Topic: Hex Editing of Starfleet executables  (Read 210809 times)

0 Members and 1 Guest are viewing this topic.

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #100 on: January 04, 2015, 04:32:41 pm »
Except those numbers only have allowances for a shift of 3 when 4 is the total shift OP can have (19pts of ECM). Any shift at a range of 23-40 should automatically miss anyway. It may just be that you must complete a random number generator (for the computer) even if you won't be accessing all the data points in the spread.

A Hellbore can hit against a +2 shift at range 40. It isn't an automatic miss.

Offline Corbomite

  • Commander
  • *
  • Posts: 2939
Re: Hex Editing of Starfleet executables
« Reply #101 on: January 04, 2015, 04:41:15 pm »
Except those numbers only have allowances for a shift of 3 when 4 is the total shift OP can have (19pts of ECM). Any shift at a range of 23-40 should automatically miss anyway. It may just be that you must complete a random number generator (for the computer) even if you won't be accessing all the data points in the spread.

A Hellbore can hit against a +2 shift at range 40. It isn't an automatic miss.

How exactly, when a shift against a To Hit/Damage weapon shifts brackets to the right when adjusting for ECM (at least in SFB)? Jamming past 23-40 should trick the scanners into thinking the target is too far away to hit. If the game does it differently then there is no reason to assume any SFB rules are really enforced.

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #102 on: January 04, 2015, 05:00:21 pm »
Hellbores tested in game. I hit with 10 out of 104 shots against a +2 shift at range 38. That's about 9.6%.

I don't remember any rule to "shift to the right" in SFB. If a Hellbore needed a 5 to hit, you needed to roll a total of 2, 3, or 4 on your 2d6 against a +1 shift.

I never shifted to the right for Disruptors. What's the point of attaining an EW shift if a Range 5-8 Disruptor gets shifted to 9-15? There is no penalty in that case. They both hit at 67%.


Offline Corbomite

  • Commander
  • *
  • Posts: 2939
Re: Hex Editing of Starfleet executables
« Reply #103 on: January 04, 2015, 05:18:27 pm »
Your right, but it is effectively the same thing. Shooting at range 0-1 with a 2 shift is essentially the same as firing at range 3-4. I forgot about the last bracket since no one but the AI fires that far away anyway. Those numbers would indicate a tollerance up to a 3 shift, which could still be achieved on a roll of 2 at range 23-40, but a 4 shift should be an automatic miss.

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #104 on: January 04, 2015, 06:40:38 pm »
Your right, but it is effectively the same thing. Shooting at range 0-1 with a 2 shift is essentially the same as firing at range 3-4. I forgot about the last bracket since no one but the AI fires that far away anyway. Those numbers would indicate a tollerance up to a 3 shift, which could still be achieved on a roll of 2 at range 23-40, but a 4 shift should be an automatic miss.
Think about Range-13 Proximity Photons...

If a +1 shift is supposed to put them off the chart, they become useless for players, not just the AI. I have intentionally fired Range-13+ Proximities into a +1 shift on occasion. I don't think they should automatically miss.

A more serious issue with SFC is that overloaded weapons will always miss if the effective range is greater than 8.99. I hope I can adjust that feature someday. Damage for direct-fire weapons could use true range. In the meantime, the z-key ought to do nothing if your maximum damage is zero, for, let's say, an OL Photon fired at a cloaked target at a range of 2.2.

2.2 * 2 + 5 = 9.4

At 9.4, the OL Photon chart is fully loaded with zeroes. There aren't any 16's in there.

Edit: I placed 7's in the first three rows of the Overloaded Photon chart for Range 9-12. Naturally, I could not fire them at range 9-12 in ordinary combat. All seems well. However, when my effective range was 9-12, those 7's were used. So my attacks on a cloaked vessel at range 2.2 were 50% accurate and did 7 damage. (My choice of 7 was arbitrary for testing purposes.)

