• Our software update is now concluded. You will need to reset your password to log in. In order to do this, you will have to click "Log in" in the top right corner and then "Forgot your password?".
  • Forum moderator applications are now open! Click here for details.
  • Welcome to PokéCommunity! Register now and join one of the best places on the 'net to talk Pokémon and more! Community members will not see the bottom screen advertisements.
  • Want to share your adventures playing Pokémon?
    Check out our new Travel Journals forum for sharing playthroughs of ROM Hacks, Fan Games, and other Pokémon content!
  • IMPORTANT: Following a takedown request, the following hacks have been delisted from PokéCommunity:

    • Pokémon Glazed
    • Pokémon: Giratina Strikes Back
    • Pokémon Flora Sky
    • Pokémon Stranded
    The downloads and discussion threads for these hacks will no longer be accessible, and staff will be unable to return questions regarding accessing this content.

Quick Research & Development Thread

1,344
Posts
14
Years
  • Seen Dec 10, 2021
If you've ever inserted a new map in Advance map, you might have noticed that you are unable to use fly on this map. The fix for this is simple: in the map header, swap to professional editing view using CTRL+H. Locate the byte in the image below, and if it is 00 change it to 01.

aouZWaB.png


Note that the other bytes in your map header will likely be different to mine, this is the only one you have to be concerned about.
 

DoesntKnowHowToPlay

Tiny Umbrella with Lots and Lots of Good
265
Posts
12
Years
  • Seen Feb 24, 2024
To Disable the Pokemon Substructure Permutations in Emerald:
Head to 076BEC in your hex editor. Change the 7C that is there to 00.

Incidentally, to disable the substructure permutations in Firered, head to 04C062 and change that 7C to 00 as well. Credits to Knizz's Firered.idb for that one, I'm posting it here because I haven't seen it anywhere other than the idb.]

I have no idea what this is supposed to do but it appears to be something related to DMA, not Pokemon substructures.

At any rate, this inspired me to work out how to get rid of the encryption surrounding them (all offsets for FR):

To unscramble the order, write 00 20 00 00 00 00 at x3F94C. This will always put them in order 0, (growth, attacks, EVs, misc.).

To remove the XOR encryption used for them, put 00 00 at x3F92A, x3F930, x3F906, x3F90C.

To remove the checksum reads, allowing for easy memory editor usage to tweak values, put 0B E0 at x3FDA8 and 0E E0 at x40530.

To remove the checksum writes, effectively adding two more bytes to the Pokemon structure to be used for whatever you feel like, put 00 00 at x40AE6.

For obvious reasons, this will ruin existing saves, but makes memory editing and Pokemon hacking simpler in addition to adding two more bytes to the Pokemon struct.
 
Last edited:
218
Posts
10
Years
  • Seen Nov 12, 2021
I have no idea what this is supposed to do but it appears to be something related to DMA, not Pokemon substructures.

At any rate, this inspired me to work out how to get rid of the encryption surrounding them (all offsets for FR):

To unscramble the order, write 00 20 00 00 00 00 at x3F94C. This will always put them in order 0, (growth, attacks, EVs, misc.).

To remove the XOR encryption used for them, put 00 00 at x3F92A, x3F930, x3F906, x3F90C.

To remove the checksum reads, allowing for easy memory editor usage to tweak values, put 0B E0 at x3FDA8 and 0E E0 at x40530.

To remove the checksum writes, effectively adding two more bytes to the Pokemon structure to be used for whatever you feel like, put 00 00 at x40AE6.

For obvious reasons, this will ruin existing saves, but makes memory editing and Pokemon hacking simpler in addition to adding two more bytes to the Pokemon struct.


Theorically, this should do the same for Emerald :

put 00 00 at 0x806A236, 0x806A23C, 0x806A25A and 0x806A260

put 00 20 00 00 00 00 at 0806A27C

0B E0 at 0x806A6D8, 0E E0 at 0x806ADFC

and 00 00 at 0x806B3E4


Thanks Doesnt

EDIT : I can confirm it works, edit the data of the pokemon is easier than ever!
 
