Hacking intersting finding in LOZ:ALBW save issue

U

udo4ever

Well-Known Member
OP
Member
Level 5
Joined
Jul 28, 2007
Messages
127
Trophies
1
XP
597
Country
Canada
Hey guys,

So I was testing out the new Gateway firmware and discovered a few things. first a little background information:

I have two 3ds systems. One of them is a 3ds with firmware 6.2 installed. The other system is a 3ds xl with firmware 4.2 installed (which makes it compatible with Gateway).

I bought a retail version of A Link Between Worlds last week and started playing it on my updated (non-compatible with Gateway) 3ds. When the Gateway 2.0 firmware came out I was excited to try the emunand classic firmware option. Thus, I booted up the 3ds in emunand classic mode updated to the latest firmware and popped in my A Link Between Worlds. I was hoping to continue my game were I let off but with the benefits of the bigger screen the XL system offers. To my dismay I found that the save file was completed deleted. I then took my game cart out and put it back in my regular 3ds and it didn't show up on that system either.

This is where I began a series of tests to see just what was going on. Here is what I did:

1. I booted the retail version of the game in gateway emnand classic mode (latest firmware). I started and saved a game file. I then exited the game via the home menu and by pressing x. I booted it again to make sure that the save game was in fact created. It was. I took out the card and popped it into my other 3ds. It dissapeared.

2. I booted the retail version of the game in my regular 3ds. I started and saved a game file. I exited the game by pressing home and x. I popped out the retail cartridge and popped it back in. I loaded the game again and the saved game file was still there. I then decided to boot the game on my 3ds xl using emunand class (latest firmeware) and the game file dissapeared.

I have two hypothesis as to what is happening. The first guess is that the game cart somehow can detect when it is being played on another system and thus erases the save file. This is certainly a new tactic by nintendo seeing as my retail version of resident evil, mario 3d land and new super mario bros. 2 has the save games intact even if a switch systems.

The second guess is that there is something in the Gateway's classic mode that destroys the save game in ALBW. I would like to try loading the game in classic sysmode (firmware 4.2) next to see if it is perhaps the emunand that is getting in the way. If anyone can test out whether ALBW can transfer saves between system without gateway mode would be great. This would confirm that my first hypothesis is incorrect...
 
  • Like
Reactions: octopus
Ennea

Ennea

Well-Known Member
Member
Level 2
Joined
Oct 5, 2013
Messages
114
Trophies
0
Age
32
XP
163
Country
Gambia, The
udo4ever said:
The first guess is that the game cart somehow can detect when it is being played on another system and thus erases the save file. This is certainly a new tactic by nintendo seeing as my retail version of resident evil, mario 3d land and new super mario bros. 2 has the save games intact even if a switch systems.
Click to expand...

That could actually be the case. Bleh.
 
kyogre123

kyogre123

Mexican Pride
Member
Level 8
Joined
Sep 23, 2013
Messages
2,920
Trophies
0
Age
34
XP
1,347
Country
Mexico
Thanks for your report and your testing, now we can assume it's perfectly safe to play retail cartridges on EmuNAND, except if there's a previous save file created on a different console, which may not be an actual issue of GW's EmuNAND.

But, seriously, game developers programming the game in a way to make the save data get deleted just because is booted from a different console? That would be definitely fucked up.
 
U

udo4ever

Well-Known Member
OP
Member
Level 5
Joined
Jul 28, 2007
Messages
127
Trophies
1
XP
597
Country
Canada
I found something even more interesting. I reformated my sd card and did a fresh backup of my nand. I then booted up batman: blackgate (rom) on my emunand firmware 4.2. everything worked smoothly except that when I exited to the home menu and pressed "x" to save it hanged there for a long long time. I distinctly recalled not having this problem on an updated emunand. Thus, I updated my emunand and booted up batman: blackgate. This time, it saved without a hitch.

In short, those of you who cannot save in zelda:ALBW due to it hanging on the home screen... update your emunand and all should be fine!
 
kyogre123

kyogre123

Mexican Pride
Member
Level 8
Joined
Sep 23, 2013
Messages
2,920
Trophies
0
Age
34
XP
1,347
Country
Mexico
udo4ever said:
I found something even more interesting. I reformated my sd card and did a fresh backup of my nand. I then booted up batman: blackgate (rom) on my emunand firmware 4.2. everything worked smoothly except that when I exited to the home menu and pressed "x" to save it hanged there for a long long time. I distinctly recalled not having this problem on an updated emunand. Thus, I updated my emunand and booted up batman: blackgate. This time, it saved without a hitch.

In short, those of you who cannot save in zelda:ALBW due to it hanging on the home screen... update your emunand and all should be fine!
Click to expand...

