• Our software update is now concluded. You will need to reset your password to log in. In order to do this, you will have to click "Log in" in the top right corner and then "Forgot your password?".
  • Welcome to PokéCommunity! Register now and join one of the best fan communities on the 'net to talk Pokémon and more! We are not affiliated with The Pokémon Company or Nintendo.

Basic Hex Editing in Pokemon Diamond

Status
Not open for further replies.
1,104
Posts
16
Years
  • Basic DP Hex editing
    Since Pokespam are releasing some programs now, I figure I'd write up a little guide on hex editing some simple things in Pokemon Diamond(Pointers may differ slightly in Pearl). Also, for lists of items/pokemon/attacks look at the bottom of the post.
    All those are in an reversed state, and to use them in a hex editor, you'll need to reverse the values. That might sound complicated but it isn't. Here's a few examples, that might help explain it.
    5 > 00 05 > reversed > 05 00
    B11F > B1 1F > reversed > 1F B1
    162 > 01 62 > reversed 62 01
    See, simple.
    Also, If you already know how to do basic hex editing in GBA, you'll be able to do this easily.

    Evolutions Editing
    Here's some data on editing the types of evolution. The pointer to the data is found at 0x1C1BFDA. As far as I know, there are 26 different forms of evolution. I'll be explaining all of them.
    The basic set up the pokemons evolution is this:
    [Type of Evolution (2 bytes)] [Item/Level/Attack/Pokemon] [Pokemon to evolve to]
    For each pokemon, there is enough space to include 7 different evolutions for the Certain Pokemon.
    Since I'm explaining the types from "0100" to "1A00" I'll start at "0100".

    The "0100" evolution is A normal Happiness evolution. In a hex editor go to the pointer 0x1C1C714.
    You'll be brought up with this.
    01 00 00 00 A9 00 ' Happiness Evolution ; 0000 ; Evolve to Crobat
    This is the evolution from Golbat to Crobat.
    All that needs to be edited with this is the final two bytes. Which if you refer to my explanation earlier, you'll see the pokemon to evolve to.

    Now I'll do the "0200" and the "0300" together. These are Happiness at day, and happiness at night respectively. The best example for these are the Eevee evolutions. Go to 0x1C1D6D6 and you'll see this.
    02 00 00 00 C4 00 03 00 00 00 C5 00
    I'll seperate these into happiness at day and night respectively.
    02 00 00 00 C4 00 ' Happiness at Day Evolution ; 0000 ; Evolve to Espeon
    03 00 00 00 C5 00 ' Happiness at Night Evolution ; 0000 ; Evolve to Umbreon
    This is similiar to the Happiness evolution of "0100" and you just need to change the last two bytes.

    "0400" Evolution is a normal Evolution. Look at the pointer 0x1C1C008.
    04 00 10 00 02 00 'Level Up Evolution ; Level to evolve at (16) ; Evolve to Ivysaur
    This is the most common evolution stored in the game. To use this you'll need to change the 'Level to evolve at' and the 'Pokemon to evolve to'

    "0500" is the evolution through trade. An example can be found at the pointer 0x1C1CADC. You'll see this.
    05 00 00 00 41 00 'Trade Evolution ; 0000 ; Evolve to Alakasam
    Do I need to explain these anymore. I think you should get the idea now. How about I just show examples, and give a pointer to you for each of them.

    Type: 0600, Trade with Item Evolution
    Pointer: 0x1C1CA5E
    Example: 16 00 DD 00 BA 00 'Trade with Item ; Item (Kings Rock) ; Politoed

    Type: 0700, Evolve with Item
    Pointer: 0x1C1D6C4
    Example: 07 00 53 00 87 00 'Item Evo. ; Item (Thunderstone) ; Jolteon

    Type: 0800, Attack>Defense
    Pointer: 0x1C1E872
    Example: 08 00 14 00 6A 00 'Attack>Defense ; Level (20) ; Hitmonlee

    Type: 0900, Attack=Defense
    Pointer: 0x1C1E878
    Example:09 00 14 00 ED 00 'Attack=Defense ; Level (20) ; Hitmontop

    Type: 0A00, Attack<Defense
    Pointer: 0x1C1E86C
    Example: 0a 00 14 00 6B 00 'Attack<Defense ; Level (20) ; Hitmonchan

    Type: 0B00, Personality Value < or = to 4
    Pointer: 0x1C1ED68
    Example: 0B 00 07 00 0A 01 'Personality Value <= 4 ; Level (7) ; Silcoon

