Go Back   The PokéCommunity Forums > ROM Hacking > Research & Development
Reload this Page Research: Darthatron's Hacks

Notices
For all updates, view the main page.

Research & Development Got a well-founded knack with ROM hacking? Love reverse-engineering the Pokémon games? Or perhaps you love your assembly language. This is the spot for polling and gathering your ideas, and then implementing them! Share your hypothesis, get ideas from others, and collaborate to create!
Research & Development programs in this forum are subject to moderator approval before they are displayed.



Reply
 
Thread Tools
  #1    
Old June 3rd, 2012 (04:03 AM). Edited June 11th, 2012 by Darthatron.
Darthatron's Avatar
Darthatron Darthatron is offline
巨大なトロール。
Silver Tier
 
Join Date: Jan 2006
Location: Melbourne, Australia
Age: 23
Gender: Male
Nature: Modest
Posts: 1,152
Here are some hacks that I have made for people. I hope you enjoy them. I have attempted to explain how they work as well, for those who want to learn.

Remove the "Previously on your quest..." scene from game load.
Spoiler:
Hack:
Code:
Change bytes at 110F44 to 00 20
Change bytes at 110F50 to C0 46
Explained:
Spoiler:
Original:
Code:
08110F32 loc_08110F32:                           @ CODE XREF: sub_08110F14+3Cj
08110F32                 MOVS    R0, R2
08110F34                 MULS    R0, R7
08110F36                 ADDS    R0, R5, R0
08110F38                 ADDS    R0, R0, R6
08110F3A                 LDRB    R0, [R0]
08110F3C                 LDR     R3, =unk_0203ADF9
08110F3E                 CMP     R0, #0
08110F40                 BEQ     loc_08110F48
08110F42                 LDRB    R0, [R1]
08110F44                 ADDS    R0, #1
08110F46                 STRB    R0, [R1]
08110F48
08110F48 loc_08110F48:                           @ CODE XREF: sub_08110F14+2Cj
08110F48                 ADDS    R0, R2, #1
08110F4A                 LSLS    R0, R0, #0x18
08110F4C                 LSRS    R2, R0, #0x18
08110F4E                 CMP     R2, #3
08110F50                 BLS     loc_08110F32
Basically, this code counts the amount of important events that have occured. Once it reaches 3 (CMP R2, #3), it stops counting and continues the game as normal. What we want to do is make it so it always returns zero. We do this by setting R0 to 0 instead of incrementing as normal, and then removing the loop with the NOP (which literally does nothing) command.

New:
Code:
08110F32 loc_08110F32:                           @ CODE XREF: sub_08110F14+3Cj
08110F32                 MOVS    R0, R2
08110F34                 MULS    R0, R7
08110F36                 ADDS    R0, R5, R0
08110F38                 ADDS    R0, R0, R6
08110F3A                 LDRB    R0, [R0]
08110F3C                 LDR     R3, =unk_0203ADF9
08110F3E                 CMP     R0, #0
08110F40                 BEQ     loc_08110F48
08110F42                 LDRB    R0, [R1]
08110F44                 MOV     R0, #0
08110F46                 STRB    R0, [R1]
08110F48
08110F48 loc_08110F48:                           @ CODE XREF: sub_08110F14+2Cj
08110F48                 ADDS    R0, R2, #1
08110F4A                 LSLS    R0, R0, #0x18
08110F4C                 LSRS    R2, R0, #0x18
08110F4E                 CMP     R2, #3
08110F50                 NOP
Run a script from an items "Use" command or from registering it from select...
Spoiler:
First of all, follow DavidJCobb's Item Creation Tutorial, until the part where it attempts to add scripts, to actually create a new item. But change the "Type" combobox to #2 in the Item Manager. JPANs engine is not required!

Next step is to put this (assmelbed) code somewhere:
Code:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 E5 9A 06 08 98 99 03 02 3D 10 0A 08 09 75 07 08 XX XX XX 08
Where XXXXXX is the location of your script reversed. 800300 would be 00 03 80, for example.

