Randolf's basic weapon hacking tutorials (7 weapons, so far)

Jan 22, 2014 at 2:40 PM
Hina
Hina
hi hi
"What're YOU lookin' at?"
Join Date: Oct 17, 2011
Location: probably somewhere else
Posts: 1099
Age: 26
Instead of a video tutorial, I decided to make that with only pictures and text. Sorry to everyone who expected a video!

OK, let's go.
I'm using OllyDbg 1.10, and it's working fine for me.

Machine Gun
Go to address 0041E3D0. It's the Machine Gun (weapon) address.
p178524-0-o50nj9l.png

Maximum number of shots allowed on-screen.
0041E3E0 CMP EAX,4
Useful when you also make MG shoot faster. I usually change it to 16 (hex).

p178524-1-lj4dnug.png

Bullets fired at respective levels.
Default: level 1 - bullet 0A, level 2 - bullet 0B, level 3 - bullet 0C.
Trust me, it's fun to have MG shoot Nemesis projectiles!


p178524-2-b4vfk4k.png

Firing speed
0041E457 CMP EAX,6
The lower the value, the faster MG will shoot. Don't forget to increase no. of bullets allowed on screen!

p178524-3-rc4jhhy.png

Sound played when empty
Default: 25 hex -> 37 dec
It's funny to have MG roar when out of ammo.

p178524-4-wauxrew.png

MG pushing the player downwards when firing up
Remove these two lines to have it push the player downwards on any level.
Change the "3" to "1" or "2" to have it push the player on desired level.
Change "JNZ" to "JL" to make it push the player only on level 1 and 2.
Change "3" to "1" and "JNZ" to "JG" to make it push the player only on level 2 and 3.

p178524-5-zzharhq.png

Flying when firing downwards
Same as before.
p178524-6-heceeeh.png

Sounds played when firing
Default: level 3 - 31 (hex), levels 1 and 2 - 20 (hex)

p178524-7-mpmovla.png

Ammo reload and firing speed
0041E761 CMP DWORD PTR DS:[4A5554],1 -> ammo reload speed; lower value = faster reload (Turbocharge equipped)
0041E774 PUSH 1 -> how many bullets are reloaded at time (Turbocharge equipped)
0041E780 CMP DWORD PTR DS:[4A5554],4 -> ammo reload speed; lower value = faster reload (no Turbocharge)
0041E793 PUSH 1 -> how many bullets are reloaded at time (no Turbocharge)
For example, you can have Turbocharge reload bullets at normal speed, but two at time. change any one PUSHed values to 0 and MG won't reload at all.

p178524-8-easafy9.png

Polar Star
Go to 0041DE60 - it's the address of Polar Star (weapon).
p178524-9-mx9owm5.png

Bullets fired at respective levels:
Default:
level 1 - bullet 4
level 2 - bullet 5
level 3 - bullet 6
Refer to the bullet list.

p178524-10-0k8i0aw.png

Maximum shots allowed on-screen:
Default 2 (the number next to EAX +1)
BTW, 0041DEAD, nice address
p178524-11-lbojwap.png


Ammo consumed with one shot
Change the PUSHed number.
Default 1
p178524-12-zayadc4.png

Sound played when out of ammo
Default 25 (hex)
p178524-13-jntezth.png

Sounds played when shot
PUSH 31 - level 3
PUSH 20 - level 1 and 2

p178524-14-r5t7xkx.png

Fireball
Go to address 0041E110 (Fireball - weapon).
p178524-15-cppppbl.png

Maximum bullets allowed on-screen: level 1
The number next to EAX +1 (so, by default 1+1=2)
p178524-16-vlgkhau.png

Bullet fired: level 1
Default: bullet 7
p178524-17-rzna25o.png

Maximum bullets allowed on-screen: level 2
The number next to EAX +1 (so, by default 2+1=3)
p178524-18-yc1bgbp.png

