Homebrew Official [Download] Decrypt9 - Open Source Decryption Tools (WIP)

[Shadowtrance]

Thanks a ton! That's the ACT savegame, which seems to handle the NNID. I guess I'll just use the one from my (NNID not set up) SysNAND. And maybe, if it proves helpful add that option to Decrypt9. Though I still have that godmode filebrowser in the works that will take care of stuff such as this later on. Also will need a tester for that later on, that will be even more powerful than Decrypt9.

Pretty sure all i did was remove the file instead of replacing it (pretty sure i did anyway) either that or i just zeroed it all out, pretty sure i just removed it though.
Godmode filebrowser i like the sound of!

--------------------- MERGED ---------------------------

And yep it seems I'm tired and repeating myself reading over that again. haha

 

[Space_Goddess_Samus_Aran]

decrypt9 wont boot (mset entry) i get a blackscreen

 

[Shadowtrance]

decrypt9 wont boot (mset entry) i get a blackscreen

Try again....
Doesn't always successfully load sometimes.

 

[Space_Goddess_Samus_Aran]

the 3dsx dont boot too and i tried the mset method 5 times still blackscreen

--------------------- MERGED ---------------------------

i want to try decrypt9 because the fbi inject method on rxtools dont work for me (its still the h&s app)

--------------------- MERGED ---------------------------

i had decrypt9 before but now it wont work for some reason

--------------------- MERGED ---------------------------

i dont need decrypt9 anymore cause ive a NAND backup from 9.2.
i can restore it with gateway

 

[FONZD]

I'm on emunand N3DS 10.4.0-29 EUR (GW) and i have bought a new game on eshop called Radiohammer (000400000017F500)
The problem is decrypt9 found the seed of my new game, but no evidence of this game in my decTitleKeys_emu.bin (or ticket.db) so impossible to use CDN or funkycia2
I have to use ncchinfo_gen.py in order to generate the xorpads on the .app and .tmd
There is something i'm doing wrong ?

 

[arm113ds]

@d0k3 you can add in emunand options in what emunand, i want inyect files? cakes support multiemunand, thanks

 

[Shadow#1]

@d0k3 you can add in emunand options in what emunand, i want inyect files? cakes support multiemunand, thanks

Use the windows tool for that

 

[arm113ds]

Use the windows tool for that

which tool injecting files(ticket.db,movable.sed,etc) in the emunand on pc?

 

[Apache Thunder]

I'd like to see CIA encryption become a thing again. I've noticed a few things I've repacked didn't want to work. Perhaps because I have to encrypt the CXI before I make a CIA from it and as a result makerom can't set up some important settings right for the CIA because the CXI is encrypted....

Building the CIA from the unencrypted CXI first would get better results and have encryption occur afterwords would improve the success rate of my repack attempts.

 

[Shadow#1]

which tool injecting files(ticket.db,movable.sed,etc) in the emunand on pc?

Thought u was talking about doing multinand option in this tool and I was referring to multinand tool for windows

 

[d0k3]

Well, seems like notifications on GBAtemp don't work too well during these last few days.

the 3dsx dont boot too and i tried the mset method 5 times still blackscreen

--------------------- MERGED ---------------------------

i want to try decrypt9 because the fbi inject method on rxtools dont work for me (its still the h&s app)

--------------------- MERGED ---------------------------

i had decrypt9 before but now it wont work for some reason

--------------------- MERGED ---------------------------

i dont need decrypt9 anymore cause ive a NAND backup from 9.2.
i can restore it with gateway

That again sounds an awful lot like you tried Decrypt9 on EmuNAND / a FW version above 9.2 / with a patched firm. As the opening post states, the exploit required for this only works on <= 9.2. You need to run it from SysNAND (although it won't modify SysNAND if you don't specifically tell it so. Compare this with running CFWs... ever tried running Cakes / ReiNAND / rxMode when there was already a CFW running?

I'm on emunand N3DS 10.4.0-29 EUR (GW) and i have bought a new game on eshop called Radiohammer (000400000017F500)
The problem is decrypt9 found the seed of my new game, but no evidence of this game in my decTitleKeys_emu.bin (or ticket.db) so impossible to use CDN or funkycia2
I have to use ncchinfo_gen.py in order to generate the xorpads on the .app and .tmd
There is something i'm doing wrong ?

