|
|
Post by ian on Sept 6, 2008 22:51:42 GMT
Another world exclusive ;D
Thanks to Maxim for this cheat. I sussed it was there but he had the know-how to work it out.
Test Mode
Enter 2, Left, Down, Down, Left, 1, U, Right on controller 2 at the title screen. TEST MODE shows on-screen. You are now invincible. Also, pressing '2' on controller 2 will skip levels.
I think it's great we're still finding never-listed-before cheats for games that are like 20 years old.
|
|
|
|
Post by Stan on Sept 7, 2008 3:24:42 GMT
So what made you think it was there? When did he figure it out and how?
|
|
|
|
Post by Estimated Prophet on Sept 7, 2008 7:40:42 GMT
That's some serious know-how. Well done Maxim, how the hell did you figure that out?
|
|
|
|
Post by ian on Sept 7, 2008 9:50:05 GMT
Well basically, I look at the Memory Editor in Meka whislt playing a game. I look for changes in the values when a direction is pressed on the title screen or something. Sometimes I can work cheats out myself just by this method. But with this game I had to go to Maxim, as he can look deeper into the code than I can. I'm not sure how he does it though. Maybe the genius himself will tell us ;D
|
|
|
|
Post by Maxim on Sept 8, 2008 15:53:10 GMT
I was going to write a guide on it but it was a bit naff so I binned it. ian let me know that memory address CD65 was filling up with the controller 2 inputs, which can basically only be for a cheat. So in Meka I set a breakpoint on it: b w cd65 and that way, as soon as something wrote in there it'd stop and show me the code. Looking at the code, it's a bit hairy but the gist of it was Check what player 2's just pressed If nothing, exit Stick what they pressed in memory, starting at $cd65 Have we stuck 8 bytes in there? If not, exit Compare the 8 bytes from $CD65 to 8 bytes somewhere in the ROM If they match, do some stuff Unfortunately, it's all in assembler so it takes a bit of thinking to see what it's doing. But guesswork can help. Next step is to dump out the memory it was comparing to. Sorry I don't have the exact address, so I'll use $3456. I typed into Meka: m 3456 and it dumped out the values 20 04 02 02 04 10 01 08. These are all numbers where only one bit is set (lots of powers of 2 in hex) which is a strong sign it's a button sequence. In general, SMS games store the inputs in the form %--21RLDU so you get 01 = U 02 = D 04 = L 08 = R 10 = 1 20 = 2 and there you go. I tried it out and it worked so I added it to the SMS Power cheats section (so strictly speaking we got the exclusive...) and let ian know. Some time ago I made a program that would look through a ROM for sequences of such bytes and spit them out to the screen, but to be honest there were way too many false positives. One more thing to note: the code for this and Tom & Jerry was almost identical (note they both call it "test mode" - does controller 2 do anything like skip stages here?) and they're on the list of Sanritsu/SIMS games on SMS Power - so maybe there will be more of the same type of cheat in other games on the list. If I get time I'll do some analysis... |
|
|
|
Post by ian on Sept 8, 2008 17:45:45 GMT
Now that you mention it, pressing button 2 on Controller 2 skips levels.
|
|
|
|
Post by rupert on Sept 8, 2008 22:30:39 GMT
How did you learn all this stuff, did you do somthing at college relating to this or are you self tought? I'm amazd you can look at these numbers and see there is a cheat  Could other people do this sort of thing back in the day and thats how cheats turned up in magazines or did the developer/ programmer leak them out? |
|
|
|
Post by Maxim on Sept 9, 2008 9:56:00 GMT
I learned it by learning to program on the SMS. Once you understand assembly code, it's usually possible to figure out what something's doing - but it might take a while. In this case it's fairly simple and being able to use Meka's debugger makes it a lot easier.
I did study computer science at uni for a year but that was long after I learned how to do this stuff.
Back in the day, cheats were "leaked" by the developer/publisher as a way of getting their game mentioned in magazines a month or two after release, to generate interest. Also, it helps people to get further in the game and thus be happier to buy the sequel, etc. A few cheats may have been found by dumb luck, especially things like the "Konami Code" which was used so much on the NES.
As an example, these recent cheats are all 8-button sequences. Ignoring diagonals, there's 6 possible buttons, which makes 6^8 = 1679616 possible sequences. I wouldn't want to go trying them all.
|
|
|
|
Post by Bock on Sept 9, 2008 12:20:34 GMT
Actually back in the days people did a lot more of low-level and reverse engineering. Since programming was mostly done in assembly, it was common habit to reverse engineer others games. Companies like Titus early on or CodeMasters later developed on the Master System without any documentations to start with, just disassembling the hardware and existing cartridges ROM codes.
Cheats are still considered as marketing tools by publishers all around the world. However in all time certain cheats/tricks were discovered by hackers.
|
|
|
|
Post by rupert on Sept 9, 2008 13:05:42 GMT
Interesting, thanks.
So just to maybe state the obvious. These so called 'cheats' are infact there to assist in playing through the game to check for bugs and to create screenshots on different levels etc?
If that is the case then one would assume all games contain them? but just need to be discoverd?
|
|
|
|
Post by Bock on Sept 9, 2008 13:11:51 GMT
Interesting, thanks. So just to maybe state the obvious. These so called 'cheats' are infact there to assist in playing through the game to check for bugs and to create screenshots on different levels etc? Yes initially that's their purpose. I suppose at some point developers found it cool/useful to let end-users access them as cheats, started making better looking sound test, etc. All games probably contained them at some point in development. Many probably got removed or disabled before shipping. There's still probably a lot of hidden things to discover. For example Time Soldiers has a debug screen in the code: www.smspower.org/forums/viewtopic.php?t=2489But as far as I know it is impossible to access without a debugger/tool because they removed the access point to it. |
|
|
|
Post by Bock on Sept 9, 2008 13:14:56 GMT
For example I think that Psycho Fox has an engine to play FM music in the code and maybe the data for it. Maybe it's just broken and unusable, maybe not.
|
|
|
|
Post by Stan on Sept 12, 2008 23:04:22 GMT
Really interested stuff. Though I'm no Maxim, now that I know a bit about this that stuff makes sense. I never knew they used it as a sort-of debug tool either. Steve mentioned something about this before when I was talking to him.
|
|
