PDA

View Full Version : Running Shoes inside buildings


HackMew
January 31st, 2010, 07:12 AM
Brief Intro
I'm gonna deliberately quote Bulbapedia here:
The Running Shoes were introduced in Ruby and Sapphire, and used in all Generation III and Generation IV games. They are typically received shortly after the beginning of the game, and allow the player to run instead of walk, by holding the B button and pressing the D-pad in any direction. The speed at which players can run is about twice as that of walking, yet slower than any of the bicycles. In Generation IV, the player can use Running Shoes inside of all structures instead of being limited to certain buildings in past games.To be honest, I always disliked the fact you could not run indoors. Eventually, Game Freak realized that too someday.
Now we will fix the annoying issue, letting the player use Running Shoes everywhere, through a simple byte change!

Description
The game does some checks when pressing the B button. Below, part of the routine involved, disassembled from FireRed US v1.0:

[css-div="font-family:consolas, courier new,monospace"]080bd490 7e41 ldrb r1, [r0, #0x19]
080bd492 2002 mov r0, #0x2
080bd494 4008 and r0, r1
080bd496 2800 cmp r0, #0x0
080bd498 d006 beq $080bd4a8[/css-div]

I'll explain briefly what happens. First of all, the "Show name on entering" byte is loaded into r1 and r0 is set to 0x2. Then r0 is ANDed with r1. Here are the possible results:

[css-div="font-family:consolas, courier new,monospace"]0x2 AND 0x0 = 0x0
0x2 AND 0x1 = 0x0
0x2 AND 0x2 = 0x2
0x2 AND 0x3 = 0x2
0x2 AND 0x4 = 0x0
0x2 AND 0x5 = 0x0
0x2 AND 0x6 = 0x2
0x2 AND 0x7 = 0x2
0x2 AND 0x8 = 0x0
0x2 AND 0x9 = 0x0
0x2 AND 0xA = 0x2
0x2 AND 0xB = 0x2
0x2 AND 0xC = 0x0
0x2 AND 0xD = 0x0
0x2 AND 0xE = 0x2
0x2 AND 0xF = 0x2[/css-div]

As you can see, a specific pattern is repeating itself. Going on with the routine, we can see r0 is compared with 0x0. If equal, no Running Shoes :(

Now, if we could change the "and r0, r1" instruction with a "and r0, r0" one, what would happen?
The register r0 is set to 0x2 the instruction before, so it would always be 0x2 AND 0x2 = 0x2. And since 0x2 is not 0x0, we can run anytime.
Regardless of the map header settings :)

That's for FR/LG. In Emerald, things are pretty similar, here's the routine from Emerald US v1.0:

[css-div="font-family:consolas, courier new,monospace"]0811a1e4 7e81 ldrb r1, [r0, #0x1a]
0811a1e6 2004 mov r0, #0x4
0811a1e8 4008 and r0, r1
0811a1ea 2800 cmp r0, #0x0
0811a1ec d006 beq $0811a1fc[/css-div]

Nothing much to say, really. The main difference is that r0 is set to 0x4 instead of 0x2, which means different patterns.
Not that we really care about that, since we already know all we need to do is to replace the "and r0, r1" instruction there.

In Ruby and Sapphire, things are quite different instead:

[css-div="font-family:consolas, courier new,monospace"]080e5dfc 4802 ldr r0, [$080e5e08] (=$0202e828)
080e5dfe 7dc0 ldrb r0, [r0, #0x17]
080e5e00 2808 cmp r0, #0x8
080e5e02 d103 bne $080e5e0c[/css-div]

The above code, extracted from Ruby US v1.0 will load the "Map Type" byte into r0 at first. Then it's compared with 0x8, which means indoors.
When being not equal, you can run. Otherwhise you cannot, indeed. Now, if we change the "cmp r0, #0x8" with "cmp r0, #0x0", we are always allowed to run.
In fact, no map in the game use the value 0x0.

Whatever game you're using, in hex that means replacing 08 with 00. Offsets are below.

The Offsets



FireRed US v1.0

[css-div="font-family:consolas,courier new,monospace"]0xBD494[/css-div]

LeafGreen US v1.0

[css-div="font-family:consolas,courier new,monospace"]0xBD468[/css-div]

Ruby US v1.0

[css-div="font-family:consolas,courier new,monospace"]0xE5E00[/css-div]

Sapphire US v1.0

[css-div="font-family:consolas,courier new,monospace"]0xE5E00[/css-div]

Emerald US v1.0

[css-div="font-family:consolas,courier new,monospace"]0x11A1E8[/css-div]



This research document is Copyright © 2010 by HackMew.
You are not allowed to copy, modify or distribute it without permission.

hashtag
January 31st, 2010, 01:23 PM
Good research, Andrea. I was trying to find a way to enable this without touching the Map Header options. I just implemented this into my hack; well done!

BlitŻ
January 31st, 2010, 02:09 PM
Hmm, this is something that is great ^^. Now I don't havev to change things from indoor to outside to make it work. ^-^ I hope nothing bad will become of my rom though, just in case. >.<

Your research greatly benefits us all. x3

NarutoActor
January 31st, 2010, 02:23 PM
Will this mess with the Day & Night System, as in it will be sunny indors? or dose this byte change only change the fact that you can run?

HackChu
January 31st, 2010, 02:24 PM
Thanks I was wanting to know how to do this recently, I just hope it doesn't mess anything up.

HackMew
January 31st, 2010, 02:28 PM
To clear it up: this doesn't mess anything up. Obviously. It will simply enable Running Shoes anywhere. Heck, I've used it in Oro Sole too.

hashtag
January 31st, 2010, 02:28 PM
Will this mess with the Day & Night System, as in it will be sunny indors? or dose this byte change only change the fact that you can run?

It only changes the running; not the weather. :D

edit: beaten :(

HackChu
January 31st, 2010, 02:32 PM
Well I can't find the offset used above in my hex editor.

0xBD494It says string not found.:(

hashtag
January 31st, 2010, 02:34 PM
Well I can't find the offset used above in my hex editor.

0xBD494It says string not found.:(

Search BD494 on it's own in your editor.

Omega Zero
January 31st, 2010, 02:36 PM
WoW really useful i just used it right now :3

HackMew
January 31st, 2010, 02:48 PM
Well I can't find the offset used above in my hex editor.

0xBD494It says string not found.:(

Am I wrong (no, I'm not) or I didn't use the word "search" at all? You just need to go to that offset in your ROM using a hex editor.
Assuming you know how to use one. For further details, just read the first post.

Omega Zero
January 31st, 2010, 03:17 PM
the reason it said string not found cause you probally pressed Ctrl+F press Ctrl+G then try it

giradialkia
January 31st, 2010, 03:29 PM
Forgive my misunderstanding, but is this not possible by just changing the "Show Map Name" setting? I previously wanted to do this for my hack, which is based on Emerald. All I had to do is change the petting from "Do not show name" to "05 ???" and That enabled the running shoes while indoors, in any building. And in FireRed it's "02 ???". Although from the amount of 0x2's I see in the first post, that's probably what you were saying. Though... Are you saying that once this code is implemented, you'll be able to run everywhere, regardless of the Show Name setting? Because if that's what you were saying... That is cool. Sorry, for not understanding properly:(.

HackMew
January 31st, 2010, 03:53 PM
Are you saying that once this code is implemented, you'll be able to run everywhere, regardless of the Show Name setting? Because if that's what you were saying... That is cool. Sorry, for not understanding properly:(.

That's exactly what it was designed for.

liuyanghejerry
January 31st, 2010, 05:59 PM
This is very interesting.
But this inspire me that why don't we try to reuse select,R,L?
In FR,RL goes to a helpless help and in RSE, it's totally no use...
Maybe we could create codes like what B and select does,and make R,L new use in OW.
Maybe press R to fish?

HackChu
January 31st, 2010, 06:18 PM
This is very interesting.
But this inspire me that why don't we try to reuse select,R,L?
In FR,RL goes to a helpless help and in RSE, it's totally no use...
Maybe we could create codes like what B and select does,and make R,L new use in OW.
Maybe press R to fish?
Well for one it requires ASM of course and for two...this isn't related to the topic of the thread so please refrain from switching it up.

ZodiacDaGreat
January 31st, 2010, 08:43 PM
This is very interesting.
But this inspire me that why don't we try to reuse select,R,L?
In FR,RL goes to a helpless help and in RSE, it's totally no use...
Maybe we could create codes like what B and select does,and make R,L new use in OW.
Maybe press R to fish?
I think he wants to extend the routine to add in extra stuff for keypresses.

