Banshee ? AGA

Hits: 5395

Remove Copylock using ARIV

More
Tags
Author: rob
Submitted by: Rob
Date: 2004-07-24 12:25
No tags

Banshee ? AGA
From
CORE Design.

You will need following:

1. Original game ? find on romshare.com
2. An Amgia 1200 with HD or WINUAE
3. Action Replay A1200 ? by Black Hawk- get on romshare.com
4. Pencil and paper
5. 1 blank disk
6. Pro-Pack v2.08 ? find on amiga-stuff.com
7. X-Copy or some similar program

Now we should be set up for some fun. Start with making a copy of the game. You will see, that there is a fault
On disk 1 but the other disks seems to be OK.


Install game to HD and run it. It will ask for disk 1. insert COPY of disk 1 and press fire. A moment after you should see a screen like this:

There might be two reasons for this:
1. You are on drugs
2. A copylock routine have kicked in



Ok.. lets assume its reason # 2. Find the file called ?bans.exe?, it?s on disk1 or where you installed the game. Copy
it to a blank disk. Find your copy of propack and copy this to the disk too. At the DOS prompt write this:
DF0: ; press enter
Propack u a df0:bans.exe ; press enter

This will decrunch bans.exe to bans.rnc. This operation takes a while when you use a diskdrive. This operation can of course be done from harddisk, but to keep it simple we use DF0: in our example.
Now its time to fire up your copy AR IV by Black Hawk.


Simple insert the disk containing AR, and execute the main file, like this:
DF0:AR_IV_CHIPMEM; hit enter
After a while this screen occurs:

The screen disappear and you are back to AMIGADOS. Ok, insert your disk containing propack and the bans files.
Ohh forgot.. this software Action Replay DO NOT like 68060 CPU?s!!!, so disable your accelerator (if you have one) BEFORE running this software.

Hit your RIGHT mouse ? button, a screen like this appear:

Hmmmm Action Replay??
Now its time to load our decrunched file into memory. Write this: ?lm bans.rnc,30000?, this will load bans.rnc
into memory, starting at address 30000.
See pic below:

Ok, the file is located in area 30000 ? 55B28, take note of this. Now what will we do now?. Arhhh
what we always do of course, lets look for signs of a copylock routine


Type this: ?F 48 7A,30000?; find HEX code 48 7A, starting at address 30000.

This should result in something like the picture above. We are interested in address 50E54, this is probably
start of the copylock, so disassemble this with ?D 50E54?
See pic below:


Yes, see the ?PEA? + ?ILLEGAL? followed by another ?PEA?, this is for certain a copylock.. Take note of address
50E54. Now we shall find the end of this little cutie. So disassemble address 50E54 and hold down enter until you see something like this:


The copylock ends at line 51702 and the fun starts at line 51704. Line 51704 moves magic number (D0) into address
A6A, this is probably for some later checks. Line 5170A check if magic number is correct, magic number is apparently
both located I D0 and A3. You should write this down for later use. Line 51710 branches to line 5172E, IF magic
number is correct and the game will continue to load. Line 51714 ? 5172C, these lines will fill your screen with pink colour, if magic number is incorrect.
Now we will make a patch, that will insert magic number in D0+A3 and branch to end of copylock. Patch will be placed at the start of the copylock. Like this:

50E54; MOVE.L #CF3EED9B,D0; MOVE MAGIC NUMBER IN D0
50E5A; MOVE.L D0,(A3); MOVE. MAGIC NUMBER INTO A3
50E5C; BRA.W 51704 BRANCH TO END OF COPYLOCK


I know what you are thinking? HOLY CRAP all that work for so little? Yeah that?s right and we are not even
finished yet. Nobody promised you that this would be easy, right??

Okely Dokely, lets save our file back to disk, its time to use those numbers you have written down, right?
Write: ?SM BANS.EX_,30000 55B28? and hit enter This will save memory location 30000-55B28 to
disk, in a file called ?bans.ex_?. Delete the file called ?bans.rnc?, to do this write: ?DEL BANS.RNC? and hit enter.
See pic:

Now its time to pack our new file, but before we do this, you MUST quit WINUAE and renter or TURN your AMIGA
Off. The reason is, that this software AR is reset proof and can cause strange things to happen, so do this!!

I assume you are back in AMIGA DOS. Insert your disk containing ProPack and the ?bans? files.
In DOS write this:
DF0: ; hit enter
Propack p a df0:bans.ex_ ;hit enter

If you are using WINUAE, I suggest you to take a nap, make a cup of tea or take a bath. This operation is best
done on a REAL AMIGA with accelerator.
When its finished you should have a file on disk in DF0:, called ?BANS.RNC?, copy this to your HD, where
the game is located, and rename it to ?BANS.EXE?, overwriting the old file.
And now.. all your hard work will pay off? Insert COPY of disk1 and start the game. That?s right, it works!
I haven?t been playtesting this one very well, but hey.. I think its ok, else let me know!!

I know this was a heavy one? So next time I?ll find something light for you.
Enjoy this nice game.
This crack is naturally dedicated to sweet sweet Victoria.
Rob.


?

Powered by the best online Amiga mod player: FLOD


Some more you may like:
Paradox - Banshee

Comments

Leave a Comment!

Name:
: Use this calculator
Your comment will be available for editing for 10 minutes
2004-07-24 13:06
Avatar

1. cybfrog writes

:o
who are you Rob ?
an old cracker ?
good job... thanx
reply