HN Theater

The best talks and videos of Hacker News.

Hacker News Comments on
SNES Code Injection -- Flappy Bird in SMW

SethBling · Youtube · 731 HN points · 14 HN comments
HN Theater has aggregated all Hacker News stories and comments that mention SethBling's video "SNES Code Injection -- Flappy Bird in SMW".
Youtube Summary
Using various Super Mario World glitches, I injected the code for Flappy Bird (code written by p4plus2). This is the first time a human has ever completed this kind of exploit. Special thanks to p4plus2 and MrCheeze who helped me a ton with this project.
Livestream Archive: https://www.twitch.tv/sethbling/v/57032858
Route Notes: https://docs.google.com/document/d/1TJ6W7TI9fH3qXb2GrOqhtDAbVkbIHMvLusX1rTx9lHA/edit?usp=sharing
p4plus2: http://youtube.com/p4plus2

SethBling Twitter: http://twitter.com/sethbling
SethBling Twitch: http://twitch.tv/sethbling
SethBling Facebook: http://facebook.com/sethbling
SethBling Website: http://sethbling.com
SethBling Shirts: http://sethbling.spreadshirt.com
Suggest Ideas: http://reddit.com/r/SethBlingSuggestions

Music at the end is Cipher by Kevin MacLeod
HN Theater Rankings
  • Ranked #22 all time · view

Hacker News Stories and Comments

All the comments and stories posted to Hacker News that reference this video.
Also be sure to check out the super Mario world flappy bird code injection:

https://youtu.be/hB6eY73sLV0

crtasm
Plus "Mario maker" mode injected into super Mario world: starts around 11:30: https://m.youtube.com/watch?v=IOsvuEA2h4w

Although this one is unlikely to ever be performed by a human!

I don't know about the run shown in the OP, but there are a fair number of memory-manipulation/ACE speedruns that are feasible in RTA ("real-time attack", a.k.a. something a human could pull off, as distinct from TAS). Off the top of my head I can think of such routes for Pokemon Red/Blue, Ocarina of Time, and Super Mario World.

To answer your question of "how likely is one to pull this off" for those three, the Pokemon one requires no almost advanced execution, other than turning off the console at a precise point to corrupt the save data you otherwise just need to follow a simple (though long) series of steps. The Mario one requires some pixel-perfect precision, and runners often used hacked ROMs that display coordinates in order to train. The Zelda one requires exact angles to be held on the analog stick, and I've heard of people creating guides out of cardboard and rubber bands in order to help them achieve the angles more reliably.

Sorry that I don't have any video links on hand, but you could almost certainly find examples of these in the GDQ archives.

EDIT: Found a good video for the SMW example, by SethBling, which actually goes a step further and manually reprograms SMW into Flappy Bird: https://www.youtube.com/watch?v=hB6eY73sLV0

EDIT 2: Here's an excellent explanation of the Zelda ACE: https://www.youtube.com/watch?v=wdRJWDKb5Bo

Hamuko
GTA Vice City and San Andreas Any% are also memory manipulation. World record for Vice City is 8.5 minutes and 15 minutes for San Andreas. I think both are very precise but very much doable by speedrunners, although not consistently.
lillesvin
One of the Castlevania games (maybe Symphony of Darkness?) achieves ACE by inventory manipulation.

Mega Man 1 has an ACE category as well which is really interesting. I think Nudua explained it somewhere. (On my phone, but a quick googling should help you.)

kibwen
Right, the Castlevania: Symphony of the Night one is also excellent, and I know for sure it has a GDQ demonstration.
lillesvin
Oh, right, it's "Symphony of the Night". I thought "Symphony of Darkness" sounded off but I couldn't for the life of me remember the correct name.

Edit: Btw, the aforementioned explanation of how to do the Mega Man 1 Credits Warp (through ACE) can be found here: https://nudua.com/mm1/

xg15
Even then, some of the timing accuracy required still mystifies me. E.g., if I got it right then, for the RNG manipulation to work, you have to press "A" on the menu screen in one particular frame, counted from when the console was switched on. At the standard PAL framerate of 50 FPS, this gives you 1/50th of a second to react, with no visual indicator that the frame you're looking for is about to come up. I have no idea how to even begin training this.
jsjohnst
> At the standard PAL framerate of 50 FPS, this gives you 1/50th of a second to react

PAL is 25FPS, no?

ddingus
For broadcast programs, yes.

