Shimapong, dont'be shy... (de-assembly for ROMHACK!)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
Shimapong, dont'be shy... (de-assembly for ROMHACK!)
ShimaPong surely knows howto deassembly the memory.
What deasm you use? I have IDAPRO and OLLYDBG.
How can I use them?
What deasm you use? I have IDAPRO and OLLYDBG.
How can I use them?
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
You have to recompile MAME yourself and make a debug build. Other disassemblers are of little use - you need a disassembler/debugger for each CPU hence you use the MAME debugger - which when you get used to it is VERY powerful.
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
Well I never knew that. But, what sort of power does it have for such things and how well does it work with MAME and other emulators is it just a disassembler or could it be used as a debugger with breakpoints,watchpoints, regpoints & traces and has it got any useful extras? It would be great to have a really powerful debugger for use with other emulators..../me salivates at the possibilities.
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
It's a very powerful disassembler with good analysis tools, but out of the box it's only a debugger for x86. I'm not sure how extendable the debugger is; if it's general-case enough someone could probably write a debugger client for MAME that could talk with IDA via a plugin or the remote debugger interface.
I just use it for the annotated disassembly and switch back and forth between it and the MAME debugger.
I just use it for the annotated disassembly and switch back and forth between it and the MAME debugger.
I'm using new MAME debugger only. If you have other "favorite" debugger, you should use it. Sorry, I can't assist in this case. Although I think it's the best choice for a beginner to start with MAME debugger.Kriptokapi wrote:What deasm you use?
But it's important problem that tracing or understanding a program code rather than how to use a debugger. I have taught myself to catch up. Fortunetly, I have found several databases for an opcode per CPU on Japanese web sight. (And a game-magazine inclueded a cheat code, how to hacking etc.)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
MAMEplus!106u1 - recompiled?????????
It's REALLY necessary to recompile? Please, tell me it's untrue!!!
I have MAMEplus!106u1, I tried to activate debugger, nothing happens... How should I adjust?
I have MAMEplus!106u1, I tried to activate debugger, nothing happens... How should I adjust?
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
Yes I'm afraid it is necessary to recompile, if you have an ATHLON cpu I can send you my athlon optimised debug build.
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
I think it maybe a bit big for your email inbox (around 9.5 megs).
Here's the commandline version of the MAME 0.106 optimised debug build for the Athlon CPU...let me know when you have it so I can delete it.
http://www.zen87661.zen.co.uk/mame0106debugbuild.zip
Use MAME -debug -cheat gamename on the commandline to run it
Here's the commandline version of the MAME 0.106 optimised debug build for the Athlon CPU...let me know when you have it so I can delete it.
http://www.zen87661.zen.co.uk/mame0106debugbuild.zip
Use MAME -debug -cheat gamename on the commandline to run it
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
Thanks for the post, it works perfectly! But I think this file must be included in the main downloads, together with your cheat files.
In fact, NO INTERNET SITE host a debug mame release
00
V
/\
and so this file is VERY useful! Or else, please write a guide: howto recompile mame easily. I tried, but the compiler (not quite user friendly )requests a lot of .o files, not included in the source!
vv
V
/\
LOADS OF thanks anyway.
_______________________________
Someone can tell me why this cheat doesn't work?
:ddragon:20A20000:5C3E:00CC0000:FFFFFFFF:not working
I putted a watchpoint and I notice that this address stays unchanged regardless of this code.
In fact, NO INTERNET SITE host a debug mame release
00
V
/\
and so this file is VERY useful! Or else, please write a guide: howto recompile mame easily. I tried, but the compiler (not quite user friendly )requests a lot of .o files, not included in the source!
vv
V
/\
LOADS OF thanks anyway.
_______________________________
Someone can tell me why this cheat doesn't work?
:ddragon:20A20000:5C3E:00CC0000:FFFFFFFF:not working
I putted a watchpoint and I notice that this address stays unchanged regardless of this code.
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
Yes well debug builds are really only meant to help the mamedevs, and as they are programming the drivers they obviously have no problems compiling the debug build themselves. With the exception of cheat finding by a few cheat finders there is little call for debug builds as they will just confuse most people and they are marginally slower than non-debug builds I believe - though as never use anything but a debug build I can't personally confirm that.Kriptokapi wrote:Thanks for the post, it works perfectly! But I think this file must be included in the main downloads, together with your cheat files.
