|
Hi JOTD,
I had a look at Sinbad and coded a decrypter for the game which you can find below. This will fully decrypt the loader ("LoadSinbad") and bypass the disk protection too. Just LoadSeg the "LoadSinbad" file, then execute the decrypter, flush the cache and jmp into the game at offset $4f0. This should fix all the problems with the game that are caused by the wrong crack. I also had a look at the source and it should be redone as currently 90% of is consists of a (bad) crack patch. Source for the decrypter follows, you have to remove the "+60" because I worked with the executable i.e. I had to skip the hunk header. If you don't feel like working on this patch anymore let me know and I'll redo it.
; Sinbad and the Throne of the Falcon decrypter
; stingray, 03-Feb-2012
; early version of the Herndon HLS protection (1 pass)
START lea data+60+$2,a3
lea data+60+$36,a5
.do move.l a3,a0
move.l a5,a1
move.w #$23c,d1
move.w (a0)+,d0
eor.w d0,(a1)+
subq.w #1,d1 ; because of prefetch trick
moveq #14-1,d7
.loop not.w (a0)+
dbf d7,.loop
lea data+60,a0
move.l a3,a0
move.w #"Si",(a0)
subq.w #2,a0
.loop2 move.w (a0)+,d0
eor.w d0,(a1)+
dbf d1,.loop2
move.l a3,a0
subq.w #2,a0
moveq #0,d0
move.w #$1021,d6
move.w #$fb,d5
bsr.b .getkey
move.w #$15b,d2
.loop3 move.w (a0)+,d1
add.w d0,d1
eor.w d1,(a0)
dbf d2,.loop3
move.l #$3ca,d0
move.l d0,-(a7)
move.l a3,a0
subq.w #2,a0
moveq #0,d0
move.w #$1021,d6
move.w #$265,d5
bsr.b .getkey
move.l (a7)+,d1
and.w #$FF80,d1
add.w d1,d0
eor.w d1,d0
lsr.w #8,d1
eor.b d1,d0
lea .reloc(pc),a2 ; reloc entries
move.w d0,d2
moveq #0,d0
.relocloop
move.w (a2)+,d0
move.w (a2)+,d3
beq.b .exit
lea data+60+$4f0(pc),a0
add.l d0,a0
add.l d0,a0
move.l a3,a1
subq.w #2,a1
subq.w #2,d3
.loop4 move.w (a0)+,d0
move.b (a1)+,d1
eor.w d2,d0
eor.b d1,d0
eor.w d0,(a0)
dbf d3,.loop4
bra.b .relocloop
.getkey subq.w #1,d5
.keyloop
move.w (a0)+,d1
moveq #16-1,d4
.calckey
moveq #0,d2
lsl.w #1,d1
roxr.w #1,d2
eor.w d2,d0
lsl.w #1,d0
bcc.b .skip
move.w d6,d3
eor.w d3,d0
.skip dbf d4,.calckey
dbf d5,.keyloop
.exit rts
.reloc DC.W $0012,$0015,$002C,$000A,$003B,$0018,$006C,$0006
DC.W $0074,$0007,$007D,$000E,$0093,$0007,$009C,$0005
DC.W $00A3,$0005,$00AA,$0005,$00B7,$001B,$00D7,$0006
DC.W $0000,$0000 |
|