Hacking Help with hacking metroid prime hunters

[Toiletman74]

I'm trying to poke around in the code of metroid prime hunters to make a patch that has all of the planets open from the start. The problem that I'm having though is that I can't figure out which file has the relevant code that I'm looking for. At the point where the code that I'm looking for runs there are no overlays loaded and as far as I can tell the code that I'm looking for is not part of the ARM9 binary.

Any ideas of where else I should look? Any help would be really appreciated!

Edit for clarity: I can see the relevant code loaded in memory but I can't find where that code is loaded from. Also no I'm not looking for an action replay code or a save file that has the planets unlocked already.

For anyone who has a problem similar to mine the solution was to decompress the arm9.bin and overlays

 

[emcintosh]

Can you work it out from the cheat code that unlocks all the planets?

 

[Toiletman74]

There are cheats to unlock all the planets but I'm developing a randomizer for the game and I feel like telling people that they have to put a cheat in to unlock all the planets or providing a save file that has them all unlocked to have the randomizer work correctly would be a really half assed way of doing it.

 

[mattdog1000000]

I think @emcintosh may have meant that you could potentially determine where in memory the values are being set using the cheats and then use a debugger to determine what initializes those values in memory (perhaps setting them to be unlocked on init rather than locked).

 

[Toiletman74]

I think @emcintosh may have meant that you could potentially determine where in memory the values are being set using the cheats and then use a debugger to determine what initializes those values in memory (perhaps setting them to be unlocked on init rather than locked).

I already know where the values are in memory and I've looked at the disassembler and seen the code and stuff like that. But I'm at the point where I need to do some static analysis. But I can't figure out where the code is located so that I can load it in ghidra.

 

[mattdog1000000]

I went in blind and mostly fumbled around when I did some hacking on Kirby Super Star Ultra -- I mostly used crystaltile2 (https://www.romhacking.net/utilities/818/ using the "NDS File System" under Tools), and then I tried compiling a debug build of DeSmuME so that I could connect it to a trial version of IDA... but it turned out to only be about as useful as the debugger that was built into no$gba.

I, personally, found live debugging to be far more useful than any amount of static analysis.

 

[Toiletman74]

I went in blind and mostly fumbled around when I did some hacking on Kirby Super Star Ultra -- I mostly used crystaltile2 ( using the "NDS File System" under Tools), and then I tried compiling a debug build of DeSmuME so that I could connect it to a trial version of IDA... but it turned out to only be about as useful as the debugger that was built into no$gba.

I, personally, found live debugging to be far more useful than any amount of static analysis.

So I should look into using no$gba then for live debugging. But I will still need to know where the code is physically located at if I want to patch it no?

 

[mattdog1000000]

I'm not well-versed in hacking on the DS or anything -- there's probably newer and better tools, but just searching for the original string of hex values (that were being executed in memory on no$gba) using crystaltile2 would usually get me the location that it's at in the rom (and then I would make the same changes to the rom in crystaltile2 that I had made to the executable in ram while debugging on no$gba).