No joke. I came across CONFTOOL.EXE (Demo Disc Config Tool) and PRVER.EXE (prver version 1.0) in ops2m demo 30, SCED-51489 (February 2003, French issue) PRESSED disc. They don't run. Are the proggies incompatible with NT ? Definately not; they're just... trojaned. Check out those logs : PRVER.EXE CONFTOOL.EXE The next issue, ops2m demo 31, SCED-51556 (March 2003, French issue) apparently contains the same build of CONFTOOL, but this time it's clean and runs under XP.
It's not the first time i see that stuff on original pressed discs. It happened before. Don't remember what game it was but it was one of those famous RPGs in a huge collector's box. Also when i bought Alien Legacy CD (Sierra Originals), game didn't work as is. Why ? Simple - there's no label on CD, and fix is simple - open game exe and replace expected CD label with zeroes (hex 20)
Were those tools ever intended for the end-users to run, or were they just left behind by the developers? 0x20 is the whitespace (aka "space") character. Why would changing the label within the game executable fix the game? Was that some sort of cheap copy-protection mechanism that checked whether the disc's ISO9660 filesystem label matched?
For devs. CONFTOOL encrypts/decrypts CONFIG.DD2, which is the index file of the demo menu. The person who compiled the demo disc has added his workdir to his CDVDGEN project, including $ony's DOS app. The funny thing is that EXEs are trojaned with malwares in this demo disc:disgust:. One of the reasons why I love demo discs, authors left interesting stuff on them sometimes. As another example, I've found a "SEGSAMPL" folder in a demo disc, which is a precompiled demo menu (sample), part of the official $ony SDK... EDIT : $ony was aware of CONFTOOL being pressed on several demo discs. They've changed the config file encryption algo in 2003. On 2003+ releases, the config file is XORed by the ASCII string "Sir Robert McAlpine Fine Cranes"... Makes hackers happy:victorious:.
Right, it's spaces, not zeroes i think. And game searched for AL_CD_V1.10 label and was unable to find it because disc had label with 11 spaces (or zeroes, don't remember).
Nothing unusual - there are tons of virus/trojan things on many office computers. Many of workstations that do a single task don't have any antivirus, and really do you need it when you just do same thing every day ? Usually you don't... until some guy will bring a disk from his computer and he likes to browse some fishy porn sites That's how this stuff can get it's way to pressed disc.
A quick Google search pulled up Atelier Marie released in Japan. Probably the only one. Has to do with a screen saver included on the disc.
Crafty hackers found a full backup of the PS1 Dance Dance Revolution 5th mix source tree on another Konami game, being used as a dummy file. It was xored or something like that.
I know some malicious executables have found their way onto pressed discs but you can't always trust virus scanners, there are so many false positives.
These 2 EXEs antivirus reports aren't false positive. The injection of the malicious code totally messed up program data. The proggies won't run. A comparison between the suspicious CONFTOOL and a clean one clearly shows that parts of program segments were replaced with packed or obfuscated junk. I've found that proto in a retail PS2 game (as dummy file), can't remember which one : [video=youtube_share;_axPGoAAoI4]http://youtu.be/_axPGoAAoI4[/video]
Oh, kind of like how every Windows XP CD contains a copy (well, kind of) of Microsoft Bob? It's in the oemdata.bin (or sth like that), someone needed some filler data, took Bob and, for the encryption key, just mashed randomly on his keyboard. edit: Only the copy of Bob is actually encrypted instead of the DDR file - which is simply a renamed .lzh. D'oh! Oh, and while looking through the Android version of Military Madness, I came across a backup copy (a ".java~" file) of the game's core logic; Hudson's graphics/audio framework isn't included though.
So... what did Konami say about the source code, if any comment was made about this discovery by the community? This reminds me of back when full copies of PC-DOS 2000 (The diskette and CD-ROM versions) were found downloadable off the IBM servers by the public. Until today, I don't really know whether we were actually allowed to acquire and use them.
