Qhimm.com Forums

Miscellaneous Forums => Archive => Topic started by: nijado on 2005-12-28 14:45:55

Title: Disabling the battle swirl?
Post by: nijado on 2005-12-28 14:45:55

anyone know how its done, and more importantly, is willing to tell me how its done? I searched a lot, but couldnt find anything even closely related to it.

Title: Disabling the battle swirl?
Post by: dziugo on 2005-12-28 14:57:28

Some info here (http://forums.qhimm.com/viewtopic.php?t=4382).

dziugo

Title: Disabling the battle swirl?
Post by: nijado on 2005-12-28 19:15:33

what program would one go about to edit the op codes. OllyDbg is what alhexx used, but i dont know if that program can edit it, since its just a debugger. Once i know the program, it all seems really simple

Title: Disabling the battle swirl?
Post by: Sub Xero on 2005-12-28 20:10:07

You can use OllyDbg. Just find the address, then right click on it, click Binary, then Fill with NOP's. Then right click again and select copy to executable.
I suggest you make a backup first.

[EDIT] I have the English/US (are they the same?) version and the opcode is at 00673EDA

Title: Disabling the battle swirl?
Post by: nijado on 2005-12-28 21:54:58

OK, Im officialy confused, theres not just one MOV DX,WORD PTR DS:[ECX] in the ff7.exe theres hundreds, do they all need to be nop'd, since they are th e same command?

also, is there a way to search for opcodes, i can only find how to search for other things like commands.

Title: Disabling the battle swirl?
Post by: Sub Xero on 2005-12-30 17:45:41

Right click and choose Goto->Expression and try 00673EDA
You should end up in this loop:

Code: [Select]


00673EB2  |> 8B4D 08        |/MOV ECX,DWORD PTR SS:[EBP+8]
00673EB5  |. 8B55 C8        ||MOV EDX,DWORD PTR SS:[EBP-38]
00673EB8  |. 0351 14        ||ADD EDX,DWORD PTR DS:[ECX+14]
00673EBB  |. 8955 C8        ||MOV DWORD PTR SS:[EBP-38],EDX
00673EBE  |> 8B45 C8        | MOV EAX,DWORD PTR SS:[EBP-38]
00673EC1  |. 3B45 C0        ||CMP EAX,DWORD PTR SS:[EBP-40]
00673EC4  |. 7D 3E          ||JGE SHORT ff7.00673F04
00673EC6  |. 8B4D D4        ||MOV ECX,DWORD PTR SS:[EBP-2C]
00673EC9  |. 8B55 C8        ||MOV EDX,DWORD PTR SS:[EBP-38]
00673ECC  |. 3B91 54090000  ||CMP EDX,DWORD PTR DS:[ECX+954]
00673ED2  |. 7D 0E          ||JGE SHORT ff7.00673EE2
00673ED4  |. 8B45 BC        ||MOV EAX,DWORD PTR SS:[EBP-44]
00673ED7  |. 8B4D D0        ||MOV ECX,DWORD PTR SS:[EBP-30]
00673EDA  |. 66:8B11        ||MOV DX,WORD PTR DS:[ECX]
00673EDD  |. 66:8910        ||MOV WORD PTR DS:[EAX],DX
00673EE0  |. EB 08          ||JMP SHORT ff7.00673EEA
00673EE2  |> 8B45 BC        ||MOV EAX,DWORD PTR SS:[EBP-44]
00673EE5  |. 66:C700 0000   ||MOV WORD PTR DS:[EAX],0
00673EEA  |> 8B4D 08        ||MOV ECX,DWORD PTR SS:[EBP+8]
00673EED  |. 8B51 14        ||MOV EDX,DWORD PTR DS:[ECX+14]
00673EF0  |. 8B45 D0        ||MOV EAX,DWORD PTR SS:[EBP-30]
00673EF3  |. 8D0C50         ||LEA ECX,DWORD PTR DS:[EAX+EDX*2]
00673EF6  |. 894D D0        ||MOV DWORD PTR SS:[EBP-30],ECX
00673EF9  |. 8B55 BC        ||MOV EDX,DWORD PTR SS:[EBP-44]
00673EFC  |. 83C2 02        ||ADD EDX,2
00673EFF  |. 8955 BC        ||MOV DWORD PTR SS:[EBP-44],EDX
00673F02  |.^EB AE          |\JMP SHORT ff7.00673EB2

You might not land at the exact same point. But you should be in this area.
You only need to NOP the command MOV DX,WORD PTR DS:[ECX] at this specific point.