Hacking VitaCheat/FinalCheat Database

[tomberyx]

Now I will try to find pointers for Steam Dig 2 ,I think now it must be possible to find something useful. The experiments will start now...:-)

 

[Yohoki]

I want to also try a game that has the segments move while playing. If I remember right, Criminal Girls 2's seg locations changed every time you enter a new level. I think some one also mentioned Assassin's creed a while back. Can anyone check if it's seg locations still change randomly with noASLR installed?

@monodevil @NeoGranzon @Smoker1 @tomberyx Any other oldies out there that I may have forgotten over the years I've been gone...

My brothers. We're in an age of discovery today, Gentlemen.

Almost every game I've looked at has used this ASLR, and no matter how well I tested the code, SOMEONE would always pop in and say "It won't work".... Maybe they had a plugin installed that I didn't have. Maybe they had their vita in a different language. Maybe, their particular vita for some reason or another just decided to be a dick today. Inevitably, some one would pop up and say it doesn't work.

I think we've just found out why, and how to fix it.

 

[XMYDL]

New Report!
It works!!!! Seg1 does not shift i tried it on both psVitas.
Now i ask my selfe what can i do now with it....

Such great news!!

In fact my premature self learning ARM assembly was to transfer these shifty codes into B200 writable codes. Now it would be much more easier to write ARM codes 'cause it's no need transfering it to Thumb mode and ARM mode has more writable commands. (Previously it was only capable for Mai 5th method of dumping which is rewriting eboot and skprx itself)

Very good Job both tomberyx and Yohoki!

 

[tomberyx]

Experiments with noaslr.skprx.
what I found out at the moment.

It seems that the pattern XYZ is no longer present when you do dumps.<----- Edit: still be present but yeahh baby it doesnt matter you can use that for pointer search too. [I hope I'm right it is not easy to see everything]
Pointer search with TempAR remains the same but is now more precise.

I was able to benefit from the noaslr in 60 minutes.
I think we now have a good springboard for further researches. I hope I'm not mistaken... finger cross


This is a test code with noaslr.skprx.
I know this game has(extremly) the pattern XYZ
If this code works for you, then we might have a proof. there are more results of codes but I think this one could be it.

# Title: SteamWorld Dig 2
# ID: PCSB01114
# Region: EU
# Version: 1.01
# Type: NoNpDrm
# Code Author: tomberyx

_V0 Money 1
$3203 81189D74 00000288
$0000 00000000 00000064
$0000 00000000 0000023C
$0000 00000000 00000001

 

[monodevil]

ASLR shouldn't affect pointers at all. That's a separate issue. I think the main thing to look for is the seg0/1 locations. Are they static now? because a lot of games have the locations move sometimes, either on boot, or switching map levels, etc. You have installed it correctly, though. It would require a reboot of the vita, and it might also now show up under the TXT file in your dumps. I think the plugins are also loaded in order from top to bottom, so putting it higher on the list may also have an effect.

Ahh, I see. Segs and B2 stuff still go over my head, plus I forgot what little I knew about them. I'm gonna need a little extra time to get back into the full swing of things but yeah I checked the .txt from my new dumps and all of them are static. Like straight 81000000 which was pretty neat to see.

 

[tomberyx]

# Title: Deception IV Blood Ties
# ID: PCSE00401
# Region: US
# Version: 1.00
# Type: NoNpDrm
# Code Author: tomberyx

Spoiler: Code

# PCSE00401

_V0 inf.HP
$B200 00000001 00000000
$3001 000052A4 00EAC6E4
$0000 00000000 000000FA

_V0 Player Walk Speed 2x
$B200 00000001 00000000
$3201 000052A4 00EACAA4
$0000 00000000 40000000

_V0 Player Speed 2x
$B200 00000001 00000000
$3201 000052A4 00EACA58
$0000 00000000 40000000

_V0 Player Speed [Slow-Motion]
$B200 00000001 00000000
$3201 000052A4 00EACA58
$0000 00000000 3D800000

_V0 Breast Speed 3x [Fun]
$B200 00000001 00000000
$3201 000052A4 00EACAB0
$0000 00000000 3DE0BABE

_V0 Player Freeze [hold X]
$B200 00000001 00000000
$C201 00000001 00004000
$3201 000285C0 00053F00
$0000 00000000 05000000

