Item Prefix/Suffixes | Unique Items | Character Stats | Base Items | Spells and Skills | Monsters | Unique Monsters | Shrines | Quests | Miscellanious
This page will have some of the hacks Charlie found. We have also
included some of our own findings. It includes the ASM code for
those who really want to know HOW it works, and not just to copy
and put in their own mod All Diablo code here is from version 1.07.
1. Bone Spirit Hurts
Everything
2. Reduce
Fireball's Damage By One Half
3. Change the class'
starting skill
4. Total Kill count (HP and
resistance displays)
5. Warp your way thru
the levels
6. The
where to change the stats of your Golem
7. Random
monster generation on level 16
For some of the changes done in The Dark, go to The Dark: Code changes
Bone
Spirit Hurts Everything
No hacking required with this one. In the missile data, which I
never documented, the actual "effect type" of the spell
effects are given. The first byte in these data strings refers to
the actual spell effect (refer to the list of spell effects on
the Spells and Skills page). Looking down the list, you'll see
that Bone Spirit's effect number is 3F. Go to the missile data (which
starts at offset 93798 in Diablo and A6368 in Hellfire) and
browse down to the Bone Spirit missile data string. For those who
are too lazy to figure this out yourself, it's at 93E8C in Diablo,
and A6A4C in Hellfire. Here's what you'll see in Diablo....
3F00 0000 F0DF 4200 1819 4300 0100 0000 0103 2500 5D00 0000 5E00 0000
And in Hellfire.....
3F00 0000 4A55 4300 57A3 4300 0100 0000 0103 2500 6300 0000 6400 0000
The byte in bold is what we'll be changing. This is the actual
effect type for the spell effect. Four variables can go here, and
they are...
00 = None 01 = Fire 02 = Lightning 03 = Magic
Just change this byte to the effect you want. Changing it to 00 will make the Bone Spirit spell hurt every monster, regardless of it's resistances. If you implement this in a mod, make it staff only with one or two charges. Otherwise, the game will get absurdly easy.
Reduce Fireball's Damage By One Half
Fireball's damage code starts at memory offset 42C11C in Diablo,
and 431DCA in Hellfire. It would help if you have W32Dasm and
have already disassembled Hellfire or Diablo and can follow along.
Here's what we see at this offset....
42C11C........8D443604..............lea eax, dword ptr [esi+esi+04]
Don't ask me what this does EXACTLY, as I don't know. I just know it affects the damage of the Fireball :) The 04 can be changed to whatever you want to edit the damage, but to halve it, use this code in it's place..
42C11C..........90....................NOP 42C11D..........8D4604................lea eax, dword ptr [esi+04]
I just looked at Fireball's damage formula and tried to find something in the code that resembled it somewhat. I would have missed it had it not been for the 4 :Þ
Change the class' starting skill (memory
locations)
When you want to change the skill of a player you'll need to edit
the file at 3 different places. Two places where the skill number
is located and one place where the corresponding spellnumber is
located. This one is used for the display in the spellbook. Also
don't forget to fill in the pointer for the skillname at the
spells. It's best to use the same pointer as for the spellname
Diablo:
Warrior - Item Repair
:0044C99F...C7868878680000000002....mov dword ptr [esi+00687888], 02000000....Skill value :0044D013...C7868878680000000002....mov dword ptr [esi+00687888], 02000000....Skill value :00404873...C705104D48001A000000....mov dword ptr [00484D10], 0000001A........Spell value
Rogue - Trap Disarm :0044C9B0...C7868878680000000008....mov dword ptr [esi+00687888], 08000000....Skill value :0044D023...C7868878680000000008....mov dword ptr [esi+00687888], 08000000....Skill value :00404883...C705104D48001C000000....mov dword ptr [00484D10], 0000001C........Spell value
Sorcerer - Staff Recharge :0044C9C1...C7868878680000000004....mov dword ptr [esi+00687888], 04000000....Skill value :0044D033...C7868878680000000004....mov dword ptr [esi+00687888], 04000000....Skill value :00404893...C705104D48001B000000....mov dword ptr [00484D10], 0000001B........Spell value
Hellfire
Warrior - Item Repair :004580BD...C784301001000000000002..mov dword ptr [eax+esi+00000110], 02000000..Skill value :00458984...C7801001000000000002....mov dword ptr [ebx+00000110], 02000000......Skill value :00404C67...C705684D49001A000000....mov dword ptr [00494D68], 0000001A..........Spell value
Rogue - Trap Disarm :004580D4...C784301001000000000008..mov dword ptr [eax+esi+00000110], 08000000..Skill value :00458995...C7801001000000000008....mov dword ptr [ebx+00000110], 08000000......Skill value :00404C77...C705684D49001C000000....mov dword ptr [00494D68], 0000001C..........Spell value
Sorcerer - Staff Recharge :004580EB...C784301001000000000004..mov dword ptr [eax+esi+00000110], 04000000..Skill value :004589A6...C7801001000000000004....mov dword ptr [ebx+00000110], 04000000......Skill value :00404C87...C705684D49001B000000....mov dword ptr [00494D68], 0000001B..........Spell value
Monk - Search :0045810E...C784301401000000200000..mov dword ptr [eax+esi+00000114], 00002000..Skill value :004589BD...C7801401000000200000....mov dword ptr [ebx+00000114], 00002000......Skill value :00404C97...C705684D49002E000000....mov dword ptr [00494D68], 0000002E..........Spell value
Bard - Identify :00458125...C784301001000010000000..mov dword ptr [eax+esi+00000110], 00000010..Skill value :004589CE...C7801001000010000000....mov dword ptr [ebx+00000110], 00000010......Skill value :00404CA7...C705684D490005000000....mov dword ptr [00494D68], 00000005..........Spell value
Barbarian - Rage :0045813C...C784301001000000002000..mov dword ptr [eax+esi+00000110], 00200000..Skill value :004589DF...C7801001000000002000....mov dword ptr [ebx+00000110], 00200000......Skill value :00404CB7...C705684D490016000000....mov dword ptr [00494D68], 00000016..........Spell value
Here is a list (incomplete, most from hellfire are missing) of the skillnumbers used for each spell.
