Toggle sidebar

ROM Hack [Release] 3DS_CTR_Decryptor-VOiD

  • Thread starter Thread starter Relys
  • Start date Start date
  • Views Views 649,240
  • Replies Replies 2,226
  • Likes Likes 30
Huntereb said:
They did it some unknown, unreleased way. Dunno why nothing has been released relating to them. It doesn't even have to be proper right now, I just want something that works. :rolleyes:
Click to expand...

They did by the rexoring stuff, just a few members figure out how that works....
I Still think as using the PatchRom to rebuild roms is the better way... You can even redirect RomFS to the SD....
 
  • Like
Reactions: Huntereb
ground said:
ah i see. i didnt look into that too much, but i think this should do the trick:

http://rumkin.com/software/tools/padxor.php
Click to expand...
the xorpads are generated by the 3ds, they are unique to the title, its the same xorpad used to decrypt the content is reused to encrypt it, its not thats the methods are some secret its just that people struggle with a 2 step bat file to decrypt and rebuild i can only imagine what would happen if i tried to explain the re-xoring method, i would prefer to let someone automate the process if they can to save on the headache :D

but anyone who can figure it out, all the info is there and public
 
  • Like
Reactions: gtaking112
gamesquest1 said:
the xorpads are generated by the 3ds, they are unique to the title, its the same xorpad used to decrypt the content is reused to encrypt it, its not thats the methods are some secret its just that people struggle with a 2 step bat file to decrypt and rebuild i can only imagine what would happen if i tried to explain the re-xoring method, i would prefer to let someone automate the process if they can to save on the headache :D

but anyone who can figure it out, all the info is there and public
Click to expand...
i know ;) i wasnt pointing to the creating xorpads, but just using the existing xorpads to encrypt files. but as I said, i didnt look at it ;)

edit:
anyway, i was puzzling witht his for a while. but is it possible to decrypt the nand with this? I lokoed in the source and i know how to change the keyslots but i dont know hoe to create a proper .bin file for it.

if we have an xorpad we can mount it with this script:
http://pastebin.com/Nj9n10y8 (written by smealum)
 
ground said:
i know ;) i wasnt pointing to the creating xorpads, but just using the existing xorpads to encrypt files. but as I said, i didnt look at it ;)

edit:
anyway, i was puzzling witht his for a while. but is it possible to decrypt the nand with this? I lokoed in the source and i know how to change the keyslots but i dont know hoe to create a proper .bin file for it.

if we have an xorpad we can mount it with this script:
http://pastebin.com/Nj9n10y8 (written by smealum)
Click to expand...


To decrypt NAND you'd have to RE the NAND decryption function in the kernel. You need to know:
1) Which keyslot to select.
2) How to calculate keyY (public key)
3) How to calculate ctr (Initialization Vector)
 
  • Like
Reactions: ground
Nic333 said:
They did by the rexoring stuff, just a few members figure out how that works....
I Still think as using the PatchRom to rebuild roms is the better way... You can even redirect RomFS to the SD....
Click to expand...

So is that actually working for roms of retail games?
 
It was updated 10 days ago so I don't think it has the latest update of Applestash. How come nobody has uploaded screenshots of a mod of a game other than the guys who are hacking Pokemon?
 
I think the biggest reason why not much has happened in way of rebuilding is the need for hashing and patching by hand before rebuilding. I'm not sure if anyone has created a script or program to do that automatically yet but I was thinking about it if I get time.
 
cracker said:
I think the biggest reason why not much has happened in way of rebuilding is the need for hashing and patching by hand before rebuilding. I'm not sure if anyone has created a script or program to do that automatically yet but I was thinking about it if I get time.
Click to expand...
I'm going to try to mess with Pokemon Y some time so I made a simple tool to edit ncchinfo.bin (to quickly change romfs size for a new xorpad, for example) and I guess I'm going to make batch files for the repacking (or use patchrom to redirect reads to the SD card if I figure out how to do it)
 
cracker said:
I was referring to the IVFC header editing to pass the checks.
Click to expand...
Well yeah that would be nice if the tool also rebuilt the RomFS separately.
We can only rebuild it through makerom, and it packs it into an NCCH container already.

As it is now it's simpler to make a batch file to rebuild the rom with makerom and then extract the proper romfs.bin with ctrtool. Then generate the new xorpad, xor it and repack it into the rom again.
 
kyogre123 said:
So it is not possible to repack a rom with the patchrom tools alone after all...
Click to expand...
There's not much explanation in patchrom, only "patching code.bin to redirect romfs access to sdcard".
So I suppose we put the romfs files somewhere on the SD card. No idea if it's romfs.bin, a romfs folder or simply the romfs files on the SD card's root though.
 
Tbh it's a toss up between romfs rebuilding and the redirect to Sd, I actually haven't gotten the patch rom to work, I had it decrypt the rom extract the offsets and rebuild the rom, but I'm guessing it needs something more to actually apply the patches....so I think there is a step 2 that I missed out,

As for re-xoring I know how to do it, but I did it all manually without rebuilding the romfs etc, I just edited the romfs, fixed the ivfc hashes, re-xored it and copied the romfs back into the original rom, then.just fix the romfs hash in the rom
 
CompCom said:
For those you looking to rebuild the romfs using the source above is a good place to start that along with the information in this thread should be enough to repack the romfs. As for romfs generation I think I am starting to see a pattern with the weird offsets and I will probably look into romfs generation when I am finished coding my tool.

Current update on my tool here is what I have working:
  • RomFS/NCCH/NCSD unpacking and repacking
  • Re-encryption of NCCH using zero keys
  • The ability to decrypt files using the xorpads created by the ctr decryptor
  • Conforms to the same naming format as ctr decryptor
What I have remaining is:

  • Replacing NCCHs in an NCSD without extraction
I am hoping to have it release ready very soon.

If anyone else has any feature requests or any questions please feel free to PM me.
Click to expand...

Could you tell me how to fix Romfs hash or repack Romfs?
 
omarrrio said:
edited my post, is asking anything related such as decrypting and else also against the rules ?
Click to expand...
Well sharing any copwritten code is not allowed, the xorpad is kind of part and parcel of the ROM (sort of like a mirror image) if you look around there has been people sharing bits of extracted ROMs on the internet, also if you just wanted to look at something and not any specific game the bigbluebox pokemon VC games don't need xorpads to be extracted
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Homebrew  [Progress update] LCE Minecraft 3ds

Gaming  any good rpgs on 3ds?