Savefile encryption of Ridge Racer 3D has been broken

Discussion in '3DS - Flashcards & Custom Firmwares' started by SanGor, Mar 31, 2011.

  1. SanGor
    OP

    SanGor Witchhunter

    Member
    993
    79
    Aug 21, 2008
    United States


  2. Xuphor

    Xuphor I have lied to all of you. I am deeply sorry.

    Banned
    1,681
    957
    Jul 14, 2007
    United States
    USA
    Interesting. Stil though, April first is here/coming depending on country.... Someone cold have just edited that in hex editor, it might not run on 3DS at all.
     
  3. WiiUBricker

    WiiUBricker Insert Custom Title

    Member
    6,892
    3,915
    Sep 19, 2009
    Argentina
    Espresso
    It's not an aprils fool. But it's nothing, really.
     
  4. TwinRetro

    TwinRetro Don't start nothin', Won't be nothin'

    Global Moderator
    6,181
    4,804
    Aug 29, 2008
    United States
    Las Vegas, NV
    I doubt this will come to anything.
     
  5. xakota

    xakota GBAtemp Fan

    Member
    340
    2
    Mar 18, 2010
    United States
    Don't get too excited. It's a minor flaw in the savefile encryption. It probably isn't going to lead to anything.
     
  6. ultimatt42

    ultimatt42 Member

    Newcomer
    29
    0
    Nov 25, 2009
    United States
    A minor flaw is the same as a major flaw if it lets you decrypt (and presumably re-encrypt) savefiles. I agree, it's probably not going to be useful by itself, but it's still a prerequisite for a lot of the things we'd like to be able to do on the 3DS. I've heard that saves aren't transferable because each save is encrypted using a system-specific key, but if we're able to decrypt them then we can make them transferable.

    Also, if you can modify savefiles you can start poking around for buffer overflows and other exploitable bugs. I really hope Nintendo has had a few words with their third-party devs (and first-party devs, for that matter) asking them to triple check that ALL buffers in savefile reading code have overflow protection given how badly they got bitten on the Wii, but devs are still fallible so it's worth checking.

    I wonder what the "slight flaw" was, anyone have any more info yet?
     
  7. deathking

    deathking GBAtemp Advanced Fan

    Member
    647
    18
    Mar 15, 2009
    United States
    i hope something comes out of this
    will probably get ridge racer in anticipation
     
  8. spiritofcat

    spiritofcat GBAtemp Advanced Fan

    Member
    577
    22
    Dec 20, 2007
    That was posted on twitter 21 hours ago, which is before April 1st even here in Australia so maybe it is true.
    I wasn't aware that anyone had even found a way of extracting save files yet.

    Edit: Looking at that twitter account there's a new post about that same fail applying to games too.
     
  9. deathking

    deathking GBAtemp Advanced Fan

    Member
    647
    18
    Mar 15, 2009
    United States
    Ooops looks like the same fail applies to games! http://bit.ly/eQSrkD (No April's Fool!)

    i hope something comes out of this
     
  10. xakota

    xakota GBAtemp Fan

    Member
    340
    2
    Mar 18, 2010
    United States
    how could they POSSIBLY know that? There's no dumps!
     
  11. KuRensan

    KuRensan aka Pearbook

    Member
    898
    30
    Apr 27, 2009
    Netherlands
    Somewhere in the sky
    Because it is in the SAVEFILE which means it's in the save file and not in the game itself
     
  12. SanGor
    OP

    SanGor Witchhunter

    Member
    993
    79
    Aug 21, 2008
    United States
    They obviously have dumps ...
     
  13. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,094
    1,245
    Aug 5, 2007
    That man really love to find loopholes =)

    I really want to know what he works with IRL! =)

    Good work man!
     
  14. morphius

    morphius The King of the Cosmos

    Member
    298
    32
    Nov 21, 2008
    United States
    Where are the saves saved? Cart, Internal, or SD?
     
  15. koji2009

    koji2009 GBAtemp Maniac

    Member
    1,193
    32
    Mar 13, 2009
    United States
    Could this lead to an exploit? Possibly... The original wii exploit was taking advantage of a buffer overflow relating to Epona's name... The easiest way to test is to simply input a longer name than should be possible and see if the game crashes. That wouldn't be a guarantee it'd work, but it would tell us if there is any possible way to exploit it, or if the game would simply truncate the nick to fit.
     
  16. chortya

    chortya Member

    Newcomer
    14
    0
    Aug 7, 2003
    Gambia, The
    Has anybody tried SMS4 or SMS2 for 3DS game backup?
     
  17. 2128

    2128 Advanced Member

    Newcomer
    61
    0
    Jul 17, 2007
    On the cart, just like the DS.
     
  18. tvararu

    tvararu Member

    Newcomer
    12
    0
    Mar 11, 2011
    Romania
    Anyone man enough to scan that?
     
  19. koji2009

    koji2009 GBAtemp Maniac

    Member
    1,193
    32
    Mar 13, 2009
    United States
    It's a rick roll... creates a "rick astley" mii.. lamest joke ever.
     
  20. chortya

    chortya Member

    Newcomer
    14
    0
    Aug 7, 2003
    Gambia, The