HN Theater

The best talks and videos of Hacker News.

Hacker News Comments on
SNES Code Injection -- Flappy Bird in SMW

SethBling · Youtube · 726 HN points · 9 HN comments
HN Theater has aggregated all Hacker News stories and comments that mention SethBling's video "SNES Code Injection -- Flappy Bird in SMW".
Youtube Summary
Using various Super Mario World glitches, I injected the code for Flappy Bird (code written by p4plus2). This is the first time a human has ever completed this kind of exploit. Special thanks to p4plus2 and MrCheeze who helped me a ton with this project.
Livestream Archive: https://www.twitch.tv/sethbling/v/57032858
Route Notes: https://docs.google.com/document/d/1TJ6W7TI9fH3qXb2GrOqhtDAbVkbIHMvLusX1rTx9lHA/edit?usp=sharing
p4plus2: http://youtube.com/p4plus2

SethBling Twitter: http://twitter.com/sethbling
SethBling Twitch: http://twitch.tv/sethbling
SethBling Facebook: http://facebook.com/sethbling
SethBling Website: http://sethbling.com
SethBling Shirts: http://sethbling.spreadshirt.com
Suggest Ideas: http://reddit.com/r/SethBlingSuggestions

Music at the end is Cipher by Kevin MacLeod
HN Theater Rankings
  • Ranked #25 all time · view

Hacker News Stories and Comments

All the comments and stories posted to Hacker News that reference this video.
Jun 07, 2019 · Strom on Stadia Founder's Edition
There are undoubtedly major benefits in the war against cheaters by completely removing user access to the underlying system. However I think there are two fundamental points to keep in mind on why it's not going to be an ultimate solution.

1) Unless cross-platform play is forbidden or the game is exclusively streamed-only, the cheaters will just use a different platform and will still ruin your game the same old way. It's the cheater's platform of choice that matters.

2) Games are some of the least security conscious pieces of software out there [1], primarily written in C++. There are bugs, lots of bugs. Process-takeover enabling bugs. I'm sure Google sandboxes the game to protect their systems, however cheaters only need access to the game process to enable most of their desires. Yes this would raise the bar in how easy it would be to cheat. Average Joe Cheat Engine users would be gone, but more skilled cheat makers will continue business as usual and their released cheats will do the exploits hidden from the actual people doing the cheating.

Bonus: See this cute hack that injects flappy bird into Super Mario World. https://www.youtube.com/watch?v=hB6eY73sLV0

--

[1] Even AAA developers are clueless about threat models. Games like Tom Clancy's The Division [2] and Fallout 76 [3] are multiplayer games that put extreme trust into the client. Trust that nobody would modify their script files, trust that the client is always telling the honest truth.

[2] http://web.archive.org/web/20170611084112/http://gafferongam...

[3] https://www.reddit.com/r/fo76/comments/9u71m1/get_ready_for_...

No, a person can do it on a real console https://www.youtube.com/watch?v=hB6eY73sLV0
vermilingua
Saying SethBling can do it, does not mean that ordinary people can do it. He is a very talented and focused individual.
httpsterio
Thank you, I stand corrected.
My favorite example of this is the time it was used it to inject flappy bird.

https://www.youtube.com/watch?v=hB6eY73sLV0

"likely only possible in TAS" has this habit of becoming possible.

SethBling turning Super Mario World into Super Flappy Birds on a console comes to mind. https://www.youtube.com/watch?v=hB6eY73sLV0

kibwen
Exactly why I made the conscious choice to use the word "likely". :)
berbec
Conscious choice consensus
super impressive stuff. I'm generally unfamiliar with speedrunning, but I am familiar with the billy mitchell controversies, so I'm surprised that people accept the legitimacy of streamed runs. wouldn't it be trivial-enough to fake?

tangental: my personal favorite mario-related feat is sethbling injecting flappy bird into super mario world manually: https://www.youtube.com/watch?v=hB6eY73sLV0

mrob
It's possible to fake streamed runs, e.g. by miming over pre-recorded spliced/TASed runs, but Kosmic has played at live events where this would be impossible, and there's no doubt that he has the skill to do this legitimately.
bhickey
Billy's live performances were miles away from his spliced runs. The live performances of top level SMB runners are in line with streamed performances. Some communities are moving toward controller cams to show each button press.
ngokevin
Would it be fair to say similar scandals have happened in actual sports (PEDs, judge corruption)? Cheating is often caught and corrected in the speedrunning community.
MiddleEndian
As a regular fan of MMA and occasional watcher of boxing, I can't think of a single example of the sports' governing bodies overturning a corrupt result, even in the Olympics. Occasionally judges will be fired later; that's it.

PEDs are enforced almost sporadically; I wish they didn't bother.

Edit: By corrupt result I meant corrupt or inaccurate judging.

kod
Cormier vs Jones 2
MiddleEndian
That fight was overturned due to Jones popping for PEDs, not due to improper judging.

When I said "corrupt result" I meant corrupt judging. Sorry I was unclear.

sp332
Because after all, it's still a game and this is still just about having fun. Until someone starts losing real money from video game fraud, there's no incentive to turn a friendly competition into a thing where you feel like you can't trust anybody.
kryogen1c
Oh neat! I knew about the credits warp, but I didn't know about flappy bird. Thanks!
Hattes
To an extent I think that streaming has solved this problem, compared to the days of people just submitting videos that they recorded by themselves. Streamers might fake a single run to get a record, but it would be a huge amount of work to fake all the progression they had to go through to get there.
dezgeg
I would have previously thought so too, but recently there was a cheating incident in the GTA speedrunning where already a top runner started cheating: https://old.reddit.com/r/speedrun/comments/98utvr/grand_thef.... So for a year there was apparent progression to be seen in the streams, but it was all/most due to modifying the game files to gain advantage.
topmonk
I agree, but furthermore after you get to a certain level of skill, you pretty much have a free pass to cheat if you like.

To wit, I don't think many people suspected Billy Mitchell of cheating until there was undeniable proof of that fact.

bhickey
> To wit, I don't think many people suspected Billy Mitchell of cheating until there was undeniable proof of that fact.

Not so much. Billy has been suspected of cheating for ages. His live play is completely at odds with his WR runs. As of the early/mid 2000s he just wasn't very good at Donkey Kong when compared with his contemporaries.

wild_preference
This just isn't true. Recently there was a Super Meat Boy cheater who was discovered due to analysis of a persistent animation across the game that wasn't lining up due to video cuts.

Pretty flimsy system (and far from "solved"), and it lets cheaters steal glory for the months or years it takes to catch them which threatens the legitimacy of the sport past a critical mass.

Moderators/judges are on the wrong side of a trapdoor function because of the amount of analysis it may take to verify a single video, and they aren't professionals in the field of video analysis.

I don't see how "all progression" is relevant here since you don't need to be a streamer to speedrun much less to submit a well-doctored video with a time that beats other people.

Hattes
I know of the Super Meat Boy example (I've seen the Apollo Legend videos too). Was that run streamed live?
wild_preference
don't know, but my point is that it took a rather serendipitous global animation to expose them. There are people who think speed runs should require footage of the controller for the sake of a consistent analysis medium, and I'm sympathetic to them for the sake of the legitimacy of the sport at the expense of accessibility.

And to respond to your question, you can livestream a pre-recorded video so it doesn't matter. Some guy livestreamed a record breaking run of Yoshi's island or something but got cocky and streamed his controller, and someone trivially discovered he was miming it, pressing or skipping inputs after they were seen in the video. The Super Meat Boy wasn't doing that.

Feb 15, 2018 · 2 points, 0 comments · submitted by singularity2001
He also injected flappy bird into SMW manually. https://www.youtube.com/watch?v=hB6eY73sLV0
Indeed. it is the coolest SNES hack I've seen.

https://www.youtube.com/watch?v=hB6eY73sLV0

braveo
It should be noted that he didn't create the hack, it's something that's been fairly well known. What he did was accomplish it manually, whereas all previous solutions automated it via virtualized controller inputs.
braveo
It should be noted that he didn't create the hack, it's something that's been fairly well known. What he did was accomplish it manually, whereas all previous solutions automated it via virtualized controller inputs.
None
None
qwertyuiop924
Yes. I did (try) to point that out. But the fact that he did it by hand was really cool.
braveo
absolutely, and if I recall, he did it his first live try.

