Breaking the speed limit

http://www.vktv.no/~zero/stuff/last_cave_booster.avi
http://www.vktv.no/~zero/stuff/plantation_booster.avi
I just had to do it

 

Awesome
Any hints on how to find the offsets to do this?

 

I lol'd.
Totally awesome! :3

 

WHoa.........

Edit - clap.

Edity - clap clap.

Editiness - more claps.

Editinity - CLAPSORZ

 

I can't watch these. o.o

I'm using RealPlayer, I tried Windows Media Player and ZoomPlayer as well, can't work. Maybe I don't have some codec.

 

I can't watch these. o.o

I'm using RealPlayer, I tried Windows Media Player and ZoomPlayer as well, can't work. Maybe I don't have some codec.

Try mplayer (this not windows media player) or vlc for free media players that play nearly everything (no need for codecs).

 

I can't watch these. o.o

I'm using RealPlayer, I tried Windows Media Player and ZoomPlayer as well, can't work. Maybe I don't have some codec.

Winamp or die.

 

Please remain on-topic.

 

Please remain on-topic.

:eeks:

*offtopicnessnomorewhooOOoooOooo*

*is trying to search for the offsets by randomly messing up my .exe and it is currently just destroying my whole Cave Story folder*

 

Simple.


Cave story version 1.0.0.6
4160ED: cmp dword ptr[0x49E66C],0x5FF
4160D7: cmp dword ptr[0x49E66C],-0x5FF


change it to oh say... i dunno
4160ED: cmp dword ptr[0x49E66C],0xFFFF
4160D7: cmp dword ptr[0x49E66C],-0xFFFF



and you increase your speed. Nothing special.

(In specific:
004160ED: 813D6CE64900FF050000 -> 813D6CE64900FFFF0000
004160D7: 813D6CE6490001FAFFFF -> 813D6CE649000100FFFF )

 

Simple.


Cave story version 1.0.0.6
4160ED: cmp dword ptr[0x49E66C],0x5FF
4160D7: cmp dword ptr[0x49E66C],-0x5FF


change it to oh say... i dunno
4160ED: cmp dword ptr[0x49E66C],0xFFFF
4160D7: cmp dword ptr[0x49E66C],-0xFFFF



and you increase your speed. Nothing special.

(In specific:
004160ED: 813D6CE64900FF050000 -> 813D6CE64900FFFF0000
004160D7: 813D6CE6490001FAFFFF -> 813D6CE649000100FFFF )

OMFG TY

Shall start working on mod right now! Enough info already lolx

Edit - erm wait... theres aren't offsets. They're invalid o.o

 

Modify the assembly.


Note that it was taken during runtime. Meaning 4160ED = 160ED



edit: For some reason, calling it an offset bothers me. Sure an address is an offset from 0x00000000, but in reality, an offset is a certain x amount of bytes ( that x = the offset ) from a pointer.

 

Modify the assembly.


Note that it was taken during runtime. Meaning 4160ED = 160ED

OH. THE OFFSET IS 160ED~!!

TY

CLAP

CLAPS

MORE CLAPS

CLAPPY

LOTS OF CLAPZ..

 

Aww man Assembly codes.

I suck at that.. Actually I don't even know how to do Assembly =S.

Cave story has an amazing habit of pausing when its not the active window. Which is ideal for debugging purposes.

What you want to do is search for a value thats 0 when youre standing still. Then start moving, just barely, and immediately change to your debugger/memory editor. Search for "has increased." then on cave story, start running at your full potential, search for "has increased." Slow down a little, but dont stop all the way, search for "has decreased." Stop totally, search for "is 0."

That's what I did. I wound up with a variable that contains your current velocity ( you can tell, because when running at max speed, itll display like... 833 as a value when running at max speed to the right, and 1535 max jetpack speed to the right ).


Breakpoint it. Find where its accessed. Remember that we know that 1535 is a maximum for our jetpack, which translates to 5FF.


Note cmp dword ptr[0x49E66C],0x5FF

-as you can tell, 0x49E66C contains your current velocity (pixels per second I think).

dword ptr[0x49E66C] just means access this memory location.

It's comparing our velocity to 0x5FF in this assembly. So, we can assume that this is a maximum for running to the right, speed wise, for the jetpack.


Well, change 0x5FF, to 0xFFFF, increase our maximum velocity to a larger number, it means our jetpack can reach higher speeds.


To the left is simple as well, its -0x5FF. I've yet to bother with going up and down, probably because I don't care THAT much. ooh, my age of empires torrent is done <_< I steal teh gamez

 

YOu're good

Wait I'm trying to post clearer offsets on how to edit the Jeppack =S

Edit - what do you mean by 4160D7: cmp dword ptr[0x49E66C],-0x5FF

 

(In specific:
004160ED: 813D6CE64900FF050000 -> 813D6CE64900FFFF0000
004160D7: 813D6CE6490001FAFFFF -> 813D6CE649000100FFFF )


Remember when i posted that?

Just go to your cave story 1.0.0.6, go to address 0x160ED,
and find the bytes 81 3D 6C E6 49 00 FF 05 00 00.

Once you found them, change it to 81 3D 6C E6 49 00 FF FF 00 00


same for the other values

 

Cool that you decided you post them :3
I'll try them later

Edit - what do you mean by 4160D7: cmp dword ptr[0x49E66C],-0x5FF

That's assembly man, you should learn how to deal with it

 

Simple.

Yeah, but it was a little more than that

Here's what I did, for comparison:

4160D7 x_negative:
4160D7 cmp     dword ptr speed_x, -1535

; [b]I changed this to jmp short 0x41612F, effectively ignoring the max speed tests[/b]
4160E1 jge     short x_positive
4160E3 mov     dword ptr speed_x, -1535

4160ED x_positive:
4160ED cmp     dword ptr speed_x, 1535
4160F7 jle     short y_negative
4160F9 mov     dword ptr speed_x, 1535

416103 y_negative:
416103 cmp     dword ptr speed_y, -1535
41610D jge     short y_positive
41610F mov     dword ptr speed_y, -1535

416119 y_positive:
416119 cmp     dword ptr speed_y, 1535
416123 jle     short 0x41612F
416125 mov     dword ptr speed_y, 1535

415C5D mov     eax, booster_energy

; [b]and i changed this to mov al, 0x40 for "super booster" ;)[/b]
415C62 sub     eax, 1
415C65 mov     booster_energy, eax

4159A3 mov     byte ptr booster_direction, 2  ; booster_up

; [b]and finally, I changed this one to something higher (lower),[/b]
; [b]along with the other directions (just follow the code)[/b]
4159B4 mov     dword ptr speed_y, -1535

And there you have it. Nothing special, as you said, but that wasn't the point either

 

Urgh Assembly...

*Is soon going to be forced to have to learn Assembly to make mod great*

Although my spriting just messes all my effeort up =/

 

Yeah, but it was a little more than that

Here's what I did, for comparison:

4160D7 x_negative:
4160D7 cmp     dword ptr speed_x, -1535

; [b]I changed this to jmp short 0x41612F, effectively ignoring the max speed tests[/b]
4160E1 jge     short x_positive
4160E3 mov     dword ptr speed_x, -1535

4160ED x_positive:
4160ED cmp     dword ptr speed_x, 1535
4160F7 jle     short y_negative
4160F9 mov     dword ptr speed_x, 1535

416103 y_negative:
416103 cmp     dword ptr speed_y, -1535
41610D jge     short y_positive
41610F mov     dword ptr speed_y, -1535

416119 y_positive:
416119 cmp     dword ptr speed_y, 1535
416123 jle     short 0x41612F
416125 mov     dword ptr speed_y, 1535

415C5D mov     eax, booster_energy

; [b]and i changed this to mov al, 0x40 for "super booster" ;)[/b]
415C62 sub     eax, 1
415C65 mov     booster_energy, eax

4159A3 mov     byte ptr booster_direction, 2  ; booster_up

; [b]and finally, I changed this one to something higher (lower),[/b]
; [b]along with the other directions (just follow the code)[/b]
4159B4 mov     dword ptr speed_y, -1535

And there you have it. Nothing special, as you said, but that wasn't the point either

It turns out I only torrented the expansion (bah) for AoE3. And now I gotta bother with cave story until the actual game is installed.


But before that, I finished my method in like 3 minutes, meaning I didn't look into it in depth.


But damn, now I need something to do until the torrent finishes. I'm probably gonna play psobb, but I dunno..