Text only | Text with Images

WiiRd forum

Wii & Gamecube Hacking => Wii Game hacking help => Topic started by: Deathwolf on May 23, 2010, 10:59:31 PM

Title: 48 codetype
Post by: Deathwolf on May 23, 2010, 10:59:31 PM
Hi

I need help with codetype 48.

for example:

Mario Size (1 Button=Big 2 Button=Small 1+2 Button=Normal)
28750A02 00000200
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 40800000
14000004 40800000
14000008 40800000
E0000000 80008000
28750A02 00000100
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 3F000000
14000004 3F000000
14000008 3F000000
E0000000 80008000
28750A02 00000300
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 3F800000
14000004 3F800000
14000008 3F800000
E0000000 80008000


CST5 : Set Pointer to

4ATYZ00N XXXXXXXX :
4A000 : po = XXXXXXXX
4A010 : po = ba+XXXXXXXX
5A010 : po = po+XXXXXXXX
4A001 : po = grN+XXXXXXXX
4A011 : po = ba+grN+XXXXXXXX
5A011 : po = po+grN+XXXXXXXX
4A100 : po += XXXXXXXX
4A110 : po += ba+XXXXXXXX
5A110 : po += po+XXXXXXXX
4A101 : po += grN+XXXXXXXX
4A111 : po += ba+grN+XXXXXXXX
5A111 : po += po+grN+XXXXXXXX


[0000002C]<-- that's the pointer?
4A100000 - + 00000002C = 40800000??

and what does the codetype 48 do!?

[[btw sorry for my bad english]]

thanks alot :-[
Title: Re: 48 codetype
Post by: dcx2 on May 23, 2010, 11:43:12 PM
48000000 807ECEF8 #1
DE000000 80008180
4A100000 0000002C #2


#1; PO = 807ECEF8
#2; Add 0x2C to PO; PO = 807ECEF8 + 2C = 807ECF24
Title: Re: 48 codetype
Post by: Deathwolf on May 23, 2010, 11:50:58 PM
okay thanks and what about this?

48000000 815E7624
DE000000 80008180
140001DC 00000000
140001E0 00000000
E0000000 80008000


48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 40800000
14000004 40800000
14000008 40800000
E0000000 80008000

lol it points to 811F796C 3F800000
                     811F7970 3F800000
                     811F7970 3F800000
Title: Re: 48 codetype
Post by: wiiztec on May 24, 2010, 01:49:14 AM
Quote from: dcx2 on May 23, 2010, 11:43:12 PM
48000000 807ECEF8 #1
DE000000 80008180
4A100000 0000002C #2


#1; PO = 807ECEF8
#2; Add 0x2C to PO; PO = 807ECEF8 + 2C = 807ECF24

no that's not how 48 works

say the value at 807ECEF8 is 81389600 it would be

#1; PO = [807ECEF8]
#2; Add 0x2C to PO; PO = [807ECEF8] + 2C = 8138962C
Title: Re: 48 codetype
Post by: dcx2 on May 24, 2010, 03:48:50 AM
Dammit, I always get "Load" and "Set" confused.

48 = "load" = go through the pointer located at PO
4A = "set" = write value directly to PO
Title: Re: 48 codetype
Post by: Deathwolf on May 24, 2010, 10:15:07 AM
Quote from: wiiztec on May 24, 2010, 01:49:14 AM
Quote from: dcx2 on May 23, 2010, 11:43:12 PM
48000000 807ECEF8 #1
DE000000 80008180
4A100000 0000002C #2


#1; PO = 807ECEF8
#2; Add 0x2C to PO; PO = 807ECEF8 + 2C = 807ECF24

no that's not how 48 works

say the value at 807ECEF8 is 81389600 it would be

#1; PO = [807ECEF8]
#2; Add 0x2C to PO; PO = [807ECEF8] + 2C = 8138962C

[807ECEF8] + 2C = 8138962C?

