Hacking Homebrew and Rom and SSSpwn discussion

[Mikecrowfone]

I believe there's a general sticky topic for this. This doesn't warrant another thread.

Homebrew Development

Any discussion of the upcoming SSpawn stuff and homebrew resulting from it is likely best discussed there. Unless Smealum himself makes a thread about something more specific. (like his thread on logo submissions). So I don't feel this thread is necessary.

It is because everything ties in together. Translated games > decrypted roms > repacked roms into homebrew > ssspwn loading said repacked homebrew. I've found evidence of a full game being translated

That's why I felt a new topic is in order.

Smealum has announced that his ssspwn works on the 8.1 update and on EU and US versions.

I have some thoughts about these stuff. Please correct my if I'm incorrect anywhere.

SSSpwn

1. Allows code execution in userland
2. Supposed to allow code execution in a sandbox
3. Allows people to run homebrew
4. Does not allow piracy as it does not allow the playing of 3ds rom dumps

Homebrew

1. Purpose of homebrew is to allow anyone to create games/apps that can already be created using the official SDK
2. In essence, if you have enough capital, skill, team mates and time, you can recreate Pokemon X/Y from scratch.
3. Homebrew have same access to the 3ds just like commercial 3ds games
4. Homebrew .3ds for instance the BBB VC roms are official VC roms but decrypted and re-encrypted with 0000... AES keys. For all intents and purposes, it can be referred as now having homebrew encryption.

3DS Game Translations

1. Requires the decryption of the 3ds rom [Confirmed by post #7]
2. If 3ds roms can be decrypted, this means they can similarly be encrypted. [Confirmed by post #9]
3. Google the following phrase " 【心游汉化组】[3DS][多分流]逆转裁判5 （逆転裁判5） 简体中文汉化试玩版（仅前两章）[604M]（祝大家游戏愉快，敬请期待正式版）" and plug it into google translate. This is a AAD Jpn release translated into chinese.

Repacking of commercial 3ds rom games as homebrew

1. If 3ds roms can be decrypted, you can similarly re-encrypt them with the 0000.... AES keys which will allow this 'repack' to become homebrew
2. Since SSSpwn can run homebrew, it's possible to run repacked roms?

 

[Apache Thunder]

I believe there's a general sticky topic for this. This doesn't warrant another thread.

Homebrew Development

Any discussion of the upcoming SSpawn stuff and homebrew resulting from it is likely best discussed there. Unless Smealum himself makes a thread about something more specific. (like his thread on logo submissions). So I don't feel this thread is necessary.

 

[Mikecrowfone]

I believe there's a general sticky topic for this. This doesn't warrant another thread.

Homebrew Development

Any discussion of the upcoming SSpawn stuff and homebrew resulting from it is likely best discussed there. Unless Smealum himself makes a thread about something more specific. (like his thread on logo submissions). So I don't feel this thread is necessary.

It is because everything ties in together. Translated games > decrypted roms > repacked roms into homebrew > ssspwn loading said repacked homebrew.

That's why I felt a new topic is in order. I've found evidence of a full game being translated

 

[desertwarior]

the important question here how are you going to decrypt the 3ds roms? no one did it before not even gateway team.

 

[Mikecrowfone]

the important question here how are you going to decrypt the 3ds roms? no one did it before not even gateway team.

Ok. Will you need to decrypt 3ds roms in order to translate the game?

 

[alexenochs]

the important question here how are you going to decrypt the 3ds roms? no one did it before not even gateway team.

Actually your wrong there are translation teams for certain games that have successfully decrypted roms to translate them pretty sure smealum has achieved this tho I don't want to see ssspwn end up as something people use to pirate on even tho I own a gateway I'd hate to see smealums work stop because some ass found a way to pirate games

 

[PewnyPL]

Ok. Will you need to decrypt 3ds roms in order to translate the game?

Yes. To translate a game you need to have access to either the code (most likely not nowadays) or string tables. Both are encrypted together with the ROM, so all you would get when trying to translate is garbage.

 

[Mikecrowfone]

Yes. To translate a game you need to have access to either the code (most likely not nowadays) or string tables. Both are encrypted together with the ROM, so all you would get when trying to translate is garbage.

