Hacking Pokémon X/Y Dumper and Editor

[Zaneris]

That's great. Are you planning to release a single application for the injection part?

I know nothing about checksums :/ So, there is a standard calculation for this but for some reason this calculation is not being compatible with the 3DS, am I right? Do you find the original checksums of the packets to be non-standard?



Yes, that's right, I don't know about the size of the packets though. About the Pokemon data, copy the 232 bytes on a hex editor and save them as .bin files, the PKX editor will decrypt them properly if the data really corresponds to a PKX file.

Yes, it's a single application, coded in C, ran through the command prompt.

I'm ASSUMING the checksum in the ead header is an MD5, and if it is, I can't figure what exactly it's a checksum of... I can't get any part of the packet to match the existing checksum so far.

 

[Ixvael]

I know I said this before but kyogre123 misunderstood me.
Both the 3DS (wifi) and the PC (Ethernet) connect through my router/modem. My 3DS didn't go through my PC. So is packet sniffing still possible?
I also set up a display filter "eth.dst ==[3DS MAC]". Don't know if that was the right thing to do, but nothing showed up .

You can't sniff the packet if the 3DS doesn't go through the PC. You can just connect the PC directly through the router and use its WLAN as a hotspot. If you can't do that, another option would be to have two WLANs but aside from that, you can't sniff.

 

[Duo8]

You can't sniff the packet if the 3DS doesn't go through the PC. You can just connect the PC directly through the router and use its WLAN as a hotspot. If you can't do that, another option would be to have two WLANs but aside from that, you can't sniff.

Then all I have is an Android phone now Can that somehow be used as a wifi card? Or maybe I can sniff packets with it?

 

[xyzman]

I'm ASSUMING the checksum in the ead header is an MD5, and if it is, I can't figure what exactly it's a checksum of... I can't get any part of the packet to match the existing checksum so far.

Normally 16 bytes would be MD5, yes. I'm stuck at this step, really: writing a python script which will serve as pipe in hexinject -s -i eth0 | pipe | hexinject -p -i eth0 is not exactly a big deal, but considering I'll have to create a special Linux stand for experiments, I thought that this checksum obstacle is better to be bypassed first.

 

[Zaneris]

Normally 16 bytes would be MD5, yes. I'm stuck at this step, really: writing a python script which will serve as pipe in hexinject -s -i eth0 | pipe | hexinject -p -i eth0 is not exactly a big deal, but considering I'll have to create a special Linux stand for experiments, I thought that this checksum obstacle is better to be bypassed first.

I've got everything done for my windows solution.

The only thing missing is the checksum, lol.

 

[ERVMX]

I suppose there will be an injection application soon. Is it possible to do an injection (so I can get a specific pokemon) with the information discovered so far?

 

[Caius Gray]

I've got everything done for my windows solution.

The only thing missing is the checksum, lol.

You have no idea how bittersweet this makes me feel. On the one hand I'm super excited that someone has managed to get this far in the process and on the other I'm dumbfounded you managed to do it.

I've spent hours banging my head against the wall trying to get the injection step to even remotely work. Kudos man, seriously. Good stuff.

 

[MopSec]

My problem is that I now not only ave to wait for Gateway to release the 2.0 update but also to make online work -________-

 

[ERVMX]

If you already can inject, please try to inject a Pokemon with National Dex number 719, 720 and 721.

 

[xyzman]

Tried all the 128-bit checksum algorithms for every imaginable fragment in "data" block, tried to update digest by 16 and 32 byte blocks. Nothing.

Whoever did provide the structure, why did you decide that 16-byte place is a checksum and not some word/half-word it used to be in the past?

I hope ROM gets cracked soon

 

[Zaneris]

Tried all the 128-bit checksum algorithms for every imaginable fragment in "data" block, tried to update digest by 16 and 32 byte blocks. Nothing.

Whoever did provide the structure, why did you decide that 16-byte place is a checksum and not some word/half-word it used to be in the past?

I hope ROM gets cracked soon

Yeah I've given up on it, there's probably some random string concatenated with it for the hash.

 

[sanderdsz]

and the whiners come out of the woodwork.

MUH POKEMON! RUINED BY THESE HACKERS.

Get over yourselves. Not everyone has the time to sit their ass down and raise a fucking perfect IV EV'd pokemon.

The game is so damn easy now to train the EVs that this hacks is just stupid.
And the IVs now are quicky to get them too.

 

[cearp]

surely we can just set up a proxy on a computer and put the 3ds to go through that? i don't think anyone mentioned that, but that seems the easiest way to do it.

 

[FAST6191]

The game is so damn easy now to train the EVs that this hacks is just stupid.
And the IVs now are quicky to get them too.

If people got injection working it could be done in minutes, training still takes hours even if it is even easier than before.

 

[Queno138]

If people got injection working it could be done in minutes, training still takes hours even if it is even easier than before.

There are more to than just IVs and EVs when it comes to stuff like this.

You can get items that you cannot normally get, example "Mewtwonite X" when you're playing "Y",
or discovery of hidden abilities, or other Pokemon etc.

 

[FAST6191]

There are more to than just IVs and EVs when it comes to stuff like this.

You can get items that you cannot normally get, example "Mewtwonite X" when you're playing "Y",
or discovery of hidden abilities, or other Pokemon etc.

But of course, if you are going to create impossible mons then there is cause to raise an eyebrow. Making ones that were doable within the normal game seemed to be the main assumption for a lot of these sorts of threads and I was rolling with that.

 

[Queno138]

hahaha "Impossiblemons".

Those are annoying..

Those "doable within normal game" are commonly known as "Legal", as its appearance is a possibility.
In the mean time, our "impossiblemons" are "illegal/not legit", cause, well, Wondertombed.

Anyhow, I can't wait for this whole thing to exit beta and go public.
Can finally get the megastones that I cannot get -.-

 

[Sizednochi]

Can't wait to play against little kids using 6 uber legendaries all day.

Regardless if we can breed our stuff legally easy now, this will hurt online play. You'll start seeing the same pokemon and Smogon movesets all over again. But anyway this was bound to happen. If it didn't happen now, December would bring a Gen 5 hackemon flood.

 

[Duo8]

Can't wait to play against little kids using 6 uber legendaries all day.

Regardless if we can breed our stuff legally easy now, this will hurt online play. You'll start seeing the same pokemon and Smogon movesets all over again. But anyway this was bound to happen. If it didn't happen now, December would bring a Gen 5 hackemon flood.

You mean Gen VI?
Anyway, a way to prevent this is to play with your friends only. It's more restricted, but should prevent frustration.

 

[sanderdsz]

If people got injection working it could be done in minutes, training still takes hours even if it is even easier than before.

I really don't mind if you're trying this to get the pokes with the right stats.
But is so boring battle with someone full IV and full 252 EV, or like 999 atk stats.

I hope Game Freak do something about this, like a sweep on this pokemons, but I doubt it, they're too lazy.