[Tutorial]Simple ASM codes

[Romaap]

OK, i'm a bit bored so i'll try to show you guys how to make some simple ASM codes.


Introduction to ASM
First you need to know, what is assembly?
Well, assembly is a low-level programming language. (languages like C and Java are high-level programming languages)
An example of an assembly instruction:
li  rA, value
What this does is, it tells the Wii to load value to rA. (li means 'Load immediate')

But what is rA?
rA is a register, the Wii has 31 registers.
A register is sort of a temporary space to store values, like RAM but the registers are easier to access by the CPU.

So if we have li r16, 0x14  then the Wii will write 0x14 to r16.
Another example is 'Add immidiate':
addi rD, rA, value
What this does is add value to the value at rA and store it in rD.
So if we have addi r16, r20, 0x3 and the value of r20 is 0x2 then 0x5 is stored to r16.
(This is the same as 'Subtract immediate': subi rD, rA, value)
rD is in most examples the destination register, the destination register is almost always the first register.
The other registers are not altered (in this example r20 stays 0x2).

Another example is 'Subtract':
sub rD, rA, rB
This one subtracts the value in rB from rA and store it in rD (and again, only rD is altered).
So if we have sub r16, r20, r21  and the value of r20 is 0x9 and r21 is 0x3 then 0x6 will be stored to r16.
(This is the same as 'Add': add rD, rA, rB)

The last example is 'Store word', which will store the value in a register to the RAM:
stw rS, d(rA)
This will store the value in rS to the address in rA + d.
So if we have stw r20, 100(r0)  and the value of r20 is 0xA and r0 is 0x80605040 then 0xA will be stored to 0x806050A4 (0x80605040 + 100 (0x64))
If you want to load a value from an address then you use 'Load word and Zero':
lwz rD, d(rA) which works like stw but the opposite, the value from the address in rA + d will be stored to rD.

This concludes the introduction to ASM, I hope you understand it :)


First you'll need the address of the thing you want to hack, like health. (If you dont know this basic stuff I recommend you to read/watch some other tutorials first)
I use Klonoa for example in this tutorial.

Health hack (using nop)
So, if you found the address of the health you right click it and press ->Breakpoint.
[spoiler][/spoiler]

Go to the breakpoint tab and click the write button and click Set Breakpoint.
[spoiler][/spoiler]

Now get hit in the game, the game will freeze.
[spoiler][/spoiler]

WiiRd will show some numbers, the numbers in the top box are the registers.
The 2nd box shows the ASM instructions that were about to be executed.
[spoiler][/spoiler]


Now go to the disassembler tab and you will see something that looks like the second box in the breakpoint tab.
[spoiler][/spoiler]

In this tab you can edit the ASM instructions.
Now i'll introduce another ASM instruction: nop, wich does... nothing :D It tells the CPU to just wait one cycle.
So... we have an ASM instruction that writes the health to the health address, and we know how to change instructions... and we know an instruction that does nothing...
Lets replace some instructions :D
Click on the box wich has the stw intruction and replace it with nop, and click update.
Now click run and try to get hit in the game :D :D :D no damage
So, now to make it a code: right click on the instruction and click ->gct codes
[spoiler][/spoiler]

Add a new code and replace the first 80 with 04 click add code.
[spoiler][/spoiler]



Simple ASM RAM Writes
Soon?

Money is worth twice its value
soon?


Please give some feedback :D
If you dont understand something, or have something to add please tell me :D

[REDSOXROX]

Hm, why has no one replied to this yet :confused:

It's a really good tutorial Romaap, the pictures and circles etc were done real well

Only suggestion is making the code is confusing imo if you don't know much about BPs tab

I mean explain that like 801152B8 is the value we use because its at the stw and top of list
and then we add 60000000 as second 32 bits cause it's hex for nop

Or...does the dissassembler show this? I forget :P

[g6flavor]

What IF when you nop the Health address, it give both the Player and Enemies Infinite Health, then what do you do to make it so that it only works for the Player?

[Panda On Smack]

You need to find an address or register that stores who is receiving the health change and do a compare and branch

[Romaap]

I had the same problem in Punch-Out, so i  looked at the address where the health was stored and went up a couple of addresses.
I noticed that a couple of addresses before the health address always has some ASCII text, so in my ASM code i just loaded that text, and the text for P1 was different than the text for P2, so I just used a check to see if it was the text that belongs the P1.

[g6flavor]

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?

[REDSOXROX]

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?

Does this help to read?
http://class.ee.iastate.edu/cpre211/labs/quickrefPPC.html

[g6flavor]

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?

Does this help to read?
http://class.ee.iastate.edu/cpre211/labs/quickrefPPC.html

It helped for understanding what those functions are, but it still doesn't have the clues on how to make a code that works only on the player's side, instead of on both the Player's and the CPU's side

[Almas]

Some innovation comes in useful here.

Find the location of the data being modified by the ASM code. If both you and the CPU are using the same code, it makes me think that there will be two different data values - one for you, and one for him.

Perform multiple read/write breaks on each of these locations, comparing the values of the registers each time. You should rapidly notice some patterns. Depending on how in-depth you want to go, you could create a simple register check, or try and follow a pointer tree to get a more elegant data value (e.g. there should be a location in the player's memory describing if they are being controlled by a human or a computer).

[Cory321]

Thanks Romaap! :D

THIS NEEDS TO BE MOVED TO THE COLLECTIVE!! ;)

I hope you update it, because I want to know how to do the double money codes!  :smileyface:

[Romaap]

I'm glad you like it :D
I'm sorry I haven't updated it for a while, i have been busy lately.

[Romaap]

updated :)
added: introduction to assembly

I hope i didn't make any mistakes and i hope you like it :)

[Codyk]

nice tutorial romaap even though ive never hear of ASM coding i under stood it after reading it the first time lol i think ill give this a try in lator code i might just do this to few codes i got already it would probley make them a little better

[Romaap]

Did you read this?

[shark2003]

Thanks Romaap..I understand this tut just fine..I made my first simple ASM code..I dont know why I never looked at this before...hopefully I'll learn some more...
Post Merge: February 18, 2010, 05:42:48 AM
Romaap...give us more...I really want to learn some more advanced stuff like how to make the C2 type codes.... :)
Post Merge: February 18, 2010, 04:08:03 AM
I did it..I did it..woohoo...my first ASM Moon Jump Code.... ;D