Post subject: finding useful addresses?
Joined: 7/12/2016
Posts: 8
does anyone have any tips for finding useful addresses in games? i like putting together basic lua scripts to keep information onscreen in a numerical and easy to follow manner. (bizhawk,1.11.6) im currently messing with mmx3 (Eu) on the PS side of things (might switch to jp later) and ive found a few such as 0CB97C || charge sound effect *all these need to be active to play the sound 0D8528 [] X/Zero Hp counter 0CB9F4 || charge sound effect * 0CB9FC || charge sound effect * 0D1185 || left speaker volume 0D1187 || right speaker volume 0D1304 | freezing this screws with the sounds. charging sfx sounds like shotshotshotcshot repeat. 0D90B0 [] a 4 byte value. the first byte handles charging. starting from 14(20)up to a max of C9(201). with an unarmored x, it just keeps going and loops over and over again. the second handles dash jumping. with a non 0 value, you are in the jump dash state. the third appears to be a dashing flag. the 4th handles x/z character state like 01 = movement. grounded, etc what ive been doing was looking in the ram search and just checking values at random looking for things that changed on minute actions and things, and dumping it in ram watch when i wanted to poke a value to see what it did. what i want to know is, does anyone have any more efficient ways of finding addresses or narrowing down the search for certain things? im looking for ways to for instance, keep a charge meter as a single byte and print it to the screen, but all i found was a 4 byte address meaning in addition to that, there was other garbage data printed after it (not to mention it doesnt stop if you dont have the arm part for x). meters for weapon energy would be nice too,
Skilled player (1742)
Joined: 9/17/2009
Posts: 4985
Location: ̶C̶a̶n̶a̶d̶a̶ "Kanatah"
If it helps, I know some games such as the spongebob games I TASed had all the enemy data clumped together in fixed offsets, so once you found information on 1 NPC, as long as you know the offset of the other ones, you pretty much found them all. Here's the code for the lua script for that game, and the part that displays all NPC x/y/hp
--The enemies (mostly based on MUGG's Wario land 2 script :P) 
      for i = 0x03005608, 0x03005928, 160 do 
         if memory.readbytesigned(i) ~= 0 and memory.readbytesigned(i+4) ~= -1 then 
               local id = memory.readbytesigned(i) 
               local x = memory.readwordunsigned(i+88) 
               local y = memory.readwordunsigned(i+92) 
               gui.text(x+9, y, id .."("..memory.readbyte(i+7)..")") 
               gui.text(x, y+7, "X:"..memory.readdwordsigned(i+36)) 
               gui.text(x, y+14, "Y:"..memory.readdwordsigned(i+40)) 
         end 
      end 
Edit: By the way, same happens for the player; addresses related to the player tend to all clump together. Try and open the Hex Edit and poke around the X/Y addresses you already found. :)
Joined: 7/12/2016
Posts: 8
just making sure im getting this right, by finding one, the rest are generally close to each other? like on this page http://tasvideos.org/GameResources/SNES/MegamanX/Data.html 7E0D3F: Enemy 1 HP 7E0D7F: Enemy 2 HP 7E0DBF: Enemy 3 HP 7E0DFF: Enemy 4 HP 7E0E3F: Enemy 5 HP ive yet to find the ps port equivalents, but these ram address's are all increments of 40 in hex apart from each other as the example you posted below is 0x03005608, 0x03005928, 160 do +160 +160x2 (from 3005608) 3005768==>3005928 im grasping at straws here as im still relatively new at lua syntax. like im not sure where i+88 or i+92 came from (the number, not variable. im having derp moments trying to guess if the number is meant to determine where its drawn or if its some value found ingame to match with a certain npc or whatnot.)
Skilled player (1742)
Joined: 9/17/2009
Posts: 4985
Location: ̶C̶a̶n̶a̶d̶a̶ "Kanatah"
Mochithecat wrote:
just making sure im getting this right, by finding one, the rest are generally close to each other? like on this page http://tasvideos.org/GameResources/SNES/MegamanX/Data.html 7E0D3F: Enemy 1 HP 7E0D7F: Enemy 2 HP 7E0DBF: Enemy 3 HP 7E0DFF: Enemy 4 HP 7E0E3F: Enemy 5 HP ive yet to find the ps port equivalents, but these ram address's are all increments of 40 in hex apart from each other as the example you posted below is 0x03005608, 0x03005928, 160 do +160 +160x2 (from 3005608) 3005768==>3005928 im grasping at straws here as im still relatively new at lua syntax. like im not sure where i+88 or i+92 came from (the number, not variable. im having derp moments trying to guess if the number is meant to determine where its drawn or if its some value found ingame to match with a certain npc or whatnot.)
Sorry for the late reply, but the i+numbers are offsets. The addresses for that particular game are in set locations, and all of them are neatly ordered with the same differences between 2 address. For your case, you should probably find at least 2 enemy addresses (try searching greater than 0, then hit them once and search for less than previous value) then compare the difference between the 2. Say for example one is at 0x4000000 and the other at 0x40000FF. The difference between the 2 is 0xFF, so try adding/subtracting that against them and see if the resulting address also corresponds to a different enemy.