,sil
  movss [SessionTimer],xmm7
  jmp TimeReturn

GripRate:
  dd 3F800000

GripCPURate:
  dd 3F800000

SessionTimer:
  dd 00000000

GripTimer:
  dd 41700000

GripStart:
  dd 00000000

GripAOB:
  jmp GripMem
  db 90 90 90 90
GripReturn:

TimeAOB:
  jmp TimeCode
  db 90 90 90
TimeReturn:

[DISABLE]
GripAOB:
  db F3 0F 11 84 AF 40 06 00 00
TimeAOB:
  db 48 8B 4F 38 40 0F B6 D6
unregistersymbol(GripRate)
unregistersymbol(GripCPURate)
unregistersymbol(GripTimer)
unregistersymbol(GripStart)
unregistersymbol(SessionTimer)
unregistersymbol(GripAOB)
unregistersymbol(TimeAOB)
dealloc(GripMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>18</ID>
                  <Description>"Grip Rate [Player]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Grip
0.25:25% Grip
0.5:50% Grip
0.75:75% Grip
1:Normal Grip
1.25:125% Grip
1.5:150% Grip
1.75:175% Grip
2:Double Grip
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>GripRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>19</ID>
                  <Description>"Grip Rate [Computer]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Grip
0.25:25% Grip
0.5:50% Grip
0.75:75% Grip
1:Normal Grip
1.25:125% Grip
1.5:150% Grip
1.75:175% Grip
2:Double Grip
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>GripCPURate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>182</ID>
                  <Description>"Prevent easy overtaking of CPU cars at race start because of better grip"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:OFF
1:ON
</DropDownList>
                  <Color>4080FF</Color>
                  <VariableType>4 Bytes</VariableType>
                  <Address>GripStart</Address>
                  <CheatEntries>
                    <CheatEntry>
                      <ID>183</ID>
                      <Description>"Time in seconds from race start to equalize"</Description>
                      <Color>4080FF</Color>
                      <VariableType>Float</VariableType>
                      <Address>GripTimer</Address>
                    </CheatEntry>
                  </CheatEntries>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>232</ID>
              <Description>"Tyre Wear"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(TyreAOB,F1_22.exe, F3 0F 58 63 78)
alloc(TyreMem,512,TyreAOB)
label(Return)
label(CPUCode)
label(Code)
label(TyreRate)
label(TyreCPURate)
registersymbol(TyreRate)
registersymbol(TyreCPURate)
registersymbol(TyreAOB)

TyreMem:
  mov r12,[rbx+8]
  cmp dword ptr [r12+F0],1
  je CPUCode
  mulss xmm4,[TyreRate]
  jmp Code

CPUCode:
  mulss xmm4,[TyreCPURate]

Code:
  xor r12,r12
  addss xmm4,[rbx+78]
  jmp Return

TyreRate:
  dd 3F800000

TyreCPURate:
  dd 3F800000

TyreAOB:
  jmp TyreMem
Return:

[DISABLE]
TyreAOB:
  db F3 0F 58 63 78
unregistersymbol(TyreRate)
unregistersymbol(TyreCPURate)
unregistersymbol(TyreAOB)
dealloc(TyreMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>233</ID>
                  <Description>"Tyre Wear Rate [Player]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Wear
0.25:25% Wear
0.5:50% Wear
0.75:75% Wear
1:Normal Wear
1.25:125% Wear
1.5:150% Wear
1.75:175% Wear
2:Double Wear
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>TyreRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>234</ID>
                  <Description>"Tyre Wear Rate [Computer]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Wear
0.25:25% Wear
0.5:50% Wear
0.75:75% Wear
1:Normal Wear
1.25:125% Wear
1.5:150% Wear
1.75:175% Wear
2:Double Wear
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>TyreCPURate</Address>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>236</ID>
              <Description>"Tyre Temperature"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(TyreCTempAOB,F1_22.exe, F3 0F 11 6B 68)
aobScanModule(TyreSTempAOB,F1_22.exe, F3 0F 11 73 64 EB 1B)
alloc(TyreTempMem,512,TyreCTempAOB)
label(ReturnC)
label(ReturnS)
label(CodeC)
label(CodeS)
label(MinMaxC)
label(MinMaxS)
label(TyreTemp)
label(TyreKTemp)
registersymbol(TyreTemp)
registersymbol(TyreKTemp)
registersymbol(TyreCTempAOB)
registersymbol(TyreSTempAOB)

