Random is definitely fake. You talk to a guy and he generates a password. Without moving I just kept talking to him around 60 times and received 31 unique passwords. I noticed that each password started with 2 repeated characters that would dictate the rest of the password, the 9th and 10th, 11th, 13th, 15th, 17th, and 29th (final) characters were always the same. If the first two characters were the same then the entire password would be the same.
Here's a link to a google doc I made with screenshots of the different passwords it generated https://drive.google.com/file/d/1eeBsBPN4pQLDS_-zT2AKol1idMLsks7P/view?usp=sharing
September 30, 2020, 02:25:36 pm - (Auto Merged - Double Posts are not allowed before 7 days.)
I did a test and put in absolute garbage except for the 9th and 10th, 11th, 13th, 15th, 17th, and 29th characters and it worked! Now I just need to figure out how those characters are assigned and we'll be one step closer!
October 01, 2020, 04:51:15 pm - (Auto Merged - Double Posts are not allowed before 7 days.)
Okay I've done some tracing. The characters I previously mentioned are a control for the password being correct. Everything else appears to dictate who is in my party and possibly upgrades? I'm doing more research and will post as I find out differences. For instance I loaded the game using one of the passwords, and tried a few different things but each time got the same pool of passwords, but when I had someone join my party the first 13 characters along with the last character remained the same, but characters 14-28 changed moving 2 control characters from 15 and 17 to 16 and 18.
When I hit submit on the password it goes through a basic routine.
Starting with an X index of zero, it takes the first character and compares it with the value in register 9EAD with an offset of X. If it doesn't match it increments X by one and checks again. As a result this goes through that area I previously mentioned from 0x9EBD to 0x9F03 (which yes, after I strip the 10 for the NES header is 0x9EAD to 0x9EF3) until it gets a match.
When it gets a match it stores the match starting at 065E and checks to see if it's reached the end of the password (Hex value 7F). If the end isn't found it goes through the process again with the next character in the password until the end is found at which point it jumps to DF08 and begins a series of shift lefts and rotate rights that has me utterly lost.I've made a paste bin with the tracelog
that only shows unique entries any help I could get deciphering it while I continue to examine the changes would be much appreciated!
October 02, 2020, 01:32:25 am - (Auto Merged - Double Posts are not allowed before 7 days.)
I'm still working on trying to find WHERE the actual generation of the code begins. I've done a trace on the dialog that prompts it but my knowledge is insufficient to figure out how the generation of the code occurs.
On some good news, I have at least been able to get the password system to work... in a fashion. I've left the " and o character modifiers in place and it actually worked.
It's not ideal, but at least it's functioning.