Diaperboy

Bruce Lee 1984 Datasoft. Cracking this title was quite a challenge for me. I was rather surprised at just how robust the copy protection on this disk was. The main thing that threw a monkey wrench into my plans was the encryption on this disk. It was a strange sort that I’ve never dealt with before. I was never REALLY able to figure it out, but I could modify a few bytes by brute force. The only problem with that attack is that if you modify 1 character, it changes the way the next couple of characters decrypt. The code almost seems to “unravel” like pulling a loose string on a sweater. The second problem with this disk is that some of the sectors seemed to be “double encrypted”. The “double encrypted” section required me to brute force the modifications TWICE! Using Altirra emulator, I used breakpoints to brute force the code AFTER the 1st decryption but BEFORE the 2nd decryption. Once I figured out the 2nd layer encrypted code, I changed the breakpoints so I could brute force the 1st layer encrypted code so it would decrypt to match the 2nd layer encrypted code. All this so the protection routine can do its double decryption with my modifications (and all other code) intact. I actually decrypted the first 3 disk sectors and left them that way, but I didn’t want to do that to the rest of the disk. I wanted the crack to be able to fit into a Chipmunk Plus! patch. The copy protection also checks its own data, in memory and by reading the first 3 sectors a second time to verify the data. This posed a problem, as my decryption and my modifications would be detected. I got around this by storing untouched sector images of the first 3 sectors on sectors 4-6. The copy protection routine now reads the untouched images for data verification. Anyway…here is an .atx copy (with copy protection intact) and an .atr copy (cracked) of Bruce Lee. This also contains my notes if anybody is interested. This crack will also be released on my next update of Chipmunk Plus! Bruce Lee.zip

In my various searches of the internet, I couldn’t help but notice there are many Atari titles that have unfortunately vanished. They are still available in various cracked forms, but finding an unaltered .atx version with copy protection intact can be difficult. Many thanks to the Atari 8-bit Software Preservation Initiative and all the others who have managed to find and preserve all this great Atari 8 bit software. I have a couple of titles to offer for consideration to be “preserved”, which I have been unable to find anywhere in an unaltered form with copy protection intact. Drol (1983)(Broderbund)(US)(Color Version) Drol (1983)(Broderbund)(US)(Black and White Version) Both versions of this game have nice .atx disk images with COPY PROTECTION INTACT. However these are not exactly what they appear to be. These are 2016 REPRODUCTIONS that I have created myself. These images load, look and sound like an authentic Broderbund disk. These images have authentic copy protection, including Duplicate Sectors and Bad Sectors on Track #5 (Typical of Broderbund copy protection). The copy protection functions EXACTLY in the manner that it should, including a subroutine that checks if you are running a “Happy Drive”. The game data is encrypted (just like an authentic Broderbund disk). The titles “crack” in the exact same way as an authentic Broderbund disk. NO these are not “true” disk images but they look, sound, load, etc. the same as a “true” image. If an authentic image is unavailable a good reproduction could “fill the gap”. They were actually made from a composite of SEVERAL clean cracks and some authentic disk images. Using several different versions (instead of just 1) gave me the ability to check the data for modifications. I usually crack Atari software but that gives me an advantage of knowing how certain software companies protect their software. Because I have studied Broderbund copy protection, I know how it functions and what should or shouldn’t be there. The game data for the Drol color version actually had to be re-encrypted. I COULD have used the unencrypted version and just skipped the decryption routine (who would know?) BUT! an authentic Broderbund title DOES NOT FUNCTION LIKE THAT, so neither do my reproductions. (Using Altirra Emulator) I actually used the Broderbund copy protection routine ITSELF to do the data encryption, so I’m quite certain it has been correctly encrypted (so it can be decrypted each time the disk is loaded). This Release Contains: 1 .atx “Original” image of each version with copy protection intact 1 .atr Unmodified backup of each version (won’t boot but shows copy protection at work) 1 .atr Cracked backup version of each title I hope everybody enjoys this and I hope this can be a small contribution to “preserving” Atari Software for the ages! Drol (1983)(Broderbund)(US) - 2016 Reproduction.zip

P.S. How did you guys like my art and fake floppy disks? I'd like to see those floppies in reality and not just photoshop.

Patch for Gauntlet & Guantlet Deeper Dungeons done! I will release as part of the next update. I wasn't planning on tackling Gauntlet just yet...but your message prompted me to take another swing at it. Gauntlet has a special place in my heart...I owned a "happy copy" of Gauntlet when it was new. I tried and tried and tried to crack that game without success for YEARS! My ex-wife got rid of my Atari around 2001 (bitch!) NOT cracking Gauntlet has "burned my ass" for nearly 30 YEARS! It's not like I sat up awake at night thinking about it...but every now and then I'd think about it...remember it sitting there uncracked, seemingly mocking me...BASTARD! I'll get you my friend! Just wait and see! Rah Haa Haa Haa! (snort) Bwah Haa Haa! Anyways...AT LAST Guantlet is cracked and just for good measure I cracked his brother Guantlet Deeper Dungeons too. Interestingly enough the crack of Gauntlet Deeper Dungeons works so well it allows a non-working (uncracked) copy of Gauntlet to boot. I believe there were 2 versions of Gauntlet Deeper Dungeons released for Atari. The version I just cracked is used like a "boot disk" for Gauntlet in order to access the Deeper Dungeon levels. The copy protection was comparable to Gauntlet itself in structure. The copy protection runs once at the begining. The version I remember (and did crack in the early 90's) was not used like a "boot disk" for Gauntlet. Instead it was used in place of SIDE 2 of the Gauntlet disk. It had a much different and simpler copy protection than Gauntlet (just 1 CRC error IIRC). The copy protection ran EVERY TIME a level was loaded. Ahead for a future update of Chipmunk Plus! will be to fix the "goto" feature. It seems that I have broken that function somehow? I also plan to update the spreadsheet to have more columns for use as a mini database for Atari software. At the very least have space for the full name, software company, and year of each title. I WANT YOUR INPUT GUYS! Let me know if you have any requests (software cracks, Chipmunk Plus! features, etc.) Let me know if you have any comments (cool, but I think it would be better if you...) Let me know if you have any complaints (I really can't believe you didn't include...) I love doing this, but your input helps me do a better job! I hope everybody enjoys this release. Hear from you soon!

CHIPMUNK PLUS! 1.61D.025 HAS BEEN RELEASED! Check out the Atari 8-bit Computers forum if you have any interest. I would LOVE to see certain people who crack software release their own Chipmunk Plus! version containing their own cracks. It's pretty easy to do with my new Chipmunk Plus! release. Check it out!!

NEW RELEASE: CHIPMUNK PLUS! 1.61D.025 This is based on Chipmunk 3.04 and earlier Chipmunk versions. This release contains ONLY my patches (parameters) so for now selection is limited. (only 25 patches) I plan to continue updating this as often as possible. THIS VERSION HAS THE ABILITY FOR USERS TO EASILY CREATE THEIR OWN CHIPMUNK PATCHES. CHIPMUNK PLUS! has many new features added: The ability for a user to create patches. This is meant for more advanced users who have the skills to modify (crack) software. A Chipmunk patch can easily be created from the modified disk. The ability to REMOVE patch sectors from the Chipmunk disk. The ability to test patches BEFORE use. This allows a user who has created a patch to make sure all the data contained in the patch will function correctly. The ability to SAVE your changes to the Chipmunk main program file. Numerous checks to ensure the correct disk is being read and written to. On-the-fly checks to not allow damage to the Chipmunk disk. On-the-fly checks for patches with bad data (will either not allow a bad patch or will NOT CRASH because of a bad patch) An Excel spreadsheet. This spreadsheet is used for creating new patches. The spreadsheet maps the remaining sectors on the Chipmunk disk, and assists in error checking the patch data. The spreadsheet generates Atari 8 bit basic “Data Statements” which are used by Chipmunk to store patch information. Using Altirra emulator, the Data Statements from the spreadsheet can be easily copy / pasted to the Chipmunk main program. This release contains: 1 CHIPMUNK PLUS! disk (image) with patches included. Contains SIDE 1 and SIDE 2 (more space to hold patches) 1 CHIPMUNK PLUS! disk (image) empty without patches. Contains SIDE 1 and SIDE 2 (more space available to hold patches) 1 Excel spreadsheet with patch data. (Has a separate page for each disk side) 1 Excel spreadsheet empty without data (Has a separate page for each disk side) 1 TRUE-BLANK disk (image) This disk is artificially blank EVERY SECTOR is completely EMPTY (for use with CHIPMUNK PLUS! patch creator) 1 CHIPMUNK PLUS! PDF instruction manual 1 PDF list of software title patches contained in this release Artwork CHIPMUNK PLUS! SOFTWARE VERSION NUMBER “1.61” - Refers to the actual software version. “D” - Refers to the SERIES of patches (D for Diaperboy!) This automatically becomes “E” (E for Empty) if there are no patches. “025” - Refers to the number of patches contained in Chipmunk Plus! (This is automatically updated) If you wish to distribute copies of CHIPMUNK PLUS! with your own patches, please feel free to do so. All that I ask is PLEASE use a different SERIES letter to reflect that these are your patches and not mine. The version and series data is located on sector 363. This can be modified with a sector editor. If you have the skills to modify (crack) software, you have the skills to change the series letter. All patches (parameters) contained in this software are “straight up” cracks…meaning no crack intro screens or anything like that. All patches modify the disk so that it looks, sounds, and boots as close to an unmodified original disk as possible. This INCLUDES the Electronic Arts loading screens. All patches have been tested using Altirra 2.80. CHIPMUNK PLUS! 1.61D.025 PATCH LIST Software Title: Software Company: Seven cities of gold (1st edition - black disk) Electronic Arts Seven cities of gold (2nd edition - grey disk) Electronic Arts Age of Adventure - Ali Baba and the fourty thieves Electronic Arts Archon Electronic Arts Archon II - Adept Electronic Arts Axis Assassin Electronic Arts D-Bug Electronic Arts Financial Cookbook Electronic Arts Hard Hat Mack Electronic Arts Lords of Conquest Electronic Arts M.U.L.E. Electronic Arts Mail Order Monsters Electronic Arts Murder on the Zinderneuf (XL,XE OS) Electronic Arts Music Construction Set Electronic Arts One-On-One Electronic Arts The Pharoah's Curse Synapse Pinball Construction Set Electronic Arts Racing Destruction Set Electronic Arts Realm of Impossibility Electronic Arts Age of Adventure - Return of Hercules Electronic Arts Super Boulderdash Electronic Arts Touchdown Football Electronic Arts Word Flyer Electronic Arts Worms? (XL,XE OS) Electronic Arts Zorro Datasoft I have spent many hours testing this software to make sure it runs correctly...however...there may be bugs that I am unaware of. If any bugs are found please let me know. I hope that some people find this software useful. I would really enjoy seeing others release versions with their own patches (parameters). Whew! now that I've released this, I can return to modifying (cracking) more Atari software! CHIPMUNK PLUS! - 1.61D.025.zip

My next release is complete! CHIPMUNK PLUS lives! It still requires a bit more testing...but I spent 3 straight hours TRYING my hardest to "trip it up" and get it to crash or act in unexpected ways (couldn't trip it up) To the average user of Chipmunk, there are no real improvements other than a bit of a face-lift. For more advanced users (people who crack / modify software) there are several new features. The main new feature is the ability to work in "reverse mode". This allows the creation of new patches by READING from the destination disk (cracked software) and writing to the Chipmunk disk. (normally it reads from the Chipmunk disk and writes to the destination disk). There is also a "test mode" used to verify if the patch sectors on the Chipmunk disk exist or not (hmmm... Did I copy those sectors or not) The Excel spreadsheet that comes with it (for a PC) maps the usable sectors on the Chipmunk disk and generates the Atari 8 bit (basic) DATA Statements. Using Altirra emulator, it is a simple COPY / PASTE from the spreadsheet to Chipmunk. There is a built in save feature to save Chipmunk and the newly added DATA Statements. There are several "dummy check" features included to ensure the correct disk is being read. Soon to come!

Does anybody know where I might locate an .atx (unaltered with copy protection intact) copy of Movie Maker, Cut & Paste, and / or any other EA titles that I have not cracked? I kind of feel bad not cracking EVERY EA title possible. I want a complete series! Lol!

To The Doctor, Thanks for the compliment. I always try to crack copy protection the way it SHOULD (or SHOULD HAVE) been done. I want it to look, sound, and boot as close as possible to an unaltered original copy. My NEXT project is not a crack itself, but a cracking program. I'm working on a custom version of Chipmunk (disk patcher / cracker). My custom Chipmunk will work like the original, but will also work in "backwards" mode to write (create) a patch to the Chipmunk disk. This will allow somebody who cracks copy protections to create their own Chipmunk disk without too much effort. The "package" is meant to be run on a PC using Altirra emulator. It will come with an Excel spreadsheet. The spreadsheet is used to map the (usable) sectors on the Chipmunk disk. Data is entered into the spreadsheet for each title (Name / how many sectors used / which sector #s read from Chipmunk / which sector #s written to destination disk ). The spreadsheet uses this data to generate Atari basic Data statements (which are used by Chipmunk). These Data statements can be COPY / PASTED directly into Altirra emulator.

Here is my (Second) release of EA Super-Tracks copy protected titles. This will be my final release of these titles unless someone points out some flaws. These cracks work on the same principal by re-directing the sectors that get read during the double sector check. On the previous versions when the double sector was checked, the read was re-directed to another sector that contained the CORRECT sector image. This version still re-directs the double sector reads, but it does not use re-mapped sector images. This crack takes advantage of the fact that this copy protection checks double sectors in 2 different ways. The 1ST part of the check consists of checking if the 2 reads of the double sector match. The data itself is not important. It ONLY checks for match or no match (it will not continue if it finds a match). The 2ND part of the check consists of taking 1 byte from each sector read and storing it in memory starting at location $03C0 (32 bytes total). After ALL the double sectors have been read the data starting at memory location $03C0 gets verified. Because the copy protection is NOT reading the correct sectors during the double sector checks the data starting at memory location will be incorrect. This crack "patches" the correct data into memory BEFORE it can be verified by the copy protection, thus defeating the 2ND part of the double sector check. The advantage of using this method is a faster load time during the double sector checks. Another advantage of this method is a much smaller footprint. The previous versions relied on using empty sectors to store re-mapped double sector images. This version modifies 9-11 sectors (and does not need empty sectors) unlike the previous versions that modified 23-25 sectors in order to work correctly. The titles included are: Age of Adventure - Ali Baba and the Fourty Thieves Age of Adventure - Return of Hercules Archon II Lords of Conquest Mail Order Monsters One-On-One Racing Destruction Set Realm of Impossibility Seven Cities of Gold (Second edition - Grey disk) Super Boulderdash Touchdown football This release includes: Copy protected .atx versions Cracked .atr versions All my notes detailing each crack. There is ALL the info and code needed to crack these titles for yourselves. Hopefully SOMEBODY will find the notes interesting. Enjoy! EA Super-Tracks copy protected titles V2.zip

Well...implementing my other crack method for the EA Super-Tracks copy protected titles has proved to be quite difficult. The code for the crack was not the most difficult part. The most difficult part was finding a memory location for the extra subroutines to "live". I didn't realise how complete the unused memory wiping routines in EA copy protected titles was. My first idea was to alter the STA statement(s) which do the wiping...this does not work because the STA statements are a critical part of the routine and are used countless times for other purposes. I think I have found a safe place for the data to "live". I only needed an additional 32 byte (continuous) memory block. These 32 bytes get copied to memory starting at location $03C0. This replaces the (incorrect) values written to this location when the incorrect sectors are read during the 2nd double sector check. The previous cracked titles I released wrote the correct values starting at memory location $03C0 because the correct (but re-mapped) sectors got read during the second double sector check.

Glad to hear the EA Super-Tracks titles work on genuine hardware I'm not sure if it would be a drive RPM issue that would make EA titles not load correctly using an ATR8000 (I've never actually seen an ATR8000 in person, I'll have to look that up on the net) Back in the 80's I had a RanaData 1000 drive which ran at 288 RPM. After that drive crapped out, I got an Atari XF551 drive which ran at 300 RPM. Both drives were able to boot the few Original (store bought) EA games that I had. Lol! Hard to believe that I can remember the correct RPMs off the top of my head, as I have not even seen any Atari 8 bit hardware for at least 20 years. I used to lower the RPM on the RanaData drive to write bad sectors. This worked on very few games, but several games from Activision were able to be copied using this method.

P.S. My notes on each title is also included. This has ALL the needed code and re-mapping charts to crack these titles for yourselves. Hope everybody enjoys!

Here is my (First) release of EA Super-Tracks copy protected titles. These games retain the original EA loading screen and perform all the same checks as an unaltered disk. This release uses re-mapped double sector images during the double sector checks. This is good because all data is preserved...however the problem of this method is the size. This crack requires 17 double sectors to be re-mapped as well as 3 boot sectors (20 free sectors total needed on each disk). A "patch" created for Chipmunk (or another patching program) would be HUGE (23 or more sectors for each patch). The other drawback to using this method is reduced loading time during double sector checks (because of jumping from track to track). Each title has been tested using Altirra emulator and each title is able to reach game-play. Each title has an "easter egg" mode during boot to alter the look of the loading screen. Hold down START / SELECT / OPTION (or any combination of) during load, before the screen changes color to activate this feature. There are 7 variations, depending on which button or combination is held. The titles included are: Age of Adventure - Ali Baba and the Fourty Thieves Archon II Lords of Conquest Mail Order Monsters One-On-One Racing Destruction Set Realm of Impossibility Seven Cities of Gold (Second edition - Grey disk) Super Boulderdash Touchdown football I think these are all the titles in this copy protection series. The only exceptions being Movie Maker (I don't have a copy to work on ) and Age of Adventure - Return of Hercules (This title can't be cracked using the same method used on the other titles because there is not enough free sectors) This release contains copy protected .atx versions and cracked .atr versions of each title. I did not include a cracked .atx version with random sector skew because sector skew alignment is not used by this copy protection. These titles SHOULD be able to be written to a floppy and booted on genuine Atari hardware. I will likely make a SECOND release of these titles using a slightly different crack which does not require re-mapping of double sectors...I did a "proof of concept" crack using this method and it works...and also loads a bit faster because of not jumping to other tracks to read re-mapped sectors. I hope everybody enjoys this release and I hope it works on genuine hardware (fingers crossed) EA Super-Tracks copy protected titles.zip

OOOH! I think I have found a better (or more accurately smaller) method for defeating the EA super-tracks copy protection. It's kind of a shame that I figured this out with only 1 title left to crack . My cracks of EA super-tracks copy protected titles required re-mapping ALL the double sectors to another location on the disk as well as re-mapping 3 of the boot sectors. This new method will not require re-mapping double sectors at all. It was actually the last title in the series Age of Adventure - (Side B) - Return of Hercules that was giving me problems...and made me have to get more creative with this crack. There just is not enough free sectors on the disk to re-map 3 boot sectors and 17 double sectors. There might be some dummy data somewhere sectors of that disk, but it's hard to say FOR SURE if a sector gets used or not unless you complete the game. I will post what work I have completed on the EA super-tracks protected titles shortly. These will be the versions with complete re-mapping of the double sectors. I will likely skip releasing Return of Hercules until I clean up the code and get everything figured out.