10
"Enable Ansel Anywhere [HOME to activate]"
Auto Assembler Script
{ Game : starwarsbattlefrontii.exe
Version:
Date : 2019-07-10
Author : Sankara
This script enables Ansel Anywhere in Star Wars: Battlefront 2
}
{ Game : starwarsbattlefrontii.exe
Version:
Date : 2019-07-10
Author : Sankara
This script enables Ansel Anywhere in Star Wars: Battlefront 2
}
[ENABLE]
aobscanmodule(Pause,starwarsbattlefrontii.exe,E8 37 75 79 FF) // should be unique
alloc(newmem,$1000,"starwarsbattlefrontii.exe"+18EF014)
label(code)
label(return)
newmem:
nop
nop
nop
nop
nop
jmp return
code:
call starwarsbattlefrontii.exe+1086550
jmp return
Pause:
jmp newmem
return:
registersymbol(Pause)
aobscanmodule(Ansel Anywhere,starwarsbattlefrontii.exe,80 7C 24 20 00 0F 84 71) // should be unique
alloc(newmem2,$1000,"starwarsbattlefrontii.exe"+409E28)
label(code2)
label(return2)
newmem2:
nop
nop
nop
nop
nop
jmp return
code2:
cmp byte ptr [rsp+20],00
jmp return2
Ansel Anywhere:
jmp newmem2
return2:
registersymbol(Ansel Anywhere)
[DISABLE]
Pause:
db E8 37 75 79 FF
unregistersymbol(Pause)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "starwarsbattlefrontii.exe"+18EF014
"starwarsbattlefrontii.exe"+18EEFE8: 48 8B 4F 10 - mov rcx,[rdi+10]
"starwarsbattlefrontii.exe"+18EEFEC: E8 EF 6B A4 FE - call starwarsbattlefrontii.exe+335BE0
"starwarsbattlefrontii.exe"+18EEFF1: 84 C0 - test al,al
"starwarsbattlefrontii.exe"+18EEFF3: 0F 84 0A 01 00 00 - je starwarsbattlefrontii.exe+18EF103
"starwarsbattlefrontii.exe"+18EEFF9: 48 8B 05 B8 1C C0 02 - mov rax,[starwarsbattlefrontii.exe+44F0CB8]
"starwarsbattlefrontii.exe"+18EF000: 48 8B 48 38 - mov rcx,[rax+38]
"starwarsbattlefrontii.exe"+18EF004: 48 85 C9 - test rcx,rcx
"starwarsbattlefrontii.exe"+18EF007: 74 28 - je starwarsbattlefrontii.exe+18EF031
"starwarsbattlefrontii.exe"+18EF009: 48 83 C1 30 - add rcx,30
"starwarsbattlefrontii.exe"+18EF00D: 48 8D 15 84 4A 73 01 - lea rdx,[starwarsbattlefrontii.exe+3023A98]
// ---------- INJECTING HERE ----------
"starwarsbattlefrontii.exe"+18EF014: E8 37 75 79 FF - call starwarsbattlefrontii.exe+1086550
// ---------- DONE INJECTING ----------
"starwarsbattlefrontii.exe"+18EF019: 48 8D 15 E8 72 C1 01 - lea rdx,[starwarsbattlefrontii.exe+3506308]
"starwarsbattlefrontii.exe"+18EF020: 48 8B C8 - mov rcx,rax
"starwarsbattlefrontii.exe"+18EF023: E8 88 A0 8B FE - call starwarsbattlefrontii.exe+1A90B0
"starwarsbattlefrontii.exe"+18EF028: 83 F8 FF - cmp eax,-01
"starwarsbattlefrontii.exe"+18EF02B: 0F 85 D2 00 00 00 - jne starwarsbattlefrontii.exe+18EF103
"starwarsbattlefrontii.exe"+18EF031: F3 0F 10 05 FF 51 73 01 - movss xmm0,[starwarsbattlefrontii.exe+3024238]
