I'm using cracker's trainer making guide, there are a few things which I do not understand. I'm trying to make a YGO WC 2007 trainer. A message from cracker: The 'C0000000' code tells DipStar where to place the training function at -- 0x21b0000 in this case. The 'F' code tells DipStar where to patch a jump to the function at. This is many times at the end of a function dealing with button presses. So basically what you need to do is look for an area around 0x20A0004 in the disassembled source and see if there is a spot where you could inject your own code to manually load the value into the address: mov r0,#0x5f00000 add r0,r0,#0x5e000 add r0,r0,#0xff mov r1,#0x2100000 add r1,r1,#0x10000 add r1,r1,#0x3E0 str r0,[r1,#+0x4] However, I cannot find these addresses in the TXT file, anyone could further elaborate on his message?