The NES, and many other early computer/game systems, don't bother sending an interlaced display. Basically, they omit the half scan line at the end of one frame that positions the next frame lines in between the prior frame.

That's what 288p is.

And the result is half the vertical resolution but at full frame rate. 50fps

Pal, intended for viewing movies, television broadcast does output that half scan line for the full vertical resolution, and the result is a full frame is seen every other frame.

That's what 576i is.

Twice the vertical resolution, half the frame rate or 25fps.

jsjohnst
Ok, so standard PAL is 25FPS, but half vertical resolution PAL is 50FPS. Thanks for the detailed explanation, but was a downvote necessary too when I asked a clarification and actually was factually correct?
jsjohnst
Ok, so standard PAL is 25FPS, but half vertical resolution PAL is “50FPS”. Thanks for the detailed explanation of why you call it 50FPS (as seen from game’s perspective, not the PAL spec as GP implied).

> And the result is half the vertical resolution but at full frame rate

This is incorrect. It would be correct if you said “full field rate” here. The PAL standard is 50 fields per second. Two fields comprise one frame.

Now as to the NES specifically, this link breaks down more precisely the game’s FPS (tl;dr, it’s neither PAL or NTSC’s frame or field rate exactly):

https://forums.nesdev.com/viewtopic.php?t=492

ddingus
BTW, some contributors to that forum thread are incorrect about interlace being about the number of scanlines.

Interlace requires there be one half scanline.

Whether there are an odd or even number of scanlines can impact color phase shifting, depending on whether the source signal is phase shifting the color burst.

Older machines, such as the 8 bit Apple 2, did not phase shift at all so color artifacting would be predictable and useful. Even vs odd scan lines would affect precise frames per second only.

jsjohnst
I agree, wasn’t using that link as a justification for anything besides the math for the FPS on the NES (which seems correct to me).
ddingus
Was for passers by mainly.
ddingus
You should consider editing the downvote comment away. Wasn't from me, and my advice is to just ignore all that. I do.

Yes, that article is right about the timings. The signal standards were abused in small ways to improve graphic quality, get speed and more.

Similar things happen in NTSC land too. Those deliver 60 fps. Many TV sets will permit further abuse and deliver NTSC with more PAL like timings to get 50fps, but still with NTSC color encoding.

An Amiga and Color Computer 3 can both do this. It is correct to do in some parts of the world too. I have done it in video signal projects.

Whether my comment is incorrect depends on POV.

From the NES pov, and how gaming generally thinks of frames, its fine.

From the signaling POV field is more descriptive.

Consider when there is no interlace, what happens to the concept of a field? There aren't any. Just frames, as in one complete image completely displayed.

Many people think in simple frames per second terms. This is why many, particularly those who grew up during retro times, will say PAL 50fps. To them, PAL does in fact deliver 50 complete frames per second.

Edit, oh yes! I do see where I should have said field early on. Too late to edit now. Basically, when the half scanline is not part of the signal output, fields go away.

When it is, there are fields and they get displayed sequentially, interlaced fashion, one full frame displayed every two fields.

Cheers!

jsjohnst
> This is why many, particularly those who grew up during retro times, will say PAL 50fps. To them, PAL does in fact deliver 50 complete frames per second.

That doesn’t make it correct, but I agree now in retrospect and thus edited my post.

(Also, agree re: intro part to your reply. The problem I have is when factually correct comments without anything wrong about them get greyed out)

ddingus
Ignore it. Over time you get thicker skin, handle exchanges better[1], as I did here, and your net upvotes go up

Yes, not worrying about it improves it. Strange world sometimes, isn't it?

[1]not saying you are bad. No judgment here. And that's the point. I basically don't do judgment and treat you the same way whether I see upvotes or not. That really improves things.

And again, it is just advice.

marvin
There are some cues you could use to get very close, particularly the rhythm of the music.

I've heard that a decent drummer can hit a note within 15 milliseconds of the mathematically correct point on average, and that makes it plausible that you could use rhythm as a cue to hit within the 20 milliseconds that this would require.

