Reverse engineering a GameBoy Advance game — Complete Guide

Leia isso em português aqui! 🇧🇷
¡Léelo en español aquí! 🇪🇸

All posts translated by Benjamin Stauffer and me 💙

I’m always trying to come up with personal projects; they’re basically a great way to get some distraction and to study something different from what we normally do on a day-to-day basis. Last year, I put a lot of love on a compiler project, and this year couldn’t be any different: my research was focused on finding something cool to code and to study that required understanding the fundamentals of some area of Computer Science — and that could evolve to an exciting project to work on.
After spending a few weeks like rolling stones, never able to find something that kept me focused for more than few days, I found a challenge that really caught up my attention: create a level editor for Klonoa, a famous Gameboy Advance game — that is, work on a ROM hacking project!

Within the next posts, I will dive deep in my research so that I get more people to also study reverse engineering and other fascinating topics. The posts will be written both in Portuguese and in English, in order to reach as many people as possible.

If you want to stay on the loop for the project development, you can check its source code, which is being written in JS and React, here: https://github.com/macabeus/klo-gba.js

But, first, let’s do some overview work ~~

Talks

Are you the type that prefers to watch instead of read?
No problem! My friend and I gave a lecture at three conferences about this project. Of course, in a talk the content is much more condensed, because we have less time, so these posts are much more detailed — but these talks bring a far more interactive approach to unraveling the challenges of reverse engineering.

Talk at DEFCON Furs 2021, online 🌎
Since this conference is geared towards security, this talk is focused on the reverse engineering process. Slides.
(there is a brief audio problem, fixed at ~2:00)

Talk at The Conf 2019, in Brazil 🇧🇷
Since this conference has a general audience, half of this talk is about reverse engineering, and the other half is about the front-end. Slides

Talk at BalCCon 2k19, in Serbia 🇷🇸
The same case of DEFCON Furs 2021: this conference is geared towards security, so the talk is focused on the reverse engineering process. Slides

What the hell is Klonoa?

"Klonoa Empire of Dreams" Teaser

It’s a 2D platform game, a bit more puzzle-oriented.
It’s got plenty of levels and the mechanic complexity increases as you go through the levels in a really addicting way. But the levels are finite… And the fact that I am really addicted to the game brought me the question: What if we could create our very own levels?

Several features make this game suitable for this challenge: it’s 2D and it’s got a tile-based map, some considerably simple mechanics, and runs in an old and popular video game console.
Reverse engineering and a level editing are quite complex, but still achievable! So let’s go!

> What is a tile-based map?
Easy peasy: it’s a game map that consists of a collection of small pieces. Each piece (tile) usually appears several times and is internally represented by a unique ID.
If you watch the video above, you can easily identify a mesh in the foreground, from which there are repeating pieces, thus forming the game map.

This is a pretty common way to design a 2D game.

Gameboy Advance

It’s a portable game console launched back in 2001. It was very popular at its time and, just like every single game console that’s become popular, there’s a lot of people interested in learning more about how it works internally, which resulted in tons of research and documentation on how its architecture works, how to create your own game, tools to help reverse engineering and projects related to the most popular games, such as Pokemon — for which you can find level editors, like Advance Map.

However, since Klonoa is not as popular as Pokemon, there’s no research focused on how it works and no related tooling. But we can take advantage of the entire existing ecosystem to create our own tool based on GBA manuals and debuggers!

Our Tools

On the left side, no$gba. On the right side, IDA.

We’ll be using two tools: No$GBA mostly for dynamic analysis (analyze the game while it is running), and IDA for static analysis (analyze it while it is not).

no$gba is a very good tool to do dynamic analysis, providing you everything integrated into one place. As it’s strictly focused on GBA, it has very specific features, such as visualizing the background/tilemap, graphic memory viewers, etc. This makes everything way easier. However, for a more general debugging process, it’s very limited if compared to IDA, which has excellent features for static analysis, such as graph view and the extraction of certain region of the memory to a separate file — which will be crucial when we get to extract the level of the ROM.

JavaScript

The project is a webapp written in JS and React.

I really like webapps because, by just accessing a URL, the user has the product out-of-the-box. I didn’t want to force a user to download an app just to create some levels for a game, so I decided that the tool was web.

I picked JS because it is the language that runs in a browser I am most experienced with. React was chosen because I really like the idea of thinking of your front-end as isolated components, each with a set of states.

We’ll talk more about the front-end in the last posts in this series.

All set? Start!

At the end of these blog posts, you'll learn everything about how this magic application was developed

Given this brief overview, in the next few chapters I will explain my progress in each step of the project so that together we can create a level editor for Klonoa! Let’s jump on that?

Next post: Let’s Stretch the Bridge!

--

--

--

https://twitter.com/bmacabeus

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

LocalHackDay: Build, a journey

Applying Clean Architecture to Ruby on Rails: Green Fields

Maximize Business Performance with Risk Management Software

Raspberry 4 development environment

Connecting Drupal Smart Content to a Marketing API

Dataflow CI/CD with Github actions

Build. Part 2: Incremental Reproducibility.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bruno Macabeus

Bruno Macabeus

https://twitter.com/bmacabeus

More from Medium

RSA DONE FAST AND DIRTY

Top 5 IDE For Javascript Development You Should Know

Strictly Alternating List

for(… in …) v/s for(… of ..)