PS3 Tried to make my own modded EBOOT

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
Hello.
I tried to make my own modded EBOOT for inFamous. I find offset in CMP site and tried to add them to eboot from my game.
the steps i did:
1 - decrypt the eboot with resigner to get eboot.elf
2 - open the eboot.elf with RivalGamer_ELF_Cheater and replaced both OGP and COP (CGP in RivalGamer_ELF_Cheater don't know why) and it says cheats applied successful.
3 - encrypt eboot.elf in resigner choosing option 2 and transfer modded eboot.bin to ps3.
The problem is the game starts fine and freeze the ps3 just before character show.
This is the offset i have:
SET OGP=000000000000000000000000000000002C00000100090003000000000000000000564AFC00564C200075FBC000000000000000000000000000000000
SET COP=800100F43D600012616B808C480000202C00000100090003000000000000000000564AFC00564C200075FBC07F8B0040409E0008C3FD0750482AEDB6
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
Which lines do i have to add in RivalGamer_ELF_Cheater?
 

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
What is your GameID, Version, and App Version? All of these details are in the PARAM.SFO. My codes were made for and specifically tested on BCUS98119 version 02.00 app version 01.00. If your details are different, then it is easily possible your eboot is different. That difference will make the codes with extra long routines end up in different places, and that will mean the branches to and from them will need to be re-adjusted. Without the branches being corrected, your game will likely jump to empty space or random junk out in the middle of nowhere that is not meant to be executed as code, and that will immediately trigger it to crash.
 

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
My bad. Here are my param sfo details. I tried to update,but it says latest version installed. Also tried PS3 Tools by aldotools to check for updates but there are no updates. How to update version to 02.00?
What about these codes? If there are more than one OGP and COP for one cheat which one to add?
GamdID - BCUS98119
Version - 01.01
App ver - 01.00
 

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
Actual version doesn't matter, what matters is the App version, and ours match meaning your version is identical to mine. I also previously had yours. Your version is the Infamous 1 disk that I had, but I also had the Infamous collection which has both along with the DLC which is why mine says Version 02.00 even though that does not matter.

There are 4 possibilities at this point for problem:
1. You encrypted it as a non-NPDRM eboot and put it in the \game\ folder where PSN games and game updates are at, or maybe used a package to install it there.
2. You encrypted it as a NPDRM eboot but put it in the \GAMES\ or \GAMEZ\ or whatever folder wehre you have your copy of the game installed on your PS3 or external hard drive.
3. You made typos or something in the code.
4. Somehow I messed up the code, but I strongly doubt it because I tested all of them with the game data uninstalled and the game started up fine for me.


What kind of problem does it give you? Does the game start at a black screen? Does anything load or happen?
 

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
The game start and i got black screen just before the gameplay start.
Hmm about eboot decrypt im using TrueResigner option 1 for decrypt and option 2 to encrypt. Is this the right way?
Also i got the eboot.bim from my GAMES folder. There is no eboot in game/bcus98119/usrdir.
 
Last edited:

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
Those sound like the exact correct options. 1 to decrypt, 2 to encrypt as non-npdrm eboot. I'm used to doing nothing but dex eboots at this point so I likely avoid a ton of errors that others would encounter so I'm a little lost on the black screen. I previously got black screens in the game by putting certain codes in bad places that when the game started or was in the process of booting. I assumed the zeros were unused space when the game used them for game data installation related things and possibly other things. Does it happen to just that 1 exact code? It's always possible it could be a firmware encryption related thing even though I never deal with that stuff any more.


If other codes work and just that one fails, then I know there's a problem with the code and can actually try troubleshooting it and fixing it by moving it to another location, but otherwise 99% of the time one of my codes isn't working for somebody it's usually them messing something up even though this sounds like a possibly legit problem at this point.
 

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
The problem is not in your code. It's on my side, but i can't find out why yet.
The thing i notice is that original EBOOT is 7,8mb, but the modded one is 3,6mb. Doesn't matter if i add 1 or 5 cheats.
I guess this is not normal to happen.
Also i tried just to decrypt and encrypt the eboot without adding any cheats and again after the encryption it became 3,6mb, but this time the game runs fine. No black screen, no freeze. So i guess im adding the cheats the wrong way...
Let's say i want to add cheat:
Electricity Never Decreases
0 00124598 D1840008
Code:
SET OGP=C0040008EC01002AC1840004FF806800ED606028419C0008FDAB032ED1A40008
SET COP=C0040008EC01002AC1840004FF806800ED606028419C0008FDAB032ED1840008

I tried with HxD to find OGP and repace it with COP, then save eboot.elf and encrypt. The game load and freeze right after showing Cole. And i had to hard reboot the ps3.
I also tried to replace OGP with COP with RivalGamer_ELF_Cheater it says success, but to no avail. Again freeze.
I don't know what to do with 0 00124598 D1840008 this part. Do i have to replace it together with COP on HxD or any other way?
I tried with aldostools cheat editor to add cheats to eboot.elf, still freeze

