//alloc(newmem,2048,"DiabloImmortal.exe"+24ECF75) //alloc(newmem,2048,"DiabloImmortal.exe"+2200AB5) //alloc(newmem,2048,"DiabloImmortal.exe"+25F1F85) alloc(newmem,2048,"DiabloImmortal.exe"+2238865) label(returnhere) label(originalcode) label(exit) newmem: //this is allocated memory, you have read,write,execute access //place your code here originalcode: // byte ptr [rdi+158],3F > 0F tat fog // byte ptr [rdi+228],20 = bat 00 = tat // new byte ptr [rdi+1D0],20 = bat 00 = tat // -78 //[rdi+298] = float X LEFT+UP 511 //[rdi+29C] = float Y LEFT+UP 510 //[rdi+2E0] = float X RIGHT+DOWN 677 //[rdi+2E4] = float Y RIGHT+DOWN 383 //[rdi+28C] = float 572 //[rdi+78] = float (float)0.42 // new //[rdi+238] = float X LEFT+UP 511 //[rdi+23C] = float Y LEFT+UP 510 //[rdi+280] = float X RIGHT+DOWN 677 //[rdi+284] = float Y RIGHT+DOWN 383 //[rdi+214] = float 572 //[rdi+78] = float (float)0.42 push rax // address mov rax,newmem+500 // address 0x0 value vtmem +500 ko du > +1000 push rbx // address mov rbx,[rax+0] //> chuyen rcx = rbx = [rax+20] add rbx,8 // xoa fog byte ptr [rdi+158] = 3F > 0F cmp rdi,0 // address check je if01 cmp byte ptr [rdi+158],3F // 425+20 jne if01 //cmp [rax+0],90 // for loop < 50 (190) 10 (48) 20 (90) //ja if01 cmp [rdi+28C],(float)572 // 425+20 jne if01 //cmp [rdi+78],3ED70A3E // (float)0.42 //jne if01 cmp byte ptr [rdi+000001D0],20 jne if01 //mov [rdi+00000228],20 //mov [rax+0],rbx //mov [rax+rbx],rdi mov byte ptr [rdi+158],0F // number map if01: // tat map byte ptr [rdi+228] = 20 > 0 cmp rdi,0 // address check je if02 cmp [rdi+28C],(float)572 // 425+20 jne if02 cmp [rdi+78],3ED70A3E // (float)0.42 jne if02 cmp byte ptr [rdi+000001D0],20 jne if02 mov [rax+8*60],rdi if02: // distance player center map cmp rdi,0 // address check je if03 cmp byte ptr [rdi+158],0F // 425+20 jne if03 cmp [rax+0],50 // for loop < 50 (190) 12 (58) 10 (48) 20 (90) ja if03 cmp [rdi+28C],(float)572 // 425+20 jne if03 cmp [rdi+78],3ED70A3E // (float)0.42 jne if03 cmp byte ptr [rdi+000001D0],20 jne if03 cmp [rdi+298],(float)500 // > 510 jb if03 cmp [rdi+298],(float)697 // < 677 ja if03 cmp [rdi+2E0],(float)48 // > 510 jb if03 cmp [rdi+2E0],(float)697 // < 677 ja if03 cmp [rdi+29C],(float)373 // > 383 jb if03 cmp [rdi+29C],(float)520 // < 510 ja if03 cmp [rdi+2E4],(float)373 // > 383 jb if03 cmp [rdi+2E4],(float)520 // < 510 ja if03 cmp [rax+8*1],rdi // < 510 je if03 cmp [rax+8*2],rdi // < 510 je if03 cmp [rax+8*3],rdi // < 510 je if03 cmp [rax+8*4],rdi // < 510 je if03 cmp [rax+8*5],rdi // < 510 je if03 cmp [rax+8*6],rdi // < 510 je if03 cmp [rax+8*7],rdi // < 510 je if03 cmp [rax+8*8],rdi // < 510 je if03 cmp [rax+8*9],rdi // < 510 je if03 cmp [rax+8*10],rdi // < 510 je if03 cmp [rax+8*11],rdi // < 510 je if03 cmp [rax+8*12],rdi // < 510 je if03 cmp [rax+rbx],00 // [rax+8*1] *2 *3 *4 *5 jne if03 mov [rax+0],rbx mov [rax+rbx],rdi //mov byte ptr [rdi+00000228],0 if03: // check map 1 2 3 4 > 1 > [rdi+228] = 0 cmp rdi,0 // address check je if03_m cmp byte ptr [rdi+000001D0],20 jne if03_m cmp [rax+8*1],rdi // < 510 jne if03_m cmp [rax+8*2],0 // < 510 je if03_m cmp [rax+8*3],0 // < 510 je if03_m cmp [rax+8*4],0 // < 510 je if03_m mov byte ptr [rdi+000001D0],0 if03_m: // check map 2 3 4 > 2 > [rdi+228] = 0 cmp rdi,0 // address check je if04_m cmp byte ptr [rdi+000001D0],20 jne if04_m cmp [rax+8*2],rdi // < 510 jne if04_m cmp [rax+8*3],0 // < 510 je if04_m cmp [rax+8*4],0 // < 510 je if04_m mov byte ptr [rdi+000001D0],20 if04_m: // check map 3 4 5 > 3 > [rdi+228] = 0 cmp rdi,0 // address check je if05_m cmp byte ptr [rdi+000001D0],20 jne if05_m cmp [rax+8*3],rdi // < 510 jne if05_m cmp [rax+8*4],0 // < 510 je if05_m cmp [rax+8*5],0 // < 510 je if05_m mov byte ptr [rdi+000001D0],0 if05_m: // distance player center map > fix remove map cmp rdi,0 // address check je if04 cmp byte ptr [rdi+158],0F // 425+20 jne if04 cmp [rdi+28C],(float)572 // 425+20 jne if04 cmp [rdi+78],3ED70A3E // (float)0.42 jne if04 cmp byte ptr [rdi+000001D0],0 jne if04 cmp [rdi+298],(float)500 // > 510 jb if04 cmp [rdi+298],(float)697 // < 677 ja if04 cmp [rdi+2E0],(float)48 // > 510 jb if04 cmp [rdi+2E0],(float)697 // < 677 ja if04 cmp [rdi+29C],(float)373 // > 383 jb if04 cmp [rdi+29C],(float)520 // < 510 ja if04 cmp [rdi+2E4],(float)373 // > 383 jb if04 cmp [rdi+2E4],(float)520 // < 510 ja if04 cmp [rax+rbx-8],0 // < 510 je if04 cmp [rax+0],0 // < 510 je if04 mov [rax+rbx-8],0 // 8byte 0>4 mov [rax+rbx-4],0 // 8byte 5>8 sub [rax+0],8 if04: pop rbx pop rax //mov [rdi+000002F8],rbx //mov [rdi+000002C0],rbx ( cu ) mov r14,[rsp+00000188] //mov r15,[rsp+38] //mov bpl,01 //test byte ptr [rdi+00000208],20 //test byte ptr [rdi+000001D0],20 ( cu ) // ko du byte > mov r14,[rsp+00000188] exit: jmp returnhere //"DiabloImmortal.exe"+24ECF75: //"DiabloImmortal.exe"+2200AB5: //"DiabloImmortal.exe"+25F1F85: "DiabloImmortal.exe"+2238865: jmp newmem nop nop nop returnhere: