requirements
- crosshair coordinates
- player coordinates
- an active hook
- controller adress
- some knowledge of mips
first we want to find our controller address if you don't know how to find one heres how.
here are our button values your going to need them to find your controller address.
Select button = 0001
Start button = 0008
Up D-Pad button = 0010
Right D-Pad button = 0020
Down D-Pad button = 0040
Left D-Pad button = 0080
Left trigger = 0100
Right trigger = 0200
Triangle button = 1000
Circle button = 2000
Cross button = 4000
Square button = 8000
EXAMPLE : if you are holding the triangle button the value of the address your looking for will be : 1000
how you find it : hold down a button in the list above make sure your cheat device is on pause game : true then search the value to the right of the button your chose.
(make sure you search in hex)
alternative method : in some game that wont work what you have to do is this, hold a button and search great then let go and search less continue to do this until you only have a few results
notes :
(make sure you search in hex)
(when you are pressing no buttons the value will be "0")
(it dos not matter if the controller address makes you automatically press the button as long as it displays the correct value)
ok now that you have the control address your going to need to find your player and crosshair coordinates.
finding player coordinates : make sure cheat device is on pause game : true. search for an unknown 32 bit value. move your player and search different then move again and search different again. stand still ever once in a while and search same to get rid of junk address's. once your down to 20-100 results add them to your cheat browser. turn on the cheats one by one. the cheat that changes your locations or makes it so you cant walk in a certain direction is your players coordinates.
alternative method : because the method above can take a long time and also give you a lot of unwanted results this method is very popular. jump or go to higher ground a search greater then go lower and search less. repeat until you only have a few address's then copy them to your cheat browser and active at them one by one. then one that locks you in the air is your hight coordinate. because coordinates are almost always located right next to each other all you have to do is copy your hight coordinate in to your decoder to find the x & y coordinates.
notes :
(make sure cheat device is on pause game : true)
(search unknown 32 bit value)
(coordinates are commonly dma so take a ram dump just in cause)
finding crosshair coordinates : search unknown 32 bit value make sure your cheat device is on pause game true. move your cross hair and search different then move it again and search different again. every once in awhile keep your crosshair in the same place and search same to get rid of junk address's.
notes :
(because your cross hair is always in the middle of your screen this method dos not work for some games)
(coordinates are commonly dma so take a ram dump just in cause)
why do you need a hook? : because games skip over nop caves which is where you will be writing your routine your going to need an active "hook" to jump to the start of your routine.
how to find a hook : search "03E00008" it can take a long time, but you can cancel your search almost right away because you will portly already have several thousand results. copy the last 5-20 results and nop them all. if the address freezes it mean you have an active hook.
finding your hooks value : open up ps2dis, go to your hooks address and enter : J$ address of the first line of your routine. (real addressing)
notes :
(if your hook is inactive it will not jump to your routine)
here's the mips template.
(thanks to Brian1337 & 1337 gamer for help)
mips commands for reference
[You must be registered and logged in to see this link.]
hook
lui t0 $ first half of controller (real addressing)
lw t0 $ second half of controller(t0)
addiu t1, zero, $ button value
lui t2 $ first half of crosshair coordinate (real addressing)
lui t3 $ first half your coordinate (real addressing)
bne t0 t1 $ jr ra
nop
lw t4 $ second half enemy player/cross hair ect cord X(t2)
lw t5 $ second enemy player/cross hair ect Y(t2)
lw t6 $ second half enemy player/cross hair ect Z(t2)
sw t4 $ second half your cord X(t3)
sw t5 $ second half your cord Y(t3)
sw t6 $ second half your cord Z(t3)
jr ra
thanks please pm if you have any problems or questions.