(12-29-2014, 01:49 AM)FeRcHuLeS Wrote: [ -> ]1.- What are elf hacks? I've just released one, I know but what is...
I'll start with the basics and then go into detail.
When a PS2 developer compiles their PS2 application, they end up with an ELF file (amongst other things). ELF files contain all of a PS2 application's executable logic.
ELF hacking consists of modifying that file's code and/or "built-in" values. Some people prefer that way because it's a more "direct" way of hacking, since the code/values that are modified will never ever get changed by the application while it's running. So ELF hacking is less prone to problems that sometimes affect memory hacking. It's also possible to use a HEX editor to directly modify ELF files to avoid the need for cheat devices or pnaches.
On a side note, as we've recently seen with Sega Classics Collection, sometimes certain games (like compilations/demo discs) contain multiple ELF files, which makes it impossible to create "proper" ELF hacks in pnach files because you can't be sure which ELF file is running at any given point in time. This can be worked around by using "E" type cheat device codes to detect which ELF is currently running, then write your ELF hacks into memory so the hacks are only used at appropriate times. More info about it can be found in some of my recent posts.
(12-29-2014, 01:49 AM)FeRcHuLeS Wrote: [ -> ]2.- What are memory hacks? When I read memory hacks comments there are lots of zeros then you gave non zero values to those addresses.
While a game is running, the game's engine will usually dynamically write a lot of values into "live" memory (addresses that appear with "//00000000" in pnach comments). Live memory can potentially change at any time depending on what the game is doing.
For example, if you browse through a game's main menu and then go in-game, a whole bunch of memory addresses' values will change. This makes memory hacking kind of "unsafe" IMO. If you overwrite a live memory address, but that address gets repurposed by the game depending on what it's doing, the value you overwrote that address with could potentially introduce problems in the game, like glitchy graphics, crashes, etc. This won't always be a problem in all games in the context of widescreen hacking, but the potential is always there.
I think most people usually start off by creating live memory hacks, and then "port" them into ELF hacks. Here are a few brief examples on how to do that:
- Use certain tools (e.g. IDA Pro, ps2dis, ELF Search Tool, etc) to search through an ELF file for HEX values that were found in live memory. Sometimes the value you're looking for might only exist once or a couple of times throughout a game's ELF file, which can make life easy. Life becomes much harder if the value exists dozens/hundreds of times throughout the ELF file... . In some cases half of a float value might exist inside a MIPS instruction, in which case you might have more luck searching for the first or last 2 bytes of your float's HEX value (e.g. 1.0 float = 3F800000, so search for 3F80).
- Newer Git development builds of PCSX2 contain a built-in debugger. If you know what you're doing, you can use it to set breakpoints to "freeze" the game when a live memory address gets written to and its value changes. From there you can look through the MIPS instructions that were running at the time the game wrote to the live address and figure out the origin of the value that was written. Sometimes the value is just loaded from somewhere in the game's ELF file. But other times the value can be the result of a calculation the game does on-the-fly, which is a lot more painful to deal with...
(12-29-2014, 01:49 AM)FeRcHuLeS Wrote: [ -> ]3.- Is there anyway to export addresses from ELF SEARCH TOOL to CHEAT ENGINE quickly? I'm copying-pasting one by one, It takes so long
I don't think there's any way to mass copy/paste a bunch of addresses into Cheat Engine in one shot. However, if you're only looking for all instances of a 4 byte (8 character) HEX value, you can search for it in Cheat Engine directly. Just set its memory range between 20000000-30000000, tick the "Hex" checkbox, then enter the HEX value you're looking for and scan for it. From there you can highlight all the addresses it found and click the red arrow button to bring them into the bottom panel. From there, you can highlight them all again and change their type and/or show them as decimal to get decimal (easy-to-read) numbers.