Gamer Boards Video Game Message Boards - New codes & debugger/assembly info

05-21-2005, 07:03 PM	#1
Tony Hedstrom Registered User Join Date: Jun 2002 Posts: 291	New codes & debugger/assembly info Some new codes I made for Silent Service... Silent Service (NES, Game Genie) YXVPUYGP Increases max submerged speed from 10 to 29. GUSOXNTO Increases max surfaced speed from 20 to 50. SZSPKLVG Infinite battery power. Here's some info for making codes that increase your max speed in racing games, simulations, etc... Find the RAM address for speed. Set a break point in your debugger. Go to the game and set your speed to full. When the debugger snaps, scroll up a bit and look for a "CMP" instruction. In Silent Service, it looks like this in the debugger... (the RAM address for speed is $00BF) $980E:E6 BF INC $BF = #$12 $9810:4C 15 98 JMP $9815 $9813:C6 BF DEC $BF = #$12 $9815:A5 BF LDA $BF = #$12 $9817:F0 0A BEQ $9823 The $980E:E6 BF INC $BF is for when you increase your speed, and the $9813:C6 BF DEC $BF is for when you slow down. You can get some really weird codes by changing those, but nothing really useful. To find the address for max speed, you need to scroll up some... $9807D D6 9F CMP $9FD6,X @ $9FE3 = #$14 $980A:F0 09 BEQ $9815 $980C:B0 05 BCS $9813 $980E:E6 BF INC $BF = #$12 $9810:4C 15 98 JMP $9815 $9813:C6 BF DEC $BF = #$12 $9815:A5 BF LDA $BF = #$12 $9817:F0 0A BEQ $9823 Thanks to our good friend the debugger, our Game Genie code is right in front of us. The game is getting the max speed data from $9FE3. So your Game Genie code will look like this: $9FE3?14:27 = YXVPUYGP. My 6502 is a bit rusty, but if I remember correctly, the game takes $9FD6, adds X (which should be your speed setting) and the result is $9FE3. The value at $9FE3 is #$14. The game compares the value in "A" (your current speed) to the value at $9FE3 (which is 14). When they're equal, your speed stops increasing. Correct me if any of that's wrong. If you scroll down to the $9FE3 area, you'll see all the different speed settings. All of this is data, not code. It's usually easy to tell if it's data or code/assembly, because if it's data, you'll see lots of this: "UNDEFINED". This means the debugger can't make sense of it (because it's data instead of assembly). You can also use a similar method to find RPG stats, etc. Tony.

05-21-2005, 10:40 PM	#2
Rune@GSC Registered User Join Date: Mar 2004 Posts: 149	Welcome back Tony! I have your codes. :-)

Yesterday, 12:49 PM	#3
Hackwiz Ickity-ackity-oo-ahh-ahh Join Date: Sep 2002 Location: Wherever I happen to be when you read this! Posts: 424	This is the kind of addressing mode that prevents me from finding infinite health codes in alot fighting games. Tony, this part could be misleading: My 6502 is a bit rusty, but if I remember correctly, the game takes $9FD6, adds X (which should be your speed setting) and the result is $9FE3. Probably be better to phrase it this way: "the game takes $9FD6, adds the value in the X register and the result is $9FE3." The reason I believe they do this is that it saves having to write gobs of code. Using the line of code above for an example: $9807: D5 9F CMP $9FD6,X @ $9FE3 = #$14 You can compare addresses $9FD6 -> $A0D5 (9FD6 + FF, I believe the X register is 8 bit on the NES). All you have to do is start the X register at 00 and put a loop in there with an INC x command. Instead of using 255+ lines of seperate code they can get away with using 2. For hackers, this sucks because disrupting a code using the "direct, indexed" addressing mode usually, (but not always), results in undesired effects on the game (who knows what is within those addresses?). This is the same addressing mode used in Blackthorne and ultimately why an infinite health code cannot be hacked without alot of glitches. ?...do they do this kind of crap on the Genesis? I agree, it's good to see you back!!! And also, if anyone sees anything wrong/fishy about what I wrote, please respond and enlighten me. By no stretch of the imagination am I the hacking pro. Opinion humbly submitted, HW __________________ You are what you is....A Crash-test Dummy!!! For all my latest codes: http://www.angelfire.com/games2/codehut/HWGG.txt

Yesterday, 11:22 PM	#4
ugetab Registered User Join Date: Nov 2001 Posts: 5	I always figured they used the X of an address to make the coding more error resistant and efficient. Anything using an Absolute address in memory means the person probably had one variable defined exclusively for that item of information. The compiler gave it an address in code(whether static or dynamic), and it may be several bytes away from anything else of interest. Reserving a large block of memory one time in code(like a byte array), and using the Xth address in the array allows the compiler to decide where it would best fit in program memory, and allows it to to move the entire section of memory to a location in memory calculated to be efficient. A constant integer of 15, with the reserved name of aryHP would allow the programmer to use aryHP in the code to reference the value they chose, and have that name get replaced with 15 once the code is compiled. Initializing routines would set the array with the defaults of a new game, and that portion of memory would be set to be used. But then, most people don't care how stuff works as long as it does, in fact, work, so one has to go looking for the information to find someone else's ideas. Without having a lot of information to stumble onto without trying, I just don't think I'll get any definitive answers without first-hand testing. Last edited by ugetab : Yesterday at 11:33 PM.