On 21 Jul 2023, Bencollver said the following...
2) Dosbox debugger
https://www.vogons.org/viewtopic.php?t=3944
i use this to crack stuff/generate keys for doors all the time lol
on linux at least you just build the version with the debugger enabled:
./configure --enable-debug=heavy (i use slackware and just edited the slackbuild to include that param)
launch it from an xterm with the window pretty big, and inside dosbox when you run the door you just do 'debug door.exe' like the other example. that'll load the program and then stop at the entry point. then you just press F10/F11 repeatedly for the rest of your life.
as a really easy example, for arrowbridge 2 you can generate a custom key by stepping through until it shows the registered message from the free key, dumping the entire memory with MEMDUMPBIN 0:0 640000 and then searching for the free key in that file and writing down the addresses of each instance.
then put in your bbs name and sysop name, a junk key, and then dump the memory again.. one of the locations you wrote down will now have the correct key to use for your sysop/bbs name.
"Betrayal of the Obsidian Baboon" also worked out almost the same way.
if you have the free version of IDA (linked somewhere on the dosbox website) it's also definitely helpful. for example if you find a place where an unregistered message shows, and it checks a variable to decide whether to show that message, you can search everywhere that variable is used in IDA and find where it's set. often it's something really easy like:
if (reg key is good) then
registered = true
else
registered = false
.. you can change one byte in the .exe so both of those are 'true'
congrats, you wasted potentially a lot of time ;)
--- Mystic BBS v1.12 A47 2021/12/25 (Windows/32)
* Origin: cold fusion - cfbbs.net - grand rapids, mi