- Thread starter Darksoft
- Start date
@the afaik there are 4 different ones. One is for the windows blue Lindbergh. One for each of the kernels and another for the net games, but I'm telling this from the top.of.my head.
And yes...the c.f. afaik they are never updated. But they have the kernel and libs so they are the key to everything.
And yes...the c.f. afaik they are never updated. But they have the kernel and libs so they are the key to everything.
@Niko looking at what was posted on that "emulator" github you might want to check out the segaapi folder as that looks to be a recreation of that library that is in /usr/lib
I thought about it a little more and I think I figured out why the software versioning differed so much - likely the CF card is used as an "oh shit" bare bones system to get in and test things to make sure the system is safe. The dvds likely install a full linux image plus the game onto the hard drive and the CF grub menu would probably default to the hard drive which would allow games to have their respective build of Linux to function.
I thought about it a little more and I think I figured out why the software versioning differed so much - likely the CF card is used as an "oh shit" bare bones system to get in and test things to make sure the system is safe. The dvds likely install a full linux image plus the game onto the hard drive and the CF grub menu would probably default to the hard drive which would allow games to have their respective build of Linux to function.
it's my understanding that the CF is the o.s. and the HD is the game and associated data,
also, the DVD is encrypted and the HD may be partially too.
the encryption is similar to the Naiomi dimm system with the pic providing the key,
but i think one partition on the HD is encrypted even after install,
so it decrypts data as it needs it.
otherwise you could just bypass the pic using a pre-installed image.
also, the DVD is encrypted and the HD may be partially too.
the encryption is similar to the Naiomi dimm system with the pic providing the key,
but i think one partition on the HD is encrypted even after install,
so it decrypts data as it needs it.
otherwise you could just bypass the pic using a pre-installed image.
So hacking this after shellshocking your way into the OS by dhcp exploit(which gives you root shell) is basically watching /tmp with another nice looping shell script and copying out the decrypted file(s) as soon as it's placed there then?
From a Linux perspective that layout doesn't make sense unless the system chroots into the hard drive. The os at least inside mame isn't compatible with the decrypted dumps I looked at. Unless the CF is updated on a game install there is also a os inside the dvd as well.
Last night I took a look at hotd4 in MAME
I used chdman to extract the raw image and then my own program to convert it into an ISO (attached)
These are the contents (all files encrypted):
frontend.set
hod4data.img
hod4drv.img
hod4prog.img
su1.dat
su2.dat
However as you can see there are 3 drive images which might be an indication that there are more programs there.
View attachment lbisofix.zip
I used chdman to extract the raw image and then my own program to convert it into an ISO (attached)
These are the contents (all files encrypted):
frontend.set
hod4data.img
hod4drv.img
hod4prog.img
su1.dat
su2.dat
However as you can see there are 3 drive images which might be an indication that there are more programs there.
View attachment lbisofix.zip
OK. Let's make a stop here. One thing is trying to take this to another platform and another is posting (C) material. We are walking a thin line here and I don't want any trouble. So no posting of images, people who can do this job, they definitely have or can have access to the needed material.
Sorry for the disclaimer....but must be so.
Sorry for the disclaimer....but must be so.
o.k. lets change the angle of attack.
we know the motherboard - i even have one.
do we have a schematic of the small pcb with the pic and dipswitches so we can work out how that maps to the system??
then we can move to the custom card with the pld on it that handles JVS & stuff.
we know the motherboard - i even have one.
do we have a schematic of the small pcb with the pic and dipswitches so we can work out how that maps to the system??
then we can move to the custom card with the pld on it that handles JVS & stuff.
To be quite honest defeating the security there isn’t necessary at this point. If it were it wouldn’t have been so simple for me to find decrypted dumps of games. The real issue is getting them to be happy outside of the embedded Linux build.
Outside of the kernel module and the segaapi lib there isn’t much at all on the system unique. When those requirements are met it’s a matter of fixing the security checks done from the game.
Outside of the kernel module and the segaapi lib there isn’t much at all on the system unique. When those requirements are met it’s a matter of fixing the security checks done from the game.
not really, i wasnt concerned with the pic, i was thinking about the dipswitches.
you need them to set the video-mode and before anybody says anything, you do NOT want to have to fuck around with a pc monitor and a keyboard behind your cab to change those settings.
if you understand the hardware it's much simpler to see what the software is doing.
you need them to set the video-mode and before anybody says anything, you do NOT want to have to fuck around with a pc monitor and a keyboard behind your cab to change those settings.
if you understand the hardware it's much simpler to see what the software is doing.
i know, my point was, you want to be able to configure it externally and not have to edit files.
i'm hoping that the dips&pic pcb is just hooked to the signals normally used for a parallel port.
that way a small dongle could be build with a 25way-D and a bank of dipswitches.
what i dont want to see is the software so badly hacked that it looks like something from Emuline or 1cc with a bastardized game running through an xbox360 cobtroller with badly hacked video drivers!!!!
i'm hoping that the dips&pic pcb is just hooked to the signals normally used for a parallel port.
that way a small dongle could be build with a 25way-D and a bank of dipswitches.
what i dont want to see is the software so badly hacked that it looks like something from Emuline or 1cc with a bastardized game running through an xbox360 cobtroller with badly hacked video drivers!!!!
