Jump to content

Recommended Posts

Posted
Those files could not be re-inserted into the game at the first place. (no evidence seems to show that it could be done)

You're forgetting that Xfr and Bond were able to re-insert that Gible as soon as they could get the file out of the game. They simply never revealed how to do it.

Regardless of our current abilities, I don't think it's time to give up.

  • Replies 284
  • Created
  • Last Reply

Top Posters In This Topic

Posted

According to Pokecheck.org, "X/Y support is progressing painfully. Expect some news soon."

So, if there is a way around encryption, it's yet again being first cracked by Xfr and Bond. Good point though. The method will probably not be publically released so it can't be patched.

  • 2 weeks later...
Posted

Does anybody talked to tje guys who managed that the 3DS can be hacked now?

Does that interfere our project to inject some pokemons to X or Y

Posted
Does anybody talked to tje guys who managed that the 3DS can be hacked now?

Does that interfere our project to inject some pokemons to X or Y

People have asked about this before but he refused to give any information but even if we had the information they are after it wont do us any good with the encryption.

  • 2 weeks later...
Posted

Okay, I'm thinking of the possibility of someone managing to tackle Pokémon Bank.

Which won't be easy, since that requires reverse engineering on how the 3DS communicates with Nintendo Network (And when we discover how it does, Nintendo would most likely patch the 3DS to get around the exploit, and when that happens, we probably can't use Pokémon Bank legitimately.) There's also the chance of being permina-banned from Pokémon Bank if we get caught.

Posted
Okay, I'm thinking of the possibility of someone managing to tackle Pokémon Bank.

Which won't be easy, since that requires reverse engineering on how the 3DS communicates with Nintendo Network (And when we discover how it does, Nintendo would most likely patch the 3DS to get around the exploit, and when that happens, we probably can't use Pokémon Bank legitimately.) There's also the chance of being permina-banned from Pokémon Bank if we get caught.

I'm gonna preface this by saying that the PP moderation team has already said they will not allow discussion of hacking the bank. Regardless of how you or I feel about that, hacking the Bank is technically infeasible right now. All communications to and from the Bank servers are protected by TLS, which means there will be no reverse-engineering without being able to modify code running on the 3DS. If you were to manage to do that you'd have no reason to use the bank; you could directly modify pokemon in memory or the save file.

Posted

We actually need to tackle the internet-based Wondercards, not the Wifi ones that would most likely be used for Diancie's distribution (as you may need to see the movie in order to get Diancie.)

Posted
We actually need to tackle the internet-based Wondercards, not the Wifi ones that would most likely be used for Diancie's distribution (as you may need to see the movie in order to get Diancie.)

I was referring to extracting Wondercards out of save games and inserting them, Like in Gen V using Pokegen ><

  • 2 weeks later...
Posted

I love the work of all of you. I'm also analysing things about the new PKX-Files. The question is: Is it already confirmed how the PKX-Encryption Key at the beginning is generated?

Posted

Wait a minute...

Do you guys know that Mattel Powersaves for the 3DS now has the ability to mod Pokémon X and Y saves?

Reverse engineering the game's now possible!

(or, at least, modify the save data to see what can be done and what can't.)

Posted

It works for some, but not for others, apparently.

(Also, why not just tell us up front that some can't get it to work instead of chain linking it like that?)

Some people managed to get Diancie with it, as well as the "Eternal Flower Floette" (AZ's Floette, in case your wondering) and his signature move ("Light of Ruin") and the shiny forms of Xerneus, Yveltal and Zygarde.

Posted
It works for some, but not for others, apparently.

(Also, why not just tell us up front that some can't get it to work instead of chain linking it like that?)

Some people managed to get Diancie with it, as well as the "Eternal Flower Floette" (AZ's Floette, in case your wondering) and his signature move ("Light of Ruin") and the shiny forms of Xerneus, Yveltal and Zygarde.

No no I didn't link it to show it doesn't work.

I linked it to show we have many threads.

Anyway it's mostly license key issue. I haven't figured out why it might not work for windows 8, since mine is working on windows 8.

I have a powersaves, so I know about all of those, except "Light of Ruin". didn't try that ><

Posted

Sorry for the misunderstanding.

Anyway, my point being, if we know how Powersaves works, we can use that in an attempt to poke into the game's data!

(Also, in case you're wondering, The Eternal Flower Floette has a slightly different moveset by level up - it learns Light of Ruin at level 50.)

Posted (edited)

I've posted a version of Mass Dumper that can dump out pkx files.

