Post by: Odb718 on December 06, 2003, 08:18:00 AM
Post by: mastertito4 on December 06, 2003, 09:38:00 AM
Post by: drekkar on December 06, 2003, 03:19:00 PM
I always play my xbox on my computer, and you can easily make screenshots and videos at great quality
Post by: xboxhackern00b on December 06, 2003, 04:15:00 PM
Post by: ThermalCore on December 06, 2003, 06:53:00 PM
If you like the screenshots & want this texture that I, Mallion designed. You can download the RAR file containing the screenshots shown here as well as the PPF file for Sidewinder on the NTSC Xbox version of Halo:
Click Here For CamoGhost.RAR
Post by: Odb718 on December 06, 2003, 09:47:00 PM
Post by: t_rex on December 07, 2003, 12:53:00 AM
| QUOTE (byt3-ra1d @ Dec 7 2003, 03:15 AM) | ||
The DOAXVB screenshot hack was just a screendump that is supported by the nvidia gpu. It isnt really software that takes the screenshot its just software that tells the graphics card to dump the screen and where to put the image dump (along with other things) Shouldnt be hard to get halo to support it, but why? |
The reason why it was possible in DOAXBV was because the creators half-finished a screenshot option then ditched the idea, and someone finished it off in the xbox-saves forums
Post by: XBOX War3z on December 07, 2003, 10:40:00 AM
| QUOTE (t_rex @ Dec 7 2003, 10:53 AM) | ||||
The reason why it was possible in DOAXBV was because the creators half-finished a screenshot option then ditched the idea, and someone finished it off in the xbox-saves forums |
thought it was made by someone else, on another forum, some french guy
and the mod is always avaialble for DOA3 if I'm right
so...
Post by: rob1309 on December 07, 2003, 11:32:00 AM
and like i said last thread, doax may have had one in it but doa3 didnt and yes there's a screenshot mod for doa3 too
framebuffer screens
if there is one for halo, owell looks like no1 will get it
Post by: d3fault_dot_xbe on December 11, 2003, 03:49:00 PM
Post by: rob1309 on December 11, 2003, 05:15:00 PM
| QUOTE (d3fault_dot_xbe @ Dec 11 2003, 07:49 PM) |
| .......ok, this is probably a really stupid idea..... but.... how about making a BIOS that has screen capture built in...??? (kinda like in-game-reset) I KNOW NOTHING about bios's and shit (cuz someone else installed my chip) |
... it's called the debug bios hehe
still sucks that ya gotta use pc to do a screen
and halo just won't load with a debug bios booted
Post by: d3fault_dot_xbe on December 11, 2003, 10:14:00 PM
Post by: xboxhackern00b on December 18, 2003, 03:03:00 PM
| QUOTE |
Patch halo's default.xbe from retail to debug and it works great  |
how would you know ?
Post by: rob1309 on December 18, 2003, 05:19:00 PM
it just won't boot halo along with a few other games
Post by: XBOX War3z on December 18, 2003, 11:02:00 PM
| QUOTE (xboxhackern00b @ Dec 19 2003, 01:03 AM) | ||
how would you know ? |
halo just uses a part in memory which the debug bios also is using so they both crash
only thing you could do is get a real debug halo...
btw did some research and well you could get the screenshot hack in halo
after some searching, but well it's gonna be hard because you actually have
to move the code, so I contacted alucard but he never replied
Post by: Comcipher on December 19, 2003, 01:40:00 PM
Post by: rob1309 on December 19, 2003, 05:06:00 PM
| QUOTE (byt3-ra1d @ Dec 12 2003, 07:17 AM) |
| Patch halo's default.xbe from retail to debug and it works great |
yea where did you get this info?
