Toggle sidebar

ROM Hack Pokemon sun and moon save editor?

  • Thread starter Thread starter brunn08
  • Start date Start date
  • Views Views 50,064
  • Replies Replies 108
  • Likes Likes 1
According to the latest data mine, save encryption protection has been broken, editing is possible and not being released until the game launch to prevent them patching it first.
 
Last edited by DocKlokMan,
AnalogMan said:
According to the latest data mine, save encryption has been broken, editing is possible and not being released until the game launch to prevent them patching it first.
Click to expand...
The save is not encrypted... it has a new CRC16 algo, and a little strange new protection, it involves MD5 and AES, had no time to fully reverse it yet, but if someone is interested in the save structure:

Code: 
index, offset, size, function name
0, 0x0, 0xDE0, Savedata::MyItem
1, 0xE00, 0x7C, Savedata::Situation
2, 0x1000, 0x14, Savedata::RandomGroup
3, 0x1200, 0xC0, Savedata::MyStatus
4, 0x1400, 0x61C, Savedata::PokePartySave
5, 0x1C00, 0xE00, Field::EventWork
6, 0x2A00, 0xF78, Savedata::ZukanData //Pokedex
7, 0x3A00, 0x228, Savedata::GtsData
8, 0x3E00, 0x104, Savedata::UnionPokemon //Kyurem
9, 0x4000, 0x200, Savedata::Misc
10, 0x4200, 0x20, Savedata::FieldMenu
11, 0x4400, 0x4, Savedata::ConfigSave
12, 0x4600, 0x58, Savedata::GameTime
13, 0x4800, 0x5E6, Savedata::BOX
14, 0x4E00, 0x36600, Savedata::BoxPokemon
15, 0x3B400, 0x572C, Savedata::ResortSave
16, 0x40C00, 0x8, Savedata::PlayTime
17, 0x40E00, 0x1080, Savedata::FieldMoveModelSave
18, 0x42000, 0x1A08, Savedata::Fashion
19, 0x43C00, 0x6408, Savedata::JoinFestaPersonalSave
20, 0x4A200, 0x6408, Savedata::JoinFestaPersonalSave
21, 0x50800, 0x3998, Savedata::JoinFestaDataSave
22, 0x54200, 0x100, Savedata::BerrySpot
23, 0x54400, 0x100, Savedata::FishingSpot
24, 0x54600, 0x10528, Savedata::LiveMatchData
25, 0x64C00, 0x204, Savedata::BattleSpotData
26, 0x65000, 0xB60, Savedata::PokeFinderSave
27, 0x65C00, 0x3F50, Savedata::MysteryGiftSave
28, 0x69C00, 0x358, Savedata::Record
29, 0x6A000, 0x728, Savedata::ValidationSave
30, 0x6A800, 0x200, Savedata::GameSyncSave
31, 0x6AA00, 0x718, Savedata::PokeDiarySave
32, 0x6B200, 0x1FC, Savedata::BattleInstSave
33, 0x6B400, 0x200, Savedata::Sodateya
34, 0x6B600, 0x120, Savedata::WeatherSave
35, 0x6B800, 0x1C8, Savedata::QRReaderSaveData
36, 0x6BA00, 0x200, Savedata::TurtleSalmonSave //here is the new save protection, strange name^^
37, 0x6BC00, 0x200, Savedata::Footer
 
  • Like
Reactions: KazoWAR
BYK said:
Me podrias pasar el link porfavor
Click to expand...
You should edit your comment. The gbatemp rules want to have everything on a languague everybody can read
Also i think you should better wait instead of trying to edit the demo save.
Also so desperatly are you to have Rockruff on your party?
 
I hope svdt & save manager will get updated too for them to work on Sun/Moon in Homebrew.
I don't want to install custom firmwares (besides simple HB) just to extract saves in new games like S/M.
 
Last edited by Princess Emily,
Princess Emily said:
I hope svdt & save manager will get updated too for them to work on Sun/Moon in Homebrew.
I don't want to install custom firmwares (besides simple HB) just to extract saves in new games like S/M.
Click to expand...

Doesn't Savedatafiler still work for export/import saves? What are you guys using now and does it work with .3ds/gateway format saves and games?


Sent from my iPhone using Tapatalk
 
  • Like
Reactions: Skullkandy64
Skeet1983 said:
Doesn't Savedatafiler still work for export/import saves? What are you guys using now and does it work with .3ds/gateway format saves and games?


Sent from my iPhone using Tapatalk
Click to expand...
Savedatafiler? It doesn't work on homebrew.

Kinda irrelevant on my last comment about no custom firmwares or piracy....
 
