View Full Version : memory addresses collection
aka how to have wormpot in wa.
i'm having fun with cheatengine (www.cheatengine.org), a trainer, and wa. dunno if it's a good and legal idea, but i start a list of memory address with relative meanings.
current list:
friction, unlimited roping speed, shot doesn't end turn, jetpack fuel (also infinite), loss of control doesn't end turn, wind max strength, fire pauses timer off, rope growth speed, rope: 1/3 friction, 162° of shooting, rope ammos while swinging, rope length
robowurmz
8 Sep 2007, 20:17
Ooh, nice, I'm adding these to my list now!
(Friction sounds fun!)
Pisto can you upload a replay of these two things working?
some of these value cant be replayed correctly, at least if you dont hack the memory before the start of the replay. to see instead ts3 working, donwload the lates replay I uploaded in the "submit your wa replays" thread, and watch until 6 min.
robowurmz, do you have other addresses? plz tell me and i'll add!
new code:
FPNn_Shoot_doesn't_end_turn 1byte WA.exe+52B9EB [non-zero value means on]
I GOT IT I GOT IT!!!!!!!
FPNn_jetpack_limit 1byte WA.exe+52B996 [zero is infinite]
I suffer insomnia.
thanks pisto, i just worked out how to do this ^^
edit: does everyone in the game need to apply the setting/s? or only the host?
game desyncs... so i guess all players must hack the game the same way?
edit: my bad the infinite rope speed one works fine >: D it forces the game to emulate batty ropes v3.
here yakuza, i exploited a bug in test stuff version 3 xD it caused a funky desync where the mission lost sound played at the end.
Ag3ntSmith
9 Sep 2007, 14:10
pisto you are borned haxor :o
this bloody works!:D
yeah franpa I used to do this ages ago, before all the betas and stuff, messing with the memory that is, most of the time worms recieved crazy health values and died and weird crap.
I'm really curious about the friction thing, I hope one of you can post a replay soon.
I'm really curious about the friction thing, I hope one of you can post a replay soon.
since friction is not an option stored in the replay file, i cant give you a replay. the only way to playback a game with modified friction is tricky: modify a mission file (the parameter is Friction, under Enviroment section), or override it with wkfileoverride. then, if you start the replay while the mission file (.wam) is still modified/overridden to be the same as when you played game, you'll have a correct playback.
yes, it seems that pisto has only found one address that will always work while the others require the hack to be applied all the time and by all players except in replays where only the person viewing it needs to apply the hack.
Pisto, i've tried all the settings you found and the "BYTE" type is correct and so is how i worded the description for the H: code.
ok, i found more addresses. since all of the list items share the same flags, i drop it, and all the info goes to the comment.
current cheat list includes: friction, version, shot_doesnt_end_turn, jetpack_limit, loss_of_control_doesnt_end_turn, wind_limit, fire_pauses_timer
all these cheats work both online and offline. they must be enabled BEFORE the game start, and all player must set and FREEZE the SAME VALUES (except for the version one, read inside the archive).
a tutorial to make this stuff to work inside.
http://forum.team17.co.uk/showpost.php?p=613421&postcount=23
Worminetor
10 Sep 2007, 21:24
I have played with this program but I changed only small things in game, like number of ropes, number of rope shots left and worms health to 9999.
I wanted to find number of bananas droping from banana bomb and rope length codes :) but I didn't figure it out... yet :p. That's fun!
Btw Good job Pisto.
Pisto, i think if under the following circumstances you can force any version you want if your not the host... should i PM this to you or make it public knowledge?
im pretty sure i worked out how i got it to work.
-----
nice instructions there Pisto.
i changed the instruction, so that it's clear the version code works also offline. "you can force any version you want if your not the host": I dont think so for teststuff and speedy version (that's the same reason because of ovg doesnt work anymore); reply me in pm.
wheres the list of versions? OlderVersionGuy doesnt fully display the names of all the batty ropes...
Junit020
13 Sep 2007, 19:01
Hm my cheat engine is 5.1.1 and dont reckegnise wa.ct any ideas?
:cool:
Worminetor
13 Sep 2007, 19:09
Try to update it to 5.3 version...
Junit020
16 Sep 2007, 12:32
yeah thx that worked but (shot doesnt end go) does that mean fire loads of shots in 1 turn if so its not working
set that to 1 or higher and freeze it. it works in every game type but to work it online everyone needs to apply that change.
there's a way to playback replays correctly:
open cheat engine.
go to settings-->configure hotkeys-->set an hotkey for "pause the selected process".
click on the same flashing button as you were selecting the process, but do not select any, just click on the "create process" button and select wa.exe.
set as command line the path and filename of the wagame wrapped in "
push ok and immediatly the hotkey to freeze the game.
set the parameters.
push again the hotkey.
[tested]
new code: rope growth speed :eek::D
you can change it even in-game (beware of desynchs, of course)
tips: this value controls how many pixel the rope grows each frame. so if the logic detects that adding some pixel would run out of the maximum rope lenght, it unarms the rope (taht is, the rope disappears without hanging).
so to have an "instant" rope, just set that value to (MaxRopeLenght-1)*0x10000.
max rope lengths in base of rope power settings are here http://www.nanacide.com/wahelp/info-factoids.php
http://forum.team17.co.uk/showpost.php?p=615947&postcount=26
n1 pisto! You are the best! I Love you!
new corrected map for WA sheep Glitch (Thanx Pisto)
screen also attached
;)
a step, while looking for rope_length code.
the new code, if set to 0 (no need to freeze) while using a scheme that has rope power=5, gives a semi-super rope: it will have a LOW friction (yes, rope too has a friction:eek:), 1/3 compared to normal (if it is the same of wwp, not tested), and a wider angle (162° from straight up).
the lower friction principally means you can reach high speed in little time.
also, new tutorial in archive, clearer and with more info.
http://forum.team17.co.uk/showpost.php?p=605897&postcount=1
ValdikSS
20 Oct 2007, 11:55
And why you patch memory?
004>|.>P>; /IniFileName
004>|.>P>; |Default = 0
004>|.>P>; |Key = "WeaponsDontEndTurn"
004>|.>P>; |Section = "Options"
004>|.>C>; \GetPrivateProfileIntA
004>|.>P>; /IniFileName
004>|.>P>; |Default = 0
004>|.>P>; |Key = "LossOfControlDoesntEndTurn"
004>|.>P>; |Section = "Options"
004>|.>C>; \GetPrivateProfileIntA
......
C:\WINDOWS\wa.INI
add
WeaponsDontEndTurn=1
that doesnt do anything valdikss.
ValdikSS
20 Oct 2007, 14:32
yea sorry, this is only for missions...
Better to patch not in-memory value, but code like this:
004519FA |. C681 47D60000 00 MOV BYTE PTR DS:[ECX+D647],0
changes to
004519FA |. C681 47D60000 01 MOV BYTE PTR DS:[ECX+D647],1
its for WeaponsDontEndTurn
do you want wormkit module?
the memory stuff affects online games too, does this module you propose work onine as well?
ValdikSS
20 Oct 2007, 16:09
i dont know... i'll try...
does any1 know what "TurnEndFinishesGame" means?
set round time to 1 minute and see if it is related to sudden death... or if it ends game after your first turn.
And why you patch memory?
because in this way, everytime you start a new game, the value (if not frozen) is set back to normal value. this reduces desynchs in multiple matches I think, because you can easily forget to revert the value to normal if you decide to use another set of cheats, or even forgot the normal value itself.
I know someone who's already writing a wormkit module, that allows to enable cheats just typing a mnemonic in the chat. far from being stable and complete, but it works atm.
ValdikSS
20 Oct 2007, 17:08
I written my module but it's not in-chat
ValdikSS
20 Oct 2007, 17:09
pisto maybe you will inform me and we will work together)
ICQ 8777465
I written my module but it's not in-chat
i wonder how you can control it! like wkmagic?
ValdikSS
21 Oct 2007, 03:17
no simply it boots via wormkit.
now it's without face, but soon it will be form with controls, maybe ever in-game!
first of all it boots in one thread with worms, and worms cant run (it is for option select) and then when you chose all options thread created but form is visible and you can change values in game (maybe simply hotkeys).
I hope nobody understood me with my english )
latest list: deleted the "fluid rope" cheat. such rope mode can be activated with one of the new code.
added rope shots while swinging, rope mode (this controls shooting angle and super rope mode), rope length percentuage (max rope length as atm 533 pixels, to compare, a rope with power setting=5 is 462 pixels long)
see first post for the list
pisto in your instructions, step 1 - 6, after the 3rd step you should tell people to start the game.
how to make this stuff to work.txt
ValdikSS
22 Oct 2007, 09:34
Pisto
Have you got Delphi? I can give u wk module srcs
ValdikSS
22 Oct 2007, 09:40
Simple plugin
thats incredibly awesome, it works perfectly ;) keep up the good work you two.
