diff --git a/SekiroFpsUnlockAndMore/GameData.cs b/SekiroFpsUnlockAndMore/GameData.cs index acde00c..bbcd378 100644 --- a/SekiroFpsUnlockAndMore/GameData.cs +++ b/SekiroFpsUnlockAndMore/GameData.cs @@ -7,13 +7,19 @@ namespace SekiroFpsUnlockAndMore internal const string PROCESS_NAME = "sekiro"; internal const string PROCESS_TITLE = "Sekiro"; internal const string PROCESS_DESCRIPTION = "Shadows Die Twice"; - internal const string PROCESS_EXE_VERSION = "1.2.0.0"; + internal const string PROCESS_EXE_VERSION = "1.3.0.0"; + internal static readonly string[] PROCESS_EXE_VERSION_SUPPORTED = new string[1] + { + "1.2.0.0" + }; /** fFrameTick determines default frame rate limit in seconds. - 000000014116168D | C743 18 8988883C | mov dword ptr ds:[rbx+18],3C888889 | fFrameTick - 0000000141161694 | 4C:89AB 70020000 | mov qword ptr ds:[rbx+270],r13 | + 0000000141161FCD | C743 18 8988883C | mov dword ptr ds:[rbx+18],3C888889 | fFrameTick + 0000000141161FD4 | 4C:89AB 70020000 | mov qword ptr ds:[rbx+270],r13 | + + 0000000141161694 (Version 1.2.0.0) */ internal const string PATTERN_FRAMELOCK = "88 88 3C 4C 89 AB"; // first byte can can be 88/90 instead of 89 due to precision loss on floating point numbers internal const int PATTERN_FRAMELOCK_OFFSET = -1; // offset to byte array from found position @@ -25,11 +31,13 @@ namespace SekiroFpsUnlockAndMore Reference pointer pFrametimeRunningSpeed to speed table entry that gets used in calculations. Add or remove multiplications of 4bytes to pFrametimeRunningSpeed address to use a higher or lower fFrametimeCriticalRunningSpeed from table. fFrametimeCriticalRunningSpeed should be roughly half the frame rate: 30 @ 60FPS limit, 50 @ 100FPS limit... - 00000001407D4DFD | F3:0F58D0 | addss xmm2,xmm0 | - 00000001407D4E01 | 0FC6D2 00 | shufps xmm2,xmm2,0 | - 00000001407D4E05 | 0F51C2 | sqrtps xmm0,xmm2 | - 00000001407D4E08 | F3:0F5905 90309202 | mulss xmm0,dword ptr ds:[1430F7EA0] | pFrametimeRunningSpeed->fFrametimeCriticalRunningSpeed - 00000001407D4E10 | 0F2FF8 | comiss xmm7,xmm0 | + 00000001407D4F3D | F3:0F58D0 | addss xmm2,xmm0 | + 00000001407D4F41 | 0FC6D2 00 | shufps xmm2,xmm2,0 | + 00000001407D4F45 | 0F51C2 | sqrtps xmm0,xmm2 | + 00000001407D4F48 | F3:0F5905 E8409202 | mulss xmm0,dword ptr ds:[1430F9038] | pFrametimeRunningSpeed->fFrametimeCriticalRunningSpeed + 00000001407D4F50 | 0F2FF8 | comiss xmm7,xmm0 | + + 00000001407D4E08 (Version 1.2.0.0) */ internal const string PATTERN_FRAMELOCK_SPEED_FIX = "F3 0F 58 ?? 0F C6 ?? 00 0F 51 ?? F3 0F 59 ?? ?? ?? ?? ?? 0F 2F"; internal const int PATTERN_FRAMELOCK_SPEED_FIX_OFFSET = 15; @@ -97,10 +105,12 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pCurrentResolutionWidth to iInternalGameWidth (and iInternalGameHeight which is +4 bytes). - 000000014114AC85 | 0F57D2 | xorps xmm2,xmm2 | - 000000014114AC88 | 890D 92147D02 | mov dword ptr ds:[14391C120],ecx | pCurrentResolutionWidth->iInternalGameWidth - 000000014114AC8E | 0F57C9 | xorps xmm1,xmm1 | - 000000014114AC91 | 8915 8D147D02 | mov dword ptr ds:[14391C124],edx | pCurrentResolutionHeight->iInternalGameHeight + 000000014114B5C5 | 0F57D2 | xorps xmm2,xmm2 | + 000000014114B5C8 | 890D 521B7D02 | mov dword ptr ds:[14391D120],ecx | + 000000014114B5CE | 0F57C9 | xorps xmm1,xmm1 | + 000000014114B5D1 | 8915 4D1B7D02 | mov dword ptr ds:[14391D124],edx | + + 000000014114AC88 (Version 1.2.0.0) */ internal const string PATTERN_RESOLUTION_POINTER = "0F 57 D2 89 0D ?? ?? ?? ?? 