How to create a .ips for a Game

Discussion in '3DS - ROM Hacking, Translations and Utilities' started by noX1609, Feb 9, 2017.

  1. noX1609

    noX1609 B9S freak ;)

    Aug 30, 2016

    i searched for a tutorial for creating my own .ips Patch but i didn't find anything.

    So i hope that there is someon here who can send me a tutorial or explains it here so other Users would profit from that :)

    Lets Say: I want the Cheat "100% Catch Rate" (iknow this patch exists already but i want to learn how to do a complete file on my own.

    1.) How to open a .ips file?
    2.) Do i need the Gameshark Codes or do i have to modify or convert them?
    3.) Where do i set the button combination that have to be pressed to activate the cheat? Or ips always on and i couldn't start/stop it like in the menu of NTR or Gateway? That would be really sad because then it's useless for the project i wanted to start.
    4.) Where do i have to put in the actual code of the cheats? And in which format?

    Hope you can help me with that because if it works like i expect i don't have to wait for Gateway releasing an update.
  2. FAST6191

    FAST6191 Techromancer

    pip Reporter
    Nov 21, 2005
    IPS is just a patching format. It takes changes and applies them to another file. It has no special awareness or nor relevance to any kind of hacking.

    There are many tools to make them is the one I like.

    That said IPS is an awful patching format and worse for the 3ds. I am quite shocked I have seen it used, and it is not a coincidence that the list of things you have to do to make effective use of it is long and tedious.
    First it will need to be applied to the decrypted ROM. This will be the case for all formats though as soft decoding is not an option, and I have certainly not seen anybody implement a means otherwise.
    The size limit is around 16 megabytes (one of the reasons you have to extract existing files in the stuff already out there).
    It does not handle data shuffled around (happens all the time on modern systems, not so much on the NES and SNES where the format rose to prominence).
    There are many more modern methods that I would suggest over IPS. Xdelta ( ) and bsdiff being the big two but there are others that would also work.

    It is always on, or at least I assume none of the CFWs/loaders have implemented soft patching of IPS (smea's HANS stuff is soft replacement but it is not IPS). This does not stop you from coding a button activator of some form into the cheat though, if you can pull off some of the things I am about to cover it should in turn be obvious how to make such a thing.

    --- start of the hacker talk ---

    How to patch a cheat in varies depending upon what it is and how it works. If the cheat attacks the binary in memory (loads of DS ones do this, I have not analysed the 3ds scene much though) then it is simple enough and you just need an uncompressed version of the binary to mod (and it may not even be compressed to begin with). This is about the only scenario in which
    If the cheat edits memory then it gets harder. Older systems have means to hardpatch cheats in (things like GBAATM, GABsharky and DSATM) but nobody has gone there for the 3ds yet. You can still use various means though. There are two main ones

    1) You find the instructions responsible for doing the thing you want changed and change them in turn (turn a subtract from lives counter into an add or something). Hard if there are many things changing it -- the classic thought experiment is to consider all the ways to die in mario and thus all the various ways the lives counter could go down. In the case of always catch there will probably be a long calculation ( ) that ends with a yes or no and you change the result to always be yes or it to always take the yes path.
    1a) For a pokemon hack you could probably also work with the catch rate stuff above to see if you can edit the pokemon to always be caught by simple maths alone. Not a great path for this but still an option.

    2) You make a cheat engine of your own. 1) is the human way of doing it for individual games. Cheat devices will instead attack a routine that runs all the time within a game (typically the vblank interrupt cycle) and insert an instruction to hold a value at a certain value (or maybe something slightly more complex but still stemming from the same thing). This is why infinite life cheats sometimes fail if the amount of damage done is more than max health. Find the vblank routine and a space to crowbar a memory write into it and then you have your cheat. The button activator stuff means rather than a simple write you first check to see if a button is pressed and do the cheat, or you write a cheat active flag to memory after checking buttons and then have a disable command and have the cheat instead check the flag in memory and react accordingly.

    The 3ds offers a slight tweak on 2) here to become like the PC in about 1990 as it is actually a real operating system and halfway modern system design. This means if you can attack the firmware you can have the firmware, which is running all the time on the system, do your dirty work and fiddle with a memory location every so often instead of having to wedge it into the game code. This will require everybody using the hack to have a similar cfw setup where patching the game will merely require them have the option to run a patched game.

    If a cheat edits the save (what the earlier cheat devices on the 3ds did and what a few of other things do on older systems) then there are things you can do to turn it into memory and instruction cheats but that is getting off topic. Short version is you do a tweak on the classic change one variable and scan again cheat finding method. If you want to get really crazy you can edit the save from the game level too.
  3. Sonic Angel Knight

    Sonic Angel Knight GBAtemp Guru

    May 27, 2016
    United States
    New York
    Isn't Xdelta patching better for 3DS anyway? Or anything for that matter? I know IPS exist but it was quite old i think, and mostly used for retro game roms like snes, Gens, and anything cartridge based before 2000. Usually hard to find ips for a NDS rom, nor have i ever found ips for 3DS either.