View Single Post
Old 09 March 2010, 18:43   #354
StingRay
move.l #$c0ff33,throat

StingRay's Avatar
 
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 5,535
Quote:
Originally Posted by Galahad/FLT View Post
Premier Manager 3 Deluxe is also not 100%, none of the checksums were removed from that either.
Quote:
Originally Posted by Galahad/FLT View Post
Nope, but I'd be interested to see if some on here could do it 100%
Since I decided to create a WHDLoad patch for this very game I just had a look at the protection. And to be honest I found it very easy to crack (took me about 10 minutes including disassembling the exe). Protection has a major flaw (code is not 100% pc relative) which renders all the checks if the code has been modified useless. Also, even though the checks if the code has been tampered with were "disguised" (indirect memory accesses) they were quite easy to find because they all accessed the protection routine in one way or another. And "strange labels" are always suspicious! Which is why I searched where they are used and found the routine which modified the protection check opcode and then of course looked for more (even though it wasn't really necessary as I cracked it without touching the actual protection code). Anyway, if you remember the code of PM3 you should be able to figure out how my crack patch works. And I'm quite sure it's 100%. Here's the code:

Code:
patch   move.l  (a7),a0
        add.w   2(a0),a0
        move.l  2(a0),a0
        move.b  (a0),d0
        rts
StingRay is offline  
 
Page generated in 0.07740 seconds with 9 queries