Post: How to call GSC Functions on MW3 and how to do "weapon_fired" and PlayerCMD_IPrintin
Options
04-25-2015, 09:25 PM
#1
lutsch1234
Bounty hunter
Credit goes to Ethernet, Shark, SyGnUs.
I had a hard time to get this working but at the end i found a way to get it working so lets get started.
Things you Need:
[/CODE]
Headers
//Global Headers
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <stddef.h>
#include <string.h>
#include <sys/prx.h>
#include <sys/syscall.h>
#include <sys/ppu_thread.h>
#include <sys/sys_time.h>
#include <sys/time_util.h>
#include <assert.h>
#include <sys/process.h>
#include <sys/memory.h>
#include <sys/timer.h>
#include <sys/return_code.h>
#include <sys/prx.h>
#include <sys/types.h>
#include <math.h>
#include <fastmath.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <stddef.h>
#include <string.h>
#include <fastmath.h>
#include <cellstatus.h>
#include <sys/prx.h>
#include <sys/timer.h>
#include <sys/syscall.h>
#include <sys/ppu_thread.h>
#include <cell/sysmodule.h>
#include <sys/ss_get_open_psid.h>
#pragma comment(lib, "sysmodule_stub")
#include <math.h>
#include <cell/pad.h>
#include <stdio.h>
#include <stdlib.h>
#include <string>
#include <sys/random_number.h>
#pragma comment(lib, "c")
#include <sys/memory.h>
#include <cell/cell_fs.h>
#pragma comment(lib, "fs_stub")
#include <fastmath.h>
#include <sys/process.h>
#include <ppu_intrinsics.h>
Offsets + Structures
#define TOC 0x72DCE8
enum Address {
SL_ConvertToString_a = 0x210FE0,
Scr_Notify_a = 0x1BB1B0,
Scr_ClearOutParams_a = 0x218414,
Scr_AddInt_a = 0x221A58,
Scr_AddFloat_a = 0x221B48,
Scr_AddString_a = 0x222120,
Scr_AddEntity_a = 0x1BACC8,
Scr_AddVector_a = 0x222444,
gentity_s = 0xFCA280,
gentity_s_size = 0x280,
gclient_s = 0x110A280,
gclient_s_size = 0x3980,
};
struct opd_s {
unsigned int sub;
unsigned int toc;
};
struct scr_entref_t
{
unsigned short entnum;
unsigned short classnum;
};
struct VariableStackBuffer {
const char *pos;
unsigned short size;
unsigned short bufLen;
unsigned int localId;
char time;
char buf[1];
};
union VariableUnion
{
int intValue;
float floatValue;
unsigned int stringValue;
const float *vectorValue;
const char *codePosValue;
unsigned int pointerValue;
VariableStackBuffer *stackValue;
unsigned int entityOffset;
};
struct VariableValue {
VariableUnion u;
int type;
};
#endif
Functions
opd_s ParseAddr(int Address);
const char* SL_ConvertToString(int stringValue);
void Scr_Notify(int *ent, short stringValue, unsigned int paramcount);
void Scr_ClearOutParams();
void Scr_AddInt(int value);
void Scr_AddFloat(float value);
void Scr_AddString(const char* value);
void Scr_AddEntity(int value);
void Scr_AddVector(float* value);
int getEntity(int entityNum, int offset);
int getClient(int clientNum, int offset);
void Scr_AddInt(int value) {
void(*Scr_AddInt)(int value) = (void(*)(int))&Scr_AddInt_t;
Scr_AddInt(value);
}
void Scr_AddFloat(float value) {
void(*Scr_AddFloat)(float value) = (void(*)(float))&Scr_AddFloat_t;
Scr_AddFloat(value);
}
void Scr_AddString(const char* value) {
void(*Scr_AddString)(const char* value) = (void(*)(const char*))&Scr_AddString_t;
Scr_AddString(value);
}
void Scr_AddEntity(int value) {
void(*Scr_AddEntity)(int value) = (void(*)(int))&Scr_AddEntity_t;
Scr_AddEntity(value);
}
void Scr_AddVector(float* value) {
void(*Scr_AddVector)(float* value) = (void(*)(float*))&Scr_AddVector_t;
Scr_AddVector(value);
}
int getEntity(int entityNum, int offset) {
return gentity_s + (gentity_s_size * entityNum) + offset;
}
int getClient(int clientNum, int offset) {
return gclient_s + (gclient_s_size * clientNum) + offset;
}
void Scr_Notify(int *ent, short stringValue, unsigned int paramcount) {
void(*Scr_Notify)(int *ent, short stringValue, unsigned int paramcount) = (void(*)(int*, short, unsigned int))&Scr_Notify_t;
