Reusable RAM writer: Difference between revisions

The reusable RAM writer is an arbitrary code execution program for Pokémon Red, Blue, and Yellow, created by Torchickens/ChickasaurusGL.

It allows the player to write to any RAM address that is not locked, based on the quantities of item 3, item 4 and item 5. Upon use, these quantities are set to 0 (or x256), allowing the player to re-use it and write any value to any unlocked RAM address.

A bootstrap setup is required. For more information please see the arbitrary code execution article.

Code at D322/D321

3E xx 26 xx 2E xx 04 77 26 D3 3E 00 2E 23 04 22 23 22 23 22 C9

Item representation from item 3

Lemonade x (xx) [this is the value]

Carbos x (yy) [address, first byte big endian]

X Accuracy x(zz) [address, second byte big endian]

Poké Ball x119

Carbos x211

Lemonade x0

X Accuracy x35 (x34 in Yellow)

Poké Ball x34

HP Up x34

HP Up x34

TM01 x0

Assembly code (for learning)

ld a, 00 - a (value)=xx

ld h, 00 - h (address byte 1)=yy

ld l, 00 - l (address byte 2)=zz inc b - useless code

ld [hl],a - load a into the address (e.g. D059)

ld h, D3 - we load the address byte 1 as D3 (item quantities are in the D3XX region)

ld a, 00 - we load 'a' as 0 (quantity of 0)

ld l, 23 - l=23, now our address is D323 (item 3 quantity)

inc b - useless code

ld [hli],a - means we put 'a' in D323, and then increase the hl value to D324

inc hl - hl value= D325

ld [hli],a - means we will load a (0) into D325 (item 4 quantity), and increase hl to D326

inc hl - hl value = D327

ld [hli],a - means we put 'a' in D327 (item 5 quantity)

ret - ends the code.