But obviously this would become less likely to succeed as the length of the game continues and timing errors that affect the soundtrack compound.

xg15
> I've heard that a decent drummer can hit a note within 15 milliseconds

I find that easily believable. I think human reactions can be very fast and very precise if there is some kind of feedback - e.g. a clue, pattern or rythm to latch onto.

What I find harder to imagine is precision without any feedback - e.g. a human player pressing a button after exactly 15 milliseconds, without any kind of clock.

...but as you say, there may actually be some clues.

dragontamer
Fighting game players regularly hit 1/60th of a second frame links.

For example, Guilty Gear XX's "one frame jump" is required to escape some pressure strings. This requires one-frame precision (1/60th of a second), pushing "Barrier" on frame 3.

If you push Barrier on frame 1 or 2, you're grounded and won't jump. If you push Barrier on Frame 4, it doesn't make a difference (because your character's animation is the same by frame 4). Its literally a 1-frame button timing.

Street Fighter IV had a fair number of 1-frame combos as the bread-and-butter for many characters. These 1/60th of a second links may be character specific (since all enemy hitboxes change based off of their relative sizes). They're also position dependent, because wall-bounce vs corner combos are a thing in most fighting games.

https://www.youtube.com/watch?v=OIXuOx8WbFU

Most people, with enough practice, can execute this. Just most people don't realize that they can. This isn't even elite musician level.

Now what the expert fighting game player can do, is do the 1-frame link reliably during a tournament while the crowd is yelling and overall in a distracted environment.

Agreed, I was first perplexed at what was going on, starting to not see where it was going at all with the low-level explanations, and then when the enemy positions turned out to be assembly instructions... mind blown.

It also reminded me of this video which shows Flappy Bird being code injected into Super Mario World, by hand... https://www.youtube.com/watch?v=hB6eY73sLV0

Sep 09, 2020 · 3 points, 0 comments · submitted by Schiphol
Jul 10, 2020 · 2 points, 0 comments · submitted by bearbin
It's even harder to imagine how someone could rewrite the code to Super Mario World on an unmodified SNES to play Flappy Bird just using regular controllers, yet it's possible: https://www.youtube.com/watch?v=hB6eY73sLV0
There's lots of examples, but a famous one is this video by Sethbling where he uses a controller as opposed to a TAS tool: https://youtu.be/hB6eY73sLV0
Jun 07, 2019 · Strom on Stadia Founder's Edition
There are undoubtedly major benefits in the war against cheaters by completely removing user access to the underlying system. However I think there are two fundamental points to keep in mind on why it's not going to be an ultimate solution.

1) Unless cross-platform play is forbidden or the game is exclusively streamed-only, the cheaters will just use a different platform and will still ruin your game the same old way. It's the cheater's platform of choice that matters.

2) Games are some of the least security conscious pieces of software out there [1], primarily written in C++. There are bugs, lots of bugs. Process-takeover enabling bugs. I'm sure Google sandboxes the game to protect their systems, however cheaters only need access to the game process to enable most of their desires. Yes this would raise the bar in how easy it would be to cheat. Average Joe Cheat Engine users would be gone, but more skilled cheat makers will continue business as usual and their released cheats will do the exploits hidden from the actual people doing the cheating.

Bonus: See this cute hack that injects flappy bird into Super Mario World. https://www.youtube.com/watch?v=hB6eY73sLV0

--

[1] Even AAA developers are clueless about threat models. Games like Tom Clancy's The Division [2] and Fallout 76 [3] are multiplayer games that put extreme trust into the client. Trust that nobody would modify their script files, trust that the client is always telling the honest truth.

[2] http://web.archive.org/web/20170611084112/http://gafferongam...

[3] https://www.reddit.com/r/fo76/comments/9u71m1/get_ready_for_...

No, a person can do it on a real console https://www.youtube.com/watch?v=hB6eY73sLV0
vermilingua
Saying SethBling can do it, does not mean that ordinary people can do it. He is a very talented and focused individual.
httpsterio
Thank you, I stand corrected.
My favorite example of this is the time it was used it to inject flappy bird.

https://www.youtube.com/watch?v=hB6eY73sLV0

"likely only possible in TAS" has this habit of becoming possible.

SethBling turning Super Mario World into Super Flappy Birds on a console comes to mind. https://www.youtube.com/watch?v=hB6eY73sLV0

kibwen
Exactly why I made the conscious choice to use the word "likely". :)
berbec
Conscious choice consensus
super impressive stuff. I'm generally unfamiliar with speedrunning, but I am familiar with the billy mitchell controversies, so I'm surprised that people accept the legitimacy of streamed runs. wouldn't it be trivial-enough to fake?

tangental: my personal favorite mario-related feat is sethbling injecting flappy bird into super mario world manually: https://www.youtube.com/watch?v=hB6eY73sLV0

mrob
It's possible to fake streamed runs, e.g. by miming over pre-recorded spliced/TASed runs, but Kosmic has played at live events where this would be impossible, and there's no doubt that he has the skill to do this legitimately.
bhickey
Billy's live performances were miles away from his spliced runs. The live performances of top level SMB runners are in line with streamed performances. Some communities are moving toward controller cams to show each button press.
ngokevin
Would it be fair to say similar scandals have happened in actual sports (PEDs, judge corruption)? Cheating is often caught and corrected in the speedrunning community.
MiddleEndian
As a regular fan of MMA and occasional watcher of boxing, I can't think of a single example of the sports' governing bodies overturning a corrupt result, even in the Olympics. Occasionally judges will be fired later; that's it.

PEDs are enforced almost sporadically; I wish they didn't bother.

Edit: By corrupt result I meant corrupt or inaccurate judging.

kod
Cormier vs Jones 2
MiddleEndian
That fight was overturned due to Jones popping for PEDs, not due to improper judging.

When I said "corrupt result" I meant corrupt judging. Sorry I was unclear.

sp332
Because after all, it's still a game and this is still just about having fun. Until someone starts losing real money from video game fraud, there's no incentive to turn a friendly competition into a thing where you feel like you can't trust anybody.
kryogen1c
Oh neat! I knew about the credits warp, but I didn't know about flappy bird. Thanks!
Hattes
To an extent I think that streaming has solved this problem, compared to the days of people just submitting videos that they recorded by themselves. Streamers might fake a single run to get a record, but it would be a huge amount of work to fake all the progression they had to go through to get there.
dezgeg
I would have previously thought so too, but recently there was a cheating incident in the GTA speedrunning where already a top runner started cheating: https://old.reddit.com/r/speedrun/comments/98utvr/grand_thef.... So for a year there was apparent progression to be seen in the streams, but it was all/most due to modifying the game files to gain advantage.
topmonk
I agree, but furthermore after you get to a certain level of skill, you pretty much have a free pass to cheat if you like.

To wit, I don't think many people suspected Billy Mitchell of cheating until there was undeniable proof of that fact.

bhickey
> To wit, I don't think many people suspected Billy Mitchell of cheating until there was undeniable proof of that fact.

Not so much. Billy has been suspected of cheating for ages. His live play is completely at odds with his WR runs. As of the early/mid 2000s he just wasn't very good at Donkey Kong when compared with his contemporaries.

wild_preference
This just isn't true. Recently there was a Super Meat Boy cheater who was discovered due to analysis of a persistent animation across the game that wasn't lining up due to video cuts.

Pretty flimsy system (and far from "solved"), and it lets cheaters steal glory for the months or years it takes to catch them which threatens the legitimacy of the sport past a critical mass.

Moderators/judges are on the wrong side of a trapdoor function because of the amount of analysis it may take to verify a single video, and they aren't professionals in the field of video analysis.

I don't see how "all progression" is relevant here since you don't need to be a streamer to speedrun much less to submit a well-doctored video with a time that beats other people.

Hattes
I know of the Super Meat Boy example (I've seen the Apollo Legend videos too). Was that run streamed live?
wild_preference
don't know, but my point is that it took a rather serendipitous global animation to expose them. There are people who think speed runs should require footage of the controller for the sake of a consistent analysis medium, and I'm sympathetic to them for the sake of the legitimacy of the sport at the expense of accessibility.

And to respond to your question, you can livestream a pre-recorded video so it doesn't matter. Some guy livestreamed a record breaking run of Yoshi's island or something but got cocky and streamed his controller, and someone trivially discovered he was miming it, pressing or skipping inputs after they were seen in the video. The Super Meat Boy wasn't doing that.

Feb 15, 2018 · 2 points, 0 comments · submitted by singularity2001
He also injected flappy bird into SMW manually. https://www.youtube.com/watch?v=hB6eY73sLV0
Indeed. it is the coolest SNES hack I've seen.

https://www.youtube.com/watch?v=hB6eY73sLV0

braveo
It should be noted that he didn't create the hack, it's something that's been fairly well known. What he did was accomplish it manually, whereas all previous solutions automated it via virtualized controller inputs.
braveo
It should be noted that he didn't create the hack, it's something that's been fairly well known. What he did was accomplish it manually, whereas all previous solutions automated it via virtualized controller inputs.
None
None
qwertyuiop924
Yes. I did (try) to point that out. But the fact that he did it by hand was really cool.
braveo
absolutely, and if I recall, he did it his first live try.

It was definitely impressive but as a software person I'm more impressed by the ones who came up with the hack itself.

Youtube is full of hidden gems, all a matter of taste.

Meta-programming: https://www.youtube.com/user/jblow888

Math'n'music edutainment: https://www.youtube.com/user/Vihart

Science edutainment: https://www.youtube.com/user/Vsauce

Feats of incredible gaming skill: https://www.youtube.com/channel/UCz4GCnY4I0380v7GmXQQSWw

Tidbits of hacking ingenuity: https://www.youtube.com/watch?v=hB6eY73sLV0

Looking for heart in pop culture: https://www.youtube.com/user/Nerdwriter1

You can get lost in the maze of excess information. It's great - i think...

WizardlySquid
I want to brush up on my meta-programming but Jonathan Blow is such a douche.
May 25, 2016 · 566 points, 71 comments · submitted by CameronBanga
userbinator
It's more like "Flappy Mario", but I guess inputting the appropriate pixels for the bird sprite would take long... the pipes, however, are perfect.

Still, it's amazing. Ridiculously impractical like those who build ship models in bottles, but awesome nonetheless. Hopefully it'll also be inspirational starting-off point for those wanting to learn more about how computers work. I know many who started down the road to CS with this sort of "game hacking".

Relatedly, I also know of an instructor who does something somewhat similar for the first class of his "intro to computing" course: he takes out a little 8-bit computer mounted on a breadboard with a few LEDs and pushbuttons, and enters a few dozen machine instructions bit-by-bit, writing a short program that causes the LEDs to flash in various patterns selected by the buttons. As part of that demo, he also writes and runs a "Hello World" binary in Windows Notepad --- entering each byte as ASCII characters. He says it's these sorts of "unusual" demos that can most effectively get students' attention, and I agree.

girvo
> the pipes, however, are perfect

You probably know this, but thats because the Flappy Bird pipes lifted Mario's pipe sprite entirely!

vardump
Many eighties games used similar style for 3d-shapes.
panic
No, they didn't: http://i.imgur.com/mN2RMNy.png
RottenHuman
maybe from a different Mario game?
ManlyBread
Looks a lot like Mario Advance 3.
justinlardinois
Super Mario Advance 3 was a port of Yoshi's Island. Yoshi's Island pipes for reference:

http://protipoftheday.com/sites/default/files/yoshis_island_...

Not anywhere close.

ManlyBread
Actually I was thinking of Super Mario Advance 4, which is the port of Super Mario Bros. 3, thus the mistake on my part.
girvo
Fine, "heavily inspired by".
raverbashing
Using the direct sprite data would have been a massive IP violation

Drawing something similar can surely have people questioning it, but it might be sufficiently different to (try to) avoid bigger complaints.

NietTim
I don't think the creator of flappy bird gave a damn about IP violations.
tamana
Not massive at all. The pipes are not a substantial creative artifact in their own right.

An IP violation would require causing brand confusion or drawing sales away from the original

Buge
You're thinking of trademark, which would require confusion.

Copyright is another type of IP, and does not require confusion. It only requires copied content.

Animats
He takes out a little 8-bit computer mounted on a breadboard with a few LEDs and pushbuttons, and enters a few dozen machine instructions bit-by-bit.

Mainframe computers and minicomputers once had lots of blinking lights and buttons, so you could do that sort of thing. It was the only way to debug low-level code. It was not fun.

