1. Amuyea

    OP Amuyea Advanced Member
    Newcomer

    Joined:
    Nov 24, 2017
    Messages:
    77
    Country:
    United States
    Hi everyone. I was going to start learning how to make a cheat for the game. However, there is no tutorial for IDA/Ghidra and its resources.

    I use Macbook pro.

    I hope that someone can help me with it :yayswitch:
     
    Last edited by Amuyea, Jul 19, 2020
  2. Amuyea

    OP Amuyea Advanced Member
    Newcomer

    Joined:
    Nov 24, 2017
    Messages:
    77
    Country:
    United States
    Anyone can point me to the right way?
     
  3. SkyQueen

    SkyQueen Arch3DS Developer || B0MBrHax
    Developer

    Joined:
    Apr 23, 2016
    Messages:
    1,171
    Country:
    Japan
    IDA/ghidra is for datamining not creating cheats 99% of the time.
     
  4. Amuyea

    OP Amuyea Advanced Member
    Newcomer

    Joined:
    Nov 24, 2017
    Messages:
    77
    Country:
    United States
    Oh, I mean like editing save data or something like Animal Crossing New Horizons did with Inventory Items.
     
  5. SkyQueen

    SkyQueen Arch3DS Developer || B0MBrHax
    Developer

    Joined:
    Apr 23, 2016
    Messages:
    1,171
    Country:
    Japan
    Amuyea likes this.
  6. FAST6191

    FAST6191 Techromancer
    Reporter

    Joined:
    Nov 21, 2005
    Messages:
    33,468
    Country:
    United Kingdom
    IDA and Ghidra are mostly known as disassembly tools but do have some light decompilation available as well which some could use.

    You can use them to do cheats and save editing but most would not.

    For the former then you have two things.
    1) If the binary for the console in question is in memory the cheat program can access then you can edit the binary to do all fun things that speak to the fundamental nature of the game rather than just giving you infinite values (gold, HP, mana, potions...), giving stuff in your inventory, setting speed really high, setting max (or higher than max that any normal play would allow) stats, basic moon jump, replicating the effects of potions and the other more minor stuff that editing variables gets you (though you can still make some absolutely massively game altering experiences with simple memory cheats).
    2) You can use it to hardpatch cheats -- a basic cheat will say tell a piece of memory to always have a max value written to it. Fantastic you have infinite health/ammo/many/potions now. If however you find the thing that reads that memory and decides what to do with it then you can change that instead (or do something fun like change a sub to an add so dying actually gains your a life or something, or so doing something in the game that you might not do will refill a life bar say).

    For the purposes of save editors then the game itself might well have a hash; older games going back to the NES and earlier will have a hash/checksum -- it is how they know if you entered a wrong password in those sorts of games. Newer consoles often have their own console level hash on top of things (it is how they tie saves to given accounts) so might skip it and assume the console's own hashing is all it needs.
    Anyway said hashes can be mightily complex such that figuring out what is hashed and what the hash method is can be very hard by simple observation. If however you have the disassembled binary in front of you then you can follow along with what the save hash does when writing a save to the save part of memory, this will tell you what is hashed and how the hash works.
    You can also dodge this and disable hash checking on your save (when loading the save it will go through it, hash it all and compare what it gets against what it is supposed to be, if it fails this comparison then it says "broken save, sorry mate/let's load a backup" but if you break this compare so it always takes the "it matched just fine" path then fantastic. That way you can edit a save to your heart's content and have the game load the save, not care that the hash is broken and then when you save in the game again it will go through and do the hash for you (you presumably did not touch that part in this). At this point you can grab the save back and share it with those on unmodified games.

    IDA and Ghidra are good stuff (both are world class tools and there is a reason you see them so often in hacker circles) but if you have an emulator or the ability to debug on live hardware then that will likely blow both of those out of the water -- IDA and Ghidra are for the most part static tools that don't have any info about a running game (though they do have some options to fake it in some ways and ways to speak to emulators if you are good at using them) where a running game you can see change live before you eyes, manipulate things in the game to find what you want to fiddle with, get to a point in the code where it is acting upon your desired thing rather than staring at a list of hundreds of thousands of instructions, any compression or encryption is likely to be dodged and so on.
     
    Amuyea and WiiEJECT like this.
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - Cheating, Switch, Ghidra