A Hacker’s Blog: Mermaid Madness – Part 2

This evening I’ve made a bit more progress with my Mermaid Madness crazy hack and it’s coming along…
A few people have asked how I create the crazy hack code within the game I’m hacking, and so I thought I’d use this game as an example of how I achieve this. Once I’ve located a bit of space within the game’s code, which is where my crazy hack code will sit, I then search through the game code to see where I can jump out of the game, into my code, and back into the game. I usually do this by replacing the LDA $DC01 command with a JSR to my code (and then eventually back again with a RTS). $DC01 is connected with the keyboard/joystick interface within the game and usually allows you to interrupt the game code without it all crashing. Anyway – in this case, $43B8 was the location that housed the $DC01 command that I replaced with the new JSR (to my code).

mermaid code 1So now the game JSRs to my new code at $C240-$C600, but at this moment in time it’s jumping to nothing because I haven’t added in any code. To start the code, I set up a key-press recognition routine that looks for you pressing a specific button on the keyboard, and then acts on it once it has been pressed. In the screenshot on the left, the first 4 lines look for ‘1’ to be pressed. Admittedly, there is a JSR at the second line, but this just goes to a piece of code that I have to repeat throughout the process to set up the key-press, and so I just keep referring to it. Anyway – if ‘1’ isn’t pressed (BNE – Branch Not Equal) then the code skips over the cheat and goes to the next piece of code (at $C24E) that looks for ‘2’ to be pressed. BUT – if ‘1’ is pressed then the BNE is ignored, and the cheat at $C249 is activated. The cheat looks like this:
  • LDA #$A5
  • STA $532A
This is the FREEZE ENERGY cheat and just loads A5 into memory location $532A, which previously had a DECREASE (DEC) command that decreased the energy. ‘A5’ is actually a ‘LDA’ command, which means that the energy will just keep loading its current value into itself, thus NOT decreasing. It sounds a little complicated – especially the way I’ve explained it – but it really isn’t.
So my new code keeps looking for key-presses and ignores them if nothing is pressed, but reacts when they do and activates/deactivates the required feature. With regards to turning off the FREEZE ENERGY cheat, this is done starting at line $C24E where the code looks for ‘2’ to be pressed. If it isn’t pressed, then nothing happens, but if it is pressed, the BNE at $C253 is ignored, and the following happens:
  • LDA #$C6
  • STA $532A
Here, we are POKING the same memory location, $532A, which decreases the energy in the game, but this time we are placing back the original code with the ‘C6’, which is actually a DECREASE (DEC) value. The code then goes on to see if ‘3’ is pressed and so on.
Mermaid example 2At the end of my code, I always reset the keyboard, and then place the original LDA $DC01 (the one we originally ‘stole’ to JSR to my crazy hack code) in there before RETURN SUBROUTINE (RTS) back into the game. This is usually done right at the end of the space I’ve allocated within the game code. For this example, I’ve added the LDA $DC01 to location $C5FC before the RTS sends it back into the game.
Phew! I hope that makes sense. It confuses me sometimes!
In the next instalments, I’ll share a few more of the cheats with you and also show you the bitmap I’m creating for the intro.
Back soon!


This entry was posted in Hacker's Blog. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s