Download The Game

Discuss PoP1 for DOS here.
_Zaphod_
Beylerbey
Beylerbey
Posts: 60
Joined: January 13th, 2006, 12:01 am
Location: USA

Re: The Official V1.4 Download

Post by _Zaphod_ »

That "official download" is missing the SNDDRVRS folder. without that, so digi sound or adlib music.

Please update it.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: The Official V1.4 Download

Post by Norbert »

I will look into this, but I'll need help from an assembly veteran.
Adding a SNDDRVRS/ directory will only be a first step, unfortunately.

Below are my first steps towards assembling a good 1.4 package.
In the past I've looked into what PRINCE.EXE file to use for 1.0, and the same should probably happen for 1.3 and 1.4.
Where popot.org currently lists just one ZIP file for the full PoP1 game, it should also provide packages for 1.3 and 1.4.

Level editors, in particular apoplexy (given its features), require EXE files that have all resources enabled (to allow, for example, placing chompers in level 1), that are unpacked (to easily allow changing enemy resources), and it's probably easiest if the potions level is being skipped when: a) going from level 1 to level 2, and b) starting immediately in level 2 using the cheat code.

1.4

The non-cracked, packed EXEs of TUC (The Ultimate Collection, link) and CusPop (link) are the same.

The C1 cracked EXE of TUC skips the potions level in both ways (a) and b)) by changing:
- at 4991, changes 39 46 06 to 09 ED 90
- at 4AAA, changes 39 46 06 to 09 ED 90

The cracked EXE of CusPop also skips in both ways by changing:
- at 17C3D, changes 02 00 to FF FF

David, can you shed light on what the difference is, and which is preferred?

1.3

The non-cracked, packed EXEs of TUC and CusPop are not the same.
The reason is that CusPop's default EXE already cracks a) (not yet b)).
CusPop's version differs as follows:
- at 22A6, CusPop has EB EB EB EB EB and TUC has 7E 06 A1 B2 44
- at 4FF1, CusPop has 90 C7 06 9E 00 FF FF EB and TUC has 75 0E 83 3E 2A 01 00 75

TUC's C1 crack is actually CusPop's default EXE.

When adding CusPop's crack (at "Set up copy protection"), the following also changes:
- at 1B89B, 02 00 to FF FF
After this change, both a) and b) are cracked.

1.0

For 1.0 things are (even) more complicated.
For starters, the default, packed versions of CusPop and TUC differ in various ways:

Code: Select all

[V]
- at 46B8, CusPop has 03 and TUC has 01

[W]
- at 4B60, CusPop has 8C 1E 0A 00 FF 1E 08 00 90 and TUC has 89 46 06 A1 9E 00 39 46 06

[X]
- at 1AA55, CusPop has
0D 00 48 49 00 83 F8 01 75 05 C6 06 0C 00 00 83 F8 02 75 0F 80 3E 0C 00 01 74 08 B8 10 00 C6 06 0C 00 01 89 46 06 A1 9E 00 39 46 06 CB 52 42 4D 2F 54 48 47 20 20 20 20
(..HI....u.........u..>...t..........F....9F..RBM/THG    )
and TUC has
4D 53 20 52 75 6E 2D 54 69 6D 65 20 4C 69 62 72 61 72 79 20 2D 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 39 38 38 2C 20 4D 69 63 72 6F 73 6F 66 74 20 43 6F 72 70
(MS Run-Time Library - Copyright (c) 1988, Microsoft Corp)

[Y]
- at 1D3BF, CusPop has
48 6F 70 65 20 79 6F 75 20 65 6E 6A 6F 79 65
(Hope you enjoye)
and TUC has
72 75 6E 2D 74 69 6D 65 20 65 72 72 6F 72 20
(run-time error )

[Z]
- at 1D3F8, CusPop has
64 20 69 74 20 2D 20 52 2E 20 42 75 62 62 61 20 4D 61 67 69 6C 6C 69 63 75 74 74 79 2F 54 48 47
(d it - R. Bubba Magillicutty/THG)
and TUC has
52 36 30 30 31 0D 0A 2D 20 6E 75 6C 6C 20 70 6F 69 6E 74 65 72 20 61 73 73 69 67 6E 6D 65 6E 74
(R6001..- null pointer assignment)
David, [Y] and [Z] appear to be just textual changes, but what is happening at [V], [W] and [X]; any ideas?

Some of those differences are because the CusPop version already cracks a) (not yet b)), while the TUC version cracks neither.

When adding CusPop's crack (at "Set up copy protection"), the following also changes:
- at 1AAEB, changes 02 00 to FF FF
Note that, after this, a) crashes the game with an "integer divide by 0" error, and b) cracks properly.

The C1 crack of TUC cracks both a) and b), and changes:
- [Q] at 4A5F, 75 to EB
- [R] at 4B72, C7 46 06 0F 00 to 90 90 90 90 90
Plus, depending on which non-cracked EXE one compares with:
- the 4B60 thing above
- the 1AA55 thing above
- the 1D3BF and 1D3F8 things above, but the text mentions Jalal's website instead
- the 46B8 thing above

David, you probably know what exactly [Q] and [R] do?

The C2 crack of TUC cracks both a) and b), and changes:
- the same as C1, except for the 4B72 change, and the 1D3BF and 1D3F8 texts mentions THG
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: The Official V1.4 Download

Post by Norbert »

Oh, I just (re)read David's post in the other thread I linked to.
Apparently there's a c) when loading a saved game.
You can sort of tell by my "Interesting stuff." reply in that thread that I don't understand all of it enough to say anything insightful.
I know just enough about it to say with certainty that not all of CusPop's default EXEs are uncracked, and that its crack doesn't always (fully) work.

So we'll need for 1.0, 1.3 and 1.4 EXEs that:
- are unpacked,
- crack when going from level 1 to level 2,
- crack when immediately loading level 2,
- crack when loading (what? how? where?),
- enable all resources in all levels,
- and, finally, preferably do not advertise certain websites in customized texts.

What I do know is that the 1.0 EXE that is on popot.org and that is shipped with apoplexy does most of the above things right, possibly all.
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: The Official V1.4 Download

Post by David »

Scroll to the bottom for my advice.

First look at the differences in the EXEs:

1.4
- at 4991, changes 39 46 06 to 09 ED 90

Code: Select all

(in play_level())
seg003:006E A1 F8 00                             mov     ax, copyprot_level
seg003:0071 39 46 06                             cmp     [bp+level], ax ; <- this
seg003:0074 75 0C                                jnz     loc_47A2
changed to: or bp,bp + nop
Since bp is not zero, jnz will jump, as if level was not equal to copyprot_level.
(copyprot_level tells which level should be preceded by the potions level.)
This happens when you start a new game or load a saved game.
- at 4AAA, changes 39 46 06 to 09 ED 90

Code: Select all

(in play_level())
seg003:0187 A1 F8 00                             mov     ax, copyprot_level
seg003:018A 39 46 06                             cmp     [bp+level], ax ; <- this
seg003:018D 75 0E                                jnz     loc_48BD
changed to: or bp,bp + nop
Same as above.
This happens when you go to the next level.
The cracked EXE of CusPop also skips in both ways by changing:
- at 17C3D, changes 02 00 to FF FF
This changes the value of copyprot_level to -1, as if the potions level was already completed.

1.3
- at 22A6, CusPop has EB EB EB EB EB and TUC has 7E 06 A1 B2 44

Code: Select all

(in load_game())
seg000:20A1 83 3E 2E 01 00                       cmp     copyprot_level, 0
seg000:20A6 7E 06                                jle     loc_20AE ; <- this
seg000:20A8 A1 B2 44                             mov     ax, start_level ; <- and this
seg000:20AB A3 2E 01                             mov     copyprot_level, ax
seg000:20AE                      loc_20AE:
I'm not sure what was meant here.
"EB EB" jumps to address 0x20A8+(0xEB-0x100)=0x2093, but that is the middle of an instruction!
Maybe 90 (NOP) was meant instead?
- at 4FF1, CusPop has 90 C7 06 9E 00 FF FF EB and TUC has 75 0E 83 3E 2A 01 00 75

Code: Select all

(in play_level())
seg000:4DEB A1 2E 01                             mov     ax, copyprot_level
seg000:4DEE 39 46 06                             cmp     [bp+level], ax
seg000:4DF1 75 0E                                jnz     loc_4E01 ; <- this
seg000:4DF3 83 3E 2A 01 00                       cmp     demo_mode, 0 ; <- and this
seg000:4DF8 75 07                                jnz     loc_4E01 ; <- and this
seg000:4DFA C7 46 06 0F 00                       mov     [bp+level], 15
changed to:

Code: Select all

90            NOP
C7069E00FFFF  MOV     WORD PTR [009E],FFFF
EB75          JMP     ...
Here, data:009E is the address of the "copyprot_level" variable *in 1.0(!)* but not in 1.3, so this hack does not work properly!
(In 1.3, data:009E is the middle of the "Error reading 'CONFIG.DAT'." error message.)
When adding CusPop's crack (at "Set up copy protection"), the following also changes:
- at 1B89B, 02 00 to FF FF
This changes the value of copyprot_level to -1, as if the potions level was already completed.

