Prehistorik 2にはセーブはありませんが、各レベルにレベルコードがあります(レベル内の特定の場所で宙に浮いています)。 初心者モードとエキスパートモードの2つの合格モードがあり、コードはモードも定義します。 ゲームの開始時に、最初のレベルから開始するか、コードを入力してすぐに対応するレベルに到達することができます。 環境が変更されていない同じコンピューターでは、コードは変更されませんが、別のコンピューターでは、一般的に言えばコードが異なります。そのため、通過中に見つけられ、紙に注意深く書かれたコードは、別の環境では完全に役に立たなくなります。 したがって、紙ではなく、特定の環境向けにコードを記述するプログラムを用意する方がよいでしょう。 準備完了 : genpass.comはDOSプログラムであり、ゲームと同じ環境で実行する必要があります。 コード入力画面から目的のレベルに到達する別の方法:3つのコードADDE C0DE F00DまたはDEAD C0DE F00Dを入力します。3つのコードはそれぞれ正しくありませんが、この順序で入力すると、4番目のコードは1〜10のレベル番号+ 10です。エキスパートモードの場合、要求されたレベルにすぐにつながります。
猫の下-研究プロセス。 少なくとも「 辞書で読む」レベルのx86アセンブラーの知識が必要です。
ツール
メインツールはIDA Pro逆アセンブラーです。 DOSプログラムの研究には、 無料のバージョン5.0で十分です。
ここには多くの異なるDOSユーティリティがあります: http : //www.exetools.com/ 、そのうちのいくつかは本文で後述します。
オプションのツールはデバッガーです。 任意のDOSデバッガーを使用できます(上記のリンクに選択肢があります)。それらの共通の欠点は、デバッグされたプログラムとリソース(少なくとも画面)の分離です。 すべてのリソースをプログラムに提供しますが、同時に、組み込みデバッガーを備えたBochsエミュレーターでデバッグすることもできます。 さらに、デバッガーなしでも実行できます。
また、16進エディターは損傷しません。 オープンの中で、明らかに最高のものは、 バイ (以前はビユー)です。 ただし、
hexdump
を使用して表示したり、
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 ,
/ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet ,
cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4
sub_19D1E
.
sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp
byte_251D6 == 1
word_251DC
, 8Ch,
byte_251D6
0, . , , .
byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14
seg002:2870
. ( IDA) , , 60h. , - , - ;
ScanCode
. , :
KeyPressed
( ) (0 = , 0FFh = ). :
KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; ---------------------------------------------------------------------------
word_251E5
4 , , . ,
word_251D4
. 4 , . 4
word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ...
word_251DC
. ,
word_251E5
, 1 15h ,
loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- .
word_251E5
sub_19559
,
dx
0 14h.
loc_19CD9
dx
,
sub_19559
. ,
sub_19559
.
,
byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
:
dx
10,
byte_1CDB6
,
byte_251C3
;
byte_1CDB6
dx-10
,
byte_251C3
.
byte_251D6
2, .
, ,
sub_19599
, / , . :
word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl
sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , :
dx:ax
8E7136C8h,
bx
8BD1h. , , ,
dx:ax
mul bp
8E7136C8h - 16- : .
bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.
echo -ne '\x..\x..' | dd of= seek= bs=1 conv=notrunc ( conv=notrunc ).
, old-games.ru: pre2orig.exe 52190 . ( ) Hybrid, .
exe' , : exe' , , . , . File Scanner LZEXE, unlzexe. unlzexe, pre2_1.exe 63728 .
