Main Menu
Main Page
Forums
New pages
Recent changes
Random page
Help

Glitches
Arbitrary code execution
Pokémon cloning
Pomeg glitch and Glitzer Popping
Tweaking and voiding
Glitches by generation
Glitch categories

References/Resources
Databases
Disassembly projects
The Big HEX List
Pokémon cheat codes
Pokémon glitch terminology
Useful tools
More

Affiliates
Legendary Star Blob 2 (Hakuda) (日本語/Japanese)
Pokémon Speedruns wiki (English)
PRAMA Initiative (Français/French)
MissingNo. Glitch City (Italiano/Italian)
Become an affiliate!

Technical
Site source code

Search Wiki

 

Search Forums

 

Author Topic: Arbitrary code execution in Gold/Silver UE using the Coin Case  (Read 84323 times)

0 Members and 1 Guest are viewing this topic.

SatoMew

  • Member+
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #165 on: October 25, 2017, 02:55:02 pm »
I can make a video of it, provided I can figure out how lol

BGB lets you capture both video and audio! :)

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #166 on: October 25, 2017, 03:04:12 pm »
I can make a video of it, provided I can figure out how lol

BGB lets you capture both video and audio! :)
Wondrous! I'll have it made sometime today/tommorow.

I can't say it will be Torchickens or Crystal_ quality though
« Last Edit: October 25, 2017, 03:05:28 pm by Couldntthinkofaname »
grouchy

Skeef

  • GCLF Member
  • *
  • Offline Offline
  • Eek!
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #167 on: October 25, 2017, 04:10:25 pm »
Speaking of videos, is it possible to use this code but with PP Ups instead? https://www.youtube.com/watch?v=CiDi5nb-uoc I just want to know if there is a easier way to get PP Ups instead of the slow cloning method.

This should give you 255 of the first item in your item pack.

Box1: A p 0 9 é z 't x
Box2: 'd

Thank you!

Regarding the levels, they are based on the route you used this exploit in. Regarding the moves, the Celebi I tried this with used Confusion and Heal Bell agianst me, but I only had time to test out 3 attacks (it used heal bell twice).

As for the other Pokemon you mentioned, I will make them as soon as I return to my computer. :)

This seems the best way to get Celebi with it's start moves then. Other methods to obtain Celebi then have to do another glitch to teach it's start moves which takes a longer time. The only other way to get a Celebi with its start moves using one method is using the bad clone method to get a Celebi at level 0 then give it a Rare Candy to level 1 and it will learn it's start moves, but the bad clone method is more complicated, risky and time consuming, so your discovery is definitely the best method.

You could run TM25 in a more 8F way. Setting up the item pack. This is a gen 2 version of the change any byte in ram code. The box code above can help you get items over 99.

Any <- I actually have TM25 here :D
Any
Fresh Water - ld l
Full Heal - ld h xx
PP Up - ld a xx
Focus Band x201 - ld (hl) a / Ret

So 44 Fresh Water and 218 Full Heal would point to your fist party pokémon. With PP Up quantity determining the move learned. Jumping to item 3 requires a slide pokémon and Quagsire with music mail and Attract as move 1.

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #168 on: October 25, 2017, 05:32:46 pm »
I've successfully combined my two prior codes! Here's the outcome:

All encountered Pokemon are <insert x Pokemon here> and shiny:
Box 1:  Ap'v8é'm25
Box 2:  p0(male)55555
Box 3:  'vAé52p0'm
Box 4:  éJ9p0(female)55
Box 5:  éK9p0255
Box 6:  éL9p'd555
Box 7:  p0?yyéA'd
Box 8:  p0éé(female)'dyy
Box 9:  p0ké0'dp'd

Replace ? with the species index

To access species indexes that are lower than $7f, than replace Box 7 with:

Box 7: p0?'v(space)éA'd

Then replace ? with SpeciesIndex + $7f

Due to the way the game generates wild Pokemon, most Pokemon obtained this way are 100% legitimate. This means they will probably be able to be moved to Pokébank when such services become available. There might still be OT issues with Mew, but these can easily be resolved with an OT editor, and I can make one if needs be.

Nintendo's going to have a real headache on their hands :)
« Last Edit: October 25, 2017, 05:35:01 pm by Couldntthinkofaname »
grouchy

Nostalgia

  • GCLF Member
  • *
  • Offline Offline
  • Gender: Male
  • ?
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #169 on: October 25, 2017, 05:38:13 pm »
This should give you 255 of the first item in your item pack.

Box1: A p 0 9 é z 't x
Box2: 'd

Is this a TM25 method? Because I'm only using the Coin Case for now.

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #170 on: October 25, 2017, 05:51:39 pm »
Yes, his code is for TM 25 only.
grouchy

Dragon Arbock

  • Oldschool Glitch Hobbyist
  • GCLF Member
  • Offline Offline
  • Charizard 'M is best Charizard
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #171 on: October 25, 2017, 08:09:47 pm »
Is your shiny and wild encounter modifier code TM 25? Cause I can't get it to work with coin case.

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #172 on: October 25, 2017, 08:27:08 pm »
Is your shiny and wild encounter modifier code TM 25? Cause I can't get it to work with coin case.

