Arbitrary code execution: Difference between revisions
Add initial information on Gen 4 (thanks to RETIRE for corrections!)
>CasualPokePlayer m (forgot to put a word my edit in oops) |
(Add initial information on Gen 4 (thanks to RETIRE for corrections!)) |
||
| (3 intermediate revisions by 2 users not shown) | |||
Line 3:
{{PRAMA|ace-1G}}
{{Bulbapedia}}
{{incomplete|1=<br><br>The following methods of ACE: custom map script pointer, move effect, Trainer escape glitch text box, bad clone summary, Burned Tower Silver, TM/HM use outside of the correct pocket, glitch Pokédex categories, Pikachu glitch emote
'''Arbitrary code execution''' (Japanese: 任意コード実行) refers to a method that allows the player to force the game to run code in a write-enabled region of the game, often WRAM or RAM (see [http://gameboy.mongenel.com/dmg/asmmemmap.html Game Boy memory map]). If it is manipulable (e.g. if the region is in a representation of the player's current party), this can be abused to run custom code written by the player.
Line 20:
Below is a summary of commonly used ACE glitch items. For more information, including bootstrapping setups, click on the name of an item to go to its [[ItemDex]] page.
{| class="wikitable sortable"
|}▼
!Version!!ID!!Name!!Effect pointer!!Pointing to!!Notes
|-
Line 42 ⟶ 36:
|-
|European non-English Yellow||0x63||[[ItemDex/Y:099#In other European versions|ws l' m / ws & m]]||<!-- TODO -->||Box Pokémon data||Same item as ws m
|English Red/Blue||0x59||[[ItemDex/RB:089|4F]]||$FA65||Middle of Day Care data
|-
|English Yellow||0x59||[[ItemDex/Y:089|4F]]||$FA64||Middle of Day Care data||
Line 50 ⟶ 46:
|-
|Japanese Blue||0x7B||[[ItemDexJP/B:123]]||$D806||Grass encounter table||See てヘ. Requires [[0x50 sub-tile]].
|}
Notice that the items in the European non-English versions are all the same as the corresponding item (with the same ID) in English version; however, due to differences in memory layout, the bootstrapping setups will be slightly different. (The "floor items" have different numbers because in those countries, "first floor" refers to what is called second floor in American English.)
Line 154 ⟶ 149:
This is by far the most consistent method of ACE in Emerald. Once the glitch pokemon is acquired, all that's needed is to look at it, either by hatching it from an Egg, from the summary, or a Pokemon Contest. Although Emerald's memory randomization still shifts PC data around, as long as code is placed far enough past the maximum shift distance, it will execute 100% of the time. This is why it is suggested to place code in box names or Box 12 Slot 4 even though this targets Box 12 Slot 3.
==In [[bp:Generation IV|Generation IV]]==
===Via Retire glitch===
Executing a script with an index higher than the available script indexes in a map via the [[Retire glitch]] can be used to obtain arbitrary script execution, which can be escalated to full ACE. This method has been [https://www.craft.do/s/VTsIAtSd7ob1uT refined] over time.
{{Youtube|tmPzFAuKMA8|RETIRE}}
===Via Alt-Retire glitch===
Similarly to the previous method, arbitrary script execution can also be obtained via the [[Alt-Retire glitch]].
===Via NPC ASE===
Interacting with an NPC runs a script with an index equal to the event_id of that NPC. ASE can be obtained through invalid event_ids. Currently, this can only be achieved via an existing ASE method. There is a [https://www.craft.do/s/oLpZYx2GFRf8N1 guide] for this by RETIRE.
==In [[bp:Generation VI|Generation VI]]==
| |||