💾 Archived View for gemini.spam.works › mirrors › textfiles › programming › hexearl.txt captured on 2020-10-31 at 14:42:24.

View Raw

More Information

-=-=-=-=-=-=-







     Welcome to the Adventures of Earl!
     ~~~~~~~ ~~ ~~~ ~~~~~~~~~~ ~~ ~~~~~

     By Mike Graham

     April 20th, 1991. 7:26


       What can you do with patch editors?  Lots of things.    There  are many
     uses of patch  editors  ranging  from  harmless to downright illegal.  It
     would,  for  example, be illegal for you  to  patch  command.com  to  say
     "HerbSoft HS-DOS  ver  7.3",  and  hand  it  out to friends, because that
     infringes on MicroSoft's  copyright,  and although they sometimes seem to
     deserve it, it's  still  not  something  you should do.  However, another
     (often useful) thing to do, is  to  patch command.com to change the error
     messages  from,  say, "File not found" to  "File  not  here!",  or  "IT'S
     GONE!!!!!!!" (MicroSoft isn't exactly  renowned  for  user-friendly error
     messages).  Anything that you patch should NOT be distributed without the
     consent  of  the  writer of the software.  I.e. if you were to pop up the
     HexEdit  executable  in  HexEdit  and  change  my  name  to your name and
     distribute it in the hopes of getting some money from people registering,
     then I would hunt you down and flay the skin from your body with a potato
     peeler.  But I digress.    A  patch  editor  is like a knife; some things
     can't be done without it,  but  it's  easy  to  cut yourself with one.  I
     provide this software as a TOOL.  If  you  misuse  that  tool, I won't be
     held responsible.  But, on a lighter side...

       This document chronicles SuperHacker Earl's mangling  of  the fictional
     "Optima V" game.    It  is  meant  to  illustrate  one way to use HexEdit
     effectively.

       Earl  has a problem.  Earl has been playing Optima V for almost a  year
     now, and he just can't seem to get past one really  viscous  part  of the
     game.  Perhaps if he had a few thousand extra hit points?

       Now, Earl knows that the  character information regarding how many hit-
     points etc. he has in the game,  must  be  stored  in  a  file somewhere.
     Doing a directory of  \OPTIMA,  he  doesn't  see anything promising (like
     SAVEGAME.DAT or  SAVE.GAM  etc.)  so  he has to dig a bit deeper...  Earl
     starts up the game, and saves his current  progress.    Dropping  back to
     DOS, Earl does a directory looking for a  file  that  has  a modification
     date  of  just  a few minutes ago... No dice.  Sometimes game programmers
     adjust  the  date  retroactively after updating the files.  Hmmm.... Time
     for serious action.  Using the  ATTRIB  utility that comes with DOS, Earl
     turns off the ARCHIVE attribute of  all  the files in the game directory,
     using the command "attrib  -a  c:\optima\*.*".    This completed, he runs
     Optima again, saves again, and checks  the  attribute bytes of all of the
     Optima files with the command "attrib c:\optima\*.*".  This lists  all of
     the  files,  with  attributes.  Looking  earnestly  for  an  "A"  in  the
     attribute column, Earl finally spots his prey... OPT016.DAT  is  the save
     file.  Figures it would be something with a  meaningless file name.

       Now that he has identified the save file, Earl pops  it  up in HexEdit:
     every superhacker's favorite patch editor.












       Earl  has written down all of the stats from his Optima campaign, so he
     is armed and  dangerous...    Earl  knows  that there are several ways to
     store numeric  information  in  a  file,  including  by value and by text
     representation.  Nine times out of ten, a number is stored by value.  Any
     number that can't  be  larger  than  256 (such as a character's strength,
     intelligence,  etc) will likely be stored in a  single  BYTE,  whereas  a
     number  that  has  to escalate to the thousands (such as  money  and  hit
     points) has to be stored in a WORD, which is  two  bytes linked together.
     Now,  according to Earl's records, the current hit  point  value  of  his
     character is 1523.    Popping  up  the base-conversion box in HexEdit, he
     finds that  1523  is  the  same as $05F3 in hexadecimal.  One other thing
     that superhacker  Earl  knows  is  that  WORD  values are stored in files
     BACKWARDS.  That's right, his hit points will show up as "F3 05", not "05
     F3".  So, it's a quick F9 to get to hex  mode,  a  lightning  fast  F3 to
     search,  and  Earl pounds in "F3 05" to search.  The  search  reveals  12
     finds.  Oh joy.  Who wants to track down all 12 locations?   Hmmm...   It
     stands to reason  that all of the stats for the character would be in the
     same area of the file, so maybe we can find some  of  the  other stats...
     What was that value for "Magic Points" again?    1973...    That's $07B5,
     which means we should look for "B5 07".    Earl  tries  a search for that
     series.  Two matches!  Wonderful.    Scanning the screen with a practiced
     eye, Earl doesn't see "F3 05" anywhere around the first find location, so
     he jumps to the next find location,  with  a  mighty  ALT-N,  and  lo and
     behold, there is an "F3 05"  right  nearby.   Well, Earl isn't doing this
     for the sheer thrill, so he quickly decided how many hit points he'd like
     "How  about 5000?"  That's $1388 in hex, so he replaces "F3 05" with  "88
     13"  (backwards,  remember?).   Anyway, Earl exits HexEdit (and saves the
     UNDO log in case (though highly unlikely) he's wrong.

       Popping up Optima V finds a super-powerful character, and a happy Earl.
     Now if he could just find where the "gold pieces" value is stored...

       Once you have deciphered a game's save file, it's easy to write a small
     program  that will allow you to edit your characters and modify info in a
     much more user-friendly way.






















                                       - 2 -








     Contacting the Author
     ~~~~~~~~~~ ~~~ ~~~~~~
     I can be reached by mail at the following address:

          Michael A. Graham
          Box 60036
          U of A Postal Outlet
          Edmonton, AB
          Canada, T6G 2S4

     Or I can be contacted on InterNet as
     "michael_graham@mts.ucs.ualberta.ca".
     (if that doesn't work, substitute "MGRM" for michael_graham.

     I can be  contacted  on  the  McNamara Software BBS in Edmonton, Alberta,
     (403)433-8375, as "Mike Graham" and am also available under the same name
     at The Keep BBS, also in Edmonton, (403)437-1428.  The latest  version of
     HexEdit  and all of my other PD and  Freeware  programming  efforts  will
     always  be available on these two BBS's.  Feel free to contact me if  you
     have suggestions for improvements, or (perish the thought!) a bug report.





































                                       - 3 -