News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: Hey Hey everyone, I'm sure you get this alot on this board... i have a question  (Read 4362 times)

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Hey all! Obviously i'm new to the board and i'm pretty new to the rom hacking scene. The other day i was playing Battle Grand Prix (One of my favorite SNES games) And i thought to myself 'hey it'd be cool to change the colors of the cars.... or even make a 2011 version of the game with all the Current F1 Teams, Drivers and Cars' So i got into researching how to do that through rom hacking since i knew it existed. After doing a bit of research i thought it would be simple. I downloaded Tile Layer Pro and opened the rom smc file. It looked wierd like i expected and eventually found the cars.... kinda. They were really confusing looking and i couldn't piece the tiles together. So i thought 'oh maybe i need to change the pallete.' Nope that didn't help at all either. So after doing more research i found out that SNES games could be compressed. I then figured, hey maybe Battle Grand Prix is compressed. Since then i've been racking my brain for the past 4 days trying to figure out Hexidecimal, which i've kinda learned, ASM and other programing things that i didn't really know before.... Its all still pretty confusing to me. I've tried messing with the cheats in zSnes but haven't gotten far there. Basically i'm needing help on where to get started. I thought this would be a simple task but i feel like i'm having to learn to much to do what i'm trying to do.  :banghead: <------- This little guy explains how i feel. Heheh! Anyway any type of help would do. Thanks!

-Spades 

Forbiddencreed

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
Everyone goes through that when they first get into romhacking, just remember all ways have 9-11 on speed dial. and the whole file doesn't really get compressed only bits and pieces (unless you count the rars that roms are usually downloaded in), but anyways you may be right about the images being compressed i am still very new to the subject so i dont know myself, hopefully one of the more experienced rom hackers can help you.

Ryusui

  • Hero Member
  • *****
  • Posts: 4989
  • It's the greatest day.
    • View Profile
    • Tumblr
VSNES can help you with this.

Play the game until the graphics you want to edit are on screen, then make a savestate and open that savestate in VSNES. Find the graphics in VRAM. If they match what you found in the ROM (ignoring the colors!), congratulations: you found them on the first try. Otherwise, the game is pulling some kind of trickery between the ROM and the screen. Find the graphics data in the RAM viewer - that is, the regular SNES memory viewer, not the VRAM. It should be in there, somewhere. Once you do, make note of the address and open up Geiger's Snes9x Tracer.

Start the game up, but before the graphics show up on screen, pause set a write breakpoint to the address where you saw them in RAM. This will catch the game in the act of writing data to that location. From there, you can work backwards: each byte has to have come from somewhere. It'll take a few iterations (and possibly a few do-overs if your timing is off), but you should be able to trace the routine all the way back to its source in the ROM, and somewhere in there will be the compression routine.

Just so you know, compression is easy to crack. The game provides its own blueprint for the decompressor. It's the recompression that can be a pain, but as long as you know how the original compression works, it shouldn't be too hard.
In the event of a firestorm, the salad bar will remain open.

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Hey thanks for the info. I tried vSnes before but it wasn't recognizing the savestate. I'll try it again today when I'm able to though. Also I tried doing Gieger's snes9x but for some reason Battle Grand Prix doesn't show up in Snes 9x. There's sound but no video. I'll still see what I can do. Hopefully vSnes will work. I'll let you know.

Spades

Forbiddencreed

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
hey ryusei, can i use this same trick with vba?

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Ok ryusui I was actually able to get vsnes to work and I was able to pull up the graphics I was looking for (with different colors). So thanks for that! Now I'm just trying to figure out where to go from there. I'm wanting to edit the sprites and change the color palettes. I can't really do much with gieger's, so I just need to know which direction to take. Thanks

Spades

Ryusui

  • Hero Member
  • *****
  • Posts: 4989
  • It's the greatest day.
    • View Profile
    • Tumblr
hey ryusei, can i use this same trick with vba?

