Anonymous user
ItemDex/RB:085: Difference between revisions
→Hall of Fame corruptions
Line 19:
However, the available opcodes are limited using a normal Pokémon nickname. It may still be possible to craft the Pokémon nickname for a useful code without arbitrary code execution or [[connection copier]] (connection copier serves as a pseudo-GameShark similar to a RAM write from arbitrary code execution) but a method to do this has not been published yet.
==Application with SRAM ('Hall of Fame') corruptions==
As demonstrated by TheZZAZZGlitch, with a series of SRAM corruptions (empirically, these may be seen as Hall of Fame corruptions), it is possible to manipulate the data within the program counter area of B1F (beginning at SRAM:A7D0). If the corruptions are due to sprite decompressions from [[glitch Pokémon]] (as viewed from the Pokémon summary in the party; as this opens SRAM specifically in the un-banked area), the outcomes are [[Chaos theory in the context of glitches (Game Boy Color)|chaotic]] (which while technically deterministic are based on the subroutine used to decompress a Pokémon sprite extrapolated further into SRAM than intended).
As the process is complex, viewing certain glitch Pokémon sprites without further knowledge can be viewed as an elaborate pseudo-random number generator for an outcome of bytes in the SRAM, if the initial SRAM is interpreted as a 'seed' (pseudo-random as given the sprite pointer of a glitch Pokémon is not from RAM or SRAM itself, the input SRAM would in theory always produce the same output SRAM).
Line 36:
[[GlitchDex/RB:198|LM4 (0xC6)]] (relative upper area of the SRAM) and [[GlitchDex/RB:220|Glitch Pokémon (0xDC)]] (relative lower area of the SRAM) are examples of glitch Pokémon which corrupt the Hall of Fame, and were verified by TheZZAZZGlitch for use with the SRAM corruption emulator.
Note this method of calculated/planned sequential SRAM corruptions caused by glitch Pokémon sprites is not only useful for B1F. Furthermore, in the case of [[arbitrary sprites]]; it may be possible to corrupt the compressed sprite of the glitch Pokémon as well (affecting the sprite decompression process in another way), potentially leaving more opportunities for control.
Note this method is not only useful for B1F. For example, the contents of [[TrainerDex/RB:052|Trainer (0x34)]]'s roster 1 (0xFC from 0xD059 and 0x01 from 0xD05D, hence the required Special stat is 252, and the required Attack stat modifier is -6. Specifically however, it is just the representation of $CD2D and $CD2E effectively) depends on the contents of pointer 0xA5A5 in SRAM. This is within the region that can be changed through glitch Pokémon sprite corruptions such as LM4. If the player is able to corrupt the sprite pointer region of a glitch Pokémon for those sourced in SRAM like [[GlitchDex/RB:244|ゥ₽ (F4)]] and its front sprite pointer of SRAM:A922, grinding (or calculating the series of corruptions) for an interesting front sprite is an option as well (see also: [[arbitrary sprites]]).▼
Other examples of the usefulness of calculated/planned sequential SRAM corruptions from viewing summary glitch Pokémon sprites are:
*As a means of precisely manipulating what Pokémon appear in the Hall of Fame.
▲
*As a means of manipulating SRAM arbitrary code executions other than 10F (and not strictly limited to glitch items); there are other arbitrary code execution exploits which can attempt to execute SRAM.
While Hall of Fame corruptions through glitch Pokémon sprites may be appealing in their own ways, they are not necessary if the player wants more control and efficiency, as the player could simply modify the SRAM with arbitrary code execution precisely in advance, nonetheless it can be desirable by some to grind for a desirable result in advance.
| |||