AGA-Fixing | Artwork | Cracking | Demos | Emulation | FAQ | Feedback | Games | HD-Installing
History | Home | Icons | Join Us | Links | Memberlist | MFM-Installing | News | Patches | Rob Northen | Utilities
Decoding the Amiga version of Dark Side
In this example we will decode the copylock from the game Dark Side (c) 1988 Incentive. To decode it, you will need Workbench 2+, a 68020 or higher, reqtools.library and the original disk!
You can download all the tools you will need at the bottom of this document.
Copylock Decoder Guide
After installing Copylock Decoder, run the program by typing CopylockDecoder into a CLI/Shell.
An information screen will appear. Press OK to continue.
You will now be prompted to choose the copylock program to load. For Dark Side, the game loads the file 0.drk. Select the file and press OK.
You are now prompted to enter the copylock key for the later types of copylocks. In this case it doesn't help as it is a 3 key decryption so press OK to skip it.
We have the original game disk, so select $89?? when asked for the sync.
Ensure the original disk is in the drive and hit OK.
When asked to decode more than one hunk, select No.
At the Relocate decoded file prompt, select No.
The drive will now be accessed and the copylock decoded. This process is sometimes very slow so allow about 10-20 seconds for it to work.
You will now be asked where you want to save the decoded files to. In this case I have chosen to save the file to Ram:
You will now be shown the registers used to decode the file. Unless you are a cracker yourself, do not worry about these numbers!
You will now be shown the registers used to relocate the file. Once again, do not worry about these numbers!
Congratulations, the decode is complete!
Now that the game is decoded, you should have 3 files in Ram. In this case, 0.drk.dec, 0.drk.reg1 and 0.drk.reg2. Pack these files up and send them to the WHDLoad installer for them to write the patch!
Decryption Source
Here is the routine I used to create the WHDLoad patch. The encrypted file is loaded and the address is passed into this routine in the address register A0. The data is decoded, then relocated over itself.
_Decode movem.l d0-d7/a0-a6,-(sp)
move.l a0,a5 ;a5 = Start of the data
move.l #$4f9a,d0 ;d0 = Length of encrypted data
move.l #$a9c98459,d5 ;D0 = $00004F9A , D1 = $00000001
move.l #$d4657d6f,d6 ;D5 = $A9C98459 , D6 = $D4657D6F
move.l #$d465e035,d7 ;D7 = $D465E035 , A0 = $00000CEC
lea $cec-$1c-$4(a5),a0 ;A1 = $0000001C , A2 = $00000CF0
bsr _Decrypt
lea $cf0-$1c+$10(a5),a2 ;Table of reloc32 values
lea $e5c-$1c-$4(a5),a3 ;Current position of game code
move.l a5,d0 ;Destination address
_RelocNext move.l (a2)+,d2
beq _RelocDone ;Registers used for relocate file
add.l d0,(a3,d2.l) ;
bra _RelocNext ;A2 = $00000CF0 , A3 = $00000E5C
_RelocDone lea $e5c-$20(a5),a0
move.l a5,a1
move.l #$4f9a-1,d0
_Relocate move.l (a0)+,(a1)+
dbf d0,_Relocate
movem.l (sp)+,d0-d7/a0-a6
rts
;============================================================================
_Decrypt movem.l d0/d5-d7/a0,-(sp) ;Rob Northen Decryption (3 Key)
.DecryptLoop lsl.l #1,d7
btst d5,d7
beq.s .Skip1
btst d6,d7
beq.s .Skip3
bra.s .Skip2
.Skip1 btst d6,d7
beq.s .Skip2
.Skip3 addq.l #1,d7 ;Modify key for correct btst!
.Skip2 add.l d7,(a0) ;Modify key to encrypted data
add.l (a0)+,d7 ;Modify key with next encrypted long
subq.l #1,d0 ;Subtract from counter until null
bne.s .DecryptLoop
movem.l (sp)+,d0/d5-d7/a0
rts
Please note that every copylock is different so the routine above must be modified for each game. The relocation routine especially will need changes due to different hunks in the game.
Copylock Decoding Tools
- Copylock Decoder - Copylock Decoder written by Mr.Larmer/Wanted Team!
- Decryption source code - The above source code using normal tabs :)
AGA-Fixing | Artwork | Cracking | Demos | Emulation | FAQ | Feedback | Games | HD-Installing
History | Home | Icons | Join Us | Links | Memberlist | MFM-Installing | News | Patches | Rob Northen | Utilities