Hacking VitaCheat/FinalCheat Database

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
I'm fucking awesome.
Well, my STUPIDITY is fucking awesome.
I knew it. I knew there was a seg1/pointer... thing. I was talking to @monodevil about it a while back, but I couldn't figure out how to implement what I was thinking.
If your strategy can be consistently successful, you just totally broke apart the main issue in Vitacheat code hacking.
Well, see here's the thing.... I kinda half cheated......... I've been working on Ys VIII for a long time and have a LONG list of notes... so here's what I did.

In Ys VIII there's an area I know about. It lists all the characters' names and has a pointer to their Stats next to it. I've made pointers using this list before, but everyone else's lists were always in a different area. So I based my code off that area... I'll call it 82001337, because it's the hacking sweet spot there. It's NOT in the seg0/seg1. If I were to follow one of those pointers and add F04 for the offset, I'd have a character's HP. We'll pretend that 82001337 is Adol's Pointer.

So, I loaded a dump into CE. File-> Open a file... -> select dump -> set dump to start at 81000000 and 32bit.

Then I did a normal mem search in CE for addresses inside seg1 that might be pointers to 82001337. Settings are:
Hex [checked]
Value: 81FFD337 - 82001337 (The first value is 82001337 minus 4000. Use calc.)
Scan type: Value between...
Start: Seg1's Address (I'll pretend it starts at 81001000)
End: Seg1's address + it's size. (I'll pretend it was 1000, so this address would be 81001000+1000=81002000)

New search button showed one address (i'll say it's 81FFDAC7‬).

81FFDAC7 is our pointer. If we use Calc, we can see a couple things.
first: 81FFDAC7 - 81001000 = FFCAC7 This is our offset from Seg1.
second: 82001337 - 81FFDAC7 = 3870 This is our pointer offset.

So, with seg1+FFCAC7, we could go to a new area in memory that's based on seg1's instructions. +3870, we'll be at 82001337 which is Adol's Pointer. +F04 and we'll be at Adol's HP. So then the code would be:

$B200 00000001 00000000
$3202 00FFCAC7 00003870
$3200 00000000 00000F04
$3300 00000000 FFFFFFFF

That's what I did. So I did have some little bit of info to start with, but the important stuff all came from Cheat engine. (and Calc.exe because my hexadecimal maths is limited to 1+9=A....)

upload_2020-5-25_18-29-38.png
 

Attachments

  • upload_2020-5-25_18-24-4.png
    upload_2020-5-25_18-24-4.png
    194.4 KB · Views: 258
Last edited by Yohoki,

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
Well, see here's the thing.... I kinda half cheated......... I've been working on Ys VIII for a long time and have a LONG list of notes... so here's what I did.

In Ys VIII there's an area I know about. It lists all the characters' names and has a pointer to their Stats next to it. I've made pointers using this list before, but everyone else's lists were always in a different area. So I based my code off that area... I'll call it 82001337, because it's the hacking sweet spot there. It's NOT in the seg0/seg1. If I were to follow one of those pointers and add F04 for the offset, I'd have a character's HP. We'll pretend that 82001337 is Adol's Pointer.

So, I loaded a dump into CE. File-> Open a file... -> select dump -> set dump to start at 81000000 and 32bit.

Then I did a normal mem search in CE for addresses inside seg1 that might be pointers to 82001337. Settings are:
Hex [checked]
Value: 81FFD337 - 82001337 (The first value is 82001337 minus 4000. Use calc.)
Scan type: Value between...
Start: Seg1's Address (I'll pretend it starts at 81001000)
End: Seg1's address + it's size. (I'll pretend it was 1000, so this address would be 81001000+1000=81002000)

New search button showed one address (i'll say it's 81FFDAC7‬).

81FFDAC7 is our pointer. If we use Calc, we can see a couple things.
first: 81FFDAC7 - 81001000 = FFCAC7 This is our offset from Seg1.
second: 82001337 - 81FFDAC7 = 3870 This is our pointer offset.

