User talk:MrMissingNo73
this is my "private" discussion page. Mr. MissingNo. 15:22, 10 May 2023 (UTC)
what I do
Mr. MissingNo. 15:28, 10 May 2023 (UTC)
what I do is:
- arbitrary code execution with glitch item 0x6B in Pokémon Red and Blue, because of its effect pointer at CD35 and that it can be used for this by putting the bytes [C3 22 D3] at CD35, I use GameShark codes (01C335CD, 012236CD, 01D337CD) to do so.
item 0x6B arbitrary code execution (Red/Blue only)
item 0x6B executes CD35 when used, therefore I use it for arbitrary code execution.
the bytes (C3, 22, D3) are required at CD35.
get any Pokémon:
this setup allows me to get the Pokémon that I want.
items for this setup:
- item 0x6B, any quantity
- any item, any quantity
- Repel, x(species)
- X Speed, x14
- Ultra Ball, x64
- TM05 x72
- Lemonade x201
bytes needed at D31D:
07 6B FE 04 AC 1E FF 43 0E 02 40 CD 48 3E C9
ASM instructions:
CD35:
- jp D322
D322:
- ld e,$FF
- ld b,e
- ld c,$02
- ld b,b
- call 3E48
- ret
grass encounter data
grass encounter data spans from D887 to D89B.
here is a list of encounter data
map | data or bytes |
---|---|
route 1 | 19 03 24 03 A5 03 A5 02 A5 02 24 03 24 03 24 04 A5 04 24 05 24 |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
Example | Example |
ASM instructions
Value (HEX) | Instruction | Meaning |
---|---|---|
00 | nop | ignored |
01 | ld bc,$xxyy | loads the address specified by the next two bytes into bc |
02 | ld [bc],a | Example |
03 | Example | Example |
04 | Example | Example |
05 | Example | Example |
06 | Example | Example |
07 | Example | Example |
08 | Example | Example |
09 | Example | Example |
0A | Example | Example |
0B | Example | Example |
0C | Example | Example |
0D | Example | Example |
0E | Example | Example |
0F | Example | Example |
10 | stop | stops everything, preventing any further harm |
11 | Example | Example |
12 | Example | Example |
13 | Example | Example |
14 | Example | Example |
15 | Example | Example |
16 | Example | Example |
17 | Example | Example |
18 | Example | Example |
19 | Example | Example |
1A | Example | Example |
1B | Example | Example |
1C | Example | Example |
1D | Example | Example |
1E | Example | Example |
1F | Example | Example |
20 | Example | Example |
21 | Example | Example |
22 | Example | Example |
23 | Example | Example |
24 | Example | Example |
25 | Example | Example |
26 | Example | Example |
27 | Example | Example |
28 | Example | Example |
29 | Example | Example |
2A | Example | Example |
2B | Example | Example |
2C | Example | Example |
2D | Example | Example |
2E | Example | Example |
2F | Example | Example |
30 | Example | Example |
31 | Example | Example |
32 | Example | Example |
33 | Example | Example |
34 | Example | Example |
35 | Example | Example |
36 | Example | Example |
37 | Example | Example |
38 | Example | Example |
39 | Example | Example |
3A | Example | Example |
3B | Example | Example |
3C | Example | Example |
3D | Example | Example |
3E | Example | Example |
3F | ccf | inverts the carry flag |
40 | ld b,b | loads |
41 | ld b,c | loads the value of registre c into registre b |
42 | Example | Example |
43 | Example | Example |
44 | Example | Example |
45 | Example | Example |
46 | Example | Example |
47 | Example | Example |
48 | Example | Example |
49 | Example | Example |
4A | Example | Example |
4B | Example | Example |
4C | Example | Example |
4D | Example | Example |
4E | Example | Example |
4F | Example | Example |
50 | Example | Example |
51 | Example | Example |
52 | Example | Example |
53 | Example | Example |
54 | Example | Example |
55 | Example | Example |
56 | Example | Example |
57 | Example | Example |
58 | Example | Example |
59 | Example | Example |
5A | Example | Example |
5B | Example | Example |
5C | Example | Example |
5D | Example | Example |
5E | Example | Example |
5F | Example | Example |
60 | Example | Example |
61 | Example | Example |
62 | Example | Example |
63 | Example | Example |
64 | Example | Example |
65 | Example | Example |
66 | Example | Example |
67 | Example | Example |
