Hacking Homebrew app [Release] PC DX/Watch 1.0 new Disassembler/Assembler for Playstation 4

xZenithy · Jul 29, 2021

Hello,

I would like to introduce you the new Disassembler/Assembler for Playstation 4 DX/Watch 4.03 Release:

Main Features:
- As Disassembler:
 Windows 10 Calculator support (copy/paste actions)
 Activate Break-Point/Watch-Point from the disassemble code window
 Add bookmarks from the disassemble code window
 Add bookmarks from the Hex Editor Window
 Quick Patches from disassemble code window
 Custom Patches from disassemble code window
- As Assembler
 3 assembler modes supported: Freestyle, Amend and CodeCave
 Quick-Patch instructions with undo option
 Verify and complete ASM instruction size
 Load, Save and Paste Block your ASM code
 Create a new trainer file from scratch
 Add a new cheat to an existing trainer file
 Add a new cheat-line to an existing cheat
- As Hex Editor
 Use modern Hex Editor to load, change and save bytes directly in ps4 memory
 Auto-refresh function to automatically refresh which bytes have change in a custom interval
time
 Copy string, hex values, paste, add bookmark memory address
 2 customize ways to load the memory: Multi-page and custom fixed size (One-Page)
 Data Inspector with automatic hexadecimal data conversion
- As Trainer Manager
 Load and Save your trainer- cheats in a shn format file
 Change/Update any descriptives of the trainer, ex.: Description, Author, etc..
 Delete any cheat from the selected node
 Activate/Deactivate any cheat from your loaded trainer
 Jump from any cheat-node to his corresponding address code
 Save any shn trainer in mc4 format file
 Save as GoldHen Cheat supported format for both shn and mc4 format file

New Features Version 4.03:
 New support for hidden PS4 memory section (custom section)
 New Trainer Preview Window
 New Conditional Break-Points Group Rules
 New enhancement/advanced CPU registers
 New logic to recover the trainer file that was not saved previously by any reason
 New Full Form Editor for the cheat Description
 New Refresh button on Memory Map to refresh the memories sections any time when the game change then dynamically
 New option to use manual attach instead of the automatic mode (by default)
 New keyboard short-cuts adjusted like x64Dbg PC debugger (option to choose between original DXW or x64Dbg)
 Internally updated NeoHexEditor to version 1.04
 Changed the internal scale mode to be more compatible when using Windows custom scaling mode different to the
standard one
 Updated all external DLLs to the last current version
 A lot of minor enhancements to make the DXW more easy to use
 A lot of major/minor bugs from previous version fixed
 Updated PS4Dbg library to the last version
 MC4 file format updated

URL to download: https://ko-fi.com/s/9960cc66fd

arfgh · Jul 30, 2021

question... which ps4debug payload to load in order to further use this program ? Because there are several versions of it... The one that uses ctn for example ?

xZenithy · Jul 30, 2021

arfgh said:
question... which ps4debug payload to load in order to further use this program ? Because there are several versions of it... The one that uses ctn for example ?

Good question...
The exact version of the payload is v1.0.10 and it is the last public version from ctn and it is included with DX/Watch and you can send it using the corresponding button at the top-right menu bar.
But be aware there are other higher/lower public/private version that other programs are using and these payloads are not compatible with DX/Watch.

PopperTop · Jul 31, 2021

Looks interesting, but I've got no clue how to use the code cave stuff, is there an easy to learn tutorial for it?

There's a bunch of games I've got where the addresses have no pointers when scanned for, so with this - you would set watchpoints on the addresses to get the base offset in the executable, then you input a modification in the cave?

xZenithy · Aug 2, 2021

PopperTop said:
Looks interesting, but I've got no clue how to use the code cave stuff, is there an easy to learn tutorial for it?

There are some videos tutorials on the Web, so google for it...

There's a bunch of games I've got where the addresses have no pointers when scanned for, so with this - you would set watchpoints on the addresses to get the base offset in the executable, then you input a modification in the cave?

More or less it is like you said. There are a lot of situacion for use a code cave and more advanced master code.

One easy example: Sometime you find the asm instruction on the executable that decrease your health, but this instructions is 2 bytes size, and your modifications is 8 bytes size, so do you don't have enough room to create your modification on the executable.
So the code cave functionality look up for and empty room in the executable where you can put your code and then on the original instruction your put a jmp to the code cave address, execute your code and with another jump come back to follow the original code.

PopperTop · Aug 9, 2021

I'm still having trouble. ☹

I want to disable one element of the UI that pops up when you push up on the analog stick.

I get the address that has the value for it, which is a float 0 and 1

I set a watchpoint then take the address to disassembly -

12B620A mov rax, [r15] 49-8B-07

Code cave from here...

Now I'm not sure what to input.

I tried putting:

mov dword ptr [r15], 0x00000000
vmovss xmm0, dword ptr [r15]
jmp 0x12B620A

Which causes a fatal error.

xZenithy · Aug 15, 2021

PopperTop said:
I'm still having trouble. ☹

I want to disable one element of the UI that pops up when you push up on the analog stick.

I get the address that has the value for it, which is a float 0 and 1

I set a watchpoint then take the address to disassembly -

12B620A mov rax, [r15] 49-8B-07

Code cave from here...

Now I'm not sure what to input.

I tried putting:

mov dword ptr [r15], 0x00000000
vmovss xmm0, dword ptr [r15]
jmp 0x12B620A

Which causes a fatal error.

Because by you example, the issue is on your last instrucction, The jmp 0x12B620A is wrong because the address is the orginal address, this is wrong, You need to put jmp to the return address that the prg tell you. Find in the CodeCave window a label that said: Return address : 0x12B62xx. This address is the correct address that you need to put...

xZenithy · Aug 28, 2021

DX/Watch new version 2.01:

New Features Version 2.01:
 Memory view re-made from scratch
 Automatic Bookmarks load/save from/to file by game
 Navigational functionality for Bookmarks/Breakpoint with scroll annotations indicator
 Move/order Cheats Node on the tree trainer manager
 Full Keyboard Short-cuts for the most important actions
 Fixed a lot of bugs and code optimization from the previous version
 Update to the last payload (PS4Debug.bin Ctn v1.0.13) to support debugging PS4 on FW 07.xx
 Debugging with Single-Step Into (experimental)

Probably the best disassembler for PS4...

xZenithy · Oct 7, 2021

DX/Watch new version 2.02:

New Features Version 2.02:
 New Historic CPU Registers Log mode (need to enable this option first on settings)
 New option to save CPU Registers in a CSV format file any-time
 New option to save Memory Map Sections in a CSV format file any-time
 Fixed an occasional bug related to the incorrect activation/deactivation of cheats from the
Trainer menu
 Update Faqs/How to related to the new option Historic CPU Registers Log
 Other minor improvements

PopperTop · Oct 9, 2021

I managed to do what I wanted with the UI.

Is it possible to do cheat engine's what writes and accesses address where it lists them all?

I'm wanting to remove a camera distance limit but I'm getting a watchpoint hit straight away on the camera coordinates without even moving it in game. When this address gets NOP the camera won't move, only can look around.

I've asked a PC game photomode modder on Twitter about removing the limit and he said you do this by getting the cam coordinates then debug the function. Does this mean I have to setup IDAPro?

xZenithy · Oct 9, 2021

I'm trying to follow you but I don't sure if I have got what are you talking about. So I'm going to answer below in your post..

PopperTop said:
I managed to do what I wanted with the UI.

Is it possible to do cheat engine's what writes and accesses address where it lists them all?

"Yes, it is possible to do but only using the old school way or the hard code way... "

PopperTop said:
I'm wanting to remove a camera distance limit but I'm getting a watchpoint hit straight away on the camera coordinates without even moving it in game. When this address gets NOP the camera won't move, only can look around.

"That's normal behavior on the modern games. Everything is calculated in real-time constantly, ex.: your health, the camera coordinates, etc... That is the reason to log the cpu reguisters to see how they are calculated between the different instrucctions of code/functions...

PopperTop said:
I've asked a PC game photomode modder on Twitter about removing the limit and he said you do this by getting the cam coordinates then debug the function. Does this mean I have to setup IDAPro?

