Interesting observations #3 TheZZAZZGlitch 2022-09-27 | Another compilation of small, weird, glitchy things, that didn't make it into a video otherwise. Some of them are new discoveries. Some of them are just obscure things that are already documented. But all of them are interesting!Chapter timestamps, to avoid Google putting their autogenerated bullcrap in0:00 Intro0:07 Completing the Dex without leaving Pallet Town4:54 CFC4 freeze equivalent in Yellow6:29 Number 152 seen but nothing caught crash7:13 Bicycle music transition glitches10:24 Memory corruption caused by glitch encounters in GS11:20 Correction on STOP opcode11:54 Meta stuff
Pokémon Red/Blue - analysis of basic crash types TheZZAZZGlitch 2022-06-29 | We all know that Generation I is glitchy, and the game might crash as a result of all that glitchiness. Turns out, there are a lot of patterns in the types of crashes you can encounter. Let's investigate!
TheZZAZZGlitchs April Fools event 2022 - the results! TheZZAZZGlitch 2022-04-21 | Event site: zzazzdzz.github.io/fools2022All event-related links in user messages transcribed:docs.google.com/spreadsheets/d/1Bco2q7_PMtXr4MOYt-Zv1gIrjFQUS0NKJTDtphYnUhttps://eldred.fr/fools2022https://blog.muzuwi.dev/posts/2022/04/10/fools2022https://s.tranck.ovh/zLoa-kgLhttps://s.tranck.ovh/gLIQjw4Agitlab.com/vriska/fools2022github.com/Kuruyia/zzazz2022github.com/Darkshadows9/TheZZAZZGlitch2022Eventbit.ly/3LTaA7tgithub.com/EuniverseCat/CTF-Writeups/tree/main/ZZAZZ/2022
[APRIL FOOLS] Pokémon Emerald - 4 4s true cry equivalent effect in Generation III TheZZAZZGlitch 2022-04-01 | Reproduction of this effect back from 2018:youtube.com/watch?v=pvj38BqPoq0Save file download and instructions:zzazzdzz.github.io/fools2022thezzazzglitch.itch.io/fools2022
Pokémon Mystery Dungeon - deconstructing the dungeon generation algorithms TheZZAZZGlitch 2021-07-05 | Along my childhood games, there is still a Pokémon game that I haven't ruined by overanalyzing it. This will change today! The details behind Pokémon Mystery Dungeon map generation are surprisingly simple, so let's quickly examine them...
TheZZAZZGlitchs April Fools event 2021 - the results! TheZZAZZGlitch 2021-04-17 | Event site: zzazzdzz.github.io/fools2021All event-related links in user messages transcribed:https://s.stranck.ovh/Y8mRtnTZgithub.com/Darkshadows9/TheZZAZZGlitch2021Bruterforcergithub.com/Muzuwi/fools21
[APRIL FOOLS] Pokémon Red/Blue - New unused map discovered! TheZZAZZGlitch 2021-04-01 | A new unused map has been found!Check out this post for more information:zzazzdzz.github.io/fools2021
Pokémon Red/Blue - glitch items: the detailed analysis TheZZAZZGlitch 2021-02-02 | Everyone knows about glitch items, and how some of them can be used for arbitrary code execution. But ACE is stealing all the glory from smaller, arguably more interesting glitch items in the game. Let's take a detailed look into all of the glitch items in English Red/Blue!
Interesting observations #2 TheZZAZZGlitch 2020-08-31 | Sometimes I find something that doesn't deserve its own video, but it's interesting enough that it should be seen. Now I got enough of these small discoveries to make a short compilation.Explanation of the "Missingno. is trying to learn" effect:archives.glitchcity.info/forums/board-107/thread-7518/page-0.html#msg200772Truecrycoin miner (Windows only):Install Python 3 for Windows.Download truecrycoins.zip from sites.google.com/site/thezzazzglitchUnzip somewhere with write access.Get a US Pokémon Yellow ROM and save it inside the "helpers" directory as "yellow.gbc".Run miner.py.
Pokémon Emerald - executing random subroutines with glitch move ACE TheZZAZZGlitch 2020-05-24 | Speedrunning, creating useful payloads, unlocking stuff, all of that is cool and all... but sometimes you just gotta have some glitchy fun.(This is definitely not a low-effort attempt to keep the channel alive.)
