Hacking Decrypt & re-encrypt saves for "most" games (sort of)

[gamesquest1]

Ok so i figured out a little method for decrypting saves for most games(doesn't appear to work for pokemon...maybe its just nand saves, suppose it could be that the existing tools don't work with the nand style save dumps...)
this method will not decrypt your existing saves you will be forced to make a new save so back them up before messing with this, but it should allow you to decrypt your saves for most/all Card 1 games.
i have tested it on bravely default, yoshi's new island and a few others and it appears to work fine for its intended purpose, i really don't know all that much beyond this so please don't ask me for cheats etc etc but im sure some people will find it interesting

anyway's this is not actually decrypting 6.x saves, its just forcing the game to use the very old and already hacked save technique that had the repeating CRT, meaning existing programs for decrypting saves will work for saves from newer games, you can open them up in 3dsexplorer, i shared this with people i figured it might be useful for, but oh well lets see if anyone else wants to have some save hacking fun

basically the same deal as the bravely default save fix i shared the other day but this time your editing the .3DS file to output the basic encryption

Super easy to follow pictures
Step 1 : (optional) check your rom

STEP 2 : Open your Rom in a hex editor and look for the CCI Flags (0x188)

STEP 3 : EDIT THE CCI FLAGS TO "00 00 00 00 01 00 00" making sure to leave 0x18D set to 01

STEP 4 : (optional) Check your rom again and make your you set the Flags correctly

STEP 5 : Go create a new save in game, once created you can simply open the save up with whatever decrypting tool you are using

STEP 6 : (optional) Have fun !

 

[gamefan5]

someonewhodied
Might be interesting

 

[MelonGx]

Is this means that we can use legitmate cart's saves for Gateway by modifying ROM like what you posted?

 

[gamesquest1]

no, it just means people can decrypt saves for newer games....they still have to make a new save file to do it though, but i figure some people may want to look into save hacks for newer games

 

[deoFusion]

Neat trick

 

[someonewhodied]

So this can only be used with GW3ds games. Useful though. Getting on it right now.

 

[someonewhodied]

How can i reencrypt these saves?

 

[cearp]

so this doesn't work for existing saves, still cool though
if we change the rom back, would the old save load, and be saved as a new type save?
thanks

 

[YoshiInAVoid]

But there is still no public way to correct the checksums? So step 6 isn't yet possible.

 

[Pedeadstrian]

But there is still no public way to correct the checksums? So step 6 isn't yet possible.

He did say it was optional.

 

[MYFW]

Good

 

[someonewhodied]

so has anyone bothered ever even making a tool for modifying old saves?

 

[observerm]

some info:
2.2.0-4 KeyY Method
0000000101010000 - card1
0000000201020000 - card2
6.0.0-11 KeyY Method
0001000101010000 - card1
0001000201020000 - card2

Repeating CTR Fail (MinFW:2.1.0-X?)
0000000001010000 - card1
some of these sav could be parsed by 3dsexplorer (rom id:38 39)
some may cause a crash(seems need a try-catch block...) (rom id 123)

so...
000X000Y010Z
if X=0 then <6.0.0-11
if X=1 then 6.0.0-11
if Y=0 then 2.1.0-X?
if Y>=1 then >2.1.0-X?
if Y=Z=2 then card2
am i right?

however, without a correct checksum. it means nothing

 

[driverdis]

here is a small list of games I have tried this to so far
---------------------------------
By "Game works", I am referring to if the game functions correctly after the change.

