theo/SekiroFpsUnlockAndMore
1
0
Fork 0
mirror of https://github.com/uberhalit/SekiroFpsUnlockAndMore.git synced 2026-06-13 09:57:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

updated to game version 1.3.0.0

Browse source 
improved speed of pattern scan
This commit is contained in:
uberhalit 2019-04-23 13:31:02 +02:00
parent 0e884dfb64
commit 3d2b894f90
4 changed files with 144 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

218
SekiroFpsUnlockAndMore/GameData.cs
View file

@ -7,13 +7,19 @@ namespace SekiroFpsUnlockAndMore
internal const string PROCESS_NAME = "sekiro"; internal const string PROCESS_NAME = "sekiro";
internal const string PROCESS_TITLE = "Sekiro"; internal const string PROCESS_TITLE = "Sekiro";
internal const string PROCESS_DESCRIPTION = "Shadows Die Twice"; internal const string PROCESS_DESCRIPTION = "Shadows Die Twice";
internal const string PROCESS_EXE_VERSION = "1.2.0.0"; internal const string PROCESS_EXE_VERSION = "1.3.0.0";
internal static readonly string[] PROCESS_EXE_VERSION_SUPPORTED = new string[1]
{
"1.2.0.0"
};
/** /**
<float>fFrameTick determines default frame rate limit in seconds. <float>fFrameTick determines default frame rate limit in seconds.
000000014116168D | C743 18 8988883C | mov dword ptr ds:[rbx+18],3C888889 | fFrameTick 0000000141161FCD | C743 18 8988883C | mov dword ptr ds:[rbx+18],3C888889 | fFrameTick
0000000141161694 | 4C:89AB 70020000 | mov qword ptr ds:[rbx+270],r13 | 0000000141161FD4 | 4C:89AB 70020000 | mov qword ptr ds:[rbx+270],r13 |
0000000141161694 (Version 1.2.0.0)
*/ */
internal const string PATTERN_FRAMELOCK = "88 88 3C 4C 89 AB"; // first byte can can be 88/90 instead of 89 due to precision loss on floating point numbers internal const string PATTERN_FRAMELOCK = "88 88 3C 4C 89 AB"; // first byte can can be 88/90 instead of 89 due to precision loss on floating point numbers
internal const int PATTERN_FRAMELOCK_OFFSET = -1; // offset to byte array from found position internal const int PATTERN_FRAMELOCK_OFFSET = -1; // offset to byte array from found position
@ -25,11 +31,13 @@ namespace SekiroFpsUnlockAndMore
Reference pointer pFrametimeRunningSpeed to speed table entry that gets used in calculations. Reference pointer pFrametimeRunningSpeed to speed table entry that gets used in calculations.
Add or remove multiplications of 4bytes to pFrametimeRunningSpeed address to use a higher or lower <float>fFrametimeCriticalRunningSpeed from table. Add or remove multiplications of 4bytes to pFrametimeRunningSpeed address to use a higher or lower <float>fFrametimeCriticalRunningSpeed from table.
fFrametimeCriticalRunningSpeed should be roughly half the frame rate: 30 @ 60FPS limit, 50 @ 100FPS limit... fFrametimeCriticalRunningSpeed should be roughly half the frame rate: 30 @ 60FPS limit, 50 @ 100FPS limit...
00000001407D4DFD | F3:0F58D0 | addss xmm2,xmm0 | 00000001407D4F3D | F3:0F58D0 | addss xmm2,xmm0 |
00000001407D4E01 | 0FC6D2 00 | shufps xmm2,xmm2,0 | 00000001407D4F41 | 0FC6D2 00 | shufps xmm2,xmm2,0 |
00000001407D4E05 | 0F51C2 | sqrtps xmm0,xmm2 | 00000001407D4F45 | 0F51C2 | sqrtps xmm0,xmm2 |
00000001407D4E08 | F3:0F5905 90309202 | mulss xmm0,dword ptr ds:[1430F7EA0] | pFrametimeRunningSpeed->fFrametimeCriticalRunningSpeed 00000001407D4F48 | F3:0F5905 E8409202 | mulss xmm0,dword ptr ds:[1430F9038] | pFrametimeRunningSpeed->fFrametimeCriticalRunningSpeed
00000001407D4E10 | 0F2FF8 | comiss xmm7,xmm0 | 00000001407D4F50 | 0F2FF8 | comiss xmm7,xmm0 |
00000001407D4E08 (Version 1.2.0.0)
*/ */
internal const string PATTERN_FRAMELOCK_SPEED_FIX = "F3 0F 58 ?? 0F C6 ?? 00 0F 51 ?? F3 0F 59 ?? ?? ?? ?? ?? 0F 2F"; internal const string PATTERN_FRAMELOCK_SPEED_FIX = "F3 0F 58 ?? 0F C6 ?? 00 0F 51 ?? F3 0F 59 ?? ?? ?? ?? ?? 0F 2F";
internal const int PATTERN_FRAMELOCK_SPEED_FIX_OFFSET = 15; internal const int PATTERN_FRAMELOCK_SPEED_FIX_OFFSET = 15;
@ -97,10 +105,12 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pCurrentResolutionWidth to <int>iInternalGameWidth (and <int>iInternalGameHeight which is +4 bytes). Reference pointer pCurrentResolutionWidth to <int>iInternalGameWidth (and <int>iInternalGameHeight which is +4 bytes).
000000014114AC85 | 0F57D2 | xorps xmm2,xmm2 | 000000014114B5C5 | 0F57D2 | xorps xmm2,xmm2 |
000000014114AC88 | 890D 92147D02 | mov dword ptr ds:[14391C120],ecx | pCurrentResolutionWidth->iInternalGameWidth 000000014114B5C8 | 890D 521B7D02 | mov dword ptr ds:[14391D120],ecx |
000000014114AC8E | 0F57C9 | xorps xmm1,xmm1 | 000000014114B5CE | 0F57C9 | xorps xmm1,xmm1 |
000000014114AC91 | 8915 8D147D02 | mov dword ptr ds:[14391C124],edx | pCurrentResolutionHeight->iInternalGameHeight 000000014114B5D1 | 8915 4D1B7D02 | mov dword ptr ds:[14391D124],edx |
000000014114AC88 (Version 1.2.0.0)
*/ */
internal const string PATTERN_RESOLUTION_POINTER = "0F 57 D2 89 0D ?? ?? ?? ?? 0F 57 C9"; internal const string PATTERN_RESOLUTION_POINTER = "0F 57 D2 89 0D ?? ?? ?? ?? 0F 57 C9";
internal const int PATTERN_RESOLUTION_POINTER_OFFSET = 3; internal const int PATTERN_RESOLUTION_POINTER_OFFSET = 3;
@ -133,9 +143,11 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pFovTableEntry to FOV entry in game FOV table that gets used in FOV calculations. Overwrite pFovTableEntry address to use a higher or lower <float>fFOV from table. Reference pointer pFovTableEntry to FOV entry in game FOV table that gets used in FOV calculations. Overwrite pFovTableEntry address to use a higher or lower <float>fFOV from table.
FOV is in radians while default is 1.0deg (0.0174533rad), to increase by 25% you'd write 1.25deg (0.0218166rad) as fFov. FOV is in radians while default is 1.0deg (0.0174533rad), to increase by 25% you'd write 1.25deg (0.0218166rad) as fFov.
0000000140739548 | F3:0F1008 | movss xmm1,dword ptr ds:[rax] | 00000001407395A8 | F3:0F1008 | movss xmm1,dword ptr ds:[rax] |
000000014073954C | F3:0F590D 0CE79B02 | mulss xmm1,dword ptr ds:[1430F7C60] | pFovTableEntry->fFov 00000001407395AC | F3:0F590D 44F89B02 | mulss xmm1,dword ptr ds:[1430F8DF8] | pFovTableEntry->fFov
0000000140739554 | F3:0F5C4E 50 | subss xmm1,dword ptr ds:[rsi+50] | 00000001407395B4 | F3:0F5C4E 50 | subss xmm1,dword ptr ds:[rsi+50] |
000000014073954C (Version 1.2.0.0)
*/ */
// credits to 'jackfuste' for original offset // credits to 'jackfuste' for original offset
internal const string PATTERN_FOVSETTING = "F3 0F 10 08 F3 0F 59 0D ?? ?? ?? ?? F3 0F 5C 4E"; internal const string PATTERN_FOVSETTING = "F3 0F 10 08 F3 0F 59 0D ?? ?? ?? ?? F3 0F 5C 4E";
@ -145,13 +157,15 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pPlayerStatsRelated to PlayerStats pointer, offset in struct to <int>iPlayerDeaths. Reference pointer pPlayerStatsRelated to PlayerStats pointer, offset in struct to <int>iPlayerDeaths.
00000001407AAC92 | 0FB648 7A | movzx ecx,byte ptr ds:[rax+7A] | 00000001407AAD51 | 0FB648 7A | movzx ecx,byte ptr ds:[rax+7A] |
00000001407AAC96 | 888B F7000000 | mov byte ptr ds:[rbx+F7],cl | 00000001407AAD55 | 888B F7000000 | mov byte ptr ds:[rbx+F7],cl |
00000001407AAC9C | 48:8B05 4DD03903 | mov rax,qword ptr ds:[143B47CF0] | 00000001407AAD5B | 48:8B05 CEDF3903 | mov rax,qword ptr ds:[143B48D30] |
00000001407AACA3 | 8B88 8C000000 | mov ecx,dword ptr ds:[rax+8C] | 00000001407AAD62 | 8B88 8C000000 | mov ecx,dword ptr ds:[rax+8C] |
00000001407AACA9 | 898B F8000000 | mov dword ptr ds:[rbx+F8],ecx | 00000001407AAD68 | 898B F8000000 | mov dword ptr ds:[rbx+F8],ecx |
00000001407AACAF | 48:8B05 3AD03903 | mov rax,qword ptr ds:[143B47CF0] | pPlayerStatsRelated->[PlayerStats+0x90]->iPlayerDeaths 00000001407AAD6E | 48:8B05 BBDF3903 | mov rax,qword ptr ds:[143B48D30] | pPlayerStatsRelated->[PlayerStats+0x90]->iPlayerDeaths
00000001407AACB6 | 8B88 90000000 | mov ecx,dword ptr ds:[rax+90] | offset pPlayerStats->iPlayerDeaths 00000001407AAD75 | 8B88 90000000 | mov ecx,dword ptr ds:[rax+90] | offset pPlayerStats->iPlayerDeaths
00000001407AACAF (Version 1.2.0.0)
*/ */
// credits to 'Me_TheCat' for original offset // credits to 'Me_TheCat' for original offset
internal const string PATTERN_PLAYER_DEATHS = "0F B6 48 ?? 88 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00 89 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00"; internal const string PATTERN_PLAYER_DEATHS = "0F B6 48 ?? 88 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00 89 8B ?? ?? 00 00 48 8B 05 ?? ?? ?? ?? 8B 88 ?? ?? 00 00";
@ -162,9 +176,11 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pTotalKills to <int>iTotalKills, does not get updated on every kill but mostly on every 2nd, includes own player deaths... Reference pointer pTotalKills to <int>iTotalKills, does not get updated on every kill but mostly on every 2nd, includes own player deaths...
0000000141151838 | 48:8D0D A9A5B302 | lea rcx,qword ptr ds:[143C8BDE8] | pTotalKills->iTotalKills 0000000141152178 | 48:8D0D A9ACB302 | lea rcx,qword ptr ds:[143C8CE28] | pTotalKills->iTotalKills
000000014115183F | 891481 | mov dword ptr ds:[rcx+rax*4],edx | 000000014115217F | 891481 | mov dword ptr ds:[rcx+rax*4],edx |
0000000141151842 | C3 | ret | 0000000141152182 | C3 | ret |
0000000141151838 (Version 1.2.0.0)
*/ */
// credits to 'Me_TheCat' for original offset // credits to 'Me_TheCat' for original offset
internal const string PATTERN_TOTAL_KILLS = "48 8D 0D ?? ?? ?? ?? 89 14 81 C3"; internal const string PATTERN_TOTAL_KILLS = "48 8D 0D ?? ?? ?? ?? 89 14 81 C3";
@ -173,11 +189,13 @@ namespace SekiroFpsUnlockAndMore
/** /**
Controls camera pitch. xmm4 holds new pitch from a calculation while rps+170 holds current one from mouse so we overwrite xmm4 with the old pitch value. Controls camera pitch. xmm4 holds new pitch from a calculation while rps+170 holds current one from mouse so we overwrite xmm4 with the old pitch value.
000000014073AF26 | 0F29A5 70080000 | movaps xmmword ptr ss:[rbp+870],xmm4 | code inject overwrite from here 000000014073AF86 | 0F29A5 70080000 | movaps xmmword ptr ss:[rbp+870],xmm4 | code inject overwrite from here
000000014073AF2D | 0F29A5 80080000 | movaps xmmword ptr ss:[rbp+880],xmm4 | jump back here from code inject 000000014073AF8D | 0F29A5 80080000 | movaps xmmword ptr ss:[rbp+880],xmm4 | jump back here from code inject
000000014073AF34 | 0F29A6 70010000 | movaps xmmword ptr ds:[rsi+170],xmm4 | camPitch, newCamPitch 000000014073AF94 | 0F29A6 70010000 | movaps xmmword ptr ds:[rsi+170],xmm4 | camPitch, newCamPitch
000000014073AF3B | EB 1C | jmp sekiro.14073AF59 | 000000014073AF9B | EB 1C | jmp sekiro.14073AFB9 |
000000014073AF3D | F3:0F108E 74010000 | movss xmm1,dword ptr ds:[rsi+174] | 000000014073AF9D | F3:0F108E 74010000 | movss xmm1,dword ptr ds:[rsi+174] |
000000014073AF26 (Version 1.2.0.0)
*/ */
internal const string PATTERN_CAMADJUST_PITCH = "0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 EB ?? F3"; internal const string PATTERN_CAMADJUST_PITCH = "0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 0F 29 ?? ?? ?? 00 00 EB ?? F3";
internal const int INJECT_CAMADJUST_PITCH_OVERWRITE_LENGTH = 7; internal const int INJECT_CAMADJUST_PITCH_OVERWRITE_LENGTH = 7;
@ -188,10 +206,12 @@ namespace SekiroFpsUnlockAndMore
}; };
/** /**
Controls automatic camera yaw adjust on move on Z-axis. xmm0 holds new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value. Controls automatic camera yaw adjust on move on Z-axis. xmm0 holds new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value.
000000014073AF4C | E8 6F60FFFF | call sekiro.140730FC0 | 000000014073AFAC | E8 6F60FFFF | call sekiro.140731020 |
000000014073AF51 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here 000000014073AFB1 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here
000000014073AF59 | 80BE A3020000 00 | cmp byte ptr ds:[rsi+2A3],0 | jump back here from code inject 000000014073AFB9 | 80BE A3020000 00 | cmp byte ptr ds:[rsi+2A3],0 | jump back here from code inject
000000014073AF60 | 0F84 2F020000 | je sekiro.14073B195 | 000000014073AFC0 | 0F84 2F020000 | je sekiro.14073B1F5 |
000000014073AF51 (Version 1.2.0.0)
*/ */
internal const string PATTERN_CAMADJUST_YAW_Z = "E8 ?? ?? ?? ?? F3 ?? ?? ?? ?? ?? 00 00 80 ?? ?? ?? 00 00 00 0F 84"; internal const string PATTERN_CAMADJUST_YAW_Z = "E8 ?? ?? ?? ?? F3 ?? ?? ?? ?? ?? 00 00 80 ?? ?? ?? 00 00 00 0F 84";
internal const int PATTERN_CAMADJUST_YAW_Z_OFFSET = 5; internal const int PATTERN_CAMADJUST_YAW_Z_OFFSET = 5;
@ -210,9 +230,17 @@ namespace SekiroFpsUnlockAndMore
000000014073B482 | F3:0F1085 E4120000 | movss xmm0,dword ptr ss:[rbp+12E4] | jump back here from code inject 000000014073B482 | F3:0F1085 E4120000 | movss xmm0,dword ptr ss:[rbp+12E4] | jump back here from code inject
000000014073B48A | E8 91BDFFFF | call sekiro.140737220 | 000000014073B48A | E8 91BDFFFF | call sekiro.140737220 |
000000014073B48F | 0F28D0 | movaps xmm2,xmm0 | 000000014073B48F | 0F28D0 | movaps xmm2,xmm0 |
000000014073B4D6 | F3:0F1000 | movss xmm0,dword ptr ds:[rax] | newCamPitch | code inject overwrite from here
000000014073B4DA | F3:0F1186 70010000 | movss dword ptr ds:[rsi+170],xmm0 | camePitch
000000014073B4E2 | F3:0F1085 E4120000 | movss xmm0,dword ptr ss:[rbp+12E4] | jump back here from code inject
000000014073B4EA | E8 91BDFFFF | call sekiro.140737280 |
000000014073B4EF | 0F28D0 | movaps xmm2,xmm0 |
000000014073B47A (Version 1.2.0.0)
*/ */
// thanks to 'Cielos' for original offset // thanks to 'Cielos' for original offset
internal const string PATTERN_CAMADJUST_PITCH_XY = "F3 ?? ?? ?? F3 ?? ?? ?? ?? ?? 00 00 F3 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 0F"; internal const string PATTERN_CAMADJUST_PITCH_XY = "F3 ?? ?? ?? F3 ?? ?? ?? 70 01 00 00 F3 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 0F";
internal const int INJECT_CAMADJUST_PITCH_XY_OVERWRITE_LENGTH = 12; internal const int INJECT_CAMADJUST_PITCH_XY_OVERWRITE_LENGTH = 12;
internal static readonly byte[] INJECT_CAMADJUST_PITCH_XY_SHELLCODE = new byte[] internal static readonly byte[] INJECT_CAMADJUST_PITCH_XY_SHELLCODE = new byte[]
{ {
@ -223,9 +251,11 @@ namespace SekiroFpsUnlockAndMore
}; };
/** /**
Controls automatic camera yaw adjust on move on XY-axis. xmm0 new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value. Controls automatic camera yaw adjust on move on XY-axis. xmm0 new yaw while rsi+174 holds current one prior movement so we overwrite xmm0 with the old yaw value.
000000014073B564 | E8 B7BCFFFF | call sekiro.140737220 | 000000014073B5C4 | E8 B7BCFFFF | call sekiro.140737280 |
000000014073B569 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here 000000014073B5C9 | F3:0F1186 74010000 | movss dword ptr ds:[rsi+174],xmm0 | camYaw, newCamYaw | code inject overwrite from here
000000014073B571 | E9 9A020000 | jmp sekiro.14073B810 | jump back here from code inject 000000014073B5D1 | E9 9A020000 | jmp sekiro.14073B870 | jump back here from code inject
000000014073B569 (Version 1.2.0.0)
*/ */
// thanks to 'Cielos' for original offset // thanks to 'Cielos' for original offset
internal const string PATTERN_CAMADJUST_YAW_XY = "E8 ?? ?? ?? ?? F3 0F 11 86 ?? ?? 00 00 E9"; internal const string PATTERN_CAMADJUST_YAW_XY = "E8 ?? ?? ?? ?? F3 0F 11 86 ?? ?? 00 00 E9";
@ -240,8 +270,10 @@ namespace SekiroFpsUnlockAndMore
/** /**
When user presses button to lock on target but no target is in range a camera reset is triggered to center cam position. This boolean indicates if we need to reset or not. When user presses button to lock on target but no target is in range a camera reset is triggered to center cam position. This boolean indicates if we need to reset or not.
