Most memorable hack/crack.

You can discus menu disks by all those classic ST hack & pack teams. If you have questions, requests or remarks about hackers, packers, screens or just menu disks in general, this is the place to be!

Moderators: Mug UK, bodkinz, Moderator Team

User avatar
bodkinz
Moderator
Moderator
Posts: 790
Joined: Fri Jul 02, 2004 8:32 pm
Location: London

Postby bodkinz » Tue Aug 10, 2004 12:18 am

I can totally understand no one wanting to admit cracking a game by people who used to be crackers themselves..

Bodkinz
someone post something, i'm bored :)

ijor
Hardware Guru
Hardware Guru
Posts: 3100
Joined: Sat May 29, 2004 7:52 pm
Contact:

Postby ijor » Tue Aug 10, 2004 1:49 am

Zippy wrote:
Steem Authors wrote:it has already caused an address error by trying to write to address $19 before it gets there. Can you remember if it did anything unusal before getting to the FDC code?


Oh yeah, it definitely did loads of very, very unusual stuff... all sorts of redirected exceptions + trace stuff with code running in page 0 right over the exception vectors.

If it's hitting an address error ...


I found the problem. Considering Zippy's description, I checked this game, just in case it was an FDC emulation problem. In partly it is, but there is a second issue as well.

The “address error” ringed a bell to me. Russ, do you remember the first bug I reported to you? Well, it’s very similar to that. I’m emailing you the details.

After “fixing” this issue manually with Steem’s debugger, the game loads ok. But it still doesn’t run correctly with “plain” Steem. You have to use my tools. Then you can actually play the game. So it seems that there is a disk timing issue as well.

Zippy, I sent you a PM (private message). Could you please check it?

Ijor

User avatar
Steem Authors
Steem Developer
Steem Developer
Posts: 540
Joined: Tue Apr 30, 2002 10:34 pm
Location: UK
Contact:

Postby Steem Authors » Tue Aug 17, 2004 9:14 pm

Great, this will work on the next version of Steem thanks to ijor. I can't figure out just how the 68000 does what this game requires it to, but I'll be able to fix it at least.

Russ

User avatar
Cyrano Jones
Atari Super Hero
Atari Super Hero
Posts: 662
Joined: Wed May 28, 2003 8:28 pm

Postby Cyrano Jones » Tue Aug 17, 2004 9:28 pm

ruthless wrote:Correct, nobody wanted to take credit coz it was TLB.

I still believe it was BBC/MEDWAY

Who knows, would be nice for someone to step forwars and claim responsibilty.

At least we know it wasnt Zippy ;)


It was actually TCB. And it wasnt the BBC either, cos I've got the Empire version.

Maybe putting a "Cracked by The Empire" on the bootloader is a hint at who did it? Do you think? Perhaps?

User avatar
bodkinz
Moderator
Moderator
Posts: 790
Joined: Fri Jul 02, 2004 8:32 pm
Location: London

Postby bodkinz » Tue Aug 17, 2004 9:52 pm

yeah i got the empire version too... but who knows to be sure ;)

bodkinz
someone post something, i'm bored :)

User avatar
ruthless
Atari freak
Atari freak
Posts: 65
Joined: Fri Jul 30, 2004 4:30 pm
Location: south wales

Postby ruthless » Tue Aug 17, 2004 10:08 pm

Cyrano Jones wrote:
ruthless wrote:Correct, nobody wanted to take credit coz it was TLB.

I still believe it was BBC/MEDWAY

Who knows, would be nice for someone to step forwars and claim responsibilty.

At least we know it wasnt Zippy ;)


It was actually TCB. And it wasnt the BBC either, cos I've got the Empire version.

Maybe putting a "Cracked by The Empire" on the bootloader is a hint at who did it? Do you think? Perhaps?



No doubt you are correct, your memory is obviously more accurate than mine, thanks ever so much for clearing that up for us CJ.

Maybe next time i se you around we can discuss the Magic Middlefinger ?? ;)

User avatar
bodkinz
Moderator
Moderator
Posts: 790
Joined: Fri Jul 02, 2004 8:32 pm
Location: London

Postby bodkinz » Tue Aug 17, 2004 10:16 pm

True.. who knows... maybe empire were credited on purpose???

bodkinz
someone post something, i'm bored :)

User avatar
zelda
Atariator
Atariator
Posts: 22
Joined: Sun Nov 28, 2004 10:12 pm
Location: UK

just curious

Postby zelda » Mon May 23, 2005 8:55 pm

just curious, how many working versions of b.a.t was there?

User avatar
ggn
Atari God
Atari God
Posts: 1132
Joined: Sat Dec 28, 2002 4:49 pm

Postby ggn » Fri May 27, 2005 11:33 am

Now here's something I remembered the other day. Probably my only crack! I swear it is true :)

So I got hold the Replicants version of Electronic Arts' "The Immortal". Nice gfx and scenario, but really awful coding. I think it was done in a kind of scripting language.

Anyway I kind of liked the game and managed to pass level one (after quite a few tries :)). Then A protection came up: Enter code, blablabla... So I started entering numbers, thinking it won't matter anyway.

Wrong. Trying to enter again a code froze the game. Oh, dear, they forgot to remove the protection :(

As I had some time to spare, I started toying around with Bugaboo. Loading the program from the auto folder I saw that they hooked on trap 1 (depacker) and then they loaded the main file at a fixed address. "Ok", I said and went along.

Now, my idea is that I should play the game until the password protection appears, let it hang, then freeze (pressing left + right shift) or reset the machine, and see where the PC is (yes, Bugaboo can do this without breaking sweat).

So IIRC the game froze, I pressed shift+shift, and there I was back in Bugaboo. Now, I think I scrolled up a few lines and saw what I thought was the offensive code to remove. But then an idea came to me:

"Oh man, I'm bored resetting the machine and loading it up again (rememeber that to this day I have only 1 floppy on my ste, no hdd or anything). Let me re-set the pc at the load address and run it, it should hopefully run again and stop at my break point".

Well, the game ran, I passed level 1, I entered a passcode, and instead of the game stopping (bringing me back to Bugaboo) or freezing altogether, it started loading level 2!!!!!!! I originally thought that I entered a correct password (what are the odds against THAT? ;))

Then I cold started the machine and tried again the same thing: load it, let it hang, shift+shift back to bugaboo, set the pc to the start address ($20000?) and run it again. The game loaded and played ok! So in the end I just saved the binary prg back to disk, replaced the original, and there it was, my custom cracked version of the Immortal!!!! My explaination is that the scripting language, in its attempt to check the password, sets some flag that assumes that the correct password is entered that thought would be safe to do, BUT it didn't count on my idea to reset the PC!!!!

Now, I wasn't so naive as to think that it's THAT easy to crack games, it was a 1 in a million chance for this (probably even higher!), but there you are!

I swear it's 100% true, I did that, I was just extremely lucky. I just wish I had played the lottery that day.... 8)

George
is 73 Falcon patched atari games enough ? ^^

User avatar
Marcer
Atarilegend
Atarilegend
Posts: 4123
Joined: Wed Mar 10, 2004 6:21 pm
Location: sweden
Contact:

Postby Marcer » Fri May 27, 2005 4:16 pm

ggn,

That reminds me of my first Serial hack..
also kind of lottery..

to find out the serial number of this software I used an old key.. and find it little funny.. in serial key. it was just Ascii Code-2Step.

it was just needed the Ascii Setup to make a new serials :D

// Marcer
- Atari ST/FM/E - Mega sTe - Portfolio - Falcon 030 FX 3 in 1 -- Atari 7800/Lynx/Jaguar -
- FTP... Ask for info
- Atari Legend (Games all-a-round)
- Paradize (Chip Music)
- Elite (Atari Softs)
- The Legion (Demos)
- Alive Maggie Team
_/|\_YM-RockerZ_/|\_

User avatar
karlm
Atari Super Hero
Atari Super Hero
Posts: 713
Joined: Thu Nov 13, 2003 4:09 am
Location: Top of the World - Australia

Postby karlm » Fri Jun 03, 2005 4:41 am

never cracked anything on the Atari, only fixed Dark Forces on the PC. That protection was soooo crap. Serial check, so I loaded it up with a hex editor, and there were all the serials.
So then I decided, I'll fill all the texts in with space ($20) instead of the real texts ... and then...

all you had to do was click on the authenticate button and it all worked!


