Hacking FakeDetector & FakeRecovery_v1.16a

[niu]

source http://dswiki.7mc.org/wiki.cgi?page=Fake+DSTT

Thanks to X5WU2xGrQ

http://rapidshare.com/files/175957805/FakeDetector.zip.html
http://rapidshare.com/files/175958015/Fake...v1.16a.zip.html
http://rapidshare.com/files/175958099/DSTTDUMP.rar.html

FakeDetector for all TT
FakeRecovery_v1.16a for fake TT

USE IT AT YOUR OWN RISK!



1.16 kernel for fake TT (No fake killer)
http://rapidshare.com/files/176331535/wiki0055.zip.html
http://www.dstt-adv.com/

Fake killer CRC & TTMENU ips & DsttFlashWriter 0.05 & DsttFlashChecker_0.01
1.15 1.16 Kernel (no fake killer)
1.17 Kernal (no fake killer)
DsttFlashWriter 0.05
DSTT Flash Checker 0.01

-------------------
I Love Taiwan!

 

[redact]

ur links don't work

 

[rajendra82]

Can't read Japanese. What are these supposed to do?

 

[rajendra82]

Here is what Google translate spews out:
readme.txt file from FakeDetector

CODEFakeDetector.nds

? What's this?
Fake v1.16 in which individual programs are a routine decision.
Run from DSTT, Fake / True and determination.

The model also displays DSTT flash memory is used, you know
No memory of the eight-digit hexadecimal ID displays.

When you see and press A, "A" button to determine.
Execution is the only one, finished off please.

Fake The program has been determined, v1.16 to run the game,
Rewriting the flash memory, the worst, you can not start.

? Disclaimer
Using the results, there is no guarantee of anything. At your own risk
Please.

readme.txt file from FakeRecovery

CODEFakeRecovery.nds

? This?
DSTT v1.16 was destroyed in the program to repair the flash memory.
Warning If you use instead of repair, the destruction program in reverse.
Please read with.



? How to use
There are two ways.
(1) DSTT to use the dump file. In this case, DSTT can run it from outside.
(2) DSTT normal use.

If necessary, please conduct a DLDI patch.
(Usually unnecessary)



(1) FakeRecovery.nds the root directory of the microSD.
(2) the dump file DSTTDUMP.BIN in the root directory of the file name microSD
Copy the.
(3) FakeRecovery.nds run.

Loading DSTTDUMP.BIN

Change DSTT, press A

Will be displayed.
Since the operation, "3. Change DSTT, press A after the operation," please read.

The validity of the data does not check the reading.
However, the correct DANPUDETA, 128KB in, CRC32 is, 4B293714.




(1) FakeRecovery.nds the root directory of the microSD.
(2) FakeRecovery.nds run.

When you run, once the normal load DSTT information from flash memory,
If you read the data correctly,

Change DSTT, press A

Will be displayed.
Since the operation, "3. Change DSTT, press A after the operation," please read.





Change DSTT, press A

And appears to repair and replace DSTT, A button.

Displays the model of flash memory,

Recovery Start? Press A

And it appears, A runs the repair button.
If you do not run, please turn it off.

****************
................

And after the show was at the end

Complete!

If the show is finished.




? Notes
The microSD DSTTDUMP.BIN not exist, DSTT to say that it starts from the private DSTT
Issue the command. Therefore, running from MAJIKON other, the MAJIKON
May be destroyed.

The program is very loosely.
***** .... And if you stopped at a display, and it certainly destroyed the DSTT.

Flash memory is being restored,

AMIC A29L400T
AMIC A29L400U
EON EN29LV400AT
EON EN29LV400AB
ATMEL AT49BV001A (N)
ATMEL AT49BV001A (N) T

The type of the six,
EON EN29LV400AB
ATMEL AT49BV001A (N) T
The two not only to check work. (I do not have not confirmed)


DSTT-ADV if you want to repair, DSTT-ADV microSD please run to keep the wearer.
MicroSD data for an important sense, it is recommended that you back up.




? Disclaimer
Using the results, there is no guarantee of anything. Please use at your own risk.





? Other
Redistribution rights are free. If you redistribute, please be responsible for distribution.



? History Akira Osamu

1.16a: A29L400T tried to change the process.

1.16: The first version

 

[Evilmaster1985]

Lol now who again said there was no cardkiller code in 1.16?

Greetz, Vistabuser.

 

[Rankio]

Even with 1.15 loaded, these units stop working.

 

[rasputin]

LOL it works, former dead dstt from the first version of 1.16 recovered and purring away now running 1.15.


note.... I had to put the bad 1.16 firmware on to get the dstt to boot to run the recovery.nds, with the other versions it didn't seem to boot no matter how many times I tried, only the dodgy 1.16 seems to boot every 20 tries or so. (i didn't have a working dstt to use the easy method below in note2)

note2.. if you have a working dstt you can boot the recovery .nds from that cart and then swap to the bad one when prompted by the programme just before it flashes.



thx niu (edit, name correction) for the proggy and links and thx rajendra82 for the translation.

 

[kobykaan]

PWNAGE!!!!!!!!!!!

Used it to fix mates 2 fake cards!!

whoever wrote this needs a pat on the back!

as above put the 1.16 kernel on a working card .... (I used a NEO DSTT)

add the recovery nds file and the files from the dstt dump folder ....

execute the recovery nds file and swap cards when prompted you dont need the mem card in the card to be fixed

PRESS 'A'


When it says complete then its job done and just don't bother putting 1.16 back on

 

[niu]

Fake TT safe kernel
http://www.cndstt.com/english/index_en.aspx
http://www.dstt-adv.com/index-1.htm



my name is niu , not nui. Thanks.

sorry my bad english




--------------------
I Love Taiwan!

 

[rasputin]

Great stuff niu, apologies for spelling your name wrong.

Anyway I was wondering if it's possible to try other firmwares on the DSTT with this flasher?

 

[rajendra82]

Can someone upload these to a more permanent location. The original source is down and the download limit on raidshare is reached. I would do it to my webserver, but I am not at home right now where I have saved these files.

 

[rasputin]

Well here's another temp location for the time being... http://uploading.com/files/3OLSGLSE/dstt recovery files.zip.html

 

[kobykaan]

Great stuff niu, apologies for spelling your name wrong.

Anyway I was wondering if it's possible to try other firmwares on the DSTT with this flasher?

others will try AFTER YOU!

 

[rajendra82]

More download locations:

http://www.mediafire.com/file/zoymgrkw2z1/DSTTDUMP.rar
http://www.mediafire.com/file/2twmwzznd3z/FakeDetector.zip
http://www.mediafire.com/file/lzinw3zny12/...very_v1.16a.zip

 

[Bri]

I put a copy in the Downloads section: http://gbatemp.net/index.php?download=4086

as above put the 1.16 kernel on a working card .... (I used a NEO DSTT)

add the recovery nds file and the files from the dstt dump folder ....

execute the recovery nds file and swap cards when prompted you dont need the mem card in the card to be fixed

PRESS 'A'


When it says complete then its job done and just don't bother putting 1.16 back on

I don't understand these instructions. Can you post some simple step-by-step instructions so I can add them to the download information? I assume this requires a working flash cart in order to recover one that's not working (although it sounds like someone who had one that worked intermittently was able to recover without a second one), correct? Can the second flash cart be something other than a DSTT?

-Bri

 

[kobykaan]

I put a copy in the Downloads section: http://gbatemp.net/index.php?download=4086

as above put the 1.16 kernel on a working card .... (I used a NEO DSTT)

add the recovery nds file and the files from the dstt dump folder ....

execute the recovery nds file and swap cards when prompted you dont need the mem card in the card to be fixed

PRESS 'A'


When it says complete then its job done and just don't bother putting 1.16 back on

I don't understand these instructions. Can you post some simple step-by-step instructions so I can add them to the download information? I assume this requires a working flash cart in order to recover one that's not working (although it sounds like someone who had one that worked intermittently was able to recover without a second one), correct? Can the second flash cart be something other than a real DSTT?

-Bri

works best if you have a working none corrupt ttds card or one thats not had the fake 1.16 killer software on to begin with to run the recovery from (dont think its needed but was suggested above!

put the 1.16 kernel on the working card like you would when you start with a fresh mem card ..

(note here i would assume it would work with the corrupted card too although not tested! )

It does however have to be kernel 1.16 for it to work!


put the files from the fakerecover.zip file (FakeRecovery.nds) on the mem card (I put it in the root)

put the file from the extracted rar (called dsttdump)... its a dsttdump.bin file ... into the root folder

load the ttds card up (may take a couple of trys with a card thats been corrupted with fake killer kernel file)

once its loaded choose the fakerecover.nds file and run it like you would a game by pressing (A)

it will say its found the DSTT bin file (this is the ttds flash file) and prompt you to switch cards if your using a working card now is the time to take it out an put in your none/partial working TTDS card (you don't need the mem card in for this so leave it in the card your taking out!)

and now press (A) again this will reflash the TTDS bin file to the broken cards chip and restore its original state

now just use as normal with 1.15 kernel just don't update to 1.16 until someone finds a fix

you can re write that if you want Bri but that's basically how I did it

edit not sure if you can use a different slot 1 card to TTDS to initiate the recovery!? didn't bother to test it as i had Another card to use already

 

[Bri]

put the 1.16 kernel on the working card like you would when you start with a fresh mem card ..

This is the part I don't get. If the working flash cart is a fake, won't putting the 1.16 firmware on it kill it when you boot it up? Are you saying that the working flash cart has to be a real DSTT?

And if you have a fake that works partially (sometimes boots up) I wonder if you can do it without a second (working) flash cart. Does it copy files from the firmware of the working flash cart, or is it only using the working cart to run the .nds file (in which case it should work with other non-DSTT flash carts as well, and should work if the working flash cart is running 1.15)?

-Bri

 

[kobykaan]

put the 1.16 kernel on the working card like you would when you start with a fresh mem card ..

This is the part I don't get. If the working flash cart is a fake, won't putting the 1.16 firmware on it kill it when you boot it up? Are you saying that the working flash cart has to be a real DSTT?

And if you have a fake that works partially (sometimes boots up) I wonder if you can do it without a second (working) flash cart. Does it copy files from the firmware of the working flash cart, or is it only using the working cart to run the .nds file (in which case it should work with other non-DSTT flash carts as well, and should work if the working flash cart is running 1.15)?

-Bri

Will do some more testing but as far as i can tell when it executes it reflashes the TTDS firmware bin file to the broken TTDS cards onboard chip and restores it much like upgrading the firmware of slot 2 cards with a bin file

will have a play about and report back

EDIT:

nuked one of the TTDS cards again with 1.16 kernel

tried to run the recovery nds file from my M3 REAL and it said INVALID CARD!

so I guess it NEEDS TTDS/detects the DSTT hardware to run it!

more testing you can indeed run it from the same broken card you don't need to swap just run the recovery!

tested and ran it on 1.15 and that worked too... so you don't need to have the killer 1.16 kernel on it although if you have 1.16 on already back up your games and saves ... format the card and change it back to 1.15 kernel after you have recovered!

other places said that you needed the 1.16 kernel on to do the recovery ... this is not the case now!

 

[ricky23i]

put the 1.16 kernel on the working card like you would when you start with a fresh mem card ..

This is the part I don't get. If the working flash cart is a fake, won't putting the 1.16 firmware on it kill it when you boot it up? Are you saying that the working flash cart has to be a real DSTT?

And if you have a fake that works partially (sometimes boots up) I wonder if you can do it without a second (working) flash cart. Does it copy files from the firmware of the working flash cart, or is it only using the working cart to run the .nds file (in which case it should work with other non-DSTT flash carts as well, and should work if the working flash cart is running 1.15)?

-Bri

Will do some more testing but as far as i can tell when it executes it reflashes the TTDS firmware bin file to the broken TTDS cards onboard chip and restores it much like upgrading the firmware of slot 2 cards with a bin file

will have a play about and report back

Can I use an M3 real to boot the fixer then insert the fake TTDS/DSTT?

 

[rajendra82]

This is total speculation on my part as to how this software does the recovery, but if the recovery software works only on a DSTT booted with 1.16 and fails to run on the same flashcart running 1.15, I am guessing that it somehow reuses the fake killer code already loaded into the memory of the flashcart to patch over the bricked fake. In that case having a real DSTT booted with 1.16 would be the safest and most reliable way to initiate the recovery program. I guess the second best would be to attempt to boot the bricked fake and then self patch. I would be very hesitant to put 1.16 firmware on a functional fake to recover another non-functional fake. Preventing more harm should be the first order of business.

Edit: I guess needing 1.16 to run recovery was a total red herring based on the newer round of edits above. A DSTT that boots even once somehow is all that would be needed.