000000014073AD97 | C686 A3020000 01 | mov byte ptr ds:[rsi+2A3],1 | Sets bool to indicate we need to reset camera and block user input til cam is reset 000000014073ADF7 | C686 A3020000 01 | mov byte ptr ds:[rsi+2A3],1 | Sets bool to indicate we need to reset camera and block user input til cam is reset
000000014073AD9E | F3:0F108E B4020000 | movss xmm1,dword ptr ds:[rsi+2B4] | 000000014073ADFE | F3:0F108E B4020000 | movss xmm1,dword ptr ds:[rsi+2B4] |
000000014073AD97 (Version 1.2.0.0)
*/ */
internal const string PATTERN_CAMRESET_LOCKON = "C6 86 ?? ?? 00 00 ?? F3 0F 10 8E ?? ?? 00 00"; internal const string PATTERN_CAMRESET_LOCKON = "C6 86 ?? ?? 00 00 ?? F3 0F 10 8E ?? ?? 00 00";
internal const int PATTERN_CAMRESET_LOCKON_OFFSET = 6; internal const int PATTERN_CAMRESET_LOCKON_OFFSET = 6;
@ -252,28 +284,30 @@ namespace SekiroFpsUnlockAndMore
/** /**
Whole dragonrot routine upon death is guarded by a conditional jump, there may be some events in the game where a true death shall not increase the disease so it's skippable as a whole. Whole dragonrot routine upon death is guarded by a conditional jump, there may be some events in the game where a true death shall not increase the disease so it's skippable as a whole.
We replace conditional jump with non-conditional one. We replace conditional jump with non-conditional one.
00000001411891E8 | 45:33C0 | xor r8d,r8d | 0000000141189D18 | 45:33C0 | xor r8d,r8d |
00000001411891EB | BA 27250000 | mov edx,2527 | 0000000141189D1B | BA 27250000 | mov edx,2527 |
00000001411891F0 | E8 AB8353FF | call sekiro.1406C15A0 | 0000000141189D20 | E8 DB7853FF | call sekiro.1406C1600 |
00000001411891F5 | 84C0 | test al,al | 0000000141189D25 | 84C0 | test al,al |
00000001411891F7 | 0F85 E6010000 | jne sekiro.1411893E3 | handle dragonrot? 0000000141189D27 | 0F85 E6010000 | jne sekiro.141189F13 | handle dragonrot?
00000001411891FD | 48:8B0D 44A09B02 | mov rcx,qword ptr ds:[143B43248] | dragonrot routine... 0000000141189D2D | 48:8B0D 54A59B02 | mov rcx,qword ptr ds:[143B44288] | dragonrot routine...
0000000141189204 | 48:85C9 | test rcx,rcx | 0000000141189D34 | 48:85C9 | test rcx,rcx |
0000000141189207 | 75 2E | jne sekiro.141189237 | 0000000141189D37 | 75 2E | jne sekiro.141189D67 |
0000000141189209 | 48:8D0D 19929B02 | lea rcx,qword ptr ds:[143B42429] | 0000000141189D39 | 48:8D0D 29979B02 | lea rcx,qword ptr ds:[143B43469] |
0000000141189210 | E8 5B178100 | call sekiro.14199A970 | 0000000141189D40 | E8 5B178100 | call sekiro.14199B4A0 |
0000000141189215 | 4C:8BC8 | mov r9,rax | 0000000141189D45 | 4C:8BC8 | mov r9,rax |
0000000141189218 | 4C:8D05 510EF601 | lea r8,qword ptr ds:[1430EA070] | 0000000141189D48 | 4C:8D05 5914F601 | lea r8,qword ptr ds:[1430EB1A8] |
000000014118921F | BA B1000000 | mov edx,B1 | 0000000141189D4F | BA B1000000 | mov edx,B1 |
0000000141189224 | 48:8D0D 85216601 | lea rcx,qword ptr ds:[1427EB3B0] | 0000000141189D54 | 48:8D0D 55266601 | lea rcx,qword ptr ds:[1427EC3B0] |
000000014118922B | E8 808F8000 | call sekiro.1419921B0 | 0000000141189D5B | E8 808F8000 | call sekiro.141992CE0 |
0000000141189230 | 48:8B0D 11A09B02 | mov rcx,qword ptr ds:[143B43248] | 0000000141189D60 | 48:8B0D 21A59B02 | mov rcx,qword ptr ds:[143B44288] |
0000000141189237 | 45:33C0 | xor r8d,r8d | 0000000141189D67 | 45:33C0 | xor r8d,r8d |
000000014118923A | BA 28250000 | mov edx,2528 | 0000000141189D6A | BA 28250000 | mov edx,2528 |
000000014118923F | E8 5C8353FF | call sekiro.1406C15A0 | 0000000141189D6F | E8 8C7853FF | call sekiro.1406C1600 |
0000000141189244 | 84C0 | test al,al | 0000000141189D74 | 84C0 | test al,al |
0000000141189246 | 0F84 B2000000 | je sekiro.1411892FE | increase dragonrot level on NPCs? 0000000141189D76 | 0F84 B2000000 | je sekiro.141189E2E | increase dragonrot level on NPCs?
000000014118924C | 48:8D8424 90000000 | lea rax,qword ptr ss:[rsp+90] | executes after a certain deaths threshold has been reached... 0000000141189D7C | 48:8D8424 90000000 | lea rax,qword ptr ss:[rsp+90] | executes after a certain deaths threshold has been reached...
