Announcement

Collapse
No announcement yet.

How to patch PS1 ISO's with ASM codes?

Collapse
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to patch PS1 ISO's with ASM codes?

    I've recently created my very first PS1 ASM code, and would like to patch it into the ISO; but don't know how to locate the hex sequence inside the ISO. Is there any type of tool to aid in doing this? So far I've attempted with Hex Workshop, and ps2dis (first time using ps2dis).

    Here's what I've done so far to lead up to this:
    1. Used ImgBurn to make a backup of the 'Greatest Hits' version of Spyro The Dragon.

    2. Used No$psx for the first time and used the Infinite Health RAM code (80078BBC 0003) to create this code
    Infinite Health (ASM)
    80040ffc 0000
    80040ffe 0000

    3. Booted Codebreaker with pSX v1.13 to successfully test the cheat.

    And that's as far as I got.
    I take it you need to search for the hex sequence backwards, since searching for 3c028007 brings no results, but searching for 0780023c does.

    Here's the debugger image of the line of code I replaced with zero's:
    http://oi39.tinypic.com/23ts1o7.jpg


    80040ffc 3c028007 <-Original
    80040ffc 00000000 <-New

    I'm guessing the file that needs to be hacked on the ISO is 'SCUS_942.28', but 0x65FFF is as large as the file is, so there's no way 80040ffc is the actual address.

    Any help would be much appreciated!
    http://OldGameHacking.com/
    http://www.youtube.com/user/DreamcastVideos

  • #2
    just remove the 8 from 80040ffc like so 00040ffc, inject your code into the game elf (SCUS_942.28)
    Last edited by lee4; 06-02-2013, 12:53:04 AM.
    lee4 Does Not Accept Codes Requests !
    When lee4 asks a question it does not mean lee4 will look at your game
    *How to create and use SegaCD codes >click here<*
    >)

    Comment


    • #3
      Hmm, is it really that simple?
      I actually went to that location before but it don't show any of the hex sequence there, is that normal?



      Above is an image of the hex editor at the address 0x40ffc I see a byte of 0x38 which isn't in the replaced line of coding (3c028007), or in the above (80040ff8) or below (80041000) lines.
      http://OldGameHacking.com/
      http://www.youtube.com/user/DreamcastVideos

      Comment


      • #4
        Hex Editor do not open ELF at correct offset

        there some programs on the GH download section, like ELF Mutilator, PS2Dis, ELF Modder.

        if you insist using hex editor try search for 0780023c
        lee4 Does Not Accept Codes Requests !
        When lee4 asks a question it does not mean lee4 will look at your game
        *How to create and use SegaCD codes >click here<*
        >)

        Comment


        • #5
          Thanks for your help, finally figured it out!

          I just went to the address 80040ffc in ps2dis and used the grid at the top to know what sequence to look for in the hex editor.
          I still used a hex editor since ps2dis wanted to save as a .pis file type whatever that is.

          The highlighted bytes ended up being the correct location:
          http://OldGameHacking.com/
          http://www.youtube.com/user/DreamcastVideos

          Comment


          • #6
            Yeah, PS2Dis isn't made for patching. Anything it saves will be a disassembly database that includes labels and comments you've added along with the identified types for different segments of data.

            What you did with the search string is plenty effective for something this simple. If you want to cut out a step, a 16-bytes search string is usually sufficient to find a single hit in the ISO itself, as long as you're not searching for image or audio data, or anything with a similar tendency towards repetitive values.

            Comment


            • #7
              Originally posted by Mezmorize View Post
              Hmm, is it really that simple?
              I actually went to that location before but it don't show any of the hex sequence there, is that normal?



              Above is an image of the hex editor at the address 0x40ffc I see a byte of 0x38 which isn't in the replaced line of coding (3c028007), or in the above (80040ff8) or below (80041000) lines.
              Yeah it's that simple, always remember that the first digit stands for what type of code you have

              D??????? Equal to
              8??????? 16 bit write
              3??????? 8 bit write (thanks lee4)
              There are more but these are the basics.
              Last edited by 47iscool; 06-02-2013, 01:22:57 PM.

              Comment


              • #8
                Originally posted by 47iscool View Post
                Yeah it's that simple, always remember that the first digit stands for what type of code you have

                D??????? Equal to
                8??????? 16 bit write
                3??????? 8 bit write (thanks lee4)
                There are more but these are the basics.
                I think you are confused here

                There no codetype involvement needed here

                For what is Mez doing patching iso here
                lee4 Does Not Accept Codes Requests !
                When lee4 asks a question it does not mean lee4 will look at your game
                *How to create and use SegaCD codes >click here<*
                >)

                Comment


                • #9
                  Originally posted by lee4 View Post
                  I think you are confused here

                  There no codetype involvement needed here

                  For what is Mez doing patching iso here
                  I know, I'm just saying that when patching an ISO that the first digit is left out.