you haven't actually tried it correct? cuz it won't work, i assure you
Post by: xboxhackern00b on December 19, 2003, 05:36:00 PM
| QUOTE |
; ************************************** ;*** SNAPSHOT MOD for DOAX *** ;*** by Alucard of the Neotaku Boards *** ; ************************************** BITS32 ORG0x10B40 ; Parameters of the framebuffer (depth = 32bits) WIDTHequ768 WIDTH2equ720 HEIGHTequ480 ; NVidia GPU: Framebuffer address NV_CRTC_FB_ADDRequ0xFD600800 ; Addresses of various NT Kernel routines in DOAX's import table NtCreateFileequ0x00239620 NtWriteFileequ0x00239628 NtCloseequ 0x00239634 MmAllocateContiguousMemoryequ0x002396E0 MmFreeContiguousMemoryequ 0x002396B4 ; Address of the pad polling function of DOAX PadPollequ 0x0023308F SnapshotFunc: ; We start by making a copy of all arguments of DOAX's pad polling function popdword [ReturnAddr] popdword [hHandle] popdword [pState] ; Put the args back in place and call the pad polling function ourselves pushdword [pState]; Obviously a structure that contain's the pad's state pushdword [hHandle]; Probably a handle to the pad device callPadPoll ; Put the return address back in place so when we use 'ret' DOAX will continue its ; execution pushdword [ReturnAddr] ; Save all registers pushad movedi, dword [pState] ; Check if START and BACK are pressed. ; This is to avoid taking a snapshot when someone use EvoX's reset function ; (L+R+BACK+START) movax, [edi +4] andax, 0x30 cmpax, 0x30 jne.NoReset jmpExit .NoReset: ; The position of the LEFT trigger is at offset 12 in the pad state structure. addedi, 12 moval, [edi] cmpal, 128 ja.LeftTriggerPressed jmpExitUnlock .LeftTriggerPressed: ; Test our 'previous state', this is used to save only one picture each time ; the LEFT trigger is pressed. xoreax, eax cmpdword [PreviousState], eax je.DoSnapshot jmpExit .DoSnapshot: incdword [PreviousState] incdword [Number] movedi, NumA + 7 xoreax, eax movebx, dword [Number] movecx, 8 movedx, ITOA ConvASCII: moval, bl andal, 0xF moval, [edx + eax] movbyte [edi], al decedi shrebx, 4 loopConvASCII ; Create / Overwrite a file xoreax, eax pushdword 0x00000060; FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_ALERT pushdword 0x00000005; FILE_OVERWRITE_IF inceax pusheax; FILE_SHARE_READ pushdword 0x00000080; FILE_ATTRIBUTE_NORMAL deceax pusheax; NULL pushIoStatusBlock pushObjectAttributes pushdword 0x40000000; GENERIC_WRITE pushFileHandle call[NtCreateFile] ; Allocate two memory buffers pushdword (WIDTH * HEIGHT * 4) call[MmAllocateContiguousMemory] pusheax pushdword (WIDTH * HEIGHT * 4) call[MmAllocateContiguousMemory] pusheax ; Get the framebuffer address from the GPU movesi, dword [NV_CRTC_FB_ADDR] oresi, 0x80000000 ; Make a copy of the framebuffer as fast as we can cli movedi, [esp] movecx, (WIDTH * HEIGHT) repmovsd sti ; Decode the framebuffer callUnSwizzle ; Copy lines from the decode buffer to the final bitmap, cropping to a width of 720 movesi, [esp + 4] movedi, [esp] movecx, HEIGHT CopyLine: pushecx movecx, (WIDTH2 * 3 / 4) repmovsd popecx addesi, ((WIDTH - WIDTH2) * 3) loopCopyLine ; Write the BMP header xoreax, eax pusheax; NULL pushdword 0x36; size pushBmpHeader; buffer