TyreTempMem:

TyreCTemp:
  cmp [TyreTemp],0
  je MinMaxC
  movss xmm5,[TyreTemp]
  addss xmm5,[TyreKTemp]
  jmp CodeC

MinMaxC:
  cmp [TyreTemp+10],0
  je CodeC
  cmp [TyreTemp+20],0
  je CodeC
  subss xmm5,[TyreKTemp]
  movss xmm0,[TyreTemp+10]
  maxss xmm5,xmm0
  movss xmm0,[TyreTemp+20]
  minss xmm5,xmm0
  addss xmm5,[TyreKTemp]

CodeC:
  movss [rbx+68],xmm5
  jmp ReturnC

TyreSTemp:
  cmp [TyreTemp],0
  je MinMaxS
  movss xmm6,[TyreTemp]
  addss xmm6,[TyreKTemp]
  jmp CodeS

MinMaxS:
  cmp [TyreTemp+10],0
  je CodeS
  cmp [TyreTemp+20],0
  je CodeS
  subss xmm6,[TyreKTemp]
  movss xmm1,[TyreTemp+10]
  maxss xmm6,xmm1
  movss xmm1,[TyreTemp+20]
  minss xmm6,xmm1
  addss xmm6,[TyreKTemp]

CodeS:
  movss [rbx+64],xmm6
  jmp ReturnS

TyreTemp:
  dd 0

TyreKTemp:
  dd 43889333

TyreCTempAOB:
  jmp TyreCTemp
ReturnC:

TyreSTempAOB:
  jmp TyreSTemp
ReturnS:

[DISABLE]
TyreCTempAOB:
  db F3 0F 11 6B 68
TyreSTempAOB:
  db F3 0F 11 73 64
unregistersymbol(TyreTemp)
unregistersymbol(TyreKTemp)
unregistersymbol(TyreCTempAOB)
unregistersymbol(TyreSTempAOB)
dealloc(TyreTempMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>237</ID>
                  <Description>"Note: Leave the override at 0 if using Min/Max settings"</Description>
                  <LastState Value="" RealAddress="00000000"/>
                  <Color>408000</Color>
                  <GroupHeader>1</GroupHeader>
                </CheatEntry>
                <CheatEntry>
                  <ID>238</ID>
                  <Description>"Tyre Temperature Override [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>TyreTemp</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>239</ID>
                  <Description>"Minimum Tyre Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>TyreTemp+10</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>240</ID>
                  <Description>"Maximum Tyre Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>TyreTemp+20</Address>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>242</ID>
              <Description>"Brake Temperature"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(BrakeTempAOB,F1_22.exe, F3 0F 11 6B 08 48 8B 9C 24)
alloc(BrakeTempMem,512,BrakeTempAOB)
label(Return)
label(Code)
label(MinMax)
label(BrakeTemp)
label(BrakeKTemp)
registersymbol(BrakeTemp)
registersymbol(BrakeKTemp)
registersymbol(BrakeTempAOB)

BrakeTempMem:
  cmp dword ptr [rdx+F0],1
  je Code
  cmp [BrakeTemp],0
  je MinMax
  movss xmm5,[BrakeTemp]
  addss xmm5,[BrakeKTemp]
  jmp Code

MinMax:
  cmp [BrakeTemp+10],0
  je Code
  cmp [BrakeTemp+20],0
  je Code
  subss xmm5,[BrakeKTemp]
  movss xmm13,[BrakeTemp+10]
  maxss xmm5,xmm13
  movss xmm13,[BrakeTemp+20]
  minss xmm5,xmm13
  addss xmm5,[BrakeKTemp]

Code:
  movss [rbx+08],xmm5
  jmp Return

BrakeTemp:
  dd 0

BrakeKTemp:
  dd 43889333

BrakeTempAOB:
  jmp BrakeTempMem
Return:

