Quick Modding/Hacking Answers Thread

It's nice to see that you're actually taking this seriously. But I have no clue why you would bother with using an add for this.

MOV EDX,DWORD PTR DS:[49E6D0]
MOV DWORD PTR DS:[49E6CC],EDX
RETN

That's all that's required to set your current hp to your max hp (fill up your hp completely).

I don't even know why you're doing the cmp at the end, really.

 

Ohh, I get it!
I really overcomplicated that.
...Wow, it's so simple!
Oh, and the cmp checks if the current hp is equal to the max hp. I still don't see how that wouldn't work.
Meh. Thanks!

 

A CMP is only useful if you do something after it such as JNE JE JGE JG JL JLE JA JB

 

...Wouldn't it work with retn? I think it uses less memory than jmp anyway.

 

The retn would execute regardless of the outcome of the cmp

 

...oops.
That would be why it didn't work.
So cmp only works with jump commands? (I mean all jump commands)

 

Basically, yes.
There are actually a few others it does affect, but they are really obscure and even I don't know exactly how to use them so you don't need to worry about it.

 

ret returns to where a function was called from, jmp jumps to a specific point in the code, and conditional jumps are basically the only thing that cmp effects. the reason that ret takes so little space is because it's just popping a value. jmps add or subtract to eip (?) in order to get to the right place.

 

Could use some assistance. Working on a rewrite of the Fireball bullet, but not certain what some of the code is doing.

00404B7F  |>  C745 CC 00000000             MOV DWORD PTR SS:[EBP-34],0
00404B86  |.  8B55 08                      MOV EDX,DWORD PTR SS:[EBP+8]             ; maybe this has something to do with hitting tiles?
00404B89  |.  8B02                         MOV EAX,DWORD PTR DS:[EDX]
00404B8B  |.  83E0 02                      AND EAX,00000002
00404B8E  |.  74 11                        JE SHORT 00404BA1
00404B90  |.  8B4D 08                      MOV ECX,DWORD PTR SS:[EBP+8]
00404B93  |.  8B11                         MOV EDX,DWORD PTR DS:[ECX]
00404B95  |.  83E2 08                      AND EDX,00000008
00404B98  |.  74 07                        JE SHORT 00404BA1
00404B9A  |.  C745 CC 01000000             MOV DWORD PTR SS:[EBP-34],1
00404BA1  |>  8B45 08                      MOV EAX,DWORD PTR SS:[EBP+8]
00404BA4  |.  8B08                         MOV ECX,DWORD PTR DS:[EAX]
00404BA6  |.  83E1 01                      AND ECX,00000001
00404BA9  |.  74 11                        JE SHORT 00404BBC
00404BAB  |.  8B55 08                      MOV EDX,DWORD PTR SS:[EBP+8]
00404BAE  |.  8B02                         MOV EAX,DWORD PTR DS:[EDX]
00404BB0  |.  83E0 04                      AND EAX,00000004
00404BB3  |.  74 07                        JE SHORT 00404BBC

Any clue what the EBP-34 is? And what is it checking against? I think this is part of the bullet's "bouncing" but I'm not sure since it's one bullet that handles three bullets.

 

Try screwing with it. You know, like cut>paste it into the comments, then putting a NOP in.
If it doesn't bounce, it is probably the bounce code.
To quote myself:

Testing is the key to success.
Always.
ALWAYS.
ALWAYS!!!!!

 

Thank you for stating the obvious.

 

Because it's [ebp-n], that means it's a local variable of some sort. What it seems to be doing is checking the entity's InUse variable to see if certain flags are set, plus whatever [E_X+38] is and if conditions are met then it's setting [ebp-34] to TRUE. I assume it'll be used later in the code as a condition.

 

A local huh? Alright, thanks. Now I think I know what it's doing. Seems to be a check to see if the projectile had 'hit' the wall the previous frame, and change direction.

 

Thank you for stating the obvious.

I bleh at you.

EDIT: So, how would you find the current weapon's level in ASM? Would it be an ESP+## thing?
I've been trying to find it for a while.
I also checked the compendium, but it shows an address that isn't even found in ollydbg.

 

If you're trying to find it out inside a weapon, well it's already there. Otherwise you'll need to sift through the equipped weapons table, using the offsets to find (and return) the data you need.

Actually, I've already written a function that does just that... since I wanted to be able to get the level data from inside a bullet.

CPU Disasm
Address   Hex dump          Command                                  Comments
00494360    55              PUSH EBP
00494361    8BEC            MOV EBP,ESP
00494363    51              PUSH ECX
00494364    C745 FC 0000000 MOV DWORD PTR SS:[EBP-4],0
0049436B    EB 09           JMP SHORT 00494376
0049436D    8B45 FC         MOV EAX,DWORD PTR SS:[EBP-4]
00494370    83C0 01         ADD EAX,1
00494373    8945 FC         MOV DWORD PTR SS:[EBP-4],EAX
00494376    837D FC 08      CMP DWORD PTR SS:[EBP-4],8
0049437A    7D 1B           JGE SHORT 00494397
0049437C    8B4D FC         MOV ECX,DWORD PTR SS:[EBP-4]
0049437F    6BC9 14         IMUL ECX,ECX,14
00494382    8B91 C89B4900   MOV EDX,DWORD PTR DS:[ECX+499BC8]
00494388    3B55 08         CMP EDX,DWORD PTR SS:[EBP+8]
0049438B    75 08           JNE SHORT 00494395
0049438D    8B81 CC9B4900   MOV EAX,DWORD PTR DS:[ECX+499BCC]
00494393    EB 04           JMP SHORT 00494399
00494395  ^ EB D6           JMP SHORT 0049436D
00494397    31C0            XOR EAX,EAX
00494399    89EC            MOV ESP,EBP
0049439B    5D              POP EBP
0049439C    C3              RETN

 

So, all that finds the level of a weapon?
Where does it store it?

EDIT: Hmm. Your avatar looks different, but the same.

 

In EAX. Here, this is the reason I wrote the function. This is the top most portion of my Fireball bullet:

CPU Disasm
Address   Hex dump          Command                                  Comments
00404B39  |.  6A 03         PUSH 3
00404B3B  |.  E8 20F80800   CALL 00494360
00404B40  |.  83C4 04       ADD ESP,4
00404B43  |.  89C1          MOV ECX,EAX
00404B45  |.  BA 01000000   MOV EDX,1
00404B4A  |.  01D0          ADD EAX,EDX
00404B4C  |.  8B55 08       MOV EDX,DWORD PTR SS:[EBP+8]
00404B4F  |.  8942 58       MOV DWORD PTR DS:[EDX+58],EAX

It does this to configure the damage by level, without having to use more than one bullet. I did this because the other two bullets are used for additional effects the fireball has. (Leaving behind a trail of fire, for instance)

And yes, the avatar has changed. It's part of a matte painting I never finished. Here's one of my galleries, if you're so inclined: link Do be aware that some of it is considerably NSFW, and definitely not something minors should look at. However, viewing -those- entries will require an account of your own, and actually being old enough.

 

Interesting. So the level 2 bullet data might be used for a trail of fire instead of the gunshot itself?
That's really creative!

 

Bullets aren't actually linked to the weapon structure. They're specified inside the weapon code itself. I'm not sure why Cave Editor displays them together.

 

Man, you're a lifesaver.
I can finally finish my weapon!
(If I ever get the will to pick my compy up.)