Announcement

Collapse
No announcement yet.

How to hex edit dll files or exe to bypass DVD check (no DVD patching)

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to hex edit dll files or exe to bypass DVD check (no DVD patching)

    I don't know if this should go here or the Hentai Games category, seeing that I've only done this minimum number of times on only Hentai Games, but I'll leave it here. Mods please feel free to move this if needed, thanks.

    I only write this as I see there are people confused on how to do hex editing to obtain a noDVD exe or patch a reg.dll file, when we already have enough information (usually obtainable through googling with japanese keyword for eroge, or from HF in the game's thread). I am by no mean an expert in hex.

    now, first of all, we'll need a hex editor software. I use a freeware called Cygnus Hex Editor
    http://www.softcircuits.com/cygnus/

    next we gotta find the address of hex we're editing. for japanese games (hentai games) you can search with google with the japanese title in japanese letters as the keyword. I'll just use one I just found today, Tenkuu no Yumina FD. I have not updated to 1.0.2.0 so I'll just use the 1.0.0.0 version as the example
    Code:
    ver. 1.0.0.0
    3BA78:75→74
    
    ver. 1.0.1.1
    3BDA8:75→74
    
    ver. 1.0.2.0
    3C148 : 75→74
    Now, I need to open the exe with hex editor, so launch the hex editor, click and drag the exe (or reg.dll if that's what you need to edit) to the hex editor. of course you can also click open on hex editor and browse to the desired exe.
    Spoiler

    spoilered to make the post looks neat


    now, what the heck are the gibberish we're seeing? doesn't matter. we just need to hop to the correct address and change the information there.

    click edit->go to. make sure you selected Hexadecimal as the base, input the address. click OK and there we are, we're in the address we're looking for.



    now see the blinking keyboard cursor in your hex editor window. it should be blinking in front of the characters 75, which is exactly the thing we gotta replace with our new information. type the new hexadecimal in, 74 and watch it change, then save it.

    That's it, very simple

    ah by the way, this is how we read the addresses:

    so yes, when you see 0003BA70 in the leftmost field, it means only the 2 characters entry in its rightside is on that address. after the white space, it's already the next address, 0003BA71, and so on until the last of the line, 0003BA7F

    as of why it's 0 1 2 3 4 5 6 7 8 9 A B C D E F, please consult with your Math teachers in school about hexadecimal


    * so yes, it's basically manually doing what GameSharks or Action Replay do when you cheat in your Playstation games.

    * just like Gamesharks codes, I don't know how to create those codes. I find them from around the net

    * only do this when there's no NoDVD patcher or patched NoDVD around and you can find information to edit your new exe. I've only done this patching to new games where there are no patched reg.dll or exe file yet but someone posted information on the hexedit, or when the game is not really new but recently an update patched is released and we need a new noDVD but the game thread in HF is not updated yet. a new game usually will have someone making and posting the NoDVD patcher/patched NoDVD exe or dll, so we don't really need to do this.

    * I think fredricklim has released the noDVD patcher for yumina FD 1.0.0.0 which basically did the same thing automatically. Sadly I don't know what software he used to create the patcher, nor do I care as he can still make his patcher for most games and I can hexedit manually when there no other chioce so please, fred and other nodvd patchers, continue your good work for us lost lambs so we need not indulge ourselves in seas of hexadecimals

    HF-Typemoon #38 || HF-Hentai #412

  • #2
    Thanks a lot for your detailed tutorial. ^_^

    Gives me at least one option if there is no crack available.

    Comment


    • #3
      Very well detailed and written in noob-friendly English, GJ. ^_^ Just still advise people to back up the original in case something screws up (and in case we need to update, that's when we need original exe/dll back).

      Comment


      • #4
        Use the Force Luke!

        Comment


        • #5
          Also handy for editing the taskbar display name to something else like... Notepad if you want to hide it (still gonna have to turn down the volume >_> ).
          redshirts - taking the bullet so you don't have to

          Comment


          • #6
            Very nifty, but I may have an alternative, if you don't mind me posting it
            (I found this to work with a lot of games via ISOs, without the use of
            downloading patches and such).

            Spoiler


            In regedit, find the key: HKEY_LOCAL_MACHINE\SOFTWARE\(Company & Name of Game)

            Again, for those of you new to regedit, simply browse through the following folders (in this order) until the pane on your right displays several items, of which one will be "DataDrive".
            HKEY_LOCAL_MACHINE
            SOFTWARE
            (Company & Name of Game)

            Right click on the string value labelled "DataDrive" (it will have an icon with the letters ab on it to the left of it) in the right pane of the regedit browser.

            Click "Modify"

            In the field marked "Value Data" which is the only field you can change, it will probably display something like "c:"

            This is where knowing your installation cd drive letter comes into play

            Change the "c:" to whatever drive you installed (your game) with (for example "s:\")

            Click OK

            Close regedit.


