Player coordinates RAM writer: Difference between revisions

← Older edit

Player coordinates RAM writer (view source)

Revision as of 04:18, 26 August 2018

689 bytes added , 5 years ago

no edit summary

VisualWikitext

Anonymous user

>Torchickens

Revision as of 21:35, 26 November 2014 (view source) >Glitch Genie (Created page with "'''WHAT'S JAIL BREAKING?''' Jailbreaking is a hack to restart the game with 8F in "any way" you want depending on how many bytes you execute. Arbitrary code execution in R...")		Latest revision as of 04:18, 26 August 2018 (view source) >Torchickens No edit summary
(9 intermediate revisions by 3 users not shown)
Line 1: {{incomplete}} ~~'''WHAT'S JAIL BREAKING?'''~~ Using [[arbitrary code execution]], it is possible to create and run large programs in a Pokémon game, such as homebrew software. ==Using 8F in {{RB}}== ~~Jailbreaking is a hack to restart the game with 8F in "any way" you want depending on how many bytes you execute.~~ This technique is referred to in TheZZAZZGlitch's video as 'jailbreaking' the Game Boy. ~~[[Arbitrary code execution in Red/Blue using the "8F" item ]] shows how to obtain 8F.~~ ~~You~~It ~~can jailbreak with~~requires the following ~~list of~~ items:▼ ~~'''HOW TO JAILBREAK'''~~ #Bicycle▼ ▲You can jailbreak with the following list of items: #8F▼ #X Accuracy, x97▼ #Burn Heal, x126▼ #Parlyz Heal, x15▼ #HP UP, x15▼ #Ice Heal, x15▼ #Potion, x134▼ #TM34, x20▼ #TM17, x46▼ #Leaf Stone, x52▼ #Great Ball, x201▼ #TM10, x1▼ #TM15, x46▼ ===Steps=== ▲Bicycle #Swap TM17 x46 with TM15 x46, use 8F and jump off a ledge to walk through walls. This allows the player to walk on impassable tiles, ~~because~~so ~~it's~~that ~~required.~~they ~~(There~~may ~~should~~access ~~then~~all becoordinates ~~TM34~~ranging ~~x21~~from ~~instead~~hex:00 ofto ~~x20~~hex:0F.)▼ ▲8F #There will now be a TM34 x21 instead of x20. ▲X Accuracy, x97 ~~Then swap~~#Swap TM17 and TM15 back, toss TM34 until only one of them remains and use a Bicycle. The program is now in 'entering mode', and upon using 8F one byte is written to address D901 (~~TM34~~and ~~QTY)~~onward isfor ~~written,~~each use) with its value depending on your X and Y positions where the Y position represents the high nybble and the X position represents the low nybble. For example, a coordinate of y=0C, x=09 would write a C9 (ret); see image below.▼ ▲Burn Heal, x126 #To run the created code, swap TM10 x1 with TM34 and use 8F, it should then go straight to the created code.▼ ▲Parlyz Heal, x15 ▲HP UP, x15 ▲Ice Heal, x15 ▲Potion, x134 ▲TM34, x20 ▲TM17, x46 ▲Leaf Stone, x52 ▲Great Ball, x201 ▲TM10, x1 ▲TM15, x46 Video: ▲Swap TM17 x46 with TM15 x46, use 8F and jump off a ledge to walk through walls, because it's required. (There should then be TM34 x21 instead of x20.) {{youtube\|1=D3EvpRHL_vk\|2=TheZZAZZGlitch}} ▲Then swap TM17 and TM15 back, toss TM34 until only one of them remains and use a Bicycle. The program is now in entering mode, and upon using 8F one byte (TM34 QTY) is written, with its value depending on your X and Y positions. ▲To run the created code, swap TM10 x1 with TM34 and use 8F, it should then go straight to the created code. ===Route 1 coordinates map=== This map (below) tells us the coordinates for spots in [[bp:Kanto Route 1\|Route 1]] for writing the code. For example, a coordinate of y=0C, x=09 would write a C9 (ret). <br> [[File:Route 1 coordinates.png]] [[Category:Arbitrary code execution]] [[Category:Arbitrary code execution programs]]