So, the theoretical steps to translate a game would be to decrypt the rom, translate the text strings, re-encrypt the rom?

 

[PewnyPL]

So, the theoretical steps to translate a game would be to decrypt the rom, translate the text strings, re-encrypt the rom?

Pretty much, yes. Since AES is symmetric then if you can decrypt a ROM, you can encrypt it back. There may be some other trouble along the way however (checksums on the string tables and such).

 

[Ryanrocks462]

Actually your wrong there are translation teams for certain games that have successfully decrypted roms to translate them pretty sure smealum has achieved this tho I don't want to see ssspwn end up as something people use to pirate on even tho I own a gateway I'd hate to see smealums work stop because some ass found a way to pirate games

meow

 

[godreborn]

well, most hacks r determined by riding offsets via an exploit. with no source code, u can't do much. I mean u need to debug if ur not sure. debugging involves observing what changes when what happens. that's how almost all hacks r determined. think of the rte of the ps3. well, cfw was created the same way. u observe what changes, and then, change it. that's true of almost everything.

 

[Mikecrowfone]

Pretty much, yes. Since AES is symmetric then if you can decrypt a ROM, you can encrypt it back. There may be some other trouble along the way however (checksums on the string tables and such).

Ok. This is going swimmingly.

Homebrew is just encrypted with a zero-filled key. ctrtool can extract the data from the ROM (so can 3DSExplorer to some degree), makerom can repack the ROM after editing.
So if they really are encrypted with a zero key, it should be a simple task to inject another ROM into it.
I may have a go at it later.

Since this is the case, I presume you can re-encrypt the game rom with the homebrew zero-filled key?

 

[godreborn]

zero-filled? that's usually when padding. that's what I did with ps3 flash files. the point being compression on top of encryption. it mattered not if it was encrypted or not, padding made absolutely no difference either way. if any of u saw that mario flash file, all icons were zeroed while compressed, not encrypted though.

 

[desertwarior]

Actually your wrong there are translation teams for certain games that have successfully decrypted roms to translate them pretty sure smealum has achieved this tho I don't want to see ssspwn end up as something people use to pirate on even tho I own a gateway I'd hate to see smealums work stop because some ass found a way to pirate games

emulators also encourage piracy you might say it's old games but hell! nintendo is still making money from their classic in the Eshop , so as long as you're running codes without nintendo's permission you might end up pirating something , and ssspwn will not stop piracy from happening even if it's less damaging like pirating a nes/snes/gba rom it's still piracy so i don't like the all piracy argument thing it's getting old not that i don't respect your opinion.

 

[nyder]

At the moment, none of us have the homebrew launcher that smea is making, so how does this matter, 'cept to warn him what you are planning on doing with his hack?

 

[Mikecrowfone]

At the moment, none of us have the homebrew launcher that smea is making, so how does this matter, 'cept to warn him what you are planning on doing with his hack?

Because I am not planning to do anything with his 'hack'. I'm in it for educational interest. I'm have a GW card already so this really doesn't matter. I just like pushing the boundaries of what can and cannot be done.

 

[TheZoroark007]

Do you think we can get Hoopa and Volcanion with SSSpwn Code Execution?

 

[Bond697]

Do you think we can get Hoopa and Volcanion with SSSpwn Code Execution?

no.

the important question here how are you going to decrypt the 3ds roms? no one did it before not even gateway team.

the gateway team has done it, smea's done it, normmatt has done it, slashmolder and i have done it, and so forth. it's not hard if you put some work into it.


no ssspwn won't let you run 3ds roms, no the gateway team won't use it as an entrypoint to something bigger, no it won't give kernel/privileged access.


yet another thread was really unnecessary.

 

[chrisrlink]

so basicly without Kernel access no chance in Cheating Homebrew Like Ocarina for the Wii?

 

[smilodon]

Do you think we can get Hoopa and Volcanion with SSSpwn Code Execution?

so basicly without Kernel access no chance in Cheating Homebrew Like Ocarina for the Wii?

No cheating will be allowed with this exploit, so please stop with your "muh pokemon hack" please.