Toggle sidebar

ROM Hack [Release] 3DS_CTR_Decryptor-VOiD

  • Thread starter Thread starter Relys
  • Start date Start date
  • Views Views 649,305
  • Replies Replies 2,226
  • Likes Likes 30
It would be cool if you could take the textures from oot 3d and put them in oot....of course the character models are totally different so im not sure how that would work. o.o
 
ground said:
Well thr hash need to be calculated over the decrypted exefs for sure. And i think over only the first 200 bytes
Click to expand...
hippy dave said:
Maybe 0x200 (512).
Click to expand...
I tried this on the original decrypted ExeFS and finally got the same hash as ctrtool. After hashing the same part of the edited decrypted ExeFS and overwriting the original hash in the ROM, the ROM still does not show up in the game card slot. I even checked back on the edited icon.bin hash in the decrypted ExeFS, and it was also correct.

What could I possibly be doing wrong? Instead of changing the game title in the icon.bin should I replace the entire icon.bin with one from a different game?
 
  • Like
Reactions: The Cringe
I pwned U! said:
I tried this on the original decrypted ExeFS and finally got the same hash as ctrtool. After hashing the same part of the edited decrypted ExeFS and overwriting the original hash in the ROM, the ROM still does not show up in the game card slot. I even checked back on the edited icon.bin hash in the decrypted ExeFS, and it was also correct.

What could I possibly be doing wrong? Instead of changing the game title in the icon.bin should I replace the entire icon.bin with one from a different game?
Click to expand...
I wonder what you are doing, as makrrom correct those hashes automatically.... Just make sure that you compile it as developer.
 
ground said:
I wonder what you are doing, as makrrom correct those hashes automatically.... Just make sure that you compile it as developer.
Click to expand...
What do you mean by "compile it as a developer?"

Remember, I only used makerom to extract the new decrypted ExeFS. Once I did that, I re-xorred it, opened it in a hex editor, selected everything, opened the encrypted ROM in a hex editor, overwrote the original ExeFS with the new ExeFS, and replaced the original ExeFS hash with the one from the first 200 bytes of the new decrypted ExeFS.

If I do not compile it as a developer, then does the new ExeFS get corrupted after it is used in makerom, then extracted and 0-key decrypted?
 
  • Like
Reactions: The Cringe
are the file sizes EXACTLY the same if your going down the route of re-xoring with the original xor pads, they need to be exactly the same size or it will mess it up
 
I pwned U! said:
What do you mean by "compile it as a developer?"

Remember, I only used makerom to extract the new decrypted ExeFS. Once I did that, I re-xorred it, opened it in a hex editor, selected everything, opened the encrypted ROM in a hex editor, overwrote the original ExeFS with the new ExeFS, and replaced the original ExeFS hash with the one from the first 200 bytes of the new decrypted ExeFS.

If I do not compile it as a developer, then does the new ExeFS get corrupted after it is used in makerom, then extracted and 0-key decrypted?
Click to expand...
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.
 
ground said:
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.
Click to expand...

I should have worded that better. I could not recompile the edited ExeFS, but makerom can, so I used it to build a ROM, then 0-key decrypted it, then used ctrtool to extract the new recompiled ExeFS.
 
  • Like
Reactions: The Cringe
ground said:
Ok i dont get it anymore, as makerom cant extract files. But did you ckeck for more exefs hashes in the rom ( i know exheader has a few throughout the rom) just search the original hash again, and if it finds it further in the rom again, then thats the problem.
Click to expand...

That was the problem. I fixed the other hash, and then the game showed up! Sadly, it did not trick Miiverse.

Oh well. Now that I have mastered the technique, I will take this a step further by replacing the entire icon.bin, banner.bin, logo.bin, and possibly the Exheader from another game.

Thanks to everyone for all of the help!
 
  • Like
Reactions: The Cringe and ground
I tried completely swapping out the icon.bin and the banner.bin with some from another game. I fixed all of the hashes and added extra FF bytes at the end of the ROM to make up for the ExeFS being smaller, but it is having the problem with not showing up in the game card slot. Next time I will just try with the entire icon.bin only because they are the exact same size.
 
  • Like
Reactions: The Cringe
Anyone have any idea why reading and writing to files is so finicky? is it just buggy-ness from the exploit? or is the asm for those functions themselves buggy? It's kinda annoying. I just want to know if it's something within grasp that can be fixed
 
Could somebody kindly help me generate the XOR pads for Fire Emblem: Awakening so I can attempt to data mine the game? Been anticipating this moment since the game's release : )

I can provide the ncchinfo.bin file.

EDIT: Nevermind the request; didn't realise it was against the rules.
 
Does anyone know if 0-key encrypted ROMs work with online features/local multiplayer/Miiverse screenshots, or do these features only detect a game if it uses its original encryption?
 
  • Like
Reactions: The Cringe
How would I go about decompressing a .code.bin? I decrypted the ORAS demo and the code bin is where all the important stuff is stored.
The RomFS is smaller and cannot be decompressed as it 's saying the hashes are corrupt.
 
I would assume it uses the 7.x crypto, so you're not going to be able to decrypt it.

http://3dbrew.org/wiki/NCCH#NCCH_Specs
As of 7.0.0-13 the system now supports a new encryption method for the secure-cryptotype, the CTR for this is the same as before. This is enabled when NCCH flag[3] is non-zero. When enabled, the RomFS and ExeFS files which don't have filenames "icon" or "banner"(that is, ".code") are crypted with a different keyslot.
Click to expand...
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Gaming  any good rpgs on 3ds?

Hardware  2 Broken 3DSes, need help