But on the ST I guess my most memorable one was Alien's F29 Retaliator Hack ... 7 disks into one booter was surely a good accomplishment.

cheers

karlm

User avatar
illegal
Atari Forever
Posts: 55
Joined: Sat Dec 06, 2003 12:53 pm

most memorable crack

Postby illegal » Fri Jun 03, 2005 7:02 pm

i have 3 opinions about it, depending on how i consider it

the first crack that impressed me was 42crew's purple saturn day crack
all crackers were stucked on this protection. it made weeks and weeks to be released and cracked by 42crew. That's the reason why i consider 42crew the best cracking crew when they were active.
It is interesting to mention that purple saturn day had one of the most subtile and innovative protection i knew

there are also the dragon's lair series : hard to crack because of the disk format, the reading routines and the awful code! maxi from the replicants was very good for cracking them

Sweek protection is very horrible. I only knew a 1040ST crack, i tried it : a nightmare. It was very hard

And of course, thanks to rob northern we had the first protection using the 68k trace mode $24, and as there has been many rob northern computing protection releases, it has impressed me also when it was relased

But one of the nicest were from demos.

Let's mention the one of the big demo from tex with move.w #$4e71,(a0+) on the next instruction, that exploited a nice 68k behaviour (we called it the 68k pipe bug)

And the one from the cuddly demos that used $24 and also the screen counter to decode the next instruction. The weakness of the protection was that TCB put nops at the end of the trace routine, probalbly to get the hashcodes to encrypt the code, so we could use it to get the decoding walues in memory and finallly decode the whole TCB code. But this was very very nice ! i think it could have been really harder to crack if TCB used a trace routine such as the decoding eor.l used a register to decode.
when trying to get the hashcodes, for instance eor.l d0,(a6)+ - a6 never used in the code - that would have been tranformed to eor.l d0,(a0)+, a0 with the next pc instruction offset. With this artifice, they would not have needed to put nops at the end of their trace routine, and so, it would have been difficult... !

greetz to you all

User avatar
illegal
Atari Forever
Posts: 55
Joined: Sat Dec 06, 2003 12:53 pm

i forgot

Postby illegal » Fri Jun 03, 2005 7:10 pm

i forgot to mention the silmarils games, that were hard to debug and crack, DOM was a specialist of it, maybe the only one able to crack the silmarils games at this period

User avatar
ggn
Atari God
Atari God
Posts: 1132
Joined: Sat Dec 28, 2002 4:49 pm

Postby ggn » Sat Jun 04, 2005 8:26 am

Now that you mentioned Silmarils games.... I know I have posted a similar topic a couple of years back: Does anybody have and could post/mail me a 100% working version of Metal Mutant? All the versions I've tried (including Amiga versions :)) crash after a certain point (when you get underground, red colours, fires, etc).

I've tried a version on Automation, one by Replicants.. perhaps a few more.

Can anybody help?

George
is 73 Falcon patched atari games enough ? ^^

ecureuil
Atari maniac
Atari maniac
Posts: 94
Joined: Sat Jul 17, 2004 3:19 pm

Postby ecureuil » Sat Jun 04, 2005 8:31 am

I have a little idea... Someone will be interested by the creation of st cracking sites like http://www.flashtro.com cracking section?

Cheers

User avatar
lotek_style
Mod(ul)erator
Mod(ul)erator
Posts: 2367
Joined: Sat May 11, 2002 2:39 pm
Location: germany
Contact:

Postby lotek_style » Sat Jun 04, 2005 10:34 am

an ST CRACKTRO project would be indeed very nice... I thought about starting this a while ago and also collected a handfull of cracktros but time and motivation were gone and so I stopped.
lotek style / the sirius cybernetics corporation
- musician - ascii-artist - swapper - archivist -

.tSCc. - low-tech atari cyberpunks since 1990
http://www.tscc.de/ | http://demozoo.org/ | http://www.lotekstyle.de/ | http://ymrockerz.atari.org/

User avatar
Marcer
Atarilegend
Atarilegend
Posts: 4123
Joined: Wed Mar 10, 2004 6:21 pm
Location: sweden
Contact:

Postby Marcer » Sat Jun 04, 2005 11:47 am

I can surely help on this project. Since i collect all different cracks i can find atm!

