No longer works with last SF and SFSE release

[JoshLambda]

SF and SFSE have been updated and now SFSE says this mod is no longer compatible. I also suggest using the address library from this mod https://www.nexusmods.com/starfield/mods/3256 , maybe that may help keeping the mod up to date in the future. Or you could even use the PR from @MrTeferi and fall back to the address library as needed (or even do the opposite, library first then scan for pattern if library doesn't have the running game version).

[igromanru]

Using Address Library for a mod that patches game code in an unknown function is pointless. Not only the address library has to be updated for each game version, so you win very little by it, It doesn't contain the specific address that the mod patches.
Without pattern scan, you win nothing by it. Someone has to find the right address anyway.
I don't understand why are people so ignorant about it in the modding community, byte pattern search is used since decades in online hacking communities.

[Investigamer]

PR merged will build and release soon, have other projects going on atm haven't been able to work on mods last few days so thanks for the assist!

Using Address Library for a mod that patches game code in an unknown function is pointless. Not only the address library has to be updated for each game version, so you win very little by it, It doesn't contain the specific address that the mod patches. Without pattern scan, you win nothing by it. Someone has to find the right address anyway. I don't understand why are people so ignorant about it in the modding community, byte pattern search is used since decades in online hacking communities.

I mean I hear you, but it is a little better, the idea behind address library is you only have to update the library instead of every mod that uses it, correct?

And I'm not a C++ or asm expert, but I could see some pitfalls with pattern scanning, isn't there a concern the same pattern could be replicated in multiple locations and you might hit the incorrect one? Maybe not in the case of this mod and mods with very specific patterns, but I just imagine it's not always a silver bullet no?

Also secondary question @igromanru, I have been working on a comprehensive companion tweaks mod, found a lot of very useful modifications to make. However I haven't yet located a direct pointer to access player's current companion or the function that adds companion as a follower so I can attack them dynamically. Right now my plan is to just hook all 4 romanceable companions at launch (but this leaves out non-romanceable ones obviously). Do you happen to know the most direct pointer to access the player's current companion/the function that initializes companion following?

[igromanru]

I mean I hear you, but it is a little better, the idea behind address library is you only have to update the library instead of every mod that uses it, correct?

Yes. The idea is to make the address library to worry about changes. But the problem is, that most people simply don't understand how easy byte pattern search is. This is where the idea for the "address library" comes from. Even in game hacking communities, where a lot of experienced hackers are using byte pattern scan and provide ready to go patterns to find stuff, all the copy paste noobs are crying for "new offsets" after each game update.

And I'm not a C++ or asm expert, but I could see some pitfalls with pattern scanning, isn't there a concern the same pattern could be replicated in multiple locations and you might hit the incorrect one? Maybe not in the case of this mod and mods with very specific patterns, but I just imagine it's not always a silver bullet no?

Well, obviously you have to find a unique pattern. 99% of the time it's possible, no code is really the same. You can and should check if your pattern appears multiple times with tools like IDA Pro. For example in IDA you can go to Search->Sequence of bytes... and search for the byte pattern. Check the Find all occurrences box and you will find all addresses that match your pattern. There are also tools that can help you to create unique pattern like different "SigMaker" plugins for IDA Pro or other reverse engineering tools. Cheat Engine is very bad at it. CE can neither search for all occurrences nor create a unique patterns or pattern with proper placeholders (??) in place.
I can give you an example about making good persistence unique pattern on your mod here. I'll make another PR with few improvements to show you later, but for now I have a slightly better pattern, than the one I used in the last PR.

48 8B 88 E0 00 00 00  mov rcx, [rax+0E0h]
44 89 81 C8 00 00 00  mov [rcx+0C8h], r8d
C3                    ret

We have here a very good unique code by itself, with a "ret" directly after out instructions that we are looking for. It will be unique 100%.
But to make it better and more future-proof, we should use place holders (? or ?? or * (works in CE)) on bytes that can change easily in the future. And these bytes are offsets E0 and C8. That's why the final pattern will be: 48 8B 88 ? ? ? ? 44 89 81 ? ? ? ? C3
As long the game compiler doesn't change mov rcx and mov [rcx+XXX], r8d our pattern will be good for a long time.

EDIT: Forget to mentioned. To have a unique pattern here, we search for an address that is 7 bytes behind our target.
And this is fine, because thanks to the pattern scan, we know that the code at this place will look exactly like that and it validates that the address we are looking for is 7 bytes away. Therefore we simply add 7 to the found address, you could see it in the Pull Request. patchAddress += 7;

EDIT 2: Btw to demonstrate how powerful proper pattern are. I made these signatures like 5 years ago for the game Sea of Thieves. After all these years and hundreds of updates later, they still work.
https://github.com/igromanru/SoT-SDK-Guide#findpattern-signatures

Also secondary question @igromanru, I have been working on a comprehensive companion tweaks mod, found a lot of very useful modifications to make. However I haven't yet located a direct pointer to access player's current companion or the function that adds companion as a follower so I can attack them dynamically. Right now my plan is to just hook all 4 romanceable companions at launch (but this leaves out non-romanceable ones obviously). Do you happen to know the most direct pointer to access the player's current companion/the function that initializes companion following?

Sorry, can't help you here. I barley reversed Starfield. I don't have much time. I play the game to relax and nobody has made a mod that would make me carry as much items as I want, that's the reason why I spend little time on making the Zero Weight mod. Same with your repo here. I wanted to use the mod but it was broken, so I saw that you use static address and have to update it each game update.
My background is about 10 years online game hacking, that's where my knowledge come from. Never made a mod for a Bethesda game before, never reversed any of their games.

[Investigamer]

@igromanru Thanks for the information! I actually just picked up IDA recently so this will be useful food for thought I think. Have used CE for years and done some sporadic game hacking off and on (background in CS), but only recently started making a conscious effort to pick up a few more skills, tinkering with x64dbg and IDA. Starfield has been a fun incubator to experiment, look forward to learning more

[igromanru]

Hey @MrTeferi, I know you're busy. Sorry to bother you, but can't you spare 10 minutes to test the changes and publish the updated version on Nexus?
People are asking for an update because the mod doesn't work with the latest version of the game and you've basically already merged my changes that make the mod compatible with all existing and potentially future versions.
You don't even need to look over PR #3 yet, the changed you merged have fixed the plugin already, I'm using it the whole time.