ROM Hack Resident Evil Revelations 1 & 2 Research

[rdavis0688]

Unfortunately this requires dumping the cart so I can read the ASM. Since Revelations 2 is a digital only game, that's not going to happen right now. I need to search the homebrew scene and see what I can find.

 

[Aroc]

Short Question, the Checksum is not just crc32 at 0x08? Splatoon2 uses that there (+ Splatoon uses CMAC and AES, but meh)

For your Research - You didnt specify the Weapon-ID for the Class Rocket Launcher. I guess its only one, "0x00 - Rocket Launcher" ?

Also, as i told you in the PM, it didnt understood how the Slots are filled.

Anyway, added Loading of Weapons and Parts-Data here, will add Edit Weapon as soon i know the Slots too:

https://iaroc.github.io/residenEvilRevelations1/

 

[Aroc]

Short push here, i updated it. It works now complete, Weapon-Edit with all the Parts & Options that where listed by rdavis.

If anyone got more Offsets, feel free to tell me, else have fun with the current weapons

 

[rdavis0688]

So while Aroc was rocking his way to making an editor, I've been trying to figure out how to edit Revelations 2. If you're willing to work on things with your own exploits, there's one solution I've found. Good ol' memory editing. There's a program called NSwitchDebugger which requires you to have a custom kernel to load temporarily, a whole bunch of files, and a game of choice.

Basically search for the value you want, change it after the search takes a while (It seems like it would run on forever, I don't think it does, but it's fairly quick on finding gold in rev2.) and then use "Repeat search" afterwards and it'll be much faster as it's working off your hits from before (Just like Cheat Engine)

So while I regret to say I can't create a way to edit the save (it uses an internal checksum and the steps for replicating the verification are a bit out of my league), I can link you to an editor for memory that should be able to help out some.
http://games24.blog.fc2.com/blog-entry-374.html is the link to the editor. Not sure if allowed to link it, mods, please feel free to remove it or tell me and I'll take it down.

What you do is download the files in the order it tells you (Google Translate does a good enough job that you can kind of get what they mean. Copy them over, RCM smash using the payload it tells you (CTCaer 3.2) - I found it easier to put it with the other kernels and rename it to payload.bin and the old one to original.bin. That way you can just use the batch/bash files for your OS and Architecture.

So far I've been able to successfully change gold, and I'm about to attempt level, then skillpoints. Since nothing else is gained with leveling up, I don't have to worry about "stats". After that, all I have to figure out is how to memory edit in mods I want, or probably start farming.

Thanks for riding along with me, the blog entry is my way of saying "This is the end for Revelations 2", and we have a fancy editor for Revelations 1 thanks to @Aroc who deserves thanks for making it easy to edit a save. With that, I think I'm done on this thread, but it's more work than I'd seen on the board, so I'm content.

 

[rdavis0688]

Just to show that NSwitchDebugger works:



It's a little slow but still significantly faster than grinding to 100. Everyone has skills as inheritable too so far. I've only done Claire, Barry, and Moira, but it works.

That should be my last update really unless anyone has any questions.

 

[dsrules]

Just to show that NSwitchDebugger works:

View attachment 136225

It's a little slow but still significantly faster than grinding to 100. Everyone has skills as inheritable too so far. I've only done Claire, Barry, and Moira, but it works.

That should be my last update really unless anyone has any questions.

could you write a tutorial for NSwitchDebugger? like how to load it and how to search value while you are in game

 

[rdavis0688]

could you write a tutorial for NSwitchDebugger? like how to load it and how to search value while you are in game

Their site tells you. But, sure.