I have around 3600 files in my collection so far.. (keep in mind.. some games are upto 7+ files. )

// Marcer
- Atari ST/FM/E - Mega sTe - Portfolio - Falcon 030 FX 3 in 1 -- Atari 7800/Lynx/Jaguar -
- FTP... Ask for info
- Atari Legend (Games all-a-round)
- Paradize (Chip Music)
- Elite (Atari Softs)
- The Legion (Demos)
- Alive Maggie Team
_/|\_YM-RockerZ_/|\_

User avatar
alexh
Fuji Shaped Bastard
Fuji Shaped Bastard
Posts: 2581
Joined: Wed Oct 20, 2004 1:52 pm
Location: UK - Oxford
Contact:

Postby alexh » Mon Jun 06, 2005 4:55 pm

The most memorable crack for me was the Automation Crack of Dungeon Master. My mates ST was an STe and it didnt work on the STe unless you held down the number key as the intro was loading... and even then the colours went nuts etc. for a bit.

There may have been a v2 but I never had it.

ijor
Hardware Guru
Hardware Guru
Posts: 3100
Joined: Sat May 29, 2004 7:52 pm
Contact:

Re: most memorable crack

Postby ijor » Tue Jun 07, 2005 5:35 pm

Hi illegal,

illegal wrote:It is interesting to mention that purple saturn day had one of the most subtile and innovative protection i knew


Could you elaborate a bit about what was innovative in that protection?

Let's mention the one of the big demo from tex with move.w #$4e71,(a0+) on the next instruction, that exploited a nice 68k behaviour (we called it the 68k pipe bug)


You mean the general prefetch behavior of all (most) "move" instructions? Or exactly that variant has something special?

And the one from the cuddly demos that used $24 and also the screen counter to decode the next instruction.


A nightmare for emulators, at least for Steem. One of those has, combined, the timing of a "DIVS" instruction.

One thing I found quite interesting is running code at the hardware. CJ mentioned he coded a small routine running at the SHIFTER palette. I saw a protection running code (well, just one instruction) at the PSG !

User avatar
illegal
Atari Forever
Posts: 55
Joined: Sat Dec 06, 2003 12:53 pm

about purple saturn day

Postby illegal » Sat Jun 11, 2005 10:25 am

ijor, the innovative stuff with psd was that portion of the code of the protection was so weird it looked like data, instead of usual code. So often everybody "stopped" to debug at this point, just because they thought it was badly decoded

instead of it, the code was executable, it looked liked :
0ri.b #1,d0
eor.w #$A742,(A7)+ (that decoded one of the next instruction)
0ri.w #$BFD,d1
dc.w #$E7EF (illegal instruction was trapped and jumped on another part of code
etc...
trash data...
other part of code :
(still weird code)

when psd went out, it took some weeks to be cracked, because it supposed that the one who goes through the protection has a complete understanding and knowledge of the 68k, at this time, not much people had this skill, it was the early years of the atari

best regards

AtariZoll
Fuji Shaped Bastard
Fuji Shaped Bastard
Posts: 2813
Joined: Mon Feb 20, 2012 4:42 pm
Contact:

Re: Most memorable hack/crack.

Postby AtariZoll » Thu Jun 05, 2014 9:49 am

This is pretty old thread, and I'm here because DrCoolZic linked this in his Atari copy protection article.
In golden Atari times I cracked only originals, what I bought, and only for myself. Hardest was Voyager with Rob Norten protection. But it was for sure not so hard case.
Now, when we have Steem Debugger and lot of STX images available, things are much easier with cracking. As hardest I remember Wrath of the Demon. Copy protection self was not big deal, but there was lot of diverse checksums at almost every level. And final level had complete different protection and checksum.
Additionally, it was probably hardest case of finding how game counts down players health - it was done without numeric value - just used graphic presentation of it. Here need to mention that many checksums will not make problems with usual floppy cracks, as no need to change many things in code. But if you make hard disk adapt, then more code is changed. Trainers and keyboard hooks may harm checksums too.

And: what is good copy protection , so hard to copy may be easy for crack , and versus. Often good copy protection is not well protected against crackers.
Negative feedback has usually positive effect.


Social Media

     

Return to “Menu Disks”

Who is online

Users browsing this forum: No registered users and 2 guests