Main Menu
Main Page
Forums
New pages
Recent changes
Random page
Help

Glitches
Arbitrary code execution
Pokémon cloning
Pomeg glitch and Glitzer Popping
Tweaking and voiding
Glitches by generation
Glitch categories

References/Resources
Databases
Disassembly projects
The Big HEX List
Pokémon cheat codes
Pokémon glitch terminology
Useful tools
More

Affiliates
Legendary Star Blob 2 (Hakuda) (日本語/Japanese)
Pokémon Speedruns wiki (English)
PRAMA Initiative (Français/French)
MissingNo. Glitch City (Italiano/Italian)
Become an affiliate!

Technical
Site source code

Search Wiki

 

Search Forums

 

Author Topic: Arbitrary code execution in Red/Blue using the "8F" item  (Read 409807 times)

0 Members and 4 Guests are viewing this topic.

andr2535

  • GCLF Member
  • Offline Offline
  • Gender: Male
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #300 on: March 06, 2016, 06:23:23 pm »
Hi, I wanted to ask a question that confuses me a bit.

I was trying to use Pigdevil2010's bootstrapping code for w sm(http://forums.glitchcity.info/index.php/topic,6638.msg198107.html#msg198107),
but my game seems to freeze when I use that bootstrapping code.

So I tried to find the cause of it using the bgb debugger, and it seems like the place where it is supposed to goto DA97, it goes to DA98 instead.
I fixed that by switching Nidoqueen with Nidoran(female).

Does this bootstrapping setup work for anyone(unaltered), or is there some mysterious bug on my end? :P

Flandre Scarlet

  • Mistress of Scarlet Devil Mansion
  • GCLF Member
  • *
  • Offline Offline
  • Role playing as my favorite character is fun
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #301 on: March 06, 2016, 08:23:12 pm »
It could have just been a mistake on his part. Or maybe it was you IDK.
I am a fan of Pokemon, Glitches, Touhou, Yugioh, Smash, Mario, Sonic, Kirby, (2D) Metroid, and MORE!

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #302 on: March 07, 2016, 12:01:45 pm »
Didn't we had another guy who had trouble with this setup previously? The G-Meister maybe?

I don't use this one but Torchickens' optimized setup for non-english games (which Haxel slightly modified again I believe) so I don't know but I'll double-check the code manually asap to see if it's a proper boostrap :)

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

FroggestSpirit

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #303 on: March 09, 2016, 03:33:36 pm »
Has anyone made a better bootstrap code using something like wack0's gameshark code?
I was able to have a JP D53B stored as the last 3 bytes of my trainers name (this only works if your name is short enough)
The only downside is that I had my 6th pokemon turn into ID F9, so when I arranged my party like:
6 pokemon:
anything
tentacool
ID F9 pokemon
anything
anything
anything

it works well, taking you to the first item in the PC, however it messes up battle sprites due to the missingno
Edit:also irrelevant, but I did this on the VC re-release
« Last Edit: March 09, 2016, 03:35:32 pm by FroggestSpirit »

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #304 on: March 10, 2016, 01:25:51 am »
In R/B games, there is luckytyphlosion's compact setup: http://forums.glitchcity.info/index.php?topic=6638.msg198585#msg198585

Also there is a glitch Pokémon setup that only uses 3 Pokémon (but you can have up to 5), I don't remember who did it:
h Poké (hex:C3)
Graveler
M p u (hex:D3)

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

darksarcasm

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #305 on: March 10, 2016, 11:55:08 am »
If I have my party Pokemon arranged correctly for the 8F execution to the third item in my bag (Pidgey, Parasect, Onix, Tentacool, Kangaskhan), am I correct in assuming the sixth slot Pokemon does not matter? By the same token, is the C9 Hex code a stop function, and therefore items below this item won't affect the code? I've noticed that most if not all the example codes in this post end with an item that is multiplied by 201.