Drdrdrq
Something being fun (or just being really tedious work) depends on context - especially on motivation for doing it. So yes, flipping bits manually can be fun.
hartator
He also did this: https://www.youtube.com/watch?v=qv6UVOQ0F44 (Also really impressive, I think this guy is a genius.)
harryf
Video conferencing with Minecraft is pretty cool too https://youtube.com/watch?v=sMH3wLuR9f0
pfista
That's awesome! Too bad they removed the content here http://verizoncraft.github.io
jags-v
@harator : Thanks for posting this link here. I would have never found it on my own.
rpgmaker
I just have a general knowledge of what neural networks are about so this video was actually more impressive to me than the one submitted. Thanks.
None
None
None
None
panic
This is cool, though (due to overfitting) it's really just "memorizing" the first level rather than learning how to play in general. It'd be interesting to see the same technique with separate test and training data sets.
minimaxir
The overfitting problem is addressed in the followup: https://www.youtube.com/watch?v=iakFfOmanJU
stormbrew
I wonder if there is a way it could learn to get over that tall pipe in this one. It might be sufficient for it to learn to deliberately attack any enemies it finds, combined with its tendency to move right all the time. But I suppose that might be too complex a set of actions for this.
l-p
See PoC||GTFO 0x10 [1] for the writeup on "Pokémon plays Twitch chat", a multi-staged hack that exploits Pokémon to exploit the Super GameBoy to exploit the SNES to then display the Twitch chat.

Note that the PDF can be loaded directly as a LSNES input replay and reproduce the exploit.

[1] https://www.alchemistowl.org/pocorgtfo/pocorgtfo10.pdf

beefsack
This was quite popular on Reddit when it was released.

Some discussion: https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

meanduck
This[1] was mentioned in its other thread. Not related to programming but the amount of thought process went into it is just amazing.

[1] "SM64 - Watch for Rolling Rocks - 0.5x A Presses (Commentated)" : https://www.youtube.com/watch?v=kpk2tdsPh0A

mkoryak
Next time a watch a movie where they hack a computer by literally breaking an animated firewall in cyberspace I promise not to cringe
digi_owl
I see it for what it is, eyecandy for the masses.
colordrops
This is basically a remake of the movie The Matrix. He even flies at the end.
beefsack
It's a little disappointing these types of games have become known as "Flappy Bird clones" when Flappy Bird itself was just a clone of many other games before it.

Any old Palm users remember SFCave?

sopooneo
I hear you, but in my memory, most of those old games allowed you to maintain vertical thrust. Flappy Bird has the twist that you can only apply up-thrust in taps.
pmarreck
I had a Palm and never played that! Ever play Space Trader? That was probably my favorite Palm game...

https://en.wikipedia.org/wiki/Space_Trader_(Palm_OS)

On that note, is there a Palm emulator anywhere?

throwanem
There are several, but none currently available for iOS, at least not through the app store. (I don't know if you care about iOS, but it's the platform I jumped to when Palm ceased to be sustainable.)

The Palm OS emulator for Windows and Linux can probably still be made to work, although in the latter case, good luck getting it to run in the absence of suitably decrepit shared library versions which your distro's package manager probably no longer provides - your best bet might be to find a DVD image of a distribution from 2003 or so, and install that in a VM to support the emulator.

Linux RPMs can be had via Sourceforge [1]. Windows binaries are apparently available from several sources; the one provided by download.cnet.com [2] appears to be free of social diseases and reasonably functional. (It'll complain about a missing skins directory, but there's a generic skin packaged with the application which will work for your purposes.)

You'll also need a ROM image. To my outright astonishment, some of these appear still to be available on the web! [3] "Palm OS 3.5-en-color.rom" boots successfully in the Windows emulator.

And, finally, you'll need the Space Trader application itself. If you don't still have a copy, it remains available for download on the developer's site [4]. Once you have it, extract the version of your choice from the zipfile - the color version works fine with the ROM I mentioned. Then (at least on Windows) right-click the emulator chrome and choose "Install Application/Database", then "Other...", and navigate to the extracted .prc file. The emulator will load the app into the virtual Palm's memory, and then you can just click the icon to run it. It seems to work quite well!

There are also several variably crummy knockoffs of Space Trader available for iOS, none of which does a good job capturing what made the Palm version fun. I keep meaning to reimplement it as a browser app or something, but...

[1] https://sourceforge.net/projects/pose/files/pose/3.5-2/

[2] http://download.cnet.com/Palm-OS-Emulator/3000-2212_4-101114...

