Apple-2-SW/passport
1
0
Fork 0
mirror of https://github.com/a2-4am/passport.git synced 2024-05-28 21:41:27 +00:00
Code Issues Projects Releases Wiki Activity
7abb12d5ef
passport/src/patchers/sierra.a
Peter Ferrie 7abb12d5ef fix Aquatron and Dragon's Keep
2022-07-07 10:41:16 -07:00

587 lines
14 KiB
Plaintext
Executable File
Raw Blame History

;-------------------------------
; #SIERRA
; search and disable a self-decrypting
; protection check used on many Sierra
; disks in a way that doesn't trip the
; tamper check that checksums the code
;
; tested on
; - Apple Cider Spider
; - Aquatron
; - BC's Quest For Tires
; - Cannonball Blitz
; - Crossfire
; - Dragon's Keep
; - Learning with Leeper
; - Marauder
; - Mr. Cool
; - Oil's Well
; - Sammy Lightfoot
; - Sierra Championship Boxing
; - Winnie the Pooh
; - Donald Duck
; - Mickey's Space Adventure
; - King's Quest I, II, III
; - Leisure Suit Larry
; - Space Quest I, II
; - The Black Cauldron
; - The Dark Crystal
; - Mixed Up Mother Goose
; - The Artist
; - Ultima II
;
; module by qkumba
;-------------------------------
!zone {
lda gIsSierra
beq +
jmp .dosearch
+ ldy #3
jsr SearchTrack
.call
!byte $20,$D1,$D1 ;JSR $xxxx
bcs +
jsr modify1
!byte $2C
;there are two of these on the same track
+ ldy #3
jsr SearchTrack
.jmp1
!byte $4C,$D1,$D1 ;JMP $xxxx
bcs +
jsr modify1
!byte $60
ldy #3
jsr SearchTrack
.jmp2
!byte $4C,$D1,$D1 ;JMP $xxxx
bcs +
jsr modify1
!byte $60
+ ldy #3
jsr SearchTrack
.load
!byte $AD,$D1,$D1 ;LDA $xxxx
bcs +
sta .cmp7+1
adc #BASEPAGE
sta .page11+2
inx
inx
inx
.page11
lda $D100,x
cmp #$F0
bne .cmp7
inx
inx
.cmp7
lda #$D1
ldy #3
jsr compare
!byte $C9,$1D ;CMP #$1D
!byte $B0 ;BCS *+xx
bcs +
jsr PrintByID
!byte s_tamper
inx
inx
inx
jsr modify1
!byte $00
+ ldy #12
jsr SearchTrack
!byte $AD,WILDCARD,WILDCARD ;LDA $xxxx
!byte $85,$C1 ;STA $C1
!byte $A9,$00 ;LDA #$00
!byte $85,$C0 ;STA $C0
!byte $6C,$C0,$00 ;JMP ($00C0)
bcs +
pha
txa
adc #9
tax
pla
jsr modify1
!byte $60
+ ldy #14
jsr SearchTrack
!byte $85,$11 ;STA $11
!byte $49,WILDCARD ;EOR #$xx
!byte $48 ;PHA
!byte $A5,$10 ;LDA $10
!byte $49,WILDCARD ;EOR #$xx
!byte $48 ;PHA
!byte $D0,$01 ;BNE *+3
!byte $4C ;dummy
!byte $60 ;RTS
bcs +
pha
tay
jsr inx4
txa
pha
tya
jsr modify1
!byte $EA ;NOP
pla
clc
adc #5
tax
pla
jsr modify1
!byte $EA ;NOP
+ ldy #10
jsr SearchTrack
!byte $A9,$20 ;LDA #$20
!byte $8D,$DC,$4D ;STA $4DDC
!byte $A9,$60 ;LDA #$60
!byte $8D,$DF,$4D ;STA $4DDF
bcs +
inx
jsr modify1
!byte $2C ;BIT $xxxx
+ ldy #6
jsr SearchTrack
!byte $20,$0A,$14 ;JSR $140A
!byte $6C,$C6,$03 ;JMP ($03C6)
bcs +
inx
inx
inx
jsr modify1
!byte $60 ;RTS
+ ldy #17
jsr SearchTrack
!byte $48 ;PHA
!byte $8A ;TXA
!byte $48 ;PHA
!byte $98 ;TYA
!byte $48 ;PHA
!byte $20,$3D,$9B ;JSR $9B3D
!byte $68 ;PLA
!byte $A8 ;TAY
!byte $68 ;PLA
!byte $AA ;TAX
!byte $68 ;PLA
!byte $28 ;PLP
!byte $6C,$36,$00 ;JMP ($0036)
bcs +
jsr inx5
jsr modify1
!byte $2C ;BIT $xxxx
+ ldy #15
