Thread: Research: Darthatron's Hacks
View Single Post
  #1    
Old June 3rd, 2012 (04:03 AM). Edited June 11th, 2012 by Darthatron.
Darthatron's Avatar
Darthatron
巨大なトロール。
Community Supporter
 
Join Date: Jan 2006
Location: Melbourne, Australia
Age: 23
Gender: Male
Nature: Modest
Here are some hacks that I have made for people. I hope you enjoy them. I have attempted to explain how they work as well, for those who want to learn.

Remove the "Previously on your quest..." scene from game load.
Spoiler:
Hack:
Code:
Change bytes at 110F44 to 00 20
Change bytes at 110F50 to C0 46
Explained:
Spoiler:
Original:
Code:
08110F32 loc_08110F32:                           @ CODE XREF: sub_08110F14+3Cj
08110F32                 MOVS    R0, R2
08110F34                 MULS    R0, R7
08110F36                 ADDS    R0, R5, R0
08110F38                 ADDS    R0, R0, R6
08110F3A                 LDRB    R0, [R0]
08110F3C                 LDR     R3, =unk_0203ADF9
08110F3E                 CMP     R0, #0
08110F40                 BEQ     loc_08110F48
08110F42                 LDRB    R0, [R1]
08110F44                 ADDS    R0, #1
08110F46                 STRB    R0, [R1]
08110F48
08110F48 loc_08110F48:                           @ CODE XREF: sub_08110F14+2Cj
08110F48                 ADDS    R0, R2, #1
08110F4A                 LSLS    R0, R0, #0x18
08110F4C                 LSRS    R2, R0, #0x18
08110F4E                 CMP     R2, #3
08110F50                 BLS     loc_08110F32
Basically, this code counts the amount of important events that have occured. Once it reaches 3 (CMP R2, #3), it stops counting and continues the game as normal. What we want to do is make it so it always returns zero. We do this by setting R0 to 0 instead of incrementing as normal, and then removing the loop with the NOP (which literally does nothing) command.

New:
Code:
08110F32 loc_08110F32:                           @ CODE XREF: sub_08110F14+3Cj
08110F32                 MOVS    R0, R2
08110F34                 MULS    R0, R7
08110F36                 ADDS    R0, R5, R0
08110F38                 ADDS    R0, R0, R6
08110F3A                 LDRB    R0, [R0]
08110F3C                 LDR     R3, =unk_0203ADF9
08110F3E                 CMP     R0, #0
08110F40                 BEQ     loc_08110F48
08110F42                 LDRB    R0, [R1]
08110F44                 MOV     R0, #0
08110F46                 STRB    R0, [R1]
08110F48
08110F48 loc_08110F48:                           @ CODE XREF: sub_08110F14+2Cj
08110F48                 ADDS    R0, R2, #1
08110F4A                 LSLS    R0, R0, #0x18
08110F4C                 LSRS    R2, R0, #0x18
08110F4E                 CMP     R2, #3
08110F50                 NOP
Run a script from an items "Use" command or from registering it from select...
Spoiler:
First of all, follow DavidJCobb's Item Creation Tutorial, until the part where it attempts to add scripts, to actually create a new item. But change the "Type" combobox to #2 in the Item Manager. JPANs engine is not required!

Next step is to put this (assmelbed) code somewhere:
Code:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 E5 9A 06 08 98 99 03 02 3D 10 0A 08 09 75 07 08 XX XX XX 08
Where XXXXXX is the location of your script reversed. 800300 would be 00 03 80, for example.

By entering this hex somewhere in the ROM and putting it's offset+1 in the "Field Usage" box in the Item Manager, you can call any script by using the item from the bag or by select. Say I put the routine at 800000 in the ROM, the Field Usage box would be 08800001.
Here's the unassembled code:
Spoiler:
Code:
.text
.align 2
.thumb
.thumb_func
.global Hax
	
setup:
	push {r4, lr}
	mov r4, r0
	mov r0, pc
	add r0, #0x13
	ldr r1, .unk_02039998
	str r0, [r1]
	mov r0, r4
	ldr r1, .sub_080A103C
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

main:
	push {r4, lr}
	mov r4, r0
	ldr r0, .ScriptToCall
	ldr r1, .CallScript
	bl bx_r1
	mov r0, r4
	ldr r1, .del_c3_from_linked_list
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

.align 2
bx_r1:
	bx r1

.align 2
.CallScript:
	.word 0x08069AE4+1
.unk_02039998:
	.word 0x02039998
.sub_080A103C:
	.word 0x080A103C+1
.del_c3_from_linked_list:
	.word 0x08077508+1
.ScriptToCall:
	.word 0x08800300
More to come as I can be bothered.

EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best.
__________________
あなた は しきしゃ です
わたし は ばか です
Reply With Quote