So I've modded a number of game sin the past. Outward is a Unity game. This means it's really easy to use a library such as Partiality in combination with dnSpy to make just about any code change you can think of. I did this for Wizard of Legend a while ago, I've also poked around in Enter the Gungeon as well using these tools.
Haha don't stress too much about it, as good programming skills come from mostly from practice. As for the code, I am not too sure if I can legally release it; though if you are really interested, I can hint that the code was obtained using dnSpy
There's all sorts of things you can do with Hollow Knight with the right tools.
Unity Studio lets you rip all the assets from the game, including all audio and textures in the game. > https://github.com/Perfare/UnityStudio/releases
Next, we have dnSpy. dnSpy lets you open up and edit Assembly-CSharp, allowing you to edit things like how much health you start a new game with or how long your nail attack is with certain charms equipped. > https://github.com/0xd4d/dnSpy/releases
Finally, we have the Unity Asset Bundle Extractor. With this tool, you can actually replace assets in the game with your own! This is mainly useful for recoloring enemies or changing music. > https://7daystodie.com/forums/showthread.php?22675-Unity-Assets-Bundle-Extractor
If you're using the Steam version of Hollow Knight, the folder where you extract everything from is located here: > Steam\steamapps\common\Hollow Knight\hollow_knight_Data\
I think when people want to do this kind of thing, they usually use tools like Reflexil or dnSpy to edit the IL instead of fully decompiling and recompiling.
This lessens the chance of build issues and other weird decompiler errors, although it can be tedious for large changes.
Something else to look into could be Mono.Cecil for making changes programatically.
Okay, first you're going to need to download dnSpy. Here's the official Github page. If you don't want to compile it yourself, you can use my compiled version from here.
Open dnSpy, and then open the file "Assembly-CSharp.dll" located in your Steam directory\SteamApps\common\Job Simulator\Job Simulator\JobSimulator_Data\Managed. Look for "Assembly-CSharp" at or near the bottom of the list on the left. Expand that, and then "Assembly-CSharp.dll". Then expand "{ } -", and finally "SaveLoad".
Right-click the item that starts with "Save(string, SaveStateData)" and click "Edit Method Body". Under the Opcode column, look for the item that says "ldsfld". Click that, and change it to "ldc.i4.0". Click OK, then go to File, Save Module, OK.
Open Job Simulator and then do something that will cause the game to save. I haven't beaten the game yet so I don't know if there's anything that will update a save when you have, but if you haven't then just complete a single task and then exit. To verify it saved a decrypted file, press Win+R to open the Run dialog and enter "%AppData%\..\LocalLow" without quotes. Double-click "Owlchemy Labs", "Job Simulator", and then "User". There should be a file called "JobSimulatorSave.save"; open this file in Notepad. If you see XML, it's decrypted; if you see a bunch of gibberish, then it's encrypted and you should try again.
Go back to dnSpy, right click the item that starts with "LoadFullPath", and click "Edit Method Body". Once again, click "ldsfld" and change it to "ldc.i4.0", click OK, then File, Save Module, OK. Start Job Simulator and it should load the decrypted save.
You should check out dnSpy; it's a little-known fork of ILSpy with a bunch of extra features, like you can actually edit IL code, add classes, etc. and save modified binaries. You might be able to do some cool stuff with that, like mods.
You could a tool like dnSpy to disassemble the .dll
, edit out the console output functions from the functions that you are calling, recompile and then use that edited .dll
.
I am a huge fan of dnSpy. Since discovering it, it's my main tool for managed code.
Not only it can decompile .NET code. Debugging with it, is as close to source level debugging as you can get. You can also modify IL code and re-create modules.
Not really possible unfortunately.
The best you can do is:
(Get-Command New-Partition).ImplementingType.ToString
to get the full name)BeginProcessing
, ProcessRecord
, and EndProcessing
methods in that typethrow
or ThrowTerminatingError
statementsObviously around number 5 that stops being a reasonable use of time, but that's the answer. Most cmdlets written by the PowerShell team will catch everything possible and wrap them in an ErrorRecord
, so 1-4 should work in most scenarios.
u download dnspy, get your Assembly-CSharp.dll file in ravenfield_Data\Managed. you drag the dll file into dnspy and you press the dropdown arrows until you see the "-" folder thing. Press the drop down arrow to the and find the ufo folder and delete it. Then press file>save module, then you should be done! heres a picture guide
https://github.com/0xd4d/dnSpy
Pretty much guaranteed to be against work policy or against the software's licence.
But you could use dnSpy to edit the xaml to add the names in. This will only work if the assemblies are not digitally signed.
This does also mean the assemblies you are testing will not be exactly the same as the originals.
The program used to edit Karlson.
Just add "return;" to the beginning of the death function to be invulnerable!
I won’t be uploading the modified program because I don’t want to get into copyright issues.
Thank you for reading this you boner!
The program used to edit "Balls?"
Just add "return;" to the beginning of the death function and the lose health function!
I won’t be uploading the modified program because I don’t want to get into copyright issues.
​
Thank you for reading this you boner!
Yeah it's only client side usually, and what is already exposed and being passed back and forth, but if you have the server sending unencrypted packets of data with stuff that isn't exposed people can get creative finding ways to manipulate that as well sometimes. What you're thinking of is akin to a packet injection like a man in the middle attack in the wifi hacking world which people can and will do to even encrypted data in MP games to break the hash/encryption algorithm.
It's basically the fundamental for people data mining, making custom UIs or overlays, and stuff like Cheat Engine but more hands on approach that takes some skills and risk of being banned if the devs are looking for that stuff. Always been about disclosing that stuff to devs though similar to bug bounties or white hat hacking ethical disclosures. Most indie devs appreciate it, larger companies tend not to unless they have an active bounty program.
Take a gander here if you wanna understand it a bit more and see what you have exposed currently using the same tools someone like me would be using https://github.com/0xd4d/dnSpy and https://www.wireshark.org/
DnSpy also supports .Net Core debugging. Even without source code. It's my nr.1 tool when I need to debug problems on a remote computer.
>Also, how does modding work? i haven't been able to google any guides or find any tools. It just seems filled with possibilities but i have no way to access anything
Join the Slime Rancher wiki Discord channel. There's a modding channel, with pins showing how some people mod. With no official modding support, people mod the game using different tools. Some use dnSpy, others use Harmony. It seems there's no one way to do it, and Discord is the best place to throw ideas around, as well as discuss how to make specific changes.
Since it's an unobfuscated Unity game, it's actually really simple.
Use this and the function names are all in plain text: https://github.com/0xd4d/dnSpy
Should be under:
Assembly-CSharp > BattleTech > Mech > ApplyArmorStatDamage
and you can change it to how /u/RealityMachina has it by modifying the block:
if (location == ArmorLocation.Head) { this.pilot.SetNeedsInjury(InjuryReason.HeadHit); }
Edit: I would like to make a disclaimer (though there is no word on it now), that this is entirely at your own risk, and may not be condoned by either Steam^(cough steam achievements cough) or PI because of the nature of the edits. Please modify this, or any other, file at your own discretion!
I personally don't really understand the point of learning IL if you're just a developer. Also, it sounds more like you want to learn MSIL/IL, not ILAsm, correct? IL is the language (Intermediate Language), not the actual assembler, (Intermediate Language Assembler).
The reason I don't find it useful is because even though sure, you will learn some interesting things, like under certain conditions code can be compiled in different ways (some cases if turns to switchs, etc), you're not really going to know much better how your code is working, it's not the true assembly, which you would need to find after JIT'd that really matters.
But, if you're just curious, the best tool by far: https://github.com/0xd4d/dnSpy ^ allows for any executable to be decompiled, turned from C#/IL (most can do it) but you can see the steps it took to get there, as well as editing the assembly in a common work environment and using any language you so choose.
I'm glad you like it.
You're right, I did use C# and Code Injection with Mono.Cecil (GitHub). I've inspected the code with dnSpy (GitHub).
Yes I am aware that it is a .NET executable, no one uses IDA to analyze those. I only used the asm code as an example of something you could do. What you use to analyze these binaries though is tools like dnSpy because .NET is easily decompilable. (https://github.com/0xd4d/dnSpy) which basically gives me all of its code, unless its obfuscated which usually ends up with the file getting denied because we do not waste our time on unpacking.
Lastly, it definitely isn't a waste of our talents, we often find interesting binaries and voluntarily do it as some sort of a hobby. Many of us have real life jobs that are very related so yeah.
these are helpful for malware reversal:
any.run
https://github.com/horsicq/Detect-It-Easy
https://github.com/0xd4d/dnSpy
https://github.com/0xd4d/de4dot
hxd for hex viewer
virustotal can be handy
unplugging your ethernet and running malware (don't actually do this lmao)
dnSpy has wonderful SyntaxHighlighting for the Callstack when debugging, making it much more readable than the default. I wish there was a Visual Studio extension that would color the Callstack there just as nicely
Your av will mark it as a 3rd party exe (that’s because it is a 3rd party exe but only for roblox), and for dnspy you can click here and make sure to download the one that fits your system type (ie 32x or 64x)
https://github.com/0xd4d/dnSpy
If you just need to edit a file path, use it to do the quick fix and recompile with the patch.
For long term, to get the code back, it allows you to create a new solution with associated project files. But it isn't perfect, code that is generated by dotnet such as iterators and state machines don't compile back to valid C# source. So before visual studio can compile the decompile source code you'll have to go through and fix some things
>this mod change 'way of sword' and 'way of great axe' perks swing speed to 2 -> 0.25 only works for 1.4.1 > >just copy TaleWorlds.CampaignSystem.dll and overwrite to 'Mount & Blade II Bannerlord/ bin' folder > >if you want to change swing speed follow the instruction > >1. download dnSpy. https://github.com/0xd4d/dnSpy/releases > >2. open dnSpy.exe and drag TaleWorlds.CampaignSystem.dll to it > >3. write 'initializePerks' in Search tab > >4. double click InitializePerks > >5. you can see many perks in here. scroll down and find 'OneHandedWayofTheSword' 'TwoHandedWayofTheGreatAxe' > >6. right click to perk and open 'Edit IL instructions' > >7. change '0.0025' to anything you want (default is 0.02)
My post last week garnered a nice response from the Sentinels Devs, so I thought I'd spend an hour or two today playing around with modding. I was surprised at how easy it was to read the source code, but I'm even more surprised at how easy tools like dnSpy make it to go in and modify stuff. Changed a couple numbers, exported the new DLL to my Steam folder, and voila.
The change reflects my animosity toward's Bunker's modes. I've always wanted to get more out of them. If I didn't need to get back to wrapping up my semester, I'd go ahead and increase the number of Plays that Upgrade Mode gives you and the number of Powers that Turret Mode gives you. I don't really have a coherent plan for all this, but its exciting to think about all the changes I can make!
If you get dnSpy, you can browse through the actual C# code. It'll be complicated though - there are functions for backstories, traits, and faction types, in addition to points. And each of those functions will have subfunctions etc. Then, there's the layers of XML with the actual parameter data used in those functions, some of which is in separate XML files, with the rest being defined within the C#.
But there is no more accurate way to describe the process than the code itself. Plus it's fun to peek behind the scenes and see how stuff is done (even if you don't understand all of it). Let me know if you need any help setting up dnSpy.
Since BattleTech is a Unity game, it is written in C# and compiled down to IL (Intermediate Language) and then run on a virtual machine that implements the CLR (Common Language Runtime). The IL bytecode is stored in .dll files that can be reinterpreted/decompiled back into C#. Most of the game code is contained within BATTLETECH/BattleTech_data/Managed/Assembly_CSharp.dll
.
I use a tool called dnSpy to open the .dll and decompile from IL to C#. There are other tools that do this as well, dnSpy happens to be free and pleasant to use. Using this tool, I was able to develop BTML and then it's successor ModTek (which is the foundation of the official mod support), as well as many other mods for BattleTech.
As to why I'm not currently maintaining these mods -- it's a hobby that I dabble in, but I've been fairly busy with a new job as well as a little disinterested since I've put thousands of hours in.
C# code is very easy to decompile, modify and recompile using tools like dnSpy. Any code you write is basically open and available, and I can make it do whatever I want.
This means that any trust which the server places in the data sent by the players can be exploited. If your server believes my client when it says I just scored a hit on someone? Guess what, I now have a key combo to kill everyone in an instant. Does the server trust my client when it says how many hitpoints I have? Now I'm immortal.
