help hacking MSR checkum file

hi there people. As everyone knows this game have a heavy protection that was only beaten by some, like echelon,yzb... What i know so far:
the game have a checksum file to check the LBA and size of every file in the game.
This checksum is inside a file and is compressed and encoded i think...
What i what to know is if someone know how to extract this information from that file, to do the necessary modification(LBA, and size) to make the game boot.
I apreciate any help on this, because i want to make a 90 min rip with nothing downsampled.

Thanks people!!!

 

@yzb37859365 might be the right person to ask!

 

@yzb37859365
can you help me please?

Thanks.

 

What version do you want to do?
The US version or the European version?
I've done the 80min complete version of the game before（ nothing downsampled.）

 

@yzb37859365 out of curiosity: does this game "have heavy protection" as topic starter said ? I highly doubt it is, more like he means integrity check of packed game files.

afaik none of GD-ROM games have any kind of custom protection.

 

I want to do the us version.
Your release dont have the sfd downsampled?
The protection is a litle tricky.i think its a LBA and size check inside 1st_read.bin.
about the size no prob because i dont want to alter nothing, well maybe shrink the afs, but the LBAs are the problem.

 

It's not *copy* protection, but it still stops us from easily making selfboots or mods. Some retail games have "copy protection" 0xCDE4-something, but that was cracked in like 5 minutes.

 

I was mistaken ，downsampled msr.sfd (thanks -=FamilyGuy=- help me make)

This game is more special, it is read according to LBA (the LBA list is written in the MSR.BIN file).
The LBA list begins at the msr.bin address 0xfadbc, which includes the file name of the folder and the size of the LBA file

The inside data has been encrypted and needs decryption, the decryption source in the 8C02DBDC, that is, the 0x1DBDC in the msr.bin.

 

tgreat info yzb37859365.
i dont want to abuse of your good will but you still have the decompression program you used for your release?

Thanks

 

Do you mean the procedure for deciphering the LBA list?
Unfortunately, the computer can't find it once.

 

Thanks anyway yzb37859365.
You already give me something to work on. You are the man!

Thank you very much.

 

Lots of GD-ROM games included protection schemes after people started making copies. These range from simple (including a large dummy file too large to include on a CD-R and then checking the size of the file in the ISO file table, which can be easily beaten by just not including the dummy file but injecting a fake entry into the ISO file table as in the case of Virtua Tennis 2) to more advanced checks that require patching them out of the binary. They definitely weren't just integrity checks but checks designed to throw off people attempting to make copies.

 

ok, this really looks like silly "protection", and uses hardcoded LBA for files, even if this makes game binary building much PITA for developers
cant say it really "encrypted", there used quite simple XOR. each file record consists of:
- folder name, zero terminated;
- file name, zero terminated;
- LBA dword;
- file length dword;

LBA and length dwords xor-ed with theirs location offset from start of table.
folder/file names xor-ed like:

and may be easy decoded in reverse way.

 

Now, is all the DC official Games cracked and free to copy?

 

Ooga booga... Still looking for help on that .

 

Well, MetalliC pretty much explained it to you...

 

thats for MSR, i still havent made much progress on ooga booga. it does something strange with the binary immediately upon loading.

 

Sorry, I though you were still asking about MSR.

 

No worries!

 

what you mean strange ? iirc this game uses MMU, or at least enable it, this may make few things a bit different.