Last edited:
116
Posts
16
Years
Increasing Max Money Amount
Spoiler:

For Emerald to Increase Max Money Amount to match BW version:
Spoiler:


Credits:
JPAN for the original research
Turtl3skulll for writing the Fire Red's dummies tutorial
jiangzhengwenjzw for helping me to fix the 7 digit display problem
 
Last edited:

PurpleOrange

still don't know what I'm doing
367
Posts
10
Years
For Emerald to Increase Max Money Amount to match BW version:
Spoiler:


Credits:
JPAN for the original research
Turtl3skulll for writing the Fire Red's dummies tutorial first

i tried this but the pokemart still displays 6 figures, this makes items not sell for the right price etc.
 

PurpleOrange

still don't know what I'm doing
367
Posts
10
Years
No, this increasement of max money amount actually means that to increase the player's holding money amount. And the max of the price amount of the items is at only 65535.

sorry, i mean, when you're buying and selling an item, it will show the player's money in the top left, so it shows an the incorrect amount for the player's money
 
116
Posts
16
Years
sorry, i mean, when you're buying and selling an item, it will show the player's money in the top left, so it shows an the incorrect amount for the player's money

I'm so sorry. I forgot there is one byte needs to change, too. Just replace the byte at 0xE5204 from 26 to 20.

attachment.php
 

Attachments

  • Pokemon_Emerald_U_01.png
    Pokemon_Emerald_U_01.png
    6.3 KB · Views: 1,963

PurpleOrange

still don't know what I'm doing
367
Posts
10
Years
I'm so sorry. I forgot there is one byte needs to change, too. Just replace the byte at 0xE5204 from 26 to 20.

attachment.php

that fixes that problem :) however there seems to be another, when you are buying/selling an item, when you're changing the amount, it will tell you how much it will cost/give you you, however when you confirm it, the man will say a different amount (see below)
 

Attachments

  • 1.PNG
    1.PNG
    6.6 KB · Views: 58
  • 2.PNG
    2.PNG
    6.7 KB · Views: 54

~SAGE

Peruvian Rom Hacker
39
Posts
9
Years
I've just got some very quick offsets for Pokedex hacking.

I'm not sure whether it's already been posted, I don't think so, as I had to discover these on my own.

I've found 2 limiters for the Kantodex that are quite useful, which when combined with Jambo51's already posted offsets, can allow for the Kantodex to act as a national dex.

Even though Jambo already found the limiter for the Kantodex itself, it would still not display the correct seen/caught numbers as they were still limited to 150 as were the habitats.

By changing the number 96 at the offset: 104BF2
You can extend the limit to the seen/caught text. Eg. changing 96 to FA will allow for a max of 250 seen/caught Pokemon.

By changing the number 97 at the offset: 106828
You can extend the number of Pokemon that will be correctly featured in the habitat pages. Eg. changing 97 to FA will allow for the first 250 Pokemon in your pokedex to be displayed in the habitat pages before receiving the national dex.

This can be helpful as it stops people from having to give the national dex at the start of the game.

I'll just repost Jambo's limiters from his thread here

0x10352C - mov r1, #0x97
0x1035F6 - cmp r0, #0x96

Just change those 2 bytes at that offset to the number of Pokemon you want in.

I've expanded the Dex untill 721, so.. ¿What i should to do to change more bytes at this offset? :/
It might to be 2D1 in hex.
 

Blah

Free supporter
1,924
Posts
11
Years
I've expanded the Dex untill 721, so.. ¿What i should to do to change more bytes at this offset? :/
It might to be 2D1 in hex.

You need to rework the code in ASM. Maybe there are some parts where you can do some optimization and remove the need to hook, otherwise, this will be hook city.
 

Telinc1

Weirdo Extraordinaire
168
Posts
10
Years
I've looked into FireRed's menu descriptions. You know, the blue box that tells you what each entry does. I'm trying to figure out how to get rid of it and I've made some discoveries, nothing complete though.

0x083A7394 is table of pointers to the descriptions. You can repoint each one of them if you want.
There's two offsets which point to it - 0806F104 and 0806F30A. They're referenced a couple of bytes back by ldr r2 opcodes.
The first pointer seems to be part of a routine which loads the description of the first entry. Changing stuff in it only breaks opening the menu. Changing options works fine.
The second pointer to the table seems to be part of a routine which loads the description of any entry you go to after opening the menu. There's a bunch of branching in there and screwing around with it seems to break either selecting options you've already went through or moving the cursor down in the menu. Don't know which of the two because I didn't test it.