The way around this is to only trust the players about their button inputs, and have the server simulate everything. The clients can simulate the world in parallel so that you can cut down on the data requirements, but none of the clients can have any authority whatsoever.
Most beginner networking like what you'll find in Photon tutorials does not implement an authoritative server and client-side prediction, and is therefore vulnerable to such basic hacks. That's not to say that you can't make a secure game with Photon, but if you're advanced enough to do that you wouldn't be interested in Photon anyway.
So Unity games use C# as the scripting language, and thank god for that because C# in its normal compiled form tends to be much, much easier to decompile than native code. With Unity games that use the Mono backend (which includes SSG), the C# assembly that contains the main game code is located at {gamename}_Data/Managed/Assembly-CSharp.dll in the game's folder. (Some newer Unity games, and mobile games especially, use the il2cpp backend, which actually compiles the C# code into native code somehow, which means this stuff won't work, and also that I am a very sad modder)
I'd suggest dnSpy as a decompiler for C# assemblies. You can also do editing of the code if you're so inclined, although doing so directly in the decompiler can be brittle and break things in ways you wouldn't expect. I personally use UnityDoorstop and a Harmony assembly when I want to make changes but whatever works.
My little side tool basically dumps the internal data tables to JSON and also allows for loading patches to those data tables (I've already experimented with changing tech properties; I kinda want to try rebalancing magic and stuff on my third playthrough), and also has the BR display thing I mentioned. I could release that stuff at some point and shove it on github or something if there's interest
EDIT: I will mention the code is kind of a structural mess, so it might be a little tough to get your head around. I'd suggest checking out the BattleManager_old class; that seems to be where the sausage is made
joke or not, im glad you asked
I opened osu!ui.dll and osu!gameplay.dll in this piece of software and extracted the contents of those dll files. Rest of the job was identifying correct file extensions
Use netcore for cli and web stuff. It even behaves quite well in containers (linux containers that is, I wouldn't make my hands dirty with that windows containers abomination).
As for unity: You might find dnspy a valuable tool.
Addresses doesn't matter. Data stored at them does.
Usually people look for some certain values (like 39 8E E3 3F
which is ratio for 16:9, or numbers like 1920 and 1080) via a hex editor and then experiment with replacing it.
For Unity absed games there are tools like https://github.com/0xd4d/dnSpy that may help.
It may not be helpful, but if you want to poke around in the internals you can use something like dnSpy, with View->Options->Decompiler->Uncheck "Decompile async methods".
C# in Depth (4th Edition) also has a pretty good deep dive into async/await, and the implementation/intent of the state machine that is used for it. A lot is going on when you use those keywords.
Yes technically you can disable it but will you need to manually edit the game code.
If you want to learn you can watch a video I recorded of how I disabled mouse smoothing in this game. I also removed the stupid vertical sensitivity multiplier: https://streamable.com/g8w8p
The essential steps are:
Get dnSpy
Open Assembly-CSharp.dll in Outward\Outward_Data\Managed in dnSpy (remember to make a backup.)
Navigate to the CharacterCamera class and Right-click>Edit Method on the code you want to edit
First delete the vertical sensitivity multiplier at around line 60 (line 24 in method editor)
Then delete the essential mouse smoothing code at lines 101-102 (65-66 in method editor) and 117-119 (81-83 in method editor)
Make sure to hit Compile in the method editor to make the code edit and then File>Save Module to save the actual code to the .dll
See the video for more detail.
Also after doing this I recommend you lock your framerate to something comfortable using something like RivaTuner as the sensitivity in this game is directly tied to your framerate.
https://github.com/0xd4d/dnSpy
free and open source, it works with any .net program, which includes unity games, such as furi
its recommended to have some c# experience before trying this
Eh, det er ufattelig trivielt at bruge et værktøj såsom DNSpy til at dekompilerer C# programmer, hvis alle debug symbolerne er der, hvilket han påpeger de er. Nu ved jeg ikke hvor du sætter baren for at være programmør, men hvis du som minimum har en bachelor i datalogi så burde du kunne gøre manden efter.
I regret to inform you that if you can't tell the difference between .NET source code files and an executable you aren't going to be able to do much with a .NET decompiler, but here's a link to the releases section
The fun thing about Beat Saber being written with Unity is that there are free tools (e.g. dnSpy) that make it pretty simple to take the game apart and see how it works.
The class that manages the energy is called GameEnergyCounter, and is part of Assembly-CSharp.dll. You can also find all the parameters in there.
In particular, in a game without modifications:
The easiest way to edit/add classes/spells at the moment is in pure c# code, Eldtrich Arcana is a good example.
Blueprints (which is how spells are implemented) are loaded from Unity resources are serialized from Pathfinder Kingmaker\Kingmaker_Data\resources.assets. Unity asset files are fairly opaque undocumented binary format, which is why content mods are challenging. You can inspect the game code using dnspy and see the class definitions there. To see how individual instances of spells are implemented, the json blueprint dump i linked above is the most convenient method. Unity Mod Manager also has a guide in setting up projects here
So unless you want to implement new meshes, animations, or spell effects, the Eldtrich Arcana approach is currently the easiest.
Current version is the best version to mod as 1.4.X has been around a while. I can think of 2 exceptions:
Notably, 1.4.4 does not contain redshell and includes some particle fixes, if you care about that kind of thing. 1.4.5 will be coming out soon and I don't expect it will cause any compatibility issues. You can consider mods prepared for the same minor version (as in major
.minor
.revision
) to work in general.
you could check some of the mods that already exist for this game on nexus mods, maybe you'll get some inspiration on how to do your own mods then?
if you ever modded another game before you should be able to pick it up pretty quickly, otherwise it helps to at least have a basic amount of editing skills (can handle notepad++).
here's a list of tools, you might find it useful:
Unity Asset Bundle Extractor (UABE) -> to open .assets files under PCBS_Data and look at the contents
Unity Studio (seems to be called Asset Studio now) -> same as above, but this one can even display meshes and textures directly (models)
If you got any knowledge of C# you might want to try DnSpy as well, it can decompile the Assembly-CSharp-firstpass.dll in PCBS_Data\Managed thus showing you a lot of the code of the game. You can even change things and recompile it.
I only used dnSpy for this mod. https://github.com/0xd4d/dnSpy/releases
But if/when I start working with sprite mods I use Unity Assets Bundle Extractor. Last game that I was modding only allowed 2.2beta of UABE, haven't tested with this game.
On a side note, when I am exploring files (Not scripts, just sprites/sound effect) I sometimes use DevX.
/u/Ladosha2 extracted them, he told me he used dnspy to read this from memory.
That information might also be inside the pbl (modified protocol buffers format) files, but the extraction is difficult.
Since some of you trust anonymous pastebins and don't realize what an archive button really does, I've posted this too, thanks to fearless0 for posting the other link
If you are looking for a very specific sequence of bytes that never change and always modify them to another thing you can write a simpler patcher.
But I suppose it's harder than that. dnSpy supports plugins (although it seems like there are only a few available but you could create your own, search for the specific IL instructions and patch them (again this assumes the IL instructions do not change between versions).
Using something like dnSpy, you could open up the Assembly-CSharp.dll
file in theCuphead_Data/Managed
directory. This decompiles it to essentially pure C# code, which looks like this.
After that, you could look around/change whatever you want and directly recompile the code and see the results in-game.
The devs have not obfuscated the game code, and as such, it's still very pretty and easily readable/modifiable, even if decompiled. This doesn't mean that you should ruin their hard work by making stupid mods, which debalance the game and other things like that.
First, ditch dotPeek and get dnSpy, it is worlds better and made by hackers / reverse engineers. https://github.com/0xd4d/dnSpy
Next, since you are stating it is accessible in dotPeek it means the game is coded in a .NET language. With that, you can look into Mono.Cecil for doing 'patches' to the game client without actually editing the binary. With Mono.Cecil, you can load the games exe into memory, make edits to the IL code in memory, then run the edited game client all via memory. (You can save the modified exe as well if you wanted to.) This is a great way to edit .NET programs without having to actually edit the exe in any manner and allows you to create a more permanent mod to the game as well as a mod easy to keep up to date with the latest game client.
What are you using exactly? I had a quick look and found dnSpy, but coroutines don't decompile correctly. I'd be interested if you managed to find a way to correctly decompile coroutines.