Jump to content

CnCNet Forums

Search In
  • More options...
Find results that contain...
Find results in...
Kilkakon

[TD] Solar Power Plant WIP & Cost hex editing randomly

Recommended Posts

I don't have the tool, no. I admit I've not worked with x80 assembly before, only LC3. Worth grabbing or should I just find a big enough space of unused space in the exe?

 

The buildings of interest are:

v11 (Jap conyard, $5000)

v14 (Radar Dome, $1000)

v19 (Rocket Pod, $600)

v22 (Power Plant, $300)

v32 (Tech Centre, $1500)

 

There's others but they aren't player buildable so I don't care so much. :)

 

I'll fix up the plant shortly. :D Just having to clean the house after my sister :(

Share this post


Link to post
Share on other sites

Eh, the tool is just to convert asm code to bytes, nothing else. It's unrelated to finding empty space in the exe.

 

You could always use the expanded segment added for my patch... the area around address 680000 (offset 1C9600) should be completely empty, so you can just dump any new code there. It's all a lot easier to generate if you use the code and the tool, on the addresses, than to figure out all the jumps manually.

Share this post


Link to post
Share on other sites

I've managed to change the price of the tear gas trooper to $250, which is great. :D Thanks for the help Nyer.

 

Could you please let me know one thing? I don't understand the relationship between a hex address and the EIP value... I tried doing some maths on it but yeah it doesn't seem to line up 1:1 with hex.

 

#eip=00?????? ; B280
jmp 0068000E ; jump to unused space
nop ; no operation
; label indicating the jump back location
jumpback2:

#eip=0044E999 ; 3ED99
jmp 00680000 ; jump to unused space
nop ; no operation
; label indicating the jump back location
jumpback:

#eip=00680000 ; 1C9600
push    FA000000h ; new cost
push    1 ; sight
push    46h ; hit points
jmp .jumpback

#eip=0068000E ; 1C960E
push    2C010000h ; new cost
push    2 ; sight
push    C8h ; hit points
jmp .jumpback2

 

Is my asm so far. I'm trying to change V22's price at the moment, alongside the currently successful C10 change.

 

Also, here's the final smoothed-out version of the power plant. :laugh:

solarpowerwithpad3.png.8a1e0710eaf58506fd89894881cc94ee.png

Share this post


Link to post
Share on other sites

Could you please let me know one thing? I don't understand the relationship between a hex address and the EIP value...

Sadly, there isn't really one... the addresses for each exe segment are defined in the exe header. Inside actual data or code segments the relative addresses will match, but since I suggested putting the extra code in a different exe segment, the relative offsets between the two won't match.

 

So just know that in the main game's code segment (00410000-004E79E4), the physical offset has to be done +40FC00 to get the exe address, while in the new segment (005C0000-0063FFFF) you have to do them +4B6A00 instead.

 

So offset B280 should be address 41AE80.

 

(For the record... for the exe segment containing all of the strings and other hardcoded data of the original game (004F0000-00520008), the offset difference is 418200)

Share this post


Link to post
Share on other sites

Ha I didn't notice your 7 PM edit, I went straight to work on your 6:52 PM post :D

 

Even so, I appreciate you leading me through this Nyer. Thanks your three posts, a bit of Binging and a bit of thinking on my part, all of the prices that I mentioned above have now been implemented. *hugs* Thanks man! :D I learnt something I should have learnt at Uni and got something in the game that was not possible by myself.

 

My code:

 

#eip=0041A93C ; AD3C
jmp 00680030 ; jump to unused space
nop ; no operation
nop ; no operation
nop ; no operation
nop ; no operation
; label indicating the jump back location
jumpback4:

#eip=0041AAAA ; AEAA
jmp 00680041 ; jump to unused space
nop ; no operation
nop ; no operation
nop ; no operation
nop ; no operation
; label indicating the jump back location
jumpback5:

#eip=0041AD0C ; B10C
jmp 00680052 ; jump to unused space
nop ; no operation
nop ; no operation
nop ; no operation
nop ; no operation
; label indicating the jump back location
jumpback6:

