Snow Wood Boarding School A Guide for Learning to Hack the EarthBound ROM 1) Chapter 1 - The Basics * What is EarthBound? EarthBound was an unconventional role-playing game released for the Super Ninendo in 1995. Known in Japan as Mother 2, it takes place in the present day, with four young teenage kids as the heroes. For a few years, a community of video game hackers has been breaking down the code of EarthBound. Through the endless efforts of this community, enough knowledge has been gained - and tools have been developed - to allow people with sufficient drive and creativity to create an entirely new RPG from the EarthBound engine. * How should I begin my hacking endeavours? The best piece of advice I can give you is to start small. Many newcomers to the "PK Hack" community, as we are known, see the complex hacks that the more experienced members are working on and try to take on tasks of similar size. This is probably what turns so many people off from completing hacks - some aspects of hacking EarthBound are very difficult, and regrettably they are what many people try to tackle first. This guide will start you off learning the basics of hacking, the ins and outs of the various tools, and work up to more advanced concepts and knowledge. It is designed for the true beginner. * What do I need to start hacking EarthBound? For a start, it would help to have a computer! :) A machine running Windows 95 or 98 is probably best, as most programs developed for hacking EarthBound have been made with these operating systems in mind. Windows XP and Millenium Edition users may have problems running certain EarthBound programs. Macintosh and Linux users beware, relatively few hacking programs of any sort have been developed for your system; however, the hacker DrAndonuts has been developing EarthBound hacking programs for Mac. Keep an eye on the PK Hack forum at starmen.net and the PK Hack website for updates on all programs. Secondly, you will need a ROM. Utilizing special copying devices, people have been able to copy the data of video game cartridges onto computers. This data, stored as an individual file, is known as a ROM (standing for Read Only Memory). Now, this is the tricky part. The creation, distribution, and possession of ROM files is illegal. However, these laws are rarely enforced, and typically only large-scale ROM distributor websites will fall victim to any sort of punishment. In any case, we err on the side of safety, please do not make ROM requests on the PK Hack forum. Too many people have invested too much time in the Starmen.Net EarthBound community (where our forum is hosted) to have it shut down because of ROM trafficking. Besides, ROMs are relatively easy to find. Just go to your favorite search engine and run a search for "EARTHBOUND SNES ROM" or some such string. You should find a ROM relatively quickly. The EarthBound ROM is a little bit over 3 megabytes in size, so keep that in mind if you have a slow Internet connection. Now that you have the ROM, you will need an emulation program to run it. An SNES emulator will digitally mimic the Super Nintendo console and allow you to play ROMs on your computer. The two best emulators are generally considered to be ZSNES and SNES9X. Both, as well as many others, are available at the website Zophar's Domain. [www.zophar.net] Now that you are set up with those two essentials, it is time to get your hacking tools. Like you'll need a word processor to write letters or a media player to play music, you'll need special programs to make various changes to your ROM. Following is a list of all of the programs that have been developed for use with hacking EarthBound. --- * Okay, but what if I want to show other people my hack? Isn't passing ROMs around illegal? The only real legal way - and practical way, considering its size - to distribute your hack is using a so-called "IPS patch." The International Patch System is a method of recording the differences between two files. With an IPS patcher program, you can create IPS files which contain all the details of your hack. To generate an IPS of your hack, you must have your hacked ROM and an original, unchanged ROM to compare it to. (Keep in mind, if your hack's ROM has been expanded using the EarthBound Text Editor or the EarthBound ROM Expander, your "unchanged" ROM will have to have been expanded as well.) To use an IPS file, you can do one of two things. With a recent enough emulator, you will be able to play the hack without patching the IPS file if the IPS and the ROM have the same name. However, to make a permanent copy of a hack, you will have to perform the patch creation sequence in reverse. Make a copy of your original ROM, and use the patching program to apply the IPS file to the ROM. In terms of programs, I recommend "SNESTool" for all of your patching needs. * I have all of the programs you told me about... Uh, what do I do now? Now you're ready to begin! Don't worry, you won't be making anything too painful yet... The upcoming chapters will guide you through the workings of the various hacking tools and the concepts behind the programs. They will also include study guides that will allow you to test out your skills and get used to hacking. So, what are we waiting for? Let's get to it. 2) Chapter 2 - Some basic knowledge. Before we begin, let's set up our ROMs. You'll want to keep a copy of the original ROM on hand at all times, so make a copy of the file and rename it "snowwood.smc". We'll be using this file for all of our study exercises, so hold on to it. Before we start hacking ANYTHING, let me tell you about how the ROM is structured, and about bits, bytes, binary and hexidecimal numbering. Let's get the math out of the way first. We're all familiar with the Base 10, or "decimal," system. You know, it has 10 