home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cheats, Hacks & Hints
/
Cheats_Hacks_and_Hints.bin
/
more
/
various5.txt
< prev
next >
Wrap
Text File
|
1995-08-11
|
39KB
|
1,402 lines
Crack> Mean 18: Accolade
crack written by Briggs
Caution: Do not modify your original disk.
Copy all your files to another disk or to a subdirectory on your
hard disk and put the original disk away in a safe place.
Mean 18 does not indicate a version number but the file size for
GOLF.EXE should be 89375 bytes. The copy protection scheme
looks for a bad sector on drive A. We will patch 4 calls to this
routine with NOP's (no operation) and patch 1 JUMP to an early
exit with a NOP.
Put DEBUG.COM (from your DOS disk) in the same directory
or make sure it is in the DOS path. Type the following commands:
REN GOLF.EXE GOLF.XXX Rename program for debug
DEBUG GOLF.XXX Start debug
RCS Check contents of cs register
Retype the 4 digits shown, but add 1 to the left digit first. The
code that we want to change is beyond the current 64K segment.
E CS:4FE3 90 90 90 NOP the first call
E CS:4FEC 90 90 90 NOP the second call
E CS:500A 90 90 90 NOP the third call
E CS:5019 90 90 90 NOP the fourth call
E CS:5058 90 90 NOP the early exit jump
RCS Check cs register again
Retype the 4 digits shown, but subtract 1 from the left digit first.
Restore the cs register to its original state.
W Write file back to the disk
Q Quit debug
REN GOLF.XXX GOLF.EXE Restore file name
Now run GOLF and confirm that the patch works.
>>>Note from Bob: If this doesn't work, there are two more cracks I
>>>have on file for Mean 18.
Crack> Accolade Software (generally)
crack written by The Mad Hacker
Here is an easy way to remove the protection schemes of 4th
& Inches, Test Drive, Fast Break, and other Accolade Software.
Search for 55 56 57 06 1E and replace with 31 C0 C3 06 1E.
(Use Norton Utilities, DEBUG, PC-Tools, or other equivalent.)
Crack> SimCity
crack written by Mike Basford of Canada
Use Norton or PCTools to search for 0C 87 00
75 3C and change the 75 to EB. Write the bytes.
Crack> Their Finest Hour: The Battle of Britain
crack written by Mike Basford of Canada
Here's how to get rid of that silly code wheel.
After this you don't have to tune the radio any-
more.
You will need Norton Utilities or Debug,
Norton is easier. When using Norton Utilities,
select BOB.EXE and search for 36 24 75 08 B8
01 (using the hex field) and change the 75 08 to
90 90. Write the data and you're done.
If you are using Debug:
REN BOB.EXE BOB.XXX
DEBUG BOB.XXX
R use the value of CS for the next step
S CS:0000 FFFF 39 87 36 24 75 08 B8 01 00 8B E5
replace CS with the value
(Debug should respond with something like
this:
CS:xxxx xxxx is used next)
U xxxx use the value from above in place of xxxx
(You should see:
CS:xxxx CMP [BX+2436],AX
CS:yyyy JNZ 7762)
E yyyy use value from above
75.90 08.90 you type the 90s
W
Q
REN BOB.XXX BOB.EXE
Now run it and have fun.
Crack> Pool of Radiance by SSI
crack written by Les B. Minaker of Canada
Requirements:
PC-Tools or Norton Utilities
I was getting really annoyed at the copy
protection with this game, so I got out my sector
editor and started poking around. Eventually I
found the answer.
First install the program normally by unarcing
it onto your hard drive or 7 floppies.
*Note:* I had absolutely no luck unarcing it onto
floppies. It took me an hour and didn't even run!
(But, it did install to the hard drive O.K.) Part of
the install is configuring the program for your
system.
Once you have the program installed:
1. Find the file named START.EXE and rename
it to something else like STARTBAK.EXE.
2. Copy the file STARTBAK.EXE to
START.EXE. This renames the original and
makes the copy the executable program.
3. Using PC-Tools VIEW-EDIT mode or Norton
Utilities Hex Editor, call up the file
START.EXE.
