So, I've been trying to hack NES games and hard code values like the number of lives you start with, weapons, etc. FCEUX's Game Genie Decoder/Encoder works great for finding the right ROM address in early titles like "Super Mario Bros.", but when it comes to games that use mappers, things got complicated.
Let's say we've got "Castlevania" and we want to change the number of lives you start with. I know, that the RAM address for them is $002A and the original value is 04. No matter how much I searched, none of the "Possible Affected ROM File Addresses" contained the value of 04!
After that, I decided to find out which addresses in the MMC1 Mapper are used for PRG code banks. I searched for addresses in NES Memory, then tried to change their values in the ROM file, but there was no effect. The game hadn't changed at all!
In the end, I said "screw it!" and made a dump of the Assembly Code in the game. So, naturally, somewhere in the code, there should be lines like:
LDA #$04
STA $002A
But no! There wasn't anything like that. In fact, there was no line of code, writing anything from the Accumulator, X or Y into that address!
So, what's wrong? Why is that address never used, when it clearly contains important information? Is it possible, that the game writes to a different address and, somehow, it gets changed in the emulator? I don't think the header has anything to do with that, but who knows? Somebody, please, help!
Let's say we've got "Castlevania" and we want to change the number of lives you start with. I know, that the RAM address for them is $002A and the original value is 04. No matter how much I searched, none of the "Possible Affected ROM File Addresses" contained the value of 04!
After that, I decided to find out which addresses in the MMC1 Mapper are used for PRG code banks. I searched for addresses in NES Memory, then tried to change their values in the ROM file, but there was no effect. The game hadn't changed at all!
In the end, I said "screw it!" and made a dump of the Assembly Code in the game. So, naturally, somewhere in the code, there should be lines like:
LDA #$04
STA $002A
But no! There wasn't anything like that. In fact, there was no line of code, writing anything from the Accumulator, X or Y into that address!
So, what's wrong? Why is that address never used, when it clearly contains important information? Is it possible, that the game writes to a different address and, somehow, it gets changed in the emulator? I don't think the header has anything to do with that, but who knows? Somebody, please, help!