Difference between revisions of "Hacking SNES"

From Wiki - GameHacking.org
Jump to: navigation, search
Line 1: Line 1:
[[Category: EnHacklopedia]]
+
==Pro Action Replay==
 +
 
 +
[[Image:Par7.jpg|PAR3 Box]]<br />
 +
 
 +
===Description===
 +
 
 +
The [[Pro_Action_Replay_(SNES)|Pro Action Replay]] is a cheat device for the SNES produced by [[Datel]]. The original PAR only support 3 codes, but the PAR2 supports 255 and has a built-in trainer for code searcher. There is also a PAR3, but the added features are unknown.
 +
 
 +
===Code Types===
 +
 
 +
{| class="EnHack-codetypes"
 +
! class="EnHack-type" | Type
 +
! class="EnHack-desc" | Description
 +
|-
 +
| class="EnHack-type" | xxxxxxyy
 +
| class="EnHack-desc" | 8-bit write<br />Writes the byte yy to the address xxxxxx.
 +
|-
 +
| class="EnHack-type" | DEADC0DE<br />aaaaaadd<br />xxxxxxxx
 +
| class="EnHack-desc" | 32-bit multi-write<br />Writes xxxxxxxx dd times, starting at address aaaaaa.
 +
|}
 +
 
 +
===Hacking===
 +
 
 +
To-do.
 +
 
 +
 
 +
 
 +
==Game Genie==
 +
 
 +
[[Image:Ggsnes3.jpg|SNES Game Genie Splash Screen]]
 +
 
 +
===Description===
 +
 
 +
Galoob's [[Game Genie]] is similar to its NES counterpart, operating by patching ROM instructions. Unlike the NES version, however, no compare byte is needed, as 3 bytes are used to determine the address instead of two.
 +
 
 +
===Encoding/Decoding===
 +
 
 +
Encoding and decoding Game Genie codes is done with [[Tools#Game_Genie_Encoder|Game Genie Encoder]]. Simply select the SNES radio button and either put the Game Genie code into the bottom box or the address and value into the boxes above that box.
 +
 
 +
 
 +
 
 +
==Hacking using SNES9x==
 +
 
 +
[[Image:Snes9x.png|SNES9x cheat searcher]]
 +
 
 +
SNES9x is the best available SNES emulator, and provides a code searcher. The code searcher shows all memory addresses in RAM that meet the search criteria, displaying both the current value and the value from the last search. Options for greater than, greater than or equal to, less than, less than or equal to, equal to, and not equal to are all provided. These criterion can be used either on a provided value (entered value) or the value from the last search (previous value). The entered value is interpreted in on of three formats depending on the option selected - Unsigned, 2's complements signed, or hexadecimal. Finally, the search size can be between one and four bytes. Only aligned results are displayed.
 +
 
 +
 
 +
 
 +
==65816 Assembly==
 +
 
 +
The SNES uses a 65816 (or 65c816) processor, which is the successor to the 6502 chip used by the NES. Notable new features include 24-bit addresses, and the GPRs can now be 16-bit. The 65816 provides an emulation mode for backwards compatibility with the 6502; however, in this mode the JMP $xxFF bug has been corrected. The 65816 also provides new instructions, including new transfers and pushes/pops. The accumulator can now be incremented and decremented as well. More information about the 65816 can be found in the 65816 information sheet on the [[Documents|documents page]].
 +
 
 +
 
 +
 
 +
==Using SNES9x Debugger==
 +
 
 +
[[Image:Debug.png|Geiger's SNES9x Debugger - Disassembly]]
 +
 
 +
A modified [[Tools#Geiger.27s_SNES9x_Debugger|SNES9x with debugger]] exists, made by Geiger. Geiger's SNES9x provides all the options that the normal version of SNES9x provides, as well as many debugging options. Upon the loading of a ROM, a window pops up with all of these options shown and the game is immediately paused. The run button resumes the game as well as resuming after a breakpoint is hit. The "next" option displays but does not execute the next instruction that will occur. "Step into" executes the next instruction, "Step out" executes until a subroutine is returned from, and "Step over" skips the next instruction. The "skip" option acts identically as "step over". "Disassembly" brings up a child window. The area from the start address provided until the end address will be disassembled. The "reset" option resets the game and the "frame advance" option advances the specified number of frames. An option to perform a hex dump and a palette dump is provided, as well as a memory viewer ("show hex"). Finally, the "breakpoint" option sets breakpoints. Up to 5 addresses can be broken upon, each with any combination of BPR, BPW, and BPX.
 +
 
