ROM Hack [Release] 3DS_CTR_Decryptor-VOiD

RichardLaughter_

Well-Known Member
Member
Joined
Sep 11, 2012
Messages
149
Trophies
0
XP
239
It would be cool if you could take the textures from oot 3d and put them in oot....of course the character models are totally different so im not sure how that would work. o.o
 

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
Well thr hash need to be calculated over the decrypted exefs for sure. And i think over only the first 200 bytes
Maybe 0x200 (512).
I tried this on the original decrypted ExeFS and finally got the same hash as ctrtool. After hashing the same part of the edited decrypted ExeFS and overwriting the original hash in the ROM, the ROM still does not show up in the game card slot. I even checked back on the edited icon.bin hash in the decrypted ExeFS, and it was also correct.

What could I possibly be doing wrong? Instead of changing the game title in the icon.bin should I replace the entire icon.bin with one from a different game?
 
  • Like
Reactions: The Cringe

ground

Well-Known Member
Member
Joined
Mar 22, 2007
Messages
907
Trophies
0
XP
597
Country
Netherlands
I tried this on the original decrypted ExeFS and finally got the same hash as ctrtool. After hashing the same part of the edited decrypted ExeFS and overwriting the original hash in the ROM, the ROM still does not show up in the game card slot. I even checked back on the edited icon.bin hash in the decrypted ExeFS, and it was also correct.

What could I possibly be doing wrong? Instead of changing the game title in the icon.bin should I replace the entire icon.bin with one from a different game?
I wonder what you are doing, as makrrom correct those hashes automatically.... Just make sure that you compile it as developer.
 

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
I wonder what you are doing, as makrrom correct those hashes automatically.... Just make sure that you compile it as developer.
What do you mean by "compile it as a developer?"

Remember, I only used makerom to extract the new decrypted ExeFS. Once I did that, I re-xorred it, opened it in a hex editor, selected everything, opened the encrypted ROM in a hex editor, overwrote the original ExeFS with the new ExeFS, and replaced the original ExeFS hash with the one from the first 200 bytes of the new decrypted ExeFS.

If I do not compile it as a developer, then does the new ExeFS get corrupted after it is used in makerom, then extracted and 0-key decrypted?
 
  • Like
Reactions: The Cringe

gamesquest1

Nabnut
Former Staff
Joined
Sep 23, 2013
Messages
15,153
Trophies
2
XP
12,247
are the file sizes EXACTLY the same if your going down the route of re-xoring with the original xor pads, they need to be exactly the same size or it will mess it up
 

ground

Well-Known Member
Member
Joined
Mar 22, 2007
Messages
907
Trophies
0
XP
597
Country
Netherlands
What do you mean by "compile it as a developer?"

Remember, I only used makerom to extract the new decrypted ExeFS. Once I did that, I re-xorred it, opened it in a hex editor, selected everything, opened the encrypted ROM in a hex editor, overwrote the original ExeFS with the new ExeFS, and replaced the original ExeFS hash with the one from the first 200 bytes of the new decrypted ExeFS.

If I do not compile it as a developer, then does the new ExeFS get corrupted after it is used in makerom, then extracted and 0-key decrypted?
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.
 

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.

I should have worded that better. I could not recompile the edited ExeFS, but makerom can, so I used it to build a ROM, then 0-key decrypted it, then used ctrtool to extract the new recompiled ExeFS.
 
  • Like
Reactions: The Cringe

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.

That was the problem. I fixed the other hash, and then the game showed up! Sadly, it did not trick Miiverse.

Oh well. Now that I have mastered the technique, I will take this a step further by replacing the entire icon.bin, banner.bin, logo.bin, and possibly the Exheader from another game.

Thanks to everyone for all of the help!
 

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
I tried completely swapping out the icon.bin and the banner.bin with some from another game. I fixed all of the hashes and added extra FF bytes at the end of the ROM to make up for the ExeFS being smaller, but it is having the problem with not showing up in the game card slot. Next time I will just try with the entire icon.bin only because they are the exact same size.
 
  • Like
Reactions: The Cringe

Reisyukaku

Onii-sama~
Developer
Joined
Feb 11, 2014
Messages
1,534
Trophies
2
Website
reisyukaku.org
XP
5,422
Country
United States
Anyone have any idea why reading and writing to files is so finicky? is it just buggy-ness from the exploit? or is the asm for those functions themselves buggy? It's kinda annoying. I just want to know if it's something within grasp that can be fixed
 

Aveyn Knight

Active Member
Newcomer
Joined
Oct 20, 2011
Messages
25
Trophies
0
XP
143
Country
Could somebody kindly help me generate the XOR pads for Fire Emblem: Awakening so I can attempt to data mine the game? Been anticipating this moment since the game's release : )

I can provide the ncchinfo.bin file.

EDIT: Nevermind the request; didn't realise it was against the rules.
 

I pwned U!

I am pleased to beat you!
Member
Joined
Jun 14, 2013
Messages
927
Trophies
3
Age
28
Website
gbatemp.net
XP
704
Country
United States
Does anyone know if 0-key encrypted ROMs work with online features/local multiplayer/Miiverse screenshots, or do these features only detect a game if it uses its original encryption?
 
  • Like
Reactions: The Cringe

gtaking112

Well-Known Member
Member
Joined
Nov 1, 2013
Messages
105
Trophies
0
Age
29
XP
129
Country
How would I go about decompressing a .code.bin? I decrypted the ORAS demo and the code bin is where all the important stuff is stored.
The RomFS is smaller and cannot be decompressed as it 's saying the hashes are corrupt.
 

windwakr

Well-Known Member
Member
Joined
Sep 13, 2009
Messages
502
Trophies
1
Website
windwakr.github.io
XP
1,796
Country
United States
I would assume it uses the 7.x crypto, so you're not going to be able to decrypt it.

http://3dbrew.org/wiki/NCCH#NCCH_Specs
As of 7.0.0-13 the system now supports a new encryption method for the secure-cryptotype, the CTR for this is the same as before. This is enabled when NCCH flag[3] is non-zero. When enabled, the RomFS and ExeFS files which don't have filenames "icon" or "banner"(that is, ".code") are crypted with a different keyslot.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    realtimesave @ realtimesave: hiiiiii