Obviously IDAPro is one of the best statics debuggers(and real-time debugger too) and a lot people is capable to resolve/get his goals only using static analysis of the code but IDAPro cannot do real-time debug on PS4 console code, that is what my tool do, real-time debugging of the code that you want investigate using the bp/wp, logging the cpu registers, etc and for a lot of people is enough with using real-time analysis to achieve his differents goals.
My advice, if the goal is small/medium (typical use case example, Infinite Health) using the DX/Watch for real-time debugging can be enough.
If your goal is complex or higher, then It can be necessary to use IDAPro to do static analysis of the code, functions, etc... to understand the logic from a high level perspective and use DX/Watch to investigate and focus the code/function in a real-time analysis on a low level perspective. You can use both tool and work together using the advanced functions of that each tool to analysis your objective code..
But anyway, everything depends of your knowledge/experience on assembler programming and at the end is up to you...

xZenithy · Dec 24, 2021

- DX/Watch new version 2.03 Final and last version...

New Features Version 2.03:

 New Call Stack window register
 Update ps4debug lib by Ctn to version 1.0.14 to support debugging on PS4 firmware 9.0
 Reassign some keyboard short-cuts to allow to select all rows in the grids with CTRL-A and copy
all them using CTRL-C.
 Fixed creation of multiple master code cheats in the same trainer
 Fixed the Watch-point limit to 4
 All critical bugs fixed, only minor bugs can be expected

Url to download: https://www.sendspace.com/file/zrv60x

Alternative Url: https://1fichier.com/?6fejfanvwkwv1fuaolzd

Password file: xZenithy

vigneshvampire · Dec 31, 2021

Good job brother make small tutorial ...

xZenithy · Dec 31, 2021

vigneshvampire said:
Good job brother make small tutorial ...

I don't know if you see it but in the file there is a Reade document FAQs from the most basic to the most complex concepts...

Anyway, if you have any doubts how to do some stuff with my application, ask here and I can answer your doubt.

xZenithy · Dec 31, 2021

New Fix version DX/Watch Final Release 2.03b.

-- Version 2.03b Fixed copy Address in Regs. window.

Url to download: https://www.sendspace.com/file/xgtm9u

Alternative Url: https://1fichier.com/?zenaxwogsllphcm9cflu

InfallibleDaystar · Jan 1, 2022

Payload sends successfully but the connection fails afterwards, any ideas what could be causing this?

xZenithy · Jan 2, 2022

InfallibleDaystar said:
Payload sends successfully but the connection fails afterwards, any ideas what could be causing this?

You have read the "readme" document? Check it because contains a FAQs and an explanation about issues with connection...

xZenithy · Jan 29, 2022

New Release DX/Watch Final Release 2.04.

New Features Version 2.04:
 Update ps4debug lib by Ctn to version 1.0.15
 Update to Capstone Disassembler
 New feature auto-save/load ASM code by source address on Amend and CodeCave
 New Section feature: Offset address for positive section (default behavior) and absolute
address for negative section
 New Feature on Assembler Window: Insert Row and Delete Row (ASM instructions)
 Fixed issue with copy Address in Regs. Window
 Fixed incorrect error message when set/clear a watch-point
 Fixed incorrect mnemonic instructions in Disassembler window
 Fixed Copy selected multi rows in Assembler Window
 All critical bugs fixed, only minor bugs can be expected

download url: https://ko-fi.com/s/9960cc66fd

xZenithy · Jan 10, 2023

Hi,

New release of my tool DX/WATCH 3.0, is the only tool fully compatible with GoldHen-Cheat with shn, mc4 formats and absolute address support!

New Features Version 3.00:
 Internal update to work with .Net Framework 4.8
 Support mc4 format to be use with GoldHen Cheats from version 2.3
 Absolute address feature to be use with GoldHen Cheats from version 2.3
 New Master Variable feature to initialize value’s variable
 New Feature to search which instruction read/write share address
 Interactive update of the CPU-Registers from the disassemble window
 Quick-Patch instruction with undo option
 Customize application with a skin theme and palette colour
 Full compatibility with GoldHen Cheats

xZenithy · Feb 22, 2023

Hi,
New release of my tool DX/WATCH 3.1, is the only tool fully compatible with GoldHen-Cheat with shn, mc4 formats and absolute address support!

Now with the new Structure Compare functionality:

Hacking Homebrew app [Release] PC DX/Watch 1.0 new Disassembler/Assembler for Playstation 4

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

New Member

Well-Known Member

Well-Known Member

New Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum