[REQUEST] Demons Souls [RPCS3]

DeanV255

Novice Cheater
May 10, 2017
21
0
1
#1
Hi everyone.

I have tried doing this myself with my limited CheatEngine knowledge, mostly i'm looking for the pointers for Health as i would like to take no damage from enemies.

After searching for All Pointers and unknown value, taking damage and then healing and repeating this, i was left with two values, typical 4byte value and a double. Sadly changing or freezing these resulted in no change. That is about as far as i can get with my knowledge on how to use cheat engine.

If anyone could create a table for Demons Soul for the RPCS3 i would be very grateful.

Edit: Also apologies for writing request in the title, it's more directed towards it been in RPCS3 hence me writing request. I've removed this already however just encase.
 

Dainipponjin

What is cheating?
Aug 5, 2017
2
0
1
#2
The HP value you seek is 4 byte type residing in 120000000-130000000 memory range (for BLES00932).
Starting HP value for soldier class is 0x00000293. Use "Array of byte" value type to find it fast. Freezing the value works and prevents a player from dying.
The address changes upon every new game, so you probably would have to make an aobscan script (make CE table search for static values and offset to HP value from those static ones) since pointers seems to be hard to find on RPCS3.

Little video material: https://youtu.be/00DXildsyjk
 

DeanV255

Novice Cheater
May 10, 2017
21
0
1
#4
Thank you for that information.

I am running on the BLUS30443 at the moment so a different edition to the one that you are running, it maybe for this reason i was unable to find the pointer using the same method that you did. However after seeing your post and doing some testing these are my findings:

I first searched in Array of Byte for 0x00000293, this gave me some results, very close to yours however none i changed made a difference apart from one, that took the health away from me but gave it straight back to me, no idea why but that's what it did, i was unable to reproduce this effect after multiple attempts.

Finally i just did my usual way of finding health pointers "Unknown initial value" and then Decreased or Increased Value, this usually returned a few values that changed when i took damage but were not able to freeze or change with any effect, but this time it appears to have surfaced with the value that represents health and freezing it has now nulled all enemy damage. 1226F6714 - 4 Bytes and has the memory format of 00 00 02 93 as shown in your video and freezing this stops all enemy damage, not sure why this never showed up on my other attempts however, and i did a lot of them before post my original post.

This maybe subjective to classes and so on, Endurance rating etc but the maximum health of the Solider Class in the Tutorial is 2466381824. This maybe helpful in testing in finding the health straight away for people struggling, assuming this number stays the same.

Edit: So as i pressed Submit my game crashed, ironically.

This allowed me to test my above theory, and it seems i was correct, i got 39 Address in the Byte 4, one is a fake address that shows damage and the second actually controls it, freezing that again has frozen my health, no i will try to figure out how to start this into a table though i've never made one before specially never AoB scans so i'll have to do some learning first.
 

Drinkie

What is cheating?
Aug 14, 2017
3
0
1
#6
Well considering whether or not a item is in the character inventory seems to be controlled by it's amount for example i used CE to get 50 Renowned Soldier's Souls by searching for 1 which was the amount i had then placing it with Stockpile Thomas then searching for 0 and repeating until i got the address then adjusted the amount so that i have 50 the address i start from though is 12010000 with the search type being Byte if anyone can figure out how to search for Souls as in the currency that would be handy as i've tried searching with type all but nothing
 

Dainipponjin

What is cheating?
Aug 5, 2017
2
0
1
#7
The following is just my observation which can easily turn out to be false.

This game uses a limited pool of addrresses to which stats (HP, stamina etc) of characters visible on screen are assigned. Each time loading process is on, the stats are reassigned randomly to diffrent addresses of the pool. It allows the game engine to shuffle all stats inside a small pool of addresses in comparison to assigning a certain static address to each individual character in the game. Smart. The same memory management concept is present in Silent Hill 2 for example.

