Hacking Understanding and changing Snes VC RPX settings

[asper]

The easiest way is changing params during in-game sessions and look for memory address where they are stored using pygecko (the same way you will search for a Life or energy value using the old but good "changed or not" method). Try To look between 0x10000000 and 0x 3B000000 RAM address.

--------------------- MERGED ---------------------------

Elf To rpx requires a correct installation of the sdk and its toolchain; the commands and params To use are somewhere in this forum looking at old methods To reduce rpx size for older (very old) loadiine versions.

 

[the_randomizer]

The easiest way is changing pa
rams during in-game sessions and look for memory address where they are stored using pygecko (ad you will search for a Life or energy value using the old but good "changed or not" method). Try To look between 0x10000000 and 0x 3B000000 RAM address.

--------------------- MERGED ---------------------------

Elf To rpx requires a correct installation of the sdk and its toolchain; the commands and params To use are somewhere in this forum looking at old methods To reduce rpx size for older (very old) loadiine versions.

Unfortunately, I fear that recompiling them back to RPX will be likely to be implausible given my lack of knowledge of adequate programming skills, I'll need to somehow get outside help or something, I don't know. I got the command for converting from RPX to ELF but not the opposite, so we're at a stalemate and I don't even know how to use PyGecko properly. I really don't like being so inexperienced -_-

The thing that I find disheartening is that I feel like I've gained headway, that we know there are functions to enhance Snes VC games (the strings/functions), but where they are stored I don't know. Should we use PyGecko on the Snes RPX and do those searches as you suggested, and then make "cheats"?

 

[asper]

http://gbatemp.net/threads/tutorial-how-to-decompress-and-repack-rpx-rpl-files.399934/page-4

There are some tutorials out there, search for wiiu how To cheat tcpgecko

 

[the_randomizer]

http://gbatemp.net/threads/tutorial-how-to-decompress-and-repack-rpx-rpl-files.399934/page-4

There are some tutorials out there, search for wiiu how To cheat tcpgecko

But don't I need makerpl64.exe though? And do I really need to use Elf with PyGecko? I'd thought loading the RPX via PyGecko (while playing it in Loadiine) would suffice as I looked for the values. But thank you, it's admittedly a bit frustrating as this is all new/foreign, learning all these things. I honestly hope I can learn more and figure out how the scene can be helped.

Edit: My head hurts, I think I'm trying to learn too much at once ><

 

[asper]

Using pygecko/tcpgecko you will directly access/edit wiiu RAM so no elf/rpx needed but if you find mem locations you can give them To Someone able To correlate To elf data (searching in ram is the most Boring part!)

 

[the_randomizer]

Using pygecko/tcpgecko you will directly access/edit wiiu RAM so no elf/rpx needed but if you find mem locations you can give them To Someone able To correlate To elf data (searching in ram is the most Boring part!)

So there's still hope for this to become a reality? Being able to find the memory locations and alter them so we can finally have good Snes VC for once? Perhaps it would still be prudent of me to look up some documentation and hunt down and note the other GX2 functions.

 

[87 Psi]

i found some hex values in the snes rpx file and as far as i know(hopefully), these yellow highlighted values in my attachment are resolution values.
maybe, there is some hope?

 

[ShadowOne333]

i found some hex values in the snes rpx file and as far as i know(hopefully), these yellow highlighted values in my attachment are resolution values.
maybe, there is some hope?

Woa what the fuck?!

The HEX values do match with the resolution that the Wii U uses for the SNES aspect ratio and the TV resolution!

The last one 500x2D0 seems to be 1280x720, which is the TV resolution, and the third one 280x1E0 seems to be 640x480, which is the SNES resolution (I think).
Have you tried modifying the 280x1E0 with 500x2D0 and then loading it up with Loadiine?
Changing the 300x1E0 and 356x1E0 to 500x2D0 might be worth a shot too!

Edit: the loc_XXXXXXX is the actual offset in PC address of the code?

 

[VinsCool]

Woa what the fuck?!

The HEX values do match with the resolution that the Wii U uses for the SNES aspect ratio and the TV resolution!

