How to unDMA a DMAed Code

[TyROiiD]

How to unDMA a DMA code.
I made this on Call of Duty Roads to Victory.
Go in the game, open NitePR press R to go to [PRX] go to Uknown Value 32-Bit
Go back into game, shoot 1 bullet with the thommy
Search Less
Move a little bit and shoot another bullet and search less
The dont shoot and search same
Do that until you get a few results.
I only got one result
The adresses is 0x013EE5D8
Go to PRX and Save Ram Dump #0
And go in a notepad AND WRITE DOWN THAT ADDRESS
First Ram Dump (0)
0x013EE5D8
Now go somewhere and let the enemies kill you
Turn off any code you may have on
Then restart
Go back to PRX and reset search
Then open NitePR press R to go to [PRX] go to Uknown Value 32-Bit
Go back into game, shoot 1 bullet with the thommy
Search Less
Move a little bit and shoot another bullet and search less
The dont shoot and search same
Do that until you get a few results.
My Result was 0x015B6558
WRITE THAT DOWN
Second Ram Dump (1)
0x015B6558
Make sure you saved the Ram Dump to your memory stick
Now go into USB mode and open up DMAHunter
Load the dumps and type in the address, let it search AND DONT PRESS ANY BUTTON WHEN IT SAYS TO

Code:

SANiK's DMA code hunter
Please get ready to select the two dumps
(Press enter to start)
Please enter the address of the cheat in RamDump #1
Please enter hex only (0xEF123... etc.): 0x013EE5D8
Please enter the address of the cheat in RamDump #2
Please enter hex only (0xEF123... etc.): 0x015B6558
Searching...
Found, address 0X3223F4, value changed from 0X9BEE490 to 0X9DB6410
Press any key to continue . . .

I got lucky lol, only one result.
DMA Code format is :

#DMA Code Format
0xFFFFFFFF 0x00000000
0x00000000 0x00000000
Im going to color code this
Found, address 0X3223F4, value changed from 0X9BEE490 to 0X9DB6410
The red part is the 1st dump address, and it isnt used.
The green part is the 2nd dump address, and it isnt used.
The Blue part is your Pointer,
So lets add that in, its goes on the top righthand side
#Inf Ammo Thommy
0xFFFFFFFF 0x003223F4
0x________ 0x________

The next part is what most people mess up on
All you have to do is Subtract the red part from 8800000
I got 13EE490
You then subtract that from your first dump address
0x013EE5D8 - 13EE490 and i get 148
Now add that in
#Inf Ammo Thommy
0xFFFFFFFF 0x003223F4
0x00000148 0x________
The last thing is how many, i just put 100.
100 in Hex = 64
If you knew Hex you would know that
So the final code is

#Inf Ammo Thommy
;'Credits TyROiiD
0xFFFFFFFF 0x003223F4
0x00000148 0x00000064
I hope this helped a lot

-TyROiiD

[p0iz0n]

what if there is more than one result after the search? the address i was looking for had hundreds? how fo u narrow it down?

[TyROiiD]

Make 3 dumps
Compare 1 to 2
Compare 2 to 3
Compare 1 to 3
Keep the common addresses, and discard the resr

[Scruffy120]

The next part is what most people mess up on
All you have to do is Subtract the red part from 8800000
I got 13EE490
You then subtract that from your first dump address
0x013EE5D8 - 13EE490 and i get 148

...might wanna say u need to make them both shortcut, so both need -880000

[SGT_PiTBULL]

Thank you so much Ty!
It worked great for me. I'm gonna make a bunch of codes using the knowledge I gained from this tutorial.
Thanks again!! !!
+REP

EDIT: -_-
Never mind.
It worked once then when I turned off my PSP and tried again it didn't.
I used "Find Exact Value" instead of "Find Unkown Value - 32bit". Is that why?

[xWhite_Shadowx]

Or it's because it has more than one layer.

By the way there's a 10x faster way by using just nitepr, or at least nitepr is how I do it. And SonniE. And WhoIsYou. And Twisted. But we're nubs so whatever.

[DFZ]

Or it's because it has more than one layer.

By the way there's a 10x faster way by using just nitepr, or at least nitepr is how I do it. And SonniE. And WhoIsYou. And Twisted. But we're nubs so whatever.

a few exact value searches will get u a pointer and an offset =]