Toggle sidebar

Homebrew Official [Download] Decrypt9 - Open Source Decryption Tools (WIP)

  • Thread starter Thread starter d0k3
  • Start date Start date
  • Views Views 935,203
  • Replies Replies 4,476
  • Likes Likes 71
Smyers75 said:
What I still come back to is:

If I
  1. Make a .CIA file from the stock rip of eShop, 3D Sonic The Hedgehog 2 (USA) (eShop).3DS
  2. Load the .CIA file with reiNAND and it doesn't work. - Game and Manual Show on main menu - Game BlackScreens - Manual causes "Press Home Button" reboot
  3. Run the .CIA file through Decrypt9(WIP) CIA Decryptor (deep)
  4. Load the .CIA in reiNAND and... Game Works!!! - User Manual Works!!!
  5. Reboot into Gateway - Game Works!!!! - Manual causes "Press Home Button" reboot
Also, if I delete the game from the menu I cannot reload this .CIA with FBI/DevMenu/BRM while in Gateway enuNAND mode.
It gets to 99% done then errors out with an INVALID_ARGUMENT(7) error.
It re-loads fine in reiNAND

Just too weird...
Click to expand...

1,Make a .CIA file from FankyCIA2.
2,Load the .CIA file with rxtools OR GW emunand mode.Both,Game and Manual show and work at the 3ds which had downloaded the game.
At other 3ds(no seed) - Game keep loading - Manual causes "Press Home Button" reboot
3,Run the .CIA file through Decrypt9(WIP) CIA Decryptor (deep)
4,Load the .CIA file with rxtools OR GW emunand mode.Both,Game and Manual show and work.(both seed or noseed).But the game must be installed by rxtools mode.GW mode is failed to install.
 
Uiharu said:
1,Make a .CIA file from FankyCIA2.
2,Load the .CIA file with rxtools OR GW emunand mode.Both,Game and Manual show and work at the 3ds which had downloaded the game.
At other 3ds(no seed) - Game keep loading - Manual causes "Press Home Button" reboot
3,Run the .CIA file through Decrypt9(WIP) CIA Decryptor (deep)
4,Load the .CIA file with rxtools OR GW emunand mode.Both,Game and Manual show and work.(both seed or noseed).But the game must be installed by rxtools mode.GW mode is failed to install.
Click to expand...

What game did you do this with?
I tried this with Sonic 3D 2, but Funky2CIA fails on the 2nd part of creating the .CIA
 
Last edited by Uiharu,
Asia81 said:
Thanks :)

BTW encrypt a custom theme in CIA would work in gateway emunand?
Because gw doesn't allow the use of a custom theme in CIA, only in other cfw.
Click to expand...
We won't know before you try it ;).

Smyers75 said:
My test results = Lost Manual

I tried using a new crypto eShop, 3D Sonic The Hedgehog 2 (USA) (eShop).3DS

Equipment: N3DS running 9.0.0-20U sysNAND and 9.5.0-23U emuNAND with GW 3.41

Step 1 : Stock rip. GW shows Game and Manual - Game BlackScreens - Manual causes "Press Home Button" reboot

Step 2: Run through NCCH/NCSD Decryptor - White Box on GW Menu

Step 3: Run through NCCH/NCSD Encryptor - Game works!!! - Manual is missing :(

2e14mdx.png
Click to expand...
Uiharu said:
My test result is the same to you.Lost Manual.

Step 1 : SD folder structure decryptor decrypted apps and tmd.Repacked to .3ds file by SDto3DS.py.
GW shows Game and Manual - Game and Manual work at the 3ds which had downloaded the game(The 3ds has the game's seed).
GW shows Game and Manual at the other 3ds -Game keep Loading -Manual causes "Press Home Button" reboot.

Step 2: Run through NCCH/NCSD Decryptor - White Box on GW Menu (all my 4 machines)

Step 3: Run through NCCH/NCSD Encryptor - Game works!!! - Manual is missing(all my 4 machines)


Because of this,I guess games which have DownloadPlay maybe lost DownloadPlay partition as it lost Manual.
Click to expand...
Oh well, what the f... is this with GW and loading of emanuals? At this point I somewhat assume we're working against some kind of bug or at least 'careless' coding in the GW software. It looks like something is (almost, unencrypted content should work as well!) properly patched for content 0 (the CXI, aka, "the game"), but not for any subsequent contents (like e-manual, DLP, updates). I still haven't lost hope of getting behind this, though...

So, asking GW users again, for what kind of .3DS roms will the manual work? Only for untouched retail .3DS files? Zerokey encrypted? Is there any software out there that can build .3DS roms with manuals working on GW?

