____ ______ ______ THE ______ ______ ____ / \ | ___| | | _____ | ___| |_ _| / \ | |__| | |__ | |__| | \ | |__ | | | |__| \ \ | __| | | | | | | __| | | \ \ _\ \ | | | |__ | / | | | | _\ \ | | | | |___ | | | | | \ | |___ | | | | | \____/ |______| |______| |___|__\ |______| |__| \____/ Of Professional GameShark Hacking _____ 0001110101001110010110100011 ..~` a`~~.. 1101000001000010001000001010000010 ..~` }100000111000110001110001100011111110 -----` /\/\/\/10100011100110000111001100001110011000 `. \\\ | 00010001001111110010011111101000111111100 ; \/\/\100100111001100001110011000011101100010 .` ___/01000111000110001110001100011100110010 ; ..~~~~```` 11011000100100100101010100100110101001 .` ..`` ; ..`` ; .` .-` .` .-` ,` "The most elaborate, in-depth hacking guide / .. . for GameShark, ANYWHERE!" |.-`` `. \ `.| [By: Kong K Rool] ----------------------------------------------- Table Of Contents ----------------------------------------------- 1 .................. Introduction 2 .................. Hacking Basics a ................. Know The Code b ................. Systems of counting or number base I ................ Offsets II ............... Decimal III .............. Binary IV ............... Hexadecimal V ................ Octaldecimal VI ............... Ascii c ................. About Most GS Hackers 3 .................. How-to Guide a ................. What do I need? b ................. What do I need to know? c ................. Learn your 'Shark d ................. The Hacking Begins I ................ One Small Step For Man... II ............... The Methods IIa ............. Using Game Trainers IIb ............. Using GameShark Pro 4 .................. Acnowledgments ----------------------------------------------- 1) Introduction ----------------------------------------------- Welcome to the GameShark World. In this document, you will learn several different ways to hack your own codes. These methods range in degree of difficulty from easy to difficult yield various results. As you read this, you are incouraged to practice the methods that are described in this text. This way, you will learn by your activities. There is more than one way to hack codes. These range from guessing, to my secret hacking system, which not everyone will understand, again, as you read, try the idea's mentioned. It has been proven that people learn easier and faster when they are active in a project. It is the author's wish that the material presented here meets the anticipated needs of the reader's wishes to learn to hack GameShark codes. You might even come up with another variation of these methods to hack codes. If you do, let me know and I will concider including it in future versions of this document. ----------------------------------------------- 2) Hacking Basics ----------------------------------------------- a) Know the Code I) Offsets Offsets are typically found by examination of the game memory by using advanced hacking equipment such as a GS Pro, SharkLink or hex decoder on a ROM. Basiclly, an offset is a "memory holder" in which it(usually) holds a byte of memory(a two digit hexadecimal code). If you find an offset that holds the health digits, you can be certain that it isn't the GS code(if you find the health at offset "012203" the GS code won't be "80012203 FFFF".) There is less than a 1% chance of finding an offset and it actually being the code. The reason the offset and the offset digits in a GS code are not the same is this - There are MANY, MANY offsets which are used to tell the platform what type of game it is(size, language, title, checksum values, etc.), and other operation codes which will asign all the offsets to do what they are meant to do. There are offsets that hold the hex values that make up the pictures you see in the game, the coordinations of the character you control, mathmatical operations... The list goes on and on... The header(tells the machine what type of game your are booting) might take up all offsets past "012203" its self! There is a block of info that tells where the quantifier-offsets(the byte of memory which you change through GS codes) begin. This block is called RAM(Random Access Memory), which does exactly what it says. RAM is memory that will be changed all throughout its processing. Score and health are good examples of RAM, the values for both will be changed while your game is running. More information about offsets is beyond the scope of this text and will be included in future editions of this text. b) Systems of counting or number base II) Decimal Decimal Notation, based on ten digits, is something you already know. Count to 50 like you normally count. You can count using decimal notation. III) Binary Binary, or dual counting, is based on two digits. It's really easy to understand and use. You'll need to know the following - There are two characters used in binary - 0,1 (Think of it as a switch). A "1" means the switch is turned ON. A "0" means the switch is turned OFF. That's what binary is, a bunch of switches. I won't go into any more detail about switches now, but will return to this topic later in the text. A four-digit string of code written in binary is called a "word".