0F 57 C9"; internal const int PATTERN_RESOLUTION_POINTER_OFFSET = 3; @@ -119,11 +129,11 @@ namespace SekiroFpsUnlockAndMore /** Conditional jump instruction that determines if 16/9 scaling for game is enforced or not, overwrite with non conditional JMP so widescreen won't get clinched. - 0000000140129678 | 85C9 | test ecx,ecx | - 000000014012967A | 74 47 | je sekiro.1401296C3 | calculation for screen scaling - 000000014012967C | 47:8B94C7 1C020000 | mov r10d,dword ptr ds:[r15+r8*8+21C] | resolution scaling calculation method within jump... - 0000000140129684 | 45:85D2 | test r10d,r10d | - 0000000140129687 | 74 3A | je sekiro.1401296C3 | + 0000000140129678 | 85C9 | test ecx,ecx | + 000000014012967A | 74 47 | je sekiro.1401296C3 | calculation for screen scaling + 000000014012967C | 47:8B94C7 1C020000 | mov r10d,dword ptr ds:[r15+r8*8+21C] | resolution scaling calculation method within jump... + 0000000140129684 | 45:85D2 | test r10d,r10d | + 0000000140129687 | 74 3A | je sekiro.1401296C3 | */ internal const string PATTERN_RESOLUTION_SCALING_FIX = "85 C9 74 ?? 47 8B ?? ?? ?? ?? ?? ?? 45 ?? ?? 74"; internal static readonly byte[] PATCH_RESOLUTION_SCALING_FIX_ENABLE = new byte[3] { 0x90, 0x90, 0xEB }; // nop; jmp @@ -133,9 +143,11 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pFovTableEntry to FOV entry in game FOV table that gets used in FOV calculations. Overwrite pFovTableEntry address to use a higher or lower fFOV from table. FOV is in radians while default is 1.0deg (0.0174533rad), to increase by 25% you'd write 1.25deg (0.0218166rad) as fFov. - 0000000140739548 | F3:0F1008 | movss xmm1,dword ptr ds:[rax] | - 000000014073954C | F3:0F590D 0CE79B02 | mulss xmm1,dword ptr ds:[1430F7C60] | pFovTableEntry->fFov - 0000000140739554 | F3:0F5C4E 50 | subss xmm1,dword ptr ds:[rsi+50] | + 00000001407395A8 | F3:0F1008 | movss xmm1,dword ptr ds:[rax] | + 00000001407395AC | F3:0F590D 44F89B02 | mulss xmm1,dword ptr ds:[1430F8DF8] | pFovTableEntry->fFov + 00000001407395B4 | F3:0F5C4E 50 | subss xmm1,dword ptr ds:[rsi+50] | + + 000000014073954C (Version 1.2.0.0) */ // credits to 'jackfuste' for original offset internal const string PATTERN_FOVSETTING = "F3 0F 10 08 F3 0F 59 0D ?? ?? ?? ?? F3 0F 5C 4E"; @@ -145,13 +157,15 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pPlayerStatsRelated to PlayerStats pointer, offset in struct to iPlayerDeaths. - 00000001407AAC92 | 0FB648 7A | movzx ecx,byte ptr ds:[rax+7A] | - 00000001407AAC96 | 888B F7000000 | mov byte ptr ds:[rbx+F7],cl | - 00000001407AAC9C | 48:8B05 4DD03903 | mov rax,qword ptr ds:[143B47CF0] | - 00000001407AACA3 | 8B88 8C000000 | mov ecx,dword ptr ds:[rax+8C] | - 00000001407AACA9 | 898B F8000000 | mov dword ptr ds:[rbx+F8],ecx | - 00000001407AACAF | 48:8B05 3AD03903 | mov rax,qword ptr ds:[143B47CF0] | pPlayerStatsRelated->[PlayerStats+0x90]->iPlayerDeaths - 00000001407AACB6 | 8B88 90000000 | mov ecx,dword ptr ds:[rax+90] | offset pPlayerStats->iPlayerDeaths + 00000001407AAD51 | 0FB648 