Toggle sidebar

Hacking DIY amiibo cards

  • Thread starter Thread starter _Tim_
  • Start date Start date
  • Views Views 565,869
  • Replies Replies 825
  • Likes Likes 47
rena2019 said:
Really? I thought that it should start with uint8_t hmacKey[16] https://github.com/javimadgit/amiitool/blob/master/include/nfc3d/keygen.h and 7F 75 28 is the hardcoded type string "unfixed infos" I found @ pastbin
Click to expand...

I know :) i though so too. finally i wrote a program to write every possible combination of key files using every single bit of data available from that pastebin file, and checked for the one which matched the md5 posted by others :D, and thats what it says in the start of my locked secret file.

--------------------- MERGED ---------------------------

I should note that when with the two tags I made, 3DS gave a corrupted tag error but allowed me to reset the tag. After resetting it worked just fine. So there must be some small part of the encryption which is broken but as long as you don't care about the data already in the file it works fine.
 
rena2019 said:
what I'm doing wrong? I try to create the required key file since 1 hour. but checksum does not match. here are first 2 and last 2 columns of my dump:
Code: 
ed 29...8a c0
75 6e...00 0e
db 4b...00 00
04 49...ae d4
ef 39...47 66
1d 16...c2 05
6c 6f...00 10
fd c8...74 c1
04 49...ae d4
ef 39...47 66
What's wrong with it?
Click to expand...

i'm so sorry i was wrong. I didn't realise you were trying to make the new file with both sets of keys.

You file should start with 1D 16. The second half half of your file(where it says 1d 16 in your file) should start with 7F 75.

Hope this helps. Again sorry for the confusion.
 
HiddenRambler said:
I know :) i though so too. finally i wrote a program to write every possible combination of key files using every single bit of data available from that pastebin file, and checked for the one which matched the md5 posted by others :D, and thats what it says in the start of my locked secret file.

--------------------- MERGED ---------------------------

I should note that when with the two tags I made, 3DS gave a corrupted tag error but allowed me to reset the tag. After resetting it worked just fine. So there must be some small part of the encryption which is broken but as long as you don't care about the data already in the file it works fine.
Click to expand...
HiddenRambler said:
i'm so sorry i was wrong. I didn't realise you were trying to make the new file with both sets of keys.

You file should start with 1D 16. The second half half of your file(where it says 1d 16 in your file) should start with 7F 75.

Hope this helps. Again sorry for the confusion.
Click to expand...
no problem. many thanks for your help:

$ md5sum ~/javimadgit_amiitool/amiitool/all_in_one_keys.bin
45fd53569f5765eef9c337bd5172f937 ~/javimadgit_amiitool/amiitool/all_in_one_keys.bin
$ sha1sum ~/javimadgit_amiitool/amiitool/all_in_one_keys.bin
bbdbb49a917d14f7a997d327ba40d40c39e606ce ~/javimadgit_amiitool/amiitool/all_in_one_keys.bin
 
PokeAcer said:
I GOT IT WORKING! Amiibo made! :D
Click to expand...
Im so exited :D Could you make a step by step guide? For noobs like myself?

--Edit--

By the way guys, remember the amiibo cards I made : Now that it is possible these look a lot better :D If you need any additional amiibo made let me know,

Pecrow said:
Hey I finished all 87 Amiibo cards (Covering every single amiibo release upto date excluding Animal Crossing cards) + an extra surprise for the REAL fans !! ( Spoiler below on the surprise )

It's KIPACHU !!!!!!!!
* For those who dont know kipachu http://9gag.com/gag/aDmmYV9/somebody-wanted-a-drawing-of-the-kipachu-here-you-go-d *
Kipachu_00000_zpsswdarqp0.png


@_Tim_ OP If you would like to add this to the main post as an extra bonus I'm all for it. I put a lot of hours to get these ready. Hope everyone enjoys !!!!

I didn't know there was a file size limit on the attachments so I uploaded it to my OneDrive -25MB- : http://1drv.ms/1mSOlmS (Let me know if link goes bad)

Each Amiibo ARCARD has its own code. Kept the same codes to match the original ARCARDS and all other codes go in order in which they were released (As displayed by http://www.nintendo.com/amiibo/line-up Except for Yoshi.. which I skipped accidentally so he got first one :( )
Click to expand...
 
Last edited by Pecrow,
Mhetralla said:
In fact, it would be better to first be able to write a blank NTAG215. Because, with a phone, we still need to know that AND how to emulate a NTAG215.

Mm, okay, now I get what you are saying. That is a possibility, but... that's so twisted. Why he would do that? He's a known user of this forum. There is no need for that. Also, if he faked it and we discovered it, it would be worse for his e-fame.
Click to expand...
real question is why would he post it in the first place if he is so scared of nintendo hunting him down, Look at this Thread and what @_Tim_ has done for us, besides all the software would do is write a tag copyright cant even be claimed y nintendo over something like that unless they prove he is using illegal dumps of tags, when he could actually follow up that it was a backup of his own amiibo or any BS becausein truth nintendo wont do anything or else the amiiqo would have been taken out long ago.

Also as you can see from the thread PokerAcer just made, my idea on how he did it can easily be verified at least because it is no longer a POC its an actual thing writing tags directly from the phone to a 215
 
squee666 said:
real question is why would he post it in the first place if he is so scared of nintendo hunting him down, Look at this Thread and what @_Tim_ has done for us, besides all the software would do is write a tag copyright cant even be claimed y nintendo over something like that unless they prove he is using illegal dumps of tags, when he could actually follow up that it was a backup of his own amiibo or any BS becausein truth nintendo wont do anything or else the amiiqo would have been taken out long ago.

Also as you can see from the thread PokerAcer just made, my idea on how he did it can easily be verified at least because it is no longer a POC its an actual thing writing tags directly from the phone to a 215
Click to expand...
@_Tim_ gave us the same ammount of info that @sweis12 did. We have to figure out what he did, in the the same way we did with this, here.
 
Hi, just i got mixed information regarding NTAG215 that is compatible.

i was looking at this link which is posted few page back. its not a 888 byte though. will it work?

de.aliexpress.com/item/NTAG215-NFC-TAG-NFC-Forum-Type-2-Tag-All-NFC-Phone-Available-NFC-Adhesive-Labels-Dia/32315909847.html?spm=2114.47010308.4.2.4lzkcp
 
PokeAcer said:
you need a 540 byte.
Click to expand...
HiddenRambler said:
Attached is a small app which can write VALID tag file to a blank NTAG215 tag. **The file must already be correctly encrypted to match the new tags UID**. The app will auto calculate the write password.

Load the file using the menu. then select write from menu and then put the phone on the tag. try not to move the phone and be careful as there is virtually no error checking/recovery.

I think you can use the modified version of amiitoo by @javiMaD, but i haven't tested it.

It worked twice for me so far but it your mileage will probably vary.

This is really alpha quality stuff. No real error checking I have no idea what bad things it could do to your tags/phone/3ds. I will not be held responsible for any damage including but not limited to the event that Nintendo may send hitmen to kill you.

I will post the source code as soon as I can figure out which files might contain private data in a android project.

Thx again for all the people who posted details to make this possible.


Edit: Included source code.
Click to expand...
Has anyone else tested this? I ordered some NTAG215 to test this out.
If it is working, congratulations :D!
 
javiMaD said:
I uploaded a modified version of amitool, which calculates the hash missing. Use one key file (160 bytes), simply concatenate the "unfixed info" followed by "secret locked" into one file.

https://github.com/javimadgit/amiitool
Click to expand...

Aaahhh... So that's what "locked secret" was for...

I didn't knew what it was for. Thought it was for some sorta of upcoming ads with read-only NFC tags to unlock stuff on games.
 
  • Like
Reactions: Mhetralla
Well I finally got it working last night.
I have created a modified version of the python script from @Supercool330 , many thanks to him. It basically only decrypts and encrypts and takes the same parameters each time even though they may not be used.
You will need two binary key files, the 'unfixed infos' and the 'locked secret' . the md5s can be found for both here.
The -u parameter is for a binary file of the 7 byte UID of the blank tag (can be found using the amiiqo app)

The idea is you decrypt your file with:

python amiibo_encrypt.py -k unfixed_keys.bin -m locked_keys.bin -u uid_blank_tag.bin decrypt -i luigi.bin -o luigi_decrypt.bin

then encrypt...

python amiibo_encrypt.py -k unfixed_keys.bin -m locked_keys.bin -u uid_blank_tag.bin encrypt -i luigi_decrypt.bin -o luigi_blank.bin

You can then write the output file to your blank tag using whatever method you like. I have modified @Skyforce77 app (https://github.com/skyforce77/unsafeamiiwrite) and created my own app for writing the tags.

Anyway here is the python script if anyone is interested. http://pastebin.com/qCXAS7HQ

I am now working on getting the python stuff into the android app so it all in one program, not sure if I can or how long it will take.
 
Last edited by nurofen,
  • Like
Reactions: Azeryn, dibas, Deleted User and 1 other person
hi, there is a way to do the amiibo card thing with only a PC? ( because i don´t have a NFC phone and cannot afford one for now)
 
oxenh said:
hi, there is a way to do the amiibo card thing with only a PC? ( because i don´t have a NFC phone and cannot afford one for now)
Click to expand...
With the amiiqo they have a nfc reader and I believe you can buy it separately too
 
So i cannot do it without the amiiqo stuff? like a NFC reader/writter and windows program and stuff like that
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Strange Blue Blinking Wii U

Hacking Homebrew Project  Modernized YouTube for Wii U

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

[discussion] Paper Mario Wii U or Mario Kart 64 wii u?

[discussion] what game do you wanna see next?

Gaming Homebrew Misc Project  Roséverse - a 1:1 Miiverse revival by Project Rosé!

Can the Wii u pro controller works for Wii games ?

[PRERELEASE] Sonic 3 A.I.R. (finally) Wii U