Heroes of Might and Magic Community
visiting hero! Register | Today's Posts | Games | Search! | FAQ/Rules | AvatarList | MemberList | Profile


Age of Heroes Headlines:  
5 Oct 2016: Heroes VII development comes to an end.. - read more
6 Aug 2016: Troubled Heroes VII Expansion Release - read more
26 Apr 2016: Heroes VII XPack - Trial by Fire - Coming out in June! - read more
17 Apr 2016: Global Alternative Creatures MOD for H7 after 1.8 Patch! - read more
7 Mar 2016: Romero launches a Piano Sonata Album Kickstarter! - read more
19 Feb 2016: Heroes 5.5 RC6, Heroes VII patch 1.7 are out! - read more
13 Jan 2016: Horn of the Abyss 1.4 Available for Download! - read more
17 Dec 2015: Heroes 5.5 update, 1.6 out for H7 - read more
23 Nov 2015: H7 1.4 & 1.5 patches Released - read more
31 Oct 2015: First H7 patches are out, End of DoC development - read more
5 Oct 2016: Heroes VII development comes to an end.. - read more
[X] Remove Ads
LOGIN:     Username:     Password:         [ Register ]
HOMM1: info forum | HOMM2: info forum | HOMM3: info mods forum | HOMM4: info CTG forum | HOMM5: info mods forum | MMH6: wiki forum | MMH7: wiki forum
Heroes Community > Heroes 3.5 - WoG and Beyond > Thread: How to edit HotA?
Thread: How to edit HotA? This Popular Thread is 118 pages long: 1 10 20 30 40 50 60 70 ... 72 73 74 75 76 ... 80 90 100 110 118 · «PREV / NEXT»
FfuzzyLogik
FfuzzyLogik


Known Hero
posted May 03, 2020 07:51 PM
Edited by FfuzzyLogik at 19:58, 03 May 2020.

Hello,

I searched using informations given to erase plague time :
Its written : 0C8C53 to 90 90 90 90 90 (default: 83 F8 09 7F 1B). So in there we have many things to help in case of "not finding" or doubts. Adress and what must normally be written.

First of all, "are you using the same version" ?
If the person who gave you adress was using some other exe, adress may be little different ! Here, not sure ?

I searched at the location 0c8c53 and didn't find what you're supposed to (according to the informations) ! Damned we're doooooomed ! Or maybe not ?

Two solutions then (the third is to give up but NO better die than surrend to make a great mod !) :
- Or the adress is correct and the indications are wrong (it may happen if you type quite fast) ;
- Or the adress isn't correct because the localisation isn't the same in the version used (HoTA instead of SoD maybe ?).

Solution there : Search for 83 F8 09 7F 1B if its the right thing to change. Care of finding something "near" the right adress (in the exe it may be more than one time this 83 F8 09 7F 1B but fortunately, its long enough to hope there isn't too many of them.)
I found it at adress 0c8f93 in my standard SoD game exe.
After saving the exe, you can change as written by 90 90 90 90 90 and test if plague happens...

Tell us if it worked !
Good evening.
____________
FfuzzyLogik.

If I'm crazy ? Sure, because its madness to be normal...

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 03, 2020 08:06 PM

Maurice said:
OxFEA said:
If we say about HotA then bug with Elementalists was fixed (also for Navigator's purposes, yes). At the game start hook with additional check will be placed at mem:004DAFE4.


That's good to know! I haven't yet explored the HotA hook, though, so thanks for that pointer . Even though I am currently exploring the H3HotA.exe, I am still rummaging through the H3 SoD section, so whatever HotA then changes to that is something I haven't explored yet.

And by the way, if I haven't said so already, thanks for providing the download of the Hex Rays decompiled Heroes 3 exe. It's been a tremendous help for me to understand just how the game works. The translated variables and data structures within that decompilation enhance that even further. I did see some sections weren't properly decompiled, unfortunately. Next to that, I am running IDA Pro 5.0, the freeware version, which had very little problems disassembling the H3HotA.exe file, but it fails to properly recognize jump tables, messing up the function buildup . Still, I think I got it mostly cleaned up by manually telling IDA to build the missing functions. Comparing the disassembled code with the decompiled code has allowed me to trace stuff pretty nice .