    Type: 0C00, Personality Value > or = to 5
    Pointer: 0x1C1ED6E
    Example: 0C 00 07 00 0C 01 'Personality Value >= 5 ; Level (7) ; Cascoon

    Type: 0D00, Special Lvl Evo, goes with 0E00
    Pointer: 0x1C1F1B4
    Example: 0D 00 14 00 23 01 'Special Lvl Evo ; Level (20) ; Ninjask

    Type: 0E00, If spare spot in Party, Poke appears
    Pointer: 0x1C1F1BA
    Example: 0E 00 14 00 24 01 'If party <=5 ; Level (20); Shedinja

    Type: 0F00, Max Beauty
    Pointer: 0x1C1FBD8
    Example: 0F 00 AA 00 5E 01 'Max Personality ; Beauty ; Miltic
    Note: This evolution is just speculation as Feebas>Milotic is the only evolution that uses it. So there is nothing to compare it to.

    Type: 1000, Item and Male
    Pointer: 0x1C1F02E
    Example: 10 00 6D 00 6B 01 'Item and male ; Item (Dawn Stone) ; Gallade

    Type: 1100, Item and Female
    Pointer: 0x1C1FDEE
    Example: 11 00 6D 00 DE 01 'Item and Female ; Item (Dawn Stone) ; Froslass

    Type: 1200, Level up holding item at day
    Pointer: 0x1C20B7C
    Example: 12 00 6E 00 71 00 'Level Holding item at day ; Item (Oval Stone) ; Chansey

    Type: 1300, Level up holding item at night
    Pointer: 0x1C1E370
    Example: 13 00 46 01 CD 01 'Level Holding item at night ; Item (Razor Claw) ; Weavile

    Type: 1400, Level up with attack
    Pointer: 0x1C1D26C
    Example: 14 00 CD 00 CF 01 'Level up with Attack ; Attack (Rollout) ; Lickilicky

    Type: 1500, Level up with Pokemon in Party
    Pointer: 0x1C20E94
    Example: 15 00 DF 00 E2 00 'Level up with Pokemon in Party ; Pokemon (Remoraid) ; Mantine

    Type: 1600, Level up Male
    Pointer: 0x1C206B2
    Example: 16 00 14 00 9E 01 'Level Up male ; Level (20) ; Mothim

    Type: 1700, Level Up Female
    Pointer: 0x1C206AC
    Example: 17 00 14 00 9D 01 'Level Up female ; Level (20) ; Wormadam

    Type: 1800, Level Up at Mt. Coronet
    Pointer: 0x1C1CDF4
    Example: 18 00 00 00 CE 01 'Level at Mt. Coronet ; 0000 ; Magnezone

    Type: 1900, Level Up at Eterna Forest
    Pointer: 0x1C1D6B8
    Example: 19 00 00 00 D6 01 ' Level Up at Eterna Forest ; 0000 ; Leafeon

    Type: 1A00, Level Up at Route 217
    Pointer: 0x1C1D6BE
    Example: 1A 00 00 00 D7 01 'Level Up at Route 217 ; 0000 ; Glaceon

    Moveset Editing
    With this, I'm going to use Lucario's Moveset to explain. To see Lucario's Moveset go to the pointer 0x1C26B0C.
    You should see this.
    8F 03 62 02 C1 02 C5 02 E8 02 44 0C 8B 17 6C 1F C6 26 3F 31 7E 3B 0E 42 8C 4B 72 55 96 5F F5 66
    That was a long line. Looks like 'gibberish' dosen't it?
    I'm going to do something to these first 2 bytes. Look at this.
    8F 03
    Still not totally clear but maybe a little easier.
    I'm going to sepearate this, to make it look "easier".
    8F 01 00 02
    Let's look at this.
    We now have 8F01 and 0002
    So what we now have is the attack Dark Pulse and "0x2". This "0x2" is actually the level that it learns the attack. Except there's one problem, Lucario has Dark Pulse at Level 1. The solution is Simple, divide it by two.
    Now let's try the last 2 bytes of that line, and see what we get.
    F5 00 00 66
    F5 00 = Extremspeed ; 0x66 (We have to change it to a decimal value before halving it, so we get 102)
    Let's check this on the internet. Go to bulbapedia or serebii and check for Lucario's attack list.
    Lucario learns Extremespeed at level 51.

