Likbez - CHEATS POKES and in game programs: the history of methods of cheating, corporate CHEAT, using published POKES, address search of immortality.

CHEAT POKES and in game programs. Alexander Desyatnichenko, 
Sumy _________________________________________ first 
publication - the magazine "ZX REVYUUKRAINA, 1996. New, much to 
the filling and the revised version - a specially for the 
magazine "ZX POWER", 1997. 1. The history of methods of 
"unfair" games. The very first game programs for ZXSPECTRUM 
were quite primitive and, therefore, comparatively light Vigra. 
Perhaps any of you cmozhet hour-mi play RIVER RAID, aerial very 
da Leco and bypassing those meager for Paz extra lives, which 
bylnadelen pilot creators of the program. But as how to improve 
the technique of programming became more sophisticated and 
themselves game. In 1985, there were programs, gaming space 
which has from several dozen to several hundreds of screens. 
These are well-known You play as STARQUAKE, FIRELORD, ROBIN

in the WOOD and many others. Significantly
increased the number of opponents in the game
and markedly increased their aggressiveness, have begun to 
impose restrictions on the time the task and ammunition

the main character. Increased demands and
to the brain play - now had to
keep in mind the map of the labyrinth,
layout of objects on the location and
This has to pick the keys to the door or
in parallel with the shooting at the enemy, ponder over the use 
of objects. Of course, all these factors have strongly 
influenced the rate of passage of game, which began to appear 
more and more. Themselves as games are becoming more colorful, 
have begun to create so-called FINAL CUT, - it when at the end 
of the game in its successful demonstrated by the passage of 
something like cartoon with congratulations and now plays after 
each successfully completed screen, began to torment the most 
urgent of all the issues - and what is there, then?

That's about that time and the first methods of "unfair" games. 
What are they were? Of course, in addressing

reasons that complicate the game, and first
all, it concerns the limit of lives -
because very few people managed to get huge
gaming space with five lives in
conditions, when you throw all the time
stones, but still perform at this task. Anyone who is even 
slightly versed in the native browsing

program listing to find in her memory addresses that store
number of lives, and addresses, in which it is the number 
decreased with each character's death, and made changes to the 
text of the program either directly, or through the operator 
POKE in BASIC loader. Later lists of POKES began to publish in 
computer magazines, and each user an opportunity to ask himself 
in game of life, we need to

its passage, or simply eliminate the decrease in the number of 
extra lives, established by the program. K By the time 
downloaders already well-protected, so some games

"Obessmerchivalis" making tough changes directly into the body 
of the game with a Copy COPY-COPY (Pirate 02), which allows it 
to do. It is in this way and come down to us such games as

ALIEN 8, NODES of YESOD, INDIANA JONES and
DIZZY. Manufacturers of instant games
responded to such insolence and punished the user-coded primary
block games. Now, before the "loop" program, it needed to crack 
and decrypt. Rigidly obessmerchivat game became less frequent, 
increasingly it has become made from the boot. Began to 
consider the interests play a "fair" - In the loaders before 
hakkerskih POKE posed REM, so as usual the game worked fine, 
but those who do not fit into the limits established in the 
program, could remove the operator REM and play with infinite 
life. Some loaders before you start the game, asked

question: "INFINITE LIVES (Y / N)?", and,
If yes, have made
appropriate changes. New word
was the game mode selection menu. For the first time this
could be observed in the program NEBULUS,
later - in the loaders to Bill Gilbert
Games KRAKOUT 2 and ROBOCOP. Appeared
first megatreynery - so called menu
of a few, three to ten
points, taking advantage of that, we can
limits to fully customize everything in the game on
his taste, from the infinite life and ending with the entrance 
immediately to any level of the game. The first such 
megatreynery you might see in games and SLAP FIGHT

NORTH STAR, much the same development infinitizatsiya "programs 
found in our country due to the absence of the law on copyright

Rights. Now, almost every program, adapted for use in TR-DOS,
supplied if not megatreynerom, at least
unit would POKE. And there is still a huge mass of games past, 
so either someone to end and not passed, but how much is the 
new game, while before us has not come down .. Many of you may 
say that everything is already come down to us and nothing new 
is no longer be. And where is the FLYING SHARK 2 (from 
FIREBIRDS'91), SAVAGE 4 (from PROBE '91), MONSTRLAND (from 
ROLLINGSOFT'91), SATURN 2 (from OCEAN'91), CHANGE TO NINJA (from

ULTIMATE'92), DEUCE (from DURELL'92), DARK
INSIDE (from DINAMIC'92), GRABER (from
CEPPELIN'92), HAND TO HAND (from
USGOLD '92), LETIFEROUS (from IMAGINE'92), LITTLE ELEPH (from 
GOLD WIN'92), NINJA IN FUTURE (from HIT PAC'92), SAVAGE

BARBARIAN (from MASTERTRONIC'92), TWILS
(From CODEMASTERS '92), THE GEGG (from
KONAMI'92), THE ISLAND (from MIKROGEN'92), YAMAHA ISD (from 
ACTIVISION'92) and hundreds of other games? Did you see them, 
because certain that these games exist, there is even describe 
them! Repeatedly in the pages of various newspapers raised the 
question of the moral aspects of infinite lives. But I, being a 
bad player and fan of all the methods of cheating, leaving 
resolution of this issue to the conscience of each and consider 
their task only just share with you

methods of searching for addresses of immortality, and
how to use them - then I use only for themselves, whether 
embedded in custom loaders and offer in this form

wide range of users - let
each of you to define himself.


           2. Corporate CHEAT.


   At the beginning of sinklerovskoy "era went
the most incredible rumors that some programs have so-called
Hot key, pressing that you can
get up things like pass
through walls, jump through screens
and entire game levels, to ensure currently
immortality and unlimited ammunition. Then gradually these fraud
(In English - CHEAT) became a subject of increasing publicity, 
and now Every schoolchild knows that when a menu

2 Select the program CYBERNOID REDEFINE
KEYS, and then a request to override
press left, right, etc., press
keys, which together write
on the screen the word "ORGY", then we can easily
become immortal. Very interesting CHEAT
games in the series DIZZY. So, if after
Download TREASURE ISLAND DIZZY (DIZZY 2),
by simultaneously pressing P, O and A, and
then ENTER, then start a CHEAT.
Now, at any time during the game
you can press C (for this myself Dizzy disappears) and the keys 
Z, X, K and M to move the game screen. Clicking on the JUMP 
Dizzy joystick returns to this screen you choose, and you can 
continue playing already at that point. Even cooler is designed 
to CHEAT SPELLBOUND DIZZY 128K (DIZZY 5). If the front page of 
type "I WANT AN OMLETTE "(without the spaces if you do not get 
right the first time, you can repeat up until the curb do not 
blink), then during the game by pressing the C key

the screen is called a whole menu with a choice
type CHEAT, using which one can not
only move the screens, but also to choose any item, add 
yourself and the lives of stars, even just save all the family 
members. Almost all the programs the company OCEAN have built 
proprietary CHEAT. For example, if a table of scores of games 
NAVY SEALS 1 '2 dial instead of his name the phrase "CLUBBING 
SEASON", then, with difficulty in passing, you can press ENTER 
and go directly to the next level. Practice shows that the 
absolute CHEAT three most active

ways: remapping the keyboard controls, a set of code in front 
page a set of code in the table records. However,

is that the program throughout
Game supports CHEAT, - in the game IRON
SOLDIER at any time you can do
immortal, by simultaneously pressing
G, A, D. What is this and where they CHEAT
it come from? The fact that the programmer
to create a game program must verify that it works and does not 
check somehow, and bypass all the screens on proprygat all the 
bumps, killed on each peg ... In other words, it should provide 
all possible and impossible versions of the game in every game 
screen to program anywhere properly fulfilled and

nowhere to hang, not to mention the fact
that he must pass several times the entire
game from beginning to end completely, making sure its normal 
operation and in achieving this goal. Of course, individual 
routines can be checked and under the supervision of the 
monitor debugger, but complete game - only in the form in which 
it receives the user. Of course, not every programmer, even if 
it is the author of his own game

can quickly and easily pass through,
say, NARCOPOLICE with all levels.
Therefore, purely for themselves, the programmers have done 
here such secret CHEAT, typed after loading the password and 
check your game inside and out. Why do not they cleaned their

after final debugging? And you
imagine what a fully branded finished the game with heaps of 
protection? Not so easy to remove from it a fragment

program, especially if it is hundreds of times
"Pereksoren and packaged together with the main
block games. Besides, after some
time, you can publish this and CHEAT
call this new interest in their game at
those who failed to pass earlier. If
do you really want to pass through some interesting but 
difficult game, but nor CHEAT, nor POKES to her you do not know,

You can try to find a CHEAT myself for this, even knowledge of 
assembler initially did not need, need a good program, monitor, 
and a little of your intuition. This is most easily done by

ROM - uncompressed long code block the game is written to disk 
and viewed the monitor for the search in it a text message. 
When working with tape, after decompressing the main block 
games, download any disassembler and run it on a dump. " 
Browsing contents of memory, a special attention to the text 
messages, which in the game you've never seen on screen, and if 
the eyes are caught per se, Write down or memorize them. Most 
often this unusual words or phrases that hint at

CHEAT. So, in a game MIDNIGHT RESISTANCE
it will offer "I AM AN OCEAN TESTER", immediately followed is a 
whole subroutine, which can run a team RANDOMIZE USR 28749 and 
she will ask you to configure the game to your liking. Having 
found such an unusual phrase, you can try to type them in the 
title page or scoreboard. If all else fails,

and suspicion on this phrase is very large,
you'll have to ask for help from the disassembler to find where 
the program is a reference to this phrase, and after that to 
happen. And it really You can reliably find something 
interesting scanning routines poll keyboard. After a 
redefinition of key survey hotkeys during the game and control 
of the rollover is involved in such routines, and if you find a 
survey of the key, not involved in the game, then surely it is 
CHEAT. I do not include practical examples how the survey looks 
at the keyboard assembly language, since he apply

6.5 way to do this interview. As for programming professionals, 
then All fingers are not enough to

simply just enumerate the methods by which you can control a 
few keystrokes, the entire series or so a single key. Also, I 
hope everyone who is going to own obessmerchivat games, has 
representation about it. There is another feature that can also 
be attributed to subject firm CHEAT, at least in

this article. This applies to codes and
passwords, which give some programs after the passage of certain
stage of the game, such as game levels, and
through which you can then begin to play, skipping already 
completed earlier levels of the game. These codes and passwords 
repeatedly published in the press find them among the most text 
messages are also not difficult, if not coded, of course. In 
Some programs, for example, LORNA, in general, such codes are 
written to the levels explaining: "CLAVE ACCESO FASE 2: LOLI",

"CLAVE ACCESO FASE 3: PLANINGA" etc.
Very often, users complain that
knowing the code, they can not recruit him, -
the keyboard is polled as fast
that is only to touch the first key, as this letter instantly 
filled all the space allocated for a set of

secret word. Sorry, my dear!
but to blame your computer - it does not
"In a corporate" interrogates the keyboard.
Of course, you can tinker and rewrite
procedure of the survey, but if you just want to just see 
what's in the next level and do not let this game for wider 
audience, then I can share with you a secret, as in barbarous 
"to deal with unruly keyboard. Principle control is very simple 
- so if your computer so quickly knocks out an entire row of a 
the same letter, so do not let it necessary, and to help with 
this! To do this again start the monitor, which allows not

also view and edit
memory contents, and change the code. For example, if 
second-tier games LORNA was the access code LOLI, you 
interrupted him, say, 2222. Now, when the program asks you to 
enter a code to load the second level, simply press the button 
2. Obedient machine knocks so twos, as will fit in the allotted

for this position on the screen, then
You can safely click on ENTER and download
the second level. Once again I want to remind
you that distribute software such
rigidly as amended by no means
If you can not, because there are people out
game description or from computer magazine learned access codes 
to the game levels, and enter into them can not because of your 
own, with I may say so, "modernization." AND

One more remark. The access code can
stored in the program twice - in a text message on your screen 
after successfully passed the level, and just very

a - for him and will handle the program for comparison with 
code that you typed. 

 3. The use of published POKES.


   In numerous publications devoted to
ZX SPECTRUM, published long lists of
POKES, had even published a separate book with
POKES for 600 games. However, most of
They have not been tested, many mistakes were made (about this 
warning and publishers themselves), a large number POKES

suitable only for a specific version
games, some even designed
only for insertion through
copyist. Have had to ignore and just reprints of the 
publication in edition with the same errors. And this

more personal, much worse, when some
guys send the log POKES, taken
from other publications or from other people's boot, 
emphasizing the fact that they have their found themselves. In 
tests, it turns out that many of them contain explicit mistakes 
and not even checked. Determine These POKES were found not 
their pseudo-authors is very simple - it's just Obviously, if 
the address of immortality coincides exactly with the 
necessary, and the value that need to put on the cell, does not 
lead to the desired result. For example, for one

of the games have been proposed for the installation of an 
infinite life at Record 32,132 0. Turned out to be the same as 
if to put on this 0 cell, then after the first error game

will give "GAME OVER", because in this
cell actually need to Record the number of
182. It is safe to conclude that this
POKE not only belongs to his imaginary
author, but not even checked. In connection
with all this, the published POKES should be treated with 
caution, especially if you install them harshly. Ideally set in 
POKES Loaders games after downloading long

code block and decompression of the block, that is, before the 
last RANDOMIZE USR. Unfortunately, many hackers publish

their POKES, found in programs that are loaded at any address 
or unopened. By the way, now divorced a lot of different 
packers, which compressed by the long code blocks.

Naturally, POKES, found in a program packed with a compressor, 
not suitable for the program, otkompressirovannoy others. Would 
like very much to all Who is going to release personally found 
addresses of immortality, they pointed to the case when the 
program downloaded to his native place in memory

machines and fully unpacked. Of course, it should be flawless 
POKES, properly working and not giving unwanted side effects. 
And for those who could not find in print POKES for heavy

games or just do not trust them, you can
recommend only one thing - load
disassembler and find those yourself.


      4. Address search of immortality.


   During the period of 1991 to
obessmerchivaniya I had studied about 1000 games, and I try to 
share with your own search techniques and successes in this 
field. So, where do you start? Of course, first you need to run 
the game, make sure of its normal work, little play, paying 
particular attention to such things as: how much extra life is 
given program, as it appears on the screen, as those lives 
taken away and what happens when the limit is exhausted before 
lives end. Then you need to understand

looking into the boot, under which addresses
downloaded program files and how they are run. If you have 
problems with this, we first need to boot Hack and lead the 
entire game to a form that it is easy to download and run from 
the BASIC command RANDOMIZE USR. How this is done, I hope you 
understand At least, this is a topic for another

articles and those articles and entire books have been
a lot. Let no one take offense at me and ripe for hackers is 
that I so much detail "Chew" in their articles, according to 
their standards, sometimes basic things. I just set myself to 
write, so that even those who only yesterday sat at the 
computer, read it, tried it and quietly even

himself crossed the barrier between BASIC and
machine code, because I myself started
master assembler this way,
trying to immortalize recalcitrant toys.
For the first example of best
fits any widespread and at the same time quite difficult
game, for example, STAR BOWLS. As you noticed, the original 
player is given 8 lives that very quickly thereafter decrease. 
Boot from that long code block the game is loaded at address 
26000 and starts at address 34620, starting with pre-unpack

the initial load address. Load
this file (do not forget to install it CLEAR to one less than 
the address load, ie, 25,999) and extract

team RANDOMIZE USR 26000. Now you need to download and run the 
disassembler, but how to do it, because it needs

more than 6 KB of memory, and we have it all busy busy and 
decompressed long blocks of the game? But not all memory 
occupied by native code programs, After all, the game still 
needed a lot of graphics, music, spreadsheets, etc. which we 
now do not need. If it is known that the game starts at address 
34620, we can assume that from this address and following up to 
26000 and is Here is useless to us until the information

therefore, here and load the disassembler. Of course, if you're 
working with a disk, then can be directly through the monitor 
to determine where in the file relevant information, 
pre-writing it in uncompressed form, and absolutely no problems 
with the 128k-machines that allow download without caps and 
explore the code by using a remarkable STELTH STALKER MONITORa. 
Running a disassembler, let's try to find a program the place 
where the specified number of lives. Classically, the number of 
life is placed in the battery and then entered into memory, 
constantly it enshrines. Ask a disassembler to find the

We mnemonic LD A, # 08. He immediately stopped at the address 
47805: 


           47805 LD A, # 08

           47807 LD (48249), A


   Now it becomes clear that the number of lives permanently 
stored in the cell 48249. But what if there is not Record 8, 
and, say, 100 lives? You can restart a long block, erasing the 
memory decompress it (RANDOMIZE USR

26000) and give POKE 47806,100. Now start the game (RANDOMIZE 
USR 34620) and you with your own eyes see that the number of 
lives has increased significantly, however, they became somehow 
not 100, and Only 64 ... The fact that this game

prints the number of lives in
hexadecimal, and if
You will need 255 lives, the screen
instead of the usual number of 255 will be # FF.
Many of the games check the number of lives and
do not print on the screen, if, say,
greater than 9. Game BOSCONIAN, for example, print the number 
of lives in decimal form, but under this number on the screen 
is allocated only two digits, and if you ask her more than 99 
lives, then after the first same collision get GAME OVER. There

Games, which represent the number of lives not by the number 
and the appropriate number of subjects, for example, the number 
of lives in the game ROBOCOP RoboCop to the number of heads at 
the bottom of the screen. Imagine what would happen if you ask 
them more than required? Of course, if the program checks it, 
then cuts off the excess, and if not? Then, in the LAST NINJA 2 
program when printing the number of remaining lives will try to 
build a single file 255 ninja Game MURRAY MOUSE SUPER COP try

place within the screen 255 mice. K
Moreover, even such a huge margin
lives can not always be sufficient for the successful 
completion of the game - for example, I do not confident that 
in twenty-seven levels of the game SPACE HARRIER 2 killed me 
less than 255 times. For all these reasons, this method

problems with the number of lives
just could not find distribution, but he
undesirable. Much more beautiful and safer
work POKES, eliminating the decrease
lives. As usual at a time is taken away only one life, the most
likely, apparently, use the command DEC for this purpose. Let's 
go back back to STAR BOWLS and verify this assumption. As we 
already know, a permanent record of life in this program 
selected memory cell at 48,249. Let's try to find a fragment 
where would appeal went to the memory cell, for example, 
through the battery. Disassembler will issue: 


          46275 LD A, (48249)

          46278 DEC A

          46279 DAA

          46280 LD (48249), A


         To be continued ...
_________________________________________