| View previous topic :: View next topic |
| Author |
Message |
onedementedsmurf
How do I cheat?
![]() Reputation: 0
Joined: 22 Jun 2015
Posts: 8
|
 Posted: Tue Sep 08, 2015 3:41 pm Post subject: I need a bit of help setting up an exp multiplier. |
 |
|
So, here is the situation, I'm trying to setup exp multipliers (2x, 3x, 4x, etc.) for Final Fantasy IX NTSC-U using ePSXe 1.9.25, I've gotten as far as finding the static values associated with each character slot and ultimately have no idea where to go from there.
The information I'm assuming you'd need to assist me: Attachment 1
I've gotten as far as: Attachment 2
I haven't the slightest clue what to change the code to, to get the multiplying effect I want.
Forum wouldn't let me post in-line images (URLs not allowed yet.)
Please let me know if there is any other information you might need to assist me, I'll gladly post it ASAP
| Description: |
|
| Filesize: |
11.15 KB |
| Viewed: |
4771 Time(s) |
|
| Description: |
|
| Filesize: |
16.65 KB |
| Viewed: |
4771 Time(s) |
|
Last edited by onedementedsmurf on Tue Sep 08, 2015 4:33 pm; edited 1 time in total |
|
| Back to top |
|
 |
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Tue Sep 08, 2015 3:54 pm Post subject: |
|
|
| We would need the code above this instruction which adds some value to EBX.
|
|
| Back to top |
|
|
onedementedsmurf
How do I cheat?
![]() Reputation: 0
Joined: 22 Jun 2015
Posts: 8
|
| Posted: Tue Sep 08, 2015 4:12 pm Post subject: |
|
|
| Zanzer wrote: | | We would need the code above this instruction which adds some value to EBX. |
Assuming that's line 4 in this screenshot..?
| Description: |
|
| Filesize: |
42.07 KB |
| Viewed: |
4761 Time(s) |
|
|
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Tue Sep 08, 2015 4:40 pm Post subject: |
|
|
Nope. That's actually a completely separate function.
Looks like you would have to do a bit of tracing to figure it out.
Maybe you'll get lucky and the following will work...
edit: Guess I should've asked if the original value was a float or 4-byte.
| Code: | [ENABLE]
aobscan(xp_mult,89 1C 08 81 E2 FC FF 1F 00)
alloc(newmem,$1000)
label(code)
label(return)
label(xp_mult_val)
newmem:
code:
push eax
push edx
sub ebx,[eax+ecx]
xor edx,edx
mov eax,ebx
mul [xp_mult_val]
mov ebx,eax
pop edx
pop eax
add ebx,[eax+ecx]
mov [eax+ecx],ebx
and edx,001FFFFC
jmp return
xp_mult_val:
dd 2
xp_mult:
jmp code
nop
nop
nop
nop
return:
registersymbol(xp_mult)
registersymbol(xp_mult_val)
[DISABLE]
xp_mult:
db 89 1C 08 81 E2 FC FF 1F 00
unregistersymbol(xp_mult)
unregistersymbol(xp_mult_val)
dealloc(newmem) |
|
|
| Back to top |
|
|
onedementedsmurf
How do I cheat?
![]() Reputation: 0
Joined: 22 Jun 2015
Posts: 8
|
| Posted: Tue Sep 08, 2015 7:35 pm Post subject: |
|
|
Well, I got a chance to try that out, no dice, upon further inspection I found a little bit more further up in the memory viewer that might be what I need.
EDIT: The initial value is 4-Byte
| Description: |
|
| Filesize: |
48.95 KB |
| Viewed: |
4706 Time(s) |
|
|
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Tue Sep 08, 2015 8:14 pm Post subject: |
|
|
You would need to set a break-and-trace on the instruction which ACCESSES your address.
Follow that value through the code until you reach the instruction which WRITES to your address.
Some instruction in between there will add the current value to the earned value.
That is where you need to perform your injection.
As far as my script goes, did you verify that my AOB was unique enough?
When you activated it, did it change the instruction at the location you had found?
Did my script not activate? Did it crash the game? Did you just not notice XP change?
Also, I changed the script a couple times, make sure you copy the latest.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