[DISABLE]
BrakeTempAOB:
  db F3 0F 11 6B 08
unregistersymbol(BrakeTemp)
unregistersymbol(BrakeKTemp)
unregistersymbol(BrakeTempAOB)
dealloc(BrakeTempMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>243</ID>
                  <Description>"Note: Leave the override at 0 if using Min/Max settings"</Description>
                  <LastState Value="" RealAddress="00000000"/>
                  <Color>408000</Color>
                  <GroupHeader>1</GroupHeader>
                </CheatEntry>
                <CheatEntry>
                  <ID>244</ID>
                  <Description>"Brake Temperature Override [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>BrakeTemp</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>245</ID>
                  <Description>"Minimum Brake Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>BrakeTemp+10</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>246</ID>
                  <Description>"Maximum Brake Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>BrakeTemp+20</Address>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>247</ID>
              <Description>"Engine Temperature"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(Engine1TempAOB,F1_22.exe, F3 0F 11 AF F0 24 00 00)
aobScanModule(Engine2TempAOB,F1_22.exe, F3 0F 11 97 F0 24 00 00)
alloc(EngineTempMem,512,Engine1TempAOB)
label(Return1)
label(Return2)
label(Code1)
label(Code2)
label(MinMax1)
label(MinMax2)
label(EngineTemp)
label(EngineKTemp)
registersymbol(EngineTemp)
registersymbol(EngineKTemp)
registersymbol(Engine1TempAOB)
registersymbol(Engine2TempAOB)

EngineTempMem:

Engine1Temp:
  cmp [EngineTemp],0
  je MinMax1
  movss xmm5,[EngineTemp]
  addss xmm5,[EngineKTemp]
  jmp Code1

MinMax1:
  cmp [EngineTemp+10],0
  je Code1
  cmp [EngineTemp+20],0
  je Code1
  subss xmm5,[EngineKTemp]
  movss xmm0,[EngineTemp+10]
  maxss xmm5,xmm0
  movss xmm0,[EngineTemp+20]
  minss xmm5,xmm0
  addss xmm5,[EngineKTemp]

Code1:
  movss [rdi+000024F0],xmm5
  jmp Return1

Engine2Temp:
  cmp [EngineTemp],0
  je MinMax2
  movss xmm2,[EngineTemp]
  addss xmm2,[EngineKTemp]
  jmp Code2

MinMax2:
  cmp [EngineTemp+10],0
  je Code2
  cmp [EngineTemp+20],0
  je Code2
  subss xmm2,[EngineKTemp]
  movss xmm10,[EngineTemp+10]
  maxss xmm2,xmm10
  movss xmm10,[EngineTemp+20]
  minss xmm2,xmm10
  addss xmm2,[EngineKTemp]

Code2:
  movss [rdi+000024F0],xmm2
  jmp Return2

EngineTemp:
  dd 0

EngineKTemp:
  dd 43889333

Engine1TempAOB:
  jmp Engine1Temp
  db 90 90 90
Return1:

Engine2TempAOB:
  jmp Engine2Temp
  db 90 90 90
Return2:

[DISABLE]
Engine1TempAOB:
  db F3 0F 11 AF F0 24 00 00
Engine2TempAOB:
  db F3 0F 11 97 F0 24 00 00
unregistersymbol(EngineTemp)
unregistersymbol(EngineKTemp)
unregistersymbol(Engine1TempAOB)
unregistersymbol(Engine2TempAOB)
dealloc(EngineTempMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>248</ID>
                  <Description>"Note: Leave the override at 0 if using Min/Max settings"</Description>
                  <LastState Value="" RealAddress="00000000"/>
                  <Color>408000</Color>
                  <GroupHeader>1</GroupHeader>
                </CheatEntry>
                <CheatEntry>
                  <ID>249</ID>
                  <Description>"Engine Temperature Override [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>EngineTemp</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>250</ID>
                  <Description>"Minimum Engine Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>EngineTemp+10</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>251</ID>
                  <Description>"Maximum Engine Temperature [Celsius]"</Description>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>EngineTemp+20</Address>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>252</ID>
              <Description>"Fuel Consumption"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(FuelAOB,F1_22.exe, 32 C8 F3 0F 5C C3)
alloc(FuelMem,512,FuelAOB)
label(Return)
label(CPUCode)
label(Code)
label(FuelRate)
label(FuelCPURate)
registersymbol(FuelRate)
registersymbol(FuelCPURate)
registersymbol(FuelAOB)

FuelMem:
  mov rsi,[rdi+8]
  cmp dword ptr [rsi+F0],1
  je CPUCode
  lea rsi,[rdi+100]
  mov [FuelRate+10],rsi
  mulss xmm3,[FuelRate]
  jmp Code

CPUCode:
  mulss xmm3,[FuelCPURate]

Code:
  xor cl,al
  subss xmm0,xmm3
  jmp Return

FuelRate:
  dd 3F800000

FuelCPURate:
  dd 3F800000

FuelAOB:
  jmp FuelMem
  nop
Return:

[DISABLE]
FuelAOB:
  db 32 C8 F3 0F 5C C3
unregistersymbol(FuelRate)
unregistersymbol(FuelCPURate)
unregistersymbol(FuelAOB)
dealloc(FuelMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>253</ID>
                  <Description>"Fuel Consumption Rate [Player]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Consumption
0.25:25% Consumption
0.5:50% Consumption
0.75:75% Consumption
1:Normal Consumption
1.25:125% Consumption
1.5:150% Consumption
1.75:175% Consumption
2:Double Consumption
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>FuelRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>254</ID>
                  <Description>"Fuel Consumption Rate [Computer]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:No Consumption
0.25:25% Consumption
0.5:50% Consumption
0.75:75% Consumption
1:Normal Consumption
1.25:125% Consumption
1.5:150% Consumption
1.75:175% Consumption
2:Double Consumption
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>FuelCPURate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>255</ID>
                  <Description>"Current Fuel Load"</Description>
                  <Color>408000</Color>
                  <VariableType>Float</VariableType>
                  <Address>FuelRate+10</Address>
                  <Offsets>
                    <Offset>0</Offset>
                  </Offsets>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
            <CheatEntry>
              <ID>256</ID>
              <Description>"Energy Recovery System (ERS)"</Description>
              <Options moHideChildren="1"/>
              <LastState/>
              <Color>408000</Color>
              <VariableType>Auto Assembler Script</VariableType>
              <AssemblerScript>[ENABLE]
aobScanModule(ERSAOB,F1_22.exe, 0F 28 C1 F3 0F 5C D1 F3 0F 58 83)
alloc(ERSMem,512,ERSAOB)
label(Return)
label(CPUCode)
label(Code)
label(ERSDrainRate)
label(ERSCPUDrainRate)
registersymbol(ERSDrainRate)
registersymbol(ERSCPUDrainRate)
registersymbol(ERSAOB)

ERSMem:
  cmp dword ptr [rbp+F0],1
  je CPUCode
  lea rsi,[rbx+00000504]
  mov [ERSDrainRate+10],rsi
  mulss xmm1,[ERSDrainRate]
  jmp Code

CPUCode:
  mulss xmm1,[ERSCPUDrainRate]

Code:
  movaps xmm0,xmm1
  subss xmm2,xmm1
  jmp Return

ERSDrainRate:
  dd 3F800000

ERSCPUDrainRate:
  dd 3F800000

ERSAOB:
  jmp ERSMem
  db 90 90
Return:

[DISABLE]
ERSAOB:
  db 0F 28 C1 F3 0F 5C D1
unregistersymbol(ERSDrainRate)
unregistersymbol(ERSCPUDrainRate)
unregistersymbol(ERSAOB)
dealloc(ERSMem)

</AssemblerScript>
              <CheatEntries>
                <CheatEntry>
                  <ID>257</ID>
                  <Description>"Drain Rate [Player]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:Unlimited
0.25:25% Rate
0.5:50% Rate
0.75:75% Rate
1:Normal Rate
1.25:125% Rate
1.5:150% Rate
1.75:175% Rate
2:Double Rate
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>ERSDrainRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>258</ID>
                  <Description>"Drain Rate [Computer]"</Description>
                  <DropDownList DescriptionOnly="1" DisplayValueAsItem="1">0:Unlimited
0.25:25% Rate
0.5:50% Rate
0.75:75% Rate
1:Normal Rate
1.25:125% Rate
1.5:150% Rate
1.75:175% Rate
2:Double Rate
</DropDownList>
                  <Color>FF0000</Color>
                  <VariableType>Float</VariableType>
                  <Address>ERSCPUDrainRate</Address>
                </CheatEntry>
                <CheatEntry>
                  <ID>259</ID>
                  <Description>"Current ERS Level"</Description>
                  <Color>408000</Color>
                  <VariableType>Float</VariableType>
                  <Address>ERSDrainRate+10</Address>
                  <Offsets>
                    <Offset>0</Offset>
                  </Offsets>
                </CheatEntry>
              </CheatEntries>
            </CheatEntry>
          </CheatEntries>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
  <UserdefinedSymbols/>
</CheatTable>

Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
PostPosted: Thu Jul 20, 2023 8:34 am    Post subject: Re: How to find adresses from Cheat Table? Reply with quote
lewis08 wrote:
Hi, i have a CT which i found from Internet. I want to extract the adresses of some of the features to make a external trainer. How can i find the 4byte (int) adresses of the features of CT. For example Race-Engine Power-Engine Power Rate [Player] ?

Here is the CT in Notepad (paste it in notepad and change extension to .CT, i cannot upload CT directly since its too large)
Code:

...


It's a lot here but nothing looks identifiable to what you want. I would suggest you do some basic tutorials on copy injection, pointer scripts.
Back to top
View user's profile Send private message
lewis08
How do I cheat?
Reputation: 0

Joined: 18 Jul 2023
Posts: 8
PostPosted: Thu Jul 20, 2023 8:49 am    Post subject: Re: How to find adresses from Cheat Table? Reply with quote
LeFiXER wrote:
lewis08 wrote:
Hi, i have a CT which i found from Internet. I want to extract the adresses of some of the features to make a external trainer. How can i find the 4byte (int) adresses of the features of CT. For example Race-Engine Power-Engine Power Rate [Player] ?

Here is the CT in Notepad (paste it in notepad and change extension to .CT, i cannot upload CT directly since its too large)
Code:

...


It's a lot here but nothing looks identifiable to what you want. I would suggest you do some basic tutorials on copy injection, pointer scripts.



Thanks, found out this CT uses cop injection.
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
PostPosted: Thu Jul 20, 2023 9:40 am    Post subject: Reply with quote
I didn't say it couldn't be done from the table; just what you showed didn't give any identifiable information. It's hard to say exactly what's done without analysing it myself. The Race script could rely on other scripts within the table. It's why I suggested the pointer script tutorials because you can always find the address you want to modify using this method.
Back to top
View user's profile Send private message
lewis08
How do I cheat?
Reputation: 0

Joined: 18 Jul 2023
Posts: 8
PostPosted: Thu Jul 20, 2023 10:01 am    Post subject: Reply with quote
LeFiXER wrote:
I didn't say it couldn't be done from the table; just what you showed didn't give any identifiable information. It's hard to say exactly what's done without analysing it myself. The Race script could rely on other scripts within the table. It's why I suggested the pointer script tutorials because you can always find the address you want to modify using this method.


Yes, you're right. But the problem is i can not find the address myself by scanning becaue value is more complicated (not like simple health text or sm, it is the grip rate of the car which we don't know how the value is.) So all i have is this table which uses injection copies. Anyways thanks for your replies! Appreciate it Smile
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
PostPosted: Thu Jul 20, 2023 5:50 pm    Post subject: Reply with quote
See pm
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197
PostPosted: Fri Jul 21, 2023 1:19 am    Post subject: This post has 1 review(s) Reply with quote
The AOB is probably here:

Code:
aobScanModule(GripAOB,F1_22.exe, F3 0F 11 84 AF 40 06 00 00)


Simply perform a scan on that AOB signature. With that, you will have the injection location that you need.

Just guessing, but the value is probably being handled here:

Code:
movss [rdi+rbp*4+00000640],xmm0


Simply check to see what addresses are being access by that instruction. With that, you will have the address that you need.

Other values can be found in the same way.

That said, have you tried contacting the author to inquire about these things? Just be sure to credit the author when using someone else's work.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites