Bond697 Posted January 17, 2011 Share Posted January 17, 2011 People have been using legal.exe for a few years now to weed out hacked pokemon, and in that time it has done an extraordinary job. The question remains, though, how exactly does it do the excellent job that it does? Myself and Kaphotics had been wondering for awhile exactly what it looked for, which pieces of data were culled from the pkm to determine its status. On Friday, as many are already well aware, an extremely rare event pokemon, the JEREMY Oddish, was leaked from an older collector's hands and began to spread rapidly. On checking in legal.exe, one was greeted with "JEREMY (Static)", thus verifying the pkm file. Knowing that legal is an app written in .NET 2.0, I began to disassemble legal and break it into classes. Eventually I had it deobfuscated and disassembled so both myself and Kaphotics could have a look. Over the last 2 days we've been going through and documenting what we could with help from a couple of other people. What I have hosted here is what we've managed to find thus far. This includes static JEREMY lists, in-game trades and wondercard lists, possibly the sync check and the 3rd gen event RNG. Hopefully this might spur along anyone thinking about possibly continuing Sabresite's excellent work, or at least working together with us to more thoroughly document Legal.exe's functionality. http://pokemon.thundaga.com/reflect.zip Link to comment Share on other sites More sharing options...
Codr Posted January 17, 2011 Share Posted January 17, 2011 <insert usual irritation at PID OCD> A little more on topic though: I didn't look too thoroughly at the archive, but it doesn't seem to be particularly useful in its current state. (Although... considering we don't even need to know that PIDs match anything, the usefulness of legal.exe in general is pretty low.) Edit: Here's some insight for you without needing the code. It looks for specific relationships between the PID and IVs based on the RNG function used by the games. It also checks the original trainer (obvious in this case) and origin at times. There's probably some more that's used in certain situations, but again, it really doesn't matter anyway. Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 no, it's really not at the moment. there are a few interesting things, but that's about it. only one person that's looked at it is at all well acquainted with C#, and it's missing stuff since it was disassembled and deobfuscated. and even then i'm only guessing at what stuff is missing(if anything) based off what little i know. Link to comment Share on other sites More sharing options...
Codr Posted January 17, 2011 Share Posted January 17, 2011 no, it's really not at the moment At the moment? What're you implying it'll potentially be useful for in the future? Link to comment Share on other sites More sharing options...
Kaphotics Posted January 17, 2011 Share Posted January 17, 2011 At the moment? What're you implying it'll potentially be useful for in the future? If someone wanted to implement the checked info into their own checker as well as updated definitions of the newer events. Mainly new definitions in a new program/version, because loads of idiots cry when their GAMESTP Raikou comes up "HACKED". Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 i was meaning that as what's in the archive as it stands now it isn't useful. legal itself doesn't have much use any more either, though, past adding in the more recent events. Link to comment Share on other sites More sharing options...
Codr Posted January 17, 2011 Share Posted January 17, 2011 I assumed your response was referring to legal.exe, rather than the archive. That was sort of stupid of me now that I've re-read it. Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 my fault, when you said it didn't seem particularly useful, i thought you meant the archive, not legal. Link to comment Share on other sites More sharing options...
Codr Posted January 17, 2011 Share Posted January 17, 2011 my fault, when you said it didn't seem particularly useful, i thought you mean the archive, not legal. lmao, I did mean the archive. More confusion please! Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 either way, legal or the archive, we're in agreement that it isn't all that useful. legal could be made at little more useful, though, by adding in new events. well, without sabresite and the source, a whole new app would need to be written. Link to comment Share on other sites More sharing options...
Poryhack Posted January 17, 2011 Share Posted January 17, 2011 The source should still be kicking around somewhere, I had it for a time but lost it in an unfortunate format. I've gotta say it's not really as special as you'd expect though. Sabresite was brilliant no doubt but with only a few exceptions the stuff he discovered/co-discovered has been publicized at one point or another. In Legal's dying days Sabresite tried to take a step beyond the math and give it a database but I wouldn't trust that for much. I was always the methodical guy with the database whereas Sabre couldn't remember what you said to him yesterday. We worked together a lot but Legal's database aspects were an afterthought for Sabresite that I didn't really agree with, so nobody bothered to make sure it was complete or accurate. Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 even if it's not special, it would be nice to update his internal lists for newer events. Link to comment Share on other sites More sharing options...
