Hacking M3Sakura Ver1.34 X Japanese/Asia Version

9600pro

Well-Known Member
OP
Newcomer
Joined
Nov 14, 2008
Messages
83
Trophies
0
XP
180
Country
Italy
M3 team as released the new firmware 1.34 X for M3 DS Real.
Still no EU/US version
rolleyes.gif


Source: http://www.handheldsources.com/M3DS/Download_M3DSR.html
 

sjones900

GBAtemp Advanced Member
Member
Joined
Jan 29, 2008
Messages
811
Trophies
0
Location
TX
XP
535
Country
United States
Real time save has been added? Maybe they just want to release the updates for they're region and hope that we'll translate it ourselves.
 

Skyline969

MENUdo Afficionado
Member
Joined
Nov 18, 2008
Messages
2,209
Trophies
0
Age
30
Location
Saskatchewan
Website
Visit site
XP
498
Country
Canada
Densetsu3000 said:
I have a video of Sakura 1.34 up on the first page of the FAQ. Please discuss and post questions there.
That's incredible! So if that's running on an English M3 Real now, does that mean it only needs to be translated? Or was that an Asian card?
 

Toni Plutonij

*has TrolleyDave & tiny p1ngy on moderating shelf!
Former Staff
Joined
Dec 22, 2007
Messages
8,147
Trophies
0
Age
34
Location
Depths of Nuclear powerplant
XP
603
Country
Croatia
Skyline969 said:
Densetsu3000 said:
I have a video of Sakura 1.34 up on the first page of the FAQ. Please discuss and post questions there.
That's incredible! So if that's running on an English M3 Real now, does that mean it only needs to be translated? Or was that an Asian card?
Densetsu3000 has original Japan cart, he's not running it on English M3 Real!
 

Styles420

Well-Known Member
Member
Joined
Dec 27, 2008
Messages
248
Trophies
0
Age
38
Location
Denver, Colorado
XP
153
Country
United States
I have some experience with hex editing and such, and plenty of free time to mess around... I know I saw a post about how the previous hack was performed, I think I'll look for it again and see if it will give me something to look for in this version... Can't guarantee anything though, if you guys haven't been able to do it then I probably won't unless I get lucky - I'm way behind the game these days.

(If anyone remembers where that post about the hack is, help me out with a link)
 

Styles420

Well-Known Member
Member
Joined
Dec 27, 2008
Messages
248
Trophies
0
Age
38
Location
Denver, Colorado
XP
153
Country
United States
powered_by_tux said:
@Styles420

Good luck with that. Here is the post, where a member pointed out an interesting address: http://gbatemp.net/index.php?showtopic=127807

Thanks... it does seem daunting, but maybe if I compare the jp with the asian versions, something might become apparent... if they're both completely different, then they've been encrypted, and I'll have to see if there's any single operation that will make them both similar, then I might be able to identify the parts that indicate region... but figuring out encryption isn't one of my strong points
 

Toni Plutonij

*has TrolleyDave & tiny p1ngy on moderating shelf!
Former Staff
Joined
Dec 22, 2007
Messages
8,147
Trophies
0
Age
34
Location
Depths of Nuclear powerplant
XP
603
Country
Croatia
Styles420 said:
Thanks... it does seem daunting, but maybe if I compare the jp with the asian versions, something might become apparent... if they're both completely different, then they've been encrypted, and I'll have to see if there's any single operation that will make them both similar, then I might be able to identify the parts that indicate region... but figuring out encryption isn't one of my strong points
Well, good luck with that! At least you're trying
wink.gif
that also counts!!

I hope you'll come up with something, but somehow I doubt it, I know that M3 Team doesn't like having their stuff hacked, so I bet they did a bit better job protecting it this time!!
 

Styles420

Well-Known Member
Member
Joined
Dec 27, 2008
Messages
248
Trophies
0
Age
38
Location
Denver, Colorado
XP
153
Country
United States
So far I've been able to disassemble some of the loader code (whether or not it's disassembled properly, I can't say - don't know what compiler they used or what processor it's really compiled for, but it detects as being mixed, some for ARM and some for thumb). Assuming my disassembly is correct, there are a few points where comparisons are made and program flow altered according to the results - manually checking each of them is becoming tedious, but I'm still plugging away. Basically, I'm just modifying a single byte at a time, switching it so it takes the opposite choice. I'm really wishing I had a way to emulate the M3 on my computer, so I could do these tests faster than changing one byte, writing the new copy to my flash card, booting up my NDS, and staring at a blank screen with no way to tell if my change even had an effect... if anyone knows of a way to do that, let me know - hopefully it will be something I have the means to do.

