I would like to request any information you (yes, YOU!) have, and are willing to dispense, pertaining to JJ2 hacking (no, not cheating.)

I would like information on the seeker hole fix, weapon change fix, memory addresses, JJ2 file formats, etc.....

Source code would sure be nice :p

I am mentioning this as I would like to make a <del>library for JJ2 manipulation</del> Carrotade alternative. Any help would be much appreciated.

I want to make a Carrotade alternative as Carrotade has some annoying features, and some missing features.

I can provide all the information you want regarding the most recent version of AntiCrash, although I think nowadays there are better ways to make JJ2 not crash.

Sure. It may be outdated as you say, but I would be extremely grateful. Can you send me the source?

Seeker hole fix basically just places the position of a player to 0,0 if they aren't connected. As for memory addresses, a good public resource: ERE WIKI! (http://www.jazz2online.com/J2Ov2/wiki/index.php?List_of_Jazz_Jackrabbit_2_Memory_Address es)

So if the address:

Player connected (5=True, 0=False, 1=muted, uses 1AC as offset).

For a player is 0, it repositions them to 0,0?

Thats right.

Moving a seeker hole to location (0, 0) only moves it to that location, but does not disable it. To fully disable the seeker hole you must also set the player health to zero. This is the visual basic source code for a seeker hole fix that was used in the Jazz 2 Mutation itself. To make this fix most efficient it has to be used on both sides of the game (clients and server).


Public Function SeekerHoleFix(pHandle As Long) 'This function removes all the seeker holes within a level.
If lSeekHoleFix = False Then Exit Function

Dim i As Long, Address As Long
Dim PlXAdd As Long, PlYAdd As Long
Dim Result As Long

For i = 1 To 31 Step 1 'Skip player 1, lololol.
Address = PlPres + (i * 1444)
ReadMemory pHandle, Address, Result, 1 'Is player here?
If Result = 0 Then 'He is not.
Address = PlHlth + (i * 1444)
ReadMemory pHandle, Address, Result, 2 'Check the seeker hole...
If Result <> 0 Then 'We found a seeker hole! Now fix it!
WriteMemory pHandle, Address, 0, 2 'Set health to 0.

'Restore the player original location
Address = PlPosX + (i * 1444)
WriteMemory pHandle, Address, 0, 4 'Restore X pos.
Address = PlPosY + (i * 1444)
WriteMemory pHandle, Address, 0, 4 'Restore Y pos.

'A second location to be restored - this also fixes a CTF flag exploit
Address = PlPosIntX + (i * 1444)
WriteMemory pHandle, Address, 0, 4 'Restore X pos.
Address = PlPosIntY + (i * 1444)
WriteMemory pHandle, Address, 0, 4 'Restore Y pos.

LogStats J2M_SeekerHoleFixed 'Add to stats!

End If
End If
Next i

End Function
The addresses for 1.23 are as follows (some decimal, others hexadecimal):

PlPres = &H5A546C 'Does player appear in F9 list?
PlHlth = &H5A4F1E 'Player health address (2 bytes)
PlPosX = 5918444 'Player X location
PlPosY = 5918448 'Player Y location
PlPosIntX = &H5A4F82 'Another player location address
PlPosIntY = &H5A4F86 'Another player location address

Thanks CPP, but why does it restore locations if it has killed the hole? Also, why are there two sets of locations?

There is information on some of the file formats in the wiki as well.

Thanks. I have more questions:

1) How does respawn fix work?

2) How does Carrotade do that echo in the center of the screen when it starts, and how does it echo server only messages in the chat.

3) How do Carrotade and Sallog log chat and roasts, and send chat?

4) How does instagib work? Surely setting the local max health variable to 1 would only affect you right?

3: Sal log reads jj2's memory to get chat.
4: if you do it as the server it will work.

3: Sal log reads jj2's memory to get chat.
4: if you do it as the server it will work.

Reads memory from what address? Uses a loop to keep checking address?

Does instagib as server work because the server regularly transmits the max health to clients?

Does instagib as server work because the server regularly transmits the max health to clients?
No, but it does send a packet to kill the player if they died on the server's side. Think fake health.

Thanks for the help, but how does it detect that they died? Does it regularly check player health with a loop, or does the server get a whoever died message in chat when someone dies on their end?

No... jj2 automatically sends the packet to kill the person.

Carrotade has some annoying features..you know, you don't necessarily have to use a feature if it's annoying :|

Yes. Of course you don't have to use the name bleaching feature which should only affect CTF and Team Battle.

Birdie: Nice :p

So you're going to write an alternative for Carrotade just so you can play with your colored name? Have fun with that.

Lol. I never said that was the only problem. Besides, I need programming practice. Best to throw myself in at the deep end.

I hate the renaming thing but maybe make a dll file like how 1.23+ works but more stable or something...idk...

1) How does respawn fix work?

The server must set the ammo count for all clients to 0 (or anything under 50).

And to get the ammo count address for player 2 on a server, it would be the ammo count address for the server + 1ac right?

No, connection offset is 1ac, offsets for player related addresses are 5a4

But Cpp's seek hole fix above uses 5a4 as offset. I thought 5a4 was for local players :p Foolish me

0x5A4 - player struct size
0x1AC - socket struct size

These are used as arrays which is why you can simply add the value of the struct size to the address and land in the next one in the array. Max number of players is 32 while max count for sockets is 16. Also, if you check the address that I use to check whether a client is present you'll notice that it's within the player struct address space, not the socket space.

1) How does respawn fix work?

The server must set the ammo count for all clients to 0 (or anything under 50).

I shall set them to 42 :)