LF2 consists of "objects". There is a maximum of 400 objects, numbered 0-399. LF2 loops through all the objects and does all the needed operations on them(physics calculations etc).Getting to access an object you first have to get it's base address. That looks something like this:
Now I'll explain what everything is.
eax: that is where the address will be stored. Basic mov operation (mov destination,source).
esi: Lets call it the "base pointer"(incorrect term but w/e), it is always 458B00h.
edi: That is the number of the object. Like I mentioned previously, lf2 loops through the objects, so making this a register means the same line can be used to access any object.
So that line can be expressed as:
*The registers used are just examples, they can be, and will be different in different situations.
Advanced (useless to most of you):
It is possible to check if an object exists or not.
If it is zero, then the object doesn't exist, if it is 1, it does exist.
After you have access to the "Object", you can access the objects properties. That works something like:
mov dword ptr ds:[eax+70h],0
That sets the objects frame number to 0. A large list of offsets exists here: http://lf-empire.de/forum/thread-2756-po...#pid152651
As of now, you have access to everything on the first page. To get access to the second page/"ID Properties" you have to get the next pointer. Assuming eax holds your object pointer:
Basically, the first line loads the pointer for the id properties. Then after you have the pointer stored in eax, you can access all the information on the 2nd page (only useful stuff is ID and Type).
Now all that left is the frame stuff:
Hopefully that all makes sense, it is basically : frame number * 178h + object pointer + Offset.
End.
~Written by (Lord) Silva
Code:
mov eax,dword ptr ds:[esi+edi*4+194h]
eax: that is where the address will be stored. Basic mov operation (mov destination,source).
esi: Lets call it the "base pointer"(incorrect term but w/e), it is always 458B00h.
edi: That is the number of the object. Like I mentioned previously, lf2 loops through the objects, so making this a register means the same line can be used to access any object.
So that line can be expressed as:
Code:
mov eax, dword ptr ds:[458B00h+Object_Number*4+194h]
Advanced (useless to most of you):
It is possible to check if an object exists or not.
Code:
cmp byte ptr ds:[esi+edi+4],0
After you have access to the "Object", you can access the objects properties. That works something like:
mov dword ptr ds:[eax+70h],0
That sets the objects frame number to 0. A large list of offsets exists here: http://lf-empire.de/forum/thread-2756-po...#pid152651
As of now, you have access to everything on the first page. To get access to the second page/"ID Properties" you have to get the next pointer. Assuming eax holds your object pointer:
Code:
mov eax, dword ptr ds:[eax+368h] ;move the id properties pointer into eax
cmp dword ptr ds:[eax+6f4h],10 ;check if the ID is 10
Now all that left is the frame stuff:
Code:
mov eax,dword ptr ds:[esi+edi*4+194h] ;Get object pointer
mov ecx,dword ptr ds:[eax+70h] ; get frame number and store in ecx
mov edx,dword ptr ds:[eax+368h] ; get "id" pointer and store in edx
imul ecx,ecx,178h ; multiply frame(ecx) by 178h
cmp dword ptr ds:[ecx+edx+7ACh],0 ; check if state is 0
End.
~Written by (Lord) Silva
10 ʏᴇᴀʀs sɪɴᴄᴇ ɪʀᴄ ɢᴏᴏᴅ.ɪ ᴡᴀʟᴋ ᴛʜʀᴏᴜɢʜ ᴛʜᴇ ᴇᴍᴘᴛʏ sᴛʀᴇᴇᴛs ᴛʀʏɪɴɢ ᴛᴏ ᴛʜɪɴᴋ ᴏғ sᴏᴍᴇᴛʜɪɴɢ ᴇʟsᴇ ʙᴜᴛ ᴍʏ ᴘᴀᴛʜ ᴀʟᴡᴀʏs ʟᴇᴀᴅs ᴛᴏ ᴛʜᴇ ɪʀᴄ. ɪ sᴛᴀʀᴇ ᴀᴛ ᴛʜᴇ sᴄʀᴇᴇɴ ғᴏʀ ʜᴏᴜʀs ᴀɴᴅ ᴛʀʏ ᴛᴏ sᴜᴍᴍᴏɴ ᴛʜᴇ ɢᴏᴏᴅ ɪʀᴄ. ɪ ᴡᴀᴛᴄʜ ᴏᴛʜᴇʀ ɪʀᴄ ᴄʜᴀɴɴᴇʟs ʙᴜᴛ ɪᴛ ɪs ɴᴏ ɢᴏᴏᴅ. ɪ ᴘᴇsᴛᴇʀ ᴢᴏʀᴛ ᴀɴᴅ ᴛʀʏ ᴛᴏ ʀᴇsɪsᴛ ʜɪs sᴇxɪɴᴇss ʙᴜᴛ ɪᴛ ɪs ᴀʟʟ ᴍᴇᴀɴɪɴɢʟᴇss. ᴛʜᴇ ᴇɴᴅ ɪs ɴᴇᴀʀ.ɪ ᴛʜᴇɴ ᴜsᴜᴀʟʟʏ ʀᴇᴀᴅ sᴏᴍᴇ ᴏʟᴅ ɪʀᴄ ʟᴏɢs ᴀɴᴅ ᴄʀʏ ᴍʏsᴇʟғ ᴛᴏ sʟᴇᴇᴘ.