don't click here

Sonic Mania: Hacking Discussion

Discussion in 'Engineering & Reverse Engineering' started by Chimera, Aug 29, 2017.

  1. RibShark

    RibShark

    Member
    115
    39
    28
    I used IDA and Hex-Rays on the EXE, and it actually produced readable code (I thought Denuvo was meant to protect that, but whatever). There's another option for data file in the Settings.ini, yeah, but a better way to make a modloader in my opinion would be to make the game load them unpacked from a folder. I've managed to get Sonic CD to do that before, so if Denuvo doesn't get in the way it should be fairly easy.
     
  2. Chimera

    Chimera

    I'm not a furry. Tech Member
    1,272
    17
    18
    Castlevania prettyness
    I THOUGHT the game would be able to read from folder! Do you know if "dataFile" is a toggle or a datapath? If it's a datapath then it might not prove to be that useful for us, and since you've already done this with Sonic CD, we should be in the clear either way. However, if it's a toggle, it might be an in-engine method of loading from folders instead of from the datafile. From what it sounds, though, you seem to be saying it's closer to the former.
    EDIT: confirmed it's a string. Loads by setting:

    dataFile="[name].rsdk"

    in the Game section. Like you said, if we can load via folders, this option's pretty much useless to us, so let's hope we can do that. Else, if somehow things go wrong, we have this.

    Honestly, I feel like Tax's implementation of Denuvo was lax at best, simply utilizing it because SEGA said they want it for DRM / antipiracy. I'm pretty sure they exclusively used the always online feature (which honestly is probably still crackable via the "storm.api" exploit...), so you might be in the clear. Best of luck!


    I'll update the front page soon with what we have so far.
     
  3. Turbohog

    Turbohog

    Member
    968
    125
    43
    I believe the "always online" feature was included by mistake - at least that's what Sega is saying right now. I'm confident the DRM will be cracked though.
     
  4. InvisibleUp

    InvisibleUp

    friendly internet ghost Member
    139
    13
    18
    I managed to extract the .rsdk using Retrun-Sonic in Sonic 1 mode. There's a whole bunch of ogg files (using .bin extensions), but I can't make heads or tails of anything else in there.

    EDIT: Oh, wait, Qjimbo beat me to the punch. Trash this please.
     
  5. Frostav

    Frostav

    Member
    657
    225
    43
    I find it quite odd that swapping Tails for Sonic makes him have Tails'...well, tails. Does that mean they're seperate sprites from Tails' own body?

    Also, in that hack video when flying Sonic has the Sonic CD wheel-o'-feet animation, but I don't ever remember seeing that when I played through Mania. When is that used?
     
  6. codenamegamma

    codenamegamma

    Tech Member
    73
    1
    8
    Not sure why he's bothering with sprite swaps, you can force the game to use characters that you're not supposed to.

    Here I started a game with Sonic and Tails and then changed the characters to Tails and Sonic. surprisingly the game doesn't crash. it's very funny seeing sonic use his super peel out sprites for flying.
    [media]https://www.youtube.com/watch?v=CEtkiVMaY6E[/media]

    it also works with if you wanna force Tails into both player slots. the only thing that didn't work when starting up a regular 2 player game is Knuckles forcing him into sonic or tails just crashes the game. however, in & Knuckles mode it might be possible to replace one of the knuckles with any character you want.

    [​IMG]



    I also have done some work figuring out the Sonic Mania Save File Format.

    when I was messing around with other save files from the Taxman series. I found this...only information on it.
    https://forums.sonicretro.org/index.php?showtopic=29552

    surprisingly the save file format stays the same, it just gets modded for each game. like Sonic 1 and 2 on Android.

    On Sonic Mania the big difference is that instead of a 32kb save file, it's not 64kb. so twice the size for what I can tell no reason.

    here is a map I made to illustrate how a Save Game Slot is arranged.

    [​IMG]

    The slot numbers are backwards as well.

    in game, they go from Right to Left 7, 6, 5, 4, 3, 2, 1 instead of like Sonic CD or the Android ports just regular 1, 2 ,3, 4.

    here are some values of interest so I don't lose them and for anyone else who wants to make edits to their savefiles.


    Starting at offset 2546 you will see segments of a pattern. this is where your medal count is stored. 02 is a gold medal, and 01 is a silver medal

    Offset 251C = # of Gold Medals
    Offset 2520 = # of Total Medals.


    in the medal listing above you can change a 01 to a 02 to make it a gold medal but it wont show up in game. it wont be till you complete a bonus stage that that other 2 offsets update and then it will be reflected in game.

    Below the Medal listings is a bunch of 01, that toggle and tell the game if you completed a certain Special Stage. I'm not sure what links to what so id follow the pattern if you plan on filling out the rest of your medals.

    Save Status - 00 is a save file thats NOT in use. and 01 is one that is currently being played. 02 is one that is "Cleared" so you can select any level regardless if you have been there or not. if you do set it to 01, then the save file will care about the Level offset "1460" 00 - Green Hill, 01 - Chem Plant, 04 - Studiopolis Zone and so on.

    Character - Builds are 00 - 04, being Sonic & Tails, Soinc Alone, Tails alone, Knuckles Alone. though i might be wrong about that.

