DMA Tutorial

[-._-nOiTaNRoXaH-._-]

My first actual tutorial so bear with me. Tell me what u think?

I wrote this up in like 10 minutes.

A little bit messy but you get the point.

A DMA is Dynamic Memory Allocation which means an area of a code is mostly always changing. the way to make it so its 1 stable code is through a Pointer And Offset, Also known as a DMA. A pointer is an address that points to an area that always changes. It's also for routines. An offset is how many addresses from where the pointer is pointed to.


++++++++++++++++++++++++++++++++++++++++++++++++++ +
Nitepr or MKultra will always show the pointers in real addressing.

Example:
0x00444444 0x09B00004

0x09B00004 is 0x01300004 in regular addressing.
++++++++++++++++++++++++++++++++++++++++++++++++++ +

Figure 1:
Red is the pointer
Blue is the offset
Green is hex value of code
White is the beginning of a DMA

#Example DMA
0xFFFFFFFF 0x00444444
0x00000068 0x00000001
++++++++++++++++++++++++++++++++++++++++++++++++++ +
Figure 2:

To Get The Offset:
Lets say my pointer points to 0x01300004 and your code you want to DMA is 0x01300068
1: Get out the calculator. Start>Run>Calc
2: View>Scientific
3: Put Dec. to Hex
4: Subtract the two addresses subtract the smaller number from the bigger
VVVVVVVVVVVVVVVVVVV
1300068 - 1300004
^^^^^^^^^^^^^^^^
5: Bam! you got your offset which is 0x00000064
++++++++++++++++++++++++++++++++++++++++++++++++++ +

So it would look like this altogether

Red is what ever hex value your code is.
Yellow is offset
White is pointer

#Example DMA
0xFFFFFFFF 0x00444444
0x00000064 0x00000001
++++++++++++++++++++++++++++++++++++++++++++++++++ +

~Credit To DARK987

[TiGeR.Jatt...]

ok so how wuld i make this a dma these codes...
#Lock weapons and gernades
;Im.PossibLe
;can't throw,shoot weaponary
;hz15
0x00725710 0x00000000

#rapid he
;Im.PossibLe
;not tested
;ftb3
;hz 15
0x00705710 0x00000000

#multi zoom
;Im.PossibLe
;stays zoomed in and keeps
;changeing bullet fire rate
;hz 15
0x00725710 0x65142229

#lag walk
;Im.PossibLe
;lags yu to the right
;hz 15
0x013650F0 0x404A3AB0

----
i heard i had 2 dma them then sub them 2 make them work for all maps is this true and its a good tut but its kind of confusin lol .. can yu use any code in ftb2 and tak it the same way and show the finish product and the end product :)
...
and the red hex value how did yu get tht

[Bl4Ck.KiD...]

He red hex is his hex value

[SmokeyG12]

But where do you get the pontier?
Anyways can someone dma this code for me?

0x013595A8 0x3DE69A44
0x013595B4 0xBDD418CF
0x013595C4 0xC15A0851
0x0135D240 0x40B6A158
0x0135D258 0x40C5F572
0x01379C9C 0x3DF8E350
0x01379CBC 0x3DF8E350
0x0137A138 0x40F85F8E
0x0137A140 0x41F590C4
0x0137A148 0x40F85F8E
0x0137A15C 0x3DE69A47
0x0137A5E4 0x3DF88E60
0x0137A5F0 0xBD342146
0x0137A634 0x3DF88E60
0x0137A640 0xBD342146
0x01383794 0x3DF88E60
0x013837A0 0xBD342146
0x01383944 0x3DF88E60
0x01383950 0xBD342146
0x013975B8 0xBDD418CF
0x013975C4 0x3DE69A44
0x0139844C 0x3DF8E350
0x01398744 0x40F84BB3
0x01398750 0x40F84C18
0x013BA730 0x41F590C4
0x013BB3E0 0x41F590C4
0x013BD394 0x3DF88E60
0x013BD3A0 0xBD342146
0x013C6084 0x3DF88E60
0x013C60F4 0x3DF88E60
0x013CD9F4 0x3DF88E60
0x013CDA00 0xBD342146
0x013CDA64 0x3DF88E60
0x013CDA70 0xBD342146
0x013D2B54 0x2BBD1A34
0x013D2B6C 0x2B3AD36C
0x013D2B7C 0x2BBF32E6
0x013D2B98 0x2BBF3420
0x013D2BB0 0x2BBE012B
0x013D2BCC 0x2BBE03D7
0x013D2C0C 0x2BBB1C62
0x013D2C1C 0x2B3F144E
0x013D2C4C 0x2BBF194B
0x013D2C80 0x2BBD822B
0x013D2C90 0x2BBCBCB7
0x013D2DF0 0x2BBD0D06
0x013D2DF8 0x2B3D0CF6
0x013D43C4 0x40113637

I would really appreciate it :)(its a code in progress)
This only works in one mission
And this one to
0x013D43C4 0x40113637

[TiGeR.Jatt...]

