Results 1 to 4 of 4
  1. #1
    just 'round the corner PoptartHunter's Avatar
    Join Date
    May 2011
    Posts
    4,588
    Points
    8,731
         User Info     Contact     Gamer ID
    Join Date
    May 2011
    Posts
    4,588
    Points
    8,731

    Contact info:

    Youtube Channel: http://www.youtube.com/PoptartHunterCL

    Default A Wii coding tutorial I found in a pastebin

    While googling for some coding tutorials, I came upon this in a paste bin.

    Link: http://pastebin.com/aZamcjm9

    It was posted on the thirteenth of this month, so it's pretty recent and has some interesting stuff in there. I suggest checking it out.


    I've tried to write this guide in such a way that you should be able to convert your codes from RAM write codes to ASM codes, then to F6 codes, even if you don't know any assembly. This is my first attempt at making a guide like this though, so I'm open to feedback.

    Converting Codes To ASM
    1. First you need to determine what address(es) you are using and go through this process for each of them. In the case of pointers, you will need to dereference them from within WiiRD before you can use them. For example, for this code:
    Infinite Health [dexter0]
    48000000 806B7B40
    14000380 00000003
    E0000000 80008000

    Since 4800 loads from 806B7B40 into po, you need to first go into the memory viewer and lookup address 806B7B40. Take that value (let's assume it's 810C1298) and add the offset from the 14 code to get the address that is being written to (in this case the address is 810C1298+0x380=810C1618). After you have the address, be sure to do the next step before you leave the current area you are in on the game or the address will become invalid and you will have to start over.

    2. Take the address from step 1, go to the "Breakpoints" tab, and set a read breakpoint for it. You may need to do an action related to what the code is for to trigger the breakpoint (if you can't trigger the breakpoint because you are repeating this step after clicking the "Add to list" button, then this code may be impossible to convert without some knowledge of assembly). When the breakpoint has been triggered (the game will pause, just like if you had pressed the "Pause" button in WiiRD), look at the text box at the bottom of the window. For the above example the text box will contain something like this:
    Code:
    802BCEA8: 809F0380 lwz r4,896(r31)
    802BCEAC: 7C7E1B78 mr r30,r3
    802BCEB0: 480A4635 bl 0x803614e4
    802BCEB4: 807F0230 lwz r3,560(r31)
    802BCEB8: 4802B9DD bl 0x802e8894
    Now note what is in the parentheses at the end of the first line (in this example it would be r31), it is the register that you need to check the value of. Look in the text box above it, there should be some information that looks something like this:
    Code:
    CR : 24004088 XER : 20000000 CTR : 802BB794 DSIS: 00400000
    DAR : 810C1618 SRR0: 802BCEA8 SRR1: 0000A032 LR : 802BCEA8
    r0 : 802BCEA8 r1 : 806BDC98 r2 : 806AB280 r3 : 810796B4
    r4 : 00000034 r5 : 806BDC30 r6 : 8110B2A4 r7 : 0000011B
    r8 : 00000002 r9 : 00000001 r10 : 00000000 r11 : 806BDC78
    r12 : 802B0754 r13 : 806A4CA0 r14 : 00000000 r15 : 00000000
    r16 : 00000000 r17 : 00000000 r18 : 00000000 r19 : 00000000
    r20 : 00000000 r21 : 00000000 r22 : 00000000 r23 : 00000000
    r24 : 00000000 r25 : 00000000 r26 : 00000000 r27 : 00000000
    r28 : 80900B0C r29 : 00000000 r30 : 810C1298 r31 : 810C1298
    This is a list of registers and their values. You need to copy down the value of the register you found in the parentheses (so for the example, r31 has a value of 810C1298). You need to then set an execute breakpoint at the first address in the lower text box you were looking at before (so in the example you use 802BCEA8). Now when the breakpoint is triggered, check the value of the register you had recorded down before, it should be the same. Set the breakpoint and check the register value several more times. If the register value is ever different from the original, click the "Add to List" button and start this process over again from the beginning of step 2. If the register value is always the same, go to a different area of the game where the code should still have an effect and set the same breakpoint again. If the breakpoint can still be triggered, proceed to step 3 (the register value will probably be different from before, but that's okay since you changed areas). If you can't trigger the breakpoint, click the "Add to list" button and start over from step 1.

