Untitled
unknown
plain_text
a year ago
219 kB
10
Indexable
#include "sdk.h"
#include "Offsets.hpp"
#include "ImGui/imgui.h"
#include "driver.h"
#include <XInput.h>
#include <cmath>
#pragma comment(lib, "XInput.lib")
using namespace driver;
#define BONE_HEAD 7
#define BONE_FOOT 24
#include <windows.h>
#include <iostream>
enum STANCE : int
{
STAND = 0,
CROUNCH = 1,
PRONE = 2,
KNOCKED = 3
};
namespace sdk {
HANDLE process_id = NULL;
uintptr_t module_base = NULL;
uintptr_t peb = NULL;
HWND hwnd = NULL;
uintptr_t client_info = NULL;
uintptr_t client_info_base = NULL;
uint64_t bone_base = NULL;
uint64_t bone_index = NULL;
uintptr_t currentvisoffset = NULL;
uintptr_t last_visible_offset = NULL;
uintptr_t locked_player = NULL;
Target current_target = {};
BOOL CALLBACK enum_windows(HWND hwnd, LPARAM param) {
DWORD process_id;
GetWindowThreadProcessId(hwnd, &process_id);
if (process_id == param)
{
sdk::hwnd = hwnd;
return false;
}
return true;
}
void draw_text(float x, float y, ImColor color, const char* text) {
ImGui::GetForegroundDrawList()->AddText(ImVec2(x, y), color, text);
}
// radar
void RadarRange(float* x, float* y, float range)
{
if (fabs((*x)) > range || fabs((*y)) > range)
{
if ((*y) > (*x))
{
if ((*y) > -(*x))
{
(*x) = range * (*x) / (*y);
(*y) = range;
}
else
{
(*y) = -range * (*y) / (*x);
(*x) = -range;
}
}
else
{
if ((*y) > -(*x))
{
(*y) = range * (*y) / (*x);
(*x) = range;
}
else
{
(*x) = -range * (*x) / (*y);
(*y) = -range;
}
}
}
}
void CalcRadarPoint(const vec3_t& vOrigin, int& screenx, int& screeny) {
vec3_t local_pos = sdk::get_camera_position();
vec2_t angles = sdk::get_camera_angles();
float fYaw = angles.y * M_PI / 180.0f;
float dx = vOrigin.x - local_pos.x;
float dy = vOrigin.y - local_pos.y;
float fsin_yaw = sinf(fYaw);
float fminus_cos_yaw = -cosf(fYaw);
float x = dy * fminus_cos_yaw + dx * fsin_yaw;
x = -x;
float y = dx * fminus_cos_yaw - dy * fsin_yaw;
float range = vars::RadarDist * 1000.f;
RadarRange(&x, &y, range);
ImVec2 DrawPos = ImVec2(vars::radar_position_x, vars::radar_position_y);
ImVec2 DrawSize = ImVec2(vars::radar_size, vars::radar_size);
int rad_x = (int)DrawPos.x;
int rad_y = (int)DrawPos.y;
float r_siz_x = DrawSize.x;
float r_siz_y = DrawSize.y;
int x_max = (int)r_siz_x + rad_x - 5;
int y_max = (int)r_siz_y + rad_y - 5;
screenx = rad_x + ((int)r_siz_x / 2 + int(x / range * r_siz_x));
screeny = rad_y + ((int)r_siz_y / 2 + int(y / range * r_siz_y));
if (screenx > x_max)
screenx = x_max;
if (screenx < rad_x)
screenx = rad_x;
if (screeny > y_max)
screeny = y_max;
if (screeny < rad_y)
screeny = rad_y;
}
void add_to_radar(const vec3_t& WorldLocation, float fDistance) {
int ScreenX = 0, ScreenY = 0;
CalcRadarPoint(WorldLocation, ScreenX, ScreenY);
ImGui::GetWindowDrawList()->AddCircleFilled(ImVec2(ScreenX, ScreenY), 3, ImGui::GetColorU32({ 1.f, 1.f, 1.f, 1.f }), 12);
}
void render_radar_main() {
ImGui::GetWindowDrawList()->AddRectFilled(ImVec2(vars::radar_position_x, vars::radar_position_y),
ImVec2(vars::radar_position_x + vars::radar_size, vars::radar_position_y + vars::radar_size),
ImGui::GetColorU32(ImVec4(0.13f, 0.13f, 0.13f, 1.f)), 0.f, 0);
if (vars::radar_show_line_of_sight) {
ImGui::GetWindowDrawList()->AddLine(ImVec2(vars::radar_position_x + (vars::radar_size / 2), vars::radar_position_y + (vars::radar_size / 2)),
ImVec2(vars::radar_position_x, vars::radar_position_y),
ImGui::GetColorU32(ImVec4(1.f, 1.f, 1.f, 1.f)), 1.f);
ImGui::GetWindowDrawList()->AddLine(ImVec2(vars::radar_position_x + (vars::radar_size / 2), vars::radar_position_y + (vars::radar_size / 2)),
ImVec2(vars::radar_position_x + vars::radar_size, vars::radar_position_y),
ImGui::GetColorU32(ImVec4(1.f, 1.f, 1.f, 1.f)), 1.f);
ImGui::GetWindowDrawList()->AddLine(ImVec2(vars::radar_position_x + (vars::radar_size / 2), vars::radar_position_y + (vars::radar_size / 2)),
ImVec2(vars::radar_position_x + (vars::radar_size / 2), vars::radar_position_y + vars::radar_size),
ImGui::GetColorU32(ImVec4(1.f, 1.f, 1.f, 1.f)), 1.f);
}
if (vars::radar_show_local_player) {
ImGui::GetWindowDrawList()->AddCircleFilled(ImVec2(vars::radar_position_x + (vars::radar_size / 2), vars::radar_position_y + (vars::radar_size / 2)),
3.f, ImGui::GetColorU32(ImVec4(0.f, 0.3f, 0.9f, 1.f)), 12);
}
ImGui::GetWindowDrawList()->AddRect(ImVec2(vars::radar_position_x, vars::radar_position_y),
ImVec2(vars::radar_position_x + vars::radar_size, vars::radar_position_y + vars::radar_size),
ImGui::GetColorU32(ImVec4(0.f, 0.f, 0.f, 1.f)), 0.f, 0, 1.f);
}
vec3_t angles_to_direction(const vec2_t& angles) {
float pitch = angles.x * static_cast<float>(M_PI) / 180.0f;
float yaw = angles.y * static_cast<float>(M_PI) / 180.0f;
vec3_t direction;
direction.x = cos(pitch) * cos(yaw);
direction.y = cos(pitch) * sin(yaw);
direction.z = sin(pitch);
return direction;
}
void mousemove(float tarx, float tary, float X, float Y, int smooth)
{
float ScreenCenterX = (X / 2);
float ScreenCenterY = (Y / 2);
float TargetX = 0;
float TargetY = 0;
if (tarx != 0)
{
if (tarx > ScreenCenterX)
{
TargetX = -(ScreenCenterX - tarx);
TargetX /= smooth;
if (TargetX + ScreenCenterX > ScreenCenterX * 2) TargetX = 0;
}
if (tarx < ScreenCenterX)
{
TargetX = tarx - ScreenCenterX;
TargetX /= smooth;
if (TargetX + ScreenCenterX < 0) TargetX = 0;
}
}
if (tary != 0)
{
if (tary > ScreenCenterY)
{
TargetY = -(ScreenCenterY - tary);
TargetY /= smooth;
if (TargetY + ScreenCenterY > ScreenCenterY * 2) TargetY = 0;
}
if (tary < ScreenCenterY)
{
TargetY = tary - ScreenCenterY;
TargetY /= smooth;
if (TargetY + ScreenCenterY < 0) TargetY = 0;
}
}
mouse_event(MOUSEEVENTF_MOVE, static_cast<DWORD>(TargetX), static_cast<DWORD>(TargetY), NULL, NULL);
}
void DrawBox(const sdk::player_t& player, const ImColor& color) {
vec3_t head_position = decryption::get_bone_position(player.get_bone_ptr(sdk::bone_base, BONE_HEAD), decryption::get_bone_base_pos(sdk::client_info), BONE_HEAD);
vec3_t foot_position = decryption::get_bone_position(player.get_bone_ptr(sdk::bone_base, BONE_FOOT), decryption::get_bone_base_pos(sdk::client_info), BONE_FOOT);
vec2_t head_screen, foot_screen;
if (w2s(head_position, head_screen) && w2s(foot_position, foot_screen)) {
float height = foot_screen.y - head_screen.y;
float width = height / 2.0f;
auto draw = ImGui::GetForegroundDrawList();
draw->AddRect(ImVec2(head_screen.x - width / 2, head_screen.y), ImVec2(head_screen.x + width / 2, foot_screen.y), color);
}
}
vec2_t get_screen_coordinates(const vec3_t& world_pos) {
vec2_t screen_pos;
sdk::w2s(world_pos, screen_pos);
return screen_pos;
}
void set_game_hwnd() {
EnumWindows(enum_windows, (LPARAM)sdk::process_id);
}
bool in_game() {
return driver::read<int>(sdk::module_base + offsets::game_mode) > 2;
}
int player_count() {
return driver::read<int>(sdk::module_base + offsets::game_mode);
}
int local_index() {
auto local_index = driver::read<uintptr_t>(sdk::client_info + offsets::local_index);
return driver::read<int>(local_index + offsets::local_index_pos); // 0x1fc
}
#define BYTEn(x, n) (*((BYTE*)&(x)+n))
#define BYTE1(x) BYTEn(x, 1)
uint64_t get_visible_base()
{
for (int32_t j{}; j <= 0x1770; ++j)
{
uint64_t vis_base_ptr = driver::read<uint64_t>(sdk::module_base + offsets::distribute) + (j * 0x190);
uint64_t cmp_function = driver::read<uint64_t>(vis_base_ptr + 0x38);
if (!cmp_function)
continue;
uint64_t about_visible = sdk::module_base + offsets::visible;
if (cmp_function == about_visible)
{
sdk::currentvisoffset = vis_base_ptr;
return sdk::currentvisoffset;
}
}
return NULL;
}
bool is_visible(int entityNum) {
if (!sdk::currentvisoffset)
return false;
uint64_t VisibleList = driver::read<uint64_t>(sdk::last_visible_offset + 0x80);
if (!VisibleList)
return false;
uint64_t v421 = VisibleList + (entityNum * 9 + 0x152) * 8;
if (!v421)
return false;
DWORD VisibleFlags = (v421 + 0x10) ^ driver::read<DWORD>(v421 + 0x14);
if (!VisibleFlags)
return false;
DWORD v1630 = VisibleFlags * (VisibleFlags + 2);
if (!v1630)
return false;
BYTE VisibleFlags1 = driver::read<DWORD>(v421 + 0x10) ^ v1630 ^ BYTE1(v1630);
if (VisibleFlags1 == 3) {
return true;
}
return false;
}
bool visible(int entityNum) {
auto sighted_enemy_fools = driver::read<сlient_bits_t>(decryption::get_client_info() + offsets::visible_bit);
auto bitmask = 0x80000000 >> (entityNum & 0x1F);
return sighted_enemy_fools.data[entityNum >> 5] & bitmask;
}
uint32_t player_t::getIndex() const
{
return (address - sdk::module_base) / offsets::player::size;
}
NameEntry player_t::GetNameEntry(uint32_t index) const {
return driver::read<NameEntry>(sdk::GetNameList() + (index * offsets::name_size));
}
bool player_t::is_valid() {
return driver::read<bool>(address + offsets::player::valid);
}
bool player_t::dead() {
auto dead1 = driver::read<bool>(address + offsets::player::dead_1);
auto dead2 = driver::read<bool>(address + offsets::player::dead_2);
return dead1 || dead2;
}
int player_t::team_id() {
return driver::read<int>(address + offsets::player::team);
}
vec3_t player_t::get_pos() {
auto local_pos = driver::read<uintptr_t>(address + offsets::player::pos);
return driver::read<vec3_t>(local_pos + 0x48); // testing, original was 0x48
}
uintptr_t sdk::player_t::get_bone_ptr(uint64_t bone_base, uint64_t bone_index) const
{
if (!bone_base)
return 0;
return driver::read<uintptr_t>(bone_base + (bone_index * offsets::bone::index_struct_size) + 0xD8);
}
vec3_t get_camera_position() {
auto camera = driver::read<uintptr_t>(sdk::module_base + offsets::camera_base);
if (!camera)
return {};
return driver::read<vec3_t>(camera + offsets::camera_pos);
}
vec2_t get_camera_angles() {
auto camera = *(uintptr_t*)(sdk::module_base + offsets::camera_base);
if (!camera)
return {};
return driver::read<vec2_t>(camera + offsets::camera_pos + 0xC);
}
void set_camera_angles(const vec2_t& angles) {
auto camera = driver::read<uintptr_t>(sdk::module_base + offsets::camera_base);
if (!camera) return;
driver::write<float>(camera + offsets::camera_pos + 0xC, angles.x);
driver::write<float>(camera + offsets::camera_pos + 0x10, angles.y);
}
uint64_t GetNameList() {
auto ptr = driver::read<uint64_t>(sdk::module_base + offsets::name_array);
return ptr + offsets::name_array_pos;
}
uint64_t player_t::deadCheck() {
return driver::read<uint64_t>(this->address + offsets::visible + 0x78);
}
Scoreboard player_t::get_scoreboard_data() const {
return driver::read<Scoreboard>(this->address + offsets::scoreboard);
}
bool player_t::is_dead(int index) const {
Scoreboard scoreboard = get_scoreboard_data();
auto nameEntry = GetNameEntry(index);
return (nameEntry.health <= 0 || scoreboard.status == 2);
}
int player_t::get_stance() {
if (!address) {
return 4;
}
int stance = driver::read<int>(address + offsets::player::player_stance);
if (stance < STAND || stance > KNOCKED) {
return 4;
}
return stance;
}
entity_info_data get_full_data_local(uint64_t entity_address) {
entity_info_data buf;
buf.type = driver::read<uint16_t>(entity_address + offsets::player::entity_type);
buf.index = driver::read<uint16_t>(entity_address + offsets::player::entity_index);
buf.flags = driver::read<uint32_t>(entity_address + offsets::player::valid);
buf.pos = driver::read<vec3_t>(entity_address + offsets::player::entity_pos);
uint8_t v = driver::read<uint8_t>(entity_address + offsets::player::valid);
buf.is_valid = (v & 1);
buf.is_dead = (buf.flags >> 0x11) & 1;
return buf;
}
bool world_to_screen(vec3_t world_location, vec2_t& out, vec3_t camera_pos, int screen_width, int screen_height, vec2_t fov, vec3_t matricies[3]) {
auto local = world_location - camera_pos;
auto trans = vec3_t{
local.dot(matricies[1]),
local.dot(matricies[2]),
