Seeking help for anti-piracy protection removal

Discussion in 'NDS - Flashcarts and Accessories' started by player0, Feb 10, 2009.

  1. player0

    player0 GBAtemp Regular

    Sep 2, 2006
    Seeing more and more new games come with anti-piracy checkings, I hope it is not too late for me to get my hands on this hacking topic.
    I have been using no$ debugger to make cheats, but this anti-piracy stuff is quite new to me.

    My first question to this topic is : "How do you emulate a flashcart environment in order to debug the checkings? Or you dont? There is another method?"

    I studied some fixes provided by Narin (he and his team rules), the checkings seem to read serveal bytes at the 27Fxxxx shared memory region and compare that with some precoded values. A logical thinking to why these checkings work is because those flashcarts must occupy some memory spaces to put their loader codes (correct me please) or patch some bytes for the loader to work. Fixes for bad loader like R4 require another custom loader YSMenu to work proves my point.

    But then again, since I do not understand the working of these flashcarts fully, I can only imagine an emulation of a flashcart environment will let me start contributing on fixing anti-piracy checkings.

    Any directions, links, suggestions are welcome. Just dont turn me down, please. Thank you.
  2. FAST6191

    FAST6191 Techromancer

    pip Reporter
    Nov 21, 2005
    United States
    I have been floating two ideas around in my head for the last few months but have lacked the time or desire to go on with them.

    1) Some kind of generic patcher for these things, it will likely not be as simple as some of the GBA stuff but I can not see it being that hard in light of what we already have. If I heard correctly it is an SDK level measure which should make reverse engineering a little bit easier.

    2) Figuring out how the checks/resulting code actually work. So far people have been simply patching values via cheats/similar which works but leaves me with an odd feeling. I would much rather we knew exactly the code that does the damage (similar to the wii update/IOS stuff). Who knows it may even feed back into 1)
    You are on the right lines with the check concept as well: try a simple change and load it in no$gba (which works on "clean" roms).
  3. Narin

    Narin The Cheat Master, kupo!

    Former Staff
    Feb 19, 2008
    United States
    Well, Nintendo recently have added code to their latest SDK which lets flashcard developers add a check to their game to see if the game is running on a flashcard. Though it is up to the developer or not to use the code. Though since its in the SDK, the code itself is the same with every game and thanks to this, has made patching it relatively easy now. So its a matter of searching the games memory for the routine and patching it as the memory location of the routine is different every game.

    Now what this code does is well, rather simple. It does a check for a memory region of the game below 8000h. On a normal DS game, if the game tries to access the memory below the 8000h range, it gets redirected to 8000h + offset. So for a real DS game, its impossible to access that memory which isn't true for a flashcard. So on a flashcard, if the check detects it can access that memory range, it returns true. Now its up to the developer on how to implement if the check returns true or false so how its handled differs for each game. Some games delete your saves while others prevent you from saving and some cause the game to show a screen after playing for a certain amount of time.

    Though Nintendo is getting smarter and in their recent game, Mario and Luigi RPG 3 they have added several piracy checks to the game which made it a bit more difficult to hack. They used the method I described above as well as a couple others, so patching the routine didn't solve all the problems. So we can expect that the flashcard checks in the future to become increasingly more difficult to bypass. Though my team and I will not give up and continue hacking the games for all of you. [​IMG]

    If you want any more information and to contact any of the team and such, join the #NDSCheats IRC channel. [​IMG] We may not always be available so if no one responds right away, just wait around and idle for a bit and things tend to pick up. The channel tends to get really busy when good games are dumped as we wok on cheats for all of you.
  4. wifi1

    wifi1 Member

    Jan 1, 2007
    United States
    That's pretty interesting. One part of me is glad Nintendo is doing more to combat piracy since it's getting out of hand. I see little kids with R4s and whatnot and after everything is said and done, developers need to get paid and games need to get sales. This will at least allow those who put forth some effort and aren't dumb to be able to play future games.
  5. mrfatso

    mrfatso That guy!!

    Apr 17, 2008
    @Your Home,behind the sofa
    lol, nice bump, but hmm, interesting read as well.