Binary Hack Tutorials
(All Games) Type Weakness/Strength Changing
Started by Coolboyman May 6th, 2007 12:01 AM- 31088 views
- 27 replies
This thread is closed. It will not accept new replies.
Ever wanted to change the weaknesses and strengths of what types do? (For example, When water attacks fire, it's super effective, this tutorial will teach you how to make it so when Water attacks fire, it isn't very effective or deals no damage at all, and way beyond).
Step 1: Load up a Pokemon ROM
Step 2: Go to the address based on which rom you loaded up
Red and Blue: 3E474
Yellow: 3E62D
Gold and Silver: 34D01
Crystal: 34BB1
Ruby: 1F9720
Sapphire: 1F96B0
Emerald: 31ACE8
Fire Red: 24F050
Leaf Green: 24F02C
Diamond: 1DE1B8
For Red/Blue/Yellow:
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bird
07 = Bug
08 = Ghost
09-13 = Blank
14 = Fire
15 = Water
16 = Grass
17 = Electric
18 = Psychic
19 = Ice
1A = Dragon
For Gold/Silver/Crystal
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bird
07 = Bug
08 = Ghost
09 = Steel
0A-12 = Blank
13 = ???
14 = Fire
15 = Water
16 = Grass
17 = Electric
18 = Psychic
19 = Ice
1A = Dragon
1B = Shadow
For Ruby/Sapphire/Emerald/Fire Red/Leaf Green/Diamond/Pearl:
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bug
07 = Ghost
08 = Steel
09 = ???
0A = Fire
0B = Water
0C = Grass
0D = Electric
0E = Psychic
0F = Ice
10 = Dragon
11 = Dark
Step 2: regardless of your version, you will see three bytes, 00 05 05. The first byte is the one attack, so we have the Normal Type attacking.
The second value is the type being attacked. So 05 = Rock, we have Normal attacking Rock.
The final byte is the damage multiplier. The 05 stands for *.5
damage. So the game reads this, and when a Normal Pokemon attacks a Rock Pokemon, half of the normal damage is done. You will see that all are either 05, 14 (in dec is 20, so its *2), and 00 (which is *0 which makes the attack never hit, this is used for Ground Vs. flying and others). Right after that is another strength/weakness definition, and keeps going on until a FF. However, you can mix it up a bit!
Step 3: Changing
Lets say you want it so when a Flying Pokemon attacks a Poison Pokemon, it does *2 the damage. Overwrite the bytes with 02 03 14, and it will take effect. You can even do as low as *0.10 (which would be 01), and as high as *25.40 the damage (Which would be FE). That is murder!
So have some fun, make some new types if you want, or just balance out the system.
Step 1: Load up a Pokemon ROM
Step 2: Go to the address based on which rom you loaded up
Red and Blue: 3E474
Yellow: 3E62D
Gold and Silver: 34D01
Crystal: 34BB1
Ruby: 1F9720
Sapphire: 1F96B0
Emerald: 31ACE8
Fire Red: 24F050
Leaf Green: 24F02C
Diamond: 1DE1B8
For Red/Blue/Yellow:
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bird
07 = Bug
08 = Ghost
09-13 = Blank
14 = Fire
15 = Water
16 = Grass
17 = Electric
18 = Psychic
19 = Ice
1A = Dragon
For Gold/Silver/Crystal
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bird
07 = Bug
08 = Ghost
09 = Steel
0A-12 = Blank
13 = ???
14 = Fire
15 = Water
16 = Grass
17 = Electric
18 = Psychic
19 = Ice
1A = Dragon
1B = Shadow
For Ruby/Sapphire/Emerald/Fire Red/Leaf Green/Diamond/Pearl:
(All Values are hex)
00 = Normal
01 = Fighting
02 = Flying
03 = Poison
04 = Ground
05 = Rock
06 = Bug
07 = Ghost
08 = Steel
09 = ???
0A = Fire
0B = Water
0C = Grass
0D = Electric
0E = Psychic
0F = Ice
10 = Dragon
11 = Dark
Step 2: regardless of your version, you will see three bytes, 00 05 05. The first byte is the one attack, so we have the Normal Type attacking.