The last one 500x2D0 seems to be 1280x720, which is the TV resolution, and the third one 280x1E0 seems to be 640x480, which is the SNES resolution (I think).
Have you tried modifying the 280x1E0 with 500x2D0 and then loading it up with Loadiine?
Changing the 300x1E0 and 356x1E0 to 500x2D0 might be worth a shot too!

Edit: the loc_XXXXXXX is the actual offset in PC address of the code?

This is getting interesting!

 

[87 Psi]

Woa what the fuck?!

The HEX values do match with the resolution that the Wii U uses for the SNES aspect ratio and the TV resolution!

The last one 500x2D0 seems to be 1280x720, which is the TV resolution, and the third one 280x1E0 seems to be 640x480, which is the SNES resolution (I think).
Have you tried modifying the 280x1E0 with 500x2D0 and then loading it up with Loadiine?
Changing the 300x1E0 and 356x1E0 to 500x2D0 might be worth a shot too!

Edit: the loc_XXXXXXX is the actual offset in PC address of the code?

that's, what i am thinking too.
i have changed the value but can you explain me, how can i save it again as a rpx file?
yes, the offset is the actual.

 

[dubyadud]

I like where this is going, don't stop! Hopefully somebody can eventually write a program who sees this work

 

[ShadowOne333]

that's, what i am thinking too.
i have changed the value but can you explain me, how can i save it again as a rpx file?
yes, the offset is the actual.

Well apparently makerpl64.exe seems to be a way to do so, but I'm not sure.
I've never used it so I don't know how that works.

 

[dubyadud]

This might help you
--
Switches for makerpl64.exe

-zx Do not compress (default is to compress). May hamper disassembly of the RPX/RPL file with ELF dump tools. See -s option also.

-z[1-9] Compression level. Default is 6.

-f Force as RPX (required to build RPXs).

-d Deprecated. Set dynamic-only flag in file info.

-s Strip function symbols that are not imported or exported.

-new New, smaller RPL symbol table. Default.

-old Use old larger method for generating the symbol table.

-h <n> Override the default system heap size with new value <n> in bytes. Default heap size is 32 KB.

-checknosda Verify that the RPX/RPL does not use a Small Data Area.

-stack <n> Override the default initial stack size with new value <n> in bytes. Default is 64 KB.

-l <file> Compatibility for pre-v1.0 RPL Tools. Specify the output import library file (.a).

-v Print verbose info.

-warnemptyrela Emit a warning if a relocation section points to the NULL section and has empty relocations.

-t BUILD_TYPE=<build_type> Embed BUILD_TYPE information into the output file. A string “DEBUG” or “NDEBUG” is assignable to <build_type>. This option is required when the output is an RPX file.

-nolib Disable generation of the import library. Always use this option if preprpl[32|64] is used to build the import library

-padall <n> Pad the TEXT, DATA, LOAD and TEMP sections by <n> percent.

-sizedata <n> Set data area to <n> bytes. Must also set -sizetext <n> -sizeload <n> -sizetemp <n>.

-sizetext <n> Set text area to <n> bytes. Must also set -sizedata <n> -sizeload <n> -sizetemp <n>.

-sizeload <n> Set load area to <n> bytes. Must also set -sizedata <n> -sizetext <n> -sizetemp <n>.

-sizetemp <n> Set temp area to <n> bytes. Must also set -sizedata <n> -sizetext <n> -sizeload <n>.

-sizefileinfo <n> FileInfo set to <n> bytes. Can be used independently of other padding options. FileInfo must be at least 96 bytes.

-dbg_source_root <dir> <dir> is a file path (Windows, Cygwin or mixed). Review all source roots passed to makerpl[32|64] to use the first one that matches up with the input ELF file to create a relative path in the FileInfo. $(CAFE_ROOT)/system is added implicitly by the N*nte*ndo makefile build system and additional paths may be added.

thanks @mixelpixx

Source: https://gbatemp.net/threads/tutorial-how-to-decompress-and-repack-rpx-rpl-files.399934/

--
Another useful link: http://tinyurl.com/jp53x27 (translated from french but still good info)

 

[87 Psi]

Well apparently makerpl64.exe seems to be a way to do so, but I'm not sure.
I've never used it so I don't know how that works.

This might help you
--
Switches for makerpl64.exe

-zx Do not compress (default is to compress). May hamper disassembly of the RPX/RPL file with ELF dump tools. See -s option also.

