ROM Hack MHX DLC Encryption

[moghedien]

Updated mhef with the new key.

For people interested in how to get the key, here's the ASM I use (only for 1.1 update of course)...

I put this code at memory location 0xC01E9C:

.global _start
.type _start, %function
_start:
    STMFD   SP!, {R4-R10,LR}
    MOV     R4, R0
    BL      0x9ACE58
    LDR     R2, [R4,#8]
    LDR     R1, [R4,#4]
    LDR     R0, =0xE5CE00
    BL      0x2FCC7C
    LDMFD   SP!, {R4-R10,PC}

I put this code at memory location 0x2488E0:

.global _start
.type _start, %function
_start:
  BL  0xC01E9C

0x2FCC7C = strncpy
0x9ACE58 = blowfish_init
0x2488E0 = this is where blowfish_init is called when decrypting DLC files
0xC01E9C = empty space at the end of .text segment, used to store our hook function
0xE5CE00 = near the end of .data segment, used to store our copy of the key

So basically use the NTR debugger client to compile that code and load it at the given locations. Once that's done go to the DLC section in the game. Then you can read the key from 0xE5CE00. I would also recommend backing up your save file before attempting just in case the code causes unforeseen issues.

 

[moghedien]

Derp, they're either changing the key every few hours now or they're watching my repository... it's different again. I'm going to work on the homebrew to add/extract DLC from the save file for now.

 

[MHdeMH]

Derp, they're either changing the key every few hours now or they're watching my repository... it's different again. I'm going to work on the homebrew to add/extract DLC from the save file for now.

there is a new DLC announcement so maybe whem they update something the system will auto renew the key i think
same timing before 24h, so maybe just coincidence.

 

[moghedien]

So the key changed a couple more times yesterday but it hasn't changed for about 18 hours so I added the new key to mhef. Hopfully all those changes the past couple days were just an oddity.

 

[MHdeMH]

So the key changed a couple more times yesterday but it hasn't changed for about 18 hours so I added the new key to mhef. Hopfully all those changes the past couple days were just an oddity.

Thank you (>"<) i am waiting for this all day.
Really thanks again.

 

[MHdeMH]

So the key changed a couple more times yesterday but it hasn't changed for about 18 hours so I added the new key to mhef. Hopfully all those changes the past couple days were just an oddity.

Report, key changed now.

i am keeping DL quest ever 8-10mins from you update the worked key, and they change the key at about 3:00AM (japan time,just one hour ago)

same timing at yesterday, so if you have time to update a new key, i will keep watching server and check the key still work or not.

-----------------------
report, untill now (01/14 1:08AM JPN) the key still work. i check that every 10-20mins. hope can fine out what are they doing on server.

update : 01/14 2:02AM (JPN) key still work.
update : 01/14 3:31AM (JPN) key still work.

 

[moghedien]

Report, key changed now.

i am keeping DL quest ever 8-10mins from you update the worked key, and they change the key at about 3:00AM (japan time,just one hour ago)

same timing at yesterday, so if you have time to update a new key, i will keep watching server and check the key still work or not.

Updated

 

[moghedien]

I just added a Python script to mhef for getting the key. Just run the script in the command line (should work in Python 2.x and 3.x) and follow the instructions.

 

[moghedien]

Report, key changed now.

i am keeping DL quest ever 8-10mins from you update the worked key, and they change the key at about 3:00AM (japan time,just one hour ago)

same timing at yesterday, so if you have time to update a new key, i will keep watching server and check the key still work or not.

-----------------------
report, untill now (01/14 1:08AM JPN) the key still work. i check that every 10-20mins. hope can fine out what are they doing on server.

update : 01/14 2:02AM (JPN) key still work.
update : 01/14 3:31AM (JPN) key still work.

Looks like it stopped working at about 2016-01-15 03:00 JST. So It's probably every 48 hours at 3AM Japan time. I'll try to keep it updated in my repository but anyone with NTR can use that script to get the key now.

 

[takuzo]

they changed the key again.　01/16 0:47AM (JPN)
not 48 hours?

 

[moghedien]

they changed the key again.　01/16 0:47AM (JPN)
not 48 hours?

It changed because they added new quests Added the new key to mhef.
Edit: Looks like the key might change a few times today like it did last time they added new content. I'll just update the key in mhef tomorrow.

 

[takuzo]

Oh right!

 

[MHdeMH]

It changed because they added new quests Added the new key to mhef.
Edit: Looks like the key might change a few times today like it did last time they added new content. I'll just update the key in mhef tomorrow.

yap they change the key at the same time 3:00AM in japan
i just check that at 3:05 but forget to report.
looks like the key will change every 48 Hours at 3:00 AM and any new quest be added or announcement event info.

 

[Deleted member 369977]

Well played Capcom,
but we are already a step ahead! We don't need your keys anymore, we just use your savegame structure and there is nothing stopping us!

 

[takuzo]

they changed the key again.
added new content ?

 

[justln]

So I can just use a MHX savegame editor and inject a modified DLC in? I tried it out with the 6 Japan exclusive DLCs and they worked.

 

[moghedien]

they changed the key again.
added new content ?

Well, I setup EmuNAND 10.3 on my N3DS last night and NTR doesn't work on it yet... too much work to take out my microSD card again to reinstall MHX on SysNAND, so I wont be able to update the key until NTR gets fixed. Although someone with working NTR could use my script to get the key and make a pull request on github if they wanted to

 

[Deleted member 369977]

Well, I setup EmuNAND 10.3 on my N3DS last night and NTR doesn't work on it yet... too much work to take out my microSD card again to reinstall MHX on SysNAND, so I wont be able to update the key until NTR gets fixed. Although someone with working NTR could use my script to get the key and make a pull request on github if they wanted to

I wanted to update the key, but as you already said, NTR doesn't work yet on 10.3 n3ds emunand :/ Maybe we can get an update in a week or two with a new NTR version that supports 10.3 n3ds emunand

 

[moghedien]

A friend of mine got the key, so it's updated in mhef ... hopefully they're back on the 48 hours schedule so that'll last a day or two, haha.

 

[MHdeMH]

thx, i will try the key works or not, and keep watching when the key be changed.

--
update, the key is working. keep watching until after 3:00AM tomorrow