Forgot password?
login to retroachievements.org:
User: 
Pass: 

Howto find memory addresses for the GBA games from RAW codes

AuthorMessage

SamuraiGoroh
Posted: 25 Jan, 2016 23:07
Last Edit: 26 Jan, 2016 00:10
If you ever wonder how RetroAchievements works you'll find out that it tracks the behaviour of specific memory addresses in order to trigger achievements. Cheat codes do something similar, they freeze specific memory addresses so that you can be invincible or have infinite lives, so mention some examples...

Some cheat devices will not use encryption (RAW codes), like Action Replay (PAR for the SNES, AR for some other devices), and somewhat Code Breaker (for the GBA) in some extension. This tutorial will be based on CB codes in specific, but remember that is similar for other platforms with unencrypted codes.

GBA memory addresses used are either contained in IRAM (Internal RAM) or WRAM (Work RAM). If you open the memory viewer on the emulator (menu->Tools->Memory Viewer...) you can take a look at them. Opening RA's Memory Inspector is a bit different (the offset) and here's why:

IRAM starts on address 0x03000000 and has a size of 0x8000. These appear first on the Memory Inspector. This means that the highest address ever would be located at 0x03007FFF.
WRAM starts on address 0x02000000 and has a size of 0x40000. These appear AFTER the IRAM, hence why they will be shifted +0x8000 when you look at them on the Memory Inspector. This means that the highest address ever would be located at 0x0203FFFF.


Lets take a look at (which at the point of posting this is the most popular GBA game played here). Here's a cheat page that has some CB codes for this game. We'll be interested in those cheats that start with 32..., 33..., 42..., 43..., 82... or 83... Others will likely won't work as will have some encryption in it.
http://gamehacking.org/game/4110/?name=&format=cb

Lets take this one as example:

All Abilities
82013392 FFFF
32013394 00FF

When the cheat starts with 8, it means that the size of the address (how big its value can be) occupies 2 Bytes. When the cheat starts with 3, then it occupies only 1 Byte (hence why value starts with 00 on the 2nd row). So, if you were to open the Memory Viewer, you'll take out the first digit (or change it to 0, which is the same) and then jump to the address (02013392). If you edit the first 3 Bytes to FF, then you'll indeed have all abilities. However while the value works, is not the correct one. With simply just 0x11 you'll have the same results. So take values (and the addresses too) in cheat pages with a grain of salt.





Lets take another example:

All Enemy Data
420133A0 FFFF
00000017 0002

What the code does here is that every 0x02 will fill the address with 0xFFFF & will continue doing it for 0x17 times. It starts at 020133A0, which in the Memory Inspector is located at 0x01b3a0 (remember, you take out the 2 and add 0x8000: 020133A0-> 0x0133A0 + 0x8000 = 0x01b3a0). You can then grab the next address, which would be 020133A2 and repeat the process and so on...




Again, remember that while the codes may work, some times they don't use the exact values needed. In here, only the first 14 Bytes actually work, the other 10 may do something else or nothing at all. So is always best to monitor or edit the addresses to find out if they do what you think they will.

github.com/Ensiss/pokebot/wiki/GBA-Memory-Map
gamehacking.org/system/gba

SamuraiGoroh
Posted: 16 Jun, 2017 01:39
Last Edit: 16 Jun, 2017 01:48
Albeit there is no GBA, this tool lets you convert Game Genie codes into RAW ones for other systems (NES, SNES, Genesis, GB/GG) & and you use RAW codes directly (unlike the GBA where you need to know in which bank it is in order to add a shift)

http://www.d.umn.edu/~bold0070/projects/game_genie_codes/javascript_game_genie_encoders-decoders.html

Credits to for the link

login

login to retroachievements.org:
User: 
Pass: 
or create a new account