Health / Float Hacking?

[farjo08]

First, I did some searches and could not find what I was looking for, so if this is answered somewhere and you can point me in the right direction it would be appreciated, and I apologize for asking for something that may already be answered.

Now on to what I am looking for. From past experience hacking xbox games, many health values were stored as floats (lets forget about the fact the run through shared routines and you needed a hook to the pointer - baby steps first).

So my general question is how do you use WiiRd to search for them? Going back to the 360 (or even PC). You can make an assumption that full health was 100.0 and start there then search for decreases and increases based on if you lost or gained health. If that wasn't the full health value or you didn't know, you could search for an unknown, move around, kill time, etc. but keep your health the same and do a search for no change. Then you can lose health, search for a decrease, gain health, search for an increase, and repeat until you find the memory location. Then set a breakpoint, find the routine updating it, etc.

But getting back to WiiRd, how do you find health values? Unless I am missing something real obvious, I don't see a way to search for an increase or decrease. You can do it by value, but not in general, so can anyone shed some light on this and point me in the right direction? If there is an example of hacking a games health value that uses float, that would be best, but right now just looking for any tips or tricks to get me started.

[Link]

Well, 99% of all Wii games also use floats without ends.. what you need is a simple 32 bit search: and a float to hex converter.. 100.0 for example would simply be 42C80000.. and decrease/increase will work.. because 99.9 is 42C7CCCD.. and well 42C7CCCD < 42C80000. The only thing you have to be careful about: WiiRd does unsigned comparisons.. so if you're going negative then all 32 bit values are >=80000000 - so when you switch from positive to negative you have to do "Greater than" comparisons. Note: this also applies to regular integer values.

[sNiPPs]

When doing health cheats for a couple of games, I found some oddities.  Let's use WarioLand Shake It! for example.  In this game you have five hearts and this cannot be increased to the best of my knowledge.  When you get hit you loose half a heart, so the logical assumption would be that the health gauge is out of 10, and every hit reduces it by one.   However, after a long trial and error of greater than, less than comparisons (I was lucky on this game that the 16 bit health value always decreased, and did not switch from positive to negative as Link mentioned in the previous post) I found the location of health.  At any rate, it was a 16 bit health value, and to my surprise, it was 40A0.  Any damage was in a mod 10, but not always the same.  For instance, if I was damaged one time, it would drop to 4080 one time, and 4070 another.  Once the last 8 bits were down to 00, it would subtract from the 40(in mod 10 again) and once the value was 0000, you died.  So adding the two eight bit values, you have 16 health points that are somehow rounded? to 10 half hearts.  I'm not sure where and how they are converting a nice hex value of 16 to a decimal representation of the 10 half hearts.    In my very brief experience with looking at wii mem values, I've found that values you'd think would be out of 100 are usually not.  For general health cheats, I would go for the assumption that it does not switch from negative to positive, and keep doing less than searches, as well as equal searches(between health loss) and then gain some health and do greater than searches.  If this results in no mem locations, then try not equal searches which is a pain and will result in many more hits, but if you have the patience, you can narrow down eventually.

[Link]

When doing health cheats for a couple of games, I found some oddities.  Let's use WarioLand Shake It! for example.  In this game you have five hearts and this cannot be increased to the best of my knowledge.  When you get hit you loose half a heart, so the logical assumption would be that the health gauge is out of 10, and every hit reduces it by one.   However, after a long trial and error of greater than, less than comparisons (I was lucky on this game that the 16 bit health value always decreased, and did not switch from positive to negative as Link mentioned in the previous post) I found the location of health.  At any rate, it was a 16 bit health value, and to my surprise, it was 40A0.  Any damage was in a mod 10, but not always the same.  For instance, if I was damaged one time, it would drop to 4080 one time, and 4070 another.  Once the last 8 bits were down to 00, it would subtract from the 40(in mod 10 again) and once the value was 0000, you died.  So adding the two eight bit values, you have 16 health points that are somehow rounded? to 10 half hearts.  I'm not sure where and how they are converting a nice hex value of 16 to a decimal representation of the 10 half hearts.    In my very brief experience with looking at wii mem values, I've found that values you'd think would be out of 100 are usually not.  For general health cheats, I would go for the assumption that it does not switch from negative to positive, and keep doing less than searches, as well as equal searches(between health loss) and then gain some health and do greater than searches.  If this results in no mem locations, then try not equal searches which is a pain and will result in many more hits, but if you have the patience, you can narrow down eventually.

That also looks like floating point. The health value is probably 32 bit and you're missing out the last 2 bytes. So it is not 40A0 but 40A00000.
40A00000 is the float representation of 5
40800000 = 4.0
40700000 = 3.75
40000000 = 2.0

Maybe there's a system how these floating point number conjunct with the amount of hearts.
A good and simply float <> hex converter is availible http://www.winsite.com/bin/Info?500000021158 (Float Convert - it's freeware no shareware is the page accidently says).