The Glitch Apple Disk Collection

home *** CD-ROM | disk | FTP | other *** search

/ The Glitch Apple Disk Collection / 2014.glitch.apple.collection.zip / indexed / CRACK84.DSK / NW.MATHMAZE 1.txt < prev next >

Wrap

Text File | 2014-09-09 | 4KB | 51 lines

MSG LEFT BY: RESET VECTOR DATE POSTED: SUN APR 15 11:14:13 PM WELL, APPLE BANDIT, WHO IS CERTAINLY A MORE TALENTED CRACKER THAN I, HAS HEATED UP THIS COMPETITION WITH HIS ABOVE CRACKING TUTORIALS. SO HERE IS ANOTHER TUTORIAL FROM ->RESET VECTOR! IN A SIMILAR FASHION TO APPLE BANDIT, I AM GOING TO DESCRIBE THE PROCEDURE USED TO CRACK A PARTICULAR PROGRAM - IN THIS CASE AN EDUCATIONAL GAME FROM DESIGNWARE CALLED MATHMAZE. ALTHOUGH THE PROGRAM ITSELF MAY NOT BE OF ANY GREAT INTEREST, SOME OF THE TECHNIQUES USED HERE WILL HAVE MORE GENERAL APPLICATION. IN PARTICULAR, THE METHODS USED TO MOVE THE VTOC AND FIND/MARK FREE SECTORS ARE OFTEN CONFUSING TO BEGINNERS AND THIS EXPLANATION AND STEP BY STEP PROCEDURE MAY PROBE HELPFUL. MATHMAZE IS ONE OF A LARGE NUMBER OF PROTECTED PROGRAMS THAT IS NORMALLY FORMATTED AND CAN BE COPIED WITH COPYA, BUT THE COPY WILL NOT BOOT. HOWEVER, IF YOU BOOT WITH THE ORIGINAL, YOU CAN THEN PUT IN A COPYA COPY AND THE GAME WILL RUN JUST FINE. SO THE TRICK HERE IS TO GET THE BOOT OUT AS A FILE AND THEN FIT IT ON THE DISK WITH THE DATA PARTS OF THE ORIGINAL DISK. NOW, THE FOLLOWING DISCUSSION ASSUMES THAT YOU HAVE A FEW CRACKING TOOLS. YOU NEED A WAY TO RESET INTO THE MONITOR (SEE APPLE BANDIT'S DISCUSSION ABOVE) PLUS YOU NEED A WAY TO SAVE PAGES 00 THROUGH 07 (UP TO $800). FOR THIS PURPOSE I USE APPLESOFT 0 FROM MASTER KEY+. IF YOU ATTEMPT TO GET THE BOOT FILE OUT WITH SOMETHING LIKE REPLAY, YOU WILL FIND THAT IT IS TOO LONG TO PACK INTO A FILE (IT EXTENDS FROM 0800-9600 AND B700-C000, ALTHOUGH YOU COULD PROBABLY DO WITHOUT THE B700-C000 PART WHICH IS THE RWTS). SO WE ARE FORCED TO DO THIS MANUALLY. THE EASIEST WAY IS TO USE FASTLOADER (BY THE STACK), WHICH LETS US CREATE VERY LONG FILES THAT WILL RUN UNDER 48K, AND IT DOES A LOT OF THE WORK FOR US. THE ONLY HARD PART, REALLY, ABOUT USING FASTLOADER IS THAT IT REQUIRES US TO FIND THE STARTING ADDRESS OF THE PROGRAM. THERE ARE MANY WAYS TO DO THIS (NONE OF THEM REALLY EASY!), BUT MATHMAZE IS AN EXAMPLE OF A PROGRAM WHERE THE PROTECTORS MADE IT EASY FOR US. IF YOU BOOT UP MATHMAZE AND TRY HITTING RESET (WITH THE AUTOSTART MONITOR), YOU WILL FIND THAT THE PROGRAM JUST GOES BACK TO DISK AND RESTARTS ITSELF (SOME PROGRAMS WILL RESTART THEMSELVES WITHOUT THE DISK ACCESS). THIS MAKES LIFE REALLY EASY FOR US, BECAUSE ALL WE HAVE TO DO IS FIND THE RESET VECTOR (I ALWAYS KNEW MY NAME HAD A REAL PURPOSE HERE) AND USE THAT FOR THE STARTING ADDRESS. THE RESET VECTOR WILL BE STORED IN BACKWARDS FORMAT AT BYTES 3F2-3F3, WHICH IN THIS CASE WILL BE 04 08, MEANING THE STARTING ADDRESS WE WILL USE IS $804. NOW, WITH THAT OUT OF THE WAY, WE CAN CRACK THE BOOT INTO A FILE. I FIND THAT FASTLOADER GETS A LITTLE FLAKY IF THE FILES YOU USE ARE TOO LONG, SO HERE ARE THE FILES I TOOK OUT TO CRACK MATHMAZE. I AM GOING TO ASSUME SOME KNOWLEDGE ON YOUR PART HERE. AS DESCRIBED IN PART BY APPLE BANDIT, YOU HAVE TO BOOT THE ORIGINAL, HIT RESET AND THEN BOOT A SLAVE DISK AND SAVE THE FILES. IF YOU ARE SAVING A FILE THAT STARTS AT $800, THEN YOU HAVE TO MOVE THE $800 PAGE OUT OF THE WAY BEFORE YOU BOOT THE SLAVE DISK, AND IF YOU ARE SAVING A FILE ABOUT $9500 YOU HAVE TO MOVE IT DOWN IN MEMORY BEFORE YOU BOOT THE SLAVE. HERE ARE THE FILES:FILE1 IS 0000-0800 FILE2 IS 0800-3700 FILE 3 IS 3800-6700 FILE 4 IS 6800-9500 (LENGTH 2E00) AND FILE 5 IS B700-C000 (LENGTH 900). NOW JUST PLUG THESE INTO FASTLOADER WITH A STARTING ADRESS AND YOU WILL HAVE CRACKED THE BOOT INTO 165 SECTORS. NOW ON TO THE NEXT MESSAGE.