1. quantumboy

    quantumboy Casual Hacker, Avid Dreamer
    Member

    Joined:
    Jun 26, 2013
    Messages:
    421
    Country:
    United States
    Can this key be used to decrypt and re-encrypt pokemon saves(that were saved on a 4.5 with emunand) or actual saves from real carts (dumped with power saves)
     
  2. idunoe

    idunoe Advanced Member
    Newcomer

    Joined:
    Aug 23, 2014
    Messages:
    55
    Country:
    so I can use this to decrypt ROMS with ctrtool?
     
  3. Abcdfv

    Abcdfv What comes around goes around.
    Member

    Joined:
    Dec 24, 2013
    Messages:
    1,459
    Country:
    United States
    Seems that way.
     
  4. idunoe

    idunoe Advanced Member
    Newcomer

    Joined:
    Aug 23, 2014
    Messages:
    55
    Country:
    cool i'll give it a shot now!

    edit: Team Fail your program doesn't work
    Code:
    Header:                NCSD
    Signature (FAIL):      C38C33762FEE267353FAEF479458DFAFCF0527C26D9F52E87300B1B3A6512C60
                            43C774793360C08FA838546D428C56715020EEDB787AD2AA3AEE50DDEE39643E
                            95BF07387A831B2E0819E64B67027CFA99E60CF6EEE78543C2FBFC0203E5B826
                            71066278EFC0C4B62C811AEA3450F8D789213E887C99D5305B73BAC2B300102A
                            1E05AA3531228BCD25E643249C144AC71FF3A712066ADD4CC3E55F2BCA210636
                            D3178B50A1CC80444F5CB266D4356910BB187B168ABB9F6FED7898BCEA86EA44
                            291C65DED4D2AC17777C3C167BF713F2962E0549B6424DEF08A749DBB2DDAD58
                            790E8298A08BAD43188FA57F0731A21EA6BEEA1D764C9042788805DA5E2381AD
    Media size:            0x00040000
    Media id:              0004000000074800
     
    Partition 0           
    Id:                    0048070000000400
    Area:                  0x00004000-0x00478000
    Filesystem:            00
    Encryption:            00
     
    Partition 1           
    Id:                    00FFF30F00000400
    Area:                  0x00478000-0x004B0000
    Filesystem:            00
    Encryption:            00
     
    Extended header hash:  0000000000000000000000000000000000000000000000000000000000000000
    Additional header size: 00000000
    Sector zero offset:    00000000
    Flags:                  0000000201020000
    > Mediaunit size:      0x200
    > Mediatype:          Card2
    > Card Device:        None
     
    NCCH:
    Header:                NCCH
    Signature (FAIL):      5032D0D6E4BFDB6914348AE2063A6186C034C9E796F0E19FD0DCBC7C8E9A3BFB
                            1E753DFCBD8C1A04579BD154B9CB0ABC160581790F98BFA9C17D88036207A4ED
                            D38EFB0735667FFF57A451CD1702041A1282EF6D84B26AA9E59E6E5448656322
                            136A7D9739AECA725D0405FB159A77596AB8BCA8EB523832F6C56822E9C4F259
                            24B5D8A135C9D3842E886569627D52AB846B16F9A9BA44ECF51EFA007B34B429
                            8BB37CE8CC8CE8EB87F17F2F5F8D38B28640C89DF67E376F8D680B7818F7ED5B
                            B99C88D9E04BACCBFB94FD092DCC5C08C83463A2F0797AF83AE23F4C6EF0B924
                            E9BC9042A055084ECEA74D2EB7857186EFAAD08445233B1D5D7B0C53951F31C7
    Content size:          0x00474000
    Partition id:          0004000000074800
    Maker code:            3130
    Version:                0002
    Program id:            0004000000074800
    Logo hash:              0000000000000000000000000000000000000000000000000000000000000000
    Product code:          CTR-N-PAAJ
    Exheader size:          00000400
    Exheader hash (FAIL):  2787D6299EB2DFA8B491CAA71F9639619264DD0170F3296EE0049CA4671232A0
    Flags:                  0000030100000000
    > Mediaunit size:      0x200
    > Crypto key:          Secure
    > Form type:          Executable content
    > Content type:        Application
    > Content platform:    CTR
    Plain region offset:    0x00000000
    Plain region size:      0x00000000
    Logo offset:            0x00000000
    Logo size:              0x00000000
    ExeFS offset:          0x00004a00
    ExeFS size:            0x0046f000
    ExeFS hash region size: 0x00000200
    RomFS offset:          0x00474000
    RomFS size:            0x00004000
    RomFS hash region size: 0x00000200
    ExeFS Hash (FAIL):      399B28799679B0537617E57CFBDE8B1E229E153D53315CC797FD29330DFF787F
    RomFS Hash (FAIL):      8B6BD5BB80376C70C1458919DF58F87923A8289518E6861FB3A5E72960B5F1C6
    
     
  5. Abcdfv

    Abcdfv What comes around goes around.
    Member

    Joined:
    Dec 24, 2013
    Messages:
    1,459
    Country:
    United States
    I also have no idea what I'm talking about but I think they still need to run through the aes core.
     