It was definitely impressive but as a software person I'm more impressed by the ones who came up with the hack itself.

Youtube is full of hidden gems, all a matter of taste.

Meta-programming: https://www.youtube.com/user/jblow888

Math'n'music edutainment: https://www.youtube.com/user/Vihart

Science edutainment: https://www.youtube.com/user/Vsauce

Feats of incredible gaming skill: https://www.youtube.com/channel/UCz4GCnY4I0380v7GmXQQSWw

Tidbits of hacking ingenuity: https://www.youtube.com/watch?v=hB6eY73sLV0

Looking for heart in pop culture: https://www.youtube.com/user/Nerdwriter1

You can get lost in the maze of excess information. It's great - i think...

WizardlySquid
I want to brush up on my meta-programming but Jonathan Blow is such a douche.
May 25, 2016 · 566 points, 71 comments · submitted by CameronBanga
userbinator
It's more like "Flappy Mario", but I guess inputting the appropriate pixels for the bird sprite would take long... the pipes, however, are perfect.

Still, it's amazing. Ridiculously impractical like those who build ship models in bottles, but awesome nonetheless. Hopefully it'll also be inspirational starting-off point for those wanting to learn more about how computers work. I know many who started down the road to CS with this sort of "game hacking".

Relatedly, I also know of an instructor who does something somewhat similar for the first class of his "intro to computing" course: he takes out a little 8-bit computer mounted on a breadboard with a few LEDs and pushbuttons, and enters a few dozen machine instructions bit-by-bit, writing a short program that causes the LEDs to flash in various patterns selected by the buttons. As part of that demo, he also writes and runs a "Hello World" binary in Windows Notepad --- entering each byte as ASCII characters. He says it's these sorts of "unusual" demos that can most effectively get students' attention, and I agree.

girvo
> the pipes, however, are perfect

You probably know this, but thats because the Flappy Bird pipes lifted Mario's pipe sprite entirely!

vardump
Many eighties games used similar style for 3d-shapes.
panic
No, they didn't: http://i.imgur.com/mN2RMNy.png
RottenHuman
maybe from a different Mario game?
ManlyBread
Looks a lot like Mario Advance 3.
justinlardinois
Super Mario Advance 3 was a port of Yoshi's Island. Yoshi's Island pipes for reference:

http://protipoftheday.com/sites/default/files/yoshis_island_...

Not anywhere close.

ManlyBread
Actually I was thinking of Super Mario Advance 4, which is the port of Super Mario Bros. 3, thus the mistake on my part.
girvo
Fine, "heavily inspired by".
raverbashing
Using the direct sprite data would have been a massive IP violation

Drawing something similar can surely have people questioning it, but it might be sufficiently different to (try to) avoid bigger complaints.

NietTim
I don't think the creator of flappy bird gave a damn about IP violations.
tamana
Not massive at all. The pipes are not a substantial creative artifact in their own right.

An IP violation would require causing brand confusion or drawing sales away from the original

Buge
You're thinking of trademark, which would require confusion.

Copyright is another type of IP, and does not require confusion. It only requires copied content.

Animats
He takes out a little 8-bit computer mounted on a breadboard with a few LEDs and pushbuttons, and enters a few dozen machine instructions bit-by-bit.

Mainframe computers and minicomputers once had lots of blinking lights and buttons, so you could do that sort of thing. It was the only way to debug low-level code. It was not fun.

