Toggle sidebar

Homebrew Official [Download] Decrypt9 - Open Source Decryption Tools (WIP)

  • Thread starter Thread starter d0k3
  • Start date Start date
  • Views Views 935,333
  • Replies Replies 4,476
  • Likes Likes 71
Biff627 said:
Yea i just figured out how to compile it! It seemed complicated at first but just ended up being very simple to compile it :D Thank you for your hard work!
Click to expand...
There's still some trouble with TWL, so hold your breath for a bit ;).

3xkrazy said:
Yea, reading the commits is the way to go. It seems like you hard coded all the paths in your code. Would you consider doing something similar to what CakesFW does? :rolleyes:

CakesForeveryWan/source/paths.h
Code: 
#pragma once

// A file to keep track of all the file paths used throughout cakes.

// The "topdir"
#define PATH_CAKES "/cakes"

#define PATH_FIRMWARE PATH_CAKES "/firmware.bin"
#define PATH_PATCHED_FIRMWARE PATH_CAKES "/firmware_patched.bin"
#define PATH_FIRMKEY PATH_CAKES "/firmkey.bin"
#define PATH_CETK PATH_CAKES "/cetk"

#define PATH_AGB_FIRMWARE PATH_CAKES "/agb_firmware.bin"
#define PATH_PATCHED_AGB_FIRMWARE PATH_CAKES "/agb_firmware_patched.bin"
#define PATH_AGB_FIRMKEY PATH_CAKES "/agb_firmkey.bin"
#define PATH_AGB_CETK PATH_CAKES "/agb_cetk"

#define PATH_UNSUPPORTED_FIRMWARE PATH_CAKES "/firmware_unsupported.bin"
#define PATH_SLOT0X25KEYX "/slot0x25keyX.bin"
#define PATH_SLOT0X11KEY96 "/slot0x11key96.bin"
#define PATH_PATCHES PATH_CAKES "/patches"
#define PATH_CONFIG PATH_CAKES "/config.dat"
Click to expand...
Will think about it. Don't know if that really makes things simple. The slot files paths are not hardcoded, just this one is.
 
d0k3 said:
Can't help with that much... almost no one is using that entry point anymore. Anyone have an idea about that?
Click to expand...
Last time when I checked, Launcher.dat didn't work via MSET, but worked flawlessly with browser exploit (go gateway).
 
  • Like
Reactions: d0k3
d0k3 said:
I double checked the code - it is absolutely impossible for this to say it succeeded when it actually did nothing at all. Did you inject into the wrong NAND? Also, the exact output would help.
Click to expand...

No problem, I'm posting the decrypt9.log then.

Code: 
Searching title "Health&Safety"...
Method 1: Search in title.db...
Found title 0004001000021300
TMD0 found at 0DF60000, size 2868b
APP0 found at 13AC4000, size 832kB
Use arrow keys and <A> to choose a name
hs.app
Dumping & decrypting APP0...
Creating hs.app ...
Code / Crypto: CTR-N-HACE / Standard
Decrypt ExHdr/ExeFS/RomFS (2kB/657kB/0MB)
Verify ExHdr/ExeFS/RomFS: OK/OK/OK
Health&Safety Dump: succeeded!

Press B to return, START to reboot.

Unmounting SD card...

You selected "Health&Safety Inject".
This feature writes to the SysNAND.
Doing this is potentially dangerous!

If you wish to proceed, enter:
<Left>, <Up>, <Right>, <Up>, <A>

(B to return, START to reboot)

Searching title "Health&Safety"...
Method 1: Search in title.db...
Found title 0004001000021300
TMD0 found at 0DF60000, size 2868b
APP0 found at 13AC4000, size 832kB
Use arrow keys and <A> to choose a file
hs.app
Opening hs.app ...
Creating hs.enc ...
Code / Crypto: CTR-N-HACE / Standard
Encrypt ExHdr/ExeFS/RomFS (2kB/657kB/0MB)
Injecting H&S app...
Opening hs.enc ...
Fixing TMD...
Health&Safety Inject: succeeded!

Press B to return, START to reboot.
 
d0k3 said:
  • CIA Decryptor (deep): Use this to fully decrypt all CIA files in the folder. This also processes the internal NCCH encryption. Deep decryption of a CIA file is otherwise known as cryptofixing. This also may need additional filesslot0x25KeyX.bin and / or seeddb.bin, see above.
Click to expand...
2 CIA files succeeded with this option, but I have a "Import failed" while installing the 2 cia output files with BBM on emunands 9.2 and 10.6.
 
Last edited by morph95,
pbanj said:
random question(prob a dumb one) i keep seeing mention of Decrypt9-A9LH is that just this or is there a diff version?
Click to expand...
there initially was another version made by @Shadowtrance that was a stripped down version since none of the decryption options really worked.... now a lot of that is fixed, so the new versions are getting progressively more features working on them... So, now we just simply use the main release
 
  • Like
Reactions: pbanj
dark_samus3 said:
there initially was another version made by @Shadowtrance that was a stripped down version since none of the decryption options really worked.... now a lot of that is fixed, so the new versions are getting progressively more features working on them... So, now we just simply use the main release
Click to expand...
thank you. i kept seeing talk of it but no actual file and was like am i just stupid and not seeing it lol
 
XD found out why the bin wouldnt boot for me with a9l. bootctr9 was having it use an offset. told it not to use one and it loads fine. would of helped if i read the bottom screen sooner lol

i should prob mess with this crap when im fully awake.
 
I'm having trouble starting D9 from HBL now after installing a9lh + aureinand. I boot into sysNAND using the R-button, sysNAND is 9.2. Then I go to HBL using browserhax. When trying to start D9WIP from there, the bottom screen flashes red two times then I'm back to HBL.

Also tried starting D9 from emunand then HBL. I guess I'm missing something simple, is there any log I could check?
 
hirvimies said:
I'm having trouble starting D9 from HBL now after installing a9lh + aureinand. I boot into sysNAND using the R-button, sysNAND is 9.2. Then I go to HBL using browserhax. When trying to start D9WIP from there, the bottom screen flashes red two times then I'm back to HBL.

Also tried starting D9 from emunand then HBL. I guess I'm missing something simple, is there any log I could check?
Click to expand...
Use L button to boot if using aureinand. That's the 9.2 firm
 
  • Like
Reactions: Xenosaiga
Hi @d0k3,
If I manually added the TWL Customer ID (taken from the Decrypt9.log or looking at screen output when decrypting stuff) to the end of my otp.bin with a hex editor, would this yield a valid otp0x108.bin?
 
hirvimies said:
That was the problem, thank you for pointing me in the right direction. I found the aureinand guide to be a bit messy which is why I missed it.
Click to expand...
Here's a tip. Once you get into your Homebrew menu using browserhax on the 9.2 stadium launch (L button) go ahead and install the Homebrew launcher.cia using FBI.3dsx.

Saves the hassle of having to launch browserhax if and when you have to access Homebrew again.
 
Xenosaiga said:
Here's a tip. Once you get into your Homebrew menu using browserhax on the 9.2 stadium launch (L button) go ahead and install the Homebrew launcher.cia using FBI.3dsx.

Saves the hassle of having to launch browserhax if and when you have to access Homebrew again.
Click to expand...

Yes, already got it on my emunand but haven't touched my sysnand since setting it all up. Might install it there if I feel the need to access HBL from sysnand frequently. Thanks for the tip.
 
Geren said:
No problem, I'm posting the decrypt9.log then.

Code: 
Searching title "Health&Safety"...
Method 1: Search in title.db...
Found title 0004001000021300
TMD0 found at 0DF60000, size 2868b
APP0 found at 13AC4000, size 832kB
Use arrow keys and <A> to choose a name
hs.app
Dumping & decrypting APP0...
Creating hs.app ...
Code / Crypto: CTR-N-HACE / Standard
Decrypt ExHdr/ExeFS/RomFS (2kB/657kB/0MB)
Verify ExHdr/ExeFS/RomFS: OK/OK/OK
Health&Safety Dump: succeeded!

Press B to return, START to reboot.

Unmounting SD card...

You selected "Health&Safety Inject".
This feature writes to the SysNAND.
Doing this is potentially dangerous!

If you wish to proceed, enter:
<Left>, <Up>, <Right>, <Up>, <A>

(B to return, START to reboot)

Searching title "Health&Safety"...
Method 1: Search in title.db...
Found title 0004001000021300
TMD0 found at 0DF60000, size 2868b
APP0 found at 13AC4000, size 832kB
Use arrow keys and <A> to choose a file
hs.app
Opening hs.app ...
Creating hs.enc ...
Code / Crypto: CTR-N-HACE / Standard
Encrypt ExHdr/ExeFS/RomFS (2kB/657kB/0MB)
Injecting H&S app...
Opening hs.enc ...
Fixing TMD...
Health&Safety Inject: succeeded!

Press B to return, START to reboot.
Click to expand...
Thanks for posting this! And you ran it from several entrypoints, including SysNAND you say? This log looks to be from a proper injection from SysNAND. Note the sizes ("Decrypt ExHdr/ExeFS/RomFS (2kB/657kB/0MB)")? This (2kB + 657kB) is smaller than the original size of the hs.app (832kB). When you start it from SysNAND, you say that still the original Health and Safety app will run? What region is your 3DS, and is there any chance this is from a region swapped 3DS console (in that case, what was the old region?)?

morph95 said:
2 CIA files succeeded with this option, but I have a "Import failed" while installing the 2 cia output files with BBM on emunands 9.2 and 10.6.
Click to expand...
That problem is not in Decrypt9. If the CIA files succeeded, the hashes were also checked, meaning everything went fine.

morph95 said:
@everyone, do you know/have a tutorial to cryptofix an eShop game?
Click to expand...
A tutorial?! Put your files into the D9Game / Decrypt9 folder, run "CIA Decryptor (deep)" (for CIAs) "NCCH Decryptor" (for NCCH), done. Is this enough of a tutorial, no? :P For CIAs to work on GW, you need to process them with "CIA Decryptor (CXI only)" instead of "CIA Decryptor (deep)", though.

3xkrazy said:
Hi @d0k3,
If I manually added the TWL Customer ID (taken from the Decrypt9.log or looking at screen output when decrypting stuff) to the end of my otp.bin with a hex editor, would this yield a valid otp0x108.bin?
Click to expand...
Yup, that will work. Good idea! Maybe spread this around to everyone whining around having to go through the whole process of downgrading / dumping again now?

Xenosaiga said:
Well as my experience goes decrypt9 has issues working from emunand.
Click to expand...
Maybe. It was never designed to work from there. Can you tell me what issues you encountered?
 
  • Like
Reactions: Mrrraou, hobbledehoy899 and ihaveahax

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Gaming  any good rpgs on 3ds?

Hardware  2 Broken 3DSes, need help

Hacking  Modding Reassurance