Evie (ChickasaurusGL) 🌺 | Party Pokémon 82 and 81 swap for text command 0x7A arbitrary code execution (Red/Green JP) @ChickasaurusGL | Uploaded March 2022 | Updated October 2024, 37 minutes ago.
Notes: In Pokémon Red and Green, as documented by ice_ice, swapping party Pokémon 82 with 81 runs arbitrary code execution at D106. This is apparently due to the invalid 0x7A text command. twitter.com/i_c_e_i_c_e_/status/1474353856452898821
Using LWA, you can set up both the expanded inventory (and a custom name), and the data at D106 in one glitch Poké Mart. Afterwards, swapping Pokémon 82 with 81 immediately runs your code at D106 (Hall of Fame script in this video).
The setup is based on the LWA exploit here, with a current PC box already set up. youtube.com/watch?v=yhEPteRdH3g
I may come back to the description another time though, to add more information.
Save file where repeating the steps in this video should work (swap item 1 and item 2 into the text pointer table items just below the ????? and talk to the lady):
drive.google.com/file/d/17uzYMIQMjzphv13_ytB1a5HvXTbGG-xp/view?usp=sharing
Notes: In Pokémon Red and Green, as documented by ice_ice, swapping party Pokémon 82 with 81 runs arbitrary code execution at D106. This is apparently due to the invalid 0x7A text command. twitter.com/i_c_e_i_c_e_/status/1474353856452898821
Using LWA, you can set up both the expanded inventory (and a custom name), and the data at D106 in one glitch Poké Mart. Afterwards, swapping Pokémon 82 with 81 immediately runs your code at D106 (Hall of Fame script in this video).
The setup is based on the LWA exploit here, with a current PC box already set up. youtube.com/watch?v=yhEPteRdH3g
I may come back to the description another time though, to add more information.
Save file where repeating the steps in this video should work (swap item 1 and item 2 into the text pointer table items just below the ????? and talk to the lady):
drive.google.com/file/d/17uzYMIQMjzphv13_ytB1a5HvXTbGG-xp/view?usp=sharing
