It’s never going to be “impossible” but it just varies from being very difficult* to very easy.

The biggest thing that affects this is how much of the code we are able to see in a format that is easily to read.

It’s the difference between code that looks like:

“If the user pressed A then jump”

and”16AF45CE12GAFFAA32″

In the first example, it’s pretty obvious what you need to change if I wanted to jump when you pressed “B”.

But what would you change in the second example?

​

*By very difficult I mean it can take *decades* of someone going over the code to figure it out how to change it.

It’s based on how the games store information.

You can think of all saved data as either memory or storage.

Anything in storage like save files is put there and saved. If you close the game and open it again, that data will still be there. It’s kind of like a filing cabinet.

Anything in memory is stuff that the game is actively holding and looking at. If you shut down the game, what is stored on the memory is trashed.

What allows code injection in games like Mario World and Paper Mario is basically how the games handle their memory and what they do store. The more complex a game, the more complex the storage of its memory is. In a game like God of War, you have this super complex world and so trying to save anything in memory could be hundreds of lines of code. Meanwhile in games like Super Mario, the storage of where a powerup was picked up is as simple as an x,y coordinate and a data tag for the powerup.

For a real world way to think about it. Imagine trying to explain to your friend where a coin is in a messy house. You would have to explain many different things to them in order for them to find the coin. Meanwhile, if the coin was in a blank room, telling them where it is would be very simple. Inerting code is just a bunch of those very simple directions that can be read as something else when put together.

Sethbling explains it about as well as can be: https://m.youtube.com/watch?v=hB6eY73sLV0

But the tldr is:

– Games often contain programming errors.
– Sometimes these errors make it possible to control contents of memory.
– And sometimes the errors make it possible to tell the console to execute the contents of some memory you control the contents of.
– The previous two things together let you corrupt the program in a controlled way, so it runs YOUR code instead of the regular code. This is a lot like a security exploit used to attack a computer, but used in a fun rather than malicious way.

In Sethbling’s case, those pixel-perfect object locations get turned into a list of numbers in memory. Those numbers are later (mis)interpreted as code. Seth worked with an assembly programmer who had studied the game’s code to determine what numbers needed to be in memory to corrupt the game to behave like flappy bird. Then they came up with a complex way to force the game to store those numbers in memory using only regular game controller inputs (which is a difficult and unusual way to manipulate memory), and later on to execute the contents of that memory as machine code (which is also stored as numbers).

When you enter the numbers, the game thinks they’re x-coordinates where objects are stored. Later on when you execute them, it thinks the numbers are code that shipped with the game. Obviously you have to confuse the f*ck out of the game to make this happen, but if the game has the right bugs in it, it’s possible if you work hard enough and study the game code closely enough. This takes a ludicrous amount of work. People have spent thousands of hours studying the code for the games Sethbling has hacked. In cases where people don’t know how to insert custom code, it’s because they haven’t studied the game enough to find the needed bugs, or to figure out how to use the bugs in a controlled way just using regular game inputs.