By entering this hex somewhere in the ROM and putting it's offset+1 in the "Field Usage" box in the Item Manager, you can call any script by using the item from the bag or by select. Say I put the routine at 800000 in the ROM, the Field Usage box would be 08800001.
Here's the unassembled code:
Spoiler:
Code:
.text
.align 2
.thumb
.thumb_func
.global Hax
	
setup:
	push {r4, lr}
	mov r4, r0
	mov r0, pc
	add r0, #0x13
	ldr r1, .unk_02039998
	str r0, [r1]
	mov r0, r4
	ldr r1, .sub_080A103C
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

main:
	push {r4, lr}
	mov r4, r0
	ldr r0, .ScriptToCall
	ldr r1, .CallScript
	bl bx_r1
	mov r0, r4
	ldr r1, .del_c3_from_linked_list
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

.align 2
bx_r1:
	bx r1

.align 2
.CallScript:
	.word 0x08069AE4+1
.unk_02039998:
	.word 0x02039998
.sub_080A103C:
	.word 0x080A103C+1
.del_c3_from_linked_list:
	.word 0x08077508+1
.ScriptToCall:
	.word 0x08800300
More to come as I can be bothered.

EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best.
__________________
あなた は しきしゃ です
わたし は ばか です
Reply With Quote
  #2    
Old June 3rd, 2012 (09:02 AM).
Team Fail's Avatar
Team Fail Team Fail is offline
Dragon at heart
Platinum Tier
 
Join Date: May 2009
Age: 20
Gender: Male
Nature: Brave
Posts: 9,784
So, if I read this correctly, you can also make it record more than 3 important events as well depending on those 2 values?
__________________
| | | | |
PM | VM
PC Minecraft Bukkit Server Moderator

Do the best with whatever you can today.
Then tomorrow, you will have surely progressed.

Mario & Luigi: Dream Team - Dreamy Somnom Labyrinth
Reply With Quote
  #3    
Old June 3rd, 2012 (04:24 PM).
Darthatron's Avatar
Darthatron Darthatron is offline
巨大なトロール。
Silver Tier
 
Join Date: Jan 2006
Location: Melbourne, Australia
Age: 23
Gender: Male
Nature: Modest
Posts: 1,152
Quote originally posted by Team Fail:
So, if I read this correctly, you can also make it record more than 3 important events as well depending on those 2 values?
Not sure. Even so, not with just this code. There's more code somewhere that reads it somewhere else. But I imagine increasing it without repointing something would be bad.
__________________
あなた は しきしゃ です
わたし は ばか です
Reply With Quote
  #4    
Old June 14th, 2012 (10:34 AM).
Link_971's Avatar
Link_971 Link_971 is offline
French Rom-Hacker
 
Join Date: Jul 2006
Location: France
Age: 22
Gender: Male
Nature: Relaxed
Posts: 212
Send a message via Windows Live Messenger to Link_971
Quote originally posted by Darthatron:
Spoiler:
Code:
Change bytes at 110F44 to 00 20
Change bytes at 110F50 to C0 46
EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best.


I have found a little bug, if you save in a Pokemon Center.
When you restart, the game doesn't show the name of the Map.
__________________

Reply With Quote
  #5    
Old June 14th, 2012 (10:38 AM).
Crimson5M's Avatar
Crimson5M Crimson5M is offline
what
Crystal Tier
 
Join Date: Feb 2011
Location: Scotland
Age: 19
Gender: Male
Nature: Quiet
Posts: 1,055
Just wondering if you'd know anything about the hidebox command? In Ruby. when you use it in conjunction with showpokepic, it hides the box, showing only the sprite. This is useful for things like mugshots.
In FireRed though...it doesn't work :\
__________________

