$6909 reveals several calls to the load routines in screen memory,
      followed by a comparison to a byte value at $6925. If the byte
      doesn't match, the code branches to $692E, where it executes an
      undocumented opeode ($02) that sends the computer into an infinite
      loop. What would happen if we just bypassed this code altogether?
      Again, we'll have to patch the backup disk.
      
      But where is this code? Try to find it with the Byte Pattern
      Searcher. No Go, Joe! Epyx' fast load routine requires the disk
      data to be written a special way that Commodore DOS doesn't
      understand. But we CAN patch the code after it's loaded into the
      computer. Use the drivemon to load the last sector of the "(C)
      1987 EPYX" file (18/5 or $12/$05). With the Kracker-Mon in drive
      mode, initialize the drive and place a $12 in location $06 and a
      $05 in location $07. By placing an $80 in location $00 and pressing
      RETURN, you can read the sector into the $0300 buffer in the 
      drive.

      Change the JMP $67E9 at position $031D to read:

         A9 60      LDA  #$60    ;An "RTS"
         8D 09 69   STA  $6909   ;is placed at top of
         4C E9 67   JMP  $67E9   ;of protection check
                                 ;and then JMP

      You must also alter the last-byte pointer at position $0301 in
      the sector to reflect our added code (from $031F to $0324) so that
      it loads properly. Write the sector back (place a $90 in position
      $00 and press RETURN) to the nybbled backup and boot it. It 
      worked!

      The protection check is bypassed.
      
      
      < < < EPYX : SPIDERBOT > > >
      
      Epyx, like many other major companies, uses many different
      protection schemes in their software releases. The complexity of
      the protection is usually directly related to anticipated sales of
      the release. Hence, their "U.S. Gold" and "Maxx Out" (bargain
      division) series are easily nybbled, with only a few requiring a
      (usually) short parameter. "Spiderbot" is one of these: it appears
      that the protection on this title was designed to thwart only
      software-based nybblers. The actual protection is easy to disable 
      once you find it.
      
      You will need the following:

         1) An original "Spiderbot" (SB) diskette.
         
         2) A backup copy of SB using any good nybbler.
         
         3) A disk log of the SB disk to get the load addresses.

            K.J. REVEALED TRILOGY    PAGE [118]    (C)1990 K.J.P.B.