• Put your switch into RCM mode using the method of your choice.
• Rename payload.bin to something like 'original.bin', rename hekate_CTCaer_###.bin to payload.bin place it in the same folder as your original payload.bin.
• Connect your switch to your computer.
• Use the boot appropriate for your architecture, and if you did it right, you should be on a new firmware loading screen.
• Click Power to load firmware.
• Select "NSwitchDebugger kip"
• Open up your game and find your value that you want, make sure you're in a place where it won't be changed too frequently (for example a menu screen)
• Hit the home button.
• Select "Album"
• Select "NSwitchDebugger" - Now this program crashes if you go too fast, and sometimes likes to crash on it's own. I'm not responsible for any lost data you might run into, you're the one doing this, remember that.
• Select the application by looking for the ID that matches up with the ID from Checkpoint (should also be called Application, or something close to it).
• Hit X to perform a memory search.
• Using the left and right keys to change the hex offset while building the entire byte chain, set the value to what you're looking for, and in general how many bytes you think it is. (4 bytes is a good start, perhaps 2 bytes. Depends on the value. You have to determine this, a good rule of thumb is if you can't get to your value with the bytes you're at now, bump it up a level and try again.)
  • This is not the easiest task, as you need to know the hex value and as you get into large numbers, it's tough to figure them out. Fortunately, Windows Calculator has a Programmer mode where you can put in the decimal and it'll tell you the value in Big Endian, which is what the search reverses to find your value. So type in your DEC value, get your HEX value, and put it in exactly as it says on the calculator. The "dec" section of the search should match your value.
• Hit A
• Hit whichever button is new search (X I think, I'm not at my switch)
• Leave it for a little while, if you encounter a Switch error screen, you waited too long, 5-10 minutes is generally good.
• Hit home after that time, and go back to your game. Change the value you're searching for.
• Hit home again, and go back into NSwitchDebugger.
• Again, find your title, open the debugger on it, and hit X to search.
• Enter the *new* value.
• Hit A
• When it asks what kind of search you want to do, hit "Repeat Search"
• If you're lucky it'll find one hit and that's your offset for memory for your value. If you find a few, make sure they're not all duplicates as different things reference the same values.
  • If you find many non-duplicate values, go back to your game and change the value again, then follow the same steps using "Repeat Search"
• Hit A on the hit.
• Hit A to open up the hex editor.
• Enter the value that you think it should be using Windows Calculator's Programmer mode, make sure it matches your decimal value in both calculator and the switch.
• Hit A
• Once it says it's written the data, hit home and go back to your game.
• The value may need to be updated on the UI so you may need to close a menu or buy something, etc. If you had found the right value, it may even have changed when you get back in game.
• If it didn't work, you picked an offset that has the same value as what you're searching for. Try again.

Using this I've been able to get Claire, Barry, and Moira to level 100 with 9999 skill points. I'm working on others now.

Good luck.

-- Lana

 

[dsrules]

Their site tells you. But, sure.

Thanks, the only game I got uses bar (health bar) , not exact number, guess will have to wait until they add Unknown Search to it

 

[KeyZiro]

If something like TCPGecko is released for the switch i'll help, i already played around the Wii U version

 

[Deleted User]

No bans wont occur. I've modded my save over on the PS4 and no bans. Level 255 characters with Level 100 infinite rocket launcher with Full Burst is the best

 

[HheuerZzhang]

R2 with checksum, you can do some tiny modify, e.g. exchange the upper byte with the lower byte, it will still pass the checksum
to make it more clear.
if XP/Money = 10 C7 AD F3, you can modify it to F3 C7 AD 10, it will pass the check sum, but actually turning the value out, much bigger !!

 

[amith]

Just to show that NSwitchDebugger works:

View attachment 136225

It's a little slow but still significantly faster than grinding to 100. Everyone has skills as inheritable too so far. I've only done Claire, Barry, and Moira, but it works.

That should be my last update really unless anyone has any questions.

Can u please share the save file for rev 2 tried hex editing but no luck
The process mentioned above is harder for me, i know its harder to share the save file considering the job u have done to make it work Try to share the save file many will enjoy your work Thank You...

 

[soaresden]

Short Question, the Checksum is not just crc32 at 0x08? Splatoon2 uses that there (+ Splatoon uses CMAC and AES, but meh)

For your Research - You didnt specify the Weapon-ID for the Class Rocket Launcher. I guess its only one, "0x00 - Rocket Launcher" ?

Also, as i told you in the PM, it didnt understood how the Slots are filled.

Anyway, added Loading of Weapons and Parts-Data here, will add Edit Weapon as soon i know the Slots too:

https://iaroc.github.io/residenEvilRevelations1/

This is awesome !

It kinda work for me ... The loading file is just fine but it loads all property to 0 :/
I edit some stuff and it freeze the game at the weapon menu.
i think it's because of conditionnal parts (like Bind 2 is only for Shotguns and Ak and Magnums ... that kind of stuff)

 

[rdavis0688]

Can u please share the save file for rev 2 tried hex editing but no luck
The process mentioned above is harder for me, i know its harder to share the save file considering the job u have done to make it work Try to share the save file many will enjoy your work Thank You...

I'm sorry, I don't feel comfortable sharing my save files in case any meta data is in there and suddenly a ton of "Lana"s pop up all over in game. If you can't learn it, I don't know what to tell you. The process is surprisingly easy once you get it down.

Besides, I don't even have enough completion medals yet.

Sorry but no dice.

 

[amith]

I'm sorry, I don't feel comfortable sharing my save files in case any meta data is in there and suddenly a ton of "Lana"s pop up all over in game. If you can't learn it, I don't know what to tell you. The process is surprisingly easy once you get it down.

Besides, I don't even have enough completion medals yet.

Sorry but no dice.

No problem all i want is campaign mode infinite ammo in rev 2 is it possible can u share the hex value for it and for rev 1 campaign mode infinite ammo cant find it anyware the above mentioned codes for rev 1 is working for raid mode

 

[daijobu]

Their site tells you. But, sure.

