Code: Select all
0050B860 /$ 51 PUSH ECX
0050B861 |. 833D E4497F00 >CMP DWORD PTR DS:[7F49E4],0
0050B868 |. 75 66 JNZ SHORT iw4mp.0050B8D0
0050B86A |. D9EE FLDZ
0050B86C |. D905 7C1E8F00 FLD DWORD PTR DS:[8F1E7C]
0050B872 |. D8D1 FCOM ST(1)
0050B874 |. DFE0 FSTSW AX
0050B876 |. F6C4 41 TEST AH,41
0050B879 |. 7B 40 JPO SHORT iw4mp.0050B8BB
[b]0050B87B |. 8B0D D430A000 MOV ECX,DWORD PTR DS:[A030D4] ; "radarjamDistMax" dvar
0050B881 |. D941 10 FLD DWORD PTR DS:[ECX+10] ; load the radarjamDistMax float onto the stack[/b]
0050B884 |. D8D9 FCOMP ST(1) ; compare ST(1) to ST and pop
0050B886 |. DFE0 FSTSW AX ; Store status word in AX
0050B888 |. F6C4 05 TEST AH,5 ; test AH to 5
0050B88B |. 7B 2E JPO SHORT iw4mp.0050B8BB ; Jump If Parity Odd o__O
[b]0050B88D |. A1 6C30A000 MOV EAX,DWORD PTR DS:[A0306C] ; "radarjamDistMin" dvar
0050B892 |. D940 10 FLD DWORD PTR DS:[EAX+10] ; load the radarjamDistMax float onto the stack[/b]
0050B895 |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store and pop
[b]0050B898 |. D941 10 FLD DWORD PTR DS:[ECX+10] ; load the radarjamDistMin float onto the stack again
0050B89B |. D90424 FLD DWORD PTR SS:[ESP] ; load ESP which whe popped above[/b]
0050B89E |. D9C0 FLD ST ; load all ST registers? o__O
0050B8A0 |. DEEA FSUBP ST(2),ST ; Substract ST from ST(2) and pop
0050B8A2 |. D9C9 FXCH ST(1) ; Exchange registers
0050B8A4 |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store and pop
0050B8A7 |. D9C2 FLD ST(2) ; Load ST(2)
0050B8A9 |. D90424 FLD DWORD PTR SS:[ESP] ; Load ESP again which whe popped above
[b]0050B8AC |. DDE1 FUCOM ST(1) ; Compare ST(1) to ST, leave result encoded into status word. see http://www.ousob.com/ng/masm/ng3c76c.php
0050B8AE |. DFE0 FSTSW AX ; Store status word in AX
0050B8B0 |. DDD9 FSTP ST(1) ; store and pop ST(1)
0050B8B2 |. F6C4 44 TEST AH,44 ; test 44 to AH
0050B8B5 |. 7A 08 JPE SHORT iw4mp.0050B8BF ; Jump If Parity Even o__O this one shud be followed to 50B8BF[/b]
0050B8B7 |. DDD9 FSTP ST(1) ; store and pop ST(1)
0050B8B9 |. DDD9 FSTP ST(1) ; store and pop ST(1)
0050B8BB |> DDD8 FSTP ST ; Store and pop ST
0050B8BD |. 59 POP ECX ; pop ECX
0050B8BE |. C3 RETN ; return
[b]0050B8BF |> DDDB FSTP ST(3) ; store and pop ST(3)
0050B8C1 |. D8D1 FCOM ST(1) ; compare ST(1) to ST
0050B8C3 |. DFE0 FSTSW AX ; Store the status word in AX
0050B8C5 |. F6C4 01 TEST AH,1 ; test AH to 1
0050B8C8 |. 75 0A JNZ SHORT iw4mp.0050B8D4 ; Jump if not zero, must be followed to 50B8D4[/b]
0050B8CA |. DDD8 FSTP ST ; store and pop ST
0050B8CC |. DDD8 FSTP ST ; store and pop ST
0050B8CE |. DDD8 FSTP ST ; store and pop ST
0050B8D0 |> D9E8 FLD1 ; load floats from stack
0050B8D2 |. 59 POP ECX ; pop ECX
0050B8D3 |. C3 RETN ; return
[b]0050B8D4 |> DEE9 FSUBP ST(1),ST ; subtract ST from ST(1)
0050B8D6 |. 8B0D B030A000 MOV ECX,DWORD PTR DS:[A030B0] ; "thermalBlurFactorScope" Thermal blur is used for the noise
0050B8DC |. 8079 10 00 CMP BYTE PTR DS:[ECX+10],0 ; compare it to 0
0050B8E0 |. DEF1 FDIVRP ST(1),ST ; Divide reversed and pop, so ST(1)/ST?
0050B8E2 |. D9E8 FLD1 ; Load floats from stack
0050B8E4 |. DEE1 FSUBRP ST(1),ST ; Substract reversed? ST(1)-ST?
0050B8E6 |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store the result in ESP
0050B8E9 |. 74 23 JE SHORT iw4mp.0050B90E ; Jump if its equal, probably from the thermalblur test?
0050B8EB |. D90424 FLD DWORD PTR SS:[ESP] ; Load float into ESP
0050B8EE |. DC0D 284C7100 FMUL QWORD PTR DS:[714C28] ; multiply ST by the value @ 714C28
0050B8F4 |. DC0D 50C97200 FMUL QWORD PTR DS:[72C950] ; Multiply ST by the value @ 72C950
0050B8FA |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store and pop ESP
0050B8FD |. D90424 FLD DWORD PTR SS:[ESP] ; Load from stack into ESP
0050B900 |. E8 3B951A00 CALL iw4mp.006B4E40 ; Make a call, probably to draw the noise?[/b]
0050B905 |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store and pop ESP
0050B908 |. D90424 FLD DWORD PTR SS:[ESP] ; Load from stack into ESP
0050B90B |. D91C24 FSTP DWORD PTR SS:[ESP] ; Store and pop ESP
0050B90E |> D90424 FLD DWORD PTR SS:[ESP] ; Load from stack into ESP
0050B911 |. 59 POP ECX ; pop ECX
0050B912 \. C3 RETN ; return
Theres 4 methods to disable radar jamming from the perkfags:
1.
write 0xC3(return) at 50B860
2.
Detour the function, __asm pushad, exec orig, __asm popad
3.
Code: Select all
__asm
{
mov EAX, DWORD PTR DS:[A0306C]; //radarjamdistmin
mov [EAX+0x10], 0;
mov EAX, DWORD PTR DS:[A030D4]; //radarjamdistmax
mov [EAX+0x10], 0;
}
Code: Select all
__asm
{
mov EAX, DWORD PTR DS:[A030B0]; //thermal blur level
mov [EAX+0x10], 0;
}