ROM Hack [Tutorial] How to Decrypt, Extract & Rebuild a CIA

Status
Not open for further replies.

medoli900

Open the Benzenes;Gate
Member
Joined
Jan 7, 2013
Messages
1,116
Trophies
0
Location
Lavender Town
XP
1,316
Country
Antarctica
If I follow your tutorial, you need a 4.5 FW, since it uses the DS profile hack. I tried booting your launcher.dat by the roploader website, but it failed.
 

soneek

Well-Known Member
Member
Joined
Jun 27, 2012
Messages
179
Trophies
0
XP
337
Country
United States
Glad you're doing a tutorial! I'm finished within exams and every on Friday, so I'll help out with the rebuilding part by then if necessary.
 
  • Like
Reactions: Margen67

BryanPereza

Member
Newcomer
Joined
Feb 16, 2015
Messages
7
Trophies
0
Age
26
XP
80
Country
Mexico
And if you want to rebuild the cia again? Did I missed something? Sorry for bothering and thanks for taking the time to make this possible
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
I can make a python tool to extract the contents from a CIA file if you want, so you do not need to install it... :)
but, you will have to generate the decrypted title key, on the 3ds, to decrypt it
 

Asia81

Yuri Lover ~
OP
Member
Joined
Nov 15, 2014
Messages
6,647
Trophies
3
Age
29
XP
3,446
Country
France
I can make a python tool to extract the contents from a CIA file if you want, so you do not need to install it... :)
but, you will have to generate the decrypted title key, on the 3ds, to decrypt it

But the cia need always to be decrypted, right ?
I can't see what your python script can do.
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
But the cia need always to be decrypted, right ?
I can't see what your python script can do.

the CIA file contain the contents.
you install the CIA because you want to access the contents.

if you want to decrypt a 2gb CIA, you will have to install it. it is very slow.
but, you can use the contents from the CIA without installing it.
but you will need to decrypt them.
when you install a CIA, the contents become decrypted (partially)

if you generate the title key (option 3 in ctr decryptor multi tool) - you can decrypt the contents without having to install the CIA


-- if you get the movable.sed file from nand, and put it on the sd card root, it does not matter if the nand is linked/unlinked, etc :)
 
  • Like
Reactions: liomajor

liomajor

Well-Known Member
Member
Joined
Jun 10, 2008
Messages
1,468
Trophies
0
XP
1,373
Country
United States
Depending on the content you have decrypted, it's not a must to have romfs or exefs inside DLC or Updates.

As example Shin Megami Tensei Record Breaker's DLC has multiple .app files, the first is only exheader and romfs,
the others only romfs with a txt file (same name, different content). Update 1.1 stores all Details in code.bin.
 
  • Like
Reactions: cearp

Asia81

Yuri Lover ~
OP
Member
Joined
Nov 15, 2014
Messages
6,647
Trophies
3
Age
29
XP
3,446
Country
France
the CIA file contain the contents.
you install the CIA because you want to access the contents.

if you want to decrypt a 2gb CIA, you will have to install it. it is very slow.
but, you can use the contents from the CIA without installing it.
but you will need to decrypt them.
when you install a CIA, the contents become decrypted (partially)

if you generate the title key (option 3 in ctr decryptor multi tool) - you can decrypt the contents without having to install the CIA


-- if you get the movable.sed file from nand, and put it on the sd card root, it does not matter if the nand is linked/unlinked, etc :)

Oh nice, thanks if you can do it :)
 

soneek

Well-Known Member
Member
Joined
Jun 27, 2012
Messages
179
Trophies
0
XP
337
Country
United States
the CIA file contain the contents.
you install the CIA because you want to access the contents.

if you want to decrypt a 2gb CIA, you will have to install it. it is very slow.
but, you can use the contents from the CIA without installing it.
but you will need to decrypt them.
when you install a CIA, the contents become decrypted (partially)

if you generate the title key (option 3 in ctr decryptor multi tool) - you can decrypt the contents without having to install the CIA


-- if you get the movable.sed file from nand, and put it on the sd card root, it does not matter if the nand is linked/unlinked, etc :)

That would be cool. This method is still good though for any updates we install ourselves via the eShop.

I'm guessing the method would be similar to Wii U stuff? Decrypt the title key, then AES-128-CBC decrypt the CIA partitions with that decrypted key?
 

liomajor

Well-Known Member
Member
Joined
Jun 10, 2008
Messages
1,468
Trophies
0
XP
1,373
Country
United States
Example to extract CIA without installing:
Code:
ctrtool -x -t cia <name of your cia> --contents=<name of content> --meta=<name of meta(same as content> --tmd=<name of tmd file> --tik=<name of tik file> --certs=<name of cert file>

For Games:

#0000 = Similar to .3ds with different Header
#0001 = Manual.cfa
#0002 = DLP.cfa

Code:
ctrtool -p --exheader="exheaderEncrypted.bin" --romfs="romfsEncrypted.bin" --exefs="exefsEncrypted.bin" --logo="logo.bin" "<name of #0000>"

What is left, is to fetch the xorpad for #0000 to decrypt the files.
 
  • Like
Reactions: cearp

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
Example to extract CIA without installing:
Code:
ctrtool -x -t cia <name of your cia> --contents=<name of content> --meta=<name of meta(same as content> --tmd=<name of tmd file> --tik=<name of tik file> --certs=<name of cert file>

oh cool, i don't need to make that tool now! thanks :)
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
Yes, it didn't need titlekey to get the encrypted files. Would be nice if there is a way without xorpads ^^

yes sure, we don't need the title key to extract the cia, but if you want to decrypt the contents, then we need the title key.
for most people, having the encrypted contents is not very important :)

like powersaves allegedly has an online 3ds farm to decrypt saves (funny but i guess true) - imagine a website connected to a 3ds where you type in the title key and it decrypts it for you... :)
it would not be impossible with homebrew... correct.

a 3ds that is always plugged in, and connected to wifi. running a homebrew that connects and replies to a server to get the latest title key to encrypt, first in first out.
do i sense a personal summer project coming? (maybe, maybe not) :)
 
  • Like
Reactions: liomajor

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
How to decrypt with titlekey?

aescbc.
but that gets removes the 'eshop encryption'.
then there is the sd card encryption... which we still need xorpads for lol.
so, yeah maybe not much of a project if it only saves 1 boot cycle, 1 sd card eject, etc
 
  • Like
Reactions: liomajor
Status
Not open for further replies.

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    LeoTCK @ LeoTCK: yes for nearly a month i was officially a wanted fugitive, until yesterday when it ended