View Single Post
Old 09 March 2010, 19:15   #355
Going nowhere

Galahad/FLT's Avatar
Join Date: Oct 2001
Location: United Kingdom
Age: 45
Posts: 6,978
Originally Posted by StingRay View Post
Since I decided to create a WHDLoad patch for this very game I just had a look at the protection. And to be honest I found it very easy to crack (took me about 10 minutes including disassembling the exe). Protection has a major flaw (code is not 100% pc relative) which renders all the checks if the code has been modified useless. Also, even though the checks if the code has been tampered with were "disguised" (indirect memory accesses) they were quite easy to find because they all accessed the protection routine in one way or another. And "strange labels" are always suspicious! Which is why I searched where they are used and found the routine which modified the protection check opcode and then of course looked for more (even though it wasn't really necessary as I cracked it without touching the actual protection code). Anyway, if you remember the code of PM3 you should be able to figure out how my crack patch works. And I'm quite sure it's 100%. Here's the code:

patch   move.l  (a7),a0
        add.w   2(a0),a0
        move.l  2(a0),a0
        move.b  (a0),d0
You say that, but be honest. If I hadn't had told you there were sneaky checks in there, would you have really looked for them back in 1994? Bearing in mind 99% of the code is the same as it was in PM3, all the other PM games didn't do anything special either, so I used that to my advantage.

Put it this way, you've cracked it, but its taken 16 years for it to be done successfully........ i'd say the protection did its job
Galahad/FLT is offline  
Page generated in 0.05991 seconds with 10 queries