[3] http://artnetweb.com/gh/palm_emulator/roms%20Folder/Popular%...

[4] http://ticc.uvt.nl/~pspronck/spacetrader/STDownload.html

pmarreck
If only we could just recompile Space Trader to Emscripten. Great response!
daniel_iversen
Sure do!!! And do you know you can now get SFCave for free on iOS? The most addictive game ever! :)
Kiro
If you think Flappy Bird is a clone of SFCave or any prior title you have completely misunderstood the game. Have you played it?
ewmailing
I made this video in defense of Flappy Bird back when people were piling on the game and the author. There are multiple points, but it starts with my belief that people overstate the similarities to other semi-recent games and simultaneously forget much older games. The video includes clips of video games from the early 80s and even Space War! from 1962.

https://www.youtube.com/watch?v=Us-W5CWj7Ic

partycoder
This is very accurate, thanks for doing this.
cloudjacker
So instead of hacking a bank in Bangladesh, he makes Flappy Bird on SNES
rollulus
Funny, I recall that I had a Game Genie [1] code which had exactly the same effect!

[1]: https://en.wikipedia.org/wiki/Game_Genie

golergka
Watching this I can't help but imagine a sci-fi scenario where surrounding reality turns out to be virtual, with this kinds of bugs. Matrix and others left this concept completely unexplored.
ada1981
I've been living in that world for quite some time.
luso_brazilian
The Matrix, at least, didn't leave this concept unexplored.

There is this excellent series of short animations (The Animatrix), one of the stories addresses this exact scenario.

You can watch it on Youtube: https://www.youtube.com/watch?v=ruFE126Osrg

The Animatrix is, IMO, the true sequel (and also, prequel) to the original Matrix, it is very much worth a watch.

acqq
The explanation of some of the glitches in the game used to enter the bytes:

https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

Also, what had to be discovered before:

https://www.reddit.com/r/Games/comments/4capfm/explanation_o...

Not easy to achieve the possibility to "use the glitches in the Matrix."

petetnt
He also created a working phone with web browser and video calling in Minecraft sometime back: https://www.youtube.com/watch?v=sMH3wLuR9f0
Retr0spectrum
I think Verizon did most of the work on that one, not that he couldn't have done it himself.
vetrom
Blindly expected sethbling, got sethbling. Its interesting just how firmly some reputations get built I think.
nkrisc
Well if it's some kind of crazy Mario related title, it's probably him.
ccvannorman
This is the coolest thing I have ever seen.
staticelf
This is practically hollywood hacking IRL.
kendallpark
There is no limit to human ingenuity.
pacomerh
amazing tricks
pacomerh
Interesting that I get downvoted for genuinely liking this video. I guess you where expecting some criticism or a longer excitement?
88e282102ae2e5b
Comments that provide no information or insight are generally downvoted.
hathym
This is insane !
vans
https://www.youtube.com/watch?v=y66UjBZN3K4
raverbashing
Interesting hack but saying over and over "the first human to do blah blah blah" seems awfully narcissistic

Yeah, I was probably the first human to do a lot of crap, doesn't mean I need to self-aggrandize like that

stormbrew
If you are doing things no human has ever done before on the regular, I'd definitely consider subscribing to your newsletter and/or YouTube channel.
Buge
He's pointing out that although this type of thing has already been done before by automated inputs (such as this video https://www.youtube.com/watch?v=OPcV9uIY5i4 ), this is the first time a human has done it.
cyphar
He said it once in a 6 minute video. Twice if you count saying "I don't think anyone else has ever done this".
raverbashing
I had the impression he said it more times, but you know, it's a videogame hack, not landing on the moon
cyphar
"everything that is not landing on the moon isn't novel, hard or interesting".
mralvar
Do it then, bud.
tehrei
Yeah, it's just a videogame hack not, you know, BRAIN SURGERY, am I right.
RadicalRaid
I thought it was very impressive regardless. I'm sure it also took a lot of research, planning, and a lot of failed attempts.
hellofunk
Watch it again. He says it at least 3 times in the first several seconds of the video.
optimiz3
"The first human" is remarkable because there are many tool-assisted versions of this. It's delineating the fact that no emulators or automated input devices were used.
raverbashing
I've spent a lot of time in the early days of computing typing hex code corresponding to assembly instructions to load programs. Yes, a lot of A3 F7 <enter> C0 <enter> etc