For people interested in having the Running Shoes hack on Ruby, you're in for some good news ^^ I've come up with my own hack for Ruby since I don't think the same way works, AFAIK. Anyways, let's get down to business.. My hack revolves around Map Type byte. There are a lot of routines reading that and one of them checks if the Map type is indoors, if it is then you 'Can't Run' otherwise you can.


080e5dfc 4802 ldr r0, [$080e5e08] (=$0202e828) @ Map Type Flag is stored here
080e5dfe 7dc0 ldrb r0, [r0, #0x17]
080e5e00 2808 cmp r0, #0x8 @ Indoor Map Type
080e5e02 d103 bne $080e5e0c
080e5e04 2001 mov r0, #0x1
080e5e06 e002 b $080e5e0e

What we are gonna do is change that 08 to 00, since no Map uses 00 anyway as far as it matters just change it to any other value that doesn't involve Maps that you can run on. So, to apply this hack simply put 00 at 0xE5E00.

Enjoy!

Tropical Sunlight
January 31st, 2010, 11:17 PM
Awesome, just did this in Turquoise! Thanks, HackMew!

HackMew
February 1st, 2010, 12:52 AM
>> TO ALL: First post updated! Now includes Ruby, Sapphire and Emerald too :D

This is very interesting.
But this inspire me that why don't we try to reuse select,R,L?
In FR,RL goes to a helpless help and in RSE, it's totally no use...
Maybe we could create codes like what B and select does,and make R,L new use in OW.
Maybe press R to fish?

Well, not really. You can use L/R to scroll in the bag or in the Pokémon stat screens. Even on R/S/E. But yeah, those buttons are not used a lot I guess. Anyway, this is kinda offtopic here, sorry.


For people interested in having the Running Shoes hack on Ruby, you're in for some good news ^^ I've come up with my own hack for Ruby since I don't think the same way works, AFAIK.

You know, I was going to post the R/S/E stuff later, but thanks nonetheless.


Awesome, just did this in Turquoise! Thanks, HackMew!

You're welcome. Even if I didn't say explicitly, a tiny bit of credit is always appreciated.

Flandre Scarlet
February 1st, 2010, 02:29 AM
Hahaha, I was just about to ask for an Emerald version :P But it looks like its already done. :) Thank you so much HackMew! Works perfectly!

simdu68
February 12th, 2010, 10:19 AM
sorry but i'm so bad in scripting that i don't understand -_-'

well in fact the first part i understand but not the second with the offsets...........


edit:
in fact i have another question, is it possible to change it also with the bicycle to be able to drive with the bike in the houses? that would also be great^^

Sagiri
February 12th, 2010, 11:29 AM
sorry but i'm so bad in scripting that i don't understand -_-'

well in fact the first part i understand but not the second with the offsets...........


edit:
in fact i have another question, is it possible to change it also with the bicycle to be able to drive with the bike in the houses? that would also be great^^
You open a hex editor, go to the specified offset and change the 08 found there with 00.

Biking anywhere is theoretically possible, but not with this.

simdu68
February 12th, 2010, 11:41 AM
ah ok^^
i haven't got hex editor i'm making scripts with something alse, probably worse :S

so i'll download hex editor maybe i'll understand^^

thanx :D

Muffin™
February 12th, 2010, 11:46 AM
Thanks so much HackMew! I always love your tutorials!!!

simdu68
February 12th, 2010, 12:02 PM
i just now read a scripting tutorial, now i understand your tutorial also^^

in fact i just didn't know this scripting language....... but hex editor is much better than my old programm^^

funguy1019
April 11th, 2010, 07:56 PM
i couldnt find offset BD494...all i could find was BD490 and so i changed that and it works fine but is it dangerous to change that?

altariaking
April 12th, 2010, 04:42 AM
the first 2 numbers in bd490 are 90, the second are 91 and so on. does that help?

6ryan4
July 2nd, 2010, 03:45 PM
I would use this...but I don't use whatever program you use for this stuff (I'm guessing it's XSE) :P

Shiny Quagsire
July 2nd, 2010, 04:39 PM
I would use this...but I don't use whatever program you use for this stuff (I'm guessing it's XSE) :P

Just change the 80 to 00 at the specified offset for your version in a hex editor. I use HxD.

