Toggle sidebar

ROM Hack [Release] 3DS_CTR_Decryptor-VOiD

  • Thread starter Thread starter Relys
  • Start date Start date
  • Views Views 649,245
  • Replies Replies 2,226
  • Likes Likes 30
Isnt it possible to decrypt the nand and reencrypt it partitally and then spoof the nintendo server? If an uodate is downloaded from the server it isnt encrypted yet with console specefic keys, so it has to happen inside the 3ds right after it? ( just speculation, i need to check this for sure, but i dont have the abilities to do so now)
 
K so i have a little problem. I got to extract the pokemon models just fine, but i don't know the command line for the textures. Can anyone write an example?
 
anyone figured out any more about the IVFC hash, the first one is easy, but then i cant figure out how level 1 & 2 work.......hmmm back to staring at Chinese i think

Untitled.png

anyways see on here the first hash works perfectly, go to 0x1e0f000, select block size 1000, sha256 of that area is the first hash which is stored at 0x60......

EDIT: ok the other ones are that simple too....but it seems the actual content is individually hashed aswell or something, as even content not covered by these hash's still breaks these hashes (im sure at some point i will understand it :rofl2: )......unless im missing yet another something
 
Sabi996 said:
K so i have a little problem. I got to extract the pokemon models just fine, but i don't know the command line for the textures. Can anyone write an example?
Click to expand...

For python:
bch2png.py dec_NO.bin

For go:
go run bch2png.go dec_NO.bin

Also, the texture for a model is in a file with a number higher by 2 and 3 (normal and shiny respectively).
So, for Bulbasaur, his model is in dec_4.bin, while his textures are in dec_6.bin and dec_7.bin
 
PewnyPL said:
Not exactly. First you generate (on a PC) a key in ncchinfo.bin. Then, CTR decryptor uses it AND the 3DS's AES engine to generate a xorpad.
So, without a key, you won't be able to do anything with CTR tool.
Click to expand...

Ok. So let me see if I'm understanding you correctly. The key is in ncchinfo.bin. CTR decrypted uses the 3DS's AES engine to decrypt the rom using this per-generated key. Hence, only if we are able to generate a key for NAND will we be able to decrypt using this method?
 
Mikecrowfone said:
Ok. So let me see if I'm understanding you correctly. The key is in ncchinfo.bin. CTR decrypted uses the 3DS's AES engine to decrypt the rom using this per-generated key. Hence, only if we are able to generate a key for NAND will we be able to decrypt using this method?
Click to expand...

Pretty much. However, it's easy to generate a key for the games, as each game uses it's own key and the console has to extract it. But for the NAND it is hard, as the same method won't work (no need to hide the key anywhere in the ROM, as NAND is only for one specific console) due to the keys not being stored anywhere easy to access.
 
Mikecrowfone said:
Ok. So let me see if I'm understanding you correctly. The key is in ncchinfo.bin. CTR decrypted uses the 3DS's AES engine to decrypt the rom using this per-generated key. Hence, only if we are able to generate a key for NAND will we be able to decrypt using this method?
Click to expand...
carts all need to be decrypted by any console, so its kinda obvious they are using a method that would work whatever console the cart is inserted into

but in the case of the nand they are designed to only be decrypted by the console they came from, iirc they use a console specific key for their encryption
 
PewnyPL said:
Pretty much. However, it's easy to generate a key for the games, as each game uses it's own key and the console has to extract it. But for the NAND it is hard, as the same method won't work (no need to hide the key anywhere in the ROM, as NAND is only for one specific console) due to the keys not being stored anywhere easy to access.
Click to expand...
gamesquest1 said:
carts all need to be decrypted by any console, so its kinda obvious they are using a method that would work whatever console the cart is inserted into
but in the case of the nand they are designed to only be decrypted by the console they came from, iirc they use a console specific key for their encryption
Click to expand...

I see. For games, the keys are easily accessibly by the 3DS so that its AES engine can decrypt. Whereas for NAND, the key is not located in the dump? If so where would the key be located?
 
SciresM Have you looked into items in the game files? Would love to see what the Power Plant event and such is (Ya know, those doors that say you need a card key). My guess is that those are the places you will legitimately obtain Volcanion --- or more.
 
Huntereb said:
SciresM Have you looked into items in the game files? Would love to see what the Power Plant event and such is (Ya know, those doors that say you need a card key). My guess is that those are the places you will legitimately obtain Volcanion --- or more.
Click to expand...

There is nothing; SciresM has had the decrypted files for months.
 
  • Like
Reactions: Huntereb and cearp
The only way to check would be using a "walk through walls" code or something. Whenever that would be possible.
 
WannyTiggah said:
The only way to check would be using a "walk through walls" code or something. Whenever that would be possible.
Click to expand...
No. If there's no text, there is no event. We can check models and map info, and there is nothing. Plus you can't walk through walls to bypass a script warp.

There is no secret event at the power plant, or anywhere else. We would know by now.
 
the most likely options are either
A. it was planned to be in the game but was cut and they left the door
B.its just a suspicious door with no meaning
or
C. they planned a special event that would work somewhat like DLC and the content wont be there until a patch is released
 
Wait, which door (single) are you guys talking about? I thought we were talking about the doors (plural) of the closed power plants...
 
  • Like
Reactions: cearp
Kaphotics said:
There is nothing; SciresM has had the decrypted files for months.
Click to expand...


Damn, that sucks. I guess we'll get that stuff in game updates.

But does that pertain to areas as well? No inaccessible locations? If someone were to "walk-through-walls" cheat passed the door, nothing would happen?
 
I think I may have a problem here.

I'm trying to make an XORPAD of Sonic Lost World, because RTB from The VG Resource really wants to get the models from that game. I made an ncchinfo.bin file out of the ROM, then copied said file (and the Gateway Launcher.dat) onto my SD card. Once I went to DS Profile, the decryptor interface appeared, but it's been stuck at the "Reading info..." part for more than ten minutes now.

Did I do something wrong, or is it supposed to take an extremely long time?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Homebrew  [Progress update] LCE Minecraft 3ds

Gaming  any good rpgs on 3ds?