Jump to content

5th Gen GTS Research


Recommended Posts

Well, what about just something to connect the PC with a retail cart, ala IR-GTS? :)

Edit

IR-GTS info

Dunno. Ask the peoples who made those. The info in this post should be more than enough for them to update their software for 5th gen. I think Ceol may be working on something like that too, not sure.

Link to comment
Share on other sites

  • Replies 121
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Dunno. Ask the peoples who made those. The info in this post should be more than enough for them to update their software for 5th gen. I think Ceol may be working on something like that too, not sure.

Ah, interesting. As I don't know a thing about computer programming (it's not my field), I wasn't sure if that was enough information to work with. I will refer the developer of IR-GTS to this thread, and perhaps he can start updating. Thank you again for the work you've put into this. :)

Link to comment
Share on other sites

Alright, so I've got some comments related to the GTS data at the end of the data that the server sends to the DS.

Apparently Grovyle91 was partially correct: the first 220 bytes are the Pokémon data, the next 16 bytes are \x00, and then starts the unencrypted GTS data (which is 60 bytes). Now it does send the secret ID just like he said, and the trainer name is now located where he said, but I believe there are an additional two bytes at the end. My Zorua had \x08\x00 but I'm going to try some other deposits to see what they give.

Anyone have any idea what it could be?

Link to comment
Share on other sites

I knew it seemed suspicious ,but it does seem to show the significant amount of progress you all have made good job hope to see it up and running soon. Keep up the good work I'm sure everyone appreciates what you all are doing

All the necessary information is here, all that needs to happen is for someone to modify HyperGTS or IR-GTS. It might not be able to deposit Pokémon (maxg is providing us with some information on the deposit data) but at least it can send them out.

Link to comment
Share on other sites

All the necessary information is here, all that needs to happen is for someone to modify HyperGTS or IR-GTS. It might not be able to deposit Pokémon (maxg is providing us with some information on the deposit data) but at least it can send them out.

thats the feature I'm really waiting for because otherwise I have to ask someone to send my the .pkm file via e-mail rather than me doing it myself.

Link to comment
Share on other sites

i hope this gets figured out asap stuck at the elite 4 :/
thats the feature I'm really waiting for because otherwise I have to ask someone to send my the .pkm file via e-mail rather than me doing it myself.

Thanks for your extremely helpful and useful contribution to the research here.

Link to comment
Share on other sites

thats the feature I'm really waiting for because otherwise I have to ask someone to send my the .pkm file via e-mail rather than me doing it myself.

Well, I emailed the creator of IR-GTS a couple of days ago, notifying him of this thread, so hopefully we'll see a response sometime "soon."

Link to comment
Share on other sites

It seems offset 0x37 of the GTS footer when receiving a pokemon is not some "Exchanged flag" flag but used for alternate forms. For the default form it should be set to 0x01 (not 0x00), and to the appropriate form value described on the data structure page of the wiki for alternate forms (e.g. skymin is 0x08)

Link to comment
Share on other sites

I just thought i'd let you guys know that Infinite Recursion updated his ir-gts website with news that a Generation V update should be coming pretty soon. He thanked the, '...dedicated chaps at Project Pokemon.' for their help. =)

Link to comment
Share on other sites

I have updated the wiki with offsets for deposit pokemon data. Still have no idea what's in the 0x138-0x1B7 range though.

You can see this in action on Pokécheck, it allows you to extract .pkm files from your game and import .pkm files from your pc (e.g. made with pokegen) onto your cartridge, no AR of flashcard required.

Link to comment
Share on other sites

I just thought i'd let you guys know that Infinite Recursion updated his ir-gts website with news that a Generation V update should be coming pretty soon. He thanked the, '...dedicated chaps at Project Pokemon.' for their help. =)

Yeah, I'd be sunk without you guys =)

I'm working on an update now, but am running into some issues. For some reason, the connection is stalling out immediately after sending the challenge token - that is, the DS only sends one packet. From what I understand from this thread, that initial response should be nearly identical to what it was for Gen 4, but am I missing something?

I'll be the first to admit that I'm not very good at network programming. Once I get that out of the way and make that initial handshake work, the rest won't take long at all.

Link to comment
Share on other sites

Did you remember to append sha1("HZEdGCzcGGLvguqUEKQN"+urlsafe_base64(response)+"HZEdGCzcGGLvguqUEKQN") to all server responses?

I just added that to the wiki page on the GTS protocol but look at the first post for more information.

Link to comment
Share on other sites

For some reason, the connection is stalling out immediately after sending the challenge token - that is, the DS only sends one packet.

I've been having the same issue with a program I made that simply forwarded everything the DS sent to gamestats2 to and from the official server. (instead of DS <-> gamestats2, this is DS <-> program <-> gamestats2)

The first request works, the response is sent to the DS, but everything stops here.

So even official responses are not accepted.

Link to comment
Share on other sites

Did you remember to append sha1("HZEdGCzcGGLvguqUEKQN"+urlsafe_base64(response)+"HZEdGCzcGGLvguqUEKQN") to all server responses?

I just added that to the wiki page on the GTS protocol but look at the first post for more information.

It's not even getting that far. All I'm getting is:

request: http://gamestats2.gs.nintendowifi.net/syachi2ds/web/worldexchange/info.asp?pid=#######

response: [challenge token]

[timeout]

Based on what I've seen, and what M@T said, it looks like there may be some added protection against packets coming from within the same network as the DS. I'll have to test this theory...

Link to comment
Share on other sites

Strange. I know on my network, I've done testing from DS <=> Server, and both of those are on the same network.

Try seeing if, instead of spoofing a 192.* address, you spoof your public IP while forwarding 80 and 53 onto your computer, and see if that works?

Link to comment
Share on other sites

I can't reach my public IP from my local network, that's a problem with the router loopback.

I tried using ARP spoofing and "man in the middle" attacks to sniff the traffic between the DS and the router and it worked, but it calls HTTPS servers too often and when it does so while it has a poisoned ARP cache (ie. the DS thinks my computer is the router), the HTTPS certificates become invalid and the connection hangs (Cain&Abel automatically replaces the certificates with custom ones and I can't prevent it).

However, I was able to sniff some requests, but it is useless now that almost everything has been reverse-engineered.

Link to comment
Share on other sites

I can't reach my public IP from my local network, that's a problem with the router loopback.

I tried using ARP spoofing and "man in the middle" attacks to sniff the traffic between the DS and the router and it worked, but it calls HTTPS servers too often and when it does so while it has a poisoned ARP cache (ie. the DS thinks my computer is the router), the HTTPS certificates become invalid and the connection hangs (Cain&Abel automatically replaces the certificates with custom ones and I can't prevent it).

However, I was able to sniff some requests, but it is useless now that almost everything has been reverse-engineered.

If I am understanding you correctly, you need to be able to hit an external IP for this new GTS system. I would recommended if you can to either try upgrading your router with a DD-WRT firmware if at all possible (this would fix your loopback issue), or if you have a smartphone (iPhone, Android, *not sure about blackberry*) you can get a wifi tether application that will let you get your DS online no problem.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...