local.dot(matricies[0])
};
if (trans.z < 0.01f) {
return false;
}
out.x = ((float)screen_width / 2.0) * (1.0 - (trans.x / fov.x / trans.z));
out.y = ((float)screen_height / 2.0) * (1.0 - (trans.y / fov.y / trans.z));
if (out.x < 1 || out.y < 1 || (out.x > sdk::ref_def.width) || (out.y > sdk::ref_def.height)) {
return false;
}
return true;
}
bool w2s(vec3_t world_position, vec2_t& screen_position) {
return world_to_screen(world_position, screen_position, get_camera_position(), ref_def.width, ref_def.height, ref_def.view.tan_half_fov, ref_def.view.axis);
}
float units_to_m(float units) {
return units * 0.0254;
}
ref_def_t ref_def;
}
float Distance3D(vec3_t point1, vec3_t point2)
{
float distance = sqrt((point1.x - point2.x) * (point1.x - point2.x) +
(point1.y - point2.y) * (point1.y - point2.y) +
(point1.z - point2.z) * (point1.z - point2.z));
return distance;
}
/*void DrawBone(vec3_t from, vec3_t to, vec3_t m_location, ImU32 col)
{
if (Distance3D(m_location, from) > 118)
return;
if (Distance3D(m_location, to) > 118)
return;
if (Distance3D(from, to) > 39)
return;
vec2_t W2S_from;
if (!sdk::w2s(from, W2S_from))
return;
vec2_t W2S_to;
if (!sdk::w2s(to, W2S_to))
return;
auto draw = ImGui::GetForegroundDrawList();
draw->AddLine(ImVec2(W2S_from.x, W2S_from.y), ImVec2(W2S_to.x, W2S_to.y), col, 2.5f);
}*/
bool DrawBone(vec3_t from, vec3_t to, vec3_t m_location, ImU32 col) {
if (Distance3D(m_location, from) > 118 || Distance3D(m_location, to) > 118 || Distance3D(from, to) > 39) {
return false;
}
vec2_t W2S_from, W2S_to;
if (!sdk::w2s(from, W2S_from) || !sdk::w2s(to, W2S_to)) {
return false;
}
auto draw = ImGui::GetForegroundDrawList();
draw->AddLine(ImVec2(W2S_from.x, W2S_from.y), ImVec2(W2S_to.x, W2S_to.y), col, 2.5f);
return true;
}
namespace decryption {
/*uintptr_t get_client_info() {
switch (vars::current_platform) {
case vars::Platform::STEAM:
return STEAMdecrypt_client_info(sdk::module_base, sdk::peb);
case vars::Platform::BNET:
return BNETdecrypt_client_info(sdk::module_base, sdk::peb);
case vars::Platform::XBOX:
return XBOXdecrypt_client_info(sdk::module_base, sdk::peb); // Add this case
default:
return 0;
}
}
uintptr_t get_client_info_base() {
switch (vars::current_platform) {
case vars::Platform::STEAM:
return STEAMdecrypt_client_base(sdk::client_info, sdk::module_base, sdk::peb);
case vars::Platform::BNET:
return BNETdecrypt_client_base(sdk::client_info, sdk::module_base, sdk::peb);
case vars::Platform::XBOX:
return XBOXdecrypt_client_base(sdk::client_info, sdk::module_base, sdk::peb); // Add this case
default:
return 0;
}
}
uint64_t get_bone_decrypted_base() {
switch (vars::current_platform) {
case vars::Platform::STEAM:
return STEAMdecrypt_bone_base(sdk::client_info, sdk::peb);
case vars::Platform::BNET:
return BNETdecrypt_bone_base(sdk::client_info, sdk::peb);
case vars::Platform::XBOX:
return XBOXdecrypt_bone_base(sdk::client_info, sdk::peb); // Add this case
default:
return 0;
}
}
uint64_t platform_get_bone_index(int index) {
switch (vars::current_platform) {
case vars::Platform::STEAM:
return STEAMget_bone_index(index, sdk::module_base);
case vars::Platform::BNET:
return BNETget_bone_index(index, sdk::module_base);
case vars::Platform::XBOX:
return XBOXget_bone_index(index, sdk::module_base); // Add this case
default:
return 0;
}
}
uint64_t get_universal_bone_index(uint32_t index, uint64_t imageBase) {
switch (vars::current_platform) {
case vars::Platform::STEAM:
return STEAMget_bone_index(index, imageBase);
case vars::Platform::BNET:
return BNETget_bone_index(index, imageBase);
case vars::Platform::XBOX:
return XBOXget_bone_index(index, imageBase); // Ensure the XBOX function exists and is properly defined
default:
std::cerr << "Unknown platform selected!" << std::endl;
return 0;
}
}*/
uintptr_t get_client_info()
{
if (vars::is_steam)
{
return STEAMdecrypt_client_info(sdk::module_base, sdk::peb);
}
else
{
return BNETdecrypt_client_info(sdk::module_base, sdk::peb);
}
}
uintptr_t get_client_info_base() {
if (vars::is_steam)
{
return STEAMdecrypt_client_base(sdk::client_info, sdk::module_base, sdk::peb);
}
else
{
return BNETdecrypt_client_base(sdk::client_info, sdk::module_base, sdk::peb);
}
}
uint64_t get_bone_decrypted_base() {
if (vars::is_steam)
{
return STEAMdecrypt_bone_base(sdk::client_info, sdk::peb);
}
else
{
return BNETdecrypt_bone_base(sdk::client_info, sdk::peb);
}
}
uint64_t platform_get_bone_index(int index) {
if (vars::is_steam)
{
return decryption::STEAMget_bone_index(index, sdk::module_base);
}
else
{
return decryption::BNETget_bone_index(index, sdk::module_base);
}
}
struct ref_def_key {
int ref0;
int ref1;
int ref2;
};
uintptr_t get_ref_def() {
ref_def_key crypt = driver::read<ref_def_key>(sdk::module_base + offsets::refdef);
uint64_t baseAddr = sdk::module_base;
DWORD lower = crypt.ref0 ^ (crypt.ref2 ^ (uint64_t)(baseAddr + offsets::refdef)) * ((crypt.ref2 ^ (uint64_t)(baseAddr + offsets::refdef)) + 2);
DWORD upper = crypt.ref1 ^ (crypt.ref2 ^ (uint64_t)(baseAddr + offsets::refdef + 0x4)) * ((crypt.ref2 ^ (uint64_t)(baseAddr + offsets::refdef + 0x4)) + 2);
return (uint64_t)upper << 32 | lower;
}
vec3_t get_bone_position(const uintptr_t bone_ptr, const vec3_t& base_pos, const int bone)
{
vec3_t pos = driver::read<vec3_t>(bone_ptr + ((uint64_t)bone * 0x20) + 0x10);
pos.x += base_pos.x;
pos.y += base_pos.y;
pos.z += base_pos.z;
return pos;
}
vec3_t get_bone_base_pos(const uintptr_t client_info)
{
return driver::read<vec3_t>(client_info + offsets::bone::base_pos);
}
// UPDATED
extern "C" auto BNETdecrypt_client_info(uint64_t baseModuleAddr, uint64_t Peb) -> uint64_t
{
const uint64_t mb = baseModuleAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rbx = *(uintptr_t*)(mb + 0x145F9F18);
if (!rbx)
return rbx;
rdx = Peb; //mov rdx, gs:[rax]
//failed to trace. Register value: r8 = 00007FF8727E6780. base: 00007FF7B5A20000 It's possibly wrong
rcx = rbx + r8 * 1; //lea rcx, [rbx+r8*1]
rax = 0; //and rax, 0xFFFFFFFFC0000000
rax = _rotl64(rax, 0x10); //rol rax, 0x10
rax ^= *(uintptr_t*)(mb + 0xAB0E0E5); //xor rax, [0x000000000285F6B4]
rax = _byteswap_uint64(rax); //bswap rax
rcx *= *(uintptr_t*)(rax + 0x5); //imul rcx, [rax+0x05]
rax = mb + 0x37489F9E; //lea rax, [0x000000002F1DB55E]
rdx ^= rax; //xor rdx, rax
rcx += rdx; //add rcx, rdx
rax = rcx; //mov rax, rcx
rax >>= 0x13; //shr rax, 0x13
rcx ^= rax; //xor rcx, rax
rax = 0xF7B4615B6CAAA4C7; //mov rax, 0xF7B4615B6CAAA4C7
rbx = rcx; //mov rbx, rcx
rbx >>= 0x26; //shr rbx, 0x26
rbx ^= rcx; //xor rbx, rcx
rbx ^= rax; //xor rbx, rax
rax = 0x4FBE922616062817; //mov rax, 0x4FBE922616062817
rbx *= rax; //imul rbx, rax
return rbx;
}
// UPDATED
extern "C" auto BNETdecrypt_client_base(uint64_t client_info, uint64_t baseModuleAddr, uint64_t Peb) -> uint64_t
{
const uint64_t mb = baseModuleAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = *(uintptr_t*)(client_info + 0x199048);
if (!rax)
return rax;
r11 = ~Peb; //mov r11, gs:[rcx]
rcx = r11; //mov rcx, r11
//failed to translate: mov [rsp+0x3D0], r13
rcx <<= 0x23; //shl rcx, 0x23
rcx = _byteswap_uint64(rcx); //bswap rcx
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACCB82]
rdx = mb + 0x736B1CC9; //lea rdx, [0x000000007067069E]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = *(uintptr_t*)(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0xEDD02482923403CB; //mov rcx, 0xEDD02482923403CB : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx -= mb; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFC99E5582; //add rcx, 0xFFFFFFFFC99E5582
rax += rcx; //add rax, rcx
rcx = mb; //lea rcx, [0xFFFFFFFFFCFBE88C]
rax ^= rcx; //xor rax, rcx
rcx = 0x26A471A9EFBC14B9; //mov rcx, 0x26A471A9EFBC14B9
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4E231C434132699A; //mov rcx, 0x4E231C434132699A
rax += rcx; //add rax, rcx
return rax;
}
case 1:
{
r9 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r9, [0x0000000007ACC67C]
r13 = mb + 0x2239B1C1; //lea r13, [0x000000001F3596F2]
rcx = rax; //mov rcx, rax
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x3E63A253C6775D5; //mov rcx, 0x3E63A253C6775D5
rax ^= rcx; //xor rax, rcx
rcx = 0xC1F5691FD75F11C7; //mov rcx, 0xC1F5691FD75F11C7
rax *= rcx; //imul rax, rcx
rax += 0xFFFFFFFFDA4F9118; //add rax, 0xFFFFFFFFDA4F9118
rax += r11; //add rax, r11
rcx = r13; //mov rcx, r13
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
return rax;
}
case 2:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACC19D]
rcx = 0x43AE441D8481DD04; //mov rcx, 0x43AE441D8481DD04
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x24; //shr rdx, 0x24
rdx ^= rax; //xor rdx, rax
rcx = r11; //mov rcx, r11
rax = mb + 0x424950C8; //lea rax, [0x000000003F452EE9]
rcx = ~rcx; //not rcx
rax *= rcx; //imul rax, rcx
rax += rdx; //add rax, rdx
rcx = 0x1EB0B3B479EF017; //mov rcx, 0x1EB0B3B479EF017
rax *= rcx; //imul rax, rcx
rcx = 0xF4FDCF8C05766D07; //mov rcx, 0xF4FDCF8C05766D07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x17; //shr rcx, 0x17
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x2E; //shr rcx, 0x2E
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= *(uintptr_t*)(rdx + 0x9); //imul rax, [rdx+0x09]
return rax;
}
case 3:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACBC45]
r13 = mb + 0x1488BAD0; //lea r13, [0x00000000118495D6]
rdx = r11; //mov rdx, r11
rdx = ~rdx; //not rdx
rcx = mb + 0x8952; //lea rcx, [0xFFFFFFFFFCFC60DA]
rcx = ~rcx; //not rcx
rdx *= rcx; //imul rdx, rcx
rcx = 0x920D8D54066C3BC8; //mov rcx, 0x920D8D54066C3BC8
rax ^= rdx; //xor rax, rdx
rax ^= rcx; //xor rax, rcx
rcx = 0x71B6A01168176A5F; //mov rcx, 0x71B6A01168176A5F
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0xB; //shr rcx, 0x0B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x16; //shr rcx, 0x16
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2C; //shr rcx, 0x2C
rax ^= rcx; //xor rax, rcx
rcx = 0x28C4EBE07CC779E5; //mov rcx, 0x28C4EBE07CC779E5
rax ^= rcx; //xor rax, rcx
rcx = r11; //mov rcx, r11
rcx *= r13; //imul rcx, r13
rax -= rcx; //sub rax, rcx
rax += r11; //add rax, r11
return rax;
}
case 4:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACB75B]
r13 = mb + 0x71CF; //lea r13, [0xFFFFFFFFFCFC47EB]
rcx = 0x7BD4F3C29580BB87; //mov rcx, 0x7BD4F3C29580BB87
rax *= rcx; //imul rax, rcx
rcx = 0x646EC108C275FCD7; //mov rcx, 0x646EC108C275FCD7
rax -= r11; //sub rax, r11
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0x142843BCE5FD72BB; //mov rcx, 0x142843BCE5FD72BB
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rax *= rcx; //imul rax, rcx
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax += r11; //add rax, r11
rax *= *(uintptr_t*)(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
return rax;
}
case 5:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACB385]
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = mb; //lea rcx, [0xFFFFFFFFFCFBCC90]
rcx += 0x111FC085; //add rcx, 0x111FC085
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = 0xF8D94370868AB99; //mov rcx, 0xF8D94370868AB99
rax *= rcx; //imul rax, rcx
rcx = 0xB026072E428E1D57; //mov rcx, 0xB026072E428E1D57
rax *= rcx; //imul rax, rcx
rcx = mb; //lea rcx, [0xFFFFFFFFFCFBCE60]
rcx += 0x19F5; //add rcx, 0x19F5
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x23; //shr rcx, 0x23
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = *(uintptr_t*)(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0x5F23D3FEF0707261; //mov rcx, 0x5F23D3FEF0707261 : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
return rax;
}
case 6:
{