00000001411891F7 (Version 1.2.0.0)
*/ */
internal const string PATTERN_DRAGONROT_EFFECT = "45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 85 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 48 85 C9 75 ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? ?? ?? ?? ?? BA ?? ?? ?? ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 84 ?? ?? ?? ?? 48 8D"; internal const string PATTERN_DRAGONROT_EFFECT = "45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 85 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 48 85 C9 75 ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? ?? ?? ?? ?? BA ?? ?? ?? ?? 48 8D 0D ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 8B 0D ?? ?? ?? ?? 45 ?? ?? BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 84 C0 0F 84 ?? ?? ?? ?? 48 8D";
internal const int PATTERN_DRAGONROT_EFFECT_OFFSET = 13; internal const int PATTERN_DRAGONROT_EFFECT_OFFSET = 13;
@ -283,11 +317,13 @@ namespace SekiroFpsUnlockAndMore
/** /**
sekiro.14066B520 is used to increase and decrease various player values, in this case it's used to decrease Sen so we skip the call. sekiro.14066B520 is used to increase and decrease various player values, in this case it's used to decrease Sen so we skip the call.
0000000141189044 | F344:0F2CE9 | cvttss2si r13d,xmm1 | 0000000141189B74 | F344:0F2CE9 | cvttss2si r13d,xmm1 |
0000000141189049 | 41:8BD5 | mov edx,r13d | 0000000141189B79 | 41:8BD5 | mov edx,r13d |
000000014118904C | 48:8BCB | mov rcx,rbx | 0000000141189B7C | 48:8BCB | mov rcx,rbx |
000000014118904F | E8 CC244EFF | call sekiro.14066B520 | -> ManipulatePlayerValues() 0000000141189B7F | E8 FC194EFF | call sekiro.14066B580 | -> ManipulatePlayerValues()
0000000141189054 | 8BAB 60010000 | mov ebp,dword ptr ds:[rbx+160] | 0000000141189B84 | 8BAB 60010000 | mov ebp,dword ptr ds:[rbx+160] |
000000014118904F (Version 1.2.0.0)
*/ */
internal const string PATTERN_DEATHPENALTIES1 = "F3 ?? 0F 2C ?? 41 ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 8B"; internal const string PATTERN_DEATHPENALTIES1 = "F3 ?? 0F 2C ?? 41 ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 8B";
internal const int PATTERN_DEATHPENALTIES1_OFFSET = 11; internal const int PATTERN_DEATHPENALTIES1_OFFSET = 11;
@ -295,13 +331,15 @@ namespace SekiroFpsUnlockAndMore
internal static readonly byte[] PATCH_DEATHPENALTIES1_DISABLE = new byte[5] { 0x90, 0x90, 0x90, 0x90, 0x90 }; // nop internal static readonly byte[] PATCH_DEATHPENALTIES1_DISABLE = new byte[5] { 0x90, 0x90, 0x90, 0x90, 0x90 }; // nop
/** /**
Here ability points (AP) are decreased and virtual Sen & AP decrease is set. The later 2 values will be shown after death as an indicator on how much of each has been lost. Here ability points (AP) are decreased and virtual Sen & AP decrease is set. The later 2 values will be shown after death as an indicator on how much of each has been lost.
0000000141189138 | 8B00 | mov eax,dword ptr ds:[rax] | 0000000141189C68 | 8B00 | mov eax,dword ptr ds:[rax] |
000000014118913A | 8983 60010000 | mov dword ptr ds:[rbx+160],eax | OnDeath() ability points (AP) decrease 0000000141189C6A | 8983 60010000 | mov dword ptr ds:[rbx+160],eax | OnDeath() ability points (AP) decrease
0000000141189140 | 45:2BFD | sub r15d,r13d | 0000000141189C70 | 45:2BFD | sub r15d,r13d |
0000000141189143 | 44:89BC24 90000000 | mov dword ptr ss:[rsp+90],r15d | virtual Sen decrease - shows how many Sen got lost after death 0000000141189C73 | 44:89BC24 90000000 | mov dword ptr ss:[rsp+90],r15d | virtual Sen decrease - shows how many Sen got lost after death
000000014118914B | 2BE9 | sub ebp,ecx | 0000000141189C7B | 2BE9 | sub ebp,ecx |
000000014118914D | 89AC24 94000000 | mov dword ptr ss:[rsp+94],ebp | virtual AP decrease - shows how many APs got lost after death 0000000141189C7D | 89AC24 94000000 | mov dword ptr ss:[rsp+94],ebp | virtual AP decrease - shows how many APs got lost after death
0000000141189154 | E8 371C73FF | call sekiro.1408BAD90 | 0000000141189C84 | E8 071673FF | call sekiro.1408BB290 |
000000014118913A (Version 1.2.0.0)
*/ */
internal const string PATTERN_DEATHPENALTIES2 = "8B ?? 89 83 ?? ?? ?? ?? 45 ?? ?? 44 89 ?? 24 ?? ?? 00 00 2B ?? 89 ?? 24 ?? ?? 00 00 E8"; internal const string PATTERN_DEATHPENALTIES2 = "8B ?? 89 83 ?? ?? ?? ?? 45 ?? ?? 44 89 ?? 24 ?? ?? 00 00 2B ?? 89 ?? 24 ?? ?? 00 00 E8";
internal const int PATTERN_DEATHPENALTIES2_OFFSET = 2; internal const int PATTERN_DEATHPENALTIES2_OFFSET = 2;
@ -316,11 +354,13 @@ namespace SekiroFpsUnlockAndMore
/** /**
000000014069AE2E | 0F84 DD000000 | je sekiro.14069AF11 | 000000014069AE8E | 0F84 DD000000 | je sekiro.14069AF71 |
000000014069AE34 | 84DB | test bl,bl | 000000014069AE94 | 84DB | test bl,bl |
000000014069AE36 | 0F85 D5000000 | jne sekiro.14069AF11 | handle death increase? 000000014069AE96 | 0F85 D5000000 | jne sekiro.14069AF71 | handle death increase?
