Phobia
Imageworks 1989
Required items
1)
Phobia (1989)(Image
Works)[2225]
2)
An Amiga or WinUAE
(I’m using WinUAE)
3)
Action Replay III or Rom Image.
Alternatively Beermon, Thrill Kill or Cartmon.
4)
Pencil and paper
5)
Blanks, if you use a real amiga.
Given that this game was cracked over
twenty years ago and the cracks/SPS originals are readily available on the
Internet, we are not doing a disservice to anyone by analyzing the code. This is for educational purposes only and
at your own risk and volition.
Make a copy of the disk using X-Copy to see
what we are facing.
Looks like a one track protection. Boot the copy and it just goes to a game
over screen
Read the bootblock
to see if it does anything special.
It’s a Rob Northen.
Disassemble to see that it doesn’t do much. Directory the disk.
Look at the startup-sequence to see what
loaded.
Load phobia.prg into memory.
Search for 48 7a which is a PEA command and
start of the Rob Northen code.
This is the start of the Rob Northen. Given
that it’s not an encrypted bootblock version, it must
be the file version. This means that it will eventually return to unencrypted
code and scrolling down to find this point. This happens
at 464A4.
The Rob Northen
key looks to be 7670CF6B due to the compare at 464BA. The standard way to modify this would be
to assemble a patch
This way whenever the check it called it
will return the correct values in D0 and 24.
Save the change back to disk and boot.
Loading picture loaded on the copy before.
The game loads and plays for both 1 and 2
players.
Excellent explanation of a copylock patch. This helped me on my current project actually. Thanks for a great tut.
Nope, actually never played the game. I’am pretty sure it will work just fine. It was just to put your attention to A6, in this type of copylock. Keep the tutorials comming, its nice.
The RNC key is stored there, as well as D0 and 24. Have you played past the first level? This game is very hard even with infinite lives.
Have a look at the beginning of the copylock, instruction “LEA xxxxx,(PC),A6”. Take note of the contens of that address before and after the Copylock has run. Notice anything interesting ? 🙂