| Firebolt....... | 0100 0000 | Infravision........... | 0001 0000 |
| Healing........ | 0200 0000 | Phasing............... | 0002 0000 |
| Lightning...... | 0400 0000 | Mana Shield........... | 0004 0000 |
| Flash.......... | 0800 0000 | Fireball.............. | 0008 0000 |
| Identify....... | 1000 0000 | Guardian.............. | 0010 0000 |
| FireWall....... | 2000 0000 | Chain Lightning....... | 0020 0000 |
| Town Portal.... | 4000 0000 | Flame Wave............ | 0040 0000 |
| Stone Curse.... | 8000 0000 | Doom Serpents......... | 0080 0000 |
| Blood Ritual... | 0000 0100 | Etherealize........... | 0000 0001 |
| Nova........... | 0000 0200 | Item Repair........... | 0000 0002 |
| Invisibility... | 0000 0400 | Staff Recharge........ | 0000 0004 |
| Inferno........ | 0000 0800 | Trap Disarm........... | 0000 0008 |
| Golem.......... | 0000 1000 | Elemental............. | 0000 0010 |
| Rage(HF)....... | 0000 2000 | Charged Bolt.......... | 0000 0020 |
| Teleport....... | 0000 4000 | Holy Bolt............. | 0000 0040 |
| Apocalypse..... | 0000 8000 | Resurrect............. | 0000 0080 |
These can only be used if you increase the live memory
offset pointer by 4. For example, the live memory offset for the
skills is at 687888. If you wish to use the 4 spells below, you
must change the memory pointer just before the spell value to
68788C. Hellfire uses +00000110 and +00000114 as adders for the
live offsets
Changing the pointer +00000110 to +00000114 will require adapting the jump to
:004589E9 899814010000 mov dword ptr [eax+00000114], ebxand make it jump past it.
Telekinesis.....0100 0000 Search..........0020 0000 Heal Other......0200 0000 Blood Star......0400 0000 Bone Spirit.....0800 0000
Total Kill
Count (file locations)
This will change the total amount of monster type kills you will
need to attain before the resistance/immunity and the HP of that
type will be displayed when you move your cursor over them. Not
much use, since everyone MUST use a data file to look at the
monster's stats....LOL
3A73F......1E......30 kills needed for HP display....edit as you see fit 3A7AC......0F......15 kills needed for resistance/immunity display. Hellfire 43849......1E......30 kills needed for HP display....edit as you see fit 438C2......0F......15 kills needed for resistance/immunity display.
Warp
your way thru the levels
This is one of the smaller spell changes we did in our upcoming 2.4
version. It will make you warp to the stairs furthest away
instead of the one closest by. Very useful for quick Laz runs.
Of course this one is Hellfire only
Change the code at the following offsets
:004316E6.........C745F4FFFFFF7F.................mov
[ebp-0C], 7FFFFFFF
To
:004316E6.........C745F400000000.................mov
[ebp-0C], 00000000
And
:0043179F.........7D09...........................jge
004317AA
To
:0043179F.........7E09...........................jle
004317AA
The place where to change the stats of your Golem
Changing the golem stats is very well doable, but if you don't
know any asm i wouldn't recommand it. The stat of the golem are
set in a procedure which stars at 00444F5C (Hellfire) or 0043BEE4
(Diablo). The code references are all from Hellfire because that's
what we've worked with, in Diablo it's pretty much the same, the
sequences differs a bit. It's easiest to change the fixed values
which can be recognised from Jarulf's formulas. Other changes i
wouldn't recommand unless one knows how to program in asm.
Here follows the code from Hellfire with some explanation. If you're
going to change some of these values don't forget to backup. But
be assured the golem can be changed this way, we did it in our
mod.
