Hacking Crediar just Released 3DSaveTool!

[Kentoss]

To clarify some things:

I am using NDS Adaptor Plus to back up my save. I am able to successfully restore unaltered save files using this device. It is only after making minor edits using this tool that the save suddenly corrupts. Seems the reencryption isn't quite there yet.

 

[notmeanymore]

To clarify some things:

I am using NDS Adaptor Plus to back up my save. I am able to successfully restore unaltered save files using this device. It is only after making minor edits using this tool that the save suddenly corrupts. Seems the reencryption isn't quite there yet.

Wait so you mean something like:
Save A gets backed up, and you play some, and it becomes Save B. You successfully rewrote the backup of Save A over Save B?

Has anyone tried backing up a save and restoring it onto a different cart(as in backup a SSFIV save on one cart, and restore it onto a different SSFIV cart)?

 

[KazoWAR]

Cracking the XOR encryption may not be the only thing that is needed to modify save data on 3DS games. Most if not all games should be using some kind of checksum for the entire or blocks of the save file. Checksums are used to prevent the game from loading data that was saved incorrectly or altered externally. This is to prevent undesired effects or even crashing of the game if unexpected data was loaded. If the calculated checksums of the data blocks do not match the checksums in the save file, the game will say the data is corrupted and delete it. If you can find the checksum and figure out how it is calculated then you should be able to correct it after you edit the data.

 

[Cyan]

Wait so you mean something like:
Save A gets backed up, and you play some, and it becomes Save B. You successfully rewrote the backup of Save A over Save B?

I don't know if anyone tried this (There's no report).


When reading the Console Manual, it's explicitly explained that you can't restore an older save file (even officially, when there will be a backup manager menu in May), "overwriting a file on the SD card will render the file unreadable."
I think the 3DS may be storing a date/time reference on the internal nand.
Maybe forging the file's time stamp to match the most recent one could work. (well, we will be able to try only after the released save menu)
Or maybe it store the last saved checksum and not the date

 

[KazoWAR]

Wait so you mean something like:
Save A gets backed up, and you play some, and it becomes Save B. You successfully rewrote the backup of Save A over Save B?

I don't know if anyone tried this (There's no report).


When reading the Console Manual, it's explicitly explained that you can't restore an older save file (even officially, when there will be a backup manager menu in May), "overwriting a file on the SD card will render the file unreadable."
I think the 3DS may be storing a date/time reference on the internal nand.
Maybe forging the file's time stamp to match the most recent one could work. (well, we will be able to try only after the released save menu)
Or maybe it store the last saved checksum and not the date

 

[Cyan]

ah yes, you have a good point

 

[pachura]

Note : CRC can be forged too. I don't know about MD5 or Sha-x

You do not "forge" CRC. You calculate it. The same for MD5 and SHA-x. They are just hash functions used for verifying file consistency and for one-way password "encryption".

But of course, you can take multiple measures against modifying save files. You can calculate hash and store it in NAND, but only verify it if the save file is not coming from another 3DS. You can add secret salt to unencrypted contents before calculating the hash to make it non-standard. Etc., etc....

 

[Kentoss]

Through my own experiences I've been able to successfully overwrite the save file on the cart with a previous save file that was unaltered. That's all I'm getting at. The exact line of events went like this:

1. Created Save backup called Save1.sav
2. Decrypted Save1.sav to Decrypted.sav
3. Searched for the byte value of my score.
4. Edited it to something higher
5. Encrypted Decrypted.sav to NewSave.sav
6. Restored NewSave.sav to cart
7. Upon loading game in 3DS I was immediately greeted with a corrupted save file error
8. The save file was wiped by the system and started clean
9. Took game out and put it back into NDS Adaptor Plus
10. Restored original Save1.sav (from step 1) onto cart
11. Loaded fine without issue

A CRC is also a likely culprit for this. It has to be something we're overlooking or the encryption doesn't quite work yet.

 

[Cyan]

Note : CRC can be forged too. I don't know about MD5 or Sha-x

You do not "forge" CRC. You calculate it. The same for MD5 and SHA-x. They are just hash functions used for verifying file consistency and for one-way password "encryption".

