Research: Legacy

knizz · Nov 5, 2010

I like romhacking. It taught me a lot but I think the time has come to move on so I'll leave my IDA file to you. It is the product of 100 hours of work and contains nearly all structures that have been reverse engineered, a huge collection of named(!) functions and tons of cross-references.

Edit: Link is in the signature

If you are a serious ASM Hacker I can give you IDA-Lessons via TeamViewer. But basically thats the end of my romhacking-activites.

Shiny Quagsire · Nov 6, 2010

Awwwww.... that sucks that it's the last of your ROM hacking. I'll be sure to study it!

Platinum Lucario · Nov 7, 2010

Oh wow, this is the last of Knizz's ROM Hacking? Well I'll have to learn how to ASM edit and hex edit. Then maybe one day I might be able to study where Knizz has left off. Hm... IDA, eh? I don't think I've heard about it before.

sonic1 · Nov 7, 2010

PokémonShinySilver said:
Hm... IDA, eh? I don't think I've heard about it before.

Thats a asm Disassembler. Check it out here.

Its really sad that you're quitting rom hacking. You're a really good ASM hacker.
But that's your choice, so nobody can force you to continue.

I've seen your work, and its really huge and well researched, and a work you should be proud of. Now lets hope that the next generation of rom hackers make a good use of it.

But tell me something, what's that callback functions?What's their purpose?

With best regards, sonic1

knizz · Nov 7, 2010

sonic1 said:
Thats a asm Disassembler. Check it out here.

Its really sad that you're quitting rom hacking. You're a really good ASM hacker.
But that's your choice, so nobody can force you to continue.

I've seen your work, and its really huge and well researched, and a work you should be proud of. Now lets hope that the next generation of rom hackers make a good use of it.

But tell me something, what's that callback functions?What's their purpose?

With best regards, sonic1

First. Thank you for actually looking into it.

The callback functions are functions that are responsible for a certain part of the game and that are called PER FRAME via the "call_back" functions. Callback 1,2,4,5,6 have function pointers somewhere in RAM. Callback 3 is actually a list of function pointers. The most important callbacks are 2 and 3. I talked about them in my "gamemode"-thread. (middle and right column) When I look back I think the naming is stupid. Anyway. When setting breakpoints to find function-offsets in c3. Don't just make a breakpoint on the function that adds a function-offset to the list. Cause not all functions do it that way. You have to put a writing-breakpoint on each entry.

The link above is a bit outdated because when I wrote it I didn't know that c3
is a list. Here is the complete sequence of function-offsets in the c3-list during the intro

Code:

If not menioned otherwise these functions are triggered via 0807741C.

00000000 Copyright message
080ecab1 Intro starts. A star flies through the screen until it's in the middle.
btw Did you know that the star uses the same ping-pong animation as the arrows in the bag? Its strange.
080ede05 The star continues and eventually leaves the view. The sparks blink.
080edeed Most particles vanish
0812e9f9 "Game Freak" appears on the screen
0812e9f9 The logo fades in
0812e9f9 "Game Freak" and the logo fade out
080ed0ad Grass
080ed141 Zoom in.
080ed40d Gengar vs. Nidorino
080ed429 Change of perspecive
080ed715
080ee201
080ed69d Nidorino makes noise
080ee025 Gengar hits Nidorino. Nidorino strikes back. The scene freezes. Zoom in.
00000000
08078c25
08078bed
080792c9 pokemon silloutte
080718b9 pokemon blink
080718b9 cyan ribbon
080718b9 orange and red ribbon
080718b9 pokemon blink
080718b9 all texts except title: press start (c) 2004 game freak inc
080718b9 pokemon blink
0807941d title and pokemon blink
0807941d Fire! ... Press A or START
08072235 Fadeout
00000000
0800c4d10800c705 (by 0800c5fe) screen turns gray
0812eb59
0812f0b1 (by 0812ee70) controls
0812f181 (by 0812f160) text fadeout
0812ef51 (by 0812f240) change first line (title, meaning of A and B)
0812f0b1 (by 0812f08e) controls (after page flipping)
0812f275 (by 0812f25e) controls fadeout
0812f33d (by 0812f31e) pause
0812f4a9 (by 0812f474) story
0812f72d (by 0812f71a) story fadeout
0812f7c1 (by 0812f7a4) pause
0812f881 (by 0812f860) oak fadein
0812f945 (by 0812f92c) oak: "Hello there. Glad to meet you. Welcome..."
0812f9ed (by 0812f9d4) oak: "This world..."
0812fa79 (by 0812fa5a) oak's pokeball appears
08072235
080f06a5
080f12e1
080f1371 (by 080f12ac) pokemon jumps out, screen turns white, "..is i"
080f13c1 (by 080f13a6) pokemon lands on the floor, "..is inhabited fa"
0812fb4d (by 0812fa9e) oak: "..is inhabited far and wide by creatures called Pokemon"
0812fbf1 (by 0812fbd8) oak: "..."
0812fc69 (by 0812fc4c) Textbox disappears
080f06a5
080f12e1
080f1371 (by 080f12ac) Pokemon returns into ball
080f13c1 (by 080f13a6) Remaining sparks disappear
0812fd79 (by 0812fd60) oak: "But first tell me a little about yourself"
08131339
0812fdc1 (by 0812fdb0) oak fadeout
0812fe89 (by 0812fe70) "Now tell me. Are you a boy or a girl?"
0812ffa5 (by 0812ff7c) BOY / GIRL
0812fff1 (by 0812ffda)
08130051 (by 0813003c)
081314dd
081300a1 (by 08130090) hero fadein
0800ca95 (by 0800c772) "Let's begin with your name. What is it?"
081303b5 (by 08130198) fadeout
0809f26d
0809e58d
0809dd89 Choose your name
08130465 "Right... So your name is ..."
08130555 (by 08130542) YES / NO
08131339
08130651 (by 081305ac) Menu and Character fade out
081306d5 (by 08130688)
081314dd
0813071d (by 08130708) grandson fadein
081301b1 (by 081307ba) "This is my grandson." ... move away
08130325 (by 08130216) name-multibox
08130465 (by 081303ac) "...Er, was it ??? ?"
08130555 (by 08130542) YES / NO
08130695 (by 081305f4) "Thats right! I remember now!"
08131339
081307d1 (by 081306c2) Grandson fadeout
081314dd
08130859 (by 08130844) Hero fadein
081308d1 (by 081308b2) "Let's go!"
08130915 (by 08130908)
08130a81
08130b11
08130981 (by 08130970) Shrink
08130bf1 (by 08130be0) Fadeout
08130c21 (by 08130c21)
00000000

The next thing I wanted to do is to type in the name of all script commands. ... Maybe I'll do it myself.

sonic1 · Nov 8, 2010

Hey thanks for your explanation. It was very good. Now i understand what callback functions are. It's like a small queue that allows the game to run several things "at once", right?

And by the way, your research helped me in finding the offset of the new game option - 12Eb2d. You really did a awesome work in rom hacking.

Im very gratefull to you

With best regards, sonic1

knizz · Nov 8, 2010

Thats right. I reuploaded the file btw. Fixed a few mistakes and added the names of the script-commands.

Shiny Quagsire · Nov 8, 2010

I'm loving the script commands... but why is one of the names call "annoying_orange"?

knizz · Nov 9, 2010

Because I couldn't find out what it does.

sab · Nov 16, 2010

This is great! It's sad that your leaving pkmn rom hacking, but everyone does sometime or another.

Full Metal · Nov 24, 2010

knizz said:
Because I couldn't find out what it does.

yup, youre still epic!
now, to use Ida on a wii... hmm :p

Research: Legacy

More options

knizz

Shiny Quagsire

I'm Still Alive, Elsewhere

Platinum Lucario

The Legendary Master of [color=#D8D48C]Light[/colo

sonic1

ASM is my life now...

knizz

sonic1

ASM is my life now...

knizz

Shiny Quagsire

I'm Still Alive, Elsewhere

knizz

sab

Now too much of a life.

Full Metal

C(++) Developer.