Nintenlords hacking utilities, to help others in hacking. Options

[PwnageKirby]

Rescue Hector and see if it does the same thing. It seems normal for a human to not be able to carry a horse, so they'll only carry the person...

Where the animal goes has been my question for years.

[shadowofchaos]

Rescue Hector and see if it does the same thing. It seems normal for a human to not be able to carry a horse, so they'll only carry the person...

Where the animal goes has been my question for years.

Wait a second... is THAT what those unused slots are for at the end of the class table
!? O_O

When they get off their horses/pegasi and get rescued ._.

Then maybe I should make another slot and move Roy's and Elincia's sprite and class slots there instead ._.

*facepalm*

[Obviam]

are we even sure those are unused and that you're not simply writing outside the array's bounds the way most modern security exploits do?

which by the way is terrible practice even when "hacking"?

[shadowofchaos]

So actually... those "Empty Classes" aren't really unused... I just looked on GBA Graphics Editor using the Misc Map Sprite Module "pointers" to the graphics for those two slots... The corresponding "Male" and "Female" map sprites are used whenever mounted units get rescued when they move into the person...

Which I replaced with the Elincia Falcoknight Map Sprite and using Nintenlord's map sprite sound hack, thought it was causing the issue...

I fixed it by restoring the old "unused" classes back to their original map sprite, and just expanded two more slots in the class table for the "Roy Master Lord" and "Elincia Queen" classes...

[shadowofchaos]

By the way, Nintenlord, on the "Event Assembler Language"... the "Fade white out" is labeled as "FAWO" instead of "FAWU" that it is in the Language RAWs...

[mystery]

I'm having problems with the LZ77 compression GBA Graphics Editor uses. When I decompress something and edit it, it won't let me put it back because the recompressed file is still larger than the original file by a few bytes. Even if the original length hasn't changed, the file is still slightly larger and it won't let me put it back.

[Nintenlord]

Yeah, compressions tend to do that. If you increase the entropy of original data that the compression format handles well, you get larger compressed data. You have to repoint, which GBA-GE can do for you.

[mystery]

I see then. It's only off by about 4 bytes but still. I also had never tried the repoint option since I assumed it did not know how to find pointers using 88 in the offset. It works though.

[Nintenlord]

For the past few days I've been looking for the remaining FE7 event codes we haven't documented yet. I've found and identified quite a few myself, so you can expect next release to add a lot of more codes. There are some I can't figure out completely myself, though:

CODE

_DUNNO0x1, 0x1, 4, -game:FE7 -indexMode:8

_DUNNO0x3, 0x3, 4, -game:FE7 -indexMode:8

_DUNNO0x4, 0x4, 4, -game:FE7 -indexMode:8
    Value, 2, 2

_DUNNO0x6, 0x6, 4, -game:FE7 -indexMode:8


_DUNNO0x8, 0x8, 4, -game:FE7 -indexMode:8

_TEXTCONTIF, 0x12, 12, -game:FE7 -indexMode:8
    Text ID 1, 4, 2
    Text ID 2, 8, 2

_DUNNO0x13, 0x13, 4, -game:FE7 -indexMode:8

#Pointer to 14 text ID's, each 4 bytes
_DUNNO0x15, 0x15, 8, -game:FE7 -indexMode:8
    Ptr, 4, 4, -pointer:unknown

_DUNNO0x17, 0x17, 8, -game:FE7 -indexMode:8
    Value, 2, 2
    Ptr, 4, 4, -pointer:ASM

_DUNNO0x1E, 0x1E, 4, -game:FE7 -indexMode:8

_DUNNO0x21, 0x21, 4, -game:FE7 -indexMode:8

#Move character on character?
_MOVE0x29, 0x29, 12, -game:FE7 -indexMode:8
    Character1, 4, 4
    Character2, 8, 4

_MOVE0x2B, 0x2B, 16, -game:FE7 -indexMode:8
    Character, 4, 1
    Speed, 6, 1
    Position, 8, 4, -coordinates:2
    Pointer, 12, 4, -pointer:moveManual

_MOVE0x2C, 0x2C, 16, -game:FE7 -indexMode:8
    Character, 4, 1
    Pointer, 8, 4, -pointer:moveManual
    Pointer2, 12, 4, -pointer:moveManual

_DUNNO0x30, 0x30, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Position, 8, 4, -coordinates:2

_DUNNO0x33, 0x33, 8, -game:FE7 -indexMode:8
    Pointer, 4, 4, -pointer:unit    

#Value: condition like for TURN/CHAR code?
_DUNNO0x34, 0x34, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Pointer, 8, 4, -pointer:unit

_DUNNO0x37, 0x37, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Pointer, 8, 4, -pointer:unit

_ASM0x3F, 0x3F, 8, -game:FE7 -indexMode:8
    ASM pointer, 4, 4, -pointer:ASM

_DUNNO0x40, 0x40, 12, -game:FE7 -indexMode:8
    Value1, 4, 4
    Value2, 8, 4

_ASM0x42, 0x42, 8, -game:FE7 -indexMode:8
    Ptr, 4, 4, -pointer:ASM    

_IFDUNNO0x4A, 0x4A, 8, -game:FE7 -indexMode:8
    Conditional ID, 4, 2

_IFDUNNO0x4B, 0x4B, 8, -game:FE7 -indexMode:8
    Conditional ID, 4, 1

_IFTT2, 0x51, 8, -game:FE7 -indexMode:8
    Stuff, 2, 1
    Conditional ID, 4, 1

_ASM0x59, 0x59, 8, -game:FE7 -indexMode:8
    Value, 2, 2
    ASM pointer, 4, 4, pointer:ASM

_ASM0x5A, 0x5A, 8, -game:FE7 -indexMode:8
    Ptr, 4, 4, -pointer:ASM

_DUNNO0x61, 0x61,  4, -game:FE7 -indexMode:8
    Value, 2, 2

_DUNNO0x6E, 0x6E, 8, -game:FE7 -indexMode:8
    Coordinates, 4, 4, coordinates:2

_DUNNOMUSIC, 0x7A, 4, -game:FE7 -indexMode:8
    Value, 2, 2

_DUNNO0x80, 0x80, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Value, 8, 4

_DUNNO0x81, 0x81, 4, -game:FE7 -indexMode:8
    Value, 2, 2

_DUNNO0x82, 0x82, 4, -game:FE7 -indexMode:8

_DUNNO0x83, 0x83, 4, -game:FE7 -indexMode:8

_DUNNO0x85, 0x85, 4, -game:FE7 -indexMode:8
    Dunno, 2, 2

_FADU2, 0x86, 4, -game:FE7 -indexMode:8

_DUNNO0x87, 0x87, 4, -game:FE7 -indexMode:8

_DUNNO0x89, 0x89, 4, -game:FE7 -indexMode:8

_DUNNO0x8A, 0x8A, 4, -game:FE7 -indexMode:8

_DUNNO0x8C, 0x8C, 4, -game:FE7 -indexMode:8

_DUNNO0x8D, 0x8D, 4, -game:FE7 -indexMode:8

_DUNNO0x92, 0x92, 4, -game:FE7 -indexMode:8

_DUNNO0x93, 0x93, 4, -game:FE7 -indexMode:8

_FADI2, 0x94, 8, -game:FE7 -indexMode:8
    0x92, 4, 1, -fixed

_DUNNO0x95, 0x95, 16, -game:FE7 -indexMode:8
    Value1, 4, 4
    Value2, 8, 4
    Value3, 12, 4