Pisto
Have you got Delphi? I can give u wk module srcs
i cant program in delphi, but I can guess the meanings of its statements. if you like, send me it via pm
it doesnt activate loss of control doesnt end turn
ValdikSS
22 Oct 2007, 12:03
> it doesnt activate loss of control doesnt end turn
i know...
> i cant program in delphi, but I can guess the meanings of its statements. if you like, send me it via pm
I think you use debugger to find adresses. PM me adresses, which sets default settings to change
I discovered an easier way to playback replays: click with right button on the replay, select "replay at" (extract video may work too), then set the right cheats in cheatengine, and start the replay.
ValdikSS
26 Oct 2007, 08:15
i think better to recompile wormkit to start replays via wormkit with plugins, and improve wkWac to choose to start replay normally or with cheats
CyberShadow
26 Oct 2007, 10:13
WormKit can already work with replays. Just open .WAgame files with WormKit.exe. You can create an association, but you'll have to protect the registry key from W:A rewriting it.
Also, any DLL files work with WormKit, they don't have to be written in Delphi.
WormKit can already work with replays.when I tried (with my last pc) to replay some wkmagic' replays, it complained something about missing dll in place or administrative rights. It worked only without any command line.
CyberShadow
26 Oct 2007, 15:50
You were using an old version. Re-download it from the site.
Devoluti0n
19 Nov 2007, 16:53
Btw, CS, could you explain me how to do the same kind of dll injection you do in delphi, witouth the madhook dll please ? :)
CyberShadow
19 Nov 2007, 18:11
There are some very nice C/C++ articles on CodeProject. There should be no trouble translating them to Delphi. Alternativey, you may want to find an older free version of madCodeHook (it was free once).
stand-alone version, no need of installing cheatengine!
hot-key ability too.
http://www.wormsmania.net/download/wa-hacks.rar
no offense but the graphic at the bottom of the prgram is very disturbing.
eddy2000
21 Nov 2007, 14:22
stand-alone version, no need of installing cheatengine!
hot-key ability too.
http://www.wormsmania.net/download/wa-hacks.rar
wow...vn program...
good job..... pisto..
no offense but the graphic at the bottom of the prgram is very disturbing.
dont you love Samantha, the transsexual worm?
To be honest, if you wish for this program to become more respectable, you'll probably want to remove the worm with boobs from the bottom, because it tends to give the impression that it's some really dodgy program from some really dodgy illegal site. Well it's the impression I get anyway.
To be honest, if you wish for this program to become more respectable, you'll probably want to remove the worm with boobs from the bottom, because it tends to give the impression that it's some really dodgy program from some really dodgy illegal site. Well it's the impression I get anyway.
and it's even worse: some antivirus recongnize it as a trojan:eek:
yes. graphics is very disturbing and together with trojan it can look very strange
what about possibility to add custom schemes? there are no shoppa for example
About time someone made program for this, cheers.
I was a bit busy in the last month, so the work was stopped for a while.
these new hacks are in embryonic state and not all of them are tested yet. we need a external program to activate them easily. if you've ever played the fiddler, you'll be familiar with them.
you can edit individual worms and teams (few) settings, like artillery mode, vitalness, starting position, number of worms per team (50% working with worms number >8)... I will improve them when I'm back from holidays.
the addresses in the file show an offset, to modify each worms (or teams) setting you have to calculate: item_index*item_length+offset. item length 0xD7B for a team, 0xBB8 for a worm. indexes start from 0.
Pisto- i've been playing with your original wa.ct in cheatengine. That stuff is aewsome to play around with, all of it. I only have problems trying to play online with friends who got it, we match everything, but still auto desynchs. But aside from that, is there anyone who has compiled like all of the bests? Like your current wa.ct [on frontpage] is almost perfect, its missing some stuff on your standalone program has, like the laggy psychelic water [BAD /h2so4 replacement] and knock intensity. I usually use for version 0x4B [teststuff5] and its fine, but since you have ropemode 0, which is really the 1/3 roping that I think teststuff5 uses, could someone break up teststuff5? Like enable battyrope like everything else? Attack in air, etc.? It'd be awesome, and always appreciated. Nice work man.
Can someone provide me with the memory address that specifies what version the game should emulate? For W:A 3.7.0.0
Or how about v3.7.2.0 Steam? Specifically I want to emulate "3.5 Beta 2-3pre1" which isn't supported by Rubberworm :/
I guess you can find it yourself as I did it at the time: Cheat Engine.
vBulletin® v3.8.6, Copyright ©2000-2013, Jelsoft Enterprises Ltd.