This probably applies if your scanners are sufficiently damaged. I need to make scanner damage visible to the player as an on-screen number. So if your scanners show "0" (in green), everything's okay. If they show "1" (in red), you need to get to range 14.9 instead of 15.9 for the Disruptor's sweet bracket. If they show "3", you'd need to get to range 12.9.
« Last Edit: January 04, 2015, 09:15:51 pm by TarMinyatur »

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #105 on: January 04, 2015, 09:11:25 pm »
Yes. You do so by changing the default OL bracket. Let's look at Photon torpedoes.

Normally they are like this:

Bracket | On-screen range
1st = 0 - 1.99
2nd = 2 - 2.99
3rd = 3 - 4.99
4th = 5 - 8.99
5th = 9 - 12.99
6th = 13 - 30.99
7th = 31 - 55.99

The 4th bracket defines the maximum Overload range.

Let's say I want to reduce  the Overload range to 6.99. I can do that by changing the 4th bracket from 90.0f to 70.0f. (70.0f results in 6.99.)

Be sure that each bracket has a higher limit than the preceding one. I don't know what would occur if you gave the 4th bracket a limit of 27.99, while the 5th had a limit of 12.99.


Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #106 on: January 04, 2015, 10:26:29 pm »
Locating the mysterious range limit on Fusion Beams is my current task. Phaser-3's may have one too.

I found the holding costs for Hellbores. They are a different data type. They are double-precision floating point integers, also known as "doubles". 8-bytes, unlike 4-bytes for a float. The programmers may have used doubles when Orion Pirates was written. If your search for floats comes up dry, try searching for doubles.

4012000000000000 represents 4.5 very precisely. The holding cost for OL Hellbores is stored this way: 00 00 00 00 00 00 00 12 40

I've looked for the 8-byte representation of 250, and found one, but it had no effect on Fusion Beams. I've looked for the 4-byte integer representation of 250 (FA 00 00 00). Found a few, but none unlocked the limit.

The search goes on...

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #107 on: January 05, 2015, 04:50:59 pm »
You can arm a normal Photon in 0.5 turns if you change its total energy from 4.0f to 2.0f. But this might also change the charge cost of an OL Photon from 4.0f to 2.0f, if it is a shared constant.

I'll look into OP's code...

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #108 on: January 05, 2015, 06:32:54 pm »
Adam, it looks like I'll be abandoning further work on Community Edition. There are too many linked variables -- I guess the compiler optimization scheme is to blame. [Edit: I have learned how to break these links, so I can continue my work on CE.] The OP executable, so far, doesn't have them, which is proper and logical.

Working on OP right now...

I modified the total energy of an OL Plasma-S and it did not change the total energy of an OL PPD! I was also able to modify the total energy of an OL Plasma-G. It did not affect five other unrelated systems, as it would in Community Edition.

If I start to find linked variables in OP, then I'll make a decision as to where to focus my efforts. I really want CE to be given a chance. I think it is the best software for multiplayer in the series, although it has been largely ignored. OP is clearly the best software for singleplayer mode -- the mods are endless.
« Last Edit: January 08, 2015, 07:38:59 pm by TarMinyatur »

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #109 on: January 06, 2015, 12:04:32 am »
I must be seeing something it messed something up bc I couldn't understand why the 8.0 was there. Only 8.0 for overloaded heavy photons not standard. Please take a peak. It's in the 0001e something section before the Plasmas

The relevant 8.0f floats begin in E04B2.
Code: [Select]
StarfleetOP.exe offsets

E04B2: Heavy Photon total energy // 8.0f (includes Proximity mode)
E04BC: 4.0f ? Not Phaser-A/B.
E0487: OL Heavy Photon total energy // 16.0f
E0491: 8.0f ?
E04B2: 8.0f ?
---
E0E55: OL Hellbore total energy // 9.0f
E0E75: Hellbore total energy // 5.0f
---
E4CB8: 4.0f ? Not Phaser-B.
---
E6B44: OL Photon total energy // 8.0f
E6B4E: 4.0f ? Not Phaser-B.
E6B6F: Photon total energy // 4.0f (includes Proximity mode)
---
E737E: 9.0f ?
---
E8AF7: Plasma-R total energy // 9.0f
E8B17: OL Plasma-R total energy // 14.0f
E8B3A: Plasma-S total energy // 8.0f
E8B5A: OL Plasma-S total energy // 12.0f
E8B61: 4.0f ? Not Phaser-B.
E8B7D: Plasma-G total energy // 7.0f
E8B9D: OL Plasma-G total energy // 10.0f
E8BC7: Plasma-F total energy // 5.0f
---
EAB69: 4.0f ? Not Phaser-B.
EAB97: OL PPD total energy // 12.0f
EABC6: PPD total energy // 8.0f
EABD0: 4.0f ? Not Phaser-B
---
EB3A6: 4.0f ? // Not Phaser-A or Phaser-B.
---
395BF4: 4.0f ?
---
396EB4: 4.0f ?
---
39BC28: 6.0f
39BC30: 5.5f
39BC34: 4.5f
39BC38: 4.0f
39BC3A: 6.6f
---
39EA40: Suicide OL Fusion charge rate // 7.0f
---
3A08D0: 64.0f
3A08D4: 10.0f
3A08D8: 320.0f
3A08DC: 4.0f
---
3A0A6C: 4.0f

Obviously I'm searching for Phaser-B, with no success yet.

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #110 on: January 06, 2015, 11:23:41 am »
Let's say you earn $2 an hour scraping space-barnacles from the hulls of Orion pirate ships...

You want to buy a standard Photon Torpedo. They cost $4 at Tar Industries, Inc. How many hours do you need to work to be able to purchase one torpedo?

Two, of course. (You don't pay Federation taxes and you certainly don't contribute to a retirement fund.)

But scraping space-barnacles isn't much fun, so you think, "How can I get a torpedo for less of my labor?" Since Captain Morgan isn't giving any raises this year to his crew, you'll have to find a Photon Torpedo that's selling at a discount. Fortunately for you, Corbomite's Salvage Co. has them for just $2 each.

So, Adam, that's what you've done. You've hex-edited the cost of a Photon to be on sale at half price. That is why you can get them (i.e. arm them) in half the time.

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #111 on: January 06, 2015, 02:15:54 pm »
I won't find a number, such as "3", anywhere in the code that determines how many turns Plasma Torps take to complete.

The programmers used two ideas: total energy and continuous charge rate. You can change one or both.

If you want to charge a Plasma-R quickly, you can increase the charge rate:

                     Turn Progress
-----0-----0.5-----1-----1.5-----2-----2.5-----3-----
     0     1.5     3     4.5     6     7.5     9      // accumulated energy, default charge rate of 3/turn
     0      3      6       9     (holding...)          // accumulated energy, modified charge rate of 6/turn

When it gets to 9 total energy, it's ready to launch!

Or you can reduce the total energy required. The Plas-R would be armed in 1.5 turns if its total energy were set to 4.5, while using the default charge rate (3.0/turn).

If you also double the charge rate (6.0/turn), that half-energy Plas-R can be completed in 3/4 turn.

Note that none of this affects the damage dealt by the torpedo. That data has not been located.

Offline Corbomite

  • Commander
  • *
  • Posts: 2939
Re: Hex Editing of Starfleet executables
« Reply #112 on: January 06, 2015, 04:51:17 pm »
Corbomite's Salvage Co.

Don't trust this guy. His torpedoes have been known tho explode inside the tube.

Offline JanB

  • Lt. Junior Grade
  • *
  • Posts: 103
Re: Hex Editing of Starfleet executables
« Reply #113 on: January 07, 2015, 06:38:33 am »
I found where the race images for ships (the image you see when you lock onto a ship and click on the transporter menu) are handled in the SFC3 sprites.q3 file. I can move them around for all races except those that have the blank (black) image, namely "Species8472" and "Neutral". I think this blank image is the "default" case in a switch statement or the "else" in an if statement. It's not really an image either, more like a lack of one.

The image below displays the relevant section in sprites.q3. The parts indicated in red tell you what image is shown for what race: 2A 0E points to the Federation logo, if you replace this with 2B 0E Federation ships will use the Klingon logo, this goes on until 31 0E, which is the Rakellian logo iirc. Some time after 31 0E comes 29 0E (there's a 01 in between which might indicate it's a "default" or "else"). You can switch these around no problem, if you replace 29 0E with 2A 0E then Species 8472 and Neutral ships use the Federation logo. The part indicated in yellow is an example of what these codes point towards. There seems to be nothing for 29 0E which is why you get a blank image in game. there is one for 32 0E but it seems to be an invalid code for the logos because when you point 2A 0E or 29 0E to it, the game crashes as soon as you look at the respective logos.

I have two questions:

1) can any of you make heads or tails of the codes these logos point to (like the one indicated in yellow), are they (encoded) addresses inside the sprites.q3 file, if we can figure out wht they mean we may be able to divert the logos to bitmaps in the texture folder (just like some of the buttons)?

2) can any fo you send me the sprites.q3 file of another SFC game so I can see how to expand the number of logo entries or the number of codes, i know the other games ave a different number of logos (more or fewer races)?

P.S. I've also found somewhat similar structures for the race logos used in the vessel library and the images (a Borg Drone, Starfleet, Klingon and Romulan officers) used in the campaign slection menu. I can switch all of those around but not much else yet.

Update: I think I found how to increase the number of entries: changing the 08 00 09 part before 2A 0E into 09 00 0A should result in having one more entry, and the 01 in front of 29 0E does indeed seem to indicate the "else"/"default" value (at least the same pattern appears in many similar structure throughout the sprites.q3 file). The problem is the sprites.q3 file uses a checksum and it's very hard for me to find places where I can delete null characters without anything getting screwed up (in the .exe that's a lot easier for some reason).

Update 2: Does anyone know where the checksum is stored in the sprite.q3 file or which algorithm it uses (I want to try and edit the checksum manually so I won't have to worry about file length anymore)?
« Last Edit: January 07, 2015, 08:16:20 am by JanB »

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #114 on: January 07, 2015, 05:56:25 pm »
Jan, I don't know much about logos or CRC checks. I do know that Starfleet2CE.exe can use the sprites.q3 from Orion Pirates. I guess the .exe doesn't verify by file-length or content. The .exe sends a request to whichever sprites.q3 is found in the ../assets/sprites folder. If the sprites engine understands this request, it responds with bitmaps and strings. Those incoming strings and bitmaps, if they make sense, are used by the .exe (or some external asset) for the game's UI, or perhaps they are sent back to the sprites engine to build the UI.

In short, communication occurs between the main StarfleetX.exe and the sprites.q3. Neither element seems to care about the other's identity. (Or maybe Starfleet2.exe and StarfleetOP.exe have identical ID's from the perspective of the sprites.q3.

Much to be learned here.

Have you read the long thread on Q3 documentation, Jan? You may find some useful information there.

http://www.dynaverse.net/forum/index.php/topic,163347881.0.html

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #115 on: January 07, 2015, 06:55:27 pm »
well I figured it out, its the Mauler. 0-6 7-11 12-20, damage is 2x, 1x 0.5x

003A7CA0/08 thru 003A7D20/0B

Found them at 3A7D14 through 3A7D28. Six consecutive floats.

60.0f, 120.0f, 210.0f, 2.0f, 1.0f, 0.5f

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #116 on: January 07, 2015, 08:43:19 pm »
Rolling a 5 (or less) on a 1d6 (5/6) for Photons should be identical to rolling a 9 (or less) on 2d6 (30/36) for Hellbores..

5/6 = 30/36

You are right. They should use the same number.

The programmers probably used "modulo" 6 to simulate the 1d6 disribution of Disruptors and Photons.

Modulo 6 will produce 0, 1, 2, 3, 4, or 5. The first row of the weapon hit charts may be assigned to 0, the second row to 1, the third to 2, etc.

It's possible that there is no 1.00, 0.833, 0.667, 0.5, 0.333, 0.167 series in the code.

Offline JanB

  • Lt. Junior Grade
  • *
  • Posts: 103
Re: Hex Editing of Starfleet executables
« Reply #117 on: January 08, 2015, 05:29:39 am »
Jan, I don't know much about logos or CRC checks. I do know that Starfleet2CE.exe can use the sprites.q3 from Orion Pirates. I guess the .exe doesn't verify by file-length or content. The .exe sends a request to whichever sprites.q3 is found in the ../assets/sprites folder. If the sprites engine understands this request, it responds with bitmaps and strings. Those incoming strings and bitmaps, if they make sense, are used by the .exe (or some external asset) for the game's UI, or perhaps they are sent back to the sprites engine to build the UI.

In short, communication occurs between the main StarfleetX.exe and the sprites.q3. Neither element seems to care about the other's identity. (Or maybe Starfleet2.exe and StarfleetOP.exe have identical ID's from the perspective of the sprites.q3.

Much to be learned here.

Have you read the long thread on Q3 documentation, Jan? You may find some useful information there.

http://www.dynaverse.net/forum/index.php/topic,163347881.0.html


In retrospect both the .exe and .q3 files probably don't use checksums, it's just that when you change the lenght of a section everything that comes after it becomes offset, the .exe simply has a lot more redundant null characters in its sections, making editing easier.  I've read the long thread you linked to and it seems someone called "marstone" has written a program that can decrypt images in the .q3 file to bitmaps and recrypt bitmaps to fit in the .q3 file, and he possible knows how to make everything work with sections of a different size. He hasn't posted on Dynaverse since 2013, but I'll try to contact him. If he has the goods my goal of changing/adding ship race icons would be simple enough.
« Last Edit: January 08, 2015, 05:42:44 am by JanB »

Offline JanB

  • Lt. Junior Grade
  • *
  • Posts: 103
Re: Hex Editing of Starfleet executables
« Reply #118 on: January 08, 2015, 01:29:05 pm »
So my theory that there isn't a checksum is correct: I can paste additional content at the end of the sprites.q3 file without anything breaking. I've isolated some of the images, pasted a disfigured copy of one (the asteroids on the skirmish mission selection screen) at the end of the sprites.q3 file and changed the location link of asteroids_bmp to it, et voila, disfigured asteroid logos on the skirmish mission selection screen. I'll keep you guys updated...

Update:. Tar, I pulled the Gorn logo from the SFC2 CE sprite file you gave me and pasted it to the end of the SFC3 file, attachment shows how it looks in game. It's distorted but somewhat recognizable. I think the distortion comes from differences between the engines of the two games. In any case the distortion doesn't really matter since I'm not planning on using SFC2 images but I now have a way to add an unlimited number of images to the sprites.q3 file to replace stock images. Now it really is only a matter of figuring out how the bitmap compression of the .q3 system works, so we can make our own images, I've asked marstone about it but if he doesn't answer I can try to figure out some things myself.
« Last Edit: January 08, 2015, 03:23:54 pm by JanB »

Offline TarMinyatur

  • Lt.
  • *
  • Posts: 938
  • Gender: Male
Re: Hex Editing of Starfleet executables
« Reply #119 on: January 08, 2015, 03:04:49 pm »
Then I found this

40 C0 00 00   6
41 30 00 00   11
41 A8 00 00   21
40 00 00 00   2
3F 80 00 00   1
3F 00 00 00   0.5

IDK, the first one was 60/120/210 2/1/0.5 now this, what could it be


I found that too, Adam. It is similar to the Mauler specs. I tested various values, but didn't notice anything.