Hacking How can I decrypt and extract the NAND?

[JoostinOnline]

I have both a NAND.bin file and a Gateway partition, but I can't figure out how to extract them to a browse-able directory.

 

[Isle41]

Just thinking about it this would probably only work with firmwares up to 7.x due to the fact we only have the 7.x key.

We could however have a shot at dumping the nand directly from the 3ds.

 

[JoostinOnline]

I've got 9.2

 

[DarkMatterCore]

You need to get the xorpad for the CTR-NAND FAT16 partition and XOR it with the data block that goes from 0x0B930000 to 0x3AF00000 in the NAND dump (approximately 757 MB). Afterwards, you can extract the content of the decrypted file using WinImage.

Use Decrypt9 to get this xorpad under 9.2 (without needing to downgrade to 4.X).

 

[cearp]

You need to get the xorpad for the CTR-NAND FAT16 partition and XOR it with the data block that goes from 0x0B930000 to 0x3AF00000 in the NAND dump (approximately 757 MB). Afterwards, you can extract the content of the decrypted file using WinImage.

Use Decrypt9 to get this xorpad under 9.2 (without needing to downgrade to 4.X).

use this python tool i made if you don't want to worry about using a hex editor etc - http://gbatemp.net/threads/release-...ct-the-fat16-partition-from-nand-dumps.380101
and yes, very happy that we now hand nand padgen on 4.5+

 

[JoostinOnline]

You need to get the xorpad for the CTR-NAND FAT16 partition and XOR it with the data block that goes from 0x0B930000 to 0x3AF00000 in the NAND dump (approximately 757 MB). Afterwards, you can extract the content of the decrypted file using WinImage.

Use Decrypt9 to get this xorpad under 9.2 (without needing to downgrade to 4.X).

Those are a mighty awful lot of big words.

Anyway, do you have a compiled version of Decrypt9?

use this python tool i made if you don't want to worry about using a hex editor etc - http://gbatemp.net/threads/release-...ct-the-fat16-partition-from-nand-dumps.380101
and yes, very happy that we now hand nand padgen on 4.5+

What am I doing wrong?

C:\projects\3ds\NAND>3DSFAT16tool.py -n3ds -d NAND.BIN fat16
*******
3DSFAT16tool
*******
 
Dumping... please wait
Traceback (most recent call last):
  File "C:\projects\3ds\NAND\3DSFAT16tool.py", line 57, in <module>
    fat16 = nand[start:end]
MemoryError

 

[cearp]

What am I doing wrong?

in that thread there should be an edited version from a user, that makes it so memory is not allocated all at once or something - try it

 

[Vappy]

do you have a compiled version of Decrypt9?

http://puu.sh/g8Ea5/b5e951ada4.zip Current latest version

What am I doing wrong?

That's an issue with 32 bit Python running out of memory when it tries to load the entire file into memory at once. Using 64 bit Python, or a slightly better managed script as mentioned by cearp, fixes it.

 

[DarkMatterCore]

Those are a mighty awful lot of big words.

Anyway, do you have a compiled version of Decrypt9?

Sure, here's it: https://mega.co.nz/#!oYpQVT5D!Vf0L4rydtP3np7_eHLRsSaHXITKHJKBkyh8iyWC-Rh4. I thought there was a binary available in GitHub, my mistake.

EDIT: Ninja'd.