Under the Microscope: MechWarrior 2: 31st Century Combat

2026-05-04Bo Bayles0 Comments

CategoriesBo Bayles' Hacks & Cheats

The cheat sites have had codes listed for MechWarrior 2: 31st Century Combat since the Clinton administration. But do they have everything?

I spent an unreasonable amount of time with Ghidra over the weekend to decipher how the game’s passcode system works. After reading about linear-feedback shift registers and the SH-2 instruction set’s rotate commands for several hours, I managed to find two cheats that have stayed hidden for the last 29 years:

  • One enables a compass on the HUD.
  • Another gives you infinite Jump Jets.

Details are below…

The reverse engineering

On the password screen, you’re meant to enter 10 symbols from this set:

<>YAOX#/+4U=LZT*

The password screen

Because there are sixteen symbols, each can be represented as a single hex digit.

The game splits the password you enter into two groups. The first has the initial eight symbols; the second has the final two. Each group’s hex digits are combined in reverse order to produce an integer value:

A sample mapping from password symbols to group integers

The first integer value encodes data. The second is a checksum target. The game uses this linear-feedback shift register algorithm on the first integer and then checks to see if the result matches the second integer:

def calculate_checksum(data):
    ret = (data >> 24) & 0xff
    for i in range(0x17, -1, -1):
        if (ret & 0x80):
            ret ^= 0xa1
        y = (ret << 1) & 0xff
        z = (data >> i) & 1
        ret = y | z
    return ret & 0xff

Why LFSR? I think the reason is that it can be implemented in a couple dozen lines of machine code. The devs just wanted to make sure you couldn’t button mash your way into the last level; they weren’t protecting nuclear secrets.

If the values match, the first group’s integer is “decrypted” by XOR-ing it with the magic constant 0x01234567 and subtracting 1.

Bits are then extracted from the decrypted value:

  • 4 bits are used as a “type” after shifting the value right by 17 bits.
  • 5 bits are used as an “index” after shifting the value right by 26 bits.
  • Other bits are used to encode your controller settings, difficulty level, last completed stage, etc.

If the “type” value is 0xA, then the “index” value is used to set a bit in the “cheats” field (otherwise, it’s used for calculating stage progress). The 0th bit enables invincibility, the 1st bit enables extra weapons, and so on – there’s a full table of cheat effects below. By reversing the game’s decoding process, we can construct new passwords with arbitrary effects.

The new cheat effects

GameFAQs has 10 cheat effects in its list, but I found two that don’t seem to have been discovered yet. The first enables an onscreen compass: TYXO/AXYT>

The compass is shown on the HUD

The second gives you unlimited Jump Jets: TXXO/AZ>+X

Using a Jump Jet doesn’t decrease your total

After you enter these passwords, the input field resets. So you can enter both of them for use in a single session.

All of the cheat effects

Here is a complete set of cheat passwords:

These work on both console versions of the game. I generated them with this script.

Outro

Check back next week, when another Saturn game will go under the microscope. If you like retro game reverse engineering, my Substack blog covers Dreamcast games and more.

Topics
About the author

Bo Bayles

Rings of Saturn: 32bits.substack.com
More Posts (97)

Be the first to comment

Leave a comment

Your email address will not be published.


*