I was playing a game, where you are booted after 180 seconds of inactivity from the WiFi Connection,
but aswell, if you are searching players OR you are only in the WFC menu, it will boot you for inactivity.
So I tried to hack the code, because the developers failed there.
I place down my wiimote and make an equal unknown value search.
After it finished this, I tried less than... less than... less than... until I got a few results left.
I activated the RAM write code for the last few adresses to see, if it works.
Nop, still booted. :confused: (I did this with MEM80 + 90)
Then I tried the same thing with equal unknown value and then always GREATER than search. (I never touched my wiimote while doing the searches though). I got more results in the end, but no adress seemed to work. (tested again Mem80 + 90)
Crap, what to do? >:( How does the game know, when my timer ran out even if I did all that searches to figure it out...
Note that this is not considered as online cheating, only preventing you from this stupid boot, it makes the game even worse.
it's probably done server sided and just gets the time that you connected to wifi from you, so if you find that function and have it executed ala C0 (every frame/every time code handler is executed) it will think you just connected and you shouldn't be booted.
Quote from: matt123337 on October 23, 2010, 11:33:48 PM
it's probably done server sided and just gets the time that you connected to wifi from you, so if you find that function and have it executed ala C0 (every frame/every time code handler is executed) it will think you just connected and you shouldn't be booted.
so C0 can force instructions to execute?
but how should I find the right one... :p
C0 just executes ASM inside the code handler, if you find the function that sets the join time just goto it with a bl in the C0 code.
Whoa be careful, if you use bl in a C0 code you must preserve the contents of the LR. You will crash if you don't.
Quote from: matt123337 on October 24, 2010, 12:27:07 AM
...if you find the function that sets the join time...
idk how to start looking for it :rolleyes:
oh yeah right, preserve the LR, and just go online, unknown value, go offline, then online again, search for greater value, offline again, online again, greater, ect.
Quote from: matt123337 on October 24, 2010, 12:53:42 PM
...preserve the LR...
Link Register?
Sry for asking that much.
the LR (Link Register) by breakpoint.
Quote from: Deathwolf on October 24, 2010, 05:25:59 PM
the LR (Link Register) by breakpoint.
What?
K. The LR like deathwolf said (linda) is the Link Register. It's set when you call bl in ASM. It's how the machine knows what to return to when the blr is executed.