codename_B Posted November 18, 2012 Posted November 18, 2012 (edited) Working on a way to search the GTS, I'm still stuck on the final integer. If anyone is good at spotting the patterns between numbers, please feel free to lend a hand! To get these values, I've done a fair bit of looking at everything and I've got a fairly decent map of where everything is - I just need a process to generate the last number in this now! (or the first depending on what way around you look at the problem) Pid: 326390047Query: LbhDTB9RdBMHAAAA9QEDAAAABw== Decoded: 2d b8 43 4c 1f 51 74 13 07 00 00 00 f5 01 03 00 00 00 07 Reversed: 07 00 00 00 03 01 f5 00 00 00 07 13 74 51 1f 4c 43 b8 2d (read in reverse order) results (max 0x07): 0x07 location?: 0x00 level range to: 0x00 level range from: 0x00 gender: 0x03 species: 0x01 0xf5 data-length: 0x00 0x00 0x00 0x07 (always 7) pid: 0x13 0x74 0x51 0x1f unknown: 0x4c 0x43 0xb8 0x2d Query: LbhAPnQLnBYHAAAAiQIDW2QABw==############################ results: 7 location: 0 to: 100 from: 91 gender: 3 id: 649 dataLength: 7 pid: 379325300 ???: 1044428845 ############################ Query: LbhDTB9RdBMHAAAA9QEDAAAABw==############################ results: 7 location: 0 to: 0 from: 0 gender: 3 id: 501 dataLength: 7 pid: 326390047 ???: 1279506477 ############################ Edited December 18, 2012 by codename_B
codename_B Posted December 18, 2012 Author Posted December 18, 2012 Took another look at this with fresh eyes today, it is literally the sum of all bytes, xor-ed with 0x2db842b2 and then flipped. Totally obvious now that you look at it. Not the cleanest code ever, but it works and that'll do for now. public static int getCheckSum(byte[] flipped) { int g = 0; for(int i=0; i<flipped.length-4; i++) { g = g+(flipped & 255); } g = g ^ 0x2db842b2; g = flip(g); return g; } public static int flip(int a) { ByteBuffer buff = ByteBuffer.allocate(4); buff.putInt(a); byte[] b = buff.array(); buff.clear(); buff = ByteBuffer.allocate(4); for(int i=3; i>=0; i--) { buff.put(b); } buff.rewind(); return buff.getInt(); }
codename_B Posted December 18, 2012 Author Posted December 18, 2012 Here are the data return lengths for various numbers of results, I'll attach data if anyone wants it. 0: 42 1: 338 2: 634 3: 930 4: 1226 5: 1522 6: 1818 7: 2114 338 byte result 0x1 0x0 0x1 0xc6 0x5f 0xad 0x0 0x0 0x5d 0x1d 0xee 0x5b 0xe 0xa 0x7e 0xe2 0x28 0x78 0x1c 0x41 0xdf 0xcf 0xca 0x5d 0xbc 0xf 0xbf 0x1d 0x30 0x3 0xa5 0x74 0xd3 0x51 0xe3 0x34 0xa2 0x2a 0xa4 0x4 0xbb 0xab 0x8 0xfe 0x1d 0x64 0x60 0x30 0x76 0x1c 0xa6 0xc3 0x19 0x41 0xe2 0xfd 0x31 0x38 0x16 0xfd 0x56 0x73 0x8 0xfc 0xe0 0x34 0x11 0x7b 0x7e 0xc8 0x5d 0xfd 0x39 0xe5 0x77 0x60 0x15 0x78 0xb8 0x10 0xf8 0xb9 0x61 0x2f 0xf6 0x49 0xe0 0x66 0x35 0xd7 0x39 0x8 0x22 0xf5 0x20 0xe4 0xd9 0xff 0x28 0x1d 0xea 0xe0 0xd1 0x5a 0x6e 0x4b 0xb7 0xd5 0x52 0x4d 0x5a 0x23 0x50 0xf3 0x7c 0xf1 0xca 0xb7 0x38 0x55 0xf4 0x24 0x10 0xa 0xd1 0xfd 0x19 0xe2 0xa3 0x1b 0x26 0x6e 0xd1 0x4c 0x56 0xf7 0xfd 0xa4 0xe3 0x5e 0x1f 0x50 0x3e 0x49 0xfd 0x36 0xfd 0x2e 0x70 0xaf 0x30 0xce 0x39 0x30 0x31 0x42 0xb2 0x61 0xde 0xe8 0xc2 0xc3 0x3f 0xad 0x6b 0xdc 0xbe 0x51 0x19 0xac 0x71 0xc 0x0 0xdd 0xf 0xe8 0xaf 0xaf 0x79 0xbe 0x4f 0x70 0x29 0xcd 0x38 0xde 0xb2 0xd1 0x28 0xc6 0x67 0xc4 0xfd 0xb3 0x75 0x14 0x45 0xd5 0x2b 0x25 0x28 0xaf 0x1d 0x7d 0x30 0xdc 0xd7 0xc2 0x7b 0x1d 0xfe 0xc7 0xef 0x5a 0xd0 0x4 0x3a 0x25 0x10 0xc9 0xf6 0xe8 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x3 0x0 0x2 0x64 0x1e 0x2 0x3 0x0 0x9 0x0 0x0 0x0 0xdc 0x7 0xb 0x11 0xd 0x25 0xf 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x42 0xbd 0xdc 0x13 0x1 0xdc 0x59 0xf9 0x4e 0x0 0x45 0x0 0x49 0x0 0x4c 0x0 0xff 0xff 0x0 0x0 0x0 0x0 0xff 0xff 0xdc 0x5 0x2 0x0 0x14 0x2 0x1 0x3 0x38 0x61 0x38 0x37 0x33 0x31 0x63 0x38 0x31 0x38 0x31 0x35 0x66 0x35 0x65 0x61 0x30 0x65 0x62 0x31 0x36 0x35 0x63 0x39 0x66 0x34 0x32 0x62 0x30 0x35 0x65 0x63 0x39 0x30 0x66 0x65 0x66 0x65 0x37 0x61 I'm working on this flipped, as I find it easier to think of things little-endian... So what we've got is first 40 bytes String checksum Last 2 bytes 0x00 and 0x01 ALWAYS (signals end of stream I guess!)
