Pikachu's Beach arbitrary code execution
0x1500 control code arbitrary code execution (Crystal) | Cart-swap arbitrary code execution | Generation I custom map script pointer | Generation I invalid meta-map scripts | Generation I item ("8F", "ws m", "-g m", "5かい", "てへ" etc.) | Generation I move ("-", "TM42") | Generation I Trainer escape glitch text boxes | Generation II bad clone | Generation II Burned Tower Silver | Japanese Crystal Pokémon Communication Center SRAM glitches | Coin Case glitch | Generation II glitch Pokédex sortings | Pikachu off-screen glitch ACE | OAM DMA hijacking | Pikachu glitch emote | Generation III glitch Pokémon summary | Generation III glitch move animation) | Remote code execution | TM/HMs outside of the TM/HM pocket | Type 0xFF mail arbitrary code execution (Japanese Crystal) | ZZAZZ glitch Trainer FC
List of arbitrary code execution programs
Pikachu's Beach arbitrary code execution is an arbitrary code execution exploit in Pokémon Yellow.
Like Pikachu emotion arbitrary code execution, it is an 'artificial' glitch, requiring another use of arbitrary code execution to perform.
In order for this glitch to work, the method must continuously write a value to 0xC5D1. This can be achieved with the OAM DMA hijacking exploit.
Summary
0xC5D1 (wSurfingMinigameRoutineNumber) controls scripts during the Pikachu's Beach minigame. Some values cause arbitrary code execution.
A good (viable) example of such a script is 0x5B, which executes 0xD3EA. This is within wWarpEntries, but it can be accessed with the expanded items pack from item 103's quantity and will usually stay even after saving/changing maps.
You can place any code you like at item 103's quantity. If the effects of the code apply outside of the minigame, simply press Select to leave the minigame and return to the overworld (you may need to have played the minigame at least once).
You can still do things like writing 0x15 (Mew encounter) to 0xD058, so that you encounter a Mew immediately after leaving the minigame.
Corrupted screen effect
Calling address 0x02FA with the arbitrary code execution (roughly equivalent to using the glitch item -g m (0x6A)) will partially return the player to the overworld. If address $D366 allows for the player to escape from the Glitch City that appears (with a field move such as Fly), escaping will cause a corrupted screen effect in which elements of the screen appear fragmented and flicker, with only the top section of the screen unaffected by the glitch.
Attribution
- ChickasaurusGL: Documentation, forums post
YouTube video
| |
This article or section is a stub. You can help Glitch City Wiki by expanding it. 
|