(this is also the same in hex[1-digit]) Four Binary Digits(bits - 'BInary digiTS') equals 1 digit hex. Three bits equals 1 digit octal. Now that you know that, hex and octal should seem easier to learn. So how do you convert from bits to hex and back? Look at this chart - Hex Binary Hex Binary 0 0000 8 1000 1 0001 9 1001 2 0010 A 1010 3 0011 B 1011 4 0100 C 1100 5 0101 D 1101 6 0110 E 1110 7 0111 F 1111 If you notice, There are no more 4-digit combinations of "0,1" left. Now for the conversion part. Look at the 4 bits, each of the numbers have a value assigned to them. We will call these values, "Bit Values". Number in Hex 6 Number in Binary 0110 Bit Value 8421 (The Bit Value will ALWAYS be this! So remember it!) You are going to learn to convert by using multiplication. Math is a great tool to use when working with the GameShark. You can represent the binary word by letting "0110"(8421) = "IJKL" and thus you get "1xL + 2xK + 4xJ + 8xI" = "L+2K+4J+8I"(in algebraic terms). Now substitute the binary back in, you would get "1x0 + 2x1 + 4x1 + 8x0" = "0+2+4+0" which adds up to six. Six is what the hex value was in the beginning. To convert back to binary, use the formula "L+2K+4J+8K", find the numbers which add up to six. In this case, "4 and 2". Remember, "IJKL" = the bit value. Then substitute the binary back in - "1x0 + 2x1 + 4x1 + 8x0" = "0110". Why do that when there's an easier way? Because there is no use in converting when you don't understand why it is done in that way. You will learn an easier way soon, in fact, make one up! Octal conversions are the same as hex-to-bit. Only, octal goes up to "7". So the bit value looks like this - Octal 3 Binary 011 Bit value 421 It is important to understand how to do the number base conversions before continuing. If not, the reader is encouraged to review the material already presented. The Bit Value will NEVER change. The bit value is actually the value assigned for each bit. If you have an 8-bit value, the bit value would look like this - (128)(64)(32)(16)(8)(4)(2)(1) Notice that every time a new bit is added(to the beginning, no doubt), the last bits' value will double. Further explanation is beyond the scope of this text. I) Hexadecimal Hexadecimal is a programming `language' you must know in order to hack GS codes. So, what is it? Hex is what your GameShark codes are written in. There are sixteen characters used in a GS code. The characters are as follows - 0,1,2,3,4,5,5,6,7,8,9,A,B,C,D,E,F Let's learn to count in hex. If you look above, you'll see how to count to fifteen in hex. What's sixteen? "10" is sixteen. By the way, don't say "ten," say, "one, zero" for `10'. Let's see what you've learned(easy, huh?). What comes after 19? What comes after 3F? If you said, "1A" for Question #1, that is correct. If you said, "40" for question #2, you should know how to count in hex! VI) Octaldecimal Octaldecimal is just another way to wright binary(like hex), but octal words are longer than hex words. What you've read already is enough to know about octal. You do not need to know octal to hack GS codes. V) Ascii Ascii is what you are looking at right now. ANYTHING that can be typed on the keyboard is ascii. Ascii is usful to know when hacking in my secret way. You dont need to know the assignments for ascii characters, so let's skip this part! c) About Most GS Hackers Most hackers use more than one way to hack. Most know programming languages such as binary/hex/octal, HTML, scripting languages, etc. HTML is included here because many hackers want to use this language to create a website that has all their codes displayed. You don't need to learn any of the things other than binary and hexadecimal to "hack better than the Pros." Here are some ways you can hack(1 star[*] by the name is easy, 2 is harder, etc.) - Guessing**** This isn't easy, because you don't always find a code this way. It's not only troublesome, but risky at some times. Some guessed codes can corrupt game data! Modifying Codes* One of the easiest things to do. Change a number on an existing code, you make a new code. (Only works when you have a basis[base code] to work with.) Looking At The Source[Code]*** Hard, but most effective. Worth a shot. Using Hacking Equipment* Another easy way to get codes. It might not be very easy, but it doesn't take much time. Plus, it's the second most effective way to hack. Porting** Porting is taking a code from one version of a game, and making it work on another version of that same game. This does not always work. The reason is the same reason that they make more than one version. Possibly to fix a minor bug. So the offsets will be in a