+Zane Whitney Yep

"You are already a soprano"

ima try this

+Just a youtube commenter ROFLMAO You freaking win

Randomly poking at someone's brain and suddenly they're Einstein.

reminds me to that súper mario land 2 bug

@@witchymaoki5165 what bug?

@@NomeCreativo by clipping out of bounds mario can reach areas of RAM corresponding to the game states, edit them with his feet and cause the game to enter the credits state (after entering a level)

this is why TAS is such a cracked gamer

Killed your 666 likes, sorry.

yes

+artman40 seth bling actually made a video injecting code for flappy bird in smw

I wonder, if this was actually done in-real-time, done with fingers actually pressing buttons, maybe it would theoretically set the surrounding air on fire and break everything.

+DeRockProject & the Attack of the Really Long Channel Name it was done by hand the very first time

game4life12 but not in real time.

toasterman3000 THE FACTS

101th liker

@@islilyyagirl woow i am 300th and now

that's a game idiot

And Mario 3

your explanation is not completely correct, they did not discover ace on smb1, it does not have the capabilities to allow ace in the first place

more like 65c816 assembly

You sound very knowledgeable... how does this all work, exactly?

As I said in my post, this is all very complicated, but in layman terms, his moves are like lines of codes, which he writes in the memory of the consoles in a specific place/order. Then, he forces the game to execute the first line of code which leads to the other ones, making a program.

RemX405 Yeah, I heard that the specifics of the actions pre-total control are him shifting bits in memory around with the weird-looking double-fruit-eating antics and whatnot. The last pre-total control action shifted the final bits around to completely break the game - inputs after that proceeded to act as arbitrary code, resulting in him being able to program Pong and Snake in.

​@@flyforce16 Assembly/machine code explanation: We write code in various programming languages that we can read. However, the CPU cannot read what we write directly. It has to be translated into machine code, which the CPU can read. The most basic 'programming language' is Assembly, which is actually just a more readable version of machine code. Some examples of Assembly instructions are MOV, [move from here to somewhere else], ADD [add two values together], and JMP [start executing somewhere else]. Every instruction corresponds to a specific value in machine code. For example, we can give MOV a value of 0 and ADD a value of 1, so that when the CPU comes across a 0, it knows it should move something, and when it comes across a 1, it should add two values instead. How ACE (Arbitrary Code Execution) works: When programs are written, the machine code generated is very specific and fragile. If one instruction or value is out of place, the entire program can come crashing down. So that's why extra care is taken to make the code as solid as possible, and that is also why higher-level programming languages are used, so that we don't have to deal with machine code. However, everything in a computer is bytes. Textures, sounds, levels, and machine code are all the same. The only difference is how they're interpreted. The CPU is never supposed to execute an image as if it were machine code, and vice versa. But, if we carefully set up Super Mario World in a very specific way, we can set up a JMP instruction to go somewhere it isn't supposed to. Now, instead of interpreting an image as an image, we instead start executing it's bytes as if it were machine code. If we set up the game to start executing the information of the objects in the level as machine code specifically, then we can move those objects to very precise positions, and when we do the ACE glitch, those positions are executed as machine code. How the games are constructed: We can execute a few instructions, but not Snake and Pong. Those object positions allow us to form a program that will read the controller's input and write them to memory, one after another. Since the controller's input is also read as bytes, we can input any sequence of instructions we want. Now we have the full system within our grasp, we can do whatever we want. We can make Pong, Snake, Flappy Bird (which SethBling has done in a real-time run with a different setup), and literally anything else.

And *that* code can be used to open the game up to more code being injected into it, such as with the "jailbreak" that Sethbling made a few videos about.

They did twitch chat in pokemon or something

@@knuti27 that's something completely different

@@skapaloka222 They did something similar for Pokémon Yellow though, where they play Zelda and other games.

@@Oscar97o yea that one was amazing

***** sethbling did this with one controller one a real console! kzbin.info/www/bejne/Z2XaonV3arZkr8U

+Silas Reel no that is credits warp

It's more of "beating up" the game

@@franciscop.3279 yep. Into a pulp. And then fashioning into something else.

xdxdxdxdxdxd

Matta's Account It’s called a JOKE.

Matta's Account Yes That's the joke

@@mattasaccount1663 fucking idiot

@@kiaydemir you're the fucking idiot he was joking dumbass

That isn't possible. This exists because of an exploit specific to this game.

That would be another level of "It Runs Doom!"

Optimus6128 That is exactly what I was thinking.

CoatlessEskimo9 I thought someone found a code execution glitch for Yoshi's Island, but if not, OK. I was just saying Yoshi's Island because it's one of only two games that uses the Super FX 2 Chip that was used to make the SNES port of Doom, the other one being said port.

MrCrazyToad Wait. I'll look it up.

Can't wait for the G.E.C.K.

brb doing

Someone HAS to program Sonic Mania into Super Mario World.

Bitch please I turned it into Halo 6 and that game isn't even out yet.