Pokémon Crystal - Examining the out of bounds glitches TheZZAZZGlitch 2019-11-26 | Gen II is notorious for its weird out of bounds glitches. Walking out of bounds causes many different effects, seemingly at random. How does OOB work in Gen II, and why do these effects happen? Let's investigate!In order to make the game ignore all map connections, patch RO25:6877 (CheckTileEvent+0x0003) to 0x18 (hex edit the ROM and change byte at offset $96877 to 0x18).About out of bounds in Gen I games: youtube.com/watch?v=xuEsiyyYwVk
Pokémon Red/Blue - Investigating the hooked Dragonite glitch TheZZAZZGlitch 2019-08-24 | The "hooked Dragonite" glitch - a small curiosity found all the way back in 2009. Let's examine this piece of history in a bit more detail.
Interesting observations #1 TheZZAZZGlitch 2019-06-07 | Sometimes I find something that doesn't deserve its own video, but it's interesting enough that it should be seen. Now I got enough of these small discoveries to make a short compilation.PMD funky password generator: pastebin.com/raw/uhxw4hmh(run it on: syphist.com/pmd/rt/wondermail.html)
TheZZAZZGlitchs April Fools event 2019 - the results! TheZZAZZGlitch 2019-04-10 | The event site: zzazzdzz.github.io/fools2019ALL EVENT-RELATED LINKS TRANSCRIBED:pastebin.com/rLQuSrWd https://eldred.fr/fools2019 github.com/Darkshadows9/TheZZAZZGlitch2019Event pastebin.com/KNBLRwGD imgur.com/a/MEo4W7c docs.google.com/spreadsheets/d/1-WcI9AK14uL-ZYaY95its6kDMk2hb_MuJ2c6fOHfFeg github.com/Muzuwi/fools19 thezzazzglitch.fandom.com
[APRIL FOOLS] Pokémon Crystal - 3DS VC escape exploit with wrong pocket TM21 ACE TheZZAZZGlitch 2019-04-01 | For more information, visit:zzazzdzz.github.io/fools2019
Pokémon Gen I ABC - Down to 33 A presses with $F8FF ACE TheZZAZZGlitch 2018-08-10 | Recent (as in, one year ago) developments in any% no save corruption speedrunning brought us $F8FF ACE, a method of achieving arbitrary code execution as early as Viridian Forest. Will this strategy deem useful for the A Button Challenge? Only one way to find out...About the Pokémon Gen I A Button Challenge:docs.google.com/document/d/1L8-BrZAM4kdx_DfRs71l1Kk7P5nrszDqOBu-_Kf5bxg/edit?usp=sharingThe current Gen I ABC route:docs.google.com/spreadsheets/d/14l8fTLXg6jnhCLQ6ZBKSl1wBb1nFEKEN4XpwQoWeIzs/edit?usp=sharingPrevious ABC video (44x A presses, almost): youtube.com/watch?v=XY5Yt-nYKGsAbout half A presses:The half A press notation is a special system used when counting A presses in segmented runs. If a specific segment of the run is started with the A button already held, such A press is counted as a "half A press". This is because in a complete playthrough, the half A press would just be held out and continued from an A press in an earlier segment, and it wouldn't necessitate pressing the A button. So the half A press is just a continuation of an A press that was performed earlier in the run. You can watch this video for a more detailed explanation (or you don't have to, because you've probably watched it already): youtube.com/watch?v=kpk2tdsPh0A&t=35sMusic from intro: The Happy Troll, by D1ofAquavibeyoutube.com/watch?v=UHTFCZgm6HU
VBA 1.8.0, VBA-M 2.0.2 - Multiple vulnerabilities in ELF file parser TheZZAZZGlitch 2018-07-06 | Breaking the emulators even more. All versions of VBA and VBA-RR, and versions of VBA-M before 2.1.0, happen to have several bugs in their ELF file parsers. Loading specially prepared ELF files could either result in running untrusted code outside the emulator, or leak information about the outside environment to the emulated ROM, including user account information, filesystem paths, configuration, or even save data from other games.PoC exploits + technical writeup: sites.google.com/site/thezzazzglitch/home/vba_elfexploit.zip
TheZZAZZGlitchs April Fools event 2018 - the results! TheZZAZZGlitch 2018-04-09 | The event site: zzazzdzz.github.io/fools2018The April Fools video: youtube.com/watch?v=pvj38BqPoq0All the event-related links from the video:pastebin.com/jqzrNaw5imgur.com/a/yErS8docs.google.com/spreadsheets/d/1ENWGaJbHHkGdlujaCLvnzztIhA2pQUvFmcTN-ipwhIo/edit?usp=sharinggithub.com/Darkshadows9/TheZZAZZGlitch2018Eventpastebin.com/pQhTWTmfpastebin.com/Y6Yb9X4a
[APRIL FOOLS] Pokémon Yellow - 4 4s true cry finally reproduced! TheZZAZZGlitch 2018-04-01 | The rare occurence known as the 4 4's true cry has finally been reproduced! This short video will explain how to fully recreate this phenomenon I accidentally discovered 4 years ago.Download the save file here:http://167.99.192.164:12709/static/fools2018/Previous videos related to 4 4:youtube.com/watch?v=1dQq6_xa8-Uyoutube.com/watch?v=NAeswVNsfnsyoutube.com/watch?v=Op0jFsZP5Q8
A friendly reminder: Lua scripts are arbitrary code TheZZAZZGlitch 2018-02-18 | People generally think that Lua scripts can only interact with the emulator, and treat them carelessly. But in reality, Lua scripts are untrusted code that you run on your computer. Here's a quick public service announcement about this.The Lua script:sites.google.com/site/thezzazzglitch/home/techno.lua?attredirects=0&d=1Raw, clean EXE for the demo:sites.google.com/site/thezzazzglitch/home/techno.exe.zip?attredirects=0&d=1
Pokémon Red/Blue - Polymorphic 8F bootstrap technique + an 8F memory editor TheZZAZZGlitch 2018-01-15 | 8F bootstrapping was a real pain for a long time. This new technique - polymorphic 8F bootstrapping, could be a solution. It works by writing code which will let you edit itself and create the bootstrap. I also show you a nice 8F-based ingame memory editor along the way.Route 18 step counter map: https://i.imgur.com/WjJN8HA.pngTheZZAZZGlitch's memory editor:Bytes: pastebin.com/raw/Lca1Bxn0Code: pastebin.com/raw/yTWnbPMw (note: it's very messy)
Pokémon Yellow - 4 4s true cry: the follow-up TheZZAZZGlitch 2017-11-04 | The effect from this video: youtu.be/1dQq6_xa8-U, dubbed as the "4 4's true cry" still hasn't been reproduced. But some developments have been made in this regard, including some people managing to create similar glitch effects on their own. This video is an update on the continuing struggle to determine what the hell happened to my game 4 years ago...My GCL posts about invalid sound banks:http://forums.glitchcity.info/index.php?topic=7518.msg200772.html#msg200772http://forums.glitchcity.info/index.php?topic=7538.msg200773#msg200773
Pokémon Gen I ABC - Down to 44 A presses... but at what cost? TheZZAZZGlitch 2017-09-08 | In my last video, I theorized how extended Super Glitch corruptions could be used to save A presses in the A Button Challenge. Then I tried to put this into practice - but sometimes, not everything goes according to plan...The OR/AS remix of the SM64 File Select theme was created by bauerklos music@YT. Thank you for bringing us this high quality video game rip!youtube.com/watch?v=mBpTBH5P9_AAbout the Pokémon Gen I A Button Challenge:docs.google.com/document/d/1L8-BrZAM4kdx_DfRs71l1Kk7P5nrszDqOBu-_Kf5bxg/edit?usp=sharingThe current Gen I ABC route:docs.google.com/spreadsheets/d/14l8fTLXg6jnhCLQ6ZBKSl1wBb1nFEKEN4XpwQoWeIzs/edit?usp=sharingPrevious ABC video (47x A presses): youtube.com/watch?v=EGKiDywDjewAbout half A presses:The half A press notation is a special system used when counting A presses in segmented runs. If a specific segment of the run is started with the A button already held, such A press is counted as a "half A press". This is because in a complete playthrough, the half A press would just be held out and continued from an A press in an earlier segment, and it wouldn't necessitate pressing the A button. So the half A press is just a continuation of an A press that was performed earlier in the run. You can watch this video for a more detailed explanation (or you don't have to, because you've probably watched it already): youtube.com/watch?v=kpk2tdsPh0A&t=35s
Pokémon R/B/Y: Extended Super Glitch corruptions (or: on maximum length of Super Glitch corruptions) TheZZAZZGlitch 2017-08-11 | Super Glitch moves corrupt the game's RAM, all depending on what was recently displayed on screen. You might think that standard Super Glitch is destructive enough. But there's a way to improve its destructive capabilities if you try hard enough.On double/triple/quadruple Super Glitch corruptions:youtube.com/watch?v=Q8zcf2qQo6wRBMemViewer:github.com/zzazzdzz/rbmemviewer(To download the precompiled binaries, check the bin directory.)