7A | movzx ecx,byte ptr ds:[rax+7A] | + 00000001407AAD55 | 888B F7000000 | mov byte ptr ds:[rbx+F7],cl | + 00000001407AAD5B | 48:8B05 CEDF3903 | mov rax,qword ptr ds:[143B48D30] | + 00000001407AAD62 | 8B88 8C000000 | mov ecx,dword ptr ds:[rax+8C] | + 00000001407AAD68 | 898B F8000000 | mov dword ptr ds:[rbx+F8],ecx | + 00000001407AAD6E | 48:8B05 BBDF3903 | mov rax,qword ptr ds:[143B48D30] | pPlayerStatsRelated->[PlayerStats+0x90]->iPlayerDeaths + 00000001407AAD75 | 8B88 90000000 | mov ecx,dword ptr ds:[rax+90] | offset pPlayerStats->iPlayerDeaths + + 00000001407AACAF (Version 1.2.0.0) */ // credits to 'Me_TheCat' for original offset internal const string PATTERN_PLAYER_DEATHS = "0F B6 48 ?? 88 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00 89 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00"; @@ -162,9 +176,11 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pTotalKills to iTotalKills, does not get updated on every kill but mostly on every 2nd, includes own player deaths... - 0000000141151838 | 48:8D0D A9A5B302 | lea rcx,qword ptr ds:[143C8BDE8] | pTotalKills->iTotalKills - 000000014115183F | 891481 | mov dword ptr ds:[rcx+rax*4],edx | - 0000000141151842 | C3 | ret | + 0000000141152178 | 48:8D0D A9ACB302 | lea rcx,qword ptr ds:[143C8CE28] | pTotalKills->iTotalKills + 000000014115217F | 891481 | mov dword ptr ds:[rcx+rax*4],edx | + 0000000141152182 | C3 | ret | + + 0000000141151838 (Version 1.2.0.0) */ // credits to 'Me_TheCat' for original offset internal const string PATTERN_TOTAL_KILLS = "48 8D 0D ?? ?? ?? ?? 89 14 81 C3"; @@ -173,11 +189,13 @@ namespace SekiroFpsUnlockAndMore /** Controls camera pitch. xmm4 holds new pitch from a calculation while rps+170 holds current one from mouse so we overwrite xmm4 with the old pitch value. - 000000014073AF26 | 0F29A5 70080000 | movaps xmmword ptr ss:[rbp+870],xmm4 | code inject overwrite from here - 000000014073AF2D | 0F29A5 80080000 | movaps xmmword ptr ss:[rbp+880],xmm4 | jump back here from code inject - 000000014073AF34 | 0F29A6 70010000 | movaps xmmword ptr ds:[rsi+170],xmm4 | camPitch, newCamPitch - 000000014073AF3B | EB 1C | jmp sekiro.14073AF59 | - 000000014073AF3D | F3:0F108E 74010000 | movss xmm1,dword ptr ds:[rsi+174] | + 000000014073AF86 | 0F29A5 70080000 | movaps xmmword ptr ss:[rbp+870],xmm4 | code inject overwrite from here + 000000014073AF8D | 0F29A5 80080000 | movaps xmmword ptr ss:[rbp+880],xmm4 | jump back here from code inject + 000000014073AF94 | 0F29A6 70010000 | movaps xmmword ptr ds:[rsi+170],xmm4 | camPitch, newCamPitch + 000000014073AF9B | EB 1C | jmp sekiro.14073AFB9 | + 000000014073AF9D | F3:0F108E 74010000 | movss xmm1,dword ptr ds:[rsi+174] | + + 000000014073AF26 (Version 1.2.0.0) */ internal const string PATTERN_CAMADJUST_PITCH = "0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 EB ?? F3"; internal const int INJECT_CAMADJUST_PITCH_OVERWRITE_LENGTH = 7; @@ -188,10 +206,12 @@ namespace SekiroFpsUnlockAndMore }; /** Controls automatic camera yaw adjust on move on Z-axis. xmm0 holds new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value. - 000000014073AF4C | E8 6F60FFFF | call sekiro.140730FC0 | - 000000014073AF51 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here - 000000014073AF59 | 80BE A3020000 00 | cmp byte ptr ds:[rsi+2A3],0 | jump back here from code inject - 000000014073AF60 | 0F84 2F020000 | je sekiro.14073B195 | + 000000014073AFAC | E8 6F60FFFF | call sekiro.140731020 | + 000000014073AFB1 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here + 000000014073AFB9 | 80BE A3020000 00 | cmp byte ptr ds:[rsi+2A3],0 | jump back here from code inject + 000000014073AFC0 | 0F84 2F020000 | je sekiro.14073B1F5 | + + 000000014073AF51 (Version 1.2.0.0) */ internal const string PATTERN_CAMADJUST_YAW_Z = "E8 ?? ?? ?? ?? F3 ?? ?? ?? ?? ?? 00 00 80 ?? ?? ?? 00 00 00 0F 84"; internal const int PATTERN_CAMADJUST_YAW_Z_OFFSET = 5; @@ -210,9 +230,17 @@ namespace SekiroFpsUnlockAndMore 000000014073B482 | F3:0F1085 E4120000 | movss xmm0,dword ptr ss:[rbp+12E4] | jump back here from code inject 000000014073B48A | E8 91BDFFFF | call sekiro.140737220 | 000000014073B48F | 0F28D0 | movaps xmm2,xmm0 | + + 000000014073B4D6 | F3:0F1000 | movss xmm0,dword ptr ds:[rax] | newCamPitch | code inject overwrite from here + 000000014073B4DA | F3:0F1186 70010000 | movss dword ptr ds:[rsi+170],xmm0 | camePitch + 000000014073B4E2 | F3:0F1085 E4120000 | movss xmm0,dword ptr ss:[rbp+12E4] | jump back here from code inject + 000000014073B4EA | E8 91BDFFFF | call sekiro.140737280 | + 000000014073B4EF | 0F28D0 | movaps xmm2,xmm0 | + + 000000014073B47A (Version 1.2.0.0) */ // thanks to 'Cielos' for original offset - internal const string PATTERN_CAMADJUST_PITCH_XY = "F3 ?? ?? ?? F3 ?? ?? ?? ?? ?? 00 00 F3 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 0F"; + internal const string PATTERN_CAMADJUST_PITCH_XY = "F3 ?? ?? ?? F3 ?? ?? ?? 70 01 00 00 F3 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 0F"; internal const int INJECT_CAMADJUST_PITCH_XY_OVERWRITE_LENGTH = 12; internal static readonly byte[] INJECT_CAMADJUST_PITCH_XY_SHELLCODE = new byte[] { @@ -223,9 +251,11 @@ namespace SekiroFpsUnlockAndMore }; /** Controls automatic camera yaw adjust on move on XY-axis. xmm0 new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value. - 000000014073B564 | E8 B7BCFFFF | call sekiro.140737220 | - 000000014073B569 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here - 000000014073B571 | E9 9A020000 | jmp sekiro.14073B810 | jump back here from code inject + 000000014073B5C4 | E8 B7BCFFFF | call sekiro.140737280 | + 000000014073B5C9 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here + 000000014073B5D1 | E9 9A020000 | jmp sekiro.14073B870 | jump back here from code inject + + 000000014073B569 (Version 1.2.0.0) */ // thanks to 'Cielos' for original offset internal const string PATTERN_CAMADJUST_YAW_XY = "E8 ?? ?? ?? ?? F3 0F 11 86 ?? ?? 00 00 E9"; @@ -240,8 +270,10 @@ namespace SekiroFpsUnlockAndMore /** When user presses button to lock on target but no target is in range a camera reset is triggered to center cam position. This boolean indicates if we need to reset or not. - 000000014073AD97 | C686 A3020000 01 | mov byte ptr ds:[rsi+2A3],1 | Sets bool to indicate we need to reset camera and block user input til cam is reset - 000000014073AD9E | F3:0F108E B4020000 | movss xmm1,dword ptr ds:[rsi+2B4] | + 000000014073ADF7 | C686 A3020000 01 | mov byte ptr ds:[rsi+2A3],1 | Sets bool to indicate we need to reset camera and block user input til cam is reset + 000000014073ADFE | F3:0F108E B4020000 | movss xmm1,dword ptr ds:[rsi+2B4] | + + 000000014073AD97 (Version 1.2.0.0) */ internal const string PATTERN_CAMRESET_LOCKON = "C6 86 ?? ?? 