Tweet
Ok so I figured I owed everyone a guide on how I make some of the Walk Through Walls codes I've been making recently. Now this is a simple and crude method that works on some games, and by some I mean few. I will post the games and methods I used to make the codes below and also the tools I used. All these games can be hacked by anyone with little to no knowledge of 6502 ASM or any ASM. I will also post a more in depth and more complex guide for the more advanced users for making the codes for other games which this method doesnt work. These games can also be used with the more advanced method I will explain later for a Better Walk Through Walls code.
Ok here is the list of games I will be using as examples:
Krusty's Super Fun House V1.1 (This game is utter garbage and I feel so sorry for anyone who got this as some kind of gift in the old days.)
Ghoul Patrol
Tools:
Snes9X1.43.ep9r8
GGConvC
The tools along with a reference guide are in the included rar file in my post.
Ok now to the hacking, first of all all my codes consist of first finding the address in RAM that says where your horizontal location is. The way on about 90% of the games I have hacked is if you're going right you do a greater than search and if going left a less than search so I will load up the emulator and rom Krusty's Super Fun House V1.1 the emulator freezes and wont progress until you press the "RUN" button on the debugger console. You might have to setup you buttons if using a pad so go ahead and do so, now that thats done get into the start of the game and you will see Krusty near a door and a wall so the code making will be simpler since the wall is close. Now as a rule of thumb always make a save state here in case the emulator crashes which it often does and maybe an open notepad file to save the possible codes again because the emulator is known to crash and doesnt always save the codes made.
I will open up the "cheat" menu at the top and click on search for new cheats and follow the methods I explained up above and also using the "Show Hex" button on the Debugger console and setting it to RAM I can test and see the RAM change on the fly.
OK so my code for the location of the character is 7E0303, now that we have that we get to the fun part using the "Break Points" button. Put the code into any of the fields with 000000 and pop in our location address 7E0303 and click the "Write" box and hit ok and hit the "RUN" Button.
Now this game is a great game to try this code method because on many other games there are constant breaks from just standing still but this one doesn't have this issue. So take a step left and the game will break once you hit a wall and show this in the Debug Console window:
00/E697 85 03 STA $03 [$00:0303] A:0098 X:0000 Y:0000 P:envmXdizc
so what does this mean? The game is storing a value into the address [$00:0303] which is essentially our code 7E0303 but notice this only occurs when you actually walk into a wall? So this is writing a value to stop us from moving any further so we will copy the code above and format it like so 00E69785. Put that into the Cheat Menu's first option: Game Genie,Pro Action Replay Codes. But before we finalize the code we want to make it not store the value so we will change the instruction to load instead, this essentially skips whatever that instruction was supposed to do. Using the Game Genie Code Converter I included click on the SNES button and in the bottom right pop in the current opcode 85 which we got from 00E69785. You will notice that it will say STA Z so in order to keep things uniform we will look for the value that loads Z register and looking through the list yourself you should have come to A5 as the op code LDA Z.
So the code we will try is 00E697A5, now pop that into the cheats and make sure you hit the Add Button and then ok. It might be a good idea to go to the break points menu on the Debugger console and uncheck the "Write" box. Now lets us try the code out and see what effects its has. WOW we went straight through the wall, but if you haven't noticed we can't go to the right once inside the wall so that essentially means that code we found is for the left direction only.
So now we go looking for the other direction and since the steps are exactly the same we will turn the break point for the RAM code back on so go ahead and click the "Write" Box and take a step towards the right and the debugger breaks and shows us:
$00/E79D 85 03 STA $03 [$00:0303] A:0058 X:0000 Y:0000 P:envmXd
So we will do the same thing we did above take the address above and change the Store into a Load and we get this: 00E79DA5 so put that into the cheats and shut off the break point and test it out.Wow once again we are Walking Through the Walls. Our code is complete! or is it? Well you could leave it like it is or you could go for one more code to make you jump up through the walls/ceilings.
The Method is rather simple and is exactly the same as we did above, and we basically need to find the Vertical location address which is generally right near the Horizontal address we found above. If you have the Hex editor open like I instructed above all you need to do is jump and you will see some number move and after some testing I see the code is 7E0307. So put that into the Break Points menu and again Check off the "WRITE" and get back into the game, perform a jump and as soon as we get near the cieling the emulator breaks on this:
$00/EB13 85 07 STA $07 [$00:0307] A:00B0 X:0000 Y:001C P:envmXdizc
Using the same methods from before we get the code 00EB13A5, we test the code out in various locations like when you are in a wall and you will notice you can jump through the ceilings. So there is your first Walk Through Walls code made super easy, and to finish it off we will use the Game Genie Code Converter to make usable codes out of these addresses:
Walk Through Walls (RAW)
00E697 A5
00E79D A5
00EB13 A5
into
Walk Through Walls (GG)
C93B-6FAF
C93B-A70F
C93F-ADA4
I will post back on the other game I mentioned as its almost the exact same method except the game behaves a little differently.
