How was the "Assembly Compendium" created?

How does one document something like "Assembly Compendium" ? Is there a systematic way to do it. Does one go through the assembly code line by line from start to finish? How did they figure the NPC offsets? How did they find out that the maxhealth is stored in the address 0049E6D0 ? How did they know that the function located at address 40ac90 is responsible for "create_animated_effect" ? I'm interested in learning how to reverse engineer games. Any tips would be helpful!

 

You use Olly dbg and start tinkering with things, make Parts of code CALL these functions and see what happens. Also having a RAM checker can help you find things and the like
Also purposely corrupting code (like a function can be a interesting way to see exactly what's part of the game you're messing with)

Those who did it like RuneLace and S.P blazed the trail so people like Nodix and Carrotlord could make editors that could use this precious data and modify it to each modders liking.

 

RuneLace

Nodix

I think this is my favorite post of the year now. Especially "Nodix".

 

You use Olly dbg and start tinkering with things, make Parts of code CALL these functions and see what happens. Also having a RAM checker can help you find things and the like
Also purposely corrupting code (like a function can be a interesting way to see exactly what's part of the game you're messing with)

Those who did it like RuneLace and S.P blazed the trail so people like Nodix and Carrotlord could make editors that could use this precious data and modify it to each modders liking.

Cool. I can see how calling different functions to see what they could do could be helpful. I just tried corrupting a function by replacing its first instruction with RETN and it definitely shows me exactly what i'm messing with, so tnx for the tip

What is a RAM checker by the way? Any existing tools that you recommend?

 

As well if you have experience with these things you can start to notice patterns in the code that let you make informed guesses about things. A good debugger/disassembler helps here too to show you the structure of the code.

But mostly guess and test is the methodology used. It takes time. Helps if there are a lot of people working on it at once, that document up there still spans about three years of work by multiple people.

 

I think this is my favorite post of the year now. Especially "Nodix".

I am going to restrict myself from making post 5 minutes before bedtime.

 

I am going to restrict myself from making post 5 minutes before bedtime.

Oh come on BLink, you could have played it cool and acted like that was on purpose. At first I thought you were making a clever portmanteau of RuneLancer and Lace, and that Nodix was a mix of Noxid and some other hacking pioneer that wasn't obvious to me.

 

Considering that I thought RuneLacer and Lace were the same person I don't deserve to not be made a fool of at this point.

 

Yay. After more googling and watching videos, I finally understand how some of the memory addresses were derived. CheatEngine (quite impressed with its functionality) and MemoryHackingSoftware seems to be quite useful.

So I guess the core idea is to change values in the game and search for these changes in the memory (whether in terms of specific value, values decreased/increased, or values changed/unchanged) .