So, with seg1+FFCAC7, we could go to a new area in memory that's based on seg1's instructions. +3870, we'll be at 82001337 which is Adol's Pointer. +F04 and we'll be at Adol's HP. So then the code would be:

$B200 00000001 00000000
$3202 00FFCAC7 00003870
$3200 00000000 00000F04
$3300 00000000 FFFFFFFF

That's what I did. So I did have some little bit of info to start with, but the important stuff all came from Cheat engine. (and Calc.exe because my hexadecimal maths is limited to 1+9=A....)

View attachment 210570
You wanna know something super f**ked up?
That's like almost word for word what I've been talking about. It's like you read my f**king mind. Like, to the letter. Using seg1 as an offset. Kinda like having a B300 code, you could say. I wish I'd bugged you about this sooner. In fact, I kinda might have. But I dunno. Mighta just been @monodevil.
Like, if seg1 is already an offset (hence the B200 codes), why couldn't/or wouldn't there possibly be an offset from that offset? The missing piece is probably Cheat Engine. We might have been able to do it with TempAR and the universal one, too. But it would probably have taken more work.
 

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
You wanna know something super f**ked up?
That's like almost word for word what I've been talking about. It's like you read my f**king mind. Like, to the letter. Using seg1 as an offset. Kinda like having a B300 code, you could say. I wish I'd bugged you about this sooner. In fact, I kinda might have. But I dunno. Mighta just been @monodevil.
Like, if seg1 is already an offset (hence the B200 codes), why couldn't/or wouldn't there possibly be an offset from that offset? The missing piece is probably Cheat Engine. We might have been able to do it with TempAR and the universal one, too. But it would probably have taken more work.
Well, it's not REALLY an offset from an offset... It's a pointer starting from an offset. Because seg1 and seg0 HAVE pointers in there, but we aren't really able to utilize them in TempAR since they tend to move around when the game reboots.

But Cheat engine isn't TempAR.... It's got a lot more tools to use than we normally have access too. But, I don't know of a way to use more than one dump in CE.
 

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
Well, it's not REALLY an offset from an offset... It's a pointer starting from an offset. Because seg1 and seg0 HAVE pointers in there, but we aren't really able to utilize them in TempAR since they tend to move around when the game reboots.

But Cheat engine isn't TempAR.... It's got a lot more tools to use than we normally have access too. But, I don't know of a way to use more than one dump in CE.
We're saying the same thing, just using different vocabulary. You're still using a B200 code, but not necessarily in its intended manner. Instead of using it to manipulate data between 81001000 and 81002000, you're making it manipulate data outside of it by adding the additional distance that it "overflows" into that next segment.
As in, you have 1000 in seg1, but you're taking 1800, for example.
 

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
Not really. There's no reason why you cant just do this:
Code:
$B200 00000001 00000000
$0200 00001800 00000000
That's just using seg1 as a base, and overflowing into the next area. If the area you need is ALWAYS just outside seg1, then that's easy.

But, what I'm doing is a little more complex. The spot in Ys VIII isn't in seg1, nor is it always X spaces away from it. Sometimes it's 1800 away, other times it's 2500 away.... But there's a pointer in seg1 that points to this movable extension. That's what I'm using.
 
Last edited by Yohoki,

monodevil

Well-Known Member
Member
Joined
Apr 2, 2013
Messages
288
Trophies
1
XP
1,040
Country
United States
I finally found that homebrew app I've been looking for that let's you multitask Vita games and apps, down side is, it does work with other homebrew apps. Basically what I had in mind was being able to run vitashell's FTP in the background allowing you to create and send dumps to your PC without closing the game, which would be the closest to being able to see your game's memory while its running but yeah it doesn't work for homebrew apps apparently. Would have been sweet though.


http://wololo.net/2020/01/03/psvita...-for-the-vita-allowing-you-to-multitask-with/

