home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Various Unprotection Examples
/
unprotect.zip
/
unprotect
/
COPYPROT
/
SYMPHONY.UP2
< prev
next >
Wrap
Text File
|
1985-03-20
|
4KB
|
121 lines
SYMPH DOCSYMPH COM^LSYMPHONYUNPHere is the "ENGLISH" version of the Symphony Unprotect procedure:
1. Rename the program
REN SYMPHONY.CMP SYMPHONY.XXX
2. Type DEBUG SYMPHONY.XXX
3. After the - prompt appears, type R and press Enter
Look at the value displayed for the DS register (left hand, second line)
Whatever the value is, add 1000 to it. For example, if the DS contains
05DF, add 1000 to make it 15DF. I will refer to this new value as yyyy
in the next step.
4. Type E yyyy:3A05 75 press Enter
5. Type W press Enter
6. Type Q press Enter
7. Rename the program back to the original name
REN SYMPHONY.XXX SYMPHONY.CMP
Now, BEFORE you run the SYMPHONY program, run the program in this Library
call SYMPH.COM. This need only be run ONCE after each boot. If you want,
you may place it in your AUTOEXEC.BAT file. It uses Interrupt 75H which
should not conflict with other programs (NOTE.. this may not be true on the
3270PC).
After running SYMPH.COM, you may run your patched version of SYMPHONY
without the need for the master diskette.
The other files in this library are:
The original unprotection scheme which required you to assemble a program.
The assembler SYMPH.COM.
Good Luck.
nged file
;-Q ;exit debuger
;A>REN SYMPHONY.XXX SYMPHONY.CMP
;A>SYMPH ;execute THIS PROGRAM (it modifies the changed interupt
; ;back to 13H since SYMPHONY does checksum of it's self)
;
;
;
; assemble, link, exe2bin
;
;Execute this program before using SYMPHONY.
;There is no need to re-execute this program after exit from SYMPHONY, in
;order to use the SYMPHONY again, since it is a resident program
;
;
;to further examine the symphony for possibly other way to solve this, using
;DEBUG, do:
;A>DEBUG SYMPHONY.EXE
;-G2
;-T3
;-G8A40
;-T ;at this point you will find the the subroutine that fills
; ;location ds:8735 with n and int 13 (the second one) which
; ;reads the serial number from flopy disk in A. Zeroing 8735
; ;fools the symphony, and prevents it from testing for special
; ;track/sector structure on the flopy. If the location 8735 is
; ;not zeroed, debugging will not be possible after IP 8A4D,
; ;since INT 3 will be modified by SYMPHONY.
;
SYMINT EQU 75H ;interupt to use
SYMFLG EQU 8735H ;see above for info
CSEG SEGMENT
ASSUME CS:CSEG,DS:CSEG
ORG 100H
PROGRA: XOR AX,AX
MOV ES,AX ;set to segment 0 (interupt table)
XOR DX,DX
MOV AL,SYMINT ;interupt number
MOV CX,4 ;get position in interupt table
MUL CX
MOV BX,AX
TEST WORD PTR ES:[BX],0 ;test if set?
JZ DOIT ;no, go set it
INT 20H ;exit to dos with out mod
DOIT: ;get interupt routine address
MOV word ptr ES:[BX],offset corc ;store it at the apropriate int address
MOV ES:[BX+2],CS ;also store the segment
MOV DX,5+16 ;lenght of this pgm in segments
MOV AX,3103H ;exit & stay resident
INT 21H
;this is the actual interupt
CORC: CLI
PUSH ES ;save all used registers
PUSH BP
PUSH BX
MOV BP,SP
MOV ES,[BP+8] ;get calling segment from stack
MOV BX,[BP+6] ;get calling address from stack
DEC BX ;back up one
MOV BYTE PTR ES:[BX],13H ;store interupt 13h there
MOV BYTE PTR DS:SYMFLG,0 ;zero out the flopy test flag
POP BX ;restore registers
POP BP
POP ES
STI
IRET ;back to symphony
CS:SYMFLG,0 ;zero out the flopy test flag
POP BX ;restore registers
POP BP
POP ES
STI
IRET ;back to symphony
CS