    Emerald count. is binary as explained in the other thread. 0 1 1 1 1 1 1 1 Tells the game what emeralds you have. all of them is 7F and none is 00. if you want to customize you can use windows calculator to come up with a binary equivilant in hex. just make sure its set to Programmer mode and you have it in Binary, then leave the first bit blank. the first bit HAS to be zero. then you can press 1 or 0 to till you get the other 7 you want and under Hex it will say the correct value to edit in.

    The Score Values, are the same as Soinc CD and i assume other games. the 4 bytes you see are reversed so to find that correct value, just go into calculator again and type the bits out, starting with the last and working forward. that will give you the correct value.


    i plan to hopefully write a save game editor soon, but it might take a while, the Sonic CD one i wrote works and i learned a lot so hopefully i can apply it here.
     
  7. jubbalub

    jubbalub

    #1 Sonic Superstars defender Member
    1,072
    1,297
    93
    The peelout is unlockable by collecting medals
     
  8. Frostav

    Frostav

    Member
    657
    225
    43
    Derp. How could I forget. I never used it :v:
     
  9. Blue Spikeball

    Blue Spikeball

    Member
    2,536
    1,072
    93
    Does Sega have any history of opposing mods, though? They're certainly not Nintendo when it comes to fan content. They allowed the aforementioned ROM hacks, and encouraged fangames. And plenty of companies have official mod support for their biggest games.

    Of course. That has always been the norm for Tails in 2d games :v:
     
  10. HyperShadowDC

    HyperShadowDC

    Oldbie
    112
    2
    18
    Denuvo is implemented by denuvo and not the devs. You send them an EXE and they patch it in, there's some things you have to set in the compiler first but nothing terribly special.
     
  11. Modern

    Modern

    what tu hecc is modern! Member
    41
    1
    0
    You can unlock super peel out mode by playing blue spheres
     
  12. Retroman

    Retroman

    Member
    733
    2
    18
    Here's hoping for some discoveries of left over levels that were scrapped during development.
     
  13. Chimera

    Chimera

    I'm not a furry. Tech Member
    1,272
    17
    18
    Castlevania prettyness
    [​IMG]

    oh.


    Updated the first post.
     
  14. codenamegamma

    codenamegamma

    Tech Member
    73
    1
    8
    Gotta go fast on the special stages?

    this was a real pain to find the value for. especially since most of the ones in special stages aren't static values. but boy is it fun to play with!

    [media]https://www.youtube.com/watch?v=4hgMCKYAlp8&feature=youtu.be[/media]
     
  15. Devon

    Devon

    La mer va embrassé moi et délivré moi lakay. Tech Member
    1,423
    1,740
    93
    your mom
    Mania spoilers, maybe.
    I dug through the main EXE file, and I saw that there were raw filenames in there. So far, I've tested 379 files (out of the over 1000...) and the majority of them did seem to match well with the hashes in the Data.rsdk file (a couple names didn't match any of the hashes, but that could be due to my own stupidity :P).

    I noticed some pretty interesting things. Like a SFX file called "OuttaHere.wav", a sprites folder called "SBZ", Press Garden is referred to as "PSZ" instead of "PGZ", references to red and yellow chemicals in CPZ.
     
  16. Yusuke

    Yusuke

    That Random Lurker Member
    35
    4
    8
    Oh!
    Scrap Brain Zone? That'd have been neat, but a lot of it's elements seem to have been added to Metallic Madness anyhow.

    Very interesting finds so far! Keep up the great work.
     
  17. WhoWhatWhenWhale

    WhoWhatWhenWhale

    Member
    5
    0
    1
    Has anyone found out where the Super Flight is triggered in the true final boss? I would think that it might be able to be triggered in the same place that Sonic's other abilities are, but considering that it is only used for one specific level, it might be triggered by a separate flag?
     
  18. My interest in hacking Mania so far is in terms of cheating. I've been using several cheating tools and I've already found some useful ways to cheat in the game.

    0AB9A82C = Amount of Blue Spheres left address. Change the value to 1 and get a Blue Sphere to instantly win and get the medal.
    00A4D644 = Amount of Rings you have address. Change the value to anything, e.g. 50 to always have 50 Rings.
    0A0695AC = Amount of Rings/Time in the Special Stage address. Change the value to 99 to always have 99 Rings/Time left in the Special Stage. Makes them VERY easy. :D

    Right now I'm trying to hunt down the address(es) for the amount of Chaos Emeralds. Also going to try to find the address(es) for the underwater countdown before drowning.
     
  19. redhotsonic

    redhotsonic

    Also known as RHS Tech Member
    1,587
    10
    18
    United Kingdom
    YouTuber

    I did the same thing, here's a twitter link with video footage of it in action in case people are curious.

    https://twitter.com/redhotsonic_RHS/status/902675168857874432

    The way I got the game like this is by accessing the dev menu during the ending cutscene. It stayed like this throughout anything else I went on until I quit the game.


    EDIT:

    Are they though? The vinyl will only contain the newest songs (Press Garden, Titanic Monarch, etc). Remixes (Chemical Plant, Metallic Madness, etc) won't be part of the OST.
     
  20. Azu

    Azu

    I must be stupid. Member
    If you're using cheat engine, the adress will be random every time you boot up the game.