# PCSB00408 Dragon Crown Eur 1.09

_V0 Infinite Durability Weapon Slot 1
$3201 81EFE578 000001F8
$3300 00000000 0006DDD0
$3201 81EFE578 000001FC
$3300 00000000 0006DDD0
Nice, hopefully these also work for the US version which I'm sure they should as most DC codes do. I'd like to go back to Dragon's Crown one day but @iv2b who was mostly working on the latest version of Dragon Crown EU hasn't been on since last year and he did some amazing work on that game. I wanted to help him out by adding my piss poor codes with his but I guess I'll have to finish off the small stuff whenever I get the chance or someone else can. Right now I'm working on another game and won't get to Dragon's Crown right away.

You wanna know something super f**ked up?
That's like almost word for word what I've been talking about. It's like you read my f**king mind. Like, to the letter. Using seg1 as an offset. Kinda like having a B300 code, you could say. I wish I'd bugged you about this sooner. In fact, I kinda might have. But I dunno. Mighta just been @monodevil.
Like, if seg1 is already an offset (hence the B200 codes), why couldn't/or wouldn't there possibly be an offset from that offset? The missing piece is probably Cheat Engine. We might have been able to do it with TempAR and the universal one, too. But it would probably have taken more work.
That's way beyond anything for my comprehension(and laziness) to understand especially all that with what
@Yohoki just posted, good god:wtf:!


 

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
I finally found that homebrew app I've been looking for that let's you multitask Vita games and apps, down side is, it does work with other homebrew apps. Basically what I had in mind was being able to run vitashell's FTP in the background allowing you to create and send dumps to your PC without closing the game, which would be the closest to being able to see your game's memory while its running but yeah it doesn't work for homebrew apps apparently. Would have been sweet though.


http://wololo.net/2020/01/03/psvita...-for-the-vita-allowing-you-to-multitask-with/


Nice, hopefully these also work for the US version which I'm sure they should as most DC codes do. I'd like to go back to Dragon's Crown one day but @iv2b who was mostly working on the latest version of Dragon Crown EU hasn't been on since last year and he did some amazing work on that game. I wanted to help him out by adding my piss poor codes with his but I guess I'll have to finish off the small stuff whenever I get the chance or someone else can. Right now I'm working on another game and won't get to Dragon's Crown right away.


That's way beyond anything for my comprehension(and laziness) to understand especially all that with what @Yohoki just posted, good god:wtf:!
Bro, I don't even understand what I post. I gotta look up my notes and color code things or I'll be lost. XD
 

dbzgts

Active Member
Newcomer
Joined
Sep 21, 2016
Messages
41
Trophies
0
Age
43
XP
187
Country
Indonesia
We're saying the same thing, just using different vocabulary. You're still using a B200 code, but not necessarily in its intended manner. Instead of using it to manipulate data between 81001000 and 81002000, you're making it manipulate data outside of it by adding the additional distance that it "overflows" into that next segment.
As in, you have 1000 in seg1, but you're taking 1800, for example.

Can you help me find out cheat for PCSH00250 Dead or alive xtereme venus? I only need to get the satisfaction rate for all the girl. Do you need the file dump or the save file?
 

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
Bro, I don't even understand what I post. I gotta look up my notes and color code things or I'll be lost. XD
So, in theory, a working method could be:
Find seg1 - note it.
Use last address of seg1 to find start address of "seg2" in Vitacheat Mem Viewer.
Find your value.
Dump 81000000-8D000000
Use Cheat Engine/TempAR to find pointer in "seg2"
Use CE to find pointer within seg1 to "seg2"
Do your oddest math
Test new double pointer.

Right? ish?
I should think that if you can find a pointer in seg1 through that dissection thing you were talking about, you could do the same in "seg2".

Or, we should be using B200 <-- these numbers, and we're just making our lives more difficult.
 
