Ripping problems

Hmm, i don't think to is the best way to learn GD protection.
It will be great if you upload full GD image, but if you don't want upload full GD image, you can replace game files to dummy files with same size and filenames in damped GD image and upload it here.

Come on guys, it need for patriot, for cracking protection.

 

Full image won't happen. As I already said a few times, the directories are the same and the dummies are byte for byte replicas of the original disc contents. It has already been done in that link posted previously - there is no more to give as it has been given.

 

Tormented themselves.
bb

 

The release mimics the disc problems exactly. The files loaded are the minmum to work. There are only 4-5 other files which background load, but it makes no difference if they are gone.

 

Theoretically, we can recreate GD image from files, but alas it will differ from the original, and I doubt that it will be workable.

The only way, as i see, it replace game files in source GD image to dummy files with same name and size using special programm like:
MagicISO
PowerISO
UltraISO
WinImage
WinISO
MagicDisc

 

I did all my dummies manually - it is negligible difference, I tested with Katana / GD Workshop, it is byte for byte - directory LBA etc is the same. It took several hours to make

Besides as I said, Katana says which files load, most are present. I'd maybe add extra 5 preloaded files tomorrow, but now I must sleep.

 

Hey LeGIt, have you tried to use any loaders like dreamon menu and ginsu ? i know it can help to bypass some protection like for Speed Devils . i dont have time to test it by myself now ...

 

I've sent him the bootbin and bootsector as soon as it was avaiable and he studied the bare necessities pack already, if he's asking for something it's not simply to bother, it's because he needs it.

What patriot needs is an "edited original gdi", in order to crack this god damn game by simply following the boot process and dissassembling the executables files. He once sent me some of his analysis for BC! and trust me the guy is a real SH4 beast.

What you should understand is that, as far as I know, he does not rely solely on emulators to "debug" and study what's happening. So if the code loaded in memory ask to read at this LBA or this other, he needs the gdi file AS ON DISC in order to track down what's really happening.

What is needed to do is simply to open original track03.iso with a hex editor, look for the address of a non needed file, replace each bytes by 0x00 (can be done by copy/pasting the dummy file you put in bare necessities) then repeat for every non needed files. This will "censor" the gdi, but it will keep it exactly as on disc for the files needed to boot up to the menu. I'd do this myself, but the VNC seems down at this moment,


I beleive this guy is our best bet at making this happen, he is truly the best DC hacker I've come to know, and you know I know a lot of them ...

Cheers,

FG

 

I say let Lin1985/Patriot have the files he needs. It's not as if he can crack the game and release it with it filled with dummy files. I believe in -=FamilyGuy=- when he says patriot is our best hope for ever getting this game hacked and running as a selfboot disc. We all want it to happen but things don't seem to be going anywhere even with the best efforts of all involved in trying to hack this game. I know you guys are trying really hard to make this happen and I and I'm sure others really appreciate this but what you don't know you can't fix. Patriot seems to know a lot more than anyone else if looking at his past hacks are anything to go by.

Yakumo

 

Hello everyone

I have stayed out of this thread as I do not have any technical knowledge to help the process.

I just wanted to say I really appreciate all the work everyone involved is putting in :thumbsup:

I am sure as a unit you will solve this in the end and its great to see so many people working together for the release of a much anticipated game.

good luck guys and keep up the good work!

thanks ray:

 

Yakumo the Katana/5.24 only loads so many files to get going. Beyond this, the rest is dead weight as they don't even get a look in (well... if you don't mind staying at the menu) and those were included (Well except for 5 which preload).

I understand what he says, but there are 1760 or so files and 1750 are disregarded to get to the menu - the other 1750 or so were byte for byte dummied per directory so the LBA's are correct which for all intents and purposes simulates the only handful which do load rather accurately.

I'll get to work adding the extra 5 preloaded files but realistically it is gong to take many hours to complete, but somehow I get the feeling with everything that is needed included it won't be good enough

EDIT: VNC is down for the time being anyway so still can't do much.

 

I'm guessing the reason LeGIt and ASSEMbler are so reticent about releasing the complete raw source is because of a potential early leak. Maybe I'm missing something but does it matter if the full GDI makes it on to the net? As it stands these files in their current state are all but useless and at some point are going to be released anyway. I don't think any of us donors gives much of a toss how many other people get to play this game in whatever form it appears in as long as we get a nice pressed copy with full artwork etc at some point.

 

Well the full .GDI means it could be played now via nullDC or 5.24 with no problems, this is true. As with other releases though once it is out there people lose interest in their hard copies then demand refunds. You probbaly missed it, but we had all of this headache with an early release before.

ServiceGames owned a Propellor Arena GD-R (as did a few of us) but what made him different is that he was willing to release it, so there was an ASSEMbler fundraiser. He took larger donations for a nice printed copy in a case etc (though a label on a CD-R), bought all of the stock needed but because he couldn't dump it he handed it to Belokk to deal with. Belokk needed help to crack it and spread the files around, the game got cracked and released, but ServiceGames was the last to know about it and annoyingly ASSEMbler and the donors didn't even get a mention. Then many donors kicked up a fuss and wanted a refund, but ServiceGames had already spent a large amount of money on the preparations for their hard copy, plus he was having RL money woes too.