00 00 ?? F3 0F 10 8E ?? ?? 00 00"; internal const int PATTERN_CAMRESET_LOCKON_OFFSET = 6; @@ -252,29 +284,31 @@ namespace SekiroFpsUnlockAndMore /** Whole dragonrot routine upon death is guarded by a conditional jump, there may be some events in the game where a true death shall not increase the disease so it's skippable as a whole. We replace conditional jump with non-conditional one. - 00000001411891E8 | 45:33C0 | xor r8d,r8d | - 00000001411891EB | BA 27250000 | mov edx,2527 | - 00000001411891F0 | E8 AB8353FF | call sekiro.1406C15A0 | - 00000001411891F5 | 84C0 | test al,al | - 00000001411891F7 | 0F85 E6010000 | jne sekiro.1411893E3 | handle dragonrot? - 00000001411891FD | 48:8B0D 44A09B02 | mov rcx,qword ptr ds:[143B43248] | dragonrot routine... - 0000000141189204 | 48:85C9 | test rcx,rcx | - 0000000141189207 | 75 2E | jne sekiro.141189237 | - 0000000141189209 | 48:8D0D 19929B02 | lea rcx,qword ptr ds:[143B42429] | - 0000000141189210 | E8 5B178100 | call sekiro.14199A970 | - 0000000141189215 | 4C:8BC8 | mov r9,rax | - 0000000141189218 | 4C:8D05 510EF601 | lea r8,qword ptr ds:[1430EA070] | - 000000014118921F | BA B1000000 | mov edx,B1 | - 0000000141189224 | 48:8D0D 85216601 | lea rcx,qword ptr ds:[1427EB3B0] | - 000000014118922B | E8 808F8000 | call sekiro.1419921B0 | - 0000000141189230 | 48:8B0D 11A09B02 | mov rcx,qword ptr ds:[143B43248] | - 0000000141189237 | 45:33C0 | xor r8d,r8d | - 000000014118923A | BA 28250000 | mov edx,2528 | - 000000014118923F | E8 5C8353FF | call sekiro.1406C15A0 | - 0000000141189244 | 84C0 | test al,al | - 0000000141189246 | 0F84 B2000000 | je sekiro.1411892FE | increase dragonrot level on NPCs? - 000000014118924C | 48:8D8424 90000000 | lea rax,qword ptr ss:[rsp+90] | executes after a certain deaths threshold has been reached... - */ + 0000000141189D18 | 45:33C0 | xor r8d,r8d | + 0000000141189D1B | BA 27250000 | mov edx,2527 | + 0000000141189D20 | E8 DB7853FF | call sekiro.1406C1600 | + 0000000141189D25 | 84C0 | test al,al | + 0000000141189D27 | 0F85 E6010000 | jne sekiro.141189F13 | handle dragonrot? + 0000000141189D2D | 48:8B0D 54A59B02 | mov rcx,qword ptr ds:[143B44288] | dragonrot routine... + 0000000141189D34 | 48:85C9 | test rcx,rcx | + 0000000141189D37 | 75 2E | jne sekiro.141189D67 | + 0000000141189D39 | 48:8D0D 29979B02 | lea rcx,qword ptr ds:[143B43469] | + 0000000141189D40 | E8 5B178100 | call sekiro.14199B4A0 | + 0000000141189D45 | 4C:8BC8 | mov r9,rax | + 0000000141189D48 | 4C:8D05 5914F601 | lea r8,qword ptr ds:[1430EB1A8] | + 0000000141189D4F | BA B1000000 | mov edx,B1 | + 0000000141189D54 | 48:8D0D 55266601 | lea rcx,qword ptr ds:[1427EC3B0] | + 0000000141189D5B | E8 808F8000 | call sekiro.141992CE0 | + 0000000141189D60 | 48:8B0D 21A59B02 | mov rcx,qword ptr ds:[143B44288] | + 0000000141189D67 | 45:33C0 | xor r8d,r8d | + 0000000141189D6A | BA 28250000 | mov edx,2528 | + 0000000141189D6F | E8 8C7853FF | call sekiro.1406C1600 | + 0000000141189D74 | 84C0 | test al,al | + 0000000141189D76 | 0F84 B2000000 | je sekiro.141189E2E | increase dragonrot level on NPCs? + 0000000141189D7C | 48:8D8424 90000000 | lea rax,qword ptr ss:[rsp+90] | executes after a certain deaths threshold has been reached... + + 00000001411891F7 (Version 1.2.0.0) + */ internal const string PATTERN_DRAGONROT_EFFECT = "45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 85 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 48 85 C9 75 ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? ?? ?? ?? ?? BA ?? ?? ?? ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 84 ?? ?? ?? ?? 48 8D"; internal const int PATTERN_DRAGONROT_EFFECT_OFFSET = 13; internal static readonly byte[] PATCH_DRAGONROT_EFFECT_DISABLE = new byte[4] { 0x90, 0x90, 0x90, 0xE9 }; // nop; jmp @@ -283,11 +317,13 @@ namespace SekiroFpsUnlockAndMore /** sekiro.14066B520 is used to increase and decrease various player values, in this case it's used to decrease Sen so we skip the call. - 0000000141189044 | F344:0F2CE9 | cvttss2si r13d,xmm1 | - 0000000141189049 | 41:8BD5 | mov edx,r13d | - 000000014118904C | 48:8BCB | mov rcx,rbx | - 000000014118904F | E8 CC244EFF | call sekiro.14066B520 | -> ManipulatePlayerValues() - 0000000141189054 | 8BAB 60010000 | mov ebp,dword ptr ds:[rbx+160] | + 0000000141189B74 | F344:0F2CE9 | cvttss2si r13d,xmm1 | + 0000000141189B79 | 41:8BD5 | mov edx,r13d | + 0000000141189B7C | 48:8BCB | mov rcx,rbx | + 0000000141189B7F | E8 FC194EFF | call sekiro.14066B580 | -> ManipulatePlayerValues() + 0000000141189B84 | 8BAB 60010000 | mov ebp,dword ptr ds:[rbx+160] | + + 000000014118904F (Version 1.2.0.0) */ internal const string PATTERN_DEATHPENALTIES1 = "F3 ?? 0F 2C ?? 41 ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 8B"; internal const int PATTERN_DEATHPENALTIES1_OFFSET = 11; @@ -295,13 +331,15 @@ namespace SekiroFpsUnlockAndMore internal static readonly byte[] PATCH_DEATHPENALTIES1_DISABLE = new byte[5] { 0x90, 0x90, 0x90, 0x90, 0x90 }; // nop /** Here ability points (AP) are decreased and virtual Sen & AP decrease is set. The later 2 values will be shown after death as an indicator on how much of each has been lost. - 0000000141189138 | 8B00 | mov eax,dword ptr ds:[rax] | - 000000014118913A | 8983 60010000 | mov dword ptr ds:[rbx+160],eax | OnDeath() ability points (AP) decrease - 0000000141189140 | 45:2BFD | sub r15d,r13d | - 0000000141189143 | 44:89BC24 90000000 | mov dword ptr ss:[rsp+90],r15d | virtual Sen decrease - shows how many Sen got lost after death - 000000014118914B | 2BE9 | sub ebp,ecx | - 000000014118914D | 89AC24 94000000 | mov dword ptr ss:[rsp+94],ebp | virtual AP decrease - shows how many APs got lost after death - 0000000141189154 | E8 371C73FF | call sekiro.1408BAD90 | + 0000000141189C68 | 8B00 | mov eax,dword ptr ds:[rax] | + 0000000141189C6A | 8983 60010000 | mov dword ptr ds:[rbx+160],eax | OnDeath() ability points (AP) decrease + 0000000141189C70 | 45:2BFD | sub r15d,r13d | + 0000000141189C73 | 44:89BC24 90000000 | mov dword ptr ss:[rsp+90],r15d | virtual Sen decrease - shows how many Sen got lost after death + 0000000141189C7B | 2BE9 | sub ebp,ecx | + 0000000141189C7D | 89AC24 94000000 | mov dword ptr ss:[rsp+94],ebp | virtual AP decrease - shows how many APs got lost after death + 0000000141189C84 | E8 071673FF | call sekiro.1408BB290 | + + 000000014118913A (Version 1.2.0.0) */ internal const string PATTERN_DEATHPENALTIES2 = "8B ?? 