Last edited by eighthdayregret,

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
So, in theory, a working method could be:
Find seg1 - note it.
Use last address of seg1 to find start address of "seg2" in Vitacheat Mem Viewer.
Find your value.
Dump 81000000-8D000000
Use Cheat Engine/TempAR to find pointer in "seg2"
Use CE to find pointer within seg1 to "seg2"
Do your oddest math
Test new double pointer.

Right? ish?
I should think that if you can find a pointer in seg1 through that dissection thing you were talking about, you could do the same in "seg2".

Or, we should be using B200 <-- these numbers, and we're just making our lives more difficult.
Not quite... Mine was a bit more complicated for a tutorial.... mine required a 2 level pointer, but it might not be that difficult in most cases.... hopefully....

Find address you need: 82001337 sounds fine here.
dump like normal: '81...' to '83...' is fine for this address, but go as high as you need.
open cheat engine to find pointer in seg0/1
do the oddest math
Test pointer in-game.

Let me test a couple things in Ys today and I'll make a video if it's easy enough to do..... I have a crap mic, though, and noisy kids... so it may end up being text in the video. XD
 

monodevil

Well-Known Member
Member
Joined
Apr 2, 2013
Messages
288
Trophies
1
XP
1,040
Country
United States
Anyone who actually MAKES codes interested in a Discord server for Vitacheat?
gamehacking.org has a Discord server that has a good number of crazy game coders from the old days and old game hacking sites, but I usually don't see many talking about vita games but then again, I rarely hop in it. Plus its a mess, its basically like their forum where everything is mixed into 1 section, no designated sections for different consoles basically.
 

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
gamehacking.org has a Discord server that has a good number of crazy game coders from the old days and old game hacking sites, but I usually don't see many talking about vita games but then again, I rarely hop in it. Plus its a mess, its basically like their forum where everything is mixed into 1 section, no designated sections for different consoles basically.
This would be a brand new Discord. Price of admission would be some kind of proof that you actually make codes. Nothing public.
Or, we can start a forum and we can organize stuff a bit more freely than here.
The GitHub is great, but needs some fine tuning. It'd be a great repository, but it's hard to focus. We could do individual threads for individual games, so like in the case of Metal Slug 3 and a couple others where myself and someone else worked separately, there'd be a thread just for that game, allowing easier discussion and collaboration, instead of me trying to see what someone else said 30 pages ago, and allowing for the GitHub to be updated with new/better codes more quickly.

Just an idea, and ProBoards is free.
 
  • Like
Reactions: Yohoki

Yohoki

Well-Known Member
Member
Joined
Dec 4, 2018
Messages
824
Trophies
0
Age
34
XP
1,213
Country
United States
This would be a brand new Discord. Price of admission would be some kind of proof that you actually make codes. Nothing public.
Or, we can start a forum and we can organize stuff a bit more freely than here.
The GitHub is great, but needs some fine tuning. It'd be a great repository, but it's hard to focus. We could do individual threads for individual games, so like in the case of Metal Slug 3 and a couple others where myself and someone else worked separately, there'd be a thread just for that game, allowing easier discussion and collaboration, instead of me trying to see what someone else said 30 pages ago, and allowing for the GitHub to be updated with new/better codes more quickly.

Just an idea, and ProBoards is free.
I tried to set up a board a while back, but I don't think I did it right because every time I logged out, the forum forgot my admin password... It'd be awesome to have a forum just for vitacheat. This thread gets clogged pretty easy, and it'd be nice to have a thread for each game (or series) where anyone interested in a game could hop in... as well as a tutorials area, requests, off-topic and general knowledge sharing areas... I'd join it.... I'd even volunteer to help mod.

Just don't make that stupid crap where you can't use the search button unless you're signed in... that's the stupidest thing I've ever seen.
 