But of course, you can take multiple measures against modifying save files. You can calculate hash and store it in NAND, but only verify it if the save file is not coming from another 3DS. You can add secret salt to unencrypted contents before calculating the hash to make it non-standard. Etc., etc....

I'm sorry, but CRC32 can be forged easily by editing 4 bytes only (=32bits). This was mainly used by Snes rom hacking to make a matching CRC checksum after creating a translation patch.
I don't think MD5 and Sha-x can be easily forged though, they are usually a one way checksum. (edit : md5 can also be forged, but not as easy as crc)

http://blog.stalkr.net/2011/03/crc-32-forging.html
http://en.wikipedia.org/wiki/Cyclic_redundancy_check

 

[FAST6191]

There were a couple of GBA roms also with faked/forged CRC32 values (same as pure releases but containing intros).

As for MD5 it has been compromised but it is possibly still just about outside our range (see the fake certificate authority a while back- that was a brute forced MD5 via a PS3 cluster). This being said some interesting things have happened in GPU and FPGA world and I can see a return of that amusing attempt to bruteforce the DSi key working for this (this would assume a straight up exploit available though just needing a "valid" hash- it is not viable for more general use unless perhaps Datel want to do a "hacked save" action replay/gameshark again).

SHA stuff not so much- largely academic (there was a person in China who had a bunch of attacks better than brute force but still not realistic- Bruce Schneier spoke about it on his blog a few months back when he was discussing the next crypto standards he was playing with) or more along the lines of bad implementation ( http://www.theregister.co.uk/2011/01/11/am..._wifi_cracking/ ).

I would fear salting if only because it would likely probably be something resembling security by obscurity- a few bits more entropy is one thing but if we do not know how those bits are used and the 3ds is still a closed system then it is considerably more troublesome.

All this of course does assume we need to forge a hash (values retained in hardware or something) and not just calculate it.

 

[Kentoss]

[youtube]http://www.youtube.com/watch?v=NALLwKADw-E[/youtube]

Here's a video I quickly made just to make things more clear for those who are still confused or in the dark. You can restore save files that haven't been altered, but as soon as you change anything after decrypting it considers the save file corrupt.

 

[Rydian]

Can you decrypt and then re-encrypt and have it work, without editing it?

 

[Kentoss]

It actually does work fine without editing. I suppose there's no fault in the encryption process itself, but rather an added layer of security that detects the "corruption".

 

[Rydian]

Then yeah, somebody will probably find how/where it's hashing and either release a tool to make a new checksum in the save, or let people know it's stored in the system.

 

[Nollog]

Note : CRC can be forged too. I don't know about MD5 or Sha-x

You do not "forge" CRC. You calculate it. The same for MD5 and SHA-x. They are just hash functions used for verifying file consistency and for one-way password "encryption".

But of course, you can take multiple measures against modifying save files. You can calculate hash and store it in NAND, but only verify it if the save file is not coming from another 3DS. You can add secret salt to unencrypted contents before calculating the hash to make it non-standard. Etc., etc....

She means forged as in fake.

 

[Rydian]

Well to be technical the CRC would be correct after recalculation.

 

[Nollog]

But the data behind it would be faked by the person who faked, forged, jibbed the crc

 

[notmeanymore]

You can restore save files that haven't been altered, but as soon as you change anything after decrypting it considers the save file corrupt.

Got any friends with their own copy of Lego Star Wars? If you could back up their game save, and restore it to your cart, that would be a perfect final test. Or maybe someone here could upload a save. (I don't own Lego Star Wars, nor do I have the adapter, nor do I feel like grinding off the notch to put it in a DS Lite.)

 

[WiKiLEAK]

Wait so you mean something like:
Save A gets backed up, and you play some, and it becomes Save B. You successfully rewrote the backup of Save A over Save B?

I don't know if anyone tried this (There's no report).


When reading the Console Manual, it's explicitly explained that you can't restore an older save file (even officially, when there will be a backup manager menu in May), "overwriting a file on the SD card will render the file unreadable."
I think the 3DS may be storing a date/time reference on the internal nand.
Maybe forging the file's time stamp to match the most recent one could work. (well, we will be able to try only after the released save menu)
Or maybe it store the last saved checksum and not the date

 

[Roxxy]

The 3DS can't store savegames or checksums. Otherwise it wouldn't be possible to use the same game with the same savegame on different 3DS systems.