Smyers75 said:
What I still come back to is:

If I
  1. Make a .CIA file from the stock rip of eShop, 3D Sonic The Hedgehog 2 (USA) (eShop).3DS
  2. Load the .CIA file with reiNAND and it doesn't work. - Game and Manual Show on main menu - Game BlackScreens - Manual causes "Press Home Button" reboot
  3. Run the .CIA file through Decrypt9(WIP) CIA Decryptor (deep)
  4. Load the .CIA in reiNAND and... Game Works!!! - User Manual Works!!!
  5. Reboot into Gateway - Game Works!!!! - Manual causes "Press Home Button" reboot
Also, if I delete the game from the menu I cannot reload this .CIA with FBI/DevMenu/BRM while in Gateway enuNAND mode.
It gets to 99% done then errors out with an INVALID_ARGUMENT(7) error.
It re-loads fine in reiNAND

Just too weird...
Click to expand...
Well, I assume that's the same as the problem I talked about above... Before installing it (on GW), could you try "CIA Encrypter (shallow)" and tell me the results? I know, Riku's CIAs can be installed on GW, but what about the manuals in them? Doesn't work, either, correct?
 
Last edited by d0k3,
d0k3 said:
So, asking GW users again, for what kind of .3DS roms will the manual work? Only for untouched retail .3DS files? Zerokey encrypted? Is there any software out there that can build .3DS roms with manuals working on GW?
Click to expand...
Well for the test i did i used a clean scene dump of the game (so from a retail cart) and the manual worked after the decryption > encryption process. Other than that i don't know.
 
Shadowtrance said:
Well for the test i did i used a clean scene dump of the game (so from a retail cart) and the manual worked after the decryption > encryption process. Other than that i don't know.
Click to expand...
Just noticed something... it is possible that the e-manual content of the NCSD was in fact not changed at all by your process. While the game has 7x encryption, it is in fact possible that this is not used for the e-manual, and the e-manual still uses Standard crypto. Meaning (in that case): you decrypted the standard crypto on content 1 (the e-manual), than applied standard crypto again, leading to the exact same content at the end of the process. Think you could check that somehow? Basically it would be enough to just compare the content 1 romfs from the untouched rom with the content 1 romfs from the reencrypted one.

EDIT: Or just compare the full untouched rom vs the reencrypted one. I doubt it will be identical, though. Decrypt9 also outputs the crypto used in the process, so posting the relevant content of your log file would be helpful as well.
 
Last edited by d0k3,
Smyers75 said:
What game did you do this with?
I tried this with Sonic 3D 2, but Funky2CIA fails on the 2nd part of creating the .CIA
Click to expand...
d0k3 said:
So, asking GW users again, for what kind of .3DS roms will the manual work? Only for untouched retail .3DS files? Zerokey encrypted? Is there any software out there that can build .3DS roms with manuals working on GW?
Click to expand...
The Manual work on GW,there are
1,The .cia which was created with Untouched retail .3DS files by Riku's tool.
2,Untouched retail .3DS files repacked with Zerokey encrypted by 3dstool.
3,The .3ds and .cia which hasn't 7x encryption downloaded by CDNto3DS.py and through decrypting title folder created by SDto3DS.py.
4,The .cia which hasn't seed-encryption and created by FankyCIA2.py.
5,Through Untouched retail .3DS, NCCH decrypted, the cia created by Queno Pack 5.1.4.
6,The eshop game has seed-encryption.SD folder structure decryptor decrypted app and tmd files.The .3ds file created by SDto3DS.py.But Only for the 3DS has this game's seed.
 
Last edited by Uiharu,
  • Like
Reactions: d0k3
Uiharu said:
The Manual work on GW,there are
1,The .cia which was created with Untouched retail .3DS files by Riku's tool.
2,Untouched retail .3DS files repacked with Zerokey encrypted by 3dstool.
3,The .3ds and .cia which hasn't 7x encryption downloaded by CDNto3DS.py and through decrypting title folder created by SDto3DS.py.
4,The .cia which hasn't seed-encryption and created by FankyCIA2.py.
5,Through Untouched retail .3DS, NCCH decrypted, the cia created by Queno Pack 5.1.4.
6,The eshop game has seed-encryption.SD folder structure decryptor decrypted app and tmd files.The .3ds file created by SDto3DS.py.But Only for the 3DS has this game's seed.
Click to expand...
I'll have to think about it for a bit. Thanks a ton for this list! I suspect though that there is still a signature check in place for everything but the actual CXI / content 0. Meaning: we can not decrypt the manual at all, and have to leave it as it is. With seed crypto the manual from CDN can also be seed encrypted, so that is bad for 3DS consoles that don't have the seed.

