Okay, with some tinkering and (most importantly) finally managing to make some semblance of sense out of the post in the Japanese forum I mentionend above, I worked out how the location pointers for the abilities work. All credit goes to the Japanese guy who figured it out first!
The location pointers for abilities begin at offset 1FD90, the abilities themselves start at offset 36444.
The location info is made up of 400 blocks of 12h bytes each; the first set of 12h bytes is the first item in your ability inventory, the second is the second and so forth. Each 12h byte block typically looks like this:
Your abilites are stored in 32h byte long blocks at a different offset (36444). Now, each of the location pointers points to one specific ability, and it works like this:Code:30 B0 B0 30 B0 B0 31 5F 30 30 30 30 30 61 00 00 00 01
The location pointers consist of two very important parts, namely the first seven bytes and the fourteenth byte. The latter, in plaintext, is the tens digit, the former is turned into the units digit by using the following table for reference.
The example I've given above (30 B0 B0 30 B0 B0 31 5F 30 30 30 30 30 61 00 00 00 01) works out the following way:Code:0 - 30 B0 B0 30 30 30 31 1 - 30 B0 B0 30 30 30 B1 2 - 30 B0 B0 30 30 B0 31 3 - 30 B0 B0 30 30 B0 B1 4 - 30 B0 B0 30 B0 30 31 5 - 30 B0 B0 30 B0 30 B1 6 - 30 B0 B0 30 B0 B0 31 7 - 30 B0 B0 30 B0 B0 B1 8 - 30 B0 B0 B0 30 30 31 9 - 30 B0 B0 B0 30 30 B1 a - B0 B0 30 30 30 30 B1 b - B0 B0 30 30 30 B0 31 c - B0 B0 30 30 30 B0 B1 d - B0 B0 30 30 B0 30 31 e - B0 B0 30 30 B0 30 B1 f - B0 B0 30 30 B0 B0 31
The first seven bytes are 30 B0 B0 30 B0 B0 31; if we consult the chart above, we find that that corresponds to "6". We now have the units digit of our number.
The fourteenth byte is 61, which is "a" in ASCII plaintext. Thus, our tens digit is "A".
Consequently, the complete number is A6 (or 166 in decimal). If we multiply that number by 32h (remember, that's the length of a single ability), we finally find out how far from the starting offset of 36444 our ability is located.
I haven't tried adding a new ability yet, but it should theoretically be possible with this information. Just add the ability, work out the distance to the starting offset, divide that by 32h, do the math to convert that number into a location pointer and insert it at the end of the list.
Sorry for the confusing explanation, I hope you were able to get the gist of it. I'm not a native speaker (I'm German), so please bear with me :).