Jump to content

neopcm2


Recommended Posts

Ok, I uploaded the program. I get this output with my vs:

266-v1d.bin: 352b0a07

266-v2d.bin: 945f8831

266-v3d.bin: e8362fcc

266-v4d.bin: 393c9a62

266-v1.new: 86b6ef14

266-v2.new: d0f69eda

 

Which seem the same as yours. Are there newer ones than these then?

 

oops, forgot to add : http://up1.fastuploads.com/pim_venc.zip. If your crcs are different / you get the right encrypted ones, can you post your decrypted crcs..

Edited by aquasync
Link to comment
Share on other sites

  • Replies 44
  • Created
  • Last Reply

Top Posters In This Topic

Thanks aqua :D

 

My crcs are all the same as yours.

 

*edit*

Here's fataku's neo-pcm2 source:

 

// © PLAYMORE 2002 20-09-2004
static void neo_pcm2_playmore_2002(int value)
{
       //kof2002,matrimelee,mslug5 (pcb and mvs),samsho5,svcchaos (pcb and mvs),kof2003 (pcb and mvs),samsh5sp (mvs and aes)
       //offset,xor address
       unsigned int addrs[7][2]={
                {0x000000,0xA5000}, //kof2002
                {0xFFCE20,0x01000}, //matrimelee
                {0xFE2CF6,0x4E001}, //mslug5
                {0xFEB2C0,0x0A000}, //samsho5
                {0xFFAC28,0xC2000}, //svcchaos
                {0x000000,0x00000}, //kof2003
                {0xFFB440,0x02000}, //samsh5sp
                };
       unsigned int xordata[7][8]={
                {0xF9,0xE0,0x5D,0xF3,0xEA,0x92,0xBE,0xEF}, //kof2002
                {0xC4,0x83,0xA8,0x5F,0x21,0x27,0x64,0xAF}, //matrimelee
                {0xC3,0xFD,0x81,0xAC,0x6D,0xE7,0xBF,0x9E}, //mslug5
                {0xCB,0x29,0x7D,0x43,0xD2,0x3A,0xC2,0xB4}, //samsho5
                {0xC3,0xFD,0x81,0xAC,0x6D,0xE7,0xBF,0x9E}, //svcchaos
                {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, //kof2003
                {0x4B,0xA4,0x63,0x46,0xF0,0x91,0xEA,0x62}, //samsh5sp
                };

UINT8 *src = memory_region(REGION_SOUND1);
UINT8 *buf = malloc(0x1000000);
int i, j, d;

       memcpy(buf,src,0x1000000);
       for (i=0;i<0x1000000;i++){
           j=BITSWAP24(i,23,22,21,20,19,18,17,0,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,16);
           j=j^addrs[value][1];
           d=((i+addrs[value][0])&0xffffff);
           src[j]=buf[d]^xordata[value][j&0x7];
       }
       free(buf);
}

Edited by iq_132
Link to comment
Share on other sites

Well all the values look the same, and its the same algorithm (although using BITSWAP expects a whole lot of the compiler's optimizer if it is going to be as fast as just switching bits 16 and 1 directly).

Whats interesting is that kof2003 is included, but then the values look to be placeholders.

 

---------------

 

I was trying to figure out why I can't get the real mslug5 vs. Encrypting gives me this:

268-v1d.bin: c3540e0d

268-v2d.bin: 077bd2f4

268-v3d.bin: 39b14567

268-v4d.bin: 969ff3b2

268-v1.new: e66e4f61

268-v2.new: 94b46260

 

And I'm expecting these:

268-v1.bin 33c6305c

268-v2.bin 1afb848e

 

 

I think the problem is my vs are bad. Sticking them together, they are

268-v1d.bin 0ab43275 8388608

268-v2d.bin 358b1419 8388608

 

When they should be,

268-v1d.bin 14848c5c

268-v2d.bin 696cce3b

 

 

Does anyone have/can make a patch between between these v's?

Edited by aquasync
Link to comment
Share on other sites

Well all the values look the same, and its the same algorithm (although using BITSWAP expects a whole lot of the compiler's optimizer if it is going to be as fast as just switching bits 16 and 1 directly).

Whats interesting is that kof2003 is included, but then the values look to be placeholders.

