-
Contributor
[0.1.62115] Offsets
<removed, you go figure it out>
Last edited by ejt; 10-05-2021 at 02:55 PM.
Reason: removed
-
Post Thanks / Like - 10 Thanks
-
Member
Any idea how we can apply these patches using Ferib's method of bypassing crc32 checks?
We've got a text file that should make it pretty easy to apply additional patches... it looks like this:
Code:
0xD4AD68:9090
0xD4E25F:909090909090
0xCAFB9D:90B001
0x597E1C:90909090909090
0xC5E81C:9090C346455242: ~ MP stack corruption bypass
0xD615F2:909090909090909090909090909090909090909090909090909090: ~ show all calsses on load (shalzuth)
0x39FC03:9090909090909090909090909090909090909090: ~ allow chars to load (shalzuth)
I want to do something like this to display item levels:
0x1EE2990:871
-
Contributor
You need to modify the memory using cheat engine or some other software that can modify it. It is a 8-bit integer, 0 = false 1 = true
-
Member
Ah, ok... never mind I figured it out.
adding
0x1EE3201:90
to patches.txt will make item levels show
I'm still testing the rest
NOTE: Using this approach will not work in any version since I posted this. There is a race condition causing them to be overwritten. The suggested approach is to use Cheat Engine to modify these values manually.
0x1EE3200:90: ~ allowLadderRunewords
0x1EE3201:90: ~ displayItemLevel
0x1EE31FF:90: ~ allowCowPortalWhenCowKingWasKilled
0x1EE3203:90 ~ enableUberQuest
0x1EE3202:90: ~ allowStatUnassignment
0x1EE3204:90: ~ allowSkillUnassignment (doesn't seem to be working)
0x1EE320D:90: ~ enableWorldEventOffline (Assume Uber Diablo - haven't tested)
0x1EE320E:90: ~ enableMultipleHirelings
//0x1EE3211:90: ~ worldEventMonsterClass (probably needs correct ID for Uber Diablo)
//0x1EE3215:90: ~ worldEventGlobalMessage (probably needs correct ID for the string to reference)
//0x1EE3315:90: ~ worldEventGlobalSound (probably needs correct ID for audio file to reference)
Last edited by Crazyloon; 04-19-2021 at 11:26 AM.
-
Post Thanks / Like - 3 Thanks
-
Member
+0x870 = allowLadderRunewords
0x1EE3200:90: ~ allowLadderRunewords
can confirm ladderrunewords are enabled!
Ty sir @ejt
-
Member
Thank you!!
Any chance you could find a patch to enable "alwaysRegenMapInSP"?
EDIT:
0x1EE31FC:90: ~ AlwaysRegenMapInSP
This seems to be the switch but it doesn't seem to do anything.
Last edited by ZeltMarv; 04-16-2021 at 08:40 PM.
-
Contributor
Originally Posted by
ZeltMarv
Thank you!!
Any chance you could find a patch to enable "alwaysRegenMapInSP"?
EDIT:
0x1EE31FC:90: ~ AlwaysRegenMapInSP
This seems to be the switch but it doesn't seem to do anything.
Are you sure you understand what it should do?
Given the name I think setting it to 1 will make it so you get a new map seed every time you save and exit.
Edit: If you insist on using the patch.txt file for making changes to the .data memory section, at least use 01 instead of 90 when setting a 8-bit integer to true.
-
Member
@ejt what was your technique for finding these values and their purpose? I would like to find others. Specifically, EnableLadderUniqueItems
-
Contributor
Originally Posted by
Crazyloon
@
ejt what was your technique for finding these values and their purpose? I would like to find others. Specifically, EnableLadderUniqueItems
Just lurking around in IDA and trying to figure out what stuff does, searching for strings and going down the rabbit hole.
-
Contributor
<removed, you go figure it out>
Last edited by ejt; 10-05-2021 at 02:56 PM.
-
Post Thanks / Like - 3 Thanks
-
Member
Originally Posted by
Crazyloon
Ah, ok... never mind I figured it out.
adding
0x1EE3201:90
to patches.txt will make item levels show
I'm still testing the rest
0x1EE3200:90: ~ allowLadderRunewords
0x1EE3201:90: ~ displayItemLevel
0x1EE31FF:90: ~ allowCowPortalWhenCowKingWasKilled
0x1EE3203:90 ~ enableUberQuest
0x1EE3202:90: ~ allowStatUnassignment
0x1EE3204:90: ~ allowSkillUnassignment (doesn't seem to be working)
0x1EE320D:90: ~ enableWorldEventOffline (Assume Uber Diablo - haven't tested)
0x1EE320E:90: ~ enableMultipleHirelings
//0x1EE3211:90: ~ worldEventMonsterClass (probably needs correct ID for Uber Diablo)
//0x1EE3215:90: ~ worldEventGlobalMessage (probably needs correct ID for the string to reference)
//0x1EE3315:90: ~ worldEventGlobalSound (probably needs correct ID for audio file to reference)
I extracted the CASC storage and it seems the game uses the classic patchstring.tbl, so if it works the game should show it.
if we could some way to modify the CASC or make game.exe load "local files" we could test more things.
If we can access the CASC, we won't need the next beta test either, just mod the current game with the next CASC.
-
Post Thanks / Like - 1 Thanks
Flamberge (1 members gave Thanks to lanzajamones for this useful post)
-
Contributor
<removed, you go figure it out>
Last edited by ejt; 10-05-2021 at 02:56 PM.
-
Post Thanks / Like - 1 Thanks
lanzajamones (1 members gave Thanks to ejt for this useful post)
-
There is one function making use of that configuration offset, xref that function and you will be able to find plenty of functions making use of that function.
For those who didn't know yet, the return value (the configStruct in our case) will be stored in register RAX when the function returns.
func sig:
Code:
48 83 EC ?? E8 ?? ?? ?? ?? 48 C7 C1 FF FF FF FF
FYI these patches are located in the .data section and do not need any special type of bypass AFAIk.
Any fool can write code that a computer can understand. good programmers write code that humans can understand.
-
Post Thanks / Like - 1 Thanks
lanzajamones (1 members gave Thanks to MrNoble for this useful post)
-
Contributor
<removed, you go figure it out>
Last edited by ejt; 10-05-2021 at 02:56 PM.
-
Post Thanks / Like - 2 Thanks
-
Member
I find this very interesting. I wonder if we can figure out how to turn the console on and see if there is any interesting information in there.
possible_console.png
How do you find a memory offset for something like this in Cheat Engine? I understand, in Cheat Engine, we can manually add an address if we know the offset.
So how did you go from something like this in IDA:
.rdata:0000000141A1B528 aAllowladderrun db 'allowLadderRunewords',0
to something like this in Cheat Engine:
game.exe+0x1EE3200