1.0
[V]
- at 46B8, CusPop has 03 and TUC has 01

Code: Select all

(in check_skel())
seg002:0E34 83 3E 9E 40 01                       cmp     drawn_room, 1
seg002:0E39 74 03                                jz      loc_44BE
This is a bug in CusPop that I already said a few times:
The skeleton room should default to 1, but CusPop has 3 as default.
(Yes, it's my mistake.)
[W]
- at 4B60, CusPop has 8C 1E 0A 00 FF 1E 08 00 90 and TUC has 89 46 06 A1 9E 00 39 46 06

Code: Select all

(in play_level() of the cracked version)
seg003:0170 8C 1E 0A 00                          mov     word ptr hack_addr+2, ds
seg003:0174 FF 1E 08 00                          call    hack_addr
seg003:0178 90                                   nop
This is a call to some code added by RBM/THG, see below.
[X]
- at 1AA55, CusPop has
0D 00 48 49 00 83 F8 01 75 05 C6 06 0C 00 00 83 F8 02 75 0F 80 3E 0C 00 01 74 08 B8 10 00 C6 06 0C 00 01 89 46 06 A1 9E 00 39 46 06 CB 52 42 4D 2F 54 48 47 20 20 20 20
(..HI....u.........u..>...t..........F....9F..RBM/THG )
and TUC has
4D 53 20 52 75 6E 2D 54 69 6D 65 20 4C 69 62 72 61 72 79 20 2D 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 39 38 38 2C 20 4D 69 63 72 6F 73 6F 66 74 20 43 6F 72 70
(MS Run-Time Library - Copyright (c) 1988, Microsoft Corp)
RBM/THG made a crack that requires adding some code, and they added it in place of the Microsoft copyright text.
(RBM = R. Bubba Magillicutty, THG = The Humble Guys)

This change also causes a null pointer assignment run-time error when you quit the game,
because this C library checks for null pointer assignment by checking if the null area was changed:
All the bytes from ds:0000 to ds:0041 are xor-ed together, and the result is checked against a fixed value. See check_ms_string in the disassembly.
This check called from exit().
Not the best way to catch NULL pointers, but real mode on a 8086 does not have SIGSEGV / General Protection Fault.
(I already wrote about this here: viewtopic.php?p=13476#p13476 )
When adding CusPop's crack (at "Set up copy protection"), the following also changes:
- at 1AAEB, changes 02 00 to FF FF
This changes the value of copyprot_level to -1, as if the potions level was already completed.
Note that, after this, a) crashes the game with an "integer divide by 0" error, and b) cracks properly.
CusPop's crack is not compatible with the RBM/THG crack.
The RBM/THG crack checks if the game would load level 2 for the first time, and if this is the case, it tells play_level() to load level 16 instead.
play_level() checks if it should load level 16, and in that case, it loads "copyprot_level" instead (the level that should be preceded by level 15) plus it sets copyprot_level to -1 (disabling level 15).
Now, if CusPoP sets copyprot_level to -1, then this will cause a crash, because the game wants to call tbl_cutscenes[-1].
- [Q] at 4A5F, 75 to EB

Code: Select all

seg003:006A 83 3E 9A 00 00                       cmp     demo_mode, 0
seg003:006F 75 05                                jnz     short loc_4866 ; <- this
seg003:0071 C7 46 06 0F 00                       mov     [bp+level], 15
seg003:0076                      loc_4866:
jnz is changed to jmp, to skip going to level 15.
- [R] at 4B72, C7 46 06 0F 00 to 90 90 90 90 90

Code: Select all

(in play_level())
C7 46 06 0F 00                       mov     [bp+level], 15
Replaced with NOPs.
Disables going to the level 15.

