[FF8] Controlling enemies with their abilities (PC/Steam Version)

[Rospark]

Welcome!​

Hello everyone, this is my first post. I discovered this forum recently, and when I saw the MODs section, I realized that there are a lot of talented people here.

That is why I want to ask you if there is any MOD or tool through which you can achieve this:

Fujin & Rajin (using attacks):

Fujin & Rajin (using limit breaks):

(Here we can see Rajin & Fujin in our party with their limit breaks and custom attacks, they even have their names on the menu)


Replacing field models:

(And the creator of this video managed to replace the field models, so you can walk / run with the model of Edea, Cid, and many others)


I hope you can help me with this, since FF8 is one of the jewels of my childhood, and still today I play it.

Thanks!

 

[makipl]

That might be tricky

For field models:

1. Open Deling (editor)
2. Select field you want to modify
3. Click on 'Script' tab
4. Select character you want to modify (e.g. Squall)
5. Click on script label with no name
6. On your right you will see "SETMODEL XYZ"
7. Change XYZ to number ID of model you want (You can see the lists of models in '3D Model' section, first entry on list is ID 0, next entry is 1 and etc...)
8. Click on compile on bottom right
9. Click on 'save' icon

You can also grab other chara.one file and put it in the field archive to use models from other fields (except exceptions, if some entity use model ID higher than model count)
In the video, you can see Rinoa's father at 7:54. 100% author took the Deling chara.one file and put it there

For battle models- there was a PSOne code to change the party to given monster ID. Author in this video claims to work only on file manipulation. I don't believe casual renaming files could work here


EDIT:
WHAT THE

 

[Rospark]

That might be tricky

For field models:

1. Open Deling (editor)
2. Select field you want to modify
3. Click on 'Script' tab
4. Select character you want to modify (e.g. Squall)
5. Click on script label with no name
6. On your right you will see "SETMODEL XYZ"
7. Change XYZ to number ID of model you want (You can see the lists of models in '3D Model' section, first entry on list is ID 0, next entry is 1 and etc...)
8. Click on compile on bottom right
9. Click on 'save' icon

You can also grab other chara.one file and put it in the field archive to use models from other fields (except exceptions, if some entity use model ID higher than model count)
In the video, you can see Rinoa's father at 7:54. 100% author took the Deling chara.one file and put it there

For battle models- there was a PSOne code to change the party to given monster ID. Author in this video claims to work only on file manipulation. I don't believe casual renaming files could work here


EDIT:
WHAT THE

Wow, I can not believe you answered me. No more than a few hours ago I subscribed to your channel when I was watching this video:

Thats really insane, you managed to change the animations of the spells in the PC version, which is no small thing.

Regarding to change the battle models, you refer to the codes of King Edgar 0's (https://www.gamefaqs.com/ps/197343-final-fantasy-viii/faqs/4940), however, in the video the user Is not using the PSX version, rather, it is from PC. And I mention it because Fujin & Rajin can not use the "attack" command (in the PSX version), since that crash the game.

So the person behind the video replace not only the battle models, but also the menu commands with monster / enemies skills. Almost 20 years have passed since the original release of the game, and running into these things drives me crazy. That is why I would like to offer any help needed by the people who make up the FF8 team to achieve that kind of progress.

 

[makipl]

So... I just tested and casual file renaming works... >_>

I'll keep you update if I made it to control the enemy

UPDATE1:

That's how looks Zell tricking game in thinking it's Squall (memory hack)

UPDATE2:
Didn't work for enemy geometry. Looks like I can't just trick the game into model changing, but need to change whole party ID

 

[nfitc1]

If it's anything like FFVII, which it probably is similar, then it would take a HUGE rewrite to add an enemy to the playable party.

 

[Rospark]

So... I just tested and casual file renaming works... >_>

I'll keep you update if I made it to control the enemy

UPDATE1:

That's how looks Zell tricking game in thinking it's Squall (memory hack)

UPDATE2:
Didn't work for enemy geometry. Looks like I can't just trick the game into model changing, but need to change whole party ID

Wow! That's a big progress. Basically in the PSX version, you had to replace -through codes- a member of your team by a digit (monster), such as here:

(He probably replaced Squall with Diablos). I do not know if that information will help you, but I say it just in case you are trying to add a new member to the team - beyond existing ones - that I believe is not possible, but it is simply a stipulation.

Likewise, many thanks for the work you are doing, I truly value it very much, and whatever you need, do not hesitate to ask me. Frankly I do not know much about coding, but if you ask me to do some task (like trying out certain digits to replace models, etc) I learn fast enough and I would devote all afternoon to it.  ;D

 

[makipl]

Okay. So far this:

The forsaken is fully controlable, although I had to fix like 8-9 DIVIDE BY ZERO errors
Fujin instead- no DIVIDE BY ZERO errors, yet her attack doesn't work.

