Page 1 of 2 12 LastLast
Results 1 to 25 of 29

Thread: Tutorial: Using OllyDbg to patch your CM .exe

  1. #1
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500

    Tutorial: Using OllyDbg to patch your CM .exe

    Here is a simple (I hope!) tutorial on how to make some basic changes to your CM .exe file.

    EDIT: The example I used below is only available when your exe has been patched to 3.9.68 and then using a Tapani 2.xx patch. The following steps are just to show how any offset can be changed. (Cheers for the heads up CF!)

    First, you will need to download OllyDbg from the following link: http://www.ollydbg.de/download.htm

    Now, we are ready to find a change to make to our CM executable. Oh look, I don't like the fact that the Premier League allows 7 subs, let's lower that amount.
    Spoiler!


    Open your OllyDbg program and open your CM exe. This is normally located in your "C:\Program Files (x86)\Championship Manager 01-02" folder unless you have moved this.
    Spoiler!


    Now, you should see lines of scary looking nonsense! (Let's hope this makes sense later!)
    Spoiler!


    Next, find the offset you need from one of the numerous threads where the site's resident experts have already located this information for you. For example, we would find ours in the Offsets thread.

    http://www.champman0102.co.uk/showthread.php?t=68

    For this example, the number of subs offsets for all competitions are listed in a single post at the link below. How convenient!
    http://www.champman0102.co.uk/showth...&p=131#post131
    Spoiler!


    Our required offset as seen in the picture is 574C03.

    Return to OllyDbg, click anywhere in the main panel and press Ctrl + G, entering your new found offset.
    Spoiler!


    This will take you to the exact location of the information in the executable where the exe tells the game how many subs can be named in this competition. You should see the line as below:

    Spoiler!


    You will need to change the '7' at the end of this line, as this is the number of subs allowed. But let's say we only want to allow 3 subs, because we are evil like that!
    So we change the 7 to 3, simply by double clicking on the line and editing as shown, then click assemble, followed by 'Cancel':

    Spoiler!


    Any changes will be highlighted in red:

    Spoiler!


    Now, we are ready to test the changes. You will need to save your exe. Right click on the main panel, scroll down to 'Copy to executable', followed by 'All Modifications'. Then choose 'Copy all'.

    Spoiler!


    Now, click the 'X' to close the new window that appears, and a warning message appears asking you to save the changes.

    Spoiler!


    Click yes, and give your exe a DIFFERENT name to your current exe. (This is in case you have made any mistakes and you can revert back to before you made any changes!)

    Spoiler!


    Now, load up the game through your new exe file. (Remember to set compatibility and 'Run as admin' on your new exe. You can do this by right clicking on your new file, choosing 'Properties' and the 'Compatibility' tab. Most computers will run the game in 'Windows 98 / ME' mode, and tick 'Run as administrator'. If you forget this, especially on Windows 8, the game may not load!)
    Spoiler!


    Then, we go load up the Premier League. Let's hope this works!
    Spoiler!


    And there you have it! The damn Premier League going and changing the rules on us 35 days before the start of the season!

    You can use the above steps to make many changes to the exe, the above was to show how a change can be made. There is many great changes that you can do to make your game easier, harder, or just more wackier and fun! Have a read at the offsets thread at the link above for more offsets that you can apply and use.
    Last edited by bine ye; 14-09-14 at 12:43 AM.

  2. The Following 14 Users Say Thank You to bine ye For This Useful Post:


  3. #2
    Craig Forrest's Avatar
    Craig Forrest is offline Manager
    Official Challenges Mod
    Programmer
    Forum Enforcer
    VIP
    Holy Trinity Member
    Join Date
    02-03-12
    Location
    The Great White North
    Posts
    4,075
    vCash
    1547
    Just an FYI though..... you can only change the subs in England if you've applied a Tapani patch.... the vanilla EXE does not have that line of code

