Difference between revisions of "Invalid Text Command"

From Terranigma Wiki
Jump to navigation Jump to search
(Created page)
 
m (Improved method.)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
The game uses a jump table to call the various text commands that are in the game but it never checks if they are valid, so any invalid commands jumps to whatever offset is found at the offset in the jump table.
== Explanation ==
The game uses a jump table to call the various text commands that are in the game but it never checks if they are valid, so any invalid commands jump to whatever offset is found at the offset in the jump table.
   
   
In our example we use 0xE9 which quite quickly leads to the buttons and then we can just hold a certain combination to jump to our code in SRAM.
In our example we use 0xF2 which leads to the code at the start of the SRAM.
 
At the start of the SRAM whatever code is present will be executed.</br>
We prepared some code that fixes the string in the save file so it won't crash again and set the final day flag and then just save the game.</br>Now the second save file will forever directly go to the credits.
 
== Instructions ==
This is currently not possible to do on console alone and needs a prepared SRAM.</br>
You need to prepare some payload at the start of the SRAM.
   
   
Buttons:
# Change one of the Player's names in the save file to F2 D4
*Player 1: Select + left
# Update the checksum of the save file
*Player 2: Select + Y
# Wait till the opening starts and press any button to get to the save menu
*Player 3: L
# Your code should have been executed
# Press reset
There whatever code is present is being executed, we prepared some code that fixes the string in the save file so it won't crash again and set the final day flag and then just save the game.
# Load the modified save file
# Enjoy the credits
Now the second save file will forever directly go to the credits.


Example: [https://www.youtube.com/watch?v=PuIgQYwE254 View]
Example: [https://www.youtube.com/watch?v=PuIgQYwE254 View]

Latest revision as of 13:12, 10 July 2022

Explanation

The game uses a jump table to call the various text commands that are in the game but it never checks if they are valid, so any invalid commands jump to whatever offset is found at the offset in the jump table.

In our example we use 0xF2 which leads to the code at the start of the SRAM.

At the start of the SRAM whatever code is present will be executed.
We prepared some code that fixes the string in the save file so it won't crash again and set the final day flag and then just save the game.
Now the second save file will forever directly go to the credits.

Instructions

This is currently not possible to do on console alone and needs a prepared SRAM.
You need to prepare some payload at the start of the SRAM.

  1. Change one of the Player's names in the save file to F2 D4
  2. Update the checksum of the save file
  3. Wait till the opening starts and press any button to get to the save menu
  4. Your code should have been executed
  5. Press reset
  6. Load the modified save file
  7. Enjoy the credits

Example: View

Retrieved from "https://www.terranigma.be/index.php?title=Invalid_Text_Command&oldid=1019"