Is it possible to decrypt retail pokemon XY saves?

Discussion in '3DS - ROM Hacking, Translations and Utilities' started by overlord00, Feb 7, 2015.

  1. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    I ask this after doing some extensive research into trying to dump my retail save without powersaves and coming to the conclusion it isn't possible. Instead, i've extracted the save from my retail dump.
    The save is encrypted, using the 6.x or 7.x keys because of higher firmware on the 3DS.
    (Loading the rom and trying to use savedatafiler just shows an error)

    I've found various postings like this: http://www.reddit.com/r/SVExchange/wiki/keysav
    That should allow for extraction of pokemon, however, for me and my saves, it doesn't really work. (It only lets me see the first two boxes of exactly the same pokemon, so it's not very handy for me)
    It does however spit out box related keys... that do something...

    With current knowledge and keys, is there any way to decrypt the saves?
    If I decrypt the entire rom via XORPADS is the save even included?
    Anyone have any knowledge on this sort of thing?
     
  2. lukas_2511

    lukas_2511 GBAtemp Regular

    Member
    125
    45
    Jan 4, 2015
    Gambia, The
  3. Kaphotics

    Kaphotics badc0ded

    Member
    611
    460
    Sep 10, 2010
    United States
    just patch gateway to allow you to use savedatafiler on classic nand (not emunand)
     
  4. Zidapi

    Zidapi GBAtemp Psycho!

    Member
    3,033
    1,817
    Dec 1, 2002
    Oh, easy as that huh? Care to walk us through it?

    Edit:
    By "classic NAND" do you mean Classic Mode (which is emuNAND) or sysNAND (which is obviously not emuNAND).
     
    cearp likes this.
  5. drfsupercenter

    drfsupercenter Flash Cart Aficionado

    Member
    1,898
    234
    Mar 26, 2008
    United States
    How?
     
  6. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,102
    4,034
    Oct 7, 2007
    United States
    Levelland, Texas
    I would not doubt that Kaphotics would have the ability to run SaveDataFiler in Classic Mode. (he did make all them Pokemon rom editor tools. So he's a experienced coder/devoloper) Either that or someone gave him a modified Launcher that allows him to use it.

    I doubt he'll share it though and the rest of us common folk can't just "patch" Gateway to run it. Sorry dude, but it ain't that simple for the rest of us. :P
     
    ShinkoNet likes this.
  7. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    Thanks for that. I'll give that a go. Seems like the best way forward.

    Sorry, I'm not anywhere near that level of programmer to even know where to start with this.

    Thanks everyone for suggestions. I'll post back with results once I get some.
     
  8. Duo8

    Duo8 I don't like video games

    Member
    3,440
    1,140
    Jul 16, 2013
    Another way is to init the keyslot needed when starting, then start savefl.
     
  9. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    Not sure I would know how to do that either. Sorry.
    Thanks though.
     
  10. daxtsu

    daxtsu GBAtemp Guru

    Member
    5,546
    3,953
    Jun 9, 2007
    Antarctica
    If none of the above is an option, but you know someone with a Gateway, or have a Gateway yourself, you could simply dump your ROM from the cartridge*, rename it to .3dz, put it on the red card, then go into Gateway mode. Once there, on the home screen, press select to load the Pokémon ROM up (but don't begin the actual game) from the multi-rom menu, and instead go into savedata filer and simply dump the "CTR Card" save. That will let you get at your decrypted save, but there's no getting it back into a retail cart this way without using the browser hack or some method I don't know about.

    *If you've played this retail cart on a sysNAND higher than 6.x and you're trying to use a different 3DS with 4.x that can use Gateway, you're out of luck with what I wrote. The save encryption will be screwed up. The reverse also applies, I think. If you played it on 4.x but you're trying to get it extracted with a sysNAND newer than 6.x, then you're also boned.
     
  11. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    Thanks daxtsu, unfortunately I'm on 8.1.0, so new encryption. I tried it anyway and to no ones surprise, it doesn't work. CTR BROKEN error.
     
  12. daxtsu

    daxtsu GBAtemp Guru

    Member
    5,546
    3,953
    Jun 9, 2007
    Antarctica
    I see. Sorry that it couldn't help you. Hopefully in the future Gateway will let us use retail carts with SDF.
     
  13. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    no problems mate.
    Trying to update my 3DS to 9.5 to try out lukas_2511 's idea.
    Running into an issue where my SD card isn't seen by the 3DS anymore though. :\
     
  14. overlord00
    OP

    overlord00 A motherfucking birdplane

    Member
    667
    86
    Sep 12, 2009
    beautiful. it's done.
    Successfully dumped my Pokemon Y save from a retail cartridge.

    Tried injecting the save into a 4.5.0 GW rom, but it's corrupt. One of two reason; 6.x key issue or a warning they have on their site "You cannot use this with SaveDataFiler right now [...] "
    Either way, I now have all the data I want and could in theory just manually input and inject that into a new save.

    Thanks to everyone for suggestion.
    Special thanks to lukas_2511

    NOTE: my SD issue seemed to be related to my NAND hardmod. Removed it temporarily and the 3DS works fine.
     
    daxtsu and lukas_2511 like this.