PS4 Trainer Utility: Community Edition (TUCE) v0.9 by ZeroFox

Hi everyone, I have created a tool for this "modding" community, expanding on what's been done in this space.

I took out the horizon trainer file because it was actually nothing, just for demo purposes.

To start, not many people will recognize who I am because I am using a different alias. However, back in the Xbox 360 scene, I was the one who fixed up XPowerPlay by the2000 and the first person to release trainers for the 360.

Since then a lot of people approached me and I helped where I could, some of those people I encountered are even here now I believe (@DeathRGH, @vampirexx ?). That scene then took off and other people started making trainers.

That brings me to now, I've been watching the PS4 scene and what's been happening as far as memory and "trainer" tools go, and I'm happy to see some progress has been made. So I've decided to make my own contribution and help out the community as I did with the 360.

Now I've been working on this tool for awhile now in my spare time (even before PS4Cheater), but my spare time has been sparse which is why it has taken me so long to get this tool out there. Although it may seem similar to other tools out there there is added value to this specific tool.

Let me introduce you to the PS4 Trainer Utility: Community Edition (TUCE). Works on both 4.05 and 4.55.

Main Features Include:

• Extensive searching capabilities: search for many different kinds of values (integers, floats, strings, etc.), while using different equality comparisons (bigger than, smaller than, value between, changed, unchanged, opposites such as NOT bigger than, etc).

• Built-in dynamic trainer editor and loader: Simple and intuitive, create trainers with ease AND run them all within the same tool. Using trainers is super easy that even non-experienced people can use (they're all buttons!, just click and go!)

• Other memory tools at your disposal: Poke memory, view memory, dump memory. Save address tables, add newly found addresses during to scan to a trainer with ease.

F.A.Q:

Q: Why is this slower scanning memory than PS4Cheater?

A: While I can't speak for how PS4Cheater works, I noticed that when I did the EXACT same scan side-by-side using TUCE and PS4Cheater, I got significantly more results with TUCE than PS4Cheater. With TUCE I got over 16k results while PS4 Cheater only gave me 4k on the same scan. I'm not sure why this is but I can attest that my method will give you EVERY single result based on your search.

Q: I'm running a trainer but x,y,z value is not changing, why?!

A: A lot of values are dynamically allocated and as such the address the value is stored in changes on every console reboot. In order to trace the value back to where it gets assigned we need a debugger, which is currently not available.

Special thanks to @g991 (aka Golden) for creating jkpatch, which this tool utilizes.

Screenshots:

Download:

• PS4 Trainer Utility v0.9.4.rar (0.17 MB - Changes)

This is an ALPHA release due so many variables that I could simply not test every single scenario. If you do come across any bugs or issues, or even any feature requests, please let me know and I will do my best to provide support.

Thanks,
-ZF

Game Trainers:

• Final Fantasy XVI (CUSA01615) v1.00 by imedox

 

[Gelson]

Playload send success.
Enter the game success.
Connect error....

System.IO.FileNotFoundException: Could not load file or assembly 'System.Net.Sockets, Version = 4.1.0.0, Culture = neutral, PublicKeyToken = b03f5f7f11d50a3a' or one of its dependencies. The system can not find the file specified.
File name: 'System.Net.Sockets, Version = 4.1.0.0, Culture = neutral, PublicKeyToken = b03f5f7f11d50a3a'
   in librpc.PS4RPC..ctor (IPAddress addr)
   in PS4_Trainer_Utility_CE.MainForm.ConnectBtn_Click (Object sender, EventArgs, and)
   in System.Windows.Forms.Control.OnClick (EventArgs and)
   in System.Windows.Forms.Button.OnClick (EventArgs and)
   in System.Windows.Forms.Button.OnMouseUp (MouseEventArgs mevent)
   in System.Windows.Forms.Control.WmMouseUp (Message & m, MouseButtons button, Int32 clicks)
   in System.Windows.Forms.Control.WndProc (Message & m)
   in System.Windows.Forms.ButtonBase.WndProc (Message & m)
   in System.Windows.Forms.Button.WndProc (Message & m)
   at System.Windows.Forms.Control.ControlNativeWindow.OnMessage (Message & m)
   at System.Windows.Forms.Control.ControlNativeWindow.WndProc (Message & m)
   in System.Windows.Forms.NativeWindow.Callback (IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

AVI: The assembly association log is disabled.
To enable assembly failure logging, set the [HKLM \ Software \ Microsoft \ Fusion! EnableLog] (DWORD) registry value to 1.
NOTE: There is some penalty for the performance associated with the assembly association failure log.
To disable this feature, remove the registry value [HKLM \ Software \ Microsoft \ Fusion! EnableLog].



************** Uploaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
PS4 Trainer Utility CE
    Assembly Version: 0.9.1.0
    Win32 Version: 0.9.1
    Code Base: file: /// C: /Users/GTec/Desktop/PS4%20Trainer%20Utility%20v0.9.1/PS4%20Trainer%20Utility%20CE.exe
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Windows.Forms.resources
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1055.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms.resources/v4.0_4.0.0.0_en_b77a5c561934e089/System.Windows.Forms.resources.dll
----------------------------------------
System.Configuration
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System.Xml
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
librpc
    Assembly Version: 1.0.0.0
    Win32 version: 1.0.0.0
    Base Code: file: /// C: /Users/GTec/Desktop/PS4%20Trainer%20Utility%20v0.9.1/librpc.DLL
----------------------------------------
System.Runtime
    Assembly Version: 4.0.0.0
    Win32 Version: 4.6.1590.0
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Runtime/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Runtime.dll
----------------------------------------
Accessibility
    Assembly Version: 4.0.0.0
    Win32 version: 4.6.1590.0 built by: NETFXREL2
    Base Code: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/Accessibility/v4.0_4.0.0.0__b03f5f7f11d50a3a/Accessibility.dll
----------------------------------------
System.Net.Primitives
    Assembly Version: 4.0.0.0
    Win32 Version: 4.6.1590.0
    Code Base: file: /// C: /Windows/Microsoft.Net/assembly/GAC_MSIL/System.Net.Primitives/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.N

 

[redsoft]

thanks for your job

 

[aki2008]

How to exsample please..
Horizon zero dawn : infinite hp.

 

[narsink]

Not working. I get to 100% and then it just crashes.
4.55. & 0.9.1V

 

[SanadskYoutube]

It keeps giving me an error when connecting...I am using 4.55

 

[thehari]

does anyone has tutorial the easy way that we can applied it?
please share. thanks

 

[Shiningami]

@ZeroFox Thanks for the tool amazing!
i was working my self on some kind of cheat manager with scan tool and i got the same scan speed problem so i decided to share what i found maybe it can help PS4Cheat Manager v0.1.3.

1/ two method came to mind when changing for value
a - convert the value to shearch to byte array then make an algo to find all occurrence in the dumped memory range (take a lot of time)

b - dump the memory to the be.hexbox then copy all, convert to string, then search all occurrence (faster but still slower than ps4cheater)

2/ i dont know where you and ps4cheater found jk patch bin and elf for 4.55 cause the md5 doesnt match with the one i got from jkpatch git (the one you have cause the value to jump by 60000)

 

[smasher248]

I can't connect, I'm on 4.05 i run original exploit, then when i click connect, it comes up saying target was denied

 

[thehari]

@shinigami
I will try your method. thanks bro

 

[nikeymikey]

I also have the connection problem, target machine actively refused it. Have run the kexploit using exploit host, payload will not send and app will not connect to ps4.

What am i doing wrong here???