| Welcome, Guest |
You have to register before you can post on our site.
|
| Forum Statistics |
» Members: 424
» Latest member: ScyHigh
» Forum threads: 1,470
» Forum posts: 8,346
Full Statistics
|
| Online Users |
There are currently 63 online users.
» 0 Member(s) | 61 Guest(s)
Bing, Google
|
| Latest Threads |
Make it to 10,000
Forum: General Discussion
Last Post: Vega
11 hours ago
» Replies: 2,725
» Views: 1,956,506
|
No Lightning Flash [Anari...
Forum: Offline; Item
Last Post: TheNinjaKingOW
06-28-2022, 11:50 PM
» Replies: 2
» Views: 3,097
|
Fun Fact about Broadway
Forum: Hacking General Discussion
Last Post: Vega
06-28-2022, 01:00 AM
» Replies: 0
» Views: 61
|
A blast from the past
Forum: General Discussion
Last Post: Fzerowii
06-24-2022, 10:01 PM
» Replies: 2
» Views: 108
|
Accurate Item Roulette [C...
Forum: Online; Item
Last Post: KartPlayer
06-22-2022, 06:50 PM
» Replies: 3
» Views: 2,493
|
VR/BR assigned to Guest M...
Forum: Online Non-Item
Last Post: Unnamed
06-22-2022, 07:21 AM
» Replies: 0
» Views: 91
|
Coding Questions and othe...
Forum: Code Support / Help / Requests
Last Post: Hackwiz
06-19-2022, 04:36 PM
» Replies: 116
» Views: 28,959
|
Gain/Lose XX Amount of VR...
Forum: Online Non-Item
Last Post: TheNinjaKingOW
06-17-2022, 02:05 PM
» Replies: 2
» Views: 181
|
Track Music SpeedUp on Fi...
Forum: Visual & Sound Effects
Last Post: Melg
06-10-2022, 10:06 PM
» Replies: 2
» Views: 458
|
Late Trick Bot [Vega]
Forum: Offline Non-Item
Last Post: Vega
06-06-2022, 02:47 PM
» Replies: 0
» Views: 209
|
|
|
| Hybrid Drift [Ismy] |
|
Posted by: TheIsmy64 - 01-21-2022, 04:21 PM - Forum: Offline Non-Item
- Replies (1)
|
 |
I've been working on this code for a while. Basically, if you select Automatic Drift in the menu, you can both drift automatically and manually during the same race (one excludes the other, you can't do both at the exact same time, though). Whenever the player isn't drifting, the default mode is Automatic Drift, so wheelie nudging is possible without losing speed.
Only known issue is that the camera kinda freaks out when you release a manual drift, but it's not too distracting (on bikes it's worse than on karts).
Showcase on rDKM Time Trials:
https://cdn.discordapp.com/attachments/7...t_Clip.mp4
Shoutouts to CLF78 and stebler for helping me with Ghidra, documentation and with some ASM stuff.
NTSC-U
C2572568 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C2572AA8 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C2577744 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C25777B4 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C25778A4 00000003
540006F7 4082000C
38000000 900301C8
60000000 00000000
C2577B60 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C2577F54 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C25783F4 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C258E284 00000006
807E0004 70630084
4182001C 887E0017
706300EF 987E0017
887E0004 706300EF
987E0004 7FC3F378
60000000 00000000
0058DCEA 00000020
0458E23C 60000000
PAL
C2578dcc 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C257930c 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C257dfa8 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C257e018 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C257e108 00000003
540006F7 4082000C
38000000 900301C8
60000000 00000000
C257e3c4 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C257e7b8 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C257ec58 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C2594aa8 00000006
807E0004 70630084
4182001C 887E0017
706300EF 987E0017
887E0004 706300EF
987E0004 7FC3F378
60000000 00000000
0059450e 00000020
04594a60 60000000
NTSC-J
C257874C 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C2578C8C 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C257D928 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C257D998 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C257DA88 00000003
540006F7 4082000C
38000000 900301C8
60000000 00000000
C257DD44 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C257E138 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C257E5D8 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C2594428 00000006
807E0004 70630084
4182001C 887E0017
706300EF 987E0017
887E0004 706300EF
987E0004 7FC3F378
60000000 00000000
00593E8E 00000020
045943E0 60000000
NTSC-K
C2566E24 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C2567364 00000006
819C0000 818C0000
818C0014 818C0000
818C0004 2C0C0002
4182000C 38000000
48000008 80030014
60000000 00000000
C256C000 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C256C070 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C256C160 00000003
540006F7 4082000C
38000000 900301C8
60000000 00000000
C256C41C 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C256C810 00000004
80030014 540C04A5
4182000C 60000010
90030014 80030004
60000000 00000000
C256CCB0 00000004
80040014 540C04A5
4182000C 60000010
90040014 80040004
60000000 00000000
C2582B00 00000006
807E0004 70630084
4182001C 887E0017
706300EF 987E0017
887E0004 706300EF
987E0004 7FC3F378
60000000 00000000
00582566 00000020
04582AB8 60000000
Code: ################################
# [1] Always check drift input #
################################
# nop @0x80594a60 PAL
#############################
# [2] Manual Drift Enabling #
#############################
# Inject @0x80594aa8 PAL
# PlayerSub1c is in r30
# Load bitfield 0 and check if we're trying to hop/we're manually drifting already
lwz r3, 0x4(r30)
andi. r3, r3, 0x84
beq- end
# If we are, then clear the drift mode bit in bitfield 4
lbz r3, 0x17(r30)
andi. r3, r3, 0xEF
stb r3, 0x17(r30)
# And the automatic drift bit in bitfield 0
lbz r3, 0x4(r30)
andi. r3, r3, 0xEF
stb r3, 0x4(r30)
# Original Instruction
end:
mr r3, r30
##############################
# [3] Manual Drift Disabling #
##############################
# [3.1, 3.2] #
##############
# Inject @0x8057dfa8, @0x8057e7b8 PAL
# PlayerSub1c is in r3
# Check if we selected Manual Drift on the menu
lwz r0, 0x14(r3)
rlwinm. r12, r0, 0, 18, 18
beq end
# Set the drift mode bit in bitfield 4
ori r0, r0, 0x10
stw r0, 0x14(r3)
# Original Instruction
end:
lwz r0, 0x4(r3)
###################
# [3.3, 3.4, 3.5] #
###################
# Inject @0x8057e018, @0x8057e3c4, @0x8057ec58 PAL
# PlayerSub1c is in r4
# Check if we selected Manual Drift on the menu
lwz r0, 0x14(r4)
rlwinm. r12, r0, 0, 18, 18
beq end
# Set the drift mode bit in bitfield 4
ori r0, r0, 0x10
stw r0, 0x14(r4)
# Original Instruction
end:
lwz r0, 0x4(r4)
########################################
# [4] Do updateManual if outside drift #
########################################
# Inject @0x8057930c, @0x80578dcc PAL
# PlayerSub10 is in r28
# r12 is safe
# Check if we're an inside drifting bike or not
lwz r12, 0(r28)
lwz r12, 0(r12)
lwz r12, 0x14(r12)
lwz r12, 0(r12)
lwz r12, 0x4(r12)
cmpwi r12, 2
beq end
# If we're not, load a dummy number to skip the next bne
li r0, 0
b end2
# Else, do the Original Instruction
end:
lwz r0, 0x14(r3)
end2:
#########################
# [5] Outside Drift fix #
#########################
# Inject @0x8057e108 PAL
# PlayerSub10 is in r3
# Original Instruction
rlwinm. r0, r0, 0x0, 0x1b, 0x1b
bne end
# If we're on manual, fix our angle
li r0, 0
stw r0, 0x1C8(r3)
end:
################################################################
# [6] Set unused bit 13 in bitfield 4 for Manual Drift Support #
################################################################
# 00 @0x8059450e PAL 00000020
|
|
|
| Prediction Removal [Stebler] |
|
Posted by: Vega - 12-24-2021, 03:20 PM - Forum: Online Non-Item
- No Replies
|
 |
Prediction Removal [Stebler]
NTSC-U
0488D610 3F800000
PAL
04891B28 3F800000
NTSC-J
04891178 3F800000
NTSC-K
0487FF30 3F800000
Code creator: Stebler
|
|
|
|
| Change Min VR/BR Limit [Unnamed] |
|
Posted by: Unnamed - 12-12-2021, 09:46 AM - Forum: Incomplete & Outdated Codes
- No Replies
|
 |
Change Min VR/BR Limit
NTSC-U (untested)
02528E06 0000XXXX
02528E0E 0000XXXX
