I started to hack Wii Play Motion and noticed that the disassembler seems to change on each minigame/screen.
That´s not the problem, however. But after restarting the game, all the C2 codes seemed to write to a wrong spot, since the base assembly on these minigames changed aswell! It looks like I hooked a blr now :rolleyes: instead of a lwz/stw. What can I do then? All these assembly addresses are in the 804XXXXX range, so they aren´t actually "pointer assembly" like the 81XXXXXX ones. I had pretty much the same on Mario and Sonic, but there specific assembly always stayed the same for the sports. I didn´t had this problem there.
... hacking becomes harder these days...
here are the codes I created so far:
http://www.geckocodes.org/?c=SC8P01
Should I go for Pointer/Direct RAM Writes instead?
That happened to me on my flat code. I just found a pointer and it seemed to work.
Just goin to guess here .. (I ran into this in other games for other systems) on the disc there will be Bin files .. that will be loaded into ram .. each one contaning ASM for the Game its Set for .. All u would need to do is find the pointer thats telling the game where to place this readin Asm data and then u could use that as your starting point ..
i see what u mean i was messing with Teeter Targets Ram and everything change so it does look like it does pull the Data from another file thats on disc .. ud just have to fine the right pointer ..
so what u could do is fine the asm section in a few dumps .. and try and do pointer search using the asm section ..
SC8E01 (NTSC)
Teeter Targets
Stop Timer (Count Down)
04494300 34000000
No Time Loss on Ball Loss
0448CE00 7C601B78
Always Get Great (Ball Loss Dont Count) (NEED bonuse time)
044892AC 3C800000
RAM
805341C0 = Timer (Dec counter)
8178494C = Ball Drops Counter (Dec counter)
81784948 = Score.....
note none will work for ppl since the asm moves everytime u load a stage .. but it should help ppl fine the area ..
This was found using the ASM Search Now Just to see if this moves as well .
MATCH: (0x80505f74+728c) (==804b432c-804ad0a0)
-(0x80505f74+728c) (==804b432c-804ad0a0)
-(0x80505f74+728c) (==804b42ac-804ad020)
USE: [(0x80505f74+728c)] in your pointer code.
MATCH: (0x80505f78+729c) (==804b432c-804ad090)
-(0x80505f78+729c) (==804b432c-804ad090)
-(0x80505f78+729c) (==804b42ac-804ad010)
USE: [(0x80505f78+729c)] in your pointer code.
MATCH: (0x80505fac+72ac) (==804b432c-804ad080)
-(0x80505fac+72ac) (==804b432c-804ad080)
-(0x80505fac+72ac) (==804b42ac-804ad000)
USE: [(0x80505fac+72ac)] in your pointer code.
Found 3 matches.
Total time spend 5s
BP on Read on 80505F74 takes me to 804ABF10--- i think u can figure out what im getting at by tracing it all back ..
USE: [(0x80349e20+5b8)+3c] <--- Seems to be the right pointer code to get me to my Always Get Great (Ball Loss Dont Count) (NEED bonuse time)
EDIT: Iv never used an f6 Code type but how many times does it Activate one time or all the time ? if it searchs an area more then one time then u could use this code type to make them codes...
Edit: looking over the code type of F6 its only called one time .. but i beleave that there was talk on how to reset the F6 Code type
Lol .. pain in the ass ..
after making a code that was working for ever retry of the level and so on i then reset the Game and get 00000 on my pointer address i was using but then i notice something odd when its 000000 on that address its always placed in the same spot . :P
Always Get Great (Ball Loss Dont Count)
48000000 80349E20
58010000 000005B8
4A100000 0000003C
38000000 00003885
14000000 3C800000
E0000000 80008000
If 80349E20 = 0 then use 044892AC 3C800000 as the code .. LMAO some ppls games .. Im a little rusty on wii games right now have not hacked one in a bit As u can tell :P but give me a bit i will be back :P
EDIT 400......
Always Get Great (Ball Loss Dont Count) (If u get the bonuses)
28349E20 00000000
044892AC 3C800000
E0000000 80008000
2A349E20 00000000
48000000 80349E20
58010000 000005B8
4A100000 0000003C
38000000 00003885
14000000 3C800000
E0000000 80008000
Edit: final . it seems that iv found a nice an way of doin the ASM hacks on this game
http://geckocodes.org/index.php?c=SC8E01 <--- some codes for Teeter ..
a code that would be nice for this game would be to have everything unlocked to play right away but could take some time to play .. Hope my Random Stuff Helps u in any way bully..
thx man, these ideas are useful. ;D
However, how would you include a C2 code into a pointer in pointer code?
e.g.
Ball Loss Does not Kill Bonus [Skiller]
2A349E20 00000000
48000000 80349E20
58010000 000005B8
4A100000 0000003C
38000000 00003885
-> C2 code?? (D2 codestype then?)
E0000000 80008000
And btw. you can reset an F6 code if you use it "button activated".
Each time the button is pressed, the template will be searched again.
---
I´m really bad at unlockers...
EDIT:
Changed title
U could try using
To use po instead of ba, change the codetype from C2 to D2.
Just like i just noticed u said lmao ..
Game Hacked >:D
All codes are regionfree! :eek: :p
http://geckocodes.org/index.php?c=SC8A01
F6 Codestype for the WIN! :cool:
Well done! That must feel good!
Quote from: Bully@Wiiplaza on July 16, 2011, 12:57:16 AM
Game Hacked >:D
All codes are regionfree! :eek: :p
http://geckocodes.org/index.php?c=SC8A01
F6 Codestype for the WIN! :cool:
Sweet that is the easy way of doin the codes .. im still goin to look around in the pointers though . :P
Still very nice .. we still would need to make sure that there is True region free just because its a F6 does not instantly make it a Region free code ;) i will check them on the ntsc version.. u hacked them on that pal so i think that good to say they work on there ..
as for Jpn .. Wii RemoCon Plus: Variety was out on the 7th .. so we will need someone to test that version out as well .. :)
but aslong as registers dont change the codes should be universal .. so there is a 90% chance there region free :P
I don't know why, but it won't work for me... :-\
Quote from: Skiller on July 16, 2011, 08:01:16 AM
Quote from: Bully@Wiiplaza on July 16, 2011, 12:57:16 AM
Game Hacked >:D
All codes are regionfree! :eek: :p
http://geckocodes.org/index.php?c=SC8A01
F6 Codestype for the WIN! :cool:
Sweet that is the easy way of doin the codes .. im still goin to look around in the pointers though . :P
Still very nice .. we still would need to make sure that there is True region free just because its a F6 does not instantly make it a Region free code ;) i will check them on the ntsc version.. u hacked them on that pal so i think that good to say they work on there ..
as for Jpn .. Wii RemoCon Plus: Variety was out on the 7th .. so we will need someone to test that version out as well .. :)
but aslong as registers dont change the codes should be universal .. so there is a 90% chance there region free :P
dude, I coded about 100 F6 codes.
They are ALWAYS regionfree if one doesn´t fail with the search part.
I can assure you that it will work on any game version.
I don´t have NTSC-U, obviously :P
---
It´s easy to use these codes.
Apply the mastercode and any other code.
Each time the button activator is pressed, the F6 codestype searches for that RAM position.
If it is found, address will be hooked. That RAM position always stays the same -> Win O0
I know, but not for me.
Did I something wrong?
Universal Score Modifier [Bully@Wiiplaza]
28001500 YYYYZZZZ
I replace YYYYZZZZ with 00000200 (activate by pressing 1), or is this wrong?
you MUST use the mastercode with it.
I check it out again, if you´re right that it doesn´t work.
good work bully. F6 FTW! ;D
Quote from: Bully@Wiiplaza on July 16, 2011, 11:47:40 AM
Quote from: Skiller on July 16, 2011, 08:01:16 AM
Quote from: Bully@Wiiplaza on July 16, 2011, 12:57:16 AM
Game Hacked >:D
All codes are regionfree! :eek: :p
http://geckocodes.org/index.php?c=SC8A01
F6 Codestype for the WIN! :cool:
Sweet that is the easy way of doin the codes .. im still goin to look around in the pointers though . :P
Still very nice .. we still would need to make sure that there is True region free just because its a F6 does not instantly make it a Region free code ;) i will check them on the ntsc version.. u hacked them on that pal so i think that good to say they work on there ..
as for Jpn .. Wii RemoCon Plus: Variety was out on the 7th .. so we will need someone to test that version out as well .. :)
but aslong as registers dont change the codes should be universal .. so there is a 90% chance there region free :P
dude, I coded about 100 F6 codes.
They are ALWAYS regionfree if one doesn´t fail with the search part.
I can assure you that it will work on any game version.
I don´t have NTSC-U, obviously :P
---
It´s easy to use these codes.
Apply the mastercode and any other code.
Each time the button activator is pressed, the F6 codestype searches for that RAM position.
If it is found, address will be hooked. That RAM position always stays the same -> Win O0
it searches for the same Pattern .. not ram position .. iv not looked at the codes fully but i was thinking that there ASM codes not memory hacks ..
so if the ASM changes even by 1 Number in your Pattern u have placed the pattern will not be found ..
So example
1C04004C 7CA3012E <---- is your pattern its goin to try and find..
its goin to replace it with
3D80XXXX 618CXXXX
7D83012E 7C63002E
60000000 00000000
So it is actualy replacing
1C04004C 7CA3012E with 3D80XXXX 618CXXXX and then the next 4 lines under it with the rest of your code ..
we do the same kinda stuff for the Ps3 over on Codemasters .. Jpn version have a Bad Habbet of changing around regesters ..
i was not saying they would not work.. i just said it be best to test it .. hell im the one that said before this could be one of the best ways to hack a game why would i say anything diffrent .. sorry for giving u some information that u seem to take as something bad .. was just trying to help u out ..
So in the end Very nice and good to see things working ..
I've definitely activated the master code... 100!
Then I replaced 28001500 YYYYZZZZ with 28001500 00000200 (button 1 for activator) and XX XX with a hex number.
Is this the right way it should work?
instructions updated.
I've got it to work for some games and it works well, but for some games it shows a highscore, but you won't get a medal for it, or for treasure twirl it'll work in level 3, but not in 4 and so on... and in some games it'll freeze the whole game by pushing the activator.
Hard game to hack I know... but you did a good job! ^^
what could be happening in the ones that it crashs on it could be finding an Intruction thats the same as what the pattern is .. and changing it this would make this happen..
might be best to do a diffrent help on this ..
But if u mean the controller is changing to Diffrent locations in ram.. than all u would need to do is Find a pointer to them or make asm/subrutines that add in your button activation ..