|Fully functional unprotect for Battlehawks: 1942, BH.EXE version dated 10-6-88.|
|File Name||File Size||Zip Size||Zip Type|
Download File BHUNPROT.ZIP Here
Contents of the BHUNPROT.DOC file
UNPROTECT FOR BATTLEHAWKS: 1942 USING DEBUG
BH.EXE VER 10-6-88
Okay, here goes....
Battlehawks: 1942 has your basic manual-style protection: you
are asked to type in a password from the manual, depending on what
silouette of what plane you are presented with on the screen. This
one was fairly easy to crack... I used Symdeb 4.0, running the
application on one machine, and directing the code to another.
This seems to be a very effective way of "debugging" most pieces
To "tune" Battlehawks to no longer need the password (meaning,
just press return, or enter anything), do the following:
1) Copy your current BH.EXE file to BH.OK, in case you have
some version that this fix won't work on. I had downloaded one
other "fix" that in fact did not work on my version (I don't know
why). If this fails miserably (and when they fail, they do fail
miserably), merely copy BH.OK back to BH.EXE and whimper back to
the drawing board.
2) Then, copy BH.EXE to BH.XXX, so that when you load this
up under Debug, it a) does not get relocated as an .EXE file, and
b) so that you can write back out to the file after making said
3) Do the following:
at the " - " prompt, type
You should see two jumps in a row for the first two
instructions: a conditional jump, JB somewhere, and an
unconditional jump, JMP somewhere. The JMP somewhere will take you
to the working game, while the JB will blow you up if you enter the
incorrect password. So, by NOPing the JB, the routine will
automatically fall through to the JMP somewhere on the first pass,
and you will go to the functioning game. Not so bad.
Next, type the following:
You will then have a prompt with the address at which you are
about to assemble several instructions. You need to enter NOP's
to overwrite the JB command, which is two bytes long. NOP's are
one byte long, so you need to enter two, like so:
and then press return (again), which returns you to the
" - " prompt.
Debug says "writing (some number of) bytes"
and, voila! You have overwritten the JB instruction.
Last, copy BH.XXX back to BH.EXE, and run BH. When prompted
for said password, just press return, and you should be on your
December 9, 2017 Add comments