Page Index Toggle Pages: [1] 2  Send TopicPrint
 25 Stormtrooper crack (Read 6819 times)
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Stormtrooper crack
08.01.08 at 15:28:19
Print Post  
Hi all,
There was a game called Stormtrooper (I still have the original) that ended up on AU121 cracked, filed, packed by Andy Arfling.
I tried to crack this sucker years ago when I was just starting out but it always defeated me  Embarrassed.  Do any of you guys have any tuts or advice on how to beat this protection?  It was a Bootsector loader that trashed the system/keyboard etc, then loaded sectors - if memory serves me right.
I hacked loads of ST game, the last one being Chaos Engine (Rob Northen). Also did BAAL, now that one was a tricky little beggar to file.
I could provide a Pasti'd STX of the game soon when I get my kit set up if that would help?
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #1 - 08.01.08 at 15:32:20
Print Post  
Welcome!

I haven't personally looked into this (I'm new here Wink), but I'd suggest you get a pasti and the debug version of steem. It has a marvellous debugger (you can set breakpoints just about anywhere, as well as memory watches Smiley). Master that and I think you'll be able to figure it out yourself. If you get frustrated you can attach the pasti and we can all have a shot at it.
  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #2 - 08.01.08 at 19:19:15
Print Post  
Hi,

Just had a quick look.

The bootsector disables all interrupts and copies itself to $a.w!!
Way way low down in memory!

The BS uses it's own DMA loader (obviously gemdos can't be used!)
it clears until Ramtop then loads sectors to $17d22 then copies to $200.

As I said I've only had a brief look. I guess Andy would have dis-assembled the BS to
a file then moved on from there.

Quite low and nasty code for an old game Wink

If you want the Pasti let me know.

Shw
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #3 - 08.01.08 at 20:31:52
Print Post  
Thanks for the Pasti image. Smiley
Yes, I seem to remember it did a nasty trick low down in memory and relocation - time to fire up the debug version of steem and see what i can do until i get my den sorted out with my ST set up.
This may take some time - the brain has gone a bit rusty regarding ST addresses etc.
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #4 - 08.01.08 at 20:42:46
Print Post  
KrazyK wrote on 08.01.08 at 20:31:52:
This may take some time - the brain has gone a bit rusty regarding ST addresses etc.


Don't worry, 68000 is like riding a bicycle! (although I'm 100% sure I can't ride a bicycle at all now Wink)
  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #5 - 08.01.08 at 20:45:10
Print Post  
I'm busy coding a demo at the moment, but let me know if you get stuck

or drop on

#atariscne (IRCNET)  - most D-Bug members frequent this channel.


Shw
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #6 - 09.01.08 at 23:28:02
Print Post  
Ok,
I'm a bit stuck here with this one - it's a bit nasty.
I've let the bootsector decrypt itself and let it load the first 6 tracks to $17d22.  Easy peasy bit
That data is then relocated (also is partially decrypted) down to $200.  I've got that block saved as a 38k file for future use.
All system is trashed here (Toxic Monst does help though)
Code runs at $200, all traps, vbl, trace / kbd vector / timers are then screwed around with and custom ones setup as more sectors are loaded.
If you manage to get past that and still have a working system then please let me know.
I would ideally like to find where the sector loader is kept.
I did manage to load more tracks but then the system got trashed again from somewhere else.
I've unpacked Andy Arfling (Au121) 1 meg file crack and can't work out what he did with it to stop it loading sectors.!  Embarrassed
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #7 - 10.01.08 at 13:41:02
Print Post  
KrazyK wrote on 09.01.08 at 23:28:02:
Ok,
I'm a bit stuck here with this one - it's a bit nasty.
I've let the bootsector decrypt itself and let it load the first 6 tracks to $17d22.  Easy peasy bit
That data is then relocated (also is partially decrypted) down to $200.  I've got that block saved as a 38k file for future use.
All system is trashed here (Toxic Monst does help though)
Code runs at $200, all traps, vbl, trace / kbd vector / timers are then screwed around with and custom ones setup as more sectors are loaded.
If you manage to get past that and still have a working system then please let me know.
I would ideally like to find where the sector loader is kept.
I did manage to load more tracks but then the system got trashed again from somewhere else.