:00444F7D 6A03 push 00000003 : : :00444FD3 59 pop ecx ecx = 3 :00444FD4 8D80887A6900 lea eax, dword ptr [eax+00697A88] Slvl :00444FDA 894508 mov dword ptr [ebp+08], eax :00444FDD 8B83B0010000 mov eax, dword ptr [ebx+000001B0] max current mana * 64 :00444FE3 99 cdq :00444FE4 F7F9 idiv ecx eax = (max current mana / 3)*64 :00444FE6 8B5508 mov edx, dword ptr [ebp+08] :00444FE9 8B0A mov ecx, dword ptr [edx] :00444FEB 8D0C89 lea ecx, dword ptr [ecx+4*ecx] ecx = Slvl * 5 :00444FEE C1E106 shl ecx, 06 (5*slvl)*64 for extra precision :00444FF1 03C1 add eax, ecx :00444FF3 8A0A mov cl, byte ptr [edx] cl = Spell lvl :00444FF5 D1E0 shl eax, 1 eax = (2/3*maxmana + 10 slvl)*64 :00444FF7 898618DD6900 mov dword ptr [esi+0069DD18], eax Initial life :00444FFD 89861CDD6900 mov dword ptr [esi+0069DD1C], eax Current life :00445003 8AC1 mov al, cl al = slvl :00445005 C68652DD690019 mov byte ptr [esi+0069DD52], 19 AC = 25 :0044500C 8A93B8010000 mov dl, byte ptr [ebx+000001B8] dl = clvl :00445012 0408 add al, 08 al = slvl + 8 :00445014 B305 mov bl, 05 :00445016 88450B mov byte ptr [ebp+0B], al :00445019 F6EB imul bl al = 5*slvl + 40 :0044501B D0E2 shl dl, 1 dl = 2*clvl :0044501D 02D0 add dl, al dl = 5*slvl + 2*clvl + 40 :0044501F 8A450B mov al, byte ptr [ebp+0B] al = slvl + 8 :00445022 80C104 add cl, 04 cl = slvl + 4 :00445025 88964CDD6900 mov byte ptr [esi+0069DD4C], dl To Hit :0044502B D0E1 shl cl, 1 cl = 2*slvl + 8 :0044502D D0E0 shl al, 1 al = 2*slvl + 16 :0044502F 888E4DDD6900 mov byte ptr [esi+0069DD4D], cl Min Damage :00445035 88864EDD6900 mov byte ptr [esi+0069DD4E], al Max damage
Random monster generation on level 16
What basically is done here is remove the assignement of
Advocates (6C) and Blood Knights (60) after the test for level 16.
The assignement of Diablo we let in, wouldn't want to mis him :)
We've also removed the jump that skipped the normal monster
generation, so level 16 behaves now normal. The fixed
monstersslots used in the table between the monster data and
activation table will still always appear on level 16 (normally
advocates & blood knights).
There is a little difference between Hellfire and Diablo here.
The push of 1 must be removed (or leave the pop edx as it is) in
Diablo but not in Hellfire. Leaving it in Diablo will screw up
the working of your town portal on level 16
Diablo:
:0043202F 6A01 push 00000001
:00432031 5A pop edx
* Possible Reference to Dialog: DialogID_006C
|
:00432032 6A6C push 0000006C Advocate
:00432034 59 pop ecx
:00432035 E84FFFFFFF call 00431F89 Place monster ??
:0043203A 6A01 push 00000001
:0043203C 5A pop edx
:0043203D 6A60 push 00000060 Blood Knight
:0043203F 59 pop ecx
:00432040 E844FFFFFF call 00431F89 Place monster ??
:00432045 8BD6 mov edx, esi
* Possible Reference to Dialog: DialogID_006E
|
:00432047 6A6E push 0000006E Diablo
:00432049 E9A3020000 jmp 004322F1
Change to:
:0043202F 909090909090909090909090 12 * nop
:0043203B 8BD6 mov edx, esi
* Possible Reference to Dialog: DialogID_006E
|
:0043203D 6A6E push 0000006E
:0043203F 59 pop ecx
:00432040 E844FFFFFF call 00431F89
:00432045 909090909090909090 9 * nop
Hellfire:
:0043A9FF 5A pop edx
* Possible Reference to Dialog: DialogID_006C
|
:0043AA00 6A6C push 0000006C Advocate
:0043AA02 59 pop ecx
:0043AA03 E856FFFFFF call 0043A95E Place monster ???
:0043AA08 6A01 push 00000001
:0043AA0A 5A pop edx
:0043AA0B 6A60 push 00000060 Blood Knight
:0043AA0D 59 pop ecx
:0043AA0E E84BFFFFFF call 0043A95E Place monster ???
:0043AA13 8BD6 mov edx, esi
* Possible Reference to Dialog: DialogID_006E
|
:0043AA15 6A6E push 0000006E Diablo
:0043AA17 E912030000 jmp 0043AD2E
Change to:
:0043A9FF 90909090909090909090 10 * nop
:0043AA09 8BD6 mov edx, esi
* Possible Reference to Dialog: DialogID_006E
|
:0043AA0B 6A6E push 0000006E
:0043AA0D 59 pop ecx
:0043AA0E E84BFFFFFF call 0043A95E
:0043AA13 909090909090909090 9 * nop