While this may not be useful as it is, it's a least a start. One thing I do know is that I've found the routines which load the darn thing. Now to figure out where they start and stub them.
 

Blah

Free supporter
1,924
Posts
11
Years
I've looked into FireRed's menu descriptions. You know, the blue box that tells you what each entry does. I'm trying to figure out how to get rid of it and I've made some discoveries, nothing complete though.

0x083A7394 is table of pointers to the descriptions. You can repoint each one of them if you want.
There's two offsets which point to it - 0806F104 and 0806F30A. They're referenced a couple of bytes back by ldr r2 opcodes.
The first pointer seems to be part of a routine which loads the description of the first entry. Changing stuff in it only breaks opening the menu. Changing options works fine.
The second pointer to the table seems to be part of a routine which loads the description of any entry you go to after opening the menu. There's a bunch of branching in there and screwing around with it seems to break either selecting options you've already went through or moving the cursor down in the menu. Don't know which of the two because I didn't test it.

While this may not be useful as it is, it's a least a start. One thing I do know is that I've found the routines which load the darn thing. Now to figure out where they start and stub them.

Check the ASM resource thread. I made a post about field moves and adding new ones.

To remove the descriptions, I think you can just nop out function calls to 08113018. Try writing 4 bytes of 0x0s to 0806F2CE, 0806F31C, and 080F798E.
 
218
Posts
10
Years
  • Seen Nov 12, 2021
Soul Dew works in the Battle Frontier for Lati@s :

C0 46 C0 46 at 0x806979E & 0x80697D4
 
Last edited:
959
Posts
11
Years
Changing the pre-battle, post-battle and switch-in text in Emerald (BPEE) and FireRed (BPRE)

This post focuses on changing the challenge, defeat, and switch-in text strings that appear during battle in Emerald and FireRed. To clarify, I'm talking about these:
[trainer]
would like to battle!
Player defeated
[trainer]!
[trainer] is
about to use [Pokemon].

Will [player] change
POKéMON?
With a few tips from Sky High, success has been achieved in modifying them :)

Green denotes Emerald offsets.
Red
denotes FireRed offsets.

This is the default challenge text, found in 0x5CBB9C, and has pointers at 0x14E228 and 0x14E264.
Located at 0x3FD366 and the pointer at 0xD73C0 for FireRed.
Code:
FD 1C 00 FD 1D FE EB E3 E9 E0 D8 00 E0 DD DF D9 00 E8 E3 00 D6 D5 E8 E8 E0 D9 AB FB FF
The default defeat text is in 0x5CBA2E, with pointers at 0x14E66C and 0x5CC744.
For FireRed, it's at 0x3FD1C7 with pointers at 0xD776C and 0x3FE410.
Code:
CA E0 D5 ED D9 E6 00 D8 D9 DA D9 D5 E8 D9 D8 FE FD 1C 00 FD 1D AB FB FF
Last but not least, here's the default switch-in dialogue at 0x5CB9ED. Its pointer is at 0x5CC6A8.
On FireRed, it's at 0x3FD186 and the pointer located at 0x3FE374. This exact form is only present in ROMs that have not been decapitalized.
Code:
FD 1C 00 FD 1D 00 DD E7 FE D5 D6 E3 E9 E8 00 E8 E3 00 E9 E7 D9 00 FD 01 AD FB D1 DD E0 E0 00 FD 23 00 D7 DC D5 E2 DB D9 FE CA C9 C5 1B C7 C9 C8 AC FF
Some bytes are used to load stored text, like the trainer class and trainer name. There are also others that stand for different functions. They are as follows:
Code:
FD 01: Loads the name of the Pokemon the opponent is switching into/sending out
FD 1C: Loads the trainer class
FD 1D: Loads the trainer's name
FA: Continues the string after FE has been used. Similar to XSE's "\l" command
FB: Moves to a new box altogether and carries on the string. Works like "\p" (Yes, from XSE as well)
FE: The "new line" function for the string, similar to "\n" in XSE scripting
FF: Terminates the string to avoid reading further bytes (I think).
Modifying them is quite simple. Just write a custom string that you want (either in raw hex form or with a script editor) while making use of the byte functions listed above, compile or insert into free space using a hex editor, then change the respective pointers! I'll put mine up as an example because I'm awful at explaining stuff; feel free to use them. Be aware that these are optimized for EM, but they might work for FR:

