Main Menu
Main Page
Forums
Recent changes
Random page
Help

Databases
GlitchDex
AttackDex
ItemDex
TrainerDex
TypeDex
UnownDex
More

Major Glitches
Trainer escape glitch
Old man trick
Celebi Egg trick
Select glitches (Japan)
SRAM glitch
CoolTrainer♀ corruption
LOL glitch
Rival LOL glitch
Super Glitch
ZZAZZ glitch
Pomeg data corruption glitch (Glitzer Popping)
Tweaking
Elite Four door glitch (Japan)
Pokémon merge glitch
Pokémon cloning
Time Capsule exploit
Arbitrary code execution
Coin Case glitches
More

Other Glitch Categories
Glitches by generation
Glitches between two generations
Japan-only/language specific glitches
Music glitches
Natural glitches
Non-core series glitches
Non-Pokémon glitches
Officially acknowledged glitches
Recurring glitches
Dead glitches

References
Pokémon GameShark codes
The Big HEX List
Glitch Pokémon cries
GB programming
Curiosities
Debugging features
Easter eggs
Error traps
Glitch areas
Glitch myths
Non-glitch exploits
Placeholder texts
Pokémon glitch terminology
Unused content and prerelease information

Useful Tools
8F Helper
GBz80 to Items
Old man trick name generator
PATH (Prama's Advanced Tweaking Heaven)
Save file editors
Special stat/Pokémon converter
Trainer escape Trainer Pokémon finder

Affiliates
Legendary Star Blob 2 (Hakuda)
Pokémon Speedruns wiki
PRAMA Initiative
Become an affiliate!

Technical
Site Source Code

Search Wiki

 

Search Forums

 

Author Topic: Arbitrary code execution in Gold/Silver UE using the Coin Case  (Read 51197 times)

0 Members and 1 Guest are viewing this topic.

spamviech

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #330 on: December 28, 2017, 09:19:23 pm »
Little helper code which might be useful to someone else as well:
Maximize all PC items (quantity x 255) while leaving the item type unchanged.
Code: [Select]
1)   A   p  'v   5   é   4   2   5 XOR A; SUB fb; LD [faf8], A | A->05
2)  'v   9   é   /   2   p  'v   . SUB ff; LD [f3f8], A; XOR A; SUB e8 | A->06; A->18
3)   é   0   2  'v   2   é   5   2 LD [f6f8], A; SUB f8; LD [fbf8], A | A->20
4)  'v   9   é   ♀   2  'v   9   5 SUB ff; LD [f5f8], A; SUB ff | A->21; A->22
5)   é   2   2  'v   9   é   3   2 LD [f8f8], A; SUB ff; LD [f9f8], A | A->23
6)  'v   ×   é   ,   2   0   9   9 SUB f1; LD [f4f8], A; OR ff; LD B, 32 | A->32
7)   0   0   0   5   5   5   5   5 LD HL, 18f6; LD [HLI], A; INC HL; DEC B; JR NZ, fb | HL->f618
8)   x  'd OR A; RET NC

Fun little thing about x0 quantity (at least in the PC):
You can withdraw/toss any quantity you want, it won't change the quantity of the item. While tossing obviously does nothing, withdrawing works without problems (creates items).
Depositing an additional item of the type simply adds the amount which restores normal functionality.
Possibly also works in the inventory to give you an infinite amount of an item, but I didn't test that.