Heroes of Might and Magic Community
visiting hero! Register | Today's Posts | Games | Search! | FAQ/Rules | AvatarList | MemberList | Profile


Age of Heroes Headlines:  
5 Oct 2016: Heroes VII development comes to an end.. - read more
6 Aug 2016: Troubled Heroes VII Expansion Release - read more
26 Apr 2016: Heroes VII XPack - Trial by Fire - Coming out in June! - read more
17 Apr 2016: Global Alternative Creatures MOD for H7 after 1.8 Patch! - read more
7 Mar 2016: Romero launches a Piano Sonata Album Kickstarter! - read more
19 Feb 2016: Heroes 5.5 RC6, Heroes VII patch 1.7 are out! - read more
13 Jan 2016: Horn of the Abyss 1.4 Available for Download! - read more
17 Dec 2015: Heroes 5.5 update, 1.6 out for H7 - read more
23 Nov 2015: H7 1.4 & 1.5 patches Released - read more
31 Oct 2015: First H7 patches are out, End of DoC development - read more
5 Oct 2016: Heroes VII development comes to an end.. - read more
[X] Remove Ads
LOGIN:     Username:     Password:         [ Register ]
HOMM1: info forum | HOMM2: info forum | HOMM3: info mods forum | HOMM4: info CTG forum | HOMM5: info mods forum | MMH6: wiki forum | MMH7: wiki forum
Heroes Community > Heroes 5 - Modders Workshop > Thread: Level hex editing
Thread: Level hex editing This thread is 5 pages long: 1 2 3 4 5 · «PREV / NEXT»
CrazyPill
CrazyPill


Hired Hero
posted April 11, 2008 06:25 PM

Anybody knows about cheating software like Artmoney? So use it. In H5_Game.exe you'll find only values for levels from 0 to 12. Other level expirience values are calculated during game runtime.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 06:30 PM

Hey CrazyPill

How exactly do you use ArtMoney to do that? Because that program displays the run-time addresses (I know they have an offset), but then the memory could also be dynamically allocated.. I'm not much into reverse engineering but I only use disassemblers for that purpose.

can you briefly explain how to do it with ArtMoney?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
CrazyPill
CrazyPill


Hired Hero
posted April 11, 2008 07:09 PM

OK.
1. Run ArtMoney.
2. Run Heroes.
3. Start any map.
4. Alt+Tab to Artmoney
5. Find 2 values sequence in Heroes 5 process. I use 3e8(1000 decimal) and 7d0(2000  decimal). You'll get 3 results. Result with highest memory address should be the right one. And you can remember this address - it is constant for every game version.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 07:11 PM

Yes but I thought you'd modify the application file (.exe), or not? (but that's probably cheap as you can simply subtract the offset (usually 0x00400000 or something) and find the real offset in the file).

I tried the above method for other games and never got any results maybe in Heroes it's less 'protected'

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 07:12 PM

So how does the memory address whilst the game is running relate to the part that needs changing in the exe? (Please forgive a n00b .)
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 07:13 PM

Ah right, there's a standard amount to subtract is there?
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 07:14 PM

actually that can be modified (but programmers usually never do it as it's a too subtle 'finishing touch' and too lazy for that) -- it's somewhere in the exe format, but usually it's a standard number (also I don't remember if it's exactly the one I posted, coz I didn't do a disassembly in a long time).

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 07:31 PM
Edited by Gnoll_Mage at 19:35, 11 Apr 2008.

So the numbers we're looking at here are per-program i.e. the number refers to an address within the HoMM5 address space?

So the program code is loaded in somewhere, and there is also data stored in another bit of memory, and the stack too?
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
CrazyPill
CrazyPill


Hired Hero
posted April 11, 2008 07:34 PM

This memory range exist only in memory. Windows executable PE format allows different sizes of sections on disk and in memory.

Patching exe file is much more complicated in this case, because you have to inject data table instead part of code of function calculating those values.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 07:36 PM

So is it possible to edit those experience levels?
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
yasmiel
yasmiel


Supreme Hero
Former Chessmaster
posted April 11, 2008 08:02 PM
Edited by yasmiel at 20:13, 11 Apr 2008.

I've been able to hex edit first 12 levels so far, but no luck for further values so far, since they are referenced through, not directly written as a value, as Crazy Pill indicated.
I was hoping that increments the formula uses are written down as Floats, but there is no trace of 2.7, 1.7 or similar floats.
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Warmonger
Warmonger


Promising
Legendary Hero
fallen artist
posted April 11, 2008 08:16 PM

I suppose you did check 10% and things like these 170%?

Anyway, I'm glad someone is still working on it. Now I have to keep fingers crossed, as my knowledge about these issues is little
____________
The future of Heroes 3 is here!