codename_B Posted December 18, 2012 Author Posted December 18, 2012 I've attached a 220-byte .pkm file that I've gotten from a search. I'm not 100% sure of the format this is in but from what I've been able to deduce the rest of the bytes up till this are GTS specific and padding, so this is the data that will return a valid pokemon. Feel free to put in some input, or ask any questions! I'm going to put this to bed for now, and take another look at it some time in the future. a..pkm
codemonkey85 Posted December 23, 2012 Posted December 23, 2012 So what happens when you find that Pokémon and download it? I guess it's still sitting on the server waiting for a valid trade, huh?
formlesstree4 Posted December 23, 2012 Posted December 23, 2012 So what happens when you find that Pokémon and download it? I guess it's still sitting on the server waiting for a valid trade, huh? It would make sense; if the connection were to be suddenly lost for whatever reason, or an exception raised, it would be terrible to lose the Pokémon.
codename_B Posted December 24, 2012 Author Posted December 24, 2012 That's really not answering the question of how to go about decrypting the 220 bytes I have. (I'm also not sure if I've got them the right way round for decryption so feel free to flip em about as you see fit)
codemonkey85 Posted December 27, 2012 Posted December 27, 2012 I must be confused, because I do not see any questions on how to decrypt that data. Have you not tried the normal methods, using the PRNG?
codename_B Posted January 1, 2013 Author Posted January 1, 2013 http://projectpokemon.org/wiki/Pokemon_Black/White_NDS_Structure I must be confused, because I do not see any questions on how to decrypt that data. Have you not tried the normal methods, using the PRNG? I assume you are referring to that? Yeah, I've got some model files to work from and it works fine for those but it appears to be arranged in a different block shuffling manner to what I'm able to figure out. Again, could just be me... I'm getting completely nonsensical PID values when I try to read them from the byte[] array. Where pid: is in the unencryped 50 odd bytes prior to the encrypted .pkm and ppid: is what I'm trying to make sense of. I've also tried reversing the byte[] order, just to see if it's just me being silly about reading it right, and that was equally unhelpful. pid: 400304484 ppid: -600101640 pid: 333716725 ppid: 360572957 pid: 416152147 ppid: -520608497 pid: 399112007 ppid: 2126842325 pid: 288258214 ppid: -1112572622 pid: 320386427 ppid: 524767930 pid: 371985483 ppid: -743971207 pid: 400304484 ppid: -1070459604 pid: 333716725 ppid: -1425794014 pid: 416152147 ppid: -215364339 pid: 399112007 ppid: -171590219 pid: 288258214 ppid: -1235925158 pid: 320386427 ppid: 1926462963 pid: 371985483 ppid: 982673062
codename_B Posted January 1, 2013 Author Posted January 1, 2013 If it helps, here's a whole bunch of bulbasaur. bulba_1..pkm bulba_6..pkm bulba_2..pkm bulba_4..pkm bulba_3..pkm bulba_5..pkm bulba_0..pkm
codemonkey85 Posted January 2, 2013 Posted January 2, 2013 (edited) I'll take a look at those Bulbasaur to see if I can make sense of them. EDIT: Well, no luck so far. My guess is there's another encryption method on top of the normal stuff. Still prodding away.... Edited January 3, 2013 by codemonkey85
codename_B Posted January 3, 2013 Author Posted January 3, 2013 I'll take a look at those Bulbasaur to see if I can make sense of them.EDIT: Well, no luck so far. My guess is there's another encryption method on top of the normal stuff. Still prodding away.... It would make sense, thanks for taking a look!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now