Hacking Trying to get e-shop games working on Sky3DS

[Foxi4]

It's not going to work on Sky3DS, your best bets are GW or a custom firmware with the capacity to install *.CIA's.

 

[jrebey]

yeah i know, but he asked what he needs to do, thats it, make cfw with rom loader, thus making his sky3ds redundant anyway, i dont think anyone capable of just deciding to make their own rom loder on a whim for the sake of 1 game would've ever considered buying a flashcard except maybe GW for "research" purposes

I am kinda curious how Sky3DS actually works though. It's gotta be emulating an existing 3DS cartridge no? Is it as simple as reading the ROM info and presenting that as a legit card to the 3DS?

 

[gamesquest1]

I am kinda curious how Sky3DS actually works though. It's gotta be emulating an existing 3DS cartridge no? Is it as simple as reading the ROM info and presenting that as a legit card to the 3DS?

yeah its just cart emulation, the data has to be exactly as an original cart or it will fail signature checks....so only games that have seen a retail cart release can be played on it.....similar to the concept of ODE devices for 360 and ps3

 

[Penny Morecash]

Okay folks, I had a very long session last night and found what I think I need to patch in the ARM9 kernel.
I'm going to use the OOT exploit to try and get my code running, this will only work on N3DS... has anyone managed to use this exploit on O3DS?

 

[Foxi4]

Okay folks, I had a very long session last night and found what I think I need to patch in the ARM9 kernel.
I'm going to use the OOT exploit to try and get my code running, this will only work on N3DS... has anyone managed to use this exploit on O3DS?

The exploit works on both systems. Be sure to film it working, we're all anxious to see this (especially since there are readily available methods of running .CIA even without a Sky3DS).

 

[Penny Morecash]

Hi Foxi4, could you point me in the direction of someone who has OOT exploit working on O3DS.
I can't find it anywhere...

I don't want to instal .CIA files on my system as you have no idea what N' are able to look for. That and I want all my stuff on one little cartridge.

 

[Penny Morecash]

I haven't been here very long.. but I can tell when someone is incapable of doing something just by the questions they ask.. lulz.

My questions are only 3DS related... I didn't ask about how to hack (I know how to do that already)

 

[Foxi4]

Hi Foxi4, could you point me in the direction of someone who has OOT exploit working on O3DS.
I can't find it anywhere...

I don't want to instal .CIA files on my system as you have no idea what N' are able to look for. That and I want all my stuff on one little cartridge.

Here's the thing... the Sky3DS emulates a cartridge. Modify all you want, the headers are completely different and so are the signatures and the encryption. The file just won't work on the Sky unless it's a valid cartridge image.

http://3dbrew.org/wiki/NCSD

You want to make an eShop game work on the Sky3DS? Here's what you need to do:

• Construct a valid NCSD header for the "cartridge" you're making
• Decrypt the eShop content encrypted with your 3DS' key
• Re-encrypt and re-signs the content with the keys used for cartridge encryption

In order to even attempt doing this, you require an exploitable 3DS, your own private key, Nintendo's keys which are not public (some, but not all, are available in the wild) and the signature and encryption algos. Since you have none of that, you can't convert the eShop image into a cart image.

 

[jrebey]

Hi Foxi4, could you point me in the direction of someone who has OOT exploit working on O3DS.
I can't find it anywhere...

I don't want to instal .CIA files on my system as you have no idea what N' are able to look for. That and I want all my stuff on one little cartridge.

If you are able to patch signature checks using the OOT exploit for eshop, you may as well enable .3ds loading, emunand boot and .CIA install. Installing .CIA with signature checks patched will enable us to install game updates without eshop access which is necessary since the OOT exploit requires 9.2.

And yes, film it working!

 

[Foxi4]

If you are able to patch signature checks using the OOT exploit for eshop, you may as well enable .3ds loading, emunand boot and .CIA install. Installing .CIA with signature checks patched will enable us to install game updates without eshop access which is necessary since the OOT exploit requires 9.2.

And yes, film it working!

That's not what she wants to do. She wants to put an eShop image on a Sky3DS which means that she has to convert it into a valid cart image, something nobody has ever successfully done for obvious reasons - it can't be done without knowing the algos and the appropriate keys.

Like I said, there are readily available methods of .CIA installation, there are no readily available methods of converting eShop content into a cartridge image. You can convert a cartridge image into a .CIA, but not the other way around.

 

[tvo770]

Hi Foxi4, could you point me in the direction of someone who has OOT exploit working on O3DS.
I can't find it anywhere...

I don't want to instal .CIA files on my system as you have no idea what N' are able to look for. That and I want all my stuff on one little cartridge.

if you're on the old 3ds just use the web exploit

 

[Penny Morecash]

if you're on the old 3ds just use the web exploit

I would like to stay away from having to go on the web to start something when I have a cartridge with OOT already on it.

 

[jrebey]

That's not what she wants to do. She wants to put an eShop image on a Sky3DS which means that she has to convert it into a valid cart image, something nobody has ever successfully done for obvious reasons - it can't be done without knowing the algos and the appropriate keys.

Well, technically she said she wants to run eshop games with *just* a Sky3DS. You can do this 2 ways:

1) Do what you said before and make it work in Sky3DS using the cart (which has it's own issues because of template support for eshop games)
2) Run an exploit off of a Sky3DS cart which can run eshop .3ds files off the internal SD card

If she can do what she claims, 2 is the more robust option.

 

[Penny Morecash]

Here's the thing... the Sky3DS emulates a cartridge. Modify all you want, the headers are completely different and so are the signatures and the encryption. The file just won't work on the Sky unless it's a valid cartridge image.

http://3dbrew.org/wiki/NCSD

You want to make an eShop game work on the Sky3DS? Here's what you need to do:

• Construct a valid NCSD header for the "cartridge" you're making
• Decrypt the eShop content encrypted with your 3DS' key
• Re-encrypt and re-signs the content with the keys used for cartridge encryption

In order to even attempt doing this, you require an exploitable 3DS, your own private key, Nintendo's keys which are not public (some, but not all, are available in the wild) and the signature and encryption algos. Since you have none of that, you can't convert the eShop image into a cart image.

I don't mind patching stuff out, they don't have to be perfect 1:1 clones to work (I hope! )

 

[osm70]

Even if you convert it to .3ds, sky3ds wil not run it. You will not be able to even write it on your card, because it is not in the template file.

 

[jrebey]

Even if you convert it to .3ds, sky3ds wil not run it. You will not be able to even write it on your card, because it is not in the template file.

Depends on how it is implemented. Using the OOT exploit you can kick that off via Sky3DS and then have some sort of loader to launch a .3ds file off of the internal SD card. I'm not sure how all of that would even work since you'd have to somehow get the 3ds to ignore the sky3ds cart to mount the .3ds file.

 

[Penny Morecash]

Even if you convert it to .3ds, sky3ds wil not run it. You will not be able to even write it on your card, because it is not in the template file.

I'll look into the template file later today, as far as I can see we are only missing one section... I might even ask the people at Sky3DS if they could help me with some details.

 

[Foxi4]

I don't mind patching stuff out, they don't have to be perfect 1:1 clones to work (I hope! )

The Sky will chomp on anything that has the right layout, the 3DS will not. The system expects a file encrypted and signed in a certain way and this encryption and signature is not the same for eShop and cartridge games. eShop content is signed with whatever key was used by the original 3DS it was downloaded to, cartridge content uses Nintendo's key. Since you don't have either nor do you have the algorithm, I'd be pessimistic regarding the conversion unless you fool the 3DS into using a different key for loading the ROM from the cartridge. Doable, I suppose - good luck though.

The UnknownID is also a big obstacle. Nobody knows how to calculate it except for Sky3DS Team themselves - it's a 16-byte long security hash. If that hash is incorrect, Sky3DS just won't load the file. So yeah, good luck with this too. If you figure that one out, shoot me a PM - I could use that info.

 

[tvo770]

I would like to stay away from having to go on the web to start something when I have a cartridge with OOT already on it.

Are you going to use a real cartridge for sky to run the hack?

 

[Penny Morecash]

Are you going to use a real cartridge for sky to run the hack?

I'm going to use the Sky3DS card with OOT to start the exploit.