Because it should've won HotY.
Pear
Frodo Baggins
Twitter
Youtube
CBC
Reply With Quote
  #6    
Old July 10th, 2012 (01:46 AM).
jhay21's Avatar
jhay21 jhay21 is offline
 
Join Date: Jan 2010
Nature: Timid
Posts: 20
Quote originally posted by Darthatron:
EDIT: Also feel free to ask about/request stuff here. I may not do all requests, but I'll try my best.
how about a pokemon type reader/checker i haven't seen one so maybe nobody's done it yet? you set a query to a variable like 01=fire 02=grass etc.
then it checks whether the type of the pokemon selected by special 0x9F has the same type returns 1 if yes, 0 for no
Reply With Quote
  #7    
Old September 28th, 2012 (02:07 AM).
ChaosBringer41 ChaosBringer41 is offline
 
Join Date: Nov 2010
Gender: Male
Posts: 34
I don't know if I'm asking in the right section (I got a headache trying to read the rules/FAQ). Anyway:

1) Can you - or anyone else - tell me how to upgrade the Pokedex in Pokemon Ruby, so that any non-Hoenn Pokemon are properly registered in the Pokedex pre-Elite Four?

2) On one of my 'this is how I'd like Pokemon Ruby to be like' hacks, I used a patch to put an old man in the intro instead of Professor Birch. The patch's name was Mr Fuji. According to my scribbled notes, I got it from PokeCommunity, but nothing on who made it. Any ideas? (I tried searching, but couldn't find it)
__________________
I don't always know what I'm doing. Life is more interesting that way.
Reply With Quote
  #8    
Old September 28th, 2012 (07:22 AM).
Jambo51's Avatar
Jambo51 Jambo51 is offline
Glory To Arstotzka
 
Join Date: Jun 2009
Gender: Male
Nature: Quiet
Posts: 730
Quote originally posted by ChaosBringer41:
I don't know if I'm asking in the right section (I got a headache trying to read the rules/FAQ). Anyway:
This belongs in the general ROM hacking discussion thread, as opposed to here.

Quote originally posted by ChaosBringer41:
1) Can you - or anyone else - tell me how to upgrade the Pokedex in Pokemon Ruby, so that any non-Hoenn Pokemon are properly registered in the Pokedex pre-Elite Four?
They are correctly registered, you just can't see them because they're not part of the Hoenn Dex. The easiest thing to do is to extend Ruby's Hoenn dex to include all the other Pokémon. I don't know precisely how to do that off the top of my head.

Quote originally posted by ChaosBringer41:
2) On one of my 'this is how I'd like Pokemon Ruby to be like' hacks, I used a patch to put an old man in the intro instead of Professor Birch. The patch's name was Mr Fuji. According to my scribbled notes, I got it from PokeCommunity, but nothing on who made it. Any ideas? (I tried searching, but couldn't find it)
I highly doubt anyone will be able to help you.

And, so this post is actually on subject, these 2 hacks will probably have been of great use to many people. I hope you have more cool stuff up your sleeve, Darthatron!
__________________
Hey guys, please check out my recreations of the gen 1 and 2 music on my custom engine at my SoundCloud! - Here!
Reply With Quote
  #9    
Old September 29th, 2012 (08:19 AM).
.parado✗'s Avatar
.parado✗ .parado✗ is offline
paranormal user
 
Join Date: Sep 2012
Location: Ha✗land
Age: 19
Gender: Male
Nature: Gentle
Posts: 38
Send a message via Skype™ to .parado✗
Thank you!
The Item Stuff could be very useful for my Ruby hack.
I ever wonder how long you must research for those things..
Reply With Quote
  #10    
Old February 12th, 2013 (01:25 PM).
karatekid552's Avatar
karatekid552 karatekid552 is offline
What happens if I push it?....
 
