Toggle sidebar

Hacking [Tools] AmiiBomb

  • Thread starter Thread starter Ac_K
  • Start date Start date
  • Views Views 311,440
  • Replies Replies 607
  • Likes Likes 65
I ordered my stuff already ... maybe someday it gonna arrive hahahah
by the way, what about the others non amiibo NFC game figures? like skylanders on that pokemon scramble that had on wiiu? (actually, I'm only interested in skylanders and amiibo XD)
 
Last edited by DjoeN,
I bought some NTAG off DHGate a couple weeks ago and it's now been at "Held at customs" for 7 days now. Is this just because they don't update regularly or is my mail actually stuck somewhere in customs? Anyone encounter the same thing ordering from China?
 
urherenow said:
one more question though... these NTAG215s have a capacity of 504 bytes, but most dumps are 540 bytes or 572 bytes. How does this work with 504 bytes of space, exactly?

EDIT:

And by the way...



Thanks! Ordered a set :D
Click to expand...


504 bytes refers to the writable space, the other 36bytes are locked.
 
@Ac_K i have i think discovered the issue with writing the spoofed Majora's Mask Link and Skyward Sword Link bin's, your program presumably because they aren't on amiibo.life see's them as decrypted and ruins them(by encrypting a already encrypted bin.) so maybe a way for unrecognized bin's to be marked as encrypted or decrypted since your program cant tell... also please if the amiibo key has already been located turn of the clipboard checking it can crash the program depending on how large the copy I do is...
 
SRKTiberious said:
Okay, so I've found some USB NFC reader/writers that aren't too expensive... will this app work with them?
Click to expand...
Probly not, this is designed to talk to a ardunio.

--------------------- MERGED ---------------------------

urherenow said:
but what of the 572 byte dumps then? And how does this work if 36 bytes are locked (what exactly is the 36 bytes)?
Click to expand...
most likely the tag UID.
 
urherenow said:
one more question though... these NTAG215s have a capacity of 504 bytes, but most dumps are 540 bytes or 572 bytes. How does this work with 504 bytes of space, exactly?
Click to expand...
urherenow said:
but what of the 572 byte dumps then? And how does this work if 36 bytes are locked (what exactly is the 36 bytes)?
Click to expand...

NTAG215 have a capacity of 540 bytes, there is 504 bytes rewritable and 36 bytes of constant, uid, lock bytes, for explaination see: https://www.3dbrew.org/wiki/Amiibo
The 572 bytes dumps contains a hash at the end of file (SHA-265?), calculate by the tools who used for dump (I don't know which one, N2 or PowerSaves?). In AmiiBomb I don't try to recompute the hash, I just ask for delete it if there is an hash at the end.

Zarklord said:
@Ac_K i have i think discovered the issue with writing the spoofed Majora's Mask Link and Skyward Sword Link bin's, your program presumably because they aren't on amiibo.life see's them as decrypted and ruins them(by encrypting a already encrypted bin.) so maybe a way for unrecognized bin's to be marked as encrypted or decrypted since your program cant tell... also please if the amiibo key has already been located turn of the clipboard checking it can crash the program depending on how large the copy I do is...
Click to expand...

Hum, a spoofed Amiibo dump have a "fake" UID, who's not start by 0x04 certainly, so AmiiBomb don't detect your file. Can you provide me the *.bin file who created mistake? I'm gonna see what's I can do for this kind of dump.
There's already an option for disable the clipboard checking, I just have to at it to the configuration file to keep the choice in memory. Anyway, I fix a small bug when AmiiBomb crash as you explain ;)
 
Ac_K said:
NTAG215 have a capacity of 540 bytes, there is 504 bytes rewritable and 36 bytes of constant, uid, lock bytes, for explaination see: https://www.3dbrew.org/wiki/Amiibo
The 572 bytes dumps contains a hash at the end of file (SHA-265?), calculate by the tools who used for dump (I don't know which one, N2 or PowerSaves?). In AmiiBomb I don't try to recompute the hash, I just ask for delete it if there is an hash at the end.



Hum, a spoofed Amiibo dump have a "fake" UID, who's not start by 0x04 certainly, so AmiiBomb don't detect your file. Can you provide me the *.bin file who created mistake? I'm gonna see what's I can do for this kind of dump.
There's already an option for disable the clipboard checking, I just have to at it to the configuration file to keep the choice in memory. Anyway, I fix a small bug when AmiiBomb crash as you explain ;)
Click to expand...
actually looking into it for some reason "byte[9] == 0x0" for the spoofed bins, I think you should check the location of the lock bytes as that is different for the decrypted bins...
 
Zarklord said:
actually looking into it for some reason "byte[9] == 0x0" for the spoofed bins, I think you should check the location of the lock bytes as that is different for the decrypted bins...
Click to expand...

That's why. In an encrypted dump, the byte[9] is always 0x48 and normally byte[1] is always 0x04. But I just check the 0x48. I know it's not the best way to recognize if it's encypted or not. Spoofed *.bin files only work with N2 and PowerTags, so it's not a normal behavior for AmiiBomb use. But I have to fix that! Oh and you feel free to push commit your fix on the GitHub if you want ;)
 
has anyone got this working on parallels? are there minimum os requirements? i get unhandled exception errors on launch and on clicking on any menu item with windows 7 on parallels desktop

"See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.MissingMethodException: Method not found: '!!0[] System.Array.Empty()'.
at AmiiBomb.Main_Form.AskBinFolder()
at AmiiBomb.Main_Form.Main_Form_Shown(Object sender, EventArgs e)
at System.Windows.Forms.Form.OnShown(EventArgs e)
at System.Windows.Forms.Form.CallShownEvent()
at System.Windows.Forms.Control.InvokeMarshaledCallbackDo(ThreadMethodEntry tme)
at System.Windows.Forms.Control.InvokeMarshaledCallbackHelper(Object obj)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Windows.Forms.Control.InvokeMarshaledCallback(ThreadMethodEntry tme)
at System.Windows.Forms.Control.InvokeMarshaledCallbacks()


************** Loaded Assemblies **************"
 
Thanks for the tool, soldered and connected everything in 20 minutes, i didnt have uno or nano arduino but old one arduino due and flashed nano version everything works, thanks again!
 
  • Like
Reactions: GraFfiX420
mech said:
hell no, i use online banking apps and similar on my phone, ain't having shite installed on my phone that any script kiddie has made.
Click to expand...

Script kiddies? Lol, we're far from the days where script kiddies are putting out jailbreaks, if that day was ever even here. There's really only a handful of people on the planet who have the skills to jailbreak the latest ios versions, not saying that they're to be trusted, but it's definitely not just a kid in his moms basement publishing this stuff.
 
GraFfiX420 said:
Script kiddies? Lol, we're far from the days where script kiddies are putting out jailbreaks, if that day was ever even here. There's really only a handful of people on the planet who have the skills to jailbreak the latest ios versions, not saying that they're to be trusted, but it's definitely not just a kid in his moms basement publishing this stuff.
Click to expand...

missed my point, not the jailbreak but the apps you install through the jailbreak.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Is it fixable

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Hacking Emulation  Switch Prod Keys downloading from sites okay?