4. Find the 13 following words with the Hex-
Editor and change each one to HAHAHA (or
any 6 Capital letters - not lowercase!) and save
the changes to disk in the file START.EXE:
>>>Note from Bob: It's easier to change all the
>>>words you find to Hex 00. Then, just press
>>>'enter' when asked for the code check.
>>>However, his way works as well.
BEWARE, ZOMBIE, NOTNOW, COPPER, DRAGON, EFREET,
FRIEND, JUNGLE, KNIGHT, SAVIOR, TEMPLE, VULCAN,
WYVERN
5. When you enter the program and are asked for
the code from the Translation Wheel, type
HAHAHA and you're in!
That's all there is to it. It is understood, of
course, that this unprotect is only to be used by
legitimate owners of the game - who have tired o
spinning that &%@# code wheel!
Crack> Paladin by Omnitrends
crack written by Jim Bello
This patch will remove the jump to the docu-
mentation check in Paladin.
Use PCTools or Norton Utilities to search for 3B 46 FC
75 0B and change the 75 0B to 90 90.
The Documentation check window will still
appear, but just hit 'enter' and the program will
run.
>>>Note from Bob: What *is* this game?
Crack> Games: Summer Edition by Epyx
crack written by The Mad Hacker
To unprotect THE GAMES, search for E8 87 00 59 C6 and
change to 59 59 5F EB 55.
Crack> California Games by Epyx
crack written by The Mad Hacker
Using PCTools, search for FA FC 55 56 57 and replace
with 00 00 31 C0 C3.
Crack> Games: Winter edition by Epyx
crack taken from BBS
To deprotect The Games: Winter Edition, follow these
steps:
RENAME GAMES.EXE GAMES.XXX
DEBUG GAMES.XXX
S 0000 FFFF 0B C0 74 01 to search for the protection pattern
The computer should respond with only one address. If
none or more than one is given, this deprotection may not
work. Sorry!
Take the address given (in the form of XXXX:YYYY) and
subtract 5 from the YYYY address. The numbers are in
hexadecimal. *Do not attempt this patch if you do not
understand Hex.*
>>>Note from Bob: If you don't understand hex, I'm sure
>>>the person sitting next to you does. If not, email me.
Use the subtracted number (ZZZZ) and enter it in
DEBUG.
E ZZZZ EB 03 90 90 90 31 C0 NOP the protection scheme
W Save the modified file
Q to exit to DOS
RENAME GAMES.XXX GAMES.EXE
Crack> Elite Plus by Microplay
crack written by Vartan Narinian
>>>Note from Bob: I am corrected; this wasn't extremely
>>>nasty to do. In his words, it "wasn't so bad." :)
OK, I finally hacked it. Here's what to do:
Search for:
BE 0F BF BF 2B 30 E8 E3 FE E8 BD FE
Replace the first two by: C3 00
Search for:
2E 89 6F C8 E8 B1 24 E9 34 1C
Replace the first four with NOPs (90)
This takes care of the check if the word is correct.
To actually remove the question,
Search for:
E8 FF 19 BF D9 06 81 C7 C4 06 B0 18 BB 5A 00
BA 0A 00 B9 93 00 FF D7
Replace the first three and the last two with NOPs (90).
Crack> Eye of the Beholder II
crack written by anonymous (send questions or comments
to ri09+@andrew.cmu.edu and I'll forward them)
This is a nice 1-byte crack for Eye of the Beholder 2.
The boys from SSI tried to be tricky, (maybe unknowingly)
but I got through their BS anyway.
They had some funky way of reading the key-board. I'm still
not sure how they did it, but Hey... WHO CARES!!!!
Besides that, putting the protection way INTO the game makes
things harder sometimes.... (not this time :-))
Basically, what this crack does is the follwoing......
The program does the following:
1 Get input
2 Encode / decode etc. etc. etc.
3 Was it the right one?
If so JUMP and continue the program
If not, return to protection routine.
My patch changes the "If so JUMP" line to "JUMP ALWAYS"
So the patch:
Scan for: 83 C4 08 0B C0 74 14 47
^-------------Change to EB
Thats it.....
Have fun.
Crack> Centurion
crack written by anonymous (send questions or comments
to ri09+@andrew.cmu.edu and I'll forward them)
This is a (maybe THE) crack for Centurion.
To make it accept any answer as input:
Scan ovl0.ovl for 5B 5B 0B C0 74 06 FF 46 FE