Bullet fired: level 2
Default: bullet 8
p178524-19-q2a8vgc.png

Maximum bullets allowed on-screen: level 3
The number next to EAX +1 (so, by default 3+1=4)
p178524-20-q5qlqz2.png

Bullet fired: level 3
Default: bullet 9
p178524-21-fj0q0fu.png

Ammo consumed with one shot
Default: 1
p178524-22-qh8e9rs.png

Sound played when shot
Default: 22 (hex)
p178524-23-shlbf50.png

Blade
Go to address 0041F580 (Blade - weapon).
p178524-24-geyynfx.png

Blade doesn't allow us to customize the number of allowed shots... We can only go with 0, 1 or unlimited. 0 is a dumb idea (yeehaa I can't shoot, kill me), so if you want unlimited shots. If you want to have unlimited shots, change TEST EAX,EAX to JMP 41F599. Should work.
p178524-25-db31vp9.png

Bullets shot on each level.
Default:
level 1: bullet 19 (hex)
level 2: bullet 1A (hex)
level 3: bullet 1B (hex
p178524-26-gozmixw.png

Sound played when shot
Default: 22 (hex)
p178524-27-d613zdg.png

Nemesis
Here we go. Address 0041F710 (Nemesis - weapon).
p178524-28-upevaah.png


Bullets fired at respective levels
Default:
level 1: bullet 22 (hex)
level 2: bullet 23 (hex)
level 3: bullet 24 (hex)
Now you can make Nemesis get stronger with gaining levels!
p178524-29-6yr8id9.png


Maximum shots allowed on-screen
The number next to ECX +1 (so, by default it's 1+1=2)
p178524-30-xdbz9br.png

Ammo taken when shot
Default 1 (of course). Change the PUSHed number.
p178524-31-c58wadf.png

Sound played when empty
Default: 25 (hex)
p178524-32-ryawcae.png

Sounds played when shot (the PUSHed values)
Default:
level 1: sound 75 (hex)
level 2: sound 31 (hex)
level 3: sound 3C (hex)
p178524-33-fb2mu0m.png

(Super) Missile Launcher
I will refer to Missile Launcher as ML and Super Missile Launcher as SML.

Go to address 0041E7B0 - Missile Launcher (weapon).
There's also Super Missile Launcher code there.
p178524-34-cajovku.png

Bullets fired: SML
Default:
Lv1: bullet 1C
Lv2: bullet 1D
Lv3: bullet 1E
p178524-35-1ht2tqw.png

Maximum shots allowed on-screen: SML
Level 1 is not so modifiable. It's 0 or unlimited.
For unlimited shots, do this:
0041E817 JMP 0041E820

0041E82A JMP 0041E833
Level 2 is modifiable.
Maximum number of shots allowed is the number next to EAX +1.
Edit both of these.

0041E83F CMP EAX,1

0041E853 CMP EAX,1
Level 3 by default allows 4 shots to be on-screen (EAX +1, again). Which means we can shoot two times, because level 3 shots three bullets at time.
Edit both of these.
0041E869 CMP EAX,3


0041E87D CMP EAX,3
No pictures for this, because these are just single values, and I would need at least six of them for this.

Bullets fired: ML
Default:
Lv1: bullet 0D
Lv2: bullet 0E
Lv3: bullet 0F
p178524-36-9q3ffuv.png

Maximum shots allowed on-screen: ML

Same deal as with SML.

Unlimited level 1 shots:
0041E8E3 JMP 0041E8EC

0041E8F6 JMP 0041E8FF
Level 2 (EAX +1):
0041E90B CMP EAX,1

0041E91F CMP EAX,1
Level 3 (EAX +1):
0041E935 CMP EAX,3

0041E949 CMP EAX,3

Ammo consumed with one shot (levels 1 and 2) (default 1)
p178524-37-btw3v5d.png

Sound played when empty (level 1 and 2) (default 25 (hex))
p178524-38-mnokcpo.png

