Qhimm.com Forums
Miscellaneous Forums => Scripting and Reverse Engineering => Topic started by: dziugo on 2005-10-11 21:20:22
-
Yet another boring tech-related-topic by dziugo.
Related link. (http://forums.qhimm.com/viewtopic.php?t=4726)
Note: All offsets are for 1.02 (I think...) version of ff7.exe.
First step - removing the cap
Here it goes... some offsets and a short description:
0x05C7AE2 - HP check when a person which is not in your party levels-up
0x05CE816 - HP check when entering Battle/Menu
0x05D0671 - setting the maximum damage that a monster can do to each of your party member (called three times when entering battle)
0x05DAA92 - setting the maximum damage that a character can do (called whenever it's your character time to attack)
And some other offsets:
0x5F1AA3 - no idea what it does...
0x5F2147 - same as above
0x65362C - dunno what it does
0x6E46E9 - It sets HP to 1 when it exceeds 9999... don't know when it's called (never happened while testing)
How do we remove the cap? It's simple. We change a value which is used in comparisons to some higher one. I used 0x7FFF (32767 decimal).
Second step - displaying values in game
This a tricky part... Everything is hardcoded into ff7.exe, so the only way to make it look better is to find all procedures responsible for drawing those values and change them a little bit.
Here are some of them:
Note: Don't try to decode it. It's unreadable even for me :P (but it looks cool).
call at 0066067A
copy_img_to_scr(x, y, xx, yy, src_address)
call at 006F638C
print_bar(&struct, unknown)
struct{
word: x, y, width, height, new_val, max_val, mode, old_val
dword: rgb_color
}//mode: no_change = 0, healing = 1, damage = 2
call at 006F7346
print_gauge(x, y, progress, height, rgb_color, unknown)
call at 006F7BFB
copyimg(x, y, src_x, src_y, width, height, col1, col2, sth)
call at 006F7346
print_gauge(x, y, progress, height, rgb_color, unknown)
call at 006F9739
write_value(x, y, value, digits, color, unknown)
call at 006F9C44
write_value(x, y, value, digits, color, unknown)
call at 006FA12F
print_box(x1, y1, x2, y2)
Offsets which should be changed to make it look good (only few examples):
006C651A CALL 006F9739 ; displaying current HP in menu
Changes:
006C64F9 PUSH 5 ; forcing FF7 to display 5 digits (default: 4)
006C6516 ADD EDX,1B ; moving that value few pixel to the left
006C6555 CALL 006F9739 ; displaying maximum HP in menu
Changes:
006C6534 PUSH 4 ; frocing FF7 to disply 5 digits
006C6551 ADD EDX,5F ; tweaking...
006C664A CALL 006F7BFB ; displaying backslash between act_HP and max_HP
Changes:
006C6646 ADD EAX,56 ; yeah... moving it a little bit
006C632E CALL 006F638C ; health bar
Changes:
006C62C0 ADD EAX,1C ; moving it a little bit...
006C62D1 MOV WORD PTR SS:[EBP-10],7D ; making it longer...
And a screenshot after applying those:
Link (http://republika.pl/dziugo/images/sth/h.jpg)
Third step - displaying damage
Took me some time to track down the responsible procedures...
Changes:
005BB96B MOV EDX,4
005BB9DF CMP DWORD PTR SS:[EBP-4],5
005BB9F4 MOV EAX,4
005BBA13 MOV EDX,4
005BBA27 MOV EDX,4
005BBA4A CMP DWORD PTR SS:[EBP-4],4
005BBA70 MOV EAX,5
After applying those changes, the damage should be displayed correctly (5-digits when needed).
Last step - Coder needed?
Yeah... If anyone feels like making a patch which will do necessary changes, go ahead. I've got other things to do right now.
dziugo
-
Cool, you've helped us a lot :)
If you save the game with the hacks on and then load it, will the game crash? I tried manually patching the FF7 save file and calculated the checksum, but the game crashed after loading the game. Or actually after I entered the menu, since in the field you won't see the character stats.
-
So we'll see soon patch for breaking those limits? ;]
I've got related question. What software have you used to trace this offsets. I guess that it's skill in first place but I won't believe if you tell me that you used Photoshop or FL Studio ;]
I'm not good at programming/coding but maybe I could find myself useful in your great mission :] (I've a knack for computers ;)) ... And I'm kinda curious how do you do all this 'miracles' ;].
P.S.: Yeah! I'm Cool Newbie! I like that ;]... Better don't post anymore... :D
-
So we'll see soon patch for breaking those limits? ;]
When I'm done with fixing FMVs crashes.
I've got related question. What software have you used to trace this offsets. I guess that it's skill in first place but I won't believe if you tell me that you used Photoshop or FL Studio ;]
Can't afford Photoshop (for now :roll:). I used ollydbg but any debugger will do. Right now I'm testing MemoryHackingSoftware (http://www.0kuntz.com/l-spiro/) by L.Spiro and I must admit, that it has some cool unique features (things that I had to do manually with ollys can be done with few mouseclicks in MHS), so if you want to start (and help the community), get a hand on it and some tutorial which will introduce you into assembler and/or debugging programs.
