Modifications to UA.EXE

The following contents were generated by the Freeware version of IDA 7.0 using the English version of UA.EXE

BEGTEXT:00410000 ;
BEGTEXT:00410000 ; +-------------------------------------------------------------------------+
BEGTEXT:00410000 ; |   This file has been generated by The Interactive Disassembler (IDA)    |
BEGTEXT:00410000 ; |           Copyright (c) 2018 Hex-Rays, <support@hex-rays.com>           |
BEGTEXT:00410000 ; |                            Freeware version                             |
BEGTEXT:00410000 ; +-------------------------------------------------------------------------+
BEGTEXT:00410000 ;
BEGTEXT:00410000 ; Input SHA256 : A4E552B49BDDC948E8EF7AAE55589D8074D2ED49AD6C84D172B07AEF8D04838A
BEGTEXT:00410000 ; Input MD5    : 07C504FB8618B0D5FBD8103E12696607
BEGTEXT:00410000 ; Input CRC32  : 46B7BC7E
BEGTEXT:00410000
BEGTEXT:00410000 ; ---------------------------------------------------------------------------

No CD Check

This difference file has been created by IDA
 
ua.exe
00000000000399D2: 89 E9
00000000000399D3: C6 8D
00000000000399D4: 89 00
00000000000399D5: 54 00
00000000000399D6: 24 00
00000000000399D7: 04 90

Which should correspond to

BEGTEXT:004495CC sub_4495CC      proc near
BEGTEXT:004495CC
BEGTEXT:004495CC var_14          = dword ptr -14h
BEGTEXT:004495CC var_10          = dword ptr -10h
BEGTEXT:004495CC
BEGTEXT:004495CC                 push    esi
BEGTEXT:004495CD                 push    edi
BEGTEXT:004495CE                 push    ebp
BEGTEXT:004495CF                 sub     esp, 8
BEGTEXT:004495D2                 jmp     **loc_449664**       ; THIS IS THE NO CD CHECK SKIP
...
BEGTEXT:00449664 **loc_449664**:
BEGTEXT:00449664                 mov     edx, 1          ; UAssault CD is present
BEGTEXT:00449669                 jmp     short **loc_44966D**
BEGTEXT:0044966B ; ---------------------------------------------------------------------------
BEGTEXT:0044966B
BEGTEXT:0044966B loc_44966B:
BEGTEXT:0044966B                 xor     edx, edx
BEGTEXT:0044966D
BEGTEXT:0044966D **loc_44966D**:
BEGTEXT:0044966D                 mov     eax, edx
BEGTEXT:0044966F
BEGTEXT:0044966F loc_44966F:
BEGTEXT:0044966F                 add     esp, 8
BEGTEXT:00449672                 pop     ebp
BEGTEXT:00449673                 pop     edi
BEGTEXT:00449674                 pop     esi
BEGTEXT:00449675                 retn
BEGTEXT:00449675 CheckCD         endp

AI Helicopter Glitch Fix

This difference file has been created by IDA
 
ua.exe
00000000000FA8FF: 7B 2D
00000000000FA900: 14 43
00000000000FA901: AE 1C
00000000000FA902: 47 EB
00000000000FA903: E1 E2
00000000000FA904: 7A 36
00000000000FA905: 94 2A
00000000000FAA03: 7B 2D
00000000000FAA04: 14 43
00000000000FAA05: AE 1C
00000000000FAA06: 47 EB
00000000000FAA07: E1 E2
00000000000FAA08: 7A 36
00000000000FAA09: 94 2A
00000000000FB7F6: 7B 2D
00000000000FB7F7: 14 43
00000000000FB7F8: AE 1C
00000000000FB7F9: 47 EB
00000000000FB7FA: E1 E2
00000000000FB7FB: 7A 36
00000000000FB7FC: 94 2A


Basically this changes the DQ 0.02 to DQ 0.002

DGROUP:0050D8FF 7B 14 AE 47 E1 7A 94 3F dbl_50D8FF      dq 0.02                 ; DATA XREF: BEGTEXT:0048818B↑r
...
DGROUP:0050DA03 7B 14 AE 47 E1 7A 94 3F dbl_50DA03      dq 0.02                 ; DATA XREF: sub_48A4E4+4D2↑r
...
DGROUP:0050E7F6 7B 14 AE 47 E1 7A 94 3F dbl_50E7F6      dq 0.02                 ; DATA XREF: BEGTEXT:004AEA7A↑r

Increased Resolution Patch

This difference file has been created by IDA
 
ua.exe
000000000001B70A: 04 10
000000000001B717: 03 10
BEGTEXT:0042B2FC                         sub_42B2FC      proc near               ; DATA XREF: sub_42B65C+40A↓o
BEGTEXT:0042B2FC
BEGTEXT:0042B2FC                         arg_0           = dword ptr  4
BEGTEXT:0042B2FC
BEGTEXT:0042B2FC 53                                      push    ebx
BEGTEXT:0042B2FD 56                                      push    esi
BEGTEXT:0042B2FE 57                                      push    edi
BEGTEXT:0042B2FF 55                                      push    ebp
BEGTEXT:0042B300 8B 44 24 14                             mov     eax, [esp+10h+arg_0]
BEGTEXT:0042B304 8B 50 0C                                mov     edx, [eax+0Ch]
BEGTEXT:0042B307 81 FA 00 10 00 00                       cmp     edx, 1000h               ;*** changed ***
BEGTEXT:0042B30D 0F 87 7A 00 00 00                       ja      loc_42B38D
BEGTEXT:0042B313 81 78 08 00 10 00 00 cmp dword ptr [eax+8], 1000h ;*** changed ***
...
BEGTEXT:0042B36C 68 50 38 50 00                          push    offset aEnumDisplayMod ; "enum display mode: %dx%dx%d\n"

Polygon Render Limit

1) Add new section to PE file

2) Calculate Virtual Address (given the RVA) for “PubStack” “EndOfPubStack” “ArgStack” and “EndOfArgStack”

Hex edit 0x0059CC00 (PubStack) → New PubStack

Hex edit 0x005A0DA0 (EndOfPubStack) → New EndOfPubStack

Hex edit 0x0055B200 (ArgStack) → New ArgStack

Hex edit 0x0059CB00 (EndOfArgStack​​​​​​​) → New EndOfArgStack​​​​​​​

modding/ua_exe.txt · Last modified: 2019/01/27 10:57 (external edit)
Back to top
CC Attribution-Noncommercial-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0