Hacking ROM Headers Question

[adtither]

Seem like we need WulfyStylez to create a full tutorial for this as trying to interpret his instructions and method is overly complicated. We will all be hugely in your debt if you can spare the time to create a tutorial Wulfy!!

 

[Sharpzz]

'backup' being a polite term for a copy found elsewhere. The dumper can be executed on any firmware from 9.0 to 9.5 with loadcode.dat or http://loadcode.projectpokemon.org/ .

Could you go into depth please on the process of doing this?

 

[Sharpzz]

Why using a public header which risk of being banned the first time you connect to get a RAM dump, when you can just use Gateway launcher.dat without the need of a Gateway flashcart to dump your cartridge?

Of course, it will work only up to 9.2
If you are on 9.2 or lower, only use this method:

1. put gateway's Launcher.dat on your SD
2. visit http://go.gateway.com to launch the exploit
3. once in the Gateway menu, select "Dump ROM". It will dump your cartridge to ROM with the uniqueID already included.
4. use a tool to see/extract your UniqueID (example : Gateway ROM Patcher)
5. use a tool to edit your Sky3DS template to inject the UniqueID to your games (example : No ban no sky)


If you are on 9.3 or newer, then memory dump is the only method and ban has more chance to happen (because we still don't know 100% what nintendo is checking to ban users).

Ah I just found my 3ds XL on 9.2

Which games would you recommend to dump? If I use a header from retail cart and use it for my sky3ds games can I still get banned?

 

[Cyan]

We don't know if the header is what nintendo is checking.
For all we know, they could detect flashcarts themselves, so even if you use the game's own header you are at risk.

Without an official report, It's just users making a different scale risk factor when playing online:
from safer to worst (note that it's hypothetical !)

- Regionthree
- Classic mode without EmuNAND
- Classic mode with EmuNAND
- cia
- Personal dump of the game, using it's own header.
- another game dump, with one of your own dumped header from an online game
- another game dump, with one of your own dumped header from an offline game
- another game dump, with a public header from an online game
- another game dump, with a public header from an offline game

I just invented that list based on logic.
it's certainly wrong, but in all cases safer to use as clean as possible games/headers/sytem combination.
If you fear a ban, don't connect online. it's always like that, user has to choose online or hacking.

 

[adtither]

Could you possibly explain why you think Regionthree and EmuNAND classic are the safer options?

 

[Tony8690]

Could you possibly explain why you think Regionthree and EmuNAND classic are the safer options?

Regionthree with a legitimate game is obviously the safest option as you haven't pirated anything, you legitimately purchased a Nintendo game... just using a bug in the system to enable you to play a game from a different region.

no idea about EmuNAND classic as I don't have a GW.

T

 

[Johnny Dunlop]

I'm too busy with some other RE to type up a full guide at the moment, but the gist is:
1) Use a public header on your rom of the game you own. Note the cartridge (unique) ID of that rom. (0x1240, 16 bytes, or 0x40 in sky3ds template)
2) Start the backup of that game up, try to connect to its online functions, then hit home as it's trying to connect and dump memory.

3) Do that again, but with your real cart.
4) Find your unique ID from your public header in your dump from that. Flip byte order if you can't find it.
5) Search for the same region in your genuine dump. Do this by either jumping to the same address in your first dump (unlikely) or searching for data that was close to your ID in the first dump (do this).
6) When you've found your legit unique ID, add it to your template with sky template maker (or manually if you hate yourself)
EDIT: Oh and here's the dumper I use for my 9.x hax, use it if you don't have your own already.

Has anyone got this method working or heard back from WulfyStylez?

Thanks.

 

[SuperJunkey]

That method doesn't work with the new 3ds.

 

[fuzzdawg11]

Is there any way to get a private header from a retail cart with only a new 3ds on version 9.5 and a microSD card reader?

 

[Osmosis]

I mean, if people like you are going to be assholes, I'll just put up a tutorial on how to dump headers on 9.5 without gateway. There's no need to create a market for something people already have.

Uh, I want that tut. I got my 9.5.0-22U firmware to dump memory.bin. I just have no idea where to go from there. HexEditing is confusing and always makes me squirmish. Editing Sky3DS is simply a matter of CutNPaste of IDs, just can't find... ugh.

Hell, I'll be ur b!tch if u writez tutties for me.

Can't use Gateway ROM dumper.... grrr. Don't want to lose Porkiemonz injectorz. 9.5.0-22U. Nintendon't make me...

Really want a ROM dumper past 9.5. Either Gateway needs to step up, or Nintendon't needs to back off, cuz every1 be up in my 3DS.

 

[Cyan]

Could you possibly explain why you think Regionthree and EmuNAND classic are the safer options?

sorry for late reply.

I order them based on used hardware and patches.
less likely to be an issue : using retail cartridge without emuNAND. only the region check is patched.
then, using cartridge mode with gateway, which is the same as regionthree (no ROM, no signature check patch, no spoof, etc.) only region free for cartridge, which can be used without EmuNAND.
then cia, because it's still not using ROM files and headers with flashcart, and users didn't report any ban with it yet.
then follow the ROM from flashcarts, in obvious order based on headers.

 

[Jarrad]

Is it impossible to assign a public header to a physical dump of a game?

So like for example if I wanted to online patch my own Omega ruby game myself, couldn't I just use a public header? (public headers are the ones that digital games use, right?)
or is that impossible? it seems totally pointless finding a real copy of the game, stealing its header and then using it on your downloaded copy of gateway/sky. Sort of defeats the entire point of having a flashcard lmao