    3. Now you need to write the ASM code, you will need Link's ASM helper tool for this. Now put the address you set the execution breakpoints for in the address text box and match the first assembly instruction from the bottom text box of the WiiRD window to one of the following templates:

    (HHHHLLLL is the value that the original code you are converting uses, so for the example infinite health code for instance, the value is 00000003 so HHHH is 0000 and LLLL is 0003)

    lwz rD,d(rA):
    Code:
    lis rD,0xHHHH
    ori rD,rD,0xLLLL
    stw rD,d(rA)

    lwz rD,d(rD):
    Code:
    stwu r1,-16(r1)
    stw r11,8(r1)
    lis r11,0xHHHH
    ori r11,r11,0xLLLL
    stw r11,d(rD)
    lwz r11,8(r1)
    addi r1,r1,16
    lwz rD,d(rD)

    lhz rD,d(rA):
    Code:
    lis rD,0xHHHH
    ori rD,rD,0xLLLL
    sth rD,d(rA)

    lhz rD,d(rD):
    Code:
    stwu r1,-16(r1)
    stw r11,8(r1)
    lis r11,0xHHHH
    ori r11,r11,0xLLLL
    sth r11,d(rD)
    lwz r11,8(r1)
    addi r1,r1,16
    lhz rD,d(rD)

    lha rD,d(rA):
    Code:
    lis rD,0xHHHH
    ori rD,rD,0xLLLL
    sth rD,d(rA)
    lha rD,d(rA)

    lha rD,d(rD):
    Code:
    stwu r1,-16(r1)
    stw r11,8(r1)
    lis r11,0xHHHH
    ori r11,r11,0xLLLL
    sth r11,d(rD)
    lwz r11,8(r1)
    addi r1,r1,16
    lha rD,d(rD)

    lbz rD,d(rA):
    Code:
    li rD,0xLLLL
    stw rD,d(rA)

    lbz rD,d(rD):
    Code:
    stwu r1,-16(r1)
    stw r11,8(r1)
    li r11,0xLLLL
    stb r11,d(rD)
    lwz r11,8(r1)
    addi r1,r1,16
    lbz rD,d(rD)

    lfs frD,d(rA):
    Code:
    stwu r1,-16(r1)
    stw r11,8(r1)
    lis r11,0xHHHH
    ori r11,r11,0xLLLL
    stw r11,d(rA)
    lwz r11,8(r1)
    addi r1,r1,16
    lfs frD,d(rA)

    Assemble the code and repeat this process for each address of the code you are converting. Once you have all the addresses from the original code converted into ASM codes, put them into one code and test it.

    For the infinite health example, the first instruction is "lwz r4,896(r31)" so the first template should be used:

    lwz r4,896(r31):
    Code:
    lis r4,0x0000
    ori r4,r4,0x0003
    stw r4,896(r31)

    When assembled you get:
    C22BCEA8 00000002
    3C800000 60840003
    909F0380 00000000


    To Create F6 Codes
    Find a sequence of two or more unique values of ASM code before your C2 code that is also in close proximity to it. Make sure you aren't including a bl instruction or any instructions involving big numbers (greater than 0x1000). Test the values by putting them into the memory viewer search and searching from 80000000, the values should only exist once in memory; at the location you got them from. For the infinite health example the values 93C10018 90010008, starting at 802BCE98, are unique. To create the F6 code you need to first write F60000XX, with XX being the number of code lines the unique values take up (so for the infinite health code example, F6000001), and then decide the range you want to scan; I would recommend you take the first four digits of the target address, substract 8, then take the four digits from the target address again and add 8, then put those two values together to get the second part of the F6 code (for the infinite health code example, 802B-8=8023 and 802B+8=8033 so the second part of the F6 code will be 80238033). After the F6 code lines you write code lines with the values for the F6 code, so for the infinite health code example:
    F6000001 80238033
    93C10018 90010008

    Now you need to determine the offset of the C2 code, so take the address for the C2 code and subtract the address the values for the F6 code start at (for infinite health code example, you will get 802BCEA8-802BCE98=0x10). Take the offset and rewrite the C2 code as a D2 code with that offset (for the infinite health code example, you will get D2000010 00000002). Now all you need to do is terminate the F6 code with a E0000000 80008000 line and then test it. The example infinite health code will look like this:
    F6000001 80238033
    93C10018 90010008
    D2000010 00000002
    3C800000 60840003
    909F0380 00000000
    E0000000 80008000

    Using The F4 Code Type In Place Of D2
    This isn't required, but it is recommended. Take a few 16-bit values before or after your D2 code address and XOR them together. As with finding values to use with the F6 code type, you need to avoid including ASM that involves large values or bl instructions. Then follow this structure for the F4 code:
    Quote from: brkirch
    ASM Insert With 16-bit XOR Checksum (po)

    F4XXXXXX YYZZZZNN
    ZZZZZZZZ ZZZZZZZZ
    ZZZZZZZZ ZZZZZZZZ
    ZZZZZZZZ 00000000

    YY (signed) 16-bit values after (if positive) or before (if negative) [po + XXXXXX] will be XOR'ed together and the result will be compared to ZZZZ. If equal, the code will be executed. The rest of the code functions the exact same way as the D2 code type, with NN as the number of lines.

    The infinite health code example only has one instruction that can be included in the XOR checksum, "mr r30, r3" (the other instructions around it are bl instructions which aren't safe to include), which has a value of 7C7E1B78 and when the values 7C7E and 1B78 are XORed together, a XOR checksum of 6706. When the example infinite health code is put together with an F4 code, you get this:
    F6000001 80238033
    93C10018 90010008
    F4000010 02670602
    3C800000 60840003
    909F0380 00000000
    E0000000 80008000

    0 Not allowed! Not allowed!
    Last edited by PoptartHunter; 03-20-2012 at 09:15 PM.

  2. #2
    #HitlerDidNothingWrong
    ⌘Flying Dutchman⌘

    Join Date
    Apr 2011
    Posts
    4,018
    Points
    8,445
         User Info     Contact     Gamer ID
    Join Date
    Apr 2011
    Posts
    4,018
    Points
    8,445
    Gamer IDs

    Steam ID: baktiar77 Wii Code: baktiar77

    Contact info:

    Youtube Channel: http://www.youtube.com/user/77baktiar

    Default

    I've seen this at Wiird or Zeatnolt. can't remember where though

    0 Not allowed! Not allowed!

  3. #3
    just 'round the corner PoptartHunter's Avatar
    Join Date
    May 2011
    Posts
    4,588
    Points
    8,731
         User Info     Contact     Gamer ID
    Join Date
    May 2011
    Posts
    4,588
    Points
    8,731

    Contact info:

    Youtube Channel: http://www.youtube.com/PoptartHunterCL

    Default

    Oh, must be an old tutorial then. I just never saw it until I found it in that pastebin.

    0 Not allowed! Not allowed!

  4. #4
    Oh Noez Batman ChelseaGrin's Avatar

    Badge

    Join Date
    Aug 2011
    Location
    I am Become Death, the Destroyer of Worlds
    Posts
    1,456
    Points
    353
         User Info     Contact     Gamer ID
    Join Date
    Aug 2011
    Location
    I am Become Death, the Destroyer of Worlds
    Posts
    1,456
    Points
    353
    Gamer IDs

    PSN ID: byRexehh

    Default

    what game :8 (godmode code)

    0 Not allowed! Not allowed!





Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -10. The time now is 12:44 AM.
Powered by vBulletin®
Copyright © 2016 vBulletin Solutions, Inc. All rights reserved.