Compose your message:
Email Address :
Password:
OR
Your Name :
REAL Email Address :
(PRIVATE)
Subject :
Please type in your message (no HTML codes) :
[quote]On 06/14/2011 @ 10:55, Lord Crass wrote : I took a wild guess and just tried the simple, tried-and-true decrypt loop you see used everywhere (the standard LDA #$key, EOR/STA, loop) and the decrypted code was 50% correct. EOR every odd byte with #$31 after that, and you have completely decrypted code. This makes it simple to re-encrypt too, although I haven't looked for checksums on the encrypted block yet. : : The decrypt routine does wind up setting some values in the I/O and zero-page areas. Not sure if these values are used as part of the routine, or if they're breadcrumbs for later. : : When you see that "Still loading, please wait..." screen and wonder what's taking so long, it's this decrypt loop, the uploading of drive code through a VM (x2), decrypting of drive code in the drive itself, and then the execution of the protection checks themselves (x2). : : I'm surprised this protection wasn't used on more than 2 games considering the effort that must have gone into designing it. The VM has 20 instructions, but SRB only uses 8 of them. -- [/quote]
File to attach:
(limit 250000 bytes)
SECURITY QUESTION
I had 8 oranges and then I was given 4 more.
How many do I have now?
: