Golden Sun Hacking Community
January 22, 2019, 06:54:45 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
  Home   Forum   DC Wiki Help Search Calendar Downloads Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Camera Lock Codes and Weird OOB  (Read 1105 times)
0 Members and 1 Guest are viewing this topic.

Regular Member
**

Coins: 0
Offline Offline

Posts: 135

« on: July 07, 2017, 10:51:12 PM »

This is probably nothing, but it's worth pointing out in case there is some crazy thing that's useful resulting from this. Video: https://www.twitch.tv/videos/157318168?t=23m40s

I have the following codes active:
02030E3C:00000000
02030E40:00000000
02030E44:7FFFFFFF
02030E48:7FFFFFFF

I know this causes weirdness on the world map, but I've never seen it cause huge weirdness like this before.

Basically, accessing certain doors OOB will black out the screen and the game will start writing values to the games memory. It basically filled up a lot of the 02000000-02000300 section as well as writing a ton of sprite data (tracked by the nonzero tile thing in my script, lower the number = more sprite data). Eventually the game will load the room I was supposed to end up in.

The values of memory written change depending on the coordinates of the door I access (not the destination of the door) and solves the puzzles in the game as you would expect with values written to those addresses.

I'm wondering why this bizarre behavior is having, and whether there's any idea as to how this may be replicated without the camera lock codes.
« Last Edit: July 07, 2017, 11:28:15 PM by Plexa » Logged
View Profile
Fox
Fox McCloud, the Hacking Doctor
Mercury Clan

Prodigy
*

Coins: 0
Offline Offline

I am: certainly not a Gallant!
Clan Position: Head Gallant
Posts: 2433

« Reply #1 on: July 07, 2017, 11:03:04 PM »

@Link: 
Quote
Sorry. Unless you’ve got a time machine, that content is unavailable.
Logged

Golden Sun Docs: Broken Seal - The Lost Age - Dark Dawn | Mario Sports Docs: Mario Golf & Mario Tennis | Misc. Docs
Refer to Yoshi's Lighthouse for any M&L hacking needs...

Remember kids! Before you go on that interview, remember to wash your hands in teawater! *Coughs on hand* (Excuse me, I just coughed up a little teawater, so they're still clean!) You wouldn't want that hiring manager to be unimpressed.

May the force be with you!
Shoo! Why does it smell in here?
Maybe that's the wrong kind of force. *smirk*
View Profile

Regular Member
**

Coins: 0
Offline Offline

Posts: 135

« Reply #2 on: July 07, 2017, 11:28:30 PM »

Whoops, fixed!
Logged
View Profile
Fox
Fox McCloud, the Hacking Doctor
Mercury Clan

Prodigy
*

Coins: 0
Offline Offline

I am: certainly not a Gallant!
Clan Position: Head Gallant
Posts: 2433

« Reply #3 on: July 08, 2017, 07:04:29 AM »

Umm.. that is interesting.

Current discoveries:
-The Code must be enabled. (A manual hex edit is not enough.) Or well, maybe you could get perfect timing, but I'm talking about what's practical for quick testing.
-You do not have to go Out-of-Bounds / no Retreat Glitch needed.... simply going through a door is enough. (Like the one at 260:1)

Going to guess that there's nothing abusable here, and the same memory area gets used for something else during room transition. (Although, not really sure what exactly is here, so just a hunch given the way these sections work... That being available memory to use for anything you might want since there's a pointer list at 0x03000000... (e.g. 02030000-0203FFFF, as well as a section in IRAM) ... But most other data end up always being what they are. Especially if you don't count the individual tables/stuff in map code.)
« Last Edit: July 08, 2017, 07:43:26 AM by Fox » Logged

Golden Sun Docs: Broken Seal - The Lost Age - Dark Dawn | Mario Sports Docs: Mario Golf & Mario Tennis | Misc. Docs
Refer to Yoshi's Lighthouse for any M&L hacking needs...

Remember kids! Before you go on that interview, remember to wash your hands in teawater! *Coughs on hand* (Excuse me, I just coughed up a little teawater, so they're still clean!) You wouldn't want that hiring manager to be unimpressed.

May the force be with you!
Shoo! Why does it smell in here?
Maybe that's the wrong kind of force. *smirk*
View Profile

Regular Member
**

Coins: 0
Offline Offline

Posts: 135

« Reply #4 on: July 08, 2017, 07:07:12 PM »

Could it be related to the split map table for jupiter lighthouse?
Logged
View Profile
Fox
Fox McCloud, the Hacking Doctor
Mercury Clan

Prodigy
*

Coins: 0
Offline Offline

I am: certainly not a Gallant!
Clan Position: Head Gallant
Posts: 2433

« Reply #5 on: July 08, 2017, 11:00:21 PM »

Okay... Progress Update - It is something with the screen min/max numbers....

* Today, I decide to do research using VBA-SDL-H.
* Puts a breakpoint write on 02030E44 for 8 bytes so I can keep changing them back to 0x7FFFFFFF manually. (Don't worry, it's simple if you use the Up arrow (keyboard button) in the Console window.)
*Puts a breakpoint write on 02000090 ... so I can research what's going on.

Breakpoint found. (Usually in the set flag function, so I exit that function to see what called it.)
02009422 ...coming straight from map code! Yay!

...
Hmm... 0200A78C = Literally look at that section grow! (I know that some of that data includes flag indexes as well.)

Haven't looked, but I'm thinking it's possible that the entries listed here may be based on whether they are in the map region you're in. (Well, based on the min/max screen set.)
I think the entries are about the cracks in the floor. (Flags are set for those... probably to determine if it should crack itself or make you fall through. ... and likely may also help determine the graphics used or something?)


Thing is... unless you can load a room with an improper screen size, I can't figure out how this would be abuseable.
« Last Edit: July 08, 2017, 11:15:16 PM by Fox » Logged

Golden Sun Docs: Broken Seal - The Lost Age - Dark Dawn | Mario Sports Docs: Mario Golf & Mario Tennis | Misc. Docs
Refer to Yoshi's Lighthouse for any M&L hacking needs...

Remember kids! Before you go on that interview, remember to wash your hands in teawater! *Coughs on hand* (Excuse me, I just coughed up a little teawater, so they're still clean!) You wouldn't want that hiring manager to be unimpressed.

May the force be with you!
Shoo! Why does it smell in here?
Maybe that's the wrong kind of force. *smirk*
View Profile
Pages: [1]   Go Up
  Print  
 
Jump to:  

Cbox
January 20, 2019, 06:29:27 PM
Fox: That would be cool to have, yes. Where the text in the ROM is uncompressed. - The huffman compression used in the gba games is not used in the nds game, so perhaps that may be one reason it wasn't done. I think it is some generic compression thingy. If someone did do it (and make the entire ROM uncompressed), perhaps I would be more inclined to work on my dark dawn editor. Hm?
January 15, 2019, 05:38:01 PM
KyleRunner: Could someone please create a GSTOOLKIT compatible with Dark Dawn? I'll try to translate that one to my language as well (as I did with the first two games).
January 09, 2019, 02:39:00 PM
Luna_blade: I wonder when true death will strike
January 08, 2019, 03:00:02 PM
Misery: That is true
January 07, 2019, 06:08:38 PM
JamietheFlameUser: so this place is pretty inactive
December 17, 2018, 06:43:36 AM
Salanewt: Okay, minor announcement I guess. We just looked over some pre-release footage of GS1, and noticed that one of the unused and unlisted animations we discovered in GS2 (and GS1) plays in that footage. "Brine" is actually an early Fizz.
December 15, 2018, 01:06:23 AM
Fox: :D https://www.youtube.com/watch?v=MFmr_TZLpS0
December 15, 2018, 12:58:01 AM
Fox: A banana for you, a banana for me, a banana to your face. Your face is mine! A face for you, a face for me. A face for the banana too. Who wants to feed the banana?
December 09, 2018, 07:43:31 PM
Fox: A banana for you, a banana for me, let's all open a banana and enjoy!
December 08, 2018, 09:48:52 PM
Drake baku: ba... ba.... bana.... bana.... banana.... nanananananananana..... and now back to doing normal, kinda
December 07, 2018, 05:43:02 PM
Luna_blade: Hey I forgot the christmas theme
November 29, 2018, 09:01:09 AM
zman9000: ded
November 19, 2018, 11:05:28 AM
Drake baku: Good day to ya all
October 30, 2018, 09:45:58 PM
Atrius: There used to be where I got the battle sprites for Kraden, but that site doesn't exist any more.
October 26, 2018, 01:31:40 PM
Infitek: Do you know if there any custom Alex battle sprites available on the internet ?
October 26, 2018, 01:31:01 PM
Infitek: Hey everyone
October 13, 2018, 03:23:06 AM
Salanewt: Updated it to provide more info that I forgot to mention.
October 13, 2018, 03:16:48 AM
Salanewt: I'm still trying to iron out IQ 2 but I'm pretty sure it's entirely random targeting.
October 13, 2018, 03:16:29 AM
Salanewt: Oh yeah, I posted some more info about enemy IQ.
October 12, 2018, 09:51:27 PM
FoxThe HTML5 project is too small to count

Affiliates
Temple of Kraden Golden Sunrise
Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.097 seconds with 22 queries.