UPDATE: I haven't yet looked back at older versions, but it turns out the g6dsloader.1 files have two large areas that are different between the official Japanese and Asian versions (1.34) - so it's possible that the region lock has been moved. I plan to compare older versions with the hacked version and between regions of the official version to see if these differences exist there too. If not, I may have found the new region lock!

If anyone would like the hex addresses of the sections that match and don't match, pm me - I don't have the numbers handy yet, and I'm lazy about recording information until it becomes necessary, but if anyone out there thinks they might know what to do with this, that's a good enough reason for me.

UPDATE 2: Not much to add here (don't want to create false hope - I still don't know if I'll be able to break the region lock), but while scanning through the g6dsloader.1 I found sections in various European languages. While I'm far from being multilingual, some of the words are quite obviously translations of other words in the file, so it appears that I've stumbled onto a section containing the various language translations - for the European version! I'm hoping this is a good sign, since I can't think of a reason why they would put all of this into the Asian code if it wasn't going to be used. The true test, I suppose, will be to try and find the same section in the Japanese release - if it's there too, then either they used a template, or I'm barking up the wrong tree for the region lock. More to come as I discover it

(By the way, I've been looking at the Asian 1.34 release, based on a rumor that the Korean release was based on the English translation)
 

mc_B3oWoLF

Well-Known Member
Member
Joined
Jun 12, 2008
Messages
195
Trophies
0
Age
35
Location
Russian Federation
Website
mc-b3owolf.narod.ru
XP
143
Country
Serbia, Republic of
Maybe it's gonna be some 'insane idea', but, i'd make an attempt:

We all just try to compare the sakuras (I was trying to compare the english & japan versions of 1.12 , Japanese 1.34; you, Styles420 - the asian & Japanese vesions of the latest sakura, etc..)

The idea is to include the comparison of different regions of TOUCHPODs..
..maybe these could clear up the situation?
unsure.gif
wtf.gif
smileipb2.png
ninja.gif
 

Beige

Well-Known Member
Member
Joined
Nov 2, 2008
Messages
266
Trophies
0
Age
32
Location
Volcano Bakemeat
Website
Visit site
XP
205
Country
United States
You know, 'moving' the region lock kind of seems like a "Nice work guys, your hack is good and it gave us time to procrastinate, but now f*** off and let the real men get the job done for once" to me. I mean, they obviously appreciated the work before, but now that they are really pressing that they are on top of the English release, they don't want us in the way.

Then again, just a thought
lecture.gif
 

mc_B3oWoLF

Well-Known Member
Member
Joined
Jun 12, 2008
Messages
195
Trophies
0
Age
35
Location
Russian Federation
Website
mc-b3owolf.narod.ru
XP
143
Country
Serbia, Republic of
I hope, I've figured out some system (but couldn't fully reveal it).
After comparing 2 (g6dsload) files of SAKURAs 1.34 Asian & Japan I guessed that still 1st 3 lines are the lines we need to modify.

If we assume that it's true (i mean my guess))), then we should find out HOW we should modify these lines.
I compared g6dsload-files of TouchPod & M3Sakura of the latest versions (Asian&Asian and Japanese&Japanese).
I saw that the files of touchpod & of sakura had differences in both cases (a&a, j&j) in the same places.
And some of these different characters were equal for Sakura_J & Sakura_A
Here are the adresses (Hex & Dec respectively):

70 112 - equal value in Sakuras (A&J)
71 113
72 114 - equal value in Sakuras (A&J)
73 115 - equal value in Sakuras (A&J)

78 120 - equal value in Sakuras (A&J)
79 121
7a 122 - equal value in Sakuras (A&J)
7b 123 - equal value in Sakuras (A&J)

d0 208
d1 209

d5 213

dc 220
dd 221

200 512 - equal value in Sakuras (A&J)
201 513 - equal value in Sakuras (A&J)
202 514 - equal value in Sakuras (A&J)
203 515 - equal value in Sakuras (A&J)
204 516 - equal value in Sakuras (A&J)

The question is: What symbols are to be placed in the 'unique' addresses of the list above into the 'new' g6dsload.eng-file?
Could anyone guess?)

If I'm wrong, then the 'best thing' is if the lock is not only in lines #1,2,3 but also in lines 11,12,13,15.
And the 'worst' - if the lock is also somewhere else (there are loads of unequal lines)))
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: I'm not your pal buddy!