Toggle sidebar

Hacking Pushmo/Pullblox QR codes analyzed

  • Thread starter Thread starter celcodioc
  • Start date Start date
  • Views Views 12,420
  • Replies Replies 59
  • Likes Likes 3
elisherer said:
vashgs said:
Snip*
Click to expand...
The maximum name is 16 letters meaning 32 bytes (in unicode) so the rest of the 'buffer' is unknown...sometimes it's says 'Pushmo 1' or 2 or 'Pullbox 1'...sometimes just gibberish...
Click to expand...

The rest of the buffer is simply grabbed from the stack, meaning if you change the name twice you can 'fix' the data (which I already said above). It's not unknown, I already told you what it is haha. We already have the format figured out. Trust me, it's just a buffer taken straight from the stack, so change the name twice and it'll be easier to fix the data and figure out the checksum algo ;-) You're welcome.

EDIT: If you're still unconvinced, play around in the GUI for a little bit, then save a new Pushmo. Sometimes you'll catch the name of images or textures left on the stack still, after the name of your Pushmo. It's interesting to see what you can find!
 
vashgs said:
elisherer said:
Who are 'we'?
Click to expand...

Just my team :-) Don't worry about it, we're not stepping on your toes with a level editor or anything. I'm quite interested in seeing what develops of your project!
Click to expand...

This is quite condecending, if you could help us why woudn't you? I for instance don't have so much free time to work on this. if you could speed up the progress feel free to contribute.
 
  • Like
Reactions: 1 person
Couple of things: 1) I have already helped you. 2) You haven't asked for help nor have you stated what parts you're having difficulty with (things seem to be progressing rather quickly by the looks of it). 3) Our projects don't exactly "align" so what interests me may not be helpful to you.
 
vashgs said:
Couple of things: 1) I have already helped you. 2) You haven't asked for help nor have you stated what parts you're having difficulty with (things seem to be progressing rather quickly by the looks of it). 3) Our projects don't exactly "align" so what interests me may not be helpful to you.
Click to expand...
I ment your insinuation that you figured everything out already and waiting for us to figure it out ourselves...
I appreciate your hints but actual information would help even more :)
 
So you guys are able to modify/add game levels for Pushmo using custom QR codes? Thats pretty neat :D I may get the game, it looked interesting ^^

On another note: Hmm able to create stages for a game.... I remember a certain system that was hacked by a custom stage ;3
 
CortalRage said:
On another note: Hmm able to create stages for a game.... I remember a certain system that was hacked by a custom stage ;3
Click to expand...
I don't think it could be done the same way with Pushmo...

still though, if someone would like to prove me wrong.... go ahead.
 
When I have the format completely figured out, algorithms and all, I'll be glad to make a post much like this one. Right now I only have the information I need for the project we're working on, which happened to include some useful information for you :-). I did not mean to be rude. I apologize. We do mostly have the format figured out, but it seems you have all of the information you need anyway.

EDIT: oh no! They're onto us ;-) patience, friends...
 
vashgs said:
When I have the format completely figured out, algorithms and all, I'll be glad to make a post much like this one. Right now I only have the information I need for the project we're working on, which happened to include some useful information for you :-). I did not mean to be rude. I apologize. We do mostly have the format figured out, but it seems you have all of the information you need anyway.

EDIT: oh no! They're onto us ;-) patience, friends...
Click to expand...
That's ok, thanks for the help :)
 
Just figured out what the unknown coordinate values really are... you may already know this though.


The first byte, a.k.a. "Unknown0" is the object's unique ID. The flag has an ID of 0x00, the first pullout switch has an ID of 0x01, the second pullout switch has an ID of 0x02 etc, up to 0x14, the last manhole.
The second one, "Unknown1", is a link ID. Manholes with the same link IDs (0x00 - 0x40) link to each other. Pullout switches also have link IDs that range from 0x00 to 0x90, but I don't know what they're used for... if they're even used.
 
that's cool.. i'll update it later today...
I kindof figured out that the uint32 before the last FF block is the protection. 0x6 means locked and 0x4 means unlocked. (just by looking at lots of bin files).

We still need those 0xE bytes after the string... some are constant some may change...it's like a bitstring...

EDIT: plus the palette seems to be 256 colors and not 128 as i mentioned. because some file has values above 0x80...
so the RETRO palette is also in the general palette probably sequential like BASIC1 & BASIC2...
I'll look it up later...
 
First hacked Pushmo level:

crc_test2.jpg


Lol, not much, but it shows that it's clearly a hacked level.
 
  • Like
Reactions: 2 people
When I try to "read from Image" or "write from image" the program crashes. Probably because I haven't loaded a .bin though...
EDIT: when I load either .bin from the OP's post, it says Corrupted Pushmo binary.
 
vashgs said:
First hacked Pushmo level:

crc_test2.jpg


Lol, not much, but it shows that it's clearly a hacked level.
Click to expand...
Definitely a hacked level because it is impossible to complete.

While this is a hell of an accomplishment from a hacking standpoint, I worry the trolls out there could create impossible levels just to piss people off and spoil the fun of the game. Oh well, I think more good will come of this than bad.
Great job man!
yay3ds.png


gallery_262855_65_45300.jpg
 
  • Like
Reactions: 1 person

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Homebrew  [Progress update] LCE Minecraft 3ds

Gaming  any good rpgs on 3ds?