http://gamehacking.org/vb/threads/56...nus?highlight=

Post the snippet of code here. Press Ctrl + T in ps2dis.

Will do, thanks! (sorry if you meant post it in that topic, here goes):

#
# TAB=8
#
"DEBUG MENU": #
.byte $44 # 00388fd0 68 'D'
.byte $45 # 00388fd1 69 'E'
.byte $42 # 00388fd2 66 'B'
.byte $55 # 00388fd3 85 'U'
.byte $47 # 00388fd4 71 'G'
.byte $20 # 00388fd5 32 ' '
.byte $4d # 00388fd6 77 'M'
.byte $45 # 00388fd7 69 'E'
.byte $4e # 00388fd8 78 'N'
.byte $55 # 00388fd9 85 'U'
.byte $00 # 00388fda 0
.byte $00 # 00388fdb 0

This 'Display Menu' is right next just in case it matters...

#
# TAB=8
#
"Display Menu": #
.byte $44 # 00388fe0 68 'D'
.byte $69 # 00388fe1 105 'i'
.byte $73 # 00388fe2 115 's'
.byte $70 # 00388fe3 112 'p'
.byte $6c # 00388fe4 108 'l'
.byte $61 # 00388fe5 97 'a'
.byte $79 # 00388fe6 121 'y'
.byte $20 # 00388fe7 32 ' '
.byte $4d # 00388fe8 77 'M'
.byte $65 # 00388fe9 101 'e'
.byte $6e # 00388fea 110 'n'
.byte $75 # 00388feb 117 'u'


And the other Debug Menu string:

#
# TAB=8
#
"Debug Menu": #
.byte $44 # 00388c30 68 'D'
.byte $65 # 00388c31 101 'e'
.byte $62 # 00388c32 98 'b'
.byte $75 # 00388c33 117 'u'
.byte $67 # 00388c34 103 'g'
.byte $20 # 00388c35 32 ' '
.byte $4d # 00388c36 77 'M'
.byte $65 # 00388c37 101 'e'
.byte $6e # 00388c38 110 'n'
.byte $75 # 00388c39 117 'u'
.byte $00 # 00388c3a 0
.byte $00 # 00388c3b 0

This is the proper thread to post it in. Those are just the labels. Luckily for you, PS2 hacking has gotten easier over the years (a struggle pre-2004). There are many tools you can use now (RAM searchers, debuggers, etc). But you can achieve your hack with ps2dis alone.

You'll need to know some ASM (MIPS R5000 for the PS2 and MIPS R3000A for the PS1. PS2DIS can be used to hack both systems.), though. To see if those labels are referred anywhere in the code, do the following:

1) Invoke the Analyzer (Analyzer -> Invoke Analyzer)

2) Press the space bar key on any of those labels (will change from blue to gray) and press F3 (Shift+F3 to go back to the previous hit). You should get a hit or two.

3) Analyze the code. The key thing to look out for, are the addresses being stored to (sb(8-bit)/sh(16-bit)/sw(32-bit but not always the case with the required value) registers). They will be located on the far right, and will have an underscore before them. A non-game related example: 004EF9F4 AE0509D4 sw a1, $09d4(s0) (_006309D4). The value set to be stored at the address will be located before it (usually a line or two and indicated by a li command (load immediate; 24xxvvvv; x applies to the register (v0, v1, etc) and v is the value).

or...

you can grab this version of PCSX2 and use the info given by the hacker for the DC version, to hack it. Use the already hacked codes on the site to map out the addresses in the ELF (SLUS file): http://gamehacking.org/?game=103793. That way you will have a better understanding of what links to what.

I apologise for the late response.

This is all fantastic information, and very helpful, thank you! I'll get to reading up about MIPS, and then I'll take a shot at trying to unlock the menu.

Seriously, thank you so much!

No problem, Sarge. You're welcome. I also forgot to add this bit, but check any JAL's located in the function (the start of one is indicated by FNC_address located on (this will not be shown for many functions, but they are/were used)) referred to by the labels. Those help to understand how and what the routine is doing as a whole.

Thanks for that too. I've come across two JAL's under the DEBUG MENU, but nothing under the next tag, 'Display Menu' (though there is an FNC_address, but with addiu instead of JAL).

Is that a bot?

Check all the external addresses referenced in the function. Like I said, the menu can be hacked with PS2DIS alone...