higher or lower position, or even moved to a totally different location. You can use the "GS Code Porter"(available at GameShark Universe) to port any code for you. Hence you can make a code before anyone else gets the chance! Combination Hacking This isn't rated. All you need to do is hack using two or more methods at once, for a greater chance of finding a code (!!!!!There is a sleight risk of loosing saved data on your GS when turning the system on and off while guessing or modifying codes. It happened to my PlayStation GS!!!!!) Now, ask yourself, which method am I going to use to hack? When you get your answer, continue on to the next section... ----------------------------------------------- 3) How-to Guide ----------------------------------------------- a) What do I need? You need a Game Platform(N64, PSX, etc.), you need a game to hack, and you need a GameShark. You will also need other things to hack in other ways. You will need to use your brain(yeah, there's even MATH involved!). You'll need to read everything in this text. b) What do I need to Know? If you've managed to read everything above, then you know about 40% of everything you'll need to know about hacking. The remaining 60% is learning to use hacking equipment and the software for it, among other things. c) Learn your 'Shark There are a few things you'll need to know about your GS before we begin hacking. You'll discover how the 'Shark codes work. This is the layout of all N64/PSX 'Shark codes - XXYYYYYY ZZZZ This is the layout of all GB 'Shark codes - XXZZYY-YY "X" digits are the `GS Digits', used to tell the GS what kind of code you are using. "Y" digits are the `Offset Digits', used to locate the offset digits you want to change. "Z" digits are the `Quantity Digits', used to change the quantity of the chosen offset. The reason there is a hyphen between the Y's in the GB code layout is becuase the Y's are actually set up backwards. The first two Y's should be behind the second two. Of course, you only need to know this if you are going to use my hacking method... You ARE going to try it, right? Here are the most common PSX/Saturn/N64 `GS Digits' that you must know - (All of the following are theories.) 80 - Defualt, Used for "regular" codes that need no special FX. 88 - N64 GS Only, Defualt GSB, Used to activate the code by the GS Button. 81 - These digits activate the 'Shark to make use of 16-bit mode (all four quantifier digits). 89 - N64 Only, Same as above, only the code will be activated by GSB(so, you have a 16-bit code when the GSB is pressed). D0 - "Flash Code," Used to "flash" the code ONCE, rather than having the effect on all the time. (an example is a code that uses two lines, both use the same base code, the first code starts with "D0" and the second has "80"... The D0 code will be used to "flash" the following 80 code only once. This is mostly used to stop the code from freezing the game. Or to set a starting point[if you use a code that makes the score ALWAYS 255, set a flash code in front of the 80 code and you'll have the score START at 255 and it can still be raised.]) Did you get lost? A0 - Doesn't seem to have much of an effect over "80", InterAct used this in a lot of the Mario 64 codes and some GoldenEye 007 codes. Maybe it makes the codes more effective, but I don't see a difference. DE - N64 GS 1.08+ Only, used as "enable code" for games requiring a keycode. So Far, only one code uses 'DE', "DE000400 0000". F1 - N64 GS 3.0+ Only, We are still experimenting with the functions of an F1 code. We will make any attemps to bring this GS Digits' function to you, the hackers. 50 - N64 GS 3.0+ & PSX GS 2.2+ Only, Patch Code, to make a code string shorter. EG, You have ten codes put together to give you "all weapons." Use the patch to shorten it to two codes. This is how it works - 50000A02 0000 80844CF0 FF5F EXAMPLE ONLY! NOT A REAL CODE! The first code is the patch, the second is the first code of the expanded STRING(a string is where the offsets will go up only a few digits for each code, EG. 100000, 100002, 100004, etc). The seventh and eighth digit in the patch is how many numbers the second code will raise to get to the next code in the string. In this case, "2" is used, meaning the next code in the string must be "80844CF2 FF5F." Then the next code would also go up by two. So would the next one, and so on. The fifth and sixth digits of the patch are the digits that tell the GS how many codes are in the string. "0A" is used in the example, so ten codes are being used at once with only two codes!!! Also note, the codes within the string MUST have the same quantity digits!!!! It's possible to have as many as 255 codes used at once using this format. Maybe even more in the future. Also, the codes used in the string should all have the same quantity digits when using a patch!!! This is what the above code would look like with out a patch - 80844CF0 FF5F 80844CF2 