Drdrdrq
Something being fun (or just being really tedious work) depends on context - especially on motivation for doing it. So yes, flipping bits manually can be fun.
hartator
He also did this: https://www.youtube.com/watch?v=qv6UVOQ0F44 (Also really impressive, I think this guy is a genius.)
harryf
Video conferencing with Minecraft is pretty cool too https://youtube.com/watch?v=sMH3wLuR9f0
pfista
That's awesome! Too bad they removed the content here http://verizoncraft.github.io
jags-v
@harator : Thanks for posting this link here. I would have never found it on my own.
rpgmaker
I just have a general knowledge of what neural networks are about so this video was actually more impressive to me than the one submitted. Thanks.
None
None
None
None
panic
This is cool, though (due to overfitting) it's really just "memorizing" the first level rather than learning how to play in general. It'd be interesting to see the same technique with separate test and training data sets.
minimaxir
The overfitting problem is addressed in the followup: https://www.youtube.com/watch?v=iakFfOmanJU
stormbrew
I wonder if there is a way it could learn to get over that tall pipe in this one. It might be sufficient for it to learn to deliberately attack any enemies it finds, combined with its tendency to move right all the time. But I suppose that might be too complex a set of actions for this.
l-p
See PoC||GTFO 0x10 [1] for the writeup on "Pokémon plays Twitch chat", a multi-staged hack that exploits Pokémon to exploit the Super GameBoy to exploit the SNES to then display the Twitch chat.

Note that the PDF can be loaded directly as a LSNES input replay and reproduce the exploit.

[1] https://www.alchemistowl.org/pocorgtfo/pocorgtfo10.pdf

beefsack
This was quite popular on Reddit when it was released.

Some discussion: https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

meanduck
This[1] was mentioned in its other thread. Not related to programming but the amount of thought process went into it is just amazing.

[1] "SM64 - Watch for Rolling Rocks - 0.5x A Presses (Commentated)" : https://www.youtube.com/watch?v=kpk2tdsPh0A

mkoryak
Next time a watch a movie where they hack a computer by literally breaking an animated firewall in cyberspace I promise not to cringe
digi_owl
I see it for what it is, eyecandy for the masses.
colordrops
This is basically a remake of the movie The Matrix. He even flies at the end.
beefsack
It's a little disappointing these types of games have become known as "Flappy Bird clones" when Flappy Bird itself was just a clone of many other games before it.

Any old Palm users remember SFCave?

sopooneo
I hear you, but in my memory, most of those old games allowed you to maintain vertical thrust. Flappy Bird has the twist that you can only apply up-thrust in taps.
pmarreck
I had a Palm and never played that! Ever play Space Trader? That was probably my favorite Palm game...

https://en.wikipedia.org/wiki/Space_Trader_(Palm_OS)

On that note, is there a Palm emulator anywhere?

throwanem
There are several, but none currently available for iOS, at least not through the app store. (I don't know if you care about iOS, but it's the platform I jumped to when Palm ceased to be sustainable.)

The Palm OS emulator for Windows and Linux can probably still be made to work, although in the latter case, good luck getting it to run in the absence of suitably decrepit shared library versions which your distro's package manager probably no longer provides - your best bet might be to find a DVD image of a distribution from 2003 or so, and install that in a VM to support the emulator.

Linux RPMs can be had via Sourceforge [1]. Windows binaries are apparently available from several sources; the one provided by download.cnet.com [2] appears to be free of social diseases and reasonably functional. (It'll complain about a missing skins directory, but there's a generic skin packaged with the application which will work for your purposes.)

You'll also need a ROM image. To my outright astonishment, some of these appear still to be available on the web! [3] "Palm OS 3.5-en-color.rom" boots successfully in the Windows emulator.

And, finally, you'll need the Space Trader application itself. If you don't still have a copy, it remains available for download on the developer's site [4]. Once you have it, extract the version of your choice from the zipfile - the color version works fine with the ROM I mentioned. Then (at least on Windows) right-click the emulator chrome and choose "Install Application/Database", then "Other...", and navigate to the extracted .prc file. The emulator will load the app into the virtual Palm's memory, and then you can just click the icon to run it. It seems to work quite well!

There are also several variably crummy knockoffs of Space Trader available for iOS, none of which does a good job capturing what made the Palm version fun. I keep meaning to reimplement it as a browser app or something, but...

[1] https://sourceforge.net/projects/pose/files/pose/3.5-2/

[2] http://download.cnet.com/Palm-OS-Emulator/3000-2212_4-101114...

[3] http://artnetweb.com/gh/palm_emulator/roms%20Folder/Popular%...

