|
|||||||
 |
|
|
Thread Tools |
Nov 28th, 2010, 10:51:42 PM
|
#576 |
|
Dies, died, will die.
Join Date: Jun 2010
Posts: 302
|
i can get to all 24 via pokegen, though. i was able to get it to show me 16 without the nationall pokedex, so that may be the limit. kaph found a save past the part that was freezing on me, and he tested it and it does the same shiny check.
|
|
|
|
Nov 28th, 2010, 10:51:54 PM
|
#577 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
Doesn't matter, it does work but it still has the shiny check.
 oh serebii you and dem falsities! |
|
|
|
|
Nov 28th, 2010, 11:01:43 PM
|
#578 | |
|
RIP Hydreigon 2010-2013 never forget
Moderator
Join Date: Nov 2006
Posts: 6,633
|
Fucking Game Freak, why is Resh/Zek so damn important for not to be shiny.
I'm not sure if you have checked it already or not, Kaphotics, but if, in N's castle, you faint Resh/Zek and then rebattle it, will it have the same IVs/Nature?
__________________
Quote:
|
|
|
|
|
|
Nov 28th, 2010, 11:18:24 PM
|
#579 | |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
Quote:
|
|
|
|
|
|
Nov 29th, 2010, 2:51:11 AM
|
#580 |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
I wouldn't rule out the possibility of shiny Zekrom\Reshiram entirely.
It's possible that the game just says "okay, if the PID would become shiny if you XOR'd with 0xSomeNumber, then make it shiny. And if the PID is already shiny, then AND it with 0x10000000." This would make it possible to still have shiny Zekrom\Reshirams while thwarting people attempting the obvious - modifying the ID\SID so the PID would be shiny. |
|
|
|
|
Nov 29th, 2010, 7:07:05 AM
|
#581 | ||
|
RIP Hydreigon 2010-2013 never forget
Moderator
Join Date: Nov 2006
Posts: 6,633
|
Quote:
__________________
Quote:
|
||
|
|
|
|
Nov 30th, 2010, 4:00:11 AM
|
#582 |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
Game Freak went to a lot of trouble to encrypt the date\time\MAC Address for the non-C-Gear seeds. But no amount of encryption can stop someone with a debugger. :)
tl;dr Non-C-Gear seeds are MUCH easier to work with than the C-Gear; you don't have to get millisecond-precision timing, all you need is to hit the right time down to the second. What's more, the same seed is used for both RNGs, so both IVs and nature\shininess\etc. can be predicted.
Encrypting the Date\Time\MAC Address, SHA-1 Preprocessing
Encrypting the Encryption with SHA-1
Jumbling up the SHA-1 Hash
Generating the Final Seed
Relevant Assembly Code
To-Do List:
Debugging this was a lot easier than I thought it would be. :D p.s. Kaphotics, date is stored at 0x23FFDE8 and time at 0x23FFDEC. |
|
|
|
|
Nov 30th, 2010, 7:50:32 AM
|
#583 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
I lol'd that the tl;dr was longer than the thing it was to summarize.
Time is in (decimal) 00SSMMHH HH from 00-11 (12-11AM), 52-63 (12-11 PM). So, adding PM into it you go up 51, eh... == Date (decimal), srsly wat 06010100 for 1/1/00 01010101 for 1/1/01, 02010102 for 1/1/02, 03010103 for 1/1/03, 04010104 for 1/1/04, +1 06010105 for 1/1/05, 00010106 for 1/1/07, 01010107 for 1/1/07, 02010108 for 1/1/08, +1 04010109 for 1/1/09, 05010110 for 1/1/10, 06010111 for 1/1/11, 00010112 for 1/1/12. +1 02010113 for 1/1/13 ... 05010110 for 1/1/10, 06010111 for 1/1/11, 00010112 for 1/1/12, 02010113 for 1/1/13 06020110 for 1/2/10, 00020111 for 1/2/11, 01020112 for 1/2/12, 03020113 for 1/2/13 00030110 for 1/3/10, 01030111 for 1/3/11, 02030112 for 1/3/12, 04030113 for 1/3/13 01040110 for 1/4/10, 02040111 for 1/4/11, 03040112 for 1/4/12, 05040113 for 1/4/13 02050110 for 1/5/10, 03050111 for 1/5/11, 04050112 for 1/5/12, 06050113 for 1/5/13 03060110 for 1/6/10 04070110 for 1/7/10 05080110 for 1/8/10 06090110 for 1/9/10 00010110 for 1/10/10 00310110 for 1/31/10 01010210 for 2/01/10 So far it looks like XXDDMMYY. Year does something to the XX area. It's screwy every 4 years, changing from it's 0 to 6 pattern by increasing 1. Doesn't do it for changes in months or days, as far as I could see. Only difference is year separation. I can't think of a particular formula for it but it is an easy pattern. == (below) were they the same exact save files? |
|
|
|
|
Nov 30th, 2010, 8:01:06 AM
|
#584 |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
Looks like it's a little too early to pop the champagne.
I thought the SHA-1 input was all constant except for the time\date\MAC address. On closer inspection, it looks like the 6th, 7th, and 8th 4-byte values also differ across DSes. In no$gba: 3E031800 0000C331 0709BF16 (unscrambled 0018033E 31C30000 16BF0907) In Desmume: 22062F00 00000000 05000006 (unscrambled 002F0622 00000000 06000005) I know this is DS-specific because we get the same values regardless of which game I put in. This also explains why mattj and I couldn't get the same seed with the same date\time\MAC address way back when. I really hope this is something we'll be able to find easily without an AR, like the Nintendo WFC ID. EDIT, response to above: I get the same seed with completely different save files. |
|
|
|
|
Dec 1st, 2010, 3:10:56 AM
|
#585 | |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
Okay, so here's the story:
It looks like regular seeds are also partly dependent on some ID that is unique to each DS. As far as we know, this ID can't be retrieved by anything except an AR (and so far Kaphotics hasn't been successful in making a code for that). However, since this ID is only one 32-bit value, it's feasible to brute-force every possible combination and find this ID, so long as you know the seed for a particular time\date\MAC address. (I wrote a program for determining this seed a few pages back, but I've found it's a little buggy and won't be fixing it until I integrate it into RNG Reporter.) It's a process that will take hours, maybe even a day or two to complete, but once you have that ID you can predict IVs (and more importantly nature\ability\shininess, which C-Gear seeds can't do) for any date\time, for that DS. This is going to be a pretty complex process, so I'll make sure RNG Reporter 9.0 will guide the user through it, step by step. But I'm swamped this week, so don't expect to see progress on it until the end of next week. In the meantime, I'll see if I can find time to get RNG Reporter 8.4 out in the next day or two. I won't be posting any guides for it, though - I expect the people who have been beta testing it to help. :) Quote:
|
|
|
|
|
|
Dec 1st, 2010, 5:54:14 AM
|
#586 |
|
ACUPRESSURE
Join Date: May 2007
Posts: 1,508
Cambridge, England
|
XX looks like the weekday of the date.
__________________
 |
|
|
|
|
Dec 1st, 2010, 7:49:42 AM
|
#587 | |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
Quote:
<3 In conclusion: 00SSMMHH time 0XDDMMYY date X=weekday Wikipedia for help predicting days of the week for future years Here's the code that doesnt work, if anyone else wants to take a stab. Still can't get my version of DeSmuME to show the 67452301, >.>
...
== I did happen to write a 6 page image included guide for (non) C-Gear seed hitting and IVRNG that I passed off to MattJ on Saturday. |
|
|
|
|
|
Dec 1st, 2010, 9:06:12 AM
|
#588 |
|
Dies, died, will die.
Join Date: Jun 2010
Posts: 302
|
mine is missing a line or 2, i think.
the logic behind it is that it checks 02FE36CC for 67452301 and when that address is equal to that value it will write the value at 02FE36AC to the Dx data register. once that is done, D6 invokes that Dx register to write the 02FE36AC value to a specified address. It would have to be broken up into a pair of 16-bit parts for use in the actual game, but i just want to get it working first. e: \/\/\/ it took 5 days on a fairly powerful server 2008 R2 machine running nothing but DHCP and RNG reporter and was set to give precedence to running programs not background services. e2: kaph's is organized, but here's the raw csv if someone wants it for whatever reason: http://pokemon.thundaga.com/rngreporter.csv |
|
|
|
|
Dec 1st, 2010, 9:34:07 AM
|
#589 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
DeSmuME C-Gear Seeds
MAC Last Half: 123456 Criteria: 10000 frames, 1050-5000 delay, complete search for all IVs 30 or 31 Searched by Bond697, took 5 days on a really fast good computer. Bestest seed! Seed: 7e2345bb Frame: 30 IVs: Flawless |
|
|
|
|
Dec 2nd, 2010, 1:38:30 AM
|
#590 |
Join Date: Nov 2009
Posts: 1,254
in the beehive
|
I don't know if this has been mentioned earlier, but I've been using the same c-gear seed for catching and I have gotten different pokemon on the same frame IVs. I'm doing a frame 3 spread to learn the RNG on gen 5, because there's no advancement involved for IVs, but the encounter slots are definitely not related to the IV frame. Caught two different pokemon on the same seed in the same cave, same position using sweet scent.
__________________
Visit my thread to read my RNG Noob Guides. |
|
|
|
|
Dec 2nd, 2010, 2:49:04 AM
|
#591 | |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
Quote:
Since you're using the C-Gear, which advances the other RNG at a slow and steady rate, the Pokemon you encounter will change depending on how long you wait. |
|
|
|
|
|
Dec 3rd, 2010, 9:44:10 AM
|
#592 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
Testing the roamer generation, with C-Gear and without it for kicks.
non C-Gear IV frames: 0270->0007 C-Gear IV frames: 0002->0009->0002 (New, different value each time). Can't see it flashing to 000X for each IV call or the shifting (too fast for 1 FPS), but we know it does that. Seems like the C-Gear is turned off temporarily when the event is going, and is then re-enabled (thus re-seeded) after the event (rainy) stops. It's funny how it is raining when it is cold enough to snow, guess it was an oversight when the game was made :P Restating it in a RNG-wise approach: IVs are generated RIGHT as the rain lets lets up. The rain lets up a few seconds after the roamer flies off the screen. So IV's are definitely easy to reset for, but nature and shiny (when we get there) will be nigh impossible at this location on a cart, unless you are extremely extremely extremely persistent (and lucky). It's still an absolute crapshoot because of the rain. Since respawning hasn't really been tested (haven't seen any info on it), I'd assume it's also respawned after beating the elite four like last gen. But until then...
memory location of White's Roamer
|
|
|
|
|
Dec 3rd, 2010, 11:00:52 AM
|
#593 | |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
Quote:
There's a guy who gives you a random fossil once a day, maybe that could be used to check. Assuming there are no other NPCs between the roamer and flying off to the fossil guy. |
|
|
|
|
|
Dec 4th, 2010, 8:20:14 AM
|
#594 |
|
I DO BELIEVE IN FAIRIES
Moderator
Join Date: Aug 2006
Posts: 3,700
|
I can't help but notice that three days after I publish the non-C-Gear seed encryption a Japanese blogger "coincidentally" posts that he's figured it out and another publishes a program for predicting them.
|
|
|
|
|
Dec 4th, 2010, 10:00:41 AM
|
#595 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
^ = ~.~
Pattern of the "crazy rain" and snow NPID RNG advancement: Code:
C74ADE85 09FC Start 1C74006F 09FD +2 1C74006F 09FE +0 302C29C9 09FF +2 302C29C9 0A00 +0 3E551113 0A01 +2 3E551113 0A02 +0 9C18E8CD 0A03 +2 E88EFF77 0A05 (+0)+2 F4E75F91 0A07 (+0)+2 You'd have to calibrate for doing the roamer, to see what frame you innately hit while going at a precise (timed) pace. There's no moving NPCs in the building, so that's a plus. ===== Takes around 25 seconds to do the event, with the PID being generated somewhere around the (453-465) frame from the initial seed. Carried out in Spring, as there is no rain until the screen flashes yellow. ===== Code:
279A6AF7 18B542B1 Frame -46 Initial Seed A4AB08FD BA2F810F Frame 0 Before Walking Outside Starting delay: 048E Walked outside 0ED47FE8 E4A87CA2 Frame 5 Appears F1C83D4B A2E5622C Frame 6 Jagged Border, Colors start changing DE00F05A 1954C70B Frame 7 Happens right after screen flashes yellow 6B0F32FC E49BE55A Frame 9 Raindrops start falling Rain is crazy. 41CCC6D1 41D1B442 Frame 404 Leading up... 280DE838 7D5BAF49 Frame 405 (Unshown) 387134DB B3B34ABD Frame 406 Rain advancing.. B016AC2A 2E5CD0A7 Frame 407 (Unshown) 08610555 A2042B37 Frame 408 Rain advancing. 3B9B364C 3F33EAA2 Frame 409 (Unshown) 2085B6BF A479300A Frame 410 Rain advancing? F6ECEF1E F8277A81 Frame 411 (Unshown) 696A0399 5F7C389C Frame 412 1 delay before IVs generated (0A62) F815EB20 A76D23E6 Frame 413 (Unshown) - PID Call 89808263 1C8FF04E Frame 414 IV's generated (0A63), (0A64) 5A560AD2 D0130226 Frame 415 (Unshown) - ???/Rain advances 93A1459D DED16F3E Frame 416 (Unshown) - ???/Rain advances B0531AB4 348C2969 Frame 417 Roamer PID set [A76D23E6] Ending delay: 0A65 = 1495 = 24.916 seconds PID Frame: 413 + 46 = Frame 459 from initial seed Roamer PID Generation: Unaltered, from the upper seed like all other PIDs, right after the IVs are generated. PID didn't change when I had different IDs (which would have it end up being shiny). Seems like it can be shiny. |
|
|
|
|
Dec 4th, 2010, 9:06:44 PM
|
#596 | |
|
blatant Nintendo fanboy
Join Date: Mar 2009
Posts: 4,352
your mom sucked at e3
|
Does using an AR give you a different seed than you would get without using it?
I plotted out the common MTIVRNG seed that shows up for each second on 10-25-10 from 00:01:22 - 00:02:16 while searching for good non-CGear seeds / frames. I did this by resetting 4 or more times on each second, then checking to see what MTIVRNG value the Check Code gave. In my personal experience, one MTIVRNG value would show up very, VERY consistently (90+%) and then there would be like 1 or 2 or 3 other "tangent" MTIVRNG values that I couldn't explain. I documented this in detail an earlier post in the RNG Research thread. In order to see if using an AR soemhow gives different seeds than you would normally hit without using an AR, I'm going to: 1) Save my game on my surfer in Hodomoe City. 2) Start my game on the DS Startup Screen without an AR on 10-25-10 at 00:01:49 (which is smack dab in the middle of the consecutive seconds that I looked at). 3) Sweet Scent and Masterball a Pururiru. 4) Repeat this maybe 10 times 5) Stick my AR in and check the IVs. If the IVs show up as the first 6 frames on or around 10-25-10 00:01:49, then it probably doesn't make a difference. If they don't... 10 resets is a pretty large sample size in my experience. In all of my time trying this, tangent seeds usually only show up... 10% of the time max... something weird would be going on...
...
Well... I Reset on 4 different seconds, and while the IVs I got were consistent within themselves (as expected) none of them matched anything within 10 seconds of what I got while using an AR (unexpected). I suppose it does make a difference.
__________________
pork and beans cover for smogon karaoke contest
#smogonwifi #skarmbliss Quote:
|
|
|
|
|
|
Dec 5th, 2010, 8:54:25 AM
|
#597 | |
Join Date: Aug 2010
Posts: 419
Ellensburg, WA
|
Quote:
I wanted to let you know, mattj, that the AR only seems to affect non C-Gear seeds. It appears that when the C-Gear starts up it "overides" anything the AR codes did where as the AR codes may have an affect without the C-Gear...that is something at least.
__________________
For God so loved the world that He gave His only begotten Son that whosoever believes in Him shall not perish but have eternal life. (John 3:16) Summer time Havilah -rv White FC:3954-7055-8992 (Use this for all trades!) Yes, I clone/quick hatch...etc with AR |
|
|
|
|
|
Dec 5th, 2010, 9:22:09 AM
|
#598 |
|
Remodeling Kitchens
Join Date: Apr 2009
Posts: 759
Berkeley, CA
|
Well the C-Gear seeds don't set the PID RNG, they only reseed the MTRNG with the new seed. ~~When Bond tested to see if freezing these date/time locations at startup would give the same non C-Gear seed, it did not.
We had trouble getting the code to work because the AR code isn't fast enough to grab the value correctly so it had to be achieved differently. This unique ID is taken from two places in the memory, not from the game but from the DS hardware. Since there is an AR inserted into the mix, this value will inadvertently be different. Thus you have different initial seeds. With the BWSeedFinder (implemented into Reporter) you'd get your initial seed without an AR, and then you could get your unique ID. Then seeds :) |
|
|
|
|
Dec 5th, 2010, 9:27:11 AM
|
#599 |
Join Date: Nov 2006
Posts: 1,127
"Dashing"
|
IIRC bond says he got different results between his DStwo and Desmume, but has it been tested if running the game from the DStwo is different from running a real cart?(On the same hardware)
|
|
|
|
|
Dec 5th, 2010, 12:39:07 PM
|
#600 |
|
Dies, died, will die.
Join Date: Jun 2010
Posts: 302
|
we're still experimenting. if you have a copy of white and an AR, say something.
e: yeah, i tried freezing date, time, and delay with the internal memory freezing function, and the seeds still kept changing. e2: my original code was correct, but it didn't work because of 2 factors: 1. the ar isn't quite fast enough 2. the ar usually only works in ARM7 and in this case the memory region 02FE36AC and 02FE36CC are located in is different between ARM7 and ARM9. it had to be hooked into ARM9 via assembly and then pull the value out. |
|
|
|
|
| Tags |
| NULL |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -4. The time now is 6:00:34 PM.