That being said, a bit more info:

0x00047CE1h: 06h, the Spell Power with which Master Genies cast their Spells.
0x00047CE3h: 02h, the School Skill Level with which they cast it (02 is Advanced Level).
The game checks the target for the Master Genie's spell, then loops through all Combat Spells and picks one spell at random (all at a weight of 1) out of the spells available to be cast on that target.

0x00047F66h: 03h, the Spell Power with which Enchanters cast their Spells.
0x00047F68h: 03h, the School Skill Level with which they cast it (03 is Expert Level).

Like with the Faerie Dragons, Enchanters also have a data range within the .exe which determines which spells they can cast and at what weight for each. Starting from address 0x002608B8h, the following byte string exists:
35 00 00 00 0F 00 00 00 1C 00 00 00 0A 00 00 00 36 00 00 00 0A 00 00 00 2E 00 00 00 0F 00 00 00 2B 00 00 00 05 00 00 00 29 00 00 00 0F 00 00 00 25 00 00 00 0A 00 00 00 2D 00 00 00 04 00 00 00 FF FF FF FF

Separating them, we get:
35 00 00 00 0F 00 00 00
1C 00 00 00 0A 00 00 00
36 00 00 00 0A 00 00 00
2E 00 00 00 0F 00 00 00
2B 00 00 00 05 00 00 00
29 00 00 00 0F 00 00 00
25 00 00 00 0A 00 00 00
2D 00 00 00 04 00 00 00
FF FF FF FF

The FF FF FF FF entry acts as a stopper when the game is adding the various weights together. The total weight sum is 84 in this case, which means that the chances for each Spell aren't the values as listed above, but rather as (Spell weight)*100/84. Translating the above spell ID's and calculating the chances, we get:
Haste: 17.86% chance
Air Shield: 11.90% chance
Slow: 11.90% chance
Stone Skin: 17.86% chance
Bloodlust: 5.95% chance
Bless: 17.86% chance
Cure: 11.90% chance
Weakness: 4.76% chance
By manipulating the Spell ID's and the weights, you can change what the Enchanters are casting.

Update:
Some more spell casting info on creatures.

Faerie Dragons
Spell Power is 5 * the number of Dragons in the stack. Unfortunately, the number '5' isn't embedded as a value, but rather handled through an OPCODE. At address 0x00048370h - 0x00048372h, you'll find the OPCODE 8D 04 80. This tells the CPU to fill the register EAX with the value [ EAX + EAX * 4 ], essentially multiplying the value in the register by 5. As the multiplier of 4 is implicit through the OPCODE, it can't be manipulated straight away. However, two other options exist: 8D0440 and 8D04C0. The first OPCODE does [ EAX + EAX * 2 ], essentially multiplying stack size by 3. The second does [ EAX + EAX * 8 ], essentially multiplying stack size by 9.
0x00048375h: 02h, the School Skill at which the spell is cast; 2 is Advanced Skill.

The four upgraded Elementals can cast the Protection spell belonging to their Element. They have a Spell Power and School Level defined as well.

Storm Elementals:
0x00048388h: 06h is the Spell Power
0x0004838Ah: 02h is the Spell School Level
0x00048391h: 1Eh is the ID for the spell in question. Value 1Eh is 30, the ID for Protection from Air.

Ice Elementals:
0x00048398h: 06h is the Spell Power
0x0004839Ah: 02h is the Spell School Level
0x000483A1h: 20h is the ID for the spell in question. Value 20h is 32, the ID for Protection from Water.

Energy Elementals:
0x000483A8h: 06h is the Spell Power
0x000483AAh: 02h is the Spell School Level
0x000483B1h: 1Fh is the ID for the spell in question. Value 1Fh is 31, the ID for Protection from Fire.

Magma Elementals:
0x000483B8h: 06h is the Spell Power
0x000483BAh: 02h is the Spell School Level
0x000483C1h: 21h is the ID for the spell in question. Value 21h is 33, the ID for Protection from Earth.

Something similar exists for Ogre Mages:
0x000483C8h: 06h is the Spell Power
0x000483CAh: 02h is the Spell School Level
0x000483D1h: 2Bh is the ID for the spell in question. Value 2Bh is 43, the ID for Bloodlust.


Hello,

I can't seem to fint these parameters.

For example I'm searching to disable the moth of Plague offset 0C8C53.

In my HexEditor I have 000C8C50 only. Am I missing something?

I am willing to learn, but my Learning Skill is (below) Basic.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 03, 2020 08:12 PM

FfuzzyLogik said:
Hello,

I searched using informations given to erase plague time :
Its written : 0C8C53 to 90 90 90 90 90 (default: 83 F8 09 7F 1B). So in there we have many things to help in case of "not finding" or doubts. Adress and what must normally be written.

First of all, "are you using the same version" ?
If the person who gave you adress was using some other exe, adress may be little different ! Here, not sure ?

I searched at the location 0c8c53 and didn't find what you're supposed to (according to the informations) ! Damned we're doooooomed ! Or maybe not ?

Two solutions then (the third is to give up but NO better die than surrend to make a great mod !) :
- Or the adress is correct and the indications are wrong (it may happen if you type quite fast) ;
- Or the adress isn't correct because the localisation isn't the same in the version used (HoTA instead of SoD maybe ?).

Solution there : Search for 83 F8 09 7F 1B if its the right thing to change. Care of finding something "near" the right adress (in the exe it may be more than one time this 83 F8 09 7F 1B but fortunately, its long enough to hope there isn't too many of them.)
I found it at adress 0c8f93 in my standard SoD game exe.
After saving the exe, you can change as written by 90 90 90 90 90 and test if plague happens...

Tell us if it worked !
Good evening.


Ok, this HAS helped.

So aparently in the tutorial supplied at http://btb2.free.fr/misc/h3_hacking.txt is applicable for HotA, I'm using SoD. That's why the huge headaches and time loss.. Darn.

Thanks again FfuzzyLogik. Thumbs up!

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
BTB
BTB


Famous Hero
Moist & Creamy
posted May 03, 2020 09:23 PM
Edited by BTB at 21:33, 03 May 2020.

SilverG said:
So aparently in the tutorial supplied at http://btb2.free.fr/misc/h3_hacking.txt is applicable for HotA, I'm using SoD. That's why the huge headaches and time loss.. Darn.


I've never touched HotA. Everything I do is SoD.

I do, however, state in the beginning that HD Mod should be used:

Quote:
The HD+ fan mod (NOT to be confused with the official HD mod, which should never, under any cirsumstances, ever be used) upgrades the game's graphics as well as its interface. It's important from a modding perspective since the new .exe file that it generates will restructure some of the internal code, making several of the hex edits discussed in this file possible. The unofficial "Horn of the Abyss" patch is based on the structure of HD+ and so will also work... sort of.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 04, 2020 09:59 PM
Edited by SilverG at 22:24, 04 May 2020.

I have tested Estates/Learning/Mysticism on H3.exe (not HD) found the respective Offset(h) and made some changes and it works.

Now, I don't know if this already exists, but here are some Skills and their respective offsets(h) in Heroes3.exe (Complete, non HD).

Logistics: 23E9B8 - 00 00 00 00 cd cc cc 3d cd cc 4c 3e 9a 99 99 3e
Necromancy: 23E9F8 - 00 00 00 00 cd cc cc 3d cd cc 4c 3e 9a 99 99 3e
Offense: 23EA68 - 00 00 00 00 cd cc cc 3d cd cc 4c 3e 9a 99 99 3e
Armorer: 23EA78 - 00 00 00 00 cd cc 4c 3d cd cc cc 3d 9a 99 19 3e
Intelligence: 23EA88 - 00 00 00 00 00 00 80 3e 00 00 00 3f 00 00 80 3f
Resistance: 23EA48 - 00 00 00 00 cd cc 4c 3d cd cc cc 3d cd cc 4c 3e

As mentioned before, I don't know if these parameters have been mentioned in an earlier post, but I just thought I'd mention them for future noob hex editors to come.

Not sure about the Sorcery skill, didn't find it.

Now a question, how can I find the Artifacts?

And how can I make Scouting into what it is in WoG?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
FfuzzyLogik
FfuzzyLogik


Known Hero
posted May 04, 2020 10:17 PM
Edited by FfuzzyLogik at 22:32, 04 May 2020.

Hello,

What do you search for artifacts ?
BTB made a recapitulative document where many things are written.

I don't remember who found/ask about it (Maurice or/and RoseKavalier).
As I don't know what you search about, I can't "answer".

For "caracteristics" added, they are in the same order than they are in game editor (maybe few changes at the end but a list is placed in BTB's guide for each).
For artifact when found adress in guide (centaur's axe is first after spellbook) : 4 bytes first Attack bonus, then Defend bonus then Spell Power and Knowlege added.

Example : 02 00 00 00 (Centaur's axe start at 23e774)

For other attributes (immune to something, add some mana) all depends, its hardcoded. You can find the adresses we know in same document.

Sorcery isn't at 23ea78 ? (Near for you) Its 5%-10%-15%.
so if you search to write this with converter :
(Oxfea gave this adress for converter : https://www.h-schmidt.net/FloatConverter/IEEE754.html)
5% (0,05) : 3d 4c cc cd
10% (0,1) : 3d cc cc cd
15% (0,15): 3e 19 99 9a
Don't forget to reverse bytes... And you normally search :
00 00 00 00 cd cc 4c 3d cd cc cc 3d 9a 99 19 3e
____________
FfuzzyLogik.

If I'm crazy ? Sure, because its madness to be normal...

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 04, 2020 10:49 PM

Well, I'm just trying to experiment with Cape of Velocity

I wanted firstly to change the bonus from +2 to +4... but can't.

In the tutorial it says:

The +2 unit speed bonus is located at 0E5DD4 & 0E6655 (both must be changed)

But all I have when I enter:

0E5DD4  - 45 08 89 81 16 01 00 00 5D C2 04 00 56 8B F1 83

And

0E6655 - 83 C0 04 89 46 08 5E 5B 8B E5 5D C2 04 00 50 50

So what from here is the +2 bonus?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
FfuzzyLogik
FfuzzyLogik


Known Hero
posted May 04, 2020 10:52 PM
Edited by FfuzzyLogik at 22:55, 04 May 2020.

Are you sure you're at right adress ? You get the same version or sticked with some other ?
Here having other version doesn't help to find...
Here I don't know where it is and search a "2" is far harder than something complex... As they could be plenty of these values...
And obviously, +4 ?! Mod at your own wishes but is it intresting to make some items mega strong ?
____________
FfuzzyLogik.

If I'm crazy ? Sure, because its madness to be normal...

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
BTB
BTB


Famous Hero
Moist & Creamy
posted May 04, 2020 11:11 PM

@SilverG

You're looking at the vanilla executable. I added an ALL CAPS DISCLAIMER in the last update to my guide that you need to use HD+ mod for a lot of the addresses I provide to be accurate.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 05, 2020 09:10 PM

BTB said:
@SilverG

You're looking at the vanilla executable. I added an ALL CAPS DISCLAIMER in the last update to my guide that you need to use HD+ mod for a lot of the addresses I provide to be accurate.


OK, sorry. Didn't mean to disrespect you in any way.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 05, 2020 09:20 PM

BTW, do we know how the treasure chest works?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
BTB
BTB


Famous Hero
Moist & Creamy
posted May 05, 2020 10:24 PM

SilverG said:
BTB said:
@SilverG

You're looking at the vanilla executable. I added an ALL CAPS DISCLAIMER in the last update to my guide that you need to use HD+ mod for a lot of the addresses I provide to be accurate.


OK, sorry. Didn't mean to disrespect you in any way.


No worries, just trying to make sure you saw.

SilverG said:
BTW, do we know how the treasure chest works?


I don't know what this means.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 05, 2020 10:27 PM

if the data for the treasure chest is located also in the .exe file

you know the chest that gives
1000 gold or 500 exp,
1500 gold or 1000 exp or
2000 gold or 1500exp
1 random minor to major artifact?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Phoenix4ever
Phoenix4ever


Legendary Hero
Heroes is love, Heroes is life
posted May 05, 2020 11:07 PM

Treasure Chests does'nt give minor or major artifacts, only treasure artifacts.
What did you wanna change here?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
43n14n
43n14n

Tavern Dweller
posted May 06, 2020 09:57 AM

Phoenix4ever said:
Treasure Chests does'nt give minor or major artifacts, only treasure artifacts.
What did you wanna change here?


Exactly that...

that there could be a meager chance to get either 1 minor or 1 major artifact.

How can I find the data, and if it's in the .exe?
____________

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
AlexSpl
AlexSpl


Responsible
Supreme Hero
posted May 06, 2020 02:52 PM
Edited by AlexSpl at 04:43, 09 May 2020.

