Toggle sidebar

ROM Hack cracker's DS Trainer Maker Tutorial

  • Thread starter Thread starter cracker
  • Start date Start date
  • Views Views 17,080
  • Replies Replies 39
There is another thing i dont understand.What the heck do I do with the mastercodes?I have not found anywhere in the dissasembled source the specific code,so what exactly do i do with the master code?
 
Following cracker's manual (Thanks again!)... I tried making a trainer for to make unlimited firewood for Lost In Blue 2, but no success so far. Anyone tried this one? I thought I could change this part, but nothing is happening:

:020A1CC8 43A00000 movmi r0,#0x0
 
Well, I'm new at this trainer making stuff but I have trouble following the "Finding the code to hack - Harder method" step. I went to that link you provided in the document and found the codes for the game I want to train. However, when I tried to search for them within the dissassembled rom, it doesn't find any of them. What am I supposed to do exactly?

EDIT: Oh and what do you mean by copy the surrounding codes?
 
Well if you don't find the addresses in the disassembled source code then you have to make a function that loads the address and then a value into that address yourself.

The 'surrounding code' is just talking about a few lines of code above and a few lines below your target area. For example if you find a spot at 0x200F000 then you will want to copy something like from 0x200EFD0 to 0x200F030 just to give you some space to look.

I'm hoping to update the tutorial soon to use a better -- non-destructive -- method of trainer making that I have started to use. It is much better than the "harder method" found in the tutorial currently.
 
QUOTE(wuka @ Mar 30 2007 said:
(In case anyone interested missed it, bleep already made a trainer for player stats and spices)
Click to expand...
Actually I had time to update it a couple pages back, I added a walk-thru-walls code and an item modifier.
wink.gif


Here's the post
http://gbatemp.net/index.php?showtopic=408...ndpost&p=610778

..just fyi, I used the following for firewood

Infinite Firewood
203dcc8 mov r0,#0x1e
41CC8 (1e00 a0e3)

It's a simple break on read when opening the firewood menu.
wink2.gif


Here's the rest of the hacks if you want them


\\==========
-------------\\

Increased Running Speed
210302e 0002
10702e (0002)

\\==========
-------------\\

Infinite Spices
[2286BE1]!

207b924 mov r2,9h
7F924 (0920 a0e3)

207ba80 mov r0,9h
7Fa80 (0900 a0e3)

\\==========
-------------\\

Infinite Tool Usage
20c0efc nop
C4EFC (0000 a0e1)
20c0f00
C4F00 (0000 a0e1)

\\==========
-------------\\

Infinite Firewood
203dcc8 mov r0,#0x1e
41CC8 (1e00 a0e3)


\\==========
-------------\\

Infinite Stats

20ede7c ldr r0,[r0]
F1E7C (fc71 00eb)

bl 210a674
10E674

ldr r0,[r0]
stmed r13!,{r0-r6,r14}
mov r1,#0x64
add r0,#0x430
strb r1,[r0,#+0x0bb]
strb r1,[r0,#+0x0bc]
strb r1,[r0,#+0x0bd]
strb r1,[r0,#+0x0be]
strb r1,[r0,#+0x0bf]
strb r1,[r0,#+0x0c0]
strb r1,[r0,#+0x0c1]
strb r1,[r0,#+0x0c2]
ldmed r13!,{r0-r6,r14}
mov pc,r14


00 00 90 E5 7F 40 2D E8 64 10 A0 E3 43 0E 80 E2 BB 10 C0 E5 BC 10 C0 E5 BD 10 C0 E5 BE 10 C0 E5 BF 10 C0 E5 C0 10 C0 E5 C1 10 C0 E5 C2 10 C0 E5 7F 40 BD E9 0E F0 A0 E1


\\==========
-------------\\

Walk-Thru-Walls (Hold B)

209ac60 ldr r3,[r4,#+0x4]
9EC60 (91be 01eb)

bl 210a6ac
10E6ac

stmed r13!,{r0-r6,r14}
mov r2,#0x2000000
add r2,r2,#0x8a000
add r2,r2,#0x2dc
mov r5,#0x0ba000000
add r5,#0x01e
mov r6,#0x0ea000000
add r6,#0x0450
add r6,#0x1
add r4,r4,#0x108
ldrh r4,[r4]
mov r3,#0200
cmp r4,r3
streq r6,[r2]
strne r5,[r2]
ldmed r13!,{r0-r6,r14}
ldr r3,[r4,#+0x4]
mov pc,r14


7F 40 2D E8 02 24 A0 E3 8A 2A 82 E2 B7 2F 82 E2 BA 54 A0 E3 1E 50 85 E2 EA 64 A0 E3 45 6E 86 E2 01 60 86 E2 42 4F 84 E2 B0 40 D4 E1 02 3C A0 E3 03 00 54 E1 00 60 82 05 00 50 82 15 7F 40 BD E9 04 30 94 E5 0E F0 A0 E1

