|
|
|
IDENTIFICATION SERVEUR : 10.0.97.65 - CLIENT : 54.156.58.187 |
|
| Voir le sujet précédent :: Voir le sujet suivant |
| Auteur |
Message |
toinet
Site Admin
Inscrit le: 15 Juin 2007
Messages: 2886
Localisation: Le Chesnay, France
|
 Posté le: Jeu 19 Mai 2016, 20:47 Sujet du message: Delta drawing II Plus 2.0 (Spinnaker, 1982) |
 |
|
#870 - Another software from Spinnaker. Here, you can draw a picture with commands. I guess you'll benefit from the title if and only if you own the manual.
Disk structure
It seems to be a standard DOS 3.3 16-sec floppy disk. All tracks are readable.
What is weird is that the last epilog marker of the data field is #$20 (an authorized value because of the number of consecutive zeros). That rang my bell: see Spellicopter from Designware at http://www.hackzapple.com/phpBB2/viewtopic.php?t=1120
It seems there is some data on track $23.
The interleaving (sector order) is different from the DOS 3.3 one. How do we know? Because we read T0/S0 and at offset $4D we have the list of the 16 sector index, it does not match the one for DOS 3.3.
How to copy
I'll directly include my notes
| Code: |
Interleaving is different
00 05 0A 0F 04 09 0E 03
08 0D 02 07 0C 01 06 0B
So, to copy, we must use the original values to ensure the sectors are read in the right order
Launch Advanced Demuffin 1.4
Enter the monitor
BFB8: 00 05 0A 0F 04 09 0E 03
BFC0: 08 0D 02 07 0C 01 06 0B
Press ctrl-Y to return to the program
Copy the entire disk
|
How to crack
I'll also include my notes:
| Code: |
We have to set the standard values
00 0D 0B 09 07 05 03 01
0E 0C 0A 08 06 04 02 0F
With the interleaving table changed, at:
T0/S0/4D
T0/S9/B8
T4/S4/B8
The epilog markers are non-standard, let's correct them
T0/S2/A8: 20 -> EB
T0/S3/2F: BD 8C -> 18 60
T0/S5/64: A5 1E -> A9 7E (read)
|
Note that the disk runs fine on 8-bit machines, not on the Apple IIgs due to the Forth interpreter, I'll keep that for another study
The disk image is available at http://www.brutaldeluxe.fr/crack/
Reboot and... enjoy,
LoGo
5/2016
Derničre édition par toinet le Ven 20 Mai 2016, 14:46; édité 2 fois |
|
| Revenir en haut de page |
|
 |
toinet
Site Admin
Inscrit le: 15 Juin 2007
Messages: 2886
Localisation: Le Chesnay, France
|
| Posté le: Ven 20 Mai 2016, 12:47 Sujet du message: |
|
|
The version is now compatible with the Apple IIgs. I've added some code in the $B6xx area to handle the two cases for which the program would not run on 16-bit machines.
| Code: |
How to handle case 1: LDA/ORA address, increment X twice. If LDA/ORA is zero set carry, otherwise clear carry.
00C0:BD 00 00 LDA $0000,X
00C3:1D 01 00 ORA $0001,X
00C6:D0 04 BNE $00CC
00C8:E8 INX
00C9:E8 INX
00CA:38 SEC
00CB:60 RTS
00CC:E8 INX
00CD:E8 INX
00CE:18 CLC
00CF:60 RTS
...
How to handle case 2: increment X twice, store, decrement twice.
00E8:E8 INX
00E9:E8 INX
00EA:86 1B STX $1B
00EC:CA DEX
00ED:CA DEX
00EE:60 RTS
|
|
|
| Revenir en haut de page |
|
|
toinet
Site Admin
Inscrit le: 15 Juin 2007
Messages: 2886
Localisation: Le Chesnay, France
|
| Posté le: Ven 20 Mai 2016, 12:49 Sujet du message: |
|
|
Here are the two cases that we meet in three places in the code (on disk, follow the star)
| Code: |
*\FFFE\<800.9FFFP
00/08AC:
00/095E:
00/530B:
* Case 1: T0/SD
00/08A9: E8 INX
00/08AA: E8 INX
00/08AB: BD FE FF LDA FFFE,X
00/08AE: 1D FF FF ORA FFFF,X
00/08B1: D0 03 BNE 08B6 ;+03=
00/08B3: 4C 8A 08 JMP 088A
00/08B6: 18 CLC
00/08B7: A5 16 LDA 16
00/08B9: 69 02 ADC #02
00/08BB: 85 16 STA 16
00/08BD: 90 02 BCC 08C1 ;+02=
00/08BF: E6 17 INC 17
00/08C1: 4C 28 08 JMP 0828
00/08C4: A4 28 LDY 28
00/08C6: 44 4F A9 MVP A94F
00/08C9: 9D 08 CD STA CD08,X
00/08CC: 08 PHP
00/08CD: B5 03 LDA 03,X
00/08CF: 48 PHA
00/08D0: B5 02 LDA 02,X
* Case 2: T0/SE
00/0954: E8 INX
00/0955: E8 INX
00/0956: 86 1B STX 1B
00/0958: BD FF FF LDA FFFF,X
00/095B: 48 PHA
00/095C: 48 PHA
00/095D: BD FE FF LDA FFFE,X
00/0960: BA TSX
00/0961: 18 CLC
00/0962: 7D 03 01 ADC 0103,X
00/0965: 9D 03 01 STA 0103,X
00/0968: 68 PLA
00/0969: 7D 04 01 ADC 0104,X
00/096C: 9D 04 01 STA 0104,X
00/096F: 68 PLA
00/0970: 10 2C BPL 099E ;+2C=
00/0972: 38 SEC
00/0973: BD 03 01 LDA 0103,X
00/0976: FD 05 01 SBC 0105,X
00/0979: BD 04 01 LDA 0104,X
* Case 2: T5/S8
00/5302: E8 INX
00/5303: E8 INX
00/5304: 86 1B STX 1B
00/5306: BD FF FF LDA FFFF,X
00/5309: 48 PHA
00/530A: BD FE FF LDA FFFE,X
00/530D: BA TSX
00/530E: 18 CLC
00/530F: 7D 02 01 ADC 0102,X
00/5312: 9D 02 01 STA 0102,X
00/5315: 68 PLA
00/5316: 7D 03 01 ADC 0103,X
00/5319: 9D 03 01 STA 0103,X
00/531C: DD 05 01 CMP 0105,X
00/531F: 90 20 BCC 5341 ;+20=
00/5321: D0 0A BNE 532D ;+0A=
00/5323: BD 02 01 LDA 0102,X
00/5326: DD 04 01 CMP 0104,X
00/5329: 90 16 BCC 5341 ;+16=
00/532B: F0 14 BEQ 5341 ;+14=
*
|
|
|
| Revenir en haut de page |
|
|
toinet
Site Admin
Inscrit le: 15 Juin 2007
Messages: 2886
Localisation: Le Chesnay, France
|
| Posté le: Ven 20 Mai 2016, 12:52 Sujet du message: |
|
|
For case 1, this is the new code:
| Code: |
00A9:EA NOP
00AA:EA NOP
00AB:EA NOP
00AC:EA NOP
00AD:EA NOP
00AE:20 C0 B6 JSR $B6C0
00B1:90 03 BCC $00B6
00B3:4C 8A 08 JMP $088A
00B6:18 CLC
|
For case 2, this is the new code:
| Code: |
Second case, first occ.
0054:20 E8 B6 JSR $B6E8
0057:EA NOP
0058:BD 01 00 LDA $0001,X
005B:48 PHA
005C:48 PHA
005D:BD 00 00 LDA $0000,X
Second case, second occ.
0002:20 E8 B6 JSR $B6E8
0005:EA NOP
0006:BD 01 00 LDA $0001,X
0009:48 PHA
000A:BD 00 00 LDA $0000,X
|
|
|
| Revenir en haut de page |
|
|
|
|
Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum
|
|
FAQ 
Rechercher 
Liste des Membres 
Groupes d'utilisateurs
S'enregistrer
Profil 
Se connecter pour vérifier ses messages privés 
Connexion 
