05-25-2019, 10:43 PM
(This post was last modified: 05-26-2019, 07:03 PM by Maori-Jigglypuff.)
(05-24-2019, 05:09 PM)mateus558 Wrote: HOW YOU FIND THIS VALUE 200C0230
That is not an Value but an Address which has the Value.The Address Range 200C0000 - 200FF000
is commonly not used by the PCSX2 Emulator and the real Playstation 2.So this where you could
write your own MIPS Code that can be used to cheat in a Game.But first you need a Driver Function
or a Block where you have to connect your Code with the Jump Instruction "j".That Driver Function
must be remain active THROUGHOUT the entire Gameplay or your own Code will fail.With your posted
Address 200C0230 i wrote a little Programm with Comments that will illustrate you what's going on:
Test of a MIPS Driver Function if it is active throughout the entire Game to use it for own Programmcode:
[Purpose of this Demo-Programm: If User enters a 1-Byte Value in the (1-Byte) Address 200c028a which lies between 00-7F
then increase the Value by 1 and if User enters a 1-Byte Value which lies between 80-FF then decrease the Value by 1 ]
201032b4 0803008c // j-Instruction from Driver Function
201032b8 00000000 // Must set Value to Zero because exactly one Line under j-Instruction.Original Value relocated to Address 200c0234
200c0230 8c830020 // Value of Address 201032b4 now here
200c0234 9082002f // Value of Address 201032b8 has been entered here
200c0238 3C08000C // lui t0, $000c (__000c0000)
200c023c 25080230 // addiu t0, t0, $0230 (__000c0230)
200c0240 24090001 // addiu t1, zero, $0001 (__00000001)
200c0244 240a0002 // addiu t2, zero, $0002 (__00000002)
200c0248 910b005a // lbu t3, $005a(t0) (__000c028a)
200c024c 2d6c0100 // sltiu t4, t3, $0100
200c0250 016c580b // movn t3, t3, t4
200c0254 240d00ff // addiu t5, zero, $00ff
200c0258 01ac580a // movz t3, t5, t4
200c025c 2d6c0080 // sltiu t4, t3, $0080
200c0260 240e0001 // addiu t6, zero, $0001
200c0264 118e0004 // beq t4, t6, $000c0278
200c0268 256b0001 // addiu t3, t3, $0001
200c026c 256bffff // addiu t3, t3, $ffff
200c0270 158e0001 // bne t4, t6, $000c0278
200c0274 256bffff // addiu t3, t3, $ffff
200c0278 a10b005b // sb t3, $005b(t0) (__000c028b)
200c027c a1090058 // sb t1, $0058(t0) (__000c0288)
200c0280 08040caf // j $001032bc
200c0284 a10a0059 // sb t2, $0059(t0) (__000c0289) [ONE Line under an j-Instruction so it is still in the scope of the Driver Function]
Observation (1-Byte) Address where the constant 1-Byte Value 01 appears in Address: 200c0288
Observation (1-Byte) Address where the constant 1-Byte Value 02 appears in Address: 200c0289
Enter an 1-Byte Value here in this (1-Byte) Address: 200c028a
Depending on Conditions the entered changed 1-Byte Value will be instantly outputted in this (1-Byte) Address: 200c028b
I used the Game Valkyrie Profile 2: Silmeria with which i am extensively busy.If you want
to add that Code into PCSX2 pnach file it is neccessary to adapt it in its Format:
// Test of a MIPS Driver Function/Block if it is active throughout the entire Game in order to use it for own Programmcode
// [The 1-Byte Value 01 appears in this (1-Byte) Address: 200c0288
// The 1-Byte Value 02 appears in this (1-Byte) Address: 200c0289
// Enter an 1-Byte Value in this (1-Byte) Address: 200c028a
// If the entered Value lies between 00-7F then increase it by 1 else if entered
// Value lies between 80-FF then decrease it by 1 in (1-Byte) Output Address: 200c028b
patch=1,EE,001032b4,word,0803008c
patch=1,EE,001032b8,word,00000000
patch=1,EE,000c0230,word,8c830020
patch=1,EE,000c0234,word,9082002f
patch=1,EE,000c0238,word,3C08000C
patch=1,EE,000c023c,word,25080230
patch=1,EE,000c0240,word,24090001
patch=1,EE,000c0244,word,240a0002
patch=1,EE,000c0248,word,910b005a
patch=1,EE,000c024c,word,2d6c0100
patch=1,EE,000c0250,word,016c580b
patch=1,EE,000c0254,word,240d00ff
patch=1,EE,000c0258,word,01ac580a
patch=1,EE,000c025c,word,2d6c0080
patch=1,EE,000c0260,word,240e0001
patch=1,EE,000c0264,word,118e0004
patch=1,EE,000c0268,word,256b0001
patch=1,EE,000c026c,word,256bffff
patch=1,EE,000c0270,word,158e0001
patch=1,EE,000c0274,word,256bffff
patch=1,EE,000c0278,word,a10b005b
patch=1,EE,000c027c,word,a1090058
patch=1,EE,000c0280,word,08040caf
patch=1,EE,000c0284,word,a10a0059
To see the Effect of these Instruction Lines for Example with Cheat Engine you have to add it to this Patch