 +
 
  
 
{{Template: EnHacklopedia_Legal}}
 
{{Template: EnHacklopedia_Legal}}
 +
[[Category: EnHacklopedia]]

Revision as of 21:03, 2 December 2008

Pro Action Replay

PAR3 Box

Description

The Pro Action Replay is a cheat device for the SNES produced by Datel. The original PAR only support 3 codes, but the PAR2 supports 255 and has a built-in trainer for code searcher. There is also a PAR3, but the added features are unknown.

Code Types

Type Description
xxxxxxyy 8-bit write
Writes the byte yy to the address xxxxxx.
DEADC0DE
aaaaaadd
xxxxxxxx
32-bit multi-write
Writes xxxxxxxx dd times, starting at address aaaaaa.

Hacking

To-do.


Game Genie

SNES Game Genie Splash Screen

Description

Galoob's Game Genie is similar to its NES counterpart, operating by patching ROM instructions. Unlike the NES version, however, no compare byte is needed, as 3 bytes are used to determine the address instead of two.

Encoding/Decoding

Encoding and decoding Game Genie codes is done with Game Genie Encoder. Simply select the SNES radio button and either put the Game Genie code into the bottom box or the address and value into the boxes above that box.


Hacking using SNES9x

SNES9x cheat searcher

SNES9x is the best available SNES emulator, and provides a code searcher. The code searcher shows all memory addresses in RAM that meet the search criteria, displaying both the current value and the value from the last search. Options for greater than, greater than or equal to, less than, less than or equal to, equal to, and not equal to are all provided. These criterion can be used either on a provided value (entered value) or the value from the last search (previous value). The entered value is interpreted in on of three formats depending on the option selected - Unsigned, 2's complements signed, or hexadecimal. Finally, the search size can be between one and four bytes. Only aligned results are displayed.


65816 Assembly

The SNES uses a 65816 (or 65c816) processor, which is the successor to the 6502 chip used by the NES. Notable new features include 24-bit addresses, and the GPRs can now be 16-bit. The 65816 provides an emulation mode for backwards compatibility with the 6502; however, in this mode the JMP $xxFF bug has been corrected. The 65816 also provides new instructions, including new transfers and pushes/pops. The accumulator can now be incremented and decremented as well. More information about the 65816 can be found in the 65816 information sheet on the documents page.


Using SNES9x Debugger

Geiger's SNES9x Debugger - Disassembly

A modified SNES9x with debugger exists, made by Geiger. Geiger's SNES9x provides all the options that the normal version of SNES9x provides, as well as many debugging options. Upon the loading of a ROM, a window pops up with all of these options shown and the game is immediately paused. The run button resumes the game as well as resuming after a breakpoint is hit. The "next" option displays but does not execute the next instruction that will occur. "Step into" executes the next instruction, "Step out" executes until a subroutine is returned from, and "Step over" skips the next instruction. The "skip" option acts identically as "step over". "Disassembly" brings up a child window. The area from the start address provided until the end address will be disassembled. The "reset" option resets the game and the "frame advance" option advances the specified number of frames. An option to perform a hex dump and a palette dump is provided, as well as a memory viewer ("show hex"). Finally, the "breakpoint" option sets breakpoints. Up to 5 addresses can be broken upon, each with any combination of BPR, BPW, and BPX.


Legal

Creative commons.png
All files (HTML, CSS, images) included in EnHacklopedia are licensed under the Creative Commons Attribution-ShareAlike 3.0 License. All authors contributing to EnHacklopedia should be made aware of the license before contributing. If the author does not agree to the licensing, his or her contributions will not be accepted into the project.