Decrypting a NAND backup without the original system

Discussion in '3DS - Homebrew Development and Emulators' started by Sky The Destroyer, Jun 1, 2017.

  1. Sky The Destroyer
    OP

    Sky The Destroyer Newbie

    Newcomer
    9
    3
    Mar 31, 2016
    United States
    I remember reading a thing a while back about how with SigHax, we could decrypt NAND backups without the original system if you have the otp.bin of that system.

    I have NAND backups of my Old (and bricked) 3DS with its otp.bin - is there currently a way to decrypt and get access to the files from NAND backups through the use of otp.bin?
     
    Last edited by Sky The Destroyer, Jun 1, 2017


  2. proflayton123

    proflayton123 悲しみ

    Member
    5,605
    2,054
    Jan 11, 2016
    Japan
    日本
    iirc you need the xorpads too
     
  3. addi33

    addi33 GBAtemp Advanced Maniac

    Member
    1,640
    701
    Sep 12, 2016
    Gambia, The
    well the otp stores most of the nand unique keys, together with boot9's universal decryption keys, you should be able to do so, anyone feel free to prove me wrong if this is not the case.
     
    Last edited by addi33, Jun 1, 2017
  4. sora10pls

    sora10pls Official GBAtemp Trash™

    Member
    168
    182
    Oct 25, 2015
    Canada
    sighax/boot9strap never made getting OTP possible... you'll need the NAND's XORpads as @proflayton123 mentioned.
     
  5. addi33

    addi33 GBAtemp Advanced Maniac

    Member
    1,640
    701
    Sep 12, 2016
    Gambia, The
    well this is wrong, you can dump the otp anytime you want.
     
  6. sora10pls

    sora10pls Official GBAtemp Trash™

    Member
    168
    182
    Oct 25, 2015
    Canada
    Any more possible, I should've said. It's always been dump-able by getting to 2.1.0. :P
     
  7. addi33

    addi33 GBAtemp Advanced Maniac

    Member
    1,640
    701
    Sep 12, 2016
    Gambia, The
    you can dump the one time programmable (otp) and the full arm9 bootrom (boot9) and the full arm11 bootrom (boot11) anytime you want on any firmware you want, as long you have Micheal's implementation of SigHax (boot9strap) written to your firm partitions.
     
  8. sora10pls

    sora10pls Official GBAtemp Trash™

    Member
    168
    182
    Oct 25, 2015
    Canada
    I'm aware. It's already been possible, it still is possible, and it's more easily doable with B9S.

    What's your point
     
  9. Sky The Destroyer
    OP

    Sky The Destroyer Newbie

    Newcomer
    9
    3
    Mar 31, 2016
    United States
    I think you guys misunderstood each other, is all. You both pretty much said the same things about otp.bin's ability to be dumped...either way, I already have the otp.bin for that NAND backup, so I'm not sure how the discussion went into how otp.bin is able to be dumped.

    Back on topic: this is what I've heard about decrypting NAND backups:

    "If you have boot9.firm (common to all systems) and otp.bin (specific to each system), you can decrypt the eMMC keys from otp.bin and use them to decrypt NAND dumps from that system without xorpads."

    My question is how I would go about doing that.
     
  10. addi33

    addi33 GBAtemp Advanced Maniac

    Member
    1,640
    701
    Sep 12, 2016
    Gambia, The
    so set up yellows8's boot9tools and then decrypt9 the otp, then if you have a python knowledge you could rewrite one of the tooks or 3dsconv to use the otp's keys to decrypt a nand backup
     
  11. Ann0ying

    Ann0ying GBAtemp Regular

    Member
    110
    72
    Apr 12, 2016
    NtDH! GA!
    Gotta get that local friend code seed b, amirite?
     
