Main Menu
Main Page
Recent changes
Random page


Major Glitches
Trainer escape glitch
Old man trick
Celebi trick
Select glitches (Japan)
SRAM glitch
CoolTrainer♀ corruption
LOL glitch
Super Glitch
ZZAZZ glitch
Pomeg corruption glitch (Glitzer Popping)
Elite Four door glitch (Japan)
Pokémon merge glitch
Pokémon cloning
Time Capsule exploit
Arbitrary code execution
Coin Case glitch

Other Glitch Categories
Glitches by generation
Glitches between two generations
Japan-only/language specific glitches
Music glitches
Natural glitches
Non-core series glitches
Non-Pokémon glitches
Officially acknowledged glitches
Recurring glitches
Dead glitches

Pokémon GameShark codes
The Big HEX List
GB programming
Debugging features
Easter eggs
Error traps
Glitch areas
Glitch myths
Non-glitch exploits
Placeholder texts
Pokémon glitch terminology
Unused content and prerelease information

Useful Tools
8F Helper
GBz80 to Items
Old man trick name generator
PATH (Prama's Advanced Tweaking Heaven)
Save file editors
Special stat/Pokémon converter
Trainer escape Trainer Pokémon finder

Legendary Star Blob 2 (Hakuda)
Pokémon Speedruns wiki
PRAMA Initiative
Become an affiliate!

Search Wiki


Search Forums


Author Topic: Arbitrary code execution in Red/Blue using the "8F" item  (Read 178033 times)

0 Members and 1 Guest are viewing this topic.


  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #570 on: March 20, 2017, 03:12:32 pm »
Ah, thanks, I was wondering what the .sym files were for, for some reason it didn't occur to me to look inside them!

Edit: And here is said script:
Code: [Select]
Carbos x90
Master Ball x14
Poké Ball x84
Repel x128
Carbos x24
X Accuracy x134
TM29 x0
Carbos x144
X Accuracy x0
TM01x[Any qty]

Code: [Select]
ld h, $5A
ld bc, $040E ; b = BANK(FontGraphics), c = 14 = how many tiles to copy
ld d, h
ld e, $80 ; de = FontGraphics
ld h, $18
ld l, $86
push hl ; hl = CopyVideoDataDouble
ld h, $90
ld l, $0 ; hl = the tiles in VRAM that come after the digits
ret ; jumps to CopyVideoDataDouble (done this way to avoid glitch items and key items that would result from directly using call or jp)

This turns the tiles beyond the numbers that glitch quantities read from into the letters A through P, so it's easier to see how many items you have / are tossing. (There will also be a bunch of letters all over the background).

The effect goes away when entering/leaving a building, entering/leaving a battle, resetting the game, or closing the PC item menu, and maybe a few other things.

Tested with English blue on BGB.
« Last Edit: March 21, 2017, 08:14:32 am by jfb1337 »