1. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
    Alright so here goes my tutorial for the Edizon SE and Pointer Searcher SE.
    I will let you know that this will be updated as much as what I can with different videos showcasing what TomSwitch has done.
    As of right now just basic usage of how to do a search for a known variable and a quick look at how to connect the pointer searcher and download the bookmark for pointer searching.



    Different types of searches

    U8 = Unsigned 8 bit search for known and unknown values up to 255 in decimal or FF in hex

    U16 = Unsigned 16 bit search for known and unknown values from 256-65535 in decimal or FFFF in hex

    U32 = Unsigned 32 bit search for known and unknown values from 65536-4294967295 in decimal or FFFFFFFF in hex

    U64 = Unsigned 64 bit search for known and unknown values. Most cheat codes likely won't use this. However, if 32 and below don't find it, then this may be your next step.

    S8/S16/S32/S64 = Exactly like the unsigned searches except that Signed can hold negative numbers, zero, and positive numbers whereas the unsigned can only hold zero and positive numbers.

    Known

    This is where you want to search for something that you know. Could be lives, health, ammo, etc. Usually something with a number that you can see.

    Unknown
    This is where you search for a life bar or something that is unseen. Moon jump codes are especially useful for here if I'm not mistaken.

    Float

    Float is a bit different. 4 is actually 40800000 and as you can see its like a 32 bit value. This and Double Float are used if you see something like 95.5

    Double Float
    Double float is like float but bigger. So it looks like a 64 bit value. So 4 would look like 4010000000000000.
    This is also where 95.5 would be used as well as normal float.

    MODES

    == means equal to

    > means greater than (your address should be greater than "whatever number")

    < means less than (your address should be lesser than "whatever number")

    Between searches A to B

    Between searches is if you know that the value is always between two different values. So you know that the address you're looking for is between 3f800000 and 40800000. You would use this.

    DIFF means different than last search (use this if you don't know if your next search is bigger or lesser than your previous search)

    != means not equal to (use this if you know that your address value is not equal to whatever value you're searching for)

    Same means same as last (use this if your value hasn't changed since the last search)


    Region

    4 choices
    Heap

    This is where most of your addresses will be found. Most of them will require a pointer from main to be usable all the time. Generally they will change around every time you reboot the game.
    Main
    Most of the time if a code is found in here, they are static. However, there have been times where it requires a pointer inside of main to work.
    Heap + Main
    Most of the time doing this will be required for you if you don't know if the address you are looking for is in heap or main. This also is required when you do your search for pointers.
    Ram
    So this will search for everything loaded in Ram. You really shouldn't have to use this but as a last resort. This will take forever to search. Recommend not doing this one if you're not too sure of what you're doing. I'll be honest, if I can't find it in heap and main, I won't try this. Everything you're searching for should be in heap and main, so I would stick to those.

    First start the game that you want to find any value for.
    When it loads get into a level and do a initial search known or unknown.

    Known.


    Find the initial value you want to find.
    Lets say its 6.
    Press home and go to Edizon SE
    Press R and then press Y to do a search
    From here use L and R to choose the settings that you want to use to search
    For this we're going to use U8 == Heap and Main then you can press x to change between decimal or Hex search
    We're going to do decimal, you have 2 choices here either use zr or zl to change the value or press a to go inside and choose the value that way
    press + and then when the blue box is over search press a
    This takes a few moments to complete.
    Press home and go back to your game.
    Lose some health.
    Go back to Edizon SE
    Press R then Y
    Press a on the number
    Change it to whatever you are searching for now.
    Press + and then press a when the blue box is over search now.
    This narrows it down more. Continue until you get as few as possible results.
    Then on each result press a to change the value to see if it reflects anything.
    Once you find out which one is the correct address, press + on it.
    That allows you to make a bookmark for it.
    Name it whatever you feel like to be able to identify it on the next step.

    Unknown


    Start the game and decide on what you want to search for.
    Go to Edizon SE
    Press R and then Press Y
    Using L and R choose your settings
    Start with a 32 bit unsigned search
    Choose Unknown
    main and heap.
    click search
    Go back to the game and either decrease or increase what you're trying to find
    Go back to Edizon SE
    Press R and then press Y
    Go to mode and either choose ++ for increase or -- for decrease
    Also you can choose Same if you didn't increase or decrease whatever you're searching for
    Keep alternating between at least 2 of these choices to help narrow down the results as fast as possible
    When you get down to just a few choices, test them out.
    This may also cause unintentional problems like freezing the game etc.
    When you figure out which one does what you are intending to do, Bookmark the address with the + button, and try to do a pointer search on it.

    Pointer Searcher SE


    Alright now time to search for pointers.
    Load Pointer Searcher SE.