In fact, NO INTERNET SITE host a debug mame release
It is very easy - the .o (object) files are made from the source via the make command.and so this file is VERY useful! Or else, please write a guide: howto recompile mame easily. I tried, but the compiler (not quite user friendly )requests a lot of .o files, not included in the source!
Look at the Easy way - http://www.mamedev.org/tools/ , and download the two files it mentions and extract them as instructed. Grab the MAME source and extract into a subdir in the mingw path. Then make a .bat file to set the mingw/bin into your path - so a new mingw.bat file with this in it:-
Code: Select all
SET PATH=R:\prg\Mingw\bin
Now in the mingw folder run mingw.bat and then change to the source folder and type make and wait. Don't forget to edit the makefile first though so that it will make you a debug build (and other stuff if you desire)....then just wait for it to compile takes anywhere from 15 mins to an hour.
It's paged memory....try something like:-Someone can tell me why this cheat doesn't work?
:ddragon:20A20000:5C3E:00CC0000:FFFFFFFF:not working
I putted a watchpoint and I notice that this address stays unchanged regardless of this code.
:ddragon:20A20000:15C3E:00CC0000:FFFFFFFF:not working
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
Okay Pugsy!!!!! You was wonderful as ever! Loads of thanks, but my curiosity is like wind, she never stops!!!
How can I distinguish "RAM", "paged memory", "ROM" regions, and why 99.9% of the ROMHACK cheats *require* "region"?
(Don't tell me "watch the indexes in the cheats\options\..." 'cause it's too much generic, I can't be satisfied.)
I think i'll post soon a little "guide" for ROM hacks with basical instr, and related codes- (in M6800 djnz=... and so on) 'cause the MAME decompiler is useless if ya want an AS-sembler.
I must understand this, or I'll never become a decent cheatfinder!
\\\ SUGGESTIONS FOR MAMEDEVS ///
I think mamedevs must add an option in the cfg file like
DEFAULT_CHEAT_INTERFACE = default/advanced
and also PLEASE IMPROVE SOON THE DISASSEMBLER!!!!!!!!!!!!!!
If it can't assemble (and it neither perform a code analysis), please add a command that puts dumped instructions list in a txt file, or the ROM hacking soon becomes a frustrating experience!!!!!!
Why this da__ed deassembler refuse to put a bp during execution?
Save me from desperation, i'm only a poor okapi!
Suggestion ends. Hi
(ps I'll try to compile my MAME, one day...)
How can I distinguish "RAM", "paged memory", "ROM" regions, and why 99.9% of the ROMHACK cheats *require* "region"?
(Don't tell me "watch the indexes in the cheats\options\..." 'cause it's too much generic, I can't be satisfied.)
I think i'll post soon a little "guide" for ROM hacks with basical instr, and related codes- (in M6800 djnz=... and so on) 'cause the MAME decompiler is useless if ya want an AS-sembler.
I must understand this, or I'll never become a decent cheatfinder!
\\\ SUGGESTIONS FOR MAMEDEVS ///
I think mamedevs must add an option in the cfg file like
DEFAULT_CHEAT_INTERFACE = default/advanced
and also PLEASE IMPROVE SOON THE DISASSEMBLER!!!!!!!!!!!!!!
If it can't assemble (and it neither perform a code analysis), please add a command that puts dumped instructions list in a txt file, or the ROM hacking soon becomes a frustrating experience!!!!!!
Why this da__ed deassembler refuse to put a bp during execution?
Save me from desperation, i'm only a poor okapi!
Suggestion ends. Hi
(ps I'll try to compile my MAME, one day...)
- Pugsy
- Posts: 3638
- Joined: Fri Aug 17, 2001 12:59 am
- Location: North Wales, UK.
