alex-free
commented
6 months ago Hi alex-free, thanks for the amazing tool!
I found a game with protection not detected in the bin image by aprip. beatmania - Append Club Mix SLPM-86692 (NTSC-J)
This is one of the Konami music games that usually requires disc swapping, but I modified the bin to be 'noswap' by booting APPEND.EXE directly from SYSTEM.CNF which works for some other games in the series.
With this modification I was able to generate game shark codes from the dump with aprip.
Got APv2 Fake PAL BIOS bypass (By Alex Free & MottZilla) starting at offset: 0x001BFC18 D01BFC26 1062 801BFC26 1800 Got APv2 Fake VC0 Bypass starting at offset: 0x001C1080 D01C10B0 001E 801C10B0 0000For now, I'm not sure if applying the modification will change the offsets.
I wanted to share this information with you incase it could help you to add detection for this game in aprip.
Here is the RAM dump: beatmania club mix protection dump.zip
Here is an xdelta patch to apply the no swap modification: beatmania club mix noswap patch.zip It should work with the redump image.
When I was looking around for a patch or other information about the protection in this game, I found this thread where they attempting to detect all games with protection and this game was not detected in that case also. http://forum.redump.org/post/52530/#p52530 Maybe it has some unusual obfuscation?
Hope this helps. Thanks again for your great tools!
This is very interesting, because I can 'swap the EXE' used when detecting this SYSTEM.CNF/boot exe combination from Tonyhax International on booting this game (and then enable these codes in the built-in anti-piracy bypass system for this specific game).
For USA consoles these codes could be turned on for a game that can boot this via the disc swap feature, and when it is eventually booted via the disc change it would work to bypass the anti-piracy. The problem is the disc swap feature doesn't work like normal for Japanese consoles. It still can work if you do a swap trick during the disc swap feature, but that is dangerous and can damage the drive. For Japanese consoles I want to implement a software workaround for such games, which this method does indeed provide in a way.
You mention there are other games in the series this exe swap applies to, do you know which ones work the same way?
If I recall correctly this series uses obsfucation (compressed or encrypted the code) so it is only visiable/patchable with gameshark codes (as the code is decompressed/decrypted at run time and still vulnerable to aprip bypasses) which you proved with your ram dump gameshark code generation.
Thanks
mdmdj
Hi alex-free, thanks for the amazing tool!
I found a game with protection not detected in the bin image by aprip. beatmania - Append Club Mix SLPM-86692 (NTSC-J)
This is one of the Konami music games that usually requires disc swapping, but I modified the bin to be 'noswap' by booting APPEND.EXE directly from SYSTEM.CNF which works for some other games in the series.
With this modification I was able to generate game shark codes from the dump with aprip.
For now, I'm not sure if applying the modification will change the offsets.
I wanted to share this information with you incase it could help you to add detection for this game in aprip.
Here is the RAM dump: beatmania club mix protection dump.zip
Here is an xdelta patch to apply the no swap modification: beatmania club mix noswap patch.zip It should work with the redump image.
When I was looking around for a patch or other information about the protection in this game, I found this thread where they attempting to detect all games with protection and this game was not detected in that case also. http://forum.redump.org/post/52530/#p52530 Maybe it has some unusual obfuscation?
Hope this helps. Thanks again for your great tools!