Hacking [SAVEGAME HACK] + [HELP] Kirby and the rainbow course

[asper]

Points and lives identified with unlocked treasures but the game has a 4 byte checksum at offset 0000000x04-0x00000007: does someone is able to figure out how it is calculated ? Without it no savegame hacks are possible. Here are 2 savegames (just 1st level played 1 time from zero in both of them).

The offsets found:

Lives:
0x00000589

Points (4 bytes):
0x0000058C
0x0000058D
0x0000058E
0x0000058F

 

[punderino]

what can we even do with savegame hacks? xDD, just finished game savegames? or like, exploit savegames?

 

[ZoNtendo]

what can we even do with savegame hacks? xDD, just finished game savegames? or like, exploit savegames?

just to cheat, stop with exploit ravings

 

[punderino]

just to cheat, stop with exploit ravings

i wasn't 'exploit raving'? i was simply asking what it had to do with.

 

[ZoNtendo]

i wasn't 'exploit raving'? i was simply asking what it had to do with.

He say, he want to cheat

 

[Reecey]

Why is he opening constant pointless threads when there is a thread dedicated to pointer cheats > https://gbatemp.net/threads/post-your-wiiu-cheat-codes-here.395443/ the OP just has not been updated but these cheats have probably already been reported there! Also there is a Loadiine file save sharing thread full of files to share, if that is what he is wanting. Is he just unnecessary posting to get some sort of fame hit, you know to feed his GBATemp fame hit addiction? it probably is and can be a very serious addiction, according to @gamesquest1 he told me once its like having a Smack addiction and you can never go back!

 

[asper]

Why is he opening constant pointless threads when there is a thread dedicated to pointer cheats > https://gbatemp.net/threads/post-your-wiiu-cheat-codes-here.395443/ the OP just has not been updated but these cheats have probably already been reported there! Also there is a Loadiine file save sharing thread full of files to share, if that is what he is wanting. Is he just unnecessary posting to get some sort of fame hit, you know to feed his GBATemp fame hit addiction? it probably is and can be a very serious addiction, according to @gamesquest1 he told me once its like having a Smack addiction and you can never go back!

The one you are linking are RAM cheats, absolutely not related to savegame hacks.
File sharing is something you want to exchange with others, just different with "modify your own savegames to obtain just what you want/need".
Your answer seems to be the answer of a totally (boring) newbie that usually infests forums and makes devs and researchers to loose their interest in sharing their totally-free findings with others.

Thank you very much for your (totally unuseful) presence, from now on I will stop sharing my savegame findings, thanks to you

 

[Leanny]

I am also interessted in this, since I try to figure out how to calculate the checksum of Wii U games for around 2 days now. Right now it looks to me that they are using CRC32 with a polynom I dont know about or a standard CRC32 with a range I dont know about. I keep you up2date when I find something, or maybe someone else can help

 

[NWPlayer123]

Well, Kirby has full symbols if anyone wants to disassemble it and dig

 

[Gadorach]

Points and lives identified with unlocked treasures but the game has a 4 byte checksum at offset 0000000x04-0x00000007: does someone is able to figure out how it is calculated ? Without it no savegame hacks are possible. Here are 2 savegames (just 1st level played 1 time from zero in both of them).

The offsets found:

Lives:
0x00000589

Points (4 bytes):
0x0000058C
0x0000058D
0x0000058E
0x0000058F

I've been meaning to look into checksum correction, I'll see what I can do.

 

[asper]

I think it can be CRC32 but dunno which bytes to feed...

 

[NWPlayer123]

Well, I found the class that handles it all, storage::SaveDataAccessor

Spoiler

EDIT: Okay, so. It passes in everything except the first 0x10 bytes since that's apparently some header, the rest is 0x1194 bytes, so it does a CRC32 on bytes 0x10 to 0x11A4. Something like this

static hel::util::Hash::CRC32(const void* data, int size) {
    int ret = -1;
    if (size == 0) return ret;

    for (int i = 0; i < size; i++) {
        //Do hash
    }
    return ret;
}

Spoiler

Or you can, just, somehow edit that function so it doesn't call it, on this version just write 0x38600001 (li r3, 1) to 0x0E05E6B8 to replace that srwi r3, r0, 5 in isValidCrc so it's always valid

 

[Leanny]

Is it the same for games like Splatoon? Or is it using another function for the checksumgeneration?

 

[asper]

Well, I found the class that handles it all, storage::SaveDataAccessor

Spoiler

View attachment 43401

EDIT: Okay, so. It passes in everything except the first 0x10 bytes since that's apparently some header, the rest is 0x1194 bytes, so it does a CRC32 on bytes 0x10 to 0x11A4. Something like this

static hel::util::Hash::CRC32(const void* data, int size) {
    int ret = -1;
    if (size == 0) return ret;

    for (int i = 0; i < size; i++) {
        //Do hash
    }
    return ret;
}

Spoiler

View attachment 43404
View attachment 43406

Or you can, just, somehow edit that function so it doesn't call it, on this version just write 0x38600001 (li r3, 1) to 0x0E05E6B8 to replace that srwi r3, r0, 5 in isValidCrc so it's always valid

Great finding man ! THANK YOU !

I just tested a CRC32 function from 0x10 to 0x11A4 but my result is different: for GameData01.dat (the files i uploaded in the 1st post) it is C20D9F8D insted of the correct 68C069EF... is it a standard CRC32 calculation ?
I found another checksum, probably the same, in Nintendo Land and in Captain Toad but without the correct CRC32 function i cannot verify.

 

[NWPlayer123]

Is it the same for games like Splatoon? Or is it using another function for the checksumgeneration?

I don't think that's a checksum, actually, my imported gear works fine without it generated and they never update it after it's in your inventory

 

[Leanny]

I don't think that's a checksum, actually, my imported gear works fine without it generated and they never update it after it's in your inventory

I can only try it on CEMU rn and everytime I manipulate my save, so I was thinking that it was a checksum

 

[Black_Manta_8bit]

Hey guys, i know this is an ancient topic but i really would like to have some cemu cheats for kirby rainbow curse: in particular unlimited lives and unlimited paint.
Any help please?