Hacking Region Lock Removal (Gateway 3DS & Sky3DS)

[DjoeN]

31 limit? I'm not as familiar with Sky3DS as I am GW but is this a permanent limit like the 10 before or just 31 game limit at any one time?

Here's why:

edit: seems the microSD layout was covered a while ago, more info here:
http://github.com/lukas2511/sky3ds.py/wiki/Disk-Layout

---

The limit of 31 games is because of the way the app writes the rom index to the SD card on sector 0

Each game is stored using TWO 32bit values, one is the start sector of the rom
and the other is the length of the rom in sectors (both appear to be in little endian)
(I have no idea how/where/what offset saves are stored at, I don't have my Sky3DS yet so can't test)

At offset 0x100 is the value 524F4D53 (ROMS) which is used to check if the SD card is formatted for Sky3DS.
(If this offset isn't 524F4D53 then the sky3DS app will say this card isn't formatted)

There can only be 31 games stored, the last offset at 0xF8+0xFC is FF which is
probably needed so Sky3DS card knows when to loop back to the first rom on the card.
(edit: so when Sky3DS reads the offset and size, if both are all FF's, then it loops back to the first entry on the microSD?)

Here is sector 0 hexdump of a MicroSD formatted with 2 test games written to a 16gb microSD.
(Game sizes are 128mb + 256mb see image below)

Offset(h) 00 04 08 0C
000000000 00000100 00000400 00000500 00000800 ................
000000010 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000020 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000030 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000040 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000050 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000060 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000070 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000080 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000090 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000A0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000B0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000C0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000D0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000E0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000000F0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000100 524F4D53 FFFFFFFF FFFFFFFF FFFFFFFF ROMSÿÿÿÿÿÿÿÿÿÿÿÿ
000000110 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000120 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000130 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000140 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000150 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000160 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000170 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000180 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
000000190 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000001A0 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0000001B0 FFFFFFFF FFFFFFFF FFFFFFFF FFFF8000 ÿÿÿÿÿÿÿÿÿÿÿÿÿÿ€.
0000001C0 00000CFF FFFF4000 00000004 00000000 ...ÿÿÿ@.........
0000001D0 00000000 00000000 00000000 00000000 ................
0000001E0 00000000 00000000 00000000 00000000 ................
0000001F0 00000000 00000000 00000000 000055AA ..............Uª

Offset 0x00 + 0x04 = Game 1 - Offset (00 01 00 00) + Size (00 04 00 00)
Offset 0x08 + 0x0C = Game 2 - Offset (00 05 00 00) + Size (00 08 00 00)
Offset 0x10 + 0x14 = Game 3
Offset 0x18 + 0x1C = Game 4 etc
Offset 0xF0 + 0xF4 = Game 31
Offset 0xF8 + 0xFC = Game 32

Having 33 games on your microSD would overwrite the offset at 0x100 which will make
DiskWriter think your MicroSD card isn't formatted the next time you start it up?

The 16 bytes from Offset 0x1BC is a partition entry (1 of 4)
(appears to be for a partition with the setup.zip containing the DiskWriter App)
and the offset 0x1FE+0x1FF is the Boot Sector Signature (0x55 0xAA)

***

edit: The extra header data (from the template) is stored at the rom offset + 0x1400 to 0x15FF.
(e.g sector 0x00010000 x 0x200 (sector size) = offset 0x02000000+0x1400 = 0x02001400)

 

[LurkerA]

31 limit? I'm not as familiar with Sky3DS as I am GW but is this a permanent limit like the 10 before or just 31 game limit at any one time?

31 games limit for each microSD card, no game limit for sky3DS card(blue button) itself.