                  Comment


                  • #10
                    the 8 in 80040ffc (memory viewer) is hardware mapping, 8 is RAM location
                    Last edited by lee4; 06-02-2013, 01:52:11 PM.
                    lee4 Does Not Accept Codes Requests !
                    When lee4 asks a question it does not mean lee4 will look at your game
                    *How to create and use SegaCD codes >click here<*
                    >)

                    Comment


                    • #11
                      I'm not quite clear on what people are trying to say with the "leave off the first digit from the code" stuff. A PSX executable, an ELF from a PS2, or an EXE from Windows are all structured files. When you open the file in a hex editor it bears no resemblance to how it's mapped into memory. All the header data is there, including file headers, segment headers and tables, etc. The code segment might reliably be located at 0x1000 or something, but even if that's so, it could be mapped to different locations in memory based on the headers. I don't know how much leeway there is with PSX executables, but the load address and entry point can be almost arbitrary on some systems.

                      When you're talking about an ISO it's even worse. You have the volume descriptors, the table of contents, segment headers, ECC data, and on and on depending on the mode, and how the CD was mastered. The main executable for the game might not even be in the first 100 MB of the ISO, let alone in a location that can be divined from its load address in the PSX's memory.
                      Last edited by Pyriel; 06-02-2013, 04:18:25 PM.

                      Comment


                      • #12
                        Originally posted by 47iscool View Post
                        Yeah it's that simple, always remember that the first digit stands for what type of code you have

                        D??????? Equal to
                        8??????? 16 bit write
                        3??????? 8 bit write (thanks lee4)
                        There are more but these are the basics.
                        Thanks for the info, but I already knew about the different code types :-)
                        But isn't the first 2 digits the code type, not just the first?
                        Like I know there is a D0 and a D1.

                        Originally posted by 47iscool View Post
                        I know, I'm just saying that when patching an ISO that the first digit is left out.
                        When I used PS2Dis, I used the full address including the 8.

                        The process of patching the ISO's will be very helpful when I get around to updating my PS3 from 3.55 and trying out loading PS1 backups. I won't have to worry about how to load up cheat disc's and such, just load the game and cheat from the get-go ^.^
                        http://OldGameHacking.com/
                        http://www.youtube.com/user/DreamcastVideos

                        Comment


                        • #13
                          The valid range for PSX RAM addresses are 0x80000000 - 0x801FFFFF. So technically, a cheat engine has the high 11 bits to work with, but the gs uses 8. I think the XplorerFX only uses 4.

                          So yeah, the first 2 digits.
                          Please put all complaints in writing and submit them here.

                          Above link not working? Try here.

                          Comment


                          • #14
                            If you can explain how to patch Gameshark codes into PSX games, that would be great

                            Comment


                            • #15
                              It all depends on how deeply you want to delve. If you have a code that just modifies lines in an executable file, or overlays bits of data in other files, you can apply that directly to the ISO with a hex editor if you want. For quick and dirty modifications, a 16-byte string of data from an executable is usually enough to get one unique hit in the ISO in a search, and then you can just type over the data. This is a very simple method that doesn't work for many things, but there's very little hassle involved with it.

                              If you want to get more complex, check around romhacking.net for good information. Kingcom, a poster there, has a tool called "armips" that's pretty useful for patching PSX files.

                              How you insert modified files into the ISO is a matter of preference or necessity based on what you've done. If you only replace data in the file, you can pretty easily use something like CDMage or a number of other tools to overlay the file in the image. If you have to resize the file for some reason, it gets more complicated. Supposedly CDMage and maybe a couple of other tools can handle the task somewhat properly. The problem is that seeking based on the file system and the table of contents on the disc was egregiously slow on the PSX. Many games seek by LBA (logical block address) instead and use reference tables constructed as the CD was written for that purpose. Those can't be maintained by typical tools like CDMage, and require you to pretty much rebuild the ISO if you move anything. You'll need to keep track of the locations and sizes of all the files in order to update the list. And the list itself might exist in multiple places.

                              I've got a pretty complex patch setup for Suikoden II that might be helpful if you need to insert codes add custom routines and expand file sizes here. It uses armips to apply most of the actual patches, and LUA scripts + CD Tool to rebuild a patched image from a source ISO. It's a bit of overkill if you just want to plug an infinite ammo code into the PSX EXE, but it gives you a lot of flexibility if you need to modify what you're patching in over time.
                              Last edited by Pyriel; 07-13-2013, 06:27:09 PM.

                              Comment

                              Working...
                              X