The second value is the type being attacked. So 05 = Rock, we have Normal attacking Rock.
The final byte is the damage multiplier. The 05 stands for *.5
damage. So the game reads this, and when a Normal Pokemon attacks a Rock Pokemon, half of the normal damage is done. You will see that all are either 05, 14 (in dec is 20, so its *2), and 00 (which is *0 which makes the attack never hit, this is used for Ground Vs. flying and others). Right after that is another strength/weakness definition, and keeps going on until a FF. However, you can mix it up a bit!
Step 3: Changing
Lets say you want it so when a Flying Pokemon attacks a Poison Pokemon, it does *2 the damage. Overwrite the bytes with 02 03 14, and it will take effect. You can even do as low as *0.10 (which would be 01), and as high as *25.40 the damage (Which would be FE). That is murder!
So have some fun, make some new types if you want, or just balance out the system.
Wow. I never would find myself trying this, but you are a genius. Now those who want to make fakemon with different types have their work cut out!
I made a very simple sample of what can be done with this. I successfully added Dark and Steel types in Pokemon Red! Although Magnemite/Magneton is the only Steel Pokemon, and the move "Bite" is the only Dark attack, it's still useful. All the strengths/weaknesses are included (obviously). Just patch to a clean Red ROM and you're good to go!
Nice. I was thinking of looking for that, but my hypothesis (which was completely wrong :() was that weakness/resistance was set by four bitflags. At least I didn't spend any time looking for that.
Heh, maybe I'll mess around with the Bird type now.
Hmm, I just checked in Crystal. The list is FF-terminated (not surprising). But for some reason, there's an arbitrary FE in there.
These are the last few values in the list:
09 09 05
fe
00 08 00
01 08 00
ff
I have no idea why that FE would be in there. Wouldn't it mess up the last two items? Unless the list is pointer-based, which I don't believe it would be (or we wouldn't be able to simply add things to the list).
Heh, maybe I'll mess around with the Bird type now.
Hmm, I just checked in Crystal. The list is FF-terminated (not surprising). But for some reason, there's an arbitrary FE in there.
These are the last few values in the list:
09 09 05
fe
00 08 00
01 08 00
ff
I have no idea why that FE would be in there. Wouldn't it mess up the last two items? Unless the list is pointer-based, which I don't believe it would be (or we wouldn't be able to simply add things to the list).
I'm not sure, it doesn't seem to affect anything.
Hmm, I just checked in Crystal. The list is FF-terminated (not surprising). But for some reason, there's an arbitrary FE in there.
These are the last few values in the list:
09 09 05
fe
00 08 00
01 08 00
ff
The ones after the FE are Normal and Fighting vs. Ghost.These are the last few values in the list:
09 09 05
fe
00 08 00
01 08 00
ff
So I'm guessing the FE is a marker for where the immunities canceled out by Foresight are listed; Foresight makes Normal and Fighting able to hit Ghost types, but doesn't affect any other immunities at all.
The ones after the FE are Normal and Fighting vs. Ghost.
So I'm guessing the FE is a marker for where the immunities canceled out by Foresight are listed; Foresight makes Normal and Fighting able to hit Ghost types, but doesn't affect any other immunities at all.
That's an excellent observation; I'll go test that.So I'm guessing the FE is a marker for where the immunities canceled out by Foresight are listed; Foresight makes Normal and Fighting able to hit Ghost types, but doesn't affect any other immunities at all.
EDIT: Gargle's absolutely right. If you want a type weakness/resistance to be set to x1 when using Foresight, put it behind the $FE.
I was wondering if I could ask a question regarding this tutorial? I managed to locate the bytes and recognise them,(02 01 14, flying X2 damage to fighting etc...) but I wondered how exactly it is possible to add a new type to the game? If you need to edit a old type in order to do this editing 09(???) would be a good choice as you wouldn't lose any of the others but I couldn't see any data regarding types attacking 09, or visa versa. Am just not looking hard enough or is the process of adding new types much more complicated? Sorry if this question sounds dumb, I'm not familiar with hex editing, but sounds fun to learn. I was also wondering what would mean x1 damage? I am hacking Ruby version by the way.
this is a bit confusing but i think ill get the hang of it
Silver's Blaze the level 13 Ninetales!
wat would i put for 4x
i put in 28 and somethin comes in the box tht shows text i get a (
Any1 know if this will cause a problem
is the adress code for pearl the same cuz u didn't post it?
i put in 28 and somethin comes in the box tht shows text i get a (
Any1 know if this will cause a problem
is the adress code for pearl the same cuz u didn't post it?
Missingno's type... you should have googled it first, seriously.
Also, this goes into a Hex Editor I'm presuming. Sorry, but Hex is absolutely foreign to me and I'm just now trying to get into it.
Hey guys, I'm still alive. Not really sure if I want to continue Twisted Path though.
How do you repoint the weaknesses and strengths to free space?
You would repoint this like you'd repoint anything: find free space and copy the existing strengths and weaknesses to it, and then change the old pointer to point to the new location.
How do I change the old pointer to the new location.
Depends on what system you're hacking. Let's use Crystal as an example. If the offset is >4000, then we can get its pointer by (offset MOD 4000) + 4000.034BB1 Mod 4000 = 0BB1
0BB1 + 4000 = 4BB1
So 4BB1 is our pointer. Next, we look for the pointer in our ROM. In most cases (not always, but usually), the pointer is in the same bank as the data. Each bank is 4000 bytes long and starts at the offset rounded down to the nearest 4000, which in our case is 034000. So we navigate to 034000 in our hex editor and search for the pointer. GBC pointers are little-endian, which means that the one's place byte goes first. So we search for B14B.
Our result is at 034741. Notice the 21 in front of the pointer. 21, 11, and 01 are assembly commands that mean "load the next two bytes into the CPU registers." If you see one of those while searching for pointer values, it's a good bet that you've found your pointer. (Not to say that a pointer without a 21 in front is less likely to be a pointer -- a lot of the time you'll find pointers in lists, especially when it comes to things like text.)
So we change the value in 034741-034742 to the pointer to our new location for the data. The free space in this bank starts at 037EE2, so let's assume we copied our data there. Like before, we would find the pointer to our new location with ((037EE2 MOD 4000) + 4000), which is 7EE2. Don't forget to byteswap! Our final value will be E27E.
This method will work for GBC pointers, but not GBA pointers. If you're needing those instead, it shouldn't be that hard to find out info on how they work.
Sorry if this sounds kinda stupid, but...
For R/S/E/FR/LG/D/P if you use the value 12, would that work if I wanted to add a new type?
For R/S/E/FR/LG/D/P if you use the value 12, would that work if I wanted to add a new type?
N00bish Question alert.......
How do you look up the address? 0_o
Yeah, i have VBA, i tried memory viewer but it only has 4 numbers, not 5. So when i look up "34D01", it goes to "4D01" instead.
And the numbers are like 00 09 77 D1 C9 11 etc...... Not really right.......
I'm trying to GBC hack btw.....
How do you look up the address? 0_o
Yeah, i have VBA, i tried memory viewer but it only has 4 numbers, not 5. So when i look up "34D01", it goes to "4D01" instead.
And the numbers are like 00 09 77 D1 C9 11 etc...... Not really right.......
I'm trying to GBC hack btw.....
Male
Melbourne, Australia
Seen October 12th, 2010
Posted September 18th, 2010
1,104
posts
15.8
Years
N00bish Question alert.......
How do you look up the address? 0_o
Yeah, i have VBA, i tried memory viewer but it only has 4 numbers, not 5. So when i look up "34D01", it goes to "4D01" instead.
And the numbers are like 00 09 77 D1 C9 11 etc...... Not really right.......
I'm trying to GBC hack btw.....
HEX EDITOR! How do you look up the address? 0_o
Yeah, i have VBA, i tried memory viewer but it only has 4 numbers, not 5. So when i look up "34D01", it goes to "4D01" instead.
And the numbers are like 00 09 77 D1 C9 11 etc...... Not really right.......
I'm trying to GBC hack btw.....
Memory viewer is different.
Gone.