89 83 ?? ?? ?? ?? 45 ?? ?? 44 89 ?? 24 ?? ?? 00 00 2B ?? 89 ?? 24 ?? ?? 00 00 E8"; internal const int PATTERN_DEATHPENALTIES2_OFFSET = 2; @@ -316,11 +354,13 @@ namespace SekiroFpsUnlockAndMore /** - 000000014069AE2E | 0F84 DD000000 | je sekiro.14069AF11 | - 000000014069AE34 | 84DB | test bl,bl | - 000000014069AE36 | 0F85 D5000000 | jne sekiro.14069AF11 | handle death increase? - 000000014069AE3C | 48:8BCF | mov rcx,rdi | - 000000014069AE3F | E8 BCA9FEFF | call sekiro.140685800 | -> IncreaseDeaths() + 000000014069AE8E | 0F84 DD000000 | je sekiro.14069AF71 | + 000000014069AE94 | 84DB | test bl,bl | + 000000014069AE96 | 0F85 D5000000 | jne sekiro.14069AF71 | handle death increase? + 000000014069AE9C | 48:8BCF | mov rcx,rdi | + 000000014069AE9F | E8 BCA9FEFF | call sekiro.140685860 | -> IncreaseDeaths() + + 000000014069AE36 (Version 1.2.0.0) */ internal const string PATTERN_DEATHSCOUNTER = "0F 84 ?? ?? ?? ?? 84 DB 0F 85 ?? ?? ?? ?? 48 8B ?? E8"; internal const int PATTERN_DEATHSCOUNTER_OFFSET = 6; @@ -330,9 +370,11 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pTimeRelated to TimescaleManager pointer, offset in struct to fTimescale which acts as a global speed scale for almost all ingame calculations. - 0000000141149E87 | 48:8B05 3A24B402 | mov rax,qword ptr ds:[143C8C2C8] | pTimeRelated->[TimescaleManager+0x360]->fTimescale - 0000000141149E8E | F3:0F1088 60030000 | movss xmm1,dword ptr ds:[rax+360] | offset TimescaleManager->fTimescale - 0000000141149E96 | F3:0F5988 68020000 | mulss xmm1,dword ptr ds:[rax+268] | + 000000014114A7C7 | 48:8B05 3A2BB402 | mov rax,qword ptr ds:[143C8D308] | pTimeRelated->[TimescaleManager+0x360]->fTimescale + 000000014114A7CE | F3:0F1088 60030000 | movss xmm1,dword ptr ds:[rax+360] | offset TimescaleManager->fTimescale + 000000014114A7D6 | F3:0F5988 68020000 | mulss xmm1,dword ptr ds:[rax+268] | + + 0000000141149E87 (Version 1.2.0.0) */ // credits to 'Zullie the Witch' for original offset internal const string PATTERN_TIMESCALE = "48 8B 05 ?? ?? ?? ?? F3 0F 10 88 ?? ?? ?? ?? F3 0F"; @@ -342,11 +384,13 @@ namespace SekiroFpsUnlockAndMore /** Reference pointer pPlayerStructRelated1 to 4 more pointers up to player data class, offset in struct to fTimescalePlayer which acts as a speed scale for the player character. - 00000001406BF1D7 | 48:8B1D 128C4A03 | mov rbx,qword ptr ds:[143B67DF0] | pPlayerStructRelated1->[pPlayerStructRelated2+0x88]->[pPlayerStructRelated3+0x1FF8]->[pPlayerStructRelated4+0x28]->[pPlayerStructRelated5+0xD00]->fTimescalePlayer - 00000001406BF1DE | 48:85DB | test rbx,rbx | - 00000001406BF1E1 | 74 3C | je sekiro.1406BF21F | - 00000001406BF1E3 | 8B17 | mov edx,dword ptr ds:[rdi] | - 00000001406BF1E5 | 81FA 10270000 | cmp edx,2710 | + 00000001406BF237 | 48:8B1D F29B4A03 | mov rbx,qword ptr ds:[143B68E30] | pPlayerStructRelated1->[pPlayerStructRelated2+0x88]->[pPlayerStructRelated3+0x1FF8]->[pPlayerStructRelated4+0x28]->[pPlayerStructRelated5+0xD00]->fTimescalePlayer + 00000001406BF23E | 48:85DB | test rbx,rbx | + 00000001406BF241 | 74 3C | je sekiro.1406BF27F | + 00000001406BF243 | 8B17 | mov edx,dword ptr ds:[rdi] | + 00000001406BF245 | 81FA 10270000 | cmp edx,2710 | + + 00000001406BF1D7 (Version 1.2.0.0) */ // credits to 'Zullie the Witch' for original offset internal const string PATTERN_TIMESCALE_PLAYER = "48 8B 1D ?? ?? ?? ?? 