Game in use for this tutorial: Epic Battle Fantasy 4
Programs used:
Notepad
Raw Data AOB Extractor
SWF Decompiler
Jump to an anchor on the page:
Step 1: Finding the function
Step 2: Picking the right function
Step 3: Seeing and recongizing the SC
Step 4a: Getting the Raw Data
Step 4b: Using Raw Data AOB Extractor
Step 4c: Editing in Raw Data AOB Extractor
Step 5: The final step
The first step would be to download the .swf file and open it
1. The real first step is finding the AOB's
Type "submit" into the search bar, check "Ignore Case" and select P-Code
Picture
Search for submit is because all API calls to the highscores leaderboard must submit a value, and the only way to do that is with the "submit"
2. The next step is selecting which function to use. You can't simply pick the first one because the possible amounts of results
Click for image of search results
Picture
Since the badges are as follows
| 5 |
 | | |
| | Scan 10 foes |
| 15 |
 | | |
| | Open 60 chests |
| 15 |
 | | |
| | Deal 3,000 damage with a single attack |
| 30 |
 | | |
| | Complete your adventure |
We need to find something for each one.
For the easy badge, it shouldn't be too hard finding a function with "Foes" or "Scan" in them
At the 16th search result, we'll find that there is a function called FoesScanned, which is a direct match
Switch to "Source Code" and move on to step 3 :D
Note** When switching to "Source Code", you'll have to find it again, but this time just scroll down or press "Search Current AS" to find what is needed
3. Now that you've selected the function and you're at least 90% positive it's the correct one, lets try to change it
*You may skip this step if you feel you don't need to see it in Source Code*
Picture of Source Code view of where the API's are
Picture
The one we want to focus on for this example is on line 685
Main.kongregate.stats.submit("FoesScanned", Foes.scannedFoes.length);
Main = Refering to the API
Kongregate = Website
Stats = Where to submit
Submit = Submit
FoesScanned = What string to submit
Foes = Type of Enemy to get from Savefile
scannedFoes = How many scanned (From Savefile)
Length = Length (Also gotten from Savefile
Step 4a. This is where we edit the code
The Source Code:
Main.kongregate.stats.submit("FoesScanned", Foes.scannedFoes.length);
The Raw Data:
//60 e5 a4 01
_as3_getlex Main
//66 e1 a4 01
_as3_getproperty kongregate
//66 fe a4 01
_as3_getproperty stats
//2c a7 ae 01
_as3_pushstring "FoesScanned"
//60 f8 a4 01
_as3_getlex Foes
//66 f9 a4 01
_as3_getproperty scannedFoes
//66 ea a4 01
_as3_getproperty length
//4f ff a4 01 02
_as3_callpropvoid submit(param count:2)
This follows the exact same pattern as the source code does.
We copy the Raw Data into the program "Raw Data AOB Extractor"
Step 4b: Paste your Raw Data into the first box of the program, press the two button (named "Get AoB" and "Copy to edit pane")
This will generate the AOB you search for, and send the code over to the box that will be used for editing
Click for Raw Data AOB Extractor window
Picture
Step 4c: Editing the code and making it work for you
With this code
//60 e5 a4 01
_as3_getlex Main
//66 e1 a4 01
_as3_getproperty kongregate
//66 fe a4 01
_as3_getproperty stats
//2c a7 ae 01
_as3_pushstring "FoesScanned"
//60 f8 a4 01
_as3_getlex Foes
//66 f9 a4 01
_as3_getproperty scannedFoes
//66 ea a4 01
_as3_getproperty length
//4f ff a4 01 02
_as3_callpropvoid submit(param count:2)
Since Main.kongregate.stats.submit("FoesScanned", Foes.scannedFoes.length);
Is the source code, all we need to do is replace the variables that connect to the save file, these would be Foes, scannedFoes, and length
Now, do not confuse the string FoesScanned with the indentifier scannedFoes
Over in Raw Data AOB Extractor, we can NOP(0x02) those functions connecting to the save file.
When noping, select what you want to NOP, right click and press "NOP Selection".
*When replace bytes, all functions must be the same length*
Click for picture of NOPing
Picture
Since the badge asks for only 10 scanned foes, we only need to submit the number 10
We need to change
Main.kongregate.stats.submit("FoesScanned", Foes.scannedFoes.length);
Into
Main.kongregate.stats.submit("FoesScanned", 10);
This will make the function skip looking at the Savefile and simply submit the number 10
In Raw Data AOB Extractor, select one of the NOPped functions, as long as it's of correct length, and change it to 24 0a 02 02
This will make the game read it as 10
The edited code will look similar to this
//60 e5 a4 01
_as3_getlex Main
//66 e1 a4 01
_as3_getproperty kongregate
//66 fe a4 01
_as3_getproperty stats
//2c a7 ae 01
_as3_pushstring "FoesScanned"
//24 0a 02 02
_as3_getlex Foes
//02 02 02 02
_as3_getproperty scannedFoes
//02 02 02 02
_as3_getproperty length
//4f ff a4 01 02
_as3_callpropvoid submit(param count:2)
IMPORTANT**Leave the callpropvoid submit untouched at ALL times
Step 5: The final step.
In Raw Data AOB Extractor, press then "Get AoB" button under your edited code, this will generate the code you change the searched code for
(In hack posts, this is often the second line of the AOB)
Then press "Get Post"
And finally...Test the AOB
If after you clear the save, finish a level or two and you do not get the badge, there's a high chance something was done wrong.