Here's address for "party in battle":
1CFE74C (FF8 English 2000)
The scheme is like this:
4 bytes:
FF020100 - means:
FF- unused
02- Quistis (third party member)
01- Zell (second party member)
00- Squall (First party member)

so you can change it to even:
FF000000, what means that you'd get three Squalls (they work, but are glitchy)

Unfortunately, this list doesn't seem to work with King Edgar IDs
Any ID bigger than 0F just puts Squall with zero HP.
I'll be digging deeper

UPDATE:
I know why. The model ID is stored inside DL, the game finds out the corresponding model ID by doing the [CharaID+CharaID*8] jump and retrieves value at given address. That means it can retrieve some value at weird spots. To avoid that I'm changing register after applying that wicked thing. Finally I'm able to control anything, but:

Still unable to attack, ID is not the same as in any list. I put 9F and got Raijin.

0A is Ward:

Attacks completely fine


UPDATE 3:
20 is cockatrice (fully working)
3F is Chimera (and indeed hangs battle as in wiki)

So yeah, I just ported Enemy control codes to PC version.
I'll make tutorial tomorrow (you may need debugger for that)

 

[Rospark]

Okay. So far this:

The forsaken is fully controlable, although I had to fix like 8-9 DIVIDE BY ZERO errors
Fujin instead- no DIVIDE BY ZERO errors, yet her attack doesn't work.

Here's address for "party in battle":
1CFE74C (FF8 English 2000)
The scheme is like this:
4 bytes:
FF020100 - means:
FF- unused
02- Quistis (third party member)
01- Zell (second party member)
00- Squall (First party member)

so you can change it to even:
FF000000, what means that you'd get three Squalls (they work, but are glitchy)

Unfortunately, this list doesn't seem to work with King Edgar IDs
Any ID bigger than 0F just puts Squall with zero HP.
I'll be digging deeper

UPDATE:
I know why. The model ID is stored inside DL, the game finds out the corresponding model ID by doing the [CharaID+CharaID*8] jump and retrieves value at given address. That means it can retrieve some value at weird spots. To avoid that I'm changing register after applying that wicked thing. Finally I'm able to control anything, but:

Still unable to attack, ID is not the same as in any list. I put 9F and got Raijin.

0A is Ward:

Attacks completely fine


UPDATE 3:
20 is cockatrice (fully working)
3F is Chimera (and indeed hangs battle as in wiki)

So yeah, I just ported Enemy control codes to PC version.
I'll make tutorial tomorrow (you may need debugger for that)

Gosh, You really are a god in this. These codes are more than 15 years old. So today you achieved something from another world lol.
It is rare that monsters can not attack (just like in the PSX version). That's why the guy who managed to do it with Fujin & Rajin (with their respective limit breaks) is something amazing. It is a pity that he did not share the method through which he did it, besides he does not upload any more videos (at least about two years ago).

P.D: Since you were totally cool with me, and you help me with this, I will make some designs for your post tomorrow!

 

[smalldirt]

Hey, 

I am the author of the videos you mentioned in the post (which includes Fujin Raijin). I think i still have most of the files , but  i made that vid in 2012 and its the  nonsteam version of ff8, just uploaded the leftovers 2 years ago. Havent tested it on steam yet.
However the models not ready, there are some missing animations as you could see in the video (e.g. dead animation).
About the method in short- basically the enemy files and playable character files are almost the same, enemies have some extra sectiions (AI). It can be modified to match with e.g. squall file structure and just replace it and do the renames . Worst part u need to edit the animations and sequences otherwise it wont work as intended. :'(

Let me know if you have any other questions 
Best Regards

 

[makipl]

basically the enemy files and playable character files are almost the same, enemies have some extra sectiions (AI). It can be modified to match with e.g. squall file structure and just replace it and do the renames.

You modified .DAT by yourself? Nice job! I'm amazed by what you did.

 

[makipl]

Just as requested I'm posting the code for manipulating the party for both 2000 and Steam version:

At 48B7F5 you have:
mov     al, byte ptr ss:SG_PARTY_BATTLE1[ebp]

SG_PARTY_BATTLE1 is DWORD, and EBP holds current pointer to index for getting byte
When EBP is higher than 3 (4) then parsing is done. When AL holds 0xFF, then next character is parsed. Sample party variable:
.data:01CFE74C SG_PARTY_BATTLE dd 0FF050100h
(remember to read variables from end to beginning).