_DUNNO0x96, 0x96, 4, -game:FE7 -indexMode:8

_DUNNO0xA1, 0xA1, 8, -game:FE7 -indexMode:8
    Value, 4, 4

_DUNNO0xA2, 0xA2, 8, -game:FE7 -indexMode:8
    Value, 4, 4, -pointer:unknown

_DUNNO0xA3, 0xA3, 4, -game:FE7 -indexMode:8

_DUNNO0xA4, 0xA4, 8, -game:FE7 -indexMode:8
    Value, 4, 4

_TEXTCG, 0xD1, 12, -game:FE7 -indexMode:8
    Text ID, 4, 4
    Value2, 8, 4

_DUNNO0xD9, 0xD9, 12, -game:FE7 -indexMode:8
    Value1, 4, 4
    Value2, 8, 4

_DUNNO0xDA, 0xDA, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Value2, 8, 4

_DUNNO0xDB, 0xDB, 8, -game:FE7 -indexMode:8
    Value, 4, 2, -coordinates:2

_DUNNO0xDC, 0xDC, 4, -game:FE7 -indexMode:8

_LIGHTNING, 0xDD, 12, -game:FE7 -indexMode:8
    Value, 4, 4
    Value, 8, 4

_DUNNO0xDE, 0xDE, 20, -game:FE7 -indexMode:8
    Value, 4, 4
    Value, 8, 4
    Value, 12, 4, -coordinates:2
    Value, 16, 4

_DUNNO0xDF, 0xDF, 8, -game:FE7 -indexMode:8
    Value, 4, 4

_DUNNO0xE0, 0xE0, 16, -game:FE7 -indexMode:8
    Value1, 4, 4
    Value2, 8, 4
    Value3, 12, 2
    Value4, 14, 2

_DUNNO0xE1, 0xE1, 4, -game:FE7 -indexMode:8

_DUNNO0xE2, 0xE2, 4, -game:FE7 -indexMode:8

#Data pointed (20):
#4: 0?
#4: Graphics pointer
#4: pointer
#4: ?
#4: ?
_DUNNO0xE3, 0xE3, 12, -game:FE7 -indexMode:8
    Ptr, 4, 4, -pointer:unknown
    Location, 8, 4, -coordinates:2

_DUNNO0xE4, 0xE4, 4, -game:FE7 -indexMode:8

#Palette pointers?
_DUNNO0xE5, 0xE5, 12, -game:FE7 -indexMode:8
    Ptr1, 4, 4, -pointer:unknown
    Ptr2, 8, 4, -pointer:unknown

_DUNNO0xE6, 0xE6, 4, -game:FE7 -indexMode:8

If anyone knows anything about any of these, please post your info. Feel free to experiment with these as you wish, too.

[Ryrumeli]

Wow, bravo Nintenlord, bravo! :o *Stands up and applauds* Thank you, you did for FE7 what I was promising myself to do one day for FE8. XD



Seriously, that must have taken an insane amount of work, really. Did you code a program to dump them, or did you ID the extra commands with several dumpings?



Regardless, really, awesome work, dude, this is a great list! I don't know much about those never tried babies, but they look tempting to try, specially those with apparently graphical functions or something like that. This will be fun. :)

[Nintenlord]

It was quite fast, actually. I just disassembled every chapter and used my text editor to find all CODE codes, then seeing how it would work. It took several hours, though. I'm gonna do the same thing for FE6 and World map codes for both FE6 and FE7. FE8 will probably require starting from pretty much scratch, the assumption that FE7 and FE8 are similar seems to be fundamentally wrong.

[Blazer]

^It's such a shame, 'cuz it's gonna be a pain, to find codes for a game, that's not the same, and I think it's pretty lame. XP

Good job so far.

[Ryrumeli]

The codes for FE8, as far as I have seen, use a somewhat different system, yesh, since the numbers are different. But essentially it isn't THAT different from the other games, at least as far as I have researched it, the arrays of pointers for the commands work in a similar way, only of course in different orders and offsets.


If anything, it is more similar than we think, only with extra bits. After learning that the weird positioning system in FE8 we have to face while hacking was only inserted in the american version of FE8, I can't help but to speculate some of the problems we faced so far with FE8 as of now are maybe due to convenient anti-hacking locks or the like... ...why nintendo of american, why. .__.