The issue here is that each time the loading process is through, CE table will lose the results a user has found. I know of two solutions: finding pointers (static paths) and making a table based on AOB scans. I cannot find ANY pointers in this emulator, similar thing happened to me when I dealt with some games on MAME emulator. Back then the explanation I got was that everything about the game is compilied dynamically in the memory and therefore there is nothing static => no pointers could be found.

I've made a table with AOB scans for Soldier, Knight and Hunter (HP, MP and stamina control). It has a limitation: MP values are NOT to be upgraded. The AOB scans here are mainly tied to MP values and they should stay the same. I will attach the table. Study the script and extrapolate to other classes if you wish. Unfortunately, this is all my ape skills allow me to do for now.

@Drinkie number of souls aquired is stored as a 4 byte value. I added the address in the table. The address should be "static" for everyone (no need for AOB scan script).

https://youtu.be/Z8ti6UEZjHQ
 

Attachments

Drinkie

What is cheating?
Aug 14, 2017
3
0
1
#8
It's 4 byte? odd that was the first type i tried but i couldn't find it oh well thanks for finding it i'm playing on the EU version though

EDIT: The souls value works perfectly on the EU version too i was assuming that due to them being different regions they might not work
 
Mar 25, 2017
8
0
1
#10
I found souls as 2 bytes.

searching unknown initial value

WITH Demon Souls BLUS30443
WITH RPCS# 0.0.3-3-bb398c4 alf

ONLY able to get max 65535 souls (SO FAR)

1. Start in NEXUS with a few hundred souls
2. Buy 1 arrow
3. search decreased unknown
4. repeat

------------EDIT #2-------------

The next attempt, I found SOULS via search of 4 bytes.!?!

Just try,try, try again til you find it.
I have been searching for SOULS for 2 weeks on and off probably 2 hours a day.

HINT limit/do not use of "search unchanged value" Yes I know it can easily remove half a billion results, but it removes the target result sometimes too!

Start with about 2000 and buy an arrow, search decreased value

This time I was able to add 999999999 souls!!!!

I also was able to find "sharpestone chunk" searching unknown, then decreased value(put one with hoarding thomas)
Value was like 8547 to 8550 or something for 1 stone
 
Mar 25, 2017
8
0
1
#11
Code:
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>0</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD4D8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>1</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD960</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>2</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEC48</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>3</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE400</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>4</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE4F0</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>5</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE004</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>6</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE360</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>7</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD4D8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>8</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD960</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>9</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEBF8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>10</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEDEC</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>11</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEC34</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>12</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD820</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>13</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD80C</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>14</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD7F8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>15</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FDA8C</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>16</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE75C</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>17</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FDDD4</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>18</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FECE8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>19</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE0E0</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>20</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FDDE8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>21</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE4C8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>22</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE4DC</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>23</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE658</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>24</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEBF8</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>25</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEC34</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>26</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FEDEC</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>27</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FDC08</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>28</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE784</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>29</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FD41C</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>30</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>120200000</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>31</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>120200004</Address>
    </CheatEntry>
    <CheatEntry>
      <ID>32</ID>
      <Description>"No description"</Description>
      <VariableType>4 Bytes</VariableType>
      <Address>1202FE52C</Address>
    </CheatEntry>
  </CheatEntries>
</CheatTable>
------------------------------------------------
various Xstone addresses (in stockpile)
 
Mar 12, 2017
14
0
1
#12
I cant find the souls value, the table returns 0 even when I have souls. Search by buying isnt working too.

 

zachillios

Expert Cheater
Mar 3, 2017
132
12
18
#13
Ronstaman post_id=39305 time=1521999356 user_id=1088 said:
I cant find the souls value, the table returns 0 even when I have souls. Search by buying isnt working too.

It's cause you're searching in 4 byte. RPCS3 mainly uses little endian. 4 Byte Little Endian to be exact. Also: depending on your settings with RPCS3, mainly got the game loads the necessary libraries, the values jump around to different addresses.
 
Top Bottom