Try starting that game at least once. The seed may not be in your seeddb yet. If it specifically siad it found it... well, is there any chance you confused files? Maybe just delete (or backup) your old decTitleKeys_emu.bin (or ticket.db) and try again.

@d0k3 you can add in emunand options in what emunand, i want inyect files? cakes support multiemunand, thanks

Use the windows tool for that

Exactly. Setting up RedNANDs is actually a lot more complicated than most people think and there 1000s of ways on how to do it. Same for accessing (ie. doing anything to) these RedNANDs. Add to this the fact that only very few people actually use a Multi EmuNAND setup. Use Multi EmuNAND Creator for that!

which tool injecting files(ticket.db,movable.sed,etc) in the emunand on pc?

You have to do it manually. Generate the CTRNAND FAT16 XORpad with Decrypt9, dump your RedNAND with Multi EmuNAND Creator, then use my 3DSFAT16Tool (in my signature) to dump the FAT16 partition. USe OSFmount (on WIndows) to edit the partition. No one said having multiple EmuNANDs was easy .

I'd like to see CIA encryption become a thing again. I've noticed a few things I've repacked didn't want to work. Perhaps because I have to encrypt the CXI before I make a CIA from it and as a result makerom can't set up some important settings right for the CIA because the CXI is encrypted....

Building the CIA from the unencrypted CXI first would get better results and have encryption occur afterwords would improve the success rate of my repack attempts.

I can add it back in, you'd have to test it then, though. But first of all, know that it is almost impossible to build a working CIA with more than one content for GW. CFWs on the other hand shouldn't have any trouble installing and handling unencrypted CIAs.

 

[Apache Thunder]

I can add it back in, you'd have to test it then, though. But first of all, know that it is almost impossible to build a working CIA with more than one content for GW. CFWs on the other hand shouldn't have any trouble installing and handling unencrypted CIAs.

Noted. I don't own a Gateway anymore so I use CakesFW for emunand now. (I use rxTools for sysnand stuff)

 

[MassExplosion213]

Well, seems like notifications on GBAtemp don't work too well during these last few days.


That again sounds an awful lot like you tried Decrypt9 on EmuNAND / a FW version above 9.2 / with a patched firm. As the opening post states, the exploit required for this only works on <= 9.2. You need to run it from SysNAND (although it won't modify SysNAND if you don't specifically tell it so. Compare this with running CFWs... ever tried running Cakes / ReiNAND / rxMode when there was already a CFW running?


Try starting that game at least once. The seed may not be in your seeddb yet. If it specifically siad it found it... well, is there any chance you confused files? Maybe just delete (or backup) your old decTitleKeys_emu.bin (or ticket.db) and try again.



Exactly. Setting up RedNANDs is actually a lot more complicated than most people think and there 1000s of ways on how to do it. Same for accessing (ie. doing anything to) these RedNANDs. Add to this the fact that only very few people actually use a Multi EmuNAND setup. Use Multi EmuNAND Creator for that!


You have to do it manually. Generate the CTRNAND FAT16 XORpad with Decrypt9, dump your RedNAND with Multi EmuNAND Creator, then use my 3DSFAT16Tool (in my signature) to dump the FAT16 partition. USe OSFmount (on WIndows) to edit the partition. No one said having multiple EmuNANDs was easy .


I can add it back in, you'd have to test it then, though. But first of all, know that it is almost impossible to build a working CIA with more than one content for GW. CFWs on the other hand shouldn't have any trouble installing and handling unencrypted CIAs.

Not true for system apps. System apps are required to be encrypted.

 

[d0k3]

Noted. I don't own a Gateway anymore so I use CakesFW for emunand now. (I use rxTools for sysnand stuff)

Not true for system apps. System apps are required to be encrypted.

Alright... you know, there are two layers of encryption for CIAs, the CIA encryption (which gets decrypted when installing, also called the "shallow" layer) and the NCCH encryption (which is kept even if installed, also called the "deep" layer). I presume what we want is the NCCH encryption layer, correct?

 

[Apache Thunder]

Yeah. I think we only need the contents section of the CIA to be encrypted (the NCCH containers). The CIA itself does not need to be encrypted to install system apps. Just the CXIs contained in the CIA.