Yep. TM 25 only for the time being, an unfortunately, it's likely to stay that way.

My code needs to load $xx into $d0ed, but the problem is $ed isn't character-representable. To compensate, my code double self-mods in order to load $ed into it's necessary location. That, and the code used to derail OAM DMA, takes up 6 boxes. Since box 7 is the only box that allows self-modding on all character slots, the code must start there. Adding the coin-case setup would take up box 7, the only box I can use.

Sorry. :(
« Last Edit: October 25, 2017, 08:36:36 pm by Couldntthinkofaname »
grouchy

Dragon Arbock

  • Oldschool Glitch Hobbyist
  • GCLF Member
  • Offline Offline
  • Charizard 'M is best Charizard
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #173 on: October 25, 2017, 08:34:31 pm »
Ah, disappointing.. don't know if it's worth the trouble to update my setup to 25 or not.. and then the other codes I use would need to be updated too.

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #174 on: October 25, 2017, 08:38:56 pm »
I personally recommend TM 25 ACE, there's no hassle to fix the stack and you don't need to walk in a certain manner or listen to specific cry.
« Last Edit: October 25, 2017, 08:48:59 pm by Couldntthinkofaname »
grouchy

Dragon Arbock

  • Oldschool Glitch Hobbyist
  • GCLF Member
  • Offline Offline
  • Charizard 'M is best Charizard
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #175 on: October 25, 2017, 10:32:24 pm »
None of that really bothers me. The most tedious part has to be done either way (typing in the code). I could see the advantages though, either way I'll probably be forced into using it as support for coin case wavers.

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #176 on: October 26, 2017, 05:58:43 am »
Just make sure that when you switch to TM 25, move your slide Pokèmon and quagsire up one slot.
grouchy

Evie the Mother Hen ☽ ❤

  • Head Administrator
  • *****
  • Offline Offline
  • Gender: Female
  • I love My Melody. 🦋 ✿
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #177 on: October 26, 2017, 10:28:34 am »
Thanks for your work Couldntthinkofaname. :)

That wild Pokémon modifier and wild Pokémon are Shiny code looks awesome.

May make a video of it like Nostalgia suggested, and if you make one too I'll add a link to it in my video description.

✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post :)
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿



(Images © Sanrio, Nintendo, Pokémon, HAL Laboratory)

✿ Hi, I'm Evie. Transgender woman but spiritually doesn't believe 'male'/'female' needs to be defined; lives more stereotypically like a woman/I'm a 'girly' nerd who discovered herself. Call me whichever pronouns you like. :)

Feel free to contact me here about anything regarding the site.

Forgiveness. I feel that the more people pray to our greatest source/God/mathematical equality for world peace, the more and more it manifests into reality (until our next spiritual death).

Thank you Nyapon for this lovely artwork. :3

Epsilon

  • Member+
  • *
  • Offline Offline
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #178 on: October 26, 2017, 10:31:07 am »
Thanks for your work Couldntthinkofaname. :)

That wild Pokémon modifier and wild Pokémon are Shiny code looks awesome.

May make a video of it like Nostalgia suggested, and if you make one too I'll add a link to it in my video description.
Thanks agian!

I already have the AVI and WAV ready, but I can't combine them yet, i've been scrambling for a video editor that can do this to no avial.

Any suggestions?
« Last Edit: October 26, 2017, 10:32:14 am by Couldntthinkofaname »
grouchy

Evie the Mother Hen ☽ ❤

  • Head Administrator
  • *****
  • Offline Offline
  • Gender: Female
  • I love My Melody. 🦋 ✿
    • View Profile
Re: Arbitrary code execution in Gold/Silver UE using the Coin Case
« Reply #179 on: October 26, 2017, 10:43:17 am »
Thanks for your work Couldntthinkofaname. :)

That wild Pokémon modifier and wild Pokémon are Shiny code looks awesome.

May make a video of it like Nostalgia suggested, and if you make one too I'll add a link to it in my video description.
Thanks agian!

I already have the AVI and WAV ready, but I can't combine them yet, i've been scrambling for a video editor that can do this to no avial.

Any suggestions?

You're welcome.

I'm unsure as I usually use Bandicam with Stereo Mix to record the audio at the same time (or VBA's built-in recorder however it probably won't emulate the OAM DMA exploit correctly) without having to combine video and audio.

I think FFMPEG can do that though (according to https://stackoverflow.com/questions/11779490/how-to-add-a-new-audio-not-mixing-into-a-video-using-ffmpeg), use cd [add path here] on Command Prompt to set the current directory.

Windows Movie Maker can do it too but I'm unsure how that would affect the quality.

✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post :)
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿



(Images © Sanrio, Nintendo, Pokémon, HAL Laboratory)

✿ Hi, I'm Evie. Transgender woman but spiritually doesn't believe 'male'/'female' needs to be defined; lives more stereotypically like a woman/I'm a 'girly' nerd who discovered herself. Call me whichever pronouns you like. :)

Feel free to contact me here about anything regarding the site.

Forgiveness. I feel that the more people pray to our greatest source/God/mathematical equality for world peace, the more and more it manifests into reality (until our next spiritual death).

Thank you Nyapon for this lovely artwork. :3