DO NOT POST THIS ON OTHER SITES WITHOUT MY PERMISSION!!!
This guide was writen by Xx958xX
Table of Contense:
0-Notes, PLease Read
1-How to make a Subroutine using PS2DIS
2-How to Make a Subroutine without PS2DIS
3-how to Reverse a Subroutine
--------------------------------------------------------------------------------
0-Notes Please Read
NOTE 1:
Ok First of all NitePR, CoderPR and PS2DIS using Hex, im not going to explane because i probly wont explane it right,
So the Hex in CoderPR/NitePR is always 2 lines like this:
The last line of the address must be ether 0, 4, 8. or C or it will freeze. All the letters and numbers in Hex are:Address Hex
0x00000000 0x00000000
0-9 and A-F, nothing else or it will freeze
PS2DIS:
Its the same charecters just minus the "0x" at the begining of the code, but if your adding it to NitePR/CoderPR then00000000 00000000
you add the 0x
NOTE 2:
If you see a 0 it is ALWAYS a Zero NOT a o, it's the number not the letter ALWAYS, Dont use a o or it will freeze
NOTE 3:
If your PSP freezes because of a non-working code or when a code is activated at the wrong time dont freek, just remove the
battery or wait for it to shut off by itself, Using the programs i am giving instructions CAN NOT harm your PSP in
any way shape or form and to my knolege it CAN NOT harm your PC ether
NOTE 4:
The address in cheat format must end in one of these or it will freeze:
0 / 4 / 8 / C
If your editing a code in the Address collum then you will see what i mean
--------------------------------------------------------------------------------
1-How to make a Subroutine using PS2DIS
What you will need:
~A PC
~A USB Cord
~A Ram Dump of The Game Your Using
~PS2DIS
~Some basic coding knoledge (Optional LOL)
Ok so first you need PS2DIS, get it [HERE] and a Ram Dump of the game you will be using, Heres a Example:
Im writing >DIE 2 BOOT< by STR8KRAZY into a Subroutine, so i open NitePR and i go the PRX menu and i click Dump Ram in slot 0
and then i hook up my PSP to my PC via USB and i select the file called "Dump 0" or something like that, it should be around
24MB and in the root of your memory stick. If you are using CoderPR then go to the options menu to dump the ram, then open
the CoderPR folder in the root of your memory stick and open the "Ram Dumps" folder and theres your dump.
You want to CUT (Ctrl + X) the Dump to your PC for easy use. Ok now make sure you have the Subroutine Template and a
Code you want to sub, in my case its >DIE 2 BOOT< ok heres a sub and the code im subing (BTW u would get this very well if u
followed the Example)
Subroutine Template:
>DIE 2 BOOT ROOM<:lui t0 $[First Half Of Address + 1 If Second Half Is 8000 Or More]
lui t1 $[First half Of Hex]
ori t1 t1 $[Second Half Of Hex]
sw t1 $[Second Half Of Address](t0)
JR RA
Ok now open PS2DIS, then click the open folder and select the Dump you got from MOHH2 (or the gamne ur using) and a box will#>DIE 2 BOOT<
;credit StR8KrAzY
;BOOTS THE WHOLE ROOM
0x00658264 0x496337DE
come up like this:
ok change the "Address From" to 08800000 (type 088 and hold 0 untell in starts beeping) and when you press enter there willUNKNOWN FORMAT [X]
Load From [00000000] [OK]
Address from [00000000] [Cancle]
be symbols, letters, numbers that are similar to the ones in the template (Shown above) then you press CTRL + F to open a
box like this:
ok check the box [ ]As Hex string and then enter this many zeroes:FIND STRING [X]
[ ] [OK]
[ ]Case Insentive Press F5 or Shift+F5 to find Next[Cancle]
[ ]As Hex String [Cancle]
into the long blank box and hit enter. If you did it right most of those number like in the template should say "nop"00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000
Ok now lets take a look at the template, take the first line:
ok duble click on the first line that has a NOP in it and change the NOP with lui t0$ but dont hit enter yet, then rightlui t0 $[First Half Of Address + 1 If Second Half Is 8000 Or More]
after the $ enter the first 4 charecters of the REAL address
We interupt this guide for a mini guide on how to find the real address:
copy the address and open the calculator, click view and select scintific then click on Hex. Paste the address in the calc
and ADD 8800000 (88 with Five ZERoS after it) and thats your REAL address, now you dont need the other address
so delete that and paste the REAL address there (add 0s to the beggining untell it has 8 charecters)
Now we return you to your regularly sceguald guide.......
