Author Topic: champions of norrath return to arms saved game hacking with hex editor.  (Read 107 times)

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
so far i've been able to change the characters level and how many stat points are available. i was able to find where the strength location is in memory and modify that. ive been looking at this for about an hour and cant make sense of the rest.

strength is located in these lines. where the FFs are
0000 03A0: 00 00 00 00 00 00 FF FF  00 00 00 10 00 00 00 10  ........ ........ 
0000 03B0: 00 00 00 10 00 00 00 00  00 00 00 00 00 00 FF FF  ........ ........ 

slot0-Strenght "65535 strenght"
0000 03A0: 00 00 00 00 00 00 FF FF  00 00 00 10 00 00 00 10  ........ ........ 
0000 03B0: 00 00 00 10 00 00 00 00  00 00 00 00 00 00 FF FF  ........ ........ 
0000 03C0: 00 00 00 10 00 00 00 10  00 00 00 10 00 00 00 00  ........ ........ 
0000 03D0: 00 00 00 00 00 00 AA 00  00 00 98 D9 10 46 98 D9  ........ .....F.. 
0000 03E0: 10 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E F1 DF  .F...... .>...>.. 
0000 03F0: BB 45 99 99 E2 45 00 00  00 00 B1 0A 00 00 3E 06  .E...E.. ......>. 
0000 0400: 00 00 3F 06 00 00 01 00  00 00 00 00 00 00 00 00  ..?..... ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 FF 00 01 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 00 D5 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........

noitems "control"
0000 03A0: 00 00 00 00 00 00 F8 17  00 00 00 10 00 00 00 10  ........ ........ 
0000 03B0: 00 00 00 10 00 00 00 00  00 00 00 00 00 00 F8 17  ........ ........ 
0000 03C0: 00 00 00 10 00 00 00 10  00 00 00 10 00 00 00 00  ........ ........ 
0000 03D0: 00 00 00 00 00 00 AA 00  00 00 98 D9 10 46 98 D9  ........ .....F.. 
0000 03E0: 10 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E 9C 0B  .F...... .>...>.. 
0000 03F0: B8 45 99 99 E2 45 00 00  00 00 72 0A 00 00 FF 05  .E...E.. ..r..... 
0000 0400: 00 00 00 06 00 00 01 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 FF 00 00 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 08 CD 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........ 
 
slot0 "unknown stat"
0000 03A0: 00 00 00 00 00 00 F8 17  00 00 00 10 00 00 00 10  ........ ........ 
0000 03B0: 00 00 FF 10 00 00 00 00  00 00 00 00 00 00 F8 17  ........ ........ 
0000 03C0: 00 00 00 10 00 00 00 10  00 00 FF 10 00 00 00 00  ........ ........ 
0000 03D0: 00 00 00 00 00 00 AA 00  00 00 AF 59 13 46 98 37  ........ ...Y.F.7 
0000 03E0: 19 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E F7 8D  .F...... .>...>.. 
0000 03F0: BC 45 99 99 E2 45 00 00  00 00 72 0A 00 00 FF 05  .E...E.. ..r..... 
0000 0400: 00 00 00 06 00 00 01 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 00 00 01 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 08 CD 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........ 

slot1 "unknown stat"
0000 03A0: 00 00 00 00 00 00 F8 17  00 00 00 10 00 00 FF 10  ........ ........ 
0000 03B0: 00 00 00 10 00 00 00 00  00 00 00 00 00 00 F8 17  ........ ........ 
0000 03C0: 00 00 00 10 00 00 FF 10  00 00 00 10 00 00 00 00  ........ ........ 
0000 03D0: 00 00 00 00 00 00 AA 00  00 00 98 D9 10 46 98 D9  ........ .....F.. 
0000 03E0: 10 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E 54 7D  .F...... .>...>T} 
0000 03F0: BB 45 99 99 E2 45 00 00  00 00 72 0A 00 00 FF 05  .E...E.. ..r..... 
0000 0400: 00 00 00 06 00 00 01 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 00 00 01 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 08 CD 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........ 

slot2 "unknown stat"
0000 03A0: 00 00 00 00 00 00 F8 17  00 00 FF 10 00 00 00 10  ........ ........ 
0000 03B0: 00 00 00 10 00 00 00 00  00 00 00 00 00 00 F8 17  ........ ........ 
0000 03C0: 00 00 FF 10 00 00 00 10  00 00 00 10 00 00 00 00  ........ ........ 
0000 03D0: 00 00 00 00 00 00 AA 00  00 00 98 D9 10 46 98 D9  ........ .....F.. 
0000 03E0: 10 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E 4A AD  .F...... .>...>J. 
0000 03F0: BC 45 98 25 F0 45 00 00  00 00 72 0A 00 00 FF 05  .E.%.E.. ..r..... 
0000 0400: 00 00 00 06 00 00 01 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 00 00 01 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 08 CD 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........ 

Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
is there a good program to compare 2 files and see the lines that are different? ive been using a hexeditor that has that but it only compares 2 files and its a command line program. think its called vbindiff
Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
strength and stamina
                                                 Strength
0000 03A0: 00 00 00 00 00 00 FF FF  00 00 00 10 00 00 00 10  ........ ........

                             Stamina                                               Strength
0000 03B0: 00 00 FF FF 00 00 00 00  00 00 00 00 00 00 FF FF  ........ ........

                                                                      Stamina                
0000 03C0: 00 00 00 10 00 00 00 10  00 00 FF FF 00 00 00 00  ........ ........ 

0000 03D0: 00 00 00 00 00 00 AA 00  00 00 98 D9 10 46 98 D9  ........ .....F.. 
0000 03E0: 10 46 00 00 00 00 FF FF  FF 3E FF FF FF 3E 9C 0B  .F...... .>...>.. 
0000 03F0: B8 45 99 99 E2 45 00 00  00 00 72 0A 00 00 FF 05  .E...E.. ..r..... 
0000 0400: 00 00 00 06 00 00 01 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0410: 00 AA EE 9E 3A 00 B2 01  00 00 FF 00 00 14 14 14  ....:... ........ 
0000 0420: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0430: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0440: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........ 
0000 0450: 00 00 00 08 CD 45 50 00  04 00 00 00 00 00 00 00  .....EP. ........ 

i think this is correct both stats are at 65535. apparently i can make them higher i'll play around with the 2 hex pair in front and behind to see if it changes anything
« Last Edit: June 17, 2020, 05:24:17 PM by andyassur »
Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
                                                                      STAT?           STAT?
0000 03A0: 00 00 00 00 00 00 F8 17  00 00 00 10 00 00 00 10  ........ ........ 
                             STAT?
0000 03B0: 00 00 FF 10 00 00 00 00  00 00 00 00 00 00 F8 17  ........ ........ 
                                                 STAT?
0000 03C0: 00 00 00 10 00 00 00 10  00 00 FF 10 00 00 00 00  ........ ........
Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11

Offline jdaniele

  • Administrator
  • Sr. Member
  • *****
  • Posts: 1344
  • Never stop questioning
    • View Profile
    • JeremyDaniele.com
How would I go about setting up this game?
"The true sign of intelligence is not knowledge but imagination." - Albert Einstein

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
How would I go about setting up this game?
its a ps2 game. to beable to mod the saved games files you need a memory card with freemcboot installed on it and a copy of the game. uelf launcher is the software that is needed to be use to be able in order to copy files from the flash drive to the memory card which is on the freemcboot memory card.  the game can be burned but some software needs to be ran on the disc image and loaded with ESR? which should be on the freemcboot memory card. you can run it off of a hard drive if you have the fat ps2 that has network adapter and using OPL software on the freemcboot memory card. the drives for the ps2 are pata, but you can get a pata to sata converter or buy an already modded network adapter that allows for sata. i bought a 300 gig pata drive off of ebay i think for about $20. you can also use the usb on the front of the ps2 but the usb is usb1 which is slower then the disc drive, i used it about once and said fuck this.
if you have a slim your stuck with the freemcboot and usb or esr.

i would be able to make a freemcboot memory card if you had a ps2 memory card laying around. i'm not sure if i have any that are just laying around. i do see them at the fleamarkets every once in a while. it has to be an offical sony memory card. the read write speeds of 3rd party memory cards are not fast enough and will not install on them.

i'm going to be looking at more ps2 saved game files and see if i can mod anything else. maybe i'll look at tony hawk next and see if i can change the ollie stat from 10 to 255
Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11

Offline andyassur

  • Administrator
  • Heavy Contributor
  • *****
  • Posts: 695
    • View Profile
i figured out alot of what the code means by just comparing several files with just one difference. i was thinking of modifying weapons and what not but i think my character with stats of 1.6 million each is enough.  my room mate was watching a youtube video of a guy playing the in the arena wave 1056 hitting for ~100k  with full gear. my character hits for 4million with his bare fists. i made it to wave 105 before the ps2 froze. i was hoping to be able to beat the arena but it looks like the game will just freeze and thats how the area ends. i had a character with 4k stats and i died at wave 75
Thirty spokes are joined in the wheel's hub.
The hole in the middle makes it useful.

...the value comes from what is there,
But the use comes from what is not there.

-Tao Te Ching  chapter 11