Decrypt WAD contents using openssl command line...

Discussion in 'Wii - Hacking' started by Red_Squirrel, Feb 5, 2010.

  1. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    I'm under Linux and I want to decrypt WAD contents using openssl command line.
    I tried:
    Code:
    openssl enc -d -aes-128-cbc -K COMMONKEY -iv 0 -nopad -in 00000000 -out 00000000.app
    with at the place of COMMONKEY the 16 hex values of common-key.bin. But the result is NOT a correct decrypted .APP [​IMG]

    So, is it possible to decrypt a WAD content using only openssl command line? And if yes, with which command?! Thx [​IMG]
     


  2. Krestent

    Member Krestent What to post?

    Joined:
    Mar 31, 2009
    Messages:
    3,952
    Country:
    United States
    Why? What's wrong with using a tool?!?!?
     
  3. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    If you can tell me the name of some linux tool to do this, you make me very happy [​IMG]
    Wadunpacker on linux gives me always a buffer overflow error.... and then I want to decrypt only some WAD contents, not all the WAD...
     
  4. tueidj

    Member tueidj I R Expert

    Joined:
    Jan 8, 2009
    Messages:
    2,569
    Country:
    Every title uses a different key, not the common key.
     
  5. nitrostemp

    Member nitrostemp GBAtemp Maniac

    Joined:
    Mar 15, 2009
    Messages:
    1,265
    Country:
    Australia
    looks like someone needs to use wine
     
  6. Leathl

    Member Leathl GBAtemp Regular

    Joined:
    Aug 15, 2009
    Messages:
    239
    Location:
    Berlin
    Country:
    Germany
    Because I'm too lazy to write it myself, I quote WiiBrew [​IMG]

    Then you should be able to decrypt the content using the decrypted title key.
    Also mention, the IV for the content is not zero! (The first two bytes are the content's index, you can grab it from the tmd)
     
  7. techboy

    Member techboy GBAtemp Advanced Maniac

    Joined:
    Mar 15, 2009
    Messages:
    1,720
    Location:
    Pennsylvania
    Country:
    United States
    EDIT: Beaten to it.
     
  8. giantpune

    Member giantpune GBAtemp Addict

    Joined:
    Apr 10, 2009
    Messages:
    2,860
    Country:
    United States
    just use NUS WadPacker. it runs in linux and gets shit from NUS and saves it in the normal formats. one of those is decrypted.

    a couple other options are if you have the wad of this, just use the wadMii or showmiiwads i have posted on here. i compiled a version of each that works in mono and will spit out decrypted contents.
     
  9. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    Thank you very much, I'll give a try [​IMG]
     
  10. SanGor

    Member SanGor Witchhunter

    Joined:
    Aug 21, 2008
    Messages:
    993
    Country:
    United States
  11. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy

    Thank you again Leathl, I did it [​IMG]
    Only another little question: i compared "my" decrypted content with the same decrypted content (but decrypted using NUSD) and there is ONLY one difference: in the second (o third, i don't remember well now) byte at the place of 0x00 there is a 0x03. Only that byte is different, for the rest the two files are the same.
    Will be this a issue (for example installing the content in the NAND)? [​IMG]
     
  12. SanGor

    Member SanGor Witchhunter

    Joined:
    Aug 21, 2008
    Messages:
    993
    Country:
    United States
    you used the wrong IV, it might break when you install it
     
  13. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    using a wrong IV only one byte comes different?! [​IMG] more then 600k bytes are the same and only one is different (I used WinHEX to compare byte by byte the two files!)... is possible? [​IMG]
     
  14. worstenbrood

    Newcomer worstenbrood Member

    Joined:
    Nov 29, 2006
    Messages:
    25
    Country:
    Belgium
    BeyondCompare is your friend [​IMG]
     
  15. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    .APP is the file decrypted by NUSD, .DEC is the file decrypted using openssl... Only one difference at second byte [​IMG]
     
  16. tueidj

    Member tueidj I R Expert

    Joined:
    Jan 8, 2009
    Messages:
    2,569
    Country:
    That's right, the IV only affects the first 16 bytes (and in the case of wii titles, the IV only has 2 unique bytes). If you read up about AES-CBC on wikipedia you'll see why.
     
  17. SanGor

    Member SanGor Witchhunter

    Joined:
    Aug 21, 2008
    Messages:
    993
    Country:
    United States
    the index is used as the IV, nintendo really fails at crypto. I mean you could easily guess it ...
     
  18. Red_Squirrel
    OP

    Newcomer Red_Squirrel Advanced Member

    Joined:
    Feb 8, 2009
    Messages:
    73
    Location:
    L'Aquila
    Country:
    Italy
    I tried to decrypt 4 different contents of the same WAD (so same titlekey and same IV for all). Then I compared them with the decrypted contents made by NUSD... result? for 3 of them I got the same decrypted files of NUSD (equals in every byte, tested with tools not with eyes xD), and only one is different from the NUSD's decripted content by ONE byte. [​IMG] If my IV was bad, why other three contents have been decripted correctly? It's very strange... [​IMG]

    EDIT: oh, and yes, i used the content ID as IV [​IMG]
     
  19. tueidj

    Member tueidj I R Expert

    Joined:
    Jan 8, 2009
    Messages:
    2,569
    Country:
    Use the index, not the content ID.
     
  20. giantpune

    Member giantpune GBAtemp Addict

    Joined:
    Apr 10, 2009
    Messages:
    2,860
    Country:
    United States
    75% is passing in every class i took in college. i say go with it [​IMG]
     

Share This Page