Interesting note: just after party_battle dword there's UnlockedWeapons DWORD and griever name (allocated on 12 bytes including terminator)

so just change (byte):
01CFE74F - to replace 1st party member
01CFE74E - to replace 2nd party member
01CFE74D - to replace 3rd party member

Anyway- that's wrong. I was enough reckless to not note where is the actual model ID stored and that what happened. Anyway, the new method I discovered doesn't require 1ms memory injection but simple memory change and requires you to have fixed party (if not, I'll tell you how to calculate it)

Let's get started:
ParseBattleParty+93   push    eax ; eax stores Party member ID as variables from above
ParseBattleParty+94   call    ParseBattleCharacter

ParseBattleCharacter in PC2000 is located at: 495520
Step by step:
mov     ebx, [esp+CharacterID] ;EBX now stores party ID. Here 00 because Squall is first in party
ParseBattleCharacter+A    lea     eax, [ebx+ebx*8] ; dark magic shit
ParseBattleCharacter+17   lea     edi, [ebx+eax*2] ; another dark magic shit
ParseBattleCharacter+20   mov     dl, SG_CHARACTER_MODEL_ID[edi] ; DL stores real model ID from King's Edgar codes

SG_CHARACTER_MODEL_ID is at 01CFE0F0

Now math time!
If Squall (ID=00) is in party, then:
x=(0+0*8 )
y=x*2 + 0
z = ((x+y) << 3) + SG_CHARACTER_MODEL_ID_ptr

If Selphie (ID==05) is in party, then:
x=(5+5*8 )
y=x*2 + 5
z = ((x+y) << 3) + SG_CHARACTER_MODEL_ID_ptr

Example calculation in python for selphie:
Code: [Select]

hex(((5+5*8 )*2+5)<<3)

will give 0x2f8
Then: 01CFE0F0 + 0x2F8 = 01CFE3E8 = Byte to change - you can do it in CE freely

Changing 01CFE3E8 to 0x20 will give you Cockatrice instead of Selphie in party

Non-hacker guide: (2000 PC)
Now, I'm pretty sure you don't want to do all the calculations and also you don't have all engine IDs for party, so I pre-calculated values for you:
Squall replace- 0x1CFE0F0
Zell replace- 0x1CFE188
Irvine replace- 0x1CFE220
Quistis replace- 0x1CFE2B8
(CharID=4)- 0x1CFE350
Selphie replace- 0x1CFE3E8

Non-hacker guide: (Steam)
I know many of you play Steam version, so here are the codes for Steam:
ParseBattleParty is 0048B7E0 sub_48B7E0
ParseBattleCharacter is 00495530
so SG_CHARACTER_MODEL_ID_ptr is byte_1CFE0F0 (01CFE0F0)
Therefore 2000 PC version and Steam version BOTH SHARE THE SAME ADDRESSES.

 

[fornis]

as a follow up on the steam (and presumably 2000 version) this indeed works, but doesn't work.

More than likely I fucked up, though? I don't really know, considering your screenshots would prove this should work no problem.

Where does it pull the data for junction/stats anyways for any of the bytes above 0x11 (anything after ward seems to crash it).

Is the dream dead? I hope not.

 

[makipl]

DIV BY ZERO - CPU error
Looks like I didn't test it perfectly before handing it out. There's sub_496300, a function that parses party abilities. It want's to read some rubbish data and in fact tries to divide some variable by zero. Let me investigate that...

UPDATE:
Ok, got it- it's HP error. It takes it's ability from playable party structure:
01CF75F5 (named K_CHARACTER_HP_B) [Steam should use the same variables]
Calculation: 01CF75F5 + (characterID*0x24)
Let's see... Cockatrice is 0x20 (32 in decimal). So:
I'm setting 01CFE0F0 to 0x20
I'm setting (0x20 * 0x24) + 01CF75F5 to 255 (0xFF)

UPDATE 2:
Loord... another DIVIDE BY ZERO...

UPDATE 3:
Too much shit is going on here. I need to find another way. At the moment do this:
Put a breakpoint at 495550 (mov dl, 01CFE0F0)
Step forward, change EDX register (only two last digits) to the monster you want to control in battle. That's for now unfortunately, I need to think how to deal with this now so you can modify it without disassembler and you could access menu normally.

Grab video tut here:

I think I know how to do it...

UPDATE 4:
You can use assembler script I wrote. It replaces Squall: (change MOV dl, 0x20 to any enemy you want; Keep in mind this only works for battle so far...)
Code: [Select]

alloc(newmem,2048)label(returnhere)newmem:CMP EAX, 0JNE noSquallmov dl,0x20JMP exitnoSquall:mov dl,[edi+FF8_EN.exe+18FE0F0]jmp returnhere"FF8_EN.exe"+95550:jmp newmemnopreturnhere:

 

[fornis]

Toggle breakpoint works, though using the assembly at least for this seems to crash it, without an error prompt no less...

Interestingly though, using togglebreak point after a battle it seems to give EXP like it would in PS1 version to the controlled monster.

Junctions carry over, which I think is normal and how it happens on PS1/PSP and thusfar so that's good, though I recall a few monsters not doing this. Not sure why.

 

[Murasame]

I'm a total novice to this stuff so could I ask someone to walk me through this step by step? I have cheat engine 6.8 and all I really care about is getting Fujin and Raijin in my party. I've tried to follow along but a lot of the chat so far has gone totally over my head so if someone could take me through it in simple term I'd be mighty grateful...

 

[Kniouky]

Here's a little tutorial to use any enemies before entering in a battle:

1.) Launch Cheat Engine
2.) Launch FF8
3.) In FF8 go into a field with enemy encounters (but DO NOT enter a battle)
4.) In cheat engine, select the top left button (outlined in red) and click FINAL FANTASY VIII and open
5.) Click the "Memory View" button
6.) In the Memory Viewer, right click on any instruction and click "Go to Address"
7.) In the pop up box, enter 495550 (or 4954A0 for FR) and hit OK
8.) The selected instruction should be a "mov"
9.) Make sure that the instruction is highlighted in blue (click on it) and go to Debug (Top) --> toggle breakpoint
10.) Press the OK button on the pop up to attach the debugger
11.) The instruction should now be green
12.) In FF8 walk around until you encounter a battle
13.) The screen should fade to black, and then the game should stop
14.) In the Memory Viwer, there should be a window on the right now that shows the registers (EAX, EBC, EDX, etc.)
15.) Click on Debug --> Step
16.) The mov instruction should now be highlighted red, and the shl instruction should be highlighted in blue
17.) On the right, click the number next to the EDX register
18.) In the pop up window (Change Register) set the value to the enemy (e.g. 89 for Ultimicia first form) and press OK
19.) Click on Debug --> Run
20.) The mov instruction should again be highlighted in green
21.) Click on Debug --> Toggle Breakpoint
22.) The mov instruction should now be highlighted in blue
23.) Click on Debug --> Run
24.) Go into FF8 and you should load in with an enemy in your party

https://www.noelshack.com/2018-35-3-1535565941-3763813-9-ultimiceaa.png

Unfortunatly, you need to repeat this everytime before a battle...

Is there any chance to make a cheat table to use any enemy as a permanent member ? (for example: Replace Edea with Ultimecia)

Also, I'm trying to replace field models too:

https://www.noelshack.com/2018-35-3-1535566302-no-fake.png

 I'm using the Deling Editor, and I can only use the field model of the same field, I'm wondering how can I found a solution to use models from other fields like the first video (

),

I saw in the previous replies that I need the chara.one file, but I don't know how to open it :/

Can someone help me ? xD

 

[Sega Chief]

For the char.one, I think these are stored within the field file itself. The contents of a field file's .fs can't be accessed directly via the field.fs, I think it needs to be extracted first and then opened with deling to get at the files inside. I extracted some a while back and here's the steps:

1) Open the field.fs with Deling.

2) Go to the import/export tab at far-right.

3) Double-click the folders down to eng/field/

4) Extract the MapData folder (contains folders of fields listed alphabetically: bc, bd, etc.)

5) Close Deling, then have it open the extracted MapData folder. Go into the folder that has the desired name (so if wanting to open bcgate_1 field, go into folder bc and should be able to find it in there). Open the .fs file for the field.

6) You should get a listing of the file's contents: https://imgur.com/a/mjTkek9
The char.one is at the bottom and should be extractable.

Now, beyond that I'm not 100% sure what to do in order to add a new model. I tried hex-comparing different fields with similar model listings to try and get an idea of what a complete model + animations looked like so I could port one over manually to a different field, but didn't have much success. Values in the header likely need to be adjusted as well so it knows there's an extra model.

This is an archive from the dead wiki about the char.one structure: https://web.archive.org/web/20150713032756/http://wiki.qhimm.com:80/view/FF8/FileFormat_ONE

 

[Kniouky]

Okay so, I tried to follow step by step, I extracted the MapData Folder, I found the field that I want, but I don't know how can I open the .fs file from the field.

Actually I was trying to found a solution to use the party dress of Rinoa for Field and Battle, but I don't think it's possible, maybe by changing the texture only ?

https://www.noelshack.com/2018-35-7-1535920989-outfit-linoa.png

https://www.noelshack.com/2018-35-7-1535920984-linoa.png

Any chance with Cheat Engine too ? Maybe a table can add party member of even change the outfit (for example the seed outfit)

 

[Rospark]

Hello again! 

Time has definitely passed, and I wanted to revive this topic that seemed extremely interesting to me.
After the launch of FF8 remaster, this game have managed to capture my interest in playing it again, and I wanted to know if at this time you guys have made some progress, especially Maki who was the genius behind all this.


On the other hand, I would like to share this video that I found, it is from 2017. This guy (apparently, a different person than the one I shared earlier.) managed to make some enemies work with their respective animations.

Video:

I hope to hear from you again and your great contribution to this community that completely exceeded my expectations!