USA | Zelda - A Link Between Worlds - Game works and save opens in 3DSExplorer
USA | Yoshi's New Island - Game works and save opens in 3DSExplorer
USA | Sonic Generations - Game works and save opens in 3DSExplorer
USA | StarFox 64 3D - Game works and save opens in 3DSExplorer
USA | Lego the Movie Videogame - Game works and save opens in 3DSExplorer
USA | Mario Tennis Open - Game works and save opens in 3DSExplorer
USA | Zelda - Ocarina of Time 3D - Game works and save opens in 3DSExplorer
USA | Rayman 3D - Game works and save opens in 3DSExplorer
USA | Adventure Time - Explore the Dungeon Because I Don't Know - Game works and save opens in 3DSExplorer
USA | Adventure Time - Hey Ice King Why'd you steal are garbage? - Game works and save opens in 3DSExplorer
USA | Metal Gear Solid Snake Eater 3D - Game works and save opens in 3DSExplorer
EUR | Professor Layton vs. Phoenix Wright - Game works and save opens in 3DSExplorer
USA | Sonic Lost World - Game works and save opens in 3DSExplorer
JPN | Meitantei Conan - Marionette Symphony - Game works and save opens in 3DSExplorer
USA | Lego City Undercover - the Chase Begins - Game works and save opens in 3DSExplorer
USA | Luigi's Mansion Dark Moon - Game works and save opens in 3DSExplorer
USA | Mario Kart 7 (w/ v1.1 patch[1.0 untested]) - Game works and save opens in 3DSExplorer
USA | Pokemon Mystery Dungeon - Gates to Infinity - Game works and save opens in 3DSExplorer
USA | Paper Mario Sticker Star - Game works and save opens in 3DSExplorer
USA | Professor Layton and the Asran Legacy - Game works and save opens in 3DSExplorer
USA | Professor Layton and the Miracle Mask - Game works and save opens in 3DSExplorer
USA | Donkey Kong Country Returns 3D - Game works and save opens in 3DSExplorer
USA | Fire Emblem Awakening - Game works and save opens in 3DSExplorer
USA | Super Mario 3D Land - Game works and save opens in 3DSExplorer

 

[Zananok]

Does this mean we can change the game ID header, so sharing saves will be possible?


Regards,
Zananok

 

[cearp]

Does this mean we can change the game ID header, so sharing saves will be possible?

no

 

[Cyan]

Does this mean we can change the game ID header, so sharing saves will be possible?

"This" doesn't mean you can share saves, nor has anything to do with the GameID header. This thread is for something else: forcing the use of the old saving method for games which are set to use the new saving method.


But sharing saves and changing save/Unique ID in the GW's dump header is possible.
http://gbatemp.net/threads/how-to-use-scene-dumps-with-gw-2-2-online.365829/

 

[Reecey]

I like your work questy but shit man that is way to confusing for the likes of me!!!

 

[drfsupercenter]

Hmm. When you say forcing the old save method, if I'm using Pokémon X with a valid header, will it be using a "new" save method? Because I notice that my saves from a .3dz file don't work with Scene copies (or even my own dump named .3ds for that matter!) - obviously has something to do with being encrypted to the cartridge's header.

I saw a mention in another thread that someone was able to get online working while making it possible to share saves?? So in layman's terms, is it possible to have a copy of Pokémon X with a valid header (either from my own personal copy or someone else's that they shared on the forum), be able to go online with it, but force it to save in a way that will load on Scene ROMs named .3ds? (Obviously they won't be able to go online once you remove the header, but I'm still curious)

 

[cearp]

Hmm. When you say forcing the old save method, if I'm using Pokémon X with a valid header, will it be using a "new" save method? Because I notice that my saves from a .3dz file don't work with Scene copies (or even my own dump named .3ds for that matter!) - obviously has something to do with being encrypted to the cartridge's header.

I saw a mention in another thread that someone was able to get online working while making it possible to share saves?? So in layman's terms, is it possible to have a copy of Pokémon X with a valid header (either from my own personal copy or someone else's that they shared on the forum), be able to go online with it, but force it to save in a way that will load on Scene ROMs named .3ds? (Obviously they won't be able to go online once you remove the header, but I'm still curious)

it is possible for everyone to go online with the same save but the unique header information would have to be shared also, at least at this time