jsr SearchTrack
!byte $EA ;NOP
!byte $EA ;NOP
!byte $EA ;NOP
!byte $BD,$48,$4A ;LDA $4A48,X
!byte $48 ;PHA
!byte $BD,$47,$4A ;LDA $4A47,X
!byte $48 ;PHA
!byte $60 ;RTS
!byte $EA ;NOP
!byte $EA ;NOP
!byte $EA ;NOP
bcs +
pha
txa
adc #6
tax
pla
jsr modify1
!byte $EA ;NOP
jsr inx4
jsr modify1
!byte $EA ;NOP
+ ldy #7
jsr SearchTrack
!byte $60 ;encoded NOP
!byte $AA,$AA,$C8 ;encoded JSR $4220
!byte $4C,$BF,$48 ;JMP $48BF
bcs +
inx
jsr modify1
!byte $A6 ;encoded BIT
+ jmp .exit
.trybox
lda #$2C ;BIT $xxxx
sta .patchstyle
ldy #17
jsr SearchTrack
!byte $20,$00,$1D ;JSR $1D00
!byte $20,$C0,$1D ;JSR $1DC0
!byte $A9,$16 ;LDA #$16
!byte $85,$56 ;STA $56
!byte $A9,$15 ;LDA #$15
!byte $85,$57 ;STA $57
!byte $20,$93,$15 ;JSR $1593
bcc +
ldy #19
jsr SearchTrack
!byte $20,$17,$0A ;JSR $0A17
!byte $20,$25,$0D ;JSR $0D25
!byte $20,$85,$1E ;JSR $1E85
!byte $80 ;dummy
!byte $08,$CE,$CF,$CD,$CF,$CE,$C9,$C3,$CF
;"NOMONICO"
+ bcc +
ldy #19
jsr SearchTrack
!byte $20,$07,$FF ;JSR $FF07
!byte $A2,$00 ;LDX #$00
!byte $A9,$01 ;LDA #$01
!byte $85,$08 ;STA $08
!byte $86,$09 ;STA $09
!byte $60 ;RTS
!byte $A9,$02 ;LDA #$02
!byte $85,$0C ;STA $0C
!byte $4C,$41,$7E ;JMP $7E41
+ bcc +
ldy #17
jsr SearchTrack
!byte $20,$27,$15 ;JSR $1527
!byte $4C,$6C,$41 ;JMP $416C
!byte $84,$C2,$CC,$CF,$C1,$C4,$A0,$D7,$C1,$CC,$D4
;"BLOAD WALT..."
+ bcc +
ldy #26
jsr SearchTrack
!byte $20,$0D,$09 ;JSR $090D
!byte $AD,$F1,$08 ;LDA $08F1
!byte $D0,$6B ;BNE $08C3
!byte $A9,$01 ;LDA #$01
!byte $8D,$F1,$08 ;STA $08F1
!byte $20,$16,$16 ;JSR $1616
!byte $20,$3D,$18 ;JSR $183D
!byte $80,$1B,$C2,$CC,$CF,$C1,$C4
;"BLOAD ..."
bcc +
lda #$60 ;RTS
sta .patchstyle
ldy #14
jsr SearchTrack
!byte $A9,$00 ;LDA #$00
!byte $AA ;TAX
!byte $A8 ;TAY
!byte $20,$B7,$FF ;JSR $FFB7
!byte $A9,$00 ;LDA #$00
!byte $85,$48 ;STA $48
!byte $BD,$89,$C0 ;LDA $C089,X
jsr inx4
bcs ++
+
jsr PrintByID
!byte s_sierra
jsr modify1
.patchstyle
!byte $2C ;BIT $xxxx
jmp .exit
;two of these are on the same track
++ ldy #10
jsr SearchTrack
!byte $F0,$08 ;BEQ *+10
!byte $A9,$00 ;LDA #$00
!byte $AA ;TAX
!byte $95,$00 ;STA $00,X
!byte WILDCARD ;INX or DEX
!byte $D0,$FB ;BNE *-5
bcs +
pha
jsr PrintByID
!byte s_tamper
txa
clc
adc #5
tax
pla
jsr modify1
!byte $B5 ;load instead of store
ldy #24
jsr SearchTrack
!byte $AD,WILDCARD,WILDCARD ;LDA $xxxx
!byte $CD,WILDCARD,WILDCARD ;CMP $xxxx
!byte $D0,$40 ;BNE *+$42
!byte $AD,WILDCARD,WILDCARD ;LDA $xxxx
!byte $CD,WILDCARD,WILDCARD ;CMP $xxxx
!byte $D0,$38 ;BNE *+$3A
!byte $AD,WILDCARD,WILDCARD ;LDA $xxxx
!byte $CD,WILDCARD,WILDCARD ;CMP $xxxx
!byte $D0,$30 ;BNE *+$32
bcs +
jsr PrintByID
!byte s_tamper
jsr modify1
!byte $60 ;just return
+ ldy #15
jsr SearchTrack
!byte $A9,$00 ;LDA #$00
!byte $85,$57 ;STA $57
!byte $A9,$FF ;LDA #$FF
!byte $85,$58 ;STA $58
!byte $A9,$02 ;LDA #$02
!byte $85,$59 ;STA $59
!byte $20,$99,$4C ;JSR $4C99
bcs +
pha
txa
adc #12
tax
pla
jsr modify1
!byte $2C ;don't load sector #$10
