Announcement

**jin299** · 05-22-2013, 08:06:40 PM

Sure thing Nolberto I'll post a screenshot for you so that you can see, what I'm on about.

http://tinypic.com/r/azfc44/5

In order to see the screenshot in a bigger size, just click the screenshot, then click raw image in the bottom left hand corner of the screen.

**nolberto82** · 05-22-2013, 08:14:33 PM

The write to the address is happening a few instructions back. Scroll up little by little and see if you can see a jump or branch(aka beq, bne etc) to 801010A0.

**jin299** · 05-22-2013, 08:27:32 PM

Right I went up a little and hit a beq branch and I took a screenshot too so that you can see,, where I am on the debugger now what do I do man?

http://tinypic.com/r/xn6qug/5

**nolberto82** · 05-22-2013, 08:41:05 PM

You should check to see if there is more of these:

Code:

80100FE8 2442FFFF subiu     v0,$1       - You can change these one.
80100FEC 08040428 j         $801010A0
80100FF0 A0620000 sb        v0,$0(v1)   - And this one also. This will execute before the jump.

**jin299** · 05-22-2013, 08:51:23 PM

Right I picked this one subiu v0,$1 tried to change the command to addiu v0,$5 but the debugger keeps saying unknown command?

**nolberto82** · 05-22-2013, 09:00:48 PM

Try addiu v0,v0,$5.

**jin299** · 05-22-2013, 09:13:04 PM

still the same problem unknown command?

**nolberto82** · 05-22-2013, 09:24:53 PM

For some reason it accepts "add v0,5".

**jin299** · 05-22-2013, 09:46:42 PM

Yes it does but it jumps immediately to ja1 afterwards, as soon as I go to click the add v0,5 instruction?

**nolberto82** · 05-22-2013, 10:00:42 PM

It does jump but before it does it executes this first:

Code:

80100FF0 A0620000 sb        v0,$0(v1)

Branches and jumps in MIPS use delay slots.

EDIT - It shouldn't jump to jal. Did you change 80100FEC?

**Abystus** · 05-22-2013, 10:05:39 PM

Sorry for the delay in response. I was out getting groceries, but it looks like your in good hands with nolberto82.

**jin299** · 05-22-2013, 10:17:48 PM

Right I did what you said now what do I do, does it involve changing the sb v0,$0(v1) instruction?

**nolberto82** · 05-22-2013, 10:33:38 PM

Code:

80100FE8 2442FFFF subiu     v0,$1      - You can NOP this one
80100FEC 08040428 j         $801010A0
80100FF0 A0620000 sb        v0,$0(v1)  - Or you can NOP this one

What kind of code are you trying to make?

**jin299** · 05-23-2013, 06:35:12 AM

I nopped this instruction sb v0,$0(v1) and guess what it worked, how on earth did you now the code was this address?

I was originally trying to hack a code that to trick the game into staring of with 5 lives instead of 2,, which is the standard number of lives you start of with in the game, any idea what instruction I changed to give me this result?

**Helder** · 05-23-2013, 07:35:30 AM

I was trying to explain it you you before by placing a read break but a write will work also or probably better anyways, so you set the break on the infinite health address before the level starts and it should break many times but one of those times it will display the current value stored so you change that. The only way for you to do it is if I or someone else does it and shows you but how will you learn if we do that? Try doing what I and Abystus said and then post here with your progress and pictures, also post the pictures here since going to another site plagued with ads annoys me.

Announcement

Hacking Sequential codes PSX

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment