ROM Hack Cheat Codes AMS and Sx Os, Add and Request

[wii07]

Anyone can update the Horizon Chase Turbo Cheats to the lastest update v2.1? Thx in advance.

 

[burhansalih]

The one with all car unlock is a ASM hack. The hack on it's own is useless, what you need is also the associated game version.

Goto main+F5C2E on that version and look at the code.
Record down the byte sequence and search for it in the new version. Try hacking it the same way and see if it works.

If you don't have that game version what you can do is to look for the nitro code and hope the change in offset is the same.

You can use a keypress to unlock all cars

 

[nicoDS]

Would someone be willing to look into raising the game speed (from 4x and 2.5x to 8x and 5x) in Loop Hero? I don't know if it can be done with cheats or by modifying a file through layeredfs

 

[Gamerjin]

Hi, everyone
Request for code

Curse Of The Dead Gods v1.0.0.3
TID: 0100D4A0118EA000
BID: BE248FA714078251

i dont know why "that place" doesnt have it, but i got a hold of it. now i am approaching this of a sort of Hybrid method, part asm, part pointer. i already found the asm codes for corruption(0 or if youre trying to push your skills, a full corruption bar code), and i have also found the stamina codes (i can make it so just attacks or dodging doesnt take any stamina).

-OR-

did you want strictly just pointers?

 

[patjenova]

i dont know why "that place" doesnt have it, but i got a hold of it. now i am approaching this of a sort of Hybrid method, part asm, part pointer. i already found the asm codes for corruption(0 or if youre trying to push your skills, a full corruption bar code), and i have also found the stamina codes (i can make it so just attacks or dodging doesnt take any stamina).

-OR-

did you want strictly just pointers?

These are my old codes and may help you on your way

Spoiler

[Version 1.0.0.2]

[01# Inf HP]
040A0000 00960E40 BD41ED00
040A0000 00960E44 1E202800
040A0000 00960E48 BD01E900
040A0000 00960E4C D65F03C0
040A0000 00198D5C 941F2039

[Inf HP (off)]
040A0000 00198D5C BD41ED00

[02# Money is not reduced]
040A0000 0018E588 1E2703E0

[Money is not reduced (off)]
040A0000 0018E588 1E20C100

[03# No Coruption]
040A0000 00058D04 1E2703E0
040A0000 0018DF14 1E2703E9

[No Coruption (off)]
040A0000 00058D04 BD4B4A80
040A0000 0018DF14 4EA01C09

[04# Inf Stamina]
580A0000 00F6A478
580A1000 00000118
580A1000 00001380
580A1000 00000000
780A0000 00000168
640A0000 00000000 41200000

[05# Crystal Kull 9999]
580A0000 00F6A478
580A1000 000000E0
780A0000 00000158
640A0000 00000000 0000270F

[06# Jade rings 9999]
580A0000 00F6A478
580A1000 000000E0
780A0000 00000160
640A0000 00000000 0000270F

[07# Blood Emblins 9999]
580A0000 00F6A478
580A1000 000000E0
780A0000 00000164
640A0000 00000000 0000270F

 

[switcherjoe]

The one with all car unlock is a ASM hack. The hack on it's own is useless, what you need is also the associated game version.

Goto main+F5C2E on that version and look at the code.
Record down the byte sequence and search for it in the new version. Try hacking it the same way and see if it works.

If you don't have that game version what you can do is to look for the nitro code and hope the change in offset is the same.

@TomSwitch Cool, thanks! Some questions:
1) where is a good source to look for previous game patches/builds (if you can post it on this forum, if not, please DM me here or on Discord, many thanks!)
2) how can I inspect that code fragment, so basically how do I do "Go to: main+F5C2E ", which tool should I use? Edizon SE or JNoexes (never used it yet)? Any hints are much appreciated!
I also tried to look for the byte sequence in ARM8 (AArch64) disassembler, such as this one http://shell-storm.org/online/Onlin...s_with_raw=True&dis_with_ins=True#disassembly , but it doesn't provide any disassembly. Afaik Switch is using Arm8/AArch64, right? I have some experience with Android Arm7/Arm8 disassembly (mostly used IDA 7.X for it) and patching, but on Switch everything is very new to me. If there is any good tutorial/guides how to do disassembly and ASM patches on Switch, I'd really appreciate it, many thanks in advance!!

 

[Gamerjin]

ok, so far, i got this for:
[Breeze beta19 Curse of the Dead Gods 1.0.0.3 TID: 0100D4A0118EA000 BID: BE248FA714078251]

[stamina]
04000000 00194FB8 D503201F
04000000 00196BC0 D503201F

[corruption -> 0]
04000000 0018DDF0 B90066B8

[hp]
580F0000 00F6B478
580F1000 00000118
580F1000 00000110
580F1000 00000018
780F0000 000001E8
989EF000
540E1000 00000004
A4EF0000

[gold ptr]
580F0000 00F6B478
580F1000 00000118
580F1000 00000018
780F0000 0000008C
640F0000 00000000 47C34F80

@patjenova, while i understand how your hp code works, what i dont understand is how you find that specific address. when i started nop loading address in an attempt to find the one address that only reads the players health, i could not find it. where you breaking on reading the current hp or when reading the max hp?

as for the corruption code, i dont know if this covers the opening corruption that happens when you open a door.
as for gold, im sorry, i just like have total control over how i "have".

 

[TomSwitch]

@TomSwitch which tool should I use? Edizon SE or JNoexes (never used it yet)? Any hints are much appreciated!

Use that for a quick one. If you are lucky that would be the fastest way to do it.

For a more detail look you need disassembly.
I use this to get main. https://github.com/DarkMatterCore/nxdumptool/releases. Drag main into IDA pro. main = 7100000000 when you use main directly. If you convert main to elf then main = 0
Alternatively use GDB when it get fixed. Currently release has problem with some games, this is one of them.

 

[TomSwitch]

Anyone can update the Horizon Chase Turbo Cheats to the lastest update v2.1? Thx in advance.

See the chain, @switcherjoe already did two code, wait for more from him. @switcherjoe fuel is an easy addition to your list. Search for float, 100 = 10, use range search except for the start which is 100.

You may also want to look at save edit to unlock all the cars.

 

[TomSwitch]

Use that for a quick one. If you are lucky that would be the fastest way to do it.

For a more detail look you need disassembly.
I use this to get main. https://github.com/DarkMatterCore/nxdumptool/releases. Drag main into IDA pro. main = 7100000000 when you use main directly. If you convert main to elf then main = 0
Alternatively use GDB when it get fixed. Currently release has problem with some games, this is one of them.

Game is using unity so you can also use il2cpp to get function name and so on.
Methods like these are worth a closer look.

// RVA: 0x138A130 Offset: 0x138A231 VA: 0x138A130 Slot: 8
public virtual bool get_HasRaceCoins() { }

// RVA: 0x138A140 Offset: 0x138A241 VA: 0x138A140 Slot: 9
public virtual bool get_HasBoostCoins() { }

// RVA: 0x138A170 Offset: 0x138A271 VA: 0x138A170 Slot: 10
public virtual bool get_HasGoldenCoins() { }

// RVA: 0x138A180 Offset: 0x138A281 VA: 0x138A180 Slot: 11
public virtual bool get_HasRaceFuel() { }

// RVA: 0x138A250 Offset: 0x138A351 VA: 0x138A250 Slot: 12
public virtual bool get_HasRaceNitros() { }

// RVA: 0x138A260 Offset: 0x138A361 VA: 0x138A260 Slot: 13
public virtual bool get_CanHaveGhost() { }

// RVA: 0x138A270 Offset: 0x138A371 VA: 0x138A270 Slot: 14
public virtual int get_NumberOfLaps() { }

 

[kite21]

Anyone has any cheats for Loop hero? been trying for a while with Edizon but I get nothing. Thanks.

 

[VishSunny]

I'm not sure what could be making it not work, it still works on my game. Have you tried reloading the game?

Yes. Just tried that today. Had the cheats on, then relaunched the game. Still doesn't work. Strange.

 

[Smoker1]

Does your built fixed the segment detection error with edizon se?
When run with hold R on a game and hbmenu the main is detecting hbl.elf start with edizon se and jnoexs
Modules:
0x08ac904000 - 0x08ace9cfff sm64.us.elf
0x6242e00000 - 0x6242e0afff hbl.elf
I don't know what dmnt is detecting as main, it's different may be the reason code don't work

Will send you the NRO Forwarder. Some reason I can not get Images to work. Probably have to try different JPG Files, but it works. I try to make sure all Homebrew can be run on it's own instead of HBM-->HBGame.
But for some reason, When I find the Codes, Pointers are hard to make, and also, when I take the Address - MAIN Start Address = 9 Digit Result instead of 8 Digit

 

[TomSwitch]

Will send you the NRO Forwarder. Some reason I can not get Images to work. Probably have to try different JPG Files, but it works. I try to make sure all Homebrew can be run on it's own instead of HBM-->HBGame.
But for some reason, When I find the Codes, Pointers are hard to make, and also, when I take the Address - MAIN Start Address = 9 Digit Result instead of 8 Digit

At least for the coins it looks like static with respect to start of sm64 elf. Pointers is easy but manual method is tedious. Search for pointer that jumps from main to sm64 then use the static offset to get to the target.

 

[gurusky]

ok, so far, i got this for:
[Breeze beta19 Curse of the Dead Gods 1.0.0.3 TID: 0100D4A0118EA000 BID: BE248FA714078251]

[stamina]
04000000 00194FB8 D503201F
04000000 00196BC0 D503201F

[corruption -> 0]
04000000 0018DDF0 B90066B8

[hp]
580F0000 00F6B478
580F1000 00000118
580F1000 00000110
580F1000 00000018
780F0000 000001E8
989EF000
540E1000 00000004
A4EF0000

[gold ptr]
580F0000 00F6B478
580F1000 00000118
580F1000 00000018
780F0000 0000008C
640F0000 00000000 47C34F80

@patjenova, while i understand how your hp code works, what i dont understand is how you find that specific address. when i started nop loading address in an attempt to find the one address that only reads the players health, i could not find it. where you breaking on reading the current hp or when reading the max hp?

as for the corruption code, i dont know if this covers the opening corruption that happens when you open a door.
as for gold, im sorry, i just like have total control over how i "have".

Dear Gamerjin,

Thank for your working, it help me a lot.

,Sky

 

[Tomoya60]

Hello everyone

Do you have some cheat for Blue fire
Tid 010073B010F6E000
Bid 82E1A82EA7C1C3B8

Thank in advance

 

[burhansalih]

Heaven Dust 2 has been released or has leaked for switch

 

[iLL wiLL]

anyone figure how to level up the super attack bar in kunio kun three kingdoms??? I would try and make a cheat code for it but since I don't understand Japanese...I found a item that needs the super bar which is in the top middle of the screen which is in the shape of a feather with handle with the#1 when it's full.idk how to level this up.anyone figure it out?? let me know so I can find a code for it.

 

[VishSunny]

I'm not sure what could be making it not work, it still works on my game. Have you tried reloading the game?

Even restarting the game doesn't work. Does it matter if I have the iridium snake milk already? Maybe that's causing the cheat to not work?

 

[khyakhya]

could someone help me get a cheat for infinite G-Coins, it takes way too much grinding to unlock everything

Groove coaster wai wai party
ID : 0100EB500D92E000
BID : 077ECDF65A462EB4