Last edited by Princess Emily,
Falo said:
The save is not encrypted... it has a new CRC16 algo, and a little strange new protection, it involves MD5 and AES, had no time to fully reverse it yet, but if someone is interested in the save structure:

Code: 
index, offset, size, function name
0, 0x0, 0xDE0, Savedata::MyItem
1, 0xE00, 0x7C, Savedata::Situation
2, 0x1000, 0x14, Savedata::RandomGroup
3, 0x1200, 0xC0, Savedata::MyStatus
4, 0x1400, 0x61C, Savedata::PokePartySave
5, 0x1C00, 0xE00, Field::EventWork
6, 0x2A00, 0xF78, Savedata::ZukanData //Pokedex
7, 0x3A00, 0x228, Savedata::GtsData
8, 0x3E00, 0x104, Savedata::UnionPokemon //Kyurem
9, 0x4000, 0x200, Savedata::Misc
10, 0x4200, 0x20, Savedata::FieldMenu
11, 0x4400, 0x4, Savedata::ConfigSave
12, 0x4600, 0x58, Savedata::GameTime
13, 0x4800, 0x5E6, Savedata::BOX
14, 0x4E00, 0x36600, Savedata::BoxPokemon
15, 0x3B400, 0x572C, Savedata::ResortSave
16, 0x40C00, 0x8, Savedata::PlayTime
17, 0x40E00, 0x1080, Savedata::FieldMoveModelSave
18, 0x42000, 0x1A08, Savedata::Fashion
19, 0x43C00, 0x6408, Savedata::JoinFestaPersonalSave
20, 0x4A200, 0x6408, Savedata::JoinFestaPersonalSave
21, 0x50800, 0x3998, Savedata::JoinFestaDataSave
22, 0x54200, 0x100, Savedata::BerrySpot
23, 0x54400, 0x100, Savedata::FishingSpot
24, 0x54600, 0x10528, Savedata::LiveMatchData
25, 0x64C00, 0x204, Savedata::BattleSpotData
26, 0x65000, 0xB60, Savedata::PokeFinderSave
27, 0x65C00, 0x3F50, Savedata::MysteryGiftSave
28, 0x69C00, 0x358, Savedata::Record
29, 0x6A000, 0x728, Savedata::ValidationSave
30, 0x6A800, 0x200, Savedata::GameSyncSave
31, 0x6AA00, 0x718, Savedata::PokeDiarySave
32, 0x6B200, 0x1FC, Savedata::BattleInstSave
33, 0x6B400, 0x200, Savedata::Sodateya
34, 0x6B600, 0x120, Savedata::WeatherSave
35, 0x6B800, 0x1C8, Savedata::QRReaderSaveData
36, 0x6BA00, 0x200, Savedata::TurtleSalmonSave //here is the new save protection, strange name^^
37, 0x6BC00, 0x200, Savedata::Footer
Click to expand...

The structure has been RE'd already, don't worry.
Devs won't release it tho until the game is released, because they don't want Ninty to change the structure again
 
Noroxus said:
The structure has been RE'd already, don't worry.
Devs won't release it tho until the game is released, because they don't want Ninty to change the structure again
Click to expand...
Sorry, but that does "RE" mean? So many meanings in google search BTW.
 
Princess Emily said:
Sorry, but that does "RE" mean? So many meanings in google search BTW.
Click to expand...
Reverse engineering

It's a term often used in console hacking etc.
When you don't have any information about a specific program or sth. people will try to reverse it and therefore gain more knowledge about it.

Often dev's try to randomize their code structure through ASLR or KASLR in order to prevent this by switching address locations every boot
 
Last edited by Noroxus,
Noroxus said:
The structure has been RE'd already, don't worry.
Devs won't release it tho until the game is released, because they don't want Ninty to change the structure again
Click to expand...
I also reversed it by now, i could make it public if you could do anything with it in the demo.
Just a small info: 1x sha256, 2x sha1, 2x aes-128 and 1x rsa-768 is used to protect the crc16 table...
".text:0025C4D4" is the start of the algo, IDA Pro + Citra emu works great! ^^
 
  • Like
Reactions: Noroxus
Falo said:
I also reversed it by now, i could make it public if you could do anything with it in the demo.
Just a small info: 1x sha256, 2x sha1, 2x aes-128 and 1x rsa-768 is used to protect the crc16 table...
".text:0025C4D4" is the start of the algo, IDA Pro + Citra emu works great! ^^
Click to expand...
Nice!
No need to make it public tho as you said theres no point in doing so yet. :P

EDIT: Oh yeah, I heard Citra's FPS for S/M Demo is great. Can't believe that emulator is getting better and better this fast
 
Last edited by Noroxus,
Traiver said:
All you can do for now, is looking at the info of your Pokémon.

View attachment 66639
Click to expand...

Can you please pass me the link

--------------------- MERGED ---------------------------

Roythekids5 said:
You should edit your comment. The gbatemp rules want to have everything on a languague everybody can read
Also i think you should better wait instead of trying to edit the demo save.
Also so desperatly are you to have Rockruff on your party?
Click to expand...
ok sorry i am new in gba temp xD Sorry for my English
 
Interesting.I only will use pkhex when it comes out the first day to get magearna.Its going to be bitch getting magearna from people.So i mind as well save myself from the suffering.Especially since the japs get it first.But im very happy i can use pkhex the day sun and moon come out

--------------------- MERGED ---------------------------

Not surprised at all.Actually there already have been other discussions about this.
 
Last edited by Skullkandy64,

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Hardware  2 Broken 3DSes, need help

Website for finding alternative games for 3DS

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance

GodMode9 wont launch, holding START just goes to home screen