Hacking Datel Powersaves now supports Pokemon X/Y

[Team_Subspace]

Won't work. Datel's servers will try to decrypt khalaan's save file using your game's unique decryption key, not his. Try to load his Y version onto your game, and it'll say it's corrupted.

I applied a friend's save taken from his cart onto mine, and it didn't turn up corrupted. You have to change the string of numbers/letters in the beginning of the filename of the save to match that of a save from your game, and it'll recognize it as a save your game has made.

 

[DRWS]

I applied a friend's save taken from his cart onto mine, and it didn't turn up corrupted. You have to change the string of numbers/letters in the beginning of the filename of the save to match that of a save from your game, and it'll recognize it as a save your game has made.

Powersaves will recognize it. But not the game itself. I've tried what you did several times, both with two different copies of X and Y.

 

[briman0094]

Won't work. Datel's servers will try to decrypt khalaan's save file using your game's unique decryption key, not his. Try to load his Y version onto your game, and it'll say it's corrupted.

I thought the encryption key was stored in the save file. That's what 3DSaveTool implies.

 

[DRWS]

I thought the encryption key was stored in the save file. That's what 3DSaveTool implies.

3DSaveTool works for older games that used a vulnerable encryption. From http://www.3dbrew.org/wiki/Savegames#Repeating_CTR_Fail

the stream cipher used has a period of 512 bytes. That is to say, it will repeat the same keystream after 512 bytes. The way you encrypt with a stream cipher is you XOR your data with the keystream as it is produced. Unfortunately, if your streamcipher repeats and you are encrypting a known plain-text (in our case, zeros) you are basically giving away your valuable keystream.

3DSaveTool uses this vulnerability to find the encryption keystream in older games. However, newer games do not have a repeating keystream, and can't be decrypted as easily.

 

[briman0094]

3DSaveTool works for older games that used a vulnerable encryption. From http://www.3dbrew.org/wiki/Savegames#Repeating_CTR_Fail



3DSaveTool uses this vulnerability to find the encryption keystream in older games. However, newer games do not have a repeating keystream, and can't be decrypted as easily.

I thought X/Y had the repeating keystream vulnerability. I know that we can at least get the PKX key using the Poke Editor, but that's most likely different from the save key.

 

[DRWS]

I thought X/Y had the repeating keystream vulnerability. I know that we can at least get the PKX key using the Poke Editor, but that's most likely different from the save key.

I wish it did, we could've had a working save editor by now.

The tools that extract PKX use known data (such as 00s) to find part of the encryption keystream.

 

[RemixDeluxe]

Hypothetically, if powersaves existed back in October combined with instacheck would we have a working save editor/pokesav program by now? How else could we find PKX files with ease now that the program is down, the encryption has made things much more difficult to find those specific address files.

 

[briman0094]

I wish it did, we could've had a working save editor by now.

The tools that extract PKX use known data (such as 00s) to find part of the encryption keystream.

Could we not find the part of the keystream that stores the first Pokemon in the first box, change just that block of memory, and re-encrypt it? As long as we know the binary offset of the box storage in the save file, it seems like this should be possible.

 

[DRWS]

Could we not find the part of the keystream that stores the first Pokemon in the first box, change just that block of memory, and re-encrypt it? As long as we know the binary offset of the box storage in the save file, it seems like this should be possible.

We do know it, that's the basis for PKX-dumping tools like KeySAV. But data can't be successfully injected without fixing the savedata hashes. On top of all that, the hashes are encrypted and we have no means of decrypting them at present. (Datel can, but they're not sharing their secrets.)

 

[briman0094]

We do know it, that's the basis for PKX-dumping tools like KeySAV. But data can't be successfully injected without fixing the savedata hashes. On top of all that, the hashes are encrypted and we have no means of decrypting them at present. (Datel can, but they're not sharing their secrets.)

Right...I always forget about that stupid checksum/hash that has to be recalculated. I assume that even includes the hold item index?

 

[DRWS]

I assume that even includes the hold item index?

Yeah, and anything else in the save file.

 

[briman0094]

Yeah, and anything else in the save file.

Ugh. I miss the good ol' days when you could plop an AR in the system and change anything you wanted. I just need to get one of those fancy RAM busses on my 3DS so I can intercept memory and then I'll be all set...(if only that were as easy as it sounds)

 

[briman0094]

I wish Nintendo would put more research into securing their online services and preventing cheating in online mode and just leave singleplayer mode free to hack. It's not hard to check somebody's game at a competition and it would let people like me who are using this as a learning experience actually make progress.

 

[Scorpiopt]

any official information on why the codes were removed ?

 

[RemixDeluxe]

I wish Nintendo would put more research into securing their online services and preventing cheating in online mode and just leave singleplayer mode free to hack. It's not hard to check somebody's game at a competition and it would let people like me who are using this as a learning experience actually make progress.

What isnt secure about Nintendo's online currently? If you mean hacked Pokemon its already secure. You cant bring in Pokemon with 999 stats, illegit moves, illgit abilities, etc so what more could you ask for in a secure online network?

 

[briman0094]

What isnt secure about Nintendo's online currently? If you mean hacked Pokemon its already secure. You cant bring in Pokemon with 999 stats, illegit moves, illgit abilities, etc so what more could you ask for in a secure online network?

Which means they shouldn't need to put hack prevention on the singleplayer aspects of the game such as Bank/Transporter and encrypting save files.

 

[gamesquest1]

they still wouldn't want the game "ruined" by max (legit) stats Pokemon for all, they intend the game to be played one way, if they start letting people take shortcuts/cheats, the users who cant/don't want to use those shortcuts would no doubt cry to nintendo to get it fixed

the saves security is indeed that security why let people modify data that's getting loaded on the system, its just causes more issues for them and solves nothing for them either

so from its either 5 emails from idiots asking "why you no let us hack"
or thousands of emails from pokenerds saying "i lost because you let hax0rs ruin my gamez"

 

[briman0094]

they still wouldn't want the game "ruined" by max (legit) stats Pokemon for all, they intend the game to be played one way, if they start letting people take shortcuts/cheats, the users who cant/don't want to use those shortcuts would no doubt cry to nintendo to get it fixed

the saves security is indeed that security why let people modify data that's getting loaded on the system, its just causes more issues for them and solves nothing for them either

so from its either 5 emails from idiots asking "why you no let us hack"
or thousands of emails from pokenerds saying "i lost because you let hax0rs ruin my gamez"

One person hacking their game does not affect anybody else playing the game. If I give myself level 100 max-IV Lugias (oh wait, I already did), it doesn't change anybody else's experience until I take them online (which I don't plan to do). Same goes for Latiosite/Latiasite.

 

[gamesquest1]

One person hacking their game does not affect anybody else playing the game. If I give myself level 100 max-IV Lugias (oh wait, I already did), it doesn't change anybody else's experience until I take them online (which I don't plan to do). Same goes for Latiosite/Latiasite.

oh sorry you should inform nintendo that you are the only person who wants to use hacks, and that your a nice guy who won't ruin others game on them you promise while your at it ask them for the private encryption keys etc

 

[RemixDeluxe]

oh sorry you should inform nintendo that you are the only person who wants to use hacks, and that your a nice guy who won't ruin others game on them you promise while your at it ask them for the private encryption keys etc

As much as I want to disagree with a possible anti-hacker, hes right. You are just one person among thousands who potentially want to bring out the worst in this game going as far as bringing on a team of wondertombs to shiny Arceuses with judgement. Nintendo does whats best in the communities interest not to whats best for you. You are just one person.