I did.you need to edit the makefile itself (it can be open with notepad++) theres a line called PREFIX=arm-none-eabi you need to change it to PREFIX=C:\devkitPro\devkitARM\bin\arm-none-eabi
I did.you need to edit the makefile itself (it can be open with notepad++) theres a line called PREFIX=arm-none-eabi you need to change it to PREFIX=C:\devkitPro\devkitARM\bin\arm-none-eabi
I did.
just drag the rom onto it if you have python installed.....is it creating the ncchinfo.bin for you?I got it all set up but, it says
Opening SD:/ncchinfo.bin
Opened! reading info..
. Number of entries 1024
Nothing to do. :/ (1024)
What am I doing wrong am I supposed to use this new py script for the ncchinfo stuff? That python script isn't working at all for me whenever I input in the correct stuff.
just drag the rom onto it if you have python installed.....is it creating the ncchinfo.bin for you?
Why not change the format, so the user can elect the keyslot & keyX/keyY data. This would allow so the xorpad generator can be released as a binary (as the 7.x keyx would be in the ncchinfo.bin). It would also let users use this for other things, like decrypt their sd card content (independent eshop dumps anyone?)
For Download Link check the main thread: http://gbatemp.net/threads/release-3ds_ctr_decryptor-void.370684/
put the scrypt and the game in same directory and make a .bat script with this:
py -2 ctrKeyGen.py yourGame.3ds
pause
click the .bat script.
http://filetrip.net/dl?gKNbnpNF7V
Just search "01 02 03 04" and replace the key at that location in a hex editor.
or:
It's address 0x24A4
copy it there. (cnrl + B, paste overwrite)
If you did it right the new crc32 will be e08f7ec5.
2^96 is still a pretty daunting unknown to figure out (especially since you can't speed up the AES engine with a PC).Given the short change and the ability to brute force CRC32 I wonder if you technically just gave away the key.
That's actually a good idea. Would love to decrypt sd card stuff!Why not change the format, so the user can elect the keyslot & keyX/keyY data. This would allow so the xorpad generator can be released as a binary (as the 7.x keyx would be in the ncchinfo.bin). It would also let users use this for other things, like decrypt their sd card content (independent eshop dumps anyone?)
Did you use this?I couldn't get the homebrew ROP loader working, has anyone compiled it for the GW ROP loader? I can insert the keys myself
the romfs is hash is in the encrypted rom twice....or did you already do thatSo I decided to try to edit shit by hand, and i got all the romfs hashes good, and rexored it with the original xorpad and then injected it into the encrypted rom. I then fixed the super hash block at 0x11E0.. it still boots to a black screen,, what am i missing?
well i let makeromfs handle the hashes for me cuz im lazy, and i checked it with ctrtool.. but i did the super hash by handthe romfs is hash is in the encrypted rom twice....or did you already do that
That's actually a good idea. Would love to decrypt sd card stuff!