Quote:
that there could be a meager chance to get either 1 minor or 1 major artifact.

You can change the level of artifacts in treasure chests by editing C1B02 (0x02 by default). The chance to not get an artifact from a chest is at C1AEB (0x5F, or 95% by default). You can set this value to any number from 64 (36% to get an aftifact) to 99 (1% to get an arfifact). Values higher than 99 will stop artifacts from being generated in treasure chests.

Actually, you can change this probability to whatever number you like, but it will require editing of the other probabilities (for 1000/1500/2000 gold). Here they are - C1AC3 (0x20 by default), and C1AD9 (0x40 by default).

So, we have 0..31 out of 100 = 32% (1000 Gold/500 Exp), 32..63 out of 100 = 32% (1500 Gold/1000 Exp), 64..94 out of 100 = 31% (2000 Gold/1500 Exp), and 95..99 out of 100 = 5% (Artifact, Treasure) by default.

* * *
Hint
0x01 = Special , 0x02 = Treasure, 0x04 = Minor, 0x08 = Major, 0x10 = Relic.
You even can OR (or, simply, add) them. For example, if you want to get Treasure or Minor artifacts from treasure chests, write 0x02 + 0x04 = 0x06 (06) at C1B02.
Minor or Major? 0x04 + 0x08 = 0x0C (0C), and so on.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
peter1985
peter1985


Hired Hero
posted May 06, 2020 08:06 PM

I need a little help!
When the castle is besieged, there are towers, walls, gates, where can their coordination be set in the exe? Where do the pieces of the Dungeon Castle Wall begin?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 06, 2020 08:12 PM
Edited by SilverG at 20:25, 06 May 2020.

AlexSpl said:
Quote:
that there could be a meager chance to get either 1 minor or 1 major artifact.

You can change the level of artifacts in treasure chests by editing C1B02 (0x02 by default). The chance to not get an artifact from a chest is at C1AEB (0x5F, or 95% by default). You can set this value to any number from 64 (36% to get an aftifact) to 99 (1% to get an arfifact). Values higher than 99 will stop artifacts from being generated in treasure chests.

Actually, you can change this probability to whatever number you like, but it will require editing of the other probabilities (for 1000/1500/2000 gold). Here they are - C1AC3 (0x20 by default), and C1AD9 (0x40 by default).

So, we have 0..31 out of 100 = 32% (1000 Gold/500 Exp), 32..63 out of 100 = 32% (1500 Gold/1000 Exp), 64..94 out of 100 = 31% (2000 Gold/1500 Exp), and 95..99 out of 100 = 5% (Artifact, Treasure) by default.

* * *
Hint
0x02 = Treasure, 0x04 = Minor, 0x08 = Major, 0x10 = Relic.
You even can OR (or, simply, add) them. For example, if you want to get Treasure or Minor artifacts from treasure chests, write 0x02 + 0x04 = 0x06 (06) at C1B02.
Minor or Major? 0x04 + 0x08 = 0x0C (0C), and so on.


Cool, this has helped, you are awseome and gold/exp values are also in the .exe?

I am amazed how you've found the location.

Thanks again.

*Edit: DARN..

my parameters at C1B02 are: C1 25 FF FF 07 00 33 C1 89 06 E9 5E 06 00



What were you searching for exactly that you've found the location?

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
BTB
BTB


Famous Hero
Moist & Creamy
posted May 06, 2020 08:55 PM

Good find, Alex. Makes me curious where the GP/XP values are stored.

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
SilverG
SilverG


Known Hero
posted May 06, 2020 09:38 PM

BTB said:
Good find, Alex. Makes me curious where the GP/XP values are stored.


Hey BTB, just a quick question:

What are the original parameters for:

Guards Accumulate: 0B8771 > 90 90 90 90 90 - what were here in place of the "90 90 90 90 90"

and

Creatures Accumulate: 0B87A1 > 01 - the "01" and some other bytes might help..

Thanks

 Send Instant Message | Send E-Mail | View Profile | Quote Reply | Link
Jump To: « Prev Thread . . . Next Thread » This Popular Thread is 118 pages long: 1 10 20 30 40 50 60 70 ... 72 73 74 75 76 ... 80 90 100 110 118 · «PREV / NEXT»
Post New Poll    Post New Topic    Post New Reply

Page compiled in 0.0928 seconds