Pretty much, yeah. Since most GBA emulators have graphic viewers built in, it's even easier: start with the end product and work your way backwards. (Ever wonder why it's called "reverse-engineering"? :3)

Ok ryusui I was actually able to get vsnes to work and I was able to pull up the graphics I was looking for (with different colors). So thanks for that! Now I'm just trying to figure out where to go from there. I'm wanting to edit the sprites and change the color palettes. I can't really do much with gieger's, so I just need to know which direction to take. Thanks

Spades

Well, did you figure out if the graphics are compressed or not? If they're compressed, you'll need to use Geiger's to figure out the compression scheme.

It helps if you examine the compressed data in the ROM with a hex editor and compare it to the uncompressed data in VSNES. LZ and RLE should have obvious patterns; duplicate sequences will be replaced with compression codes.
In the event of a firestorm, the salad bar will remain open.

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Alrighty. So to tell you the truth i don't know exactly what LZ and RLE are but i was looking through the hex editor and the hex shown in vsnes and couldn't find any matches really. I guessing its compressed. So in that case i would have to use Gieger's Snes9x then right?

Spades

Forbiddencreed

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
Well lz and RLE are to compression schemes, If i remember correctly both of them are documented in rhdn's documents database.

Ryusui

  • Hero Member
  • *****
  • Posts: 4989
  • It's the greatest day.
    • View Profile
    • Tumblr
They're both simple.

RLE is Run-Length Encoding; that is, whenever there's a long sequence of the same byte, it replaces that with a compression code indicating which byte to repeat and how many times to repeat it.

LZ (named for Lempel-Ziv, its creators) replaces each repeated string of three or more characters with a compression code indicating how far back to look for the previous instance and how long it is.

It helps if you think of them like word games.
In the event of a firestorm, the salad bar will remain open.

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Ok that's making some sense there. The one other thing that confuses me is in the hex editor all the code is together where as in vsnes the hex coding is split up into tabs. Which parts do I compare?

Spades

Ryusui

  • Hero Member
  • *****
  • Posts: 4989
  • It's the greatest day.
    • View Profile
    • Tumblr
The VRAM (Video RAM) to WRAM (Work RAM). The other two are OAM (sprite data) and CGRAM (palette data); keep those in mind, but we don't have to worry about them at this point.

If the graphics are compressed, the first step is to find out where they're decompressed to. Odds are they'll be decompressed to somewhere in WRAM and then DMA'd into VRAM; if we find the data in WRAM, we can set a write breakpoint for the address and catch the game in the act of decompressing it, and then work from there to figure out the compression routine.

If you're up for a challenge, another way to do it would be to set a write breakpoint to 420B, which triggers the DMA transfer, and decode the values stored in the DMA control registers 4300-4306 in order to find the source and destination. You can learn more about these registers in Anomie's Register Doc. Note that this requires careful timing: the game likely uses DMA for all graphics transfers, so you'll probably end up running into a lot of false alarms before you find the right one.

Alternately, if you're certain you've found the compressed graphics in the ROM, you can set a read breakpoint for their location and follow the compression routine from the start.
In the event of a firestorm, the salad bar will remain open.

Spades

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
So to write a breakpoint i'd have to use Gieger's Snes9x? Cause like i mentioned earlier the rom doesn't really work on snes 9x. There's sound but nothing else. I can't even select anything. But i can still look at information like at the hex editor and things like that. Whats the best way to set a write breakpoint?

Spades

Ryusui

  • Hero Member
  • *****
  • Posts: 4989
  • It's the greatest day.
    • View Profile
    • Tumblr
It's one of the debugger's functions.

I think BSNES also has some debugging functionality, but I've never gotten it to work, personally - plus, if you have an older computer, odds are it'll have trouble running BSNES in the first place (but BSNES should have no trouble running your game).
In the event of a firestorm, the salad bar will remain open.