Tell you what - download the DEBUG version of steem engine, open up the boiler room, set a breakpoint to $200, and start tracing from that. Don't use a software debugger, as steem's one is quite powerful for what you need. Except if you really want to do it with toxic...

KrazyK wrote on 09.01.08 at 23:28:02:
I've unpacked Andy Arfling (Au121) 1 meg file crack and can't work out what he did with it to stop it loading sectors.!  Embarrassed


Well, I guess Andy only kept the code that mattered for his version Smiley
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #8 - 18.01.08 at 10:22:52
Print Post  
Hehe, 20 years after buying the original game and I'm slowly getting there with cracking and filing this game.  Knocked out the protection checks and have written a file loader.  It may even work on  half meg if I can find a little code cave to stick my routine in to make it work in 512k.  Smiley   Still trying to do a trainer for it but can't spend much time on it atm.
Watch this space.  Wink
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #9 - 18.01.08 at 12:25:59
Print Post  
KrazyK wrote on 18.01.08 at 10:22:52:
Hehe, 20 years after buying the original game and I'm slowly getting there with cracking and filing this game.  Knocked out the protection checks and have written a file loader.  It may even work on  half meg if I can find a little code cave to stick my routine in to make it work in 512k.  Smiley   Still trying to do a trainer for it but can't spend much time on it atm.
Watch this space.  Wink


Glad to hear you're progressing Smiley What did you use in the end?
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #10 - 18.01.08 at 13:15:23
Print Post  
Well, The Boiler Room is indeed a fantastic tool (first time i've used it) along with usual tools:Monst2+ and EZ Rider.  I know the Stormtrooper code quite intimately now, especially around $7818, $7a00 where the sector loader is.
One problem I have found is that I now can't get Monst to run from the boot sector like I used to.  Steem just bombs out and resets.  Any ideas why?
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #11 - 18.01.08 at 13:25:09
Print Post  
KrazyK wrote on 18.01.08 at 13:15:23:
Any ideas why?


Does this work from normal steem? Maybe it's a mem issue?
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #12 - 18.01.08 at 14:59:12
Print Post  
Monst2 and Toxic works perfectly from the desktop and Auto folder in Steem but not being bootsector loaded  Cry  Tried the toxic makeboot.tos that came with Toxic too - program loads then resets.
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #13 - 18.01.08 at 15:07:48
Print Post  
Well if something bombs, then steem debug should halt operation, is this your case?

Other than that I'm sure that Shw uses toxic mon, maybe he can assist further.
  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #14 - 18.01.08 at 17:33:08
Print Post  
I'm sure I had this problem ages ago. But normally I use Toxic on a real ST. I remember reading a thread recently that said there's no one using Monst when Steem Debug is so powerful..... well I still use Monst(Toxic) so there!!

Tip. Load makeboot into monst, trace through, you'll see a part saying sub #$18000  what this does is make toxic load at ramtop minus $18000 bytes (this happens when you press right shift on boot).  Try changing this to a higher value e.g. $80000 or something. Then execute makeboot.

Shw

If this doesn't work I'll investigate.
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #15 - 19.01.08 at 22:32:28
Print Post  
No joy here.  Tried various different values.  Looks like i'll be sticking to debug steem instead.
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #16 - 04.02.08 at 09:56:47
Print Post  
It's done ! Wink
Stormtrooper is finally cracked, filed, packed AND trained  Shocked  (optional infinite lives, ammo and level start),
I'll post it along with the cracking source soon.
It's only taken 20 years since I first bought the game but, hey,  we live and learn.
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #17 - 04.02.08 at 10:39:02
Print Post  
KrazyK wrote on 04.02.08 at 09:56:47:
It's done ! Wink
Stormtrooper is finally cracked, filed, packed AND trained  Shocked  (optional infinite lives, ammo and level start),
I'll post it along with the cracking source soon.
It's only taken 20 years since I first bought the game but, hey,  we live and learn.


Excellent mate! I knew you could do it, since you could handle Baal and all Wink

Feel free to post any files and/or tutorials or anything you fancy Smiley
« Last Edit: 04.02.08 at 10:40:38 by ggn »  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #18 - 04.02.08 at 12:27:13
Print Post  
Well in KrazyKato...

Did you end up using Steem Debug or hardcore Toxic?! Smiley

Shw
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #19 - 05.02.08 at 10:17:48
Print Post  
I ended up mostly using Steem Debug.  I started using Toxic but decided it was far faster with Steem.  I even fixed my crack of Baal to work under Steem by using it.  Will also post that soon.
  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #20 - 05.02.08 at 11:04:15
Print Post  
I still like the 'feel' of Toxic. But you need a real ST to use it to the full.

Steem debug is really useful, however it does have the odd annoyance  for example jumping to MFP time routines whilst tracing and it's failure to stop on breakpoints when conditions are met, eg a4=$23400.

Good work with Baal btw, I remember the protection was quite tough. Dunno why it was never on an Automation menu.

Shw
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #21 - 05.02.08 at 11:28:04
Print Post  
Shw wrote on 05.02.08 at 11:04:15:
Good work with Baal btw, I remember the protection was quite tough. Dunno why it was never on an Automation menu.


Checked menu 49 lately?
  
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #22 - 05.02.08 at 15:47:31
Print Post  
Pooh!
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #23 - 05.02.08 at 18:04:53
Print Post  
Shw wrote on 05.02.08 at 15:47:31:
Pooh!


If you want I can wave my moderator's stick and send these last 3 or 4 posts to oblivion in a 1984-esque manner Tongue
  
Back to top
 
IP Logged
 
CJ
D-Bug member
Reboot Member
*****
Offline


D-Bug Founder

Posts: 1205
Location: State of Confusion
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #24 - 05.02.08 at 18:06:52
Print Post  
But only a complete mug would fall for a cheap trick like that.
  

"With only one button, even drooling fucktards like Kizza can play our game!"
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #25 - 12.02.08 at 15:20:45
Print Post  
At last.......

Here's the Stormtrooper cracked, filed and trained game (msa) hopefully.  Code to follow in next post.

« Last Edit: 12.02.08 at 16:06:41 by KrazyK »  

Strooper.zip ( 308 KB | Downloads )
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #26 - 12.02.08 at 15:21:59
Print Post  
...and here's the crack, file, trainer, menu code.
It's been a long, long time since I touched 68k and an ST so be gentle with me ok.  Wink
  

Stormtrooper_Code.zip ( 110 KB | Downloads )
Back to top
 
IP Logged
 
Shw
D-Bug member
*****
Offline


D-Bug member

Posts: 367
Location: Kingston Upon Hull
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #27 - 12.02.08 at 17:11:17
Print Post  
Great work and interesting read Smiley

Maybe we should document how we crack stuff now and again.

Good also to see someone else in the 'noughties' still cracking and FILING Wink

Shw
  
Back to top
 
IP Logged
 
ggn
D-Bug member
Reboot Member
*****
Offline


D-Bug debugger

Posts: 1465
Location: Somewhere in Greece
Joined: 22.02.07
Gender: Male
Re: Stormtrooper crack
Reply #28 - 12.02.08 at 20:43:41
Print Post  
...and NOT taking other people's cracks and re-applying them to a pasti, to make shoddy cracks seem like a bad copy Tongue
  
Back to top
 
IP Logged
 
KrazyK
RoMzkiddiEz
*
Offline


Oh BUGger

Posts: 16
Location: UK
Joined: 08.01.08
Gender: Male
Re: Stormtrooper crack
Reply #29 - 12.02.08 at 22:54:43
Print Post  
Thanks guys, I also fixed my mega-trained version of Baal to run on Steem too. . . Wink
  

BAAL_FIXED.zip ( 346 KB | Downloads )
Back to top
 
IP Logged
 
Page Index Toggle Pages: [1] 2 
Send TopicPrint
 
  « Board Index ‹ Board  ^Top