Hacking NDS Management Software

[shorty606]

Hi,
I have recently bought a cylcods card, before about two weeks ago I never knew any of this existed!. It got me really keen on my DS again. I looked and looked and could never find any programs to manage NDS files how I wanted it to, they were either not what I expected or written specfically for a certain make of flashcart. I started looking into the programming side of things and already being a Delphi programmer decided to write my own. I would therefore like to ask the users what they would like to see in a program that manages NDS files. I would also like to ask for some help, if anyone could provide me with the theory on how trimmers work, I will incorporate that into my program, and if anyone could give me an insight into how the bricker software works and give me some info on if the file that does brick your system is always teh same or if there are variated then I will try and incorporate bricker software detection into the program also.

Before I posted this I made sure that I was up to the task by using some information I found on the header file of the NDS roms to create a program that extracts and lists the roms true names with their icons. Initially it was a slow process and extracting the rom icons took several minutes, I have now refined the technique my program uses and it can do it in a matter of seconds.

If the project takes off and people really do want to help, I'll look at designing a website for the program but first things first, what would you all like to see in an NDS management program for the PC (and later on MAC as I will be writing in a portable variation of delphi that can be compiled on the MAC).

Cheers,
Shorty606

Very Sorry, I've clicked no the wrong board. Can this be moved to the utilities section please.

 

[UltraMagnus]

well, one that runs on linux would be nice... I believe the are object pascal compilers for linux

 

[shorty606]

Well I'm going to be writing the software in a program called Lazarus which, to sum up, is a program that is very similar to the Delphi IDE and uses the same object orientated code but the code can be compiled on any computer than runs lazarus, without any modification to the code. So far the Lazarus IDE can be installed on MACs, Linux, alsorts!
I'm in two midns therefore about what to do, obviously I want to distribute my program on as many platforms as possible but I don't have the capacity to run several different operating systems so I don't know if I want to release the source code. If there are enough people interested that have access to the operating systems and are willing to compile my code then I would do it that way and let individuals release compiled versions of my program. I'm not for closed source at all but from what I've seen, the DS scene tends to see copies of software and hardware spring up which makes it hard for people to know what is genuine and what is not. This is why I would therefore rather only have executables released to make it easier for everyone.

Let me know your thoughts

 

[bowlofspiders]

The trimming part trims the "end" of the rom so that your computer read's the actual size. Only thing is that the wifi data is stored at the end of some wifi games. Sometimes it Deletes the wifi, and sometimes it doesn't. Just depends.

 

[FAST6191]

Trimming.
DS roms have a header, in this header there is a lot of useful data for both the DS and the hacker/program maker.

Old style (some have dubbed it unsafe trimming) used by the GBA trimmers and for earlier consoles which lacked size in the header.
The ends of roms are padded with 00/FF, these trimmers simply trim until there is no more. Occasionally this would cause problems as 00 and FF have valid uses in some roms so some would trim the lot bar the last few kilobytes.
Some roms (not DS) have garbage data at the end and some trainers/hacks use this space for various things so it is not always possible or wise, also overdumps of GBA games may not have 00/FF sections in the overdumped parts.

New style (dubbed safe trimming)
In the DS header
http://nocash.emubase.de/gbatek.htm#dscartridgeheader
At 80 hex there are 4 bytes in normal DS order (in the rom F8 8B 73 00 translates to 00 73 8B F8) which indicate the end of the rom.

Some will also give it a few more bytes (sometimes able to be set by the user), this is supposedly for multiplayer purposes.

And for giggles icons:
http://gbatemp.net/index.php?showtopic=45360


Feature requests.
My usual point about automation is good but allow me to tell it exactly what to do if and when I want stands.

Zip, rar and 7zip support. Ability to customise levels and other options essential (usual method is to allow command line changes with the various apps). 7zip has a command line version available under many licenses.
If you can multiple roms per (7zip) archive as it reduces space nicely. Usually this is limited to region dupes but if you can add more do it.
Rename roms inside archive
Custom search parameters (the more the better), for starters name, release name, release group, genre, size, CRC/some other hash

edit: forgot the bricker.
This is actually very simple, the basic idea is that on earlier model DS (I am not sure if it was rectified for later version original DS or not) could write the firmware but as anyone who has performed flashme will tell you the first part is not able to be written unless you bridge SL1 (later model DS required SL1 to be permanently bridged during writing).
However this initial protected area does not have enough to boot the DS to allow recovery via software (you can still hook it up to a programmer), the bricker messed up the later section and consequently the DS.
Most brick detection detects the two trojans released by Darkfader that brick the DS
Page search malware:
http://darkfader.net/ds/

Naturally people could implement this into another program or hack it into a rom but as of yet nobody has (or at least has not released them) and those two bricking apps are extremely rare in the wild (I have been around here and other DS forums since before it appeared and I have not heard of anyone bricking their DS with them since the initial run, only with messing up flashme or messing around with new firmwares for the DS).

 

[Purses]

To be able to compete with the other rom managers out now. you'll need rar/7zip support.

 

[shorty606]

Thanks for all the replys! I've managed to code in the icon viewing and name extraction and I'm hoping to put in trimming now. Any idea how the 4 bytes point to the end of the rom? is it an offset like the palette and icon data? source code would be greatly appreciated.

The direction my program is starting to go in now is that it will be written in Lazarus, making it compileable in any operating system lazarus is available which is almost of all of them,hopefully making it truly cross platform. I know rominator is but I'd also like to supply something similar for operating systems rominator doesn't support. I will start posting screenshots shortly for feature suggestions. Thanks for the replies so far, all really helping!


EDIT: Special thanks to FAST6191. All that info really helped! The signature on the malware section of the site you gave me, is that for both variations of the virus? they use some common code? I will add that into a scan. I am going to work through the feature list you gave and add those also

. How many bytes are usually added on for wifi also? Is it best to add a couple to every trimmed rom to make sure if there is wifi, it isn't broken?

Thanks again fro your help everyone!

 

[FAST6191]

My example was actually pulled from 1630 - Crossword DS + Sekai 1-Shuu Cross (J). It is simple pointer using the start of the file as the origin.

Those 4 bytes

Sample
CODE
0000050 00AE 0400 A000 0000 0000 0000 0000 0000 ................
0000060 1760 4100 F808 1800 0052 0A00 5B82 1E05 .`A......R..[...
0000070 740A 0002 5801 3802 0000 0000 0000 0000 t...X.8.........
0000080 F88B 7300 0040 0000 684B 0000 0000 0000 [email protected]......
0000090 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000A0 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000B0 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000C0 24FF AE51 699A A221 3D84 820A 84E4 09AD $..Qi..!=.......
00000D0 1124 8B98 C081 7F21 A352 BE19 9309 CE20 .$.....!.R.....

F88B 7300

Becomes

0073 8BF8 (section below highlighted for clarity, the data means nothing here).

CODE0738BB0 0100 0000 EC46 0100 0100 0000 806E 0100 .....F.......n..
0738BC0 0100 0000 9CC1 0100 0100 0000 1040 0000 .............@..
0738BD0 0100 0000 5068 0100 0100 0000 6868 0100 ....Ph......hh..
0738BE0 0100 0000 84E6 0000 0100 0000 C0A7 0100 ................
0738BF0 0100 0000 5C23 0000 FFFF FFFF FFFF FFFF ....\#..........
0738C00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF ................
0738C10 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF ................
0738C20 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF ................
0738C30 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF ................
0738C40 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF ................



Edit: Those are the signatures (size, MD5 and original name) for the two brickers in their unaltered forms. As far as I am aware nobody has released altered versions (a few names changes perhaps but I have no evidence of such a thing) or alternative programs with the same method used, compared to PC malware it is laughable I know.

 

[UltraMagnus]

Well I'm going to be writing the software in a program called Lazarus which, to sum up, is a program that is very similar to the Delphi IDE and uses the same object orientated code but the code can be compiled on any computer than runs lazarus, without any modification to the code. So far the Lazarus IDE can be installed on MACs, Linux, alsorts!
I'm in two midns therefore about what to do, obviously I want to distribute my program on as many platforms as possible but I don't have the capacity to run several different operating systems so I don't know if I want to release the source code. If there are enough people interested that have access to the operating systems and are willing to compile my code then I would do it that way and let individuals release compiled versions of my program. I'm not for closed source at all but from what I've seen, the DS scene tends to see copies of software and hardware spring up which makes it hard for people to know what is genuine and what is not. This is why I would therefore rather only have executables released to make it easier for everyone.

Let me know your thoughts

well, I run linux, and would be willing to do the compilation for you, although I would rather only do so for an open source project. I don't know object pascal though, only C really.

I can't see a clone of a rom manager being made, flashcards are only cloned because it is big business, and they were even cloned without the source code being released. In fact, the only flashcard with an open source firmware (akrpg) has no clones.

 

[auREAX]

I also wouldn't mind compiling it under Linux.

 

[shorty606]

Well I think I have thrashed it all out now. What I've decided to do is release it as OpenSource as it will allow people to compile it for the system they are using. The outputted files will be large at first but there is a way to strip down the size which I will talk about once we have it compiling on at least a couple of systems.

The source code is here:
http://rapidshare.com/files/203570238/ndssource.rar

All you need to do is go to http://www.lazarus.freepascal.org/ and download the version of the software appropriate for your pperating system.

Then open the source code using the program and click the green forward arrow. It should compile without any trouble.
Lazarus is a program that is advertised as code once, compile anywhere.

If it runs and you can get a screenshot, please post it! I'll post some windows screenshots shortly.

At the moment, the source has just been written in Lazarus from Delphi so currently all it does is read any .NDS files in the same directory as the application exe and displays their name and icon.

Look forward to seeing some Linux versions running!

 

[Purses]

I got it to compile without a problem on windows, and I got it to read the few games I tried.