Brendan Harward not funny at all..

was pretty funny to me

He originally wanted to program super mario bros 3 into it and TAS that but he found out that there wasn't enough memory to do this.

7mario6 Yeah you're right. Sometimes my brain likes to switch things around for no reason... :/

Or maybe GTA V in SMW in SMW

+Alter Kühlschrank smw on smw on smw on windows virtual machine on windows virtual machine on a mac

+Ego Probably not

& Knuckles

@@ego9939 smw on smw on smw on virtual console on wii emulator on windows virtual machine on windows virtual machine on a Mac

Ryan S. He basically figured out how to code in Assembly and have the game run it using only controller inputs/glitches. Insane.

Deathbrewer Not really insane, code injections via interfaces are nothing new :p

+Shadowriver Well, using control input and sprites positions to create pong using a Mario game is really insane

TLuigi003 Well i heard about varius code injection methods, so this does not shock me. What is interesting that it come out of speedrun community, which are more interested in result of code rether then code inside reason why it's happening.

ethanwdp Price Ok mr programmer "How does somebody CODING PONG INTO SUPER MARIO WORLD using a controller with SIX BUTTONS on TWENTY YEAR OLD HARDWARE by TAKING ADVANTAGE OF THE INNER WORKINGS OF THE GAME not surprise you? In theory you can inject anything in to memory once you know where is "rabbit hole", it is one of basics of hacking and aspecially cracking and there a lot of of methods that use that. "TWENTY YEAR OLD HARDWARE" makes this a lot easier, because back then CPU and it's code as result was way more simplistic and written in assebler where you care more about making things to work then careing about security, thats why old games are more glitchy then modern games where simple bugs in game are more ambrasing for programer. "Who sat down to play Super Mario World, and then thought "What if I use arbitrary code execution to play snake and pong?" I think you have 0 idea what console hacking community do on daily basis if you saying something like that. "He had to carefully plan out this run, and then actually completes it. Do you know how fucking INSANE this is? This guy did this on real fucking hardware. He wrote code by jumping on sprites in a very specific order." He does not use 100% physics, i remind you he used scripted speedrun bot (which is whole point of his project?) and you can see button indicators go wild when his hack result started which i assume was actual moment of code injection. I assume in first stage he use memoery states to build simple code that create the access point for actual injection, if he was to inject the program of this size it with that method it would probably take a lot longer. I also think he studied memoery states and actual SMW code to predict this behavior, making this out of random is near to impossible and besides you need to write that albitery game first right? Indeed it is a lot of work but it's not shock to me, for me it's not insane, for me it something that i could see being possible via methods he used, i seen and read about a hell a lot more things, so this does not supprice me. "It's so mind bogglingly complex that I don't see how you just scoff and say "pfft, I've seen code injections via interfaces.", while COMPLETELY IGNORING THE FACT HE DID THIS ON FRACKING SUPER MARIO WORLD." If this is "mind bogglingly complex" for you, i'm assume you are higher language programmer, like those guys who come to UE4 forums and cry about lack of C# support and and say that it's a future of software development and say how C++ is full of shit and super hard, then came here and say how this is "mind bogglingly complex" and how they are mind blowned. Once you know deeper about software and hardware, the foundations of it, is not "mind bogglingly complex", but something you could see happen with some effort put in to it, which i don't deny. And again SMW is not first software with holes that let you inject code, PSP-3000 hacking was all about it because if you flash firmware in it bricks it the console, so code injection to memory was only valid method. "You can't even piece together a sentence. Could you stop tipping your god damn fedora and appreciate something for once?" 1. Sorry i'm not native english speaker 2. I don't deny his hard work on this project, i'm just saying it is very natural to understand this once you got some knowlage.

YAY I WISH IT WAS A REAL LANGUAGE...exept this looks much harder than c# :(

Gaming Dudester Real talk, i'd rather stab myself with a fork than try to program anything in SMW XD

+Gaming Dudester its just writing processor instructions, not that hard XD

Robert Stafford Yeah but it's writing processor instructions using fucking Super Mario World, dude... That's batshit!

Winston Payne yeh.

definetly more broken than OoT ;D

Vetras Fckyougooglplus I'm pretty sure there's an arbitrary code exploit for OoT somewhere.

We will use it to gain access to the 4th dimension

@@keiyakins YOU PREDICTED THE FUTURE!

@@keiyakins bruh nice guess

He programmed a game by playing a game... basically.

+SayFuzzyPickles it's not purely showing off, it's part of the setup with some funny things to complement.