 

---------------

 

I was trying to figure out why I can't get the real mslug5 vs. Encrypting gives me this:

268-v1d.bin: c3540e0d

268-v2d.bin: 077bd2f4

268-v3d.bin: 39b14567

268-v4d.bin: 969ff3b2

268-v1.new: e66e4f61

268-v2.new: 94b46260

 

And I'm expecting these:

268-v1.bin 33c6305c

268-v2.bin 1afb848e

 

 

I think the problem is my vs are bad. Sticking them together, they are

268-v1d.bin  0ab43275 8388608

268-v2d.bin  358b1419 8388608

 

When they should be,

268-v1d.bin 14848c5c

268-v2d.bin 696cce3b

 

 

Does anyone have/can make a patch between between these v's?

 

you have the original release decrypted V ROMs which were said to be bootlegs. heres are the patches you need (for 2x8 MB vxd ROMs)

268_vxd_patch.zip

Link to comment
Share on other sites

Aqua, I would still be appreciative if you could post one of those encryption programs for matrim, mslug5, and samsho5 smile.gif

Sorry I didn't see that, sure, I think the only one missing is mslug5 right? Which I've got here somewhere...

http://up1.fastuploads.com/ms5_venc.zip

 

Maybe it'll work for me now with these new patches (thanks xeon).

 

That site has some useful info, I finally made the 2 encrypted svcchaos gfx roms, and its possible to go between all the sets now (svcboot/svcplus <-> svcchaosa <-> svchaosnd <-> svchaos).

 

So, what we need now is for the m1 encryption to be figured out. Does anyone have any info on this, or have good pairs for a bunch of roms?

 

--

 

Actually scrap that program. I just realised the one i posted expects 4 vds, and that I'd left the address xor as 0x4e000 instead of 0x4e001, which I was testing. I'll post a proper one later.

 

I'm getting this at the moment:

268-v1d.bin: 14848c5c

268-v2d.bin: 696cce3b

268-v1.new: e4a934f9

268-v2.new: c40613ed

or changing the address xor to 4e000 (it just seemed strange to be the only one with any bits set <12)

268-v1.new: 529d9191

268-v2.new: e4485fd5

 

So it doesn't look good. Perhaps when someone gets a chance they can post a patch between the encrypted decrypted roms, and the normal ones.

Edited by aquasync
Link to comment
Share on other sites

Ok, update on the matrimelee vs:

The first two bytes of pim's encrypted v1 (86b6ef14), were c4c4, ie the first byte of the data xor, ie they probably came from encrypting 2 0s.

This was the case with the svcchaos vs, where the first 2 (erroneous) bytes were c3c3. I first tried switching the 2 bytes of pim with ec29 (as per svcchaos), then with (perhaps more logically) eb23 (which is ec29 ^ c4 ^ c3). Still no luck. So I decided to go fishing :lol:. I had a program generate all 256 * 256 crcs for all 2 byte combinations, and lo and behold, for f018, I got a4f83690. (At this point I should probably note the typo of a4f83680 from iq_132's driver, that stressed me for a little while :( ).

So, perfect pim v's for all :).

 

The differences in encrypted and decrypted form:

 

--- 266-v1.bin 86b6ef14 800000

+++ 266-v1.bin a4f83690 800000

0 c4c4 f018

 

--- 266-v1d.bin 352b0a07 400000

+++ 266-v1d.bin 435f33cf 400000

21e0 00 34

+ffff 00 dc

Link to comment
Share on other sites

Ok, I uploaded a fixed mslug5 encrypter (http://up1.fastuploads.com/ms5_venc2.zip). Included is a.bat file that will encrypt with 2 different methods, and make patches of the results against the real vs. (33c6305c & 1afb848e)

Ideally, one of the sets of patches should be quite small, and that will mean it was the right method, and those patches are the fixes/watermarks. If anyone has those roms, can they post the crreated patches plz.

Link to comment
Share on other sites

 

Thanks for making those, the unfortunate problem is that I'm an idiot :).

The first patch is correct, but the second isn't, because the.bat should read like this "uips c v2_1.ips 268-v2.new 268-v2.bin", on the 3rd line. (It currently just creates the first patch again :clapping: ).

Link to comment
Share on other sites

Finally samsho5 encrypted V were already out :

 

Diff between encrypted 270-v1.bin : 7541763A > 62E434EB

 

$432000 : F1F6 > FBFF

$610042 : 0000 > FFF7

$618020 : 0000 > FFF7

 

Diff between encrypted 270-v2.bin : 4E6E7D98 > 180F3C9A

$410000 : FAB9 > FEBD

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...