ROM Hack Devious Idea to get Save Offsets

[Ailuros27]

So, I had an idea that maybe no one has thought of before, or at least had the ability to implement. Long before I had 3DS hax that allowed me to backup and edit saves, I had (and still have) a Powersaves device. Now that I do have hax, what's to stop me from applying certain save edits to my cartridge games via Powersaves, then extracting said saves via Homebrew or CFW tools and comparing them to backups made beforehand to get the offsets Datel found? Then, I could give those offsets to people here, who could make proper, non-obfuscated save editors for those games, or improve the ones that have already been made. It's lazy, I know, but I'm all for saving myself and others the trouble of having to hunt down offsets whenever possible. The only problem is I can only do this for cartridge games I personally have on hand. Luckily for me, one of the few remaining rental chains in the US has a store in my town, and they rent 3DS games.

 

[Ailuros27]

So, if anyone has any requests for where I should start, I have access to a lot of games. I suppose I'll remind myself when Bravely Second comes out to give that a go using Powersaves and look for the offsets they're using in a fresh save.

 

[Zan']

How exactly would this be any faster than using a RAM editor and make 2 live ramdumps and comparing or searching for live values?
And how would this be any better? It is limiting you to offsets a company found IF they found them.
And they rarely have actual good codes.
Money, Health and similar value cheats usually don't take longer than 5 minutes to get offsets for.
And save offsets force you to export save, hex edit and reimport or try to locate the ram offsets either way.
If you find the ram offsets directly you have more possibilities and can still calculate the save offsets.

 

[Ailuros27]

If you find the ram offsets directly you have more possibilities and can still calculate the save offsets.

Can you calculate save offsets from RAM offsets? How does what's in memory at a given moment have any relation to what's stored in a save? I know a lot of games load whole portions of the save file into memory at certain times, like when you're at your PC in a Pokemon game. But is there a calculable correlation between, say, where something like number of lives is stored in RAM compared to where it's stored in a save?

 

[Zan']

Can you calculate save offsets from RAM offsets? How does what's in memory at a given moment have any relation to what's stored in a save? I know a lot of games load whole portions of the save file into memory at certain times, like when you're at your PC in a Pokemon game. But is there a calculable correlation between, say, where something like number of lives is stored in RAM compared to where it's stored in a save?

Pretty much every game loads the complete save into the ram and updates it on whatever you do. And just saves this data back into a while on saving.
And then there is a second ram chunk which loads current gane variables etc. Which don't get stored since they are just for some specific things. But these are in a different chunk.
And since the ram addresses are in relation to the save structure you can take a known save address (A) (for example an easy to find string like the name) and find this in the ram (A). And then do SaveAddrB = SaveAddrA + (RamAddrB - RamAddrA).
For games with shifting ram addresses you need some kind of pointer anyway. Which you can also set in relation to your save.

Usually you would try to find the beggining and the end of the savegame in the ram anyway. Therefore it wouldn't be much of a problem to get the save adress.
You would just note down the start address and then ram - start = save.
For FFEX the pointer actually points to the end of the savegame in ram.
So all codes you find with Pointer + FFFF**** codes (which is effective subtracting) can used in the same way by applying the save length instead of the pointer value to get the save address.

 

[Ailuros27]

Ah. Thank you, @Zan'. That was very illuminating. I now see where you're coming from. However, this thread was just me thinking out loud, I suppose. I remember having to rely on Datel's cheap and finicky technology in the past, and now that a lot of people have access to unencrypted saves, it'd be nice for the limited offsets they have to become openly known so those with just homebrew (not to mention the CFW master race) could have access to reliable, offline save editors for more games.

I don't yet have the expertise needed to do what you described, so this was my idea to contribute what I can at the moment. And if I understood you correctly, even Datel's save offsets would prove useful, as once someone found the beginning and ending offsets for the saves in RAM, Datel's offsets could quickly be converted into RAM offsets.

 

[DarkFlare69]

Ah. Thank you, @Zan'. That was very illuminating. I now see where you're coming from. However, this thread was just me thinking out loud, I suppose. I remember having to rely on Datel's cheap and finicky technology in the past, and now that a lot of people have access to unencrypted saves, it'd be nice for the limited offsets they have to become openly known so those with just homebrew (not to mention the CFW master race) could have access to reliable, offline save editors for more games.

I don't yet have the expertise needed to do what you described, so this was my idea to contribute what I can at the moment. And if I understood you correctly, even Datel's save offsets would prove useful, as once someone found the beginning and ending offsets for the saves in RAM, Datel's offsets could quickly be converted into RAM offsets.

It's pretty easy. let's find rupee amount in zelda. its the same idea for everything (gateway, ar, wii, anything)

go into game
dump the ram
search for the amount of rupees you have
gain rupees
dump the ram
search for the amount of rupees you have
repeat 1-2 more times
theres your address. if theres two addresses, the first is the physical amount and the 2nd is the display.

 

[Ailuros27]

Yeah. I've done that on the Wii U side of things already. I was the first to share an address for Super Sea Snails for Splatoon. But I was referring to finding the beginning and end of the save file in RAM, using save offsets to calculate RAM save offsets and vice versa. Those kinds of calculations are new to me. I'm also familiar with display versus physical addresses, as I found a second set of addresses for the *ahem* chest assets in Xenoblade Chronicles X that turned out to be the physical ones.

 

[evandixon]

It might not be as simple as comparing offsets. Pokemon Mystery Dungeon 3DS games' saves have dynamic file sizes, so certain things aren't always in the same location.