What to do when Pointer Search yields no result, and Breakpoint cause problems?

Started by g6flavor, May 24, 2009, 09:30:25 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

g6flavor

May 24, 2009, 09:30:25 PM
This is for Takt of Magic (J)

I'm trying to do a HP code for Takt of Magic (J), but a Pointer search (no results), Pointer in Pointer (no results), Allow Negative (P or PinP no results) and doing a Breakpoint, nopping the address (8076A48C 60000000) will give both Player and Enemy infinite HP.

When I did a Breakpoint on the Player HP address, I got these results:

8076A48C B003019A sth r0,410 (r3)
8076A490 40800030 bge- 0x8076A4C0
8076A494 54A002D7 rlwinm r0,r5,0,11,11
8076A498 A00301A2 lhz r0,418 (r3)
8076A49C 60000002 ori r0,r0,2

Anybody know what else I could do to get Infinite HP for Player only?

Romaap

#1
May 24, 2009, 09:44:09 PM
You could try to make an ASM code that checks whose health is updated.

Set an execute breakpoint on 8076A48C and check if a register has the value 0 or 1, then set an execute breakpoint again and check if the register with 0 changed to 1, or 1 to 0. (this is not necessarily 1/0, it could also have another values)
Double check if that register is the one you need.
Then you need to make an ASM code that check if the register is (player value) and skip the next line if it is, if it is (enemy value) then it should update the health (with sth r0,410 (r3))

Romaap

#2
May 26, 2009, 06:39:08 PM Last Edit: May 26, 2009, 06:56:42 PM by Romaap
OK, i had the same problem with Punch-Out!!
I found out that a couple of addresses before the health was always the same (it was some ASCII stuff, it said: blabla..LittleMac...blabla, so I used that as a check if it really was the player.
so this is what i did:

Code Select
register 20-27 were safe to use so i used r21 and r25
the original instruction was: lfs f2,16(r3)

lis r25,0x746C //first i load a part of the ASCII text in memory
ori r25,r25,0x654D //these 2 lines load "tleM" in to the register
lwz r21,-344(r3)  //this is where the ASCII text is supposed to be in memory (if it is updating the player health)
cmpw r21,r25  //comparison to check if it really is the player
bne +0xC  //go to the end if it isn't
lis r25,0x4040  //load the value I want to write
stw r25,16(r3)  //write the value to the health address
stw r25,20(r3)  //another health address
lfs f2,16(r3)  //the original instruction

I hope you understand what i did :p im not that good at explaining

leepy

#3
May 27, 2009, 11:32:26 PM Last Edit: May 30, 2009, 01:43:10 AM by leepy
only for Protagonist HP HP code...

C276A488 00000003
2C0A0058 4182000C
7C062214 48767B90
7C043050 00000000

fix3 code..= =
Print
Go Up Pages1
User actions