IMO if the full .GDI route goes ahead it is best to refund the extra pressed copy money and leave people to print off their own covers and burn their own CD-R as and when the game gets cracked, but we are not at that point yet.

 

Perhaps instead of speculating we can send a PM to all donors (the list is known) with if they have a problem with sending the files to person 'x' and that they understand -worst case scenario- the files could leak out early. If all agree we can go ahead .

Personally I don't care if the files get send out to person 'x' for hacking. If I can play the game in the end it's all good .. and receiving a pressed copy afterwards is pure win

 

They're asking for the .GDI with dummied data to retain the structure though, I basically already did that (well gave them the parts to make their own)!

I will redummy from scratch but it will take time (1750+ files...) and probably make no difference, but the VNC is offline so I can't start yet anyway.

 

i say if we can prove we can trust him i say give him access to the VNC
we already have one prominent member vouching for him

just keep it to supervised access so that if anything fishy goes on
then the connection can be severed


if he really is the bleemcast guy then i trust him the most
and he should be accommodated in the most secure way possible
to examine an unmodified gdi

 

*sigh*

The VNC is currently offline (as stated more than once).

The VNC is difficult to supervise. If it could be supervised ASSEMbler needs to be working or sleeping, but basically anything and everything but watching what people are doing.

The real or dummied GDI should make no difference for debugging purposes - only 10 of the 1766 files are needed to get to the menu (including the preloaded files).

They are the bare necessities:

LBA 547342 data/1ST_READ.BIN 3,393,893 bytes
LBA 462904 data/MIFF/FONT/KANJI.BIN 46,440 bytes
LBA 462941 data/MIFF/FONT/RES.MIFF 3,138 bytes
LBA 463014 data/MIFF/FONT/SLICKER16.MIFF 143,810 bytes
LBA 463359 data/MIFF/FONT/TERMINAL_6X8.MIFF 6,218 bytes

and the preloaded files:

LBA 462756 data/MIFF/SMAINFO.MIFF 96 bytes
LBA 463363 data/MIFF/GENERAL/SC.MIFF 2,164 bytes
LBA 463365 data/MIFF/GENERAL/VOLUMES.MIFF 12,328 bytes
LBA 530838 data/SOUND/ARMCOM.DRV 56,752 bytes
LBA 530866 data/SOUND/GEISTNEW.MBP 272,160 bytes

This means 1756 files will be completely unneccessary as AFAIK they do not load at or for the menu and their LBA postitions are already confirmed as accurate with the current dummied pack / GD Workshop BUT as I already said I'll spend the fuckload of time to dummy them regardless as and when the VNC is available.

I can't do it if the VNC is offline though can I!

If I do have acces it will take hours if not days to redo.

When it is done, it will probably give no new insight (other than from the extra preloaded files), but I'll do it regardless - but as I said, it is not possible to do it right now and if I start it will take hours or days to finish.

 

Risk vs Reward and all that. There arent exactly a lot of people who have the knowledge to crack the game, and even if it leaks, the worst that can happen is we all have a copy to play. I paid for a pressed copy, but even if that doesnt happen, theres always more that can be released in the future with the money.

 

Another vote for giving the guy whatever he wants, sounds like an unedited GDI is the way forwards.

 

@LeGIt

To rebuild a gdi from the files, I think we need a dump of track1 and track2 too. Of course, we can use dummy tracks but that is less accurate and I don't think releasing track1 and track2 is risky.

To dummy 1700+ files, it is easier to work on track3.iso as the majority of the files are grouped together. Load it up into a good hex editor, select the ranges of the address occupied by the files that are grouped together, replace all bytes with zero. You probably will be able to replace 1600+ files all in one go.
If you don't have a good hex editor, PM me.

To be honest, I think a binary gdi dump (2352 format, not 2048 iso) is best thing for hacking purpose in the rare case that the game uses sub-channel data. But sure, I know how hard it is to dummy 1700+ files in a binary dump.

additional tests I have done:

1. Created a .nrg using the original IP.BIN and scrambled bootbin. It WORKS !! (in NullDC only)
What does that mean ??
That might mean the game is still in early development and still works like a "home brew" without most of the "standard protections" used in other commercial games which fails without a hacked IP.BIN. (or might be not, who knows)
Then what make this rip fails in a retail DC ??

2. burnt a CDR with files sorted differently. Starting from the outer edge, the files are:
1st_read.bin, dummy, then the rest of the files.
Boot the CDR and after the initial seeking, the laser head stays at the outer edge and hangs there.
That is, the game hangs before even accessing 45016.(and yes, I ripped open the GD drive and watch the movement of the laser head.)

The protection seems to be located quite early in the bootbin.
With a known "bad" rip, a known "good" copy and a way to debug them with the correct hardware/software, it should not be difficult to crack this game by comparision.