Yes, he's doing it in a harder way, by using positions and jumps, but that's also his choice as there are automated tools to do this

mynameisvlad
Typing assembly into a medium that is built for that is worlds apart from precisely inputting it using a standard controller into a game that was not meant to do it. If you think it's not an accomplishment, you are free to try it out yourself to see how incredibly difficult it is to do without assistance from a tool. Getting it exactly right is a skill, and not an easy one to master either.
JoshTriplett
The idea that someone hand-input 331 bytes of code by this manual method reminds me of a quote by Joey Hess on https://joeyh.name/blog/entry/ouch__33__/ , regarding the development of an RSA implementation in Perl that two people got as a tattoo: "I remember sending that in, but until today I hadn't realised that my keystrokes had actually translated into needle sticks for two people, Youch!"

As the video mentions, the person who developed the 331-byte Flappy Bird implementation specifically optimized it for code size, to make it easier to enter by hand.

grenoire
It looks like it's not compromising functionality by the optimisations though. I really like how the swimming physics and animations are used to replicate the Bird's movements and mechanics.
shultays
That is also for the sake of optimzations though. It reuses swimming physics and animations because it makes code shorter
May 17, 2016 · 2 points, 0 comments · submitted by borski
Apr 02, 2016 · 1 points, 0 comments · submitted by colinprince
Mar 28, 2016 · 8 points, 1 comments · submitted by CameronBanga
harryf
This really deserves more attention. Insanely cool hack - the "by Hand" means using the Nintendo game controller to move sprites in such a to inject processor instructions into Super Mario World via glitches in the game
Mar 28, 2016 · 1 points, 0 comments · submitted by reimertz
Mar 28, 2016 · 145 points, 11 comments · submitted by bendykstra
josso
Really impressive job by SethBling and p4plus2.

The notes for how to replicate it can also be found in this Google Document[1] and the payload for the injected game itself is also available[2].

[1]: https://docs.google.com/document/d/1TJ6W7TI9fH3qXb2GrOqhtDAb...

[2]: http://paste.ofcode.org/EiTmWXkmqJ4eAcJBvqEDwz

leeoniya
this one is also pretty crazy:

Super Mario World Credits Warp Explained

https://www.youtube.com/watch?v=vAHXK2wut_I

pbkhrv
Reminds me of what it takes to debug a dozen microservices talking to each other.
smaili
Just out of curiosity, are there any risks of corrupting the cartridge?
efinr
AFAIK it writes to RAM only. also AFAIK the cartridge is ROM
mikeash
The game code itself is in ROM, so there's no risk there. There is some nonvolatile storage on the cartridge used to save games, which could potentially be corrupted. The save state is so simple that I don't think there's any risk of trouble from that, besides losing (or gaining!) saved progress.
Drakim
Actually, you could in theory craft save-data that softlocks the game when the save-data names are displayed. If the game isn't programmed to wipe bad save data you'd be in trouble.

Not saying this is the case for SMW, but there are certain cartridge games where this can happen naturally.

JonnieCache
There are exploits used by speedrunners in Donkey Kong Country 2 that can cause corruption to the nonvolatile save state which will "brick" the cart. It can be fixed by opening the cart up and disconnecting the battery.
jtolmar
I hope someone eventually finds a way to perform arbitrary code execution based on SRAM.

Probably not on SMW, but Pokemon is getting broken enough that it may some day be possible. There's already inventory-based exploits that can get saved across resets, but someone still has to play the game and open up the inventory screen for that.

FreeFull
The game also stores a checksum of the nonvolatile storage, so even if you do corrupt it, it will be detected and cleared.
matt_morgan
My 9 year old son, a SethBling fan (like me), got home from school right when I clicked on this. I had to explain why I was watching YouTube while "working." Great video for us to watch together!
BHSPitMonkey
Really scary stuff. I hope the SNES Security team is taking this seriously and gets a patch out to customers quickly.
HN Theater is an independent project and is not operated by Y Combinator or any of the video hosting platforms linked to on this site.
~ [email protected]
;laksdfhjdhksalkfj more things
yahnd.com ~ Privacy Policy ~
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.