\\==========
-------------\\

Modify First Item Slot (*1)

20bcfc8 mov r0,r4
C0FC8 (8935 01eb)

bl 210a5f4
10E5F4

stmed r13!,{r0-r7,r14}
add r5,#0x022c
ldrb r6,[r5]
ldrb r7,[r5,#+0x01]
mov r7,#0x24
cmp r4,#0x01
addeq r6,#0x01
cmp r4,#0x04
subeq r6,#0x01
cmp r6,#0x0cf
movgt r6,#0x01
cmp r6,#0x0
moveq r6,#0x0cf
cmp r4,#0x01
streqb r6,[r5]
streqb r7,[r5,#+0x01]
cmp r4,#0x04
streqb r6,[r5]
streqb r7,[r5,#+0x01]
ldmed r13!,{r0-r7,r14}
mov r0,r4
mov pc,r14

*1: Highlight the First Item Slot then press Right or Left to cycle through item list.


FF 40 2D E8 8B 5F 85 E2 00 60 D5 E5 01 70 D5 E5 24 70 A0 E3 01 00 54 E3 01 60 86 02 04 00 54 E3 01 60 46 02 CF 00 56 E3 01 60 A0 C3 00 00 56 E3 CF 60 A0 03 01 00 54 E3 00 60 C5 05 01 70 C5 05 04 00 54 E3 00 60 C5 05 01 70 C5 05 FF 40 BD E9 04 00 A0 E1 0E F0 A0 E1

\\==========
-------------\\
 
I saw that, thanks!
smile.gif
I see I need to learn a lot more!
laugh.gif


You should consider creating your own thread... It's getting harder to find your trainers burried in the thread.
 
I finally got around to making an updated trainer tutorial that shows the methods I currently use (much better than my original methods). Get it on the first page.
 
Bump~
I've had this on my computer for a while, but since I had lots of school work I just got around to reading it today.

I've got a couple questions:

First: when you create the smb.asm, you type:
"mov r3,#0x63" and then save it.
where does the #0x63 come from?

Second: Furthur down in that part of the tutorial, you say:
"This is usually the address seen in the dissassembled source
minus 0x1FFC000. So for the first instance it works out to be 0xB11F0 and the second works out to 0xB14C0."
How do you calculate it?
I'm guessing you did 020AD1F0 - 0x1FFC000 which = B11F0, because I noted the similar 1F in the answer and the number you're minus-ing, but how would one do this for other numbers?

Thanks
 
63 in hex is 99 in decimal so that's where that value came from.

Yes, that is how you calculate the offset of the place in the .nds to edit. I've only come across one game that this won't work on (because it doesn't copy to the start of RAM - 0x2000000).
 
I think you are in need of a refresher in hexadecimal maths, might I suggest:
http://webster.cs.ucr.edu/AsmTools/HLA/

Still 0x63 = 99 decimal: 99 lives (many games however use hex as limits: how many rpgs stats max out at 256, 512 and the like)

1FFC000 is a rule of thumb so to speak, depending on how much you are hacking either do it in a calculator (standard windows has hex support even) or use a spreadsheet: open offices calc has the base function and via a plugin excel has hex2dec.

Edit: I am getting even slower.
 
hey, i want to make trainers, im trying to find out if there is a way to directly write to any HEX address using the ASM. if not, i need help with what you mean by writing something to directly load the address.
thanks in advance.
-game
 
Actually if you take a look at my first tutorial a lot of it is to do with cheap hacks -- basically exchanging one opcode for another so instead of subtracting one life it will load up a register (like a variable if you know any high level language) with the max number of lives you can have, etc. My Super Monkey Balls lives example is a good example of this. The second tutorial is far more advanced and uses a way better method of training that I learned after much source code research, etc.
biggrin.gif
 
thanks, but i dont think that's what i needed.
sorry.
here's the scenario. i disassembled mario kart ds, i like to do this tyoe of stuff for myself. i then searched for addresses, but couldnt find them. there was a 0 for each search instead of a 1 or 2 at the beginning. nothing is found. so now im stuck and have no clue of what to do.
thanks again in advance.
-game
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Tutorial  Build DSi NAND from scratch

Homebrew app  A-Pix DS 0.4 – Pixel art editor for Nintendo DS/DSi!

Hardware Misc  JIS or Phillips: What to use on a DSi?

If someone is interested in something, let me know :)

Hardware  After teardown nintendo dsi doesn't fit in its housing

Hacking  Save File corruptes:(

Pokemon White

using the ds's mic as a practical one?