Executable patch system

[jlangsdo]

A long time ago, a brilliant modder named Bridger figured out how to mod the executable to change ship cargo capacity, and posted the hex file locations. Posting a modded executable is not really an option, and we use different executables anyway (the locations he posted weren’t right in my file).

So I came up with this script:
smp_patch.pl

which takes a patch file and patches the executable. The patch file specifies (in text) a chunk of the executable and what that chunk should be replaced with; if the chunk appears exactly once it swaps the bytes. I figure that any version of pirates would keep ship information in the same format. The script keeps a backup of the original file version so you can always go back by using the -clear switch.

I would appreciate it if some intrepid soul on a non-Mac machine would test this out, make sure it isn’t going to break SMP on your machine.

Here's an example patch that changes sloop cargo capacity to 41 tons for testing: sloop41.patch


Testing instructions:

- Find your executable, back it up yourself.
- Run the script; you will have to install perl first if you haven’t already
perl smp_patch.pl –SMP <executable> -patch sloop41.patch
- Verify that the script makes a .orig file which matches your copy.
- Run SMP and check that the sloop cargo capacity is 41 tons.
- Remove the patch
perl smp_patch.pl –SMP <executable> -clear
- Verify that the executable now matches your original copy
- Rerun SMP and check that the sloop cargo capacity is back down to 40 tons

If you would send me the path to the executable, I’ll put that in as a default so you won’t need to use the –SMP switch in the future. (The Mac default is already in there.)

Also, I switched to a different file sharing site, so let me know if these links don’t work.

[dogcigar]

Hi jlangsdo.

I knew absolutely nothing about assembly code but for the last week have been using the Cheat Engine Port to the mac to play with things. Learnt quite a lot actually in a week and can kind of read basic code

I have got the game to do a few things differently like making the hat immediately upgrade to the ostrich feather when you get it so that it actually has some use (you get enough free Baron info so why do you need to talk to attractive daughters?) I also make the fighting items reset to to the first item if you get marooned and you have 2 of them. Kind of like insurance against getting marooned because you have a stash of your unused items (I don`t like to use save games too often if I`ve miscalculated my battle). I`d also like to find some use for the Indian and Missionary items like an Indian boost to your land force in battles(maybe) and negating any effects of a succesful amnesty if you don`t have a relic (doable).

Anyway I might use your perl thing to see if I can make a change permanent as I have to write it in each time. Anymore detail on how to use perl (like an idiots guide) would be good. Maybe the Cheat Engine auto assembler can do it but I don`t really understand how it works. Also if you want any of the addresses for pointers I think I know a few if you don`t know them already. Lots of them are just offset from the ones in the PC version (I got the places from the PHtrainer readme)

[jlangsdo]

Wow!

What is the Cheat Engine Port? Where do I get it?

The only parts I have figured out are the ship patch that I posted, and a similar one with some details of cities (which era they show up in, default size).

perl is a general purpose programming language.... lots of web pages and books are out there. I use it for my SMP programs because its what I use at work. Because it isn't compiled, the same perl program can run on both Mac and PC.

If you know the offset to change, and have a hex editor that you can copy and paste from, making a new patch file for smp_patch.pl should be pretty easy. Look in sloop41.patch, it's made to be human readable. You just copy a chunk of hex data and paste it in there twice (once for the Before, once for the After with your edit). The idea to smp_patch.pl is that you shouldn't have to read any perl to make or use patches.

[dogcigar]

Actually just found out I can`t make JUST the hat upgrade but I`m tentatively sure I can make ALL the items upgrade when you get them and not have any other negative effects. I`m kind of doing trial and error and seeing what crashes the game if I try to change the code. I must just be doing manually what a trainer maybe does I really don`t know.

The Cheat Engine is a windows program and the unofficial mac port lets you scan for values like The Cheat and iHax for the mac but it also has debugging tools that let you then see what is written to certain addresses and also what they write to. Google "cheat engine mac april 2012", or I think this is it http://cheatengine.org/temp/CEMacApril2012.zip you can also change the game code using the Assemble function. For example I found where the game writes an increment for an item upgrade and I changed it to write 00000002.

Sometimes if I change stuff it crashes but sometimes I get lucky It`s all real gibberish to me this code stuff signed/unsigned values 16/32 bit registers etc. Sounds like you know what your doing so maybe you could work out the auto assemble on the thing. I have to write it in each time I load the program or restart SMP.

Anyway it`s quite a useful program and you can easily browse memory regions. At the moment I`m looking to see if there is some Pirate Favor register hidden in the game somewhere as I`m confused how the captain`s log sometimes shows positive pirate favor like "Pirates very happy" or something like that. I`m sure Firaxis probably removed most of this stuff though. But Indians and Pirates are sometimes angry at you so something in the game must be telling them to do that.

Oh and if you do use the program use the more info button after you use the debugger it`ll tell you what the addresses are for all that EAX, ECX stuff

[dogcigar]

Just Found it. Wasn`t hidden at all. Right next to the values for nations favour are two values. One I tested and appears to be Pirate Favour. It goes down by 1 when you take a pirate ship and by 3 when you take a named pirate ship. If you attack a governor it goes up by one. The value next to it I assume is Indian Favour as it goes down if you attack them. I wonder what makes em happy. Probably attacking a load of immigrants.

In my savegames the values always seem to be negative which is probably why they were taken out of the game as the balance is probably hard to maintain in a playable way. Two other figures seem to be vaguely total good deeds (like escorting governors) and general killing and mayhem you perform. Similarly the balance seems to be way out.

[Roland]

According to Sashanan's FAQ (section 8.5), neither Jesuit relations nor Indian relations were implemented in the final version of the game. But someone demonstrated a while back (within the last two years IIRC) that Jesuit relations actually were implemented - at least to the extent that Jesuits are favorably impressed by your possession of the Golden Cross and the Sacred Relic. So I think the implementations of Pirate relations and Indian relations should be regarded as open questions pending further research.

[jlangsdo]

dogcigar - what I would really like to see is a patch to increase the amount of sugar and spice for sale at low prices in Indian villages, and perhaps increasing the price they pay for goods.

That would make trading back and forth between Indians and Europeans a profitable venture.

[dogcigar]

Good idea.

Well I`m pretty much hooked on this modding thing for the moment and think I might be running this program over SMP for the next month so I will see what codes turn up. It might be fruitless but it`s kind of fun. Like a dectective.

Finding the codes that write to those memory places may be easy. But it`s probably some randomly generated thing from a register which is hard to alter I think. I just change one line with simple adds or subtracts. More complicated calculations would require code injection I think, but they must have left at least a couple of holes in the game. Sid`s game are so idiosyncratic just little changes can affect gameplay very well if they strike a good balance. (or badly and throw everything out of kilter) I have a feeling that`s why they minimized the Indian and Missionary roles as they probably just held up the game as you want to get to Monty early.

I`d like to bring some use to the more useless items. Cheap goods is a good idea I think. Link it to the shrunken head and you get convenient side trips on your voyages. Makes trekking over to Mexico a lot more interesting.

I played the start of a game with my double item thing today and it was a bit silly. Ended up with heaps of goods from the mysterious traveller. I couldn`t help it as they were such good value. I changed it a bit though so the daughter still only gives one item and if you give her a necklace it resets to zero

[dogcigar]

I found the code for Indian settlements and just changed a SUB to an ADD and they were selling 180'000 units of food for 0 dollars. Tested it against other savegames and it`s the same location. Indian villages seem to not record their stock but generate a value each time you go in

[jlangsdo]

I haven't been able to get the Cheat Engine to work. Perhaps it is which OS X version I have....

Can you point me to the code offset that has the Indian spice on hand? I can hack at it one byte at a time; if I could get it to work I think it will be a nice touch for the East Indies mod I'm working on. Buying spices from the natives was the whole idea.

[dogcigar]

Ok... I`ve been playing with the code for village food a little and on my SMP (I`m not really sure what version I have) at the address 00036F64 it should display 05. Anything else and somehow our offsets are different. If you change this byte you can get the chief to have up to about 120 units of food. There`s a bit of randomness. If you go over 120 (binary) 78 hex you start getting weird negative values.

Now this is a LEA command which when I looked up, it is loading an address and not a number. seems to work anyway. The place where a value is written to the temporary shop figures is 00036F68 which is 89 15 FOA56300 (mov [00063A5FO],edx). If you look around this 00063A5FO you should see the temporary shop figures that change as you enter each city

Also my ship starting spawning in weird places like lakes behind the chief`s village when I went over 120.

[dogcigar]

Oh..tell me if it works and I`ll get the SPICE address for ya

[jlangsdo]

Nuts. Doesn't match. 00036F64 is a '24'.

From 00036F00 to 00036FFF I have this:

[dogcigar]

Oh just looking through that hex. It hurts your head. The search feature on the MAC Cheat Engine doesnt work. Lots of stuff doesn`t. But I`ll have a look tonight. It`s doable anyway. Last night I found another more subtle way to change stuff and could get them selling more spice sugar or food

this is the hex from 36F50. Sorry to send it in plain text but I`m not sure how to get a shot of it and I`m in a hurry now.
89 C1 F7 EA C1 F9 1F C1 FA 03 29 CA 83 FA 01 74
4E 7F 2F 85 D2 74 37 8B 55 D4 A1 5C C2 64 00 C7
44 24 04 94 7C 34 00 89 54 24 08 89 04 24 E8 3D
70 1A 00 8B 1D B0 C1 64 00 8B 43 40 85 C0 74 7F
EB 53 83 FA 02 74 29 83 FA 03 75 CB EB 33 8B 75
D4 C7 44 24 04 B8 7B 34 00 89 74 24 08 EB 31 8B
45 D4 C7 44 24 04 F0 7B 34 00 89 44 24 08 EB 20
8B 55 D4 C7 44 24 04 2C 7C 34 00 89 54 24 08 EB
0F 8B 75 D4 C7 44 24 04 5C 7C 34 00 89 74 24 08
89 1C 24 EB 99 8B 53 44 89 C6 0F BF 4B 04 89 D0
C1 FA 1F F7 FE 85 C0 8D 50 03 0F 48 C2 C1 F8 02
01 C1 89 C8 C1 E8 1F 01 C8 D1 F8 66 89 43 04 B8
08 00 00 00 48 75 FD 8B 1D 5C C2 64 00 A1 EC C2
64 00 C7 44 24 04 D4 7C 34 00 89 1C 24 89 44 24
08 E8 8A 6F 1A 00 A1 04 C3 64 00 8B 55 D0 8B 00
89 54 24 10 C7 44 24 04 08 7D 34 00 89 1C 24 89

Good luck trudging through all that

[dogcigar]

Sorry I just pasted your exact data back. I really was in a hurry. I think the copy and paste on my dissasembler doesnt function but I`ll find a way to send you the hex.