The manual signature check would also explain why CIA installation stops at approximately 99%.

EDIT: Bonus question... Is there any way to convert a formerly seed encrypted title to CIA / 3DS so that the manual will still work on GW on a 3DS console that doesn't have the seed in it? I'm not sure if I got that thing right about installing via rxTools / ReiNAND. Does the manual work or not then in GW mode?

... And a bonus rant... If what I suspect is true, team GW are a bunch of lazy bastards (sorry if I offend someone) . Expanding the signature patches to the other contents of a 3DS / CIA should literally only require changing 2 or 3 lines of code. Not accepting unencrypted content should be an equally easily fixable bug.
 
Last edited by d0k3,
Okay, quick report.
1. Downloaded 0004000000124a00 from the Japanese eShop (it's free, uses 7.x crypto & seed = perfect test candidate for me)
2. Created a .cia using FunkyCIA2, no errors seem to occur
3. Decrypted the .cia using CIA Deep Decryption in Decrypt9, everything looks fine, I can successfully unpack and extract the .cia contents on PC
4. Encrypted the .cia using CIA Shallow Encryption in Decrypt9 => Installation in GW EmuNAND using BBBMenu fails at start (forgot to note error code)
5. Used decrypted .cia from Step 3 to install => Installation in GW EmuNAND using BBBMenu fails at the end (0xD8E08025)

So, any idea what to do? I'm running a 9.2E New 3DS with 9.5 EmuNAND.
Haven't looked into rxTools on N3DS at all, would suck if that's the only possibility to install self-dumped eShop cias.
 
  • Like
Reactions: d0k3
d0k3 said:
We won't know before you try it ;).



Oh well, what the f... is this with GW and loading of emanuals? At this point I somewhat assume we're working against some kind of bug or at least 'careless' coding in the GW software. It looks like something is (almost, unencrypted content should work as well!) properly patched for content 0 (the CXI, aka, "the game"), but not for any subsequent contents (like e-manual, DLP, updates). I still haven't lost hope of getting behind this, though...

So, asking GW users again, for what kind of .3DS roms will the manual work? Only for untouched retail .3DS files? Zerokey encrypted? Is there any software out there that can build .3DS roms with manuals working on GW?


Well, I assume that's the same as the problem I talked about above... Before installing it (on GW), could you try "CIA Encrypter (shallow)" and tell me the results? I know, Riku's CIAs can be installed on GW, but what about the manuals in them? Doesn't work, either, correct?
Click to expand...
Here's what I have tried and results.

Using:
N3DS on emuNAND 9.5
eShop Game 3D Sonic The Hedgehog 2 (USA) (eShop) in .3DS format with seeddb key encryption.

Gateway .3DS launcher = Black Screen / User Manual "Press Home Button" reboot

Create a .CIA using Riku's CIA
Gateway emuNAND/reiNAND/rxTools = Game Black Screen / User Manual "Press Home Button" reboot

If I take the .CIA created in Riku's and run it through Decrypt9(WIP) CIA Decryptor (deep):

reiNAND/rxTools = CIA can be loaded using FBI or devMEN and Game Works! / Manual Works!

Same .CIA already on Main Menu from Gateway enuNAND = Game Works! / Manual "Press Home Button" reboot

Same .CIA after deleting game from Main Menu a trying to load again with FBI/devMEN in Gateway emuNAND mode = 97% loaded then error "SUMMARY_INVALID_ARGUMENT(7)"

Same .CIA run it through Decrypt9(WIP) again and select CIA Encryptor (shallow) = Gateway/reiNAND/rxTools and FBI/devMEN errors at <1% error "SUMMARY_INVALID_ARGUMENT(7)"


Don't know what other combination to try. Think of one and I'll test it.


P.S.
This game will not create a valid .CIA using Funky2CIA or 3DS_Multi_Decryptor/CDNto3DS.py


edit-

All of that said, it looks like d0k3 nailed it when he said the issue is with Gateway.
It works in reiNAND/rxTools on the same emuNAND, so it should too in Gateway.


For me, the best I can do until Gateway fixes their problem is to remove the User Manual so the 3DS doesn't reboot if someone tries to open it.
Decrypt9 does this just fine by running the .3DS file through NCCH/NCSD Decryptor then NCCH/NCSD Encryptor.
 
