View Profile
View Forum Posts
Private Message
CREDITS:SANiK
The Address
1) Addresses on the PSP are actually 0x08800000 and on
2) A cheat might have an address of 0x00005000, but that's not the real address, that's the "SHORTCUT ADDRESS"
3) The REAL address is 0x08805000 (Add 0x08800000 + 0x00005000)
4) So when the game uses the address, it uses the REAL ADDRESS to access it, and NOT the SHORTCUT ADDRESS 0x00005000
5) Remember the word "SHORTCUT ADDRESS"
Pointers
1) Pointers have 2 parts
2) Part 1 is the ADDRESS of the pointer itself
3) Part 2 is the VALUE inside the pointer (which is actually an address)
4) So let's say we go to address 0x08805000, and the number inside there is 0x08806000
7) This means that there is a pointer at 0x08805000 that points to 0x08806000
Pointer Offsets
1) From the above example we had a pointer at 0x08805000 that points to 0x08806000
2) BUT, let's say the player's health is at 0x08807000
3) We play the game, and then the pointer at at 0x08805000 NOW points to 0x08806500
4) We then notice that the player's health is no longer at 0x08807000 but instead at 0x08807500
5) This mean that the player's health is RELATIVELY DEPENDENT on the address that the pointer points to
6) We notice that to get the address of the player's health, we do:
address of player's health=address that the pointer points to+0x1000
7) 0x1000 can be said to be the "RELATIVE OFFSET"
nitePR format
1) nitePR's DMA codes are in this format:
0xFFFFFFFF 0x___1____
0x____2___ 0x____3___
2) In 0x___1____ is the "SHORTCUT ADDRESS" of the POINTER
3) 0x____2___ is the "RELATIVE OFFSET" that gets added to the ADDRESS POINTED TO BY THE POINTER
4) 0x____3___ is the VALUE that gets STORED at the POINTED ADDRESS
dmaHunter
1) Find a cheat by searching for it, write down the "SHORTCUT ADDRESS"
2) Dump RAM in slot 1
3) MAKE the game change the pointers (be it by restarting the game or joining a different map)
4) Find the cheat AGAIN by searching for it, write down the "SHORTCUT ADDRESS"
5) Dump RAM in slot 2
6) Quit
7) Connect the PSP to the USB
8) Run DMA hunter
9) DMA hunter asks you for two RAM dumps
10) Select the RAM dumps in the proper order, order matters
11) So select RAM DUMP #1 first, and enter the "SHORTCUT ADDRESS" you got in step #1
12) Then select RAM DUMP #2, and enter the "SHORTCUT ADDRESS" you got in step #4
13) dmaHunter will now cross reference the two dumps to find all the values that changed by the same amount
14) If successful, dmaHunter should say (hopefully):
Quote:
--Found, address "SHORTCUT ADDRESS", value changed from "REAL ADDRESS A" to "REAL ADDRESS B"
15) "SHORTCUT ADDRESS" is the ADDRESS OF THE POINTER
16) You now need to compute the "RELATIVE OFFSET"
17) The "RELATIVE OFFSET" can be gotten by first converting either "REAL ADDRESS A" or "REAL ADDRESS B" into "SHORTCUT ADDRESS" form
18) To do this, we pick either REAL ADDRESS A or B, and then subtract 0x08800000 to get the "converted SHORTCUT ADDRESS" , that's it
19) Finally, the OFFSET can be calculated by:
"RELATIVE OFFSET"="SHORTCUT ADDRESS you got in step #1"-"SHORTCUT ADDRESS A which you converted"
or
"RELATIVE OFFSET"="SHORTCUT ADDRESS you got in step #4"-"SHORTCUT ADDRESS B which you converted"
20) Both equations should give you the same "RELATIVE OFFSET"
link to DMA hunter:
download here!
+ Reply to Thread
Results 1 to 10 of 10
-
05-18-2008 #1
- Join Date
- Feb 2008
- Location
- New York
- Posts
- 3,114
- Points
- 2,731,677.34
- Rep Power
- 226
nitepr info(pointers, dma, dmahunter)
-
05-18-2008 #2Manufacture Guest
Cool tut man
-
05-19-2008 #3
- Join Date
- Jan 2008
- Posts
- 1,402
- Points
- 4,733,324.68
- Rep Power
- 225
lol isnt this from the Nite Pr read me?
◕‿ ◕
-
05-21-2008 #4
- Join Date
- May 2008
- Location
- In the interwebz
- Posts
- 5,057
- Points
- 1,430,830.99
- Rep Power
- 230
It's from DMA hunter, and if you noticed he gave credit to SANiK, and this is quite helpful to some.
-
05-24-2008 #5
- Join Date
- Feb 2008
- Location
- New York
- Posts
- 3,114
- Points
- 2,731,677.34
- Rep Power
- 226
yep ;) all SANiK's i found on google, thought it was usefull so i posted it =]
-
05-24-2008 #6
- Join Date
- May 2008
- Location
- In the interwebz
- Posts
- 5,057
- Points
- 1,430,830.99
- Rep Power
- 230
You might wanna include DMA Hunter with it though since that's the main pupose of this =]
-
05-25-2008 #7
- Join Date
- Feb 2008
- Location
- New York
- Posts
- 3,114
- Points
- 2,731,677.34
- Rep Power
- 226
its there look harder ;) DOWNLOAD HERE!
Originally Posted by WhoIsYou
-
05-31-2008 #8
- Join Date
- May 2008
- Posts
- 1
- Points
- 10.00
- Rep Power
- 207
is there any other way to hack dma.... since sometimes dma hunter doesnt find the non dma code...
-
05-31-2008 #9
- Join Date
- May 2008
- Location
- In the interwebz
- Posts
- 5,057
- Points
- 1,430,830.99
- Rep Power
- 230
Rofl, dont need it cuz i have it and missed it cuz i didnt read the guide, since i have it Originally Posted by scruffy120
Was just saying it cuz im a retard
-
05-31-2008 #10
- Join Date
- May 2008
- Location
- CALI
- Posts
- 141
- Points
- 431,559.00
- Rep Power
- 207
Nice
my ip:
76.126.190.69
don't forget im a retard and i enjoy g4y s3x
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts