NamingScreenType (D07D/C) arbitrary code execution (Generation I)

Channel:
Evie (ChickasaurusGL) 🌺
Subscribers:
17,700
Published on ● Video Link: https://www.youtube.com/watch?v=QlRkfR8zFVg


Duration: 4:02
532 views
28

NamingScreenType ACE lets you run arbitrary code execution from a party menu message. NamingScreenType is normally used to specify the message on the party menu like "Choose a POKéMON.", "Use item on which POKéMON?", "Bring out which POKéMON?" and so on.

Invalid index numbers will bring up invalid text boxes. If the text box points to 08, it will specify TX_START_ASM mode, so will execute arbitrary code one address afterwards. For example, text box 0x0B's pointer in Red is F117 (Echo RAM of D117). Place an 08 byte there, and you can set up your ASM code at F118/D118. Note that the game will display another glitch text box after (I think from hl), so sometimes you'll need to adjust it within the code to avoid the text box.

NamingScreenType ACE requires OAM DMA hijacking in order to lock D07D/C (it will change after a normal interaction like opening the party menu from the start menu otherwise), but it's another entry point that can be done simply by opening the party menu.



Other Videos By Evie (ChickasaurusGL) 🌺


2023-09-08Type 0xFF mail arbitrary code execution access point (Pokémon Crystal JP)
2023-09-08Glitches when modifying memory address D09B before viewing a text box (Red/Blue)
2023-09-08Clearing the mailbox (EN Gold/Silver)
2023-09-08Frame block copier arbitrary RAM modification (Generation I)
2023-09-08Experimental Pokédex nest buffer overflows (Generation I)
2023-09-08Cloning over/deleting a corrupted box contents w/arbitrary code execution (Gold/Silver EN request)
2023-09-08Clearing the mailbox (Japanese Crystal) (request)
2023-06-20Get any Pokémon w/any move+set of internal types (AncientPower Bulbasaur in video) (No ACE) (Yellow)
2023-06-01The uppercut invulnerability exploit (Game Freak's 1994 Pulseman) (warning: flashing lights)
2023-05-27Exploiting Game Boy Camera's SRAM storage to run minigames via cart swap (w/shoddy "Snek Fly" game)
2023-04-18NamingScreenType (D07D/C) arbitrary code execution (Generation I)
2023-03-21Using Dex dump glitch to simulate the expanded party and almost filling our Pokédex (Generation I)
2023-03-21PP copier glitch - Corrupting a Pokémon's nickname and making it over Level 100 (Generation I)
2023-03-21Glitch blackboard text arbitrary code execution (Generation I)
2023-02-27Level 0 Pokémon cannot evolve by stone/obtain Level 0 Clefairy w/Brock Through Walls (Generation I)
2023-02-27Obtain MissingNo. (0xAF) with GoldBadge item (addendum to the GoldBadge glitch) (Red/Green v1.0)
2023-02-27Select glitch 35 Pokémon swap for instant Safari Zone exit glitch (Glitch City) (Red/Green/Blue JP)
2023-02-19Manipulating the unused Silph Co. 11F wLastMap warp 10 (Another Glitch City glitch) (Generation I)
2023-02-18Locating the warping ('parallel universe') NPC caused by playing sound 00 (Generation I)
2023-02-18Character misalignment glitches (Generation I)
2023-02-18Select glitch species corruption with party swap 178 for battling ィ゙ゃゾA (00) (Red/Green/Blue JP)