| Most Wanted Hacking Info? | |
|---|---|
| Topic Started: Feb 6 2010, 05:41 PM (2,492 Views) | |
| Spikeman | Feb 6 2010, 05:41 PM Post #1 |
|
TREZian
|
Hey, some of you might remember me, for those who don't I'm Spikeman. I'm probably the only guy here who knows assembly hacking and debugging (looking at the game's code to figure out data). I should be able to find the data for pretty much anything you guys want in the game. So my question is, what is the area of the game have you all not been able to figure out and would like me to take a crack at? |
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| louman7777777 | Feb 6 2010, 09:22 PM Post #2 |
![]()
Newb
|
It's spikeman!!! *Bows Down* If its not too much I think taking a shot at how to modify attacks down to the deepest (that I know of) level. Like 080EBC0F for example for cannon. Oh yeah, and you should PM Nemomon to promote you to Master Hacker rank, I'm sure nobody would oppose! |
|
|
|
| MegaRockEXE | Feb 6 2010, 09:25 PM Post #3 |
![]()
BN Guides Author
![]()
|
Well me and Prof 9 have been looking at attack data. Welcome back Spikeman. There is one thing that I've always wanted to see hacked. How can the results from chip traders be hacked? That was one of the first things hacked when the game came out and I still don't know how that was hacked. Another thing that needs to be hacked is the PA formations. |
| The Rockman EXE Zone | YouTube | |
|
|
|
| louman7777777 | Feb 6 2010, 09:31 PM Post #4 |
![]()
Newb
|
As in chip trader and not lotto number? Oh yeah, PA formations would be TONS of help, so that chips don't need to be hacked and reordered to look right or switched around if you want to change that PA but keep a chip thats in it. One last thing, how far have you guys gotten on attack data so far? EDIT: Hey why in the does the ons in tons above link to something!
Edited by louman7777777, Feb 7 2010, 08:34 PM.
|
|
|
|
| Zanerus | Feb 6 2010, 10:00 PM Post #5 |
![]()
Dedicated Member
|
I agree with reward, chip trader and PA formation hacking. Only otherthing I can think of is to edit chips attack sequence. |
|
Zane's poetry Hour here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8752185/1/ AEZ Patch version 4 finally out: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8667690/1/ Chip hacker starters can find my notes here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8685052/1/ PM me for any questions. modding Guide Index can be found here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8750547/1/ Insanity is simply silliness misunderstood. | |
|
|
|
|
|
Feb 6 2010, 10:03 PM Post #6 |
|
Programmer!
![]()
|
I'm not really looking for anything; I know most of everything for what i need to know. |
|
|
|
| Dramz | Feb 7 2010, 12:07 AM Post #7 |
|
Spastic Colon
![]()
|
Erm.....you know how Falzar makes the field disappear...well, getting other navis to exhibit the same property Also, removing things like Tomahawkman's totem pole, adding in MORE navis, increasing the number of attacks a navi can use (not just repointing etc, giving it another slot) getting diveman's missiles away from him. A lot of specific things, I know...but yeah..... |
|
|
|
| Prof. 9 | Feb 7 2010, 01:42 AM Post #8 |
![]()
Moderaptor
![]()
|
It's Spikeman! You ever gonna finish those Boktai 3 and EXE 4.5 translations? I had actually already started my own EXE 4.5 patch due to bugs and lack of progress. :P You're not the only ASM hacker around. As mega rock.exe said already we looked at attack sequences to try and figure out how they work, but it's all in THUMB which makes it pretty hard to insert new attacks at the end of the ROM. Edited by Prof. 9, Feb 7 2010, 01:49 AM.
|
Follow me on Twitter! Fork me on GitHub!
| |
|
|
|
| Spikeman | Feb 7 2010, 06:55 AM Post #9 |
|
TREZian
|
Well if you all have gained some ASM skill then that's great. It's great to come back and see some high level hacking going on.I'll think look into the chip trader. You say it was already hacked, is there any info on that? Edit: Did some debugging of the chip trader, here's what seems important. At 804A4B2, r0=chip (01=Cannon, 02=HiCannon, etc) and r1=code (00=A,01=B,etc) A bunch of calculation is done to find graphics/text for the display of what you got 2002230+(chip*0C)+code is incremented by one, I think this is where your pack data is stored for the overworld The data around 2002230 is used to construct your pack when you go into the edit folder screen Basically an easy way to give yourself any number of any chip is to use that simple formula: Find Chip # (there's probably a list of these somewhere, but if not look at the library and convert to hex) Multiply this by 0C and add the result to 2002230 The first few bytes there are how many chips you'll get for each chip code So, to give myself 1 Cannon A, 2 Cannon B, and 3 Cannon C I do: 2002230+(1*0C) = 200223C and change the bytes here to 01 02 03 (Note: chips in your folder count for this data, so its not just pack data it's overall what chips you have) MegaRock, is this what you wanted? I can focus more in depth on other areas (like finding out what random chips it gives?). Edited by Spikeman, Feb 7 2010, 09:21 AM.
|
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| MegaRockEXE | Feb 7 2010, 12:59 PM Post #10 |
![]()
BN Guides Author
![]()
|
Interesting. This way, it would be possible to hack in hacked chips into the pack, without much difficulty. Awesome. Now I remember in when BN6 came out, this guy named Terrance on GamefAQs did some extraordinary one-day hacking, including battle hacking which is where I started everything. He posted a list of all the outcomes of every chip trader. http://www.gamefaqs.com/boards/genmessage.php?board=929993&topic=28826959 How did he get this and how can this be changed? Edited by MegaRockEXE, Feb 7 2010, 01:06 PM.
|
| The Rockman EXE Zone | YouTube | |
|
|
|
| Spikeman | Feb 7 2010, 06:41 PM Post #11 |
|
TREZian
|
Ah, very interesting. He definitely traced through the code and followed what it was doing to figure all this out. So I'm guessing there are a few possible pieces of data here we could change: 1) The list of chips possible for each bug trader (chip code is probably stored here as well) 2) The rarity for each category of chips in each trader 3) The failure rates for high rarity chips 4) How many chips/bugfrags are needed to to trade (so we could make 20 chip traders, etc) The last two are most likely hardcoded, so we'd probably have to do a simple ASM hack. The first is what I'll work on finding first, I'll update when I find something. |
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| MegaRockEXE | Feb 7 2010, 08:05 PM Post #12 |
![]()
BN Guides Author
![]()
|
No, I'm sure the cost of a bug trader is coded in the message. The message must be using a bug frag subtracting script that happens to be 10. I hope the chip list is actually listed. That would be easier to find. |
| The Rockman EXE Zone | YouTube | |
|
|
|
| Spikeman | Feb 8 2010, 03:52 AM Post #13 |
|
TREZian
|
I've been debugging the Chip Trader code all night, it's exactly as Terrance describes in the GameFAQs post. Here is what it does in slightly more technical terms: 1) It loads the list of chips for that specific trader into RAM. 2) It filters this list by your library, only chips you don't have remain. 3) It then filters this by the rarity it has determined. 4) Finally, it chooses randomly from that filtered list the random chip you get. I haven't traced all the cases where you have all the chips already, etc, but I don't think that's important to what we're trying to hack right now. Here's the data you're interested in: 804B070 is the chip trader data for the AsterLand trader. Every 6 bytes is a chip, the first two bytes are the chip id (see the Japanese chip list for these, 0001=Cannon, 0002=HiCannon, etc), I'm not sure what the other bytes are yet since it only appears to load the first two bytes from here. The rarity is stored elsewhere, here's the formula it uses to load rarity: 8021DA8 + (chip id * 2C) I'm not quite sure how it determines the chip code yet, or the addresses for other traders, but I'll figure that out next (I need to sleep). Edit: Correction, chip data is 6 bytes, first two bytes are chip id. Edited by Spikeman, Feb 8 2010, 07:11 PM.
|
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| Zanerus | Feb 8 2010, 04:20 AM Post #14 |
![]()
Dedicated Member
|
I know I am being of no help seeing as this is beyond me but I will say it anyway. Thank you Spikeman for finding this. Heres my question. By Chip ID do you mean the four digit hex number that is the chips Id for folder hacking and so on. and if so, and only 2 digits are useable for ID what about three digit ID chips such as the gigas? |
|
Zane's poetry Hour here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8752185/1/ AEZ Patch version 4 finally out: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8667690/1/ Chip hacker starters can find my notes here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8685052/1/ PM me for any questions. modding Guide Index can be found here: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/8750547/1/ Insanity is simply silliness misunderstood. | |
|
|
|
| Dramz | Feb 8 2010, 12:56 PM Post #15 |
|
Spastic Colon
![]()
|
Also, this one is fairly important, is there any way to remove the body of a cross in a hex editor? the top part is fine, but the recoloured Megaman body. |
|
|
|
| Spikeman | Feb 8 2010, 03:02 PM Post #16 |
|
TREZian
|
My bad, it's actually 2 bytes, and it does follow the pattern in this list: http://s6.zetaboards.com/The_Rockman_EXE_Zone/topic/747625/1/ So 012D = Bass. It's really not that useful to talk about "digits" in hex. A byte is always 2 hex digits. So if there are 2 bytes, there is no difference between 1, 2, 3, or 4 digits; you're just removing zeros from the front. So in this case if you wanted to add the Bass chip in the chip trader, you would change one of the item datas to 2D 01 XX XX (the XXs are what I haven't figured out yet, probably has to do with the chip code, but it fixes chips with the wrong code so I just wouldn't change it). If you wanted to find the rarity of the Bass chip, do 12D*2C (you can use windows calculator for this in hex mode) which equals 33BC and find 8021DA8+33BC to get 8025164. If you look at 8025164 you'll see the rarity is 5. (I think rarities start at zero, so this is really 6 rarity, not sure if it actually displays like that though.) Edit: I just looked into where it stores the number of stars for the library. It's actually the address for the rarity+5 (so use this formula: 8021DAD + chip*2c). So for Bass if you look at 8025164+5 you'll see the star data is 4 (while the rarity is actually 5). This is zero based as well so 0=1 star, 1=2 stars,... 4=5 stars.
Could you explain this a bit more? I'm not quite sure what you mean. the top part is fine, but the recoloured Megaman body. Edited by Spikeman, Feb 8 2010, 03:34 PM.
|
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| MegaRockEXE | Feb 8 2010, 03:54 PM Post #17 |
![]()
BN Guides Author
![]()
|
He's talking about how crosses cause Megaman's color to change. I have an idea where the cross data is but it's asm code and I haven't looked at it recently. My guess is that it uses an adding command to change the color to the appropriate cross. The bust of the cross is a separate sprite in an almost random spot on the sprite list. |
| The Rockman EXE Zone | YouTube | |
|
|
|
| Spikeman | Feb 8 2010, 04:42 PM Post #18 |
|
TREZian
|
Hmm, well if you can dig up where you think the code is it'd be much easier for me to look into it. |
|
Guides I've posted: Chip Trader modding Guide Check out Mega Man Battle Network Online, my MMBN site! | |
|
|
|
| Greiga Master | Feb 8 2010, 05:02 PM Post #19 |
![]()
Admin of the stars, owner of your soul...
![]()
|
The most important thing we need to know is the Save game encryption, they probably use the same one for every game, imagine a save editor O.o
Edited by Greiga Master, Feb 8 2010, 05:02 PM.
|
|
|
|
| MegaRockEXE | Feb 8 2010, 05:30 PM Post #20 |
![]()
BN Guides Author
![]()
|
I know the following offset is relevant. 08011280 |
| The Rockman EXE Zone | YouTube | |
|
|
|
| 1 user reading this topic (1 Guest and 0 Anonymous) | |
| Go to Next Page | |
| « Previous Topic · Guides & Research · Next Topic » |



does the ons in tons above link to something!






It's great to come back and see some high level hacking going on.
