If you load the game on BGB, open the debugger and go to debug>access breakpoints you can set a breakpoint to A000-FDFF by entering A000-FDFF in the address box, ticking 'on write' and adding it. This way if there is any arbitrary code execution the emulator will open up the debugger at the place it's executing the code.
I think you meant 'on execute'.
Also, Viet Crystal has a lot of crashes caused by invalid text commands. All of them could potentially be exploitable, similar to the Coin Case glitch.
Oops, yeah my mistake. Thanks TheZZAZZGlitch.
MartinTVP8, if you still want find the first execution from RAM try 'on execute' instead of 'on write'. Sorry for giving you wrong instructions.
The parameters I shared are for RAM locations, and in case you don't know the Game Boy writable memory allocation is like this.
$FF80-$FFFE Zero Page - 127 bytes
$FF00-$FF7F Hardware I/O Registers
$FE00-$FE9F OAM - Object Attribute Memory
$E000-$FDFF Echo RAM
$D000-$DFFF Internal RAM - Bank 1-7 (switchable - CGB only)
$C000-$CFFF Internal RAM - Bank 0 (fixed)
$A000-$BFFF Cartridge RAM (If Available)
$9C00-$9FFF BG Map Data 2
$9800-$9BFF BG Map Data 1
$8000-$97FF Character RAM
If the debugger comes up at one of these locations, you may be able to write to those addresses (right click on the value; modify code/data) and this will be your code to execute. Then; if you have code written the only obstacle is writing code there and executing it without cheating.
Note many times you will come across execution at memory addresses that aren't the most manipulable, or that could be overwritten. Arbitrary code execution may in fact be common when the game is confronted with a bad operation, and also for undefined things (like glitch items) but is not as often manipulable.
E0CF and E139 (which would be 01xxCFE0 and 01xx39E1 in a GameShark code) are not documented
on our list of GameShark codes (containing Japanese Crystal addresses) but if luck is good hopefully we can find a unique way of executing arbitrary code in this version.
Hope that helps.