Author Topic: Concerning pass-through carts  (Read 4077 times)

Offline rimsky82

  • Baby Retrode
  • *
  • Posts: 4
  • Karma: +0/-0
Concerning pass-through carts
« on: 02/Oct/2015 04:04:26 PM »
...specifically cheat devices.  Obviously you stick a cart on one end, and the other end into the system and it patches ROM, RAM, or both for cheating purposes.

I've tested quite a few GBx devices, and the only one I've been able to dump is the Game Genie.  The genie actually replaces the game's PRG banks with it's own software for inputting codes, so it's easily dumped by the retrode without any modification.

However, I also have a few gamesharks, a couple xploders, a codebreaker and an ARMAX none of which I can get to dump through the normal means.  If there is a cart inserted, I get the dump of the cart as if there were no device in between regardless of on/off switches on the device.  Without a cart, I get 4MB of FF's.

Any ideas on the possibility of dumping these things, or where to start?

Offline Aleron Ives

  • Junior Retrode
  • **
  • Posts: 48
  • Karma: +2/-0
Re: Concerning pass-through carts
« Reply #1 on: 02/Oct/2015 08:40:55 PM »
Is there anything to gain from dumping them? Most emulators have their own cheating menus, so even if you had a dump of the cheat device's ROM, you couldn't actually use it for anything, AFAIK. I've never seen an emulator with the option to load both a game ROM and a cheat device ROM simultaneously to simulate attaching the game to a cheat device.

Offline Wannado

  • Sgt. Retrode
  • ***
  • Posts: 106
  • Karma: +13/-0
Re: Concerning pass-through carts
« Reply #2 on: 03/Oct/2015 10:08:34 PM »
However, I also have a few gamesharks, a couple xploders, a codebreaker and an ARMAX none of which I can get to dump through the normal means.  ...

How do you control these devices when playing on the real hardware? When do they kick in? Does the Game Genie work differently?

One thing that comes to my mind is the boot logo. AFAIK, the ROM has to provide the trademarked logo (scrolling down the screen after power-on), or the GB won't boot the game. A trick to fight "unlicensed" games, suing people if the used the trademark without permission.

If those cheat devices are also unlicensed, they may have to let the game perform the boot process before they take over. So they might be waiting for some sequence of events the Retrode isn't reproducing (and may or may not be able to reproduce). But I'm just guessing.


Is there anything to gain from dumping them? ...

Science, maybe. :)

Offline rimsky82

  • Baby Retrode
  • *
  • Posts: 4
  • Karma: +0/-0
Re: Concerning pass-through carts
« Reply #3 on: 11/Oct/2015 01:29:23 PM »
Is there anything to gain from dumping them? Most emulators have their own cheating menus, so even if you had a dump of the cheat device's ROM, you couldn't actually use it for anything, AFAIK. I've never seen an emulator with the option to load both a game ROM and a cheat device ROM simultaneously to simulate attaching the game to a cheat device.

A couple of reasons, neither of which are just to cheat on some games.  I develop the site gamehacking.org, which converts cheats into other device formats for the users.  Having the roms for these devices might give me better insight as to their different codetypes and limitations for better accuracy.  So in short, reverse-engineering.

Another reason is to extract the cheat lists for the site.  A couple of my devices have different codes than what's on the site and I'd rather add them programmatically instead of manually.

MESS, which was recently dissolved into MAME, has the ability to use slotted devices, as they call them.  etabeta set up the NES Game Genie as one, so it can be used for the emulator and it works like a charm.  I'd like to figure out how he did it so I can play with these roms, if I can get them on my pc.

How do you control these devices when playing on the real hardware? When do they kick in? Does the Game Genie work differently?

I suppose the Genie works differently as it's the only one I can dump.  All of these devices seem to use the inserted cartridge's header to boot the GB.  When you dump the game genie, the cart's header is in the normal area, but the rest of the rom is the genie's code, so it just feeds the GB its own PRG with the cart's header in the normal place.  I assume it replaces at least the first four bytes of the header to make sure execution jumps to the right place.  The curious part of the genie is that the galoob logo only appears on real hardware.  I haven't been able to figure out why.

As for the other devices, I don't know what they are looking for to enable.  And when they are enabled, I'm not sure how they hook.  The caveat is, it would be easier to answer those questions if I had the roms.

Offline Aleron Ives

  • Junior Retrode
  • **
  • Posts: 48
  • Karma: +2/-0
Re: Concerning pass-through carts
« Reply #4 on: 11/Oct/2015 10:40:59 PM »
The curious part of the genie is that the galoob logo only appears on real hardware.  I haven't been able to figure out why.
Have you tried running it with BGB? It allows you to use a DMG and GBC BIOS to show the startup screen (and to apply the custom colours for specific DMG games), so maybe BGB would be able to show the logo you get on real hardware.