Stephen Gregory of Derbyshire wants to know what the * means in front of *Load and *List. These two are not basic commands, but listings I gave in issue 56. You'll need them both to hack just about anything. *Load loads a basic program and stops it autorunning, and *List lists the program as it would be run (because it's possible to disguise basic so that it LISTs differently to how it RUNs).
Loads of you have written asking the simple question, how do you load a game and disassembler at the same time? For old games, which start at 32768, you can load the game code to it's normal address and load Devpac in low memory (about 25000ish). Remember that Devpac will execute wherever you load it to - it relocates itself! On larger games, which use all the memory, load the game then load Devpac in either low memory (about 25000ish) or high memory (about 60000ish). That way, you'll be more likely to overwrite graphic and map data rather than the all-important game code. The ideal set-up should be Devpac for hacking protection systems, and a Multiface and Genie, or SoftRom and SoftCrack to hack games - for hacking games you only need a very limited disassembler, but the advanced features of Devpac make it ideal for protection.
One last point for anyone hacking the new Speedlocks (5 upwards). Check the CALL address in the routine which loads the first short turboload block. That address is later overwritten with a very simple game decrypter, which you will need to crack before you can hack the game (it usually resides around FE5Cish). And don't forget to check if the game is moved when loaded - you won't be able to backtrack if you don't move it to where it should be.
For anyone not born in the stone age, Steve Adams used to write a technical column in Your Spectrum. He once said something about a 32K RAM-bank hardware switch, which is needed by Stephen Shepherd of 50 Lincoln Street, Norwich, Norfolk NR2 3LA. Stephen may well be flooding the market with SoftRoms in the not-too-distant future, but needs Steve Adams' RAM-bank switch to get them working. If anyone knows where he is, or for more information and prices on the SoftRoms, contact Stephen at the address given.
There were a number of people asking this one. The simple reason is that it would be too long. If I started one now it would probably go on well into the 23rd century! I've been outlining the most important instructions which you'll need for hacking games, but to start writing them instead your best bet is to buy a good book on the subject. The best one I know of, Spectrum Machine Language For The Absolute Beginner, is now sadly out of print (you could always try an ad in Input Output), but whatever you do, don't get the Rodnay Zaks book - not yet. It's a very technical book which will later prove invaluable, but to learn machine code it is not the obvious choice.
A couple of you thought that the timings of the instructions was all-important, but they are negligable. What are important are the values in the delay loops. These wait for a specific amount of time before doing anything - the smaller they are, the faster the load/save. Have a hack into the turboload on my POKE tapes - it copies the ROM loader then alters these timing constants to load and save in about two thirds of the normal time. Get the relationship between the original values and the new values (basically, multiply each by 2/3) and you'll have your own turbo tape system.
An encrypter does the opposite of a decrypter. A decrypter with SUB would be encrypted with ADD, a RLCA (rotate left) with a RRCA (rotate right), and XOR with XOR. Non-trailers can start with the same values in both encrypters and decrypters, but trailers have to start at the last byte and work backwards.
| LD | HL,50000 | ;Start | |
| LD | BC,10000 | ;Length | |
| LOOP | LD | A,(HL) | |
| XOR | H | ||
| SUB | L | ||
| RLCA | |||
| ADD | A,C | ||
| LD | (HL),A | ||
| INC | HL | ||
| DEC | BC | ||
| LD | A,B | ||
| OR | C | ||
| JR | NZ,LOOP | ||
| RET | |||
| LD | HL,50000 | ||
| LD | BC,10000 | ||
| LOOP | LD | A,(HL) | |
| SUB | C | ;Do the last decrypting instruction first. SUB is opposite to ADD | |
| RRCA | ;Opposite to RLCA | ||
| ADD | A,L | ;Opposite to SUB L | |
| XOR | H | ;Opposite to XOR H | |
| LD | (HL),A | ;The rest is the same | |
| INC | HL | ||
| DEC | BC | ||
| LD | A,B | ||
| OR | C | ||
| JR | NZ,LOOP | ||
| RET |
This should have gone in a couple of months ago, but ended up in the bin instead. Sorry! It's the start of the Speedlock series where identification starts getting difficult.
