Homebrew OOT 3D Exploit Working On Downloaded Copies?

[FM360]

I have been wondering if this exploit works on downloaded versions of the game. I am thinking that it could because you can freely edit the save data of downloaded games on the SD card using a hex editor. Im just wondering.

 

[AquaX101]

I have been wondering if this exploit works on downloaded versions of the game. I am thinking that it could because you can freely edit the save data of downloaded games on the SD card using a hex editor. Im just wondering.

no, because the saves are not signed

 

[FM360]

no, because the saves are not signed

And what does that mean? (I'm a noob)

 

[Technicmaster0]

And what does that mean? (I'm a noob)

Every eShop related files are signed (encrypted). You'd need a console unique key to decrypt them.
Tho it could theoretically work if you own both versions and use the official software to transfer files between eShop- and retail games

 

[FM360]

Every eShop related files are signed (encrypted). You'd need a console unique key to decrypt them.
Tho it could theoretically work if you own both versions and use the official software to transfer files between eShop- and retail games

Is there any way I can retrieve my console's key?

 

[zoogie]

And what does that mean? (I'm a noob)

Signing a file generates a long hex number that is used to verify that a given file has not changed. Any time a single bit in a file changes, the signature completely changes. This allows an OS to check for tampering. (in this case, the 3ds knowing you've been screwing with it's saves)
This signing process (and encryption) must be done on a 3ds because the algorithim to sign files lies hidden somewhere on the 3ds SOC most likely.

You can get around this be using the savedatafiler dev tool to decrypt and modify saves (it's warez - can't link here). Google for it and how to use it.

 

[FM360]

Signing a file generates a long hex number that is used to verify that a given file has not changed. Any time a single bit in a file changes, the signature completely changes. This allows an OS to check for tampering. (in this case, the 3ds knowing you've been screwing with it's saves)
This signing process (and encryption) must be done on a 3ds because the algorithim to sign files lies hidden somewhere on the 3ds SOC most likely.

You can get around this be using the savedatafiler dev tool to decrypt and modify saves (it's warez - can't link here). Google for it and how to use it.

You know I can't install CFW on my N3ds right?

 

[osaka35]

You said:

You know I can't install CFW on my N3ds right?

A polite person would say:
Ahh, thanks for the info. It sucks though because I have a N3ds and don't have a way of installing CFW.

 

[FM360]

You said:



A polite person would say:
Ahh, thanks for the info. It sucks though because I have a N3ds and don't have a way of installing CFW.

I know I can be such a dick sometimes.

 

[Zidapi]

You know I can't install CFW on my N3ds right?

You know you never mentioned you had a new3DS until this post right?

 

[Dan-the-Rebirth]

To be fair the exploid is only for n3ds so he didn't need to say that

 

[Technicmaster0]

To be fair the exploid is only for n3ds so he didn't need to say that

The exploit/ entrypoint itself works on original 3DS as well. It's probably the same exploit used in http://36.media.tumblr.com/091b963720941f50b794850d31d0ba5d/tumblr_mf56u9ecLd1qzp9weo1_1280.jpg.

 

[I_AM_L_FORCE]

I have a downloaded copy, but modifying the save is a bloody bastard. The checksums keep fucking up

 

[sonic2756]

This would be super easy if there was a way to generate FAT16 XORPads on the N3DS.

 

[I_AM_L_FORCE]

Well there isn't, I have a save that don't load up corrupted. But link spawns in a void a and the game crashes unusefully.

 

[I_AM_L_FORCE]

(I'm on 9.5 Sysnand)

 

[Zidapi]

(I'm on 9.5 Sysnand)

Well there's your problem. The entry point works on every 3DS from 1.0 to 9.5, but it's only the first step.

The remaining steps won't work on a 3DS above 9.2, hence the crash and void.

 

[I_AM_L_FORCE]

It's so frustrating because we know at least 3 entry points but no way of gaining arm11 execution.