r9 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r9, [0x0000000007ACAD96]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rax -= r11; //sub rax, r11
rcx = mb + 0x43B5; //lea rcx, [0xFFFFFFFFFCFC0E8C]
rcx -= r11; //sub rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x35284D873B9851A9; //mov rcx, 0x35284D873B9851A9
rax ^= rcx; //xor rax, rcx
rcx = 0xF62B33C5DDB521B5; //mov rcx, 0xF62B33C5DDB521B5
rax *= rcx; //imul rax, rcx
rcx = 0xE5B0BD16F00B9D46; //mov rcx, 0xE5B0BD16F00B9D46
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
return rax;
}
case 7:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACA901]
rdx = mb + 0x8CB4; //lea rdx, [0xFFFFFFFFFCFC541F]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = mb; //lea rcx, [0xFFFFFFFFFCFBC3D4]
rax -= rcx; //sub rax, rcx
rcx = 0x9A8F75E5FE8A18B5; //mov rcx, 0x9A8F75E5FE8A18B5
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = 0xDC35AEB9AD64C433; //mov rcx, 0xDC35AEB9AD64C433
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = r11 + 0x1; //lea rcx, [r11+0x01]
rcx *= rdx; //imul rcx, rdx
rax += rcx; //add rax, rcx
return rax;
}
case 8:
{
r9 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r9, [0x0000000007ACA457]
rcx = 0x4F7CA4829AB6D5E8; //mov rcx, 0x4F7CA4829AB6D5E8
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0x5178F05F16D45A5B; //mov rcx, 0x5178F05F16D45A5B
rax *= rcx; //imul rax, rcx
rcx = 0x2ED8CECF4C40E0F3; //mov rcx, 0x2ED8CECF4C40E0F3
rax ^= r11; //xor rax, r11
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 9:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007ACA04B]
rdx = mb + 0xDD4D; //lea rdx, [0xFFFFFFFFFCFC9C02]
rcx = r11; //mov rcx, r11
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x8BE287ECF689749; //mov rcx, 0x8BE287ECF689749
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0x9933D7378FE6958F; //mov rcx, 0x9933D7378FE6958F
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = mb + 0x66BC28B6; //lea rcx, [0x0000000063B7E453]
rcx = ~rcx; //not rcx
rdx = ~rdx; //not rdx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rax *= *(uintptr_t*)(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
return rax;
}
case 10:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007AC9C14]
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x13; //shr rcx, 0x13
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x26; //shr rdx, 0x26
rdx ^= rax; //xor rdx, rax
rax = mb + 0x1C730DA6; //lea rax, [0x00000000196EC768]
rcx = r11; //mov rcx, r11
rcx *= rax; //imul rcx, rax
rax = rdx; //mov rax, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4D5CFB5CBF920449; //mov rcx, 0x4D5CFB5CBF920449
rax ^= rcx; //xor rax, rcx
rcx = 0xDF1CB3CC3968ECE9; //mov rcx, 0xDF1CB3CC3968ECE9
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 11:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007AC9667]
rcx = mb + 0xE27A; //lea rcx, [0xFFFFFFFFFCFC9519]
rcx -= r11; //sub rcx, r11
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax += rcx; //add rax, rcx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax *= *(uintptr_t*)(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx -= mb; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFBE05F030; //add rcx, 0xFFFFFFFFBE05F030
rax += rcx; //add rax, rcx
rcx = 0x8407AE81269A5D57; //mov rcx, 0x8407AE81269A5D57
rax *= rcx; //imul rax, rcx
rax -= r11; //sub rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x25; //shr rcx, 0x25
rax ^= rcx; //xor rax, rcx
rcx = 0x4D58E84452B3B2CD; //mov rcx, 0x4D58E84452B3B2CD
rax += rcx; //add rax, rcx
return rax;
}
case 12:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007AC90F0]
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x12FD53752A15F441; //mov rcx, 0x12FD53752A15F441
rax *= rcx; //imul rax, rcx
rcx = mb + 0x2A01C819; //lea rcx, [0x0000000026FD739D]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x438F040A11D1F693; //mov rcx, 0x438F040A11D1F693
rax *= rcx; //imul rax, rcx
rcx = 0x76A8417B55AEC887; //mov rcx, 0x76A8417B55AEC887
rax += rcx; //add rax, rcx
return rax;
}
case 13:
{
r9 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r9, [0x0000000007AC8B80]
r12 = mb + 0xB0AA; //lea r12, [0xFFFFFFFFFCFC5AEB]
rcx = r12; //mov rcx, r12
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0xC32A740461B9FDC7; //mov rcx, 0xC32A740461B9FDC7
rax *= rcx; //imul rax, rcx
rcx = 0x9439B00A1FEFA912; //mov rcx, 0x9439B00A1FEFA912
rax ^= rcx; //xor rax, rcx
rcx = 0x2B3AD1E7D117AD86; //mov rcx, 0x2B3AD1E7D117AD86
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x27; //shr rcx, 0x27
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = mb; //lea rcx, [0xFFFFFFFFFCFBA565]
rax ^= rcx; //xor rax, rcx
return rax;
}
case 14:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007AC8675]
r13 = mb + 0x6A35; //lea r13, [0xFFFFFFFFFCFC0F66]
rax -= r11; //sub rax, r11
rcx = 0xEEEEF35687DD1DF7; //mov rcx, 0xEEEEF35687DD1DF7
rax *= rcx; //imul rax, rcx
rcx = mb + 0x913D; //lea rcx, [0xFFFFFFFFFCFC34AB]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = *(uintptr_t*)(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x28;
RSP_0x28 = 0x571AF583F00DB5E9; //mov rcx, 0x571AF583F00DB5E9 : RSP+0x28
rcx *= RSP_0x28; //imul rcx, [rsp+0x28]
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rdx = r13; //mov rdx, r13
rcx >>= 0x21; //shr rcx, 0x21
rdx -= r11; //sub rdx, r11
rdx ^= rcx; //xor rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 15:
{
r10 = *(uintptr_t*)(mb + 0xAB0E12C); //mov r10, [0x0000000007AC810B]
rcx = 0x586536E499271C5; //mov rcx, 0x586536E499271C5
rax *= rcx; //imul rax, rcx
rcx = mb + 0xB0F6; //lea rcx, [0xFFFFFFFFFCFC4CF7]
rdx = r11; //mov rdx, r11
rdx -= rcx; //sub rdx, rcx
rcx = mb + 0x2941AF47; //lea rcx, [0x00000000263D4B3B]
rcx *= r11; //imul rcx, r11
rax ^= rdx; //xor rax, rdx
rax -= rcx; //sub rax, rcx
uintptr_t RSP_0x38;
RSP_0x38 = 0xF66CBDFA6519136F; //mov rcx, 0xF66CBDFA6519136F : RSP+0x38
rax ^= RSP_0x38; //xor rax, [rsp+0x38]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x9); //imul rax, [rcx+0x09]
rax ^= r11; //xor rax, r11
rcx = mb; //lea rcx, [0xFFFFFFFFFCFB9D7A]
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
return rax;
}
}
}
// UPDATED
extern "C" auto BNETdecrypt_bone_base(uint64_t baseModuleAddr, uint64_t Peb) -> uint64_t
{
const uint64_t mb = baseModuleAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = *(uintptr_t*)(mb + 0xF0D6298);
if (!rax)
return rax;
rbx = Peb; //mov rbx, gs:[rcx]
//failed to translate: jz 0x0000000000004A97
rcx = rbx; //mov rcx, rbx
//failed to translate: mov [rsp+0xD8], r13
rcx = _rotr64(rcx, 0x1A); //ror rcx, 0x1A
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2D098]
r11 = mb + 0x9280; //lea r11, [0xFFFFFFFFFB2280E8]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x1409F0CD847A37CE; //mov rcx, 0x1409F0CD847A37CE
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x3C34D747DB7928EE; //mov rcx, 0x3C34D747DB7928EE
rax -= rcx; //sub rax, rcx
rcx = mb + 0xDB7F; //lea rcx, [0xFFFFFFFFFB22C809]
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xC029A5A1D42718DD; //mov rcx, 0xC029A5A1D42718DD
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x7; //shr rcx, 0x07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
return rax;
}
case 1:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2CB21]
r11 = mb; //lea r11, [0xFFFFFFFFFB21E8F1]
r13 = mb + 0x54CA1D31; //lea r13, [0x000000004FEC0617]
rax += rbx; //add rax, rbx
rax += r11; //add rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x48462EAD4F11FD6D; //mov rcx, 0x48462EAD4F11FD6D
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x83B3774C1397A303; //mov rcx, 0x83B3774C1397A303
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x829707C28057B2BC; //mov rcx, 0x829707C28057B2BC
rax ^= rcx; //xor rax, rcx
return rax;
}
case 2:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2C667]
r11 = mb; //lea r11, [0xFFFFFFFFFB21E437]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
uintptr_t RSP_0xFFFFFFFFFFFFFFCF;
RSP_0xFFFFFFFFFFFFFFCF = mb + 0x3A246E06; //lea rcx, [0x0000000035465228] : RBP+0xFFFFFFFFFFFFFFCF
rcx ^= RSP_0xFFFFFFFFFFFFFFCF; //xor rcx, [rbp-0x31]
rax += rcx; //add rax, rcx
rcx = 0xC391B266D5217A5F; //mov rcx, 0xC391B266D5217A5F
rax ^= rcx; //xor rax, rcx
rcx = 0x5B7F3E818AF67A35; //mov rcx, 0x5B7F3E818AF67A35
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = 0x19C8F1552DE67BBF; //mov rcx, 0x19C8F1552DE67BBF
rax *= rcx; //imul rax, rcx
return rax;
}
case 3:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2C1A3]
rcx = mb + 0xBD6; //lea rcx, [0xFFFFFFFFFB21E95E]
rcx -= rbx; //sub rcx, rbx
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xAA6F288FD0E3CBF; //mov rcx, 0xAA6F288FD0E3CBF
rax *= rcx; //imul rax, rcx
r13 = 0x702F07A4D309E97C; //mov r13, 0x702F07A4D309E97C
rax += r13; //add rax, r13
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rcx = 0x65D0349BA5FED43B; //mov rcx, 0x65D0349BA5FED43B
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 4:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D2BDBB]
r11 = mb; //lea r11, [0xFFFFFFFFFB21DB8B]
rdx = mb + 0x8817; //lea rdx, [0xFFFFFFFFFB226345]
rax ^= rbx; //xor rax, rbx
rax -= r11; //sub rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x647DC95B2924B45D; //mov rcx, 0x647DC95B2924B45D
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xF; //shr rcx, 0x0F
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x66F54217655405BD; //mov rcx, 0x66F54217655405BD
rax *= rcx; //imul rax, rcx
return rax;
}
case 5:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2B8B7]
r11 = mb; //lea r11, [0xFFFFFFFFFB21D687]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFDA207ED1; //add rcx, 0xFFFFFFFFDA207ED1
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx -= 0x39EDAA32; //sub rcx, 0x39EDAA32
rax ^= rcx; //xor rax, rcx
rcx = 0x24AC8C57718FF261; //mov rcx, 0x24AC8C57718FF261
rax *= rcx; //imul rax, rcx
rcx = 0x5997D68B6A65573B; //mov rcx, 0x5997D68B6A65573B
rax *= rcx; //imul rax, rcx
rcx = 0x5FD1C67422180770; //mov rcx, 0x5FD1C67422180770
rax -= rcx; //sub rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFE77DFE7B; //add rcx, 0xFFFFFFFFE77DFE7B
rax += rcx; //add rax, rcx
return rax;
}
case 6:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2B3EE]
r11 = mb; //lea r11, [0xFFFFFFFFFB21D1BE]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x53AAB2A28C6F8FF0; //mov rcx, 0x53AAB2A28C6F8FF0
rax ^= rcx; //xor rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rax += rbx; //add rax, rbx
rcx = 0x3EACC212565A3D5; //mov rcx, 0x3EACC212565A3D5
rax *= rcx; //imul rax, rcx
return rax;
}
case 7:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D2AF88]
r11 = mb + 0x8FBF; //lea r11, [0xFFFFFFFFFB225D17]
rcx = mb + 0xD9BA; //lea rcx, [0xFFFFFFFFFB22A4CD]
rcx = ~rcx; //not rcx
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0xC097FE30215EF7B; //mov rcx, 0xC097FE30215EF7B
rax -= rcx; //sub rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x27217EED83C00465; //mov rcx, 0x27217EED83C00465
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rax ^= r11; //xor rax, r11
rcx = 0x40FC9A08434EAB8; //mov rcx, 0x40FC9A08434EAB8
rax ^= rcx; //xor rax, rcx
return rax;
}
case 8:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2AB68]
r11 = mb; //lea r11, [0xFFFFFFFFFB21C938]
rcx = 0xC640566C96CFB225; //mov rcx, 0xC640566C96CFB225
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x36BE6884C47C6D33; //mov rcx, 0x36BE6884C47C6D33
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx -= r11; //sub rcx, r11
rcx -= 0x736A3793; //sub rcx, 0x736A3793
rax ^= rcx; //xor rax, rcx
return rax;
}
case 9:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D2A686]