Join Date: Nov 2012
Location: Do you really want to know? Really?
Gender: Male
Nature: Bold
Posts: 1,767
Send a message via AIM to karatekid552 Send a message via Windows Live Messenger to karatekid552 Send a message via Skype™ to karatekid552
Quote originally posted by .parado✗:
Thank you!
The Item Stuff could be very useful for my Ruby hack.
I ever wonder how long you must research for those things..
With the help of Darthatron, I have successfully ported over the item script runner to Ruby. Everything is the same, except the offsets:

Code:
.text
.align 2
.thumb
.thumb_func
.global Hax

	setup:
		push {r4, lr}
		mov r4, r0
		mov r0, pc
		add r0, #0x13
		ldr r1, .unk_03005D00
		str r0, [r1]
		mov r0, r4
		ldr r1, .sub_080C9050
		bl bx_r1
		pop {r4}
		pop {r0}
		bx r0

	main:
		push {r4, lr}
		mov r4, r0
		ldr r0, .ScriptToCall
		ldr r1, .CallScript
		bl bx_r1
		mov r0, r4
		ldr r1, .del_c3_from_linked_list
		bl bx_r1
		pop {r4}
		pop {r0}
		bx r0
.align 2
bx_r1:
	bx r1

.align 2
.CallScript:
	.word 0x080655B8+1
.unk_03005D00:
	.word 0x03005D00
.sub_080C9050:
	.word 0x080C9050+1
.del_c3_from_linked_list:
	.word 0x0807AB74+1
.ScriptToCall:
	.word 0x08XXXXXX
Here is the compiled version:

Code:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 B9 55 06 08 00 5D 00 03 51 90 0C 08 75 AB 07 08 XX XX XX 08
Hope this helps all of the Ruby hackers out there!
__________________

Paired with Simba
Reply With Quote
  #11    
Old June 19th, 2014 (02:55 AM). Edited June 19th, 2014 by Phenom2122.
Phenom2122's Avatar
Phenom2122 Phenom2122 is offline
 
Join Date: Jun 2014
Gender: Male
Nature: Quiet
Posts: 40
Every few years I decide to try and work on my Emerald hack again. Only to find that every useful hack and mod has been made exclusively for Fire Red and in some cases, Ruby for some odd reason.
I was so excited to use this scripted items hack, only to find, surprise surprise, it is exclusive to Fire Red and Ruby. Makes me want to give up on hacking generation 3 Pokemon games again. Makes me want to pick up my computer and just throw it out the window.
Now I could compare the Fire Red and Ruby routines provided here to try to find the Emerald offset, although when comparing bytes, it looks like it is not just the offset that has changed. Does anyone have any idea how I could get this hack working in Emerald?

EDIT: I have found two of the offsets for Emerald to insert into the routine. However I am stuck with two and help would be appreciated.
In Fire Red this address: 02039998 points to somewhere in the ram I assume? in the Ruby routine it is this: 03005D00. I have no idea how to go about finding this in Emerald.
The other offset I am stuck with is this in Fire Red: 08069AE4 and this in Ruby: 080655B8.
In each Rom those offsets point to four particular bytes. Those four bytes appear multiple times throughout the Emerald Rom.
Please help me here, someone.
Reply With Quote
  #12    
Old June 20th, 2014 (12:59 AM).
DarkPsychic's Avatar
DarkPsychic DarkPsychic is offline
 
Join Date: Jul 2012
Gender: Male
Posts: 68
Thank you Darthatron

This is exactly what I needed...
The way you explain the code and show the routine and not just the hex...

If you can and it's not to much to ask, could you try to make the 4th gen evolutions or even just the Dawn stone would be nice >_<

Also, could you write up a routine that takes the money the player gets after a battle and puts it into a bank account with the activation of a flag and clearing the flag would obviously make it go back to normal...

