Azqato 503 Posted February 10, 2007 All are untested but the addresses should be correct. I will add more and edit the ones that I have not completely finished or thought I finished but didn't. Sorry for not finishing but I need to go get ready for school and such. Edit 2/9/07 :: I added the values for roses, chocolates, and wish tickets to the all etc item filter, thanks to Arctan for originally finding them and to PureGangster for posting them on MPC. -=General Addresses=- Full Godmode - 0064356A Super Tubi - 0048D9A3 Instant Loot (Change value to 0) - 00721BD0 Miss Godmode - 006435A4 Swear - 00452682 Dupex (EIP) - 0067699A CSEAX X - 677a44 CSEAX-Y - 677aa9 Shadow Partner - 62e269 Dark Sight - 6300a8 Speed Attack - 4318ff Fast Attack - 4308bd Meso Drop - 670da7 Fly V1 - 67432c Lag Hack - EAX 0 - 0673dd5 No Knockback - ZF [X] [X] - 6d376e Suck Left Vac - CF [X] [X] - 67685d Suck Right Vac - CF [X] [X] - 6768da SSeaxX - EAX - 00673d40 SSeaxY - EAX - 00673d66 Unlimited Attack - 00785EF4 offset E80 No Breath - 00785EF4 offset 254 Monster scanner - 78560c offset 10 People scanner - 785608 offset 18 Top wall - 785604 offset 8 Bottom wall - 785604 offset 10 Right wall - 785604 offset C Left wall - 785604 offset 4 ___________________________________ -=CRC Scripts=- CRC Bypass script Code: [enable] alloc(newmem,2048) alloc(blaaaa,3670018) label(originalcode) loadbinary(blaaaa,v34.cem) newmem: cmp ecx,00400000 jb originalcode cmp ecx,00780000 ja originalcode mov eax,blaaaa sub eax,00400000 add ecx, eax originalcode: mov eax,[ebp+10] push esi push edi jmp 0045de2c 0045de27: jmp newmem [disable] 0045de27: mov eax,[ebp+10] push esi push edi dealloc(newmem) dealloc(blaaaa) Godmode: Code: [enable] 64356A: je 00643CF5 [disable] 64356A: jne 00643CF5 Super Tubi: Code: [ENABLE] 0048D9A3: nop nop [DISABLE] 0048D9A3: jne 004893EF Swear: Code: [ENABLE] 00452682: nop nop [DISABLE] 00452682: jne 00451d28 Instant Drop: Code: [enable] 721BD0: add [eax],al add [eax],al add [eax],al add [eax],al [disable] 721BD0: add [eax],al add [eax],al add [eax-71],al inc eax Miss Godmode: Code: [ENABLE] 006435A4: xor esi, esi nop [DISABLE] 006435A4: mov esi, [ebp+18] Mouse vac: Code: [ENABLE] Alloc(MouserX,512) Alloc(MouserY,512) label(back) label(return) 00677A44: jmp MouserX back: 00677AA9: jmp MouserY return: MouserX: mov eax, [0077F728] mov eax, [eax+978] mov eax, [eax+80] mov [ebx], eax mov edi,[ebp+10] jmp back MouserY: mov eax, [0077F728] mov eax, [eax+978] mov eax, [eax+84] mov [edi], eax mov ebx,[ebp+14] jmp return [DISABLE] 00677A44: mov [ebx], eax mov edi,[ebp+10] 00677AA9: mov [edi],eax mov ebx,[ebp+14] dealloc(MouserX) dealloc(MouserY) Item Vac Code: [ENABLE] alloc(ItemVac, 1024) ItemVac: pushad mov ecx, [ebp+8] mov ebx, [ebp-24] mov [ecx], ebx mov [ecx+4], eax mov ecx, eax mov eax, ebx lea edx, [eax-19] mov [ebp-34], edx lea edx, [ecx-32] add eax, 19 add ecx, A mov [ebp-30], edx mov [ebp-2C], eax mov [ebp-28], ecx popad push eax push [ebp-24] lea