The first part of this was doing the first part of the hack, where with some glitches with stunning blocks/yousi/grabbing (don't know exactly, it's beyond my mind) they altered some sprites in memory and even added sprites with invalid IDs, that somehow jumped into another code becase of how the SNES hardware works. Now this first series of glitches would make preety painful, maybe impossible to write the games they did. But using this explot, they jump in another piece of the code having to do with the input, so now after that it's much faster to send bytes of code and execute, I guess every frame of the TAS your input sends a byte or so, although they use some multitap thing I don't know what it is, for more controllers to send more data per frame, and that would be on their TAS tools at home. But now there is the live TAS to prove theoritically it would work on real SNES, you must be flash to be able to play that much, so of course they use that kinda of robot accessory I don't know what it does, somewhere I read they might have hooked a Raspberry PI in it (that would I guess send the precalced succesion of input, timed with the game refresh), so they can show it on an actual SNES in realtime and not as a preprocessed TAS movie. Nothing is showing off, it's just so many levels of hackery, I am not sure I have grapsed everything.

He's actually spawning tiles in a specific order to manipulate a table in memory to write code that will allow him to use inputs to write the code instead. At the end he glitches the game into executing the table he manipulated allowing him to write the code and then a part of the code executed it when all of the code was done.

All the steps are needed because the setup is really complicated, and it also depends of the POSITIONS in the sprite's table : for example if you need a sprite in the 7th position, you need to manipulate ennemies in order to have exactly 6 sprites before spawning the one you need (and then carrying it across the level, of course) A *french* KZbin show has explained this TAS : /watch?v=dcbdhDqBx_g&t=26m14s The end of the video contains an awful quantity of glitches. For example in order to spawn a (pink) inexistant sprite, he hurt Mario while making Yoshi hold two objects at the same time! Then this pink sprite who in spawns another unknown sprite... Then this new sprite allow to create the Total Control Glitch by making the game read the list of loaded-on-screen sprites as executable code (so you need an half-dozen perfectly ordered sprites to have the good code!). And this glitched executable code ask to the game... to read controllers input as executable code! In other words, the TAS creator can now execute all the code he wants because, by definition, controller inputs allow a player to make any input ^^

after 193812782382220912610126191102028920110100298292696901289292379201 years in development we hope its been worth the wait, thanks and protect your wallets this summer -gaben

I did this the other day using Super Mario World++ but all I got was a card game

ok which one of yall fucked it up

It didn't work, here's the error code. Exception in thread "main" java.lang.ArithmeticException: / by zero

@Hawk Deal with it.

Or just play it online

What?

Nah, Unity is better

Nice programming reference.

NOOOOOO Super mario world is the second best tool for making videogames, the best one is Game maker. 100% true.

Nice. ...

wut?

IIRC it's an off-by-one bug in an array - there's some exact location in the where if you hit it just right it looks up a struct like: sprite_array[SPRITE_ARRAY_SIZE] (i.e. one over the limit) That struct contains function pointers, which (as they're never initialized as a valid struct would have been) jump to a specific location in the memory storing the game's state. All the movements before that move are setting up that memory location to act as shellcode which will allow arbitrary executable data to be entered via the gamepad. I assume that 1:40 is the executable code for the three mini-games being loaded into memory. I can't find the reference now, but IIRC the bug in the game was discovered by someone who had written an optimisation algorithm to try and attempt to (automatically) run the perfect speed-run of mario. Their fastest technique found the bug and inserted shellcode to set the level as completed. The origional paper is worth reading if you can find it - it's got some interesting ideas in it about trying to optimise games like this based on short recordings of real users IIRC.

Tim Wintle Couldn't find the paper, but there's a little more explanation here: minimaxir.com/2013/03/127-yoshis-in-slot-6/

Very cool..

Really? I constantly get spaghetti code in Scratch when trying to make a space shooter!

Tux Mux simplest not easiest

That might be my favorite part of the whole video.

4k's been around for a while. It's just nobody wants to spend $500-1000 on a monitor just to use it. It's basically the new 1080p. 4k TVs are also in the $5k+ range MINIMUM. Shit's expensive.

bagelhunt yeah, so youre going to buy all that shit to watch 16 bit Mario videos? theres a time and a PLACE for everything, and this is NOT the place for a 4K monitor

Pretty sure it's for the lolz in this case, guys.

Bram Swarr I'm not saying get 4k to watch this video, I'm saying it's nothing to freak out about.

No, it's a glitch to get a game of pong, snake, and the end with a blue smiley face

Yes I know

Which is the same as weed, not cocaine

+Sendy Lie (Lv.? Freelancer) Shrooms. Lots of fucking shrooms.

+TheMighty Pikachu You ruined her/his joke...

Yup

Not as glitchy as Sonic 06 or Donkey Kong 64 though....

This is the only game in the world that can be glitched so hard it becomes other games.

B = B button Y = Y button s = select S = Start u,d,l,r = up, down, left, right A = A button X = X button L = the L button, on top of the controller R = the R button on top of the controller numbers 0 to 3 = no idea

It would be easier to repack the original ROM inside the Wii VC, and replace it with custom software made to exploit a WiiVC bug (wich had to be discovered first!). Of course, that's just my guess.

nacho The wii is utterly broken (edit: as in opened up) for homebrew, so anything would be easier than doing this. But this is not about easy.