Pages: [1]
  Print  
Author Topic: Diablo 1 Dissassembly/Memory Injection  (Read 16500 times)
Big Daddy
Public

Alias: Diablo 1
Posts: 3


« on: January 21, 2013, 03:21:03 pm »

Howdy!

I made my account specifically to talk with Intangir, whom I believe to be the once DoomGaze.
However I figured I'd make a post on here so y'all know I'm not a spam bot.

Basically I am here for information on the aspects of reverse engineering Diablo 1; not for cheating's sake, but for exploration of the code and for teaching myself assembly.

Although I know assembly to some small degree, it is mainly of that used in microcontrollers, and not x86 computers.

My particular area of interest is the Diablo 1 Spawn, or shareware if you like. I find it to be limited in fascinating ways, and the code exists within the .exe file to overcome certain limitations, for example the level limit.

Is there anyone else on here with such an interest? Or knowledge on the topic at hand?

Thanks broskis.

-Big Daddy
Logged
Intangir
Global Moderator

Posts: 5164



WWW
« Reply #1 on: January 21, 2013, 05:17:59 pm »

i havent been into diablo1 for like 15+ years

why not play diablo1 retail? is it not possible anymore?

theres a 1.09 dat file in the archive
Logged
Intangir
Global Moderator

Posts: 5164



WWW
« Reply #2 on: January 21, 2013, 08:06:07 pm »

oh i found yalls blog, ya it seems interesting

if it can be done im sure i could figure out at least the player level cap, but that wont do much for the dungeon level cap
Logged
Big Daddy
Public

Alias: Diablo 1
Posts: 3


« Reply #3 on: January 22, 2013, 12:02:21 am »

Yeah, that blog isn't mine, but it's what got me intrigued with the idea of playing with the shareware.

Retail still works on Battlenet, but it's been hacked to death. Everything's been done. I want a challenge.

There is no hardcoded Player level cap, but you can only level so far before the enemies cease to give experience. Roughly level 15.

I'm working on removing the Dungeon level limit, and so far I'm making decent progress. Removed the limitation preventing you from walking down the stairs to level three, and it gets to the loading screen. Been reprogramming the Skeleton King, whose code is included in the game but not art, to use standard skeleton art. Otherwise, game crashes.

It's intrigulating.
Logged
Intangir
Global Moderator

Posts: 5164



WWW
« Reply #4 on: January 22, 2013, 12:42:48 am »

hrm, i used to use w32dasm to disassemble the game first off then i would use softice to debug it live, it was not very easy to manage and is unnecessary now thanks to more modern tools

visual studio pretty much does everything you need now, ive used versions as old as visual studio 5 to hack games/apps with ease, you can set memory or execution breakpoints

also there is fantastic tool called ollydbg which does everything, its free, its fantastically perfect for the task, i forgot about that.. this is probably the best one to use (unless something better and newer has come out since that i dont know about)

there is one more tool you might want and that is an offset finder. i wrote my own a long time ago but ive seen much better onces since, i used one called tsearch before

ollydbg might do it by itself actually..

the basic concept is you figure out a variable that you can know and change the value of, like for example for XP, youd look in your character panel, see what value your XP is at, then use tsearch to find all the locations with that value, then you kill some mobs in game, then search for the new value from the old locations, it will narrow it down to a few, if it doesnt, do it a few more times, eventually youll have it narrowed down to 1-4 locations (old C games like diablo1, usually 1, C++ games somtimes more, any higher level languages, all bets are off)

anyway now you have the location of the XP, you can find all the places it references that value and change logic around it


oh heres an example, you could find the location of your actual character level, find the place that references your level to determine how much XP it should grant you for monster kills, and change it so that it stops adjusting after level 12 or something, then you could keep leveling on the same lowbie mobs

theres also a place where it saves the dungeon level your on

i have a hack in that dat file which tells you what dungeon level EVERYONE is on, you should be able to disassemble diablo retail, find out what im doing at that location, then disassemble diablo spawn, search for similar code pattern to find the location of the offset of the dungeon level your on, then memory breakpoint on it, find out where its referenced, find out if one of them is testing if you should advance past level 2, try and jump around it, if there isnt anything in the exe to actually support higher dungeon levels it will ofcourse crash..



Logged
Intangir
Global Moderator

Posts: 5164



WWW
« Reply #5 on: January 22, 2013, 12:44:02 am »

also we have a really fun minecraft server, its a legit survival anarchy type server, but where property rights and mutually voluntary interaction are encouraged

very friendly group, some challenges, some interesting creations, some exploration, etc. worth a look if you have minecraft Wink

the link is http://voluntaryist.intangir.org
Logged
Big Daddy
Public

Alias: Diablo 1
Posts: 3


« Reply #6 on: January 22, 2013, 02:08:06 pm »

Yeah; I have OllyDBG and have been attempting to use it; it has a rather complicated interface. I suspect I will be reading a few tutorials on the matter.

As for finding the vars in the code: I've always found simple, changing variables easily. Things such as hit points are easy to find. It's the variables that stay the same, such as a hardcoded level limit, or definitions, that add a bit of difficulty to the endeavour.

I have been comparing the decompiled code from Diablo Shareware 1.00 (of which a few hack .dats exist) and the code of Diablo Shareware 1.09.
I've used the addresses indicated in the 1.00 hacks, opened up the code and made note of the subroutine structure and the references to the modified blocks.
Then, I opened up the 1.09 code and seen if I could find similarities. However, the success rate for this sort of method is extremely limited.

One other limitation that I was working on overcoming last night was the ability to make Nightmare or Hell games. You must be level 20 or 30 respectively to make these games, which makes it impossible to do in the Shareware, as your max level is 15.  So I've been working on a measure to remove the minimum level limitation by loading up Diablo in OllyDBG, and navigating to that point in the menu: "You must be level 20 to make Nightmare games.". I would then Alt-Tab to Olly, in hopes that it would show me the very last line of code that was run.

However, it was not the case. Perhaps I am merely unlearned in Olly, and a bit more Googlin' is required.

What do you think?

Logged
Pages: [1]
  Print  
 
Jump to: