Examples of cracked versions of games

[Mike]

Minimon: ???

That is nothing I would need to 'pretend' here.

The tool (software and hardware) exists and the reasons it is (still) not available to the public have clearly been communicated by me.

Interesting, I can remember being unable to copy this back in the day hence taking a look at it. As an aside it was apparently sold by Rabbit software in the UK without licence. http://www.geocities.ws/rmelick/30.htm

Unfortunately, Rick's site requires me to install some unwanted add-on to my web browser which I won't install, so I can't comment on that.

I found the *.tap file on cbm8bit.com - here's a mirrored *.zip archive: nightcrawler.zip.

The 'recipe' I gave should also work with VICMON or HESMON for the time being.

[beamrider]

I did a quick peek with MINIMON at a *.tap file of NightCrawler, and except that it lacks a tape turbo as you mention, it is otherwise a quite nice example. Both parts can be loaded with the L command of MINIMON without the autostart kicking in.

How is the auto-start inhibited? Do you force load at a different location?

..and I'm wondering , if it is possible to save from one memory area but substitute a different load-address to the header so that it loads elsewhere when loading back in.

[Mike]

How is the auto-start inhibited?

The header of the first part is of type 3 and this forces the load address: here, $0300. $0302..$0303 are also written to and when the BASIC interpreter returns to the direct mode prompt, this is vectored over $0302. Control is handled over to a routine at $0351 which got put in the tape buffer with an over-length file name.

Now MINIMON has an own command line prompt, and this prompt is not vectored over $0302. After executing the L command, MINIMON thus simply returns to its prompt. Of course the vector *has* been changed and when I return to BASIC with X, without further preparations, the autostart would still commence.

Do you force load at a different location?

In this case, this was not needed, but there are other autostart techniques (overwriting the vector of CHROUT, for example), which make that necessary.

It is possible to just load the header of the file, analyse it, *change* the forced load address to point to somewhere else, then load the payload to there, and analyse the payload at a safe place. The two calls have been pointed out by carlsson here (link):

On the topic of loading, here are another few calls that are not useful for programming, but for .. eh, getting the most out of tape files, if you see what I mean.

SYS 63407 = Reads from tape until the header of a program is found
SYS 62980 = Reads the rest of the program

It means after the first call, one can modify the contents of the tape buffer to make the program load into another address (prevent auto start etc) and then check what the program does.

I found these calls from a computer magazine in 1990, telling its readers how to hack C64 tapes (or rather, "find hidden messages"). On the C64, the SYSes are 63276 and 62828, so slightly different position than on the VIC.

...

... and I'm wondering , if it is possible to save from one memory area but substitute a different load-address to the header so that it loads elsewhere when loading back in.

You can force the load address on tape, but AFAIK the code needs to be saved from that place already. In most cases you should be able to put the data at the place, do the save, and if necessary, restore the original data.

With disk, it is rather easy to write a PRG file with an arbitrary load address: just do an OPEN "...,P,W" and write the first two bytes as you want. Perhaps a two-step procedure akin to the two SYSes above could do the same for tape (i.e. writing a manipulated header), but that is something I did not investigate thus far.

[Miklós]

Hi there.

Which is a real crack for me too:

I think akro happened when the ROM CRT games they started reading and archiving their content.

I have original AVENGER and POKER hardware.
- I don't know what to do with it.
but the .crt found in my archive - I can modify it if I make .prg (.d64)
and RAM $ A000- I charge, or where I need $ 6000, $ 2000
(lives, PAL / NTSC setup)

---------------
ACE Air Combat Emulator (Cassade)

In 1987, I was lucky enough to meet him, with a real original cassette version.
-He was with me for a day, then I had to give it back.
-Then I didn't know what to do with it.

It was still a challenge for me.
-.tap file ,-autostart, -fast loader -Pal setting

another version I found is already packaged and refuses to work with a 16k RAM setting only bigger.
The original game runs on 8k RAM.

The first CRACK version runs on 16k RAM.
--the main problem was that I couldn't find a perfect departure address, therefore, color RAM also had to be reproduced. This is also extra data.
-a prg. 8k just needed space for the intro and setup (NTSC).

-2. It now goes on 8k RAM because it has become smaller with its "own" seal and can fit under $ 4000.
This is the maximum I could get out of the NTSC setting.

----------
GRANDMASTER (kingsoft) chess

In 1987, there was a turbocharged copy I played with.
-I loved this program. It’s nicely crafted, and its play is “strong” for me.
The media casette is lost.
But the memories? '!!!
-I was glad to find it in the archive.
- the .d64 copy starts, just refuses to move.
-.tap file, autostart, PAL ..
- if I copy and do .d64, it refuses to move.
-If I reset the $ 0300- $ 0340 area then everything is fine.
+ NTSC center