Jump to content
  • 0

How do I Patch This?

PwnzLPs

Asked by PwnzLPs,

 Share

Question

PwnzLPs Collaborator

PwnzLPs

Posted
Posted

Hi!

 

I know I've posted a lot in q and a in the last few days, but this one I haven't figured out yet, and I've been trying to so it for weeks now.

 

So, I know I'm pretty new to assembly hacking, which is probably why I can't figure it out.

 

I've been trying to patch this ASM hack by Jason777 for a while now, and can't figure out how to. Can someone please help? If you could that would be awesome.

 

.ORG 0x801064B0 J 0x80600000 .ORG 0x80600000 LUI AT, 0x8016 # AT = 0x80160000 LW K1, 0xE664(AT) # Load word @ 0x8015E664 into K1 BNE K1, R0, CLeft # If word @ 0x8015E664 = 0x0000001, Jump to "CLeft" routine LUI A3, 0x8060 # Delay Slot; A3 will be used for Jump Returns B Exit # In case you are Adult Link, exit routine NOP CLeft: # C-Left; 0x80600018 LUI GP, 0x0002 # GP = C-Left Value LB K1, 0xE6C9(AT) # K1 = Item equipped to C-Left B Check # Unconditional branch to "Check" routine ADDIU A3, 0x0025 # Delay Slot; A3 = 0x80600028 CBottom: # C-Bottom; 0x80600028 LUI GP, 0x0004 # GP = C-Bottom Value LUI AT, 0x8016 # AT = 0x80160000 LB K1, 0xE6CA(AT) # K1 = Item equipped to C-Bottom B Check # Unconditional Branch to Check Routine ADDIU A3, 0x0014 # Delay Slot; A3 = 0x8060003C CRight: # C-Right; 0x8060003C LUI GP, 0x0001 # GP = C-Right Value LUI AT, 0x8016 # AT = 0x80160000 LB K1, 0xE6CB(AT) # K1 = Item equipped to C-Right B Check # Unconditional branch to "Check" routine ADDIU A3, 0x0014 # Delay Slot; A3 = 0x80600050 Exit: # Exit; 0x80600050 MOVE GP, R0 # Clear GP MOVE AT, R0 # Clear AT ADDIU K1, R0, 0x0AAA # Restore K1 back to 0x00000AAA ADDIU A3, R0, 0x0003 # Restore A3 back to 0x00000003 JR RA ADDIU T2, R0, 0x2000 # Delay Slot; Restore T2 back to 0x00002000 Check: ADDIU AT, K1, 0xFFFD # 0xFFFFFFFD = -0x03 () BEQ AT, R0, Arrow NOP ADDIU AT, K1, 0xFFFC # 0xFFFFFFFC = -0x04 (Fire Arrows) BEQ AT, R0, Fire NOP ADDIU AT, K1, 0xFFFA # 0xFFFFFFFA = -0x06 (Slingshot) BEQ AT, R0, Sling NOP ADDIU AT, K1, 0xFFF4 # 0xFFFFFFF4 = -0x0C (Ice Arrows) BEQ AT, R0, Ice NOP ADDIU AT, K1, 0xFFEE # 0xFFFFFFEE = -0x12 (Light Arrows) BEQ AT, R0, Light NOP JR A3 # Jump to next C-button check or Exit routine (address in A3) NOP Arrow: LUI AT, 0x8016 # AT = 0x80160000 LW AT, 0x6AF0(AT) # AT = Buttons currently pressed AND AT, AT, GP # AT &= GP BNE AT, R0, BowSetup # If button value stored in GP is pressed, branch to FixDisplay ADDIU AT, R0, 0x0002 # Delay Slot; AT = Regular Arrow Spawn (0x0002) JR A3 # Else, jump to next C-button check or Exit routine (address in A3) NOP Fire: LUI AT, 0x8016 # AT = 0x80160000 LW AT, 0x6AF0(AT) # AT = Buttons currently pressed AND AT, AT, GP # AT &= GP BNE AT, R0, BowSetup # If button value stored in GP is pressed, branch to FixDisplay ADDIU AT, R0, 0x0003 # Delay Slot; AT = Fire Arrow Spawn (0x0003) JR A3 # Else, jump to next C-button check or Exit routine (address in A3) NOP Ice: LUI AT, 0x8016 # AT = 0x80160000 LW AT, 0x6AF0(AT) # AT = Buttons currently pressed AND AT, AT, GP # AT &= GP BNE AT, R0, BowSetup # If button value stored in GP is pressed, branch to FixDisplay ADDIU AT, R0, 0x0004 # Delay Slot; AT = Ice Arrow Spawn (0x0004) JR A3 # Else, jump to next C-button check or Exit routine (address in A3) NOP Light: LUI AT, 0x8016 # AT = 0x80160000 LW AT, 0x6AF0(AT) # AT = Buttons currently pressed AND AT, AT, GP # AT &= GP BNE AT, R0, BowSetup # If button value stored in GP is pressed, branch to FixDisplay ADDIU AT, R0, 0x0005 # Delay Slot; AT = Light Arrow Spawn (0x0005) JR A3 # Else, jump to next C-button check or Exit routine (address in A3) NOP Sling: LUI K1, 0x0602 # K1 = 0x06020000 ADDIU K1, K1, 0x8048 # 0x06020000 + 0xFFFF8048 = 0x06018048 (Slingshot FPS) LUI T2, T2, 0x0602 # T2 = 0x06020000 ORI T2, T2, 0x21A8 # T2 = 0x060221A8 (Slingshot String) LUI AT, 0x8016 # AT = 0x80160000 LW AT, 0x6AF0(AT) # AT = Buttons currently pressed AND AT, AT, GP # AT &= GP BNE AT, R0, FixDisplay # If button value stored in GP is pressed, branch to FixDisplay ADDIU AT, R0, 0x0009 # Delay Slot; AT = Deku Seed Spawn (0x0009) JR A3 # Else, jump to next C-button check or Exit routine (address in A3) NOP BowSetup: LUI K1, 0x0603 # K1 = 0x06030000 ADDIU K1, K1, 0xFE80 # 0x06030000 + 0xFFFFFE80 = 0x0602FE80 (Bow FPS) LUI T2, T2, 0x0603 # T2 = 0x06030000 B FixDisplay # Unconditional branch to "FixDisplay" routine ORI T2, T2, 0x0490 # Delay Slot; T2 = 0x06030490 (Bow String) FixDisplay: LUI GP, 0x8012 # GP = 0x80120000 SW K1, 0x5F3C(GP) # Store FPS display list pointer in K1 @ 0x80125F3C SW T2, 0x6144(GP) # Store String display list pointer in T2 @ 0x80126144 LUI GP, 0x8017 # GP = 0x80170000 JR A3 # Jump to next C-button check or Exit routine (address in A3) SH AT, 0x8232(GP) # Delay Slot; Store Projectile Spawn Actor variable in AT @ 0x80168232
Link to comment
Share on other sites

10 answers to this question

Recommended Posts

  • 0
â–²ChriisTiianâ–² Collaborator

â–²ChriisTiianâ–²

Posted
Posted

Use Renegade64, then compile you ASM hack, and then, the aw3s0m3 GS Code Patcher of Jason777!

... or find every memory addresses in Nemu64 Memory Viewer, search the memory sector of the RAM addresses in ROM and write the code...

 

This is what i do with my codes... (also, i create a tool "RAM2ROM" to get the RAM addresses in ROM, but AFAIK it doesn't work for all GS Codes :_) .

Link to comment
Share on other sites
  • 0
Jason777 Mentor

Jason777

Posted
Posted

That hack would actually not work with the patching method I came up with. This is due to... laziness on my part. I could come up with something better when I have more time.

 

The routine which patches gameshark codes to memory is loaded at 0x80600000 and the arrow hack utilizes that memory. This would basically overwrite the gameshark patching routine and produce garbage.

Link to comment
Share on other sites
 Share
Go to question listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept