Announcement

**yo_gdg** · 05-21-2013, 09:19:10 AM

Originally posted by helder View Post

lw v1,$144(a1) <-- Load Word (word is 4 hex characters ie FFFF) from Register a1 added to 144 hexadecimal and store into Register v1.

helder, just a clarification; a Word is 4 bytes length (FFFFFFFF).
Byte: 0-FF (8 bits)
Half: 0-FFFF (16 bits)
Word: 0-FFFFFFFF (32 bits)

regards!

**Helder** · 05-21-2013, 09:19:37 AM

Originally posted by jin299 View Post

l still don't understand for now I'll just forget about asm, would you call this code an easy one to hack in asm or did I just pick a bad example for an asm code?

That's pretty easy in my opinion, maybe you can go over the things I've written and explained till you get it but if not then stick to the RAM codes.

Originally posted by yo_gdg View Post

helder, just a clarification; a Word is 4 bytes length (FFFFFFFF).
Byte: 0-FF (8 bits)
Half: 0-FFFF (16 bits)
Word: 0-FFFFFFFF (32 bits)

regards!

Yes my bad! too late in the day for me ( just got off 12 hour night shift).

**jin299** · 05-21-2013, 09:57:37 AM

Helder can you still create a lot of cool codes with ram hacking, like do you see the point in asm hacking, for creating codes, I think you mentioned before that in your opinion Asm is really only useful for creating health code modfiiers

**Helder** · 05-21-2013, 03:33:43 PM

Originally posted by jin299 View Post

Helder can you still create a lot of cool codes with ram hacking, like do you see the point in asm hacking, for creating codes, I think you mentioned before that in your opinion Asm is really only useful for creating health code modfiiers

Of course you can do great codes with RAM but ASM is the ultimate since you can actually change the way the game is programmed but thats something you can learn in time so dont rush it.

**jin299** · 05-22-2013, 04:25:19 AM

Helder I was recently talking to Hacc about the code, another hacker,cool guy, and he replied to back to my message and said the following,

Look at the register that is being written to (it's v0), when the debugger snaps. If you look at the address before the given address in the debugger, it holds the following registers: addu, v0, v0, a0. The "addu" instruction is used for addition. You can modify that to your liking (change it to li v0 which translates to 2402vvvv) to store 9999 into your score. Also, to make things more understandable, put the value of your score into the Windows calculator (convert it from Dec -> Hex). You'll see that it matches the value written in the debugger.

Now I tried myself changing the addu instruction from addu v0 to li v0 9999, but all I keep getting on the debugger is unknown command, why is this happening?

Anyway I have hacked quite a few ram codes for Megaman 8 already, it's a pretty easy game to hack basic codes with anyway, so I want to make an asm code that will give me 5 lives instead of 2, so I set a breakpoint on the infinite lives address, and the debugger broke on these list of instructions.

http://tinypic.com/r/5oyzc7/5

So I looked at the registers and found that v0, r2 registers is storing the lives address, so what instruction do I need to modify so that It will give me 5 lives instead of 2? if I grasp this idea man I have got one foot in the door regarding asm hacking.

**Helder** · 05-22-2013, 12:36:23 PM

Thats not helpful much, looks like its loading data from the stack. What you need to do is set a read breakpoint on the address for lives when you choose a level, you will get many breaks so you have to see which is really loading the value into the registers and then change that. No$psx doesn't have the best "change instruction" feature so I use ps2dis to make a new instruction and manually change the value so the instruction changes to what I want.

**jin299** · 05-22-2013, 01:39:30 PM

Right I set a read breakpoint on the address, for infinite lives [801C3370] ?, started up the level, the game constantly broke looked at the registers and it said that register v0/r2 is storing the infinite lives, now what do I do?

Also If you want me to show your a screenshot of the debugger just ask man.

**Abystus** · 05-22-2013, 06:00:54 PM

Originally posted by jin299 View Post

Right I set a read breakpoint on the address, for infinite lives [801C3370] ?, started up the level, the game constantly broke looked at the registers and it said that register v0/r2 is storing the infinite lives, now what do I do?

Also If you want me to show your a screenshot of the debugger just ask man.

If your lives are displayed on the screen then you will get those constant breaks because the game is updating the counter onscreen (it has to read that address to update the screen). If your wanting to make an infinite lives code, you will need to set a breakpoint for write, die, and the debugger should snap at the code decreasing your lives. From there you would just modify that line of asm to not decrease your lives. Maybe you should start with a simpler system perhaps?

**jin299** · 05-22-2013, 06:50:39 PM

Hey Abystus, one question what instruction do I change it to, so that it gives me infinite lives?

**Abystus** · 05-22-2013, 06:52:31 PM

Originally posted by jin299 View Post

Hey Abystus, one question what instruction do I change it to, so that it gives me infinite lives?

Change it to any instruction that does not decrease your lives? The whole point in modifying it is to not allow it to perform it's original action. Best bet would be to just short nop using a 2400 value, but it's really up to you.

**jin299** · 05-22-2013, 07:08:02 PM

Okay I replaced the instruction with nop but for some reason the game froze on me?

**Abystus** · 05-22-2013, 07:12:55 PM

Originally posted by jin299 View Post

Okay I replaced the instruction with nop but for some reason the game froze on me?

I think you should take time to learn the instructions associated with the MIPS language. Without learning what your modifying, you'll never know how to modify it properly. Modifications depend on what length the original instruction was. If you don't modify the whole instruction, or too much the game might freeze. Take the time to learn this before jumping into it, we can only take you so far... and I believe that might be it for me.

**jin299** · 05-22-2013, 07:35:19 PM

Just a quick question before you go, the breakpoint broke on this instruction lw ra, $18 (sp) what would the opposite instruction be to lw, I was thinking sw but I'm unsure?

**Demonic722** · 05-22-2013, 07:51:15 PM

>what would the opposite instruction be to lw, I was thinking sw but I'm unsure?
Yes, the opposite of lw (load word) would be sw (store word).

**nolberto82** · 05-22-2013, 07:59:31 PM

Originally posted by jin299

Just a quick question before you go, the breakpoint broke on this instruction lw ra, $18 (sp) what would the opposite instruction be to lw, I was thinking sw but I'm unsure?

That's restoring the return address from the stack. You don't want to edit this instruction as it will lead to a crash. Can you post a picture or write the preceding instructions?

Announcement

Hacking Sequential codes PSX

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment