Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Gravedigger

Pages: [1]
1
Before we start, just like with the 'Battle Corruption glitch' found by buglitch, this glitch is yet to be recreated on hardware.
You usually just seem to crash, sometimes the screendata does get corrupted along the way.
However, if there is a way to get it to work, I should probaply make a thread about it for future reference.

For anyone who has not read the HoO document, out of bounds scripts (oob scripts for short) are scripts and overlays loaded
via RETIRE, when there aren't at least 4 scripts in runtime in the current map id.
For nearly a year, it was unknown as to how to recreate it, even on an emulator, however, while testing a different glitch I accidentally stumbled
upon it.

ASLR

When you start up your console, Address space layout randomization kicks into action.
It does what the name implies, it randomises address space for memory.
Because of this, it's supposed to be harder to use action replay codes, and other hacking tools.
From the looks of it, there are 64 different randomisations that you could get on startup.
As you might have guessed by now, the section of memory used by RETIRE if there are less than 4 scripts, will be randomised.
This means that there are 64 different results/map id you could potentially get from using RETIRE. Before we go further, let's show some examples.



Odd continuous surfing script: https://www.youtube.com/watch?v=9HR-yCyEuLo
Changing player name: https://www.youtube.com/watch?v=hp2TKubjBC0&t=18s
Changing map width/coordinates/void: https://www.youtube.com/watch?v=2LkBXYXW_Xk,
Chosing new starters: https://www.youtube.com/watch?v=CzuMAdM_kPA

These are just some examples, and I'll show more later in the thread.

As you can see, the results can be quite spectacular.
For as far as I've noticed, these scripts only activate if the map id has some kind of script in it's runtime.
If it does not, it doesn't do anything. This might mean that RETIRE reads this as the data needed.
But, remember when I said that there are only 64 randomisations?
While this is in fact true, it doesn't mean we can't get more results.

In the void, there's a specific set of map's that are used in the battle tower.
These Battle tower map's move bytes by about 8000. This also influences the results heavily, and actually gives you 2x64, or 128 results/map!

We have been actively looking for ways to get some kind of ACE with this, or to get it to work on hardware somehow.
We haven't had any luck so far, and lot's of other theories have to be tested.
To end off, I'll add some more fun scripts!




2
So, this is extremely tricky but from my testing this won't mess your savefile up. (Its at your own risk though)
The idea comes from bad egg cloning in other generations, except in gen IV its way harder to pull of.

So, here is how you do it:
1) save underneath a pc box, this is not required but its extremely unlikely you'll get it first time.
2) put one (or more) pokemon in the box. So far I only got it to work with one pokemon, but it might be possible and easier with more than one.
3) save the game, count the cycles of the clock. Usually it stops at 9 and 7/8 rounds. We want to reset your game precisely on 9.7/8 but before the clock gets removed from screen or it actually saves. too soon makes the game put you back without saving the box, too late saves the party as it currently is too. We need the game to save the box, but rollback your party to an older save.
4) reset game; if everything went smoothly your screen should go blue and say your savefile was corrupted and its going to use an older savefile.
Once thats over, check your box. With some luck you will have duplicated your pokemon and item!

https://www.youtube.com/watch?v=hbvYY-B5Vik

Important things to notice: as you rollback your party new pokemon put into it will get wiped from your game! This does however make for a gen 4 bad egg removal trick too!

If anyone gets corrupted clones from doing this please comment on species, moves, whatever is different from the original! My bidoof was an exact copy, and even though its awesome you can duplicate I'm more interested in its uses for potential use of glitchmoves.
3
As shown in the following videos, you can actually get partnerbattles (glitchbattles) using RETIRE in amity square, to get the baby pokemon following you, which is considered a partner. Then leaving the area, while still having the partner, and entering a non-player battle.

However, because we are in RETIRE we can only fight legitimate fights in the Safari Zone using the battle glitch.
There might be more outcomes of glitchbattles, and if you crash, try again and save at a pokecenter before entering the safari zone.
You actually can also enter the Safari zone the usual way, but after one fight the 'ding dong, you're out of pokeballs' script will go off, and you'll be warped back in. And as you're in RETIRE mode anyway, just use that instead to get in.

To remove the effect, remove the Amity Sqaure pokemon from your team, or go to amity square use RETIRE, select yes and walk up untill it kicks out your party pokemon. You have to use RETIRE first, otherwise you'll crash as theres no npc found to remove from the game.

This effect also has some other small side effects such as going to the route above twinleaf town causing it to give the no pokemon no enter message from your mom. If you have no pokemon other than your amity square and you pay for safari entry and die, you will end up with a fainted happiny ( or whatever you took) as your only pokemon, like as in the pomeg glitch.

My videos on how to do it if you don't understand my information above:
1) The route: https://youtu.be/rYB5UGGH8vc
2) Actual working partner glitchbattle: https://youtu.be/HFVo_PcfFXg
3) Some Trivia testing: https://youtu.be/XWRR0f904XE
4) the only fainted pokemon, like the pomeg glitch:
https://youtu.be/kH3n-spt8Aw

If you get different result, post your thoughts and pokemon used in Amity Square down below, I'd love to see more happening.
The inspiration to try this all came from this old video, credits given where credit should be given: https://youtu.be/feAJsKi8nPY
Sadly N stopped posting videos quite a while ago, but that video, even though its 5 years old, gave me the idea to do without wtw.
4
So we figured out that my earlier findings weren't recreatable, so we went back from all we knew.
1) I was the only one to blackout by arceus.
this got us to testing, and we got different results after blackouting by arceus. so, I decided to test it with other fights aswell.
I actually fought the Celestic grunt twice, in different areas in the void with bothe the same result after blacking out by them:
So cryo says that That script of barry triggers if you lost the battle to him, but I haven't even entered hearthome city yet, cryo is god <3

Original stream moment: https://www.youtube.com/watch?v=kIE_meu_6es
Recreation: https://www.youtube.com/watch?v=4iPLPVIZqDw&feature=youtu.be
Here I blacked  out by saturn, his shows what the normal battle in Hearthome city should be:
https://www.youtube.com/watch?v=vuEV7D_ZWrs&feature=youtu.be

A second explanation would be that I activated the contest hall script in the void, and bcs I then left and entered from the left the game knows that I finished the contest hall script, but did not win the battle yet. This second one is theorethical, but after testing this might be plausable
5
As it seems like the chaymin one is really unreliable, use this one for defenite results if you're stuck in RETIRE mode instead:

https://www.youtube.com/watch?v=6bEyZ57todE&feature=youtu.be

These are guaranteed ways of entering the void using RETIRE, which I've never had any issues with before
6
I don't even know. figure it out from this video.

https://www.youtube.com/watch?v=zh71OyPoVzE
I changed the link to a more indepth one, bcs the last one was really hard to understand bcs I didn't explain what direction I went in.

Heres my savestate: http://www.mediafire.com/file/3e24quq4ntew3sv/Seabreak.dst

Aera tried doing this, but didn't get route 227 script to do anything, not even the healing script. So for now we'll take this as some kind a RAM based glitch?
7
https://www.youtube.com/watch?v=EBmV_q-nQrA&feature=youtu.be

Baiscly using RETIRE around Heatran's area seemed to heal me, but seriously mess up all graphics.
no worries, opening anything will refresh the graphics and fix it :)
8
Basicly, some stable 's -- pokemon seem to change their stats/attacks depending on what you do between you putting them into the daycare, and getting them out. I have a couple of movesets that I'll link in here that I was able to get by switching pokemons around, healing myself in a pokemon center and going back to the daycare.

https://gyazo.com/5fde52c8ac0236824e387cb279934edd
https://gyazo.com/c1614eb9da126c4ce99018b2d53910f5
https://gyazo.com/32a3a44113b925984953c610ba1ebd4f
https://gyazo.com/0183233068287c142dfaad8916407ef4
https://gyazo.com/5e1968dda3454d4dea02f695b56b859b

his moveset starts with 2 blank moves, one of which doesn't do anything, and one who always is out of pp, and dig.
After that, I randomly got a leer,pek,horn drill,flash moveset, while he only gained 3 levels since last time. However, the pokemon seems to change its level/stats once you put it in a box, and get it out again. the moveset does not change though, except if you put it in daycare and do anything to cause it to change.
9
Generation IV Glitch Discussion / Strugle bug?
« on: May 06, 2017, 10:34:37 pm »
So in my latest post I had a rant about the glitchpokemon we got in the daycare, it corrupted my party into me having a DPbox, which used strugle in a fight, but the enemie onix was in 'dig' and the strugle missed, for the entire battle DPbox stayed alive, didn't do a single attack after his strugle.
10
If a special Missingno changes its attributes, it's still the same Pokemon...
So I guess it depends on if the hex number stays the same.