Scr_Notify(ent, stringValue, paramcount);
}
const char* SL_ConvertToString(int stringValue) {
const char*(*SL_ConvertToString)(int stringValue) = (const char*(*)(int))&SL_ConvertToString_t;
return SL_ConvertToString(stringValue);
}
opd_s ParseAddr(int Address) {
opd_s GLS = { Address, TOC };
return GLS;
}
void Scr_SetNumParam(int numParam) {
*(int*)(0x15702C8 + 0x1
= numParam;
}
#endif
Memory
float floatArray[100];
char byteArray[100];
int intArray[100];
char returnRead[100];
typedef unsigned char byte;
typedef unsigned char BYTE;
typedef unsigned char* PBYTE;
typedef void VOID;
typedef void* PVOID;
typedef long long __int64;
__int64 ThreadRTOC;
int Memcopy(PVOID destination, const PVOID source, size_t size) {
system_call_4(905, (uint64_t)sys_process_getpid(), (uint64_t)destination, size, (uint64_t)source);
__dcbst(destination);
__sync();
__isync();
return_to_user_prog(int);
}
int console_write(const char * s) {
uint32_t len;
system_call_4(403, 0, (uint64_t)s, strlen(s), (uint64_t)&len);
return_to_user_prog(int);
}
void sleep(usecond_t time) {
sys_timer_usleep(time * 1000);
}
void delay(unsigned int mseconds) {
clock_t goal = (mseconds * 1000) + clock();
while (goal > clock());
}
sys_pid_t get_process_id() {
system_call_0(1);
return_to_user_prog(sys_pid_t);
}
int32_t write_process(uint64_t ea, const void * data, uint32_t size) {
system_call_4(905, (uint64_t)sys_process_getpid(), ea, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
sys_ppu_thread_t create_thread(void(*entry)(uint64_t), int priority, size_t stacksize, const char* threadname, sys_ppu_thread_t id) {
if (sys_ppu_thread_create(&id, entry, 0, priority, stacksize, SYS_PPU_THREAD_CREATE_JOINABLE, threadname) == CELL_OK)
{
console_write("Thread successfully created!\n");
}
return id;
}
float* ReadFloat(int address, int length) {
for (int i = 0; i < 100; i++)
floatArray[i] = 0;
for (int i = 0; i < length; i++) {
floatArray[i] = *(float*)(address + (i * 0x04));
}
return floatArray;
}
void WriteFloat(int address, float* input, int length) {
for (int i = 0; i < length; i++) {
*(float*)(address + (i * 0x04)) = input[i];
}
}
char* ReadBytes(int address, int length) {
for (int i = 0; i < 100; i++)
byteArray[i] = 0;
for (int i = 0; i < length; i++) {
byteArray[i] = *(char*)(address + (i));
}
return byteArray;
}
void WriteBytes(int address, char* input, int length) {
for (int i = 0; i < length; i++) {
*(char*)(address + (i)) = input[i];
}
}
int* ReadInt(int address, int length) {
for (int i = 0; i < 100; i++)
intArray[i] = 0;
for (int i = 0; i < length; i++) {
intArray[i] = *(int*)(address + (i * 0x04));
}
return intArray;
}
void WriteInt(int address, int* input, int length) {
for (int i = 0; i < length; i++) {
*(int*)(intArray + (i * 0x04)) = input[i];
}
}
int WriteString(int address, char* string) {
int FreeMem = 0x1D00000;
int strlength = strlen(string);
char* strpointer = *(char**)FreeMem = string;
char* StrBytes = ReadBytes(*(int*)FreeMem, strlength);
WriteBytes(address, StrBytes, strlength);
return strlength;
}
char* ReadString(int address, bool IncludeSpaces) {
int strlength = 100;
char* StrBytes = ReadBytes(address, strlength);
char StopBytes = 0x00;
if (!IncludeSpaces)
StopBytes = 0x20;
for (int i = 0; i < strlength; i++)
returnRead[i] = 0;
for (int i = 0; i < strlength; i++) {
if (StrBytes[i] != StopBytes)
returnRead[i] = StrBytes[i];
}
return returnRead;
}
void reverse(char s[]) {
int i, j;
char c;
for (i = 0, j = strlen(s)-1; i<j; i++, j--) {
c = s[i];
s[i] = s[j];
s[j] = c;
}
}
/* itoa: convert n to characters in s */
void itoa(int n, char s[]) {
int i, sign;
if ((sign = n) < 0) /* record sign */
n = -n; /* make n positive */
i = 0;
do { /* generate digits in reverse order */
s[i++] = n % 10 + '0'; /* get next digit */
} while ((n /= 10) > 0); /* delete it */
if (sign < 0)
s[i++] = '-';
s[i] = '\0';
reverse(s);
}
bool isdigit(char Num) {
return (Num >= 0x30 && Num <= 0x39);
}
int Atoi( const char *c ) {
int value = 0;
int sign = 1;
if( *c == '+' || *c == '-' ) {
if( *c == '-' ) sign = -1;
c++;
}
while ( isdigit( *c ) ) {
value *= 10;
value += (int) (*c-'0'
;
c++;
}
return value * sign;
}
int VSprintf(char *ptr, const char *fmt, va_list ap) {
if(!ptr || !fmt)
return -1;
__int64 Int;
int sLen;
char* String;
char* aPtr;
byte bTemp;
char Buf[0x100];
while(*fmt) {
char Temp = *fmt;
int Length = -1;
if(Temp == '%' {
fmt++;
if(*fmt == '0' {
fmt++;
Length = 0;
char* aPtr = Buf;
while(isdigit(Temp = *fmt)) {
*aPtr = Temp;
aPtr++;
fmt++;
*aPtr = 0;
}
Length = Atoi(Buf);
}
switch(*fmt) {
case 's':
String = va_arg(ap, char*);
if(String) {
while(*String) {
*ptr = *String;
String++;
if(*String)
ptr++;
}
}
break;
case 'p':
Length = 8;
case 'X':
case 'x':
bool Found;
bool Caps;
Int = va_arg(ap, __int64);
if(Length == -1)
Int = Int & 0xFFFFFFFF;
Caps = *fmt != 'x';
Found = false;
for(int i = 0; i < 8; i++) { // for each bit :: 0 0 0 0 0 0 0 0
bTemp = (Int >> ( 28 - (i * 4))) & 0xF;
if((8-i) <= Length)
Found = true;
if(Length == -1 && !Found && bTemp)
Found = true;
if(Found) {
if(bTemp <= 9)// decimal
*ptr = 0x30 + bTemp;
else// hex
*ptr = (Caps ? 0x40 : 0x60) + bTemp - 9;
if(i != 7)
*ptr++;
}
}
break;
case 'i':
case 'd':
memset(Buf, '0', 0xFF);
Int = va_arg(ap, __int64);
if(Length == -1)
Int = Int & 0xFFFFFFFF;
aPtr = ptr;
itoa((int)Int, ptr);
sLen = strlen(ptr);
if(Length == -1)
Length = sLen;
Memcopy(Buf + 0xFF - sLen, aPtr, sLen);
Memcopy(aPtr, Buf + 0xFF - Length, Length);
ptr = aPtr + Length - 1;
break;
case 'f':
break;
}
} else
*ptr = Temp;
ptr++;
fmt++;
}
*ptr = 0;
return 1;
}
int Sprintf(char *ptr, const char *fmt, ...) {// %s, %i, %d, %x, %X, %p
if(!ptr || !fmt)
return -1;
va_list ap;
va_start(ap, fmt);
VSprintf(ptr, fmt, ap);
va_end(ap);
return 1;
}
char vaBuffer[0x2000];
char* va(const char* fmt, ...) {
va_list ap;
va_start(ap, fmt);
VSprintf(vaBuffer, fmt, ap);
va_end(ap);
return vaBuffer;
}
int Printf(const char * s, ...) {
char conBuffer[0x2000];
va_list ap;
va_start(ap, s);
VSprintf(conBuffer, s, ap);
va_end(ap);
uint32_t len;
system_call_4(403, 0, (uint64_t) conBuffer, strlen(conBuffer), (uint64_t) &len);
return_to_user_prog(int);
}
void PatchInJump(int Address, int Destination, bool Linked) {
// use this data to copy over the address
int FuncBytes[4];
// Get the actual destination address
Destination = *(int *)Destination;
FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF); // lis %r11, dest>>16
if(Destination & 0x8000) // If bit 16 is 1
FuncBytes[0] += 1;
FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF); // addi %r11, %r11, dest&0xFFFF
FuncBytes[2] = 0x7D6903A6; // mtctr %r11
FuncBytes[3] = 0x4E800420; // bctr
if(Linked)
FuncBytes[3] += 1; // bctrl
Memcopy((void*)Address, FuncBytes, 4*4);
}
void HookFunctionStart(int Address, int saveStub, int Destination) {
// Get the actual addresses
saveStub = *(int *)saveStub;
int BranchtoAddress = Address + (4*4);
// use this data to copy over the stub
int StubData[8];
StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF); // lis %r11, dest>>16
if(BranchtoAddress & 0x8000) // If bit 16 is 1
StubData[0] += 1;
StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF); // addi %r11, %r11, dest&0xFFFF
StubData[2] = 0x7D6903A6; // mtctr %r11
Memcopy(&StubData[3], (void*)Address, 4*4);// copy the 4 instructions
StubData[7] = 0x4E800420; // bctr
Memcopy((void*)saveStub, StubData, 8*4);
PatchInJump(Address, Destination, false);
}
uint64_t GetRTOC() {
__asm("mr %r3, %r2");
}