FF5F 80844CF4 FF5F 80844CF6 FF5F 80844CF8 FF5F EXAMPLE ONLY! NOT A REAL CODE! 80844CFA FF5F 80844CFC FF5F 80844CFE FF5F 80844D00 FF5F 80844D02 FF5F Which would you want to use? 10 - Used in some Saturn codes, This topic is not currently included in this version of the text. The author welcomes any information that may be included in future issues of this text. The most common GS Digit for GameBoy is "01". Why this is used more than anything else, I am not certain. It is probably for the fact that "01" is the lowest positive value there is in hexadecimal. Using the lowest value is usually better because it may stop unnessacary freezing. d) The Hacking Begins Are you ready to start hacking? Of course you are. If you have skipped directly to this section hoping you can read just this part and think you can be a GameShark code hacker, think again. It is HIGHLY recommended, indeed required that you read everything that has already been presented in this document. If you do not, you won't understand what most of the following states, and you will most likely not be successful in being able to hack GameShark codes. This is the untouched, unchanged GB Hacking Guide writen by DaRfUs(...e-mail here...) ========================== GB Hacking guide writen by DaRfUs First you start off by choosing what you want the code to do (start with somthing simple like an unlimited life code). Now goto "Game Trainer" in the GS menu. It will start the game. Walk around for a little bit WITHOUT getting hit. Now press the little button at the top of the gameshark. It will take you to the GS menu once more. Again goto Game Trainer. Now walk around this time I want you to get hit. Press the GS button as soon as the life goes down. You will be talken back to the menu once again. Goto the trainer, and select "Continue Trainer" there will be 4 boxes now here is the most important part... What happened to your life the 2nd time (the time you got hit? it went down right?) so you would pick the down arrow, because your life went down! Wasn't that simple! Now it will search for some possibile codes (if you get a big # of possible codes then keep repeating step 2) ========================== What this says is "compare and contrast", which is what the guys like CodeBoy and CodeMaster do when hacking! They use the same method the GB GS trainer uses. In the text above, DaRfUs explains that you choose the "down arrow". This is not only because your life went down, but so the trainer will compair the two RAM Dumps(which were taken when you pushed the little button on top), and display only the codes that had the values lowered in the second dump. From what I understand, the GameShark Pros' trainer will work similar to the one on the standard GB 'Shark and the Shark Link/Comms Links. With all this information, you should be cutting the edges in your mind. You should be gathering ideas right now. Thinking of what these trainers actually do. Discovering for yourself what you want to know about GS hacking. I) One Small Step For Man... Nintendo 64 - This part discusses impotant infomation about things like keycodes, and "Enable Codes". A keycode is a code which is used to bypass the lock-out code set into the games header. When a keycode is activated in the 'Shark, it will use that keycode as a default for a one-time shot. There are currently four keycodes known. Check GameShark Central(www.gscentral.com) for the keycodes. All "locked" games but ONE need the use of an "Enable Code". This code is a code that is placed in with the others(usually named, "MUST BE ON"). The Enable code used the most is "DE000400 0000". I have messed with the code and have found these results. Any code beginning with "DE" in GS versions 1.08 to 2.1 will cause the 'Shark to freeze up when not used with a keycode and keycode-needing game. In my version 2.2, the code "DE000400 0000" will NOT freeze the shark. Yet almost any other "DE Code" will freeze it. As mentioned earlier, there is one keycoded game that DOESN'T need an enable code. The Legend of Zelda: Ocarina of Time. and when using the GS 2.2, you see a new addition to the keycodes. It's a 32-bit block(aka instruction code). Now, three of the four keycodes use the block "80 20 10 00". BUT, Zelda uses the block "80 19 00 00". Does this suggest that using a block different from the default, will make the use of an Enable Code nullified? I think not. There must be some defect that The GS has when using the "80 20 10 00" code. This calls for the 'DE' enable code. To make the GS work! PlayStation - There are a few Enable Codes needed in PSX games(Crash Bandicoot for example). But I don't understand if the enablers are used for a lock-out, or to fix a small bug. This part of the section is in need of reference. I know a few people that could submit contibutions, and I'm sure everyone will greatly appreciate it. II) The Methods Here are a few of the many methods used to hack GS codes - Game Trainers - InterAct and Datel have their own trainers. To bad they don't know how to share. You can, however, get a trainer called "PC Comms Link" which will connect your platform to your computer where you can use a hex editor to view the ROM/RAM of your game. You will only be editing the RAM part of your games memory though. As far as it is known, there is no way to get a PC Comms Link anymore. Better yet, get all the functions of Comms Link in a GameShark, The GameShark Pro V3.0(No PC needed). Game Copiers - Some devices like "Doctor V64" and "CD64" have a built-in hex editor and GS funtion that allows you to view the ROM/RAM and create GS codes. These types of things are possibly ILLEGAL and the author of this document is not responcible for you use of these devices. ROM and Hex Editor - Finally! My secret hacking method is revealed!!! It is at sometimes seemingly impossible to hack using this primitive method, but it is well worth the trouble of it all! I was able to hack 54 Harvest Moon GB codes using this. When no one else could even get one code! How about those results?! I've also hacked numerous other codes this way. Definatly something to try out! Be Aware, using ROMs(they can be found on the internet) is ILLEGAL when used for purposes of your own entertainment, this means you can't use them just to play them! It may be possiblly illegal just because most of the Nintendo game instuction booklets say, "WARNING: Copying of any Nintendo game is illegal and is strictly prohibited by domestic and international copyright laws. "Back-up" or "archival" copies are not authorized and are not necessary to protect your sofware. Violatots will be prosecuted." The author does not endorse nor will support any information any the aquisition of obtaing game ROMs for legal reasons, and their use is explained here for comparision and illustrative purposes only. The author waives all responsibility for those readers that possess or attempt to possess such material, and the sole responsilbility, accountablity and legal consequences rest soley with the reader. If none of this scares you, read on. You can hack this way by doing similar to what DaRfUs explains. If looking for an infinate health code, start a ROM with an emulator and DO NOT lose any health. Save the current state(check with your emulators readme file to see how to save a state or a snapshot), which will be like a ROM Dump. The restart the ROM, go to the same spot you were at last time, lose power, and as quickly as you can, save the state/snapshot! Now load up a hex editor such as "Hex Workshop". Open the saves that you made(check with your emulators' readme file to find out what the extension will be). Choose Tools/Compair(in Hex WorkShop). You will get various compairisons. When you find a compairison that looks like it could be the one, change it in the second save that you made. Change the quantifier to something like "00"(this way, you will die if you have the right offset). Now load your emulator and ROM, load the SECOND save that you made(with the chaged quantitfier), if you die, or have less energy, you found the right offset! Now you need to find the beginning of the RAM. This might be impossible w/o previous training skills. When you find the beginning of the RAM, you can make the GS code by making the beginning RAM offset = "000000"(just delete everything in front of it(you won't mess up the ROM, it's in a different file!) and it will become "000000") Then you find that quantifier you chaged, and look at the offset. THAT'S YOUR CODE!!!! Other Methods - I will get more info about more ways to hack with future references. If you have a new way to hack, that you've discovered, let me know. I will concider adding it to future editions of this document! IIa. Using Game Trainers Using these Trainers is rather easy and usaully brings up some codes. You will learn how to use the trainers by reading this section. You will learn to hack codes like "Infinite health", "Infinite Ammo", Debug Menus and even "activators". IIb. Using GameShark Pro Hacking the easy stuff. The easy stuff is codes that are easily obtained. Such as infinite money, health, and ammo. We will begin. To hack an Infinite Money code, first you must start up the trainer process as a Known Value Search. Now go into the game and take a readout while you have 0 money, slect the "Equal To" value as "000". Start the second part of the process. Earn some cash, it doesn't need to be a large sum. Then take a second readout with "Equal To" value as the amount that your cash sum was. Now, when the trainer shows you all possible codes, you can do one of two things. If the amount of possibilities is too high, you can repeat the process. You can return to the game, play around for a while, not earning extra cash. Then do another search. Make sure you search for the SAME value that you cash is. You should find your code in no-time! For a code like infinite health, you go through the same steps above, only you will choose an unknown value search, since there may be no way of telling what the values will be. Start with full health in step one, and less health in step two. So you choose the "less than" option. and when summerizing the quantifiers, notice that MOST(not all) games with a health bar will recognize full health at "0064"(100) or "00C8"(200). With this in mind, you can find the health code a lot easier! Now on to infinite lives. Do the same thing you did in the first example. The first step will be the defualt amount of lives, and the second will be one life less. Choose the "less than" option for this one. if you started with 3 lives, the first quantifier should be "0003" OR "0002". Since some games start counting at 0 instead of 1, it may be possible that "2" = "3" But it's very rare to see this. And, of course, the second value will be one less than the first. You can always regain an extra life and search for greater than, or search an equal-to just so you can simplify all possibilites. Another code is Infinite Ammo. This one might be a little trickier. If you take the first readout with 100 bullets, and the second with 50, then you would choose the "less than" option and have the values "100" and "50". I hope you know how to hack the easy codes now. Hacking the intermediate stuff The intermidiate stuff is like "In-Game Cheats", Have weapons/medals/items codes. If you wanted a code that gave you a weapon or an item, you would first do one unknown search without having the weapon/item. You should reapeat the search w/o the item a coupe of time to make sure you have UNDER 1 million(trust me, it's hard to get them under a million. While doing this, you will search for "equal-to in different parts of the game. Then you can grab that item and search again, choose "greater than". The fisrt quantifier SHOULD be "0000" and the second will be "0001 / 0002 / 0004 / 0008 / 0010 / 0020 / 0040 / 0080 / 0100 / 0200 / 0400 / 0800 / 1000 / 2000 / 4000 / 8000". The reason it would have so many is the game uses the switches(described earlier). Only the switches are reprisented in hex. You need a little luck when hacking a code like this. For a code like "Activate In-Game Cheats", you will take one known readout w/o the cheat active(search for "0"), and the second search with the cheat active(search for "1"). Good Luck. Hacking the harder stuff The hard stuff is like activators, and debug menus. To hack an activator takes a little luck, and some time. First thing you would do is do a known search on the games title screen. Take this readout when NOT pushing any buttons on any controller(search for "0"). During the second search, hold the L Button(PSX users, hold Circle). Now search for the following: N64 - "32" PSX - "32" NORMAL PSX - "8192" REVERSE (switch to 16-bit mode) The two PSX versions are listed because some games use activator quantifiers that are different from the rest of the games. The N64 activators are always the same. So look for those. When you find the code that you think it is, Put the GS digits "D0" on the code and test it by putting any code after it. When in the game, hold L(or Circle) and the code will activate. Debug Menus... This is NOT easy at all. You will need to search through MANY, MANY codes if you have no base to go on. If you are looking for a debug menu that is already known, just do a known search with the menu NOT activated(search for "0") then the second with it activated(search for "1"). There will be almost 1-2 million codes that register at "0" so be carful and eliminate as much as possible. When the menu is active, the "1" value search should shorten the list a lot. You can also deactivate the list and search for "0" again. do this alternatly until the possibilities are below 20. Now it's time to find the Debug Menus that have never been seen before! To pull this off, you must go to a certain point in the game, usually the title screen, and do two, normal known searches for the value "0". You will see MANY MANY codes that have the values as "0". Well, ONE off those "0000" codes MIGHT be a debug menu. That is, if there is a menu in the game. IN THAT SECTION OF THE GAME. This must be the hardest code there is to hack. Are you up to the challenge? 4. Acnowledgments People whom have written this document. Kong K. Rool (kongkrool@yahoo.com) Macrox (macrox@advanix.net) People whom have shared ideas and given information for this document. Kong K. Rool (kongkrool@yahoo.com) Macrox (macrox@advanix.net) ShadowKnight (shadowknight007@hotmail.com) CodeMaster (gsccc@home.com) New releases and rewrites of document taken care of by. Kong K. Rool (kongkrool@yahoo.com) Macrox (macrox@advanix.com) Editor. Macrox (macrox@advanix.net) Anything contributed to the next release of this document will result in a new name and/or acknowledgment.