Topic: I Could Really Use Some Help With This (Read 229 times)

grifter66 · « **on:** April 04, 2005, 12:25:00 AM »

I'm just going to make this public because it seems that quite a few people want to know how to do this. besides you wouldn't get something like this from the Evox team all they did was play games with people (Fuck them) I'm going to make this puplic knowledge...The evox team doesn't like this then that's too bad..They had thier chance and all they did was screw people over and play games with them...Well lets see how funny they think this is:

I managed to get my hands on a half assed Instruction manual on how to create Trainers for Evox. Yes actually make the trainers themselves.

Maybe together we can solve this problem of waiting for the Evox team and having them think they are better than everyone. Just because they refuse to share the knowlegde that I've posted below.

Now I can't really make heads or tails out of most of it. Does anyone want to have a crack at it?
____________________________________________________________________

EVOX TRAINER TUTORIAL:

Tools needed:

Computer
Xbox
Latest Evox
CXBX (http://www.caustik.com/cxbx/)
Network connection between xbox and computer
brain

Useful tools:

Ida Pro (any will do, 4.30-current is ideal)

The first step to writing a trainer is to pick a game, just about any game will do,
but its best to start out with something simple, where its easy to tell the values
you are dealing with. It helps if the value is something you can see update, such
as lives or amount of ammo.

I looked back through the games that I've wrote trainers for, and most of them weren't
what I'd call simple, Armed and Dangerous and TMNT (# of continues) were easiest, so lets
try one of those..

After selecting a game get a copy of the xbe onto your computer and load it up in caustiks
CXBX, go to the file menu and say 'export exe' and save it to something like tmnt.exe, now
go to the edit menu, and select the dump xbe info to option, dump it to a file so that you
can cut and paste.

Open the output file up with a text editor (notepad/wordpad) and scroll until you see
something like (from max payne 2):

Dumping XBE Certificate...

Size of Certificate : 0x000001EC
TimeDate Stamp : 0x3FB3F515 (Thu Nov 13 16:18:13 2003)
Title ID : 0x5454000C
Title : L"Max Payne 2"

The part you care about it the title ID, copy that to another text editor window and
be sure to save it, you'll need it to write the trainer.

Now load up the game on your xbox (I will be showing how to do the Continue trainer for TMNT),
telnet to your xbox's ip.. You will see:

RemoteX Debugger V1.1
.

Pick a character, I chose Leonardo..

Hit A until you you see a bunch of the little robot thingies coming at you..

Now look at your status bar, you have health (bar) # of Shurikens, score, and '6' hearts.

type: value 6

The output should look like:

Store Game State in slot 0
...
...
Done.
Slot 0 Val 6
--

Now lose a life, and continue, now on the screen it says '5' so do a value 5 search.
the output should look like:

Store Game State in slot 1
...
...
Done.
Slot 0 Val 6
Slot 1 Val 5
--

repeat the above process again (lose a life and continue) then search for 4..

Store Game State in slot 2
...
...
Done.
Slot 0 Val 6
Slot 1 Val 5
Slot 2 Val 4
(a bunch of crap)

I then wen't back to the title screen (Start) and started playing again, now that my life
count is back to 6, so I do a value 6 search..

Check 83d00000:83f58000
83d03088
83d030d0
83d0343c
83d03444
83d034d8
83d03910
83d0395c
83d08084
83d0842c
83d0c2dc
83d0c2e0
83d0c2e4
83d0c2e8
83d0c2ec
83d0c600
83d0c604
83d0c618
83d0c634
83d0c638
83d0c63c
83d0c670
83d17424
83d1781c
83d814c0
83d81830
83d81c1c
Check 00a80000:00b80000
00b72448
Check 83b34000:83c60000
83b97274
83b99a54
Check 83575000:835b5000

From this I would have to say that only three of these addresses look like good targets,
00b72448
83b97274
83b99a54

The next step is to look at what data is stored there..

so type: db <address> 10
you should see:

00b72448 : 06 00 00 00 0a 00 00 00 00 00 00 00 00 00 00 00 | ................
83b97274 : 06 6a 7e d2 06 6c 81 d2 06 6a 7e d2 07 66 79 d0 | .j~R.l.R.j~R.fyP
83b99a54 : 06 67 79 d2 59 a1 af e2 bf dc e1 f4 ff ff ff ff | .gyRY!/b?\at

From this I would have to say the first one is the best canidate. Most if not all games
for xbox are wrote in C (or C++) and in C a integer (whole number) is 4 bytes long.
Although you can store values in a single byte, unless memory is tight, it is seldom
done (from what I've seen so far).

So now what? Lets see if we can change the value..

type: poke 00b72448 7

! The hearts value went up to 7! We may have the correct address..

Now its time to see. Now we want to see when this value is changed..

so type: bpmb 0 00b72448 w

Now its time to die again. When you hit start to continue the game froze. This is
good, it means this value WAS updated when you continued..