000000014069AE3C | 48:8BCF | mov rcx,rdi | 000000014069AE9C | 48:8BCF | mov rcx,rdi |
000000014069AE3F | E8 BCA9FEFF | call sekiro.140685800 | -> IncreaseDeaths() 000000014069AE9F | E8 BCA9FEFF | call sekiro.140685860 | -> IncreaseDeaths()
000000014069AE36 (Version 1.2.0.0)
*/ */
internal const string PATTERN_DEATHSCOUNTER = "0F 84 ?? ?? ?? ?? 84 DB 0F 85 ?? ?? ?? ?? 48 8B ?? E8"; internal const string PATTERN_DEATHSCOUNTER = "0F 84 ?? ?? ?? ?? 84 DB 0F 85 ?? ?? ?? ?? 48 8B ?? E8";
internal const int PATTERN_DEATHSCOUNTER_OFFSET = 6; internal const int PATTERN_DEATHSCOUNTER_OFFSET = 6;
@ -330,9 +370,11 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pTimeRelated to TimescaleManager pointer, offset in struct to <float>fTimescale which acts as a global speed scale for almost all ingame calculations. Reference pointer pTimeRelated to TimescaleManager pointer, offset in struct to <float>fTimescale which acts as a global speed scale for almost all ingame calculations.
0000000141149E87 | 48:8B05 3A24B402 | mov rax,qword ptr ds:[143C8C2C8] | pTimeRelated->[TimescaleManager+0x360]->fTimescale 000000014114A7C7 | 48:8B05 3A2BB402 | mov rax,qword ptr ds:[143C8D308] | pTimeRelated->[TimescaleManager+0x360]->fTimescale
0000000141149E8E | F3:0F1088 60030000 | movss xmm1,dword ptr ds:[rax+360] | offset TimescaleManager->fTimescale 000000014114A7CE | F3:0F1088 60030000 | movss xmm1,dword ptr ds:[rax+360] | offset TimescaleManager->fTimescale
0000000141149E96 | F3:0F5988 68020000 | mulss xmm1,dword ptr ds:[rax+268] | 000000014114A7D6 | F3:0F5988 68020000 | mulss xmm1,dword ptr ds:[rax+268] |
0000000141149E87 (Version 1.2.0.0)
*/ */
// credits to 'Zullie the Witch' for original offset // credits to 'Zullie the Witch' for original offset
internal const string PATTERN_TIMESCALE = "48 8B 05 ?? ?? ?? ?? F3 0F 10 88 ?? ?? ?? ?? F3 0F"; internal const string PATTERN_TIMESCALE = "48 8B 05 ?? ?? ?? ?? F3 0F 10 88 ?? ?? ?? ?? F3 0F";
@ -342,11 +384,13 @@ namespace SekiroFpsUnlockAndMore
/** /**
Reference pointer pPlayerStructRelated1 to 4 more pointers up to player data class, offset in struct to <float>fTimescalePlayer which acts as a speed scale for the player character. Reference pointer pPlayerStructRelated1 to 4 more pointers up to player data class, offset in struct to <float>fTimescalePlayer which acts as a speed scale for the player character.