r13 = mb + 0x56B5; //lea r13, [0xFFFFFFFFFB221B0B]
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x617EE6B8548ACFF8; //mov rcx, 0x617EE6B8548ACFF8
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x44AC3A1174A702A7; //mov rcx, 0x44AC3A1174A702A7
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax ^= rbx; //xor rax, rbx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rax >>= 0x27; //shr rax, 0x27
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= *(uintptr_t*)(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x7915D47D16706192; //mov rcx, 0x7915D47D16706192
rax -= rcx; //sub rax, rcx
return rax;
}
case 10:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2A265]
r11 = mb; //lea r11, [0xFFFFFFFFFB21C035]
rcx = mb + 0x5A848877; //lea rcx, [0x0000000055A644FA]
rcx = ~rcx; //not rcx
rcx ^= rbx; //xor rcx, rbx
rax -= rcx; //sub rax, rcx
rcx = 0x21F6FDA360F3B27; //mov rcx, 0x21F6FDA360F3B27
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0x3B33D31E5AB12803; //mov rcx, 0x3B33D31E5AB12803
rax += rcx; //add rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
return rax;
}
case 11:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D29DC4]
rdx = rbx; //mov rdx, rbx
rdx = ~rdx; //not rdx
rcx = mb + 0x28691EFC; //lea rcx, [0x00000000238AD7E2]
rcx = ~rcx; //not rcx
rdx += rcx; //add rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = 0x4F163BACB48EBF73; //mov rcx, 0x4F163BACB48EBF73
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0x4127EEFEDE5B92FD; //mov rcx, 0x4127EEFEDE5B92FD
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x397EFF255639273F; //mov rcx, 0x397EFF255639273F
rax *= rcx; //imul rax, rcx
return rax;
}
case 12:
{
r9 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r9, [0x0000000005D2988F]
r13 = mb + 0x41C6E8B9; //lea r13, [0x000000003CE89F18]
rax += rbx; //add rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x22; //shr rcx, 0x22
rax ^= rcx; //xor rax, rcx
rcx = 0x233E216C40FA2CDF; //mov rcx, 0x233E216C40FA2CDF
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax ^= rbx; //xor rax, rbx
rax ^= r13; //xor rax, r13
rcx = 0x6773B66CDA475049; //mov rcx, 0x6773B66CDA475049
rax *= rcx; //imul rax, rcx
uintptr_t RSP_0xFFFFFFFFFFFFFF97;
RSP_0xFFFFFFFFFFFFFF97 = 0xF154E6D1B3660D73; //mov rcx, 0xF154E6D1B3660D73 : RBP+0xFFFFFFFFFFFFFF97
rax ^= RSP_0xFFFFFFFFFFFFFF97; //xor rax, [rbp-0x69]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= *(uintptr_t*)(rcx + 0x15); //imul rax, [rcx+0x15]
return rax;
}
case 13:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D293B5]
r11 = mb; //lea r11, [0xFFFFFFFFFB21B171]
rcx = r11 + 0xba17; //lea rcx, [r11+0xBA17]
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = mb + 0x9610; //lea rcx, [0xFFFFFFFFFB22442C]
rdx ^= r10; //xor rdx, r10
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rdx = ~rdx; //not rdx
rax += rcx; //add rax, rcx
rax *= *(uintptr_t*)(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = rax; //mov rcx, rax
rdx = mb + 0x102B1DCA; //lea rdx, [0x000000000B4CCD76]
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = 0x6A8B294107CC0501; //mov rcx, 0x6A8B294107CC0501
rax ^= rcx; //xor rax, rcx
rcx = 0x2EA5061AACD42452; //mov rcx, 0x2EA5061AACD42452
rax -= rcx; //sub rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x4EB7AE4244212391; //mov rcx, 0x4EB7AE4244212391
rax *= rcx; //imul rax, rcx
return rax;
}
case 14:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D28F99]
r11 = mb; //lea r11, [0xFFFFFFFFFB21AD69]
rax ^= r11; //xor rax, r11
rcx = 0xC752E26BA360D032; //mov rcx, 0xC752E26BA360D032
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x34; //shr rcx, 0x34
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= *(uintptr_t*)(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x5436A045E6437655; //mov rcx, 0x5436A045E6437655
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
return rax;
}
case 15:
{
r10 = *(uintptr_t*)(mb + 0xAB0E21D); //mov r10, [0x0000000005D28B35]
r11 = mb; //lea r11, [0xFFFFFFFFFB21A905]
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = rax; //mov rcx, rax
rdx = ~rdx; //not rdx
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax *= *(uintptr_t*)(rdx + 0x15); //imul rax, [rdx+0x15]
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xB6C3A6FE99C92A23; //mov rcx, 0xB6C3A6FE99C92A23
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xD7420EB04571AACF; //mov rcx, 0xD7420EB04571AACF
rax *= rcx; //imul rax, rcx
rcx = 0x578A3A3D4AF2D633; //mov rcx, 0x578A3A3D4AF2D633
rax += rcx; //add rax, rcx
return rax;
}
}
}
// UPDATED
extern "C" auto BNETget_bone_index(uint32_t bone_index, uint64_t baseModuleAddr) -> uint64_t
{
const uint64_t mb = baseModuleAddr;
// uint16_t* ptr = reinterpret_cast<uint16_t*>(baseModuleAddr);
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rdi = bone_index;
rcx = rdi * 0x13C8;
rax = 0xCC70CD3D3E0A7B49; //mov rax, 0xCC70CD3D3E0A7B49
rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
r11 = mb; //lea r11, [0xFFFFFFFFFDD656F5]
r10 = 0x45F86A52798F52B7; //mov r10, 0x45F86A52798F52B7
rdx >>= 0xC; //shr rdx, 0x0C
rax = rdx * 0x1409; //imul rax, rdx, 0x1409
rcx -= rax; //sub rcx, rax
rax = 0xDC9D0ECFCB6E9379; //mov rax, 0xDC9D0ECFCB6E9379
r8 = rcx * 0x1409; //imul r8, rcx, 0x1409
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0xD; //shr rdx, 0x0D
rax = rdx * 0x2522; //imul rax, rdx, 0x2522
r8 -= rax; //sub r8, rax
rax = 0x49539E3B2D066EA3; //mov rax, 0x49539E3B2D066EA3
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r8; //mov rax, r8
rax -= rdx; //sub rax, rdx
rax >>= 0x1; //shr rax, 0x01
rax += rdx; //add rax, rdx
rax >>= 0x9; //shr rax, 0x09
rcx = rax * 0x31C; //imul rcx, rax, 0x31C
rax = 0xD79435E50D79435F; //mov rax, 0xD79435E50D79435F
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0x4; //shr rdx, 0x04
rcx += rdx; //add rcx, rdx
rax = rcx * 0x26; //imul rax, rcx, 0x26
rcx = r8 + r8 * 4; //lea rcx, [r8+r8*4]
rcx <<= 0x3; //shl rcx, 0x03
rcx -= rax; //sub rcx, rax
rax = driver::read<uint16_t>(rcx + r11 * 1 + 0xAB803C0); //movzx eax, word ptr [rcx+r11*1+0xAB803C0]
r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
rax = r10; //mov rax, r10
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r10; //mov rax, r10
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0x1D45; //imul rcx, rdx, 0x1D45
r8 -= rcx; //sub r8, rcx
r9 = r8 * 0x39A6; //imul r9, r8, 0x39A6
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0xB; //shr rdx, 0x0B
rax = rdx * 0x1D45; //imul rax, rdx, 0x1D45
r9 -= rax; //sub r9, rax
rax = 0x88ECF206D1CD0DD7; //mov rax, 0x88ECF206D1CD0DD7
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rax = 0xAAAAAAAAAAAAAAAB; //mov rax, 0xAAAAAAAAAAAAAAAB
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0xEF5; //imul rcx, rdx, 0xEF5
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0x1; //shr rdx, 0x01
rcx += rdx; //add rcx, rdx
rax = rcx + rcx * 2; //lea rax, [rcx+rcx*2]
rax += rax; //add rax, rax
rcx = r9 * 8 + 0x0; //lea rcx, [r9*8]
rcx -= rax; //sub rcx, rax
r15 = driver::read<uint16_t>(rcx + r11 * 1 + 0xAB879F0); //movsx r15d, word ptr [rcx+r11*1+0xAB879F0]
return r15;
}
extern "C" auto STEAMdecrypt_client_info(uint64_t baseAddr, uint64_t peb) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rbx = driver::read<uint64_t>(baseAddr + 0x14CD76A8);
if (!rbx)
return rbx;
rdx = peb; //mov rdx, gs:[rax]
rcx = rbx + r8 * 1; //lea rcx, [rbx+r8*1]
rax = 0; //and rax, 0xFFFFFFFFC0000000
rax = _rotl64(rax, 0x10); //rol rax, 0x10
rax ^= driver::read<uint64_t>(baseAddr + 0xB1DE0E5); //xor rax, [0x00000000028940D4]
rax = _byteswap_uint64(rax); //bswap rax
rcx *= driver::read<uint64_t>(rax + 0x5); //imul rcx, [rax+0x05]
rax = baseAddr + 0x37489F9E; //lea rax, [0x000000002EB3FF7E]
rdx ^= rax; //xor rdx, rax
rcx += rdx; //add rcx, rdx
rax = rcx; //mov rax, rcx
rax >>= 0x13; //shr rax, 0x13
rcx ^= rax; //xor rcx, rax
rax = 0xF7B4615B6CAAA4C7; //mov rax, 0xF7B4615B6CAAA4C7
rbx = rcx; //mov rbx, rcx
rbx >>= 0x26; //shr rbx, 0x26
rbx ^= rcx; //xor rbx, rcx
rbx ^= rax; //xor rbx, rax
rax = 0x4FBE922616062817; //mov rax, 0x4FBE922616062817
rbx *= rax; //imul rbx, rax
return rbx;
}
extern "C" auto STEAMdecrypt_client_base(uint64_t client_info, uint64_t baseAddr, uint64_t peb) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = driver::read<uint64_t>(client_info + 0x1997a8);
if (!rax)
return rax;
r11 = ~peb; //mov r11, gs:[rcx]
rcx = r11; //mov rcx, r11
rcx <<= 0x23; //shl rcx, 0x23
rcx = _byteswap_uint64(rcx); //bswap rcx
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC4C22]
rdx = baseAddr + 0x736B1CC9; //lea rdx, [0x000000007009873E]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0xEDD02482923403CB; //mov rcx, 0xEDD02482923403CB : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx -= baseAddr; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFC99E5582; //add rcx, 0xFFFFFFFFC99E5582
rax += rcx; //add rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E692C]
rax ^= rcx; //xor rax, rcx
rcx = 0x26A471A9EFBC14B9; //mov rcx, 0x26A471A9EFBC14B9
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4E231C434132699A; //mov rcx, 0x4E231C434132699A
rax += rcx; //add rax, rcx
return rax;
}
case 1:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r9, [0x0000000007BC471C]
r13 = baseAddr + 0x2239B1C1; //lea r13, [0x000000001ED81792]
rcx = rax; //mov rcx, rax
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x3E63A253C6775D5; //mov rcx, 0x3E63A253C6775D5
rax ^= rcx; //xor rax, rcx
rcx = 0xC1F5691FD75F11C7; //mov rcx, 0xC1F5691FD75F11C7
rax *= rcx; //imul rax, rcx
rax += 0xFFFFFFFFDA4F9118; //add rax, 0xFFFFFFFFDA4F9118
rax += r11; //add rax, r11
rcx = r13; //mov rcx, r13
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
return rax;
}
case 2:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC423D]
rcx = 0x43AE441D8481DD04; //mov rcx, 0x43AE441D8481DD04
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x24; //shr rdx, 0x24
rdx ^= rax; //xor rdx, rax
rcx = r11; //mov rcx, r11
rax = baseAddr + 0x424950C8; //lea rax, [0x000000003EE7AF89]
rcx = ~rcx; //not rcx
rax *= rcx; //imul rax, rcx
rax += rdx; //add rax, rdx
rcx = 0x1EB0B3B479EF017; //mov rcx, 0x1EB0B3B479EF017
rax *= rcx; //imul rax, rcx
rcx = 0xF4FDCF8C05766D07; //mov rcx, 0xF4FDCF8C05766D07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x17; //shr rcx, 0x17
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x2E; //shr rcx, 0x2E
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
return rax;
}
case 3:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC3CE5]
r13 = baseAddr + 0x1488BAD0; //lea r13, [0x0000000011271676]
rdx = r11; //mov rdx, r11
rdx = ~rdx; //not rdx
rcx = baseAddr + 0x8952; //lea rcx, [0xFFFFFFFFFC9EE17A]
rcx = ~rcx; //not rcx
rdx *= rcx; //imul rdx, rcx
rcx = 0x920D8D54066C3BC8; //mov rcx, 0x920D8D54066C3BC8
rax ^= rdx; //xor rax, rdx
rax ^= rcx; //xor rax, rcx
rcx = 0x71B6A01168176A5F; //mov rcx, 0x71B6A01168176A5F
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0xB; //shr rcx, 0x0B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x16; //shr rcx, 0x16
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2C; //shr rcx, 0x2C
rax ^= rcx; //xor rax, rcx
rcx = 0x28C4EBE07CC779E5; //mov rcx, 0x28C4EBE07CC779E5
rax ^= rcx; //xor rax, rcx
rcx = r11; //mov rcx, r11
rcx *= r13; //imul rcx, r13
rax -= rcx; //sub rax, rcx
rax += r11; //add rax, r11
return rax;
}
case 4:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC37FB]
r13 = baseAddr + 0x71CF; //lea r13, [0xFFFFFFFFFC9EC88B]
rcx = 0x7BD4F3C29580BB87; //mov rcx, 0x7BD4F3C29580BB87
rax *= rcx; //imul rax, rcx
rcx = 0x646EC108C275FCD7; //mov rcx, 0x646EC108C275FCD7
rax -= r11; //sub rax, r11
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0x142843BCE5FD72BB; //mov rcx, 0x142843BCE5FD72BB
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rax *= rcx; //imul rax, rcx
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax += r11; //add rax, r11
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
return rax;
}
case 5:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC3425]
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E4D30]
rcx += 0x111FC085; //add rcx, 0x111FC085
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = 0xF8D94370868AB99; //mov rcx, 0xF8D94370868AB99
rax *= rcx; //imul rax, rcx
rcx = 0xB026072E428E1D57; //mov rcx, 0xB026072E428E1D57
rax *= rcx; //imul rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E4F00]
rcx += 0x19F5; //add rcx, 0x19F5
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x23; //shr rcx, 0x23
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0x5F23D3FEF0707261; //mov rcx, 0x5F23D3FEF0707261 : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
return rax;
}
case 6:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r9, [0x0000000007BC2E36]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rax -= r11; //sub rax, r11
rcx = baseAddr + 0x43B5; //lea rcx, [0xFFFFFFFFFC9E8F2C]
rcx -= r11; //sub rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x35284D873B9851A9; //mov rcx, 0x35284D873B9851A9
rax ^= rcx; //xor rax, rcx
rcx = 0xF62B33C5DDB521B5; //mov rcx, 0xF62B33C5DDB521B5
rax *= rcx; //imul rax, rcx
rcx = 0xE5B0BD16F00B9D46; //mov rcx, 0xE5B0BD16F00B9D46
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
return rax;
}
case 7:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC29A1]
rdx = baseAddr + 0x8CB4; //lea rdx, [0xFFFFFFFFFC9ED4BF]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E4474]
rax -= rcx; //sub rax, rcx
rcx = 0x9A8F75E5FE8A18B5; //mov rcx, 0x9A8F75E5FE8A18B5
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = 0xDC35AEB9AD64C433; //mov rcx, 0xDC35AEB9AD64C433
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = r11 + 0x1; //lea rcx, [r11+0x01]
rcx *= rdx; //imul rcx, rdx
rax += rcx; //add rax, rcx
return rax;
}
case 8:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r9, [0x0000000007BC24F7]
rcx = 0x4F7CA4829AB6D5E8; //mov rcx, 0x4F7CA4829AB6D5E8
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0x5178F05F16D45A5B; //mov rcx, 0x5178F05F16D45A5B
rax *= rcx; //imul rax, rcx
rcx = 0x2ED8CECF4C40E0F3; //mov rcx, 0x2ED8CECF4C40E0F3
rax ^= r11; //xor rax, r11
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 9:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC20EB]
rdx = baseAddr + 0xDD4D; //lea rdx, [0xFFFFFFFFFC9F1CA2]
rcx = r11; //mov rcx, r11
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x8BE287ECF689749; //mov rcx, 0x8BE287ECF689749
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0x9933D7378FE6958F; //mov rcx, 0x9933D7378FE6958F
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = baseAddr + 0x66BC28B6; //lea rcx, [0x00000000635A64F3]
rcx = ~rcx; //not rcx
rdx = ~rdx; //not rdx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
return rax;
}
case 10:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC1CB4]
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x13; //shr rcx, 0x13
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x26; //shr rdx, 0x26
rdx ^= rax; //xor rdx, rax
rax = baseAddr + 0x1C730DA6; //lea rax, [0x0000000019114808]
rcx = r11; //mov rcx, r11
rcx *= rax; //imul rcx, rax
rax = rdx; //mov rax, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4D5CFB5CBF920449; //mov rcx, 0x4D5CFB5CBF920449
rax ^= rcx; //xor rax, rcx
rcx = 0xDF1CB3CC3968ECE9; //mov rcx, 0xDF1CB3CC3968ECE9
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 11:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC1707]
rcx = baseAddr + 0xE27A; //lea rcx, [0xFFFFFFFFFC9F15B9]
rcx -= r11; //sub rcx, r11
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax += rcx; //add rax, rcx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx -= baseAddr; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFBE05F030; //add rcx, 0xFFFFFFFFBE05F030
rax += rcx; //add rax, rcx
rcx = 0x8407AE81269A5D57; //mov rcx, 0x8407AE81269A5D57
rax *= rcx; //imul rax, rcx
rax -= r11; //sub rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x25; //shr rcx, 0x25
rax ^= rcx; //xor rax, rcx
rcx = 0x4D58E84452B3B2CD; //mov rcx, 0x4D58E84452B3B2CD
rax += rcx; //add rax, rcx
return rax;
}
case 12:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC1190]
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x12FD53752A15F441; //mov rcx, 0x12FD53752A15F441
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0x2A01C819; //lea rcx, [0x00000000269FF43D]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x438F040A11D1F693; //mov rcx, 0x438F040A11D1F693
rax *= rcx; //imul rax, rcx
rcx = 0x76A8417B55AEC887; //mov rcx, 0x76A8417B55AEC887
rax += rcx; //add rax, rcx
return rax;
}
case 13:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r9, [0x0000000007BC0C20]
r12 = baseAddr + 0xB0AA; //lea r12, [0xFFFFFFFFFC9EDB8B]
rcx = r12; //mov rcx, r12
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0xC32A740461B9FDC7; //mov rcx, 0xC32A740461B9FDC7
rax *= rcx; //imul rax, rcx
rcx = 0x9439B00A1FEFA912; //mov rcx, 0x9439B00A1FEFA912
rax ^= rcx; //xor rax, rcx
rcx = 0x2B3AD1E7D117AD86; //mov rcx, 0x2B3AD1E7D117AD86
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x27; //shr rcx, 0x27
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E2605]
rax ^= rcx; //xor rax, rcx
return rax;
}
case 14:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC0715]
r13 = baseAddr + 0x6A35; //lea r13, [0xFFFFFFFFFC9E9006]
rax -= r11; //sub rax, r11
rcx = 0xEEEEF35687DD1DF7; //mov rcx, 0xEEEEF35687DD1DF7
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0x913D; //lea rcx, [0xFFFFFFFFFC9EB54B]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x28;
RSP_0x28 = 0x571AF583F00DB5E9; //mov rcx, 0x571AF583F00DB5E9 : RSP+0x28
rcx *= RSP_0x28; //imul rcx, [rsp+0x28]
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rdx = r13; //mov rdx, r13
rcx >>= 0x21; //shr rcx, 0x21
rdx -= r11; //sub rdx, r11
rdx ^= rcx; //xor rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 15:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE12C); //mov r10, [0x0000000007BC01AB]
rcx = 0x586536E499271C5; //mov rcx, 0x586536E499271C5
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0xB0F6; //lea rcx, [0xFFFFFFFFFC9ECD97]
rdx = r11; //mov rdx, r11
rdx -= rcx; //sub rdx, rcx
rcx = baseAddr + 0x2941AF47; //lea rcx, [0x0000000025DFCBDB]
rcx *= r11; //imul rcx, r11
rax ^= rdx; //xor rax, rdx
rax -= rcx; //sub rax, rcx
uintptr_t RSP_0x38;
RSP_0x38 = 0xF66CBDFA6519136F; //mov rcx, 0xF66CBDFA6519136F : RSP+0x38
rax ^= RSP_0x38; //xor rax, [rsp+0x38]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rax ^= r11; //xor rax, r11
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E1E1A]
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
return rax;
}
}
}
extern "C" auto STEAMdecrypt_bone_base(uint64_t baseAddr, uint64_t peb) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = driver::read<uint64_t>(baseAddr + 0xF79F878);
if (!rax)
return rax;
rbx = peb; //mov rbx, gs:[rcx]
rcx = rbx; //mov rcx, rbx
rcx = _rotr64(rcx, 0x1A); //ror rcx, 0x1A
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DDB838]
r11 = baseAddr + 0x9280; //lea r11, [0xFFFFFFFFFAC06888]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x1409F0CD847A37CE; //mov rcx, 0x1409F0CD847A37CE
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x3C34D747DB7928EE; //mov rcx, 0x3C34D747DB7928EE
rax -= rcx; //sub rax, rcx
rcx = baseAddr + 0xDB7F; //lea rcx, [0xFFFFFFFFFAC0AFA9]
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xC029A5A1D42718DD; //mov rcx, 0xC029A5A1D42718DD
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x7; //shr rcx, 0x07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
return rax;
}
case 1:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DDB2C1]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFD091]
r13 = baseAddr + 0x54CA1D31; //lea r13, [0x000000004F89EDB7]
rax += rbx; //add rax, rbx
rax += r11; //add rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x48462EAD4F11FD6D; //mov rcx, 0x48462EAD4F11FD6D
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x83B3774C1397A303; //mov rcx, 0x83B3774C1397A303
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x829707C28057B2BC; //mov rcx, 0x829707C28057B2BC
rax ^= rcx; //xor rax, rcx
return rax;
}
case 2:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DDAE07]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFCBD7]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
uintptr_t RSP_0xFFFFFFFFFFFFFFCF;
RSP_0xFFFFFFFFFFFFFFCF = baseAddr + 0x3A246E06; //lea rcx, [0x0000000034E439C8] : RBP+0xFFFFFFFFFFFFFFCF
rcx ^= RSP_0xFFFFFFFFFFFFFFCF; //xor rcx, [rbp-0x31]
rax += rcx; //add rax, rcx
rcx = 0xC391B266D5217A5F; //mov rcx, 0xC391B266D5217A5F
rax ^= rcx; //xor rax, rcx
rcx = 0x5B7F3E818AF67A35; //mov rcx, 0x5B7F3E818AF67A35
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = 0x19C8F1552DE67BBF; //mov rcx, 0x19C8F1552DE67BBF
rax *= rcx; //imul rax, rcx
return rax;
}
case 3:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DDA943]
rcx = baseAddr + 0xBD6; //lea rcx, [0xFFFFFFFFFABFD0FE]
rcx -= rbx; //sub rcx, rbx
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xAA6F288FD0E3CBF; //mov rcx, 0xAA6F288FD0E3CBF
rax *= rcx; //imul rax, rcx
r13 = 0x702F07A4D309E97C; //mov r13, 0x702F07A4D309E97C
rax += r13; //add rax, r13
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rcx = 0x65D0349BA5FED43B; //mov rcx, 0x65D0349BA5FED43B
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 4:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DDA55B]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFC32B]
rdx = baseAddr + 0x8817; //lea rdx, [0xFFFFFFFFFAC04AE5]
rax ^= rbx; //xor rax, rbx
rax -= r11; //sub rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x647DC95B2924B45D; //mov rcx, 0x647DC95B2924B45D
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xF; //shr rcx, 0x0F
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x66F54217655405BD; //mov rcx, 0x66F54217655405BD
rax *= rcx; //imul rax, rcx
return rax;
}
case 5:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DDA057]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFBE27]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFDA207ED1; //add rcx, 0xFFFFFFFFDA207ED1
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx -= 0x39EDAA32; //sub rcx, 0x39EDAA32
rax ^= rcx; //xor rax, rcx
rcx = 0x24AC8C57718FF261; //mov rcx, 0x24AC8C57718FF261
rax *= rcx; //imul rax, rcx
rcx = 0x5997D68B6A65573B; //mov rcx, 0x5997D68B6A65573B
rax *= rcx; //imul rax, rcx
rcx = 0x5FD1C67422180770; //mov rcx, 0x5FD1C67422180770
rax -= rcx; //sub rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFE77DFE7B; //add rcx, 0xFFFFFFFFE77DFE7B
rax += rcx; //add rax, rcx
return rax;
}
case 6:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DD9B8E]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFB95E]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x53AAB2A28C6F8FF0; //mov rcx, 0x53AAB2A28C6F8FF0
rax ^= rcx; //xor rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rax += rbx; //add rax, rbx
rcx = 0x3EACC212565A3D5; //mov rcx, 0x3EACC212565A3D5
rax *= rcx; //imul rax, rcx
return rax;
}
case 7:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD9728]
r11 = baseAddr + 0x8FBF; //lea r11, [0xFFFFFFFFFAC044B7]
rcx = baseAddr + 0xD9BA; //lea rcx, [0xFFFFFFFFFAC08C6D]
rcx = ~rcx; //not rcx
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0xC097FE30215EF7B; //mov rcx, 0xC097FE30215EF7B
rax -= rcx; //sub rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x27217EED83C00465; //mov rcx, 0x27217EED83C00465
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rax ^= r11; //xor rax, r11
rcx = 0x40FC9A08434EAB8; //mov rcx, 0x40FC9A08434EAB8
rax ^= rcx; //xor rax, rcx
return rax;
}
case 8:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DD9308]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFB0D8]
rcx = 0xC640566C96CFB225; //mov rcx, 0xC640566C96CFB225
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x36BE6884C47C6D33; //mov rcx, 0x36BE6884C47C6D33
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx -= r11; //sub rcx, r11
rcx -= 0x736A3793; //sub rcx, 0x736A3793
rax ^= rcx; //xor rax, rcx
return rax;
}
case 9:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD8E26]
r13 = baseAddr + 0x56B5; //lea r13, [0xFFFFFFFFFAC002AB]
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x617EE6B8548ACFF8; //mov rcx, 0x617EE6B8548ACFF8
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x44AC3A1174A702A7; //mov rcx, 0x44AC3A1174A702A7
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax ^= rbx; //xor rax, rbx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rax >>= 0x27; //shr rax, 0x27
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x7915D47D16706192; //mov rcx, 0x7915D47D16706192
rax -= rcx; //sub rax, rcx
return rax;
}
case 10:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DD8A05]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFA7D5]
rcx = baseAddr + 0x5A848877; //lea rcx, [0x0000000055442C9A]
rcx = ~rcx; //not rcx
rcx ^= rbx; //xor rcx, rbx
rax -= rcx; //sub rax, rcx
rcx = 0x21F6FDA360F3B27; //mov rcx, 0x21F6FDA360F3B27
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0x3B33D31E5AB12803; //mov rcx, 0x3B33D31E5AB12803
rax += rcx; //add rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
return rax;
}
case 11:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD8564]
rdx = rbx; //mov rdx, rbx
rdx = ~rdx; //not rdx
rcx = baseAddr + 0x28691EFC; //lea rcx, [0x000000002328BF82]
rcx = ~rcx; //not rcx
rdx += rcx; //add rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = 0x4F163BACB48EBF73; //mov rcx, 0x4F163BACB48EBF73
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0x4127EEFEDE5B92FD; //mov rcx, 0x4127EEFEDE5B92FD
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x397EFF255639273F; //mov rcx, 0x397EFF255639273F
rax *= rcx; //imul rax, rcx
return rax;
}
case 12:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r9, [0x0000000005DD802F]
r13 = baseAddr + 0x41C6E8B9; //lea r13, [0x000000003C8686B8]
rax += rbx; //add rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x22; //shr rcx, 0x22
rax ^= rcx; //xor rax, rcx
rcx = 0x233E216C40FA2CDF; //mov rcx, 0x233E216C40FA2CDF
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax ^= rbx; //xor rax, rbx
rax ^= r13; //xor rax, r13
rcx = 0x6773B66CDA475049; //mov rcx, 0x6773B66CDA475049
rax *= rcx; //imul rax, rcx
uintptr_t RSP_0xFFFFFFFFFFFFFF97;
RSP_0xFFFFFFFFFFFFFF97 = 0xF154E6D1B3660D73; //mov rcx, 0xF154E6D1B3660D73 : RBP+0xFFFFFFFFFFFFFF97
rax ^= RSP_0xFFFFFFFFFFFFFF97; //xor rax, [rbp-0x69]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
return rax;
}
case 13:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD7B55]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABF9911]
rcx = r11 + 0xba17; //lea rcx, [r11+0xBA17]
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = baseAddr + 0x9610; //lea rcx, [0xFFFFFFFFFAC02BCC]
rdx ^= r10; //xor rdx, r10
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rdx = ~rdx; //not rdx
rax += rcx; //add rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = rax; //mov rcx, rax
rdx = baseAddr + 0x102B1DCA; //lea rdx, [0x000000000AEAB516]
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = 0x6A8B294107CC0501; //mov rcx, 0x6A8B294107CC0501
rax ^= rcx; //xor rax, rcx
rcx = 0x2EA5061AACD42452; //mov rcx, 0x2EA5061AACD42452
rax -= rcx; //sub rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x4EB7AE4244212391; //mov rcx, 0x4EB7AE4244212391
rax *= rcx; //imul rax, rcx
return rax;
}
case 14:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD7739]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABF9509]
rax ^= r11; //xor rax, r11
rcx = 0xC752E26BA360D032; //mov rcx, 0xC752E26BA360D032
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x34; //shr rcx, 0x34
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x5436A045E6437655; //mov rcx, 0x5436A045E6437655
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
return rax;
}
case 15:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1DE21D); //mov r10, [0x0000000005DD72D5]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABF90A5]
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = rax; //mov rcx, rax
rdx = ~rdx; //not rdx
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xB6C3A6FE99C92A23; //mov rcx, 0xB6C3A6FE99C92A23
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xD7420EB04571AACF; //mov rcx, 0xD7420EB04571AACF
rax *= rcx; //imul rax, rcx
rcx = 0x578A3A3D4AF2D633; //mov rcx, 0x578A3A3D4AF2D633
rax += rcx; //add rax, rcx
return rax;
}
}
}
extern "C" auto STEAMget_bone_index(uint32_t bone_index, uint64_t baseAddr) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rdi = bone_index;
rcx = rdi * 0x13C8;
rax = 0xCC70CD3D3E0A7B49; //mov rax, 0xCC70CD3D3E0A7B49
rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
r11 = baseAddr; //lea r11, [0xFFFFFFFFFD7A3475]
r10 = 0x45F86A52798F52B7; //mov r10, 0x45F86A52798F52B7
rdx >>= 0xC; //shr rdx, 0x0C
rax = rdx * 0x1409; //imul rax, rdx, 0x1409
rcx -= rax; //sub rcx, rax
rax = 0xDC9D0ECFCB6E9379; //mov rax, 0xDC9D0ECFCB6E9379
r8 = rcx * 0x1409; //imul r8, rcx, 0x1409
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0xD; //shr rdx, 0x0D
rax = rdx * 0x2522; //imul rax, rdx, 0x2522
r8 -= rax; //sub r8, rax
rax = 0x49539E3B2D066EA3; //mov rax, 0x49539E3B2D066EA3
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r8; //mov rax, r8
rax -= rdx; //sub rax, rdx
rax >>= 0x1; //shr rax, 0x01
rax += rdx; //add rax, rdx
rax >>= 0x9; //shr rax, 0x09
rcx = rax * 0x31C; //imul rcx, rax, 0x31C
rax = 0xD79435E50D79435F; //mov rax, 0xD79435E50D79435F
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0x4; //shr rdx, 0x04
rcx += rdx; //add rcx, rdx
rax = rcx * 0x26; //imul rax, rcx, 0x26
rcx = r8 + r8 * 4; //lea rcx, [r8+r8*4]
rcx <<= 0x3; //shl rcx, 0x03
rcx -= rax; //sub rcx, rax
rax = driver::read<uint16_t>(rcx + r11 * 1 + 0xB29A180); //movzx eax, word ptr [rcx+r11*1+0xB29A180]
r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
rax = r10; //mov rax, r10
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r10; //mov rax, r10
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0x1D45; //imul rcx, rdx, 0x1D45
r8 -= rcx; //sub r8, rcx
r9 = r8 * 0x39A6; //imul r9, r8, 0x39A6
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0xB; //shr rdx, 0x0B
rax = rdx * 0x1D45; //imul rax, rdx, 0x1D45
r9 -= rax; //sub r9, rax
rax = 0x88ECF206D1CD0DD7; //mov rax, 0x88ECF206D1CD0DD7
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rax = 0xAAAAAAAAAAAAAAAB; //mov rax, 0xAAAAAAAAAAAAAAAB
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0xEF5; //imul rcx, rdx, 0xEF5
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0x1; //shr rdx, 0x01
rcx += rdx; //add rcx, rdx
rax = rcx + rcx * 2; //lea rax, [rcx+rcx*2]
rax += rax; //add rax, rax
rcx = r9 * 8 + 0x0; //lea rcx, [r9*8]
rcx -= rax; //sub rcx, rax
r15 = driver::read<uint16_t>(rcx + r11 * 1 + 0xB2A17B0); //movsx r15d, word ptr [rcx+r11*1+0xB2A17B0]
return r15;
}
extern "C" auto XBOXdecrypt_client_base(uint64_t client_info, uint64_t baseAddr, uint64_t peb) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = driver::read<uint64_t>(client_info + 0x199768);
if (!rax)
return rax;
r11 = ~peb; //mov r11, gs:[rcx]
rcx = r11; //mov rcx, r11
//failed to translate: mov [rsp+0x3D0], r13
rcx <<= 0x23; //shl rcx, 0x23
rcx = _byteswap_uint64(rcx); //bswap rcx
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BBB082]
rdx = baseAddr + 0x736B1CC9; //lea rdx, [0x000000007009AB9E]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0xEDD02482923403CB; //mov rcx, 0xEDD02482923403CB : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx -= baseAddr; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFC99E5582; //add rcx, 0xFFFFFFFFC99E5582
rax += rcx; //add rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E8D8C]
rax ^= rcx; //xor rax, rcx
rcx = 0x26A471A9EFBC14B9; //mov rcx, 0x26A471A9EFBC14B9
rax *= rcx; //imul rax, rcx
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4E231C434132699A; //mov rcx, 0x4E231C434132699A
rax += rcx; //add rax, rcx
return rax;
}
case 1:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r9, [0x0000000007BBAB7C]
r13 = baseAddr + 0x2239B1C1; //lea r13, [0x000000001ED83BF2]
rcx = rax; //mov rcx, rax
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x3E63A253C6775D5; //mov rcx, 0x3E63A253C6775D5
rax ^= rcx; //xor rax, rcx
rcx = 0xC1F5691FD75F11C7; //mov rcx, 0xC1F5691FD75F11C7
rax *= rcx; //imul rax, rcx
rax += 0xFFFFFFFFDA4F9118; //add rax, 0xFFFFFFFFDA4F9118
rax += r11; //add rax, r11
rcx = r13; //mov rcx, r13
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
return rax;
}
case 2:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BBA69D]
rcx = 0x43AE441D8481DD04; //mov rcx, 0x43AE441D8481DD04
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x24; //shr rdx, 0x24
rdx ^= rax; //xor rdx, rax
rcx = r11; //mov rcx, r11
rax = baseAddr + 0x424950C8; //lea rax, [0x000000003EE7D3E9]
rcx = ~rcx; //not rcx
rax *= rcx; //imul rax, rcx
rax += rdx; //add rax, rdx
rcx = 0x1EB0B3B479EF017; //mov rcx, 0x1EB0B3B479EF017
rax *= rcx; //imul rax, rcx
rcx = 0xF4FDCF8C05766D07; //mov rcx, 0xF4FDCF8C05766D07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x17; //shr rcx, 0x17
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x2E; //shr rcx, 0x2E
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
return rax;
}
case 3:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BBA145]
r13 = baseAddr + 0x1488BAD0; //lea r13, [0x0000000011273AD6]
rdx = r11; //mov rdx, r11
rdx = ~rdx; //not rdx
rcx = baseAddr + 0x8952; //lea rcx, [0xFFFFFFFFFC9F05DA]
rcx = ~rcx; //not rcx
rdx *= rcx; //imul rdx, rcx
rcx = 0x920D8D54066C3BC8; //mov rcx, 0x920D8D54066C3BC8
rax ^= rdx; //xor rax, rdx
rax ^= rcx; //xor rax, rcx
rcx = 0x71B6A01168176A5F; //mov rcx, 0x71B6A01168176A5F
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0xB; //shr rcx, 0x0B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x16; //shr rcx, 0x16
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2C; //shr rcx, 0x2C
rax ^= rcx; //xor rax, rcx
rcx = 0x28C4EBE07CC779E5; //mov rcx, 0x28C4EBE07CC779E5
rax ^= rcx; //xor rax, rcx
rcx = r11; //mov rcx, r11
rcx *= r13; //imul rcx, r13
rax -= rcx; //sub rax, rcx
rax += r11; //add rax, r11
return rax;
}
case 4:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB9C5B]
r13 = baseAddr + 0x71CF; //lea r13, [0xFFFFFFFFFC9EECEB]
rcx = 0x7BD4F3C29580BB87; //mov rcx, 0x7BD4F3C29580BB87
rax *= rcx; //imul rax, rcx
rcx = 0x646EC108C275FCD7; //mov rcx, 0x646EC108C275FCD7
rax -= r11; //sub rax, r11
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0x142843BCE5FD72BB; //mov rcx, 0x142843BCE5FD72BB
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rax *= rcx; //imul rax, rcx
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax += r11; //add rax, r11
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
return rax;
}
case 5:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB9885]
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E7190]
rcx += 0x111FC085; //add rcx, 0x111FC085
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = 0xF8D94370868AB99; //mov rcx, 0xF8D94370868AB99
rax *= rcx; //imul rax, rcx
rcx = 0xB026072E428E1D57; //mov rcx, 0xB026072E428E1D57
rax *= rcx; //imul rax, rcx
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E7360]
rcx += 0x19F5; //add rcx, 0x19F5
rcx += r11; //add rcx, r11
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x23; //shr rcx, 0x23
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x40;
RSP_0x40 = 0x5F23D3FEF0707261; //mov rcx, 0x5F23D3FEF0707261 : RSP+0x40
rcx *= RSP_0x40; //imul rcx, [rsp+0x40]
rax *= rcx; //imul rax, rcx
return rax;
}
case 6:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r9, [0x0000000007BB9296]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rax -= r11; //sub rax, r11
rcx = baseAddr + 0x43B5; //lea rcx, [0xFFFFFFFFFC9EB38C]
rcx -= r11; //sub rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x35284D873B9851A9; //mov rcx, 0x35284D873B9851A9
rax ^= rcx; //xor rax, rcx
rcx = 0xF62B33C5DDB521B5; //mov rcx, 0xF62B33C5DDB521B5
rax *= rcx; //imul rax, rcx
rcx = 0xE5B0BD16F00B9D46; //mov rcx, 0xE5B0BD16F00B9D46
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xA; //shr rcx, 0x0A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
return rax;
}
case 7:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB8E01]
rdx = baseAddr + 0x8CB4; //lea rdx, [0xFFFFFFFFFC9EF91F]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E68D4]
rax -= rcx; //sub rax, rcx
rcx = 0x9A8F75E5FE8A18B5; //mov rcx, 0x9A8F75E5FE8A18B5
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = 0xDC35AEB9AD64C433; //mov rcx, 0xDC35AEB9AD64C433
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = r11 + 0x1; //lea rcx, [r11+0x01]
rcx *= rdx; //imul rcx, rdx
rax += rcx; //add rax, rcx
return rax;
}
case 8:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r9, [0x0000000007BB8957]
rcx = 0x4F7CA4829AB6D5E8; //mov rcx, 0x4F7CA4829AB6D5E8
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0x5178F05F16D45A5B; //mov rcx, 0x5178F05F16D45A5B
rax *= rcx; //imul rax, rcx
rcx = 0x2ED8CECF4C40E0F3; //mov rcx, 0x2ED8CECF4C40E0F3
rax ^= r11; //xor rax, r11
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 9:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB854B]
rdx = baseAddr + 0xDD4D; //lea rdx, [0xFFFFFFFFFC9F4102]
rcx = r11; //mov rcx, r11
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x8BE287ECF689749; //mov rcx, 0x8BE287ECF689749
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0x9933D7378FE6958F; //mov rcx, 0x9933D7378FE6958F
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = baseAddr + 0x66BC28B6; //lea rcx, [0x00000000635A8953]
rcx = ~rcx; //not rcx
rdx = ~rdx; //not rdx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
return rax;
}
case 10:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB8114]
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x13; //shr rcx, 0x13
rax ^= rcx; //xor rax, rcx
rdx = rax; //mov rdx, rax
rdx >>= 0x26; //shr rdx, 0x26
rdx ^= rax; //xor rdx, rax
rax = baseAddr + 0x1C730DA6; //lea rax, [0x0000000019116C68]
rcx = r11; //mov rcx, r11
rcx *= rax; //imul rcx, rax
rax = rdx; //mov rax, rdx
rax -= rcx; //sub rax, rcx
rcx = 0x4D5CFB5CBF920449; //mov rcx, 0x4D5CFB5CBF920449
rax ^= rcx; //xor rax, rcx
rcx = 0xDF1CB3CC3968ECE9; //mov rcx, 0xDF1CB3CC3968ECE9
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
return rax;
}
case 11:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB7B67]
rcx = baseAddr + 0xE27A; //lea rcx, [0xFFFFFFFFFC9F3A19]
rcx -= r11; //sub rcx, r11
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax += rcx; //add rax, rcx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rdx = ~rdx; //not rdx
rax *= driver::read<uint64_t>(rdx + 0x9); //imul rax, [rdx+0x09]
rcx = r11; //mov rcx, r11
rcx -= baseAddr; //sub rcx, [rbp-0x80] -- didn't find trace -> use base
rcx += 0xFFFFFFFFBE05F030; //add rcx, 0xFFFFFFFFBE05F030
rax += rcx; //add rax, rcx
rcx = 0x8407AE81269A5D57; //mov rcx, 0x8407AE81269A5D57
rax *= rcx; //imul rax, rcx
rax -= r11; //sub rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x25; //shr rcx, 0x25
rax ^= rcx; //xor rax, rcx
rcx = 0x4D58E84452B3B2CD; //mov rcx, 0x4D58E84452B3B2CD
rax += rcx; //add rax, rcx
return rax;
}
case 12:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB75F0]
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = 0x12FD53752A15F441; //mov rcx, 0x12FD53752A15F441
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0x2A01C819; //lea rcx, [0x0000000026A0189D]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2; //shr rcx, 0x02
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x438F040A11D1F693; //mov rcx, 0x438F040A11D1F693
rax *= rcx; //imul rax, rcx
rcx = 0x76A8417B55AEC887; //mov rcx, 0x76A8417B55AEC887
rax += rcx; //add rax, rcx
return rax;
}
case 13:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r9, [0x0000000007BB7080]
r12 = baseAddr + 0xB0AA; //lea r12, [0xFFFFFFFFFC9EFFEB]
rcx = r12; //mov rcx, r12
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0xC32A740461B9FDC7; //mov rcx, 0xC32A740461B9FDC7
rax *= rcx; //imul rax, rcx
rcx = 0x9439B00A1FEFA912; //mov rcx, 0x9439B00A1FEFA912
rax ^= rcx; //xor rax, rcx
rcx = 0x2B3AD1E7D117AD86; //mov rcx, 0x2B3AD1E7D117AD86
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x27; //shr rcx, 0x27
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E4A65]
rax ^= rcx; //xor rax, rcx
return rax;
}
case 14:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB6B75]
r13 = baseAddr + 0x6A35; //lea r13, [0xFFFFFFFFFC9EB466]
rax -= r11; //sub rax, r11
rcx = 0xEEEEF35687DD1DF7; //mov rcx, 0xEEEEF35687DD1DF7
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0x913D; //lea rcx, [0xFFFFFFFFFC9ED9AB]
rcx *= r11; //imul rcx, r11
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rcx = driver::read<uint64_t>(rcx + 0x9); //mov rcx, [rcx+0x09]
uintptr_t RSP_0x28;
RSP_0x28 = 0x571AF583F00DB5E9; //mov rcx, 0x571AF583F00DB5E9 : RSP+0x28
rcx *= RSP_0x28; //imul rcx, [rsp+0x28]
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rdx = r13; //mov rdx, r13
rcx >>= 0x21; //shr rcx, 0x21
rdx -= r11; //sub rdx, r11
rdx ^= rcx; //xor rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 15:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D212C); //mov r10, [0x0000000007BB660B]
rcx = 0x586536E499271C5; //mov rcx, 0x586536E499271C5
rax *= rcx; //imul rax, rcx
rcx = baseAddr + 0xB0F6; //lea rcx, [0xFFFFFFFFFC9EF1F7]
rdx = r11; //mov rdx, r11
rdx -= rcx; //sub rdx, rcx
rcx = baseAddr + 0x2941AF47; //lea rcx, [0x0000000025DFF03B]
rcx *= r11; //imul rcx, r11
rax ^= rdx; //xor rax, rdx
rax -= rcx; //sub rax, rcx
uintptr_t RSP_0x38;
RSP_0x38 = 0xF66CBDFA6519136F; //mov rcx, 0xF66CBDFA6519136F : RSP+0x38
rax ^= RSP_0x38; //xor rax, [rsp+0x38]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x9); //imul rax, [rcx+0x09]
rax ^= r11; //xor rax, r11
rcx = baseAddr; //lea rcx, [0xFFFFFFFFFC9E427A]
rax -= rcx; //sub rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
return rax;
}
}
}
extern "C" auto XBOXdecrypt_bone_base(uint64_t baseAddr, uint64_t peb) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rax = driver::read<uint64_t>(baseAddr + 0xF7DC9C8);
if (!rax)
return rax;
rbx = peb; //mov rbx, gs:[rcx]
//failed to translate: jz 0x0000000000004A97
rcx = rbx; //mov rcx, rbx
//failed to translate: mov [rsp+0xD8], r13
rcx = _rotr64(rcx, 0x1A); //ror rcx, 0x1A
rcx &= 0xF;
switch (rcx)
{
case 0:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD24F8]
r11 = baseAddr + 0x9280; //lea r11, [0xFFFFFFFFFAC09548]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x1409F0CD847A37CE; //mov rcx, 0x1409F0CD847A37CE
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r11; //xor rcx, r11
rax += rcx; //add rax, rcx
rcx = 0x3C34D747DB7928EE; //mov rcx, 0x3C34D747DB7928EE
rax -= rcx; //sub rax, rcx
rcx = baseAddr + 0xDB7F; //lea rcx, [0xFFFFFFFFFAC0DC69]
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xC029A5A1D42718DD; //mov rcx, 0xC029A5A1D42718DD
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x7; //shr rcx, 0x07
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xE; //shr rcx, 0x0E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1C; //shr rcx, 0x1C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x38; //shr rcx, 0x38
rax ^= rcx; //xor rax, rcx
return rax;
}
case 1:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD1F81]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFFD51]
r13 = baseAddr + 0x54CA1D31; //lea r13, [0x000000004F8A1A77]
rax += rbx; //add rax, rbx
rax += r11; //add rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x48462EAD4F11FD6D; //mov rcx, 0x48462EAD4F11FD6D
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x83B3774C1397A303; //mov rcx, 0x83B3774C1397A303
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
rcx = 0x829707C28057B2BC; //mov rcx, 0x829707C28057B2BC
rax ^= rcx; //xor rax, rcx
return rax;
}
case 2:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD1AC7]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFF897]
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
uintptr_t RSP_0xFFFFFFFFFFFFFFCF;
RSP_0xFFFFFFFFFFFFFFCF = baseAddr + 0x3A246E06; //lea rcx, [0x0000000034E46688] : RBP+0xFFFFFFFFFFFFFFCF
rcx ^= RSP_0xFFFFFFFFFFFFFFCF; //xor rcx, [rbp-0x31]
rax += rcx; //add rax, rcx
rcx = 0xC391B266D5217A5F; //mov rcx, 0xC391B266D5217A5F
rax ^= rcx; //xor rax, rcx
rcx = 0x5B7F3E818AF67A35; //mov rcx, 0x5B7F3E818AF67A35
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x34; //shr rcx, 0x34
rax ^= rcx; //xor rax, rcx
rcx = 0x19C8F1552DE67BBF; //mov rcx, 0x19C8F1552DE67BBF
rax *= rcx; //imul rax, rcx
return rax;
}
case 3:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD1603]
rcx = baseAddr + 0xBD6; //lea rcx, [0xFFFFFFFFFABFFDBE]
rcx -= rbx; //sub rcx, rbx
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rcx = 0xAA6F288FD0E3CBF; //mov rcx, 0xAA6F288FD0E3CBF
rax *= rcx; //imul rax, rcx
r13 = 0x702F07A4D309E97C; //mov r13, 0x702F07A4D309E97C
rax += r13; //add rax, r13
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rcx = 0x65D0349BA5FED43B; //mov rcx, 0x65D0349BA5FED43B
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
return rax;
}
case 4:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DD121B]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFEFEB]
rdx = baseAddr + 0x8817; //lea rdx, [0xFFFFFFFFFAC077A5]
rax ^= rbx; //xor rax, rbx
rax -= r11; //sub rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x647DC95B2924B45D; //mov rcx, 0x647DC95B2924B45D
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xF; //shr rcx, 0x0F
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1E; //shr rcx, 0x1E
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x3C; //shr rcx, 0x3C
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x66F54217655405BD; //mov rcx, 0x66F54217655405BD
rax *= rcx; //imul rax, rcx
return rax;
}
case 5:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD0D17]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFEAE7]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFDA207ED1; //add rcx, 0xFFFFFFFFDA207ED1