BP 0 @ 0002a261
EAX : 00b72424
EBX : 00000000
ECX : 00000001
EDX : 00000006
ESI : 013bcd24
EDI : d0044df0
EBP : d0044d4c

TMNT hangs after you do a break point (At least it does for me) so just reboot your system
(type reset in the telnet window) or turn the xbox on and off and reload TMNT, and reconnect
with telnet.

now in IDA pro, click the VIEW-ASM tab, then go to the jump menu, select jump address
and type in 0002a261.

.text:0002A250 arg_0 = dword ptr 4
.text:0002A250
.text:0002A250 mov eax, dword_2AA8E0
.text:0002A255 mov edx, [eax+24h]
.text:0002A258 mov ecx, [esp+arg_0]
.text:0002A25C sub edx, ecx
.text:0002A25E mov [eax+24h], edx
.text:0002A261 retn
.text:0002A261 sub_2A250 endp

Look at the instruction before the break, they are moving the value in edx to some memory
location, this is whats updating the value we see on the screen. So where does this edx
value come from?

If you look at the line above that:
.text:0002A25C sub edx, ecx

This means: edx = edx - ecx

if we look back to what our break point said, we see that ecx equals one, so that means its
edx = edx - 1 and since edx equals 6 after the subtraction, that means it was previously 7.

so rewrote in english:

move some address stored at 2AA8E0 into eax
*move the value that is at eax + 24h into edx
move the value (1) that was pushed to this routine into ecx
-subtract ecx from edx and place it in edx
*move edx back to where it came from (eax + 24h)

So we have a few options, we can change ecx to 0, we could not subtract the value, or we
could remove all instructions from the function, or we could just return as soon as we get
to the function.

move some address stored at 2AA8E0 into eax
*move the value that is at eax + 24h into edx
move the value (1) that was pushed to this routine into ecx
*move edx back to where it came from (eax + 24h)

If we remove the subtraction part, we end up moving a value from
eax+24h to edx
then from
edx to eax+24h

That will keep the value the same, so lets do that..

The SUB starts at 0002A25C and ends at 0002A25D so we have to remove two bytes,
the simplist way to do this is to 'NOP' (no operation) the SUB instruction.

so in your telnet window type:

poke 0002A25C 90
poke 0002A25D 90

Now start playing, and try to die, the value should stay the same, and you now have
infinite lives!

grifter66 · « **Reply #1 on:** April 18, 2005, 11:30:00 PM »

All these view and no responses.
Yeah this makes sense...People ask for this stuff but yet when someone posts it nobaody responds....Figures

As you can see there is
1. No explination on to how to use the tool
2. What files you need from a game
3. The source and adress codes on how to locate the source and adress codes for the game you are trying to create a trainer for

These would be a lot more helpful

If this were to be taken one step at a time and have each step discected as (Whoever wrote this) was going along (just like the manual I wrote for how to mod fable) then this would be 98% easier to understand.
If I can do it with a how to modding guide (And I don't really know how to hack all that well) then no one is going to sit there and tell me someone who has massive amounts of hack experience can't create the same type of how to guide.
Give me a break will you......I've disproven this 4 times i wrote all 4 of my guides after everyone (And that's not an exageration either) everyone I talked to about stuff like this said there is no way to write up a guide the way I did it.
So in other words I did 4 times what people said couldn't be done 4 times.

So my record is 100% right and the other peoples are 100% wrong.

So that's why i refuse to listen to anything like this about that it's to complex or that it can't be done....Bullshit I disproved that every single time

This post has been edited by grifter66: Apr 19 2005, 06:43 AM <

Hopeful · « **Reply #2 on:** April 20, 2005, 12:00:00 PM »

One thing that you're assuming wrong is that this is the same type of guide as a simple modding guide. Here is a version dumbed down into how I think most people would read this and automatically interpret it into actions. I believe all credit for this guide goes to dootdoo, though I do not know for sure. There is nothing original in my interpretation. I'm just trying to make it spoon-feed-able. All credit still goes to whoever wrote the guide you posted. The following is that same guide, with some places spoodfed to show how good of a guide it actually is, and how followable and do-able it is.

AHEM!

Grab the Latest Evox
Grab CXBX (http://www.caustik.com/cxbx/). Download the already compiled .exe instead of the uncompiled source code.

Buy Ida Pro, Around version 4.30, if you want to follow the guide exactly and make sure that IDA Pro still has all the functions referenced here.

Pick a game
Start out with something simple, and search for simple values. Don't go after a game that's known to be programmed in such a way that it's a BITCH to search for values.
What's usually the easiest search is something that tends to be in memory with an identical quantity to what you see on the screen, like lives or amount of ammo.

Most games did not have code that was simple to search for values. The easiest ones for beginners to start on to grasp the basic concept before building on talents are Armed and Dangerous and TMNT. Rent or buy TMNT and follow this guide to get experience/ beggining education in this.

Put a copy of the game's .xbe onto your computer

Load up CXBX.exe which is in the precompiled program you should have downloaded.

Load the game's xbe that you put on your computer into CXBX. (File / Open xbe / duh!)