The same happened to me when I closed A Zelda between worlds on 4.5. So, iprobably SDK 5.X games take a lot of time to save on 4.X? or maybe it happens only the first time?
 
kyogre123

kyogre123

Mexican Pride
Member
Level 8
Joined
Sep 23, 2013
Messages
2,920
Trophies
0
Age
34
XP
1,347
Country
Mexico
Pong20302000 said:
LOL
i know what this is

its because you where in EmuNAND which doesnt use the 6.3.0 KeyY for Saving, it uses the 4.5.0 KeyY

so existing saves are seen as corrupted
Click to expand...

Fixed.

Why are you so sure a fully updated NAND uses an outdated resource just because is being emulated on the SD card?
 
Quicksilver88

Quicksilver88

Well-Known Member
Member
Level 6
Joined
Jan 26, 2013
Messages
618
Trophies
1
Age
54
XP
753
Country
United States
udo4ever said:
Hey guys,

So I was testing out the new Gateway firmware and discovered a few things. first a little background information:

I have two 3ds systems. One of them is a 3ds with firmware 6.2 installed. The other system is a 3ds xl with firmware 4.2 installed (which makes it compatible with Gateway).

I bought a retail version of A Link Between Worlds last week and started playing it on my updated (non-compatible with Gateway) 3ds. When the Gateway 2.0 firmware came out I was excited to try the emunand classic firmware option. Thus, I booted up the 3ds in emunand classic mode updated to the latest firmware and popped in my A Link Between Worlds. I was hoping to continue my game were I let off but with the benefits of the bigger screen the XL system offers. To my dismay I found that the save file was completed deleted. I then took my game cart out and put it back in my regular 3ds and it didn't show up on that system either.

This is where I began a series of tests to see just what was going on. Here is what I did:

1. I booted the retail version of the game in gateway emnand classic mode (latest firmware). I started and saved a game file. I then exited the game via the home menu and by pressing x. I booted it again to make sure that the save game was in fact created. It was. I took out the card and popped it into my other 3ds. It dissapeared.

2. I booted the retail version of the game in my regular 3ds. I started and saved a game file. I exited the game by pressing home and x. I popped out the retail cartridge and popped it back in. I loaded the game again and the saved game file was still there. I then decided to boot the game on my 3ds xl using emunand class (latest firmeware) and the game file dissapeared.

I have two hypothesis as to what is happening. The first guess is that the game cart somehow can detect when it is being played on another system and thus erases the save file. This is certainly a new tactic by nintendo seeing as my retail version of resident evil, mario 3d land and new super mario bros. 2 has the save games intact even if a switch systems.

The second guess is that there is something in the Gateway's classic mode that destroys the save game in ALBW. I would like to try loading the game in classic sysmode (firmware 4.2) next to see if it is perhaps the emunand that is getting in the way. If anyone can test out whether ALBW can transfer saves between system without gateway mode would be great. This would confirm that my first hypothesis is incorrect...
Click to expand...

Curious....does the Gateway EmuNand when in 'Classic' mode create an actual .sav file on the 3DS SD when you do a home/close with a retail cartridge?


I say this because after I made the emunand...I popped my Gateway in which had the game Etrian Oddesy IV in it. I did not copy the game .sav files back over to the newly made EmuNand SD card.....and upon entering the Game it wiped my save file and started over (this is not common because in the past when moving the Gateway card the save data in the eeprom remained intact).

So my guess is Gateway is doing some changes to the way the save file handling is done and this is specifically a gateway glitch at the moment.
 
M

mathieulh

Well-Known Member
Member
Level 6
Joined
Feb 28, 2008
Messages
378
Trophies
0
Website
keybase.io
XP
897
Country
France
kyogre123 said:
I thought exiting System settings was the same as a console boot. :unsure:
Click to expand...

KeyY slot is generated by the bootloader at boot.
I am not even sure Gateway developers have the new key because they would need to dump the keyslot from a live 6.x.x system (a real one running on top of an updated bootloader).

If Nintendo really wanted to, they could delect code running on emulated nands by performing checks on keyslots (for instance, storing the hash of some key and comparing it to the one of the key in slot X) Of course that's assuming they want to let some piece of code to have specific privileges to read the keyslots.

They could always add new functions in a firmware update to do this though.
Of course said functions could be patched to always return true, or return the value the game expects, that means in theory GW would have to keep updating their firmware each time a new game comes out, it'd strenghten the cat and mouse game.

You could also patch the games' binaries dynamically to nop the check but that might be more work.

EDIT: Actually, 3DS AES Hardware keyslots can only be written to. So they cannot read the new key from it, the only way for GW to get the new KeyY is to dump/decrypt the new bootloader. Seems like quite the challenge to me.

GateWay Devs should sure hope the new bootloader doesn't only rely on CPU cache, otherwise, good luck dumping that xD
 
tHciNc

tHciNc

Total Random
Member
Level 9
Joined
Jan 14, 2006
Messages
861
Trophies
1
XP
1,695
Country
New Zealand
I think classic mode is still using some of the same save code as the gw mode as its reinitializing the games saves like it does in gw mode when a new game is added, what happens if you have an existing save from the same game saved through sd by running and saving the rom first, before running a retail version of same game
 
SpaceJump

SpaceJump

Well-Known Member
Member
Level 12
Joined
Aug 18, 2005
Messages
3,866
Trophies
1
Location
Zebes
XP
3,278
Country
Germany
udo4ever said:
Hey guys,

So I was testing out the new Gateway firmware and discovered a few things. first a little background information:

I have two 3ds systems. One of them is a 3ds with firmware 6.2 installed. The other system is a 3ds xl with firmware 4.2 installed (which makes it compatible with Gateway).

I bought a retail version of A Link Between Worlds last week and started playing it on my updated (non-compatible with Gateway) 3ds. When the Gateway 2.0 firmware came out I was excited to try the emunand classic firmware option. Thus, I booted up the 3ds in emunand classic mode updated to the latest firmware and popped in my A Link Between Worlds. I was hoping to continue my game were I let off but with the benefits of the bigger screen the XL system offers. To my dismay I found that the save file was completed deleted. I then took my game cart out and put it back in my regular 3ds and it didn't show up on that system either.

This is where I began a series of tests to see just what was going on. Here is what I did:

1. I booted the retail version of the game in gateway emnand classic mode (latest firmware). I started and saved a game file. I then exited the game via the home menu and by pressing x. I booted it again to make sure that the save game was in fact created. It was. I took out the card and popped it into my other 3ds. It dissapeared.

2. I booted the retail version of the game in my regular 3ds. I started and saved a game file. I exited the game by pressing home and x. I popped out the retail cartridge and popped it back in. I loaded the game again and the saved game file was still there. I then decided to boot the game on my 3ds xl using emunand class (latest firmeware) and the game file dissapeared.

I have two hypothesis as to what is happening. The first guess is that the game cart somehow can detect when it is being played on another system and thus erases the save file. This is certainly a new tactic by nintendo seeing as my retail version of resident evil, mario 3d land and new super mario bros. 2 has the save games intact even if a switch systems.

The second guess is that there is something in the Gateway's classic mode that destroys the save game in ALBW. I would like to try loading the game in classic sysmode (firmware 4.2) next to see if it is perhaps the emunand that is getting in the way. If anyone can test out whether ALBW can transfer saves between system without gateway mode would be great. This would confirm that my first hypothesis is incorrect...
Click to expand...
I did the exact same test with my retail Layton game and the same happens.
 
M

mathieulh

Well-Known Member
Member
Level 6
Joined
Feb 28, 2008
Messages
378
Trophies
0
Website
keybase.io
XP
897
Country
France
zsakul2 said:
So what is the way to avoid this happening?
Click to expand...

There is no way, either you start your game with a totally blank save, either GW needs to update their firmware to implement the new KeyY (if you wish to keep your saves)
You can always use games compiled with older SDKs though since those still use the old KeyY for their savedata.
 
Ennea

Ennea

Well-Known Member
Member
Level 2
Joined
Oct 5, 2013
Messages
114
Trophies
0
Age
32
XP
163
Country
Gambia, The
Arras said:
I shared the game with a friend, this is definitely not the case (and it wouldn't really make sense anyway).
Click to expand...

Good to know, thanks. I'm just not sure about Ninty's stance on used game sales. Taking that into account, this would've made sense. Maybe ¯\(´-´)/¯


cearp said:
you mean you think that nintendo made it so you cannot play your retail cart game (and the save) on another 3ds? surely not...?
Click to expand...

See above.
 
  • Like
Reactions: cearp
U

udo4ever

Well-Known Member
OP
Member
Level 5
Joined
Jul 28, 2007
Messages
127
Trophies
1
XP
597
Country
Canada
I think you are probably right on this. This is a Gateway issue. Those of you who are willing to take the risk and switch your retail game cards between systems (especially games made with the SDK 5.0x and up) will likely be losing their saves. I hope Gateway addresses this issue. While my save game in zelda was certainly by the half way mark, we are still talking about a game that is only 12 hours long at best. I can't imagine losing a saved game were I spent 100 hours on it!!! that would give me a heart attack!
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Hardware  Why does my 3DS take so long to turn off?

Translation Project  DQM2SP translation

General chit-chat
Help Users
    Sicklyboy @ Sicklyboy: For example, one of my other favorite songs from them, with some massive house music influence - +1