Anyone interested in cheat trainer prx plugins???

Casavult said:
Thanks bro! Will this work on CEX?
Click to expand...
ahh, no. i can make a new one, if that is what you need. i will write that ebootloader sprx also for ccapi and maybe i will look into using ps3mapi syscalls. there can be no native support for cex, because of used syscalls. maybe that stuff from @3141card, but i haven't looked into it, and i think this will only work for vsh plugins.
 
cool, thanks @kozarovv
have already searched a bit, but nothing found so far. most times i find'em on youtube.

have re-written ebootloader and darksouls prx files. they now should work with ccapi (not confirmed), but you will get no info popup from ebootloader, since ccapi freezes when using these. ebootloader has to be loaded with ccapi from usb and for the trainer plugin you have to edit sprx.txt, which goes to /dev_hdd0/tmp

https://dl.dropboxusercontent.com/u/63377561/Cheats/darksouls_ccapi.zip
 
@haxxxen
It works not only in vsh plugins, i only need it in a plugin to this time. In a normal self psl1ght/$ony SDK it works too.
but against the vsh process(system), you must undo all changes to lv2, or you get a panic + shutdown.

Code: 
/***********************************************************************
* make temp syscall by symbol
***********************************************************************/
static void make_sc(int32_t symbol)
{
    lv2_poke(CODE, (uint64_t)(0x48000000 | ((symbol - CODE) & 0x3FFFFFC)) <<32);  // build b instruction
  lv2_poke(ENTRY, CODE);
  lv2_poke(SC_TBL + (SC_NR * 8), ENTRY);
  sys_timer_usleep(1);
}

/***********************************************************************
* kill temp syscall
***********************************************************************/
static void kill_sc(void)
{
    lv2_poke(CODE, 0);
  lv2_poke(ENTRY, 0);
  lv2_poke(SC_TBL + (SC_NR * 8), 0);
  sys_timer_usleep(1);
}

/***********************************************************************
* a example
***********************************************************************/
int32_t lv2_strlen(const char *str)
{
    make_sc(0x4D668);
    system_call_1(SC_NR, (uint64_t)(uint32_t)str);
    int32_t ret = (int32_t)p1;
  kill_sc();
    return ret;
}

patchs too
Code: 
/***********************************************************************
*
***********************************************************************/
int32_t lv2_get_process_object_entry_and_address_by_id(uint32_t proc_id, uint64_t *obj_addr, uint64_t *obj_entry)
{
    uint64_t org = lv2_peek(0x800000000008B388ULL);            // patch
    lv2_poke(0x800000000008B388ULL, 0x409E0024E80100B0ULL);    // CEX 4.46
    make_sc(0x8B34C);
    system_call_3(SC_NR, (uint64_t)proc_id, (uint64_t)(uint32_t)obj_addr, (uint64_t)(uint32_t)obj_entry);
    int32_t ret = (int32_t)p1;
    kill_sc();
    lv2_poke(0x800000000008B388ULL, org);                      // unpatch
    return ret;
}
 
3141card said:
It works not only in vsh plugins, i only need it in a plugin to this time. In a normal self psl1ght/$ony SDK it works too.
but against the vsh process(system), you must undo all changes to lv2, or you get a panic + shutdown.
Click to expand...
hmm, i have tried to use your process writing method in a game plugin, but it has only frozen on me. maybe i have sth. wrong, so i should give this also another try. thanks for clarifying.

when will that panic occur? i would use it in those trainer game plugins, so i don't have to use ccapi/dex/ps3mapi syscalls.
 
haxxxen said:
ahh, no. i can make a new one, if that is what you need. i will write that ebootloader sprx also for ccapi and maybe i will look into using ps3mapi syscalls. there can be no native support for cex, because of used syscalls. maybe that stuff from @3141card, but i haven't looked into it, and i think this will only work for vsh plugins.
Click to expand...
Yeah, I don't use DEX nor do I intend to use it. Anything for CEX would be appreciated if possible.
 
You must log in or register to reply here.

Similar threads

Back
Top