Video game hacking

In high school and later in university I had what most people would consider a rather odd hobby: video game hacking. More precisely, I was into creating cheat codes for Playstation games that would, for example, make you invincible against enemy attacks or allow you to drive through walls in your favorite racing game. I’m not talking about the kinds of cheat codes that can be activated by entering secret passwords or pressing controller buttons in a certain sequence. I’m talking about modifying the game’s data and program code at runtime, by reverse engineering its mechanics.

In the early days, there were off-the-shelf cheat devices you could buy for Playstation 1 (PSX) and Playstation 2 (PS2), like the Xploder and CodeBreaker. Those devices worked by injecting a small program into memory between booting the console and starting a game. This program would then be running in the game’s background with full access to its memory. By constantly writing the same value to a certain memory address, it was possible to “freeze” things like energy points, ammo, money, etc.

Best of all, the first cheat devices for PSX let you to find your own cheat codes. This process boiled down to dumping the game’s RAM to a PC (via printer cable) where it could be searched and compared with prior dumps by special “trainer” software. There was a hex editor with a live view of the game’s memory; you could manipulate bytes and see the effect instantly. You could also set breakpoints, which was by far my favorite feature, as it enabled us to create very sophisticated cheat codes – so-called assembly hacks overwriting parts of game logic. Over the years, I’ve hacked thousands of codes this way.

When the golden age of PSX hacking was over, something bad happened: all of a sudden, companies stopped sharing their tools and instead started encrypting everything. This was unfortunate. But at the same time it was an opportunity to improve my reverse engineering skills. So it happened that we wrote our own software for hacking PS2 games. Along the way, we cracked about anything we could get our hands on, from proprietary encryption schemes to anti-cheat protections.

All of this was a ton of fun. As a matter of fact, it’s how I got into computers and programming. I probably wouldn’t be the engineer I am today if it wasn’t for game hacking. Homebrew sparked my interest in software development and made sure I always had a plethora of side projects going on – most of them open source.

GameHacking.org Q&A

In 2009, I did a Q&A with Lazy Bastard, the founder of GameHacking.org. You can find the interview below. It’s unedited; I only added a few links to provide more context. While some of the discussed topics might not make sense to someone who has never hacked Playstation games, I hope the interview will still give you a better picture of who I am and where I come from. Back in the days, I used the nickname “misfire”. Naming is hard.

Lazy Bastard: Aside from hacking codes, you broke most of the XPloder encryption schemes for the Playstation, and the CodeBreaker code and “code save”/“day1” encryption schemes for PS2. What was your inspiration for doing this?

misfire: Poking around the Xploder PSX code encryption was actually my first experience in cryptography. I figured out where the device stored the unencrypted codes in RAM and basically did a (dumb) brute-force attack to break the different schemes. Since then I’ve been fascinated by crypto stuff and have written many tools by reverse-engineering one thing or another. One of the main reasons why I’ve cracked virtually any piece of the CodeBreaker PS2 is that I truly believe that hacking needs to be free. No code encryption. No proprietary formats. An end to control.

What is your favorite code/hack that you hacked?

Hm, that’s not easy to answer. I can particularly remember how proud I was when I managed to get the PSX game TOCA WTC PAL running with the Xploder. It required a dedicated Enable Code due to a nasty LibCrypt protection. I wrote an XOR decoder in Turbo Pascal (!) to detect and patch the encrypted subroutines. This was one of my favorite hacks.

What is your favorite code/hack of all time?

I guess Nachbrenner’s 3-axis camera modifier for Tony Hawk’s Skateboarding (PSX) was one of the most impressive things I’ve ever seen.

Who would you say influenced you the most in the video game hacking scene? Who did you ‘look up to’ when you first entered the scene? (doesn’t have to be the same person for both)

In the early days when PSX hacking became a hobby of mine, I definitely looked up to Nachbrenner and UL1. Back then, our favorite cheat device was the Xploder and with it I gained most of my basic hacking knowledge in the late 90’s. I think it was Nachbrenner who influenced me the most in the hacking scene. What a great time we had in the good old days… Also, Code Master was quite helpful when I taught myself the C programming language to write my first “proper” tools. I’ve always liked his ASM codes and programs like GSCC2k. (Unfortunately, lots of things changed after he became CMX, but that’s another story…). Of course, Parasyte was and is an inspiration for me. I think what is most admirable is the fact that he made his source code available to the public. In this aspect, he served as a role model for me.

What was your first code/hack?

IIRC, this was “Infinite Time” for a demo version of Puma Street Soccer. I did it using an Xploder Professional with X-Assist and I remember how happy I was when I saw that the clock was actually “frozen”. Shortly afterwards I started hacking PSX games using a PC and the X-Link trainer software.

What do you think is the most difficult type of code/hack to hack, and why?

If the game is programmed in an “unconventional” way, almost every code can be a pain in the ass. Similarly, hacking can be difficult if you don’t have the right tools to do it (see PS2).

What is your favorite type of code/hack?

I’ve got a passion for simple and elegant solutions. It is often amazing what you can do by only patching a few bytes or even bits. ASM hacks don’t have to be complex to be beautiful.

What is your least favorite aspect of hacking?

Nowadays, this scene is full of leechers and wannabes who don’t care about other people’s work. They’re the reason why many hackers do not release their work to the public (not to speak of source code) which is a damn shame!

Which game did you find the most fun to hack, and why?

Back in the days I loved to hack PSX demos. This way, I was able to play/test my favorite games as long as I wanted without any time limit. Sometimes I got to see all the weapons/items weeks before the final game made it to the stores. This was lot of fun.

Did you ever hack an awesome code, or find an address in memory that would’ve yielded an awesome code, but then lost it somehow?

I cannot remember finding an awesome code in the first place. :)

What was the most difficult, ‘hair-pulling’ hack you’ve ever accomplished?

Cracking the CodeBreaker V7 code encryption was very challenging and fun at the same time.

Was there ever a code you just couldn’t get to work quite correctly (something you hacked/attempted to hack)?

Of course. There were a few games I wasn’t able to hack any useful codes for. I can’t tell if the developers were mean or I was just too impatient/inexperienced at that time.

Aside from hacking and gaming, how do you like to spend your time?

With friends, (European) handball, basketball, pool, music, reading, Linux and other geek stuff.

What do you think must happen for the video game hacking scene to continue to thrive?

We need more open source projects like Artemis. It’s the first step in the right direction. Again, hacking needs to be free! (And I should finally get my ass up, stop talking about writing a PS2 remote debugger and actually finish it… ;))

One last question: if you had one thing to say to current, aspiring, and future hackers, what would it be?

Never give up. Gain experience. Be polite and respect others.

Tagged under: Homebrew