Hello everyone
I want to make an "Unlimited Arrows"-Code for Samurai Warrior Katan PAL
(RS5PC8).
So far, I'm going with the following code:
48000000 804D1F74
DE000000 00008180
14000363 00000009
E0000000 80008000
This one works like a charm, but unfortunately the game freezes
at each level-change with a black screen.
Could someone test this code or point out mistakes, i made?
Thanks in advance for every usefull comment...
Greetings lindtec
EDIT: I made a damn typo... It should be DE000000 80008180...
Maybe that will solve my problem (can't test it right now)...
EDIT 2: That was the problem, now this code works.
Sorry for the double post, but another problem popped up...
The same problem like above (Game freezes at level-change), but
with another code:
[Refill Musou]
48000000 9FFF6000
4A000000 81000000
146B6084 42FA0000
E0000000 80008000 (tried 81008100 too)
I hope someone can help me. This time I double checked for Typos beforehand ^_^
48000000 9FFF6000 1
4A000000 81000000 2
146B6084 42FA0000 3
E0000000 80008000 4 (tried 81008100 too)
1) This should freeze the game right away. What you're doing there is loading the value at address 9FFF6000 into the pointer. That address is invalid, memory 2 ranges from 90000000 - 93800000
2) This loads directly into the pointer- the value 81000000, which makes line 1 completely pointless (but line 1 will still be executed and should freeze the game)
3 is fine
4) the value should only ever be 80008000 as it sets the base address and pointer address both to 80000000.
If line2 is a mistake,
DE000000 XXXXYYYY
should go where line 2 is.
What it does is check that the value that got loaded is between XXXX0000 and YYYY0000 (makes sure it's an address) and only if it is will it execute line 3.
edit: btw, Your first code needs to have "DE000000 80008100" instead of "DE000000 00008180"
Ah sorry, the first line is wrong. It should be 285D4FDA 9FFF6000 (thats how i have it in WiiRD) and is meant for the combination of C+Z.
And shoudn't that last line be "DE000000 80008180" (not like you said 80008100)?
Then this code should be:
285D4FDA 9FFF6000
056B6084 42FA0000 <-- 32 bit write at 816B6084
E0000000 80008000
If it's still freezing then you need to use a pointer because address 816B6084 may only be the correct address for that one level. Load a different level and check to see if the value you were searching for has moved. :)
Thanks...
I allready checked different levels and it works. In fact my code works like it should,
just that it freezes up, whenever the level is changed.
I never thought of using 05 in front of the 32 bit write line. I didn't see this code in the codetypelist (http://www.usbgecko.com/codetypes.htm).
Well the reason it's 05 is because the codetype is only the first 7 bits.. I don't know if that will make sense to you but ... well I could try to explain if you want.
My guess is that the address is used for something else while the level loads, you'll need to use a pointer.
Or deactivate the code with a conditional that says the level is loading. Might be hard to find though.
edit: Wait, is it freezing even when you're not pressing the buttons??
I guess this is beyond a beginner like me.
If its possible to explain how to do this with a pointer in simple words,
I would appreciate it.
And thanks again for lending me a bit of your wisdom.
Well you already know what a pointer is and you must know how to find it. (based on the fist code you posted here)
So what is it that you'll need help with?
I enjoy teaching, you're welcome. :D
Well, I tried your Code:
Quote285D4FDA 9FFF6000
056B6084 42FA0000 <-- 32 bit write at 816B6084
E0000000 80008000
But it still freezes up.
It looks like you were right. Maybe the game wants to write
to the same (still locked) address after that level-change.
Is there a way to open up the address again after each
execution of the code above?
Try this.
285D4FDA 9FFF6000
48000000 816B6084
DE000000 3A004300
056B6084 42FA0000
E0000000 80008000
If it works, I'll explain it.
(the only way this may work is if the game uses the same address UNLESS it is loading)
Sorry, but that still didn't work.
The strange thing is, that the first level works just fine,
the second level freezes with a black screen right after battle and
the third level freezes at the statistic-screen after battle.
You need a pointer. Just hack one for it like you did in the first code. :)
On another note, the fact that that worked in the first level makes my use of the address range check pretty cool. :)
Sorry to sound stupid, but how do i "hack" my own pointer?
The one in the first code was, what I found using WiiRD's Pointer Search and dexter0's tutorial (http://members.cox.net/dexter0/WiiHacking/example2.shtml)
I don't understand, how this address-range-check you mentioned works,
but is there a way to adapt it for all levels (hopefully not for each level by hand)?
Do it the same way you did it before.
I haven't used the pointer search tab yet so I can't help there. :p I still do mine the "hard" way.
