Party Pokémon 82 and 81 swap for text command 0x7A arbitrary code execution (Red/Green JP)

Channel:
Evie (ChickasaurusGL) 🌺
Subscribers:
17,700
Published on ● Video Link: https://www.youtube.com/watch?v=EfSeyncbtyQ


Game:
Pokémon Red and Blue (1996)
Duration: 0:00
696 views
31

Notes: In Pokémon Red and Green, as documented by ice_ice, swapping party Pokémon 82 with 81 runs arbitrary code execution at D106. This is apparently due to the invalid 0x7A text command. https://twitter.com/i_c_e_i_c_e_/status/1474353856452898821

Using LWA, you can set up both the expanded inventory (and a custom name), and the data at D106 in one glitch Poké Mart. Afterwards, swapping Pokémon 82 with 81 immediately runs your code at D106 (Hall of Fame script in this video).

The setup is based on the LWA exploit here, with a current PC box already set up.    • The Pokédex rating for having 152 Pok...  

I may come back to the description another time though, to add more information.

Save file where repeating the steps in this video should work (swap item 1 and item 2 into the text pointer table items just below the ????? and talk to the lady):
https://drive.google.com/file/d/17uzYMIQMjzphv13_ytB1a5HvXTbGG-xp/view?usp=sharing



Other Videos By Evie (ChickasaurusGL) 🌺


2022-05-14rst 38 arbitrary code execution (Pokémon Red/Green/Blue/Yellow 1.0 JP) via Map 250/FA (Red/Green JP)
2022-05-09Calling the Game Boy DMG boot ROM code (Pokémon Yellow arbitrary code execution experiment)
2022-05-09Pokémon Remerald is such broken game
2022-05-05Party slot 7 (and up) is checked for the walking Pikachu (Pokémon Yellow)
2022-05-05Pokémon Rapphire (Half Pokémon Ruby, half Pokémon Sapphire)
2022-05-05ROM splicing - 0000-3FFF is from Tetris (Rev A) 4000-7FFF is from Dr. Mario (Rev 0) (Tetris Doctor)
2022-05-05ROM splicing - 0000-3FFF is from Dr. Mario (Rev 0) 4000-7FFF is from Tetris (Rev A) (Dr. Tetris)
2022-03-20Pokémon Yellow infrared support proof of concept: Mew with remote control (arbitrary code execution)
2022-03-20Catch any Pokémon at the Trainer House (Glitch Unown 0xA2+wrong pocket TM36) (Gold/Silver)
2022-03-06Hatch any Shiny Pokémon with glitch Pokémon 0x0611 arbitrary code execution (Pokémon Emerald)
2022-03-05Party Pokémon 82 and 81 swap for text command 0x7A arbitrary code execution (Red/Green JP)
2022-03-01Flying directly outside of the Safari Zone prize house (Fly anywhere concept) (Generation I)
2022-02-15Map 255 (FF)'s encounter table (map accessed with arbitrary code execution) (Pokémon Red and Blue)
2022-02-01Encounter Pokémon in Map 254 (0xFE) (via arbitrary (custom) map header glitch) (Pokémon Red/Blue)
2022-02-01Another Ekans glitch in Pokémon Blue (left-facing shore tile glitch+Glitch City RAM Cut manip)
2022-02-01ESP 8 prototype and 風といっしょに (Kaze to Issho ni) comparison (Mewtwo Strikes Back Japanese Ending song)
2022-01-24Map attribute merge+remove walls instead of walking through them (Red/Blue map FE+certain tilesets)
2022-01-16Random freeze after viewing and closing the Trainer Card (Brilliant Diamond/Shining Pearl)
2022-01-16Different field move/summary/hatch sprites on Decamarks (Ruby/Sapphire)
2022-01-16Decamark 0x939E trade evolving into Lugia and fixing the stat menu glitch (FireRed/LeafGreen(?))
2021-12-20Small online timeout message outside of battle glitch (Brilliant Diamond and Shining Pearl)


Other Statistics

Pokémon Red and Blue Statistics For Evie (ChickasaurusGL) 🌺

Currently, Evie (ChickasaurusGL) 🌺 has 1,628,633 views for Pokémon Red and Blue across 241 videos. There's over 1 day worth of watchable video for Pokémon Red and Blue published on his channel, or 21.83% of the total watchable video on Evie (ChickasaurusGL) 🌺's YouTube channel.