EDIT:

Looks like the CIA encryption stuff is still in place. Assuming it is all there, I just need to add this to the main.c in the Game Decryptor Options menu struct:

      { "CIA Encryptor",  &CryptGameFiles,  GC_CIA_PROCESS | GC_CIA_ENCRYPT },

Then updated this line:

"Game Decryptor Options", 9,

So that there is now 9 menu options instead of 8 (this would be an obvious change but mentioned it anyways. ).

I didn't include the "GC_CIA_DEEP" or "GC_CXI_ONLY" options. I will assume the normal routine should work for what I'm wanting to do. GC_CIA_DEEP is setup to be NULL if combined with CIA_Encrypt so it's not currently supported. The game.c does have support for the CXI only option so I could have also added that. But didn't want to overcrowd the menu with a 10th entry and CXI only doesn't seem that important for me at the moment.


I will get around to testing this tomorrow. It compiled with no errors, so I will have CIA encryption fun time in the morning.

 

[d0k3]

Yeah. I think we only need the contents section of the CIA to be encrypted (the NCCH containers). The CIA itself does not need to be encrypted to install system apps. Just the CXIs contained in the CIA.

EDIT:

Looks like the CIA encryption stuff is still in place. Assuming it is all there, I just need to add this to the main.c in the Game Decryptor Options menu struct:

      { "CIA Encryptor",  &CryptGameFiles,  GC_CIA_PROCESS | GC_CIA_ENCRYPT },

Then updated this line:

"Game Decryptor Options", 9,

So that there is now 9 menu options instead of 8 (this would be an obvious change but mentioned it anyways. ).

I didn't include the "GC_CIA_DEEP" or "GC_CXI_ONLY" options. I will assume the normal routine should work for what I'm wanting to do. GC_CIA_DEEP is setup to be NULL if combined with CIA_Encrypt so it's not currently supported. The game.c does have support for the CXI only option so I could have also added that. But didn't want to overcrowd the menu with a 10th entry and CXI only doesn't seem that important for me at the moment.


I will get around to testing this tomorrow. It compiled with no errors, so I will have CIA encryption fun time in the morning.

Well, that was not entirely correct, cause this way only the ("shallow") CIA encryption layer gets encrypted. Have a look at my last commit for the real changes required for this (and you were correct, everything was still in place). Or download the experimental release from below.

I didn't have much time for testing, so let me know if it works and if it helps you making these CIAs compatible. Unsure if that option will stay.

 

[Apache Thunder]

Thanks I'll give it a go soon.

Yeah the CIA stuff is a bit confusing. I had assumed the normal option would have encrypted both the CIA and the CXI's. But I guess the CXI only option is what I'll need to use?

 

[d0k3]

Thanks I'll give it a go soon.

Yeah the CIA stuff is a bit confusing. I had assumed the normal option would have encrypted both the CIA and the CXI's. But I guess the CXI only option is what I'll need to use?

I'd suggest you use the NCCH option and just encrypt everything. But also test the results (f.e. by redecrypting them and checking if the result is the same as the original unencrypted file).

 

[Apache Thunder]

Ok I encrypted using the NCCH option as you suggested. Then decrypted it afterwords using the deep option? Not sure if that's the decyption option you wanted me to use. The files aren't identical afterwords. However they very nearly are. I did file compare with HxD. These are the offset ranges that change afterwords:

2FA4-2FE7
38D1-38F3

Perhaps hashes or something. But the rest of the CIA are identical with each other so there's no reason for them to be different I think.

I'm not familiar with what those areas are used for in CIAs. But I'm sure you might know more about that.

 

[d0k3]

Ok I encrypted using the NCCH option as you suggested. Then decrypted it afterwords using the deep option? Not sure if that's the decyption option you wanted me to use. The files aren't identical afterwords. However they very nearly are. I did file compare with HxD. These are the offset ranges that change afterwords:

2FA4-2FE7
38D1-38F3

Perhaps hashes or something. But the rest of the CIA are identical with each other so there's no reason for them to be different I think.

I'm not familiar with what those areas are used for in CIAs. But I'm sure you might know more about that.

If you had no verification errors (which Decrypt9 would show you), everything should be fine. Just to be 100% safe, I'd say, from the reencrypted file, try it again. Meaning: decrypt the reencrypted file, then rencrypt it. Then compare reencrypted with rereencrypted, and if it matches you're good to. Also tell me it it works to make these files usable!