Tuesday, August 5, 2008

Hello and welcome!

Sometime in the summer of '09 will mark my 25th anniversary of being a copy protection tourist. During this time, I've looked at literally 1000's of different protection schemes from the stupid, to the stupendously elaborate. On my blog here, I plan to tell you about some of them, and tell you some stories from my life behind the patch.

You might be asking yourself what a "copy protection tourist" is, well, let me explain. If I get a software package with copy protection on it, I HAVE to pull out the toolkit and have a look under the hood. I have always said that some people work crossword puzzles, I examine protection code.

Throughout the years I have undoubtedly cost some programmers some money with my exploits, and I'm sorry for that, but for what it's worth, some of you guys really made me work for it!

I'll start off with one from Europe circa 1991. It was a DOS game (CGA/EGA graphics) called Superman. Published by some no-name publisher. This game had the WORST copy protection I have ever seen on it. That's not just hyperbole either, wait till you see it. Upon listing the directory of the floppy, I saw files similar to this:

runme.bat
superman.exe
s2.exe
(and some unimportant data files)

So, being brave, I ran the batch file. It went into graphics mode, and popped up a doc check (Enter this word from this page of the manual). I entered Fabulous or some such as I always did, and of course it failed. When it failed, it set things back to text mode, and just exited. So, I looked at the batch file, and was SHOCKED at the contents. I'll try to reproduce the contents here:

@echo off
superman
if errorlevel 1 goto fail
S2
:fail


Here's how it worked: When you ran the batchfile it ran superman, which was ONLY the doc check program. When you entered your word, it checked it, and returned a value based on it:

if(DocCheckPass == true)
RetVal = 0;
else
RetVal = 1;

exit(RetVal);

And then had the batchfile make the decision on whether to run the game or not. So, the fix for this, was to delete superman.exe from the disk, rename S2.exe to Superman.exe, and clean up the batch file. This was so easy that I let Dave (Candyman) do it so that he could say he had cracked something.

That's it for THIS post. In the future I'll try to make the each post describe a protection system that I've seen. I hope you enjoyed it!

No comments: