IV PS3 Debug Discussion

**jumper** · 01-12-2013,12:22 PM

This thread is for discussion of anything related to GTA IV modding on DEX. Any eboot reversing talk would probably be a good fit in here as well.

DISCLAIMER

CEX to DEX and vice-versa can be a risky operation.
This thread is by no means intended to be a complete DEX tutorial!

With that said, there has been decent interest in this topic in the general help thread, so to prevent clogging up that thread we now have this one. For the time being I am simply moving relevant posts from over there to here, but I plan on adding more setup tips and other things as this progresses.

To get you started here are some relevant links

**Zaapata** · 01-12-2013,12:22 PM

Originally Posted by jumper

This thread is for discussion of anything related to GTA IV modding on DEX. Any eboot reversing talk would probably be a good fit in here as well.

DISCLAIMER

CEX to DEX and vice-versa can be a risky operation.
This thread is by no means intended to be a complete DEX tutorial!

With that said, there has been decent interest in this topic in the general help thread, so to prevent clogging up that thread we now have this one. For the time being I am simply moving relevant posts from over there to here, but I plan on adding more setup tips and other things as this progresses.

To get you started here are some relevant links

I think this may help you guy's:

Tools needed :

A PS3 with a DEX firmware
ProDG Target Manager and ProDG Debugger (they got leaked just google it)
make_fself.exe
The ELF file of the game you want to mod

/!\ - Your PS3 must be wired, it will not work if you're using WiFi - /!\

Ok first, start ProDG Target Manager and go on "Search For Targets" then press the refresh button to start scanning, if all is ok your PS3 should be detected, just right click on it and move it to "Debugging Station" group then double click on it, it will add your PS3 into your targets list.

Now in your targets list, right click on your PS3 then choose "Connect", once your PS3 is connected you can start ProDG Debugger (if it's asking you to select a target then just select your PS3).
You will see a window called "Memory", that's in this window that you will edit the memory of the game you want.

Ok now you need to make a fself (with make_fself.exe) of the ELF you want to edit memory, just go into cmd then put make_fself x.elf EBOOT.BIN where x is your ELF (it will create the EBOOT), once you have your file just put it in your PS3 in the right game folder.

In ProDG Debugger you should see a process appear in the "Processes" window, right click on it then choose "Attach Process" then "Continue without symbols" now your process is attached and you can view memory, but when you attach it, ProDG pauses the process, you have to continue it, just go in ProDG Target Manager, expand the list of your PS3, go to "Kernel Explorer", highlight the process then press the "Continue" icon (you can also continue it with ProDG Debugger).

Now you're done and you can edit memory of your game, by the way there are other options in ProDG Debugger, you can add breakpoints, show disassembly, etc. Also don't forget to refresh memory or just enable "Auto Update" option.

Here is a screen of how it looks like :

I hope it helped

SOURCE ps: This is not my tutorial. checkout the source!

**HuN** · 01-12-2013,12:22 PM

Originally Posted by ribonucleic

this is part of the reason i have been up till 5.30am researching how to convert my CEX console to DEX without bricking the damn thing because if i succeed in the conversion then i have to deal with ProDG and Target Manager, and hopefully if i successfully get ProDG connected and debugging then i will hopefully be able to work out solutions to the problems locating peds, vehicles and objects

i am a thorough person so all this is kinda getting on top of me right now

im at that step too ... installed rebug 4.21 yesterday and im currently reading cex/dex tutorials in order to try ProDG .

if we can get it to work and if we are able to get a dump , it should be easy to locate some memory blocks using a hex editor for stored values are quite well documented for pc ... ex: simply searching for a long string of known digits such as car handeling. dat values should point in the right direction , however coding assembly use pointers stored in registry's to redirect thoses values to another memory address and this is where it gets more complicated , in mips assembly thoses are " JAL " fontions it stands for " jump and link " and will call required address tru 2 registers ( 1st will hold the base of address and the 2nd will hold the offset )

lol, i cant believe ill try to do that again ... i barely remember half of it .

**jumper** · 01-12-2013,02:03 PM

On my nand console with rebug 4.21.2, I went to DEX using rebug toolbox and c2d.exe. With that method, going back to CEX is not much to worry about as long as your flash drive can be trusted, since you are basically swapping between CEX and DEX flash dumps. This might be a bit on the paranoid side, but as soon as I knew my dumps worked I saved their hashes in a txt file, so I can verify they haven't been damaged before every flash, I also saved copies of the dumps on seperate media in case the originals do actually get damaged while I'm on DEX.

That said, I can't get the debugger to attach to any game so far. Apparently you are supposed to make an fself for your game, I have no idea if that's where my problem is or not. I can get Target Manager to connect and do simple things like reset the system, but the debugger will not connect or show any processes.

**HuN** · 01-12-2013,02:30 PM

Originally Posted by jumper

On my nand console with rebug 4.21.2, I went to DEX using rebug toolbox and c2d.exe. With that method, going back to CEX is not much to worry about as long as your flash drive can be trusted, since you are basically swapping between CEX and DEX flash dumps. This might be a bit on the paranoid side, but as soon as I knew my dumps worked I saved their hashes in a txt file, so I can verify they haven't been damaged before every flash, I also saved copies of the dumps on seperate media in case the originals do actually get damaged while I'm on DEX.

That said, I can't get the debugger to attach to any game so far. Apparently you are supposed to make an fself for your game, I have no idea if that's where my problem is or not. I can get Target Manager to connect and do simple things like reset the system, but the debugger will not connect or show any processes.

if i understood various tutorial correctly ... we need to extract " fself " file from game EBOOT , similar to ps2 " elf " its core of game memory ...so its needed for ProDG to make sense of the dump . ( still reading tutorials

)

http://psx-scene.com/forums/content/...tutorial-2866/

**ribonucleic** · 01-12-2013,03:55 PM

Originally Posted by jumper

On my nand console with rebug 4.21.2, I went to DEX using rebug toolbox and c2d.exe. With that method, going back to CEX is not much to worry about as long as your flash drive can be trusted, since you are basically swapping between CEX and DEX flash dumps. This might be a bit on the paranoid side, but as soon as I knew my dumps worked I saved their hashes in a txt file, so I can verify they haven't been damaged before every flash, I also saved copies of the dumps on seperate media in case the originals do actually get damaged while I'm on DEX.

That said, I can't get the debugger to attach to any game so far. Apparently you are supposed to make an fself for your game, I have no idea if that's where my problem is or not. I can get Target Manager to connect and do simple things like reset the system, but the debugger will not connect or show any processes.

i would say that is good practice, because then you can be >99.999999999999% sure that your flash backups are safe.

would you mind sharing with us, either here or in pm what verification steps you went through to make 100% sure that you weren't going to brick?

**jumper** · 01-12-2013,04:11 PM

I didn't do any checks, besides any checking that might be done automatically by rebug toolbox. I was pretty nervous doing to the first flash to DEX..

This is what I followed for the conversion: [Tutorial] CEX2DEX using Rebug CFW4.21

**ribonucleic** · 01-12-2013,04:34 PM

Originally Posted by jumper

I didn't do any checks, besides any checking that might be done automatically by rebug toolbox. I was pretty nervous doing to the first flash to DEX..

This is what I followed for the conversion: [Tutorial] CEX2DEX using Rebug CFW4.21

brave move i have took my 3.55 dump apart and checked its contents i then went through the full dump with a hex editor comparing it to details i found on ps3devwiki.com and i'm still wary of continuing

**ribonucleic** · 01-13-2013,06:14 AM

Originally Posted by jumper

I didn't do any checks, besides any checking that might be done automatically by rebug toolbox. I was pretty nervous doing to the first flash to DEX..

This is what I followed for the conversion: [Tutorial] CEX2DEX using Rebug CFW4.21

i'm guessing that before you moved from 3.55 to 4.21.2 that you had done your research about converting to DEX and recovered your eid_root_key?

or did you have to downgrade?
if you did, did you just throw Rebug 3.55.4 onto your console, fetch your key, fix your flash, then back to Rebug 4.21.2 to reflash to DEX?

i ask because i didn't do much research about CEX to DEX because i thought it wouldn't be needed, but now i have i realise i have 2 choices:
o downgrade to do all the stuff associated with CEX to DEX or
o just stay safely where i am and forget about it

Rant inside, read if you dare lol

edit: sod it, guys i'm going for it, hopefully later i'll tell you guys that my ps3 isn't part of a buildings foundations
edit2: my PS3 is walking the downgrade plank, bit scared for it i gotta say, edit3: it didn't get eaten by a downgrade shark

**HuN** · 01-13-2013,10:35 AM

Originally Posted by ribonucleic

i'm guessing that before you moved from 3.55 to 4.21.2 that you had done your research about converting to DEX and recovered your eid_root_key?

or did you have to downgrade?
if you did, did you just throw Rebug 3.55.4 onto your console, fetch your key, fix your flash, then back to Rebug 4.21.2 to reflash to DEX?

i ask because i didn't do much research about CEX to DEX because i thought it wouldn't be needed, but now i have i realise i have 2 choices:
o downgrade to do all the stuff associated with CEX to DEX or
o just stay safely where i am and forget about it

Rant inside, read if you dare lol

edit: sod it, guys i'm going for it, hopefully later i'll tell you guys that my ps3 isn't part of a buildings foundations

good luck dude ! please let us know how it went ( detailed if possible ) im personaly too confused about it and abit scared to mess my console ... i have a 60gb retro compatible with ps2 and i dont want to brick it ( i might go to local pawn-shop and look for a broken ps3 to fix and experiment with )

User Tag List

Thread: IV PS3 Debug Discussion

Tweet

LinkBack

Thread Tools

Display

Rant inside, read if you dare lol

Rant inside, read if you dare lol


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!