Codes
WiiRd forum
September 17, 2024, 11:02:36 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome on the new server

Update 4.3 - do NOT update!
Gecko 1.9.3.1
Should I get a USB Gecko, I wanna hack?
How do I use my USB Gecko
Where can I get WiiRd?
 
   Home   CODE DATABASE GAMEHACKING Help Search Login Register  
Pages: [1] 2 3 ... 6
  Print  
Author Topic: The Last Story [SLSJ01]  (Read 14700 times)
Jackal
Hacker
Newbie
*****

Karma: 9
Posts: 40


« on: January 27, 2011, 06:41:20 PM »

Hacking the HP isn't as easy as I thought...
need more time to investigate
http://wiird.l0nk.org/forum/index.php/topic,7828.0.html
« Last Edit: September 05, 2011, 11:35:02 PM by Arudo » Logged
NinARM1
Hacker
Newbie
*****

Karma: 0
Posts: 12


« Reply #1 on: January 28, 2011, 07:38:04 AM »

HP in this game is weird...

You can find it but poking does nothing. We do know there are 3 slot for each character's HP though, 32-bit values and they follow immediately after each other in the memory: current HP, max HP and display HP (shows up as the length of the HP bar on screen). I couldn't find pointers for any of the three codes, tried many times and I don't know why. I did manage to do a breakpoint on the last HP slot and code can modify the display HP now (rather useless I'd say). I couldn't do breakpoint on the other two HP slots either. (Maybe it's my hardware.. idk)

I'm pretty new to ASM but I'm wondering if there's a command to write the value to the address that is in front of the current last HP slot (forward by 8 bytes) then the Max HP value will be modified (instead of the useless display HP). Forward it by another 8 bytes and it'll be written to the current HP value.

This is all too confusing.  Huh?
Logged
Bully@Wiiplaza
Hacker
Legendary Member
*****

Karma: 93
Posts: 1853


WWW
« Reply #2 on: January 28, 2011, 09:43:47 AM »

this is possible when using stw rX, YOUR OFFSET POINTING TO THE ADRESS (rD)
Btw. I´m going to try it by myself soon... Send me the adress ARM1, please. Or is it always different?
I´m already a bit familiar with ASM...

I also noticed that this game will not be released out of japan Undecided
(No PAL and No NTSC-US)
« Last Edit: January 28, 2011, 09:51:37 AM by Bully@Wiiplaza » Logged

My Wii hacking site...
http://bullywiihacks.com/

My youtube account with a lot of hacking videos...
http://www.youtube.com/user/BullyWiiPlaza

~Bully
Jackal
Hacker
Newbie
*****

Karma: 9
Posts: 40


« Reply #3 on: January 28, 2011, 01:38:25 PM »

Found something about the HP
The real value is stored in float (and not in a fixed location)
but it is constantly being written on, even when not in battle
still looking for a way make no damage code
by the look of the game I think both enemy and players share the same code
so ASM hacking may be needed
Logged
NinARM1
Hacker
Newbie
*****

Karma: 0
Posts: 12


« Reply #4 on: January 28, 2011, 06:54:15 PM »

this is possible when using stw rX, YOUR OFFSET POINTING TO THE ADRESS (rD)
Btw. I´m going to try it by myself soon... Send me the adress ARM1, please. Or is it always different?
I´m already a bit familiar with ASM...

I also noticed that this game will not be released out of japan Undecided
(No PAL and No NTSC-US)

The memory address for the HP values changes a lot, depends on the stage you're on probably.
Memory viewer search for the string "000000XX 0000000XX 000000XX" where XX is the amount of HP of the character (make sure the character has full HP though) should give you the addresses.

Red should be current HP, blue is max HP and green is a value that determines how long the HP bar appears on the screen.

I did breakpoint on the third (green) address and made a code that writes 9999 to it.
Result:


It just looks cool. Actual HP are not changed and you still lose HP and die etc. It should work if you do a breakpoint on the red and blue address and write the code, or code from the blue breakpoint then shift the write memory forward by 8 and 16 bytes. However I couldn't do the former and I don't know how to do the latter, lol.

P.S. I'm pretty sure Nintendo will do a NTSC/PAL release... if they don't then that's just really stupid on their part.
« Last Edit: January 28, 2011, 06:59:12 PM by NinARM1 » Logged
Bully@Wiiplaza
Hacker
Legendary Member
*****

Karma: 93
Posts: 1853


WWW
« Reply #5 on: January 30, 2011, 01:44:44 PM »

The memory address for the HP values changes a lot, depends on the stage you're on probably.
Memory viewer search for the string "000000XX 0000000XX 000000XX" where XX is the amount of HP of the character (make sure the character has full HP though) should give you the addresses.

Red should be current HP, blue is max HP and green is a value that determines how long the HP bar appears on the screen.

I did breakpoint on the third (green) address and made a code that writes 9999 to it.

It just looks cool. Actual HP are not changed and you still lose HP and die etc. It should work if you do a breakpoint on the red and blue address and write the code, or code from the blue breakpoint then shift the write memory forward by 8 and 16 bytes. However I couldn't do the former and I don't know how to do the latter, lol.

P.S. I'm pretty sure Nintendo will do a NTSC/PAL release... if they don't then that's just really stupid on their part.


Infinite HP All Characters [Bully@Wiiplaza]
C23EC5F0 00000002
38A000FF 90B80030
60000000 00000000
I´m pretty sure that this one is working
I also noticed your "fail" at the Fake HP code...
it was only writing to the third adress, but mine is writing to the first AND third.

Edit:
It doesn´t freeze the HP value in the status...
« Last Edit: January 30, 2011, 01:54:10 PM by Bully@Wiiplaza » Logged

My Wii hacking site...
http://bullywiihacks.com/

My youtube account with a lot of hacking videos...
http://www.youtube.com/user/BullyWiiPlaza

~Bully
NinARM1
Hacker
Newbie
*****

Karma: 0
Posts: 12


« Reply #6 on: January 30, 2011, 02:15:10 PM »

Same results...

HP appears to be fixed, but character still dies...
Logged
gaiaknight
Newbie
*

Karma: 1
Posts: 14


« Reply #7 on: January 30, 2011, 05:08:38 PM »

infinite gold cheat doesnt work it wont let me buy anything. If i sell an item the money drops to zero and if i continue to sell stuff it finally goes up and i can buy things but its not infinite just norml amount of money
Logged
Deathwolf
Hacker
Legendary Member
*****

Karma: 62
Posts: 1795


WWW
« Reply #8 on: January 30, 2011, 05:24:24 PM »

wait... I'll make these codes ok?
Logged

lolz
Jackal
Hacker
Newbie
*****

Karma: 9
Posts: 40


« Reply #9 on: January 30, 2011, 06:51:36 PM »

infinite gold cheat doesnt work it wont let me buy anything. If i sell an item the money drops to zero and if i continue to sell stuff it finally goes up and i can buy things but its not infinite just norml amount of money
you mean this one?

Max Gold After Purchase/Sell [Jackal]
044591E8 60000000
044591B4 60000000
Logged
Deathwolf
Hacker
Legendary Member
*****

Karma: 62
Posts: 1795


WWW
« Reply #10 on: January 30, 2011, 08:23:07 PM »

Infinity Health all characters[Deathwolf]
C0000000 00000003
3D80803E 618CC644
3D606000 616B0000
916C0000 4E800020
C0000000 00000003
3D80803E 618CC64C
3D606000 616B0000
916C0000 4E800020
« Last Edit: January 30, 2011, 09:30:30 PM by Deathwolf » Logged

lolz
gaiaknight
Newbie
*

Karma: 1
Posts: 14


« Reply #11 on: January 30, 2011, 08:31:47 PM »

No not that one im talking about the one on geckocodes

Infinite Gold [NinARM1]
C2530C80 00000002
90A56000 38A0270F
60000000 00000000

This one doesnt work wont let me buy anything and when i sell an item it drops to zero
Logged
Deathwolf
Hacker
Legendary Member
*****

Karma: 62
Posts: 1795


WWW
« Reply #12 on: January 30, 2011, 09:28:10 PM »

No not that one im talking about the one on geckocodes

Infinite Gold [NinARM1]
C2530C80 00000002
90A56000 38A0270F
60000000 00000000

This one doesnt work wont let me buy anything and when i sell an item it drops to zero

it doesn't work because bully and ninarm1 have a wrong breakpoint address.
Logged

lolz
Jackal
Hacker
Newbie
*****

Karma: 9
Posts: 40


« Reply #13 on: January 31, 2011, 04:09:20 AM »

Infinity Health all characters[Deathwolf]
C0000000 00000003
3D80803E 618CC644
3D606000 616B0000
916C0000 4E800020
C0000000 00000003
3D80803E 618CC64C
3D606000 616B0000
916C0000 4E800020

Can you explain how you come up with this code?
I am still learning
Logged
Deathwolf
Hacker
Legendary Member
*****

Karma: 62
Posts: 1795


WWW
« Reply #14 on: January 31, 2011, 03:00:50 PM »

okay here you go:

if you set breakpoint read on the health address you get this:

Spoiler for Hiden:
CR  : 28002422  XER : 00000000  CTR : 80378BC8  DSIS: 00000000
DAR : 00000000  SRR0: 803EC650  SRR1: 0000B032  LR  : 803EC368
r0  : 000000EB  r1  : 8089D3F8  r2  : 8088D9A0  r3  : 80750000
r4  : 00000000  r5  : 000000EB  r6  : 8172B4C0  r7  : 00000001
r8  : 80EA4658  r9  : 8089E560  r10 : 000000D2  r11 : 8089D4A8
r12 : 80378BC8  r13 : 8088AA80  r14 : 80485510  r15 : 80C9EE80
r16 : 00000003  r17 : 8089E660  r18 : 809B1030  r19 : 00000000
r20 : 00000005  r21 : 8089DA10  r22 : 810E40C0  r23 : 817283C0
r24 : 810E4050  r25 : FFFFFFFF  r26 : 00000000  r27 : 817283C0
r28 : 00000000  r29 : 00000000  r30 : 00000003  r31 : 00000001

Instructions:
Spoiler for Hiden:
803EC650:  80780038   lwz   r3,56(r24)
803EC654:  3C808075   lis   r4,-32651
803EC658:  80170940   lwz   r0,2368(r23)
803EC65C:  6C638000   xoris   r3,r3,32768
803EC660:  90610074   stw   r3,116(r1)

ok you can see 803EC650:  80780038   lwz   r3,56(r24).
but r3 have the value 80750000. so that's totaly wrong.

then I scrolled up and saw some other instructions which loads into r24.
Spoiler for Hiden:
803EC64C:  90B80038   stw   r5,56(r24)
803EC650:  80780038   lwz   r3,56(r24)

then set a breakpoint execute on 803EC64C and you get this:

Spoiler for Hiden:
CR  : 28002488  XER : 00000000  CTR : 80378BC8  DSIS: 00000000
DAR : 00000000  SRR0: 803EC64C  SRR1: 0000B032  LR  : 803EC368
r0  : 000000EB  r1  : 8089D3F8  r2  : 8088D9A0  r3  : 80750000
r4  : 00000000  r5  : 000000EB  r6  : 8172B4C0  r7  : 00000001
r8  : 80EA4658  r9  : 8089E560  r10 : 807CFC7C  r11 : 8089D4A8
r12 : 80378BC8  r13 : 8088AA80  r14 : 80485510  r15 : 80C9EE80
r16 : 00000003  r17 : 8089E660  r18 : 809B1030  r19 : 00000000
r20 : 00000005  r21 : 8089DA10  r22 : 810E40C0  r23 : 817283C0
r24 : 810E4050  r25 : FFFFFFFF  r26 : 00000000  r27 : 817283C0
r28 : 00000000  r29 : 00000000  r30 : 00000003  r31 : 00000001

you can see r5 have the health value and stores it into r24.



« Last Edit: January 31, 2011, 05:53:36 PM by Deathwolf » Logged

lolz
Pages: [1] 2 3 ... 6
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!