+ Reply to Thread
Page 1 of 3
1 2 3 LastLast
Results 1 to 10 of 25
  1. #1
    Join Date
    Aug 2008
    Posts
    12
    Points
    288,467.00
    Rep Power
    198

    Default Murderface's DMA Kiling Guide

    So, if you've been taking a look at some of the guides here, you've probably heard the term DMA tossed around a bit. Don't worry, DMA isn't something to be scared of, and is really easy to beat once you get used to it. DMA does not mean a game is unhackable

    For those of you that don't know, DMA means Dynamic Memory Allocation. In short, it means that the game rotates the addresses of most things in whatever game you're playing, so it is "harder to hack".
    But, if you think about it logically, if the game re-arranges everything, it must have a way to tell itself how to find the new value right? If it didn't, then how would it know where all the values for player health, ammo value, etc were? Well, that's actually the secret on how you can beat DMA!

    This Guide May NOT be Reposted without my permission!
    How to tell if your code is DMA'ed:
    Okay, so theres a couple defenitive ways to know if the code you are attempting to make is DMA'ed. The sure fire way to test is, make your code, and it should work on the level/stage you are on. Try going to another stage/ level and if your code no longer works, then the address is DMA'ed. Thats the sure-fire way to tell, you can also try re-starting the game and see if your code still works, If not, then you'll have to un-dma it. Theres also a couple things I've noticed that should help you recognize a dma code on the spot:
    1. Most DMA addresses, from my experience, though this does not apply to all games , will start with an address like:
      Code:
      0x01300000 or higher
      Generally, if a game is not DMA'ed, the address for health,time,ammo,etc tends to be in a lower address.
    2. Multiplayer games: Though not always true, generally games that have infrastructure play are DMA'ed. That's the manufacturer's way of stopping people from hacking their way to the top.
    3. "Patched Games" Socom is a great example of this, If a company releases a patch for thier game, that generally means that they are making addresses and values harder to find and edit.
    4. Code type: Probably the least definite way to tell, but it is common for addresses for player Health, ammo values, and player location(coordinates) to be DMA'ed, especially in first person shooters
    Keep in mind, that none of my ways can tell you for sure that you code is on a DMA address, like I said earlier, the only sure fire way to tell without opening a memory dump on your computer is to try a code in different stages/levels, if it ever stops working, then it's probably DMA.

    Real/ Plugin Formats:

    One thing to learn before attempting to un-dma a code, is how different plugins read addresses, and how they relate to the actual address in-game. Now, I'm just gonna post the same code in 2 different address formats as an example, the first is in nitepr format, the second is in "real" format
    NitePR:
    Code:
    0x0016EEBC
    Real Format:
    Code:
    0x0896EEBC
    Now, look closely at the addresses, notice the addresses are similar towards the end, but in the beginning they are different. Now, the second address is how the game would actually refer to the address, so thats what we need to find out where our DMA code will be. What happens is, when NitePR loads a games memory, it starts numbering the lines at 0x00000000 rather than the actual value, however, in all games memory, it starts numbering lines with 0x08800000. But when hacking, it can prove invaluable to know how to find a real address.

    So, to convert addresses, its actually easy, and you don't need any extra tools! If you're running windows, simply open the calculator. Now go to the menu up top, see where it says scientific and standard? Click scientific. Now a lot more button should show up, but don't let them intimidate you.
    Look up in the top left corner, where there are 4 buttons labeled HEX DEC OCT BIN, and click the button for HEX. Now you're all set for your work. Lets paste the address for the NitePR code in, minus the 0x part.
    Quote Originally Posted by calculator
    0016EEBC
    One thing you should know, is that calculator will automatically remove any zeros in front of a number. So in calculator it will show up as 16EEBC. Now, our next step is to add 08800000 (thats 88 with 5 zeros after it) That will result in 896EEBC. To but that back into address format, you need to put zeros in front of the # until there are 8 hex total. In this situation, we only need 1 zero. That gives us 0x0896EEBC

    Now, that was a little rough to explain, but you need to understand how to convert real addresses to and from real format to make codes with DMAHunter