(I was thinking of naming it something based on DPBox, actually...)
DUDE DUDE I NOTICED SOMETHING. He corrupts your party, and you're no longer able to fight, the only fight you can engage is the daycare, and with only infernape as pokemon, I threw out a DPbox as my second pokemon!!!
11
Enter Great Marsch, Use retire, go to the right, go up, go left, use RETIRE above the door to the safari zone, enter door.
You will now be in the safari zone, but not in the safari mode. Meaning: you will have actual battles now (This is the only area in which you can fight wild pokemon/catch wild pokemon in RETIRE mode I found), pokemons won't flee (great for shiny hunting) you are not limited to safari balls, but can use anything you want (great for shiny hunting) and you can lower their hp, use status effects and so on like in normal battles. you also no longer have a timer for being in the safari zone.

You will however be unable to leave battles you engaged, so keep that in mind!
https://www.youtube.com/watch?v=9AGH2W8okWI&feature=youtu.be
Its not hard, but thought I'd record it anyway just in case.
12
Alright, I felt like I had to seriously rewrite this whole post in order to get this pokemon.. or pokemons straight.

-The pokemon is found using RETIRE in daycare, engaging into a double battle.
-The pokemon changes the sprites of pokemon around him into box's, which reverts itself once pokemon are thrown into the fight.

-The pokemon changes its number in pokedex, type, stats, health depending on (we're assuming) The pokemon in the daycare.
-level is always 1 in battle, but sometimes it changes to 0 after looking at pokemons stats and such in box's, not sure why this happens
-always male
-changes its color sometimes when you look at pokemon in a box, permanently untill changed to another.
-changes its first part of its type to the previous pokemon looked at, second always remains flying. You can also change its type to 'cool' or 'smart' and so on.

-most 's we've cought are extremely unstable, crashing when trying to look at their summary or switching them with another pokemon.
but, one particular one we refered to as " 's 24' referring to its number given once caught, and it being an 's. Was stable enough to be viewed.
-The moveset exists out of dig, and 2 glitchmoves with 0pp, we weren't able to test them out as any 's seemed to crash the game or softlock if we tried to battle.

-in certain occasions, trying to look at the summary of 's 24 in a box crashes, but sometimes you can, usually after you changed the position of pokemons around.
-the glitchpokemon can corrupt daycare pokemon, if you're trying to receive them after battling 's, the game freezes when you try to receive it, if theres a corrupted pokemon in the daycare and you add a second, this one also seems to be corrupted. this led me to believe that the daycare itself was corrupted, but at further investigation this seems to be not true, as trying to get an 's without pokemon in the daycare makes the daycare act normal after battle.

-'s 24 is not able to be put in a contest, this will simply crash the game. He actually makes you unable to do contests at all, with any pokemon, even if he's no longer in your party. this might be because the partner mode later stated in this post
- DISCLAIMER: just figured out its not the fact that you have an 's -- in your team that crashes you, he actually corrupts your abilty to fight when caught.

-Trying to engage the battle with 1 pokemon in party automaticly gives you a DPbox, I also found  a sidebug bcs of this. When DPbox uses strugle on
an onix in dig, he misses and no longer tries to engage into fighting.

-My theorie is that the fight puts you into a 'partner' mode, hence the DPbox, and why we crash trying to engage in any other battle than the doublebattle in daycare. But, you fight with your own pokemon if you don't have just the single pokemon, now that I have the poketch app I'll see or DPbox ends up in my party.

-He seems to be stable when put in the daycare, the daycare poketch app shows him as a questionmark.
-When leveling up in daycare, his level seems inconsistent. Level 9 -by poketch app. level 8- showing up in party. level 10- showing up in box's.

-stats stay level 1 after receiving from daycare, however putting him in a box, closing out, going back in and grabbing him makes his stats change to a higher number.

-When bred with a dito, the egg seems to white out chat, and only shows up in box's and poketch apps, once it hatches it becomes a Dpbox.

