Kraust Posted January 26, 2015 Posted January 26, 2015 Is a ekx/ek6 file just a copy of how the pokemon data structure would look in RAM? I'm trying to understand how the web exploit works more. Furthermore, where does one learn the entry point to copy the contents of the ekx/ek6 file over? Is this something that was reverse engineered from a RAM dump? Is the addressing dynamic or is there a specific hex string that you'd be looking for? I'm under the impression that this exploit just works by performing a memcpy of a pokemon data structure from a file into the proper place in RAM. Thanks for your time!
xorhash Posted January 31, 2015 Posted January 31, 2015 I'm not sure how up-to-date it is, but http://projectpokemon.org/wiki/Pokemon_X/Y_3DS_Structure should give you an idea.
Alpha Posted January 31, 2015 Posted January 31, 2015 The offset is searched from a relative low point in RAM until it finds a known Pokemon block section. Pokemon files are stored as encrypted (.ek6) until they are actually in use (for battles or party viewing). The exploit uses a variation of a memcpy to copy data (GFX Texture Copy) from another process (Pokemon) to the local process (web browser) then writes it to the SD card when extracting or does the reverse when importing.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now