Hacking a MAME ROM (Burgertime)....this should be simple.....but...

[dwsiddall]

Hello.

I want to hack the MAME game "Burgertime".  What I want to accomplish is available as a cheat, BUT I am having trouble getting any kind of ability to save and keep the cheat without having to enter it each time.

This is being done for my autistic son who loves this game.  I am trying to have the game so that he can just start it and everything is ready to go.

What I'm trying to accomplish is the cheat "Infinite Pepper".  From the cheat file I know that this setting is at location 002B (the cheat file has this text: <action>maincpu.pb@002B=99</action>  This sets the peppers at 99 instead of their normal 05.

I have the ROM.  I have a hex editor.  What do I have to do to open the correct file, find this location and change the value from 05 to 99?

I would also like to have the number of lives changed to 5 instead of three.  But I have no info about the location of this setting within the ROM.

Any help is appreciated and will make a little boy (and his dad) very happy.

[nesrocks]

I tried to search for the assembly instruction set for this game's CPU as a starting point. I couldn't find it. The CPU seems to be a "DECO CPU-7". If I knew the byte opcodes for this CPU I could do a search for the byte for LDA followed by 03, for example if LDA was A9 like in 6502 assembly, I'd search the ROM for A9 03. Then I'd change that 03 to 05, save the rom and test the rom. If it didn't start with 05 lives I'd undo and search again.

[Jorpho]

In the future please try to use more descriptive subject lines when posting on message boards.  In this case something like "How can I hack the MAME game 'Burgertime'?" would be much more helpful.

I have the ROM.  I have a hex editor.  What do I have to do to open the correct file, find this location and change the value from 05 to 99?

Well, what exactly have you tried so far..?  You already know the file name is "maincpu.pb", and your hex editor should be able to tell you when you are at location 002B.

Are you having trouble finding the file "maincpu.pb" ?

[dwsiddall]

While very proficient at graphic and web design, I am a complete newbie in regards to hacking and hex-editing.

Thank you for pointing me in the right direction.  I didn't realize the line in the cheat file identified the filename I needed to open.  It seems obvious now.

I will poke around armed with this new info and report back with questions.

Thanks for the replies.

-Daniel

[dwsiddall]

Jorpho wrote:  "Are you having trouble finding the file 'maincpu.pb'?"

Yes.  I wanted to attach a photo to show files that I have after unzipping btime.zip, the mame ROM file, but when I hit "insert photo", i just get a set of img brackets.  And there is nothing under Attachments except " Notify me of replies", "Return to this topic" and "Don't use smileys".

Anyway, the files are as follows:
aa04.9b
aa05.10b
aa06.13b
aa07.15b
aa12.7k
aa8.13k
ab00.1b
ab01.3b
ab02.4b
ab03.6b
ab10.10k
ab11.12k
ab13.9k
ab14.12h
ab9.15k

Any insight is appreciated.

-Daniel

[Psyklax]

I wanted to attach a photo

This comes up so often that I feel the site should have clear directions, but unlike other forums, you can't attach photos directly, you have to provide a URL instead. You can upload a photo to one of the dozens of photo hosting sites out there and stick the code you get from it in your post.

I tried to search for the assembly instruction set for this game's CPU as a starting point. I couldn't find it.

The only references I've found suggest that at least the Deco Cassette System's BIOS loads via a 6502, and it's possible that the game itself uses one (it certainly wouldn't be surprising).

[dwsiddall]

Thanks so much for taking the time to reply.  Nothing about this ROM suggests that it is a Deco Cassette.  Usually this is indicated in the title of the ROM.  (I have the sequel game and it IS a Deco Cassette).  But I really don't know.

Sadly, your answer is over my head.  I don't know what it means that the "BIOS loads via a 6502".  :-(

When searching for the location (002B) should I be searching in the text-strings or the hex values?  If I found the value, would the numeric corresponding value be the very next value?  Like one is the label and the next is the value for that?

Sorry if that's a dumb question.

[zacmario]

"Sadly, your answer is over my head.  I don't know what it means that the "BIOS loads via a 6502".
It means it uses a 6502 chip. The 6502 op codes are already known, so if this game uses that chip it makes it easier to find your answer."

"When searching for the location (002B) should I be searching in the text-strings or the hex values?  If I found the value, would the numeric corresponding value be the very next value?  Like one is the label and the next is the value for that?"

Hex, and dont qoute me on this but it might be little endian.
LDA op code for 5602 is A9

so you might see this 05 A9
which is actually
LDA #$05

something to note some games count 00 as 01 So 04 is actually 05. though this probably isnt it.
Im fairly new with asm so take anything I say with a grain of salt.

[Psyklax]

dont qoute me on this but it might be little endian.
LDA op code for 5602 is A9

so you might see this 05 A9
which is actually
LDA #$05

I just quoted you on that: it's not correct. LDA #$05 would be A9 05. Little-endian means that when you use a 16-bit value (ie two bytes for a number) the first byte is the least significant byte (LSB) and the second is the most significant (MSB). So if you wanted to load from the address $8743 your opcodes would be A5 43 87.

I've just opened up one of the BurgerTime ROM files and instantly I can see that this is 6502 assembly (I've reached the point that I can tell it just from the opcodes ). Looking at the cheat file you mentioned, there clearly is no file named "maincpu.pb" so I imagine that's something else, but the $2B location is obviously RAM, not ROM, so you won't find that in the ROM. What you WILL find is a reference to that location, such as an instruction that loads that location with a certain number - your starting amount of lives, for instance. I'm gonna do a bit of playing around and see if I can find what you're looking for.

EDIT: Success!

I'd started by looking through ROM files for references to $2B, and I did find the instruction that gives you peppers at the start, but I couldn't locate the one that takes away a pepper when you use one. But then I realised that MAME has a built-in debugger, so after five minutes on that, I found the instruction, changed it, and voila, infinite peppers!

All you have to do is open aa06.13b in a hex editor, and change $7E8 from 01 to 00.

Just for the hell of it, I then found infinite lives: open aa05.10b and change $89F from D6 to A9.

Hope your son enjoys it!

[dwsiddall]

WOW!  I am blown away!

Thanks so much for your kindness and hard work. 

I know we will enjoy this fix and my son will be very happy!

-Daniel

[Psyklax]

If you're having problems with running the modified ROM, MAME does complain when the files aren't exactly how they should be, and in MAME64's game selection screen it'll just refuse to load. But if you run it from the command line, it should run without question.

Make a new text file and rename it btime.bat. Put it in your MAME folder and write this inside it:

Code Select Expand

mame64 btime

That should just run MAME with BurgerTime. You can then right-click and create a shortcut on your desktop so that all you need to do is click on the desktop icon and BT will run.

If you're having trouble editing the files, remember that when I said "change $7E8" I meant to go to $7E8 in the file (in HxD, Ctrl+G, type 7E8).

Hope it works for you!

[dwsiddall]

It seems to be working!  Although the counter says the number of peppers is 5, they never run out.  Perfect!

I want to understand ROMs and ROM hacking.  Can anyone point me to a resource to start learning? 

I am also interested in what it would take to CREATE an 8-bit game.  My son has created a concept for a game and it would be so cool to actually make it into a playable game.

Not looking for specific answers....but some suggested resources to get going on my own.

Thanks!

-Daniel

[Psyklax]

It seems to be working!  Although the counter says the number of peppers is 5, they never run out.  Perfect!

If you're interested, the reason it stays at 5 is because what I changed (from 01 to 00) was an instruction that subtracts 1 when you use a pepper. So by changing "subtract 1" to "subtract 0", the game never subtracts from your pepper count. You can add to it, of course, not that it matters.

I want to understand ROMs and ROM hacking.  Can anyone point me to a resource to start learning? 

You're already here! This site is the best place to learn about ROM hacking (it's in the name ). That said, there's a couple of things I can recommend.

First of all, this site has a nice jumping-off point in the Help section:
http://www.romhacking.net/start/

Second, although I didn't learn about it until recently, assembly is definitely a good thing to learn when ROM hacking: it's not nearly as difficult as it seems at first, and once you get the hang of it, you can do anything. You can learn about 6502 assembly (used by BurgerTime arcade, as well as popular systems like the NES) by reading this document:
https://www.dwheeler.com/6502/oneelkruns/asm1step.html

My recommendation is to start by playing around with games in a debug emulator - one that lets you look at the memory while it's running. I recommend FCEUX for the NES. I started out because I wanted to translate a game, but maybe you have other plans. Start by experimenting with simple things, and see how it goes.

I am also interested in what it would take to CREATE an 8-bit game.  My son has created a concept for a game and it would be so cool to actually make it into a playable game.

Let's not run before you can crawl. Making an actual game is an order of magnitude harder than just hacking one. Then again, there are game-creation tools out there these days, I imagine.

Good luck!