Hacking Repacking 3DS roms

piratesephiroth

I wish I could read
OP
Member
Joined
Sep 5, 2013
Messages
3,453
Trophies
2
Age
103
XP
3,228
Country
Brazil
I see Relys included makerom in the 'utilities' archive. (the version in the link is different from the one in his archive, though)
Then I wonder...
Is it possible (with publicly available tools) to repack the files into romFS and then repack romFS back into the 3DS rom?
 

Relys

^(Software | Hardware) Exploit? Development.$
Member
Joined
Jan 5, 2007
Messages
878
Trophies
1
XP
1,239
Country
United States
Well, I haven't tried this yet but according to the Wiki: "RomFs hasn't been completely implemented (But valid pre-built romfs can be used as substitute)". This means that we should be able to repackage decrypted romfs. If someone wants to look into decrypting romfs (with my tools), re-encrypting with 00000 keys (which is the format Gateway accepts), building with makerom and running on Gateway that would be a good step.

I believe a new developer called applestash just started working on proper romfs building. The official makerom utilities from the CTR SDK should be able to build romfs properly.
 

piratesephiroth

I wish I could read
OP
Member
Joined
Sep 5, 2013
Messages
3,453
Trophies
2
Age
103
XP
3,228
Country
Brazil
Yeah. Now what's a 'prebuilt romfs'? The extracted partition? The rom itself?

Also I wonder if encryption is really a problem...
Say we sucessfully modify files and repack a rom. Can't we then just edit the ncchinfo.bin to reflect the new size, generate a new xorpad and use padgen to encrypt it back?
 

kyogre123

Mexican Pride
Member
Joined
Sep 23, 2013
Messages
2,920
Trophies
0
Age
34
XP
1,347
Country
Mexico
Well, I haven't tried this yet but according to the Wiki: "RomFs hasn't been completely implemented (But valid pre-built romfs can be used as substitute)". This means that we should be able to repackage decrypted romfs. If someone wants to look into decrypting romfs (with my tools), re-encrypting with 00000 keys (which is the format Gateway accepts), building with makerom and running on Gateway that would be a good step.

I believe a new developer called applestash just started working on proper romfs building. The official makerom utilities from the CTR SDK should be able to build romfs properly.

I have the SDK. I wish I would know where to start to at least rebuild a romFS.
 

CollosalPokemon

ばん。。。かい
Member
Joined
Oct 18, 2009
Messages
682
Trophies
0
XP
1,724
Country
United States
Well, I haven't tried this yet but according to the Wiki: "RomFs hasn't been completely implemented (But valid pre-built romfs can be used as substitute)". This means that we should be able to repackage decrypted romfs. If someone wants to look into decrypting romfs (with my tools), re-encrypting with 00000 keys (which is the format Gateway accepts), building with makerom and running on Gateway that would be a good step.

I believe a new developer called applestash just started working on proper romfs building. The official makerom utilities from the CTR SDK should be able to build romfs properly.


neimod's ctrtool's source code is actually a good place to look at how the RomFS is structured since it can deconstruct RomFS'. 3DSGuy's (not completely finished) RomFS rebuilding code is also useful to figure out how to rebuild the RomFS.

After using your decryption tools, I made tools to help me rebuild games although I still have to do some manual edits. I rebuilt some RomFS' and games with the zeroes key. It works nicely with Gateway. I'm glad gateway included a game dumping feature since I don't want to get games from shady sources.
It would be nice if Gateway would enable the no-encryption flag in the NCCH header for roms. It seems to currently not be allowed for executable content (ie the NCCH 0)...not sure about different indexes but the important one would be index 0.
 
  • Like
Reactions: loco365

Relys

^(Software | Hardware) Exploit? Development.$
Member
Joined
Jan 5, 2007
Messages
878
Trophies
1
XP
1,239
Country
United States
After using your decryption tools, I made tools to help me rebuild games although I still have to do some manual edits. I rebuilt some RomFS' and games with the zeroes key. It works nicely with Gateway.

Please make a tutorial and share tools! :D I only have so much time to work on these kinds of things.
 
  • Like
Reactions: piratesephiroth

dubbz82

Well-Known Member
Member
Joined
Feb 2, 2014
Messages
1,572
Trophies
0
Age
41
XP
1,215
Country
United States
It would be nice if Gateway would enable the no-encryption flag in the NCCH header for roms. It seems to currently not be allowed for executable content (ie the NCCH 0)...not sure about different indexes but the important one would be index 0.

Sorry if I come off like somewhat of an idiot, but what would prevent us from enabling no-encryption flag in the header for roms, and then using something like a launcher.dat to point straight to the 3ds file and load it, or am I missing something?
 

CollosalPokemon

ばん。。。かい
Member
Joined
Oct 18, 2009
Messages
682
Trophies
0
XP
1,724
Country
United States
Please make a tutorial and share tools! :D I only have so much time to work on these kinds of things.

My tools aren't public-release ready since I lazily threw them together this weekend, but anyone who researches the rom format on 3dbrew should at least be able to re-encrypt roms with the zeroes key currently.
researching 3dsguy's (incomplete) romfs builder and neimod's romfs unpacker is useful as well.

Sorry if I come off like somewhat of an idiot, but what would prevent us from enabling no-encryption flag in the header for roms, and then using something like a launcher.dat to point straight to the 3ds file and load it, or am I missing something?

the flag that disables encryption doesn't mean that you can load things like you said. all it means is that you can use decrypted (ExHeader, AcHeader, ExeFS, RomFS) in the target rom instead of encrypted ones, but NCCH 0 seems to be banned from using that flag.
it's not necessary since the zeroes key works fine and it's easy to decrypt stuff with a known key, but not having to encrypt anything would make things a little bit easier.
 
  • Like
Reactions: cearp

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: I may take a shower to remove all the sunburns in my body