eax, [ebp-34] jmp 00494599 00494592: jmp ItemVac nop nop [DISABLE] 00494592: push EAX 00494593: push [ebp-24] 00494596: lea eax, [ebp-34] Meso Drop: Code: [enable] registersymbol(Amount) alloc(Amount,4) alloc(Mesars,32) Amount: add [eax],al add [eax],al Mesars: mov eax,[Amount] mov [esi+000000bc], eax jmp 670DAD 00670DA7: jmp Mesars nop [disable] unregistersymbol(Amount) dealloc(Amount,4) dealloc(Mesars,32) 00670DA7: mov [esi+000000bc], eax Lag Hack: Code: [enable] 673DD7: jne 00673DE4 [disable] 673DD7: je 00673DE4 Stab: Code: [Enable] 6d24ad: mov eax,11111115 [Disable] 6d24ad: mov eax,00007fff Stab v2: Code: [Enable] 6d24ad: mov eax,11111111 [Disable] 6d24ad: mov eax,00007fff Swing Code: [Enable] 6d24ad: mov eax,11111113 [Disable] 6d24ad: mov eax,00007fff Unradomizer - STR Code: [Enable] 6d24ad: mov eax,0 [Disable] 6d24ad: mov eax,00007fff Unradomizer - DEX Code: [Enable] 6d24ad: mov eax,1 [Disable] 6d24ad: mov eax,00007fff Unradomizer - INT Code: [Enable] 6d24ad: mov eax,2 [Disable] 6d24ad: mov eax,00007fff Unradomizer - LUK Code: [Enable] 6d24ad: mov eax,3 [Disable] 6d24ad: mov eax,00007fff Tele Up: Code: [enable] 00676776: jbe 006767E4 [disable] 00676776: jae 006767E4 Shiftu Vac Code: [ENABLE] 00673E84: jne 00673FB8 [DISABLE] 00673E84: jmp 00673FB8 Pin Unrandomizer Code: [enable] alloc(pinunrandom,128) label(returnhere) 005F01E4: jmp pinunrandom returnhere: pinunrandom: add eax,edx push edx shr edx,1 mov [eax],edx pop edx cmp byte ptr [eax],ff jmp returnhere [disable] 005F01E4: add eax,edx cmp byte ptr [eax],0a dealloc(pinunrandom) dEMI (Might be patched ) Code: [ENABLE] alloc(dv,100) alloc(dvtype,4) label(normalx) label(normaly) label(endx) label(endy) label(backdv) label(dvzero) label(dvone) registersymbol(dvtype) dv: mov eax, [00785ef4] push eax mov eax, [eax+390] mov [ebx+398], eax cmp [dvtype], 0 je dvzero cmp [dvtype], 1 je dvone sub eax, 100 jmp dvzero dvone: add eax, 100 dvzero: mov [ebx+390], eax pop eax mov eax, [eax+394] mov [ebx+394], eax mov [ebx+39C], eax jmp backdv push ecx mov ecx, [00785ef4] add ecx,390 cmp ebx, ecx je normalx mov ecx, [ecx] cmp [dvtype], 0 cmp [dvtype], 1 sub ecx, 100 add ecx, 100 cmp [ebx],ecx je endx normalx: mov [ebx],eax endx: pop ecx mov edi, [ebp+10] push ecx mov ecx, [00785ef4] add ecx,394 cmp edi, ecx je normaly mov ecx, [ecx] cmp [edi],ecx je endy normaly: mov [edi],eax endy: pop ecx mov ebx, [ebp+14] 0051df08: jmp dv nop backdv: 00677a44: 00677aa9: [DISABLE] 0051df08: mov [ebx+39c], eax 00677a44: mov [ebx],eax mov edi, [ebp+10] 00677aa9: mov [edi],eax mov ebx, [ebp+14] dealloc(dv) dealloc(uvx) dealloc(uvy) dealloc(dvtype) Timed Dupex Code: [enable] registersymbol(DX) registersymbol(DXListOffset) registersymbol(DXType) alloc(DX, 1024) alloc(DXListOffset, 4) alloc(DXType,4) alloc(DXFindChar, 1024) alloc(ESIList, 1024) alloc(EDIValue, 4) alloc(DXMap,4) label(CompareOffset) label(StoreESI) label(DoNormal) label(LeaveMe) label(DXMonster) label(NoDupe) label(DoVac) alloc(DXCounter,4) registersymbol(VacTime) registersymbol(TotalTime) alloc(VacTime,4) alloc(TotalTime,4) alloc(DXCounter,4) label(DXPause) label(DXResetCounter) label(DXReset) DXCounter: add [eax],al add [eax],al VacTime: js 0ff90c16 add [eax],al TotalTime: or [edi],al add [eax],al DXCounter: sub al,01 add [eax],al //Original Code DXListOffset: add [eax],al add [eax],al DXType: add [eax],al add [eax],al DX: push eax push ebx push ecx push edx mov ebx,[DXType] cmp ebx, 00 // 0 = Do Nothing je NoDupe cmp ebx, 01 je DXFindChar cmp ebx, 02 je DoVac cmp ebx, 03 je DoVac //Modified Code cmp ebx, 04 je DXReset jmp DoNormal DXFindChar: mov [esi+114],edi mov eax,0 mov ebx,DXListOffset mov ecx,ESIList mov edx,EDIValue CompareOffset: cmp eax,[ebx] je StoreESI cmp esi,[ecx+eax*4] je LeaveMe inc eax jmp CompareOffset StoreESI: mov [ecx+eax*4],esi inc eax mov [ebx],eax mov [edx],edi DoVac: mov eax,[DXCounter] cmp eax,[VacTime] inc eax mov [DXCounter],eax jae DXPause //Original mov ebx,[DXListOffset] dec ebx mov ecx,ESIList mov eax,[ecx+ebx*4] cmp esi,eax je DoNormal mov ebx,[DXType] cmp ebx, 02 jne DXMonster mov edi,[eax+114] jmp DoNormal DXMonster: cmp ebx, 03 jne NoDupe mov edi,[EDIValue] jmp DoNormal NoDupe: mov ebx, 0 mov [DXListOffset],ebx mov [DXCounter],0 DoNormal: mov [esi+114],edi LeaveMe: pop edx pop ecx pop ebx pop eax jmp 6769a0 DXPause: cmp eax,[TotalTime] jae DXResetCounter jmp DoNormal DXResetCounter: mov [DXCounter],0 jmp DoNormal DXReset: mov ebx, 0 mov [DXListOffset],ebx mov [DXCounter],0 mov [DXType],1 jmp DoNormal 0067699A: jmp DX nop [disable] 0067699A: mov [esi+114],edi dealloc(DXFindChar) dealloc(DXListOffset) dealloc(ESIList) dealloc(DX) dealloc(EDIValue) dealloc(DXCounter) unregistersymbol(DX) unregistersymbol(DXListOffset) unregistersymbol(DXType) All etc item fliter Code: [enable] alloc(ItemEdit, 16128) label(CS) registersymbol(counter) alloc(counter, 64) counter: db 00 00 ItemEdit: mov [counter], eax cmp eax,3D0915 je CS cmp eax,3D14BC je CS cmp eax,3D0932 je CS cmp eax,3D0915 je CS cmp eax,3D14BC je CS cmp eax,3D0949 je CS cmp eax,1F72C8 je CS cmp eax,1F6EE0 je CS cmp eax,3D091F je CS cmp eax,3D091A je CS cmp eax,3D14BC je CS cmp eax,1F72C8 je CS cmp eax,1F6EE0 je CS cmp eax,3D14BC je CS cmp eax,1F72C8 je CS cmp eax,1F6EE0 je CS cmp eax,3D092A je CS cmp eax,3D14BC je CS cmp eax,1EAB94 je CS cmp eax,1F72C8 je CS cmp eax,1F6EE0 je CS cmp eax,3D7E3C je CS cmp eax,3D14BC je CS cmp eax,3D0915 je CS cmp eax,3D0914 je CS cmp eax,1F72C8 je CS cmp eax,1F6EE0 je CS cmp eax,3D14BC je CS cmp eax,3D0915 je CS cmp eax,3D09B3 je CS cmp eax,3D3013 je CS cmp eax,3D5721 je CS cmp eax,3D5722 je CS cmp eax,3D82C6 je CS cmp eax,3D0950 je CS cmp eax,3D0994 je CS cmp eax,3D5728 je CS cmp eax,3D0963 je CS cmp eax,3D0909 je CS cmp eax,3D0900 je CS cmp eax,3D0966 je CS cmp eax,3D83CF je CS cmp eax,3D3010 je CS cmp eax,3D09A4 je CS cmp eax,3D0925 je CS cmp eax,3D0982 je CS cmp eax,3D0980 je CS cmp eax,3D0946 je CS cmp eax,3D094F je CS cmp