[OllyDBG]No flash/partial stun

**Hell_Demon** · 06-13-2010

WARNING: THIS IS FROM AN OLDER VERSION OF THE GAME! CHECK THE BOTTOM FOR UPDATES ADDIES!!!

-===-

First thing you'll have to do is load up iw4mp.exe in ollydbg.
Next, find -> all referenced text strings.

Step 1:
Search for -> drawDamageFlash

Step 2:
Follow it by pressing enter or double clicking the line

Step 3:
As can be seen in the picture
MOV DWORD PTR DS:[7F0C60], EAX
was what we were looking for.
So, lets go to that addy

Step 4:
Now that we're at the location where this dvar is stored, we'll have to find references to it.

Step 5:
You'll end up with 3 refs.
First one is where we came from(MOV DWORD PTR DS:[7F0C60], EAX)
The second is where we'll want to go
The third is the location of the cvar(from where we found the referece).
So, right click the 2nd entry and click follow in disassembler.

Step 6:
In the function where we now arrived, the value of drawDamageFlash is compared to 0(off), if it is it makes a jump.
Now there's two things we could do.
1 is we change the JE(jump if equal) to JMP(always jump) to remove the flashbang effect
or 2, we pray that this function handles all flash related stuff(so stun grenades too) and return 0 at the top.
I chose for #2, so writeprocessmemory the following to the start of the function to disable flash and stun effects:
B8 00 00 00 00 C3 90
B8 00 00 00 00 is MOV EAX, 0
EAX is the register used for return values.
C3 = return
90 is a nop(no operation), since the original command was 7 bytes long.

Hope this helped

-===-

Updated addies:
1.1.195:
write '0xB8, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x90' to 0x00457310

1.3.37:
write '0xB8, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x90' to 0x00457310

Signature:
0F 95 C0 84 C0 75 73 80 3D
then go to the start of that function.