  4. The Following 3 Users Say Thank You to Craig Forrest For This Useful Post:


  5. #3
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500
    I was hoping people weren't going to use it as a 'Change England subs' tutorial, but instead as a 'Change any offset' tutorial

  6. The Following User Says Thank You to bine ye For This Useful Post:


  7. #4
    Craig Forrest's Avatar
    Craig Forrest is offline Manager
    Official Challenges Mod
    Programmer
    Forum Enforcer
    VIP
    Holy Trinity Member
    Join Date
    02-03-12
    Location
    The Great White North
    Posts
    4,075
    vCash
    1547
    no I get it.... but if a n00b tries that for the first time using Olly and can't find the offset then it might put them off....

  8. #5
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500
    Updated OP. Cheers

  9. The Following User Says Thank You to bine ye For This Useful Post:


  10. #6
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    This is brilliant exactly what I was asking for in the offest thread!!!


    So glaad this has finally been done....

    please if anyone can give another examples for doing differnt offset's... please do so

    This was explained so well for begginers, thanks
    bine ye

    VERY VERY greatful!

  11. #7
    Craig Forrest's Avatar
    Craig Forrest is offline Manager
    Official Challenges Mod
    Programmer
    Forum Enforcer
    VIP
    Holy Trinity Member
    Join Date
    02-03-12
    Location
    The Great White North
    Posts
    4,075
    vCash
    1547
    the other offsets follow the same principle... value 'a' needs to be changed to value 'b' in order to alter the exe in some way

  12. The Following User Says Thank You to Craig Forrest For This Useful Post:


  13. #8
    Join Date
    05-06-12
    Posts
    1,035
    vCash
    3700
    Quote Originally Posted by Craig Forrest View Post
    Just an FYI though..... you can only change the subs in England if you've applied a Tapani patch.... the vanilla EXE does not have that line of code
    Or you could add the missing line yourself...
    Original exe:
    00574C03 POP ESI
    00574C04 RETN

    To modify thism double-click on 'POP ESI' and type in 'MOV BYTE PTR DS:[ESI+49],7' (change the 7 if you want more or less subs). This will overwrite the above two lines - so you'll need to puth them back. So double-click the 'NOP' which is now below the line you've just added and enter 'POP ESI' then repeat and enter 'RETN'.

    You can do the same thing with subs you can use - just add the following line as well 'MOV BYTE PTR DS:[ESI+4A],7'.

    Note - NOP is the code for 'No Operation', overwriting any other code would almost certainly have negative conseqeunces.

  14. The Following 2 Users Say Thank You to JohnLocke For This Useful Post:


  15. #9
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    Thanks John

    Any chance you could upload some scrrenshots on how this is done, just until newbs like myself get to grips with the procedure...... it would be greatly appreciated


    I mean, I think the whole point of this thread, is to familiarize people with the ollydb program, and screenshots of how each step is done would make all these numbers and codes, make alot more sense for people like myself, unfamiliar with ollydb... I understand this may be time consuming, so if you cant find the time, i totally understand.

    cheers dude
    Last edited by eddieC; 14-09-14 at 12:57 PM. Reason: ammendment

  16. #10
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500
    You shouldn't need screenshots for this, if you are running the stock 3.9.68. It is as the OP, except when you search for 574C03, you should have POP ESI highlighted. Double click this, and add the lines JL mentioned and click assemble. To clarify what JL was saying, the NOP is free space in the exe and is in most cases here you can overwrite. It will not always be the case as the game needs some of these free spaces to write to during the game run time.
    To break this down:
    * Find 574C03 - POP ESI, and double click on this to write your new line.
    * Write out "MOV BYTE PTR DS:[ESI+49],VALUE"
    (Where VALUE is your number of subs to be named, between 0-9)
    * Click assemble.
    * Write out "MOV BYTE PTR DS:[ESI+4A],VALUE"
    (Where VALUE is your number of subs to be used, between 0-9, should be same or lower as the above to be named, not higher)
    * Click assemble.
    * Write "POP ESI"
    * Click assemble.
    * Write "RETN".
    * Click assemble.