+ ldy #13
jsr SearchTrack
!byte $A9,$00 ;LDA #$00
!byte $85,$59 ;STA $59
!byte $20,WILDCARD,WILDCARD ;JSR $xxxx
!byte $68 ;PLA
!byte $D0,$20 ;BNE *+$22
!byte $20,$00,$FF ;JSR $FF00
bcs +
pha
txa
adc #10
tax
pla
jsr modify1
!byte $2C ;don't call protection check
+
.jmpexit
jmp .exit
.dosearch
; gIsBoot0 is TRUE here
ldy #9
jsr SearchTrack
!byte $AD,WILDCARD,WILDCARD ;LDA $xxxx
!byte $49,WILDCARD ;EOR #$xx
!byte $D0,$01 ;BNE *+3
!byte $20 ;dummy
!byte $8D ;STA $xxxx
bcc +
jmp .trybox
+ sta .cmp1+1
pha
adc #BASEPAGE
sta .page1+2
sta .page2+2
sta .page3+2
sta .page4+2
sta .page5+2
sta .page6+2
sta .page7+2
sta .page8+2
sta .page9+2
sta .page10+2
stx .adj+1
txa
adc #11
tax
.page1
lda $D100,x
cmp #$18
bne +
inx
+ pla
ldy #6
jsr compare
!byte $D0,$01 ;BNE *+3
!byte $4C ;dummy
!byte $A0,WILDCARD ;LDY #$xx
!byte $98 ;TYA
.bcsexit1
bcs .bcsexit2
.page2
lda $D104,x
sta .key+1
txa
adc #6
tax
.cmp1
lda #$D1
pha
ldy #3
jsr compare
!byte $90,$01,$20
bcs +
inx
inx
inx
+ pla
ldy #8
jsr compare
!byte $59,WILDCARD,WILDCARD ;EOR $xxxx,Y
!byte $99,WILDCARD,WILDCARD ;STA $xxxx,Y
!byte $C8 ;INY
!byte $D0 ;BNE *+xx
.bcsexit2
bcs .bcsexit3
.page3
lda $D101,x
sta .call+1
sta .jmp1+1
sta .jmp2+1
.page4
lda $D102,x
sta .call+2
sta .jmp1+2
sta .jmp2+2
txa
adc #9
tax
lda .cmp1+1
pha
ldy #5
jsr compare
!byte $88 ;DEY
!byte $30,$01 ;BMI *+3
!byte $4C ;dummy
!byte $60 ;RTS
pla
bcc +
ldy #5
jsr compare
!byte $98 ;TYA
!byte $10,$01 ;BPL *+3
!byte $4C ;dummy
!byte $60 ;RTS
.bcsexit3
bcs .bcsexit4
+ txa
adc #5
pha
tax
.key ldy #$D1
- tya
.page5
eor $D100, x
.page6
sta $D100, x
iny
inx
bne -
pla
tax
.page7
lda $D100, x
beq +
cmp #$C8
sec
bne .bcsexit4
+ inx
lda .cmp1+1
ldy #11
jsr compare
!byte $8C,$F4,$B7 ;STY $B7F4
!byte WILDCARD,$EC,$B7 ;STx $B7EC
!byte $A9,$B7 ;LDA #$B7
!byte $A0,$E8 ;LDY #$E8
!byte $20 ;JSR $xxxx
.bcsexit4
bcs .bcsexit5
txa
adc #11
tax
lda .cmp1+1
pha
jsr compare2
!byte $B5,$B7
pla
bcc +
pha
jsr compare2
!byte $D9,$03
pla
bcc +
jsr compare2
!byte $00,$BD
.bcsexit5
bcs .bcsexit6
+ inx
inx
lda .cmp1+1
pha
ldy #3
jsr compare
!byte $AE,$E9,$B7 ;LDX #$B7E9
bcs +
inx
inx
inx
+ pla
ldy #9
jsr compare
!byte $BD,$89,$C0 ;LDA $C089,X
!byte $A9,WILDCARD ;LDA #$xx
!byte $8D,WILDCARD,WILDCARD ;STA $xxxx
!byte $20 ;JSR $xxxx
.bcsexit6
bcs .exit
.page8
lda $D109,x
sta .tryalt2+1
pha
.adj
adc #$D1
tax
pla
adc #4
sta .tryalt+1
lda .cmp1+1
pha
ldy #3
jsr compare
!byte $A9,$1C ;LDA #$1C
!byte $8D ;STA $xxxx
pla
bcc .yes
pha
.tryalt
ldx #$D1
ldy #3
jsr compare
!byte $A9,$1C ;LDA #$1C
!byte $8D ;STA $xxxx
pla
bcc .yes
pha
.tryalt2
ldx #$D1
ldy #3
jsr compare
!byte $A9,$1C ;LDA #$1C
!byte $8D ;STA $xxxx
pla
bcs .exit
.yes
.page9
lda $D103,x
sta .load+1
.page10
lda $D104,x
sta .load+2
lda #TRUE
sta gIsSierra
bit gMode ; don't print or restart in verify mode
bpl .exit
jsr PrintByID
!byte s_sierra
jmp RestartScan
.exit
}
Reference in New Issue View Git Blame Copy Permalink