TheRealGiths
Newbie
I wrote this function so UI memory editing can be done on both XDK and RETAIL nand images in 1 line, this means no offsets will be needed (besides the ones in the .xzp archive).
This is my code, my discovery so please don't take credit.
Code to check if the handle exists:
Code to edit the section (if handle exists):
Example:
Say we're using dash.xex and dashuisk.xzp (the main dash skin).
You would get the original PE name of the module, in this case it is "dash.exe".
You would use the section name, in this case is it "dashuisk".
Then you would get the offset of the colour you want to change in the XZP, so in this case the offset we want to edit is 0x7828 which is the main skin colour green (0xFF008A00).
You would then need to make a check for the handle (in this case dash.xex) then call the function once the handle is found. You can do this with generic hooks like XexLoadImage and XexLoadExecutable.
This is a really effective and simple way to do memory edits and a lot can be made just based off the code I have supplied. Again please don't credit yourself for this, it's not yours.
Enjoy!
This is my code, my discovery so please don't take credit.
Code to check if the handle exists:
Code:
void* HandleExists(const char* OriginalPE)
{
PLDR_DATA_TABLE_ENTRY DataTableEntry = (PLDR_DATA_TABLE_ENTRY)GetModuleHandleA("xboxkrnl.exe");
PXEX_HEADER_STRING String;
DataTableEntry = (PLDR_DATA_TABLE_ENTRY)DataTableEntry->InLoadOrderLinks.Flink;
while (DataTableEntry != 0)
{
String = (PXEX_HEADER_STRING)RtlImageXexHeaderField(DataTableEntry->XexHeaderBase, 0x183FF);
if ((String != 0) && (String->Data[0] != 0))
{
if (stricmp((char*)String->Data, OriginalPE) == 0)
{
return (void*)DataTableEntry;
}
}
DataTableEntry = (PLDR_DATA_TABLE_ENTRY)DataTableEntry->InLoadOrderLinks.Flink;
}
return ((void*)-1);
}
Code to edit the section (if handle exists):
Code:
void WriteToResource(const char* OriginalPE, char* Section, unsigned long Offset, unsigned char* Bytes)
{
if (HandleExists(OriginalPE) != ((void*)-1))
{
void* SectionData = 0;
unsigned long SectionSize = 0;
if (XGetModuleSection(HandleExists(OriginalPE), Section, &SectionData, &SectionSize))
{
unsigned long Address = (unsigned long)SectionData + Offset;
memcpy((void*)Address, Bytes, sizeof(unsigned long));
}
}
}
Example:
Say we're using dash.xex and dashuisk.xzp (the main dash skin).
You would get the original PE name of the module, in this case it is "dash.exe".
You would use the section name, in this case is it "dashuisk".
Then you would get the offset of the colour you want to change in the XZP, so in this case the offset we want to edit is 0x7828 which is the main skin colour green (0xFF008A00).
You would then need to make a check for the handle (in this case dash.xex) then call the function once the handle is found. You can do this with generic hooks like XexLoadImage and XexLoadExecutable.
Code:
void InitializeTitleHooks(PLDR_DATA_TABLE_ENTRY DataTableEntry)
{
PXEX_EXECUTION_ID ExecutionID = (PXEX_EXECUTION_ID)RtlImageXexHeaderField(DataTableEntry->XexHeaderBase, (((0x400) << 8) | (sizeof(XEX_EXECUTION_ID) >> 2)));
PatchModuleImport(DataTableEntry, "xboxkrnl.exe", 0x198, (unsigned long)XexLoadExecutableHook);
PatchModuleImport(DataTableEntry, "xboxkrnl.exe", 0x199, (unsigned long)XexLoadImageHook);
if (ExecutionID == 0) return;
if (wcscmp(DataTableEntry->BaseDllName.Buffer, L"dash.xex") == 0)
{
unsigned char Colour[4] = { 0xFF, 0x60, 0x90, 0xFF };
WriteToResource("dash.exe", "dashuisk", 0x7828, Colour);
}
}
This is a really effective and simple way to do memory edits and a lot can be made just based off the code I have supplied. Again please don't credit yourself for this, it's not yours.
Enjoy!
Last edited by a moderator: