Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Creating a Wand of Wishing -- HUGELY spoily & cheaty

731 views
Skip to first unread message

tod...@gmail.com

unread,
Jun 24, 2008, 8:08:20 AM6/24/08
to
This post describes how I managed to create a wand of wishing with a
memory editor.
A word about ethics: games are for having fun. So, if your fun is
playing by the rules, then play by the rules and have fun. If your fun
is outsmarting the protection systems, then do that and have fun. And
never blame the guy who sees fun where you don't.

This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.
This is so spoily and cheaty I don't have words good enough.

I found a way to create a wand of wishing. I got the inspiration from
http://www.elushae.org/~cislyn/game/adomhack.html -- but the exact way
described there doesn't work anymore in ADoM 1.1.1. I suggest to read
through it anyway.

Create a wizard. Go to Terinyo and drop your wand in the (3, 2) space.
Leave Terinyo.
Fire up a hex editor, open the $ADOM_DIR/tmpdat/adom_tdl05 file and
search for bytes "03 02" (or "0302", depends on your editor). The
exact position in the file varies from game to game.
Note the next halfword. This describes the item type. Some item types
are:

5a00 -- wand of digging
a900 -- wand of wonder
ac00 -- wand of light
e500 -- wand of stunningn
3e01 -- wand of wishing
6901 -- wand of door creation
6d01 -- wand of cold

Now comes the part I haven't worked out perfectly yet. You can't
change the file, but you now know the item type. The way I used kinda
sucks. Suggest something better.
Anyway, here comes the real work: fire up a memory cheater.
I use scanmem from http://taviso.decsystem.org/scanmem.html -- it's
not perfect, but it does the job pretty well.
I don't know about Windwoes memory editors, but under Linux a program
has a bunch of memory regions that scanmem searches. Experimentation
has showed that ADoM holds item data in heap. So let's delete regions
that will only clutter the search.
scanmem -p `pidof adom` -- launch the program
dregion 0
dregion 2
dregion 3
dregion 4
dregion 5
dregion 6
dregion 7
dregion 8
dregion 9
dregion 10
lregions -- check that only [heap] is left
Now swap the bytes of the hexa item type. If you don't know what this
is for, go read up on "little-endian". Supposing you had a wand of
door creation "69 01", the "right" number to search would be 0x0169.
So punch 0x0169 into scanmem and watch the magic.

info: 01/01 searching 0x829f000 - 0x830e000...........ok
info: we currently have 5 matches.

Which one is the right? Nobody knows. Type "list" to see what we've
found.
5> list
[ 0] 0x82ee018, cSILfnz, 365, [heap]
[ 1] 0x82a7284, cSILfnz, 365, [heap]
[ 2] 0x82a6eb4, cSILfnz, 365, [heap]
[ 3] 0x82a4450, cSILfnz, 365, [heap]
[ 4] 0x82a2970, cSILfnz, 365, [heap]

Again, experimentation shows that the right memory address is
somewhere towards the end of heap, in other words probably not
0x82a[something]. So just pick the first one, cross your fingers and
hope.

set 0=0x013e

The moment of truth: check in ADoM if the wand type has changed. If it
has, you're set. If it has not, change the value back to what it was
ASAP. Then (supposing ADoM doesn't crash from your mucking around) you
could try changing another value form the "list" list.

set 0=0x0169 (wand of cold or whatever you used to have)

If you managed to create the wand successfully, next thing to do would
be "fixing" the number of charges. This is easy: just type "reset"
into scanmem, then search for the current number of charges (scanmem
reports lots of matches), zap the wand, then search again with the new
number (scanmem reports only a few matches, possibly 1). Rinse and
repeat.

P.S.
After going through all the trouble, I discovered that the way
described in http://www.elushae.org/~cislyn/game/adomhack.html
actually works after all! ADoM detects an error, saves the game and
quits with a big ugly error message. However, the save file is good
(as far as I can tell) and a WoW with 2^31 - 1 charges waits for you
in Terinyo.

Soira

unread,
Jun 25, 2008, 7:37:59 AM6/25/08
to
downloading ADombot seems lot lot of simplier.

tod...@gmail.com

unread,
Jun 25, 2008, 2:14:57 PM6/25/08
to
On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
> downloading ADombot seems lot lot of simplier.

But works only on Windwoes.

Vladimir, what would it take to port the app to Linux?

Vladimir Panteleev

unread,
Jun 26, 2008, 11:57:11 AM6/26/08
to
On Jun 25, 9:14 pm, todu...@gmail.com wrote:
> On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
>
> > downloadingADombotseems lot lot of simplier.

>
> But works only on Windwoes.
>
> Vladimir, what would it take to port the app to Linux?

It works fine in Wine, last time I checked (many years ago). Just
download ADOM for Windows, start it up in Wine and load your savegame
(they're cross-platform).

Vladimir Panteleev

unread,
Jun 26, 2008, 12:01:34 PM6/26/08
to
On Jun 25, 9:14 pm, todu...@gmail.com wrote:
> On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
>
> > downloadingADombotseems lot lot of simplier.

>
> But works only on Windwoes.
>
> Vladimir, what would it take to port the app to Linux?

It works fine in Wine, last time I checked (many years ago). Just

tod...@gmail.com

unread,
Jun 26, 2008, 4:10:28 PM6/26/08
to
On Jun 26, 7:01 pm, Vladimir Panteleev <thecybersha...@gmail.com>
wrote:

> On Jun 25, 9:14 pm, todu...@gmail.com wrote:
> > On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
>
> > > downloadingADombotseems lot lot of simplier.
>
> > Vladimir, what would it take to port the app to Linux?
>
> It works fine in Wine, last time I checked (many years ago). Just
> download ADOM for Windows, start it up in Wine and load your savegame
> (they're cross-platform).

Would you publish the source? Maybe it could be compiled with wine-
lib.
Or else someone *wink wink* could try to port it?

Vladimir Panteleev

unread,
Jun 26, 2008, 8:25:38 PM6/26/08
to

I don't think that's going to work, because
1) it's written in Borland Delphi
2) it uses APIs such as OpenProcess and Read/WriteProcessMemory to
access ADOM.
Needless to say, you'll need a lot of work to make it compile and work
under Linux natively. I don't think it's worth the point, when it
should just work under Wine (as long as the WinBeta is running in the
same wine-server).

gut

unread,
Jun 27, 2008, 9:18:33 AM6/27/08
to
tod...@gmail.com wrote in news:8511b46f-df5a-418a-ad75-
bf479f...@b1g2000hsg.googlegroups.com:

> On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
>> downloading ADombot seems lot lot of simplier.
>
> But works only on Windwoes.
>

You could try the item dropping duplication bug.
Details are at the HoF forums, here is the link:

http://adom.brinkster.net/forum/messages.asp?thread=5795&start=54700&page=1
&tmp=54976

Stas

unread,
Jul 28, 2008, 3:05:46 PM7/28/08
to
On Jun 27, 9:18 am, gut <none> wrote:
> todu...@gmail.com wrote in news:8511b46f-df5a-418a-ad75-
> bf479f615...@b1g2000hsg.googlegroups.com:

>
> > On Jun 25, 2:37 pm, Soira <baisu...@yahoo.com> wrote:
> >> downloading ADombot seems lot lot of simplier.
>
> > But works only on Windwoes.
>
> You could try the item dropping duplication bug.
> Details are at the HoF forums, here is the link:
>
> http://adom.brinkster.net/forum/messages.asp?thread=5795&start=54700&...
> &tmp=54976

But to make a wand of wishing, you'd need to have one already so you
could duplicate it.

gut

unread,
Aug 1, 2008, 2:33:18 AM8/1/08
to
Stas <stas...@gmail.com> wrote in news:60d53559-e3e3-47bb-b2ba-
74485c...@r66g2000hsg.googlegroups.com:

spoiler space
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
It is possible to dip items into a blessed potion of exchange, and turn
them into other items. The most efficient way of doing this is probably
to dip a stack of 19 rings, while on a level that is at least danger
level 8 (like D:8 of the CoC), in hopes of getting RoDS's.

0 new messages