    Then return to the OP and continue from the steps about testing your changes.

  17. The Following 3 Users Say Thank You to bine ye For This Useful Post:


  18. #11
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    I appreciate that mate, I really do but let me try to expalin this better... when you say:

    "* Find 574C03 - POP ESI, and double click on this to write your new line.
    * Write out "MOV BYTE PTR DS:[ESI+49],VALUE"
    (Where VALUE is your number of subs to be named, between 0-9)
    * Click assemble.
    * Write out "MOV BYTE PTR DS:[ESI+4A],VALUE"
    (Where VALUE is your number of subs to be used, between 0-9, should be same or lower as the above to be named, not higher)
    * Click assemble.
    * Write "POP ESI"
    * Click assemble.
    * Write "RETN".
    * Click assemble."

    All I see is... "789072365780bf3460n8cv0gn6f-935827fm-023876md9-823749tb87234tc69-8 Click assemble"

    ha ha ha

  19. #12
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    In all fairness tho... I haven't actually attempted to do this yet... so I might be able to do it once I try it a few times....

    Thanks for the Instruction mate..

  20. #13
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500
    Quote Originally Posted by edcrowley100 View Post
    when you say:
    All I see is... "789072365780bf3460n8cv0gn6f-935827fm-023876md9-823749tb87234tc69-8 Click assemble"
    ha ha ha
    Look we are only trying to help. How can you say that when you haven't even opened the program to see what we are explaining? I have given you 4 lines to change, and told you exactly what changes need to be made to modify the subs named and subs used for the English Premier League. Why don't you go and try it first before posting stuff like that?

  21. #14
    Join Date
    02-03-12
    Posts
    4,850
    vCash
    1075
    wonderful tutorial bine ye


    now, question time

    do i need a fresh install or is it fine having two exe's in the same folder? i mean, if i create the second modified exe, am i still able to use the clean one without problems?

    also, this is for everyone, some months ago i was trying to create a full ordered (by nation & by subject) list of all the offsets found out so far, would it be helpful?

  22. #15
    Join Date
    05-06-12
    Posts
    1,035
    vCash
    3700
    Two exes is fine - my CM folder currently has 18 different exes in it.

  23. The Following 2 Users Say Thank You to JohnLocke For This Useful Post:


  24. #16
    Join Date
    23-03-12
    Location
    An Dún, Éire
    Posts
    186
    vCash
    500
    No, you can have as many exe files in one folder as you wish. It's only when you have 2 or more data folders together that problems start! Sure when you install the game, you have 2 exes by default, 'cm0102.exe' and 'cm0102_GDI.exe'.

    And your other point, JL has started something like that already, it is stickied in the Patches thread under 'The Offsets Index'.

  25. The Following 2 Users Say Thank You to bine ye For This Useful Post:


  26. #17
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    I see my humor doesn't translate on here too well...

    Sorry Bin, i was only joking dude.... didn't mean to come acrossy as being a bit arsey, believe me i'm not.... I'm extremely greatful for any advice you guys have to give

    Sorry for the misunderstanding mate

  27. The Following User Says Thank You to eddieC For This Useful Post:


  28. #18
    Jesus is offline Official Challenge Team
    Social Media Team
    Join Date
    04-03-12
    Posts
    3,534
    vCash
    681
    Quote Originally Posted by edcrowley100 View Post
    I see my humor doesn't translate on here too well...

    Sorry Bin, i was only joking dude.... didn't mean to come acrossy as being a bit arsey, believe me i'm not.... I'm extremely greatful for any advice you guys have to give

    Sorry for the misunderstanding mate
    The internet and humour don't like to get along together sometimes.

  29. The Following 2 Users Say Thank You to Jesus For This Useful Post:


  30. #19
    Join Date
    27-08-14
    Posts
    316
    vCash
    500
    ha ha tell me about it! It's why I left Facebook! ha

    Jesus, you're very wise

  31. #20
    Craig Forrest's Avatar
    Craig Forrest is offline Manager
    Official Challenges Mod
    Programmer
    Forum Enforcer
    VIP
    Holy Trinity Member
    Join Date
    02-03-12
    Location
    The Great White North
    Posts
    4,075
    vCash
    1547
    He IS Jesus you know....


  32. #21
    Join Date
    27-08-14
    Posts
    316
    vCash
    500

  33. #22
    Join Date
    01-10-12
    Posts
    5
    vCash
    500
    hi,why I cant open offsets? I want to make some changes in Croatia league

  34. #23
    Join Date
    18-03-14
    Posts
    687
    vCash
    5100
    A lot of times when wanting to change one line in the middle of a block of code, the new line is a couple of bytes larger. This results in us having to do some tedious copying and pasting of the lines that the new line of code has overwritten, all the way down to the end of the block of code, line by line. Here's how to copy and paste large chunks of lines in one go.

    I'm going to use the Italian Cup team selection code as an example. I wanted to revert Tapani's code in 2.21.1 to see whether .68's original code worked with my 20/22 Italian league structure. The new team selection code begins at 0063FAF0 in 2.21.1 and lasts until 0063FCB9 (or at least the code stops looking like gibberish in Olly then). So this is what we'll be NOPing and replacing with the original .68 code.

    Next we've to get the original code, so open up the vanilla .68 exe in Olly. Go to 0063FAF0 again and click on the line. Scroll down to 0063FCB6 (don't CTRL+G) and, holding Shift, click that line too. All the lines between those two addresses should now be grey. Right click on any of the lines and go to Binary -> Binary copy.

    Open up a text editor (Notepad etc) and paste in the contents. You should see "81 EC 8C...20 7D 79". This is what we'll be pasting back into Olly. When pasting we can enter a maximum of 256 bytes at a time. In your text editor your pasted content should be in rows of 32. Count down eight rows and hit enter, which will give you the maximum of 256 (32x8). The first block should end in "...00 00 00" while the second block should begin with "85 C9 74...".

    Open up a patched 2.21.1 exe in Olly and go to 0063FAF0 again. Like earlier, select that line and scroll down to 0063FCB6, hold Shift and click that line too. Now right click on any of the lines and go to Binary -> Fill with NOPs. CTRL+G back up to 0063FAF0. Copy the first block of 256 bytes in your text editor and right click on the 0063FAF0 line. Go to Binary -> Edit, right click in the HEX +00 box and select Paste. About half the original code should now be entered. Select the second block in your text editor and paste into the next line in Olly like before. Now the code should all be fully entered, and be identical to the .68 version.

    A couple of things to be aware of. Firstly, the first block in the example above happened to end on a "full" command (JL 0063FCA5). I'm not sure what happens if the first block ends in the middle of a command: perhaps the second block will make things look fine when it's entered, or perhaps you'll have to copy and paste that in-between line yourself like we always had to before. Secondly, you'll have to check and make sure that any JMP commands are pointing towards the correct line in your newly pasted code. Everything's fine in my example as it's a true copy and paste job. But if your reason for copying and pasting is because you've wanted to change something like PUSH EAX to PUSH 1 in the middle of the code, be wary that all the code beneath that will be one line off, so things like JMP/JE/JNZ commands will have to be edited accordingly.

    Edit: Watch out for the CALL xxx commands not appearing correctly too, you'll have to double-check them aswell.
    Last edited by saturn; 25-05-16 at 10:48 PM. Reason: CALL command warning.

  35. The Following 3 Users Say Thank You to saturn For This Useful Post:


  36. #24
    Join Date
    04-06-17
    Location
    Estonia
    Posts
    5
    vCash
    500
    If there were something like Olly for CM97/98 too... it would be possible to change starting day, promotions-relegations and much more easily.

  37. #25
    Join Date
    15-12-11
    Location
    Your Mother
    Posts
    25,859
    vCash
    4300000
    It should work since its just editing an executable (.exe)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •