Hacking Was ticket.db tainted in the following circumstances...?

[stebrick]

Basically my situation is that I have flashed a9lh, and would like to (due to my neat freak) keep an absolutely clean ticket.db in my emuNAND 9.2, which was restored from one of my earlier backups of sysNAND.

However, unfortunately the most ancient backup I got is the one (the then sysNAND 9.2) installed with DevMenu CIA in the Pasta-Mode before setting up the emuNAND (due to the fault of a custom rxtools tutorial I found on internet, not here). Though I didn't open it in sysNAND or in the CFW sysNAND.

So, my questions are:-

1. Would my ticket.db in the present emuNAND 9.2 be considered to have been tainted with the illegitimate titles?
2. If the answer to 1 is yes, is there any remedial measure I could take to reset the ticket.db, or to remove that very illegitimate title?

It has been somehow bothering me lately. Any suggestion would be much appreciated.

 

[Deleted member 331788]

Use Decrypt9 to dump your emu/sysNAND ticket.db file and view it in GroovyCIA, DevMenu etc should show up if they have been installed to it.

I'm trying to clear my titles.db by removing the entries, DevMenu, HBL etc ...only thing I can find in my ticket.db in Hex is the section e.g. Root-CA00000003-XS0000000c

 

[stebrick]

Use Decrypt9 to dump your emu/sysNAND ticket.db file and view it in GroovyCIA, DevMenu etc should show up if they have been installed to it.

I'm trying to clear my titles.db by removing the entries, DevMenu, HBL etc ...only thing I can find in my ticket.db in Hex is the section e.g. Root-CA00000003-XS0000000c

Great reply!!

Yeah, I can see Devmenu shows up in GroovyCIA (unfortunately). How do you remove titles.db entries? Would you mind sharing the way how you did it? And how'd you be sure that they have been entirely removed?

Million thanks!!!

--------------------- MERGED ---------------------------

I am asking so because I originally thought titles.db cannot be edited so far...

 

[MelonGx]

Devmenu on ticket.db = no longer clean.

Why not injecting Dev/FBI to H&S?
To have a CIA installer without messing up ticket.db, H&S modifying is one of the solution.

 

[stebrick]

Devmenu on ticket.db = no longer clean.

Why not injecting Dev/FBI to H&S?
To have a CIA installer without messing up ticket.db, H&S modifying is one of the solution.

Yeah, now I know I should have done it better. The custom made tutorial I found on setting up the emuNAND probably did not care about tainting ticket.db

Actually a better way is to do the NAND backup before installing anything, or using injected FBI as you suggested.

So, basically for the time being I have zero options unless there is a tool which enables me to modify that ticket.

 

[cearp]

It has been somehow bothering me lately. Any suggestion would be much appreciated.

honestly, have a long hard think about this and just play your games and be happy.
life is too short to worry about something so miniscule.
if things this this truly bother you, maybe you need to make some lifestyle changes, see a doctor, etc... really.

 

[stebrick]

honestly, have a long hard think about this and just play your games and be happy.
life is too short to worry about something so miniscule.
if things this this truly bother you, maybe you need to make some lifestyle changes, see a doctor, etc... really.

You know it's possible (though maybe unlikely) that Nintendo could ban your console if they strictly enforce their policy having detected your ticket.db containing illegitimate title? Yea, i guess you know...

 

[cearp]

You know it's possible (though maybe unlikely) that Nintendo could ban your console if they strictly enforce their policy having detected your ticket.db containing illegitimate title? Yea, i guess you know...

sure, i have written about this possibility ages ago commenting the benefits of using gw+ .3ds games rather than installing nonlegit cias, i really do understand. but there has been basically ZERO action from nintendo against pirates.
only some weird thing for using public headers, and people got unbanned after, and people (me included) got banned from badge arcade only for cheating at the badge arcade.
sony on the other hand has banned people for having homebrew in their play logs, very strict!

i'm sure nintendo CAN check, it's just they don't, for all we know the ban hammer could come tomorrow, just like m$ would collect lots of naughty users and ban them all at once.
maybe current pirates aren't worth their time to stop, they just try to prevent new pirates.

 

[MelonGx]

Legit CIAs are not that safe either.
Nintendo has e-shop authentication for pre-install items which are used for making Legit CIAs.
The original console's pre-install items can be registered to e-shop record.
But installed Legit CIAs cannot.

Well, Nintendo still did nothing.

 

[RedBlueGreen]

Nintendo hasn't done anything so I think you're good for now. I'm guessing they don't have any sort of check to ban users who install cias. I know emuNAND is supposed be a copy of NAND, but I'm sure there's something they could use to tell the difference if they the wanted to. Same could be said for "updated" sysNAND with A9LH. So anything other than the intended use could probably get you banned.
*I'm by no means an expert, and this is just speculation on my part.

 

[stebrick]

One more thing, actually I found it strange that GroovyCIA can read the whole ticket.db, but cant delete anything from it....

 

[cearp]

One more thing, actually I found it strange that GroovyCIA can read the whole ticket.db, but cant delete anything from it....

FunkyCIA/GroovyCIA/CoffeeCIA etc... can read the db sure... reading is 'easy'.
but editing and saving + creating the signatures is different, we don't have the correct keys. - or, maybe we do have the keys, but the information to 'sign' the database is not public
we think the database is specific for our console... i think
someone told me the ticket.db, maybe all the .dbs, are similar to extdata. but a little different. we can edit extdata, so i am sure if someone spends some time, we can edit the ticket.db.

 

[Redferne]

So if I understand all this correctly to clean my emuNAND I could extract the "clean" ticket.db from my sysNAND to inject it into my emuNAND with Decrypt9?

 

[Redferne]

So if I understand all this correctly to clean my emuNAND I could extract the "clean" ticket.db from my sysNAND to inject it into my emuNAND with Decrypt9?

I'm quoting myself.
So in case of anyone care, this works.

Just make sure to make a backup of your sysNAND and emuNAND ticket.db before doing anything. Then install on your sysNAND the CIA manager you use in your emuNAND. Dump your sysNAND ticket.db again and inject it into your emuNAND.
Connect to eShop so the game/demo/updates/dlc you installed since you switched to emuNAND are registered again in the emuNAND ticket.db.
Make a new dump of your emuNAND ticket.db, which is now up to date.
Launch your CIA installer and reinstall the CIAs you want to reinstall. This should be very quick as the files are still on your SD Card.
If you don't remember all the CIAs you installed go in File Management to see what is on you SD Card but no properly installed (the name of the CIA will be a little grey and a cross on the icon will be visible).

 

[cearp]

the new fbi released says it can delete tickets, so you can try that

 

[Redferne]

the new fbi released says it can delete tickets, so you can try that

Thanks for making me noticed that.
I asked just to be sure but that would be great

 

[urherenow]

the new fbi released says it can delete tickets, so you can try that

just now built the latest source and saw that. AWESOME! Guess that answers the questions I had about it

 

[MelonGx]

FunkyCIA/GroovyCIA/CoffeeCIA etc... can read the db sure... reading is 'easy'.
but editing and saving + creating the signatures is different, we don't have the correct keys. - or, maybe we do have the keys, but the information to 'sign' the database is not public
we think the database is specific for our console... i think
someone told me the ticket.db, maybe all the .dbs, are similar to extdata. but a little different. we can edit extdata, so i am sure if someone spends some time, we can edit the ticket.db.

3DBrew said that:

The NAND dbs images for the AES-MAC use a console-unique keyslot where the keyX and keyY for it are initialized by bootrom.

--------------------- MERGED ---------------------------

the new fbi released says it can delete tickets, so you can try that

just now built the latest source and saw that. AWESOME! Guess that answers the questions I had about it

It deletes nothing.
Oppositely, it INCREASES bad ticket duplicates after its "deletion". (The increasing mistake seemed fixed by current FBI 2.0.1)

See more: https://github.com/Steveice10/FBI/issues/52

 

[cearp]

hmm yes ok, that can make sense. so eve though it is still there, the 3ds doesn't see it. and that is important.
but we would rather the data really gone...
but better than nothing, good for deleting interfering tickets some people have after installing decrytped cias with bad titles keys, and wanting to buy or install a better version after.

 

[stebrick]

Thanks for replying to my thread with the most updated info!! You guys are the best!!
Yeah, I figured it somewhere else that FBI could do that ticket deleting job.

Just to clarify, does FBI really delete the ticket? or it deletes nothing but just to hide those tickets?

Here, https://github.com/Steveice10/FBI/issues/52
Let me quote: "+1 for the left over data. These data will be overwritten by any new CIAs/eShop contents installation."

My concern is, how do we know for sure those data will be overwritten? Any test could we conduct?