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 08:19 PM

Quote:
I've been able to hex edit first 12 levels so far, but no luck for further values so far, since they are referenced through, not directly written as a value, as Crazy Pill indicated.
If they're calculated with a formula, you'll really need a disassembler to find the algorithm (asm instructions) that compute this, but it'll be a hell, and not only that, but also could be impossible (if the size doesn't fit the new algorithm, you will need to inject, and that doesn't always work).

But let's say there are the increments -- did you try some fixed point representations? (you said you tried float)

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 08:39 PM
Edited by Gnoll_Mage at 20:40, 11 Apr 2008.

How are floats and fixed-points represented as hex / binary?

Could you search for 0.7 maybe?
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 08:47 PM

Fixed point means something like "2.5" but with a fixed number of bits assigned to the 'fractional part' and a fixed number of bits assigned to the 'whole part'. Problem is of course that you do not know how many are for the parts, and for that matter the total number of bits (but that's usually a multiple of a byte, word or double word). Note that I do not claim this is necessarily easy, and in fact I probably would give up (if I were to do it), but it's still an option that should be tried if all else fails.

Floating point is a lot more complicated -- you can search "IEEE floating point standard" to get some articles that explain it, but manually it's quite hard to 'see' or 'encode' a specific value (especially since it's in binary and most people are used to decimal). Personally I use FASM (flat assembler) to encode floats, but that's probably beyond your knowledge (an assembler is like a compiler, encodes programs from source code).

Basically Float has a mantissa (usually with 23 bits) filling the lower bits -- this mantissa is like the 'significand' (or however it's spelled in math). The left-most bit of the mantissa is implied to be '1', so it is not stored, but watch out for this nonetheless! You multiply this mantissa by 2^n to get the 'true' value. 'n' is called the exponent, which is stored in 8 bits, but it is 128-biased (not with two's complement as normal integers usually are). The final bit is the sign (positive if 0, negative if 1).

(ps: the above information on float (i.e the number of bits) might not be correct but it's what I remember at the moment, didn't consult the specifications).

(probably this post doesn't make much sense, does it?)

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
yasmiel
yasmiel


Supreme Hero
Former Chessmaster
posted April 11, 2008 08:53 PM
Edited by yasmiel at 20:57, 11 Apr 2008.

Yes, i can search for 0.7, but we need 2.7 or 1.7. After all, thats how percentages in the game are shown. (i.e expert gating is 0.45 written down as a floating point)

Anyway, I'm checking for double precision (64-bit) floating point representations now and there seem to be some matches but will need further checking (it could be something completely irrelevant, in fact that is even more likely )

And btw, i do not feel so good to try doing fixed points

Floating points will do, then I'm off to checking for some easier findings like changes.

Btw, doing this for one day has its nostalgy charm (reminding me of good old Motorola 68000 ASM, but i figure i will be bored again in a halfday or so ))
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
CrazyPill
CrazyPill


Hired Hero
posted April 11, 2008 09:10 PM
Edited by CrazyPill at 22:45, 11 Apr 2008.

OMG. Stop flooding forum. There is HC for personal questions. 2 float point single precision constants are used in those formulas 1.2 and 0.1

EDIT1: Precisely expirience grow is 1.2 for levels 13 to 24 and (lv - 13)*0.1 for levels 25 to 40. So if you alter these constants you can tune up grow coeff.

EDIT2: Knowing this info cannot help. Constants are shared between several functions :-(

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
TheDeath
TheDeath


Responsible
Undefeatable Hero
with serious business
posted April 11, 2008 09:11 PM

How do you know?
If you have discovered the instructions for the formula, can you please post them?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
yasmiel
yasmiel


Supreme Hero
Former Chessmaster
posted April 11, 2008 09:13 PM
Edited by yasmiel at 21:56, 11 Apr 2008.

Yes, posting them would help more than yelling when we go in the wrong direction (which can happen alot if doing this "blindly" like I am now).

So, help if you can.

EDIT:
Btw, these do not count as personal questions, they are in a thread that responds to particular question, and any post that brings us closer to solution is wanted, not considered spam).

Seems you are much more familiar with the h5 code than we are, but sharing the info in the forum is preferred to personal mailings.

Anyway, thanks for the help so far!
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Gnoll_Mage
Gnoll_Mage


Responsible
Supreme Hero
posted April 11, 2008 11:00 PM
Edited by Gnoll_Mage at 23:03, 11 Apr 2008.

Yes indeed, I wouldn't want to be missing out on all this, and we need your knowledge CrazyPill! How did you find out all that stuff you wrote?

@TheDeath - I understand! Thanks.
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Jump To: « Prev Thread . . . Next Thread » This thread is 5 pages long: 1 2 3 4 5 · «PREV / NEXT»
Post New Poll    Post New Topic    Post New Reply

Page compiled in 0.0326 seconds