Ok here is the list of games I will be using as examples:
Krusty's Super Fun House V1.1 (This game is utter garbage and I feel so sorry for anyone who got this as some kind of gift in the old days.)
Ghoul Patrol
Tools:
Snes9X1.43.ep9r8
GGConvC
The tools along with a reference guide are in the included rar file in my post.
Ok now to the hacking, first of all all my codes consist of first finding the address in RAM that says where your horizontal location is. The way on about 90% of the games I have hacked is if you're going right you do a greater than search and if going left a less than search so I will load up the emulator and rom Krusty's Super Fun House V1.1 the emulator freezes and wont progress until you press the "RUN" button on the debugger console. You might have to setup you buttons if using a pad so go ahead and do so, now that thats done get into the start of the game and you will see Krusty near a door and a wall so the code making will be simpler since the wall is close. Now as a rule of thumb always make a save state here in case the emulator crashes which it often does and maybe an open notepad file to save the possible codes again because the emulator is known to crash and doesnt always save the codes made.
I will open up the "cheat" menu at the top and click on search for new cheats and follow the methods I explained up above and also using the "Show Hex" button on the Debugger console and setting it to RAM I can test and see the RAM change on the fly.
OK so my code for the location of the character is 7E0303, now that we have that we get to the fun part using the "Break Points" button. Put the code into any of the fields with 000000 and pop in our location address 7E0303 and click the "Write" box and hit ok and hit the "RUN" Button.
Now this game is a great game to try this code method because on many other games there are constant breaks from just standing still but this one doesn't have this issue. So take a step left and the game will break once you hit a wall and show this in the Debug Console window:
00/E697 85 03 STA $03 [$00:0303] A:0098 X:0000 Y:0000 P:envmXdizc
so what does this mean? The game is storing a value into the address [$00:0303] which is essentially our code 7E0303 but notice this only occurs when you actually walk into a wall? So this is writing a value to stop us from moving any further so we will copy the code above and format it like so 00E69785. Put that into the Cheat Menu's first option: Game Genie,Pro Action Replay Codes. But before we finalize the code we want to make it not store the value so we will change the instruction to load instead, this essentially skips whatever that instruction was supposed to do. Using the Game Genie Code Converter I included click on the SNES button and in the bottom right pop in the current opcode 85 which we got from 00E69785. You will notice that it will say STA Z so in order to keep things uniform we will look for the value that loads Z register and looking through the list yourself you should have come to A5 as the op code LDA Z.
So the code we will try is 00E697A5, now pop that into the cheats and make sure you hit the Add Button and then ok. It might be a good idea to go to the break points menu on the Debugger console and uncheck the "Write" box. Now lets us try the code out and see what effects its has. WOW we went straight through the wall, but if you haven't noticed we can't go to the right once inside the wall so that essentially means that code we found is for the left direction only.
So now we go looking for the other direction and since the steps are exactly the same we will turn the break point for the RAM code back on so go ahead and click the "Write" Box and take a step towards the right and the debugger breaks and shows us:
$00/E79D 85 03 STA $03 [$00:0303] A:0058 X:0000 Y:0000 P:envmXd
So we will do the same thing we did above take the address above and change the Store into a Load and we get this: 00E79DA5 so put that into the cheats and shut off the break point and test it out.Wow once again we are Walking Through the Walls. Our code is complete! or is it? Well you could leave it like it is or you could go for one more code to make you jump up through the walls/ceilings.
The Method is rather simple and is exactly the same as we did above, and we basically need to find the Vertical location address which is generally right near the Horizontal address we found above. If you have the Hex editor open like I instructed above all you need to do is jump and you will see some number move and after some testing I see the code is 7E0307. So put that into the Break Points menu and again Check off the "WRITE" and get back into the game, perform a jump and as soon as we get near the cieling the emulator breaks on this:
$00/EB13 85 07 STA $07 [$00:0307] A:00B0 X:0000 Y:001C P:envmXdizc
Using the same methods from before we get the code 00EB13A5, we test the code out in various locations like when you are in a wall and you will notice you can jump through the ceilings. So there is your first Walk Through Walls code made super easy, and to finish it off we will use the Game Genie Code Converter to make usable codes out of these addresses:
Walk Through Walls (RAW)
00E697 A5
00E79D A5
00EB13 A5
into
Walk Through Walls (GG)
C93B-6FAF
C93B-A70F
C93F-ADA4
I will post back on the other game I mentioned as its almost the exact same method except the game behaves a little differently.
Comment