Last edited by Datalogger,
  • Like
Reactions: d0k3
_eyCaRambA_ said:
Okay, quick report.
1. Downloaded 0004000000124a00 from the Japanese eShop (it's free, uses 7.x crypto & seed = perfect test candidate for me)
2. Created a .cia using FunkyCIA2, no errors seem to occur
3. Decrypted the .cia using CIA Deep Decryption in Decrypt9, everything looks fine, I can successfully unpack and extract the .cia contents on PC
4. Encrypted the .cia using CIA Shallow Encryption in Decrypt9 => Installation in GW EmuNAND using BBBMenu fails at start (forgot to note error code)
5. Used decrypted .cia from Step 3 to install => Installation in GW EmuNAND using BBBMenu fails at the end (0xD8E08025)

So, any idea what to do? I'm running a 9.2E New 3DS with 9.5 EmuNAND.
Haven't looked into rxTools on N3DS at all, would suck if that's the only possibility to install self-dumped eShop cias.
Click to expand...
I don't know much yet about 4.. This is, however, pretty strange, as there seems to be nothing wrong with the CIA encryption routines. I'll have a more thorough look later. As for 5. read this and read on.

ReiNAND is the better choice on N3DS and it will also allow you to install your eShop CIAs, btw.

Uiharu said:
The Manual work on GW,there are
1,The .cia which was created with Untouched retail .3DS files by Riku's tool.
2,Untouched retail .3DS files repacked with Zerokey encrypted by 3dstool.
3,The .3ds and .cia which hasn't 7x encryption downloaded by CDNto3DS.py and through decrypting title folder created by SDto3DS.py.
4,The .cia which hasn't seed-encryption and created by FankyCIA2.py.
5,Through Untouched retail .3DS, NCCH decrypted, the cia created by Queno Pack 5.1.4.
6,The eshop game has seed-encryption.SD folder structure decryptor decrypted app and tmd files.The .3ds file created by SDto3DS.py.But Only for the 3DS has this game's seed.
Click to expand...
Okay, I though about it. Just a note before - retail carts never have seed crypto. And the GW cart can handle 7x crypto even on 4.x systems, so (for retail carts at least) in most cases the manuals don't have to be modified at all.
  1. Riku's tool doesn't touch the manual and is designed to work on retail carts specifically.
  2. 3DStool only processes content 0 (ie. not the manual) in standard mode.
  3. I have never used these two tools, but most likely there is no decryption when using CDNto3DS.py at all. For SDto3DS.py, SD crypto is an additional layer of encryption - meaning even if you SD decrypt them, the .app files are still NCCH encrypted and their signatures still match.
  4. No decryption in FunkyCIA (or did you see any xorpads being used? ;))
  5. This one I'm unsure about. You mean NCCH decryption in Decrypt9? It looks like Queno Pack actually decrypts the manual, but it may also only do so if decryption is needed for manual (ie, possiby never for retails carts). Can you somehow confirm the manual is actually changed in the process? If you have no idea how to do so, just ask again!
  6. Yup, only for the 3DS that has the games seed, because otherwise it can't decrypt the (untouched) manual.
There's only this one:
Uiharu said:
The manual works on GW mode which was installed on rxTools / ReiNAND.
Click to expand...
Strange! Can you try this again, with another rom? You need to deep decrypt the CIA before installing. If you are correct with this, my whole theory about GW not patching signatures for anything but content 0 is wrong.
 
Last edited by d0k3,
Smyers75 said:
Here's what I have tried and results.

Using:
N3DS on emuNAND 9.5
eShop Game 3D Sonic The Hedgehog 2 (USA) (eShop) in .3DS format with seeddb key encryption.

Gateway .3DS launcher = Black Screen / User Manual "Press Home Button" reboot

Create a .CIA using Riku's CIA
Gateway emuNAND/reiNAND/rxTools = Game Black Screen / User Manual "Press Home Button" reboot

If I take the .CIA created in Riku's and run it through Decrypt9(WIP) CIA Decryptor (deep):

reiNAND/rxTools = CIA can be loaded using FBI or devMEN and Game Works! / Manual Works!

Same .CIA already on Main Menu from Gateway enuNAND = Game Works! / Manual "Press Home Button" reboot

Same .CIA after deleting game from Main Menu a trying to load again with FBI/devMEN in Gateway emuNAND mode = 97% loaded then error "SUMMARY_INVALID_ARGUMENT(7)"

Same .CIA run it through Decrypt9(WIP) again and select CIA Encryptor (shallow) = Gateway/reiNAND/rxTools and FBI/devMEN errors at <1% error "SUMMARY_INVALID_ARGUMENT(7)"


Don't know what other combination to try. Think of one and I'll test it.


P.S.
This game will not create a valid .CIA using Funky2CIA or 3DS_Multi_Decryptor/CDNto3DS.py


edit-

All of that said, it looks like d0k3 nailed it when he said the issue is with Gateway.
It works in reiNAND/rxTools on the same emuNAND, so it should too in Gateway.


For me, the best I can do until Gateway fixes their problem is to remove the User Manual so the 3DS doesn't reboot if someone tries to open it.
Decrypt9 does this just fine by running the .3DS file through NCCH/NCSD Decryptor then NCCH/NCSD Encryptor.
Click to expand...
Thanks a ton for your help, in fact for everyones help! The issue with the reencrypted (shallow) CIA I'll have to look into, but other than that, this confirms what I suspected. Some of the stuff @Uiharu said, howver, doesn't fit with my suspicion. We'll need to confirm this.

What I could do, as a temporary solution, is adding special decryptor features for CIA and NCSD that leave everything but content 0 (the CXI) untouched. You still won't be able to open a seed encrypted manuals (due to not having the seed), but other manuals will work and you won't have any reboot issues.

If my suspicions about GW are confirmed... well there are options for you GW users. A petition to make the GW code open source (at this point there is very little reason left for them to keep it closed source, and opening might even boost sales) or at the very least for them to fix these stupid 2..3 lines of code for example. Or GW users get informed and sent them tons of emails to ask for the fix.
 
Last edited by d0k3,
d0k3 said:
I don't know much yet about 4.. This is, however, pretty strange, as there seems to be nothing wrong with the CIA encryption routines. I'll have a more thorough look later. As for 5. read this and read on.

ReiNAND is the better choice on N3DS and it will also allow you to install your eShop CIAs, btw.
Click to expand...
Yeah, I just booted up ReiNAND (I was afraid I had to downgrade and install MSET or some such, but it turns out I can just boot it via CN lol) and could install the deep decrypted cia just fine. Also works flawless in GW EmuNAND after installation through Rei EmuNAND. GWpls

One weird thing I noticed about Rei CFW is that it just randomly froze on me. Once while opening the Home Menu settings, once while scrolling through the installed titles in the grid. But whatever, as long as it doesn't freeze during cia installation I guess I'm all good. Thanks for your great work on Decrypt9, it's so much more comfortable than the whole xorpad stuff I'm used to.
 
Last edited by _eyCaRambA_,
  • Like
Reactions: d0k3
_eyCaRambA_ said:
Yeah, I just booted up ReiNAND (I was afraid I had to downgrade and install MSET or some such, but it turns out I can just boot it via CN lol) and could install the deep decrypted cia just fine. Also works flawless in GW EmuNAND after installation through Rei EmuNAND. GWpls

One weird thing I noticed about Rei CFW is that it just randomly froze on me. Once while opening the Home Menu settings, once while scrolling through the installed titles in the grid. But whatever, as long as it doesn't freeze during cia installation I guess I'm all good. Thanks for your great work on Decrypt9, it's so much more comfortable than the whole xorpad stuff I'm used to.
Click to expand...
Can you say something about the e-manual of the installed deep decrypted CIA in GW mode? Does it work for you?
 
What I tried:
N3DS 9.0 sysnand, 9.5 ReiNand
Latest release of decrypt9

1) Zelda Triforce Heroes.3ds converted into .cia with riku's simple cia conveter tool.

2) installed the resulting file, manual works, game stuck into bootloop at 3ds logo.

3) placed the seeddb.bin into the D9Game folder along with the cia file and processed with cia decryption (deep). Decryption went just fine but it seems it doesn't open the seeddb at all?

4) installed the decrypted cia, manual works, game stuck into bootloop at 3ds logo
 
night_hawk said:
What I tried:
N3DS 9.0 sysnand, 9.5 ReiNand
Latest release of decrypt9

1) Zelda Triforce Heroes.3ds converted into .cia with riku's simple cia conveter tool.

2) installed the resulting file, manual works, game stuck into bootloop at 3ds logo.

3) placed the seeddb.bin into the D9Game folder along with the cia file and processed with cia decryption (deep). Decryption went just fine but it seems it doesn't open the seeddb at all?

4) installed the decrypted cia, manual works, game stuck into bootloop at 3ds logo
Click to expand...
I think there was something wrong with the .3DS (at least the CXI/game part) right from the beginning. After deep decrypting... did you install via GW? And does the manual work for the deep decrypted game?


EDIT: maybe you forgot to tick the FW / region spoof options in Riku's tool?
 
Last edited by d0k3,

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Gaming  any good rpgs on 3ds?

Hardware  2 Broken 3DSes, need help

Hacking  Modding Reassurance