different numbers - 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. The places go up by factors of 10 - ones, tens, hundreds, thousands, and so forth. If you're not familiar with decimal numbering, then you need to sit in on a Kindergarten class and come back when you get a brain. No offense. However, you may not be quite so comfortable with binary and hexidecimal formats. They may seem scary at first, but don't be afraid. Binary, or Base 2, has only two numbers - 0 and 1. It is the way your computer stores information - either a pulse of electricity, or not a pulse - a stream of electric 1's and 0's. Now, it's places - rather than going up by factors of ten as in decimal - go up in factors of 2. Oddly enough. So you have the ones place, the twos place, the fours place, the eights place, the sixteens place, and so on. Binary numbers are grouped together in blocks known as "bytes." Each byte contains eight binary digits, or "bits." 1,000 bytes is a "kilobyte," 1,000,000 is a "megabyte," 1,000,000,000 is a "gigabyte," and so on. Diagram of a byte: [1]|[0]|[1]|[1]|[1]|[0]|[1]|[0] ---+---+---+---+---+---+---+--- 128|64 |32 |16 | 8 | 4 | 2 | 1 It works out in a simple fashion. Each bit represents a decimal value like I described above. A 1 in any of those bit-places designates that its value is added to the total sum of the byte's value. Let's look at the value I have above: 10111010. Looking at it, we see that the 2's, 8's, 16's, 32's, and 128's are all turned on. So, we just have to add up that sum: 2 + 8 + 16 + 32 + 128. That sum happens to be 186. Therefore, decimal 186 is equal to binary 10111010. The maximum value for any byte is 255 (1 + 2 + 4 + 8 + 16 + 32 + 64 + 128). Now, before you run away crying, take heart. This is just here to help illustrate the concept of bytes - you won't have to do this all the time. :D Hexidecimal, or Base 16, is even more alien to some because it contains 16 numbers. "16 NUMBERS?" you shout, incredulous. "WHAT THE ¶©§þ?" Instead of stopping at 9, it continues on. 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. Then, once you go past F, you count 10, 11, 12, 13... yada, yada, yada... 19, 1A, 1B, 1C, 1D, 1E, and 1F. It continues on like that. To differentiate hex numbers from decimal, we write them with 0x at the front. Like this -> 93 = 0x5D. The places in hexidecimal form increase by factors of (guess what) 16. Thus you have the ones place, the sixteens, the sixty-fours, and so on. Each byte contains 2 hex digits, and the maximum any byte can be (in hex) is 0xFF. So, let's look at that byte diagram again. Diagram of a byte (again): [1] |[0] |[1] |[1] |[1]|[0]|[1]|[0] Base 2 ----+----+----+----+---+---+---+--- 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 Base 10 ----+----+----+----+---+---+---+--- 0x80|0x40|0x20|0x10|0x8|0x4|0x2|0x1 Base 16 Unless you really want to, you don't need to manually convert any number to hex, or binary, or whatever. You have Microsoft Calculator - the one not-crap thing included with Windows! In Scientific mode, select your number type - ignoring Octal (Base 8), that is - type in the value, and click the type you want to convert to! It's that easy. Now, let's discuss how the ROM is constructed. The ROM is made up of a string of 3,153,920 bytes stored in a hexidecmal format. Scary. However, we can use that fact to obtain what's known as a hex address. In order to refer to a particular location in the file, we need to know where it is. We do this by counting the number of bytes into the ROM that byte is, as if each byte were a page number in a book. For example, the text in the game begins at the 335,122nd byte in the ROM - or in hex, 0x51D12. Thereby, we say that the hex address of the beginning of the text is 0x51D12. You don't have to count, as hex editors have a location readout displaying your address at all times. However, internally, it works a bit differently. All SNES games contain a short header, identifying the game, the company that made it, how big it is, and other such information. This lasts for the first 512 - or, 0x200 - bytes in the file. Now, the game will not actually read this part of the file. And on top of that, EarthBound reads the first byte after the headers as location "0xC00000". I can imagine you're going, "WHAT YOU SAY ??" right about now. Just calm down, clear your mind, and live with it. :P In order to find an SNES-format address from a standard hex address, you'll have to add 0xBFFE00 . (See, we take the hex address, subtract 0x200 because it's not reading the header, and add 0xC00000 'cuz it's funky. That totals up to adding 0xBFFE00.) Of course, to find the hex address from an SNES format address, you have to subtract 0xBFFE00. Now, one more basic fact to deal with, and we can get started with some basic hacking. This deals with numbers. Every time where the game stores a number - say, the amount of Hit Points a particular enemy has - it's stored in hex. The Kraken, for example, has 1,097 HP. Using our calculators, we find that 1,097 is 0x449 in hex. Since each byte has 2 hex digits, we know that that the bytes have to be 04 49. Right? Wrong. The ROM also stored bytes in a flipped-around-backwards format which trips a lot of beginning hackers up. In this backwards format, 0x449 would be stored as the bytes 49 04. Don't let this confuse you - you just have to read the bytes in backwards order. But DON'T read the VALUES of the bytes backward - 49 04 is not 0x4094, after all! Well, that about wraps it up for the basic information you need to know. If you're scratching your head still, don't worry. Just give it all a chance to sink in. Knowing this stuff is a neccessary evil; but if you don't get it right off the bat, it's not that big of a deal. It is required knowledge for some more advanced hacking concepts, however.