For Infinity Health why there are so many codes:
Health Never Decreases
0 00564ED0 800100F4
0 00564ED4 3D600012
0 00564ED8 616B808C
0 00564EDC 48000020
0 00564EFC 7F8B0040
0 00564F00 409E0008
0 00564F04 C3FD0750
0 00564F08 482AEDB6
0 002AEDB0 48564ED2
Code:
SET OGP=000000000000000000000000000000002C00000100090003000000000000000000564AFC00564C200075FBC000000000000000000000000000000000
SET COP=800100F43D600012616B808C480000202C00000100090003000000000000000000564AFC00564C200075FBC07F8B0040409E0008C3FD0750482AEDB6
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4

Which of them i have to use? The first OGP>COP or the second? And what abut this kind of codes: 0 00564ED4 3D600012? How do i add them and where?
I know that's a lot questions, but i want to learn to make my own cheat eboot. Sorry for my english.
 
Last edited:

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
The Electricity code should definitely not cause you any problems, it does not even involve a custom routine out in the middle of nowhere. That should be 100% safe to use. As for the addresses thing like "0 00564ED4 3D600012", the 2nd part, 00564ED4, is the address in live PS3 memory that gets modified. For eboot modification in HxD.exe or anything else, you would subtract -10000 from it and then overwrite whatever is there with the last part. So with that, you would do 00564ED4 - 10000 making 00554ED4. You'd go to 00554ED4 in HxD.exe and overwrite the value there with 3D600012 and that would be the code.



The size changing doesn't usually matter. scetool or whatever has the option to compress elf files, so seeing them decrease or increase in size affects nothing. The only problem is that with your non-dex ways, there can be some very picky details for encrypting the eboot back to normal again. If you are able to decrypt the eboot and encrypt it without modifications, and it works, then that would suggest either the codes are broken or they are somehow input incorrectly. There is no way the electricity code can crash your game, that's a sign of user error if it is.
 

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
I will try to add the 0 00124598 D1840008 code now. Do i have to add OGP and COP of the first way is enough?
 
Last edited:

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
The address method and OGP/COP will get you the same result in HxD.
Did you have any luck with codes that aren't that health code?
 
Last edited:

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
Finally it works. I deleted the bcus98119 folder in game folder. Replace infinity electricity OGP COP and it works just fine. Now i will try with health.
Health cheat freeze the game. This is the code:
SET OGP=000000000000000000000000000000002C00000100090003000000000000000000564AFC00564C200075FBC000000000000000000000000000000000
SET COP=800100F43D600012616B808C480000202C00000100090003000000000000000000564AFC00564C200075FBC07F8B0040409E0008C3FD0750482AEDB6
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4

I used the last 2:
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
I can't find the first row with zero's in HxD.
The game freeze rigth after show Cole.
 
Last edited:

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
Perfect. That means you've found what I suspected over time. I will need to re-locate all of the codes with routines for both Infamous 1 and 2. I'll need to do that later today though, because I need to leave for work in 5 minutes. At the latest, I should have things done and posted tomorrow if not later today. I'm going to do it the same way I had to do it for Metal Gear Rising Revengeance and Ni No Kuni Wrath Of The White Witch. Everything will get clumped together making 1 big ugly OGP/COP code, and it'll require the tiny eboot modification code, but it'll at least be guaranteed to work.
 

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
Health cheat freeze the game. This is the code:
SET OGP=000000000000000000000000000000002C00000100090003000000000000000000564AFC00564C200075FBC000000000000000000000000000000000
SET COP=800100F43D600012616B808C480000202C00000100090003000000000000000000564AFC00564C200075FBC07F8B0040409E0008C3FD0750482AEDB6
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4

I used the last 2:
SET OGP=60000000D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
SET COP=48564ED2D3FD07545463063E2F830000419E01203BA00000FF9DF000409C00E4
I can't find the first row with zero's in HxD.
The game freeze rigth after show Cole.
I'm dumb, that explains everything on your freeze.
I can find that row, and that is the sort of OGP that is never found in another version of the game. You gave me PARAM.SFO details that match mine, but your file is not the same as mine which is not possible. That would imply the game makers put the wrong files on the game disk or something, and I doubt that. Did you give me the correct details? If you use only the 2nd set of OGP/COP, that is just the jump to the function that does the health stuff. That will cause the code to jump out in the middle of nowhere with gibberish where it will not return from which crashes the game without my code being placed there for it to execute and return. You would need to upload your decrypted eboot and PARAM.SFO somewhere for me, because your eboot is different and I need to confirm details.
 

DarkPowerZ

Newbie
Apr 28, 2019
13
0
1
Here are my EBOOT.BIN , EBOOT.ELF and PARAM.SFO
 

y8rz3l56ye2n8q

Prime Member
RG Prime
Apr 8, 2015
150
57
28
32
Makes absolutely no sense to me how yours was different than mine, but I checked and I guess I deleted my old disk copy so I have no true way of verifying it any more. I'll just need to port everything again sometime within the next few days.