-z[1-9] Compression level. Default is 6.

-f Force as RPX (required to build RPXs).

-d Deprecated. Set dynamic-only flag in file info.

-s Strip function symbols that are not imported or exported.

-new New, smaller RPL symbol table. Default.

-old Use old larger method for generating the symbol table.

-h <n> Override the default system heap size with new value <n> in bytes. Default heap size is 32 KB.

-checknosda Verify that the RPX/RPL does not use a Small Data Area.

-stack <n> Override the default initial stack size with new value <n> in bytes. Default is 64 KB.

-l <file> Compatibility for pre-v1.0 RPL Tools. Specify the output import library file (.a).

-v Print verbose info.

-warnemptyrela Emit a warning if a relocation section points to the NULL section and has empty relocations.

-t BUILD_TYPE=<build_type> Embed BUILD_TYPE information into the output file. A string “DEBUG” or “NDEBUG” is assignable to <build_type>. This option is required when the output is an RPX file.

-nolib Disable generation of the import library. Always use this option if preprpl[32|64] is used to build the import library

-padall <n> Pad the TEXT, DATA, LOAD and TEMP sections by <n> percent.

-sizedata <n> Set data area to <n> bytes. Must also set -sizetext <n> -sizeload <n> -sizetemp <n>.

-sizetext <n> Set text area to <n> bytes. Must also set -sizedata <n> -sizeload <n> -sizetemp <n>.

-sizeload <n> Set load area to <n> bytes. Must also set -sizedata <n> -sizetext <n> -sizetemp <n>.

-sizetemp <n> Set temp area to <n> bytes. Must also set -sizedata <n> -sizetext <n> -sizeload <n>.

-sizefileinfo <n> FileInfo set to <n> bytes. Can be used independently of other padding options. FileInfo must be at least 96 bytes.

-dbg_source_root <dir> <dir> is a file path (Windows, Cygwin or mixed). Review all source roots passed to makerpl[32|64] to use the first one that matches up with the input ELF file to create a relative path in the FileInfo. $(CAFE_ROOT)/system is added implicitly by the N*nte*ndo makefile build system and additional paths may be added.

thanks @mixelpixx

Source: https://gbatemp.net/threads/tutorial-how-to-decompress-and-repack-rpx-rpl-files.399934/

--
Another useful link: http://tinyurl.com/jp53x27 (translated from french but still good info)

thank you for the information, will continue tomorrow
i just need to figure out, how the repack to rpx works and then we can start testing

 

[ShadowOne333]

thank you for the information, will continue tomorrow
i just need to figure out, how the repack to rpx works and then we can start testing

I'll be crossing my fingers and even my toes hoping it works!

 

[the_randomizer]

I leave for three hours and this happened? Did we just get a breakthrough?

i found some hex values in the snes rpx file and as far as i know(hopefully), these yellow highlighted values in my attachment are resolution values.
maybe, there is some hope?

May I ask how you got that flowchart view to show up in IDA pro? I have the free version, maybe that's why I don't see it like that? Either way, this is definitely a big thing to be discovered

 

[shutterbug2000]

I'd be interested in helping out. Anyone wanna provide me with a rundown of what has been found and what still needs to be found?

 

[shutterbug2000]

Ok, I've modified the files and got the Cafe SDK, extracting it right now. Let's see if this works.

 

[the_randomizer]

I'd be interested in helping out. Anyone wanna provide me with a rundown of what has been found and what still needs to be found?

We found that the RPX/ELF for Snes VC games uses GX2 functions, some of which I documented as well as their offsets, but what needs to be found are the actual switches/bytes that alter them,

Ok, I've modified the files and got the Cafe SDK, extracting it right now. Let's see if this works.

So what have you changed and if so, could you give the offsets on what has been altered? The more help we get the better, and thank you

 

[shutterbug2000]

We found that the RPX/ELF for Snes VC games uses GX2 functions, some of which I documented as well as their offsets, but what needs to be found are the actual switches/bytes that alter them,


So what have you changed and if so, could you give the offsets on what has been altered? The more help we get the better, and thank you

Well, right now I'm going off of what 87 PSI and ShadowOne333 posted. I've actually switched to TCP gecko, and am dynamically changing instances of 0x1e0 to 0x2d0, and seeing if anything changes.