    Here's the whole moveset "decoded"
    Code:
    Lucario
    8F03	03=3		Level 1		Dark pulse 
    6202	02=2		Level 1		Quick Attack
    C102	02=2		Level 1		Foresight
    C502	02=2		Level 1		Detect
    E802	02=2		Level 1		Metal Claw
    440C	0C=12		Level 6		Counter
    8B17	17=23		Level 11		Force Palm 
    6C1F	1F=31		Level 15		Feint
    C626	26=38		Level 19		Bone Rush
    3F31	31=49		Level 24		Metal Sound
    7E3B	3B=59		Level 29		Me First	
    0E42	42=66		Level 33		Swords Dance
    8C4B	4B=75		Level 37		Aura Sphere
    7255	55=85		Level 42		Close Combat
    965F	5F=95		Level 47		Dragon Pulse
    F566	66=102		Level 51		Extremespeed

    NOTE: The beginning of the moveset data is at 0x1C237DE. This is the ????? Pokemon's attacks.

    TM/HM Table
    Go to the pointer 0xFC4EC. You should see this.
    08 01 51 01 60 01 5B 01 2E 00 5C 00 02 01 53 01 4B 01 ED 00 ...etc.
    What's all this mean? It's the attacks contained within each TM/HM. It's ordered down from TM 1 through to HM 8.
    But How do we edit this? Let's take the attack table at the bottom of the post and look at the hex again.
    We now have:
    Focus Punch, Dragon Claw, Water Pulse, Calm Mind, Roar, etc.
    All you need to do is edit which attack is in which spot. It's one of the easier things to do.

    Sinnoh Pokedex Order
    Go to the pointer 0x37B0020. You'll come up with this:
    83 01 84 01 85 01 86 01 87 01 88 01 89 01 8A 01 8B 01 8C 01 8D 01 8E 01 8F 01 90 01 91 01 92 01 93 01 94 01 95 01 3F 00 40 00 41 00 81 00 82 00 96 01... etc.
    That's enough of, you can look at it yourself, if you want to. We're going to need the list in at the bottom for this. These are the Pokemon. In there order.
    Turtwig, Grottle, Torterra, Chimchar, Monferno, Infernape, Piplup, Prinplup, Empoleon, Starly, Staravia, Staraptor, Bidoof, Bibarel, Kricketot, Kricketune, Shinx, Luxio, Luxray, Abra, Kadabra, Alakazam, Magikarp, Gyarados, Budew, etc.
    Easily editable. You can have fun with this.

    Base Stats
    I've going to use Bulbasaur's stats here. These are found at 0x1C15A08.You'll see this.
    2D 31 31 2D 41 41 0C 03 2D 40 00 01 00 00 00 00 1D 14 46 03 01 07 41 00 00 03 00 00 20 07 35 84 08 1E 10 02 20 24 66 92 02 00 00 00
    Here's just a brief explanation of these.
    Code:
    2D - HP
    31 - Attack
    31 - Defense
    2D - Speed
    41 - Special Attack
    41 - Special Defense
    0C - Type 1
    03 - Type 2
    2D - Catch Rate
    40 - Base XP
    00 - Effort Yield1
    01 - Effort Yield2
    0000 - Item 1
    0000 - Item 2
    1D - Gender Chance
    14 - Steps for Egg to hatch
    46 - Base Happiness?
    03 - Experience Type
    01 - Egg Type 1
    07 - Egg Type 2
    41 - Special Ability 1
    00 - Special Ability 2
    00 - Safari Run Chance
    03 - Colour
    00 - Padding
    00 - Padding
    20 - TM Switches 1-8
    07 - TM Switches 9-16
    35 - TM Switches 17-24
    84 - TM Switches 25-32
    08 - TM Switches 33-40
    1E - TM Switches 41-48
    10 - TM Switches 49-56
    02 - TM Switches 57-64
    20 - TM Switches 65-72
    24 - TM Switches 73-80
    66 - TM Switches 81-88
    92 - TM Switches 89-92 / HM 1-4
    02 - HM 5-8
    00 - Padding
    00 - Padding
    00 - Padding

    Type Weakness/Strength Chart
    I guess I'll start with this, the values for the different types.
    Code:
    00 = Normal
    01 = Fighting
    02 = Flying
    03 = Poison
    04 = Ground
    05 = Rock
    06 = Bug
    07 = Ghost
    08 = Steel
    09 = ???
    0A = Fire
    0B = Water
    0C = Grass
    0D = Electric
    0E = Psychic
    0F = Ice
    10 = Dragon
    11 = Dark
    Now look at the pointer 0x1DE1B8. You should have this.
    00 05 05 00 08 05 0A 0A 05 0A 0B 05 0A 0C 14 ...etc
    I'm just going to use the first three bytes. When referring to the above table, what do these first 3 bytes mean?
    00 - Normal
    05 - Rock
    05 - Rock???
    The third value isn't Rock type.
    The first byte was the type of an attack. The second byte is the type of the Pokemon being attacked, and the third is how much the damage is multiplied by.
    So if I were to explain these three bytes, in the English Language it would be this.
    When a Normal attack hits a Rock Pokemon, the damage is halved.