  • Like
Reactions: CrossOut

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
I tried to set up a board a while back, but I don't think I did it right because every time I logged out, the forum forgot my admin password... It'd be awesome to have a forum just for vitacheat. This thread gets clogged pretty easy, and it'd be nice to have a thread for each game (or series) where anyone interested in a game could hop in... as well as a tutorials area, requests, off-topic and general knowledge sharing areas... I'd join it.... I'd even volunteer to help mod.

Just don't make that stupid crap where you can't use the search button unless you're signed in... that's the stupidest thing I've ever seen.
I already made one. I'll mess with it a little and start sending out links. Just private at first.
 

CrossOut

Well-Known Member
Member
Joined
Aug 12, 2018
Messages
404
Trophies
0
Age
34
XP
1,262
Country
United Kingdom
This would be a brand new Discord. Price of admission would be some kind of proof that you actually make codes. Nothing public.
Or, we can start a forum and we can organize stuff a bit more freely than here.
The GitHub is great, but needs some fine tuning. It'd be a great repository, but it's hard to focus. We could do individual threads for individual games, so like in the case of Metal Slug 3 and a couple others where myself and someone else worked separately, there'd be a thread just for that game, allowing easier discussion and collaboration, instead of me trying to see what someone else said 30 pages ago, and allowing for the GitHub to be updated with new/better codes more quickly.

Just an idea, and ProBoards is free.
This sounds really interesting. For ages I had in my head about someone making a more comprehensive setup,site or hub for vitacheat. For example the Save Wizard has a Discord and they have properly organised threads and such for each game and other sections such as ,requests and questions. I would also make a suggetion and make it so that if you have a problem, need help with a games code and so on, you make it so you post in that specific games thread. It would be better organised this way I think. Or make a thread for help and list each game as it own thread? Maybe that is a bit much but it would be more organised this way I think.

I fell that a massive help and tutorial section would be very welcome as I find that most people dont know about the pointer search videos and its githb tutorial and seemed surprised that it was there haha. Also if someone could make an updated video and text tutorial for Vita pointer searching that would be a great section on the site. Since you have all found out a load of new things to do with finding codes,the disgaea games seem to be very complcated for someone like me and none of the things that you all have found out are that well know.

Having a onestop hub or site would really benfit VitaCheat in the long run. For example there are a few post for codes on here and they have no cheatfile listed in the database though I may be wrong? I think some people made cheats for games and there was only 1 or 2 cheats.

--------------------- MERGED ---------------------------

I tried to set up a board a while back, but I don't think I did it right because every time I logged out, the forum forgot my admin password... It'd be awesome to have a forum just for vitacheat. This thread gets clogged pretty easy, and it'd be nice to have a thread for each game (or series) where anyone interested in a game could hop in... as well as a tutorials area, requests, off-topic and general knowledge sharing areas... I'd join it.... I'd even volunteer to help mod.

Just don't make that stupid crap where you can't use the search button unless you're signed in... that's the stupidest thing I've ever seen.
I find a lot of sites that have gamesaves and other frameware related hacking things have that feature where you must make an account to use its search function and yes, it is silly. I mean you can not spam or do any other annoying things unless you make an account so why limit the search function. I do not understand
 
Last edited by CrossOut,

Darkmaestro

Member
Newcomer
Joined
Apr 16, 2020
Messages
18
Trophies
0
Age
43
XP
315
Country
France
Nice, hopefully these also work for the US version which I'm sure they should as most DC codes do. I'd like to go back to Dragon's Crown one day but @iv2b who was mostly working on the latest version of Dragon Crown EU hasn't been on since last year and he did some amazing work on that game. I wanted to help him out by adding my piss poor codes with his but I guess I'll have to finish off the small stuff whenever I get the chance or someone else can. Right now I'm working on another game and won't get to Dragon's Crown right away.


That's way beyond anything for my comprehension(and laziness) to understand especially all that with what @Yohoki just posted, good god:wtf:!

[/QUOTE]
Yes, I know this is a old game but i discover it this year and i like it. iv2b made great cheat for this game. I found a way to edit weapon and accessory for the first character in the 1.09 version of the game. But i don't know how to find the good pointer for the cheat.
 

