Virtual Console (ambassador games) ROM injection

Discussion in '3DS - Flashcards & Custom Firmwares' started by Nintynuts, Dec 17, 2011.

Dec 17, 2011
  1. Nintynuts
    OP

    Newcomer Nintynuts Member

    Joined:
    Mar 14, 2009
    Messages:
    46
    Location:
    England
    Country:
    United Kingdom
    Now we have 10 NES and 10 GBA games with emulators we can copy to our SD cards and we know what the ROM data should be, might it be possible to work out the encryption key so we can decode the data and inject different ROMs to play on our 3DSs?

    I know it's not quite as simple as that, as there's the emulator data that will have an overhead (probably at the start) as well as the per-game metadata so if it's encrypted with it's own md5 hash or something that will throw it all off. It was just a thought and i wondered if it was at all feasible?

    Looking forward to hearing some thoughts from people who know what they're talking about :)
     


  2. Tsukurimashou

    Member Tsukurimashou GBAtemp Regular

    Joined:
    Oct 8, 2011
    Messages:
    128
    Country:
    Japan
    That would be great but I really don't know how it works so I can't help, sorry.
     
  3. Snailface

    Member Snailface My frothing demand for 3ds homebrew is increasing

    Joined:
    Sep 20, 2010
    Messages:
    4,324
    Location:
    Engine Room with Cyan, watching him learn.
    Country:
    Antarctica
  4. Nintynuts
    OP

    Newcomer Nintynuts Member

    Joined:
    Mar 14, 2009
    Messages:
    46
    Location:
    England
    Country:
    United Kingdom
    I could have, but firstly I was unaware of that thread was stickied for use rather than a reference, but also that every time I've ever posted something in a long running thread like that no-one ever takes any notice.
    This whole forum is 'Hacking & Homebrew' so I don't see why I shouldn't be allowed to make a new thread. I'm not an expert but I have some idea what i'm talking about so I wanted it to get some proper attention.

    But anyway, are there some people about who have played with reverse engineering encryption before?
     
  5. Tom Bombadildo

    Contributor Tom Bombadildo Honk!

    pip
    Joined:
    Jul 11, 2009
    Messages:
    8,789
    Location:
    I forgot
    Country:
    United States
    Well then I'd like everyone to pay attention to the fact that I strongly disagree with you and quite frankly don't care whether or not you wanted attention or not. Stickies are there for a reason, if no one pays attention to your idea, your idea is shitty. Deal with it.

    On topic: There is some sort of encryption and nobody has been able to reverse engineer or crack the encryption or inject ROMs or anything. I remember various threads about this same thing and still nothing has been reported.
     
  6. Rydian

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    That thread is made for situations where all somebody has are theories.
     
  7. ferofax

    Member ferofax End of the World

    Joined:
    Jan 26, 2009
    Messages:
    2,564
    Location:
    Philippines
    Country:
    Philippines
    you don't even know where in the files these VC titles are, much less know how to decrypt them.

    until then, ROM injection has nothing to go on with, and therefore no real reason to discuss it other than just to have something to say about it..
     
  8. totalnoob617

    Banned totalnoob617 Banned

    Joined:
    Sep 27, 2010
    Messages:
    785
    Country:
    United States
    well it wouldnt be hard to find ,all you would need to do is copy your sd card to your pc ,then download one of the games and see what new data is added and how the 2 sd backups dont dont match, the new added files are obviously the game, but we dont know if they use emulation at all i doubt they do ,they are most likely ports no?
     
  9. Clydefrosch

    Member Clydefrosch GBAtemp Psycho!

    Joined:
    Jan 2, 2009
    Messages:
    3,635
    Country:
    Germany
    its not as easy, since its all encrypted. you'd need to decrypt it first, to be able to compare things. (considering one download consists of a rom and the needed emulator data?)

    if there was overlapping data on the files, it could be possible to determine where the rom would be and stuff, but im guessing someone who knows better already got that idea
     
  10. celcodioc

    Member celcodioc Major A$$hole

    Joined:
    Nov 13, 2011
    Messages:
    278
    Country:
    Sweden
    Only save files from cartridges have been decrypted before.

    We could probably just search for the ROM header... but since we don't know how to decrypt the apps, we can't do that ^^

    Since they seem to run much like DS games (no StreetPass, no SpotPass, hold START or SELECT to play them in their native resolution, etc), I'd guess they are run natively + a few minor additions for bottom screen and HOME button support.



    [/thread]?
     
  11. Nintynuts
    OP

    Newcomer Nintynuts Member

    Joined:
    Mar 14, 2009
    Messages:
    46
    Location:
    England
    Country:
    United Kingdom
    I'm 99% sure the virtual console games are emulated, the 3DS doesn't have an arm7 chip in it like the GBA-DS Lite had (removed from DSi) so there has to be an emulator somewhere, if not embedded in each package then in the firmware. On Wii, which is the nearest comparison in terms of power, each game had it's emulator built in, which is why some ROMS only worked when injected into particular emulators because of optimization. I would have thought the structure of these new Virtual console games is probably the same as the Wii ones, Nintendo don't like re-inventing the wheel. Again, it would be nice to hear some comments from someone who has worked with anything I've mentioned to confirm/deny whether any of this sounds plausible.

    EDIT: I suppose it's remotely possible these games have been recompiled to run on the PICA and new CPU with a wrapper for scaling and new button handling, but it seems unlikely considering Nintendo's track record.
     
  12. spinal_cord

    Member spinal_cord Knows his stuff

    Joined:
    Jul 21, 2007
    Messages:
    2,871
    Location:
    somewhere
    Country:
    United Kingdom
    The files are probably encrypted AFTER the rom is combined with the emulator, so comparing rom images will get you nowhere. Someone would have to decrypt the files before ANY progress is made in ANY area of 3DS homebrew. (yes I know rom injection is different, but the point is the same).
    Also, the NES games have been around for a while now, if anyone had made any progress, you would have heard about it already.

    [edit] - yes, the games are emulated, you can tell in a couple of areas, such as random screens of garbled gfx during fades in yoshis island.
     
  13. wchill

    Member wchill Resident chillxpert

    Joined:
    Jun 12, 2008
    Messages:
    1,407
    Country:
    United States
    Which track record would this be? I see emulation as unlikely; just have GBA code run using a hypervisor with the appropriate calls to 3DS functions instead of GBA functions where necessary (ie. the bottom info screen). Why reinvent the wheel and try to emulate something you can run pretty much natively?

    Not saying that ROM injection is likely anytime soon, as spinal_cord mentioned.

    As for graphical glitches, that does not necessarily mean an emulator - it could just be the 3DS screen and/or the code used to drive it.

    (If it wasn't clear, the 3DS's ARM processor is backwards compatible with ARM7 code, just like it is with ARM9 code, which is used in the DS. The Nintendo 1048 0H ARM processor is really a System on Chip with a version of the ARM11 and the Pica200 in one chip. Since ARM11 implements ARM7 and ARM9 instructions, it is backwards compatible.)
     
  14. heartgold

    Member heartgold GBAtemp Psycho!

    Joined:
    Sep 11, 2009
    Messages:
    4,276
    Location:
    London
    Country:
    United Kingdom
    Not really, NES games have been draining more battery life than GBA games, IMO this isn't 100% emulation and ARM11 core is able to run native ARM7/9 codes.
     
  15. Roxas75

    Member Roxas75 GBAtemp Advanced Fan

    Joined:
    Oct 9, 2010
    Messages:
    518
    Country:
    Italy
    I saw a little the structure, so i think that the games are emulated.
    The file 00000001.app is a little bigger than the GBA rom, so i think it's a package that contains emulator and rom.
    The only way is to decrypt them...
     
  16. wchill

    Member wchill Resident chillxpert

    Joined:
    Jun 12, 2008
    Messages:
    1,407
    Country:
    United States

    Please refer to this post on the subject.

     
  17. DiscostewSM

    Member DiscostewSM GBAtemp Psycho!

    Joined:
    Feb 10, 2009
    Messages:
    4,798
    Location:
    Sacramento, California
    Country:
    United States
    I would have to disagree with you there. That can easily be caused by the motion blur, using a low ratio of the retained frame mixed with a high ratio of the current frame. That capability itself is an operation built-in to the GPU. Even the DS had a capture unit for such an effect.

    As has been said already, GBA games on the 3DS have shown to have less power consumption than both the NES and GB games because the ARM11 is capable of interpreting ARM7 and ARM9 code natively. While I say the games aren't fully emulated, I won't rule out the possibility that it is partially emulated. From the original GBA to the DS Lite, each of the devices included a Z80 co-processor, partly for backwards compatibility, but GBA games used it for the audio tone generators alongside it's own 2 8-bit DACs to make up the audio system. From the DSi on, GBA compatibility was removed, which included the removal of anything that wasn't being used by DS games, which included that Z80 co-processor.
     
  18. Nintynuts
    OP

    Newcomer Nintynuts Member

    Joined:
    Mar 14, 2009
    Messages:
    46
    Location:
    England
    Country:
    United Kingdom
    Well, I now know a couple of things hadn't initially realized, firstly that ARM11 was backwards compatible with 9 AND 7 and secondly that AES encryption (which nintendo has used in the past, so i guess probably for this too) is so damn complicated, so there's no way of injecting without the key(s) first. I also agree that it's likely that the overhead on the app file is probably per-game compatibility related as it varies in size so much. I would say it's actually simulating the GBA games rather than emulating or running them natively, but that may just be me. However, I don't think this will completely prevent Injection, we may just find some games work better in some of the containers than others; we have 10 to play with.

    I bow to the knowledge of those few who have contributed the most in this thread, and unless people want to continue discussing theories, a mod can go ahead and close this now.

    Thanks everyone
     
  19. totalnoob617

    Banned totalnoob617 Banned

    Joined:
    Sep 27, 2010
    Messages:
    785
    Country:
    United States
    i will say 1 thing the emulation and emulator is kinda shitty ,i mean i know the resolution is much better than nesds but when i run metroid on nesds it runs fine no matter how many sprites are on the screen ,and even i can fast fwd and rew with l and r and its flies, when i play the ambassador version the game slows down considerably even when there are even that many sprites on the screen, i have not tried the wi vc or emulated one but curious how metroid vc runs next to it on a wii nes emulator and how the 2 emulators differ on the 2 systems in terms of performance ,i wonder if the vc metroid slows down too
     
  20. DiscostewSM

    Member DiscostewSM GBAtemp Psycho!

    Joined:
    Feb 10, 2009
    Messages:
    4,798
    Location:
    Sacramento, California
    Country:
    United States
    One emulator is made by homebrewers. The other is made by Nintendo. The homebrew emulator, while having nice extra features, does not have something that Nintendo's emulator has. The ability to execute the game with everything it requires at 100%. Even if the game slows down, that is because it would do so on the actual hardware too. Might seem silly, but keeping it in sync like that allows it to stay accurate (and stable I might add).
     

Share This Page