Now go to 'file'. Click 'export exe'. Save the file as tmnt.exe

Go to 'edit' click 'dump xbe info to' click 'file'. Save it as whatever you want to. Boom. Now you have your text (output) file. /Duh.

Open the text (output) file you just made. (With notepad or text pad. Just double-clicking it should do the job)

Do a search for "Title ID"

You should land in a section that has a text chunk comparable to this...

"Dumping XBE Certificate...

Size of Certificate : 0x000001EC
TimeDate Stamp : 0x3FB3F515 (Thu Nov 13 16:18:13 2003)
Title ID : 0x5454000C"

The only part YOU care about is the title ID, copy that number down somewhere to use it in your trainer later.

Load up the game on your xbox (This is a search for continues on Ninja Turtles.),

Find telnet on your computer. Do a search for "telnet.exe'. This is common sense and it's a tool on your computer. If you need help with commands, click 'start' at the bottom left on your computer screen and go to 'Help and Support'. Search for "telnet" and you can find a list of commands if you have no idea how to use telnet.

Run telnet.exe, like dootdoo said, and then type
set NTLM

Then type
open xbox 192.168.0.2

(if 192.168.0.2 is your xbox ip. Substitute whatever your xbox ip is.)

In the telnet window, the text "RemoteX Debugger V1.1" will appear.

Pick a character. Choose Donatello. He'll whoop Leonardo's ass with a stick.

Hit A until you you see a bunch of the little robot thingies coming at you..

Now look at your status bar, you have health (bar) # of Shurikens, score, and '6' hearts.

In your Telnet screen, type
value 6

What pops up (the output) should look like

Store Game State in slot 0
...
...
Done.
Slot 0 Val 6
--

Now lose a life, and continue, now on the screen it says '5' so do a value 5 search.
the output should look like:

Store Game State in slot 1
...
...
Done.
Slot 0 Val 6
Slot 1 Val 5
--

repeat the above process again (lose a life and continue) then search for 4..

Store Game State in slot 2
...
...
Done.
Slot 0 Val 6
Slot 1 Val 5
Slot 2 Val 4
(a bunch of crap)

Go back to the title screen (Start) and start playing again, now life count is back to 6, so

type in
value 6

Paraphrase:"Something like the following popped up in my case"

Check 83d00000:83f58000
83d03088
83d030d0
83d0343c
83d03444
83d034d8
83d03910
83d0395c
83d08084
83d0842c
83d0c2dc
83d0c2e0
83d0c2e4
83d0c2e8
83d0c2ec
83d0c600
83d0c604
83d0c618
83d0c634
83d0c638
83d0c63c
83d0c670
83d17424
83d1781c
83d814c0
83d81830
83d81c1c
Check 00a80000:00b80000
00b72448
Check 83b34000:83c60000
83b97274
83b99a54
Check 83575000:835b5000

From this I would have to say that only three of these addresses look like good targets,
00b72448
83b97274
83b99a54

Do not ask why because you probably would not be able to grasp that. Just try to get the feel for it. It was probably just intuition / a feel for finding the right ones based on experience, anyway.

The next step is to look at what data is stored there..

so type: db <address> 10
in this case, you would type
db 00b72448 10
since that's the first promising address to try.

This should produce the text:

00b72448 : 06 00 00 00 0a 00 00 00 00 00 00 00 00 00 00 00 | ................
83b97274 : 06 6a 7e d2 06 6c 81 d2 06 6a 7e d2 07 66 79 d0 | .j~R.l.R.j~R.fyP
83b99a54 : 06 67 79 d2 59 a1 af e2 bf dc e1 f4 ff ff ff ff | .gyRY!/b?\at

From this I would have to say this first try is the best canidate. This is a concept you are trying to grasp of how to recognise what look like the best values. It is not really explained in logic, but just try to get a feel for it by observing this example.

"Most if not all games
for xbox are wrote in C (or C++) and in C a integer (whole number) is 4 bytes long. Although you can store values in a single byte, unless memory is tight, it is seldom done" (from the experience of the person who wrote the guide you posted)

Try poking the value now and seeing if it changes.

In the telnet window, type
poke 00b72448 7

! The hearts value went up to 7! We MAY have the correct address..

(A lot of reasons could make it not be the address that works in a trainer.)

Now its time to verify the address. Let's see see WHEN this value is moving.

Type (In the telnet window, of course)
bpmb 0 00b72448 w
This sets a breakpoint. If you don't know what that is I'm not explaining. Research it yourself. It's kind of a marker for when the value moves, from what I understand.

Die again. When you hit start to continue the game froze. This is
good, it means this value WAS updated when you continued.. (Because as is explained later, this particular game freezes when a breakpoint is hit.)

Obviously, this is the resulting output text that comes up.

BP 0 @ 0002a261
EAX : 00b72424
EBX : 00000000
ECX : 00000001
EDX : 00000006
ESI : 013bcd24
EDI : d0044df0
EBP : d0044d4c

TMNT hangs after you do a break point (At least it does for me) so just reboot your system
(type reset in the telnet window) or turn the xbox on and off and reload TMNT, and reconnect
with telnet.

