Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - suloku

Pages: [1]
1
Generation III Glitch Discussion / Re: Manipulate specific flags?
« on: March 24, 2017, 03:31:57 am »
Unfortunately, not possible. The GBA's JoyBus link support only allows for a GBA to be the slave.

I'm getting of topic, but the GBA 10ANNIV rom (and probably others) worked by sending a client application the GBA from another GBA. The leaked official SDK has an example about this too (by the way one of the 10ANNIV roms was made public recently).
2
Generation III Glitch Discussion / Re: Manipulate specific flags?
« on: March 21, 2017, 09:14:48 am »
The point would be to do it with only a GBA cartridge, as I pointed in the thread, If I only wanted to execute in-game script commands I could do it via wondercards (but your RCE method is way more powerful and has more possibilities). Would be interesting to see this implemented as a GBA to GBA hombrew, instead of GC/Wii to GBA, but that's another topic.

I went asked TheZZAZZGlitch on his video. I don't know if the flags are in the DMA regions, but if they aren't, would that 60 instruction limit allow to set a bit at a certain memory location given we know that exact memory address beforehand?

ps: sorry for any stupid question, but I don't really know anything about assembly
3
Generation III Glitch Discussion / Manipulate specific flags?
« on: March 21, 2017, 05:05:58 am »
Hello,

I've been reading about gen 3 ACE and glitches trying to find a way to manipulate specific flags (specifically, Emerald's event islands for legendary pokémon) and after reading about the inner works of ACE and glitzzer popping I have some doubts:

- I've seen that via Glitzzer popping the flags to birth, faraway and southern island can be enabled, but for what I've read about the how the glitch works, those are only enabled because of the game recognizing the data as a corrupt pokémon and setting it as a bad egg, which results in the flags being enabled. The flags for the 4 islands are consecutive, but to my understanding there's no way to manipulate the address, in fact that there's a glitch pokémon that makes those two flags for the islands get enabled is quite lucky already. Am I wrong and can glitzzer popping be altered to manipulate any flag given we know where it is?

- Since I though I couldn't achieve what I wanted via glitzzer popping, I though ACE was the way to go as showcased here: https://www.youtube.com/watch?v=m9pvNYdhldo&t=31s
 The method seems promising as even with the 60 instruction limit, I think enabling 4 flags should fit, but as I don't know ASM I don't have a clue about how to write the payload for setup. I do know how to find the ASM in the rom for the setflag instruction scripting uses though, but without knowing how to use it, doesn't really make a difference.
Also, I don't know if the savegame being "aligned" (blocks 0-14 being in ascending order as seen here https://www.youtube.com/watch?v=1pb-6hMDQBs) is a requirement for this ACE method.

The ultimate goal is just a simple ACE that enables the 4 island flags, the items can be obtained via glitzzer popping so they aren't a problem. Being able to enable/disable flags could have other uses, like re-battling the legendaries, which might also be interesting.

I personally prefer the ACE way, since glitzzer popping corruption flag enabling also changes undesired flags in the process, so ACE should be a lot cleaner for the savefile imho.
4
Generation III Glitch Discussion / Re: Gen III Remote Code Execution
« on: March 18, 2017, 07:44:44 am »
A little of topic here, but since you reversed the transfered rom and know how game detection works, modifiying the colosseum USA/JAP bonus disc to accept other region carts would be feasible? I'd really like to test that. I checked a little the code, do they only use gamecodes for that?

Another technique that might be useful is to take advantage of the Mystery Events feature that overrides an NPC script (used to install Norman’s Eon Ticket script). By storing a script that uses the callasm command, you could execute code on demand by talking to a particular NPC.

By writing such a script into the save file using multiboot, it might be possible to do this even in games where Mystery Events is unavailable (FireRed/LeafGreen and non-Japanese Emerald).

It is, in fact I found that Emerald/FRLG seem to use the same slot for mistery gift script for the WonderCard script (not really checked with jap versions, since the only mistery gift script was for RS, as eon ticket in emerald is hardcoded and mistery gift only enabled an in-game flag).

I'm not sure if this reachead Glitch City, but I coded a program to create custom wondercards, and what you suggest can easily be done with a wondercard too, meaning you could even send the script+asm to other people via the wifi adapter. There's 992 bytes for the script available if I remember correctly, and it can easily be assigned to another npc.
5
Pokémon Discussion / Re: Highest possible DV values for Gen 1 games
« on: July 15, 2016, 12:57:43 am »
This is very interesting. Today I've actually wondered how Gen 1 and 2 randomness works.

EDIT: removed my previous dumb post made before actually reading the full information.

About the in-game trade, it would be simple to test: play a while, make some wild battles and save before trading in emulator and make a savestate. Trade the pokemon and check the DVs. Then load the savestate and shutdowon emulator and start over, and trade again and check the DVs. If there's some random number generator involved that should produce different DVs.


I wonder how PRNG works in GSC... I'm curious to see if the RNG algorythm was used for the distribution machines at PNYC (or the celebi tour for example). These had random DVs (shiny locked apparently, which might make it more difficult...).

Maybe the ID# was used as seed? There's a savegame with many celebis (around 12) from those machines, and some are from the same machine and very close to each other (in fact there are 2 that are sequential). How cool would it be to find the algorythm used  and essentially be able to code a Celebi machine? I guess I'm dreaming too high though, but maybe they really did use the same algorythm as in GSC. And now I'm wondering about the red gyarados. If the attack is random in GSC, that would mean the RNG function is in the game, running until it hits a shiny DV combination, which might have been how these machines worked... for shiny lock may be the same but just skipping shiny DV combinations...
Pages: [1]