eax,3D0908 je CS cmp eax,3D096F je CS cmp eax,3D841F je CS cmp eax,3D092C je CS cmp eax,3D0971 je CS cmp eax,3D0988 je CS cmp eax,3D0973 je CS cmp eax,3D0917 je CS cmp eax,3D0921 je CS cmp eax,3D090D je CS cmp eax,3D091F je CS cmp eax,3D18A4 je CS cmp eax,3D09BA je CS cmp eax,3D0937 je CS cmp eax,3D0957 je CS cmp eax,3D093E je CS cmp eax,3D0939 je CS cmp eax,3D0919 je CS cmp eax,3D0938 je CS cmp eax,3D0983 je CS cmp eax,3D18A2 je CS cmp eax,3D5727 je CS cmp eax,3D091E je CS cmp eax,3D090E je CS cmp eax,3D0985 je CS cmp eax,3D5723 je CS cmp eax,3D0907 je CS cmp eax,3D0992 je CS cmp eax,3D0944 je CS cmp eax,3D0918 je CS cmp eax,3D0955 je CS cmp eax,3D0951 je CS cmp eax,3D0912 je CS cmp eax,3D09A5 je CS cmp eax,3D09A2 je CS cmp eax,3D094C je CS cmp eax,3D0990 je CS cmp eax,3D09B5 je CS cmp eax,3D5720 je CS cmp eax,3D0997 je CS cmp eax,3D0984 je CS cmp eax,3D0987 je CS cmp eax,3D3016 je CS cmp eax,3D83D6 je CS cmp eax,3D090C je CS cmp eax,3D0948 je CS cmp eax,3D82E3 je CS cmp eax,3D09A7 je CS cmp eax,3D0960 je CS cmp eax,3D0933 je CS cmp eax,3D090F je CS cmp eax,3D09B9 je CS cmp eax,3D0954 je CS cmp eax,3D09B7 je CS cmp eax,3D0927 je CS cmp eax,3D0943 je CS cmp eax,3D094E je CS cmp eax,3D0922 je CS cmp eax,3D0958 je CS cmp eax,3D098E je CS cmp eax,3D0953 je CS cmp eax,3D0930 je CS cmp eax,3D0981 je CS cmp eax,3D0905 je CS cmp eax,3D0915 je CS cmp eax,3D0956 je CS cmp eax,3D0920 je CS cmp eax,3D0947 je CS cmp eax,3D092B je CS cmp eax,3D094A je CS cmp eax,3D18A3 je CS cmp eax,3D093C je CS cmp eax,3D091A je CS cmp eax,3D091D je CS cmp eax,3D093D je CS cmp eax,3D0936 je CS cmp eax,3D0929 je CS cmp eax,3D0978 je CS cmp eax,3D097A je CS cmp eax,3D0970 je CS cmp eax,3D0924 je CS cmp eax,3D3012 je CS cmp eax,3D09B1 je CS cmp eax,3D0968 je CS cmp eax,3D097E je CS cmp eax,3D0928 je CS cmp eax,3D09A0 je CS cmp eax,3D093A je CS cmp eax,3D0906 je CS cmp eax,3D7E3D je CS cmp eax,3D7E31 je CS cmp eax,3D7E3A je CS cmp eax,3D7E3F je CS cmp eax,3D7E3B je CS cmp eax,3D7E3E je CS cmp eax,3D7E30 je CS cmp eax,3D7E40 je CS cmp eax,3D7E39 je CS cmp eax,3D5724 je CS cmp eax,3D0901 je CS cmp eax,3D3015 je CS cmp eax,3D096C je CS cmp eax,3D0911 je CS cmp eax,3D0902 je CS cmp eax,3D0969 je CS cmp eax,3D0964 je CS cmp eax,3D0979 je CS cmp eax,3D099F je CS cmp eax,3D18A0 je CS cmp eax,3D14B9 je CS cmp eax,3D0967 je CS cmp eax,3D095F je CS cmp eax,3D0977 je CS cmp eax,3D0910 je CS cmp eax,3D83D3 je CS cmp eax,3D83D0 je CS cmp eax,3D83D1 je CS cmp eax,3D097C je CS cmp eax,3D5725 je CS cmp eax,3D14B8 je CS cmp eax,3D09A3 je CS cmp eax,3D09A1 je CS cmp eax,3D099D je CS cmp eax,3D099B je CS cmp eax,3D099C je CS cmp eax,3D0995 je CS cmp eax,3D0993 je CS cmp eax,3D0991 je CS cmp eax,3D093F je CS cmp eax,3D09B4 je CS cmp eax,3D09A6 je CS cmp eax,3D3014 je CS cmp eax,3D090A je CS cmp eax,3D0974 je CS cmp eax,3D0976 je CS cmp eax,3D0913 je CS cmp eax,3D0999 je CS cmp eax,3D14BD je CS cmp eax,3D82E9 je CS cmp eax,3D0975 je CS cmp eax,3D0961 je CS cmp eax,3D0904 