PDA

View Full Version : Research: Darthatron's Hacks


Darthatron
June 3rd, 2012, 04:03 AM
Here are some hacks that I have made for people. I hope you enjoy them. I have attempted to explain how they work as well, for those who want to learn. :)

Remove the "Previously on your quest..." scene from game load.
Hack:Change bytes at 110F44 to 00 20
Change bytes at 110F50 to C0 46
Explained:Original:08110F32 loc_08110F32: @ CODE XREF: sub_08110F14+3Cj
08110F32 MOVS R0, R2
08110F34 MULS R0, R7
08110F36 ADDS R0, R5, R0
08110F38 ADDS R0, R0, R6
08110F3A LDRB R0, [R0]
08110F3C LDR R3, =unk_0203ADF9
08110F3E CMP R0, #0
08110F40 BEQ loc_08110F48
08110F42 LDRB R0, [R1]
[S-HIGHLIGHT]08110F44 ADDS R0, #1[/S-HIGHLIGHT]
08110F46 STRB R0, [R1]
08110F48
08110F48 loc_08110F48: @ CODE XREF: sub_08110F14+2Cj
08110F48 ADDS R0, R2, #1
08110F4A LSLS R0, R0, #0x18
08110F4C LSRS R2, R0, #0x18
08110F4E CMP R2, #3
[S-HIGHLIGHT]08110F50 BLS loc_08110F32[/S-HIGHLIGHT]Basically, this code counts the amount of important events that have occured. Once it reaches 3 (CMP R2, #3), it stops counting and continues the game as normal. What we want to do is make it so it always returns zero. We do this by setting R0 to 0 instead of incrementing as normal, and then removing the loop with the NOP (which literally does nothing) command.

New:08110F32 loc_08110F32: @ CODE XREF: sub_08110F14+3Cj
08110F32 MOVS R0, R2
08110F34 MULS R0, R7
08110F36 ADDS R0, R5, R0
08110F38 ADDS R0, R0, R6
08110F3A LDRB R0, [R0]
08110F3C LDR R3, =unk_0203ADF9
08110F3E CMP R0, #0
08110F40 BEQ loc_08110F48
08110F42 LDRB R0, [R1]
[S-HIGHLIGHT]08110F44 MOV R0, #0[/S-HIGHLIGHT]
08110F46 STRB R0, [R1]
08110F48
08110F48 loc_08110F48: @ CODE XREF: sub_08110F14+2Cj
08110F48 ADDS R0, R2, #1
08110F4A LSLS R0, R0, #0x18
08110F4C LSRS R2, R0, #0x18
08110F4E CMP R2, #3
[S-HIGHLIGHT]08110F50 NOP[/S-HIGHLIGHT]

Run a script from an items "Use" command or from registering it from select...
First of all, follow DavidJCobb's Item Creation Tutorial (http://www.pokecommunity.com/showthread.php?t=258426), until the part where it attempts to add scripts, to actually create a new item. But change the "Type" combobox to #2 in the Item Manager. JPANs engine is not required!

Next step is to put this (assmelbed) code somewhere:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 E5 9A 06 08 98 99 03 02 3D 10 0A 08 09 75 07 08 XX XX XX 08Where XXXXXX is the location of your script reversed. 800300 would be 00 03 80, for example.

By entering this hex somewhere in the ROM and putting it's offset+1 in the "Field Usage" box in the Item Manager, you can call any script by using the item from the bag or by select. :) Say I put the routine at 800000 in the ROM, the Field Usage box would be 08800001.
Here's the unassembled code:
.text
.align 2
.thumb
.thumb_func
.global Hax

setup:
push {r4, lr}
mov r4, r0
mov r0, pc
add r0, #0x13
ldr r1, .unk_02039998
str r0, [r1]
mov r0, r4
ldr r1, .sub_080A103C
bl bx_r1
pop {r4}
pop {r0}
bx r0

main:
push {r4, lr}
mov r4, r0
ldr r0, .ScriptToCall
ldr r1, .CallScript
bl bx_r1
mov r0, r4
ldr r1, .del_c3_from_linked_list
bl bx_r1
pop {r4}
pop {r0}
bx r0

.align 2
bx_r1:
bx r1

.align 2
.CallScript:
.word 0x08069AE4+1
.unk_02039998:
.word 0x02039998
.sub_080A103C:
.word 0x080A103C+1
.del_c3_from_linked_list:
.word 0x08077508+1
.ScriptToCall:
.word 0x08800300

More to come as I can be bothered.

EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best. :)

Team Fail
June 3rd, 2012, 09:02 AM
So, if I read this correctly, you can also make it record more than 3 important events as well depending on those 2 values?

Darthatron
June 3rd, 2012, 04:24 PM
So, if I read this correctly, you can also make it record more than 3 important events as well depending on those 2 values?

Not sure. Even so, not with just this code. There's more code somewhere that reads it somewhere else. But I imagine increasing it without repointing something would be bad.

Link_971
June 14th, 2012, 10:34 AM
Change bytes at 110F44 to 00 20
Change bytes at 110F50 to C0 46EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best. :)



I have found a little bug, if you save in a Pokemon Center.
When you restart, the game doesn't show the name of the Map.

Crimson5M
June 14th, 2012, 10:38 AM
Just wondering if you'd know anything about the hidebox command? In Ruby. when you use it in conjunction with showpokepic, it hides the box, showing only the sprite. This is useful for things like mugshots.
In FireRed though...it doesn't work :\

jhay21
July 10th, 2012, 01:46 AM
EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best. :)

how about a pokemon type reader/checker i haven't seen one so maybe nobody's done it yet? you set a query to a variable like 01=fire 02=grass etc.
then it checks whether the type of the pokemon selected by special 0x9F has the same type returns 1 if yes, 0 for no

ChaosBringer41
September 28th, 2012, 02:07 AM
I don't know if I'm asking in the right section (I got a headache trying to read the rules/FAQ). Anyway:

1) Can you - or anyone else - tell me how to upgrade the Pokedex in Pokemon Ruby, so that any non-Hoenn Pokemon are properly registered in the Pokedex pre-Elite Four?

2) On one of my 'this is how I'd like Pokemon Ruby to be like' hacks, I used a patch to put an old man in the intro instead of Professor Birch. The patch's name was Mr Fuji. According to my scribbled notes, I got it from PokeCommunity, but nothing on who made it. Any ideas? (I tried searching, but couldn't find it)

Jambo51
September 28th, 2012, 07:22 AM
I don't know if I'm asking in the right section (I got a headache trying to read the rules/FAQ). Anyway:

This belongs in the general ROM hacking discussion thread, as opposed to here.

1) Can you - or anyone else - tell me how to upgrade the Pokedex in Pokemon Ruby, so that any non-Hoenn Pokemon are properly registered in the Pokedex pre-Elite Four?

They are correctly registered, you just can't see them because they're not part of the Hoenn Dex. The easiest thing to do is to extend Ruby's Hoenn dex to include all the other Pokémon. I don't know precisely how to do that off the top of my head.

2) On one of my 'this is how I'd like Pokemon Ruby to be like' hacks, I used a patch to put an old man in the intro instead of Professor Birch. The patch's name was Mr Fuji. According to my scribbled notes, I got it from PokeCommunity, but nothing on who made it. Any ideas? (I tried searching, but couldn't find it)

I highly doubt anyone will be able to help you.

And, so this post is actually on subject, these 2 hacks will probably have been of great use to many people. I hope you have more cool stuff up your sleeve, Darthatron!

.parado✗
September 29th, 2012, 08:19 AM
Thank you!
The Item Stuff could be very useful for my Ruby hack.
I ever wonder how long you must research for those things..

karatekid552
February 12th, 2013, 01:25 PM
Thank you!
The Item Stuff could be very useful for my Ruby hack.
I ever wonder how long you must research for those things..

With the help of Darthatron, I have successfully ported over the item script runner to Ruby. Everything is the same, except the offsets:

.text
.align 2
.thumb
.thumb_func
.global Hax

setup:
push {r4, lr}
mov r4, r0
mov r0, pc
add r0, #0x13
ldr r1, .unk_03005D00
str r0, [r1]
mov r0, r4
ldr r1, .sub_080C9050
bl bx_r1
pop {r4}
pop {r0}
bx r0

main:
push {r4, lr}
mov r4, r0
ldr r0, .ScriptToCall
ldr r1, .CallScript
bl bx_r1
mov r0, r4
ldr r1, .del_c3_from_linked_list
bl bx_r1
pop {r4}
pop {r0}
bx r0
.align 2
bx_r1:
bx r1

.align 2
.CallScript:
.word 0x080655B8+1
.unk_03005D00:
.word 0x03005D00
.sub_080C9050:
.word 0x080C9050+1
.del_c3_from_linked_list:
.word 0x0807AB74+1
.ScriptToCall:
.word 0x08XXXXXX

Here is the compiled version:

10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 B9 55 06 08 00 5D 00 03 51 90 0C 08 75 AB 07 08 XX XX XX 08

Hope this helps all of the Ruby hackers out there!