_V0 Player Size [use D-Pad]
$B200 00000001 00000000
$C201 00000001 00000010
$3201 000052A4 00EAD5CC
$0000 00000000 3FC00000
$B200 00000001 00000000
$C201 00000001 00000040
$3201 000052A4 00EAD5CC
$0000 00000000 3EB00000
$B200 00000001 00000000
$C201 00000001 00000080
$3201 000052A4 00EAD5CC
$0000 00000000 40800000
$B200 00000001 00000000
$C201 00000001 00000020
$3201 000052A4 00EAD5CC
$0000 00000000 3F800000

_V0 Kill yourself [hold R-Select]
$B200 00000001 00000000
$C201 00000001 00000201
$3201 000285C0 00053EFC
$0000 00000000 00040000

_V0 No Status Effect
$B200 00000001 00000000
$3001 000285C0 00053DC8
$0000 00000000 00000000

_V0 max.Ability-Charge [semi]
$B200 00000001 00000000
$3201 000052A0 0029114C
$0000 00000000 0000012C
$B200 00000001 00000000
$3201 000052A0 00291154
$0000 00000000 0000012C
$B200 00000001 00000000
$3201 000052A0 00291168
$0000 00000000 0000012C

_V0 [Enemies] Freeze [hold X]
$B200 00000001 00000000
$C201 00000001 00004000
$7201 000052A4 00EB68E0
$7701 00000000 05000000
$0003 00009F00 00000000

_V0 [Enemies] Instant-Kill [push Select]
$B200 00000001 00000000
$C201 00000001 00000001
$7201 000285C0 0005DDFC
$7701 00000000 00040000
$0003 00009F00 00000000

_V0 [Enemies] Slow-Motion
$B200 00000001 00000000
$7201 000052A4 00EB6958
$7701 00000000 3CF00000
$0003 00009F00 00000000

_V0 [Enemies] Size [use D-Pad]
$B200 00000001 00000000
$C201 00000001 00000010
$7201 000052A4 00EB74CC
$7701 00000000 40400000
$0003 00009F00 00000000
$B200 00000001 00000000
$C201 00000001 00000040
$7201 000052A4 00EB74CC
$7701 00000000 3EB00000
$0003 00009F00 00000000
$B200 00000001 00000000
$C201 00000001 00000080
$7201 000052A4 00EB74CC
$7701 00000000 40E00000
$0003 00009F00 00000000
$B200 00000001 00000000
$C201 00000001 00000020
$7201 000052A4 00EB74CC
$7701 00000000 3F800000
$0003 00009F00 00000000

_V0 [Enemies] Bad Status
$B200 00000001 00000000
$7001 000285C0 0005DCC8
$7701 00000000 0000000F
$0003 00009F00 00000000

_V0 Instant Win [hold Select-UP]
$B200 00000001 00000000
$C201 00000001 00000011
$3001 000052A0 000D14B4
$0000 00000000 00000002

_V0 max.Raff.Sad.Blam [after Win]
$B200 00000001 00000000
$7201 000052A0 00291170
$7701 00000000 000BDE31
$0004 00000004 00000000

_V0 max.ARK & WAR
$B200 00000001 00000000
$3201 000052A0 000D1A50
$0000 00000000 0076ADF1
$0000 00000000 00000000
$B200 00000001 00000000
$3201 000052A0 000D202C
$0000 00000000 0076ADF1

_V0 Unlock Everything [Main-Menu]
$B200 00000001 00000000
$3201 000052A0 000D2024
$0000 00000000 02020202
$B200 00000001 00000000
$7001 000052A0 000D3A9C
$7701 00000000 00000001
$00A6 00000010 00000000
$B200 00000001 00000000
$7001 000052A0 000D1B99
$7701 00000000 00000001
$0064 00000001 00000000
$B200 00000001 00000000
$7001 000052A0 000D1E66
$7701 00000000 00000002
$0004 00000001 00000000

_V0 Head-Rotation [Fun]
$B200 00000001 00000000
$3201 000052A4 00EACAB0
$0000 00000000 BAD0BABE

_V0 Brocken-Neck [Fun]
$B200 00000001 00000000
$3201 000285C0 0005D420
$0000 00000000 C1740000

_V0 Crazy-Stairs [Fun]
$B200 00000001 00000000
$3201 000285C0 000538F4
$0000 00000000 41220000