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx -= 0x39EDAA32; //sub rcx, 0x39EDAA32
rax ^= rcx; //xor rax, rcx
rcx = 0x24AC8C57718FF261; //mov rcx, 0x24AC8C57718FF261
rax *= rcx; //imul rax, rcx
rcx = 0x5997D68B6A65573B; //mov rcx, 0x5997D68B6A65573B
rax *= rcx; //imul rax, rcx
rcx = 0x5FD1C67422180770; //mov rcx, 0x5FD1C67422180770
rax -= rcx; //sub rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rbx; //mov rcx, rbx
rcx -= r11; //sub rcx, r11
rcx += 0xFFFFFFFFE77DFE7B; //add rcx, 0xFFFFFFFFE77DFE7B
rax += rcx; //add rax, rcx
return rax;
}
case 6:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DD084E]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFE61E]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = 0x53AAB2A28C6F8FF0; //mov rcx, 0x53AAB2A28C6F8FF0
rax ^= rcx; //xor rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rcx ^= rbx; //xor rcx, rbx
rax ^= rcx; //xor rax, rcx
rax += r11; //add rax, r11
rax += rbx; //add rax, rbx
rcx = 0x3EACC212565A3D5; //mov rcx, 0x3EACC212565A3D5
rax *= rcx; //imul rax, rcx
return rax;
}
case 7:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DD03E8]
r11 = baseAddr + 0x8FBF; //lea r11, [0xFFFFFFFFFAC07177]
rcx = baseAddr + 0xD9BA; //lea rcx, [0xFFFFFFFFFAC0B92D]
rcx = ~rcx; //not rcx
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1B; //shr rcx, 0x1B
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x36; //shr rcx, 0x36
rax ^= rcx; //xor rax, rcx
rcx = 0xC097FE30215EF7B; //mov rcx, 0xC097FE30215EF7B
rax -= rcx; //sub rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x27217EED83C00465; //mov rcx, 0x27217EED83C00465
rax *= rcx; //imul rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax ^= rbx; //xor rax, rbx
rax ^= r11; //xor rax, r11
rcx = 0x40FC9A08434EAB8; //mov rcx, 0x40FC9A08434EAB8
rax ^= rcx; //xor rax, rcx
return rax;
}
case 8:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DCFFC8]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFDD98]
rcx = 0xC640566C96CFB225; //mov rcx, 0xC640566C96CFB225
rax *= rcx; //imul rax, rcx
rax ^= r11; //xor rax, r11
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x36BE6884C47C6D33; //mov rcx, 0x36BE6884C47C6D33
rax *= rcx; //imul rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx -= r11; //sub rcx, r11
rcx -= 0x736A3793; //sub rcx, 0x736A3793
rax ^= rcx; //xor rax, rcx
return rax;
}
case 9:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DCFAE6]
r13 = baseAddr + 0x56B5; //lea r13, [0xFFFFFFFFFAC02F6B]
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= r13; //xor rcx, r13
rax -= rcx; //sub rax, rcx
rcx = 0x617EE6B8548ACFF8; //mov rcx, 0x617EE6B8548ACFF8
rax ^= rcx; //xor rax, rcx
rax += rbx; //add rax, rbx
rcx = 0x44AC3A1174A702A7; //mov rcx, 0x44AC3A1174A702A7
rax *= rcx; //imul rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rax ^= rbx; //xor rax, rbx
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rax >>= 0x27; //shr rax, 0x27
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x7915D47D16706192; //mov rcx, 0x7915D47D16706192
rax -= rcx; //sub rax, rcx
return rax;
}
case 10:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DCF6C5]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFD495]
rcx = baseAddr + 0x5A848877; //lea rcx, [0x000000005544595A]
rcx = ~rcx; //not rcx
rcx ^= rbx; //xor rcx, rbx
rax -= rcx; //sub rax, rcx
rcx = 0x21F6FDA360F3B27; //mov rcx, 0x21F6FDA360F3B27
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
rax -= rbx; //sub rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rcx = 0x3B33D31E5AB12803; //mov rcx, 0x3B33D31E5AB12803
rax += rcx; //add rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x26; //shr rcx, 0x26
rax ^= rcx; //xor rax, rcx
return rax;
}
case 11:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DCF224]
rdx = rbx; //mov rdx, rbx
rdx = ~rdx; //not rdx
rcx = baseAddr + 0x28691EFC; //lea rcx, [0x000000002328EC42]
rcx = ~rcx; //not rcx
rdx += rcx; //add rdx, rcx
rax ^= rdx; //xor rax, rdx
rcx = 0x4F163BACB48EBF73; //mov rcx, 0x4F163BACB48EBF73
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x14; //shr rcx, 0x14
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x28; //shr rcx, 0x28
rax ^= rcx; //xor rax, rcx
rcx = 0x4127EEFEDE5B92FD; //mov rcx, 0x4127EEFEDE5B92FD
rax += rcx; //add rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x21; //shr rcx, 0x21
rax ^= rcx; //xor rax, rcx
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r10; //xor rcx, r10
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
rcx = rax; //mov rcx, rax
rcx >>= 0x4; //shr rcx, 0x04
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x8; //shr rcx, 0x08
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x10; //shr rcx, 0x10
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x20; //shr rcx, 0x20
rax ^= rcx; //xor rax, rcx
rcx = 0x397EFF255639273F; //mov rcx, 0x397EFF255639273F
rax *= rcx; //imul rax, rcx
return rax;
}
case 12:
{
r9 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r9, [0x0000000005DCECEF]
r13 = baseAddr + 0x41C6E8B9; //lea r13, [0x000000003C86B378]
rax += rbx; //add rax, rbx
rcx = rax; //mov rcx, rax
rcx >>= 0x22; //shr rcx, 0x22
rax ^= rcx; //xor rax, rcx
rcx = 0x233E216C40FA2CDF; //mov rcx, 0x233E216C40FA2CDF
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax ^= rbx; //xor rax, rbx
rax ^= r13; //xor rax, r13
rcx = 0x6773B66CDA475049; //mov rcx, 0x6773B66CDA475049
rax *= rcx; //imul rax, rcx
uintptr_t RSP_0xFFFFFFFFFFFFFF97;
RSP_0xFFFFFFFFFFFFFF97 = 0xF154E6D1B3660D73; //mov rcx, 0xF154E6D1B3660D73 : RBP+0xFFFFFFFFFFFFFF97
rax ^= RSP_0xFFFFFFFFFFFFFF97; //xor rax, [rbp-0x69]
rcx = 0; //and rcx, 0xFFFFFFFFC0000000
rcx = _rotl64(rcx, 0x10); //rol rcx, 0x10
rcx ^= r9; //xor rcx, r9
rcx = ~rcx; //not rcx
rax *= driver::read<uint64_t>(rcx + 0x15); //imul rax, [rcx+0x15]
return rax;
}
case 13:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DCE815]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFC5D1]
rcx = r11 + 0xba17; //lea rcx, [r11+0xBA17]
rcx += rbx; //add rcx, rbx
rax += rcx; //add rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = baseAddr + 0x9610; //lea rcx, [0xFFFFFFFFFAC0588C]
rdx ^= r10; //xor rdx, r10
rcx = ~rcx; //not rcx
rcx -= rbx; //sub rcx, rbx
rdx = ~rdx; //not rdx
rax += rcx; //add rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = rax; //mov rcx, rax
rdx = baseAddr + 0x102B1DCA; //lea rdx, [0x000000000AEAE1D6]
rcx >>= 0x15; //shr rcx, 0x15
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x2A; //shr rcx, 0x2A
rax ^= rcx; //xor rax, rcx
rcx = 0x6A8B294107CC0501; //mov rcx, 0x6A8B294107CC0501
rax ^= rcx; //xor rax, rcx
rcx = 0x2EA5061AACD42452; //mov rcx, 0x2EA5061AACD42452
rax -= rcx; //sub rax, rcx
rcx = rbx; //mov rcx, rbx
rcx = ~rcx; //not rcx
rcx ^= rdx; //xor rcx, rdx
rax += rcx; //add rax, rcx
rcx = 0x4EB7AE4244212391; //mov rcx, 0x4EB7AE4244212391
rax *= rcx; //imul rax, rcx
return rax;
}
case 14:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DCE3F9]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFC1C9]
rax ^= r11; //xor rax, r11
rcx = 0xC752E26BA360D032; //mov rcx, 0xC752E26BA360D032
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x19; //shr rcx, 0x19
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x32; //shr rcx, 0x32
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xD; //shr rcx, 0x0D
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x1A; //shr rcx, 0x1A
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rcx = rax; //mov rcx, rax
rdx ^= r10; //xor rdx, r10
rcx >>= 0x34; //shr rcx, 0x34
rdx = ~rdx; //not rdx
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rcx = 0x5436A045E6437655; //mov rcx, 0x5436A045E6437655
rax ^= r11; //xor rax, r11
rax *= rcx; //imul rax, rcx
return rax;
}
case 15:
{
r10 = driver::read<uint64_t>(baseAddr + 0xB1D221D); //mov r10, [0x0000000005DCDF95]
r11 = baseAddr; //lea r11, [0xFFFFFFFFFABFBD65]
rcx = rax; //mov rcx, rax
rcx >>= 0x6; //shr rcx, 0x06
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0xC; //shr rcx, 0x0C
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x18; //shr rcx, 0x18
rax ^= rcx; //xor rax, rcx
rdx = 0; //and rdx, 0xFFFFFFFFC0000000
rdx = _rotl64(rdx, 0x10); //rol rdx, 0x10
rdx ^= r10; //xor rdx, r10
rcx = rax; //mov rcx, rax
rdx = ~rdx; //not rdx
rcx >>= 0x30; //shr rcx, 0x30
rax ^= rcx; //xor rax, rcx
rax *= driver::read<uint64_t>(rdx + 0x15); //imul rax, [rdx+0x15]
rax += r11; //add rax, r11
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xB6C3A6FE99C92A23; //mov rcx, 0xB6C3A6FE99C92A23
rax *= rcx; //imul rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x9; //shr rcx, 0x09
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x12; //shr rcx, 0x12
rax ^= rcx; //xor rax, rcx
rcx = rax; //mov rcx, rax
rcx >>= 0x24; //shr rcx, 0x24
rax ^= rcx; //xor rax, rcx
rcx = 0xD7420EB04571AACF; //mov rcx, 0xD7420EB04571AACF
rax *= rcx; //imul rax, rcx
rcx = 0x578A3A3D4AF2D633; //mov rcx, 0x578A3A3D4AF2D633
rax += rcx; //add rax, rcx
return rax;
}
}
}
extern "C" auto XBOXget_bone_index(uint32_t bone_index, uint64_t baseAddr) -> uint64_t
{
const uint64_t mb = baseAddr;
uint64_t rax = mb, rbx = mb, rcx = mb, rdx = mb, rdi = mb, rsi = mb, r8 = mb, r9 = mb, r10 = mb, r11 = mb, r12 = mb, r13 = mb, r14 = mb, r15 = mb;
rdi = bone_index;
rcx = rdi * 0x13C8;
rax = 0xCC70CD3D3E0A7B49; //mov rax, 0xCC70CD3D3E0A7B49
rax = _umul128(rax, rcx, (uintptr_t*)&rdx); //mul rcx
r11 = baseAddr; //lea r11, [0xFFFFFFFFFD7A5535]
r10 = 0x45F86A52798F52B7; //mov r10, 0x45F86A52798F52B7
rdx >>= 0xC; //shr rdx, 0x0C
rax = rdx * 0x1409; //imul rax, rdx, 0x1409
rcx -= rax; //sub rcx, rax
rax = 0xDC9D0ECFCB6E9379; //mov rax, 0xDC9D0ECFCB6E9379
r8 = rcx * 0x1409; //imul r8, rcx, 0x1409
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0xD; //shr rdx, 0x0D
rax = rdx * 0x2522; //imul rax, rdx, 0x2522
r8 -= rax; //sub r8, rax
rax = 0x49539E3B2D066EA3; //mov rax, 0x49539E3B2D066EA3
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r8; //mov rax, r8
rax -= rdx; //sub rax, rdx
rax >>= 0x1; //shr rax, 0x01
rax += rdx; //add rax, rdx
rax >>= 0x9; //shr rax, 0x09
rcx = rax * 0x31C; //imul rcx, rax, 0x31C
rax = 0xD79435E50D79435F; //mov rax, 0xD79435E50D79435F
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rdx >>= 0x4; //shr rdx, 0x04
rcx += rdx; //add rcx, rdx
rax = rcx * 0x26; //imul rax, rcx, 0x26
rcx = r8 + r8 * 4; //lea rcx, [r8+r8*4]
rcx <<= 0x3; //shl rcx, 0x03
rcx -= rax; //sub rcx, rax
rax = driver::read<uint16_t>(rcx + r11 * 1 + 0xB28E180); //movzx eax, word ptr [rcx+r11*1+0xB28E180]
r8 = rax * 0x13C8; //imul r8, rax, 0x13C8
rax = r10; //mov rax, r10
rax = _umul128(rax, r8, (uintptr_t*)&rdx); //mul r8
rax = r10; //mov rax, r10
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0x1D45; //imul rcx, rdx, 0x1D45
r8 -= rcx; //sub r8, rcx
r9 = r8 * 0x39A6; //imul r9, r8, 0x39A6
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0xB; //shr rdx, 0x0B
rax = rdx * 0x1D45; //imul rax, rdx, 0x1D45
r9 -= rax; //sub r9, rax
rax = 0x88ECF206D1CD0DD7; //mov rax, 0x88ECF206D1CD0DD7
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rax = 0xAAAAAAAAAAAAAAAB; //mov rax, 0xAAAAAAAAAAAAAAAB
rdx >>= 0xB; //shr rdx, 0x0B
rcx = rdx * 0xEF5; //imul rcx, rdx, 0xEF5
rax = _umul128(rax, r9, (uintptr_t*)&rdx); //mul r9
rdx >>= 0x1; //shr rdx, 0x01
rcx += rdx; //add rcx, rdx
rax = rcx + rcx * 2; //lea rax, [rcx+rcx*2]
rax += rax; //add rax, rax
rcx = r9 * 8 + 0x0; //lea rcx, [r9*8]
rcx -= rax; //sub rcx, rax
r15 = driver::read<uint16_t>(rcx + r11 * 1 + 0xB2957B0); //movsx r15d, word ptr [rcx+r11*1+0xB2957B0]
return r15;
}
}Editor is loading...
Leave a Comment