Phenom2122
June 19th, 2014, 02:55 AM
Every few years I decide to try and work on my Emerald hack again. Only to find that every useful hack and mod has been made exclusively for Fire Red and in some cases, Ruby for some odd reason.
I was so excited to use this scripted items hack, only to find, surprise surprise, it is exclusive to Fire Red and Ruby. Makes me want to give up on hacking generation 3 Pokemon games again. Makes me want to pick up my computer and just throw it out the window.
Now I could compare the Fire Red and Ruby routines provided here to try to find the Emerald offset, although when comparing bytes, it looks like it is not just the offset that has changed. Does anyone have any idea how I could get this hack working in Emerald?

EDIT: I have found two of the offsets for Emerald to insert into the routine. However I am stuck with two and help would be appreciated.
In Fire Red this address: 02039998 points to somewhere in the ram I assume? in the Ruby routine it is this: 03005D00. I have no idea how to go about finding this in Emerald.
The other offset I am stuck with is this in Fire Red: 08069AE4 and this in Ruby: 080655B8.
In each Rom those offsets point to four particular bytes. Those four bytes appear multiple times throughout the Emerald Rom.
Please help me here, someone.

DarkPsychic
June 20th, 2014, 12:59 AM
Thank you Darthatron ^_^

This is exactly what I needed...
The way you explain the code and show the routine and not just the hex...

If you can and it's not to much to ask, could you try to make the 4th gen evolutions or even just the Dawn stone would be nice >_<

Also, could you write up a routine that takes the money the player gets after a battle and puts it into a bank account with the activation of a flag and clearing the flag would obviously make it go back to normal...

I would love to write these up my self but I have no skill in asm and at the moment I am just trying to focus on scripting and until I master that I can't move on to asm...
Not to mention I can't get debugging down for the life of me either much less write my own routines >_< hahaha

Phenom2122
June 24th, 2014, 07:32 PM
Hey guys, after finding my brain and a new Hex Editor that supports wildcard searches, I figured out the offsets for Emerald. Thanks to @Darthatron for the original ASM and thanks to absolutely nobody for helping me find those offsets. :)
Even though I couldn't get it to compile for some reason, I will post the modified code here:
.text
.align 2
.thumb
.thumb_func
.global Hax

setup:
push {r4, lr}
mov r4, r0
mov r0, pc
add r0, #0x13
ldr r1, .unk_0203A0F4
str r0, [r1]
mov r0, r4
ldr r1, .sub_080FD0DC
bl bx_r1
pop {r4}
pop {r0}
bx r0

main:
push {r4, lr}
mov r4, r0
ldr r0, .ScriptToCall
ldr r1, .CallScript
bl bx_r1
mov r0, r4
ldr r1, .del_c3_from_linked_list
bl bx_r1
pop {r4}
pop {r0}
bx r0

.align 2
bx_r1:
bx r1

.align 2
.CallScript:
.word 0x08098EF8+1
.unk_02039998:
.word 0x0203A0F4
.sub_080A103C:
.word 0x080FD0DC+1
.del_c3_from_linked_list:
.word 0x080A909C+1
.ScriptToCall:
.word 0x08800300

And here is the compiled code, modified with the correct Emerald offsets:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 F9 8E 09 08 F4 A0 03 02 DD D0 0F 08 9D 90 0A 08 XX XX XX 08

I just did a quick test with a Littleroot Town signboard item called 'Dog'. Everything seems to be a-ok. Time for sleep.

Lance32497
December 2nd, 2014, 08:59 AM
In your routine for calling scripts, it always restats the game after the "Use to Pokemon" portion
I did the Warp script given by the PC member...

anonyboy
December 2nd, 2014, 09:13 AM
Thank you Darthatron ^_^

This is exactly what I needed...
The way you explain the code and show the routine and not just the hex...

If you can and it's not to much to ask, could you try to make the 4th gen evolutions or even just the Dawn stone would be nice >_<

Also, could you write up a routine that takes the money the player gets after a battle and puts it into a bank account with the activation of a flag and clearing the flag would obviously make it go back to normal...

I would love to write these up my self but I have no skill in asm and at the moment I am just trying to focus on scripting and until I master that I can't move on to asm...
Not to mention I can't get debugging down for the life of me either much less write my own routines >_< hahaha

All evolutions till gen VI (expect time-based since i need the EM offset that checks time) are available on my tut here on PC