pre2_1.exe , "INTRO CODED BY CYBER". :
seg002:5E48 start proc near seg002:5E48 mov cs:pspSeg, ds seg002:5E4D mov ax, cs seg002:5E4F mov es, ax seg002:5E51 assume es:seg002 seg002:5E51 mov cx, 20h seg002:5E54 mov si, 80h seg002:5E57 mov di, si seg002:5E59 rep movsb seg002:5E5B mov ds, ax seg002:5E5D assume ds:seg002 seg002:5E5D call loc_19960 seg002:5E60 mov ax, pspSeg seg002:5E63 add ax, 10h seg002:5E66 add nextCS, ax seg002:5E6A add nextSS, ax seg002:5E6E sub ax, 10h seg002:5E71 mov ds, ax seg002:5E73 assume ds:nothing seg002:5E73 mov es, ax seg002:5E75 assume es:nothing seg002:5E75 mov ax, cs:nextSS seg002:5E79 mov ss, ax seg002:5E7B assume ss:nothing seg002:5E7B mov sp, cs:nextSP seg002:5E80 mov bx, offset nextIP seg002:5E83 jmp dword ptr cs:[bx] seg002:5E83 start endp seg002:5E83 seg002:5E83 ; --------------------------------------------------------------------------- seg002:5E86 nextIP dw 3 ; DATA XREF: start+38 o seg002:5E88 nextCS dw 0 ; DATA XREF: start+1E w seg002:5E8A pspSeg dw 0 ; DATA XREF: start w seg002:5E8A ; start+18 r seg002:5E8C nextSS dw 1681h ; DATA XREF: start+22 w seg002:5E8C ; start+2D r seg002:5E8E nextSP dw 80h ; DATA XREF: start+33 r
DOS PSP 100h , - 80h ( Pascal-: - ). ds es PSP, ds:0+100h = (ds+10h):0. ds, 7 ( assume - , ) ds, es, - loc_19960. , , "" , DOS : ds es PSP, ss:sp , ( pspSeg+10h), , . loc_19960 , ; "This program requires an 80286 or higher", "This program requires a VGA card", "Intro skipped". :
seg002:082F cmp al, '/' seg002:0831 jnz short loc_1A08A seg002:0833 lodsb seg002:0834 and al, not 20h seg002:0836 cmp al, 'N' seg002:0838 jnz short loc_1A08B seg002:083A lodsb seg002:083B and al, not 20h seg002:083D cmp al, 'I' seg002:083F jnz short loc_1A08B
, loc_19960 , /ni
. , , Hybrid . , seg002 - , exe'. cs:ip 0000:0003, ss:sp 1681:0080, 5E90h , .
pre2_2.exe 39520 . ( pre2_1.exe Hybrid), . File Scanner "Diet 1.00,1.20" . , diet : . ( ) diet, , , , diet, , , () .
diet cup386 . diet , cup386 pre2_2.exe pre2unp.exe /1
pre2unp.exe 91344 . , pre2unp.exe - , .
. . ( ; , ). , , , . , , , ( , , , ). - "ENTER CODE", . seg002:B171 (IDA exe'), 0B171h :
seg001:99C3 sub_19BC3 proc near ; DATA XREF: sub_1906F+A1 o seg001:99C3 call sub_19D1E seg001:99C6 mov byte_251D7, 3 seg001:99CB mov bx, offset aEnterCode ; "ENTER CODE" seg001:99CE mov word_251D2, 0AF2h seg001:99D4 call sub_19AC4 seg001:99D7 mov byte_251D7, 4 seg001:99DC mov bx, offset levelCode ; "[[[[" seg001:99DF mov word_251D2, 12C9h seg001:99E5 call sub_19AC4 sub_19D1E
. sub_19AC4
, "ENTER CODE", 4 , ; , , - .
seg001:99E8 cmp byte_251D6, 1 seg001:99ED jnz short loc_19BF2 seg001:99EF jmp loc_19CF2 seg001:99F2 ; --------------------------------------------------------------------------- seg001:99F2 seg001:99F2 loc_19BF2: ; CODE XREF: sub_19BC3+2A j seg001:99F2 cmp byte_251D6, 2 seg001:99F7 jnz short loc_19BFC seg001:99F9 jmp loc_19D02 seg001:99FC ; --------------------------------------------------------------------------- ... seg001:9AF2 ; --------------------------------------------------------------------------- seg001:9AF2 seg001:9AF2 loc_19CF2: ; CODE XREF: sub_19BC3+2C j seg001:9AF2 inc word_251DC seg001:9AF6 mov bx, word_251DC seg001:9AFA sub bx, 8Ch seg001:9AFE jb short locret_19D1D seg001:9B00 jmp short loc_19D06 seg001:9B02 ; --------------------------------------------------------------------------- seg001:9B02 seg001:9B02 loc_19D02: ; CODE XREF: sub_19BC3+36 j seg001:9B02 ; sub_19BC3+4E j seg001:9B02 inc byte_251DE seg001:9B06 seg001:9B06 loc_19D06: ; CODE XREF: sub_19BC3+13D j seg001:9B06 mov bx, offset levelCode ; "[[[[" seg001:9B09 mov word ptr [bx], '[[' seg001:9B0D mov word ptr [bx+2], '[[' seg001:9B12 mov byte_251D6, 0 seg001:9B17 mov word_251D4, 0 seg001:9B1D seg001:9B1D locret_19D1D: ; CODE XREF: sub_19BC3+42 j seg001:9B1D ; sub_19BC3+60 j ... seg001:9B1D retn seg001:9B1D sub_19BC3 endp byte_251D6 == 1
word_251DC
, 8Ch, byte_251D6
0, . , , . byte_251D6 == 2
, ; .
seg001:99FC seg001:99FC loc_19BFC: ; CODE XREF: sub_19BC3+34 j seg001:99FC mov bl, ScanCode seg001:9A00 test bl, 80h seg001:9A03 jz short loc_19C08 seg001:9A05 jmp locret_19D1D seg001:9A08 ; --------------------------------------------------------------------------- seg001:9A08 seg001:9A08 loc_19C08: ; CODE XREF: sub_19BC3+40 j seg001:9A08 mov al, KeysPressed+39h seg001:9A0B or al, KeysPressed+1Ch seg001:9A0F jz short loc_19C14 seg001:9A11 jmp loc_19D02 seg001:9A14 ; --------------------------------------------------------------------------- seg001:9A14 seg002:2870
. ( IDA) , , 60h. , - , - ; ScanCode
. , : KeyPressed
( ) (0 = , 0FFh = ). : KeyPressed[39h]
KeyPressed[1Ch]
- Enter . Enter ( ) , , .
seg001:9A14 loc_19C14: ; CODE XREF: sub_19BC3+4C j seg001:9A14 mov ScanCode, 0 seg001:9A19 xor bh, bh seg001:9A1B mov al, byte ptr a1234567890AEADfCB[bx] ; "--1234567890----AE-----------A-DF-----"... seg001:9A1F cmp al, '-' seg001:9A21 jnz short loc_19C26 seg001:9A23 jmp locret_19D1D seg001:9A26 ; --------------------------------------------------------------------------- seg001:9A26 seg001:9A26 loc_19C26: ; CODE XREF: sub_19BC3+5E j seg001:9A26 mov ah, al seg001:9A28 sub ah, '0' seg001:9A2B cmp ah, 9 seg001:9A2E jbe short loc_19C33 seg001:9A30 sub ah, 7 seg001:9A33 seg001:9A33 loc_19C33: ; CODE XREF: sub_19BC3+6B j . "--1234567890----AE-----------A-DF------------CB-...-", ASCII- ( , , ASCII- 'A' A, Q - , AZERTY). ASCII- hex-, . , 0 0Fh.
seg001:9A33 mov dx, word_251E5 seg001:9A37 mov cl, 4 seg001:9A39 shl ah, cl seg001:9A3B shl ah, 1 seg001:9A3D rcl dx, 1 seg001:9A3F shl ah, 1 seg001:9A41 rcl dx, 1 seg001:9A43 shl ah, 1 seg001:9A45 rcl dx, 1 seg001:9A47 shl ah, 1 seg001:9A49 rcl dx, 1 seg001:9A4B mov word_251E5, dx seg001:9A4F mov bx, word_251D4 seg001:9A53 mov byte ptr levelCode[bx], al ; "[[[[" seg001:9A57 inc word_251D4 seg001:9A5B inc bl seg001:9A5D cmp bl, 4 seg001:9A60 jnb short loc_19C65 seg001:9A62 jmp locret_19D1D seg001:9A65 ; --------------------------------------------------------------------------- word_251E5
4 , , . , word_251D4
. 4 , . 4 word_251E5
16- , ("1234" -> 1234h), .
