Gurud's PoE Trainer FullBight, Maphack and Zoomhack 1.0.0.e+

[clopman]

thanks for fast reply was a good idea atleast :>

[Ximvy]

I'd rep u if i could , but i dont have the power
really great job , keep it up!

[evoeh]

Does this not work with windows XP?

Error message :"Your system must have Cheat Engine installed to be able to use this trainer"

[MorKaotik]

Does this not work with windows XP?

Error message :"Your system must have Cheat Engine installed to be able to use this trainer"

You need to install cheat engine. Cheat Engine

[evoeh]

I have cheatengine 6.3 installed. Couldn't get it to run, I just used the .CT. Thanks for providing that

[Canbus]

Thanks a lot for the script but Cheat Engine really f- my chrome up, lost all tabs, extensions, themes, passwords etc... really pissed me off.

+rep for the script doe

[ccpcsen]

why I can't open the trainer?
and,what is the CT?how do I use it?

[redlemon]

PoE Version // Latest Patch: 1.05b
Trainer Status: Verified Working
(Tested Map, Zoom + Brightness)

[bsdunx]

I've ported this to C/C++/ASM, I'll paste some snippits of relevant parts, enjoy.

Code:

	sigs =
	{
		new Signature{ "packetSend", "\xE8\x00\x00\x00\x00\x8B\x8F\x00\x00\x00\x00\x6A\x00\xE8\x00\x00\x00\x00\xC6", "x???xxx??xxxxx???xx", 0 },
		new Signature{ "deserializePacket", "\x89\x65\xF0\x8B\xD9", "xxxxx", 0 },
		new Signature{ "mapHack", "\xd9\x00\x8b\x0c\x24", "xxxxx", 0 },
		new Signature{ "zoom1", "\x76\x04\x8d\x00\x00\x00\xd9\x00\xd9\x00\x00\x00\x00\x00\xc6\x07", "xxx???xxx???xxxx", 0 },
		new Signature{ "zoom2", "\x76\x04\x8d\x00\x00\x00\xd9\x00\xd9\x00\x00\x00\xd8\x00\x00\xd9\x00\x00\x00\x0f", "xxx???xxx???x??x???x", 0 },
		new Signature{ "zoom3", "\xF3\x0F\x10\x83\x88\x01\x00\x00\x56", "xxxxxxxxx", 0 },
		new Signature{ "zoom4", "\xF3\x0F\x10\x83\x88\x01\x00\x00\x8B", "xxxxxxxxx", 0 },
		new Signature{ "lowLifeLight", "\xF3\x0F\x59\x44\x24\x18\xf3\x0f\x59\x25", "xxxxxxxxxx", 0 },
		new Signature{ "mist", "\x66\x0F\xD6\x8F\x50\x01\x00\x00", "xxxxxxxx", 0 },
		new Signature{ "light1", "\x4c\x3e\x00\x80\xa2\x44", "xxxxxx", 0 },
		new Signature{ "light2", "\x00\x00\xaf\x43\x00\x40\xd3\x44", "xxxxxxxx", 0 },
		new Signature{ "baseManager", "\x6a\xff\x68\x00\x00\x00\x00\x50\x64\x00\x00\x00\x00\x00\x00\xa1\x00\x00\x00\x00\x81\xec\x00\x00\x00\x00\x53\x55\x56\x57\x33\xff\x3b\xc7", "xxx????xx??????x????xx????xxxxxxxx", 0 }
	};

...

	// Maphack
	char maphackOrig[] = { "\xd9\x00" };			// fld dword ptr ds:[eax]
	char maphackPatch[] = { "\xd9\xe8" };			// fld1

	// Zoom
	char zoom1Orig[] = { "\x76" };					// jbe
	char zoom1Patch[] = { "\xeb" };					// jmp

	char zoom3Orig[] = { "\xf3\x0f\x10\x83\x88\x01\x00\x00\x56" }; // movss
	char zoom4Orig[] = { "\xf3\x0f\x10\x83\x88\x01\x00\x00\x8b" }; // movss

	float *zFarPlane = new float { 10000.f };

	char zoom3Patch[] =
	{
		0xf3, 0x0f, 0x10, 0x05,
		((char*)&zFarPlane)[0], ((char*)&zFarPlane)[1],
		((char*)&zFarPlane)[2], ((char*)&zFarPlane)[3],
		0x90
	};

	// Lighting
	char lowLifeOrig[] = { "\xf3\x0f\x59\x44\x24\x18" }; // mulss xmm0
	char lowLifePatch[] = { "\x90\x90\x90\x90\x90\x90" }; // nop slide

	float light1Val = 10000.f;
	float light2Val = 5000.f;

	float light1ValOrig = 1300.f;
	float light2ValOrig = 350.f;

	// FIXME convert to jump hook
	int32_t mistOff = (int32_t)&Mist - (int32_t)(GetSignature("mist")->addr + 5);

	char mistOrig[] = { "\x66\x0F\xD6\x8F\x50\x01\x00\x00" }; // movq xmm1
	char mistPatch[] =
	{
		0xe9,
		((char*)&mistOff)[0], ((char*)&mistOff)[1], ((char*)&mistOff)[2], ((char*)&mistOff)[3],
		0x90, 0x90, 0x90
	}; // jmp patch

...

	patchManager->SetPatches(
	{
		new BufferPatch{ "zoom1", zoom1Addr, 1, zoom1Orig, zoom1Patch },
		new BufferPatch{ "zoom2", zoom2Addr, 1, zoom1Orig, zoom1Patch },
		new BufferPatch{ "zoom3", zoom3Addr, 8, zoom3Orig, zoom3Patch },
		new BufferPatch{ "zoom4", zoom4Addr, 8, zoom4Orig, zoom3Patch },
		new BufferPatch{ "mist", mistAddr, 8, mistOrig, mistPatch },
		//new BufferPatch{ "light1", light2Addr, 4, light1Orig, light1Patch },
		//new BufferPatch, "light2", light2Addr, 5, light2Orig, light2Patch },
		new BufferPatch{ "lowLifeLight", lowLifeLightAddr, 6, lowLifeOrig, lowLifePatch },
		new BufferPatch{ "mapHack1", mapHackAddr + 0x00, 2, maphackOrig, maphackPatch },
		new BufferPatch{ "mapHack2", mapHackAddr + 0x0f, 2, maphackOrig, maphackPatch },
		new BufferPatch{ "mapHack3", mapHackAddr + 0x1b, 2, maphackOrig, maphackPatch },
		new BufferPatch{ "mapHack4", mapHackAddr + 0x27, 2, maphackOrig, maphackPatch },
		new JumpPatch{ "packetSend", (uint32_t)packetSend, 5, (uint32_t *)hkPacketSend, &hkPacketSendJmpback }
	});

...

	gamePointers->light1 = (float*)(light1Addr + 2);
	gamePointers->light2 = (float*)light2Addr;

...
void __declspec(naked) Mist()
{
	__asm
	{
		mulpd xmm1, xmm1
			movq qword ptr[edi + 0x150], xmm1
			jmp mistJmpBack
	};
}

[enaf3n]

Nice port.

[tozededao]

I literally had an orgasm when I discovered that the most recent version, the zoom fix, makes flicker strike work with zoomhack.

THANKS A TON!

[DesperadoJay]

I can't seem to click on shrines while this is running... any ideas?

Sorry for the bad post.. found out that this is caused by the auto shift option in the autoflask script.
I'll post about it in that thread.

Thank You for your AWESOME work!

[rwnemisis]

its not working anymore for me since whatever little patch they put in the night before last worked great before that though

[gjohny]

working just fine here

[dmil23]

Is this detectable at all?