I'm not good at programming/coding but maybe I could find myself useful in your great mission :] (I've a knack for computers ;)) ... And I'm kinda curious how do you do all this 'miracles' ;].
If you're curious, then it's more than enough to start. Get some debugger and try to modify the code (you can use offsets that I posted), see what is changing and how... Just mess with it. When you're ready or have any questions/problems gimme a shout.
dziugo
P.S. Good to see another person from Poland :P
-
so if you want to start (and help the community), get a hand on it and some tutorial which will introduce you into assembler and/or debugging programs.
I'll give it a try, thx.
Just mess with it. When you're ready or have any questions/problems gimme a shout.
So better be ready for my attack in near future ;]
P.S. Good to see another person from Poland
And vice versa :)
-
I'd be happy to write the patch (if it hasn't already been done or started), I'll probably start it sometime in the next 2 days (my day off).
edit: oops, just realized l.spiro developed memory hacking software, not you, sorry.
-
Speaking of which, my site moved to http://www.memoryhacking.com so it will be there now.
And thank you for the support.
L. Spiro
-
valis wrote:
I'd be happy to write the patch (if it hasn't already been done or started), I'll probably start it sometime in the next 2 days (my day off).
That be great for confused people myself who doesnt understand the above. Don't give up please, make that patch.
-
thankyou L. Spiro, I'd been searching everywhere for a copy of it but all the links I had come across were broken. (I don't know why google didn't turn up memoryhacking.com)
It sounds like a great piece of software, I'm eager to try it out.
-
I'd be happy to write the patch (if it hasn't already been done or started), I'll probably start it sometime in the next 2 days (my day off).
AFAIK, it hasn't been done (or started), so go ahead :P.
dziugo
-
I really did like to try this out, but Im no good with hacking stuff.
-
Actually I was planning to do it myself, since I have some free time :P.
dziugo
-
Hey, are you using a program called resource hacker?
-
Did anyone make a patch or tutorial of this yet?
Ijusttried this, butdidnt manage it.
I have the olly debugger and applied those things you said (dzuigo) but what next?
I dunno how to save or sth like that the changes.
Pls help me,
Grisu
-
Noone?
-
check the Dialog Box Transparency Thread, I think he put the two patches together
-
check the Dialog Box Transparency Thread, I think he put the two patches together
I put a patcher there (Skerb.exe) which will be used to apply this modification. Let's just call it a demo of what it's capable of :P. The patch itself will be released when it's done... Sorry, but you'll have to wait if you want to see it...
dziugo or dzuigo, whatever...
-
So, doies the skerb have the function to break the 9999 limit?
-
So, doies the skerb have the function to break the 9999 limit?
dziugo's reply:
I believe that I've already mentioned, that it doesn't. It won't even touch your ff7.exe without a patch file. While Skerb.exe is a patcher, it requires *.srb file to patch other files.
dziugo's reply translated for Grisu:
No, it doesn't have that function.
dziugo
-
Sorry that i didnt understand this, im not english...
-
Sorry that i didnt understand this, im not english...
Skerb can't be used to break the 9999 HP limit
Cyb
-
i just understood what he said last but i meant i didnt understand
dziugo's reply:
I believe that I've already mentioned, that it doesn't. It won't even touch your ff7.exe without a patch file. While Skerb.exe is a patcher, it requires *.srb file to patch other files.
sry, im really not good at english..
-
Looks pretty cool. Can you go over the 999 mp limit (not that yoiu need it)? lol
-
Looks pretty cool. Can you go over the 999 mp limit (not that yoiu need it)? lol
Even above 9999.
BTW: the patch is coming :). It just needs some tests.
dziugo
-
Looks pretty cool. Can you go over the 999 mp limit (not that yoiu need it)? lol
Even above 9999.
BTW: the patch is coming :). It just needs some tests.
dziugo
The power of all that is good compels you to release the patch! (shakes mountain-priest prayer beads)
Seriously though, I can't thank you enough for just taking my suggestion like this. It's like a dream come true.
-
well if you want somebody to help beta test it I can help with that.
-
the question is how to implement this in to the actual game.
Also I am assuming if you level up and your base or actual HP on level up goes beyond 9999 that will also work with the patch?
-
Would it be possible to break the level limit? I would think that it would screw up your stats because of the max being 255 but if it could be done it would save the trouble of filling your entire weapons and armour with hp+ materia, lol.
-
It depends on how the level is stored. If 8 bit .. that won't work. If 16 bit it's possible. Since you say it's 255 then it's likely 8 bit. Leveling beyond that will set your level to 0 instead.
Cyb
-
Can the HP and MP go to 99.999?
-
Levels are stored as 1 byte and have a maximum value of 255.
HP can go to 99,999. MP can not.
Don’t revive dead topics.
エル スパイãƒ