Load up IDA pro
click the VIEW-ASM tab
click the jump menu
select jump address
and type in 0002a261.
(The address that came up at the breakpoint.)

You will see the following text:

.text:0002A250 arg_0 = dword ptr 4
.text:0002A250
.text:0002A250 mov eax, dword_2AA8E0
.text:0002A255 mov edx, [eax+24h]
.text:0002A258 mov ecx, [esp+arg_0]
.text:0002A25C sub edx, ecx
.text:0002A25E mov [eax+24h], edx
.text:0002A261 retn
.text:0002A261 sub_2A250 endp

"Look at the instruction before the break, they are moving the value in edx to some memory
location, this is whats updating the value we see on the screen. So where does this edx
value come from?"

***If you're struggling with this concept it can not be explained in baby steps. We're dealing with programming code here. That's just the complex nature of it.

"If you look at the line above that:
.text:0002A25C sub edx, ecx

This means: edx = edx - ecx

if we look back to what our break point said, we see that ecx equals one, so that means its
edx = edx - 1 and since edx equals 6 after the subtraction, that means it was previously 7."

***Same as above.

so rewrote in english:
(What this means, broken down as simple as possible, but it is still not going to be simple enough for some people. This is what is happening in the program chunk there, which is what you're looking at when making trainers. Read below and tell me if you still think it can be broken down into simple terms.)

"move some address stored at 2AA8E0 into eax
*move the value that is at eax + 24h into edx
move the value (1) that was pushed to this routine into ecx
-subtract ecx from edx and place it in edx
*move edx back to where it came from (eax + 24h)"

"So we have a few options, we can change ecx to 0, we could not subtract the value, or we
could remove all instructions from the function, or we could just return as soon as we get
to the function."
(That is as simple as that part's going to get.)

move some address stored at 2AA8E0 into eax
*move the value that is at eax + 24h into edx
move the value (1) that was pushed to this routine into ecx
*move edx back to where it came from (eax + 24h)

If we remove the subtraction part, we end up moving a value from
eax+24h to edx
then from
edx to eax+24h

That will keep the value the same, so lets do that..

(The above few chunks of information is what I'm talking about, on trainer making. You can follow the steps perfectly fine, and they're layed out easily enough that you can make this particular trainer. The problem is that it takes that type of complex and clear mathematical/programming reasoning skill to understand and interpret how to search for your own trainer values. If you can not understand and absorb the actual dynamic of logic that he is using, which is not the simplest thing in the world yet is required here, then you will not be very successful at learning how to make trainers unless you just get better at that.)

The SUB starts at 0002A25C and ends at 0002A25D so we have to remove two bytes,
the simplist way to do this is to 'NOP' (no operation) the SUB instruction.

(Don't ask me why I remember this, but the value for NOP'ing an instruction is 90. So at the addresses of the instructions you want to put a NOP (no operation) on, you have to type the address followed by 90 in telnet.)

so in your telnet window type:

poke 0002A25C 90
poke 0002A25D 90

Now start playing, and try to die, the value should stay the same, and you now have
infinite lives!

This post has been edited by Hopeful: Apr 20 2005, 07:11 PM <

grifter66 · « **Reply #3 on:** April 20, 2005, 07:46:00 PM »

Yeah that did a lot of good hopeful. All you did was repost what I had to begin with
You still don't get it yet do you:

I know that I can write a guide for this so that anyone reading it can create a trainer even with no programming experience.

I have more experinece in helping and writing this than you know so i'll post some of them for you to see that i'm not some idiot who like to complain...I know what I'm doing
Lets see heer is my track record for doing thisngs that people said couldn't be done:

1. I created a full blown Walkthrough for resident evil's Leech Hunter
Even though everyone in existence (Including tHh people who made the game and wrote the strat guide said it couldn't be done) I still did this

2. I write guides for this stuff all the time. I even worte out a 5 step guide on how to use evox dashboard
Again People said this was inpossible to do...But if it were imppossible then how come I did it?

3. A guide to modding fable..
I wrote out 3 guides for this and combined it into one guide including a section with how to use thier tools that they made.
When people asked for a how to everyone said it was too complex to explain or write a basic how too (And this came from the people who made this stuff) But once again I did that too

4. I wrote out a simple guide to FTPIng things to and from your X-BOX using Flash FXP Not that this couldn't be done already but I wrote it so that anyone could follow it (In other words I just made it simpler to understand)

5. I have hacked a universal; joker command code that works with almost every single American GBA game in existence

6. I hacked PSX version of Diablo so now I have the entire games programming code lines at my disposal

7. I rewrote the fable instruction manual and added everything in it that wasn't there and fixed all the stuff that there wasn't an explination for

8. I rewote the MK Trilogy Guide (this one tool 6 months to do)

9. I rewrote the entire guide to MK Deception

10 I hacked and had to fix all 128 Game Shark crate slots modifier codes for PS2's Resident Evil Code Veroinica when it was first released because Game Shark.com screwed them all up

