Alright. Here goes another nice tutorial
Changing weapon's
WeaponTypeAttackDamageModifier in the
WeaponTypeAttackDamageModifierList. Also known as
One Hit Kill
I studied a bit the behavior of the One Hit Kill developer debug menu option in
Syndicate, but I could not find the same relationship in Origins or Odyssey. Simply because some objects/structures are missing (or were removed from being compiled in these games). What happened in Syndicate is once enabling this feature, this path was queried and toggled: GamePlaySettings -> FightSettings -> ACVIFightSettings -> ACVIFightDebugSettings + 0x7C == 1. This lil' bool then allowed setting another bool in NPC's health structure which instructed the engine to "kill" the target when a
hit event occurred. That being said, target could also die from bumping a moving object (chariot, horse, etc.)
Now.. I followed somewhat the same logic in Odyssey. I got as far as: GamePlaySettings -> FightSettings -> ACEFightSettings. There's no ACEFightDebugSettings in this one to be able to toggle that bool. At first I was like "well, can't do anything about this, won't be able to come up with a clean, nice
one hit kill". Didn't abandon the fight though, so I started to poke around ACEFightSettings, using exception breakpoints across the entire structure (well, a wide range of it) and found a list of instructions being triggered on access/write.
First-up, this is my structure and its address/hash/etc.:
Code: Select all
IStruct: 0x7AADB9D0
IName: 0x144F2AB10
ObjStr: ACEFightSettings
ObjHash: 0xB523F455
Then this is the debug list I got:
Starting from the instruction accessed 7 times going down are the instructions being run
when I hit something So I studied each and every one of them till I got to that CMP. Which I manually traced and found this:
Traced from that CMP all the way down till the CALL. Went in (RCX == 0x7AADB9D0, my ACEFightSettings) and found this function:
All good and dandy, but..
- you will notice the JE after "cmp [rbx+20],r9d" is never taken; what if we force it?
- you will notice the CALL before "test al,al" always returns 1; what if we NOP the JNE so [rbx+24] is always put in xmm0?
- you will notice [rbx+24] holds 1.0 as float; what if we make it 100.0?
Regarding the 3rd observation above -- I believe this is a multiplier, because when function exits, this happens:
Code: Select all
ACOdyssey.exe+1EF990E - E8 FD363D00 - call ACOdyssey.exe+22CD010 <-- our function
ACOdyssey.exe+1EF9913 - F3 0F59 F0 - mulss xmm6,xmm0 <-- multiplication
So.. that being said.. patching those spots and changing float to 100.0 from 1.0 will give you
damage x 100 when you start an attack
of course, you can skip patching inside the function and change xmm0 to whatever amount past the call above
Easier to hook.
This is one good spot to hook:
Code: Select all
ACOdyssey.exe+1EF9927 - F3 0F10 85 D8000000 - movss xmm0,[rbp+000000D8]
JMP to your cave and "movss xmm6,[your_multiplier]".
Before:
After:
Enjoy
BR,
Sun
P.S.#1: Note that even Ikraos can now do 1 hit kills when engaging soldiers
That dead soldier on the right was killed instantly right as I was trying to get the screenshot done
P.S.#2: This CALL here:
Code: Select all
ACOdyssey.exe+1EF991E - E8 5DC88700 - call ACOdyssey.exe+2776180 <--
ACOdyssey.exe+1EF9923 - 8B 4C 24 38 - mov ecx,[rsp+38]
What it does is to check your CharacterAI structure for Poison/Fire effects. If any of the two stats are active (as in, your player is on fire or poisoned), then the damage you deal is reduced through this function:
Code: Select all
ACOdyssey.exe+217784C - 80 7B 28 00 - cmp byte ptr [rbx+28],00 // is on fire or poisoned? (!= 0)
ACOdyssey.exe+2177850 - 45 0F57 C0 - xorps xmm8,xmm8
ACOdyssey.exe+2177854 - 74 27 - je ACOdyssey.exe+217787D
ACOdyssey.exe+2177856 - F3 0F10 8F E0010000 - movss xmm1,[rdi+000001E0] // [PlayerProgressionManager + 1E0] == 0.3
ACOdyssey.exe+217785E - 41 0F2F C8 - comiss xmm1,xmm8
ACOdyssey.exe+2177862 - 73 06 - jae ACOdyssey.exe+217786A
ACOdyssey.exe+2177864 - 41 0F28 C8 - movaps xmm1,xmm8
ACOdyssey.exe+2177868 - EB 08 - jmp ACOdyssey.exe+2177872
ACOdyssey.exe+217786A - 0F2F CF - comiss xmm1,xmm7
ACOdyssey.exe+217786D - 76 03 - jna ACOdyssey.exe+2177872
ACOdyssey.exe+217786F - 0F28 CF - movaps xmm1,xmm7
ACOdyssey.exe+2177872 - 0F28 C7 - movaps xmm0,xmm7
ACOdyssey.exe+2177875 - F3 0F5C C1 - subss xmm0,xmm1 // damage multiplier reduced from normal 1.0 to 0.7
ACOdyssey.exe+2177879 - F3 0F59 F0 - mulss xmm6,xmm0
P.S.#3: And no, you don't have to re-equip a weapon/item to apply the effect. Just hook the spot and you're set.