in the jap version the timer code was
0407B960 D0630010
how do you search the 04000000 memory range or is that the wrong one?
04000000 isn't the memory range. 04 is the code type, 07B960 is the offset from the current memory range. In this case the location would be 8007B960.
I keep finding different addresses but poking them doesn't change the timer. I have searched the memory ranges in the drop down list.
I am searching ELEbits RELEA4
I search every time a minutes passes. 9 minute ,then 8 minute but any addresses I find don't effect the timer. Am I searching the wrong way?
Quote from: bradhig on November 27, 2008, 01:46:00 AM
I search every time a minutes passes. 9 minute ,then 8 minute but any addresses I find don't effect the timer. Am I searching the wrong way?
Try an unknown search instead of searching for certain values. I wouldn't be surprised if the timer is stored funkily. I've seen software that stores times in deciseconds or other weird formats. Even if it's stored in a weird format, an unknown search should find it. However, it might be hard to find the value if it's on a pointer.
Quote from: bradhig on November 26, 2008, 11:43:04 PM
in the jap version the timer code was
0407B960 D0630010
how do you search the 04000000 memory range or is that the wrong one?
It looks like an ASM overwrite so whatever is at 8007B960 isn't a value but a function
Ask the person who made the jap code what value is usually at the address 8007B960
Then you can search for whatever they give you in the 80 range to find the same asm
Quote from: biolizard89 on November 27, 2008, 05:01:17 AM
Quote from: bradhig on November 27, 2008, 01:46:00 AM
I search every time a minutes passes. 9 minute ,then 8 minute but any addresses I find don't effect the timer. Am I searching the wrong way?
Try an unknown search instead of searching for certain values. I wouldn't be surprised if the timer is stored funkily. I've seen software that stores times in deciseconds or other weird formats. Even if it's stored in a weird format, an unknown search should find it. However, it might be hard to find the value if it's on a pointer.
I tried that but when I use search on mem2 which is 56 blocks long wired sometimes crashes.
Just ask ZiT what's normally at that address, it's very easy
TIME STOP
Address:80EA1B94
ASM:8007B960: D0230010 stfs f1,16(r3)
CHANGE ASM:8007B960 D0630010 stfs f3,16(r3)
Thank You :cool:
Quote from: ZiT on November 28, 2008, 10:41:07 AM
TIME STOP
Address:80EA1B94
ASM:8007B960: D0230010 stfs f1,16(r3)
CHANGE ASM:8007B960 D0630010 stfs f3,16(r3)
Thank You :cool:
See :)
Thanks ZiT
bradhig, look for the 32bit value D0230010 in the 80 range, hopefully you wont get many results
I'm also new to this...
Where do I add these codes that you're posting? I'm looking for a hack on AC:CF that will give me infinite money. :-[
Quote from: Phancakes on November 28, 2008, 02:58:42 PM
I'm also new to this...
Where do I add these codes that you're posting? I'm looking for a hack on AC:CF that will give me infinite money. :-[
If you have homebrew channel installed you can luanch gecko os and it uses the codes
there is a thread all about AC:CF with a inf money code
Okay I search for d0230010 when I first start a level with the level info on the screen and the timer at 7:00 then as the timer ticks down I search with less then but I am stuck with 16 codes. I don't know if I am even searching the right way I am searching for 32 bits codes. This wouldn't be a problem if code requests would get answered instead 20 million people wanting to hack codes for ssbb. Not to mention the game ,wired ,sometimes my pc keep crashing.
Quote from: bradhig on November 28, 2008, 06:23:37 PM
Okay I search for d0230010 when I first start a level with the level info on the screen and the timer at 7:00 then as the timer ticks down I search with less then but I am stuck with 16 codes. I don't know if I am even searching the right way I am searching for 32 bits codes. This wouldn't be a problem if code requests would get answered instead 20 million people wanting to hack codes for ssbb. Not to mention the game ,wired ,sometimes my pc keep crashing.
Unless I'm completely misunderstanding what ZiT said, the value of D0230010 should be remaining constant as the timer counts down. It should be a string of code that changes the value of the timer, as opposed to being the actual timer itself. So you want to search for D0230010, find a site that remains at that value no matter what else changes, change that value to D0630010, and that should then stop the timer countdown.
Quote from: Aesteval on November 28, 2008, 06:42:19 PMUnless I'm completely misunderstanding what ZiT said, the value of D0230010 should be remaining constant as the timer counts down. It should be a string of code that changes the value of the timer, as opposed to being the actual timer itself. So you want to search for D0230010, find a site that remains at that value no matter what else changes, change that value to D0630010, and that should then stop the timer countdown.
Exactly
even when I find something that stays at d0230010 and then poke it at the other address the timer doesn't change and wired and the game crash when I try to do a memory dump for pointer search
address I have is 80102f94. I can't do this it's just not working and the program and game are too unstable.
if you search for d0230010, how many addresses are found?
44 at first then as I keep searching it narrows down to one. but poking whatever address is left doesn't change the timer why?
somebody find this one for me. wirid keeps crashing when doing memory dump for pointer search
none of the addresses found with d0230010 don't affect timer when poked.
I can't do this at all nothing works. too many crashes.
you have to keep searching for D0230010, even if the timer goes down.
if you have just one left, poke it at D0630010
that way the timer will stop going down
D0230010 isn't a value but it is an instruction for the wii.
so don't poke it to a another value than D0630010
I do search until one is left but poking at d0630010 doesn't stop the timer at all and I have tried on several levels
what address is it?
wiirid crashed during a search. the search button said stop and never returned to search why?
on level 4 two codes end in search
80102f94 d0230010
801037ec d0230010
does something happen when you poke them at D0630010?
i moved the usb collection from a usb hub to a port on my pc and now I get 345 results over and over and over none disappear why? I thought changing the connection would eliminate the crashes.
nothing happens when I poke the two addresses at d0630010
okay the usb gecko is fine I think running it through the hub was casuing bad data but now any search for d0230010 just gives me 343+ results no matter how many times I search after the timer changes.
Please look for "D0 23 00 10 40 80 00 08" by a binary editor.
The address of the place is a right order if found.
Reference:My BBS
http://bb2.atbb.jp/wiicode/viewtopic.php?t=104 (http://bb2.atbb.jp/wiicode/viewtopic.php?t=104)
display 00010203 04050607 08090a0b 0c0d0e0f
8007ed80 d0230010 40800008 d00301dc 806db720
disassembler
8007bd82 d0230010 stfs f1,16(r3)
That's it just how do you write the gecko code so others can use it?
it would be:
0407bd82 D0630010
8007bd82 d0230010 ? ? ?
Will not it be 8007bd80 d0230010?
TIME STOP
0407bd80 D0630010
Quote from: ZiT on November 30, 2008, 03:30:18 AM
8007bd82 d0230010 ? ? ?
Will not it be 8007bd80 d0230010?
TIME STOP
0407bd80 D0630010
oh, yeah. I didn't notice.
I just copied it from bradhig's post.
I am working on inf health so you don't take damage when black elebits hit you. Looks like another ASM code normal searches aren't finding it.