_V0 Deform-Body [Focus Enemy]
$B200 00000001 00000000
$3201 000285C0 0005D45C
$0000 00000000 40400000

_V0 Walking-Blood [Fun] [get a Hit]
$B200 00000001 00000000
$4001 00034A60 00000001
$0003 00000030 00000000
$4001 00034A64 00000003
$0003 00000030 00000000

_V0 Camera Vertical [ON-Up OFF-Down]
$B200 00000001 00000000
$C201 00000001 00000010
$3201 000052A4 00F9FA60
$0000 00000000 40700000
$B200 00000001 00000000
$C201 00000001 00000040
$3201 000052A4 00F9FA60
$0000 00000000 00000000

_V0 Camera Wide
$B200 00000001 00000000
$3201 000285C0 0014708C
$0000 00000000 3F800000

_V0 Camera Stretch [use D-Pad]
$B200 00000001 00000000
$C201 00000001 00000010
$3201 0000031C 000E9A48
$0000 00000000 3F31E000
$B200 00000001 00000000
$C201 00000001 00000040
$3201 0000031C 000E9A48
$0000 00000000 3FE1E1E2
$B200 00000001 00000000
$C201 00000001 00000080
$3201 0000031C 000E9A48
$0000 00000000 4051E000
$B200 00000001 00000000
$C201 00000001 00000020
$3201 0000031C 000E9A48
$0000 00000000 3EE0BABE

_V0 Freeze Game [ON-R OFF-L]
$B200 00000001 00000000
$C201 00000001 00000100
$0000 000346A4 00000000
$0000 00000000 00000000
$C201 00000001 00000200
$0000 000346A4 00000001
$0000 00000000 00000000

_V0 Background Green
$B200 00000001 00000000
$3201 000052A0 002583F0
$0000 00000000 C0000000

_V0 Instant see Ending [Note 1]
$B200 00000001 00000000
$C201 00000001 00000001
$0200 00035C6C 00000016

_V0 Tomberyx hidden Message [go and find it]
$B200 00000001 00000000
$3201 000CDA14 00000A20
$0000 00000000 006F0050
$B200 00000001 00000000
$3201 000CDA14 00000A22
$0000 00000000 0072006F
$B200 00000001 00000000
$3201 000CDA14 00000A24
$0000 00000000 006E0072
$B200 00000001 00000000
$3201 000CDA14 00000A26
$0000 00000000 0050006E
$B200 00000001 00000000
$3201 000CDA14 00000A28
$0000 00000000 00690050
$B200 00000001 00000000
$3201 000CDA14 00000A2A
$0000 00000000 00670069
$B200 00000001 00000000
$3201 000CDA14 00000A2C
$0000 00000000 00000067
$B200 00000001 00000000
$3201 000CDA14 00000A00
$0000 00000000 00650052
$B200 00000001 00000000
$3201 000CDA14 00000A02
$0000 00000000 00640065
$B200 00000001 00000000
$3201 000CDA14 00000A04
$0000 00000000 00530064
$B200 00000001 00000000
$3201 000CDA14 00000A06
$0000 00000000 006F0053
$B200 00000001 00000000
$3201 000CDA14 00000A08
$0000 00000000 006E006F
$B200 00000001 00000000
$3201 000CDA14 00000A0A
$0000 00000000 006A006E
$B200 00000001 00000000
$3201 000CDA14 00000A0C
$0000 00000000 0061006A
$B200 00000001 00000000
$3201 000CDA14 00000A0E
$0000 00000000 00160061
$B200 00000001 00000000
$3201 000CDA14 00000A10
$0000 00000000 00000016
$B200 00000001 00000000
$3201 000CDA14 00000A40
$0000 00000000 00650050
$B200 00000001 00000000
$3201 000CDA14 00000A40
$0000 00000000 00650050

_V0 -------------------
$0000 00000000 00000000

_V0 [Note 1] Use Code only in Language-Settings
$0200 8145AC6C 00000000

_V0 push-Select to activate.
$0200 81000000 00000000

_V0 -------------------
$0000 00000000 00000000

 

[Peoples92]

@tomberyx hey i tried the code from steamworld dig 2 with noaslr plugin on pstv and it worked the same as with kid tripp which didn't work before on pstv

 

[tomberyx]

Thanks for testing it. I know that Dig 2 was very difficult to make stable pointers at all, whether it is due to the plug-in cannot be said with 100%. There are many other factors to consider here.

