Hacking RELEASE HACDN - Download game NCA files directly from Nintendo's CDN!

[Uwabami]

I've been using my cert for about 5 months now, nothing.

Yes, because very few people have used it yet. Again: this is something that can get you banned retroactively, because default webserver-logging will have the necessary info to tell your app from a real request. Wait a few weeks and people will get banned.

 

[teusjuh30]

I've been using my cert for about 5 months now, nothing.

maybe a noob vision but if people share there title keys the way to piracy is open?

 

[lilpataya]

I've been using my cert for about 5 months now, nothing.

This wasn't public and not a only a few people are doing it. If everyone starts doing it Nintendo will have to take action and probably start a ban wave

 

[SimonMKWii]

Yes, because very few people have used it yet. Again: this is something that can get you banned retroactively, because default webserver-logging will have the necessary info to tell your app from a real request. Wait a few weeks and people will get banned.

Do you know how many requests they must receive to their servers per second?
I would say tens of thousands, per second.
I'd consider the likelihood of them finding you and banning you to be near-impossible.

 

[lilpataya]

Do you know how many requests they must receive to their servers per second?
I would say tens of thousands, per second.
I'd consider the likelihood of them finding you and banning you to be near-impossible.

All their requests are the same, it would be easy to find the wrong ones

 

[SimonMKWii]

All their requests are the same, it would be easy to find the wrong ones

What? Literally every request they receive is unique.

 

[Creatable]

What? Literally every request they receive is unique.

Except for the ones you send.

 

[Haymose]

For context, though, the "idiot" comments were me trying to explain why he shouldn't be hosting a piracy site while having his real name be public: https://gist.github.com/SciresM/19df11a4e83227a94380b8bffab5049d

I've said my piece, and don't really feel the need to say more.

I encourage everyone to read this. There are some parts that are very concerning. Like this...

SimonMKWii - Today at 2:22 AM
It's just... not illegal here
That's why
In the US, massive parts of copyright law is dedicated to cryptography
Here
Not so much

 

[SimonMKWii]

Except for the ones you send.

Umm, what? v3 (coming soon) sends the exact same request a Switch would send.

 

[bailli]

@SimonMKWii Could you please just say in the title something like "I am pretty sure it's save to use but use at your own risk" because claiming it to be 100% save is very misleading to common users. Since none can really say if it really is 100% save and it is probably not 100% save since none can predict for sure how Nintendo will act...

No need for a warning since he takes full responsibilty:

I was about to remove it, but I feel that he should show me at least a little bit of respect before I do something he requests.
And also, if your cert gets banned from this application (which it won't), I will happily take full responsibility for it.

I guess he will setup a website where you can order a new switch and have it charged to his bank account, if you can upload a banned console cert...

Also: This app gets piracy not a single step closer contrary to what many people here think or hope. All you get is a chance to get banned some time later, so skip this app (at least for now!)

Also #2: On a regular webserver finding bogus requests would likely be in the range of one or two lines of script...

 

[Uwabami]

Do you know how many requests they must receive to their servers per second?
I would say tens of thousands, per second.
I'd consider the likelihood of them finding you and banning you to be near-impossible.

A basic grep search can do it. Even with thousands of requests per second, your app is easily identifiable in the logs.

What? Literally every request they receive is unique.

Yes, but the pattern of actual consoles and the pattern of your app are completely different. This is not rocket science. Your app will get a lot of people banned. At least warn them in your OP.

Umm, what? v3 (coming soon) sends the exact same request a Switch would send.

You base this on what evidence? Your interactions with SciresM and what how you behaved in this thread are not encouraging.

 

[SimonMKWii]

I encourage everyone to read this. There are some parts that are very concerning. Like this...

SimonMKWii - Today at 2:22 AM
It's just... not illegal here
That's why
In the US, massive parts of copyright law is dedicated to cryptography
Here
Not so much

Oh great, you're one of those "if you pirate you deserve to die" people, aren't you?

 

[Creatable]

Umm, what? v3 (coming soon) sends the exact same request a Switch would send.

Everyone who uses it up to the point of the release of that will have their Switch most likely banned. You should pull the download link down, and if your program has an auto update feature, use that to send out an update that makes it so the program does not function. You are making it so people have the chance to get banned, do the right thing and take it down until Nintendo cannot tell the difference.

--------------------- MERGED ---------------------------

Oh great, you're one of those "if you pirate you deserve to die" people, aren't you?

"
The following error occurred:
You are a nosy little bastard who wants to see inside my precious directories!

Use the website for its intended purpose, don't just sniff around my files."

 

[lilpataya]

Umm, what? v3 (coming soon) sends the exact same request a Switch would send.

The requests currently made by your app won't be the same as the ones from the switch (not talking about v3) and they could find them easily.

 

[Haymose]

Oh great, you're one of those "if you pirate you deserve to die" people, aren't you?

No it has to do with your claim that your tool is 100% safe when you don't actually know if it is.

 

[SimonMKWii]

The requests currently made by your app won't be the same as the ones from the switch (not talking about v3) and they could find them easily.

Shit, I just realised I forgot to pull the download.
v3 has UserAgent = "NintendoSDK Firmware/5.0.2-83886592 (platform:NX; did:" + TextBox6.Text + "; eid:lp1)", textbox6.text being the did.

 

[Uwabami]

Oh great, you're one of those "if you pirate you deserve to die" people, aren't you?

You better believe that Nintendo can also reach you in Australia. The US doesn't treat with countries that do not honor the DMCA. They even got Sweden to cave to their demands, if they find out who you are and you are indeed running that title key site, you're toast my friend. Better get out while you can.

Shit, I just realised I forgot to pull the download.
v3 has UserAgent = "NintendoSDK Firmware/5.0.2-83886592 (platform:NX; did:" + TextBox6.Text + "; eid:lp1)", textbox6.text being the did.

This is why you should warn users. You can't just bumble around with stuff like this. Your app will cause a huge ban wave.

 

[renhei]

So what does this actually do? If I'm understanding correctly, since I own Breath of the Wild on a cart, I could use this tool to download the game and not have to use the cart anymore? Or am I mistaken?

 

[teusjuh30]

makes this piracy available when people share them title keys. Or is my vision too noob

 

[Creatable]

So what does this actually do? If I'm understanding correctly, since I own Breath of the Wild on a cart, I could use this tool to download the game and not have to use the cart anymore? Or am I mistaken?

That's correct, issue is though, you can't install it, also Nintendo can see that you downloaded from em.