Kodewerx

Our culture has advanced beyond all that you could possibly comprehend with one hundred percent of your brain.
It is currently Thu Mar 28, 2024 3:50 pm

All times are UTC - 8 hours [ DST ]


Forum rules


Discussion of illegal hacking/cracking is prohibited. (No virus/trojans/cracks/warez/etc allowed.)



Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Debug Menus
PostPosted: Thu Jul 16, 2009 2:31 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Thu Jun 26, 2008 12:29 am
Posts: 52
Does anyone have tips to hacking these elusive bastards? And no I don't mean changing 0 to 1 in a list of 500 different addresses. Like are they tied into the routines that call other menus within the game, or are they something you can find by other means? I know the method probably changes per game (if a debug menu even exists in the game), however I have not found a definitive solution to even coming remotely close to finding them if they are present.

Enhacklopedia Reference:

Debug Menus

To Do

:P


Top
 Profile  
Reply with quote  
 Post subject: Re: Debug Menus
PostPosted: Thu Jul 16, 2009 4:39 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
Text references are the best way to go about hacking debug menus.

Basically, if debug text exists, that is a good sign that it is used somewhere (but somehow disabled/inaccessible). Also, keep in mind that it may not always be simple ASCII text. Using a relative search is often a simple way to locate text which may not be encoded in the standard ASCII character set. Another thing to keep in mind when looking for debug text is that the menus may be written in a language other than English. Typically, Japanese is a big one.

So, now that you've located some debug text of some sort (it looks interesting to you) how do you go about the actual hack? Answer: cross-references. A "cross reference" is pretty much what it sounds like; a reference (usually a pointer) to the text, located in another section of the program. Find the pointer, and then find the code that looks up that pointer (assuming the pointer is a simple piece of data, rather than being explicitly "assembled" directly in code -- both are quite common).

From there, your most helpful tool is the debugger; back-trace the hell out of the code. That means, generally put, that you should locate cross-references to code [backwards] often several layers deep. For example, "call" or "jump" type instructions that lead to the code which accesses the debug text, and so on. A common technique is placing breakpoints at each of these places, until you actually find that one of those "call" instructions hits somewhere in the game. (It could be before the game starts up, during the title/options screens, in the pause screen, right in the middle of gameplay... pretty much anywhere.) When you find a nice "hit" -- start tracing forward. Notice any branches that skip over the other calls leading to the final routine.

If you find some offending branches, my suggestion is researching them closely; don't just reverse their effect and leave it at that! You might actually find something useful, like a button combination to unlock something never before seen.

All said, it does not really end there. I've seen cases where the cross-references only went back so far, and then completely dried up; there was absolutely no caller into the main "show the debug menu" function. At that point, you can safely start writing your own hook somewhere to show the debug menu when appropriate. Other times, the branches (mentioned above) simply checked a variable in memory which was never written anywhere; that's an easy one, just write the expected value with a simple code. At other times, the text was read early on but it was never shown. Instead, it could cached for use later, by storing it into some temporary memory. And in that case, you would be looking for cross-references to the cached area, and any reasons the program is not making better use of it. ;) The list goes on...

I suppose the general idea is just basic reverse engineering. Use anything available within the program as a guide to reach your goal.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject: Re: Debug Menus
PostPosted: Fri Jul 17, 2009 5:39 pm 
Offline
Komrade
Komrade
User avatar

Joined: Tue Mar 27, 2007 6:23 pm
Posts: 1354
Location: Mario Raceway, 1509.831, 217.198, -564.429
Title: Mario Kart 64 Hacker
In a lot of pre-N64 games you'll find debug routines that are simply branched over or have their call NOPed out. N64 and later tend to have enable flags in RAM that are just never set.

It's also worth hacking a menu modifier (i.e. a code to activate any given menu, or change which menu will be opened from a certain action), and try all values from 0 upward (until you find the game is just crashing or doing nothing special every time). Often you can find debug menus this way.

Then there are some games that seem to have a lot of debug text which is never referenced anywhere. :(

_________________
Image 143
HyperNova Software is now live (but may take a few tries to load) currently down; check out my PSP/DS/Game Boy/Windows/Linux homebrew, ROM hacks, and Gameshark codes!


Top
 Profile  
Reply with quote  
 Post subject: Re: Debug Menus
PostPosted: Fri Jul 17, 2009 6:35 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Thu Jun 26, 2008 12:29 am
Posts: 52
Well it appears that hacking these types of codes takes a bit of dedication to a specific game :P. I am just learning the asm routines for the nes/snes processor as a starting point to being able to hack with this method. I've learned a good bit so far and I feel that the information provided on this subject was well above the quality of response I thought I might receive due to my lack of knowledge in this area. Thank you both for taking your time to explain this subject in the detail that you did.

- Abystus


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 132 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group