Gold Community Public Commander Keen Forum
    > Other Keen Stuff
        > adurdin, how do you do it?
New Topic    Add Reply

Page 1 2

<< Prev Topic | Next Topic >>
Author Comment
CK Guy
Meep
Posts: 1
(9/7/03 1:59 pm)
Reply
adurdin, how do you do it?
Hey adurdin,

I was wondering how the HECK you get all those offsets for patches? For example, how did you get all that info for keendata.zip? How did you find those patches for changing keen's shot height? I wanna be able to do that!!! :furious :dopefish

Also, could you PLEASE update your page? As in, make links on it to all the stuff you have? I'm always suprised at what files I find were there.


And also, admins could you please delete my other account, The CK Guy, I sorta messed up the info!

KeenRush 
Photachyon Transceiver
Posts: 4018
(9/7/03 2:10 pm)
Reply
Re: adurdin, how do you do it?
I'm sure that's not easy, he has done lot's of experiements, I think.
Oh, and welcome to the forums! :)

missing image (www.commanderkeen.net/users/keenrush/garg.gif)

CommanderSpleen  missing image (www.angelfire.com/amiga2/spleen/spleeni.gif)
Vortininja
Posts: 35
(9/7/03 10:43 pm)
Reply
missing image (www.angelfire.com/amiga2/spleen/spleen.gif)
Re: adurdin, how do you do it?
I'd say it'd be pretty similar to being able to understand the Matrix... hours and hours of sitting in front of the code.

Basically this: experimentation. About the easiest way to learn anything.

Though it would be cool to pick Andrew's brain on the subject.

>Commander Spleen

÷ Cave assectatorem Ductoris Alacris ÷

"If your grand plan is thwarted, fear not;
From its ashes shall arise a grander one."
- My Left Ankle

Edited by: CommanderSpleen  missing image (www.angelfire.com/amiga2/spleen/spleeni.gif) at: 9/7/03 10:46 pm
Robo Blue
Vorticon Elite
Posts: 618
(9/7/03 10:55 pm)
Reply
Re: adurdin, how do you do it?
Mabye andrew can write up modding lessons. Hm... mabye there should be a beginner section to the forum.

Official Keenbound Site
Visit The Dos Vault Message Board. I'm an admin

adurdin
Wormouth
Posts: 866
(9/8/03 12:45 am)
Reply
Re: adurdin, how do you do it?
It's a combination of experience, experimentation, and tedious work.

There are two prerequisites that I consider to be very important: one, to be familiar with the C programming language; and two, to have a decent knowledge of 80x86 assembly language.

The second of these is most important: if you are faced with something like the code below, you have to understand what all the instructions mean, so that you can work out what is going on:
  
   A.46BA  55                                   push    bp
   A.46BB  8B EC                                mov     bp,sp
   A.46BD  56                                   push    si
   A.46BE  E8 E274                              call    A.2935
   A.46C1  8B F0                                mov     si,ax
   A.46C3  C7 04 000A                           mov     word ptr [si],0Ah
   A.46C7  8B 46 06                             mov     ax,[bp+6]
   A.46CA  8B 56 04                             mov     dx,[bp+4]
   A.46CD  89 54 04                             mov     [si+4],dx
   A.46D0  89 44 06                             mov     [si+6],ax
   A.46D3  8B 46 0A                             mov     ax,[bp+0Ah]
   A.46D6  8B 56 08                             mov     dx,[bp+8]
   A.46D9  81 C2 0900                           add     dx,900h
   A.46DD  15 0000                              adc     ax,0
   A.46E0  89 54 08                             mov     [si+8],dx
   A.46E3  89 44 0A                             mov     [si+0Ah],ax
   A.46E6  C7 44 32 4808                        mov     word ptr [si+32h],4808h
   A.46EB  C7 44 22 0000                        mov     word ptr [si+22h],0
   A.46F0  C7 44 34 4849                        mov     word ptr [si+34h],4849h
   A.46F5  C7 44 28 006C                        mov     word ptr [si+28h],6Ch
   A.46FA  83 3E 604C 00                        cmp     word ptr ds:[604Ch],0   ; (=0C35Dh)
   A.46FF  7C 75                                jl      A.4776                  ; Jump if <


That is also where a knowledge of C becomes useful: knowing how certain things are written in C can give a big insight into what the assembly code is doing. For example, it is clear from the above code that all the "mov [si + ...], ..." instructions are storing data into a structure, with the pointer to the structure in si.

Obtaining assembly code like that above from the .exe is the job of a disassembler, a program which produces a human-readable version of the program code. It does a very simple translation, replacing (for example) two bytes 8B EC with the mnemonic "mov bp,sp".

If I'm looking for something in particular to patch, I will look for some sort of starting point. For example, if I were looking at how to change the cheat codes, I might start by using a hex-editor to find the location of the "God mode enabled" message. It's at $14EF6; but being in the data segment, I have to subtract the offset of the start of the data segment ($13050) to find the address that the code will use, which turns out to be $1EA6.

Then I search through the assembly code for this value, and find the following code:
  
   A.11F0           sub_a_11F0      proc    near
   A.11F0 ,55                       push    bp
   A.11F1  8B EC                    mov     bp,sp
   A.11F3  80 3E 505A 00            cmp     byte ptr ds:[505Ah],0   ; (=0Ch)
   A.11F8  74 11                    je    loc_a_120B              ; Jump if equal
   A.11FA  80 3E 5040 00            cmp     byte ptr ds:[5040h],0   ; (=0D1h)
   A.11FF  74 0A                    je      loc_a_120B              ; Jump if equal
   A.1201  80 3E 5065 00            cmp     byte ptr ds:[5065h],0   ; (=8Dh)
   A.1206  74 03                    je      loc_a_120B              ; Jump if equal
   A.1208  E8 FBA5                  call    sub_a_0DB0
   A.120B           loc_a_120B:                                     ;  xref A.11F8, 11FF, 1206
   A.120B  80 3E 504E 00            cmp     byte ptr ds:[504Eh],0   ; (=3)
   A.1210  74 3D                    je      loc_a_124F              ; Jump if equal
   A.1212  80 3E 5044 00            cmp     byte ptr ds:[5044h],0   ; (=36h)
   A.1217  74 36                    je      loc_a_124F              ; Jump if equal
   A.1219  80 3E 504C 00            cmp     byte ptr ds:[504Ch],0   ; (=6)
   A.121E  74 2F                    je      loc_a_124F              ; Jump if equal
   A.1220  E8 4A17                  call    sub_a_5C3A
   A.1223  B8 0001                  mov     ax,1
   A.1226 ,50                       push    ax                      ; PARAMETER_2
   A.1227  B8 0014                  mov     ax,14h
   A.122A  50                       push    ax                      ; PARAMETER_1
   A.122B  E8 4E90                  call    sub_a_60BE
   A.122E  83 C4 04                 add     sp,4
   A.1231  81 36 5DAA 0001          xor     data_f_5DAA,1           ; (=0)
   A.1237  74 05                    jz      loc_a_123E              ; Jump if zero
   A.1239  B8 1EA6                  mov     ax,1EA6h
   A.123C  EB 03                    jmp     short loc_a_1241

The two sets of three comparisons at the top are very interesting, as there are two cheat codes in Keen 1, and each uses three keys -- so it would take three comparisons for each cheat code. I notice that the second is looking at bytes at locations 504Eh, 5044h, and 504Ch; looking up a table of keyboard scan codes, I find that G is $22, O is $18, and D is $20 -- and that if you subtract $502C from each of the locations, you get those scan codes; so this is the place where the cheats are being looked for. An additional piece of information that I gain from this is that the code uses an array of bytes--beginning at location $502C--to keep track of which keys are pressed and which are not, so that any other code which is reading data from this area must also be looking at key presses.

Anyway, that might give you an idea. A lot of background knowledge helps a great deal in intuiting the purpose of the code.

Edited by Ilsoap: The second coded part was too long. Got rid of some of the spaces so that it would fit in more browser windows.

Edited by: Ilsoap at: 11/24/03 7:33 pm
Xtraverse 
Stranded Fish
Posts: 2434
(9/8/03 3:13 am)
Reply
Re: adurdin, how do you do it?
Where would one obtain a dissasembler like this?



Never argue with an idiot. He brings you down to his level, then beats you on experience -- Mark Twain
spatang.com

adurdin
Wormouth
Posts: 867
(9/8/03 8:47 am)
Reply
Re: adurdin, how do you do it?
I use an old version of Sourcer; I'm not sure where you could find it these days. There are also some free disassemblers available, but I'm not sure how good they are.

KeenRush 
Photachyon Transceiver
Posts: 4019
(9/8/03 2:52 pm)
Reply
Re: adurdin, how do you do it?
Interesting. :)
Just interested, how did you start this all, in the beginnig? Did you just started to learn Assembly and so on?

missing image (www.commanderkeen.net/users/keenrush/garg.gif)

JosephBurke 
Tres-tria quindecim
Posts: 12
(9/9/03 10:50 am)
Reply
?
Can you edit the assembly code with the disassembler?

adurdin
Wormouth
Posts: 870
(9/9/03 11:55 am)
Reply
Re: ?
KeenRush wrote:
Quote:
how did you start this all, in the beginnig? Did you just started to learn Assembly and so on?


Well, I started off learning BASIC, then C (from the excellent Turbo C Programming for the PC), and from there went on to assembly language.

I remember first getting into assembly language programming when I was writing QBasic programs (mostly games). It began when I wanted to use the mouse in a QBasic program; as QBasic did not support calling interrupts, I had to write the assembly code, assemble it, store the resulting bytes into an array, then use the CALL ABSOLUTE function to run the code. My first attempts caused nasty crashes, but with help from my brother I got it working. I went on from there to writing graphics functions (blitting, graphics primitives, palette functions) for QBasic and QuickBasic, and writing a function to do for QBasic what Quick Basic's CALL INTERRUPT function did -- allow any interrupt calls.

My first efforts at decompiling a program were with Sopwith, a game written in the early 80's as a demonstration of a Canadian company's networking software; but it got spread around far and wide, as a single-player game, because of its excellent gameplay. Well, my attempts there, though fruitful and a useful learning exercise, did not get completed, because a bloke from the UK called Andrew Jenner independently reverse engineered it, and produced a workable source code--he'd previously done the same for another great 80's game, Digger: which was (in my opinion) a far more impressive feat. But that's a bit of a sidetrack.

I think my first foray into decompiling Commander Keen was when I began to decompile Keen 4; I got quite a lot done, but got sidetracked onto other interests, as the decompilation was taking too much time. But the knowledge gained there of how the engine worked has been invaluable in making patches for Keens 1-3 (the similarities between the engines are very noticeable).


JosephBurke wrote:
Quote:
Can you edit the assembly code with the disassembler?


In order to change the operation of the code, I need to work out what assembly code I need to do what I want; write that code; then use an assembler to produce the machine code (a series of bytes) which I can patch the .exe with. I use DEBUG (a program that has come with MS-DOS and Win9x for years) as an easy way of doing this.

MultiMania
Meep
Posts: 2
(11/24/03 1:38 am)
Reply
Re: adurdin, how do you do it?
I use Debug as a dissasembler, but I haven't got a very good understanding of asm.:(

KeenRush
Photachyon Transceiver
Posts: 4414
(11/24/03 7:13 pm)
Reply
Re: adurdin, how do you do it?
Oooh, other Kenius! :eek

Keen mods, please!

Robo Blue
Vorticon Elite
Posts: 834
(11/25/03 1:22 am)
Reply
Re: adurdin, how do you do it?
hm... Keenius... that sounds like a Keen Awards category.

Official Keenbound Site
Visit The Dos Vault Message Board. I'm an admin

Too Much Spare Time 
King Slug
Posts: 772
(11/26/03 2:49 pm)
Reply
Re: adurdin, how do you do it?
This reminds me...

Maybe the Source for the Commander Keen games is like, hidden in this big computer, and Keen has to, like, get into the computer in order to capture the source for us, but there's like a security system guarding it that can only be shut down for precisely three-hundred and fourteen seconds...
:moon

The Chasm of Strife! www.ThisStrife.com/Sluggy

KeenRush
Photachyon Transceiver
Posts: 4421
(11/26/03 3:33 pm)
Reply
Re: adurdin, how do you do it?
And that reminds me of some movie..
Edit: LOL @ below!

Keen mods, please!

Edited by: KeenRush at: 11/27/03 7:06 pm
Br1ck
Grunt
Posts: 10
(11/26/03 8:00 pm)
Reply
Re: adurdin, how do you do it?
*Couldn't resist*

There is so much in this world that I do not understand. See that machine? It has something to do with Mangling Super heros. I have absolutely no idea how it works. But I do understand the reason for it to work. I have absolutely no idea how you are able to do some of the things you do, Andrew Durdin, but I believe there's a reason for that as well. I only hope we understand that reason before it's too late.

:D

Edited by: Br1ck at: 12/12/03 1:34 am
KeenEmpire
Keen's Empire
Posts: 659
(12/10/03 1:27 pm)
Reply
fsd
Haha! Yeah :evil

MultiMania
Grunt
Posts: 9
(12/13/03 9:38 am)
Reply
Keenius?
No I'm not a 'Keenius', I barely understand asm. only interupts. Plus Debug is awful at dissassembling. All I've Done is the music patches for keens 4 - 6.

JosephBurke 
Tres-tria quindecim
Posts: 175
(12/13/03 11:57 pm)
Reply
it's still useful
It's still nice that you found something useful to do. ;) People will use that patch, I'm sure of it.

Br1ck
Grunt
Posts: 21
(12/14/03 7:33 am)
Reply
Re: Keenius?
MultiMania, that's kickass! I'll have to try that tomorrow!

Yowza
Vortininja
Posts: 172
(12/14/03 12:45 pm)
Reply
Re: Keenius?
This morning, I went and used that patch, and was about to go test it... When I remembered I use WinME, which doesn't support adlib sound :/

CommanderSpleen
Vortininja
Posts: 104
(12/15/03 1:22 am)
Reply
Re: Keenius?
Quote:
I remembered I use WinME, which doesn't support adlib sound

I'm using ME, and it adlib seems to work fine...

>Commander Spleen

÷ Cave assectatorem Ductoris Alacris ÷

"The irritating notion that the beholder should complete through his imagination what the artist left undone is refuted by the sumi paintings, so fond of incomplete objects. Try to complete the rocks whose base is lost in the mist or to populate the "empty" spaces with more rocks or woods, and you will find that your clumsy moves destroy the delicate balance and thus the meaning."
-Rudolf Arnheim, Parables of Sun Light

JimSoft Lair
http://jimsoftlair.tripod.com/

Scizor CT
Council Janitor
Posts: 656
(12/15/03 3:23 am)
Reply
Re: Keenius?
It would depend on your sound card, not your OS.

Yowza
Vortininja
Posts: 173
(12/15/03 11:26 am)
Reply
Re: Keenius?
Well, on my comp, it works in 98, but not ME. Which seems to be the same as most people :/

JosephBurke 
Tres-tria quindecim
Posts: 181
(12/16/03 12:23 am)
Reply
sound
I'd check to see if your audio devices are configured right. Sift around; see if anything is different from the two similar OS'.

www.lastplain.com/tempics/soundconfig.jpg

edit: made link work --xtraverse

Edited by: Xtraverse  at: 12/16/03 1:12 am
Page 1 2 << Prev Topic | Next Topic >>

Add Reply

Email This To a Friend Email This To a Friend
Topic Control Image Topic Commands
Click to receive email notification of replies Click to receive email notification of replies
Click to stop receiving email notification of replies Click to stop receiving email notification of replies
jump to:

- Public Commander Keen Forum - Other Keen Stuff - Cerebral Cortex 314 -



Powered By ezboard« Ver. 7.3
Copyright ę1999-2003 ezboard, Inc.