11. I Hacked warp codes for GTA III on PS2

12. I hacked the X-Box version of GTA III and have been being asked for them left and right I even helped someone hack Vice city for the X-box

I have a few more things that I did that I can't quite remember off the top of my head

But do you see a pattern that emerges here

You want to try me with the evox trainer guide....
I'll bet you any amount of money that if you work with me so that I can create just 1 or 2 trainers that I can rewrite that whole guide so that anyone reading it can create a trainer witht hte info that I give them.
As I've said before Just take a look at how my Fable modding guide is and you'll see that I can break anything down like that (Even what people deem impossible)

So I'm willing to work with you if you want to give me the benefit of the doubt and trusdt me when i say I can do this.....Granted it may take me a while to get this but in the end it will be done...I'm so sure of myself that I can put a 200% guarentee on it.

One final note: I just ahve a way of being able to explain the most complex stuff in laymans terms....That's just a talent I have I can do what other can't.

So what do you say are you up to this Y/N?

This post has been edited by grifter66: Apr 21 2005, 03:01 AM <

Hopeful · « **Reply #4 on:** April 21, 2005, 04:03:00 AM »

QUOTE

Yeah that did a lot of good hopeful. All you did was repost what I had to begin with
You still don't get it yet do you:

I know that I can write a guide for this so that anyone reading it can create a trainer even with no programming experience.

I have more experinece in helping and writing this than you know so i'll post some of them for you to see that i'm not some idiot who like to complain...I know what I'm doing
Lets see heer is my track record for doing thisngs that people said couldn't be done:

Siiiiiiiiiiiiiiiiiiigh
:rolleyes: :rolleyes: :rolleyes: :rolleyes: :rolleyes: :lol:

Nah man. Nah, YOU actually probably CAN"T write a guide for this. You can't even understand it because this simple guide is too complex for you, and if anything is left misinterpretable as something simpler you will continuously DO THAT instead of any actual exploring. I believe this kind of thing is what you are interpreting as people saying "that can't be done". I don't think they mean that the task is impossible, as all of the things you achieved are simple and not at all difficult to pull off, but they just don't see it possible that YOU in particular are going to write something legible. I have seen some of your guides and I second that notion, sorry to say. Can I get a "hell yeah" from somebody else?

QUOTE

1. I created a full blown Walkthrough for resident evil's Leech Hunter
Even though everyone in existence (Including tHh people who made the game and wrote the strat guide said it couldn't be done) I still did this

2. I write guides for this stuff all the time. I even worte out a 5 step guide on how to use evox dashboard
Again People said this was inpossible to do...But if it were imppossible then how come I did it?

3. A guide to modding fable..
I wrote out 3 guides for this and combined it into one guide including a section with how to use thier tools that they made.
When people asked for a how to everyone said it was too complex to explain or write a basic how too (And this came from the people who made this stuff) But once again I did that too

4. I wrote out a simple guide to FTPIng things to and from your X-BOX using Flash FXP Not that this couldn't be done already but I wrote it so that anyone could follow it (In other words I just made it simpler to understand)

5. I have hacked a universal; joker command code that works with almost every single American GBA game in existence

6. I hacked PSX version of Diablo so now I have the entire games programming code lines at my disposal

7. I rewrote the fable instruction manual and added everything in it that wasn't there and fixed all the stuff that there wasn't an explination for

8. I rewote the MK Trilogy Guide (this one tool 6 months to do)

9. I rewrote the entire guide to MK Deception

10 I hacked and had to fix all 128 Game Shark crate slots modifier codes for PS2's Resident Evil Code Veroinica when it was first released because Game Shark.com screwed them all up

11. I Hacked warp codes for GTA III on PS2

12. I hacked the X-Box version of GTA III and have been being asked for them left and right I even helped someone hack Vice city for the X-box

All of those are simple and some of those are kind of sad. You're lucky that you've only come accross the simplest of challenges. Trainers are not simple like that. Again, don't bring up that "people thought it was impossible but I climbed that mountain" shit, because ALL of that stuff is comparatively so simple next to xbox trainer making that the closest thing you have written down is like 10 times simpler. (The simple level GBA Gameshark shit. Of COURSE joker commands are universal, turkey. They're the button values for the hardware itself. That's not going to change from game to game and that is common sense.)

Plus, you weren't really climbing any mountains. All those 'hacks' that you're talking about look like nothing more than the simplest of gameshark level value changes, mostly based on the work and discoveries of other people. Based on experience of you here, I can see that other people thought it was impossible for YOU to write a legible guide if you couldn't even understand anything, and for the most part you didn't really prove them wrong. Shit, if you'd proven ME wrong, I would have sent you a response saying "grifter, man you sure showed me." So would other people. Now you know why they don't. Sorry to say it.

You need to work on understanding people who explain things in a different way than you. This is a social skill that almost everyone makes themself have and understands is necessary in life. You're not helping other people who hide in corners by encouraging them to harass people into writing guides so anal retentive that they're built for one-track-fuckwits. People don't talk as if every single explainatory word will be their last, and they are that much more stress free and happy for it. Would you rather never ever get a woman or friends, or never stress yourself out to write that next lame, simple, narrow-minded guide you're planning? Yeah other people will be content to let you rot to death in a hunched over, stressed out daze in front of the computer screen, but are you going to rise to the challenge and defeat yourself before you beat the shit out of your own life?

QUOTE

I have a few more things that I did that I can't quite remember off the top of my head

But do you see a pattern that emerges here

Yeah, I do.

You need to like, get a soothing cream for that or heal it somehow. Do exercises, or take up swimming or something. Anything to get your mind off it. Maybe that will take care of that for ya.

QUOTE

You want to try me with the evox trainer guide....
I'll bet you any amount of money that if you work with me so that I can create just 1 or 2 trainers that I can rewrite that whole guide so that anyone reading it can create a trainer witht hte info that I give them.
As I've said before Just take a look at how my Fable modding guide is and you'll see that I can break anything down like that (Even what people deem impossible)

So I'm willing to work with you if you want to give me the benefit of the doubt and trusdt me when i say I can do this.....Granted it may take me a while to get this but in the end it will be done...I'm so sure of myself that I can put a 200% guarentee on it.

I just ahve a way of being able to explain the most complex stuff in laymans terms....That's just a talent I have I can do what other can't.

So what do you say are you up to this Y/N?

Of course I say a resounding "fuck no". I gave you simple point and click instructions on all but the mathematical formulas. You can not simplify mathematical equations down simpler than their structures. They are already bare-boned numbers and structures of action. Video games take a long time to program because the math and movement of values in them are, on a fundamental level, ridiculously complex. I'm not sure how I can put this any more simply than, "You can only simplify something down to its fundamental level and no futher." That complexity of action is what makes the game so fun to play - all the shit that you can do and all the values that change and the way that they attach it to a story and action. You even insulted dootdoo, probably the most contributing and talented person in this area, because he didn't write his guide idiot proof enough for YOU to understand. I can not respect that. You have proven to be pretty impossible to teach anything halfway-complex to even in the most broken down of ways, and pretty anal-renentive, volatile, depressed, respectless and self-assuming. I'm sick of getting bogged down in this pointless shit trying to help you have a decent day. Whatever, I'm done, man. I'm off to have fun and actually comminucate with people instead of haggling over syntax.

One last thing.

QUOTE(paraphrase)

I just have this amazing talent of explaining genius level shit in laymans terms....That's just a talent I have, being able to do things that no one else can. Being able to go where no man has gone before me.

...

This post has been edited by Hopeful: Apr 21 2005, 11:06 AM <

grifter66 · « **Reply #5 on:** April 21, 2005, 05:08:00 PM »

I never said that Math could be broken down easier and it's obvious that I can't follow the wayt eh guide is written. But as for you saying that it can't be broken down any mipler than it already is.....Is in correct and I can prove it you just refuse to give me a chance...I'm still willing to go through with my half.

I guess your afraid of being proven wrong then...Either that or your not as sure of yourself as you think you are....You can say that it can't be done all you want but I know that I can do this. So you still want to say no then that's fine but until you actually have the written proof in front of you then stop sayingt hat somthing this complex can't be broken down.

Oh yeah one final note, I never even got that guide from an evox team member, I actually got it from someone else outside the team <

roofus · « **Reply #6 on:** April 22, 2005, 05:48:00 AM »

No, I agree with Hopeful. He's saying it can't be put simpler because that guide, as it is, is very specific (a bit too specific). It will help a slightly intelligent person make a basic trainer. To make a real trainer, you will have to really learn x86 assembly and the art of reverse engineering, which really can only be gained through experience.
I know you didnt get that guide from an evox team member because they knew that for people who already knew what they were doing in the scene, the header definition that Evox is expecting is all that is necessary for making the trainer; the rest is up to the coder.
What you are venturing into is an area that requires immense expertise in the area of reverse engineering, and your previous hex editing work just isnt going to cut it.

To summarize, here is your guide:

1. Get an assembly book (online or at a bookstore).
2. Learn assembly.
3. Get a good disassembler (Latest IDA Pro has a native XBE loader, but if you want to use a disassembler that does not support XBEs CXBX will kindasorta convert it to an exe that works with them. Also, if using IDA, you will want the XBOX FLIRT 2.0 commonly available(google).
4. Learn patience, and the art of disassembly.
5. Either using a deadlisting or any form of runtime debugging (Evox Debug TSR works), find the code that modifies the variable you want to hack, and see what is necessary to rewrite it. Do a test of your modified executable.
6. Find what areas of the xbe you modified, see what conditions need to be met for your trainer to work (optional, but good coding practice if you dont want angry emails from people complaining it doesnt work) and write a program in assembly that modifies those areas.

Doesn't get much simpler than that.