• Using the left and right keys to change the hex offset while building the entire byte chain, set the value to what you're looking for, and in general how many bytes you think it is. (4 bytes is a good start, perhaps 2 bytes. Depends on the value. You have to determine this, a good rule of thumb is if you can't get to your value with the bytes you're at now, bump it up a level and try again.)
  • This is not the easiest task, as you need to know the hex value and as you get into large numbers, it's tough to figure them out. Fortunately, Windows Calculator has a Programmer mode where you can put in the decimal and it'll tell you the value in Big Endian, which is what the search reverses to find your value. So type in your DEC value, get your HEX value, and put it in exactly as it says on the calculator. The "dec" section of the search should match your value.

-- Lana

Hi Lana, thanks so much for your guide! The SP edit worked wonderfully, but I'm having a hard time trying to mod the characters' level. One character was 68, and after the initial new search, leveled her up to 69, went to the debugger and found 12 results. So I went back into the game and only managed to level up to 70 after 3 matches. But when I went back to debugger, the thing has been reset (it was no longer on 69 like when I went back after the first attempt). This happened all the times as I tried editing levels for different characters to no avail. Some of the low level characters's search also took forever, maybe because the digit is too low. Can you tell me what bytes should I search for these single digit level like 3 or 6?
I restarted the search on 70, and found 9 results after leveling up, so I just edited the result, but nothing changed.
Do you have any tips for changing the levels? Thanks a lot!

 

[KeyZiro]

Just found some offsets for RER 1

PB : [main+14cd088] + 130
Selected level : [main+14cd088] + 160
Selected Character : [main+14cd088] + 148

0x80011210 value for Jill Underwater suit

0x80011200 for Chris Underwater suit

 

[rdavis0688]

Hi Lana, thanks so much for your guide! The SP edit worked wonderfully, but I'm having a hard time trying to mod the characters' level. One character was 68, and after the initial new search, leveled her up to 69, went to the debugger and found 12 results. So I went back into the game and only managed to level up to 70 after 3 matches. But when I went back to debugger, the thing has been reset (it was no longer on 69 like when I went back after the first attempt). This happened all the times as I tried editing levels for different characters to no avail. Some of the low level characters's search also took forever, maybe because the digit is too low. Can you tell me what bytes should I search for these single digit level like 3 or 6?
I restarted the search on 70, and found 9 results after leveling up, so I just edited the result, but nothing changed.
Do you have any tips for changing the levels? Thanks a lot!

For changing the level I generally do the following:

• Search for their initial level (ex. 1 since I just unlocked Cipher)
• Wait til I have about 250,000 results.
• Level up.
• Search for 2 using a "Repeat Search"
• if I get more than a few hits, I'll usually go back and level up the character again.
• Search for 3 using a "Repeat Search"
• If I have 3/4 hits, I'll make them all 64 (100) and it'll make the character 100.
• Remember to do something to force a save. Main Menu, etc.

Even if the values in the search (that you're searching for, not hits) are 0, you can still change them and repeat the search. That's just a convenience thing it seems on the second search. So, keep doing repeat search until you get down to 3-4 hits and then edit all of them to 100.

Hopefully that helps!

 

[soaresden]

R2 with checksum, you can do some tiny modify, e.g. exchange the upper byte with the lower byte, it will still pass the checksum
to make it more clear.
if XP/Money = 10 C7 AD F3, you can modify it to F3 C7 AD 10, it will pass the check sum, but actually turning the value out, much bigger !!

Any news on how this checksu:security works ?

I tried with my money value
1- Saw how much money i had in game
2- checkpoint and saved
3- search for integer in HXD and found
4- changed the like you said : the first and the last (even used excel and HEXDEC function to make sure it was more)
5- saved the remade dat
6- transfer and restore the modded one
7- not working (corrupt at the beginning.)

I tried compare before and after changes on the files but can't find any changes except the money value...

 

[rdavis0688]

Any news on how this checksu:security works ?

I tried with my money value
1- Saw how much money i had in game
2- checkpoint and saved
3- search for integer in HXD and found
4- changed the like you said : the first and the last (even used excel and HEXDEC function to make sure it was more)
5- saved the remade dat
6- transfer and restore the modded one
7- not working (corrupt at the beginning.)

I tried compare before and after changes on the files but can't find any changes except the money value...

You can't really compare the before and after files because the internal checksum on the save makes sure the save file is right. If you make a change, unless it's in the one or two bytes to swap, then it likely will fail the checksum. More importantly I've found it's a lot easier to use NSwitchDebugger. Give it a shot and search for your values in the debugger after starting the game, then go back to the game and change the value and put in the new exact value. After a few tries if you did it right, you'll be able to change your money in the debugger rather than on the save file. No need to worry about checksum security when you're just skipping it. I listed a guide on how to use it previously in the thread. Give it a shot.