------
I think the best way is to start from the original, non-cracked EXEs, and apply CusPop's crack only.
CusPop's crack changes the value of copyprot_level to -1, as if the potions level was already completed.
- are unpacked,
You can use UPACKEXE for that.
- crack when going from level 1 to level 2,
- crack when immediately loading level 2,
- crack when loading (what? how? where?),
CusPop's crack does that.
- enable all resources in all levels,
CusPop can do that.
- and, finally, preferably do not advertise certain websites in customized texts.
Just start from the original uncracked version.

I'd add yet another thing to your list:
The crack should not have bugs like those mentioned here: viewtopic.php?p=13476#p13476

I just added CusPop's crack manually to the original EXEs of TUC, and tried the things above.
It seems that this fullfills the crack-related criteria above, but maybe you should also try it.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: The Official V1.4 Download

Post by Norbert »

David wrote:Scroll to the bottom for my advice.
Thanks.
I'll put together (and will make available) the 1.3 and 1.4 packages soon.
David wrote:
[V]
- at 46B8, CusPop has 03 and TUC has 01

Code: Select all

(in check_skel())
seg002:0E34 83 3E 9E 40 01                       cmp     drawn_room, 1
seg002:0E39 74 03                                jz      loc_44BE
This is a bug in CusPop that I already said a few times:
The skeleton room should default to 1, but CusPop has 3 as default.
(Yes, it's my mistake.)
Fixed.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: The Official V1.4 Download

Post by Norbert »

Seeing how CusPop's princehack.xml changed a lot since CusPop's last release (version 2.1 on 7 July 2013) and we will start using other default EXE binaries (attached) and thus four - 1.4 stays the same - dm5="" values in princehack.xml will need to changed...

Code: Select all

p0: d2de08319428a7a55c45aa07e6958ef3
p3: 7fb2c81764429aeffb95a1f2b9cc82cc
u0: efc8c712e6258313d1aec7c7a20ff111
u3: bc794c5e90ef7a4a6bf52a1019fd8b58
...I will first put a CusPop 2.2 package together. Version 2.1 already mentioned David in the doc/AUTHORS.txt file, so all I need to do is update the version number+release year, EXE binaries, and md5 values.
Attachments
CusPop_exes.zip
new EXE binaries
(412.32 KiB) Downloaded 128 times
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: The Official V1.4 Download

Post by Norbert »

_Zaphod_ wrote:Please update it.
Done.
The first post has been updated.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Download The Game

Post by Norbert »

So... apparently there is an uncracked, English-language PoP 1.1 after all.
Attached to this post. Yury recently mentioned it.
All in favor of pretending it doesn't exist, so we don't feel like updating CusPop and such? :lol:
Attachments
PoP11English.zip
PoP 1.1 non-DE
(347.88 KiB) Downloaded 123 times
Andrew
Wise Scribe
Wise Scribe
Posts: 313
Joined: July 16th, 2009, 4:39 pm

Re: Download The Game

Post by Andrew »

Yes, I think DoutorHouse pretty much confirmed it. Did you forget about those threads till Yury reminded you? ;)

I just mentioned it in relation to SDLPoP here. Only the EXE's changed from 1.0 though; rest every single file remains the same. Also no idea still why this version had what I assume was a very limited release, which is why it was unknown to almost everyone till not too long back. It also had a cut-down 6 page manual, which is why the codes only refer to those number of pages. Very strange, and also makes me now think 1.2 might also have been released, somewhere. Waiting for it to turn up one day... :roll:
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Download The Game

Post by Norbert »

Andrew wrote:I just mentioned it in relation to SDLPoP here.
I thought your 'Prince11.exe" was referring to the German version. Until recently I thought the only 1.1 versions were a) the German version, and b) a cracked variant of the German version where they changed the German text to English in addition to bypassing the potions level.
Andrew
Wise Scribe
Wise Scribe
Posts: 313
Joined: July 16th, 2009, 4:39 pm

Re: Download The Game

Post by Andrew »

Norbert wrote:I thought your 'Prince11.exe" was referring to the German version.
No, my German's very rusty, plus why would I bother with it when the English version's available? Making the same EXE behave as 3 English versions as well as 1 German version makes no sense anyhow and would be a sheer waste of effort.
Norbert wrote:Until recently I thought the only 1.1 versions were a) the German version, and b) a cracked variant of the German version where they changed the German text to English in addition to bypassing the potions level.
That's why I said that you seem to have forgotten what DoutorHouse wrote here, especially since you participated in that thread and replied to him. :)