    So let's use another example. Let's use the Fire attacks Ice.
    0A 0F 14
    What's 14 mean? 14 in decimal, is 20, which is of course double the damage.
    If we wanted to, we could change this to anything from 0 (No damage) to FF (Damage times 26), which would of course be unstoppable against a type.

    Trainers
    I'll use the first gym leader, as an example here. Go to 0x1C2F854. You'll see this.
    3200 0C00 4A00 BE01 5800 0000 0000
    3200 0C00 5F00 BE01 5800 6700 0000
    3200 0E00 9801 1D00 E400 2B00 0000
    What's this mean? Well, here's the layout explained. I'll just use the first row.
    3200 - First byte. Don't Touch.
    0C00 - The level of the Pokemon
    4A00 - The Pokemon
    BE01 - Attack 1
    5800 - Attack 2
    0000 - Attack 3
    0000 - Attack 4

    So if we were to 'decode' those three lines of hex, we would get this.

    Code:
    Level;Pokemon	Attacks
    Level 12 Geodude		Stealth Rock; Rock Throw; No Attack; No Attack
    Level 12 Onix		Stealth Rock; Rock Throw; Screech; No Attack
    Level 14 Craniados		Headbutt; Pursuit; Leer; No Attack; No Attack

    Let's also use another battle, just for fun. We'll use the battle with your Rival.
    The pointer is at 0x and here's what you see.

    < 1E00 > < 0700 > < 8C01 > < 6200 > < 2D00 > < 0000 > < 0000 >
    < 1E00 > < 0900 > < 8301 > < 2100 > < 6E00 > < 0000 > < 0000 >
    < 1E00 > < 0700 > < 8C01 > < 6200 > < 2D00 > < 0000 > < 0000 >
    < 1E00 > < 0900 > < 8601 > < 0A00 > < 2B00 > < 0000 > < 0000 >
    < 1E00 > < 0700 > < 8C01 > < 6200 > < 2D00 > < 0000 > < 0000 >
    < 1E00 > < 0900 > < 8901 > < 0100 > < 2D00 > < 0000 > < 0000 >

    Look, there's three seperate trainerbattles. All the different Rival Pokemon. Might as well 'decode' it.
    Code:
    Battle 1
    Level; Pokemon		Attacks
    Level 7 Starly		Quick Attack; Growl; No Attack; No Attack
    Level 9 Turtwig		Tackle; Withdraw; No Attack; No Attack
    
    Battle 2
    Level 7 Starly		Quick Attack; Growl; No Attack; No Attack
    Level 9 Chimchar		Scratch; Leer; No Attack; No Attack
    
    Battle 3
    Level 7 Starly		Quick Attack; Growl; No Attack; No Attack
    Level 9 Piplup		Pound; Growl; No Attack; No Attack

    Attack Data
    I'll explain this similiarly to the way I did the Pokemon Stats. Go to the pointer 0x1D6E95C. You'll see this. This is the data for Fire Punch.
    04 00 00 4B 0A 64 0F 0A 00 00 00 13 11 01 00 00
    Like the stats, there's more bytes, and I can't solve some of them.
    Code:
    04 - Effect (Hit + Possible Burn)
    00 - ??
    00 - ??
    4B - Power (75)
    0A - Type (Fire)
    64 - Accuracy (100)
    0F - PP (15)
    0A - Chance of Effect (10%)
    00 - Target (One Opponent)
    00 - Move's Speed (For Quick Attack, and Extremespeed)
    00 - ??
    13 - Contact
    11 - ??
    01 - ??
    00 - ??
    00 - ??

    Starters
    Probably the easiest possible thing to do. Go to 0x2B918A. You'll see this.
    83 01 00 00 86 01 00 00 89 01 00 00
    Pretty obvious. 83 01 is obviously Turtwig, 86 01 is obviously Chimchar, and 89 01 is of course Piplup. All you need to do is change the two bytes depending on which starter you change.