#eip=0041AE80 ; B280
jmp 0068000E ; jump to unused space
nop ; no operation
nop ; no operation
nop ; no operation
nop ; no operation
; label indicating the jump back location
jumpback2:

#eip=0041B34A ; B74A
jmp 0068001F ; jump to unused space
nop ; no operation
nop ; no operation
nop ; no operation
nop ; no operation
; label indicating the jump back location
jumpback3:

#eip=0044E999 ; 3ED99
jmp 00680000 ; jump to unused space
nop ; no operation
; label indicating the jump back location
jumpback:

#eip=00680000 ; 1C9600
push    000000FAh ; new cost
push    1 ; sight
push    46h ; hit points
jmp .jumpback

#eip=0068000E ; 1C960E
push    0000012Ch ; new cost
push    2 ; sight
push    C8h ; hit points
jmp .jumpback2

#eip=0068001F ; 1C961F
push    000005DCh ; new cost
push    2 ; sight
push    C8h ; hit points
jmp .jumpback3

#eip=00680030 ; 1C9630
push    00001388h ; new cost
push    3 ; sight
push    0190h ; hit points
jmp .jumpback4

#eip=00680041 ; 1C9641
push    000003E8h ; new cost
push    10 ; sight
push    01F4h ; hit points
jmp .jumpback5

#eip=00680052 ; 1C9652
push    00000258h ; new cost
push    5 ; sight
push    000000E1h ; hit points
jmp .jumpback6

 

Yay on derailing your own thread Kilk :P Hopefully it's good for historical reasons too :)

Share this post


Link to post
Share on other sites

Even so, I appreciate you leading me through this Nyer. Thanks your three posts, a bit of Binging and a bit of thinking on my part, all of the prices that I mentioned above have now been implemented. *hugs* Thanks man! :D I learnt something I should have learnt at Uni and got something in the game that was not possible by myself.

Nice work! I see you figured out to clean up the longer 5-byte commands, too. (As I said, the cleanup is not actually necessary, but it has the advantage that your jump-back position is immediately on the right spot. Jumping back right after where you jump out would land you in the middle of the half-destroyed last 'push' command, which would inevitably crash the game as the CPU tries to read that leftover data as if it were a command to execute.

 

I doubt hacking is something they're supposed to teach you at uni, though. Mind you, the actual principles of assembler language are a thing I did learn at school.

 

(ew Bing. Use Google  :P)

 

[edit]

 

You gotta be careful if the actual commands before the values are not bytes 6A or 68, though, since then you will need different commands than "push" to get the value where it belongs. On a related note, the order of the different "push" commands is obviously vital, since the order is the only thing that identifies a value as sight or cost or whatever.

 

If you encounter any of the other kind, where a value is put into one of the CPU registers (think memory spots to store some data in, only on the actual CPU), the place where you put those doesn't generally matter much. Though the only real example of those in normal units/structures/infantry/aircraft is the name ID, which needs a "mov ebx, (value)" command. (in the picture of the school example I linked to, that "ebx" would be the "B register" ;))

Share this post


Link to post
Share on other sites

Haha I stopped using Google products a few years ago, barring Gmail and Youtube. The only time they seem to care is when they want my money, funnily enough.

 

But hey, cheers. :) Yeah I put the extra nops in as I noticed there were a few nulls left over and it instantly caused access violations without them. Fortunately I don't really foresee too much more that would be necessary in the way of changes, apart from perhaps experimenting with a negative damage Ion Cannon (no idea if it would work but could be fun).

 

Haha yeah I remember you linking that chart before and my brain going "looks interesting, but let's not try and work this out, don't want to get carried away"

Share this post


Link to post
Share on other sites

Dang, I missed this post's proceedings :P

Nice work man, that PP looks great. I have to say that the whole Jap team looks great together. I love when someone manages to make a new team look both classic but unique at the same time. Good Job! :D

  -Liam

Share this post


Link to post
Share on other sites

I look forward to it :D

 

Boy, if only RA1 could have more factory buildings... just imagine making barr + WF for every team... drool. Would be nice if they all spawned with their own MCV also xD

  -Liam

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...