Decrypting Flipnote Studio 3D CIA?

Discussion in '3DS - ROM Hacking, Translations and Utilities' started by flarn2006, Feb 12, 2015.

  1. flarn2006
    OP

    flarn2006 GBAtemp Fan

    Member
    376
    165
    Apr 6, 2014
    United States
    I downloaded Flipnote Studio 3D as a CIA because Club Nintendo was down when I tried to log in. Also because I didn't want to update my emunand to 9.5 (which is required to use the eShop) until this whole banning situation is figured out. I was curious how well (if at all) it would run in 3dmoo, and I also tried to extract it with ctrtool, but it's encrypted. How can I decrypt it? I'm assuming Relys' 3DS-CTR-Decryptor will help, but I'm not sure what exactly to do. It's installed on my emunand, which is 9.4, and I have no way to install CIA's on my sysnand.

    How can I decrypt it?
     
  2. shinyquagsire23

    shinyquagsire23 SALT/Sm4sh Leak Guy

    Member
    1,966
    3,249
    Nov 18, 2012
    United States
    Las Vegas
    I believe you can decrypt it from the SD card instead actually, not sure if anything exists atm for .cias. As in, you install the .cia, run SDinfo_gen.py from the Multi Decryptor tool set (I usually do this on a separate SD emuNAND card because decrypting everything on your SD takes as much space as is already on the SD card itself), get all the pads, find the title for Flipnote Studio 3D (00040000000C6600), run the xorpads onto the .app, and from there you can run the ctrKeyGen.py on the .app you just decrypted, get those xorpads, and then decrypt that into the raw romfs/exefs/exheader. This also works for updates as well if you want that.

    If you do make a new SD for this though, do not unlink it from sysNAND. Otherwise there's an extra step you've gotta do. Basically you have to get the movable.sed file from your NAND, and to do that you have to dump your NAND, get the xorpads for that, extract the FAT16 partition, decrypt it, mount it, and get that file. Then you have to actually compile the 3DS_Multi_Decryptor (their current build isn't up to date on their Github), put the movable.sed on your SD card, and then generate the xorpads from your SDinfo.bin
     
  3. mid-kid

    mid-kid GBAtemp spamBOT

    Member
    879
    962
    Aug 2, 2012
    I've been looking everywhere for a simple guide like this. However, I still have a question: What if the cia has multiple .app files? (Daigasso! Band Brothers P Update) At what stage do I merge them (if at all)?
    Thanks in advance.
     
  4. shinyquagsire23

    shinyquagsire23 SALT/Sm4sh Leak Guy

    Member
    1,966
    3,249
    Nov 18, 2012
    United States
    Las Vegas
    Depends. I just decrypted my copy of Flipnote Studio 3D, I found that the larger one was the actual game and with ctrtool I checked and found that the smaller one was just a manual or something. You can merge them if you want, but if it's an update or something I'd keep it separate because some games (ie smash) actually mount the update's romfs separate.
     
  5. mid-kid

    mid-kid GBAtemp spamBOT

    Member
    879
    962
    Aug 2, 2012
    Ah, so I found the .app file which contained the icon.bin (0000000c.app, just because the product code is "CTR-U-ANEJ" instead of "CTR-P-CTAP"), region patched that, and rebuilt the app into a .cxi.
    What I know, is that if I do: "ctrtool -p --meta=meta 0004000e000a0b00.cia", I get the 3 files in order: "meta.0000.0000000c meta.0001.00000008 meta.0002.0000000d".
    So, to rebuild the .cia, I'd do: "makerom -f cia -o game.cia -dlc -content 0000000c.cxi:0:0 -content 00000008.app.out:1:1 -content 0000000d.app.out:2:2"
    Am I doing it right? Error: "[NCCH ERROR] Failed to load ncch aes key", do I have to convert the other two to .cxi too?
    Also, what are the .cmd and .tmd files? Do I need them?