some old games cracking info

well i spent some good time a few years back messing around with some games and stuff. ive got some old txt files with notes i wrote my self on stuff, conversations with other crackers, and some jpegs pointing out hex locations, with things that i made some progress on but never got around to doing too much on... not quite sure which stuff currently i still have stuff on, but id be willing to post it all if anyone can use the info and possibly put it to some good use....

 

Hey there,

Have you ever heard of the "Yamaha 400/GD-R firmware?" A friend of mine somehow came across the file (KAL-GDRF.zip) and told me it was a firmware update which enables the Katana GD-Writer to read GD-ROM disc media while connected directly to a computer.

I did not want to load the firmware update since I do not really know how safe it is.

Any help would be appreciated!

 

Hey, could I see this stuff? If it would be somehow connected to the stuff on my website (www.hacking-cult.org), I could host it there

 

Lostuse: sure it would be cool, to see some crackers info

 

I did a little more research and found that it's a hack from the release group Kalisto.

Here's what I could pull up:

 

any info on where to get this file ??

thanx
Mark

 

I've uploaded the file to the Rare Game Media FTP. ;-)

It's not very big, around 100KB in size...

 

well i checked through my info i gotta make it all nice and postable but i think ive got almost all the work i have when i was spending my time trying to crack the bleemcast retails... unfortunitly i think thats all i have still after a little looking... i spent alot of time working on magic the gathering, the japanesse version but all the info seems to be gone ill just sum up right now what i can remeber exactly(its been like 2 years sense i messed around) magic the gathering was scheduled for a us release but was canceled if you look around through the contents of the cd straight off its got a section for jp cards and us cards. when you go through the hex every single bit of the jp text is followed(if i remeber correctly) by english text, for everything in the game i think except the main menu... now i spent a good weeks messing around with it (nobody else i knew at the time that i talked to about it really cared to waste their time with it other then me), but if i remeber correctly (Sorry i dont seem to have any of my notes or photos anymore) its pretty easy to just go through and change the hex locations to point to the english text instead of the jap text... i cant remeber exactly how much progress i made, it became alot of montomous work going through changing all the damned text, and without any real interest from anyone else i lost motivation... ill post everything i can find after i clean it up and stuff soon but its the weekend and its def party time for me

 

alrighty thanks to some drugs to keep me going, i sat down and wrote up a little summary of my experience messing around with the retail bleemcasts hope it can help someone out. sorry i didnt spell check or really care too much for punctuation or anything.

http://lostuse.hacking-cult.org/bleem.txt
http://lostuse.hacking-cult.org/badsectors1a
http://lostuse.hacking-cult.org/badsectors2a
thanks to drx for hosting it

 

Nice stuff. If you have anything else about others games, please go ahead and post them



PD

 

Out of curiosity, what were you trying to crack? Are you saying that it was impossible to copy a bleem disc? (I don't know much about bleem, i've never seen it).

From your notes, it seems as if the security is similar to the ps2 hdloader disc, only in this case, i think the bad crc data is part of the protection. If you make a forensic copy and tell the ripping software not to check the crc data, you should be able to make a good rip.

 

I thought about this some more.

I'd almost guarantee that the "bad sectors" are the protection scheme. When someone was able to make a perfect copy of the data, all they got was the splash screen. Here's what's going on inside: The program starts (you get the splash screen), it looks for the protection (the bad sectors), when it doesn't find them it exits. You need to copy the bad sectors along with the real data. A forensic disc copy set to ignore the crc will work for this.

The other solution would be to start the program up with a debugger attached to the process. Find the point where the copy protection check goes, then bypass it in assembly code. Hex edit the original executable to always return a good value on the protection.

Solution A is easier, solution B is guaranteed. I won't touch comercially availible programs, but at least i'll give the guidelines on how to do it. Thanks to lostuse, the notes you took pointed out exactly how the protection works.

 

did you burn the gap correctly? the bleemcast iso has 3 tracks (normal toc 0 - 77006 (audio + data mode 2) and a hide track 77007 - xxxxxx (data mode 2) ).
For read the hide track you must use hot swap with other disc and use cdrwin for extrac the sectors.
Make sure to burn the gap correctly for the dreamcast doesn't reboot.
For burn the hide track.... use your brain,and try to complete the first data track with some bad sectors

 

bleemcast the retail dreamcast versions of bleem there isnt anyone who has been able to make a sucessfull backup copy

my original thinking was the same that it would be possible to use copying progs to copy it
i tried pratcitcally every combination of settings on blindread, clone cd, alchohol 120% all i ended up with was a stack of costers lol

 

hrm hot swap? not sure what your describing with that. thinking about it i wonder if the addition of the garbage sector data when making an iso could possiblisbly offset the lba of the last track if the game checked for just the last track to be on the right lba then that could be the solution.

 

actually the jc-bleem boots the whole menu you can go around in it to each of the sections, but you cant actually boot the psx game from it.

 

anyone here know alot about psx game structure i was looking around at a psx game and was wondering other then the obvious name changes what would be need to change a diff game into looking like lets say tekken 3

 

How do you get permission to access the page???

smf

 

the page has been deleted due to various reasons. so you can't get permission to view it, since it doest exists anymore

 

Soooo...would something like a whole bunch of 'Exploder/Codebreaker' code turn the game into English? That would be pretty damn cool. It's still a very hard to find game, though.