[Nintenlord]

There is absolutely no reason to add anti-hacking measures that only effect event hacking, that would be just stupid. The positioning system is not weird, if you thought it in bits it would be completely clear how it works, not everything has to work in bytes.

[PwnageKirby]

I don't know why, but FE8 does not like to be touched. Every FE8 hack seems to have something wrong with it...

Just an approximate quote.

[Nintenlord]

And you are claiming that is because some sort of anti-hacking measure? People too often assume intention when co-incidence or accident are better explanations. I'ts basic human nature to seek meaning, even when there may not be any.

[Obviam]

The last time I saw anything remotely feasible related to anti-hacking measures was trying to hack codes for Gunstar Superheroes.

A simple assembly hack would have resolved that particular issue anyway; the GBA has been hacked to death. The odds of some anti-hacking measures not being circumvented as of yet are next to none.

[Ryrumeli]

Nope Nintenlord, not for event hacking, memory-related blocks. To slow down cheat codemakers, I would infer. It would be silly to bar something which they didn't even expect to be hacked to begin with, like events. XP

Stuff like the need of a specific event command to enable a chapter to be enterable(How you need to go to the world map to go to a certain chapter, for example, but as far as I remember, going directly for a chapter without going to the world map, but that was already accessed in the world map is ok), or how just in the US version they changed the system for placement, to a less human-understandable format.


Considering the not-so-recent claims from Nintendo in press conferences, their stand on hacking, one infers things, I wouldn't blame it. Of course, like Xeld mentioned, almost any sort of lock can be reversed in an assembly level with some effort, but even then, it will mean things will take more time/effort to get done. Using a Codebreaker code for moving now is harder than it needed to be, as a simple example.


But again, regardless it is peculiar. I don't agree with Pwnage in her pick for a quote in this context, the reasons why FE8 hacks seem to have something wrong aren't blocks for hacking like I mentioned, seems more like rushed/weird coding of the rom than anything. There is more to be found out about FE8 than we did, that is why I believe most FE8 hacks have "something wrong with it...".

[Xenesis]

Pretty much the only game that bothers with anti-cheating measures on Nintendo consoles is Pokemon because it is their cash cow and actually has multiplayer worth a damn or something something.

Most of the bugs caused ever is by not knowing what you're doing or just being uh...careless? I know I'm careless at times. <_<;

As an aside:
Nintenlord, is it possible to alter the bitshift that your MAR Inserter performs on the MAR files? If so, it could be used for AW as well :P

[Nintenlord]

Yeah, it would be pretty easy. MAR array inserters 'meat' is in this function, everything else is either UI or LZ77 compression or .NET library:

CODE

        static public void Run(string MARfile, string ROMfile, int offset, int[] size)
        {
            foreach (int item in size)
            {
                if (item > 43)
                {
                    MessageBox.Show("The size may be too big.\nContinuing anyway.");
                }
            }
            BinaryReader br;
            BinaryWriter bw;
            List<byte> map = new List<byte>();
            
            try
            {
                br = new BinaryReader(File.Open(MARfile, FileMode.Open));
                bw = new BinaryWriter(File.Open(ROMfile, FileMode.Open));
            }
            catch (IOException)
            {
                MessageBox.Show("One of the files is being used by another program.");
                return;
            }

            if (br.BaseStream.Length != (size[1] * size[0] * 2))
            {
                MessageBox.Show("The size is wrong.");
                bw.Close();
                br.Close();
                return;
            }
            foreach (int var in size)
            {
                map.Add((byte)var);
            }


            while (br.BaseStream.Position < br.BaseStream.Length)
            {
                map.AddRange(BitConverter.GetBytes((ushort)(br.ReadUInt16() / 8)));//Dividing by 8 is the same as right shift by 3.
            }
            br.Close();

            bw.BaseStream.Position = offset;

            bw.Write(LZ77.Compress(map.ToArray()));

            bw.Close();            
            MessageBox.Show("Finished.");
        }

If you can't program, I can do it myself. LZ77 compression is in pretty much every other source code download I offer, so I'm too lazy to post it here.