Breakpoint: Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
>Torchickens No edit summary |
>Torchickens No edit summary |
||
Line 9: | Line 9: | ||
In the context of [[arbitrary code execution]], this method may allow new instances of arbitrary code execution to be discovered if the address range is specified within RAM (e.g. 8000-FEFF). |
In the context of [[arbitrary code execution]], this method may allow new instances of arbitrary code execution to be discovered if the address range is specified within RAM (e.g. 8000-FEFF). |
||
In the below image, the debugger has automatically highlighted WRA1:D163 following the use of [[glitch item]] [[ItemDex/RB:093|8F (0x5D)]]. This means (because "on execute" was checked), the game is running D163, which classes as arbitrary code execution as D163 is a RAM address; specifically |
In the below image, the debugger has automatically highlighted WRA1:D163 following the use of [[glitch item]] [[ItemDex/RB:093|8F (0x5D)]]. This means (because "on execute" was checked), the game is running D163, which classes as arbitrary code execution as D163 is a RAM address; specifically [https://datacrystal.romhacking.net/wiki/Pok%C3%A9mon_Red/Blue:RAM_map#Player the values here] are the party Pokémon data, but in this case they are interpreted as GBZ80 programming language instructions. Which each value (00-FF) corresponds with can be found on [[The Big HEX List]]. |
||
[[File:Breakpoints2.png|500px]] |
[[File:Breakpoints2.png|500px]] |