00000001406BF1D7 | 48:8B1D 128C4A03 | mov rbx,qword ptr ds:[143B67DF0] | pPlayerStructRelated1->[pPlayerStructRelated2+0x88]->[pPlayerStructRelated3+0x1FF8]->[pPlayerStructRelated4+0x28]->[pPlayerStructRelated5+0xD00]->fTimescalePlayer 00000001406BF237 | 48:8B1D F29B4A03 | mov rbx,qword ptr ds:[143B68E30] | pPlayerStructRelated1->[pPlayerStructRelated2+0x88]->[pPlayerStructRelated3+0x1FF8]->[pPlayerStructRelated4+0x28]->[pPlayerStructRelated5+0xD00]->fTimescalePlayer
00000001406BF1DE | 48:85DB | test rbx,rbx | 00000001406BF23E | 48:85DB | test rbx,rbx |
00000001406BF1E1 | 74 3C | je sekiro.1406BF21F | 00000001406BF241 | 74 3C | je sekiro.1406BF27F |
00000001406BF1E3 | 8B17 | mov edx,dword ptr ds:[rdi] | 00000001406BF243 | 8B17 | mov edx,dword ptr ds:[rdi] |
00000001406BF1E5 | 81FA 10270000 | cmp edx,2710 | 00000001406BF245 | 81FA 10270000 | cmp edx,2710 |
00000001406BF1D7 (Version 1.2.0.0)
*/ */
// credits to 'Zullie the Witch' for original offset // credits to 'Zullie the Witch' for original offset
internal const string PATTERN_TIMESCALE_PLAYER = "48 8B 1D ?? ?? ?? ?? 48 85 DB 74 ?? 8B ?? 81 FA"; internal const string PATTERN_TIMESCALE_PLAYER = "48 8B 1D ?? ?? ?? ?? 48 85 DB 74 ?? 8B ?? 81 FA";

3
SekiroFpsUnlockAndMore/MainWindow.xaml.cs
View file

@ -314,7 +314,7 @@ namespace SekiroFpsUnlockAndMore
} }
string gameFileVersion = FileVersionInfo.GetVersionInfo(procList[0].MainModule.FileName).FileVersion; string gameFileVersion = FileVersionInfo.GetVersionInfo(procList[0].MainModule.FileName).FileVersion;
if (gameFileVersion != GameData.PROCESS_EXE_VERSION && !_settingsService.ApplicationSettings.gameVersionNotify) if (gameFileVersion != GameData.PROCESS_EXE_VERSION && Array.IndexOf(GameData.PROCESS_EXE_VERSION_SUPPORTED, gameFileVersion) < 0 && !_settingsService.ApplicationSettings.gameVersionNotify)
{ {
MessageBox.Show(string.Format("Unknown game version '{0}'.\nSome functions might not work properly or even crash the game. " + MessageBox.Show(string.Format("Unknown game version '{0}'.\nSome functions might not work properly or even crash the game. " +
"Check for updates on this utility regularly following the link at the bottom.", gameFileVersion), "Sekiro FPS Unlocker and more", MessageBoxButton.OK, MessageBoxImage.Warning); "Check for updates on this utility regularly following the link at the bottom.", gameFileVersion), "Sekiro FPS Unlocker and more", MessageBoxButton.OK, MessageBoxImage.Warning);
@ -507,6 +507,7 @@ namespace SekiroFpsUnlockAndMore
long lpPlayerStructRelated1 = patternScan.FindPattern(GameData.PATTERN_TIMESCALE_PLAYER); long lpPlayerStructRelated1 = patternScan.FindPattern(GameData.PATTERN_TIMESCALE_PLAYER);
Debug.WriteLine("lpPlayerStructRelated1 found at: 0x" + lpPlayerStructRelated1.ToString("X")); Debug.WriteLine("lpPlayerStructRelated1 found at: 0x" + lpPlayerStructRelated1.ToString("X"));
if (IsValidAddress(lpPlayerStructRelated1)) if (IsValidAddress(lpPlayerStructRelated1))
{ {
long lpPlayerStructRelated2 = DereferenceStaticX64Pointer(_gameAccessHwndStatic, lpPlayerStructRelated1, GameData.PATTERN_TIMESCALE_PLAYER_INSTRUCTION_LENGTH); long lpPlayerStructRelated2 = DereferenceStaticX64Pointer(_gameAccessHwndStatic, lpPlayerStructRelated1, GameData.PATTERN_TIMESCALE_PLAYER_INSTRUCTION_LENGTH);

7
SekiroFpsUnlockAndMore/PatternScan.cs
View file

@ -72,13 +72,12 @@ namespace SekiroFpsUnlockAndMore
long ix; long ix;
int iy; int iy;
bool bFound = false; bool bFound = false;
int patternLength = bPattern.Length; int dataLength = bData.Length - bPattern.Length;
int dataLength = bData.Length - patternLength;
for (ix = 0; ix < dataLength; ix++) for (ix = 0; ix < dataLength; ix++)
{ {
bFound = true; bFound = true;
for (iy = 0; iy < patternLength; iy++) for (iy = bPattern.Length - 1; iy > -1; iy--)
{ {
if (szMask[iy] != 'x' || bPattern[iy] == bData[ix + iy]) if (szMask[iy] != 'x' || bPattern[iy] == bData[ix + iy])
continue; continue;
@ -87,7 +86,7 @@ namespace SekiroFpsUnlockAndMore
} }
if (bFound) if (bFound)
return Convert.ToInt64((long) dwStart + ix); return dwStart + ix;
} }
return 0; return 0;

4
SekiroFpsUnlockAndMore/Properties/AssemblyInfo.cs
View file

@ -18,5 +18,5 @@ using System.Runtime.InteropServices;
ResourceDictionaryLocation.SourceAssembly ResourceDictionaryLocation.SourceAssembly
)] )]
[assembly: AssemblyVersion("1.2.3.0")] [assembly: AssemblyVersion("1.2.3.1")]
[assembly: AssemblyFileVersion("1.2.3.0")] [assembly: AssemblyFileVersion("1.2.3.1")]