ROM Hack [Release] 3DS_CTR_Decryptor-VOiD

[einstein95]

you need to edit the makefile itself (it can be open with notepad++) theres a line called PREFIX=arm-none-eabi you need to change it to PREFIX=C:\devkitPro\devkitARM\bin\arm-none-eabi

I did.

 

[gamesquest1]

Just follow Snailfaces advice

 

[Ryanrocks462]

I did.

odd, I'm not so good if things don't work how they should tbh idk y its doing that hmm

 

[Milesgboy]

I got it all set up but, it says

Opening SD:/ncchinfo.bin
Opened! reading info..
. Number of entries 1024
Nothing to do. :/ (1024)

What am I doing wrong am I supposed to use this new py script for the ncchinfo stuff? That python script isn't working at all for me whenever I input in the correct stuff.

 

[gamesquest1]

I got it all set up but, it says

Opening SD:/ncchinfo.bin
Opened! reading info..
. Number of entries 1024
Nothing to do. :/ (1024)

What am I doing wrong am I supposed to use this new py script for the ncchinfo stuff? That python script isn't working at all for me whenever I input in the correct stuff.

just drag the rom onto it if you have python installed.....is it creating the ncchinfo.bin for you?

 

[Milesgboy]

just drag the rom onto it if you have python installed.....is it creating the ncchinfo.bin for you?

I have python 2.7.1 installed but it does nothing doesn't let me drag it onto it.

 

[Snailface]

put the scrypt and the game in same directory and make a .bat script with this:

py -2 ctrKeyGen.py yourGame.3ds
pause

click the .bat script.

 

[idunoe]

For Download Link check the main thread: http://gbatemp.net/threads/release-3ds_ctr_decryptor-void.370684/

Why not change the format, so the user can elect the keyslot & keyX/keyY data. This would allow so the xorpad generator can be released as a binary (as the 7.x keyx would be in the ncchinfo.bin). It would also let users use this for other things, like decrypt their sd card content (independent eshop dumps anyone?)

 

[Milesgboy]

put the scrypt and the game in same directory and make a .bat script with this:

py -2 ctrKeyGen.py yourGame.3ds
pause

click the .bat script.

How should the MEX.py be set up to get that to get the files extracted? I'm confused on this last part.

 

[FAST6191]

http://filetrip.net/dl?gKNbnpNF7V

Just search "01 02 03 04" and replace the key at that location in a hex editor.

or:

It's address 0x24A4
copy it there. (cnrl + B, paste overwrite)

If you did it right the new crc32 will be e08f7ec5.

Given the short change and the ability to brute force CRC32 I wonder if you technically just gave away the key.

 

[Snailface]

Given the short change and the ability to brute force CRC32 I wonder if you technically just gave away the key.

2^96 is still a pretty daunting unknown to figure out (especially since you can't speed up the AES engine with a PC).
Anyway, bruteforcing google for the key is probably easier in any case

 

[Askedforthis]

Compiled in OS X with no problems whatsoever, ran and it's currently creating the Smash XOR. The new look of the launcher decryptor is a gigantic step up from last time. Love it!

Freaking amazing work, every single person who've been involved. Pat yourselves on the back, you've done really good work here.

Now, all that remains is for Persona Q to release in the west...

 

[_eyCaRambA_]

Why not change the format, so the user can elect the keyslot & keyX/keyY data. This would allow so the xorpad generator can be released as a binary (as the 7.x keyx would be in the ncchinfo.bin). It would also let users use this for other things, like decrypt their sd card content (independent eshop dumps anyone?)

That's actually a good idea. Would love to decrypt sd card stuff!

 

[gtaking112]

I couldn't get the homebrew ROP loader working, has anyone compiled it for the GW ROP loader? I can insert the keys myself

 

[Snailface]

I couldn't get the homebrew ROP loader working, has anyone compiled it for the GW ROP loader? I can insert the keys myself

Did you use this?
http://filetrip.net/3ds-downloads/homebrew/download-rop-multi-loader-1-2-f32915.html

 

[gtaking112]

Did you use this?
http://filetrip.net/3ds-downloads/homebrew/download-rop-multi-loader-1-2-f32915.html

Ah, I knew I was using the wrong version, thanks

EDIT: Awesome stuff! I can confirm that I successfully decrypted the ORAS demo using the XORpads generated with the 7.x keys

 

[Reisyukaku]

So I decided to try to edit shit by hand, and i got all the romfs hashes good, and rexored it with the original xorpad and then injected it into the encrypted rom. I then fixed the super hash block at 0x11E0.. it still boots to a black screen,, what am i missing?

 

[gamesquest1]

So I decided to try to edit shit by hand, and i got all the romfs hashes good, and rexored it with the original xorpad and then injected it into the encrypted rom. I then fixed the super hash block at 0x11E0.. it still boots to a black screen,, what am i missing?

the romfs is hash is in the encrypted rom twice....or did you already do that

 

[Reisyukaku]

the romfs is hash is in the encrypted rom twice....or did you already do that

well i let makeromfs handle the hashes for me cuz im lazy, and i checked it with ctrtool.. but i did the super hash by hand

 

[drwhojan]

That's actually a good idea. Would love to decrypt sd card stuff!

Maybe one day that might come soon to, to decrypt the .cmd .app .tmd .sav files .

Put the flashcard out of business

Also found some think strange with dbs folder import.db / title.db . the demo games where a mess order after delete some missing slots - extracted these files onto my hard drive and Deleted ones of SD card , place the SD card back into the 3DS , No games there, Replace them files back into it folder on SD card, Put SD card back into the 3DS , Game's are back but in neat order... But present wrapped once again . - Anyway found a nice way to clean the order up .