Anyway, how hard would it be to add support for 1.1 in CusPoP? The offsets for each edit in 1.1's EXE should be relatively easy to figure out by comparing to those for 1.0. Will require time for each to be tested though so ultimately one has to do a cost-benefit analysis regarding whether to update the XML or not. Say, are there any stats on how much CusPoP is even used, and which versions are downloaded the most? Which EXE version are most hex edited mods based on?
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Download The Game

Post by Norbert »

Andrew wrote:That's why I said that you seem to have forgotten what DoutorHouse wrote here, especially since you participated in that thread and replied to him. :)
My participation and contributions there didn't concern his 1.1 RAR.
I thought his 1.1 too was merely the German version.
Andrew wrote:Anyway, how hard would it be to add support for 1.1 in CusPoP?
As you write it's relatively easy, but it's still work.
You could start by looking up offsets. :)
Andrew wrote:Say, are there any stats on how much CusPoP is even used, [...]
The web-based versions are on princed.org here and popot.org here. Regarding general access statistics:
- I could e-mail poirot (Enrique) to ask if he has access to statistics for princed.org, but most CusPop links (here and elsewhere) point to popot.org.
- On popot.org, /cuspop/gethack.php - used to actually retrieve the executable - got 13 views in November 2015; 0 in month 10, 4 in month 9, 6 in month 8, 3 in month 7.
Regarding downloaded versions, I don't think there's currently a way to tell.
Note that, since August 2014, apoplexy can also modify PoP1's PRINCE.EXE file. (Press F2 on the main screen or click the small EXE icon.)
Its EXE screen includes some of the things most likely to be modified, like the starting minutes and hit points. This may influence other statistics.
Andrew wrote:Which EXE version are most hex edited mods based on?
Version 1.0 is by far the most used and most hex edited version.
Theoretically I could modify popot.org to also provide information about EXE versions.
This might be interesting for players who are specifically looking to play the 1.3 or 1.4 versions.
Andrew
Wise Scribe
Wise Scribe
Posts: 313
Joined: July 16th, 2009, 4:39 pm

Re: Download The Game

Post by Andrew »

Norbert wrote:Version 1.0 is by far the most used and most hex edited version.
Thought so (though I wonder why people prefer it to 1.3?). Not sure 1.1 added to CusPoP would find too many takers.
Norbert wrote:Theoretically I could modify popot.org to also provide information about EXE versions.
This might be interesting for players who are specifically looking to play the 1.3 or 1.4 versions.
Sounds good, although there are definitely lots more players of 1.3 and 1.4 than there are modders using those versions.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Download The Game

Post by Norbert »

Norbert wrote:As you write it's relatively easy, but it's still work.
You could start by looking up offsets. :)
I took the time to find some offsets that I need to provide a proper(*) 1.1 package on popot.org and princed.org.
Where it says "unpacked" below, it means using UPACKEXE.EXE, that can be found in the ZIP package available here.
(*) Proper: unpacked, cracked, and all resources enabled.

=====
Crack (2 bytes):
- packed: offset 0x1ae48
- unpacked: offset 0x1b976
* 02 00 -> ff ff (That's the proper crack that CusPop also uses.)
=====
Resources (8x16 bytes):
- packed: (impossible, only partial)
- unpacked: offset 0x1b9ce
* All to 0x01. (Make all resources available. This makes, for example, chompers work in all levels.)
=====

I'll add the package to the websites tomorrow.
After that I will update the first post of this thread.
[Edit: Both done.]
Andrew wrote:
Norbert wrote:Version 1.0 is by far the most used and most hex edited version.
Thought so (though I wonder why people prefer it to 1.3?).
I think most people are unaware of the differences. (There aren't that many.) This probably means that people will use whatever is available as the default. The default for CusPop is 1.0 (unpacked). That's the same version apoplexy ships with. Also, versions 1.3 and 1.4 were added to popot.org 3.5 years after 1.0 was added. Also, maybe people who make a conscious choice prefer to pick the original/first version to really go old-school. Furthermore, since the beginning Total Pack came with lots of 1.0 executables and people used to just copy-paste a directory from there and then start editing. Finally, 1.0 is usually listed at the top, for example on popuw.com. I can imagine that some people just download the first ZIP they see.
Post Reply