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #306 on: March 10, 2016, 12:41:10 pm »
C9 (item TM01 or anything x201) is a ret instruction which ends your code. So yes, any item afterwards does not matter.

However, it is very different for the setup, as the bootstrap code starts with the value of address $D163 (number of Pokémon). Having 5 Pokémon calls for a placeholder, useless function, but having 6 Pokémon instead of 5 calls for an assign function which also uses the following hex value, 'skipping' it from code reading, and therefore breaking your code.

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

darksarcasm

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #307 on: March 10, 2016, 06:37:26 pm »
C9 (item TM01 or anything x201) is a ret instruction which ends your code. So yes, any item afterwards does not matter.

However, it is very different for the setup, as the bootstrap code starts with the value of address $D163 (number of Pokémon). Having 5 Pokémon calls for a placeholder, useless function, but having 6 Pokémon instead of 5 calls for an assign function which also uses the following hex value, 'skipping' it from code reading, and therefore breaking your code.

Right, forgot that # of Pokemon in the party has a RAM address.

I really should learn assembly so I could write my own code and to easier understand the game.

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #308 on: March 11, 2016, 01:05:57 am »
Yep, you don't need to be a super assembler expert to write some nice codes. Understanding a few opcodes is enough! You can also ask if you don't get how to use one. If you have an emulated game, you can also fearlessly try a few things and see how it reacts  :P

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

Glisp

  • The Protector of Darkness
  • Wiki Contributor
  • *****
  • Offline Offline
  • Gender: Male
  • The Dark Eternal Champion will pwn you!
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #309 on: March 11, 2016, 08:52:17 pm »
by 255 of one item, what do you mean? The Limit is 99 so do I just make multiple stacks, use the Missingno 128 item glitch or what?
Bleah! *Splash and Splatter*

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #310 on: March 12, 2016, 02:54:07 am »
To get x255 of one item, either:
- use MissingNo.'s duplication (capture it or encounter it twice, tossing two items)
- use Glitch City RAM Manipulation to overflow the PC and withdraw any x255 item

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

Glisp

  • The Protector of Darkness
  • Wiki Contributor
  • *****
  • Offline Offline
  • Gender: Male
  • The Dark Eternal Champion will pwn you!
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #311 on: March 12, 2016, 12:07:28 pm »
Thank you so much
Bleah! *Splash and Splatter*

Flandre Scarlet

  • Mistress of Scarlet Devil Mansion
  • GCLF Member
  • *
  • Offline Offline
  • Role playing as my favorite character is fun
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #312 on: March 14, 2016, 08:18:11 pm »
___________________________________
Walk through walls (no ledge needed):

3E 01 EA 38 CD C9

Code: [Select]
ld a, 01
ld (CD38), a
ret

Lemonade x1
TM34 x56
TM05 x201

How would you translate this to Red and Blue using 8F instead of ws m?
I am a fan of Pokemon, Glitches, Touhou, Yugioh, Smash, Mario, Sonic, Kirby, (2D) Metroid, and MORE!

Krys3000

  • French living dexer
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - French Pokémon glitch website
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #313 on: March 15, 2016, 01:37:25 am »
You don't need to. Address $CD38 is in a RAM section that doesn't change between any international R/B and Y.

Admin of the PRAMA Initiative, the main french Pokémon glitch website
https://www.prama-initiative.com
“Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'” - Isaac Asimov

Flandre Scarlet

  • Mistress of Scarlet Devil Mansion
  • GCLF Member
  • *
  • Offline Offline
  • Role playing as my favorite character is fun
    • View Profile
Re: Arbitrary code execution in Red/Blue using the "8F" item
« Reply #314 on: March 15, 2016, 07:09:59 am »
It wasn't working for me earlier because I failed at counting glitch symbols and I had 211 instead of 201.
I am a fan of Pokemon, Glitches, Touhou, Yugioh, Smash, Mario, Sonic, Kirby, (2D) Metroid, and MORE!