11 March 2016 - Forum Rules
Started by GAMER2, November 13, 2022, 08:03:46 PM
Quote from: FAST6191 on November 14, 2022, 08:42:39 PMThis is not so much a cheat request forum, though I am not sure where we would point those wanting PCE/TG16 stuff (even https://doc.kodewerx.org/ lacks PCE/TG16 mentions and covers many classical things).If you are in an emulator then you should be able to dodge needing hardcoded cheats and instead go for RAM based approaches that most emulators with have by default, or have secondary programs attach to them to mimic it. You also have the option to hammer on the savestate buttons."immunity" in shmups is a hard one compared to some things depending upon the game. If it is the one touch and done thing then that tends to be more people go in for infinite lives, infinite continues or such like. If it is a health based affair then bit easier, though such things are rarer when you go back to such a timeframe (not that they were ever particularly common). If there is a powerup that grants invincibility then that might also be in play.Still if you did want to go for proper immunity codes then there are a few approaches.Start with an infinite lives/continues cheat -- whatever subtracts one after you die a lot will eventually have had to start from detecting a hit. Stop it from detecting the hit and you might well have it, though you might also have to repeat for walls as well as enemies, and maybe bosses as well if they have different things, and maybe do something else if it requires it to end a level (some games will wind down the timer at the end of level, hard if there is an infinite time cheat resetting time, same idea here).Alternatively we get to talk about collision detection and hitboxes ( https://www.pcgamer.com/how-hitboxes-work/ , and might as well throw in https://docs.google.com/document/d/1iNSQIyNpVGHeak6isbP6AHdHD50gs8MNXF1GCf08efg/pub as well if talking about modding games here as that can make a bad game good and a good game better still if the devs did not design such a thing properly). Some really old systems will do collision detection in hardware but for most it is more of a software effort. To.. work then game systems will have hardware to control where sprites/objects appear on screen. Some things will use that, other things will have a more internal state (the screen is the screen, massive scrolling level and its place within it may not be within edge of render distance and thus merit larger). Something here will be the basis of the collision detection (something might be location plus a range to effectively make the hitbox) and thus can be attacked here, and likely what the hardcoded game genie* style cheats normally go in for.*for the sake of things then in classical cheat discussions game genies are ROM editing, that is to say the game genie sits there and when the game wants a part of the ROM it is watching for read it sends back the edited version. Consequently it is trivial to patch them in. Game genie got sold on so it did other things in later systems, later systems might also have the binary in RAM (don't want to be waiting for a 2x CD ROM drive to seek and read back data, possibly error out and need another go when you are measured in megahertz) which invites other options, and for some reason those hacking the Switch call such things assembly cheats.The other is RAM editing cheats, action replay, gameshark, codebreaker, pelican, goldfinger (more of a Chinese term, people outside it seeing it more in flash cart discussions)... the list goes on for things here. These edit RAM which is fine if you have an emulator, outside program, system running a whole OS in the background or the like but the ability to approach any random ROM and insert it is rather more tricky and thus why you are pretty much at the GBA (See GBAATM rebirth for one such tool) and things of similar potency before such things get useful.Save editing is also a thing in this but I will skip that one for today.
Quote from: FAST6191 on November 16, 2022, 08:03:35 AMInfinite lives/continues cheat is likely a 5 minute job to find a RAM version for, https://web.archive.org/web/20080309104350/http://etk.scener.org/?op=tutorial being a guide to making cheats that works much the same whether you are on a commodore 64 or modern X64 PC game. If you can find this place and post an otherwise very coherent thing then you can learn this happily. RAM based things requires either an emulator to support it, external program to attach to the emulator (emuhaste, art money, cheat engine, many other things besides right down to hex editors with memory options), a hardware amenable to it (be it debugger or some kind of external cartridge that does the background work) or modern hardware that has a hacked OS running in the background that can tinker with memory of lesser programs.Turning that into a binary level hack such that it can be run on lesser emulators, flash carts and hardware without such things is a slightly bigger trick and I would venture the PCE/TG16 and especially its CD options are too primitive (which also means complex at some level) to pull off some of the same tricks we saw with the GBA and DS to allow more easy hardpatching of cheats.There are two approaches.1) What your RAM based cheat device is likely doing by injecting a routine to constantly write (more advanced cheat engines offering more options still)2) What many hackers likely do if they were to set about this/what the game genie stuff is doing.1) Works by finding an area of the ROM constantly run. Usually going to be a vblank (happens every frame, so 60 in NTSC or 50 times a second in PAL for most things this site cares about). Here some code will be injected that does a simple memory write or whatever to the area in question you found in the basic cheat search, though you could always chuck an IF ELSE type arrangement in there to check for button combos, certain conditions if necessary (I mentioned things like time and life having to be drained at end of level, usually as a bonus condition as it were).The troubles tend to come in that while 60 times a second is a lot (even if you count multiple buttons nobody presses them that fast, never mind for hours on end) it is not faster than the game which even ancient things are going to be measured in thousands of clock cycles per second, or maybe do calculations in order that troubles things. To that end if a boss does all the damage and the next thing after that calculation is a check to see if you have enough life then you are going to have troubles compared to more normal damage where nothing happens.2) Works by altering the behaviour of the game itself. Losing a life will necessarily involve something being subtracted from the game, the area being written, a check to see if you have no lives or something that ultimately lands you at the game over screen. Similar to hit detection really, though invulnerability can also mean tricking a game into thinking you have a shield on or some kind of invincibility mode (cutscenes, start of level, hidden debug mode... it matters little), in that something will detect the hit and can be written to be ignored rather than acted upon. Troubles tend to come if there are multiple things troubling the one area (I usually note Mario in having pits, enemies, bosses, hazards, time, crushing, poison mushrooms, gravity in later games...) then you might have to find a stop them all where the basic always have health cheat takes care of it.2) in some ways is the easier method for individual games, adding a routine to the vblank is a bit more involved but I can certainly see why the carts do it and you probably still can find an entry point.The standard workflow is find the cheat that changes the area you care about or at least something along the line. Now grab a debugger and set a break on write (possibly break on read) to that area.Machine level instructions might look scary at first but for the most part you are not going to need to know what they do as you are looking to disable things (NOP, short for no operation, is not always an instruction in every instruction set or assembler but you can fake it well enough by doing an instruction that ultimately does nothing; copy data, usually an instruction called mov, from one place to itself being the usual choice) by overwriting either the sub command for the lives/continue counter, or by disabling hit detection (probably a compare player location to hazard/enemy, if within a certain range then goto death animation, the hack either loses the compare or forces the "good" path).As you are editing code at this point it is easy enough to make a patch in the final game, or use a tool like the one you found to hardpatch them in where RAM based stuff only works if you have an injection point already figured out or the system is new and simple enough (most older consoles bolting on more and more that you can never be sure what base state it is in, where something like the GBA is both fast enough to handle the extra in most cases and simple enough by not having the legacy stuff bolted on) that you can brute force it. I have seen some attempt to see what instructions alter the memory location you care about from a blind static disassembly, which can work, but eh.
Page created in 0.082 seconds with 19 queries.