    The Prep:
    I assume if you've made it this far in my guide, that you know the basics of nitepr and code making, so thats how I am going to explain it. Start a game, go into a level, and search for an address like ammo value. Once you have your address, WRITE IT DOWN! This is crucial that you do so, you will need it later. It will also help if you write "Dump1" or something similar next to it, that way you won't get mixed up. Now, go into the PRX menu of NitePR, and go down to where it says:
    Dump RAM? Slot 0
    And hit X, your memory stick light should flash for a little less than a minute.
    Now, do something that will change the code's address, such as changing levels, or restarting the game,sometimes dying will also move the address.
    The next step is to re-find your "new" address, write it down, and you need to make a dump like before,but this time make sure it says "dump 1" or anything different to the first time you made a dump
    Now, this next part is up to you, normally, 2 dumps will be enough, but somtimes it wont, so you can chosse to repeat the process if you like. But, if you think you're done, then you're done with your psp for now, go ahead and grab your USB cable and hook up your psp to your pc.


    The Tool:

    The tool we're gonna use to make our codes is called DMAHunter, it should have been in the zip file with nitePR, but, just in case it wasn't, heres an upload of it:
    http://www.megaupload.com/?d=OXXXTPL2
    Once you've got it downloaded, go ahead and open it. You should get a window that looks like this:


    Now press enter and a screen asking you to select the location of dump 1 should pop up, so lets navigate to our PSP and select the first dump we made, DUMP 0. Then It will ask you to select the second dump.

    Next, It will ask you the location of the first address in the dump. For that, simply enter the address of your first search, the first one you wrote down.
    Then it will ask for the second address, so write the second address, No converting is required for either of these.
    Hit enter.
    Now the words Searching..... Should appear, followed by some data that looks like this:
    Code:
    --Found, address 0X6D1834, value changed from 0X94FA0F0 to 0X9635410
    You will probably have many lines, I just used one for an example. Notice it says "Press any key to continue...." at the bottom, DO NOT PRESS ANYTHING! Instead, right click and hit mark, then drag a white box over all the text and hit enter. Then open notepad and hit CTRL+ V to paste the text there, we're now done with DMAHunter, so you can close it.

    Now that you have it all copied in notepad, let me explain a few parts of what results it gave you
    --Found, address 0X6D1834, value changed from 0X94FA0F0 to 0X9635410
    The part in red is what's known as the "Pointer" address, this is because it is literally pointing at where your code's address moved. The part in green is where the pointer is pointing in your first dump, so its showing in real address format where your address would be located in your first dump. The part in blue is showing where the pointer is pointing in the second dump.

    Now, to make a cheat for this, you need to understand how to format a DMA code in nitePR.
    Here is an example DMA code:
    Code:
    #Animation Freeze Online
    0xFFFFFFFF 0x001A5BA0
    0x00000088 0x00000001
    Okay, all DMA codes need to start with the orange part, this is just a "sticky note" if you will, telling nitePR that this is a DMA code. Now, the part in red is the pointer address itself. To get this, take the first part of your result, where it says "--Found, address 0X6D1834" and put that address there.
    Okay, for the second line, this is called the "offset" address. In other words, this is saying in hex how far away from the pointer the code you want is away from the pointer. Lastly, the part I did not collor is the value you would normally put for your code.

    So, for the result DMAHunter gave us,
    Code:
    --Found, address 0X6D1834, value changed from 0X94FA0F0 to 0X9635410
    We already have the data we need for the first line for our code. Like I showed you earlier, you will have to add zeros to the front of your pointer address so that it is 8 digits long.
    So we have this so far:
    #Code
    0xFFFFFFFF 0X006D1834

    Now, to find our offset, there is some math involved. But luckily we have our calculator to help us!
    Take the address the pointer is pointing to in the first dump (the green part)
    --Found, address 0X6D1834, value changed from 0X94FA0F0 to 0X9635410
    This address is stored in the "real address" format, so we need to conver it to the nitepr address format. To do this, we have to subtract 8800000 (thats 88 with 5 zeros) from that address, so lets paste our first address into calculator, minus the 0x part
    94FA0F0
    Now we need to subtract 8800000
    This will give us:
    0x00CFA0F0

    Now we have two addresses in the same format, what you need to do is take the address you just got, and subtract the address you found in your first dump. This will give you your offset address, in this case it's 56C

    We now have all of the pieces we need to make our code:
    Code:
    #Our Cheat
    0xFFFFFFFF 0X006D1834
    0x0000056C 0x00000F0F
                                    ^Insert your desired value
    Hopefully this guide has been enough to find your code, but if not, here's some advice from users at OHG:
    Quote Originally Posted by Black Wolf
    if your getting a LOT of results, try finding a pointer in there thats points to an address CLOSE to your first code. Usually, this will be your pointer.
    Quote Originally Posted by k3s
    you know what i do :

    i make 3 memory dumps instead of 2

    and then i use 1&2 and get the results (A)

    then 2&3 (B)

    then 1&3 (C)

    then i compare A, B, and C.....and i end up with much less results......so you may want to try this
    Quote Originally Posted by WAZGOINGON
    IF UR POINTER CODE IS NOT WORKING DO THIS FIRST BEFORE ANYTHING ELSE:

    DECREASE UR OFFSET BY TWO

    (OFFSET= 0x0000056C in the FINAL PRODUCT)

    THIS HAPPENS 99.9% of THE TIME TO ME SO JUST DECREASE UR OFFSET BY 2
    Well, I hope you enjoyed my guide, and hopefully you learned something new today! If you have questions, comments, please, leave them below!

    Thanks Goes Out To:
    • WAZGOINGON, For making a guide that I understood, and helped serve as a template for this one
    • WhoIsYou, for helping explain making DMA codes better on a 1 on 1 basis
    • K3S, for reccommending checking results against eachother, this truly helped me alot
    • HaxCommunity's Members, truly my motivation for keeping my hacking going.
    • HaxCommunity's Staff, for doing their jobs, which allows me time off to develop new hacks and guides, couldn't do it without you
    • All of OneHitGamer, for their great guides, and all their help and answers to my questions, no matter how noobish
    Last edited by Murderface; 10-17-2008 at 11:40 PM.

  2. #2
    Join Date
    Jul 2008
    Location
    United States,Ct
    Posts
    34
    Points
    29,301.00
    Rep Power
    199

    Default

    good guide man, +Rep
    [SIGPIC][/SIGPIC]

  3. #3
    Join Date
    Feb 2008
    Location
    New York
    Posts
    3,114
    Points
    2,118,270.34
    Rep Power
    220

    Default

    "This Guide Should Only Be Posted On OneHitGamer And HaxCommunity!"
    .....it is yours right? good guide thought =]
    Last edited by Scruffy120; 01-17-2009 at 02:04 AM.

  4. #4
    Join Date
    May 2008
    Location
    In the interwebz
    Posts
    5,055
    Points
    712,910.93
    Rep Power
    224

    Default

    Yeah its his, he copy & pastes as he goes to new sites :]

  5. #5
    Join Date
    Feb 2008
    Location
    New York
    Posts
    3,114
    Points
    2,118,270.34
    Rep Power
    220

    Default

    Quote Originally Posted by WhoIsYou View Post
    Yeah its his, he copy & pastes as he goes to new sites :]
    lmfao, why not take that piece out??

  6. #6
    Join Date
    Aug 2008
    Posts
    12
    Points
    288,467.00
    Rep Power
    198

    Default

    Quote Originally Posted by Scruffy120 View Post
    lmfao, why not take that piece out??
    Because originally, only those 2 sites were going to have that guide. Like WIY said, I just copy and paste my stuff when I go to a new psp hacking site, saves me alot of time, and adds a little bit to the site, also lets people know who I am and what I can do.
    I usually forget to edit that part, because I'm usually in a hurry when I'm on the net, I'm really flooded with projects right now.
    Mainly, its just laziness.
    But it does discourage people from re-posting it as their own

  7. #7
    Join Date
    Apr 2008
    Posts
    88
    Points
    45,482.00
    Rep Power
    202

    Default

    I eat DMA for breakfast.

    Promote Free Software!

  8. #8
    Join Date
    May 2008
    Location
    In the interwebz
    Posts
    5,055
    Points
    712,910.93
    Rep Power
    224

    Default

    Quote Originally Posted by NOFX View Post
    I eat DMA for breakfast.
    ill eat you for breakfast -_-

  9. #9
    Join Date
    Feb 2008
    Location
    New York
    Posts
    3,114
    Points
    2,118,270.34
    Rep Power
    220

    Default

    Quote Originally Posted by WhoIsYou View Post
    ill eat you for breakfast -_-
    i can have left overs?

  10. #10
    Join Date
    Jan 2009
    Posts
    3
    Points
    1,764.00
    Rep Power
    193

    Default

    i <3 murderface

+ Reply to Thread
Page 1 of 3
1 2 3 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts