Atic Atac: dodgy version in STH archive?

reminisce about bbc micro & electron games like chuckie egg, repton, elite & exile

Related forum: adventures


User avatar
Pernod
Posts: 1006
Joined: Fri Jun 08, 2012 10:01 pm
Location: Croydon, UK

Re: Atic Atac: dodgy version in STH archive?

Postby Pernod » Wed Oct 18, 2017 10:06 am

Kevin Edwards wrote:Just out of interest, does anyone know if there is more than one disk version of Nightshade out there. ie was the game only hacked to disk by Michael?

The version I have doesn't contain the messages mentioned earlier in this thread, but it does have 'MJA OK' in the loader. Amazing how software circulated across the country pre-internet.
- Nigel

BBC Model B, ATPL Sidewise, Acorn Speech, 2xWatford Floppy Drives, AMX Mouse, Viglen case, etc.

Kevin Edwards
Posts: 61
Joined: Tue Mar 14, 2006 9:16 pm

Re: Atic Atac: dodgy version in STH archive?

Postby Kevin Edwards » Wed Oct 18, 2017 10:37 am

Perhaps Michael could be the origin of all disk version, with other people perhaps making minor modifications to his work?

Yes, those 'computer clubs' were very efficient ways of distributing WAREZ in the 80s. I remember attending a local club and was offered a copy of my own game Galaforce...rather cheeky!

I was also involved with HAM Radio when i was in my teens and they used to transmit BBC ROMs, games etc over the airwaves. That made it possible to broadcast software around the country very quickly!

User avatar
Rich Talbot-Watkins
Posts: 1121
Joined: Thu Jan 13, 2005 5:20 pm
Location: Palma, Mallorca

Re: Atic Atac: dodgy version in STH archive?

Postby Rich Talbot-Watkins » Wed Oct 18, 2017 10:46 am

So I'm still trying to fathom how Michael did it! Sounds like he did tackle each decoder one-by-one, as he peeled through the layers and found the disk formatter etc.

So I'm wondering if there was some kind of loophole in the decryption system. Michael, it sounds a bit as if you zeroed the encoded block, ran the decoder, and let the CRC fail. Then you could catch the OSBYTE 200 with your modified OS, and dump out memory to SRAM. The encoded block maybe now contained the key which you could use to decrypt the data by hand. There are a few subtleties (like an EOR &D01,Y which will overlap one byte into the encoded block), so maybe that'd need preserving. Sounds possible I guess. Don't know if you had considered shortcuts like that Kevin, and built in resistance to it! One thing I've noticed is that the actual decoding algorithm only performs EORs on the encrypted block; there are no ADCs as per Alien 8 (probably because it would set off a period of 2^16 iterations, or more, to return back to the initial state, which would have been too long for the encoding process). That does mean that a system like that would probably work!

User avatar
Rich Talbot-Watkins
Posts: 1121
Joined: Thu Jan 13, 2005 5:20 pm
Location: Palma, Mallorca

Re: Atic Atac: dodgy version in STH archive?

Postby Rich Talbot-Watkins » Wed Oct 18, 2017 10:52 am

Pernod wrote:The version I have doesn't contain the messages mentioned earlier in this thread, but it does have 'MJA OK' in the loader. Amazing how software circulated across the country pre-internet.

I started a thread about this a little while back, here!

Kevin Edwards
Posts: 61
Joined: Tue Mar 14, 2006 9:16 pm

Re: Atic Atac: dodgy version in STH archive?

Postby Kevin Edwards » Wed Oct 18, 2017 10:59 am

Rich, i didn't realize Nightshade only performed EOR operations on the data block. Yes, i typically did EOR, ADC and SBC(?) on other titles which had a repeat iteration count of 256 ( 2^8 ). Surprised that i didn't use all 3 operators on Nightshade. Is this true for all of the decoders in Nightshade ( 3 or 4 of them )? 2^16 repeat was too time consuming to encode.

If only EOR is used then there is the chance that it would reveal the 'key' if the data block was initialized to 0x00. This key could then be applied to the original data block to reveal the obfuscated code/data...interesting!

Anyone fancy checking this theory out?

crj
Posts: 329
Joined: Thu May 02, 2013 4:58 pm

Re: Atic Atac: dodgy version in STH archive?

Postby crj » Wed Oct 18, 2017 11:01 am

duikkie wrote:are there virus software for bbc .

I've never heard of a Beeb virus. I think too much of the software is in ROM and you tend to reset after running a piece of software, so it's a little tricky to do well.

I did once write an Econet worm, though: hack yourself up to a high station number (to circumvent *PROT in earlier NFSes) then pummel every other station number with it. Unfortunately, a friend realised they could protect their DNFS computer against JSR but not poke to get a copy of the code. A little while later, they realised they could use NETMONITOR to work out where in memory the code was being poked...

User avatar
Rich Talbot-Watkins
Posts: 1121
Joined: Thu Jan 13, 2005 5:20 pm
Location: Palma, Mallorca

Re: Atic Atac: dodgy version in STH archive?

Postby Rich Talbot-Watkins » Wed Oct 18, 2017 11:24 am

Kevin Edwards wrote:Rich, i didn't realize Nightshade only performed EOR operations on the data block.

My bad, one of the first operations is an ADC, and then later there's a SBC. But what there isn't (unlike Alien8) is an EOR with the next byte of the encrypted block (EOR &E01,Y or equivalent). Not sure if that somehow simplifies how the key is built.

Even if zeroing wasn't an option, I guess it'd be possible to just modify a single byte of the encoded block, just so that the CRC fails. If the decryption doesn't rely on a cascade effect in the encoded block (because of the lack of a EOR &E01,Y) then you could probably get everything decoded, apart from the byte you changed.

Kevin Edwards
Posts: 61
Joined: Tue Mar 14, 2006 9:16 pm

Re: Atic Atac: dodgy version in STH archive?

Postby Kevin Edwards » Wed Oct 18, 2017 12:04 pm

I think the cascade effect will get you. The decoders were created in such a way that changing a single bit of the data block would propogate and make the resulting data a complete mess. The only exception would have been the EOR only method ( which is flawed ) and would, potentially, give you a key to use. However, as the decoder is using multiple operators using the data block as operands then it makes the situation much more complex - especialy becuase it iterates over the data many times, cascading the result down. I haven't got the code to hand, i'm just trying to remember how i worked this stuff out 30+ years ago - much of it was simply trial and error. Sometime it worked well and the repeat iteration was 2^8, other times it was just broke and would possibly never repeat!

mikeybabes
Posts: 9
Joined: Tue Jun 26, 2007 8:09 am
Location: Shenzhen, China

Re: Atic Atac: dodgy version in STH archive?

Postby mikeybabes » Wed Oct 18, 2017 12:39 pm

When I go home for Christmas I will at least take a look in my cupboard for any sign of disks from yonder years!
I really don't know what there is, but I do know I have several stacks of 5.1/4 floppies, and a lot of Arch disks.
I did transfer a lot of my old BBC stuff to ARC just to backup, go figure!

But and this is a big but, if the contents are still readable that I can not be sure about.
I use to keep my notepads of my programming stuff, but I'm not sure what if anything is left.

I remember the first tricky game to put to disk was, Sabre Wulf, then there was Knightlore and Alien8.
Each one was a bitch more harder, and I think you learn a lot in life when you face what does look like mission impossible!
I don't remember about Jet Pack really seems a hap in my memory.

It's funny Kevin mention about Clubs, and myself was a secretary of one such local club, once a member joined who had emigrated from Australia to UK, and had some titles with my name on them! Indeed before world of modems even was around the Club network for computers reached far and wide.

ghbearman
Posts: 245
Joined: Sun Apr 16, 2006 4:51 pm
Location: England

Re: Atic Atac: dodgy version in STH archive?

Postby ghbearman » Tue Nov 14, 2017 12:24 pm

Hi Kevin

It's sortof true, the Nightshade first decryptor does not have the cascade (either ADC &E01,X or EOR &E01,X where page &E is the loader) so because the game loads off tape without encryption it does allow for a possible hack here, by editing the mode change LOADING thing and saving that back to tape so it drops back to BASIC. It's the two decryptors at the end which will perhaps cause me trouble.
from Guy

edit: I've just had an idea about hacking Nightshade in software....I'll have to write up some tests, and report back :)


Return to “software: classic games”

Who is online

Users browsing this forum: No registered users and 3 guests