| View previous topic :: View next topic |
| Author |
Message |
Chingasoki
How do I cheat?
![]() Reputation: 0
Joined: 03 Jan 2015
Posts: 3
|
 Posted: Sat Jan 03, 2015 7:27 am Post subject: DOSBox running Descent: Apparent Code Shifting and DMA |
 |
|
Ship stats are always stored in an area of memory as such:
base address = 8 byte pilot name
base address+22 = energy value
base address+26 = shield value
(there are other values nearby also)
Of course when you restart the game or sometimes just going to the next level, the base address will change, but only slightly. I have found at least 16 places where it could be stored.
I have attempted a pointer scan with no results.
I have attempted finding what writes and accesses the addresses. This results in showing me an opcode such as: mov [eax+ecx],ebx. I have found that [eax+ecx] = the address where the value is being stored and of course that ebx is the new value to be stored there. This is great, I can NOP it and the value will not be changed in the game. One other problem being that the address of the opcode will change when I restart.
Even though I know how the data is structured, I still need a way to dynamically locate it. What is the best way to do this?
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25778
Location: The netherlands
|
| Posted: Sat Jan 03, 2015 8:03 am Post subject: |
|
|
debugging dosbox will result in getting the code of dosbox, not the game.
Pointers also probably won't work as they will be stored relatively to the emulated base address. And even then there's the segment hell of realmode
you could try a scan for the playername and then check offsets 22 and 26 for values that fall within the range of energy and shield
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Chingasoki
How do I cheat?
![]() Reputation: 0
Joined: 03 Jan 2015
Posts: 3
|
| Posted: Sat Jan 03, 2015 8:36 am Post subject: |
|
|
wow, the speed of your reply is simply amazing! thanks for that! 
dosbox is the only process that shows up when running the game, but it does work anyway so idk.
I'm glad you say that pointers probably won't work because I hate them. 
I do manual scans for the player names and find them that way all the time, but there are at least 16 different locations they can be in. so I could have 16 sets of records, of which only one will be used at one time, but that makes a huge list of records in the table.
I would like to have just one set of records in the ct. Is there any way to automate an initial scan to find the base address, then, knowing the proper offsets, I can have the ct filled out automatically?
|
|
| Back to top |
|
|
Chingasoki
How do I cheat?
![]() Reputation: 0
Joined: 03 Jan 2015
Posts: 3
|
| Posted: Sun Jan 04, 2015 5:58 pm Post subject: |
|
|
DOSbox does seem to be the problem, running the game with d1x-rebirth solves everything. This allows even a complete ignoramus like myself to build a table.
Thanks Dark Byte, you are awesome!
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