The "DE" line is the address range check codetype. I just used it to check a 32 bit value instead of an address.
The problem with Pointer Search in WiiRD is, that you need two different
addresses (and two RAM-Dumps of different levels).
Since the address I want to change stays the same in each level (816B6084),
this Pointer Search won't work.
Whats the "hard" way, you mentioned.
I'm sure that it would work if you just use the same address..
If not:
While 816B6084 is the address for the code,
Do a 32bit search for 816B???? The ? means any value.
Look at the results. Typically the pointer will have a value lower than the code address (so the offset is positive).
To narrow the results, check that the code address is still the same first. Then do equal to last searches.
If you don't see the code address change then you can't really narrow the results any more.
One more thing to note is that this pointer's address will usually be lower in memory (maybe around 80300000-80500000). So a good pointer should be near the top of the search results.
Once you've found what might be a good pointer, use windows calculator in scientific mode then switch to hex.
Take your code address: 816B6084
and subtract the pointer value: 816B????
This is your offset.
285D4FDA 9FFF6000
48000000 (POINTER ADDRESS)
DE000000 80008180
1400(OFFSET) (CODE VALUE)
E0000000 80008000
Man I feel stupid...
The problem was with another code, that was running (simply forgot, to
deactivate it).
It was an Infinite-Life-Code, where the game wanted to write to the same
address after the level was done (Hail to the Memory Viewer with Auto-Update).
After using an unused button for refilling life, the code works properly now.
And with that, there are no more freezes with any code in my list.
Sorry again to trouble you, just to find out, that a stupid little mistake was
at the root of this problem.
But non the less, I've gained quite a bit of knowledge (compared to what I
knew before).
Thanks for all your help...
One last code left to figure out and then I should have everything one should need.
After a bit of testing I'll submit it to the code-section here (hope, nobody else is faster than me)
Infintie life codes can also be used for "forever" use. Simply try to search for an unknown 32 bit value while you're on the menu.
-Unknown - 32 bit - Equal
then enter the game
-Unknown - 32 bit - Not Equal
-->now WiiRd will detect all 32 bit values which have changed
stay in the game - do not leave the level
-Unknown - 32 bit - Equal
-->WiiRd will now check which 32 bit values from the list it already has have not changed (remained the same)
change the stage:
-Unknown - 32 bit - Equal
-->does the same
return to the menus:
-Unknown - 32 bit - Not Equal
stay in them
-Unknown - 32 bit - Equal
enter a level.. and return
-Unknown - 32 bit - Equal
continue until you've narrowed down possible addresses.
Using this trick you're searching for a 32 bit address which clearly identifies whether you're in-game (where the infinite life code would work) or not.
Now you found an address and you can use the
20______ YYYYYYYY : 32bits If equal (ba)
code type.. imagine your address is 80123458 - and the value of it is 00000001
Then you can do:
20123458 00000001
[infinite life]
E0000000 80008000
Your infinite life code will only be executed if 80123458 is 00000001 then!
The one that I posted up there ^ using the address range check to check a value works too. If you don't check what the value is when you're out of game then it could get a false positive.. but it's a good idea if you know what values are there. :) It just makes sure that the current value is a float then it writes its own float. The idea is if it's not a float then it's not in game.
:D
@Link
Thanks for this idea. I'll try it and see, if I can find a good address to work with.
@James
Thanks to you too. Since I'm allready at it, I'll try your idea too.
Never wrong to use different approaches.
You already tried mine :P
http://www.usbgecko.com/forums/showpost.php?p=244&postcount=11
This check for wether I'm ingame or in the menu works like a charm.
Now there is another problem.
I have the following code:
80498F7C YYXX0000
How can I check, if only XX is greater than a specific value.
Unfortunatly the if-greater-than-code seems to only exist for 16 or 32 bit values.
The YY value can change, but is not important.
EDIT: Thanks James0x57 for solving this problem in this thread (http://www.usbgecko.com/forums/showpost.php?p=553&postcount=4).
Sorry for the double post.
Can someone tell me, why this code won't execute via a button combination?
285D4FDA AFFF5000 (this is the right address, tested with other codes)
CC000000 00000000
48000000 804D1F74
DE000000 80008180
14000363 00000009
E0000000 80008000
If I leave out the first 2 lines, it works.
Get rid of the second line.
(why did you put that in there though?)
Perhaps you wanted a "not equal" comparison?
This line:
14000363 00000009
Is probably wrong. You said it worked without the first two though... perhaps it's just a typo?
This looks more accurate:
14000364 00000009
The second line is for switching on<->off the code, like it is explained in the codetypelist.
Tested it with other codes as well and it works.
And this 14000363 00000009 is really correct (copied it from the wgc of WiiRD).