[4] http://ticc.uvt.nl/~pspronck/spacetrader/STDownload.html

pmarreck
If only we could just recompile Space Trader to Emscripten. Great response!
daniel_iversen
Sure do!!! And do you know you can now get SFCave for free on iOS? The most addictive game ever! :)
Kiro
If you think Flappy Bird is a clone of SFCave or any prior title you have completely misunderstood the game. Have you played it?
ewmailing
I made this video in defense of Flappy Bird back when people were piling on the game and the author. There are multiple points, but it starts with my belief that people overstate the similarities to other semi-recent games and simultaneously forget much older games. The video includes clips of video games from the early 80s and even Space War! from 1962.

https://www.youtube.com/watch?v=Us-W5CWj7Ic

partycoder
This is very accurate, thanks for doing this.
cloudjacker
So instead of hacking a bank in Bangladesh, he makes Flappy Bird on SNES
rollulus
Funny, I recall that I had a Game Genie [1] code which had exactly the same effect!

[1]: https://en.wikipedia.org/wiki/Game_Genie

golergka
Watching this I can't help but imagine a sci-fi scenario where surrounding reality turns out to be virtual, with this kinds of bugs. Matrix and others left this concept completely unexplored.
ada1981
I've been living in that world for quite some time.
luso_brazilian
The Matrix, at least, didn't leave this concept unexplored.

There is this excellent series of short animations (The Animatrix), one of the stories addresses this exact scenario.

You can watch it on Youtube: https://www.youtube.com/watch?v=ruFE126Osrg

The Animatrix is, IMO, the true sequel (and also, prequel) to the original Matrix, it is very much worth a watch.

acqq
The explanation of some of the glitches in the game used to enter the bytes:

https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

Also, what had to be discovered before:

https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

Not easy to achieve the possibility to "use the glitches in the Matrix."

petetnt
He also created a working phone with web browser and video calling in Minecraft sometime back: https://www.youtube.com/watch?v=sMH3wLuR9f0
Retr0spectrum
I think Verizon did most of the work on that one, not that he couldn't have done it himself.
vetrom
Blindly expected sethbling, got sethbling. Its interesting just how firmly some reputations get built I think.
nkrisc
Well if it's some kind of crazy Mario related title, it's probably him.
ccvannorman
This is the coolest thing I have ever seen.
staticelf
This is practically hollywood hacking IRL.
kendallpark
There is no limit to human ingenuity.
pacomerh
amazing tricks
pacomerh
Interesting that I get downvoted for genuinely liking this video. I guess you where expecting some criticism or a longer excitement?
88e282102ae2e5b
Comments that provide no information or insight are generally downvoted.
hathym
This is insane !
vans
https://www.youtube.com/watch?v=y66UjBZN3K4
raverbashing
Interesting hack but saying over and over "the first human to do blah blah blah" seems awfully narcissistic

Yeah, I was probably the first human to do a lot of crap, doesn't mean I need to self-aggrandize like that

stormbrew
If you are doing things no human has ever done before on the regular, I'd definitely consider subscribing to your newsletter and/or YouTube channel.
Buge
He's pointing out that although this type of thing has already been done before by automated inputs (such as this video https://www.youtube.com/watch?v=OPcV9uIY5i4 ), this is the first time a human has done it.
cyphar
He said it once in a 6 minute video. Twice if you count saying "I don't think anyone else has ever done this".
raverbashing
I had the impression he said it more times, but you know, it's a videogame hack, not landing on the moon
cyphar
"everything that is not landing on the moon isn't novel, hard or interesting".
mralvar
Do it then, bud.
tehrei
Yeah, it's just a videogame hack not, you know, BRAIN SURGERY, am I right.
RadicalRaid
I thought it was very impressive regardless. I'm sure it also took a lot of research, planning, and a lot of failed attempts.
hellofunk
Watch it again. He says it at least 3 times in the first several seconds of the video.
optimiz3
"The first human" is remarkable because there are many tool-assisted versions of this. It's delineating the fact that no emulators or automated input devices were used.
raverbashing
I've spent a lot of time in the early days of computing typing hex code corresponding to assembly instructions to load programs. Yes, a lot of A3 F7 <enter> C0 <enter> etc

Yes, he's doing it in a harder way, by using positions and jumps, but that's also his choice as there are automated tools to do this

mynameisvlad
Typing assembly into a medium that is built for that is worlds apart from precisely inputting it using a standard controller into a game that was not meant to do it. If you think it's not an accomplishment, you are free to try it out yourself to see how incredibly difficult it is to do without assistance from a tool. Getting it exactly right is a skill, and not an easy one to master either.
JoshTriplett
The idea that someone hand-input 331 bytes of code by this manual method reminds me of a quote by Joey Hess on https://joeyh.name/blog/entry/ouch__33__/ , regarding the development of an RSA implementation in Perl that two people got as a tattoo: "I remember sending that in, but until today I hadn't realised that my keystrokes had actually translated into needle sticks for two people, Youch!"

As the video mentions, the person who developed the 331-byte Flappy Bird implementation specifically optimized it for code size, to make it easier to enter by hand.

grenoire
It looks like it's not compromising functionality by the optimisations though. I really like how the swimming physics and animations are used to replicate the Bird's movements and mechanics.
shultays
That is also for the sake of optimzations though. It reuses swimming physics and animations because it makes code shorter
May 17, 2016 · 2 points, 0 comments · submitted by borski
Apr 02, 2016 · 1 points, 0 comments · submitted by colinprince
Mar 28, 2016 · 8 points, 1 comments · submitted by CameronBanga
harryf
This really deserves more attention. Insanely cool hack - the "by Hand" means using the Nintendo game controller to move sprites in such a to inject processor instructions into Super Mario World via glitches in the game
Mar 28, 2016 · 1 points, 0 comments · submitted by reimertz
Mar 28, 2016 · 145 points, 11 comments · submitted by bendykstra
josso
Really impressive job by SethBling and p4plus2.

The notes for how to replicate it can also be found in this Google Document[1] and the payload for the injected game itself is also available[2].

[1]: https://docs.google.com/document/d/1TJ6W7TI9fH3qXb2GrOqhtDAb...

[2]: http://paste.ofcode.org/EiTmWXkmqJ4eAcJBvqEDwz

leeoniya
this one is also pretty crazy:

Super Mario World Credits Warp Explained

https://www.youtube.com/watch?v=vAHXK2wut_I

pbkhrv
Reminds me of what it takes to debug a dozen microservices talking to each other.
smaili
Just out of curiosity, are there any risks of corrupting the cartridge?
efinr
AFAIK it writes to RAM only. also AFAIK the cartridge is ROM
mikeash
The game code itself is in ROM, so there's no risk there. There is some nonvolatile storage on the cartridge used to save games, which could potentially be corrupted. The save state is so simple that I don't think there's any risk of trouble from that, besides losing (or gaining!) saved progress.
Drakim
Actually, you could in theory craft save-data that softlocks the game when the save-data names are displayed. If the game isn't programmed to wipe bad save data you'd be in trouble.

Not saying this is the case for SMW, but there are certain cartridge games where this can happen naturally.

JonnieCache
There are exploits used by speedrunners in Donkey Kong Country 2 that can cause corruption to the nonvolatile save state which will "brick" the cart. It can be fixed by opening the cart up and disconnecting the battery.
jtolmar
I hope someone eventually finds a way to perform arbitrary code execution based on SRAM.

Probably not on SMW, but Pokemon is getting broken enough that it may some day be possible. There's already inventory-based exploits that can get saved across resets, but someone still has to play the game and open up the inventory screen for that.

FreeFull
The game also stores a checksum of the nonvolatile storage, so even if you do corrupt it, it will be detected and cleared.
matt_morgan
My 9 year old son, a SethBling fan (like me), got home from school right when I clicked on this. I had to explain why I was watching YouTube while "working." Great video for us to watch together!
BHSPitMonkey
Really scary stuff. I hope the SNES Security team is taking this seriously and gets a patch out to customers quickly.
HN Theater is an independent project and is not operated by Y Combinator or any of the video hosting platforms linked to on this site.
~ [email protected]
;laksdfhjdhksalkfj more things
yahnd.com ~ Privacy Policy ~
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.