Codr Posted January 17, 2011 Share Posted January 17, 2011 even if it's not special, it would be nice to update his internal lists for newer events. I don't understand why you specifically want an update to this program. The only thing that makes it difficult to replicate is the knowledge of the PID and IV relationships. If you agree, however, that those are worthless... it merely becomes a matter of database maintenance that anyone can do. I'm going to assume that you don't agree with the PID assessment though. If that's the case, could you explain why? Link to comment Share on other sites More sharing options...
Bond697 Posted January 17, 2011 Author Share Posted January 17, 2011 i was thinking that it would be good since since this app is already pretty well known. legal is already well-recognized and accepted, so why introduce something new when you could update this with the last few events necessary for 4th gen and leave it at that? it's not a matter of understanding the relationships at all, that isn't an issue. actually, considering how PIDs and IVs are generated for 5th gen mystery gift stuff, there's a relationship there too. So i guess you could add in some 5th gen stuff after all. me personally, i do agree that they're basically worthless. Link to comment Share on other sites More sharing options...
Codr Posted January 18, 2011 Share Posted January 18, 2011 so why introduce something new when you could update this with the last few events necessary for 4th gen and leave it at that? It would still be proliferating the concept that PIDs are significant. They're not. actually, considering how PIDs and IVs are generated for 5th gen mystery gift stuff, there's a relationship there too. So i guess you could add in some 5th gen stuff after all. Which would, again, be reinforcing the idea that people need specific PIDs. me personally, i do agree that they're basically worthless. So why want an update for something with the sole purpose of saying otherwise?! Link to comment Share on other sites More sharing options...
Poryhack Posted January 18, 2011 Share Posted January 18, 2011 The only thing that makes it difficult to replicate is the knowledge of the PID and IV relationships. If you agree, however, that those are worthless... it merely becomes a matter of database maintenance that anyone can do. I'm going to assume that you don't agree with the PID assessment though. If that's the case, could you explain why? I know I wasn't the designated answerer here, but I wholeheartedly disagree that PID<>IV relationships are worthless. There are plausible pokemon and there are genuine pokemon, and they are for all intents and purposes exactly the same. BUT there are also pokemon that aren't even plausible; a wondertomb for instance. A pokemon that has an invalid PID<>IV combination is in the same boat as a wondertomb. It's more subtle sure, but it is nonetheless a pokemon that isn't and shouldn't be legal for tournaments, trades, etc. Link to comment Share on other sites More sharing options...
Codr Posted January 18, 2011 Share Posted January 18, 2011 but it is nonetheless a pokemon that isn't and shouldn't be legal for tournaments, trades, etc. Why? Solely on the basis of the thought that it isn't game-generated? If not, I'm interested in seeing what you come up with. "Wondertomb" is perfectly logical, as it's not designed to have that ability... and that sort of answers my own question. In the majority of cases, an "invalid" PID isn't going to give anyone an advantage, considering there are valid PIDs that can exist which give the same gender/nature. Link to comment Share on other sites More sharing options...
Kaphotics Posted January 18, 2011 Share Posted January 18, 2011 Having the IDs/PID locked is a way Nintendo officializes things, and can see if that special move they added to the event Arceus n00bhacker brought to the VGCs was (exactly identical to one) possible to obtain from this event. Let me introduce you to Event Traders, who are 100% anal about what data the event comes with. They have their own "rarities" placed on lesser distributed mons, and if someone created a similar appearing hack based on public information, they could call out the imposter on it. Kinda like fiat money, of course you could fake it, but a n00bhacker can't create a flawless hack without the same printing plates / paper / blueprint. Also of course there's no legal 31/31/31/31/31/31 Naive Heatran possible from gen4, nor is there a shiny Flawless Jirachi possible. People are OCD and don't like hacks because they don't have access to them, or are just naturalists. RNGers don't like hackish acquisitions of things they can RNG because the hacker doesn't have the skills to do it without something else intruding and doing it for them. They don't have teh skillz teh RNGers have (that's why they think that) Link to comment Share on other sites More sharing options...
Poryhack Posted January 19, 2011 Share Posted January 19, 2011 Why? Solely on the basis of the thought that it isn't game-generated? If not, I'm interested in seeing what you come up with. "Wondertomb" is perfectly logical, as it's not designed to have that ability... and that sort of answers my own question. In the majority of cases, an "invalid" PID isn't going to give anyone an advantage, considering there are valid PIDs that can exist which give the same gender/nature. Not that it isn't game-generated, but that it never could have been and never will be game generated. That's enough for me and quite a few other people. There's even people with stricter views than that (whom I don't tend to agree with). If that isn't enough for you, consider that for a given IV set and generation algorithm not every nature is valid. Natures alone can give one pokemon an edge over another. That means to ensure utmost fairness we have to check the IVs against the nature. From that point it's simply easier to use the established PID<>IV relationships for the check than it is to use some kind of IV-nature database which you would've needed to know the PID<>IV relationship to build anyway. If that still isn't enough then I must respectfully agree to disagree. Link to comment Share on other sites More sharing options...
SmellTheBurningEmber Posted January 20, 2011 Share Posted January 20, 2011 I could not help but read this thread. I would like to add my own input on this. I'm a "naturalist cheater". I make sure everything I create or modify is 100% plausible in-game. Hell, I'm so anal about this that I seldom make hatched Pokémon simply because of the IVs not matching up to the PID. Now, here comes Generation V. Most, if not all of my resources on making legal Pokémon are now shattered by (what I believe to be) a change in the PID/Nature/IV/etc. relationships. Now, to put it simply... ...You guys already determined the changes made to 'Shifted Pokémon, discovered there are no new trash bytes, and discovered relationships from Generation IV are no longer necessary in Gen V. Would it really be that much trouble to discover how these new relationships work and make a Legal program for Gen V? It does not have to be an update; it can simply be a new program exclusively for Pokémon from/'Shifted to Gen V. I honestly don't care if it has event support considering I actually go to the events. So, a new Legal exclusively for Gen V with no event support. Would this be more plausible for someone to make? Easier said than done, yes, but at least that person would not have to build Sabresite's Legal from the ground up. Discuss. ~STBE Link to comment Share on other sites More sharing options...
Kaphotics Posted January 21, 2011 Share Posted January 21, 2011 We're still doing the research at smogon on the new PID creation methods. There's certain PIDs that cannot be obtained based on the players IDs, even if it would be shiny. The game just skips them. The whole thing is easier said than done, and would probably only be considered after the english games have come out (and awhile after that). Link to comment Share on other sites More sharing options...
Codr Posted January 22, 2011 Share Posted January 22, 2011 Not that it isn't game-generated, but that it never could have been and never will be game generated. As long as Nintendo doesn't have checks on their own servers to make sure these non-game-generated Pokemon can't participate, why would you care? You're only setting yourself up for cheating against you. If Nintendo's servers DID accurately check things, then I'd understand all of this. to ensure utmost fairnessHow is this ensured, exactly? Link to comment Share on other sites More sharing options...
codemonkey85 Posted January 22, 2011 Share Posted January 22, 2011 @ Codr & Poryhack: I think part of the problem is that we never did establish whether or not Nintendo checks these PID / IV relationships. If they do, I'm mostly inclined to agree with Poryhack. Either way Pory makes a good point about Natures that are impossible to get with certain PIDs, although the fact that people step around that by creating a Pokémon that supposedly hatched from an egg almost invalidates it. Link to comment Share on other sites More sharing options...
Poryhack Posted January 22, 2011 Share Posted January 22, 2011 As long as Nintendo doesn't have checks on their own servers to make sure these non-game-generated Pokemon can't participate, why would you care? You're only setting yourself up for cheating against you. If Nintendo's servers DID accurately check things, then I'd understand all of this. I haven't traded online in a long time and I've never been into battling, so cheating against me is the last thing I care about. It should be important to people to have legal pokemon (for online play) though; lowering yourself to the lowest common denominator isn't the answer to cheating online. How is this ensured, exactly? @ Codr & Poryhack:I think part of the problem is that we never did establish whether or not Nintendo checks these PID / IV relationships. If they do, I'm mostly inclined to agree with Poryhack. Either way Pory makes a good point about Natures that are impossible to get with certain PIDs, although the fact that people step around that by creating a Pokémon that supposedly hatched from an egg almost invalidates it. I think it's safe to say that it's not ensured in online play, the servers don't check for the relationship. In official tournaments, it's questionable. Link to comment Share on other sites More sharing options...
Codr Posted January 22, 2011 Share Posted January 22, 2011 It should be important to people to have legal pokemon (for online play) though; lowering yourself to the lowest common denominator isn't the answer to cheating online. With Black/White's random online battles coming out, I'm sure many more people will be playing online on Nintendo's "we barely check anything" servers. You know as well as I do that endless people will be using whatever they can make work on the servers, to the most "hacked" degree possible. Is that what people should want? That's questionable, but we can't change what people DO want. I think it's safe to say that it's not ensured in online play, the servers don't check for the relationship. In official tournaments, it's questionable. It's not just safe to say, it's definitive. There aren't many checks, and certainly not one for some relationship between the PID and other data. If there were something for tournaments, I think we'd have found out by now.Also, where did you come from, codemonkey? That's the first post I've seen from you in a while. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now