(Link to AcmlmWiki) Offline: thank ||bass
Register | Login
Views: 13,040,846
 Main | Memberlist | Active users | Calendar | Chat | Online users
Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album 		06-01-24 04:30 PM
Acmlm's Board - I3 Archive - - Posts by Guy Perfect
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
User Post
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-20-06 10:03 PM, in Odd Moments with Visual BASIC 6 Link
VB can do that too, HyperHacker. Just debug the compiles instead of doing its little "run mode"
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-24-06 12:31 AM, in General Super Mario 64 hacking / TT64 Progress thread Link
I can inform you with my experience on the F-Zero X editor that making a GUI is a snap once you have the underlying program setup complete and everything works with itself internally. While you will have to create a system where various user controls can interact with each other, the task itself is relatively simple and takes very little time.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-25-06 02:37 PM, in Noob in VB 6 Link
In any programming language, the most fundamental way to read data from and write data to files is to open the file for Binary access and use a buffer.

The Open statement is what is used in VB to open a file. You can open a file for Read, Write, or Read Write, depending on what you need to do. The Close statement will end interactions with the file. In the example below, I used Read Write, but change it if you only need to do one of those two: 

Open "File.dat" For Binary Access Read Write As #1
    'Your file I/O code goes here
Close #1

The #1 that I used is VB's way of automagically keeping track of open files. It can be, for the sake of learning, any whole number 1 or greater. You can also use a variable name here. The FreeFile function will return the lowest file number that is not currently in use, so you can Variable = FreeFile: Open "File.dat" For Binary Access Read Write As Variable if you need to.


The buffer is an array of any type you choose, but ROM hacking almost exclusively uses an array of Bytes. It's typically best to use a dynamic array and resize it depending on what you need to do. You'll have to do some research on what I'm about to show you, but this is just a basic example... so to speak. This will create an array of bytes, open a file, resize the array to the size of the file, and load the entire file into the array: 

Dim Buffer() As Byte, FileLen As Double

Open "File.dat" For Binary Access Read As #1 'Open for Read only
    FileLen = LoF(#1) 'Get the size of the file in number of bytes. LoF = Length of File

    'We can't assign 0 elements to an array, so this check is required
    If FileLen > 0 Then
        ReDim Buffer(1 To FileLen) As Byte 'Resize the array
        Get #1, 1, Buffer 'Get the data from file #1, starting at byte 1, into Buffer
    End If
Close #1

The statement of choice in that example is the Get statement, which reads a number of records from a file. When you open the file for Binary, the record size is always the number of bytes. If you open the file for Write or Read Write, you can use the Put statement, which works in the same way, except it writes the contents of the array to the given location in the given file.

Important:
In most programming languages, the first byte in a file is indexed as 0, but in variants of BASIC, such as Visual Basic, it's indexed as 1.


Do some research on the Open, LoF, ReDim, Get, Put and Close procedures for a greater understanding of techniques used with file I/O.

If you have any questions after that, go ahead and ask.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-26-06 12:26 AM, in General Super Mario 64 hacking / TT64 Progress thread Link
Just tried it. You can get back into the tunnel after vanishing when you grab the Power Flower. The water level in the first part of the stage is still where it was, though: all the way at the bottom. My camera kept focusing on the reflection in the screen as opposed to the DS's picture. Regardless...



As you can see, I'm standing there looking up at the water.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-26-06 12:55 AM, in General Super Mario 64 hacking / TT64 Progress thread Link
Yup, I just tried that too. You forgot to mention that you have to do a triple jump at an angle to get high enough on the side to do a few wall jumps to get up to the water. But once there, it was just like normal. Again, swimming through the tunnel ended up making the water disappear and Mario dropped to the ground and started running again.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-30-06 12:43 AM, in VB6 Overflowing NES rendering... Link
Silly HyperHacker. Always looking for something mean to say about VB.

No, VB is not buggy in that regard. Numeric literals in most BASIC variants take the data type of the smallest type required to hold the value. The expression &HFFFF is 16 bits, which fits in an Integer variable. Since the Integer data type is signed, it will yield a -1.