As for the Evox team, they don't think they're better than everyone, but they know they are better than someone. A certain base level of knowledge is assumed for their intended audience. If you don't know how to do the above, start there first.
<

Hopeful · « **Reply #7 on:** April 22, 2005, 08:46:00 AM »

QUOTE(roofus @ Apr 22 2005, 10:43 AM)

No, I agree with Hopeful. He's saying it can't be put simpler because that guide, as it is, is very specific (a bit too specific). It will help a slightly intelligent person make a basic trainer. To make a real trainer, you will have to really learn x86 assembly and the art of reverse engineering, which really can only be gained through experience.
I know you didnt get that guide from an evox team member because they knew that for people who already knew what they were doing in the scene, the header definition that Evox is expecting is all that is necessary for making the trainer; the rest is up to the coder.
What you are venturing into is an area that requires immense expertise in the area of reverse engineering, and your previous hex editing work just isnt going to cut it.

THANK YOU!

Writing trainers is not a thing that you *do* simply as downloading a few apps and learning the 'method'. That's why it's not possible to write an idiot's guide to it. It's using programming knowledge to search for how stuff is coded into a game, by using simple tools sure, but the actual thing being done is using programming knowledge to search for types of value change and memory 'pushes'. THAT is what I was trying to drive home. Thank you man, you helped me get that thought accross.

Trying to learn trainers is more like trying to learn dentistry than trying to learn 'cooking a turkey'. You can gain a dumb proficiency at using the tools all day long, but understanding the complex mathematical thing that you are examining is the core of the skill. You can't simplify that down into a quick beginners guide any more than you can simplify every aspect of the mouth, teeth, and throat down into an "immidiate guide to pulling off dentistry by using the tools right". <

roofus · « **Reply #8 on:** April 22, 2005, 03:52:00 PM »

On a final note, knowing that it will take you some time to learn reverse engineering, this may not be a project you would want to take on. I released the resigning info for the NTSC Xbox GOTY edition of Morrowind, and the original Morrowind resign info is also already freely available (I can repost it if you cant find it).

Bust out your hex editor, pop open a save, and get hackin, then use XSavSig (with my entry added to the resign.ini file) to resign the save so Morrowind will not complain it is corrupted. If you don't know how to use XSavSig, there are tutorials and you can ask on the xbox-saves.com forums. If you are searching for the program, you'll want xsavsig005.zip.

Also, if you had the PC version at anytime, its as easy as taking your PC savegame, and resigning for use with the Xbox. <

grifter66 · « **Reply #9 on:** April 23, 2005, 09:40:00 AM »

Hopeful

I think Your misunderstanding what i'm getting at

You both are 100% correct on the math aspect of this someone can't deny that. And I never said the math Part can be broken down any easier. And I don't disagree with that part.

However you can explain something to people without having to have them know math. All you need to do is explain to them that this is what you need, this is where it goes and this is what should happen or happens when it goes where you put it. And if this shows up then you need to do this......

I don't care who you are no one upon no one is going to tell me that instructions like this cannot be written for something like this in this mannor (This is what I was reffering to when I said I did what people couldn't be done)

But
Nevermind You people don't get it becuase you keep implying that I have to write the guide according to how YOU think it needs to be written. Not to how I'm actually going to write it.

You haven't even given me the chance to do so. Instead you keep assuming and have it set in your head that iot's as simple asit can get. But as long as you keep thinking that you'll never get anywhere.

I know for a fact that it can be re-written with an easier explination and without a mathmatical explination. Math has nothing to do with how I write my guides and you also don't need to knmow math in order to understand the way I write and of my guides.

I never said that I was going to rewrite it so that people could understand the math. i simnply said I was going to break the guide down into a furthur easier to FOLLOW GUIDE.

This is the same as reading the instructions on how to program a DVD player.
You don't need to know math to do that you just need to know what buttoms to push and what's happeneing when you do so and what the purpose is to doing so.
All that doesn't require any bit of math whatsoever.
And this trainer guide is the same way.

It's just like the way I wrote The how to hex edit the Morrowind.xbe file

It helps if you know math but not neccessary
if someone writes a guide just telling people if you follow these steps and what you wind up seeing, then there is no reason why someone can't follow that.
it doen't matter if they understand why it's doing it or what's causing it, (That would be next to impposible to explain)

But for now what I said above holds true 100%
<

roofus · « **Reply #10 on:** April 23, 2005, 02:36:00 PM »

Hrmmmmm I thought this was over.

Okay, let me put it this way. We do know what you want to do, and that it is possible to write your kind of tutorial (a step by step guide to something that has already been done).

However, there is no Morrowind trainer out there right now. Nobody ever bothered to write one because they decided to either a) play the game! or b) hack the savefile. Thus, if you wanted to write a guide on making an Evox trainer for Morrowind, it would probably be a good idea to write one first!

Even when you find what areas of the XBE you want to hack (what instructions modify variables you want for infinite health, startup values for new characters, etc) you will still need to learn x86 Assembly to be able to write the trainer itself. You don't know x86 assembly (no, x86 assembly is not Math), so until you learn it, you will not be able to make a trainer.