Attachments

  • IMG_20200528_222219.jpg
    IMG_20200528_222219.jpg
    766.1 KB · Views: 212
  • IMG_20200528_222234.jpg
    IMG_20200528_222234.jpg
    856.4 KB · Views: 180
  • IMG_20200528_222247.jpg
    IMG_20200528_222247.jpg
    633.9 KB · Views: 183
  • Like
Reactions: CrossOut

CrossOut

Well-Known Member
Member
Joined
Aug 12, 2018
Messages
404
Trophies
0
Age
34
XP
1,262
Country
United Kingdom
Nice, hopefully these also work for the US version which I'm sure they should as most DC codes do. I'd like to go back to Dragon's Crown one day but @iv2b who was mostly working on the latest version of Dragon Crown EU hasn't been on since last year and he did some amazing work on that game. I wanted to help him out by adding my piss poor codes with his but I guess I'll have to finish off the small stuff whenever I get the chance or someone else can. Right now I'm working on another game and won't get to Dragon's Crown right away.


That's way beyond anything for my comprehension(and laziness) to understand especially all that with what @Yohoki just posted, good god:wtf:!
Yes, I know this is a old game but i discover it this year and i like it. iv2b made great cheat for this game. I found a way to edit weapon and accessory for the first character in the 1.09 version of the game. But i don't know how to find the good pointer for the cheat.[/QUOTE]
Trust me, I am glad you are still wanting to make codes for it. Since there are nowhere near as many codes for PAL games as there are for the U.S. it is great to see more people making codes for PAL region games. Now I recall that Dragons Crown was another really hard game to get codes for. I look forward to see what other codes you can do :)
 

eighthdayregret

fnerrrrrrrrrr!
Member
Joined
Sep 27, 2017
Messages
493
Trophies
0
Age
42
Website
eighthsregrets.blogspot.com
XP
823
Country
United States
Nice, hopefully these also work for the US version which I'm sure they should as most DC codes do. I'd like to go back to Dragon's Crown one day but @iv2b who was mostly working on the latest version of Dragon Crown EU hasn't been on since last year and he did some amazing work on that game. I wanted to help him out by adding my piss poor codes with his but I guess I'll have to finish off the small stuff whenever I get the chance or someone else can. Right now I'm working on another game and won't get to Dragon's Crown right away.


That's way beyond anything for my comprehension(and laziness) to understand especially all that with what @Yohoki just posted, good god:wtf:!
Yes, I know this is a old game but i discover it this year and i like it. iv2b made great cheat for this game. I found a way to edit weapon and accessory for the first character in the 1.09 version of the game. But i don't know how to find the good pointer for the cheat.[/QUOTE]The main problem with Dragon's Crown is that the game has what's called "sanity" checks. A lot of stuff actually requires you to modify multiple values in order for codes to work.
As in, the game allows for only a certain number of skill points to be assigned. A total value vs an amount used.
Gotta find both addresses to make things work.
 

monodevil

Well-Known Member
Member
Joined
Apr 2, 2013
Messages
288
Trophies
1
XP
1,040
Country
United States
The main problem with Dragon's Crown is that the game has what's called "sanity" checks. A lot of stuff actually requires you to modify multiple values in order for codes to work.
As in, the game allows for only a certain number of skill points to be assigned. A total value vs an amount used.
Gotta find both addresses to make things work.
I wish I would have known that sooner. Another thing about Dragon's Crown is, I don't think those "check" were implanted in the base version of the game(1.00) seeing as a few years ago I remember I was able to increase my skill points without any issue and I believe it stayed that way and kept my skills even when I updated. So you could probably down grade your game and possibly edit the game from there. Probably not worth the work but just saying.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    LeoTCK @ LeoTCK: yes for nearly a month i was officially a wanted fugitive, until yesterday when it ended