Explicitly typecasting the literal with the & character for the Long data type, thusly writing it as &HFFFF&, will yeild a 65535.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 04-30-06 04:50 PM, in VB6 Overflowing NES rendering... Link
Originally posted by Arthus
OK, here is the function that it's calling:
LShift = (lThis And &H7FFFFFFF) \ m_lPower2(lBits) Or m_lPower2(31 - lBits)
And the bolded is what's causing the error.

Ooh! Ooh! I know the answer! The largest data type that Visual Basic can do bitwise operations on is a 32-bit, unsigned value. That means that saying "A = B And 4294967296#" will cause an overflow error because 4294967296 is larger than the 32-bit unsigned maximum of 4294967295.

I've looked long and hard and have not found any option or function that will circumvent this shortcoming. The only way to do bitwise operations on data that requires more than 32 bits is to use a different programming language like C or FreeBASIC.

The And operation looks okay, since &H7FFFFFFF is 32 bits, but that Or might be causing problems depending on the value of your operands.

Remember that the Integer Division operation \ has higher operator precedence than Or
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-01-06 05:00 PM, in VB6 Overflowing NES rendering... Link
Arthus:
Use the PSet method to draw individual pixels as opposed to the Line method.

Disch:
VB is only as stupid as the one who insults it.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-02-06 10:17 PM, in Wi-Fi Connection Hacking Link
As promised, the F-Zero X editor is essentially ready for public release and now I'm beginning to work on reverse-engineering the Nintendo Wi-Fi Connection stuff coming out of various Nintendo DS games.


The way I am going about doing this involves a Linux machine equipped with some networking hardware and some simple configuration. The configuration in question is something that Windows cannot do (it can, but you'll probably never see it): Master mode. Master is nothing more than the recieving node on an Infrastructure network.

Using a Cisco PI21AG wireless card and the MadWiFi driver, I was able to get a Master node hooked up to the Linux machine. Working with IP forwarding and some iptables configuration with DHCP servicing, I was able to get Nintendo DS units to connect to the Linux box in order to connect them to the internet.

Working with iptables again, I redirected all traffic coming in from the wireless card to my other computer, regardless of where they were originally destined for. Programming a utility that the DS units can communicate with, I have the starts of a network passthrough that I can use to capture packets as they go to and from Nintendo's servers.


Original tests determined that the first connectivity made is the Nintendo DS unit making a Joe-average HTTP request to Joe-average TCP port 80. This is what the DS sends from Metroid Prime Hunters: 

GET / HTTP/1.0
Host: conntest.nintendowifi.net
Connection: close

Opening a connection to conntest.nintendowifi.net on TCP port 80, I forwarded that data to the server to see what came back. This is how the server responded: 

HTTP/1.1 200 OK
Date: Tue, 02 May 2006 22:58:10 GMT
Server: GameCube
Last-Modified: Tue, 07 Mar 2006 15:53:42 GMT
ETag: "c9c3-f6-40e69a5bfad80"
Accept-Ranges: bytes
Content-Length: 246
NODE: wifiappe2, wifiappe2
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
    
<head>
		<title>HTML Page</title>
</head>

<body bgcolor="#FFFFFF">
This is test.html page
</body>
    
</html>

It's apparent by looking at the response that there's not a lot of information there. Most likely, this is just used for the DS to be aware that the server is there and able to respond. The fact that the request was made with HTTP 1.0 is indicative that the server is designed to reject requests from present-day browsers, which use HTTP 1.1 by default. This is understandable, since the HTML page returned is less than informative.

Of interest is that ETag header, which is nothing more than a hex-encoded string of unknown significance. This may prove to be useful later, but right now it's a mystery.

Server could be either the server name or system. I wouldn't put it past Nintendo to host Wi-Fi Connection on GameCube hardware. NODE is also unknown. wifiappe2 appears to be some kind of identifier, but I don't know its significance as of yet. There are two of them, which leads me to believe that there are two distinct services available and they're currently both hosted by the same server. This leads me to believe that wifiappe2 is possibly part of the domain name of the server.


After the HTTP request comes back, the DS sends a second piece of information to TCP port 443. I'll have to set up some logging on the Linux box, 'cause I don't know where it's supposed to go. conntest.nintendowifi.net is not accepting requests on that port, so a log is required to find out the intended IP destination of the host.

Regardless of that, the information being passed is a mystery as well. The DS sends a short, 52/53-byte bit of data to the mystery server, and the significance of this data is unknown as well. To make matters worse, the data, seemingly random, becomes significantly different each time a connection to WFC is made. This may be encryption based off of a timer, or it might simply be random data. Whatever the case, the data is not known. Here's the output from two runs:

Round 1; May 02, 2006, 6:14:50 PM CDT 
000000  16 03 00 00 2F 01 00 00  2B 03 00 44 57 A5 13 5F  ..../...+..DW.._
000010  A2 6A B6 69 45 39 7A 1D  AE 83 6A 12 9E 24 6E 9E  .j.iE9z...j..$n.
000020  6B 64 20 A0 9F 58 AB 27  F7 CE BE 00 00 04 00 04  kd ..X.'........
000030  00 05 01 00 00                                    .....

Round 2; May 02, 2006, 6:13:47 PM CDT 
000000  16 03 00 00 2F 01 00 00  2B 03 00 44 57 A1 4D AD  ..../...+..DW.M.
000010  10 23 0E 31 4D C6 F3 81  54 61 A0 85 61 13 C2 40  .#.1M...Ta..a..@
000020  D9 33 DA A2 06 BC 47 03  BA EA 78 00 00 04 00 04  .3....G...x.....
000030  00 05 01 00                                       ....

The data at the beginning and end of those two chunks is identical, but the stuff in between is all over the place. Nothing is consistant with any of the information I know about the system, so exactly what's going on here is a mystery. The MAC address of my DS isn't relayed. The Wi-Fi Connection ID may be in there, but I'll have to get home and on my DS to check that out.


Does anyone have any ideas of what might be sent in this last little packet here? Or perhaps where it's going? I can find that one out easily, but I would still like to know the significance of the data.

Questions and comments will be appreciated.

(edited by BGNG on 05-02-06 09:17 PM)
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-02-06 11:52 PM, in Wi-Fi Connection Hacking Link
After some iptables logging, I was able to trace the port 443 host as nas.nintendowifi.net. This is apparently the default server for my game; possibly the North American default, possibly the global default.

When the data came in, my passthrough failed. I have some buggy, slap-together code put up at the moment for testing, but it looks like I'll have to carefully design a good system to work with.

The data that managed to get through, however, was promising. Amongst the jumble of garbage, the following can be read in a text viewer:

Washington
Nintendo of America Inc
Nintendo CA
ca@noa.nintendo.com
Redmond
Nintendo Wifi Network
nas.nintendowifi.net
OpenSSL Generated Certificate


How 'bout that, huh? OpenSSL, right there in plain view. Just like Alchemic said. Thanks for the tip, Alchemic. I'll be heading into SSL as soon as I get that new passthrough programmed.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-03-06 02:32 PM, in Recursive compression; finding the best match Link
I've been considering various possibilities as to how to find the best matches, and I came across an idea when I was making the F-Zero X editor.

To save space, I re-use any course names and descriptions that are used more than once. For example, "Mute City - Figure Eight" and "Mute City - Starlight Theater" both have "Mute City" as their name, so I can just write that data to the ROM once and point both track names to it.

However, what if you have "Mute City" and "Big Mute City"? "Mute City" gets written to the ROM, then I come across "Big Mute City" and say "Well, no other course prior to this has this name, so I'll write it to the ROM as well."

Thing is, the data already written to the output file could have been pointed to the middle of "Big Mute City"... Just because the first part of the second string doesn't match any part of the first string doesn't mean the first string doesn't match part of the second.

Try to apply this to MIO0. It may lead to the answer you're looking for.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-04-06 11:43 AM, in General Super Mario 64 hacking / TT64 Progress thread Link
What I did for the F-Zero X editor was have a "click and drag" setup in a different part of the program where you could use the mouse to move control points without dealing with fancy 3D junk. In the picture below, the green rectangles are "click and drag" areas, where they will change the approperate values when you... well, when you click and drag.

Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-04-06 06:50 PM, in VB6 Overflowing NES rendering... Link
Default is 0. If you say something like "Dim Array(5) As Integer" then the indexes will be 0 through 4.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-05-06 02:30 PM, in VB6 Overflowing NES rendering... Link
Yeah, there's also a lot of places that think "Dim X, Y, Z As Integer" will create three Integer variables when it will actually create one Integer and two Variants. Another thing to watch out for.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-05-06 04:51 PM, in General Super Mario 64 hacking / TT64 Progress thread Link
Go ahead and use the click-and-drag, VL-Tone.

The vertical control in the Coordinates frame in that screenshot I posted is actually the Y modifier and the big square is XZ. The default camera angle for the editor is a top-down approach, so that makes it more similar to what appears to move on-screen.

If I understand you correctly, your idea for coordinates is the same as the camera rotations in your fly-by demo... where it moves faster the farther from the center it is. I highly discourage doing things this way, as I've found with the fly-by demo that it's a real nasty thing when you're trying to do precision things.

I recommend having the dragging motion itself move the coordinates. And if you're not dragging, there's no movement... and so forth.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-06-06 06:02 PM, in Uniracers Link
Not sure. Though Uniracers is one of my all-time favorites...

Try browsing around in the archive. You can find said archive at:
http://board.acmlm.org/archive/
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-08-06 03:58 PM, in whats the point of making an fzero x track editor Link
You've been very inconsiderate, Strangler. Why question what project someone else has chosen to undertake? The heavens have seen their fair share of Super Mario Bros. mods. Why don't you go ask what's the point in making another one?

The truth is, the Expansion Kit cannot be emulated by consumers at this time and the ROM features many abilities for tracks that the Expansion Kit does not. Add a better interface with more options and mouse control, and you have some very hefty reasons why to create an F-Zero X editor.

Attached to this post is an image of the Beta 3.0 release of the editor (which is not available to the public, so don't request it). Beta 3.0 is almost identical to the Public Release 1.0, which will be hitting internet shelves on June 21.

Attachments

Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-08-06 06:07 PM, in whats the point of making an fzero x track editor Link
Well, it isn't available, as Yoronosuku said, so that's one good reason to not be releasing it right now. And there are no plans for charging. Where in the world did you get that idea?
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-08-06 08:58 PM, in whats the point of making an fzero x track editor Link
Yup. With this editor, you can make courses with no ROM present. As for dumping the Expansion Kit, you would have to have the ROM(s), an emulator, and a controller at hand all time. This editor only requires a USB flash drive.
Guy Perfect









Since: 11-18-05

Last post: 6314 days
Last view: 6313 days
Posted on 05-09-06 01:07 AM, in General Super Mario 64 hacking / TT64 Progress thread Link
If you're concerned with maximum pixel dimensions, you might try making various parts of the editor exist in their own windows. Again, I'm not trying to make your editor more like mine, but I've encountered the same issues and the F-Zero X editor is my explination of how to deal with them.

This is a picture I uploaded to a post in a different thread, so the thumbnail is the Acmlm-generated one. Click it for a larger version. This is a view of what the F-Zero X editor looks like with various windows floating about. Each of them can be closed, and the 3D preview can be resized:





EDIT:
Skreename, Acmlm's board falsely reports an extra page when all of the posts for one page have been filled. For example, if your account is configured to show 10 posts per page, then the board will improperly show an extra, blank page when the most recent page has all 10 posts.

(edited by BGNG on 05-09-06 12:09 AM)
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Acmlm's Board - I3 Archive - - Posts by Guy Perfect


ABII

Acmlmboard 1.92.999, 9/17/2006
©2000-2006 Acmlm, Emuz, Blades, Xkeeper

Page rendered in 0.067 seconds; used 452.51 kB (max 581.64 kB)