Codes
WiiRd forum
November 26, 2014, 05:08:45 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome on the new server

Update 4.3 - do NOT update!
Gecko 1.9.3.1
Should I get a USB Gecko, I wanna hack?
How do I use my USB Gecko
Where can I get WiiRd?
 
   Home   CODE DATABASE GAMEHACKING Help Search Login Register  
Pages: [1] 2 3
  Print  
Author Topic: [Tutorial]Simple ASM codes  (Read 16596 times)
Romaap
Hacker
Moderator
Legendary Member
*****

Karma: 89
Posts: 1805


WWW
« on: May 29, 2009, 02:23:19 PM »

OK, i'm a bit bored so i'll try to show you guys how to make some simple ASM codes.


Introduction to ASM
First you need to know, what is assembly?
Well, assembly is a low-level programming language. (languages like C and Java are high-level programming languages)
An example of an assembly instruction:
li  rA, value
What this does is, it tells the Wii to load value to rA. (li means 'Load immediate')

But what is rA?
rA is a register, the Wii has 31 registers.
A register is sort of a temporary space to store values, like RAM but the registers are easier to access by the CPU.

So if we have li r16, 0x14  then the Wii will write 0x14 to r16.
Another example is 'Add immidiate':
addi rD, rA, value
What this does is add value to the value at rA and store it in rD.
So if we have addi r16, r20, 0x3 and the value of r20 is 0x2 then 0x5 is stored to r16.
(This is the same as 'Subtract immediate': subi rD, rA, value)
rD is in most examples the destination register, the destination register is almost always the first register.
The other registers are not altered (in this example r20 stays 0x2).

Another example is 'Subtract':
sub rD, rA, rB
This one subtracts the value in rB from rA and store it in rD (and again, only rD is altered).
So if we have sub r16, r20, r21  and the value of r20 is 0x9 and r21 is 0x3 then 0x6 will be stored to r16.
(This is the same as 'Add': add rD, rA, rB)

The last example is 'Store word', which will store the value in a register to the RAM:
stw rS, d(rA)
This will store the value in rS to the address in rA + d.
So if we have stw r20, 100(r0)  and the value of r20 is 0xA and r0 is 0x80605040 then 0xA will be stored to 0x806050A4 (0x80605040 + 100 (0x64))
If you want to load a value from an address then you use 'Load word and Zero':
lwz rD, d(rA) which works like stw but the opposite, the value from the address in rA + d will be stored to rD.

This concludes the introduction to ASM, I hope you understand it Smiley


First you'll need the address of the thing you want to hack, like health. (If you dont know this basic stuff I recommend you to read/watch some other tutorials first)
I use Klonoa for example in this tutorial.

Health hack (using nop)
So, if you found the address of the health you right click it and press ->Breakpoint.
Spoiler for Hiden:

Go to the breakpoint tab and click the write button and click Set Breakpoint.
Spoiler for Hiden:

Now get hit in the game, the game will freeze.
Spoiler for Hiden:

WiiRd will show some numbers, the numbers in the top box are the registers.
The 2nd box shows the ASM instructions that were about to be executed.
Spoiler for Hiden:


Now go to the disassembler tab and you will see something that looks like the second box in the breakpoint tab.
Spoiler for Hiden:

In this tab you can edit the ASM instructions.
Now i'll introduce another ASM instruction: nop, wich does... nothing Cheesy It tells the CPU to just wait one cycle.
So... we have an ASM instruction that writes the health to the health address, and we know how to change instructions... and we know an instruction that does nothing...
Lets replace some instructions Cheesy
Click on the box wich has the stw intruction and replace it with nop, and click update.
Now click run and try to get hit in the game Cheesy Cheesy Cheesy no damage
So, now to make it a code: right click on the instruction and click ->gct codes
Spoiler for Hiden:

Add a new code and replace the first 80 with 04 click add code.
Spoiler for Hiden:



Simple ASM RAM Writes
Soon?

Money is worth twice its value
soon?


Please give some feedback Cheesy
If you dont understand something, or have something to add please tell me Cheesy
« Last Edit: May 18, 2010, 12:28:23 AM by Romaap » Logged
REDSOXROX
Sum Miles Christi
Hacker
Hero Member
*****

Karma: 24
Posts: 786


RSR


« Reply #1 on: June 11, 2009, 01:59:32 AM »

Hm, why has no one replied to this yet huh

It's a really good tutorial Romaap, the pictures and circles etc were done real well

Only suggestion is making the code is confusing imo if you don't know much about BPs tab

I mean explain that like 801152B8 is the value we use because its at the stw and top of list
and then we add 60000000 as second 32 bits cause it's hex for nop

Or...does the dissassembler show this? I forget Tongue
Logged

Red Sox vs. Yankees 4/4/2k10 Season Opener
Red Sox: 9 Yankees: 7 Final!
g6flavor
Hacker
Sr. Member
*****

Karma: 31
Posts: 462


« Reply #2 on: June 11, 2009, 07:43:31 AM »

What IF when you nop the Health address, it give both the Player and Enemies Infinite Health, then what do you do to make it so that it only works for the Player?
Logged
Panda On Smack
Hacker
Hero Member
*****

Karma: 39
Posts: 606


« Reply #3 on: June 11, 2009, 09:05:31 AM »

You need to find an address or register that stores who is receiving the health change and do a compare and branch
Logged
Romaap
Hacker
Moderator
Legendary Member
*****

Karma: 89
Posts: 1805


WWW
« Reply #4 on: June 11, 2009, 09:12:00 AM »

I had the same problem in Punch-Out, so i  looked at the address where the health was stored and went up a couple of addresses.
I noticed that a couple of addresses before the health address always has some ASCII text, so in my ASM code i just loaded that text, and the text for P1 was different than the text for P2, so I just used a check to see if it was the text that belongs the P1.
Logged
g6flavor
Hacker
Sr. Member
*****

Karma: 31
Posts: 462


« Reply #5 on: June 12, 2009, 04:45:55 AM »

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?
Logged
REDSOXROX
Sum Miles Christi
Hacker
Hero Member
*****

Karma: 24
Posts: 786


RSR


« Reply #6 on: June 12, 2009, 03:16:15 PM »

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?
Does this help to read?
http://class.ee.iastate.edu/cpre211/labs/quickrefPPC.html
Logged

Red Sox vs. Yankees 4/4/2k10 Season Opener
Red Sox: 9 Yankees: 7 Final!
g6flavor
Hacker
Sr. Member
*****

Karma: 31
Posts: 462


« Reply #7 on: June 13, 2009, 05:58:02 AM »

I know you guys would know what to do when you know the ASM language.I mean for people who doesn't know any programming language at all. Could you show the instructions on how to do it, With pics and stuff, something similar to the above tutorial?
Does this help to read?
http://class.ee.iastate.edu/cpre211/labs/quickrefPPC.html
It helped for understanding what those functions are, but it still doesn't have the clues on how to make a code that works only on the player's side, instead of on both the Player's and the CPU's side
Logged
Almas
Jr. Member
**

Karma: 12
Posts: 83


« Reply #8 on: June 14, 2009, 05:50:17 PM »

Some innovation comes in useful here.

Find the location of the data being modified by the ASM code. If both you and the CPU are using the same code, it makes me think that there will be two different data values - one for you, and one for him.

Perform multiple read/write breaks on each of these locations, comparing the values of the registers each time. You should rapidly notice some patterns. Depending on how in-depth you want to go, you could create a simple register check, or try and follow a pointer tree to get a more elegant data value (e.g. there should be a location in the player's memory describing if they are being controlled by a human or a computer).
Logged
Cory321
Newbie
*

Karma: 0
Posts: 29


« Reply #9 on: August 03, 2009, 06:10:41 PM »

Thanks Romaap! Cheesy

THIS NEEDS TO BE MOVED TO THE COLLECTIVE!! Wink

I hope you update it, because I want to know how to do the double money codes!  Smileyface
« Last Edit: August 03, 2009, 06:21:40 PM by Cory321 » Logged

Romaap
Hacker
Moderator
Legendary Member
*****

Karma: 89
Posts: 1805


WWW
« Reply #10 on: August 03, 2009, 10:43:26 PM »

I'm glad you like it Cheesy
I'm sorry I haven't updated it for a while, i have been busy lately.
Logged
Romaap
Hacker
Moderator
Legendary Member
*****

Karma: 89
Posts: 1805


WWW
« Reply #11 on: December 03, 2009, 07:25:35 PM »

updated Smiley
added: introduction to assembly

I hope i didn't make any mistakes and i hope you like it Smiley
Logged
Codyk
Hacker
Sr. Member
*****

Karma: 18
Posts: 254


« Reply #12 on: December 07, 2009, 02:13:30 AM »

nice tutorial romaap even though ive never hear of ASM coding i under stood it after reading it the first time lol i think ill give this a try in lator code i might just do this to few codes i got already it would probley make them a little better
Logged

for updates of codes ive released or am going to release follow my twitter http://twitter.com/12201


Romaap
Hacker
Moderator
Legendary Member
*****

Karma: 89
Posts: 1805


WWW
« Reply #13 on: December 25, 2009, 11:05:16 AM »

Did you read this?
Logged
shark2003
Hacker
Sr. Member
*****

Karma: 24
Posts: 365


« Reply #14 on: February 18, 2010, 01:24:28 AM »

Thanks Romaap..I understand this tut just fine..I made my first simple ASM code..I dont know why I never looked at this before...hopefully I'll learn some more...

Post Merge: February 18, 2010, 05:42:48 AM
Romaap...give us more...I really want to learn some more advanced stuff like how to make the C2 type codes.... Smiley

Post Merge: February 18, 2010, 04:08:03 AM
I did it..I did it..woohoo...my first ASM Moon Jump Code.... Grin
« Last Edit: March 16, 2010, 09:20:21 PM by shark2003 » Logged

No matter where you go...there you are...
Pages: [1] 2 3
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!