68 | Example | Example |
69 | Example | Example |
6A | Example | Example |
6B | Example | Example |
6C | Example | Example |
6D | Example | Example |
6E | Example | Example |
6F | Example | Example |
70 | Example | Example |
71 | Example | Example |
72 | Example | Example |
73 | Example | Example |
74 | Example | Example |
75 | Example | Example |
76 | Example | Example |
77 | Example | Example |
78 | Example | Example |
79 | Example | Example |
7A | Example | Example |
7B | Example | Example |
7C | Example | Example |
7D | Example | Example |
7E | Example | Example |
7F | Example | Example |
80 | Example | Example |
81 | Example | Example |
82 | Example | Example |
83 | Example | Example |
84 | Example | Example |
85 | Example | Example |
86 | Example | Example |
87 | Example | Example |
88 | Example | Example |
89 | Example | Example |
8A | Example | Example |
8B | Example | Example |
8C | Example | Example |
8D | Example | Example |
8E | Example | Example |
8F | Example | Example |
90 | Example | Example |
91 | Example | Example |
92 | Example | Example |
93 | Example | Example |
94 | Example | Example |
95 | Example | Example |
96 | Example | Example |
97 | Example | Example |
98 | Example | Example |
99 | Example | Example |
9A | Example | Example |
9B | Example | Example |
9C | Example | Example |
9D | Example | Example |
9E | Example | Example |
9F | Example | Example |
A0 | Example | Example |
A1 | Example | Example |
A2 | Example | Example |
A3 | Example | Example |
A4 | Example | Example |
A5 | Example | Example |
A6 | Example | Example |
A7 | Example | Example |
A8 | Example | Example |
A9 | Example | Example |
AA | Example | Example |
AB | Example | Example |
AC | Example | Example |
AD | Example | Example |
AE | Example | Example |
AF | Example | Example |
B0 | Example | Example |
B1 | Example | Example |
B2 | Example | Example |
B3 | Example | Example |
B4 | Example | Example |
B5 | Example | Example |
B6 | Example | Example |
B7 | Example | Example |
B8 | Example | Example |
B9 | Example | Example |
BA | Example | Example |
BB | Example | Example |
BC | Example | Example |
BE | Example | Example |
BF | Example | Example |
C0 | Example | Example |
C1 | Example | Example |
C2 | Example | Example |
C3 | jp $xxyy | jumps to the address specified by the two bytes after the C3 byte in little-endian format |
C4 | Example | Example |
C5 | Example | Example |
C6 | Example | Example |
C7 | Example | Example |
C8 | Example | Example |
C9 | ret | return |
CA | Example | Example |
CB | Example | Example |
CC | Example | Example |
CD | Example | Example |
CE | Example | Example |
CF | Example | Example |
D0 | Example | Example |
D1 | Example | Example |
D2 | Example | Example |
D3 | invalid | this opcode is invalid |
D4 | Example | Example |
D5 | Example | Example |
D6 | Example | Example |
D7 | Example | Example |
D8 | Example | Example |
D9 | Example | Example |
DA | Example | Example |
DB | invalid | this opcode is invalid |
DC | Example | Example |
DD | invalid | this opcode is invalid |
DE | Example | Example |
DF | Example | Example |
E0 | Example | Example |
E1 | Example | Example |
E2 | Example | Example |
E3 | invalid | this opcode is invalid |
E4 | invalid | this opcode is invalid |
E5 | Example | Example |
E6 | Example | Example |
E7 | Example | Example |
E8 | Example | Example |
E9 | Example | Example |
EA | Example | Example |
EB | invalid | this opcode is invalid |
EC | invalid | this opcode is invalid |
ED | invalid | this opcode is invalid |
EE | Example | Example |
EF | Example | Example |
F0 | Example | Example |
F1 | Example | Example |
F2 | Example | Example |
F3 | Example | Example |
F4 | invalid | this opcode is invalid |
F5 | Example | Example |
F6 | Example | Example |
F7 | Example | Example |
F8 | Example | Example |
F9 | Example | Example |
FA | Example | Example |
FB | Example | Example |
FC | invalid | this opcode is invalid |
FD | invalid | this opcode is invalid |
FE | Example | Example |
FF | rst 38 | this is what causes bar freezes |