48 85 DB 74 ?? 8B ?? 81 FA"; diff --git a/SekiroFpsUnlockAndMore/MainWindow.xaml.cs b/SekiroFpsUnlockAndMore/MainWindow.xaml.cs index 6e7eb83..ca272e6 100644 --- a/SekiroFpsUnlockAndMore/MainWindow.xaml.cs +++ b/SekiroFpsUnlockAndMore/MainWindow.xaml.cs @@ -314,7 +314,7 @@ namespace SekiroFpsUnlockAndMore } string gameFileVersion = FileVersionInfo.GetVersionInfo(procList[0].MainModule.FileName).FileVersion; - if (gameFileVersion != GameData.PROCESS_EXE_VERSION && !_settingsService.ApplicationSettings.gameVersionNotify) + if (gameFileVersion != GameData.PROCESS_EXE_VERSION && Array.IndexOf(GameData.PROCESS_EXE_VERSION_SUPPORTED, gameFileVersion) < 0 && !_settingsService.ApplicationSettings.gameVersionNotify) { MessageBox.Show(string.Format("Unknown game version '{0}'.\nSome functions might not work properly or even crash the game. " + "Check for updates on this utility regularly following the link at the bottom.", gameFileVersion), "Sekiro FPS Unlocker and more", MessageBoxButton.OK, MessageBoxImage.Warning); @@ -507,6 +507,7 @@ namespace SekiroFpsUnlockAndMore long lpPlayerStructRelated1 = patternScan.FindPattern(GameData.PATTERN_TIMESCALE_PLAYER); Debug.WriteLine("lpPlayerStructRelated1 found at: 0x" + lpPlayerStructRelated1.ToString("X")); + if (IsValidAddress(lpPlayerStructRelated1)) { long lpPlayerStructRelated2 = DereferenceStaticX64Pointer(_gameAccessHwndStatic, lpPlayerStructRelated1, GameData.PATTERN_TIMESCALE_PLAYER_INSTRUCTION_LENGTH); diff --git a/SekiroFpsUnlockAndMore/PatternScan.cs b/SekiroFpsUnlockAndMore/PatternScan.cs index 61df0a6..f28e7f7 100644 --- a/SekiroFpsUnlockAndMore/PatternScan.cs +++ b/SekiroFpsUnlockAndMore/PatternScan.cs @@ -72,13 +72,12 @@ namespace SekiroFpsUnlockAndMore long ix; int iy; bool bFound = false; - int patternLength = bPattern.Length; - int dataLength = bData.Length - patternLength; + int dataLength = bData.Length - bPattern.Length; for (ix = 0; ix < dataLength; ix++) { bFound = true; - for (iy = 0; iy < patternLength; iy++) + for (iy = bPattern.Length - 1; iy > -1; iy--) { if (szMask[iy] != 'x' || bPattern[iy] == bData[ix + iy]) continue; @@ -87,7 +86,7 @@ namespace SekiroFpsUnlockAndMore } if (bFound) - return Convert.ToInt64((long) dwStart + ix); + return dwStart + ix; } return 0; diff --git a/SekiroFpsUnlockAndMore/Properties/AssemblyInfo.cs b/SekiroFpsUnlockAndMore/Properties/AssemblyInfo.cs index 3bdd610..52350e9 100644 --- a/SekiroFpsUnlockAndMore/Properties/AssemblyInfo.cs +++ b/SekiroFpsUnlockAndMore/Properties/AssemblyInfo.cs @@ -18,5 +18,5 @@ using System.Runtime.InteropServices; ResourceDictionaryLocation.SourceAssembly )] -[assembly: AssemblyVersion("1.2.3.0")] -[assembly: AssemblyFileVersion("1.2.3.0")] \ No newline at end of file +[assembly: AssemblyVersion("1.2.3.1")] +[assembly: AssemblyFileVersion("1.2.3.1")] \ No newline at end of file