Metroid Other M [R3OE01]

Deathwolf · September 08, 2010, 04:48:47 PM

Quote from: spunit262 on September 08, 2010, 04:44:57 PM
Quote from: Deathwolf on September 08, 2010, 04:13:11 PM
use memory viewer...
I Breakpoint then hit run as fast as I can, then I try to figure out what going on from the dump, that includes using the mem viewer and disassembler.

It would be nice if someone found a way to disable the reset thing.

CPU fail! it's not on every game the same.
btw why not use 48 + 80C8FF44 as pointer (in pointer) ?
it doesn't reset anything.

spunit262 · September 08, 2010, 05:00:17 PM

Quote from: Deathwolf on September 08, 2010, 04:48:47 PM
CPU fail! it's not on every game the same.
btw why not use 48 + 80C8FF44 as pointer (in pointer) ?
it doesn't reset anything.

I make asm code the process is different. You'd be amazed what a simple 04XXXXXX 60000000 can do. But I will use the pointer, every bit helps.

Deathwolf · September 08, 2010, 05:02:06 PM

Quote from: spunit262 on September 08, 2010, 05:00:17 PM
Quote from: Deathwolf on September 08, 2010, 04:48:47 PM
CPU fail! it's not on every game the same.
btw why not use 48 + 80C8FF44 as pointer (in pointer) ?
it doesn't reset anything.

I make asm code the process is different. You'd be amazed what a simple 04XXXXXX 60000000 can do. But I will use the pointer, every bit helps.

sure ASM is every usefull! but maybe 48 will help you too ;)

Thomas83Lin · September 08, 2010, 07:03:14 PM

Quote from: Warlock on September 08, 2010, 03:50:53 PM
Don't know if anyone has pointed this one yet but there's a code glitch with the Health Containers code. I came across another tank, went to pick it up and the game reset!

Try using
9 Health Containers
04836FD0 38000009
*Permanent if Saved*

and the Regular inf health code, I suspect it wont do this. If it doesn't i can remove that code, And yes this game is very annoying, Would be nice if someone could write a code to stop the game from resetting.

Deathwolf · September 08, 2010, 07:36:37 PM

Infinity Screw-Attack [Deathwolf]
282DBEC2 00000002
48000000 80C8FF44
DE000000 80008180
14000138 00000002
E0000000 80008000
282DBEC2 00000001
48000000 80C8FF44
DE000000 80008180
14000138 00000002
E0000000 80008000
282DBEC2 00000008
48000000 80C8FF44
DE000000 80008180
14000138 00000002
E0000000 80008000
282DBEC2 00000004
48000000 80C8FF44
DE000000 80008180
14000138 00000002
E0000000 80008000
enable - hold left,right,up or down
disable - press A

Screw Attack Speed Modifier [Deathwolf]
282DBEC2 0000YYYY
48000000 80C8FF44
DE000000 80008180
4A100000 00000088
14000000 XXXXXXXX
E0000000 80008000
Default = 3XXXXXXX
works with jump too

Add Screw Attack [Deathwolf]
282DBEC2 0000YYYY
CC000000 00000000
48000000 80C8FF44
DE000000 80008180
4A100000 0000012C
14000000 000000FF
E0000000 80008000
don't use during shooting,jumping and running.

Link · September 09, 2010, 06:53:06 AM

Just a note.. after a long time I got in contact with kenobi again. As you know Metroid: Other M has a new debugging protection which makes searching codes difficult - he sent a test code which I am supposed to test. Today after work, I will run some thorough tests (I do have the game, I originally planned to play through first though) of the code - if it fixes the known problems of the game I will release it in HIS NAME (no credit by me) - maybe it even enables direct poking of values such as health!

The code currently is for the EU version but it seems this time all versions share much memory, so a port would be very easy (it's a one line code).

For people wondering what the game does: it seems Metroid checks hardware timers (tmu and tbl registers). Those for example control the hardware clock. Essentially the idea is as follows:

End of Frame X:
-record time

Begin Frame X+1:
-record current time
-compare current time with that of frame X
-if time(X+1) > time(X) + (some value - seems to be around 1 second)
-reboot console

And then this repeats. It is indeed a very simple protection but unfortunately for us - against the current version of Gecko OS it is quite effective. Brkirch is also informed, however he already said Gecko OS (again) has troubles compiling against new DevkitPros :( . The code handler however, could fix that behavior - in simple words it would do:

Entry code handler:
-record time

Exit of code handler:
-write recorded time

If you wonder whether this would mess up your system clock? Yes, it would! Whenever you unpause game the clock would be set back to the time when you paused it. So if you set the clock correctly - after hacking you can see how long the game actually paused as the clock would lose some time in between!

kenobi · September 09, 2010, 07:34:10 AM

Hi there,

Indeed, as link just said, I sent him a "test code" for metroid : other m, to stop the reboot when the game is paused/unpaused using geckoos.
I also send a code to ZiT, as he's the one who contacted me about that matter, so he can try it. AFAIK the code will be compatible with all versions (EU/US/JP) (maybe ZiT will post it once he'll have tested it ?).

It might also work to allow the poking of the life/bullets values.

@link : I didn't actually realised saving/restoring the timer register(s) could/would actually mess up the clock. Maybe it's better to leave it that way right now, unsaved, and make custom codes for the few games that use that protection. If, later on, a lot of games start using it, either a generic patcher, or in the last option a geckoos patch, could help "fixing" it...

Link · September 09, 2010, 08:04:51 AM

Out of pure interest: are they Toy Story Ramdumps availible, I will check if Toy Story also has that code part kenobi worked on!

ZiT · September 09, 2010, 08:11:55 AM

Nice Work kenobi!!

Neither the search nor the breakpoint reboot Wii.
However, when the life and the bullet address are changed, Wii is rebooted.

Detailed information was E-mailed to you.

Moreover, because you made it, you should announce the code by your name ;)

Thank You!!

ukuneko · September 09, 2010, 08:57:23 AM

Wow!
Well done! :)

Brilliant

Deathwolf · September 09, 2010, 12:38:13 PM

how is it possible to change the CPU via a code? :eek:
but yea well done! :D

Bully@Wiiplaza · September 09, 2010, 01:04:48 PM

Awesome, this is what you except from legendary hackers and developers!
Incredible :D Now I know, how ZiT could make all these pointer (!) codes, which wouldnÂ´t be possible otherwise, I guess!
(after reboot, adresses are changing! ::)) Way to go :P
I heard that ThomasLin got the Toy Story RAM Dumps, I am really excited if the game does the same, but just with freezing...
or it was programmed very bad that it crashes anyways xDDD

Deathwolf · September 09, 2010, 08:51:41 PM

what about the code now?
does it work?

Link · September 09, 2010, 08:58:06 PM

Yes, by now I have a code by Y.S. (also found by kenobi but he sent it later)..

the code kenobi found:
-unlocks the game for debugging, no more restart on dumps

the code both kenobi AND Y.S. (Y.S. was earlier ^^) found:
-makes the health and missile values writable

In my personal opinion: both codes should be merged to form a (M) code (Master code). With it enabled the game is open and has lost!

kenobi really asked me to post his part so I do this now. I insist: no credit taken by me! This is kenobi's code, he asked me to post it!

Code Select

Unlocks the game for code searches (kenobi)
205AF7C4 4182000C
045AF7C4 4800000C
E0000000 80008000

I assume Y.S. will post his code tomorrow.. both codes should be merged imo! Together they are the master code!

Deathwolf · September 09, 2010, 09:06:42 PM

wow very nice! so Y.S. have another code?
maybe a F6 search code would be nice for other games!
good work and thanks a lot ^_^

WiiRd forum

News:

Metroid Other M [R3OE01]

Deathwolf

spunit262

Deathwolf

Thomas83Lin

Deathwolf

Link

kenobi

Link

ZiT

ukuneko

Deathwolf

Bully@Wiiplaza

Deathwolf

Link

Deathwolf