Pokémon Gen I ABC - several improvements (47x A presses) TheZZAZZGlitch 2017-06-11 | The previous video brought us many suggestions on how to reduce the A press count even more, so there's nothing better to do than put all of these suggestions into practice. How much more A button inputs can we shave off the current route? I attempt to answer this question.About the Pokémon Gen I A Button Challenge:docs.google.com/document/d/1L8-BrZAM4kdx_DfRs71l1Kk7P5nrszDqOBu-_Kf5bxg/edit?usp=sharingThe current Gen I ABC route:docs.google.com/spreadsheets/d/14l8fTLXg6jnhCLQ6ZBKSl1wBb1nFEKEN4XpwQoWeIzs/edit?usp=sharingThe previous route (59x A presses):youtube.com/watch?v=t_c302Zdki4About half A presses:The half A press notation is a special system used when counting A presses in segmented runs. If a specific segment of the run is started with the A button already held, such A press is counted as a "half A press". This is because in a complete playthrough, the half A press would just be held out and continued from an A press in an earlier segment, and it wouldn't necessitate pressing the A button. So the half A press is just a continuation of an A press that was performed earlier in the run. You can watch this video for a more detailed explanation (or you don't have to, because you've probably watched it already): youtube.com/watch?v=kpk2tdsPh0A&t=35sThe high quality rip of the Oak's Laboratory theme was created and provided to me by one of my viewers. Thank you!Full version: youtube.com/watch?v=Tj0zAmqrvHgThe author's channel: youtube.com/channel/UCfTqsRgs3ifYw0SK0PB6MUQ
Unintentional video game passwords TheZZAZZGlitch 2017-05-13 | Many of the early NES games utilized password systems to store game progress. Turns out most of these systems can be manipulated quite easily. I demonstrate that on several NES games by creating passwords that contain human-readable phrases.
Missingno.sav (TheZZAZZGlitchs April Fools event 2017) - results + walkthrough TheZZAZZGlitch 2017-04-09 | The full highscore list (with all messages): zzazzdzz.github.io/fools2017The April Fools video: youtube.com/watch?v=ytychC3RpIQCommunity projects:Wack0's missingno.sav Game Boy reversing challenge writeup:gist.github.com/Wack0/1a84651e7e7e0c6f7d5fb5888e361123kenoph's keygen:pastebin.com/PfvWt7w1NieDzejkob's full documented disassembly of the save ('missingno.sav reverse-engineered'):pastebin.com/ykXv6ajCISSOtm's web based password generator:issotm.github.io/pokexploits/fools2017/keygen.html
[APRIL FOOLS] Pokémon Red/Blue - Making pizza and curing cancer with 8F ACE TheZZAZZGlitch 2017-04-01 | What CAN'T we do with arbitrary code execution?8F makes everything possible!For people that say this was uploaded a day too early: Timezones are apparently a thing.Download the save file here!zzazzdzz.github.io/fools2017You ARE supposed to use Gameshark and/or memory editing.TROUBLESHOOTING:Load the save in English Pokemon Blue, no exceptions! (won't work in Red/Yellow)Use a good emulator with Echo RAM support (just don't use old versions of VBA)(The static part of the service is hosted with Github Sites, and I used my friend's server space to host the backend database separately. Hopefully the highscore list will survive the load this year!)The event ends on Wednesday (April 5th) 12:00 GMT.The high quality rip of the G/S/C Game Corner/Lucky Channel theme was brought to you by one and only SiIvaGunner:youtube.com/watch?v=6vQ71voOb-Q
Pokémon R/B/Y: Memory corruption effects of glitch textboxes TheZZAZZGlitch 2017-02-25 | In Generation I, glitch textboxes are created when the game is ordered to process unrelated data as text commands. Something as simple as reading text from a wrong location couldn't possibly do any harm... right?
Pokémon R/B/Y: Bringing arbitrary code execution to other games TheZZAZZGlitch 2016-12-17 | 8F not only gives us control over the whole game, but over the whole console. With enough trickery and cartridge swapping, it's possible to use 8F/'ws m' arbitrary code execution to affect other games than just Pokémon.GCL thread: http://forums.glitchcity.info/index.php?topic=7722.msg203355Item list for the "game reboot" proof of concept:8FAny itemTM43 x22Moon Stone x1Master Ball x147Antidote x121Escape Rope x176Fire Stone x250Parlyz Heal x21Guard Spec. x32TM45 x175Great Ball x111Carbos x1TM33 xAnyByte sequences for other setups. Use any generic 8F/ws m RAM writer to get the byte sequences somewhere into memory, then execute them. An example setup for this can be seen in this video: youtube.com/watch?v=D3EvpRHL_vkForce boot game in GB mode:F3 16 0B 01 FF FF 0B 79 B0 20 FB 15 20 F5 C3 0001Force boot game in GBC mode:F3 16 0B 01 FF FF 0B 79 B0 20 FB 15 20 F5 3E 11C3 00 01Infinite Master Balls in Pokemon Crystal:F3 16 0B 01 FF FF 0B 79 B0 20 FB 15 20 F5 3E 0AEA 00 00 AF EA 00 40 3E 01 EA E2 AB EA E4 AB 3E11 C3 00 01SML2 credits warp:F3 16 0B 01 FF FF 0B 79 B0 20 FB 15 20 F5 21 00D0 11 E5 01 0E FF 1A 22 13 0D 20 FA AF EA 30 D021 37 D0 3E 3E 22 3E 01 22 3E EA 22 3E D5 22 3EA2 22 3E C3 22 3E 1C 22 3E 02 22 21 E0 D0 3E 2122 AF 22 3E D1 22 3E 01 22 AF 22 3E 1F 22 3E AF22 3E 22 22 3E 0B 22 3E 79 22 3E B0 22 3E 20 223E F9 22 3E C3 22 AF 22 3E D0 22 C3 E0 D0First, run SML2 and turn it off at the title screen (this is to set the SRAM data to non-crashing values).Afterwards run the above code with 8F or similar item, then swap the cartridges. SML2 will boot to a white screen - press Start and go to any stage to trigger the credits.ASM code for the infinite Master Balls setup:http://pastebin.com/raw/N5BLMdmgASM code for the SML2 credits warp setup:http://pastebin.com/raw/FyQX676d
Pokémon Gen I ABC - Ditto strats A press saves TheZZAZZGlitch 2016-11-16 | *** Check the comments - two improvements have already been found by two of my viewers, saving 7 A presses from the route showcased in my video. So the current route has 52 A presses now. youtube.com/watch?v=t_c302Zdki4&lc=z13ng1jwzwbfxt3bs04chzehdx3yyht5dg4The any% NSC speedrunner community brought us Ditto strats - a new route that completely drops inventory underflow in favor of Super Glitch corruptions. This eliminates the need of heavy inventory management, which consumed a substantial amount of A presses in my previous A Button Challenge attempt. Let's attempt the Gen I ABC yet again and see if the new strategy will improve our previous score.About the Pokémon Gen I A Button Challenge:docs.google.com/document/d/1L8-BrZAM4kdx_DfRs71l1Kk7P5nrszDqOBu-_Kf5bxg/edit?usp=sharingThe current Gen I ABC route:docs.google.com/spreadsheets/d/14l8fTLXg6jnhCLQ6ZBKSl1wBb1nFEKEN4XpwQoWeIzs/edit?usp=sharingMy previous route (69x A presses):youtube.com/watch?v=NoB1Z0QBLB4About half A presses:The half A press notation is a special system used when counting A presses in segmented runs. If a specific segment of the run is started with the A button already held, such A press is counted as a "half A press". This is because in a complete playthrough, the half A press would just be held out and continued from an A press in an earlier segment, and it wouldn't necessitate pressing the A button. So the half A press is just a continuation of an A press that was performed earlier in the run. You can watch this video for a more detailed explanation (or you don't have to, because you've probably watched it already): youtube.com/watch?v=kpk2tdsPh0A&t=35sMovie (.BKM, Bizhawk 1.11.6):sites.google.com/site/thezzazzglitch/home/a-button-challenge-movies/DittoStrats59xA.bkm?attredirects=0&d=1The high quality rip of the Oak's Laboratory theme was created and provided to me by one of my viewers. Thank you!Full version: youtube.com/watch?v=Tj0zAmqrvHgThe author's channel: youtube.com/channel/UCfTqsRgs3ifYw0SK0PB6MUQ
Pokémon R/B/Y: Whats out of bounds? TheZZAZZGlitch 2016-10-24 | Have you ever wondered what's outside the normal map boundaries? Here's a detailed analysis of out of bounds geography in Generation I Pokémon games.Full-sized map of OOB Pallet Town:sites.google.com/site/thezzazzglitch/home/OOB_PalletTown.pngFull-sized map of OOB Sea Route 20:sites.google.com/site/thezzazzglitch/home/OOB_SeaRoute20.pngTo patch the game to ignore any map connections change the three following bytes at offset $07BA to 0xC3, 0xC6, 0x08. This hack only works on English Red/Blue.The OOB diagram in full resolution:sites.google.com/site/thezzazzglitch/home/OOB_Diagram.png
Pokémon Blue: B1F warps to the Hall of Fame... given enough time TheZZAZZGlitch 2016-09-30 | Let's see if B1F can help me warp to the Hall of Fame in a finite amount of time.More about the "B1F" item: youtube.com/watch?v=JEEB41Lz59c :: youtube.com/watch?v=_-wVsN8rVks
VBA 1.8.0 & VBA-RR: Stack buffer overflow in XPC file parser results in code execution TheZZAZZGlitch 2016-09-12 | First I break the games, then I break the emulator.Don't use VBA. Use mGBA or VBA-M instead.(Read the description for more information)DESCRIPTION FOR INFOSEC PEOPLE:Just download the PoC+advisory here: sites.google.com/site/thezzazzglitch/home/VBA18_CodeExec.zipDESCRIPTION FOR EVERYONE ELSE:This is an arbitrary code execution vulnerability in the old and discontinued VBA emulator, including VBA-RR.It's possible to run untrusted code on the computer by loading a specially crafted XPC cheatlist. You can imagine someone using this vulnerability to create a cheatlist that installs a virus, then giving it to you, disguised as an 'awesome cheat code for level 255 Arceus in Red/Blue'.Remember how in the Pokémon games one could trigger a buffer overflow bug to execute his own code on the console? This is exactly the same thing, but on emulator level. An attacker can create a custom cheatlist that does whatever they want on your computer. In the video, I make it run calc.exe, because that's how I roll.If you want to test it for yourself, here's an example exploit for VBA 1.8.0, along with a PDF explaining the technical side of the vulnerability: sites.google.com/site/thezzazzglitch/home/VBA18_CodeExec.zipAdditionally, I have received a lot of opinions that this feature is rarely used, so the vulnerability is of low severity. I don't believe that. Let's say I do a glitch video that presents an Arceus hack in Red/Blue, and I say you can try it yourself by running an EXE file. Not many people would try it, I assure you. Now, I instead tell you to try an XPC file, and tell you to import it through the 'Import Gameshark Code file' option. Works best on VBA. Now it sounds a lot better - it's a Gameshark code list, it can't be dangerous. Would you do it?Code execution is always dangerous, because it breaks the basic security principle of "only executables can do anything to your computer".
Pokémon glitches and emulation accuracy TheZZAZZGlitch 2016-09-05 | Emulator accuracy is pretty much ignored when it comes to Gen I and II Pokémon glitches, yet it is very important.GCL thread with 8F 'test-scripts': http://forums.glitchcity.info/index.php?topic=7559
Pokémon Blue: 99 item stack glitch and its applications TheZZAZZGlitch 2016-08-10 | "It never hurts to have extra items!"Gen I is so awesome, even having more than 99 items can cause it to break. Here's a detailed analysis on the 99 item stack glitch, which turned out to be more useful and easy to pull off than everyone originally expected.This glitch is actually 2 years old, but back then, it didn't get too much attention. You can visit these links for more technical information about how the glitch works:http://forums.glitchcity.info/index.php?topic=6953youtube.com/watch?v=R5o_t_ddsy0The "warp with Master Balls" effect was also previously discovered, but was only performed using the Yami Shop glitch:youtube.com/watch?v=6PxBIzRY4egGiven that the glitch does not require actually buying the items in a mart, all of the effects in the video can be caused as early as you can get a stack of 99 items of a proper kind (so possibly even in Viridian City).
Pokémon Blue in 69 A presses TheZZAZZGlitch 2016-07-08 | The amount of memes I received in the comments forced me to think how the A Button Challenge would look like if applied to Pokémon games. Here's my first attempt of answering this question - a 69x A press run of Pokémon Blue, which is also a "Pacifist Run" - it completes the game without winning any battles.This is an unpolished TAS, made only to satisfy my curiosity. I'm not planning to continue the ABC challenge with much dedication, unless people want me to.Movie (.BKM, Bizhawk 1.11.6):sites.google.com/site/thezzazzglitch/home/PokemonBlue69xA.bkmLua script used for RNG frame searches:sites.google.com/site/thezzazzglitch/home/RNG_Beast.luaAbout half A presses:The half A press notation is a special system used when counting A presses in segmented runs. If a specific segment of the run is started with the A button already held, such A press is counted as a "half A press". This is because in a complete playthrough, the half A press would just be held out and continued from an A press in an earlier segment, and it wouldn't necessitate pressing the A button. So the half A press is just a continuation of an A press that was performed earlier in the run. You can watch this video for a more detailed explanation (or you don't have to, because you've probably watched it already): youtube.com/watch?v=kpk2tdsPh0A&t=35sThere are currently no cases where holding A is important in Pokémon games. However, it might become useful in any time, and thus, the half A press notation is mentioned and allowed in advance.
Pokémon Blue: B1F does everything... given enough time (predictable SRAM corruptions) TheZZAZZGlitch 2016-06-19 | Previously, I used SRAM corruptions caused by glitch Pokemon sprites in conjunction with B1F to randomly create wonderful glitchy effects. But is there a way to actually manipulate SRAM into useful data? There is, but it certainly ain't easy.My previous video about B1F: youtube.com/watch?v=JEEB41Lz59cAlso, my previous video about glitch trainer 0xFC and its first roster: youtube.com/watch?v=wjXQqZTYJcoAll of the code used in this video can be downloaded at: sites.google.com/site/thezzazzglitch/home/SRAM_Corruption_Emulator.zip
Pokémon R/B/Y: Mew Glitch textbox ID matching - glitch mart (and more!) TheZZAZZGlitch 2016-06-02 | The Mew Glitch holds a lot more secrets than any of you could have imagined. People intended to use it to get Mew. Then we used it to make people disappear. Now we can use it to buy some conveniently priced glitch items!
Pokémon Blue: Making objects disappear using the Mew Glitch TheZZAZZGlitch 2016-05-10 | Apparently, the Mew Glitch can make people disappear. Who would've thought?Moar details: http://forums.glitchcity.info/index.php/topic,7490.msg200311.html#msg200311
Pokémon Emerald: Arbitrary code execution with glitch move animations TheZZAZZGlitch 2016-04-09 | More arbitrary code execution in Gen III. This time, 100% crash sound free!Glitch moves have glitch animations. Some glitch animations point to RAM, some point to save data. What could go wrong?"?????????? used t". The universe breaks.Item lists:Bootstrap (animation script):Item $D103 x3860Item $FF0E x2048Warp to any map (Birth Island is ID 0x1A3A):Item $20[lower byte of ID] x512Item $30[higher byte of ID] x18689Item $6008 x48624Item $3C5A x518Set any memory address to anything:Item $[byte to write]20 x18689Item $7008 x48624Item $[address, 3rd byte][address, 4th byte] x$[address, 1st byte][address, 2nd byte]
TheZZAZZGlitchs April Fools event 2016 - the results are in! TheZZAZZGlitch 2016-04-04 | Relevant video: youtube.com/watch?v=GfH2oAOjTREFull high score list: 7ca416125463a781eac798865c1b8430444d4ca7.googledrive.com/host/0B_s2K4TDOCSTc0pycmhCZlM5QzQ/index.htm
[APRIL FOOLS] Pokemon Black: Arbitrary code execution TheZZAZZGlitch 2016-04-01 | W.ç|I]J˝…ěŚ]tHŹSśGžoĚo;ÇRýĺă·~ĚžŁNŘ®%Ŕr!Jţ™÷p..t¶ź.µ=á›ń»ÂDëCurrent link (obviously high score list doesn't work anymore): sites.google.com/site/thezzazzglitch/home/MissingnoEXETotallyNotAVirusTrustMeM9.zipOlder links:http://zzazz.ml/zzazz/fools2016/(mirror: http://s000.tinyupload.com/index.php?file_id=17605576689048736431)
Pokemon Blue: 5 minor glitches/oversights TheZZAZZGlitch 2016-03-18 | 5 glitches that are not game-breaking, yet still interesting.Who decided that this game is ready for release, anyway?
Pokemon Diamond: Effects caused by glitch moves TheZZAZZGlitch 2016-02-25 | While most of the glitch moves in Gen IV games are not particularly interesting, move index 0x01F6 definitely exhibits some interesting behavior. Arbitrary code execution coming soon?
Pokemon Blue: Glitches caused by scrolling past the sixth slot TheZZAZZGlitch 2016-01-16 | Even just scrolling through Pokemon beyond slot six is not safe for your game.
RNG plays Hearthstone TheZZAZZGlitch 2015-12-14 | Everyone keeps complaining that games in Hearthstone are completely determined by luck. So I decide to test that statement by creating a script which randomly generates mouse input and feeds it to the game. Will pure RNG win at least one match?The script in question: http://pastebin.com/raw.php?i=umfUukHUObviously it's not production-quality code. For the script to work correctly, Hearthstone must be set to run in windowed mode, with a non-standard resolution of 1026x630. Requires PyWin32 and Python 3.Control the application through hotkeys: Alt+R starts sending mouse inputs, Alt+P ends the turn and stops sending mouse inputs.(Twitch Plays Hearthstone anyone?)
Pokemon Yellow - 4 4 (hex BF) and its interesting behavior TheZZAZZGlitch 2015-12-13 | I tried to reproduce the "4 4's true cry" (youtube.com/watch?v=1dQq6_xa8-U), but failed miserably. Instead, I have accidentally stumbled upon some other quirks of 4 4, which made this Pokemon even more mysterious than before. The rare example of me actually having no idea what's happening with this game anymore.
Pokemon Yellow - Encountering Yellow-form Missingno. without crashing TheZZAZZGlitch 2015-10-25 | Whether Missingno. crashes the game or not is determined by the contents of SRAM bank 0. In other words, Missingno. derives its behavior from an unused chunk of data in the save file. By manipulating that chunk of data it's possible to make Yellow Missingno. relatively stable.Item list (starting from box item 15):Any Item x2Lemonade x10Ultra Ball x4Potion x10X Speed x2Awakening x99Parlyz Heal x81X Accuracy x1Fresh Water x2Soda Pop x2TM02 x12Guard Spec. x2
Pokemon Blue: The mystery of B1F (glitch item 0x55) TheZZAZZGlitch 2015-08-21 | B1F is a glitch item executing code from $A7D0. This is where Hall of Fame data resides. What could possibly go wrong?We can use Missingno. Hall of Fame data corruption just to see some glitchy wonderful things, or cleverly manipulate the Hall of Fame data to execute arbitrary code. The choice is yours.