ERROR
July 4th, 2010, 08:20 PM
THIS....IS....AMAZING!
great minds :D what will they think of next :P
hooray for hackmew!

cooley
July 14th, 2010, 07:57 AM
I thought you can already do this through Advance Map? Im not home so I cant check which drop-down you have to change. But other than that, at least this teaches us to use a hex editor and some, what a hex editor is...

JJ148
July 31st, 2010, 05:21 AM
I still don't get what you have to do =(

Epicness
July 31st, 2010, 06:02 PM
mmm...just like in D/P/Pt and HG/SS =D

hitsu.
July 31st, 2010, 10:39 PM
I still don't get what you have to do =(
Open your ROM in a Hex Editor. Go to the offset Andrea listed (make sure it's for the ROM you're using). Press 0 twice, save it. The end.

KotovSyndrome_
August 12th, 2010, 03:46 PM
Open your ROM in a Hex Editor. Go to the offset Andrea listed (make sure it's for the ROM you're using). Press 0 twice, save it. The end.

I did this in Hex Workshop.. Nothing happened. :/

What Editor are you using?

EDIT: I switched to HxD and it's working :D

Full Metal
August 14th, 2010, 02:53 PM
I think he wants to extend the routine to add in extra stuff for keypresses.

For people interested in having the Running Shoes hack on Ruby, you're in for some good news ^^ I've come up with my own hack for Ruby since I don't think the same way works, AFAIK. Anyways, let's get down to business.. My hack revolves around Map Type byte. There are a lot of routines reading that and one of them checks if the Map type is indoors, if it is then you 'Can't Run' otherwise you can.


080e5dfc 4802 ldr r0, [$080e5e08] (=$0202e828) @ Map Type Flag is stored here
080e5dfe 7dc0 ldrb r0, [r0, #0x17]
080e5e00 2808 cmp r0, #0x8 @ Indoor Map Type
080e5e02 d103 bne $080e5e0c
080e5e04 2001 mov r0, #0x1
080e5e06 e002 b $080e5e0e

What we are gonna do is change that 08 to 00, since no Map uses 00 anyway as far as it matters just change it to any other value that doesn't involve Maps that you can run on. So, to apply this hack simply put 00 at 0xE5E00.

Enjoy!

:O i did the same thing, only i used 0x6 because maybe some buildings were OK to run in. So every map type you can run in, excluding the type '0x6' :D

Random92
September 28th, 2010, 02:21 AM
Hex editor... where can I find one. Or is there one in XSE? Thanks in advance =)

Spherical Ice
September 28th, 2010, 07:20 AM
Google is your friend, you know? (http://tinyurl.com/bza2oh)

Kininja
September 28th, 2010, 11:29 AM
I'm using Hexacute? its a hex editor i've foundwhen i find BD494 it's just FFs all across what do i do :(

X1C377
October 17th, 2010, 01:34 AM
Editing the offset 0xE5E00 as you instructed for Sapphire causes the game to reset if one holds B while moving. The offset I had to change was 0xE5E20.

AimayBee
April 8th, 2011, 05:46 PM
I wonder if you could do the same thing with the Vs. Seeker from Firered/Leafgreen.

Wouldn't it be the same thing? x

BlackHayate
April 11th, 2011, 12:05 PM
@X1C377: The offsets are almos always different between versions, thats why there are tools that work for Fire Red but not Leaf Green, the creator didn't collect the offsets for both games.

Moving on; Yeh it always anoyed me that you couldnt rematch trainers just because they were indoors. Are there any places where you can't use the bike, but can use the VS seeker?

bcrobert
May 17th, 2011, 09:52 PM
Hex editing at its finest. Changed one thing and now I can jog around the pokecenter like my character's on crack. This is some of the most applicable research data on the site. A+

Innocence
May 18th, 2011, 05:21 AM
Hex editing at its finest. Changed one thing and now I can jog around the pokecenter like my character's on crack. This is some of the most applicable research data on the site. A+

I would like to propose the re-re(-re?)implementation of reputation just so that we can give witty posts like this the recognition they deserve without saying +1.


Anyway, the reason that I came here to post was that I am appalled that people don't know how to use a hex editor. It's far too easy now to make a decent hack without using a hex editor, what with programs to do the tiniest thing. Questions like "what's an offset" sadden me.

All the same, I still can not for the life of me think of something to say here that is 100% on-topic. Oh wait -

I really like this ASM hack, it makes me happy. Running around inside is always fun to do. It makes me aspire to try harder to figure out ASM, despite the fact that I've been trying to learn how to use it for at least 2 years now. (Not very hard, or for long periods of time though. :p)

AmethystEEVEE
May 30th, 2011, 04:52 PM
This seems useful, Diamond was my first non-spin-off Pokemon game, so when I first got games from gen 3 I was like "WHY CAN'T I RUNNNNN!?!?!?!?!?"

Definitely using it in Pokemon Evolution :3 Thanks Hackmew! I'll just have to look into it later when I download more Hacktools, though. For now, I don't know how to hex-edit and I don't have the right resources anyways...

Reygok
February 21st, 2012, 02:09 PM
Thanks HackMew, this is a real cool tweak! I'd like to use it, too, but I hack a german FireRed, how can I find the offsets there?

droomph
February 21st, 2012, 03:00 PM
Thanks HackMew, this is a real cool tweak! I'd like to use it, too, but I hack a german FireRed, how can I find the offsets there?Copy the two bytes, and a couple surrounding bytes, onto the "search" bar, and survey the results to see if they correspond, and voilà, you have the loffsets. ^^

Reygok
February 21st, 2012, 03:16 PM
Thanks, but I just switched to the US version, has many advantages ^^ Thanks anyway :P

Lugia_Da_Boss
July 2nd, 2012, 05:42 AM
I can't find any of this in my FireRed on the HEX Editor. Is there any other way I can do this?

Darthatron
July 2nd, 2012, 07:24 PM
I can't find any of this in my FireRed on the HEX Editor. Is there any other way I can do this?

What do you mean you can't find it?

Lugia_Da_Boss
July 2nd, 2012, 11:37 PM
What do you mean you can't find it?
I keep ctrl+f-ing the offset or different parts of the code and the things says that it can't find ANY of it.

DrFuji
July 3rd, 2012, 12:20 AM
I keep ctrl+f-ing the offset or different parts of the code and the things says that it can't find ANY of it.

You shouldn't be using Ctrl+F (find), you need to use Ctrl+G (go to). In this tutorial HackMew has given you the offsets which you need to change to 00 rather than a line of code which you're supposed to find for yourself.

Lugia_Da_Boss
July 4th, 2012, 12:42 AM
You shouldn't be using Ctrl+F (find), you need to use Ctrl+G (go to). In this tutorial HackMew has given you the offsets which you need to change to 00 rather than a line of code which you're supposed to find for yourself.
Well, ctrl+G won't let me use letters, it calls them invalid digits.

DrFuji
July 4th, 2012, 12:51 AM
Well, ctrl+G won't let me use letters, it calls them invalid digits.

Make sure you're searching in HEX values rather than decimal.

Lugia_Da_Boss
July 4th, 2012, 01:01 AM
Make sure you're searching in HEX values rather than decimal.
I'm searching in HEX alright. That;'s the default thing it searches in.

DrFuji
July 4th, 2012, 01:40 AM
I'm searching in HEX alright. That;'s the default thing it searches in.

In that case I'd suggest trying to find the offset manually by just scrolling down throughout the ROM until reaching and changing it accordingly. It is more tedious but it will definitely work.

If you don't want to do that then perhaps you could try downloading another HEX editor as the one you're using doesn't want to agree with you :P

ShinyDragonHunter
September 2nd, 2012, 08:32 PM
How would this effect the Pokémon Center link rooms (Trade Center, Colosseum etc)?
I mean would it cause bugs if you tried to run while in link with another game?

JackHack96
September 3rd, 2012, 05:37 AM
How would this effect the Pokémon Center link rooms (Trade Center, Colosseum etc)?
I mean would it cause bugs if you tried to run while in link with another game?
No, I don't believe it! Try with VBA-Link!

EDIT: Ok! I've tested it with VBA-Link! Appearently there are no bugs! So, run everywhere! =)

ShinyDragonHunter
September 3rd, 2012, 07:22 AM
No, I don't believe it! Try with VBA-Link!