void SetRTOC(uint64_t RTOC) {
__asm("mr %r2, %r3");
}
typedef void* PVOID;
int Memcopy(PVOID destination, const PVOID source, size_t size);
int console_write(const char * s);
void sleep(usecond_t time);
void delay(unsigned int mseconds);
sys_pid_t get_process_id();
int32_t write_process(uint64_t ea, const void * data, uint32_t size);
sys_ppu_thread_t create_thread(void(*entry)(uint64_t), int priority, size_t stacksize, const char* threadname, sys_ppu_thread_t id);
float* ReadFloat(int address, int length);
void WriteFloat(int address, float* input, int length);
char* ReadBytes(int address, int length);
void WriteBytes(int address, char* input, int length);
int* ReadInt(int address, int length);
void WriteInt(int address, int* input, int length);
int WriteString(int address, char* string);
char* ReadString(int address, bool IncludeSpaces);
void reverse(char s[]);
void itoa(int n, char s[]);
bool isdigit(char Num);
int Atoi( const char *c );
int VSprintf(char *ptr, const char *fmt, va_list ap);
int Sprintf(char *ptr, const char *fmt, ...);
char* va(const char* fmt, ...);
int Printf(const char * s, ...);
void PatchInJump(int Address, int Destination, bool Linked);
void HookFunctionStart(int Address, int saveStub, int Destination);
uint64_t GetRTOC();
void SetRTOC(uint64_t RTOC);
#endifThats it for stuff you have to add to get it working.
I dont care if you put all in 1 class or make a few.
So know to to the function we gonna call i use PlayerCMD_iPrintInBold
void Playercmd_iprintinbold(int client, const char* msg)
{
Scr_AddString(msg);
Scr_SetNumParam1(1);
((void(*)(int))&ParseAddr(0x00180CC)(client << 16);
}
The actual call
void Scr_NotifyHook(int Entity, short StringValue, unsigned int Parameters){
const char* NotifyId = SL_ConvertToString(StringValue);
if(!strcmp(NotifyId, "weapon_fired"))
{
Playercmd_iprintinbold(0, "Hey Ngu");
}
((void(*)(int, unsigned int, short, unsigned int))&ParseAddr(0x21A94)(*(int*)Entity, 0, StringValue, Parameters); //Scr_NotifyNum
}
If you shoot it will work
Lets come to the end of this thread to get it working i use this patchinjump
void PatchInJump1(int Address, int Destination){
int FuncBytes[4];
Destination = *(int*)Destination;
FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
if(Destination & 0x8000) FuncBytes[0] += 1;
FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
FuncBytes[2] = 0x7D6903A6;
FuncBytes[3] = 0x4E800420;
Memcopy((void*)Address, FuncBytes, 4*4);
}
To patch it use this and you should be good to go
PatchInJump1(0x1BB1B0, (int)Scr_NotifyHook);
Im also going to make a thread with the GSC functions i find hopefully a few release usefull functions too. Thanks for your time
The following 8 users say thank you to lutsch1234 for this useful post:
04-26-2015, 07:48 AM
#2
kiwi_modz
I defeated!
Originally posted by lutsch1234
Hello NGU Members so today i bring you how to call gsc functions on mw3.
Credit goes to Ethernet, Shark, SyGnUs.
I had a hard time to get this working but at the end i found a way to get it working so lets get started.
Things you Need:
[/CODE]
Headers
Offsets + Structures
Functions
Memory
Thats it for stuff you have to add to get it working.
I dont care if you put all in 1 class or make a few.
So know to to the function we gonna call i use PlayerCMD_iPrintInBold
The actual call
If you shoot it will work
Lets come to the end of this thread to get it working i use this patchinjump
To patch it use this and you should be good to go
Im also going to make a thread with the GSC functions i find hopefully a few release usefull functions too. Thanks for your time
Credit goes to Ethernet, Shark, SyGnUs.
I had a hard time to get this working but at the end i found a way to get it working so lets get started.
Things you Need:
[/CODE]
Headers
//Global Headers
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <stddef.h>
#include <string.h>
#include <sys/prx.h>
#include <sys/syscall.h>
#include <sys/ppu_thread.h>
#include <sys/sys_time.h>
#include <sys/time_util.h>
#include <assert.h>
#include <sys/process.h>
#include <sys/memory.h>
#include <sys/timer.h>
#include <sys/return_code.h>
#include <sys/prx.h>
#include <sys/types.h>
#include <math.h>
#include <fastmath.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <stddef.h>
#include <string.h>
#include <fastmath.h>
#include <cellstatus.h>
#include <sys/prx.h>
#include <sys/timer.h>
#include <sys/syscall.h>
#include <sys/ppu_thread.h>
#include <cell/sysmodule.h>
#include <sys/ss_get_open_psid.h>
#pragma comment(lib, "sysmodule_stub")
#include <math.h>
#include <cell/pad.h>
#include <stdio.h>
#include <stdlib.h>
#include <string>
#include <sys/random_number.h>
#pragma comment(lib, "c")
#include <sys/memory.h>
#include <cell/cell_fs.h>
#pragma comment(lib, "fs_stub")
#include <fastmath.h>
#include <sys/process.h>
#include <ppu_intrinsics.h>
Offsets + Structures
#define TOC 0x72DCE8
enum Address {
SL_ConvertToString_a = 0x210FE0,
Scr_Notify_a = 0x1BB1B0,
Scr_ClearOutParams_a = 0x218414,
Scr_AddInt_a = 0x221A58,
Scr_AddFloat_a = 0x221B48,
Scr_AddString_a = 0x222120,
Scr_AddEntity_a = 0x1BACC8,
Scr_AddVector_a = 0x222444,
gentity_s = 0xFCA280,
gentity_s_size = 0x280,
gclient_s = 0x110A280,
gclient_s_size = 0x3980,
};
struct opd_s {
unsigned int sub;
unsigned int toc;
};
struct scr_entref_t
{
unsigned short entnum;
unsigned short classnum;
};
struct VariableStackBuffer {
const char *pos;
unsigned short size;
unsigned short bufLen;
unsigned int localId;
char time;
char buf[1];
};
union VariableUnion
{
int intValue;
float floatValue;
unsigned int stringValue;
const float *vectorValue;
const char *codePosValue;
unsigned int pointerValue;
VariableStackBuffer *stackValue;
unsigned int entityOffset;
};
struct VariableValue {
VariableUnion u;
int type;
};
#endif
Functions
opd_s ParseAddr(int Address);
const char* SL_ConvertToString(int stringValue);
void Scr_Notify(int *ent, short stringValue, unsigned int paramcount);
void Scr_ClearOutParams();
void Scr_AddInt(int value);
void Scr_AddFloat(float value);
void Scr_AddString(const char* value);
void Scr_AddEntity(int value);
void Scr_AddVector(float* value);
int getEntity(int entityNum, int offset);
int getClient(int clientNum, int offset);
void Scr_AddInt(int value) {
void(*Scr_AddInt)(int value) = (void(*)(int))&Scr_AddInt_t;
Scr_AddInt(value);
}
void Scr_AddFloat(float value) {
void(*Scr_AddFloat)(float value) = (void(*)(float))&Scr_AddFloat_t;
Scr_AddFloat(value);
}
void Scr_AddString(const char* value) {
void(*Scr_AddString)(const char* value) = (void(*)(const char*))&Scr_AddString_t;
Scr_AddString(value);
}
void Scr_AddEntity(int value) {
void(*Scr_AddEntity)(int value) = (void(*)(int))&Scr_AddEntity_t;
Scr_AddEntity(value);
}
void Scr_AddVector(float* value) {
void(*Scr_AddVector)(float* value) = (void(*)(float*))&Scr_AddVector_t;
Scr_AddVector(value);
}
int getEntity(int entityNum, int offset) {
return gentity_s + (gentity_s_size * entityNum) + offset;
}
int getClient(int clientNum, int offset) {
return gclient_s + (gclient_s_size * clientNum) + offset;
}
void Scr_Notify(int *ent, short stringValue, unsigned int paramcount) {
void(*Scr_Notify)(int *ent, short stringValue, unsigned int paramcount) = (void(*)(int*, short, unsigned int))&Scr_Notify_t;
Scr_Notify(ent, stringValue, paramcount);
}
const char* SL_ConvertToString(int stringValue) {
const char*(*SL_ConvertToString)(int stringValue) = (const char*(*)(int))&SL_ConvertToString_t;
return SL_ConvertToString(stringValue);
}
opd_s ParseAddr(int Address) {
opd_s GLS = { Address, TOC };
return GLS;
}
void Scr_SetNumParam(int numParam) {
*(int*)(0x15702C8 + 0x1 = numParam;
}
#endif
Memory
float floatArray[100];
char byteArray[100];
int intArray[100];
char returnRead[100];
typedef unsigned char byte;
typedef unsigned char BYTE;
typedef unsigned char* PBYTE;
typedef void VOID;
typedef void* PVOID;
typedef long long __int64;
__int64 ThreadRTOC;
int Memcopy(PVOID destination, const PVOID source, size_t size) {
system_call_4(905, (uint64_t)sys_process_getpid(), (uint64_t)destination, size, (uint64_t)source);
__dcbst(destination);
__sync();
__isync();
return_to_user_prog(int);
}
int console_write(const char * s) {
uint32_t len;
system_call_4(403, 0, (uint64_t)s, strlen(s), (uint64_t)&len);
return_to_user_prog(int);
}
void sleep(usecond_t time) {
sys_timer_usleep(time * 1000);
}
void delay(unsigned int mseconds) {
clock_t goal = (mseconds * 1000) + clock();
while (goal > clock());
}
sys_pid_t get_process_id() {
system_call_0(1);
return_to_user_prog(sys_pid_t);
}
int32_t write_process(uint64_t ea, const void * data, uint32_t size) {
system_call_4(905, (uint64_t)sys_process_getpid(), ea, size, (uint64_t)data);
return_to_user_prog(int32_t);
}
sys_ppu_thread_t create_thread(void(*entry)(uint64_t), int priority, size_t stacksize, const char* threadname, sys_ppu_thread_t id) {
if (sys_ppu_thread_create(&id, entry, 0, priority, stacksize, SYS_PPU_THREAD_CREATE_JOINABLE, threadname) == CELL_OK)
{
console_write("Thread successfully created!\n");
}
return id;
}
float* ReadFloat(int address, int length) {
for (int i = 0; i < 100; i++)
floatArray[i] = 0;
for (int i = 0; i < length; i++) {
floatArray[i] = *(float*)(address + (i * 0x04));
}
return floatArray;
}
void WriteFloat(int address, float* input, int length) {
for (int i = 0; i < length; i++) {
*(float*)(address + (i * 0x04)) = input[i];
}
}
char* ReadBytes(int address, int length) {
for (int i = 0; i < 100; i++)
byteArray[i] = 0;
for (int i = 0; i < length; i++) {
byteArray[i] = *(char*)(address + (i));
}
return byteArray;
}
void WriteBytes(int address, char* input, int length) {
for (int i = 0; i < length; i++) {
*(char*)(address + (i)) = input[i];
}
}
int* ReadInt(int address, int length) {
for (int i = 0; i < 100; i++)
intArray[i] = 0;
for (int i = 0; i < length; i++) {
intArray[i] = *(int*)(address + (i * 0x04));
}
return intArray;
}
void WriteInt(int address, int* input, int length) {
for (int i = 0; i < length; i++) {
*(int*)(intArray + (i * 0x04)) = input[i];
}
}
int WriteString(int address, char* string) {
int FreeMem = 0x1D00000;
int strlength = strlen(string);
char* strpointer = *(char**)FreeMem = string;
char* StrBytes = ReadBytes(*(int*)FreeMem, strlength);
WriteBytes(address, StrBytes, strlength);
return strlength;
}
char* ReadString(int address, bool IncludeSpaces) {
int strlength = 100;
char* StrBytes = ReadBytes(address, strlength);
char StopBytes = 0x00;
if (!IncludeSpaces)
StopBytes = 0x20;
for (int i = 0; i < strlength; i++)
returnRead[i] = 0;
for (int i = 0; i < strlength; i++) {
if (StrBytes[i] != StopBytes)
returnRead[i] = StrBytes[i];
}
return returnRead;
}
void reverse(char s[]) {
int i, j;
char c;
for (i = 0, j = strlen(s)-1; i<j; i++, j--) {
c = s[i];
s[i] = s[j];
s[j] = c;
}
}
/* itoa: convert n to characters in s */
void itoa(int n, char s[]) {
int i, sign;
if ((sign = n) < 0) /* record sign */
n = -n; /* make n positive */
i = 0;
do { /* generate digits in reverse order */
s[i++] = n % 10 + '0'; /* get next digit */
} while ((n /= 10) > 0); /* delete it */
if (sign < 0)
s[i++] = '-';
s[i] = '\0';
reverse(s);
}
bool isdigit(char Num) {
return (Num >= 0x30 && Num <= 0x39);
}
int Atoi( const char *c ) {
int value = 0;
int sign = 1;
if( *c == '+' || *c == '-' ) {
if( *c == '-' ) sign = -1;
c++;
}
while ( isdigit( *c ) ) {
value *= 10;
value += (int) (*c-'0';
c++;
}
return value * sign;
}
int VSprintf(char *ptr, const char *fmt, va_list ap) {
if(!ptr || !fmt)
return -1;
__int64 Int;
int sLen;
char* String;
char* aPtr;
byte bTemp;
char Buf[0x100];
while(*fmt) {
char Temp = *fmt;
int Length = -1;
if(Temp == '%' {
fmt++;
if(*fmt == '0' {
fmt++;
Length = 0;
char* aPtr = Buf;
while(isdigit(Temp = *fmt)) {
*aPtr = Temp;
aPtr++;
fmt++;
*aPtr = 0;
}
Length = Atoi(Buf);
}
switch(*fmt) {
case 's':
String = va_arg(ap, char*);
if(String) {
while(*String) {
*ptr = *String;
String++;
if(*String)
ptr++;
}
}
break;
case 'p':
Length = 8;
case 'X':
case 'x':
bool Found;
bool Caps;
Int = va_arg(ap, __int64);
if(Length == -1)
Int = Int & 0xFFFFFFFF;
Caps = *fmt != 'x';
Found = false;
for(int i = 0; i < 8; i++) { // for each bit :: 0 0 0 0 0 0 0 0
bTemp = (Int >> ( 28 - (i * 4))) & 0xF;
if((8-i) <= Length)
Found = true;
if(Length == -1 && !Found && bTemp)
Found = true;
if(Found) {
if(bTemp <= 9)// decimal
*ptr = 0x30 + bTemp;
else// hex
*ptr = (Caps ? 0x40 : 0x60) + bTemp - 9;
if(i != 7)
*ptr++;
}
}
break;
case 'i':
case 'd':
memset(Buf, '0', 0xFF);
Int = va_arg(ap, __int64);
if(Length == -1)
Int = Int & 0xFFFFFFFF;
aPtr = ptr;
itoa((int)Int, ptr);
sLen = strlen(ptr);
if(Length == -1)
Length = sLen;
Memcopy(Buf + 0xFF - sLen, aPtr, sLen);
Memcopy(aPtr, Buf + 0xFF - Length, Length);
ptr = aPtr + Length - 1;
break;
case 'f':
break;
}
} else
*ptr = Temp;
ptr++;
fmt++;
}
*ptr = 0;
return 1;
}
int Sprintf(char *ptr, const char *fmt, ...) {// %s, %i, %d, %x, %X, %p
if(!ptr || !fmt)
return -1;
va_list ap;
va_start(ap, fmt);
VSprintf(ptr, fmt, ap);
va_end(ap);
return 1;
}
char vaBuffer[0x2000];
char* va(const char* fmt, ...) {
va_list ap;
va_start(ap, fmt);
VSprintf(vaBuffer, fmt, ap);
va_end(ap);
return vaBuffer;
}
int Printf(const char * s, ...) {
char conBuffer[0x2000];
va_list ap;
va_start(ap, s);
VSprintf(conBuffer, s, ap);
va_end(ap);
uint32_t len;
system_call_4(403, 0, (uint64_t) conBuffer, strlen(conBuffer), (uint64_t) &len);
return_to_user_prog(int);
}
void PatchInJump(int Address, int Destination, bool Linked) {
// use this data to copy over the address
int FuncBytes[4];
// Get the actual destination address
Destination = *(int *)Destination;
FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF); // lis %r11, dest>>16
if(Destination & 0x8000) // If bit 16 is 1
FuncBytes[0] += 1;
FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF); // addi %r11, %r11, dest&0xFFFF
FuncBytes[2] = 0x7D6903A6; // mtctr %r11
FuncBytes[3] = 0x4E800420; // bctr
if(Linked)
FuncBytes[3] += 1; // bctrl
Memcopy((void*)Address, FuncBytes, 4*4);
}
void HookFunctionStart(int Address, int saveStub, int Destination) {
// Get the actual addresses
saveStub = *(int *)saveStub;
int BranchtoAddress = Address + (4*4);
// use this data to copy over the stub
int StubData[8];
StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF); // lis %r11, dest>>16
if(BranchtoAddress & 0x8000) // If bit 16 is 1
StubData[0] += 1;
StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF); // addi %r11, %r11, dest&0xFFFF
StubData[2] = 0x7D6903A6; // mtctr %r11
Memcopy(&StubData[3], (void*)Address, 4*4);// copy the 4 instructions
StubData[7] = 0x4E800420; // bctr
Memcopy((void*)saveStub, StubData, 8*4);
PatchInJump(Address, Destination, false);
}
uint64_t GetRTOC() {
__asm("mr %r3, %r2");
}
void SetRTOC(uint64_t RTOC) {
__asm("mr %r2, %r3");
}
typedef void* PVOID;
int Memcopy(PVOID destination, const PVOID source, size_t size);
int console_write(const char * s);
void sleep(usecond_t time);
void delay(unsigned int mseconds);
sys_pid_t get_process_id();
int32_t write_process(uint64_t ea, const void * data, uint32_t size);
sys_ppu_thread_t create_thread(void(*entry)(uint64_t), int priority, size_t stacksize, const char* threadname, sys_ppu_thread_t id);
float* ReadFloat(int address, int length);
void WriteFloat(int address, float* input, int length);
char* ReadBytes(int address, int length);
void WriteBytes(int address, char* input, int length);
int* ReadInt(int address, int length);
void WriteInt(int address, int* input, int length);
int WriteString(int address, char* string);
char* ReadString(int address, bool IncludeSpaces);
void reverse(char s[]);
void itoa(int n, char s[]);
bool isdigit(char Num);
int Atoi( const char *c );
int VSprintf(char *ptr, const char *fmt, va_list ap);
int Sprintf(char *ptr, const char *fmt, ...);
char* va(const char* fmt, ...);
int Printf(const char * s, ...);
void PatchInJump(int Address, int Destination, bool Linked);
void HookFunctionStart(int Address, int saveStub, int Destination);
uint64_t GetRTOC();
void SetRTOC(uint64_t RTOC);
#endifThats it for stuff you have to add to get it working.