Ok that was odd, any way now you have the real address so this is how i have my notepad document (i use notepad b/c its EZ 4
coding)
ok thats just how i do it. ok now take the second line:lui t0 $[First Half Of Address + 1 If Second Half Is 8000 Or More]
lui t1 $[First half Of Hex]
ori t1 t1 $[Second Half Of Hex]
sw t1 $[Second Half Of Address](t0)
JR RA
08E58264 496337DE
#958's Boot Room
;Code: STR8KRAZY
;Sub By: Xx958xX
0x
0x
0x
0x
0x
0x
There is no REAL hex so just enter the first 4 charecters of the Hexlui t1 $[First half Of Hex]
Now for the third:
So simply enter the second half of the hexori t1 t1 $[Second Half Of Hex]
Now the fourth is a bit different
Ok now enter the second half of the REAL address AND enter "(t0)" without the quotes at the end, Example:sw t1 $[Second Half Of Address](t0)
Ok now for the JR RA, just change the NOP to JR RA and that one is done lolsw t1 $8264(t0)
Now find the codes you changed (should still be on screen one right after the other)
and click on them like you did to add the template, and copy and paste them into your notepad (or what ever you use)
Now mine looks like this:
You see the blank space in the code? thats where your hook goes, this is more simple than you think. Ok in PS2DIS#958's Boot Room
;CREDIT: Xx958xX
0x08800610 0x3c0808e6
0x08800614 0x3c094963
0x08800618 0x352937de
0x0880061c 0xad098264
0x08800620 0x03e00008
press "G" and a window will pop up like this:
ok tyoe this in:Specify address in Hex f...[X]
[ ][V]
08800098
and duble click on the line, chnage the NOP to this:
ok now enter the first line of your sub, in my case its 08800610, then hit enter. Now copy the address and Data from the lineJ $[YOUR HOOK FOR YOUR SUB/JOKER, ENTER THE FIRST LINE]
and enter it at the top
ok now press CTRL + H and replace 0880 with 0000, or just replace the 88 in the begening of the address with 00. Now your#958's Boot Room
;CREDIT: Xx958xX
0x08800098 0x0a200184
0x08800610 0x3c0808e6
0x08800614 0x3c094963
0x08800618 0x352937de
0x0880061c 0xad098264
0x08800620 0x03e00008
done, ;) go test it out, if it dosent work make sure you did everything right, dont be scared to ask questions, and try
a different hook instead of 08800098, try one of these:
0880094
088004c
0880024
Good Luck!
--------------------------------------------------------------------------------
2-How to make a subroutine without PS2DIS (Xx958xX Founded)
Ok if you have noticed 90% of subroutines have the same addresses,
ok there are more things that subrutines have that are always the same, here it is:0x00000610
0x00000614
0x00000618
0x0000061c
0x00000620
P.S this is just the sub, without the hook
Ok now you need a hook so add this to the top:-----------------------------------
----------Subroutine Template (USER EDITABLE) By Xx958xX
0x00000610 0x3c08<-----The First 4 of the REAL address, + 1 to the end if the second half is over 8000
0x00000614 0x3c09<-----The First 4 of the Hex
0x00000618 0x3529<-----The last 4 of the Hex
0x0000061c 0xad09<-----The Second half of the REAL address
0x00000620 0x03e00008
------------------------------------
0x00000098 0x0x0a200184
;) have Fun........
--------------------------------------------------------------------------------
3-how to reverse a Subroutine (Xx958xX Founded)
Ok it might frustrate people who want to joker a code that is subed and they dont know how to joker a sub
(i dont think u can) so heres how to reverse the sub to get the ORIGNAIL hack!!
First off you need the subroutine, My Example is SWRS Flash:
Ok now if u read the guide above this will be very easy, First lets look at my User Editable Sub Tempate:#Xx958xX's Flash
;Credit: Xx958xX
0x00000094 0x0a200184
0x00000610 0x3c0808af
0x00000614 0x3c09408c
0x00000618 0x35290000
0x0000061c 0xad09b5d4
0x00000620 0x03e00008
Ok the lines that the user must edit are the ones you want to take apart, ok heres my Ex.-----------------------------------
----------Subroutine Template (USER EDITABLE) By Xx958xX
0x00000610 0x3c08<-----The First 4 of the REAL address, + 1 to the end if the second half is over 8000
0x00000614 0x3c09<-----The First 4 of the Hex
0x00000618 0x3529<-----The last 4 of the Hex
0x0000061c 0xad09<-----The Second half of the REAL address
0x00000620 0x03e00008
------------------------------------
So delete the hook (0x00000094 0x0a200184) and the name and the notes (#Xx958xX's Flash ;Credit: Xx958xX) and delete the#Xx958xX's Flash
;Credit: Xx958xX
0x00000094 0x0a200184
0x00000610 0x3c0808af
0x00000614 0x3c09408c
0x00000618 0x35290000
0x0000061c 0xad09b5d4
0x00000620 0x03e00008
addresses (0x00000610 and on) Delete the bottom Hex, then delete the 0xs at the beggining and the first 4 charecters of the
Hexes. Deleting all this will make it easyer, so this is how it should look if your following the Example:
[QUOTE]
08af
408c
0000
b5d4
[/QUOTE/
Ok now look at this Subroutine template:
Forget teh JR RA, you see ho the first line is the first half of the REAL address? well add that to a blank text doclui t0 $[First Half Of Address + 1 If Second Half Is 8000 Or More]
lui t1 $[First half Of Hex]
ori t1 t1 $[Second Half Of Hex]
sw t1 $[Second Half Of Address](t0)
JR RA
Then add the second half which should be B5D4 in this case, now if the second half is over 8000 then subtract 1 to the
FOURTH charecter from the left of the REAL address you just copied, Heres my Ex so far:
Ok now copy and paste that into your calc. and subrtact 8800000 (88 with 5 Zeroes after them) and thats the Cheat format,08af
408c
0000
b5d4
08afb5d4
/\ u see, B is higher than 8000 so subtract 1
08aEb5d4
So add 0s at the beggining of it untell it has 8 cherecters and add 0x before the code:
Ok now lets get the Hex values, take the 408C and the 0000 and put them together08aEb5d4 - 8800000 = 002EB5D4
0x002EB5D4
408c0000 and thats the Hex, so are code is now:
And if your practicing check the code, lets see the working SWRS flash is#Flash
0x002EB5D4 0x408c0000
#Flash
0x002EB5D4 0x408C0000
I got:
#Flash
0x002EB5D4 0x408c0000
Hmmm would you look at that, Enjoy guys
Xx958xX'S ULTIMATE SUBROUTINE GUIDE, DO NOT POST ANY WHERE WITHOUT MY PERMISSION.