0261C3DE 0000XXXX
0261C3E6 0000XXXX
02834AAE 0000XXXX
02834AB6 0000XXXX
0283A79E 0000XXXX
0283A7A6 0000XXXX
0261C46E 0000XXXX
0261C476 0000XXXX
02834B1A 0000XXXX
02834B22 0000XXXX
0283A882 0000XXXX
0283A88A 0000XXXX
PAL
0252D27A 0000XXXX
0252D282 0000XXXX
0264F6F2 0000XXXX
0264F6FA 0000XXXX
0285653E 0000XXXX
02856546 0000XXXX
0285C22E 0000XXXX
0285C236 0000XXXX
0264F782 0000XXXX
0264F78A 0000XXXX
028565AA 0000XXXX
028565B2 0000XXXX
0285C312 0000XXXX
0285C31A 0000XXXX
NTSC-J (untested)
0252CBFA 0000XXXX
0252CC02 0000XXXX
0264ED5E 0000XXXX
0264ED66 0000XXXX
02855BAA 0000XXXX
02855BB2 0000XXXX
0285B89A 0000XXXX
0285B8A2 0000XXXX
0264EDEE 0000XXXX
0264EDF6 0000XXXX
02855C16 0000XXXX
02855C1E 0000XXXX
0285B97E 0000XXXX
0285B986 0000XXXX
NTSC-K (untested)
0251B2D2 0000XXXX
0251B2DA 0000XXXX
0263DA0A 0000XXXX
0263DA12 0000XXXX
028448FE 0000XXXX
02844906 0000XXXX
0284A5EE 0000XXXX
0284A5F6 0000XXXX
0263DA9A 0000XXXX
0263DAA2 0000XXXX
0284496A 0000XXXX
02844972 0000XXXX
0284A6D2 0000XXXX
0284A6DA 0000XXXX
XXXX = new minimum VR/BR limit in hex, Example: XXXX = 1388 (5000)
Code Creator: Unnamed
|
|
|
|
| Coding Questions and other Quandaries |
|
Posted by: Hackwiz - 12-05-2021, 11:44 PM - Forum: Code Support / Help / Requests
- Replies (116)
|
 |
Howdy all,
I have encountered something I’ve never seen before while hacking, perhaps you can shed some light as to what is going on.
The game I am hacking is “Anima- Ark of Sinners.” (USA) Wiiware.
Specifically, I am looking for an infinite health code.
The address for the protagonist’s [Celia] health changes every time the game is booted. This can usually be hacked using ASM, but in this case, it appears the address the actual game code itself is stored at, changes as well.
- I started a new game, and when I took control of Celia, with a full health bar, created a save state.
- I found her health address to be at: 91D31454 000000C8
- The return on breakpoint when taking damage: 80E9AA08 stw r3, 0x0014 (r29)
- So I re-wrote the code like this:
80E9AA08 stw r3, 0x0014 (r29)
li r11, 0xC8
lis r12, 0x91D3
stw r11, 0x1454(r12)
Works great until one of four things happen:
1) I deactivate the code and allow Celia to die.
2) Celia falls to her death.
3) A new area of the game is entered.
4) The game is rebooted, and my save state is not used.
In any of these cases, her health address changes, and the address where the store command is changes also.
I have let her die 5 times and ran a BP on all the new health addresses and came up with a new address where the store command is every time e.g.
80E9AA08 stw r3, 0x0014 (r29) r29 = 91D31440
80E##### stw r3, 0x0014 (r29) r29 = 9#######
80E##### stw r3, 0x0014 (r29) r29 = 9#######
80E##### stw r3, 0x0014 (r29) r29 = 9#######
80E##### stw r3, 0x0014 (r29) r29 = 9#######
What gives?????
If anyone wants to check it out, the quick way to her health is a word search on 000000C8
You’ll get 5** returns.
Take a hit from an enemy and do a decreased value search. You’ll end up with 2 or 3 returns.
It’s pretty obvious which one it is.
Looking forward to your insight!
HW
|
|
|
|
| Hello!!!! |
|
Posted by: Hackwiz - 12-05-2021, 01:51 PM - Forum: Introductions
- Replies (2)
|
|
First off, thanks for all the awesome tutorials/guides Vega. Reading the programming guide could be a bit perplexing, but your examples on how the commands are used made it easy to understand. At the same time, it made it easier to understand the programming guide as well
I would say that in the last year I have went from mid-beginner to mid-intermediate level in hacking skills.
Also, I haven't really done any hacking on MKWii. I mostly hack on games that have no existing codes.
With that in mind, I hope I am welcome to ask questions about hacking, on games I may be currently working on, (I've got a doosey).
If so, where is the appropriate place to ask?
Glad I found this site to feed my addiction lol.
Btw, brilliant registration system!!!!!
|
|
|
|
|
![[Image: JO7sjKY.png]](https://i.imgur.com/JO7sjKY.png)