  12. Sky The Destroyer
    OP

    Sky The Destroyer Newbie

    Newcomer
    9
    3
    Mar 31, 2016
    United States
    I can probably get as far as decrypting otp.bin (though I'm not sure what the boot9 binary file is), but beyond that step, I have zero Python knowledge or real coding knowledge to be able to do any of the decryption on my own (hence me making this thread).

    Haha, yeah, that's the primary goal. I'm also hoping to get my Minish Cap GBA Virtual Console save off of it.
     
  13. m0nm0npalam0n

    m0nm0npalam0n Member

    Newcomer
    16
    1
    Mar 21, 2017
    I also need the answer to this.. waitingg.. :D
     
  14. XxShalevElimelechxX

    XxShalevElimelechxX GBAtemp Regular

    Member
    154
    84
    Mar 30, 2016
    Israel
    Nir is this you..? ;3
     
  15. Quantumcat

    Quantumcat Dead and alive

    Member
    9,789
    5,112
    Nov 23, 2014
    Australia
    Canberra, Australia
    Cava likes this.
  16. Gnarmagon

    Gnarmagon Noob <3

    Member
    425
    58
    Dec 12, 2016
    Germany
    something changed ?
    Can someone please explain me why we can now theoretically decrypt a NAND Backup and how ???

    I know how to program but idk where to find this Script called 3dsconv....
     
  17. AnalogMan

    AnalogMan sumoCheatMenu Dev

    Member
    1,299
    758
    Apr 20, 2007
    United States
    It's the bootrom dump that SigHax brought us. That was the missing part of the puzzle for the remaining keys we needed to allow decrypting without needing to do it on the 3DS itself.
     
  18. mitroux

    mitroux GBAtemp Regular

    Member
    262
    51
    Sep 12, 2007
    Macau
    https://github.com/ihaveamac/3dsconv
     
  19. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    11,414
    4,734
    Mar 17, 2010
    Norway
    Alola
    yellows8 has some tools that can be used for this.
    "ctr-nandcrypt" from https://github.com/yellows8/3dscrypto-tools/tree/master/ should be able to do what you want.
    Supposedly it can use the keys obtained with https://github.com/yellows8/boot9_tools
    However, I'm not sure if boot9 and OTP contain all the keys needed, some keys are contained in FIRM and ctrnand as well (obviously the ctrnand keys aren't needed for this, but the FIRM keys may be)
    But pretty much all the keys are available online if you know where to look. Hint: Google Spreadsheets

    I tried playing around with 3dscrypto-tools, but wasn't really able to get any of it working, and there's hardly any documentation.
    When I tried ctr-nandcrypt it just closed without an error. I didn't fill in all the parameters, because I wasn't sure what NAND CID and NAND CTR were. So that might be why it didn't work for me.
    It's supposed to generate xorpads that you can then use with a xor tool.

    Edit: NAND CID appears to be in the ARM9 ITCM memory, which can be dumped with GodMode9, but that requires access to the console. Still no clue about NAND CTR.

    NAND CTR for CTRNAND appears to be the first 16 bytes of the SHA256 sum of NAND CID. NAND CTR for TWLNAND seems to be the SHA1 sum of the same, but in reversed order.
    Seems like NAND CID is just the an identifier of the NAND chip, you could probably get it using a hardmod.
    This is all confusing though. That's just what I gathered from looking at the SafeB9SInstaller source here: https://github.com/d0k3/SafeB9SInstaller/blob/master/source/nand/nand.c
    Someone else who knows more about the 3DS' inner workings than me will have to explain it.

    It might be easier to just wait for ntrboothax, or get a hardmod, and unbrick the 3DS.
    Seems like you'll need a hardmod anyway in order to get the NAND CID.
     
    Last edited by The Real Jdbye, Jun 3, 2017
  20. GilgameshArcher

    GilgameshArcher GBAtemp Fan

    Member
    462
    161
    Jul 1, 2012
    Brazil
    São Paulo
    https://www.3dbrew.org/wiki/OTP_Registers