Hacking Wii U Pointer Search

[BullyWiiPlaza]

"Wii U Pointer Search" has been deprecated. Please download "Universal Pointer Searcher" here.

Compiled application: http://www.mediafire.com/download/wa69e11jj9jyg14
Source code repository: https://github.com/BullyWiiPlaza/Wii-U-Pointer-Search

Spoiler: Video demonstration

Spoiler: Command line version with still helpful instructions

Spoiler: Commentary about pointers

Spoiler: Source code compilation guide

Spoiler: Following pointer codes in TCP Gecko.NET

Spoiler: Creating memory dumps for pointer searches

Spoiler: Installing JDK and running the application

Please give me some feedback, it's appreciated!

 

[Mathew_Wi]

Looking good, man.

 

[Dantarion]

I could probably add this to my WiiU side search...
You should post source to this also instead of just a compiled app for something so simple

 

[BullyWiiPlaza]

You should post source to this also instead of just a compiled app for something so simple

If it's simple enough or not to release the source code is up to me but I added it

 

[cfoordddd]

sorry noob question, how do make a wii u memory dump?

 

[BullyWiiPlaza]

sorry noob question, how do make a wii u memory dump?

 

[cfoordddd]

thanks, another question, is it better to dump range of 10000000 - 3B000000?
or should i test what offsets i get for my search then research it and if the offset search is different, should i dump the range between those offsets?

 

[CosmoCortney]

thanks, another question, is it better to dump range of 10000000 - 3B000000?
or should i test what offsets i get for my search then research it and if the offset search is different, should i dump the range between those offsets?

you could prabably reduce the range even more (but it must start at 0x10000000).
Most of my pointer locations were found below 0x29000000.
If you don't find any results try increasing the offset size.
(If it still doesn't help redump with a higher range)

 

[cfoordddd]

you could prabably reduce the range even more (but it must start at 0x10000000).
Most of my pointer locations were found below 0x29000000.
If you don't find any results try increasing the offset size.
(If it still doesn't help redump with a higher range)

awesome, will play around with it soon thank you!

 

[BullyWiiPlaza]

I recommend dumping as much as possible because it increases your chances in finding better pointers. You must start at 0x10000000 though (like it has been said), also stick to the same size memory dumps once you decided.

 

[Cyan]

I don't know if it's possible, (it's possible that it's already working like that, I'm not C# dev and I just took a quick look at the sources).

To make less RAM usage, can't you read only blocks of dump at a time?
I think, currently, it's loading all dumps at a time, so if the user have 4 dumps it will fill the RAM with 4x dump size.
instead of loading all the dumps to array first then doing the comparison, it's possible to load only 10MB of each dump, do the search, then unload and reload next 10MB block etc. ?
it might be slower to reopen the files and fread them but users with low RAM will not have issue.

What do you think?

Anyway, thank you for making a pointer search tool
I added a link to your thread in the cheatcode thread tutorial.

 

[BullyWiiPlaza]

I don't know if it's possible, (it's possible that it's already working like that, I'm not C# dev and I just took a quick look at the sources).

It's a Java project but C# is similar, yes.

To make less RAM usage, can't you read only blocks of dump at a time?

Reading blocks is significantly slower. It may take a few minutes to complete a single search. This is something I did in the past and it was a bad idea. Also you're overlooking that I need the whole memory dump available because a pointer could point anywhere and I need to "follow" it.

I think, currently, it's loading all dumps at a time, so if the user have 4 dumps it will fill the RAM with 4x dump size.

Yes. It is loading all memory dumps into the RAM at once. To reduce the load, I could read just a single memory dump at a time since I don't need them concurrently.

 

[CosmoCortney]

It's a Java project but C# is similar, yes.

Reading blocks is significantly slower. It may take a few minutes to complete a single search. This is something I did in the past and it was a bad idea. Also you're overlooking that I need the whole memory dump available because a pointer could point anywhere and I need to "follow" it.

Yes. It is loading all memory dumps into the RAM at once. To reduce the load, I could read just a single memory dump at a time since I don't need them concurrently.

Maybe you could implement whether to search block-wise or not (maybe + defining block size) to the settings. I still have troubles with the latest version you have sent me. The search does not start again after loading the dumps :/

 

[Cyan]

ah yes, java, sorry.

I didn't know you had to follow it. I thought it was only searching for offset differences on each address to find one matching the same offset between two given addresses.
reading one at a time could help, if it's not bothering you too much it could help users from out of memory issue.

 

[BullyWiiPlaza]

Critical bug fixed where pointer in pointer searches would "stop randomly". Now it works till the end.

 

[Skiller]

option to Print to Txt file and not to screen might be a nice thing..
your last version is working better then the last few
Good Job

 

[BullyWiiPlaza]

option to Print to Txt file and not to screen might be a nice thing..

Yes but you can select everything and press CTRL + C to copy it. Not good enough?

 

[Skiller]

True but you have to wait till its complete .. and if your doing a massive search it could take a long time before you can start looking at the file.. were if it was printing to a text u can start looking right away ..

also FYI there is another bug it seems

looking at pointer in pointer,
there seems to be an issue in it checking second dump to make sure that address it spits out is the same pointer

Example
[[747D1CC] + 14] + 30

747D1CC in 1 dump has a value of 2AED1F08
in the other dump its 00000000
meaning incorrect ..

 

[BullyWiiPlaza]

True but you have to wait till its complete .. and if your doing a massive search it could take a long time before you can start looking at the file.. were if it was printing to a text u can start looking right away ..

Okay, implemented in the options menu.

also FYI there is another bug it seems

looking at pointer in pointer,
there seems to be an issue in it checking second dump to make sure that address it spits out is the same pointer

Example
[[747D1CC] + 14] + 30

747D1CC in 1 dump has a value of 2AED1F08
in the other dump its 00000000
meaning incorrect ..

Indeed, nice job on noticing. Also fixed now.

 

[cfoordddd]

would the pointer have a higher chance of getting the right one if i add more than 2 dumps?