Ammo consumed with one shot (level 3) (default 1)
p178524-39-6r7xzjy.png

Sound played when empty (level 3) (default 25 (hex))
p178524-40-orrwvrz.png

Shot sound
Default: 20 (hex)
p178524-41-ir2r1xj.png

Useful things
List of bullets:
1 - Snake lv1
2 - Snake lv2
3 - Snake lv3
4 - Polar Star lv1
5 - Polar Star lv2
6 - Polar Star lv3
7 - Fireball lv1
8 - Fireball lv2
9 - Fireball lv3
0A - Machine Gun lv1
0B - MG lv2
0C - MG lv3
0D - Missile Launcher lv1
0E - ML lv2
0F - ML lv3
10-12 - ML explosion
13 - Bubbler lv1
14 - Bubbler lv2
15 - Bubbler lv3
16 - Bubbler Thorns/whatever is fired when lv3 Bubbler projectiles pop
17 - Blade Slashes
19 - Blade lv1
1A - Blade lv2
1B - Blade lv3
1C - Super Missile Launcher lv1
1D - SML lv2
1E - SML lv3
22 - Nemesis lv1
23 - Nemesis lv2
24 - Nemesis lv3
2B - Spur lv1 (?)
2C - Spur lv2
2D - Spur lv3

I hope it is correct

I guess that's it (for now)...
I hope it helps somebody.
 
Jan 22, 2014 at 6:50 PM
IdioticBaka1824
IdioticBaka1824
Been here way too long...
"Big Joe Tire and Battery Restaurant! Opening Soon! Eat at Big Joes!"
Join Date: Oct 7, 2013
Location: India
Posts: 500
Wow, this is really helpful. Thanks!

By the way, if I guessed correctly you're making a series of these tutorials. How come you started with Machine Gun? I was curious.
 
Jan 22, 2014 at 7:24 PM
Hina
Hina
hi hi
"What're YOU lookin' at?"
Join Date: Oct 17, 2011
Location: probably somewhere else
Posts: 1099
Age: 26
Yes, I'm going to make series.
I started with MG, because it has nice possible modifications. Same applies to Bubbler, but I simply like MG.

And wasn't it you who asked how to make MG fire a stream of bullets in Quick Questions?
 
Jan 22, 2014 at 7:47 PM
IdioticBaka1824
IdioticBaka1824
Been here way too long...
"Big Joe Tire and Battery Restaurant! Opening Soon! Eat at Big Joes!"
Join Date: Oct 7, 2013
Location: India
Posts: 500
Yes, I agree the Machine Gun is nice to modify. Sorry if I sounded strange when I asked.
 
Jan 23, 2014 at 4:17 AM
Polaris
Polaris
Amaya
Discord Group Moderator
"What're YOU lookin' at?"
Join Date: Jan 18, 2013
Location: Somewhere quiet with many birds
Posts: 1118
Age: 25
This looks simple, well made, and easy to understand. I am the excite that someone is finally filling in the holes in Dooey's weapon hacking threads, I think he only got a few done...

I'm looking forward to future posts, Randolf! :D
 
Jan 23, 2014 at 8:08 AM
Ultrasyther
Ultrasyther
Senior Member
"This is the greatest handgun ever made! You have to ask yourself, do I feel lucky?"
Join Date: Feb 2, 2012
Location: Grassland
Posts: 123
Age: 28
That's really cool. Thanks man! As a novice to ASM myself, this kind of stuff is really helpful. A request I have is that maybe someday in the far future if you could do an in-depth on NPC assembly. Otherwise, weapons is nice enough as is.
 
Jan 24, 2014 at 10:29 AM
Hina
Hina
hi hi
"What're YOU lookin' at?"
Join Date: Oct 17, 2011
Location: probably somewhere else
Posts: 1099
Age: 26
When I finish weapons, I may end on NPCs, but considering I'm not good with NPCs, it may fail. Oh, we will see what happens.
I'm glad you like this.

OK, let's go with Polar Star.