Challenge text:
ogx5bDo.png
Code:
D3 E3 E9 00 D5 E6 D9 00 D7 DC D5 E0 E0 D9 E2 DB D9 D8 00 D6 ED FE FD 1C 00 FD 1D AB FB FF

Defeat text:
5jXzqhX.png
Code:
D3 E3 E9 00 D8 D9 DA D9 D5 E8 D9 D8 FE FD 1C 00 FD 1D AB FB FF
Switch-in text:
TXAV8aV.png
YG2yKqT.png
Code:
FD 1C 00 FD 1D 00 DD E7 FE D5 D6 E3 E9 E8 00 E8 E3 00 E7 D9 E2 D8 00 DD E2 00 FD 01 AD FA D1 DD E0 E0 00 ED E3 E9 00 E7 EB DD E8 D7 DC 00 ED E3 E9 E6 00 CA E3 DF 1B E1 E3 E2 AC FF
 
Last edited:

PurpleOrange

still don't know what I'm doing
367
Posts
10
Years
Not sure if anyone else has found this yet but meh

So to upgrade your pokedex to the national dex in ruby you put this is an xse script
Code:
writebytetooffset 0x2 0x2026B00
writebytetooffset 0x3 0x2026B01
writebytetooffset 0xDA 0x2024EBE
writebytetooffset 0x67 0x2026A5A
which Renegade worked out and documented in THIS old thread

well this kinda does the job but leaves it like this
Spoiler:
so it's kinda still the hoenn dex except now you can search the national dex, and the number on the summary screen will be the national dex number

in order to fix that we need to add another line to the script so it becomes this (with changes in bold)
Code:
writebytetooffset 0x2 0x2026B00
writebytetooffset 0x3 0x2026B01
[B]writebtyetooffset 0x1 0x2024EBD[/B]
writebytetooffset 0xDA 0x2024EBE
writebytetooffset 0x67 0x2026A5A
so now it looks like this
Spoiler:
 
959
Posts
11
Years
Previous post has been updated to include offsets for FireRed!

-------------------------------------------------------------------------------

In an attempt to further modernize the strings in the battle system, I've also looked into the text that prints whenever something happens with the opponent's Pokemon, namely the term "Foe." Basically, in-battle dialogue such as:
Foe [Pokemon] used
[move]!
Foe [Pokemon] is paralyzed!
It may be unable to move!
Because it's used in a lot of other strings, "Foe" seems to be loaded from stored text as opposed to being separate like the pre- and post-battle messages.

It's located at 0x5CBD8B and has quite a few pointers: 0x14EB28, 0x14EC9C, 0x14ED38, 0x14EDD4, 0x14EE70, 0x14EF0C, 0x14F390, 0x14F784. This doesn't cover the Screen move strings though (Light Screen and Reflect). On FireRed, the text is at 0x3FD55B and pointers at 0xD7B7C, 0xD7CA4, 0xD7D18, 0xD7D8C, 0xD7E00, 0xD7E74, 0xD82C0, 0xD8554.

Changing it is pretty much the same as the ones on my previous post, but note that you're only changing one word and not the messages themselves. Once again, I'll be putting up an example. This replaces "Foe" with "The opposing". Remember, insert into free space and re-point accordingly!

hbqFX3N.png
Code:
CE DC D9 00 E3 E4 E4 E3 E7 DD E2 DB 00 FF
A side effect of using this custom string is that it interferes with a few other dialogue, which become long enough to go off the screen when printing. Fortunately, these are easily fixed by making the following byte changes (I'll be updating my posts as more information is found):

Emerald:
AUGR96R.png

RarvsgZ.png

2BRATiH.png

Code:
0x5CAC2D: FE (Ingrain)
0x5CA8C9: FE (Ghost-type Curse)
0x5CA8CD: 00 (Ghost-type Curse)
0x5CACB3: FE (Skill Swap)
0x5CACBD: 00 (Skill Swap)
FireRed:
Code:
0x3FC3BD: FE (Ingrain)
0x3FC059: FE (Ghost-type Curse)
0x3FC05D: 00 (Ghost-type Curse)
EDIT: Updated with FireRed offsets. Credits to BlackWhiteRobin for finding them!

EDIT 2: Added Skill Swap fix for Emerald. Have yet to find FireRed equivalents.
 
Last edited:
Back
Top