acp wrote: I do wonder if anyone actually broke IM copy protection scheme?
I don't mean to encourage piracy, I did break IM copy protection ~20 years ago when I was still a high school lad, using just the DEBUG.COM from MS-DOS on my 486. I still use IM today, it can even be used in DOSBox to accelerate my limited time of finishing old games that I enjoy replaying in different ways. 😊 I did it for a friend who bought the copy-protected floppy from the store. And since the copy protection was broken, I got to keep a copy for myself. 😀
I can summarize the challenges of breaking the copy protection:
1. The INFINITY.COM is encrypted, a very standard defense against disassembly.
2. You can't modify the .COM even after it is decrypted. It has another layer of runtime integrity check.
3. It uses INFINITY.HDN as a unique hardware profile to prevent others from copying it out from the machine that it was installed.
Addressing #1 was a must. Once the clear format of .COM was obtained, one could choose to defeat the integrity check (#2) OR generate a legit INFINITY.HDN (#3). It turned out that generating a legit INFINITY.HDN was very simple from the clear format of .COM because it was comparing the binary data un-obfuscated. So saving the binary data from destination pointer into INFINITY.HDN and yeah, you got a legit INFINITY.HDN that can be used by the original encrypted INFINITY.COM.
I hope I won't be banned from this forum. Moderator, please feel free to delete this post if deemed necessary.