seg001:9A65 seg001:9A65 loc_19C65: ; CODE XREF: sub_19BC3+9D j seg001:9A65 push bp seg001:9A66 mov word_251DC, 0 seg001:9A6C mov di, word_251DF seg001:9A70 mov si, word_251E1 seg001:9A74 mov bp, word_251E3 seg001:9A78 mov ax, di seg001:9A7A rol ax, 1 seg001:9A7C rol ax, 1 seg001:9A7E mul ah seg001:9A80 xor ax, si seg001:9A82 mul bp seg001:9A84 mov bx, ax seg001:9A86 add bx, si seg001:9A88 ror bx, 1 seg001:9A8A rol bl, 1 seg001:9A8C xor bl, bh seg001:9A8E xor bx, bp seg001:9A90 pop bp seg001:9A91 cmp ax, 36C8h seg001:9A94 jnz short loc_19CAC seg001:9A96 cmp bx, 8BD1h seg001:9A9A jnz short loc_19CAC seg001:9A9C cmp dx, 8E71h seg001:9AA0 jnz short loc_19CAC seg001:9AA2 mov dx, word_251E5 seg001:9AA6 dec dx seg001:9AA7 cmp dx, 14h seg001:9AAA jbe short loc_19CD9 seg001:9AAC seg001:9AAC loc_19CAC: ; CODE XREF: sub_19BC3+D1 j seg001:9AAC ; sub_19BC3+D7 j ... word_251DC
. , word_251E5
, 1 15h , loc_19CD9
dx
, . , .
seg001:9AAC xor dx, dx seg001:9AAE seg001:9AAE loc_19CAE: ; CODE XREF: sub_19BC3+FA j seg001:9AAE mov ax, dx seg001:9AB0 call sub_19559 seg001:9AB3 cmp word_251E5, ax seg001:9AB7 jz short loc_19CD9 seg001:9AB9 inc dx seg001:9ABA cmp dx, 14h seg001:9ABD jbe short loc_19CAE seg001:9ABF mov si, offset word_251E1 seg001:9AC2 mov ax, [si] seg001:9AC4 mov [si-2], ax seg001:9AC7 mov ax, [si+2] seg001:9ACA mov [si], ax seg001:9ACC mov ax, [si+4] seg001:9ACF mov [si+2], ax seg001:9AD2 mov byte_251D6, 1 seg001:9AD7 jmp short locret_19D1D seg001:9AD9 ; --------------------------------------------------------------------------- . word_251E5
sub_19559
, dx
0 14h. loc_19CD9
dx
, sub_19559
. , sub_19559
.
, byte_251D6
1 ( , ), . , , ; , .
seg001:9AD9 seg001:9AD9 loc_19CD9: ; CODE XREF: sub_19BC3+E7 j seg001:9AD9 ; sub_19BC3+F4 j seg001:9AD9 mov al, 0 seg001:9ADB cmp dl, 0Ah seg001:9ADE jb short loc_19CE4 seg001:9AE0 sub dl, 0Ah seg001:9AE3 inc ax seg001:9AE4 seg001:9AE4 loc_19CE4: ; CODE XREF: sub_19BC3+11B j seg001:9AE4 mov byte_1CDB6, dl seg001:9AE8 mov byte_251C3, al seg001:9AEB mov byte_251D6, 2 seg001:9AF0 jmp short locret_19D1D
: dx
10, byte_1CDB6
, byte_251C3
; byte_1CDB6
dx-10
, byte_251C3
. byte_251D6
2, .
, , sub_19599
, / , . : word_2435F
10h BIOS F000:FFF0 ( BIOS) 80h BIOS C000:0000 F000:0000. :
; ax = zero-based level seg001:93C6 xor ax, 55A3h seg001:93C9 mul word_2435F seg001:93CD mov cl, cs:ProcessorType ; always 3 for 386+ seg001:93D2 rol ax, cl sub_19599
( - 386+ 3), , : genpass.asm , genpass.com .
"" : , ( hex 1-based). , : dx:ax
8E7136C8h, bx
8BD1h. , , , dx:ax
mul bp
8E7136C8h - 16- : . bx
- . 8E7136C8h , 2 3 *7*4861*8779; 16- , 4861 8779 , 2 3 *7 - . (16 - 16-). ; - , , bx, 8- . 16- 8-, , , ( 8- ). : getmagic.c , : ADDE C0DE F00D DEAD C0DE F00D.