This video explains how arbitrary code execution is possible in Pokemon Crystal via the use of a bad clone. Bad clones are also obtained through the regular cloning glitch, and are essentially regular Pokemon with an empty nickname and possibly an empty OT number. However, they require that the console is turned off while performing the cloning glitch with very precise timing.
PC items are used to spell out the payload code in the demonstration. This isn't ideal, however, since using the names of the PC boxes is far more efficient if we're capable of spelling out our code with them.
If you want to see something far more interesting being done by abusing this glitch (and others), you should watch this - • Pokemon Crystal - Arbi...
Video by Werster of a TAS using this ACE exploit - • Pokemon Crystal Any% S...
Relevant GCL thread - forums.glitchc...
17 сен 2024