Hacking Question about encrypting/decrypting SD card files

[ThoD]

I recently CFWed my gf's 3DS and been trying to get her some games on it to play together, but she only has a tiny SD card (the one the system came with, just 4GBs big) and can't upgrade anytime soon, making it impossible to install large games (because FBI needs twice the space of a game to install), so I've been thinking... Would it be possible to take the installed files from my 3DS for a game, then decrypt them, re-encrypt them to match her 3DS encryption key and move them to her SD card, basically skipping having to install the files through FBI? Once that's done I could just use FBI to inject the ticket/seed so the game is playable. Considering how both systems have CFW, it should be possible somehow, as we can get the encryption keys for each system easily. If it is indeed possible, can someone explain how I should got about doing this?

 

[TurdPooCharger]

Oo, you're not going to like this.

1. I assume you already took care of reformatting and checking the 4 GB card, and that all systems are go!
   
2. On your GF's 3DS, extract the movable.sed and the *.db files [ certs / import / ticket / title / tmp_i / tmp_t ] found in [1:] SYSNAND CTRNAND.
3. Back up the SysNAND on your GF's 3DS in case something goes wrong. Keep the NAND image safe on your computer.
   
4. Back up the SysNAND on your 3DS. You'll need this once the dirty deed is all said and done. Do the same for yours.
5. Put your GF's extracted CTRNAND files onto your SD card. Rename your current Nintendo 3DS folder to something else, like Nintendo 3DS (ThoD).
6. On your 3DS, overwrite and replace the respective CTRNAND files. All of them will require Calculate CMAC to correct for some hash issues that deals with System Transfer.
   
7. You'll be greeted with creating a new 3DS profile. Match word-for-word your GF's profile username, location, date of birth, etc.
   • DO NOT CONNECT ONLINE OR SET UP WIFI. This can get your GF's 3DS banned if you access Nintendo online services with her movable.sed. Keep your 3DS offline at all times.
8. Install the games but remember to keep the total under the approximately ~4 GB limit! Typical 4 GB SD cards have actual capacity of around 3.76 GB (give or take).
9. Unwrap and and launch each of the games at least once. I think you need to do this to take care of some "Secure Value" shenanigans.
   
10. This is going to sound stupid, but back up all the blank saves with Checkpoint or JKSM. You may want to rename your JKSV or Checkpoint folders with the (ThoD) tag so as not to contaminate your backed up saves.
11. We're in the home stretch! Dump your *.db files and copy these over to the 4 GB card. Copy your soon-to-be GF's Nintendo 3DS folder over as well. Don't forget the backed up saves!
    
12. Replace and overwrite *.db files on the GF's 3DS. Check each of them with Calculate CMAC. I don't believe the movable.sed needs to be copied back; leave this one out of it.
    
13. While hovering on [A:] SYSNAND SD, hold the (R)-should button and press (A). Choose the Fix CMACs for drive.
14. If it goes well, your GF's 3DS should recognize all the games you installed from your 3DS. Restore the blank game saves.
    
15. On your SD card, delete the current Nintendo 3DS folder and rename Nintendo 3DS (ThoD) back to Nintendo 3DS. Do the same for Checkpoint / JKSV folder(s).
16. SysNAND Restore (Safe) your 3DS.

 

[ThoD]

Oo, you're not going to like this.

1. I assume you already took care of reformatting and checking the 4 GB card, and that all systems are go!
   
2. On your GF's 3DS, extract the movable.sed and the *.db files [ certs / import / ticket / title / tmp_i / tmp_t ] found in [1:] SYSNAND CTRNAND.
3. Back up the SysNAND on your GF's 3DS in case something goes wrong. Keep the NAND image safe on your computer.
   
4. Back up the SysNAND on your 3DS. You'll need this once the dirty deed is all said and done. Do the same for yours.
5. Put your GF's extracted CTRNAND files onto your SD card. Rename your current Nintendo 3DS folder to something else, like Nintendo 3DS (ThoD).
6. On your 3DS, overwrite and replace the respective CTRNAND files. All of them will require Calculate CMAC to correct for some hash issues that deals with System Transfer.
   
7. You'll be greeted with creating a new 3DS profile. Match word-for-word your GF's profile username, location, date of birth, etc.
   • DO NOT CONNECT ONLINE OR SET UP WIFI. This can get your GF's 3DS banned if you access Nintendo online services with her movable.sed. Keep your 3DS offline at all times.
8. Install the games but remember to keep the total under the approximately ~4 GB limit! Typical 4 GB SD cards have actual capacity of around 3.76 GB (give or take).
9. Unwrap and and launch each of the games at least once. I think you need to do this to take care of some "Secure Value" shenanigans.
   
10. This is going to sound stupid, but back up all the blank saves with Checkpoint or JKSM. You may want to rename your JKSV or Checkpoint folders with the (ThoD) tag so as not to contaminate your backed up saves.
11. We're in the home stretch! Dump your *.db files and copy these over to the 4 GB card. Copy your soon-to-be GF's Nintendo 3DS folder over as well. Don't forget the backed up saves!
    
12. Replace and overwrite *.db files on the GF's 3DS. Check each of them with Calculate CMAC. I don't believe the movable.sed needs to be copied back; leave this one out of it.
    
13. While hovering on [A:] SYSNAND SD, hold the (R)-should button and press (A). Choose the Fix CMACs for drive.
14. If it goes well, your GF's 3DS should recognize all the games you installed from your 3DS. Restore the blank game saves.
    
15. On your SD card, delete the current Nintendo 3DS folder and rename Nintendo 3DS (ThoD) back to Nintendo 3DS. Do the same for Checkpoint / JKSV folder(s).
16. SysNAND Restore (Safe) your 3DS.

Thanks, although I was already aware of this method, but right now and for the next two weeks she's away with family on holidays, so I gotta do everything over the internet and my upload speed is just 20KB/s, no way I can upload anything larger than 500MBs in a reasonable timeframe, meaning can't just install the stuff and send them to her. Also, she's a COMPLETE noob at this, so letting her take care of things on her end would be hard even with instructions on video chat helping her out... I was looking for something more like using a computer to decrypt and re-encrypt, similar to how we do it for the DSiWare app during SeedMining, where we use the movable to decrypt the game, edit it and re-encrypt it. I have a backup of my SD card on her computer already, so I wouldn't need to upload anything more than my movable.sed.

PS: Don't think I haven't accounted for getting banned, first thing I ever do when I install CFW on a 3DS is backup the LFCS and then replace the one on the system with a public one, just in case it would have gotten banned for whatever reason, keeping the private seed safe. Same goes for movable.sed and basically anything involved in bans so I can keep her system safe, got mine banned when the 1.2 UM update rolled out and don't want her to have to deal with such problems, remember, total noob

 

[TurdPooCharger]

Thanks, although I was already aware of this method, but right now and for the next two weeks she's away with family on holidays, so I gotta do everything over the internet and my upload speed is just 20KB/s, no way I can upload anything larger than 500MBs in a reasonable timeframe, meaning can't just install the stuff and send them to her. Also, she's a COMPLETE noob at this, so letting her take care of things on her end would be hard even with instructions on video chat helping her out... I was looking for something more like using a computer to decrypt and re-encrypt, similar to how we do it for the DSiWare app during SeedMining, where we use the movable to decrypt the game, edit it and re-encrypt it. I have a backup of my SD card on her computer already, so I wouldn't need to upload anything more than my movable.sed.

PS: Don't think I haven't accounted for getting banned, first thing I ever do when I install CFW on a 3DS is backup the LFCS and then replace the one on the system with a public one, just in case it would have gotten banned for whatever reason, keeping the private seed safe. Same goes for movable.sed and basically anything involved in bans so I can keep her system safe, got mine banned when the 1.2 UM update rolled out and don't want her to have to deal with such problems, remember, total noob

OOoOhhhh...... She has her own 3DS with her. You want to do this remotely, and your Internet speeds + bandwidth are limited. Plus she's understandably not tech savvy with 3DS homebrew. (I'm repeating this to make sure I'm getting this right). And you want her to use your movable.sed and SD card files which she has on her computer to decrypt and re-encrypt with her movable.sed. That's a lot of take in.

On desktop, it's possible to virtually mount a Nintendo 3DS folder with its movable.sed to produce a decrypted copy using:

• fuse-3ds - FUSE Filesystem Python scripts for Nintendo 3DS files

I can't think of a way to re-encrypt that decrypted folder with a different movable.sed as fuse-3ds doesn't have that feature.

Sorry bud, but I'm out of ideas. I would say buy that larger replacement card if you can, put some CIAs on it, mail the card her way if she's not moving around a lot on her holiday trip, and teach her to use HBL launcher and FBI. It's a rather risky and bad idea IMO, but I can't think of anything else that's reasonable. ¯\_(ツ)_/¯

 

[ThoD]

OOoOhhhh...... She has her own 3DS with her. You want to do this remotely, and your Internet speeds + bandwidth are limited. Plus she's understandably not tech savvy with 3DS homebrew. (I'm repeating this to make sure I'm getting this right). And you want her to use your movable.sed and SD card files which she has on her computer to decrypt and re-encrypt with her movable.sed. That's a lot of take in.

On desktop, it's possible to virtually mount a Nintendo 3DS folder with its movable.sed to produce a decrypted copy using:

• fuse-3ds - FUSE Filesystem Python scripts for Nintendo 3DS files

I can't think of a way to re-encrypt that decrypted folder with a different movable.sed as fuse-3ds doesn't have that feature.

Sorry bud, but I'm out of ideas. I would say buy that larger replacement card if you can, put some CIAs on it, mail the card her way if she's not moving around a lot on her holiday trip, and teach her to use HBL launcher and FBI. It's a rather risky and bad idea IMO, but I can't think of anything else that's reasonable. ¯\_(ツ)_/¯

I'll look into this, thanks. I've thought of a really roundabout alternative way that's kinda too long to explain on here that only uses one system, so I'll try with what I can, but yes, the issue is how you described it at the start.