Separate names with a comma.
Discussion in '3DS - ROM Hacking, Translations and Utilities' started by gudenau, Nov 25, 2015.
How would I edit a system CIA? I have tried but I get garbage.
maybe system APP are encrypted?....
I atempted to decrypt it, and got garbage.
Use the CIA decrypter (deep) function in Decrypt9 if you aren't already using that.
What CIA is it?
That is new.
Ripped from NUS or from the system itself?
Downloaded from NUs, installed, then dumped.
You can do it straight from the NUS too. You just need to use the raw files (not packed as cia), decrypt it with the title key (uses AES-CBC), and then decrypt it just like a .3ds. I have most of the title keys if you need it.
Ok, how do I decrypt it then? How do I get the keys? How would I pack it? Does it need to be encrypted again, or can I change the exheader?
Title keys come from decrypting the TMD. And the rest is the same as a normal .3ds.
OK, download title, decrypt tmd, decrypt app files with aes-cbc, make the ctr info file with the app files, generate xorpads, extract app files with ctrtool, xor files, dump xored files with ctrtool?
Yup. Simpler in practice than in explanation.
decrypt.(bat/sh) anyone? So, how does one decrypt the tmd? (Sorry for the noobyness)
ncchinfo.bin? If I remember right?
Really, just dump the tmd on the ncchinfo script? Did not know that.