|
SUPER WONDERBOY IN MONSTER LAND (1989 ACTIVISION) our first task is to see what type of protection this game |
|
so what this tells us is that this game is not MFM protected |
|
after a while you will have some values 6 to be exact
lets take a look at the first one at address D118, but lets start from the nearest 0 so type D D100 ;press enter a few times to scroll down, ah this is interesting it looks liek the start of the copylock notice the PEA and ILLEGAL ect… ok take note of this address D100, so lets scroll down some more, hmm all we see is alot of encrypted code but dont let it put you off carry on scrolling down eventualy you will come across some recognisable code |
|
this must be the end of the copylock look at line 00D644,
CMP.L #8488FFC4,D0 ;what this is telling the computer to do is check D0 for value 8488FFC4, BEQ 0000D65C : and if it is equal then continue to load the game,so it jumps to address D65C JSR 0000D01C ; if not then lock the game in a loop …… so address D65C is the point we want so take note ,lets go back to the start of the copylock at D100 type A D100 ;assemble code then type BRA D65C ;press enter twice |
|
so we tell the game to skip the copylock routine and just BRANCH
straight to the END (the part of the code that continues to load the game, ok now exit with X ;then enter wait a few moments and you should see this |
|
ok so lets put this change on disk, reboot hit action
reply on the back screen then type this M D100 ;hit return then ESC then type M D65C ;hit return then ESC, and you will end up with this |
|
these digits will help us find the code on the disk, now lets
read the disk into memory type RT 50 28 010000 after a while the job will be done so lets search for some of these digits, type F 2F 0E 4D FA you will end up with 2 points d100 and 2F900 its not D100 cos that the memory location we used so must be 2F900, ok write this down now lets search for the second type, F 20 5F 4e 75 00 00, we end up with 2 more and once again only interested in the last one 2FE5C |
|
right so armed with all these address points lets start shooting
,boom bang bang boom ..oopps got carried away there sorry ,so lets change these points type A 2f900 ;then hit return, then type BRA 2FE5C ;then hit return twice, thats it code changed ,lets put it back on disk , type, WT 50 28 10000 once done reboot and try it out |
|
right now this is cracked lets add a small trainer ,so |
|
once this is done fix the bootchecksum by typing this, bootchk
40000 then write it back to disk, WT 0 01 040000 reboot and if you hold down the left mouse button while it boots untill the black screen appears then the screen should flash to tell you trainer activated press right mouse button to continue to load the game ,if you dont press either button the game will load with no trainer as normal Enjoy Musashi 9 / Cybfrog |
Publication author
