Tuesday 26 November 2013

Commandos BTCOD windowed on 32 bit dekstop

I got tired with switching to 16 bit desktop to be able to run BTCOD in windowed mode. So with bunch of lines of C++ code here it's. Additional feature is full-screen console with Lua interpreter and some game engine features available from Lua script. I had to implement DisplayDevice interface and provide some simple methods to create and resize game window, locking/unlocking primary drawing surface. With this new SdlDisplayDevice I was finally able to use quake-like console in the game window. You probably remember that previously it had to be in separate window. But that's not all. There is Lua script interpreter running and there are some features available. Just as proof of concept one can check current game engine state, select character and check some character attributes like type , name from the Lua script. More to come. Enjoy the video.

Code Injection through dynamic library



Inspired by Oni Mod Anniversary Edition I started playing with code injection. My usual target is my favorite game Commandos Beyond the Call of Duty. I've bought original box version long time ago. My first goal was ability to reuse existing binary executable. It's easier to modify if you can see immediate result. I've start with few failed attempts of using game executable as dll library. I was able to load exe file as library using LoadLibrary Win32 Api call, but load address was always random, without proper reloc segment in exe file it's not possible to use any code from that binary directly, and reconstructing entire reloc segments seemed as impossible task. So I've change my approach. Instead of using binary as dll I decided to create my shared library and inject custom code into starting process. There is an easy way to do that on Windows. One have to create dll library with the same name as one used   by executable. In my case coman_mp.exe uses ddraw.dll. Created library have to provide list of exported functions. Fortunately game binary (coman_mp.exe) uses only one functions from ddraw.dll (DirectDrawCreate).
This approach is based on assumption that game binary will be loaded and fully initialized before any of dynamic libraries required by this binary. During the loading and dynamic linking stage system loader will look for required dynamic libraries in current working directory. So it's enough to create dll that provides DirectDrawCreate function and dummy IDirectDraw interface implementation and store it in the same directory where game binary is.
Code sample presents dynamic library source.
 
#include <windows.h>

struct LPDIRECTDRAW;
struct IUnknown;

HRESULT WINAPI DirectDrawCreate(GUID FAR *lpGUID, LPDIRECTDRAW FAR *lplpDD, IUnknown FAR *pUnkOuter)
{
 return 1;
}

BOOL APIENTRY DllMain(HANDLE hModule, DWORD reason, LPVOID lpReserved)
{
    switch (reason) {
    case DLL_PROCESS_ATTACH:
  // At this point game binary is loaded and initialized
  // we can start patching
        break;
    case DLL_THREAD_DETACH:  
        break;
    }
    return true;
}

End of part one.
This was just very simple introduction to story about my work with Commandos BTCOD game binary.


Sunday 16 June 2013

Mission editor with visible patrol routes


One more but small improvement to BTCOD mission editor. Now it's possible to see patrol routes.



Also there is possibility to use debug console. Check first image. It's also usable from Lua scripts.

Tuesday 9 April 2013

Commanods BtCoD deadly flamethrower


Finally flamethrower can be used to kill Nazis. Last step will be creating proper flame   animation.

Thursday 4 April 2013

BtCoD flamethrower part 2




Finally flamethrower is almost usable. Now proper character animation is used. Check the video. One thing still missing proper flame animation. Anyone interested in making one. Let me know.

Wednesday 27 March 2013

Strike in Narrow Path built-in editor


This time I was able to use built-in editor in Commandos BEL mod called Strike In Narrow Path. It's pretty similar to that one found in Commandos BTCOD. If you wanna try it just download SINP ddraw.dll and put it in the directory with SINP binary. It will work only with SINP 2.3 english version.

Tuesday 12 March 2013

BCoD flamethrower in action


Another small step made. It's possible to use flamethrower. Proper character animation is still missing. This is still work in progress.