Breaking News 
 News Archives
Submit News
News Only
Mobile News
 NewsBoy
ROM Files
Arcade Emus
M.A.M.E.
Console Emus
GameBoy Adv
PlayStation 2
PlayStation
Nintendo 64
Dreamcast
Pinball Emus
Front-Ends
Cabinet Pics
Forums
Site Map
Site Links
Contact Us
343,179,483 Served
85 Users Online
|
|
 | | | |
News Archives
|   E-Mail | |
News from June 2007 | |
|
Monday, June 11th, 2007
|
cycles of 'x' and squares of 'y' : CPS3 encryption cracked!
from David Haywood's postings
once you applied the same mask to obtain the previous values, you found that the bits showed smaller cycles now, although no longer always with the characteristic of which second half of the cycle was just as first but invested. In addition, although the size of the cycles seemed ordered according to the order of the bits, the 4 first had the same length that last 4 and three of the bits (the number # 1, #4 # 5) showed a property (initially) amazing: in them was clear the effect of an operation XOR with certain bit of the direction (not the same one in the three cases).
Dox decided to hack around a bit with the driver, and found a way to skip some of the tests. As a result JoJo and JoJoba actually now execute some of the game code, rather than just the bios. They both hang after the Japan warning however. The code appears to be stuck in a big loop, dong not much at all.
Doing this properly is something of a pain in the backside due to the way MAME works. The games execute code from FlashROMs, however due to the way FlashROMs are accessed MAME must map them as Read/Write handlers in the driver, not blocks of RAM/ROM. MAME’s CPU cores don’t handle executing code from Read/Write handlers well, nevermind *encrypted* code (with the possibility of *decrypted* data) from such handlers. This is probably going to require some rather ugly hacking around.
etc etc etc, go find out more at the link and post your opinions in the forums, this is a great day for emulation!
| |
|
|
|