How can you guide someone when you've never been there yourself?

And look at it this way: Even if you DID write the trainer, the guide would either be this:
Take my new morrowind_trainer.etm and put it in your trainers folder on your xbox. Set the Debug TSR to normal, restart evox, select options in my trainer and play Morrowind!
Or this:
Take this assembly code <code here>, put it into a text file, assemble it with NASM, rename the output to morrowind_trainer.etm, follow above steps to put it on the xbox!
Do you see my point yet? You don't have the trainer, you don't have the code, you don't know how to write either! It's not going to happen!

This post has been edited by roofus: Apr 23 2005, 09:42 PM <

grifter66 · « **Reply #11 on:** April 23, 2005, 02:07:00 PM »

I knew this was missing something...however theer is still a few things missing

QUOTE

(no, x86 assembly is not Math), so until you learn it, you will not be able to make a trainer.

I thought you both said that the manual tells you everything you need to know......

The manual didn't say that you needed to know x86 assembly in order to make trainers....and it should have.

and since the manual never mentions that you need to know this, that backs up my point about the manual not being complete.

If you want to see a complete manual, then I suggest you look at my idiots guide to modding fable manual. Every single question that can be asked has an answer too it. That's why out of over 400+ downloads, not one question has been asked about how to use anything in that manual.
The way I wrote that is the way a manual should be written.

What was the one of the first things I said that this manual should tell you:
I said that this manual should tell you everything you are going to need first in order to make trainers.

I have been saying it in how many replies now

Again you can't throw a manual up, and just assume people will say gee you know even though I have no idea what any of this means or how to read it, but yet some how I automatically know that I need x86 in order to create trainers.
____________________________________________________________________
That's why I brought up the turkey situation...Almost any cookbook is going to tell you everything you need first beofre you start

It's like when I wrote my idiots guide to modding fable. One of the first things I put in the manual was this:
If you have downloaded this it is assumed that you have (And I proceeded to name everything that was needed) and that if you didn't have everything on the list I made, then you are going to have a problem. And I also gave the links in where to obtain the stuff just in case someone didn't have what was needed they at least knew where to get it.
___________________________________________________________________
So again I rest my case on that part of it being able to break something down simple. This is the stuff I'm talking about

roofus · « **Reply #12 on:** April 23, 2005, 05:59:00 PM »

Okay, I suppose they should have strapped a book on x86 assembly code to the guide. Without that, it is obviously incomplete. You are correct.

So let's get to work on your Idiot's guide to writing trainers then, shall we? Why don't we start with simplifying assembly language to a level a complete idiot could understand? Google "assembly language tutorial", read through it (shouldn't take more than 5 minutes tops). Now, simplify the hundres of pages of text there for basic assembly language proficiency into a paragraph.

Maybe you will find that there are some things in the computing world that aren't so simple an idiot could understand just by reading an all-encompassing guide. Maybe you might find that there is a reason some people go to college to learn this stuff, and get paid reverse engineering and programming for a living. Maybe you will find that like art, writing a trainer is something than can only be done with a bit of a knack, and experience.

Maybe I'm just a little too Hopeful.
On second thought, Hopeful lost all hope four posts ago.
<

grifter66 · « **Reply #13 on:** April 24, 2005, 06:26:00 PM »

At what point did I ever say that you can break down computer programming and math.....I know that this is next to impossible to do and asking someone to do that is just outright absurd.....

I end this now by saying this.

The first thing in that manual should be a list of what you need and need to know. The the links should be given out or the place where to get the info should be listed....
The second thing should say unless you know and have everything on the list then don't proceed.

As you can see I broke that down in 2 very simple and easy to understand sentences.

This stops any questions that could be asked about this.

That is my whole point to what I was getting at about breaking things down simpler

I said in 2 sentences what it took you people at least 5 posts and about 12 replies

When that's all that needed to be said.

So as you can see I did what you said couldn't be done.
I told you I was 200% sure of myself on this and now you can see the written proof in front of you. Which are those 2 sentences.

THANK YOU AND HAVE A NICE DAY!

very simple <

grifter66 · « **Reply #14 on:** April 25, 2005, 05:26:00 AM »

QUOTE

I know you didnt get that guide from an evox team member

I never said I got the guide from an evox team member. I said I got it from Someone who wasn't on the team.

and if I did say I got it from a memeber of the evox team then that is not what I meant...So again just to clarify this I GOT THAT MANUAL FROM A MEMBER ON THE EVOX SITE AND NOT FROM ANY EVOX TEAM MEMBER THEMSELF.

Unless you were just recaping smething I said earlier and I'm mis informed on why your saying it.

But either way it should now be clear on where I got that manual.

BTW,
I wasn't looking for a Morrowind trainer or trying to want to create one either.
I was just looking to create trainers in general.

It was mentioned at least 2-3 times that a Morrowind trainer couldn't be made. One of the reasons said is because it would lock up.

This post has been edited by grifter66: Apr 25 2005, 12:35 PM <

Author Topic: I Could Really Use Some Help With This (Read 229 times)