View Single Post
Old 09 March 2010, 18:43   #354
move.l #$c0ff33,throat

StingRay's Avatar
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 6,041
Originally Posted by Galahad/FLT View Post
Premier Manager 3 Deluxe is also not 100%, none of the checksums were removed from that either.
Originally Posted by Galahad/FLT View Post
Nope, but I'd be interested to see if some on here could do it 100%
Since I decided to create a WHDLoad patch for this very game I just had a look at the protection. And to be honest I found it very easy to crack (took me about 10 minutes including disassembling the exe). Protection has a major flaw (code is not 100% pc relative) which renders all the checks if the code has been modified useless. Also, even though the checks if the code has been tampered with were "disguised" (indirect memory accesses) they were quite easy to find because they all accessed the protection routine in one way or another. And "strange labels" are always suspicious! Which is why I searched where they are used and found the routine which modified the protection check opcode and then of course looked for more (even though it wasn't really necessary as I cracked it without touching the actual protection code). Anyway, if you remember the code of PM3 you should be able to figure out how my crack patch works. And I'm quite sure it's 100%. Here's the code:

patch   move.l  (a7),a0
        add.w   2(a0),a0
        move.l  2(a0),a0
        move.b  (a0),d0
StingRay is offline  
Page generated in 0.03900 seconds with 10 queries