it's 807ECF24
Title: Re: 48 codetype
Post by: Romaap on May 24, 2010, 12:47:33 PM
[807ECEF8] means the value in that address.
So "[807ECEF8] + 2C" means, the value at 807ECEF8 + 2C
And in that example, the value in 807ECEF8 is 81389600
Title: Re: 48 codetype
Post by: ZiT on May 25, 2010, 08:25:04 PM
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 40800000
14000004 40800000
14000008 40800000
E0000000 80008000

=

48000000 807ECEF8
DE000000 80008180
1400002C 40800000
14000030 40800000
14000034 40800000
E0000000 80008000

O0
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 09:12:21 PM
haha I don't understand it and it doesn't work for me :D

it points to 812737AC.
what's going on???

wait it points every to XC X0 and X4

48000000 807ECEF8
DE000000 80008180
1400002C 40800000
14000030 40800000
14000034 40800000
E0000000 80008000

but why 2C 30 and 34
and why 807ECEF8?
value at 807ECEF8 is 81273780.

a search code!?
Title: Re: 48 codetype
Post by: dcx2 on May 25, 2010, 09:16:42 PM
He is just using an example.

1400002C -> 32-bit write to PO + 2C
14000030 -> 32-bit write to PO + 30
14000034 -> 32-bit write to PO + 34

You can do this instead. 

4A100000 0000002C -> newPO = oldPO + 2C
14000000 -> 32-bit write to newPO + 0 (oldPO + 2C + 0)
14000004 -> 32-bit write to newPO + 4 (oldPO + 2C + 4)
14000008 -> 32-bit write to newPO + 8 (oldPO + 2C + 8 )

They are both the same.
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 09:21:42 PM
allright but why 807ECEF8 :'(
it's not a F6 search code but how did the code find it?
Title: Re: 48 codetype
Post by: dcx2 on May 25, 2010, 09:25:06 PM
You can use any pointer.  ZiT used 807ECEF8 because you chose 807ECEF8 in your original example.

Quote from: Deathwolf on May 23, 2010, 10:59:31 PM
Mario Size (1 Button=Big 2 Button=Small 1+2 Button=Normal)
28750A02 00000200
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 40800000
14000004 40800000
14000008 40800000
E0000000 80008000
28750A02 00000100
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 3F000000
14000004 3F000000
14000008 3F000000
E0000000 80008000
28750A02 00000300
48000000 807ECEF8
DE000000 80008180
4A100000 0000002C
14000000 3F800000
14000004 3F800000
14000008 3F800000
E0000000 80008000
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 09:28:24 PM
so you mean I can use a pointer like this?

48000000 807ECE70
DE000000 80008180
1400002C 40800000
14000030 40800000
14000034 40800000
E0000000 80008000

and I can set my own value XC X0 X4?

it freez
Title: Re: 48 codetype
Post by: dcx2 on May 25, 2010, 09:37:45 PM
Yes.  It's just like the 04 code type.  With 04______, the ______ is added to BA.  With 14______, the ______ is added to PO.

Look at 807ECE70 in Memory Viewer.  Pretend the value there is 81389600.  Pretend we want to write 40800000 to 8138962C, 81389630, 81389634

                              # PO = 80000000
48000000 807ECE70   # PO = [807ECE70] = 81389600
DE000000 80008180   # Verify PO >= 80000000 and PO < 81800000
1400002C 40800000   # 32-bit write to 81389600 + 2C = 8138962C
14000030 40800000   # 32-bit write to 81389600 + 30 = 81389630
14000034 40800000   # 32-bit write to 81389600 + 34 = 81389634
E0000000 80008000   # PO = 80000000
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 09:53:30 PM
I think I got it.

is it right?

48000000 807ECE70 value 8077E8D8
DE000000 80008180
1400016C 40800000
14000170 40800000
14000174 40800000
E0000000 80008000
Title: Re: 48 codetype
Post by: dcx2 on May 25, 2010, 09:55:42 PM
That would write 40800000 to the addresses 8077EA44, 8077EA48, and 8077EA4C.
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:00:13 PM
value 8077E8D8 to 8077E900 is 28

XC is 34
38 and 3C
Title: Re: 48 codetype
Post by: wiiztec on May 25, 2010, 10:02:57 PM
28 is not a valid address
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:04:51 PM
and then it freez :'(

but 8077E8D8 to 8077E900 is 28
Title: Re: 48 codetype
Post by: wiiztec on May 25, 2010, 10:06:16 PM
Then 28 is the offset
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:07:51 PM
yes 28 is 900.

Title: Re: 48 codetype
Post by: wiiztec on May 25, 2010, 10:11:54 PM
What?
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:13:42 PM
I want to change the value  8077E8D8 to 8077E900 and the different is 28!
then I want to make a pointer for XC, X0 and X4
Title: Re: 48 codetype
Post by: wiiztec on May 25, 2010, 10:16:32 PM
Those are also offsets
Title: Re: 48 codetype
Post by: dcx2 on May 25, 2010, 10:17:17 PM
What addresses do you want to poke?  (pretend [807ECE70] = 8077E8D8) then you want to poke [807ECE70] + 28 = 8077E900, [807ECE70] + 2C = 8077E904, [807ECE70] + 30 = 8077E908?

What value do you poke?  40800000?

XC, X0, X4 is confusing.   ???
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:19:33 PM
Quote from: dcx2 on May 25, 2010, 10:17:17 PM
What addresses do you want to poke?  (pretend [807ECE70] = 8077E8D8) then you want to poke [807ECE70] + 28 = 8077E900, [807ECE70] + 2C = 8077E904, [807ECE70] + 30 = 8077E908?

What value do you poke?  40800000?

XC, X0, X4 is confusing.   ???

yes 40800000
Title: Re: 48 codetype
Post by: wiiztec on May 25, 2010, 10:21:40 PM
48000000 YYYYYYYY
DE000000 80008180 <- address range check
14XXXXXX VVVVVVVV

Y=pointer
X=offset
V=value
Title: Re: 48 codetype
Post by: Deathwolf on May 25, 2010, 10:30:26 PM
(http://img411.imageshack.us/img411/2431/98509971.jpg)

the blue value is the original but I want use the green value..


no, it's okay.
I don't understand it because I'm too stupid.
thanks for your help guys!
Title: Re: 48 codetype
Post by: Deathwolf on May 26, 2010, 10:59:09 AM
I think after a long time I got it.

48000000 807ECEF8 <--- value 81273780 <- pointer
DE000000 80008180
1400002C 40800000
14000030 40800000
14000034 40800000
E0000000 80008000

81273780 + 2C = 812737AC
81273780 + 30 = 812737B0
81273780 + 34 = 812737B4


example new pointer:

04E43A20 81182610
48000000 80E43A20
DE000000 80008180
4A100000 0000006C
14000000 00000063
E0000000 80008000

=

047ECE40 81273730
48000000 807ECE40
DE000000 80008180
1400007C 40800000
14000080 40800000
14000084 40800000
E0000000 80008000

another code:



infinity lifes
04347348 80E40000
48000000 80347348
DE000000 80008180
4A100000 00000E78
14000000 63000061
E0000000 80008000

=

04347348 80E40000
48000000 80347348
DE000000 80008180
14000E78 63000061
E0000000 80008000
Title: Re: 48 codetype
Post by: dcx2 on May 26, 2010, 04:27:04 PM
Quote from: Deathwolf on May 26, 2010, 10:59:09 AM
another code:

infinity lifes
04347348 80E40000
48000000 80347348
DE000000 80008180
4A100000 00000E78
14000000 63000061
E0000000 80008000

=

04347348 80E40000
48000000 80347348
DE000000 80008180
14000E78 63000061
E0000000 80008000

Yes, that looks correct.
Title: Re: 48 codetype
Post by: Deathwolf on May 26, 2010, 04:37:22 PM
yep it also works.

thanks for your help guys!
Text only | Text with Images