EDIT: Ok! I've tested it with VBA-Link! Appearently there are no bugs! So, run everywhere! =)
So does the game you're linking with show the character running, and the double movement speed?
You know what? I'll see for myself.

JackHack96
September 3rd, 2012, 07:34 AM
So does the game you're linking with show the character running, and the double movement speed?
You know what? I'll see for myself.
Yes! It does! However, see it! =)

harry95
February 11th, 2013, 03:39 AM
How to do it?
What program?
Please,HELP!!!!

karatekid552
March 3rd, 2013, 10:14 AM
How to do it?
What program?
Please,HELP!!!!

Seriously? It's called a hex editor. HxD is the best, but GoldFinger supports .tbl files. Heck, there is even hex editor on the app store if you want to hack on the go.:D

pepepepote
March 4th, 2013, 07:06 PM
how do it¿¿¿¿¿¿ please name of program ^^

thanks

karatekid552
March 4th, 2013, 07:09 PM
how do it¿¿¿¿¿¿ please name of program ^^

thanks

*facepalm* HxD and/or Goldfinger. These are hex editors.....

Uikri
July 2nd, 2013, 07:57 PM
Seriously? It's called a hex editor. HxD is the best, but GoldFinger supports .tbl files. Heck, there is even hex editor on the app store if you want to hack on the go.:D

Will they work on ROMs that have been previously run through a randomizer, or do I have to edit them first?

karatekid552
July 3rd, 2013, 03:28 AM
Will they work on ROMs that have been previously run through a randomizer, or do I have to edit them first?

All a hex editor does is open the game up in it's binary code (as hexidecimals of course). It doesn't matter what you do to the game, you could corrupt the game beyond repair and the hex editor will still open the file.

Uikri
July 4th, 2013, 09:56 PM
All a hex editor does is open the game up in it's binary code (as hexidecimals of course). It doesn't matter what you do to the game, you could corrupt the game beyond repair and the hex editor will still open the file.

EDIT: Holy cow how do I do this (See attachment)? I'm using Emerald, and I had to use GoldFinger because when trying to use HxD, it required the admin password, and even when my dad entered it, it would say "I have some issues starting up. Relaunch me!" It didn't work either of the two times I tried.
Is 1.7.7.0 the latest version of HxD?

You shouldn't be using Ctrl+F (find), you need to use Ctrl+G (go to). In this tutorial HackMew has given you the offsets which you need to change to 00 rather than a line of code which you're supposed to find for yourself.

I don't understand then. Could you please explain what we are looking for, how we find it, and what we replace it with? (EDIT: Okay, I've figured out that I have to replace 0811A1E8 with 0011A1E8, but when I type in that offset in the "Go to" box, nothing appears. Granted, that could be because of how it's displaying. I do not know how to manually locate 0811A1E8 because nothing like that is being listed in the table.)

Sagiri
July 5th, 2013, 06:17 AM
EDIT: Holy cow how do I do this (See attachment)? I'm using Emerald, and I had to use GoldFinger because when trying to use HxD, it required the admin password, and even when my dad entered it, it would say "I have some issues starting up. Relaunch me!" It didn't work either of the two times I tried.
Is 1.7.7.0 the latest version of HxD?



I don't understand then. Could you please explain what we are looking for, how we find it, and what we replace it with? (EDIT: Okay, I've figured out that I have to replace 0811A1E8 with 0011A1E8, but when I type in that offset in the "Go to" box, nothing appears. Granted, that could be because of how it's displaying. I do not know how to manually locate 0811A1E8 because nothing like that is being listed in the table.)

You need to go to 0811A1E8 and replace 08 with 00. However, Hex Editors will tell you that doesn't exist, because all they do is display the rom - when using the goto function, just from the beginning 08.

Edit:I just realized that this comment makes no sense. It was supposed to say "just remove the beginning 08". I have no idea where "from" came from.

Uikri
July 5th, 2013, 07:31 AM
You need to go to 0811A1E8 and replace 08 with 00. However, Hex Editors will tell you that doesn't exist, because all they do is display the rom - when using the goto function, just from the beginning 08.

Yes, I have since figured out that they most certainly will tell you that. For future reference, for anybody that needs clarification, in order to go to 0811A1E8, you have to only search the last six digits (11A1E8). Then your editor will take you to a byte labeled "08". That is what you replace with "00".