Is there a method to hack mc saves?

[pmt7ar]

Hello. I'm a noobie in this, I used to do the old search&replace ram on SNES emulators.

I don't have any cheat device for PS2, so I though of using fmcb to transfer my saves to the PC and do some hex hacking. I managed to do it so on some saves, but I'm now trying with Persona4 and always got "corrupted" when loading it.
I've saw the guide for FFXII and got to know about the checksums. I want to know if there is some methodical way to guess this checksum to make my saves valid.

I made three saves.
Save2 - base case - 70:05hs, 279039yen, 'X' item ammount 22
Save0 - do a fast buy on 1 item and save asap - 70:06hs, 277479yen, 'X' item ammount 23
Save3 - from base case, save again instantly without even moving, but on other slot.

I compared the files and localiced the offsets of yen ammount (0x41A6) and the item I used to test (0x551). But just changing them makes my save corrupted.
Other things I could see is that first 4 bytes are 00, and last 4 bytes are FF.

Also from Save3, where the only changes should be a seconds on the clock and the slot (if it's not just from the filename), is a byte changed at 0x36 and 0x29c63.

So I suppose it has some integrity check, and if so, the checksum should be on the extremes of the data, like FFXII (it can't be inside of the data, right?). There are 8 bytes that repeats on the begining 0x8 and again at 0x4532, but I tried different selections between that block and got nothing similar to it.


Continuing would be useless if I cannot make an edit valid, is there a way to find out these things? (how did some find the checksum used, like that on FFXII). Could anyone give it a glance and see if it has an easy-to-fix checksum?

[ps2dragon]

Good luck in your pursuit in finding more info. I tried to get help with Fight Night Round 3 back in July 2008 (almost 2 years ago) in this thread (Fight Night Round 3 Game Save Hex Editing), but got no reply. Maybe the info I posted in that thread might help you get closer to figuring it out. I'm not really good at hex editing, but I think my problem was with the values I changed were linked to other values, and I didn't know how to make them valid.

EDIT: You can also try out PS2 remote debugger (PS2rd), since according to the PS2rd Compatibility List Persona 4 works. PS2rd used to be called Project Artemis. See this thread in the official forums for more about it. You can download it from here or here (PS2rd Releases).

[dlanor]

Finding precise checksum methods can be very difficult in some cases, but some general guidelines can be applied to finding the storage positions of the check values, and for most such methods a good hex editor like WinHex is a prime requisite.

Using this you can make full byte-by-byte comparisons of different gamesave files, allowing you to pinpoint all bytes that differ between them. But it is still up to yourself to identify and interpret the purpose and meaning of those differencies, which can get very complex.

Some simple things to try:

1: Load an existing gamesave, and then resave it to a new save slot without having done anything.

This may seem useless, but performing a full WinHex file comparison on those save files will produce difference bytes related both to the in-game time keeping and to the checksum values (as they would also change with the time variables as with any other data).

Repeating this test a few times should establish which bytes form the time value (constantly rising) and may also help identifying the CRC/checksum bytes, though that is more difficult (as they may seem semi-random). The issues may also be clouded by unknown variations due to background processes of the game, which may alter various variables in unknown ways.

However, most background process timers will behave in a fairly constant manner, either constantly rising or constantly falling, between successive gamesaves made to different gamesave slots as described above. And those that do NOT behave so regularly may very well be the CRC/checksum values. But you may also find some random generator stuff which also has highly irregular value changes.

Another good thing about repeating this test is also that you get a good indication of several byte areas that vary even without you doing anything significant in-game, which means that you can safely ignore those areas when they show up in file comparisons done later to search for specific in-game variables (such as money, health, whatever)


2: Load an existing gamesave, and then resave to a new slot after performing an in-game change of only a single (intended) value. (such as money, health, whatever)

This experiment is more obvious in its intention to pinpoint specific values, and here it is crucial that you have already made the experiments mentioned above, so as to know which byte areas may be expected to show spurious differences not really related to the changes you are looking for.

But of course, if the game uses CRC/checksum for integrity checking then you need to patch those values properly in order to make the game accept a modified gamesave, and to do that you need not only identify the bytes used to store such a check value, but must also identify the method used to calculate it (CRC, checksum, whatever) and that can be very tricky if it is not just a straightforward summing of all bytes, shorts, or longs in the save (presumably excluding the check value).

Best regards: dlanor

[kevstah2004]

FN3 is compatible with ps2rd, I made some codes for the PAL version here
http://www.thegshi.org/?s=v2&sys=35&gid=9316

[ps2dragon]

But of course, if the game uses CRC/checksum for integrity checking then you need to patch those values properly in order to make the game accept a modified gamesave, and to do that you need not only identify the bytes used to store such a check value, but must also identify the method used to calculate it (CRC, checksum, whatever) and that can be very tricky if it is not just a straightforward summing of all bytes, shorts, or longs in the save (presumably excluding the check value).

Yes this is what I was attempting to do in my Fight Night Round 3 thread here (Fight Night Round 3 Game Save Hex Editing). It just seemed too complicated for me to figure out, so I eventually gave up on it. I believe I tried all the recommendations you pointed out here, but thanks for the info anyway.

FN3 is compatible with ps2rd, I made some codes for the PAL version here
http://www.thegshi.org/?s=v2&sys=35&gid=9316

Cool, yes I have been meaning to test PS2rd on this game, but never got around to it, so thanks for testing it for me. If I get time I'll check it out. ; )

p.s. Finally I have a reason to use the new multi-quote feature heh.