  6. idunoe

    idunoe Advanced Member
    Newcomer

    Joined:
    Aug 23, 2014
    Messages:
    55
    Country:
    wait? if it's the key, why does it need to go through the aes core?
     
  7. loco365

    OP loco365 GBAtemp Guru
    Member

    Joined:
    Sep 1, 2010
    Messages:
    5,457
    The keys need to be put in the aes core, and it spits out an xorpad, which, from there, when xored on your romfs or encrypted files, decrypts them into the readable formats.

    Basically

    1. You get your keys.
    2. Put them into the aes core, and get your xorpad. <- This is the only step that hasn't been completed. However, all the files to achieve this are public.
    3. xor the file you want to decrypt.
    4. ???
    5. Profit!
     
    Celice and zecoxao like this.
  8. idunoe

    idunoe Advanced Member
    Newcomer

    Joined:
    Aug 23, 2014
    Messages:
    55
    Country:
    so I just checked the source code, this isn't a key generator, this is a keyY generator. the CTR isn't a key, its just "CTR" or "counter". you stuffed up the endianness for the outputted "keys"
     
    zecoxao likes this.
  9. loco365

    OP loco365 GBAtemp Guru
    Member

    Joined:
    Sep 1, 2010
    Messages:
    5,457
    That'd be my mistake (Looks like I'll have to update this), but yeah. You do use the KeyY, but there's a second key that you need to generate the xorpad. This just makes it easier to work with.
     
  10. atenzor

    atenzor Advanced Member
    Newcomer

    Joined:
    Mar 14, 2010
    Messages:
    78
    Country:
    Canada
    OK so I have 3ds explorer and one version which is a mod of 3ds explorer (but to me looks exactly the same, but whatever), I also have the ctr toolkit (with extdata_tool, etc), rom_tool, your 3ds key decrypter, a copy of super mario 3d land rom (3ds format), and so my question is how do I proceed from here to extract anything from the mario rom? any tutorials? thanks guys!

    p.s.: some people mention ctrtool, but is that rom_tool or something else? i saw a github of ctrtool but is not compiled and im not very good with compile stuff, can anyone upload an exe for me of latest version? thanks!
     
  11. Relys

    Relys ^(Software | Hardware) Exploit? Development.$
    Member

    Joined:
    Jan 5, 2007
    Messages:
    874
    Country:
    United States
    We have our own tools to calculate initial ctr along with code to generate xor pad on 3DS. We're polishing them up for release. Expect lamers from #3dsdev rushing to release there's even though they had no plans to before our team got together and started working on this two days ago.
     
  12. zecoxao

    zecoxao GBAtemp Fan
    Member

    Joined:
    Dec 25, 2013
    Messages:
    347
    Country:
  13. atenzor

    atenzor Advanced Member
    Newcomer

    Joined:
    Mar 14, 2010
    Messages:
    78
    Country:
    Canada
  14. loco365

    OP loco365 GBAtemp Guru
    Member

    Joined:
    Sep 1, 2010
    Messages:
    5,457
    I'm just taking public information and putting it to use. Because I am bored.
     
    cearp, Celice and zecoxao like this.
  15. SonyUSA

    SonyUSA We're all mad here
    Contributor

    Joined:
    May 12, 2006
    Messages:
    1,434
    Country:
    United States
    Let's be clear: Team Fail did not decrypt that ROM in the screenshot, that is the work of others.
     
    loco365 likes this.
  16. Apache Thunder

    Apache Thunder I have cameras in your head!
    Member

    Joined:
    Oct 7, 2007
    Messages:
    4,265
    Country:
    United States
    Perhaps one day Pokemon XY can have a randomizer and a Draino hack or stuff similar to that effect. :P Still gonna need a Gateway to play it, but whatever. :P
     
  17. spf180

    spf180 Member
    Newcomer

    Joined:
    Jul 2, 2013
    Messages:
    29
    Country:
    United States
    That crappy Gateway only works on 4.5. So have fun finding a 4.5 3ds

    I wasn't talking about the screenshot. I was talking about this Decryption KeyGen.
     
  18. Abcdfv

    Abcdfv What comes around goes around.
    Member

    Joined:
    Dec 24, 2013
    Messages:
    1,459
    Country:
    United States
    I found one in the second shop (first shop wouldn't let me check FW) I went into on my first try. The're far more common than you think.
     
  19. Relys

    Relys ^(Software | Hardware) Exploit? Development.$
    Member

    Joined:
    Jan 5, 2007
    Messages:
    874
    Country:
    United States

    Ah, I wasn't talking about you. Just the other people who have decrypted roms before.

    I love the work you've done for music and video extraction.
     
  20. Celice

    Celice GBAtemp Advanced Maniac
    Member

    Joined:
    Jan 1, 2008
    Messages:
    1,919
    Country:
    United States
    Yours is the best kind of boredom :)
     
Loading...

Hide similar threads Similar threads with keywords - Decryption, Generator,