ekx/ek6 file structure question.

[Kraust]

Is a ekx/ek6 file just a copy of how the pokemon data structure would look in RAM? I'm trying to understand how the web exploit works more.

Furthermore, where does one learn the entry point to copy the contents of the ekx/ek6 file over? Is this something that was reverse engineered from a RAM dump? Is the addressing dynamic or is there a specific hex string that you'd be looking for?

I'm under the impression that this exploit just works by performing a memcpy of a pokemon data structure from a file into the proper place in RAM.

Thanks for your time!

[xorhash]

I'm not sure how up-to-date it is, but http://projectpokemon.org/wiki/Pokemon_X/Y_3DS_Structure should give you an idea.

[Alpha]

The offset is searched from a relative low point in RAM until it finds a known Pokemon block section. Pokemon files are stored as encrypted (.ek6) until they are actually in use (for battles or party viewing). The exploit uses a variation of a memcpy to copy data (GFX Texture Copy) from another process (Pokemon) to the local process (web browser) then writes it to the SD card when extracting or does the reverse when importing.