Conversation Between BluRose and robinjea
Showing Visitor Messages 1 to 5 of 5
-
November 24th, 2016 5:18 PMBluRoseok so ruby thingsSpoiler:[bpoint] in hex: 03 48 29 18 1A E0
asm:Spoiler:.text
.thumb
.thumb_func
.align 2
bpoint: @2028C
ldr r0, =(0x0001600F)
add r1, r5, r0
b 202C8
202C8:
mov r0, #0x5
strb r0, [r1]
ldr r0, =(0x02024BEC)
str r2, [r0]
b 20996
20996:
pop {r3-r5}
... and more that probably doesn't matter to us
just a little update. did a quick little disassembly of the routine referenced in andrea's asm, and it's literally just three commands leading to another 5 commands leading to another routine that looks like it's a "main" portion of a routine
EDIT: searching for the main routine leads to a VERY VERY common routine style used or something. it's used 37 times with the exact same bytes prior to its occurrence at 08020996 in ruby; the 37th occurrence in fire red is like somewhere in the early 08010000's -
November 19th, 2016 8:21 PMrobinjeaI honestly tried my best to find it using VBA's Disaasembly View and compare it using IDA but unfortunately, I either couldn't find anything or maybe I simply didn't know how to. :(
-
November 19th, 2016 1:28 PMBluRosehmmm
check out vba's disassembly view. it's actually better because we have the idb for fr~
(i don't have computer access atm or i'd attempt it myself ahaha) -
November 19th, 2016 12:55 PMrobinjeaI tried finding the other two offsets through hex-search method but failed as well. I do not know any other way to find them since there are no available Ruby IDBs around.
-
November 18th, 2016 12:35 PMBluRosei'm largely jumping to conclusions here but
try 21CCE as the branch to the asm routine (00 4A 10 47 XX XX XX 08)
21C3A - 02 21
21D70 - 01 20
asm routine at XX XX XX
NOTE: incomplete, i haven't managed to find the equivalents for the first two addresses
Spoiler:.THUMB
.ALIGN 2
PUSH {R0-R7}
MOV R0, #0xB6
MOV R1, #1
BL CHECK_ITEM
CMP R0, #1
BEQ RETURN
POP {R0-R7}
MOV R2, #1
AND R2, R0
CMP R2, #0
BNE RETURN_2
LSR R0, R0, #1
STRB R0, [R1]
LDR R1, = 0x08 /*axve: 0x0802028D*/
BX R1
RETURN:
POP {R0-R7}
RETURN_2:
LDR R1, = 0x08 /*axve: 0x080202A1*/
BX R1
CHECK_ITEM:
PUSH {R0}
LDR R0, = 0x080EDD29 /*axve: 0x080A92D5*/
MOV R11, R0
POP {R0}
BX R11


