A tutorial about the basics of HEX Editing!

Introduction:
All of you who came into this topic are probably wondering what hex is, or heard about it from someone who doesn't know what it is and made you think you know what hex is. The most common mistake a hear among people that hex is the source code of a program/game well that isn't true one bit, lf2 was programmed in c++, C++ source code looks like this (that is only defining some stuff and a model thats not a complete program):

struct vertex3
{
float x;
float y;
float z;
};

class model
{
private:
vertex3f vertecies[];
public:
model();
~model();
};

and hex would be something like:

01 99 01 F1 33 FF 90

As you can see the difference is very big. If you ever had a hex editor and used it to open a program you'll probably be think "no thats not true in a hex editor you see words", that is true and that is because 99% of all hex editors (every program which isn't home made by a crazy programmer who can convert hex to ASCII in one second in his head) automatically converts hex to ASCII (letters/symbols).

Hex is a type of counting for which is made out of 16 numbers (0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f) and demical (what we use in our every day life is just 10. There are other types but they aren't important to us in this guide (binary and oct something).



Getting started:
To start editing a programs hex you need a hex editor, here are a few programs I use:

  • Hex Workshop
  • FX Edit

There are alot of other programs out there, just type "hex editor" in google and you'll find alot. Every hex editor is differen't and there are alot out there so in some places my guide my not be exactly correct according to your hex editor but please try and look around the small details. In this tutorial I'll be using Hex Workshop.
After you downloaded hex workshop and installed it (if you can't do that then stop reading this guide) open lf2.exe using it (you may either go to File > Open, press ctrl + O or press the folder icon at the top). After that you will see 3 columns the one on the left side is the hex address that isn't important, in the middle is the hex and on the right is the ASCII.

I will now explain a few things:
Why you need both hex and ASCII: if you want to write something it will much easier to use normal letters than hex and if you want to completely remove something you must change the hex to 00 because putting a space there will actually be 20 in hex and therefore you didn't remove it. Also when you learn about NOPing you'd have to change the hex to 90 and you wont be able to do that with only the ASCII column.
How to nop and how to remove: NOPing something is done by changing the hex to 90, and removing it completely is changing the hex to 00, I can't really explain what will happen if you remove or nop so you should try both before being please (I usally NOP and never remove because sometimes removing causes errors and I'm to lazy to try both).



Editing:
We are now ready to edit, we are going to change the lf2 title bar (the thing on the top of lf2, on the blue bar if you're using windows xp), to do that we are going to search for "Little Fighter 2" because that is the title and you're feeling lucky so it should work, first press ctrl + F (short cut to open the find window) choose string as the type (you should of figured out that string means word by now I hope) and Little Fighter 2 as the value (logically) and press okay. Now the program found where it is all thats left is to edit it, click behind the letter "l" in the ASCII columm and type something, it will change automatically you can also do the same in the hex but it's much easier to do it with letters because we need to write a word.

So now you know how to change stuff using the hex editor but you don't know what to change, you're probably thinking that I'm going to tell you, well you're wrong it's all trial and error. I'll give you a few examples on how to change things, some of the stuff I found were complet flukes others by debugging (I might explain how to debugg at a different time, theres much less luck involved there) and some because someone told me a hint (how to change the credits for example).



Examples:
How to remove/edit credits:
The credits are encrypted in a 0123+ encryption (mgccl told me how the link was encrypted and I gussed the rest was encrypted with the same method). The credits are made of 2 lines of junk and one link, the same link shows in the demo screen so if you remove it it won't show anywhere (or change it). To remove the link you must remove "huvs:01zwx0OiuvoeGkjhugu.dqp" from the hex...
It's encrypted in a 0123 encryption it should say http://littlefighter.com so as you can see you add 0 to h , 1 to t (the next letter) and then 2 to the second 2 (2 letters forward) I hope you understand the genreal idea, if you do you could change the link to what ever you want (I'm not sure how the symbols encrypt them selves so you might have to experiment a bit). Now to remove the other lines, to remove by marti and starski wong you must remove "bz"Pasvl Xqqg-"Vtbtvkz"Zooi" that is also encryped in the same way so play around with it and change it to what you want. And now the last line that has the date, you must remove "1:;<-3235-"dlm"uihjws!thsftyee". This to is encrypted the same way.

How to disable Fkeys (I only know f7 and f6):
To disable fkey in lf2 is pretty complicated because the fkeys do alot of things even if it looks very simple. First of all look for "8B0E8981FC0200008B168982080300008B0EB8D3" (hex not string) and you just have to edit this part "898208030000" to "909090909090" (remeber how I told you 90 is nop). You're probably wondering why we aren't just searching for the part that we have to edit, it's because the same code is in the same place a few times and you might get mixed up. Now we disabled the mp regian from the f7 key now to disable hp...


Written by Silva a.k.a Data1master
   
© Little Fighter Empire
Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
Ok