Go to 0041DE60 - it's the address of Polar Star (weapon).
p178524-9-mx9owm5.png

Bullets fired at respective levels:
level 1 - bullet 4
level 2 - bullet 5
level 3 - bullet 6
Refer to the bullet list at the top.

p178524-10-0k8i0aw.png

Maximum shots allowed on-screen:
Default 2 (the number next to EAX +1)
BTW, 0041DEAD, nice address
p178524-11-lbojwap.png


Ammo consumed with one shot
Change the PUSHed number.
p178524-12-zayadc4.png

Sound played when out of ammo
p178524-13-jntezth.png

Sounds played when shot
PUSH 31 - level 3
PUSH 20 - level 1 and 2

p178524-14-r5t7xkx.png






BUMP
 
Jan 24, 2014 at 11:38 AM
BLink
BLink
The TideWalker
Modding Community Discord Founder
"That dog!"
Join Date: Apr 5, 2013
Location: In my mind and of my body.
Posts: 1640
Age: 26
Randolf said:
When I finish weapons, I may end on NPCs, but considering I'm not good with NPCs, it may fail. Oh, we will see what happens.
I'm glad you like this.
Click to expand...
I'm doing a HTML based tutorial on NPC's right now.


just so you know.

and good job.
 
Jan 24, 2014 at 12:52 PM
Hina
Hina
hi hi
"What're YOU lookin' at?"
Join Date: Oct 17, 2011
Location: probably somewhere else
Posts: 1099
Age: 26
Good to know. At least I won't have to work on that, heh.

Fireball
Go to address 0041E110 (Fireball - weapon).
p178524-15-cppppbl.png

Maximum bullets allowed on-screen: level 1
The number next to EAX +1 (so, by default 1+1=2)
p178524-16-vlgkhau.png

Bullet fired: level 1
Default: bullet 7
p178524-17-rzna25o.png

Maximum bullets allowed on-screen: level 2
The number next to EAX +1 (so, by default 2+1=3)
p178524-18-yc1bgbp.png

Bullet fired: level 2
Default: bullet 8
p178524-19-q2a8vgc.png

Maximum bullets allowed on-screen: level 3
The number next to EAX +1 (so, by default 3+1=4)
p178524-20-q5qlqz2.png

Bullet fired: level 3
Default: bullet 9
p178524-21-fj0q0fu.png

Ammo consumed with one shot
Default: 1

p178524-22-qh8e9rs.png

Sound played when shot
Default: 22 (hex)
p178524-23-shlbf50.png

Blade
Go to address 0041F580 (Blade - weapon).
p178524-24-geyynfx.png

Blade doesn't allow us to customize the number of allowed shots... We can only go with 0, 1 or unlimited. 0 is a dumb idea (yeehaa I can't shoot, kill me), so if you want unlimited shots. If you want to have unlimited shots, change TEST EAX,EAX to JMP 41F599. Should work.
p178524-25-db31vp9.png

Bullets shot on each level.
Default:
level 1: bullet 19 (hex)
level 2: bullet 1A (hex)
level 3: bullet 1B (hex
p178524-26-gozmixw.png

Sound played when shot
Default: 22 (hex)
p178524-27-d613zdg.png

Nemesis

Here we go. Address 0041F710 (Nemesis - weapon).

p178524-28-upevaah.png


Bullets fired at respective levels
Default:
level 1: bullet 22 (hex)
level 2: bullet 23 (hex)
level 3: bullet 24 (hex)
Now you can make Nemesis get stronger with gaining levels!

p178524-29-6yr8id9.png


Maximum shots allowed on-screen
The number next to ECX +1 (so, by default it's 1+1=2)
p178524-30-xdbz9br.png

Ammo taken when shot
Default 1 (of course). Change the PUSHed number.
p178524-31-c58wadf.png

Sound played when empty
Default: 25 (hex)
p178524-32-ryawcae.png

Sounds played when shot (the PUSHed values)
Default:
level 1: sound 75 (hex)
level 2: sound 31 (hex)
level 3: sound 3C (hex)
p178524-33-fb2mu0m.png
 
Jan 27, 2014 at 6:43 AM
Polaris
Polaris
Amaya
Discord Group Moderator
"What're YOU lookin' at?"
Join Date: Jan 18, 2013
Location: Somewhere quiet with many birds
Posts: 1118
Age: 25
Wow, you just blazed through the last ones. Nice job! =o

...may I request a weapon, though?
 