-When ditto uses transform, the game does not crash. You change bothe dito and 's -- into 'nothing' or something invisible, and change the sprites of the remaining pokemons into box's. dito's moves are extremely graphically bugged! One of the glitchmoves always says 'out of pp' while the other one makes you mash A a ton of times trying to get through a blank message, and doesn't seem to change stats or do dmg.

-The pokemon seems to have have a couple of glitchmoves, and a large variete of moves he can learn.

-When taken from daycare, his health is 10+his level (10 is his base hp at 0), and stats are 4 5 5 5 5, after putting him in a box and retreiving him (you can actually change his level depening on which pokemon you switch him with, or actually their Experience group.) his stats and health will be stabilized, except his speed, this always seems to stay at 5

https://gyazo.com/c1614eb9da126c4ce99018b2d53910f5
https://gyazo.com/5e1968dda3454d4dea02f695b56b859b
https://gyazo.com/9588a373956e36ee839637da0ad8145c
https://gyazo.com/0183233068287c142dfaad8916407ef4
https://gyazo.com/32a3a44113b925984953c610ba1ebd4f

Also, I am unable to get them to work in battles, even the only battle I can enter (aka the daycare RETIRE battle) they seem to crash, but ditto is able to copy their moveset, and that looks a bit like.. this?

https://gyazo.com/4925d26573b3b2d45dcfb4a452e404df
The glitchy sprites change from 's to 's, but they are always located in the same location.
 
This covers most of what we've found, thanks to @caveat http://forums.glitchcity.info/index.php?action=profile;u=1851
for watching my stream about this pokemon, and helping figure out how this pokemon behaves!

sadly it appears as if my obs didn't save the stream, so I'll have another stream tomorrow at 10:00 CEST
over at https://www.twitch.tv/trggravedigger
Hope you tune in, as I know little to nothing about coding, and I feel like this pokemon is changing its type and such arbitrarily.
 
Someone who watched this thread watched my second stream on this, he figured out that the level that The glitchpokemon has depends on the experience group of the pokemon, if you swap the 's with a certain pokemon, it will change its level depending on what group it is in, and all the pokemon in that group will make him that level.


https://www.youtube.com/watch?v=0pSldSIY1YI&feature=youtu.be

Explanations and showing off the glitchpokemon, hopefully this sheds some light on everything!  8)
13
Using the 'Retire' glitch in oreburgh city in D/P, you start the cutscene in which your Rival pushes you to the left, if you do this next to any house you can end up behind the door, enter it from the backside and get into the void. Alternatively, you can use Retire in the Great March building, which will make you walk downwards, even through the walls into the void.

Edit: Going to Amity Square and activating Retire makes you go up, or down depending or you answer the question with yes or no, I am currently in the process of testing how far up and down I can go before I can freely move in the void, or I get stuck and the script unloads

Answer: Going up, you crash once you load 'Oreburgh city', and going down you enter Mystery zone, but are able to walk back up into Amity Square.

Issues:
1) First of all, you have to lose  a battle in the void to maintain the Retire effect and be able to leave the void (as far as I've tested).
You can't use fly, teleport, escape ropes or dig because you're still in the palpad mode and can't access these.
2)  you will have to walk all the way to Oreburgh city as you'll spawn in the last pokecenter you entered before entering the void.
3) you can no longer fight any non-player battles in this mode, so gameplay is limited in this mode.
4) you can't use your bike, fly or any of the mentioned actions in 1), even after you left the void, but hey, at least you can walk through the grass without getting attacked... ha.
5) You can't save unless you're in a pokecenter, or any other area that forces you to save (like jubilife's WFC)

There are a lot of downsides to this, and I don't know or you can disabled the Palpad mode by going into the void and into the palpark area, but I mainly posted this to just share some findings, don't think anyone else posted about this way of getting into the void yet either.
Don't recommend using this for real, but do what you want :)

I'm gonna add some screens and videos of this later today, to show my findings!

Interesting thing, using RETIRE in Great Marsch to run around it, going above the door to the safari zone, using RETIRE to get under it and then entering the door makes you able to fight pokemon in the Safari zone, without paying, you can catch them with normal pokeballs (I used Duskballs) and gain experience, its the only zone I've found in which you can fight... and you're not supposed to be able to fight here :p
Pages: [1]