I dont care if you put all in 1 class or make a few.
So know to to the function we gonna call i use PlayerCMD_iPrintInBold
void Playercmd_iprintinbold(int client, const char* msg)
{
Scr_AddString(msg);
Scr_SetNumParam1(1);
((void(*)(int))&ParseAddr(0x00180CC)(client << 16);
}
The actual call
void Scr_NotifyHook(int Entity, short StringValue, unsigned int Parameters){
const char* NotifyId = SL_ConvertToString(StringValue);
if(!strcmp(NotifyId, "weapon_fired"))
{
Playercmd_iprintinbold(0, "Hey Ngu");
}
((void(*)(int, unsigned int, short, unsigned int))&ParseAddr(0x21A94)(*(int*)Entity, 0, StringValue, Parameters); //Scr_NotifyNum
}
If you shoot it will work
Lets come to the end of this thread to get it working i use this patchinjump
void PatchInJump1(int Address, int Destination){
int FuncBytes[4];
Destination = *(int*)Destination;
FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
if(Destination & 0x8000) FuncBytes[0] += 1;
FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
FuncBytes[2] = 0x7D6903A6;
FuncBytes[3] = 0x4E800420;
Memcopy((void*)Address, FuncBytes, 4*4);
}
To patch it use this and you should be good to go
PatchInJump1(0x1BB1B0, (int)Scr_NotifyHook);
Im also going to make a thread with the GSC functions i find hopefully a few release usefull functions too. Thanks for your time
Man Good Release Dude! I'm happy and sad at the same time one i'm happy because i'm glad people such as your self are still giving to this community also on that note this can go super far and i'm sad because i moved away for one year and i can't have the privilege here to work with this, learn from it and start to dump gsc and create my own functions. other then that good job hope to see more from you here.
04-26-2015, 01:21 PM
#3
lutsch1234
Bounty hunter
Originally posted by ResistTheKiwi
Man Good Release Dude! I'm happy and sad at the same time one i'm happy because i'm glad people such as your self are still giving to this community also on that note this can go super far and i'm sad because i moved away for one year and i can't have the privilege here to work with this, learn from it and start to dump gsc and create my own functions. other then that good job hope to see more from you here.
Thanks man <3 we are already working on Magic bullet but its not working for now something freezes my ps3 when i call the function.
If i get it to work im going to make a function thread
The following user thanked lutsch1234 for this useful post:
05-03-2015, 03:29 PM
#4
ItzMatriix
Are you high?
06-16-2016, 01:16 PM
#5
SlowModzHDz
Keeper
06-16-2016, 01:17 PM
#6
SlowModzHDz
Keeper
06-16-2016, 04:57 PM
#7
OLDSCHOOLMODZHD
Uber Haxor
The following 2 users say thank you to OLDSCHOOLMODZHD for this useful post:
06-20-2016, 09:42 PM
#8
SlowModzHDz
Keeper
Originally posted by OLDSCHOOLMODZHD
yes you can, the one I use for death on mw3 through VM_Notify is "finish_death".
Thanks for your reply, but you know how to take the client number in a VM_Notify ?
(like mw2 : "int ClientID = ((int(*)(int))&ParseAddr(0x201F90))(self); //Scr_GetSelf")
Last edited by
SlowModzHDz ; 06-21-2016 at 11:43 PM.
06-23-2016, 02:21 AM
#9
OLDSCHOOLMODZHD
Uber Haxor
The following user thanked OLDSCHOOLMODZHD for this useful post:
06-23-2016, 12:53 PM
#10
SlowModzHDz
Keeper
Originally posted by OLDSCHOOLMODZHD
should work the same way as mw2
thanks man
Last edited by
SlowModzHDz ; 06-23-2016 at 01:27 PM.
The following user thanked SlowModzHDz for this useful post:
Copyright © 2025, NextGenUpdate.
All Rights Reserved.