Jan 27, 2014 at 1:39 PM
Polaris
Polaris
Amaya
Discord Group Moderator
"What're YOU lookin' at?"
Join Date: Jan 18, 2013
Location: Somewhere quiet with many birds
Posts: 1118
Age: 25
Um, I'd like to know a little more about the Missile Launcher, if you could...

And this is more of a general thing, but how would you go about changing the size of a sprite like a bullet or the Loading screen ingame? I know you just resize the bullet and the Loading screen requires changing display somethings if it's larger, but...yeah. I know I should probably ask that in the Quick Hacking thread, but I don't want to for some reason...
 
Jan 27, 2014 at 3:49 PM
Hina
Hina
hi hi
"What're YOU lookin' at?"
Join Date: Oct 17, 2011
Location: probably somewhere else
Posts: 1099
Age: 26
I'll get to the ML right now.

About the sizes, well... I'll PM you.
So...

(Super) Missile Launcher

I will refer to Missile Launcher as ML and Super Missile Launcher as SML.

Go to address 0041E7B0 - Missile Launcher (weapon).
There's also Super Missile Launcher code there.
p178524-34-cajovku.png

Bullets fired: SML
Default:
Lv1: bullet 1C
Lv2: bullet 1D
Lv3: bullet 1E
p178524-35-1ht2tqw.png

Maximum shots allowed on-screen: SML
Level 1 is not so modifiable. It's 0 or unlimited.
For unlimited shots, do this:
0041E817 JMP 0041E820

0041E82A JMP 0041E833
Level 2 is modifiable.
Maximum number of shots allowed is the number next to EAX +1.
Edit both of these.

0041E83F CMP EAX,1

0041E853 CMP EAX,1
Level 3 by default allows 4 shots to be on-screen (EAX +1, again). Which means we can shoot two times, because level 3 shots three bullets at time.
Edit both of these.
0041E869 CMP EAX,3


0041E87D CMP EAX,3
No pictures for this, because these are just single values, and I would need at least six of them for this.

Bullets fired: ML
Default:
Lv1: bullet 0D
Lv2: bullet 0E
Lv3: bullet 0F
p178524-36-9q3ffuv.png

Maximum shots allowed on-screen: ML

Same deal as with SML.

Unlimited level 1 shots:
0041E8E3 JMP 0041E8EC

0041E8F6 JMP 0041E8FF
Level 2 (EAX +1):
0041E90B CMP EAX,1

0041E91F CMP EAX,1
Level 3 (EAX +1):
0041E935 CMP EAX,3

0041E949 CMP EAX,3

Ammo consumed with one shot (levels 1 and 2) (default 1)
p178524-37-btw3v5d.png

Sound played when empty (level 1 and 2) (default 25 (hex))
p178524-38-mnokcpo.png

Ammo consumed with one shot (level 3) (default 1)
p178524-39-6r7xzjy.png

Sound played when empty (level 3) (default 25 (hex))
p178524-40-orrwvrz.png

Shot sound
Default: 20 (hex)
p178524-41-ir2r1xj.png
 
Jan 27, 2014 at 7:08 PM
Polaris
Polaris
Amaya
Discord Group Moderator
"What're YOU lookin' at?"
Join Date: Jan 18, 2013
Location: Somewhere quiet with many birds
Posts: 1118
Age: 25
Thanks a bunch. c:
 
Jan 27, 2014 at 8:46 PM
BLink
BLink
The TideWalker
Modding Community Discord Founder
"That dog!"
Join Date: Apr 5, 2013
Location: In my mind and of my body.
Posts: 1640
Age: 26
Again, wonderful job Randolf.

I guess I better hurry and get that NPC hacking guide out there.
 
You must log in or register to reply here.
Top