I would love to write these up my self but I have no skill in asm and at the moment I am just trying to focus on scripting and until I master that I can't move on to asm...
Not to mention I can't get debugging down for the life of me either much less write my own routines >_< hahaha
Reply With Quote
  #13    
Old June 24th, 2014 (07:32 PM). Edited June 24th, 2014 by Phenom2122.
Phenom2122's Avatar
Phenom2122 Phenom2122 is offline
 
Join Date: Jun 2014
Gender: Male
Nature: Quiet
Posts: 40
Hey guys, after finding my brain and a new Hex Editor that supports wildcard searches, I figured out the offsets for Emerald. Thanks to @Darthatron for the original ASM and thanks to absolutely nobody for helping me find those offsets.
Even though I couldn't get it to compile for some reason, I will post the modified code here:
Spoiler:
Code:
.text
.align 2
.thumb
.thumb_func
.global Hax
	
setup:
	push {r4, lr}
	mov r4, r0
	mov r0, pc
	add r0, #0x13
	ldr r1, .unk_0203A0F4
	str r0, [r1]
	mov r0, r4
	ldr r1, .sub_080FD0DC
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

main:
	push {r4, lr}
	mov r4, r0
	ldr r0, .ScriptToCall
	ldr r1, .CallScript
	bl bx_r1
	mov r0, r4
	ldr r1, .del_c3_from_linked_list
	bl bx_r1
	pop {r4}
	pop {r0}
	bx r0

.align 2
bx_r1:
	bx r1

.align 2
.CallScript:
	.word 0x08098EF8+1
.unk_02039998:
	.word 0x0203A0F4
.sub_080A103C:
	.word 0x080FD0DC+1
.del_c3_from_linked_list:
	.word 0x080A909C+1
.ScriptToCall:
	.word 0x08800300


And here is the compiled code, modified with the correct Emerald offsets:
Spoiler:
Code:
10 B5 04 1C 78 46 13 30 0C 49 08 60 20 1C 0C 49 00 F0 10 F8 10 BC 01 BC 00 47 10 B5 04 1C 0A 48 05 49 00 F0 07 F8 20 1C 06 49 00 F0 03 F8 10 BC 01 BC 00 47 08 47 C0 46 F9 8E 09 08 F4 A0 03 02 DD D0 0F 08 9D 90 0A 08 XX XX XX 08


I just did a quick test with a Littleroot Town signboard item called 'Dog'. Everything seems to be a-ok. Time for sleep.
Reply With Quote
  #14    
Old December 2nd, 2014 (08:59 AM).
Lance32497's Avatar
Lance32497 Lance32497 is offline
LanceKoijer of Pokemon_Addicts
 
Join Date: Aug 2014
Location: Criscanto town-Ginoa Region xD
Gender: Male
Nature: Adamant
Posts: 518
In your routine for calling scripts, it always restats the game after the "Use to Pokemon" portion
I did the Warp script given by the PC member...
__________________
My Threads

Reply With Quote
  #15    
Old December 2nd, 2014 (09:13 AM).
anonyboy's Avatar
anonyboy anonyboy is offline
Pokemon Aerial Emerald Creator&Pokemon Hybrid Co-Creator
 
Join Date: Sep 2013
Location: Israel
Gender: Male
Nature: Adamant
Posts: 231
Quote originally posted by DarkPsychic:
Thank you Darthatron

This is exactly what I needed...
The way you explain the code and show the routine and not just the hex...

If you can and it's not to much to ask, could you try to make the 4th gen evolutions or even just the Dawn stone would be nice >_<

Also, could you write up a routine that takes the money the player gets after a battle and puts it into a bank account with the activation of a flag and clearing the flag would obviously make it go back to normal...

I would love to write these up my self but I have no skill in asm and at the moment I am just trying to focus on scripting and until I master that I can't move on to asm...
Not to mention I can't get debugging down for the life of me either much less write my own routines >_< hahaha
All evolutions till gen VI (expect time-based since i need the EM offset that checks time) are available on my tut here on PC
__________________



Reply With Quote
Reply
Quick Reply

Sponsored Links
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are UTC -8. The time now is 09:52 AM.