pushIoStatusBlock; StatusBlock pusheax; NULL pusheax; NULL pusheax; NULL pushdword [FileHandle]; FileHandle call[NtWriteFile] ; Write bitmap data xoreax, eax movebx, [esp] pusheax; NULL pushWIDTH2 * HEIGHT * 3; size pushebx; buffer pushIoStatusBlock; StatusBlock pusheax; NULL pusheax; NULL pusheax; NULL pushdword [FileHandle]; FileHandle call[NtWriteFile] ; Close the file pushdword [FileHandle] call[NtClose] ; Discard the two buffers call[MmFreeContiguousMemory] call[MmFreeContiguousMemory] Exit: popad ret ExitUnlock: xoreax,eax movdword [PreviousState], eax jmpExit align4 ;VOID UnSwizzle(PVOID Src, PVOID Dest); UnSwizzle: .Bequ0 .Aequ4 .OFFSETequ8 .INDEXequ12 .Lequ16 .Kequ20 .Jequ24 .Iequ28 .SRCequ36 .DSTequ40 subesp, 32 ;a = InBuffer; moveax, [esp + .SRC] mov[esp + .A], eax ;b = OutBuffer + ((HEIGHT-1) * WIDTH * 3); moveax, [esp + .DST] addeax, ((HEIGHT-1) * WIDTH * 3) mov[esp + .B], eax ;index = 0; xoreax, eax mov[esp + .INDEX], eax ;for(i=0;imovdword [esp + .I], HEIGHT / 16 .ILoop: moveax, [esp + .I] oreax, eax jnz.0 jmp.EndILoop .0: ;for(j=0;jmovdword [esp + .J], WIDTH / 64 .JLoop: moveax, [esp + .J] oreax, eax jnz.1 jmp.EndJLoop .1: ;if (i & 1) testdword [esp + .I], 1 jz.2 ;if (j & 1) testdword [esp + .J], 1 jz.3 ;b -= 192; subdword [esp + .B], 192 ;else jmp.2 .3: ;b += 192; adddword [esp + .B], 192 .2: ;for(l=0;l<4;l++) movdword [esp + .L], 4 .LLoop: moveax, [esp + .L] oreax, eax jnz.4 jmp.EndLLoop .4: ;for(k=0;k<16;k++) movdword [esp + .K], 16 .KLoop: moveax, [esp + .K] oreax, eax jnz.5 jmp.EndKLoop .5: ;offset = (((BlockNo[index]&0xFFFFFFFE)>>2) * 256) + ((BlockNo[index]&3) * 16); xorebx, ebx moveax, [esp + .INDEX] addeax, BlockNo movbl, [eax] moveax, ebx andeax, 3 shleax, 4 andebx, 0xFFFFFFFE shrebx, 2 shlebx, 8 addeax, ebx mov[esp + .OFFSET], eax ;index = (index + 1) & 63; moveax, [esp + .INDEX] inceax andeax, 63 mov[esp + .INDEX], eax ;b[WIDTH * -3 * 0 + 0] = a[offset + 64 * 0 + 0]; (0 to 11) movedi, [esp + .B] movesi, [esp + .A] addesi, [esp + .OFFSET] movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb ;b[WIDTH * -3 * 1 + 0] = a[offset + 64 * 1 + 0]; (0 to 11) movedi, [esp + .B] addedi, WIDTH * -3 * 1 movesi, [esp + .A] addesi, [esp + .OFFSET] addesi, 64 * 1 movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb ;b[WIDTH * -3 * 2 + 0] = a[offset + 64 * 2 + 0]; (0 to 11) movedi, [esp + .B] addedi, WIDTH * -3 * 2 movesi, [esp + .A] addesi, [esp + .OFFSET] addesi, 64 * 2 movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb ;b[WIDTH * -3 * 3 + 0] = a[offset + 64 * 3 + 0]; (0 to 11) movedi, [esp + .B] addedi, WIDTH * -3 * 3 movesi, [esp + .A] addesi, [esp + .OFFSET] addesi, 64 * 3 movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb incesi movsb movsb movsb ;b += 12; adddword [esp + .B], 12 ;} (KLoop) decdword [esp + .K] jmp.KLoop .EndKLoop: ;b = b - 192 - (WIDTH * 12); subdword [esp + .B], 192 + WIDTH * 12 ;} (LLoop) decdword [esp + .L] jmp.LLoop .EndLLoop: ;b = b + (WIDTH * 48) + 192; adddword [esp + .B], (WIDTH * 48) + 192 ;a += 4096; adddword [esp + .A], 4096 ;if (i & 1) testdword [esp + .I], 1 jz.6 ;if (j & 1) testdword [esp + .J], 1 jz.7 ;b += 192; adddword [esp + .B], 192 ;else jmp.6 .7: ;b -= 192; subdword [esp + .B], 192 .6: ;} (JLoop) decdword [esp + .J] jmp.JLoop .EndJLoop: ;b = b - (WIDTH * 51); subdword [esp + .B], WIDTH * 51 ;} (ILoop) decdword [esp + .I] jmp.ILoop .EndILoop: addesp, 32 ret align4 ObjectAttributes:; (OBJECT ATTRIBUTES) dd0; HANDLE RootDirectory ddObjectName; PANSI_STRING ObjectName dd0x00000040; ULONG Attributes ObjectName:; (PANSI_STRING) dw31; USHORT Length dw31; USHORT MaximumLength ddFileName; PCHAR Buffer BmpHeader: db0x42, 0x4d, 0x36, 0xd2, 0x0f, 0x00, 0x00, 0x00 db0x00, 0x00, 0x36, 0x00, 0x00, 0x00, 0x28, 0x00 db0x00, 0x00, 0xd0, 0x02, 0x00, 0x00, 0xe0, 0x01 db0x00, 0x00, 0x01, 0x00, 0x18, 0x00, 0x00, 0x00 db0x00, 0x00, 0x00, 0xd2, 0x0f, 0x00, 0x12, 0x0b db0x00, 0x00, 0x12, 0x0b, 0x00, 0x00, 0x00, 0x00 db0x00, 0x00, 0x00, 0x00, 0x00, 0x00 BlockNo: db 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 db18, 19, 16, 17, 22, 23, 20, 21, 26, 27, 24, 25, 30, 31, 28, 29 db33, 34, 35, 32, 37, 38, 39, 36, 41, 42, 43, 40, 45, 46, 47, 44 db51, 48, 49, 50, 55, 52, 53, 54, 59, 56, 57, 58, 63, 60, 61, 62 FileName: db"??D:framebuffer_" NumA: db"00000000.bmp",0 ITOA: db"0123456789ABCDEF" align4 Number: dd0 PreviousState: dd0 ReturnAddr: dd0 hHandle: dd0 pState: dd0 FileHandle: dd0 IoStatusBlock: dd0 dd0 |
im glad we are getting somewhere we CAN do this i have tried contacting alucard to
Post by: xboxhackern00b on December 19, 2003, 08:55:00 PM
WARNING: object_create - '%s' already exists........### ERROR a script tried to delete the player (or the horse he rode in on, or his six-shooter)..the sound '%s' does not exist.......screenshot_size...!.........screenshot_count......!.........player_spawn_count....!....... .framerate_throttle....!....... .framerate_lock....!.......-.debug_framerate...!.......-.display_framerate...8.!.......-.display_vblank_deltas...X.!.......-.display_precache_progress...|.!.......-.debug_game_save...!.........terminal_render...!.........console_dump_to_file......!.........
(or the horse he rode in on, or his six-shooter) is from the MAW
Post by: XBOX War3z on December 19, 2003, 10:19:00 PM
Post by: Corspegrinder99 on December 20, 2003, 09:28:00 AM
Post by: spgurley on December 20, 2003, 09:58:00 AM
Post by: Allister on December 20, 2003, 11:30:00 AM
Post by: spgurley on December 20, 2003, 08:23:00 PM
Post by: spgurley on December 20, 2003, 08:24:00 PM
dont have xdk
if i try to use halo it works perfectly
Post by: XBOX War3z on December 21, 2003, 02:02:00 AM
| QUOTE (spgurley @ Dec 21 2003, 06:23 AM) |
| you would just put the doa code into b40 in halo default.xbe and te screenshot thing would work? if ther was space? or is there comethign im missing |
well you need to change some values but you can find those with dexbe the hardest thing to find is the gamepad routine or something
Post by: xboxhackern00b on December 21, 2003, 11:10:00 AM
Post by: rob1309 on December 21, 2003, 11:24:00 AM
it doesn't work
there's no way in hell it's the debug that's booted
Post by: rob1309 on December 21, 2003, 11:25:00 AM
Post by: xboxhackern00b on December 21, 2003, 01:36:00 PM
Post by: xboxhackern00b on December 23, 2003, 06:19:00 PM