Mirror Cheat Table - Kagami Works game
Features
Cheat Scripts
Features
- God mode
- infinite special
- freeze turns
- increase / decrease pain
- modify attack, rage, pain, silence, broken cloth
Cheat Scripts
god mode cheat:
[ENABLE]
Player:TakeDamage:
db C3 8B EC 57 83 EC 14
[DISABLE]
Player:TakeDamage:
db 55 8B EC 57 83 EC 14
//Alt: db 55 8B EC 57 83 EC 14
infinite special skills:
[ENABLE]
aobscan(nouse,48 89 47 40 8B 4F 30 8B) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
cmp [edi+40],0A
je code
inc eax
code:
mov [edi+40],eax
mov ecx,[edi+30]
jmp return
nouse:
jmp newmem
nop
nop
return:
registersymbol(nouse)
[DISABLE]
nouse:
db 48 89 47 40 8B 4F 30
unregistersymbol(nouse)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0FD321A2
""+FD32183: 89 08 - mov [eax],ecx
""+FD32185: 8B 05 40 8E 3C 04 - mov eax,[043C8E40]
""+FD3218B: 83 EC 08 - sub esp,08
""+FD3218E: 50 - push eax
""+FD3218F: 56 - push esi
""+FD32190: 39 36 - cmp [esi],esi
""+FD32192: E8 39 27 C0 F4 - call 049348D0
""+FD32197: 83 C4 10 - add esp,10
""+FD3219A: E9 B6 00 00 00 - jmp 0FD32255
""+FD3219F: 8B 47 40 - mov eax,[edi+40]
// ---------- INJECTING HERE ----------
""+FD321A2: 48 - dec eax
""+FD321A3: 89 47 40 - mov [edi+40],eax
""+FD321A6: 8B 4F 30 - mov ecx,[edi+30]
// ---------- DONE INJECTING ----------
""+FD321A9: 8B 05 44 8E 3C 04 - mov eax,[043C8E44]
""+FD321AF: 8B F1 - mov esi,ecx
""+FD321B1: 85 C0 - test eax,eax
""+FD321B3: 75 2E - jne 0FD321E3
""+FD321B5: 83 EC 0C - sub esp,0C
""+FD321B8: 68 7C 5A D3 0D - push 0DD35A7C
""+FD321BD: E8 4E E9 BC F4 - call 04900B10
""+FD321C2: 83 C4 10 - add esp,10
""+FD321C5: 8B C8 - mov ecx,eax
""+FD321C7: C7 41 14 58 E5 DE 0D - mov [ecx+14],0DDEE558
}
player base address finder:
[ENABLE]
aobscan(rage_base,47 4C 8B C8 39 09 8B 80 90 00 00 00) // should be unique
alloc(newmem,$100)
label(code)
label(return)
label(rage1)
registersymbol(rage1)
newmem:
code:
cmp [ecx],ecx
mov [rage1],ecx
mov eax,[eax+00000090]
jmp return
rage1:
dd 0
rage_base+04:
jmp newmem
nop
nop
nop
return:
registersymbol(rage_base)
[DISABLE]
rage_base+04:
db 39 09 8B 80 90 00 00 00
unregistersymbol(rage_base)
unregistersymbol(rage1)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0D7825DA
""+D7825B4: 85 C0 - test eax,eax
""+D7825B6: 0F 85 5D 00 00 00 - jne 0D782619
""+D7825BC: 8B 05 94 AF 90 0F - mov eax,[0F90AF94]
""+D7825C2: 85 C0 - test eax,eax
""+D7825C4: 0F 85 4F 00 00 00 - jne 0D782619
""+D7825CA: 0F B6 87 BD 00 00 00 - movzx eax,byte ptr [edi+000000BD]
""+D7825D1: 85 C0 - test eax,eax
""+D7825D3: 75 44 - jne 0D782619
""+D7825D5: 8B 47 4C - mov eax,[edi+4C]
""+D7825D8: 8B C8 - mov ecx,eax
// ---------- INJECTING HERE ----------
""+D7825DA: 39 09 - cmp [ecx],ecx
""+D7825DC: 8B 80 90 00 00 00 - mov eax,[eax+00000090]
// ---------- DONE INJECTING ----------
""+D7825E2: 8B C8 - mov ecx,eax
""+D7825E4: 39 09 - cmp [ecx],ecx
""+D7825E6: 0F B6 40 28 - movzx eax,byte ptr [eax+28]
""+D7825EA: 85 C0 - test eax,eax
""+D7825EC: 75 2B - jne 0D782619
""+D7825EE: 8B 47 24 - mov eax,[edi+24]
""+D7825F1: 8B C8 - mov ecx,eax
""+D7825F3: 39 09 - cmp [ecx],ecx
""+D7825F5: 8B 40 2C - mov eax,[eax+2C]
""+D7825F8: 85 C0 - test eax,eax
}