Ok .... how do I find wht the pointer is pointing 2

[Bl4Ck.KiD...]

iight look

#Mic Spoofer [DMA]
;Bl4Ck.KiD...
;Everyone Can Hear It
0xFFFFFFFF 0x004AD078
0x00000E34 0xC0800000

0x004AD078 this is the pointer that points somewhat close to make code i want to dma right

0x00000E34 and u just count all the way up to were ur address is and that amount u count up to is ur offset and the next line is ur hex 0xC0800000

[TiGeR.Jatt...]

iight look

#Mic Spoofer [DMA]
;Bl4Ck.KiD...
;Everyone Can Hear It
0xFFFFFFFF 0x004AD078
0x00000E34 0xC0800000

0x004AD078 this is the pointer that points somewhat close to make code i want to dma right

0x00000E34 and u just count all the way up to were ur address is and that amount u count up to is ur offset and the next line is ur hex 0xC0800000

ya i get what it means...but the thing i dont get is this

Code:

Figure 2:

To Get The Offset:
Lets say my pointer points to 0x01300004 and your code you want to DMA  is 0x01300068
1: Get out the calculator. Start>Run>Calc
2: View>Scientific
3: Put Dec. to Hex
4: Subtract the two addresses subtract the smaller number from the  bigger
VVVVVVVVVVVVVVVVVVV
1300068 - 1300004 
^^^^^^^^^^^^^^^^
5: Bam! you got your offset which is 0x00000064

the pointer is pointing 2 0x01300004 ..
and the code i want 2 dma is 0x01300068 How would i find this

[S2h6699]

ya i get what it means...but the thing i dont get is this

Code:

Figure 2:

To Get The Offset:
Lets say my pointer points to 0x01300004 and your code you want to DMA  is 0x01300068
1: Get out the calculator. Start>Run>Calc
2: View>Scientific
3: Put Dec. to Hex
4: Subtract the two addresses subtract the smaller number from the  bigger
VVVVVVVVVVVVVVVVVVV
1300068 - 1300004 
^^^^^^^^^^^^^^^^
5: Bam! you got your offset which is 0x00000064

the pointer is pointing 2 0x01300004 ..
and the code i want 2 dma is 0x01300068 How would i find this

If I'm not mistaken...

1.) Open ps2dis.exe

2.) Load your dump

3.) Click Analyzer --> Invoke Analyzer

4.) Go to Analyzer --> Jump to previous referrer (Shift + F3, I think). It could be Jump to next referrer (F3, I think), I'm not sure although I think it's the one before.

5) The opcode of the address you jumped to should be a j, jr, or jal I believe. That address should be your pointer. I'm not sure if you leave it in real addressing, I think you do. Ask Iv or BK to clarify that for you.

I think this is how you would do it, I"m not 100% sure, so please don't take this for fact and bitch cause it doesn't work.

BK: He was asking how do you find the pointer. I'll relate it to C++ for you... &pointer and *pointer.

Whoever needs info on pointers: The reference operator (&) translates to 'address of' so let's say (in C++, you need to learn 3rd gen before you can even remotely know 2nd or assembly)

Code:

var1 = &var2

Would translate to variable one equals the address of variable two meaning variable two equals where ever variable one is located. We can relate location to address and what variable two equals as the hex.

In C++ we can relate

Code:

int address1 = 43442336;

to

Code:

0xaddress1 0x43442336

in MIPs.

Now for some on the dereference operator (*)... the dereference operator (*) roughly translates to 'value pointed by'

Code:

var1 = *var2

translates to variable one equals the value pointed by variable two. This is the same as saying variable two equals variable one. This is passing the value of variable one to variable two. This bypasses the need for worrying about the address of the variable.

In C++ we can relate

Code:

int *address2 = deadbeef;

to

Code:

0xaddress2 0xdeadbeef;
0xaddress3 = *address2; not really, this is for the idea, I'm not good with MIPs

Hitting the Thanks and Rep+ button never hurt anyone. ;)

[pspguy1234290]

What do you do to find the offset?