/------------------------------HellSpawn 2K1-----------------------\
| 	Author: 		KahnAbyss	|
| 	Target: 		Frogger 3D 2	|
| 	Tools: 		SoftIce 4.05    	|
|			Hiew 6.04	|
|			Any Prog Soft	|
|			I'll use Visual Basic	|
| 	Crack Type: 	CdCheck		|
|	Level:		Novice		|
\-----------------------------------------------------------------------------/

Part 5a: Frogger 3D 2
=================

Step 1:	Make a backup of the file Frogger2.exe to Frogger2.ori
	open it with W32Dasm then click on Imported Functions 
	then select the function KERNEL32.GetDriveTypeA you 
	should land here:

	* Reference To: KERNEL32.GetDriveTypeA, Ord:0104h

	:0043D039 FF15B0F04600	Call dword ptr [0046F0B0]	<== Call GetDriveTypeA
	:0043D03F 83F805               	cmp eax, 00000005		<== check if its a cdrom
	:0043D042 7553                    	jne 0043D097		<== check what is it
	:0043D044 6A00                   	push 00000000

	Press Ctrl-D to enter softice and type bpx GetDriveTypeA
	Run frogger2.exe softice should pop up. This function 
	gonna be called for every drive you have so press F5 
	till you get the last drive then F10 to track down till your
	here:
	
	:0043D08E 1BC0 		sbb eax, eax
	:0043D090 83D8FF           	sbb eax, FFFFFFFF
	:0043D093 85C0                    	test eax, eax		<== Test if its the good cd
	:0043D095 743A                    	je 0043D0D1		<== We have to patch here
	:0043D097 803F00               	cmp byte ptr [edi], 00
	:0043D09A 7408                    	je 0043D0A4
	:0043D09C 4D                      	dec ebp

	Stop on the line 43D095 change the zero flag to test if its the good jump
	so type r fl z and F5 to resume the execution wow it works!!:)

Step 2:	Open Frogger2.exe with Hiew press F4 and select Decode Mode
	press F5 and type 3d095 change 74 (JE) for 75 (JNE)
	Its gonna works fine without the cd but if you insert the cd its
	says enter the cdrom well the better way here is to force it to jump
	so repalce 74 (JE) for EB (JMP) and it works with the cd and without it

Step 3:	Run the game...

Part 5b: Crack sources in Visual Basic
==============================
Just copy paiste this code into a form and add a command button
if you wonder why here we patch 4 offset its because Vbshit adds a "h00"
at the end of every put so its modify the function at :0043D097 and
make the game crash so I patched it till I got the 1st 00 

Private Sub Command1_Click()
If Dir(App.Path & "\frogger2.exe") = "" Then             	'Verify if crack is in good dir
    MsgBox "Please copy the crack in game directory", _
    vbOKOnly, "Frogger 2 Crack"
    Exit Sub
Else
    FileNo = FreeFile
    Open App.Path & "\frogger2.exe" For Binary As #FileNo 	'Open file
    If LOF(FileNo) <> 585728 Then                         		'Verify file size
        MsgBox "Wrong File Size", vbOKOnly, "Frogger 2 Crack"
        Exit Sub
    Else
        Position = &H3D095 + 1                   		'Set offset to be patched
        Seek #FileNo, Position                           		'Go to the offset
        Input #FileNo, OffSetChk                         		'Put offset in OffSetChk
        If Asc(Left(OffSetChk, 1)) <> &H74 Then          	'Verify if char is good
            MsgBox "Crc Error", vbOKOnly, "Frogger 2 Crack"
            Exit Sub
        Else
            Put #FileNo, Position, &HEB                  		'Patch 1st offset
            Put #FileNo, Position + 1, &H3A              		'Patch 2nd offset
            Put #FileNo, Position + 2, &H80              		'Patch 3rd offset
            Put #FileNo, Position + 3, &H3F              		'Patch 4th offset
        End If
    End If
    Close #FileNo
    MsgBox "Frogger 2 Successfully Cracked!", vbOKOnly, _
    "Frogger 2 Crack"
End If
End Sub