"starwarsbattlefrontii.exe"+18EF039: F3 0F 5C 05 C7 5A 7B 02 - subss xmm0,[starwarsbattlefrontii.exe+40A4B08]
"starwarsbattlefrontii.exe"+18EF041: 0F 54 05 38 B2 73 01 - andps xmm0,[starwarsbattlefrontii.exe+302A280]
"starwarsbattlefrontii.exe"+18EF048: 0F 2F 05 E1 B1 73 01 - comiss xmm0,[starwarsbattlefrontii.exe+302A230]
"starwarsbattlefrontii.exe"+18EF04F: 0F 83 AE 00 00 00 - jae starwarsbattlefrontii.exe+18EF103
}
Ansel Anywhere:
db 80 7C 24 20 00
unregistersymbol(Ansel Anywhere)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: "starwarsbattlefrontii.exe"+409E28
"starwarsbattlefrontii.exe"+409DF6: F3 0F 10 88 8C 00 00 00 - movss xmm1,[rax+0000008C]
"starwarsbattlefrontii.exe"+409DFE: F3 0F 11 4C 24 28 - movss [rsp+28],xmm1
"starwarsbattlefrontii.exe"+409E04: F3 0F 10 80 90 00 00 00 - movss xmm0,[rax+00000090]
"starwarsbattlefrontii.exe"+409E0C: F3 0F 11 44 24 2C - movss [rsp+2C],xmm0
"starwarsbattlefrontii.exe"+409E12: 48 8B 89 E0 00 00 00 - mov rcx,[rcx+000000E0]
"starwarsbattlefrontii.exe"+409E19: 48 85 C9 - test rcx,rcx
"starwarsbattlefrontii.exe"+409E1C: 74 86 - je starwarsbattlefrontii.exe+409DA4
"starwarsbattlefrontii.exe"+409E1E: 48 8B 01 - mov rax,[rcx]
"starwarsbattlefrontii.exe"+409E21: 48 8D 54 24 20 - lea rdx,[rsp+20]
"starwarsbattlefrontii.exe"+409E26: FF 10 - call qword ptr [rax]
// ---------- INJECTING HERE ----------
"starwarsbattlefrontii.exe"+409E28: 80 7C 24 20 00 - cmp byte ptr [rsp+20],00
// ---------- DONE INJECTING ----------
"starwarsbattlefrontii.exe"+409E2D: 0F 84 71 FF FF FF - je starwarsbattlefrontii.exe+409DA4
"starwarsbattlefrontii.exe"+409E33: F3 0F 10 44 24 24 - movss xmm0,[rsp+24]
"starwarsbattlefrontii.exe"+409E39: 48 8B 15 50 CE F7 03 - mov rdx,[starwarsbattlefrontii.exe+4386C90]
"starwarsbattlefrontii.exe"+409E40: F3 0F 11 43 08 - movss [rbx+08],xmm0
"starwarsbattlefrontii.exe"+409E45: F3 0F 10 44 24 28 - movss xmm0,[rsp+28]
"starwarsbattlefrontii.exe"+409E4B: C7 03 01 01 01 01 - mov [rbx],01010101
"starwarsbattlefrontii.exe"+409E51: 66 C7 43 04 00 01 - mov word ptr [rbx+04],0100
"starwarsbattlefrontii.exe"+409E57: C6 43 06 01 - mov byte ptr [rbx+06],01
"starwarsbattlefrontii.exe"+409E5B: 48 8B 05 2E CF F7 03 - mov rax,[starwarsbattlefrontii.exe+4386D90]
"starwarsbattlefrontii.exe"+409E62: 8B 88 88 00 00 00 - mov ecx,[rax+00000088]
}
Code :cmp byte ptr [rsp+20],00
starwarsbattlefrontii.exe+409E28
54
24
20
FF
10
80
7C
24
20
00
0F
84
71
FF
FF
Code :call starwarsbattlefrontii.exe+1086550
starwarsbattlefrontii.exe+18EF014
15
84
4A
73
01
E8
37
75
79
FF
48
8D
15
E8
72