- Has thanked: 1 time
- Been thanked: 12 times
- Contact:
A good rule of thumb is if you changing program code it will be a ROM cheat (either unpaged or paged) with the exception of cassette loaded games (and perhaps games using disks). You can look at the mame source for some information about a game's memory map but often if a ROM cheat doesn't appear to be working it's often quicker just to put a watchpoint on the address and cycle through the options and if that doesn't work try just adding a 1 infront of the address which work for a high percentage of games. Also remember some games use an encrypted CPU which mean that changing the opcode may not have effect even if the watchpoint says it does - so you will have to try and get the same effect by changing the operand instead.Kriptokapi wrote:How can I distinguish "RAM", "paged memory", "ROM" regions, and why 99.9% of the ROMHACK cheats *require* "region"?
(Don't tell me "watch the indexes in the cheats\options\..." 'cause it's too much generic, I can't be satisfied.)
It's true that the debugger can't assemble but you can use the DASM command to dump out a disassembly of the code to a file, you can then use a text editor to search the value needed for the opcode you want. I do this for CPUs I'm not very good with - for 6502 and 68000 I generally remember the opcodes anyway.I think i'll post soon a little "guide" for ROM hacks with basical instr, and related codes- (in M6800 djnz=... and so on) 'cause the MAME decompiler is useless if ya want an AS-sembler.
I must understand this, or I'll never become a decent cheatfinder!
It's already there, I think you need to check out the :_command: option - look at the cheat file for how it works (it's near the top)\\\ SUGGESTIONS FOR MAMEDEVS ///
I think mamedevs must add an option in the cfg file like
DEFAULT_CHEAT_INTERFACE = default/advanced
You can pretty much do most ROM hacking using BP, WPSET, DASM and most importantly TRACE.and also PLEASE IMPROVE SOON THE DISASSEMBLER!!!!!!!!!!!!!!
If it can't assemble (and it neither perform a code analysis), please add a command that puts dumped instructions list in a txt file, or the ROM hacking soon becomes a frustrating experience!!!!!!
Why this da__ed deassembler refuse to put a bp during execution?
Save me from desperation, i'm only a poor okapi!
BP works fine here, make sure you've set the BP on the right CPU - see HELP BPSET. You can use OBSERVE or IGNORE to toggle which CPUs you which to look at in the debugger
Pugsy
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
Servicing your cheating needs since 1985
Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
Double Dragon - A bit of already DEASM code (DoubleDragon)
Here is an interesting ROM region for experiments.
Remember that code for NOP is 12 (3 times nop = 121212 -> will be exec the next instruction.)
Let's try! And if someone can find the description for ALL the actions, he is nearly
a genie .
Here is an interesting ROM region for experiments.
- ;Main Program (?) start
4015: 7E 56 F5 JMP $56F5
4018: 7E 57 F6 JMP $57F6
401B: 7E 51 9C JMP $519C
401E: 7E 43 13 JMP $4313
4021: 7E 4A F7 JMP $4AF7
4024: 7E 4B 7B JMP $4B7B ;Idle code? - Use this line for skip the other actions
4027: 7E 4C 0E JMP $4C0E
402A: 7E 4D 90 JMP $4D90
402D: 7E 50 61 JMP $5061
4030: 7E 5E DE JMP $5EDE
4033: 7E 54 FF JMP $54FF
4036: 7E 5E 91 JMP $5E91
4039: 7E 5B 90 JMP $5B90
403C: 7E 51 3E JMP $513E
403F: 7E 51 2B JMP $512B
4042: 7E 44 66 JMP $4466
4045: 7E 4F 7E JMP $4F7E
4048: 7E 4F FD JMP $4FFD
404B: 7E 4E 4B JMP $4E4B
404E: 7E 53 0A JMP $530A
4051: 7E 52 9F JMP $529F
4054: 7E 51 71 JMP $5171
4057: 7E 5E 55 JMP $5E55
405A: 7E 5F 90 JMP $5F90
405D: 7E 60 FB JMP $60FB
4060: 7E 61 69 JMP $6169
4063: 7E 50 A7 JMP $50A7
4066: 7E 50 A7 JMP $50A7
4069: 7E 50 A7 JMP $50A7
406C: 7E 42 0B JMP $420B
406F: 7E 61 BA JMP $61BA
4072: 7E 61 D4 JMP $61D4
4075: 7E 5B FD JMP $5BFD ;Action for enemy AI? - Replace with 61D5 -> No enemy displayed (buggy)
4078: 7E 5C 32 JMP $5C32 ;Action for losing weapons.
407B: 7E 61 D5 JMP $61D5 ;Death/Disappear ?
407E: 7E 63 76 JMP $6376
4081: 7E 63 DD JMP $63DD
4084: 7E 64 11 JMP $6411
4087: 7E 62 46 JMP $6246
408A: 7E 64 86 JMP $6486
408D: 7E 62 81 JMP $6281
4090: 7E 63 0D JMP $630D
4093: 7E 64 AA JMP $64AA
4096: 7E 64 AA JMP $64AA
4099: 7E 42 79 JMP $4279
409C: 7E 65 01 JMP $6501
409F: 7E 65 26 JMP $6526
40A2: 7E 42 D1 JMP $42D1
40A5: 7E 64 AA JMP $64AA
40A8: 7E 64 AB JMP $64AB
40AB: 7E 64 CD JMP $64CD
40AE: 7E 5D DC JMP $5DDC
40B1: 7E 72 9C JMP $729C
40B4: 7E 72 9D JMP $729D
40B7: 7E 6D 63 JMP $6D63
40BA: 7E 6D D2 JMP $6DD2
40BD: 7E 6E 59 JMP $6E59
40C0: 7E 43 C3 JMP $43C3
40C3: 7E 73 5E JMP $735E
40C6: 7E 75 39 JMP $7539
40C9: 7E 75 5F JMP $755F
40CC: 7E 75 9C JMP $759C
40CF: 7E 66 CC JMP $66CC
40D2: 7E 77 57 JMP $7757
40D5: 7E 76 74 JMP $7674
40D8: 7E 76 2F JMP $762F
40DB: 7E 75 A9 JMP $75A9
40DE: 7E 75 EC JMP $75EC
40E1: 7E 76 B2 JMP $76B2
40E4: 7E 76 FE JMP $76FE
;Main Program (?) ends
Remember that code for NOP is 12 (3 times nop = 121212 -> will be exec the next instruction.)
Let's try! And if someone can find the description for ALL the actions, he is nearly
a genie .
Code: Select all
;Format for the ROMhack is:
;??-> 15-E4 !!!!-> A subprog. entry point.
;:ddragn2u:20A20000:140??:007E!!!!:FFFFFFFF:RomHack (If you find sthg interesting, post it.)
> My Double Dragon cheat was an ATTEMPT to stop the restless mechanism PICK-WEAPONS,LOSE-WEAPONS,PICK-WEAPONS,...
> and i wanted to stop the modification of the addresses that contain the references to weapons.
> Too bad my ROMhack is buggy, it cause (when it works!) also the enemies to not lose the weapon. Usually game crashes whenever someone thows an object.
> The main addresses for that purposes was listed in my thread DDRAGON, SOME NEW HACKS.
> I can't find any good code for the whip, only for baseball stick.
I think the routine about a weapon is the same between players and enemies. In this case, try to search a flag for a player or an enemy and added the check routine newly.
> and i wanted to stop the modification of the addresses that contain the references to weapons.
> Too bad my ROMhack is buggy, it cause (when it works!) also the enemies to not lose the weapon. Usually game crashes whenever someone thows an object.
> The main addresses for that purposes was listed in my thread DDRAGON, SOME NEW HACKS.
> I can't find any good code for the whip, only for baseball stick.
I think the routine about a weapon is the same between players and enemies. In this case, try to search a flag for a player or an enemy and added the check routine newly.
-
- DISABLED ACCOUNT
- Posts: 135
- Joined: Sat May 06, 2006 9:03 am
- Location: Italy (Sardinia, OR / CA)
I-AM-BOTHERED-OF-THIS-DA**ED-GAME!
I already tried all combinations, I'm so sick and tired!!!
I'll go no further with this game, I am only a debutant.
I found good ROMhacks for Gauntlet, check that out, but DDragon is too demanding for me.
Only a true hacker can found that codes, I'm not a serious hacker. Forgive me if you can!
I'll go no further with this game, I am only a debutant.
I found good ROMhacks for Gauntlet, check that out, but DDragon is too demanding for me.
Only a true hacker can found that codes, I'm not a serious hacker. Forgive me if you can!