    Well, that's about all that's needed. That's enough for now...
    Before I go, here's the list of Attacks.
    Spoiler:

    Pokemon(Thanks Darthatron)
    Spoiler:

    And Items(thanks gamefreakfatty)
    Spoiler:
     
    Last edited:

    Binary

    え?
    3,977
    Posts
    16
    Years
    • Seen Apr 7, 2014
    Wow thats a long tutorial. I'm sure it would be a great help to D/P hackers for the future....
    now all I need...is to fix my emulator....xD
    Anyways, nice work!
    Its very long to read, so I'am not going to bother as I don't have a good emulator..damn!XD
     

    ShyRayq

    Unprofessional Unprofessional
    1,856
    Posts
    16
    Years
    • Seen Apr 2, 2024
    wait
    what do i hex edit with?
    what program?
     

    /Circa

    a face in the clouds.
    881
    Posts
    16
    Years
  • I have one word, wow.
    The only problem would be finding the correct patterns for some trainers, though I don't think it's that big of a deal. This is awsome, i've already changed half a dozen trainers. The next step for the people who are searching for this stuff is to find the scripting patterns and what commands do what. But thats a bit more harder.

    Thanks heaps thethethethe.
     
    1,104
    Posts
    16
    Years
  • I have one word, wow.
    The only problem would be finding the correct patterns for some trainers, though I don't think it's that big of a deal. This is awsome, i've already changed half a dozen trainers. The next step for the people who are searching for this stuff is to find the scripting patterns and what commands do what. But thats a bit more harder.

    Thanks heaps thethethethe.
    The scripting patterns, may be harder. I've been looking for the way pointers are set out and I can't solve it. And without that, it's a little harder to find scripting patterns.

    I just updated the first post a bit. I found a few bytes for the Base Stats in GBA, and I'm assuming that they are the same in NDS. And they look like they fit so I've decided that they are right. I also added meanings to one or two bytes in the Attack Data aswell.
     
    581
    Posts
    17
    Years
  • Great tutorial, Just waut im shure some one soon say "Which program do you use?" Or "where do you get those number?"
    I have one word, wow.
    The only problem would be finding the correct patterns for some trainers, though I don't think it's that big of a deal. This is awsome, i've already changed half a dozen trainers. The next step for the people who are searching for this stuff is to find the scripting patterns and what commands do what. But thats a bit more harder.

    Thanks heaps thethethethe.

    May i just ask very fast, Is a Dozen 12? Or is it 32? And please share tranier offset with us (I hate to seach stuff twice if some one else already got it...;))
     
    1,104
    Posts
    16
    Years
  • A dozen is 12.

    I found some more bytes for the attack. And I also found some more bytes for the attacks, and CBM had found the rest. So I've got what each byte stands for within the base stats.
     

    Luck

    ¯\_(ツ)_/¯
    6,779
    Posts
    16
    Years
    • Seen May 20, 2023
    you are a genius at scripting thethethethe and you may also be a genius with hex editing also.
    this is a long tutorial and the most amazing part is that it is only basic hex editing.
    I'm going to read it tomorrow because it is pretty late today(central time).
    but when i see all of this, i think you are actually a robot sometimes.
    night!
     

    EvilCrazyMonkey

    D/P Hacker-in-Training
    32
    Posts
    16
    Years
    • Seen Mar 6, 2012
    I think that you need to make the moveset editing much clearer. It took me a couple of minutes to figure it out.
    The odd-ended bytes end in "01" after the separation (after halving, the remainder is thrown away). The even-ended bytes end in "00" after the separation (after halving, no remainder is left).
    Hope this helped.

    -chuu ^.^​
     
    1
    Posts
    16
    Years
  • -first time poster-

    You made me come out of hiding XD. I always thought Hex was a dork thing, to be honest...but this tutorial made me see how easy it is! Thanks! I was going to ask how to find the basestats of each pokemon, but you can easily convert them from decimal to hex and then search for them (it sounds simple when I say it like that, but it took me thirty minutes to figure that out XD.)
     

    cooley

    ///Keepin' it simple
    1,148
    Posts
    17
    Years
  • Erm, all those numbers in hex O_O
    Research it.
    If you wanted to change the starters, then you'd search for the default starters, wouldn't you? Then take note of the offset and change it, to see if it worked. If it did, then horray! now make a tool for it, xD
     

    Swampert 22

    Is making tools for you...
    393
    Posts
    18
    Years
  • Abilities

    Hey everyobdy, good tutorial thethethethe, it really helped me with PokéEdit DP. (If you don't know what that is, take a walk over to my toolbox...!)

    Whilst making the tool, I needed a list of the abilities in D/P, so I made one. I figured it might help some people out, so here it is!

    Spoiler:
     
    Status
    Not open for further replies.
    Back
    Top