Memory Hacking Software

[esco]

OFF THE CHAIN! It has made my work much easier set let me start by saying great work and thanks. It doesn't seem like you get much recognition for your work so I wanted to drop you some.

Who am I? Well I'm Esco, the head of the castlevania: SOTN hack project!!

/listens and looks... hears just crickets

What? Ya'll never heard of me... well no shock there. Just figured I'd give ya'll a quick laugh.

What I am basically doing is hacking the game castlevania: SOTN inside out. So far I've hacked EVERY equippable thing in the game (head, hands, whatever) to the point where I can pretty much change whatever I want. Same with the enemy data, I can also change what items/relics show up where, what music plays, what voice tracks play where, the shoplist, lock doors and rooms till enemmies are beat, etc. I've even added in a few new things and 2 new elements (wind and stop, for the stopwatch). However I have run into a small problem.

.... okay it's a big one for us. I'm using the EPSXE emulator and it's pec chu cheat device. And the cheat device has a limit of 341 codes it can have active. So what I've been doing is using memhack for all the 8 and 3 type codes (basically write value to address codes), and pec chu for the others. I've looked online for other psx emulator cheat devices.... there basically are none. since pec chu does it all (EXCEPT for this limit which I discovered). And I NEED to find something that let's me do more than 341 codes.

Here's where my question/request comes into play:

1)Is there any way in this world setup a code in here so that if an address has a certain value, it changes the value in ANOTHER address? For example (in cheat device syntax):

d00730b0 0013
d00730b4 0005
d0073865 0001
800730b2 0003
(this means if the value at address 1=13 hex, value at address 2=5 hex, and value at address 3=1 hex, then write 3 hex to address 4)

Basically just like an if then statement in c++... is there a way to do this?

2)If there is not a way to do this.... how hard would it be for the creator of the program to code it in.. so I can request it (I'm sure you get lots of requests to do things and are very busy with real life too, so I wanted to see if there were any other options open to me before I request anything at all)

Anyways, memhack is a great program and has made my life much easier with this project. Work is also progressing much faster for us with it. Can anyone help me out with this, it would make things much easier for the team. Holler back at me, later.

[L. Spiro]

Thank you.

It is good to know some people are getting exceptional use of it.

And the fact is, as you may be able to tell from my work in Perfect Dark, GoldenEye 007, and Final Fantasy VII, this is in fact the very type of hacking this software was made to do.



As for your situation, I have bad news, good news, more bad news, and really good news.


The Bad News:
Memory Hacking Software currently does not have such an advanced locking system as to allow the types of modifications you desire.

The Good News:
Advancements on the locking system are already planning for the next release.
The new locking modes are:

• Exact
  
  • Current type, used to lock a set of bytes to a specific value.
• Range
  
  • The value is allowed to move up and down within a specific range, but not go outside that range.
• Max
  
  • The value is allowed to change but must remain lower than the max.
• Min
  
  • The value is allowed to change but must remain higher than the min.
• Script
  
  • Perform any operation you wish.

It is the last mode that will do what you need.
It allows you to write a script function called when the lock is updated, which then allows you to do anything you desire, whether it be modifying the locking value or modifying any other value in RAM.

More Bad News:
The next version will not be available for over a month.

The Really Good News:
I plan to release a demo of the next version soon, most likely later this week or next week.
As it is just a demo, it will lack the full feature set of the current release, however it will showcase all features related to searching, including the advanced locking system with scripts.
You will be able to use it together with the current release for everything you need.








For my own information, which features have you found most useful and for what?
It will help when I am thinking about new additions to the software.


L. Spiro

[esco]

Hmmm, I never knew you worked on any games at all (though I figured you had). Honestly I found this site from some other obscure dead site by dumb luck. If it wasn't because I got VERY lucky, I would never have known this thing even existed. In fact I don't think most peeps even know it does. You should post up on some other forums too so that your work gets more exposure. Your obviously VERY skilled.

As for what I find useful? Wow, well where to start:

1)The interface is very clean and easy to work with. It isn't stiff like in other programs like tsearch or cheat engine. It also indicates by an icon whether something is locked or not. Makes it much easier to notice.

2)You can lock values in it like a cheat device(definately the best thing).

3)I can not only set a preferred value (so I remember the original) I can still have a seperate value assigned to it. VERY convenient.

4)The code files, when saved are very small, and there doesn't seem to be any sort of limits on the # of codes I can have on (EXACTLY what I need).

5)Group search... makes finding new stuff MUCH easier!

6)The found addresses box is a DREAM come true for people trying to work with graphics frames, since it updates automatically with the game. This is an INGENIOUS feauture. Plus the zero all function can make life much easier too.

7)THE C++ scripting ability..... right now I don't know enough C++ to use this. But once I'm done with my college, I'm sure I'll find LOTS of use for this.

The locking system idea your implementing sounds like it will be a dream come true for us on this project. Especially since I know I use most of the cheat code types. The more options I have the better. Here are the ones that right now I'm using in pec-chu:

Write to: 3/8 type codes... I use memhack for these now.

If then codes: D/E types, when you implement the script in memhack I will be using it for these as well, since it will make life much easier. As long as memhack can handle multiple if arguments I mean (like what I posted in my first post).

Increment/decrement types codes: 1/2 types, I used these mostly when I need to create a timer of some sort, or lower alucards health. For example, in the underground caves if alucard walks in without using the resist ice found after the boss, he takes about 1 hp of dmg per second... and verey other dmg point results into him going into his ice dmg animation. I use a decrementing timer to do this.

Copy bytes code: C2, I haven't used this one much, but it does come in very handy at times.

Serial code: 50 type, I've only used one of these so far. But they make life much quicker in some cases.

This will help us with that HUGE problem of the cheat device limiting our team to 341 codes. I'm curious though.... what exactly will be the limits of the script, and what language exactly will it be in? Or will it be a simple interface that basically I input the address and the value, and the parameter and memhack does the rest?

Also quick note.... there are a few quick things I noticed that might make the program slightly better (I'm pretty sure you've noticed most of these already, but just in case):

*Although I can click on an address to change it's name or value... once I input an address, the only way to change the address itself is to delete it, then go back to insert address. That's a little annoying, but not a big deal.

*Also under the found addresses box there doesn't seem to be a way to highligh and copy several addresses into memhack. Instead I have to click on them one at a time. Definately slows things down.

*Under search there is no option to search for not equal to, like most other memory scanners have (ex. I know the value is not equal to 0, so search for anything else). This could be VERY useful.

*The zero all option.... it would be much more useful if instead the user could pick the value to change all the addresses to. It would also be nice to be able to select only certain multiple values at once, instead of just all of them.

Other than that, program seems great. Just some minor things I figured I'd mention. I do have a quick question though... When I do a text search for text I know is in the game (I've checked with hexworks) it doesn't seem to find it. Even though the lettering is NORMAL in the iso (in other words no (ONSTER type stuff for the word monster) . Why is that?

Anyways, I'm looking forward to your next release for certain... you've done a fantastic job on this thing (much better than those older crappy programs like tsearch) and even the help file is very detailed. Straight up, work of art.

[esco]

Also I think I may have found a small bug... if I do a standard search between 2 memory values, it seems to cut the higher value by 2. so if I search for an unknown value between 5b6e40 and 5b6e48, it will only give me between 5b6e40 and 5b6e46. Thought I should tell you about this.

[L. Spiro]

Hmmm, I never knew you worked on any games at all

My job is to travel the world and make video games.
I have worked on many projects for Vivendi Universal, Ubisoft, and Lucas Arts, including games such as Ghost Recon 2 Online, Petz 5, Catz 5, Dogz 5, Heroes of Might and Magic, 187 Ride or Die, Leisure Suit Larry, and many others.

As long as memhack can handle multiple if arguments I mean

It is the entire C language and more; it can do everything C can do.

I'm curious though.... what exactly will be the limits of the script

None. It is the same script as the one already there, which has no limitations.
The script can do anything C can do.

and what language exactly will it be in?

L. Spiro Script, which is exactly like C.

Or will it be a simple interface that basically I input the address and the value, and the parameter and memhack does the rest?

It is a full language at your command.
You can set the address to 0x0258BC04 on Thursdays and Sundays and 0x005EC00C on every other day.

*Although I can click on an address to change it's name or value... once I input an address, the only way to change the address itself is to delete it, then go back to insert address. That's a little annoying, but not a big deal.

Already fixed in the next release.

*Also under the found addresses box there doesn't seem to be a way to highligh and copy several addresses into memhack. Instead I have to click on them one at a time. Definately slows things down.

Already fixed in the next release.

*Under search there is no option to search for not equal to, like most other memory scanners have (ex. I know the value is not equal to 0, so search for anything else). This could be VERY useful.

Easy to add, but you can also do this in the Script Search.
Even if you are not a coder, you can copy/paste the examples and just perform the correct check (!=).
It will be built into the next release.

*The zero all option.... it would be much more useful if instead the user could pick the value to change all the addresses to. It would also be nice to be able to select only certain multiple values at once, instead of just all of them.

In the next release this button has been replace by “Set Selected To”.
You can select any number of addresses in the Found Address List and then set them all to any value you desire.

When I do a text search […] it doesn't seem to find it. […] Why is that?

There are many factors, some out of your control.
It is possible for the string to be overlapping a chunk boundary, in which case it can not be found by the scanner, because it buffers chunks at a time.

There are a few other possibilities, but the next release uses completely new string searching, so I would wait for the demo and just try again.


The String Search in the next release includes wildcard scans and regular-expression scans, and has options for matching case and matching whole words only. I will post a screen shot later.

Also I think I may have found a small bug

It’s not a bug.
The buffer in your example is 8 bytes long and you are searching for 2-byte values.
That means the last address that can have a value is 6.
If a value is on 7, then one of its bytes is outside the 8-byte buffer.

This hold true for all data types and all sizes.
If you scanned for a DWORD the highest address it could give you would be 5B6E44.


L. Spiro

[esco]

OUTSTANDING! See I told you that you probably already knew about everything I was gonna mention. Your definately on your game.

Thanks for answering all my questions too, it's really appreciated (especially since I'm relatively new to hacking games... even though I've done so much to SOTN). I'll have to take a look at the next release/demo as soon as you put it out there, so I can start putting it to use. I actually was gonna try the c-coding part of the one you have out now, but unfortunately I would have no idea how to do the part that it takes to get it to detect the game/emulator and write the code to it.

Anyways, I can't wait for the next release... it sounds like the script function of freezing values will make life MUCH simpler and definately help with this project. Thanks a lot.