It's good that this code works I'll stay tuned and collect more information.

It does not mean this plugin can make all codes in the past working but the new created one yes.... .

 

[Yohoki]

Experiments with noaslr.skprx.
what I found out at the moment.

It seems that the pattern XYZ is no longer present when you do dumps.<----- Edit: still be present but yeahh baby it doesnt matter you can use that for pointer search too. [I hope I'm right it is not easy to see everything]
Pointer search with TempAR remains the same but is now more precise.

I was able to benefit from the noaslr in 60 minutes.
I think we now have a good springboard for further researches. I hope I'm not mistaken... finger cross


This is a test code with noaslr.skprx.
I know this game has(extremly) the pattern XYZ
If this code works for you, then we might have a proof. there are more results of codes but I think this one could be it.

# Title: SteamWorld Dig 2
# ID: PCSB01114
# Region: EU
# Version: 1.01
# Type: NoNpDrm
# Code Author: tomberyx

_V0 Money 1
$3203 81189D74 00000288
$0000 00000000 00000064
$0000 00000000 0000023C
$0000 00000000 00000001

Great news! Turn that into a b200 and it should work flawlessly, even if the user doesn't have noASLR installed and the seg moves around!

Ahh, I see. Segs and B2 stuff still go over my head, plus I forgot what little I knew about them. I'm gonna need a little extra time to get back into the full swing of things but yeah I checked the .txt from my new dumps and all of them are static. Like straight 81000000 which was pretty neat to see.

b200 codes are not hard. It just needs a little math. You're aiming for a code inside the Seg0 section, once you find that, just take the seg0 out of it.

example, it seg0 is at location 8100000 and your code is at 81001000, just do quick math: 81001000-8100000=00001000
likewise, if seg0 is shifted to 81230000 and code is now at 81231000, same math: 81231000-8123000=00001000

Notice that the answer is now the same for both problems, even though the seg0 location has changed? That's the magic. noASLR will let you pointer search for those offsets, and the b200 code will let you use them. Thankfully, my tempAR code creator section has a b200 option available to make the math easy, since it IS math with hex numbers, not in decimal.

@tomberyx hey i tried the code from steamworld dig 2 with noaslr plugin on pstv and it worked the same as with kid tripp which didn't work before on pstv

The actual code for the game is the same, weather it's on vita or pstv, so there should be no difference if the code is made right. Unfortunately, that code doesn't use a b200 yet, so it may stop working for you at some point. b200 is simple to make, though.

 

[tomberyx]

Experiments with noaslr.skprx.
what I found out at the moment.

It seems that the pattern XYZ is no longer present when you do dumps.<----- Edit: still be present but yeahh baby it doesnt matter you can use that for pointer search too. [I hope I'm right it is not easy to see everything]
Pointer search with TempAR remains the same but is now more precise.

I was able to benefit from the noaslr in 60 minutes.
I think we now have a good springboard for further researches. I hope I'm not mistaken... finger cross


This is a test code with noaslr.skprx.
I know this game has(extremly) the pattern XYZ
If this code works for you, then we might have a proof. there are more results of codes but I think this one could be it.

# Title: SteamWorld Dig 2
# ID: PCSB01114
# Region: EU
# Version: 1.01
# Type: NoNpDrm
# Code Author: tomberyx

_V0 Money 1
$3203 81189D74 00000288
$0000 00000000 00000064
$0000 00000000 0000023C
$0000 00000000 00000001

i tried to make a B200 and it worked !!

I have still my doubt on it (this is just a half-B200 code it does just eleminate XYZ),need more investigation to be sure what im doing ;-) thats the way i like if it comes to new areas of investigations. Thanks Yohoki

 

[Yohoki]

What do you mean "half b200"? oO

 

[tomberyx]

You Said
"example, it seg0 is at location 8100000 and your code is at 81001000, just do quick math: 81001000-8100000=00001000
likewise, if seg0 is shifted to 81230000 and code is now at 81231000, same math: 81231000-8123000=00001000"

I have tried this way many times and it worked but the code became unstable after a restart. This method seems to me to be too simple to be true.
I can not go into detail at the moment. Here open more questions than answers I have to go through the whole thing.
Now I also have the question why should I do a B200 when pointer codes also work, there can only be one reason to convert a pointer code to B200 and that is to eliminate XYZ patterns. B200 would not change anything else to the pointers codes (Steam Dig 2), that's just my thought at the moment.

I'll look at the whole thing of course after 1 a week we will certainly have a different point of view.

What would interest me even more is how you made the HP code for Ys8 (B200+) I think this way is the best. I have spent days but have not had success.

 

[NeoGranzon]

@Yohoki ,thank you so much for sharing that file is fantastic,for example in Sword Art Online:Hollow Realization before the Seg1 changed every time i loaded the game and i always had to recreate the cheats,now with that file not only does Seg1 no longer change but the codes are stable,you are always the best.
Note: for all the others user the file goes to forder ur0:tai and then in config.txt add under the Kernel the line ur0:tai/noaslr.skprx save the changes and restart the PS Vita.

 

[Yohoki]

Were these codes located inside the seg0 or outside of its range? If you add the memsz to the vaddr, you get the ending address. One I have here is

vaddr: 0x81000000
memsz: 0x131eb04

So this segment's range is 81000000 to 8113EB04. I would want to find a pointer located inside that range, so that I know it's static, relative to the segment. Anything outside of that range is going to be dynamic, simply because of how programming and memory management works, not because of security like ASLR. If the pointer is part of that static area, within the segment, it *should* be able to convert into a b200 easily, and shouldn't shift around... That being said, I think I do recall some games storing data inside of their segments instead of calling a malloc to gain some extra ram.

I'm curious, is it also only always starting at 81000000 now?

I'd also like to point out that Cheat Engine's pointer search is a lot more robust than TempAR. It should work fine now that the ASLR is disabled and doesn't require all that loading and checking pointer levels. You just need to know how to construct a pointer.... Then again TempAR has a code creation tool built in and has pointers and b200 as an option, which works wonderfully with cheat engine.

 

[tomberyx]

Yes, starting Point is always on 8100000.

I have to do that again to find HP Ys8
I just dindt find out how to find 77D4

$B200 00000001 00000000
$3202 000077D4 00003870
$0000 00000000 00000F04

00. module name :ys8_release_true
path: ux0:/patch/PCSE01103/eboot.bin
vaddr: 0x8106a4f0
memsz: 0x338b30
vaddr: 0x813e0f80 8141CC10
813e0f80-20D00--813C0280

memsz: 0x3bc90
PO 826acf44

_V0 HP new
$0200 8CFBB654 3F8 1065353216

[0x8153E118] + 0xF04
[0x8153E144] + 0xF04
[0x8153F580] + 0xF04
[0x8153F58C] + 0xF04
[0x8153F5A8] + 0xF04
[0x8153F5CC] + 0xF04


the rest was possible for me.
Will try it by time, now time for a beer with chicks,i Promise no cheating...

 

[tomberyx]

# Title: Defenders Quest-Valley of the Forgotten DX
# ID: PCSB01223
# Region: EU-US
# Version: 1.00
# Type: NoNpDrm
# Code Author: tomberyx

Spoiler: Code

# PCSB01223

_V0 max.PSI [push Select] X
$C201 00000001 00000001
$3201 9663C380 0000012C
$0000 00000000 41200000
$C201 00000001 00000001
$3201 9663C380 00000134
$0000 00000000 41200000

_V0 inf.max Skill-Points X
$3002 9663C380 000000E4
$0000 00000000 00000050
$0000 00000000 0000004D

_V0 inf.Money X
$3201 966445B0 0000003C
$0000 00000000 04A2CB71

_V0 -------------------
$0000 00000000 00000000

_V0 max.PSI [push Select] Y
$C201 00000001 00000001
$3201 9653C380 0000012C
$0000 00000000 41200000
$C201 00000001 00000001
$3201 9653C380 00000134
$0000 00000000 41200000

_V0 inf.max Skill-Points Y
$3002 9653C380 000000E4
$0000 00000000 00000050
$0000 00000000 0000004D

_V0 inf.Money Y
$3201 965445B0 0000003C
$0000 00000000 04A2CB71

_V0 -------------------
$0000 00000000 00000000

_V0 max.PSI [push Select] Z
$C201 00000001 00000001
$3201 9673C380 0000012C
$0000 00000000 41200000
$C201 00000001 00000001
$3201 9673C380 00000134
$0000 00000000 41200000

_V0 inf.max Skill-Points Z
$3002 9673C380 000000E4
$0000 00000000 00000050
$0000 00000000 0000004D

_V0 inf.Money Z
$3201 967445B0 0000003C
$0000 00000000 04A2CB71

_V0 -Note- If Crash use Alternative
$0000 00000000 00000000

_V0 Codes and Vice-Versa.
$0000 00000000 00000000

_V0 Use only X Y or Z do not mix.
$0000 00000000 00000000

_V0 Codes can switch from XtoZ and back.
$0000 00000000 00000000

_V0 Do not activate codes permanent.
$0000 00000000 00000000

_V0 PSI-Code can crash game.
$0000 00000000 00000000

Just to inform!
Yes it is Possible to get very strange pointers like that, the range is stupid high. Maybe i should try again and find money code with the new plugin just to see the difference...

 

[Yohoki]

Yes, starting Point is always on 8100000.

I have to do that again to find HP Ys8
I just dindt find out how to find 77D4

$B200 00000001 00000000
$3202 000077D4 00003870
$0000 00000000 00000F04

00. module name :ys8_release_true
path: ux0:/patch/PCSE01103/eboot.bin
vaddr: 0x8106a4f0
memsz: 0x338b30
vaddr: 0x813e0f80 8141CC10
813e0f80-20D00--813C0280

memsz: 0x3bc90
PO 826acf44

_V0 HP new
$0200 8CFBB654 3F8 1065353216

[0x8153E118] + 0xF04
[0x8153E144] + 0xF04
[0x8153F580] + 0xF04
[0x8153F58C] + 0xF04
[0x8153F5A8] + 0xF04
[0x8153F5CC] + 0xF04


the rest was possible for me.
Will try it by time, now time for a beer with chicks,i Promise no cheating...

826acf44 is outside the range of the segments, so it may move still. Aslr only effects the modules loaded by kernel, it doesn't affect malloc or garbage collection used by programs, I don't think.

For that game seg0 is at 8106a4f0-813A4120. So you should try to find a pointer between those values, as that area will be more static than later on in the ram.

F04 is a useful number for that game, though. I remember that sticking out all over to me. The 77D4 part was actually me. That leads to my cheat sheet area. If you follow that pointer by hand in a hex editor, you'll see what I mean. It leads to a place in ram that lists all the characters names for use in dialogue, so they're spelled out in plain text and have normal, all caps and pretty varieties, depending on how they want the name displayed (ie, all caps for a menu screen, pretty for talking to people, etc) but inside that area, each character also had a pointer stored. That second pointer leads to each character's data areas.

There may be a more direct way to the character's ram locations, but at the time we didn't have Aslr turned off, and ram shifted a lot. I could easily type ADOL in hex to search for that pointer, so it's what I used.

 

[XMYDL]

Yes, starting Point is always on 8100000.

I have to do that again to find HP Ys8
I just dindt find out how to find 77D4

$B200 00000001 00000000
$3202 000077D4 00003870
$0000 00000000 00000F04

00. module name :ys8_release_true
path: ux0:/patch/PCSE01103/eboot.bin
vaddr: 0x8106a4f0
memsz: 0x338b30
vaddr: 0x813e0f80 8141CC10
813e0f80-20D00--813C0280

memsz: 0x3bc90
PO 826acf44

_V0 HP new
$0200 8CFBB654 3F8 1065353216

[0x8153E118] + 0xF04
[0x8153E144] + 0xF04
[0x8153F580] + 0xF04
[0x8153F58C] + 0xF04
[0x8153F5A8] + 0xF04
[0x8153F5CC] + 0xF04


the rest was possible for me.
Will try it by time, now time for a beer with chicks,i Promise no cheating...

If there're too many characters in line we may need an ARM code to get it.

 

[Yohoki]

If there're too many characters in line we may need an ARM code to get it.

Not sure what you mean there. ARM works exactly the same as any other code, except for the endiness (it types backwards instead of forwards) and it's unique ability to store the value that was there to begin with and reset it back to what it was when you turn the code off.

 

[XMYDL]

Not sure what you mean there. ARM works exactly the same as any other code, except for the endiness (it types backwards instead of forwards) and it's unique ability to store the value that was there to begin with and reset it back to what it was when you turn the code off.

In games there is a program processing self-side and enemy-side's HP. So if it worked, we would only need a few lines adding onto the command it will work for all characters.