hit tracker

Tutorials and Faqs brainstorm - submit information and opinions here

Discussion in 'Xbox Retro Hacking / Mods & General Discussion' started by dootdoo, Dec 18, 2003.

  1. 0
    0
    0
    mikerowesoft

    mikerowesoft Guest

  2. 3
    0
    0
    Deerpark

    Deerpark Loyal Member

    Joined:
    Oct 3, 2005
    Debug TSR

    In Evox's debug TSR, once a break point is reached what is the easiest way to find the address of the subroutine's caller? I know it's on the stack but how do I look at the stack? Thanks.
     
  3. 0
    0
    0
    dootdoo

    dootdoo Guest

    from my recollection (its been awhile), the tsr doesnt show you esps address. If it DOES, then a db address would show you what is on the stack.

    if you were really in need of finding esp I can think of a slow and painful way to get it. Basically set a bpx wherever you wanted to get esp, and then you could change the op directly in front of it to move esp into eax, and then view the stack to find the address you are looking for, then either fix the instruction, or reboot and go at it again.
    If I misunderstood your question, please repost a clarification :)
     
  4. 3
    0
    0
    Deerpark

    Deerpark Loyal Member

    Joined:
    Oct 3, 2005
    Thanks Dootdoo :)

    Thanks Dootdoo. You're a saint. You answered my question perfectly. I was actually already considering writing a small program to change the op and then fix it automatically. I'll let you know once I make some progress.
     
  5. 79
    0
    0
    stevewassy

    stevewassy Loyal Member

    Joined:
    May 4, 2004
    Home Page:
    http://
    hi just quick question i have a game that has godmode in txt is there a way of getting this to enable also is there any tuts on using xdkassas i get addy for ammo can change in game but does not seem to be right addy how do i trace this

    .text:00038FC7 lea ecx, [esp+24h+var_18]
    .text:00038FCB mov [esp+24h+var_4], edi
    .text:00038FCF call sub_216A0
    .text:00038FD4 push offset aGodmode_on ; "GODMODE_ON"
    .text:00038FD9 lea ecx, [esp+28h+var_18]
    .text:00038FDD call sub_22650
    .text:00038FE2 mov ecx, [esi+30h]
    .text:00038FE5 push 0
    .text:00038FE7 lea eax, [esp+28h+var_18]
    .text:00038FEB push eax
    .text:00038FEC mov [esp+2Ch+var_4], 16h
    .text:00038FF4 call sub_23BCA0
    .text:00038FF9 lea ecx, [esp+24h+var_18]
    .text:00038FFD mov [esp+24h+var_4], edi
    .text:00039001 call sub_216A0
    .text:00039006 push offset aGodmode_off ; "GODMODE_OFF"
    .text:0003900B lea ecx, [esp+28h+var_18]
    .text:0003900F call sub_22650
    .text:00039014 mov ecx, [esi+30h]
    .text:00039017 push 3F800000h
    .text:0003901C lea edx, [esp+28h+var_18]
    .text:00039020 push edx
    .text:00039021 mov [esp+2Ch+var_4], 17h


    any help appreciated thx
     
    Last edited by a moderator: Dec 28, 2005
  6. 50
    0
    0
    8ball

    8ball Loyal Member

    Joined:
    Nov 21, 2005
    Occupation:
    disabled
    Location:
    Atlanta, Ga.
    Hello everyone,
    I've got a question and it probably has been asked, but I have been working on some trainers. Some I have no problem with making the trainer. Baldur's Gate DA2, Frontline, so so forth. The relatively simple ones to get myself going with a little knowledge. But some games lockup when when they start with tsr on debug, I have one that starts then locks up when you go to play, others I just can't connect. The game plays but can't use ett to telnet. I have tried to different patches to see if they would work to no avail. What can i do or use to work around this, I have plenty of time to learn. I'm disabled and have the time to try and invest to help out the scene. Like I said I have created a few trainers and worked on a few more, Maybe just alittle shove in the right direction, But not to hard.
    Any help would be greatly appreciated and hopefully afterwards I would be able to help others!
    8ball
     
  7. 79
    0
    0
    stevewassy

    stevewassy Loyal Member

    Joined:
    May 4, 2004
    Home Page:
    http://
    Been trying xdkass the addys that show up in window what are these i really want to stert making triners as i think you guys are great thx.
     
  8. 50
    0
    0
    8ball

    8ball Loyal Member

    Joined:
    Nov 21, 2005
    Occupation:
    disabled
    Location:
    Atlanta, Ga.
    Can anyone say where to get xbxmdump!
     
  9. 50
    0
    0
    8ball

    8ball Loyal Member

    Joined:
    Nov 21, 2005
    Occupation:
    disabled
    Location:
    Atlanta, Ga.
    How about a better tool, what does everyone use? I think i have everything but this program! Just trying to go by a tutorial, to learn this stuff.
     
  10. 0
    0
    0
    Platty

    Platty Guest

  11. 50
    0
    0
    8ball

    8ball Loyal Member

    Joined:
    Nov 21, 2005
    Occupation:
    disabled
    Location:
    Atlanta, Ga.
    I searched forums I know, but guess forgot to search there, oh well. Anyhow Greatly appreciate you taking the time to respond to my question.
     
  12. 50
    0
    0
    8ball

    8ball Loyal Member

    Joined:
    Nov 21, 2005
    Occupation:
    disabled
    Location:
    Atlanta, Ga.
    tsearch

    Has anyone had the problem where in Tsearch the first search has results but search next always has 0 results, no matter what I do!
     
    Last edited by a moderator: Feb 3, 2006
  13. 0
    0
    0
    pseudodragon

    pseudodragon Guest

    Question and Flirt

    Just began with training yesterday following the BGII Tutorial. No problems making a trainer for the game following the directions. A question on the side though, is there any way to set a value with a trainer (example: Setting Strength defaulted to 250 instead of 12, ect.)? I can of course accomplish it with poke, but that kind of defeats the purpose of trainer making. Sorry if this has been asked before, I did not see a post or tutorial on it.

    For those looking for Flirt, I found it here if it helps:
    http://www.yates2k.net/xbox/xbox_flirt2.rar
    Flirt Signature Xbox 2.0 Final

    thx, Pseudodragon
     
  14. 0
    0
    0
    TheSchonk

    TheSchonk Guest

    In the trainer guide it says (now in IDA pro, click the VIEW-ASM tab, then go to the jump menu, select jump address
    and type in 0002a261.
    ) but were is the view asm-tab in version 4.9? Im new to all this as of today.
     
  15. 0
    0
    0
    biggieandmoe

    biggieandmoe Guest

    just the main window with addresses and op codes like suc, add, xor and others.
     
  16. 0
    0
    0
    TheSchonk

    TheSchonk Guest

    I have the demo version and .xbe xbox executable is not selectable. So which disassembly data base do I use or do I need the non demo version?
     
  17. 0
    0
    0
    TheSchonk

    TheSchonk Guest

    what is op codes, suc, add, xor and others. I recently got the freeware version of ida and there is an option called create asm file. Is that wat I am supposed to select? If someone could walk me through this that would be awesome. If this helps I opened up IDA and selected new(dissemble a new file). Then I open up the .exe file that I exported from the .xbe in CXBX. and this is how far I have gotten.
     
  18. 379
    0
    0
    GLiTcH

    GLiTcH Loyal Member

    Joined:
    Oct 5, 2004
    Home Page:
    http://
    im trying to learn how to make trainers, i need to know what are/is the best bios to use when doing this>?
     
  19. 79
    0
    6
    szalay

    szalay Loyal Member

    Joined:
    Mar 7, 2006
    Occupation:
    Electronics Technician Expert hardware&stuff
    Location:
    HUNGARY
    Home Page:
    http://www.codemasters-project.net/vb/index.php?
    Do You know already which BIOS are a best ?

    cuz I've tried those bios :
    x3_3108
    x2_5035
    Yoshihiro_K2005-final
    cromwell
    M7
    M8
    etc..
    with no lucky, can't connect while running the game. except ETT.

    any idea ?

    thanks in advance .
     
  20. 11
    0
    0
    mlawson3

    mlawson3 Loyal Member

    Joined:
    Sep 1, 2005
    Home Page:
    http://home.cogeco.ca/~cypher369/
    Idea!

    How bout a video tutorial, so process can be seen from start to finish, TXT guides can be a bit confusing at times. :cool:
     

Share This Page