            As long as you have the game "mounted", or just even sitting somewhere
            on your desktop, or external harddrive, make sure you have the drive or
            directory pointing to the location of the ISO.

            However, this doesn't modify the game in any way, so gameshark cheats
            and such will have to be from OP =P
            Last edited by darkandshadow; 03-12-2010, 03:45 PM.

            Comment


            • #7
              WOW thx a lot! Always wondered how to do this! Now it's time to crack some games

              Sig and avatar thanks to Devilsmaster!

              Comment


              • #8
                I am unsure how you have used google to procure the hex address and modified values, what search terms do you use?
                Anger Is A Gif

                Comment


                • #9
                  Originally posted by darkandshadow View Post
                  Very nifty, but I may have an alternative, if you don't mind me posting it
                  (I found this to work with a lot of games via ISOs, without the use of
                  downloading patches and such).

                  Spoiler


                  In regedit, find the key: HKEY_LOCAL_MACHINE\SOFTWARE\(Company & Name of Game)

                  Again, for those of you new to regedit, simply browse through the following folders (in this order) until the pane on your right displays several items, of which one will be "DataDrive".
                  HKEY_LOCAL_MACHINE
                  SOFTWARE
                  (Company & Name of Game)

                  Right click on the string value labelled "DataDrive" (it will have an icon with the letters ab on it to the left of it) in the right pane of the regedit browser.

                  Click "Modify"

                  In the field marked "Value Data" which is the only field you can change, it will probably display something like "c:"

                  This is where knowing your installation cd drive letter comes into play

                  Change the "c:" to whatever drive you installed (your game) with (for example "s:\")

                  Click OK

                  Close regedit.


                  As long as you have the game "mounted", or just even sitting somewhere
                  on your desktop, or external harddrive, make sure you have the drive or
                  directory pointing to the location of the ISO.

                  However, this doesn't modify the game in any way, so gameshark cheats
                  and such will have to be from OP =P
                  well, I think this actually won't make any game that require the DVD to run to be run without the DVD. sure you can change which drive/where the game should check for the authentication (check for the DVD) but you still need the DVD/ISO files in your hard drive, which is not very harddisk friendly. (I usually delete the iso file after installation cuz it's damn huge compared to the compressed, zip/rar counterpart)

                  for G.J.'s games, though, the games can be 'installed' by injecting similar registry entries manually.



                  Originally posted by nsf001 View Post
                  I am unsure how you have used google to procure the hex address and modified values, what search terms do you use?
                  [gamename] nodvd should field out results pointing to japanese BBS and blogs, in which you might find the hex entries for the patching. Well, you will need to understand some japanese to find it, I guess... some chinese forums might also post it, but I don't read chinese so I can't say for sure. and of course, some good people in HF also post the hex for nodvd, sometimes.

                  honestly, though, why would you need to look for the hex if you can access the nodvd patcher/patched exe easily in this very same forum? This guide will help when nobody posts the NoDVD exe but only the hex, but that's about all it would do, sadly

                  HF-Typemoon #38 || HF-Hentai #412

                  Comment


                  • #10
                    Just chimed in to say this is an excellent alternate method especially for computers like mine that seem to hate AlphaROMs.

                    Big thanks to the OP for posting this.

                    Comment


                    • #11
                      Is there an easier way to find hex addresses? They don't always seem to be posted and they seem like the only way I can currently play DVD based games. For example, I've searched all over for Kuraibito's and all I keep getting is Ailsignup tool instead. -_-

                      Comment


                      • #12
                        Originally posted by DullahanEX View Post
                        Is there an easier way to find hex addresses? They don't always seem to be posted and they seem like the only way I can currently play DVD based games. For example, I've searched all over for Kuraibito's and all I keep getting is Ailsignup tool instead. -_-
                        Well, I imagine they're derived in the same way I used to make patches for old copy-protected games in the 1980s. Someone takes a debugger like the venerable SoftICE (is there any other tool available that has similar functionality? I imagine a good kernel-mode debugger these days might even take advantage of hardware-assisted virtualisation, running as a hypervisor) and traces through the execution of the program looking for where it makes its DVD checks or whatnot. The example patch above appears to reverse the sense of a conditional jump: it used to be opcode 75 (jump if not zero, JNZ) and turns it into opcode 74 (jump if zero, JZ). Essentially, if the DVD check failed, it would proceed as though the DVD check succeeded! Of course, figuring out where in the code one's changes need to occur is not that simple.

                        In principio erat Verbum, et Verbum erat Programma, et Programma erat Miku. Et Miku Caro Factum Est, et Habitavit in Nobis.

                        Comment


                        • #13
                          Sorry for the late reply, but thanks for the info. Sounds a lot complicated then I expected. "sigh" =/

                          Hopefully at one point someone will come out with an improved AlphaROM exe that doesn't make you jump through hoops to use it.

                          Comment

                          Working...
                          X