je CS cmp eax,3D093B je CS cmp eax,3D3011 je CS cmp eax,3D0962 je CS cmp eax,3D0916 je CS cmp eax,3D09A8 je CS cmp eax,3D0972 je CS cmp eax,3D0998 je CS cmp eax,3D091C je CS cmp eax,3D092E je CS cmp eax,3D096A je CS cmp eax,3D096B je CS cmp eax,3D2070 je CS cmp eax,3D2071 je CS cmp eax,3D5726 je CS cmp eax,3D092D je CS cmp eax,3D099A je CS cmp eax,3D097F je CS cmp eax,3D096D je CS cmp eax,3D096E je CS cmp eax,3D0903 je CS cmp eax,3D0986 je CS cmp eax,3D0935 je CS cmp eax,3D0934 je CS cmp eax,3D83D2 je CS cmp eax,3D091B je CS cmp eax,1600FF je CS cmp eax,160100 je CS cmp eax,160101 je CS cmp eax,3D8285 je CS cmp eax,3D8286 je CS cmp eax,3D8437 je CS cmp eax,3D8438 je CS cmp eax,3D8438 je CS cmp eax,3D8311 je CS cmp eax,3D18A1 je CS cmp eax,3D097B je CS cmp eax,3D0965 je CS cmp eax,3D0931 je CS cmp eax,3D098F je CS cmp eax,3D0952 je CS cmp eax,3D0945 je CS mov [edi+34],eax mov edi, [ebp-14] jmp 004956fe CS: mov [edi+34],0 mov edi, [ebp-14] jmp 004956fe 004956f8: jmp ItemEdit [disable] 004956f8: mov [edi+34], eax mov edi, [ebp-14] Ranged dEMI (currently working to fix the script) Code: [Enable] alloc(dv,100) alloc(uvx,100) alloc(uvy,100) alloc(dvtype,4) label(normalx) label(normaly) label(endx) label(endy) label(backdv) label(backuvy) label(backuvx) label(dvzero) label(dvone) label(uvzero) label(uvone) registersymbol(dvtype) dv: mov eax, [00785ef4] push eax mov eax, [eax+390] mov [ebx+398], eax add [ebx+398], 100 cmp [dvtype], 0 je dvzero cmp [dvtype], 1 je dvone sub eax, 100 jmp dvzero dvone: add eax, 100 dvzero: mov [ebx+390], eax pop eax mov eax, [eax+394] mov [ebx+394], eax mov [ebx+39C], eax jmp backdv uvx: push ecx mov ecx, [00785ef4] add ecx,390 cmp ebx, ecx je normalx mov ecx, [ecx] cmp [dvtype], 0 je uvzero cmp [dvtype], 1 je uvone sub ecx, 100 jmp uvzero uvone: add ecx, 100 uvzero: cmp [ebx],ecx je endx normalx: mov [ebx],eax endx: pop ecx mov edi, [ebp+10] jmp backuvx uvy: push ecx mov ecx, [00785ef4] add ecx,394 cmp edi, ecx je normaly mov ecx, [ecx] cmp [edi],ecx je endy normaly: mov [edi],eax endy: pop ecx mov ebx, [ebp+14] jmp backuvy 51df08: jmp dv nop backdv: 677a44: jmp uvx backuvx: 677aa9: jmp uvy backuvy: [Disable] 51df08: mov [ebx+39c], eax 677a44: mov [ebx],eax mov edi, [ebp+10] 677aa9: mov [edi],eax mov ebx, [ebp+14] dealloc(dv) dealloc(uvx) dealloc(uvy) dealloc(dvtype) unregistersymbol(dvtype) Credits to the respected creators of the scripts and finders of the addresses and partial credit for me updating them, also to simonlaserna for some addresses and to ICE} for the v34.cem, link to download it : link Note to mods : I tried uploading it but you can scan and keep or remove the link. Note to mods :: All rapidshare / megaupload links are scruie approved and or are mod approved by someone else. Engines to download :: XP engine Akuma Spuce 2 Kaspersky Engine 2 Storm Engine 5.3.1 Serum Engine BlackJoseph Engine Most settings for these engines are posted in this thread. link Share this post Link to post