SNES code injection

The hacker pulling off SNES glitches that only machines were supposed to do

We’re at a time when artificial intelligence is not only mimicking human behavior but surpassing it. The common story now is one of a previously human-exclusive activity—usually labor or a sport—being performed better by a machine programmed to perfect it. That’s why it might feel like we’re on the verge of everything tipping into the robots’ favor: the many technological warnings of science-fiction coming true (Skynet in 1984’s The Terminator, etc). Perhaps this is why Seth Bling does what he does. He’s something of a videogame engineer and hacker who, among other things, specializes in completing tasks that only machines were thought capable of doing.

he can alter the game while playing it

A year ago, he became the first human to pull off the “Credits Warp” in Super Mario World (1990) on a SNES console—”a glitch which plays the end credits without actually defeating Bowser.” What’s remarkable about this glitch is that it involves rewriting the game’s code from inside the game itself. By putting certain objects within pixel-precise locations inside a level, Bling is able to write binary code into parts of the RAM. What this means is he can alter the game while playing it, without any of the tools usually required to do so, as if he had direct access to the lines of code that form the game (and he kinda does). You don’t really need to understand why this is possible or how exactly it works (although there is a technical breakdown here), just know that it can be done.

It’s this discovery, originally made by Jeffw356, that set the pace for another exploit in Super Mario World that Bling pulled off on March 27th. This time, he altered the system RAM so that Super Mario World ran the code for the 2014 mobile game hit Flappy Bird. As Bling explains in the video, this has been done before by feeding pre-recorded controller inputs into the game through a computer, but he has now done it without that assistance, becoming the first human to ever do it on an unmodded SNES console.

To pull it off, Bling had to use a series of glitches to manually inject 331 bytes of processor instructions, which corresponded to the Flappy Bird source code. This involved having to line Mario up to 331 precise co-ordinates inside the game world that corresponded to memory locations. All of these co-ordinates had to be spot on otherwise the game would crash or Bling would have to restart that section of code over. All of this was made possible after months of work, a lot of it done by SNES hacker p4plus2, who wrote the assembly code that basically made it all possible. And it all came to fruition a couple of days ago; a human using a complicated set of glitches to inject a game inside of another one.

You can get the full explanation of how this SNES code injection works in these public documents or you can watch the full video for a showcase of it in action.