Hacking CDNSP is NOT dead. They just don't want us to use it.

[l915205]

Previous thread was closed by the mod, so let's start with this warning:
Do not download and run random stuff from the internet. Like never. There are fake EdgeAuther versions floating around that steal your cert. There are no working CDNSP copy in public access yet.

Now quick recap of what previous thread was about:

We all know the sad story they tell us: Nintendo killed CDNSP with 6.0 FW, welcome back to dark ages of torrents and file-sharing shitholes. But is it really true?

<some proofs and guesses>

Thread was deleted but that wasn't end of the story. Someone sent me the copy of EdgeAuther source code grabbed right before github repository was made private. So now I am 100% sure of the following things:

1. CDNSP is still working. You can download everything from Nintendo CDN like it was prior to 6.0 FW.
2. Changes to make CDNSP work again are trivial. My estimate is ~50 lines of code depending of your language of choice.
3. Some people are desperately trying to hide this information from public. Apparently to make CDN their exclusive piracy source.

EdgeAuther code is licensed under MIT allowing me to post it here. But since author (simonmkwii) wants to keep it private I only tell what needs to be done to make CDNSP work again to those interested:

0. You have to went online after 6.0 FW update at least once. Then Nintendo will add your certificate to white list. If you never went online with 6.0+ FW and try to get token for CDN access your certificate will be banned. Take this step with grain of salt because there is no way to properly verify it. But it sounds plausible. Nintendo wants to be sure you made legit FW update.
1. To access CDN you need edge token, that's the only difference between 6.0 FW and previous versions. To request it you need to authenticate your device first (not possible if your certificate is banned). Device authentication process is described here. Edge token request is single extra HTTP call. Token is valid for 24 hours. This step is done by EdgeAuther utility.
2. Now you can use this token to run CDNSP, just add X-Nintendo-DenebEdgeToken header like this.

The way EdgeAuther requests edge token is pretty straightforward. Two HTTP calls and your are golden. The only thing I don't understand is how AES key is derived to CMAC request body. There are also some hardcoded constants (Client ID, User-Agent, endpoint URL) that I suspect may be different for every FW revision. My copy is for 6.0 FW. If anyone is interested to implement working utility or patch CDNSP.py I can try to write pseudo-code for the authentication process.


UPDATE


-snip-
Don't build code without proper audit, don't run precompiled binaries from this repo ever!
Also I'm still worried that this version is for 6.0.0 firmware, some constants (Client_ID, UserAgent, SysDigest, BaseURL) may be outdated. Make sure you understand what are you doing before risking your cert.

 

[DeuX]

And what good comes from opening CDN to everyone? You have few weeks of freeleech until Nintendo increases security and then there's no CDN or scene releases to anyone and we are back to the dark ages of downloading scene releases dumped once in a new moon in shady sites.

 

[NoNAND]

Wow this is interesting
BUT it'd be good if only a few people got access to CDNSP and share .nsps online rather everyone using it and nintendo finds a way to fix this and we won't be able to download game/update/dlc nsps in the future.

 

[XorTroll]

Exactly, if everyone starts downloading all the stuff they want on CDN that will just make Nintendo kill CDNSP and all that stuff. If only one or just a few have access to the content in the CDN is way safer. Do you guys really want games from the CDN? Then shut up and listen, or we won't have CDN anymore.

 

[blahblah]

Stop reposting this. It was closed for a reason.

 

[peteruk]

Wonder where the author of the program get's there cert's

 

[l915205]

And what good comes from opening CDN to everyone?

I can only speak for myself. I am primary interested in how it all works from technical view point. Also I don't like people monetizing on the piracy, but that hardly relevant.

nintendo finds a way to fix this and we won't be able to download game/update/dlc nsps in the future.

Nintendo already implemented pretty robust system. If your cert is banned you can't do anything. They just need to audit logs for illegal content access faster (imagine cert bans in 5 minutes).
But apparently they think it's not worth it right now, perhaps because of the extra load to network backend.

 

[FAST6191]

Thanks for the info.

and we are back to the dark ages of downloading scene releases dumped once in a new moon in shady sites.

What nominally popular device Scene did that ever happen for since we all got at least ADSL connections?

 

[aurelios69]

It better to be accessible for some, for a long time. Than for everyone for 2 months.

 

[DeuX]

I can only speak for myself. I am primary interested in how it all works from technical view point. Also I don't like people monetizing on the piracy, but that hardly relevant.


Nintendo already implemented pretty robust system. If your cert is banned you can't do anything. They just need to audit logs for illegal content access faster (imagine cert bans in 5 minutes).
But apparently they think it's not worth it right now, perhaps because of the extra load to network backend.

If you're only interested in how it works then you shouldn't post a how to. Research and keep it to yourself, plus nobody is making a profit on piracy other than the assholes from a certain darksite that put paywalls in front of the downloads, if you were on our Discord you would actually see that whe discourage any kind of profit from piracy

 

[NoNAND]

Exactly, if everyone starts downloading all the stuff they want on CDN that will just make Nintendo kill CDNSP and all that stuff. If only one or just a few have access to the content in the CDN is way safer. Do you guys really want games from the CDN? Then shut up and listen, or we won't have CDN anymore.

Finally someone who understands

 

[XorTroll]

Finally someone who understands

The problem is that the others don't understand

 

[DeuX]

Thanks for the info.


What nominally popular device Scene did that ever happen for since we all got at least ADSL connections?

Lock CDN and scene uploaders don't release as fast as currently since the need to a) buy the game b) dump the nand c) extract the NSP and d) repack the nsp to upload.

 

[NoNAND]

SD to NSP dumper is our final hope.

 

[l915205]

If you're only interested in how it works then you shouldn't post a how to

I shouldn't post relevant technical info on gbatemp because someone is afraid to loose their exclusive piracy source? I disregard this advice.

plus nobody is making a profit

They make advertising money, referral money, premium subscriptions money and most desired: attention.

 

[DeuX]

I shouldn't post relevant technical info on gbatemp because someone is afraid to loose their exclusive piracy source? I disregard this advice.


They make advertising money, referral money, premium subscriptions money and most desired: attention.

You clearly don't see the bigger picture, you're just acting like a spoiled brat that didn't receive his gift on Christmas.

 

[ghjfdtg]

Unpopular opinion time: You have no right to pirate directly from their servers and you are a moron if you think they won't notice even if few access it. The 3DS CDN shows how to do it right so they already know how to fix it for good. It's just not implemented yet on the Switch CDN.

 

[XorTroll]

I shouldn't post relevant technical info on gbatemp because someone is afraid to loose their exclusive piracy source? I disregard this advice.


They make advertising money, referral money, premium subscriptions money and most desired: attention.

Exclusive piracy source? All the dumped or accessed titles from CDN are shared

 

[blahblah]

The OP is a massive fucking idiot.

The 'dark ages' of typical scene activity.

The CDN needs to be semi-protected so those doing actual releases don't have to use SD dumping tools to grab every single game. You have no real valid reason to access it, other than whininess. Stop trying to fuck up a good thing.

No one with CDN is using it to download random games they want. People are using it to pull updates and new games upon dump of the title key. Said contents are then shared, either on p2p or pred as scene releases.

The monetization you talk about is bad, but that has nothing to do with the CDN. No one throwing links behind adfly crap on a certain site has CDN access.

 

[FAST6191]

I can understand wanting to keep an exploit open to dump an anticipated game ahead of time, and not burn it on junk*, but I am struggling to understand the desire to keep something as banal as this CDN lark open.

*the one with Origin the other year was known about and was actually being saved for Watch_Dogs.