Introduction: The original CD has a hidden folder named 'Laserlock', this folder contains several large files and one of them cannot be read therefore you cannot copy the CD without extreme dificulty and wasting many CDs trying to do so. We are going to look at cracking the CD-check on the patch file v1.02e (English Uk version) so download it from the official site http://www.interplay.com or wherever you can find it. The strange thing about this patch is that you can recopy the CD, missing out the Laserlock folder, and use the new patch file to play the game with the copied CD in the drive. It doesn't check the copy protection part of the CD properly, it just checks to see if you have a CD in with the relevant data on it and that the CD is named Fallout2 - so half the job is already done for us by the developers - thanks guys. This is an excellent rpg. I don't normally play these type of games but this one really had me hooked even though there are a lot of people that really didn't like the game when it came out - mailny because of the bugs and crashes but these have been fixed with the patch file (well I had no more problems with it anyway). Personally, I think it's the game is really rather good !!Tools needed: Sotfice, WDASM & a hex editor |
The CrackOk then, first of do a full installation (A humungous 600MB+) copy the new fallout2.exe and the patch000.dat file into your folder. Now copy the remaining music files that were not copied by the installation from the \data\sound\music\folder into the corresponding folder on your HD. The files being Alarm1.acm and Alarm2.acm. Edit the Fallout2.cfg file and make sure that music_path1 and music_path2 are pointing to the correct location on your HD. Notice a few lines further down that there is a reference to a file pointinmg to your CD drive?............mine is F:\cdlock.dat..........This is the copy protection part, just ignore it. Now try running the game. 'ERROR - Running Fallout2 requires the CD'. You must be kidding - after a massive installation like that?? We'll sharp fix that then wont we? |
Load
the fallout2.exe into wdasm and wait a while......and don't forget to save
the disassembled file. Let's try searching for the file mentioned in the
CFG file, 'cdlock.dat'. We find it on line 90865 and here is the surrouding
code commented for you to study, it may look like a lot but stick with it
and you'll see what's going on. Try setting a breakpoint at 44264C then
check out each step when you're brought back into softice. |
* Possible StringData Ref from Data Obj ->"cdlock.dat"
------> here's our filename (used in the copy protection) * Possible StringData Ref from Data Obj ->"master.dat"
-->large game data file * Possible StringData Ref from Data Obj ->"Fallout2"
--> Volume label of CD * Possible StringData Ref from Data Obj ->"critter.dat"
---> large game data file * Possible StringData Ref from Data Obj ->"Fallout2"
--> Volume label of CD * Referenced by a (U)nconditional or (C)onditional
Jump at Addresses: * Referenced by a (U)nconditional or (C)onditional
Jump at Address: * Possible StringData Ref from Data Obj ->"Failed
on message_init" * Possible StringData Ref from
Data Obj ->"Running Fallout 2 requires the CD!" ------->
Our error message.
|
We can crack this 3 ways: [1] At 442680 and
44269F we can force eax to
=1, or Either method works fine. So lets try it out. :00442680 40 inc eax
-----------------------------------> Add 1 to eax to make it =1 :0044269F 40 inc eax ---------------------------------->
Add 1 to eax value to make it =1
Method 2: :00442651 E9D2000000 jmp 00442728 -----------> Jump stright to the start of the game without doing any checks/tests.
|
Now to apply the crack and change the
bytes in the file make a note of the offsets of the code you want to change
from within wdasm. |
|