    Make sure that you are currently in your game and not in Edizon SE for this part.

    Edit:

    ***TomSwitch sent me a message. After you attach to the switch and download the bookmark/s. If you click on it and drag it to the address portion before you dump the ptr. It will save the address so when you load up the dmp file again not only will you have the heap and main but you will have the addresses that you searched for.***


    Make sure that you have your switch IP address in the IP address field
    Click on attach, this should freeze your game if it connects properly
    Click download bookmarks
    Make sure that the Label is what you labeled it in the previous section
    Click Dump PTR
    This starts the entire process of dumping the memory for your search.
    Make a notepad file with the address thats next to the label name that you made, this is the address to your health that you found previously
    You'll notice that pointer searcher se automatically fills in the main and heap sections for you but you have to put that address in yourself
    Click on read first dump
    Change your maxdepth, offset num, and offset range to make sure you can find any pointers.
    Click on reset and search
    Now this will give you either no results(if so up the depth, num, and range), a small list of potential pointers, or a huge number of pointers.
    Redo the previous steps to add more dumps, you will have to restart the game completely to get it to move the memory around to find these.
    Then just use file on pointer searcher se to change the dmp files so you don't always have .dmp0 as the end because that will overwrite your previous one.
    This helps to narrow down the pointers.

    Testing your pointers


    Just load up Jnoexs and copy your pointer chain you found into the expression box in the tools section.
    Click on parse.
    What should happen is that it should pop up a value right next to parse.
    This should be an address, if not then move on to the next pointer until you find one that gives you an address.
    Copy the address and either go into watchlist section or memory viewer.
    If you go into watchlist, click on update so that it updates whatever the value should be.
    If you click on locked, you will lock it to that value. So if it's money or life, try to lose some and if it doesn't go down then that's the address you need.

    Taking your pointer chain and making it to a usable cheat code


    I use Simple SX OS code builder.
    Under the code builder section there are 4 subsections.

    Data
    Description: Name of code
    Address: This is your pointer chain/address from main that's static/address from heap that's static
    Also you need to change this to either Noexs format or SX OS format
    Value: This where you put whatever your value is in decimal.
    Pointer Offset: I don't use this because of the one of the next areas
    Register to be used: Goes from 0 to F

    Code Format
    Direct/Static: This means that no matter how many times you restart the game, its always that far from either heap or main
    Pointer: This means that your code has to go through multiple addresses to get to what you are looking for

    Memory Type
    Main: Usually anything found in here is static but not 100%
    Heap: Usually anything found in here is random but there are times when it may be static.

    Bytes to be written
    1 byte: 8 bit values
    2 byte: 16 bit values
    4 byte: 32 bit values
    8 byte: 64 bit values

    Type in the description what your code is named.
    Go to code format choose either direct/static or pointer
    Copy over your pointer chain and choose noexs
    Put in your value in decimal
    Choose what register to use
    Choose what type of memory
    Choose byte value to be written
    Click on Create Code and poof. Its there ready to go. Test it out and see if it works.

    There have been times when you may need to make a button activator to get your code to work. One example is Patjenova and his super Mario 3d world codes for power ups. Essentially you press a button combination and it would essentially make the code work. You can do this for almost any code you design, moon jump is a perfect example of this. Some of my codes for Lego games require a button press to work. I'll try to explain how to do this.

    It requires to start
    8xxxxxxx

    Then you add the following to that
    • 0000001: A
    • 0000002: B
    • 0000004: X
    • 0000008: Y
    • 0000010: Left Stick Pressed
    • 0000020: Right Stick Pressed
    • 0000040: L
    • 0000080: R
    • 0000100: ZL
    • 0000200: ZR
    • 0000400: Plus
    • 0000800: Minus
    • 0001000: Left
    • 0002000: Up
    • 0004000: Right
    • 0008000: Down
    • 0010000: Left Stick Left
    • 0020000: Left Stick Up
    • 0040000: Left Stick Right
    • 0080000: Left Stick Down
    • 0100000: Right Stick Left
    • 0200000: Right Stick Up
    • 0400000: Right Stick Right
    • 0800000: Right Stick Down
    • 1000000: SL
    • 2000000: SR
    So for multiple you just add them together so for L and A would be the following

    80000041
    Then add your code with pointers or main address etc

    80000041
    AAAAAAA XXXXXXXX XXXXXXXX

    To finalize the code you would need to add the 20000000 to the end.

    So it would be

    80000041
    AAAAAAA XXXXXXXX XXXXXXXX
    20000000

    There you have your button activator setup.

    Updating codes from a previous build ID


    To do this first find a code from the previous build ID to update. Usually health or lives, I usually do something easy that doesn't take as long to find.
    Once you have that, you need to do a pointer search to find the offset
    This should have the same offsets except a different offset from main so like the following

    Lives version 1.0.0
    [[[main+9785AED]]+20]+36
    Lives version 1.0.1
    [[[main+9916AED]]+20]+36

    As you see the offsets are the same except the main is a bit different
    Take 9916AED-9785AED=191000
    Between them that's how much the offset has changed
    Take another code from the previous build
    [[main+9771EDD]+10]+26 then add the 191000 to the main offset
    9771EDD+191000=9902EDD
    Put that [[main+9902EDD]+10]+26, test out that code and see if it works.
    If it does, then all you should have to do is add the new offset to previous codes to get them to work on the newest build ID
     
    Last edited by wiitendo84, May 12, 2021 at 3:45 AM
  2. matias3ds

    matias3ds GBAtemp Psycho!
    Member

    Joined:
    Oct 25, 2017
    Messages:
    3,225
    Country:
    Argentina
    Congratulations on this Amazing Tutorials Dude !!!!!

    Thanks for teaching and sharing the knoledge
     
  3. darkdreams

    darkdreams Advanced Member
    Newcomer

    Joined:
    Nov 1, 2012
    Messages:
    77
    Country:
    United States
    Thank you this was very helpful I always wanted to learn to make codes myself and this help me understand it I appreciate your help
     
    urherenow likes this.
  4. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
    Not a problem guys. Darkdreams, just keep trying. This actually makes it a bit faster than noexs and saying that, it may help make code finding a lot faster. Most of the time just keep at it. I'm still learning a few things as well. I tried my hand at ASM hacking but it definitely wasn't something that I understand. Matias3ds, I appreciate that as well. Hopefully, this can help people who couldn't get noexs up and running/working for them. It seems like TomSwitch is in the long haul for this, its helped out a lot for me and has saved a lot of time as well.
     
    Jericoss and TomSwitch like this.
  5. xMoria

    xMoria GBAtemp Fan
    Member

    Joined:
    Jan 11, 2014
    Messages:
    337
    Country:
    Spain
    Thanks a lot for your initiative doing this. This is a very welcomed information.

    Btw, I don't have the option to press + and mark my search in edizon. I think I'm using the nightly build.

    Sent from my SM-N975F using Tapatalk
     
    Last edited by xMoria, Apr 21, 2021
  6. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
    Are you using TomSwitch edizon se or just the normal nightly build of edizon?
     
    xMoria likes this.
  7. TomSwitch

    TomSwitch GBAtemp Advanced Fan
    Member

    Joined:
    Jan 10, 2019
    Messages:
    912
    Country:
    United States
    Get 3 for the price of one
    Do the for HP for one of the character. Do pointer search. Now press Rstick on the bookmark.
    You can explore around the memory and after hacking a bit you will find LP and SW
    2021042120035900-CCFA659F4857F96DDA29AFEDB2E166E6.jpg
    Next press L in memory explorer and you go up one step in the chain. Look at the screen shot below, this is a cluster of 10 pointers. Move cursor to the next pointer and press Y the R R 2021042120042600-CCFA659F4857F96DDA29AFEDB2E166E6.jpg
    Nice! look like it is another character, hack it and see what happens. Now go back and try the other pointers. 2021042120043500-CCFA659F4857F96DDA29AFEDB2E166E6.jpg
    2021042120131200-0232EF8B0DF9C573AC977C71E24DB711.jpg
    [
    SaGa Frontier Remastered
    TID: 0100A51013530000
    BID: B895F6F2C665554B

    This code is valid in battle
    Character 1 HP 999/999 LP 255/255 SW 255/255
    580F0000 03BD9E20
    580F1000 00000040
    580F1000 000000A0
    580F1000 000001B0
    580F1000 00000010
    580F1000 00000020 <= +8 next character for all 10? characters
    780F0000 00000028
    680F1000 000003E7 000003E7 <= HP current, HP after battle
    640F1000 00000000 000003E7 <= HP max in battle
    640F1000 00000000 00FF00FF
    640F0000 00000000 00FF00FF
    ]

    [Character 1 HP 999/999 LP 255/255 SW 255/255]
    580F0000 03BD9E20
    580F1000 00000040
    580F1000 000000A0
    580F1000 000001B0
    580F1000 00000010
    580F1000 00000020
    780F0000 00000028
    680F1000 000003E7 000003E7
    640F1000 00000000 000003E7
    640F1000 00000000 00FF00FF
    640F0000 00000000 00FF00FF

    [Character 2 HP 999/999 LP 255/255 SW 255/255]
    580F0000 03BD9E20
    580F1000 00000040
    580F1000 000000A0
    580F1000 000001B0
    580F1000 00000010
    580F1000 00000028
    780F0000 00000028
    680F1000 000003E7 000003E7
    640F1000 00000000 000003E7
    640F1000 00000000 00FF00FF
    640F0000 00000000 00FF00FF

    [Character 3 HP 999/999 LP 255/255 SW 255/255]
    580F0000 03BD9E20
    580F1000 00000040
    580F1000 000000A0
    580F1000 000001B0
    580F1000 00000010
    580F1000 00000030
    780F0000 00000028
    680F1000 000003E7 000003E7
    640F1000 00000000 000003E7
    640F1000 00000000 00FF00FF
    640F0000 00000000 00FF00FF
     
    Last edited by TomSwitch, Apr 21, 2021
    MagnesG, Jericoss and jhmiller like this.
  8. xMoria

    xMoria GBAtemp Fan
    Member

    Joined:
    Jan 11, 2014
    Messages:
    337
    Country:
    Spain
    How can I know? I think regular nightly.

    Sent from my SM-N975F using Tapatalk
     
  9. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
  10. darkdreams

    darkdreams Advanced Member
    Newcomer

    Joined:
    Nov 1, 2012
    Messages:
    77
    Country:
    United States
    Ok so quick question I'm able to find codes and they work for my current gameplay but how do I made the codes work on any gameplay??? Hopefully this makes sense
     
  11. xMoria

    xMoria GBAtemp Fan
    Member

    Joined:
    Jan 11, 2014
    Messages:
    337
    Country:
    Spain
    I thinks that's where pointers come in. However I don't know much about pointers.

    Sent from my SM-N975F using Tapatalk
     
  12. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
    So what you're finding are more than likely addresses in heap. Those change with each start of the game and sometimes changes with each level as well. So by using the edizon that I linked you to and the pointer searcher tool as well, it will find the chain of offsets that tell you where the address should be. It should find them but there are times when it can't find the pointers, like in the case of spyro reignited. Sometimes it may need to be found using assembly and that I am not versed in to find anything.
     
    darkdreams likes this.
  13. darkdreams

    darkdreams Advanced Member
    Newcomer

    Joined:
    Nov 1, 2012
    Messages:
    77
    Country:
    United States
    Ok thanks I was working on dead cells like I got the codes working but they don't work after I quit the game but I will do more so I can help out as much as possible with making codes ....thanks again
     
  14. ReNa23644

    ReNa23644 Newbie
    Newcomer

    Joined:
    May 5, 2021
    Messages:
    4
    Country:
    Afghanistan
    I want to write code that freeze value, but can code builder only write code that rewrites value?
     
    Last edited by ReNa23644, May 5, 2021
  15. wiitendo84

    OP wiitendo84 GBAtemp Maniac
    Member

    Joined:
    Jan 3, 2014
    Messages:
    1,164
    Country:
    United States
    Alright guys what else would be nice to have in here? I know a lot of people want to know
    It freezes the address to whatever value you put into it. Sorry if I'm not answering your question as thoroughly as you need.
     
  16. ReNa23644

    ReNa23644 Newbie
    Newcomer

    Joined:
    May 5, 2021
    Messages:
    4
    Country:
    Afghanistan
    I'm using a translator, so I'm sorry if it's hard to convey.
    Is it possible to write code that freezes a fluctuating address only while cheat is on, for example, to prevent the in-game time from advancing from the moment cheat is turned on?
     
  17. TomSwitch

    TomSwitch GBAtemp Advanced Fan
    Member

    Joined:
    Jan 10, 2019
    Messages:
    912
    Country:
    United States
    Yes you can, but it is a complex code. Find a memory you can use, use a key to save the value and another to copy it to your target. You can only do this with atmosphere. SX has no suitable command.
     
  18. ReNa23644

    ReNa23644 Newbie
    Newcomer

    Joined:
    May 5, 2021
    Messages:
    4
    Country:
    Afghanistan
    I can search for pointers, but is there a site that explains how to search for keys or paste them into a target?
     
  19. TomSwitch

    TomSwitch GBAtemp Advanced Fan
    Member

    Joined:
    Jan 10, 2019
    Messages:
    912
    Country:
    United States
    I mean key press. https://github.com/Atmosphere-NX/At...#code-type-8-begin-keypress-conditional-block. For example [L to save] [R to restore]

    First find memory address that you are confident that the game don't use. Say you hack some magic number in some memory, see that it never get changed by the game and the game works just fine. Then you write code to do the save and restore.
     
    Last edited by TomSwitch, May 6, 2021
    ReNa23644 likes this.
  20. ReNa23644

    ReNa23644 Newbie
    Newcomer

    Joined:
    May 5, 2021
    Messages:
    4
    Country:
    Afghanistan
    It's very easy to understand. Thank you very much.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - Searcher, Tutorial, Pointer