In the past few weeks we've been looking at our new dumps and have filled in a ton of blanks on the Wiki. The C block is now entirely mapped!

There's still a few things that are still unknown:

- Affection Ribbon bitflag

- 100% Medals Ribbon bitflag

- 0x16/0x17's purpose. Out of ~1500 files I've checked, only 10 have data here.

- 0x92/0x93's flag circumstances.

- If Super Training has any other effects on the struct (feel normal, or energetic, or tired?)

Edited by Kaphotics
Posted

In regards to the 0x16/0x17 blocks is it possible that this block is related to a pokemon's ability to mega evolve? I couldn't find anything on mega evolution, so it was my first thought.

Posted (edited)

Naw, it's something set by ingame playthough.

Wg7w0.jpg

Possible explanations are certain ingame events like O-Powers or visits to a Restaurant; but nobody has been able to figure out what event sets these bytes -- has to be reproducible!

Edited by Kaphotics
Posted

Thanks to your mass dumper I've been able to check a couple of things in the pokemon memory. I tried to look if it was already discovered but the search function on the site kept giving me database errors. 0xCE-0xCF OT Memory TextVar is sometimes used to reference pokemon in the memory. For example when 0xCC OT Memory TextFile is equal to 11(hex) the memory reads (Pokemon) battled at (trainer)'s side and defeated (pokemon2) (determined with 0xCE and 0xCF). Sorry if this was already posted.

Posted

Correct - the TextVar is a text variable that is dynamic based on the context of the other message arguments. It can represent items (such as "Bicycle"), Pokemon, locations, etc.

Some examples:

06 1A 03 00 C2 01 - [it] saw [OT] using Bicycles. The Pokemon definitely remembers that it grinned.

04 30 09 00 46 00 - The Move Deleter that [it] met through [OT] made it forget Strength. The Pokemon remembers that it got nervous.

01 04 04 00 09 00 - [it] became [OT]'s friend when it arrived via Link Trade at... a Pokemon center. The Pokemon remembers that it got overwhelmed by emotion.

03 1A 01 00 5D 01 - [it] saw [OT] using TM22s. The Pokemon remembers that it had fun.

Short list of feelings observed (could be wrong in a few places):

0 it was happy

1 it had fun

2 it was glad

3 it grinned

4 it got overwhelmed by emotion

5 its feelings were indescribable

6 it felt good

7 it got teary eyed

8 it got lighthearted

9 it got nervous

A ?

B it was restless

C ?

D it felt sorry

E it felt emotional

F it felt nostalgic

10 ?

11 ?

12 ?

13 ?

14 they ended up in a foul mood.

15 ?

...

Posted

Quick question as to whether this has been tried:

- Back up a save using Powersaves.

- Use the (reverse of) the KeySAV algorithm to place a new pkx into a box on the save file.

- Load the save back into Powersaves.

- Add a code to the save (any will do) so that it goes over to their servers [where hopefully they fix the necessary checksums].

- Load the save that came back from their servers.

Sorry if this has been tried already, was planning to give it a go this weekend when I have some time but wanted to check it hasn't already been tried and failed.

Posted (edited)
Correct - the TextVar is a text variable that is dynamic based on the context of the other message arguments. It can represent items (such as "Bicycle"), Pokemon, locations, etc.

Some examples:

06 1A 03 00 C2 01 - [it] saw [OT] using Bicycles. The Pokemon definitely remembers that it grinned.

04 30 09 00 46 00 - The Move Deleter that [it] met through [OT] made it forget Strength. The Pokemon remembers that it got nervous.

01 04 04 00 09 00 - [it] became [OT]'s friend when it arrived via Link Trade at... a Pokemon center. The Pokemon remembers that it got overwhelmed by emotion.

03 1A 01 00 5D 01 - [it] saw [OT] using TM22s. The Pokemon remembers that it had fun.

Short list of feelings observed (could be wrong in a few places):

0 it was happy

1 it had fun

2 it was glad

3 it grinned

4 it got overwhelmed by emotion

5 its feelings were indescribable

6 it felt good

7 it got teary eyed

8 it got lighthearted

9 it got nervous

A ?

B it was restless

C ?

D it felt sorry

E it felt emotional

F it felt nostalgic

10 ?

11 ?

12 ?

13 ?

14 they ended up in a foul mood.

15 ?

...

I figured you already had that.

Well I found a couple more emotions.

A is "felt comfortable"

C is "it got a bit carried away"

10 is "it had some difficulty"

11 is "it felt exhausted"

12 is "it couldn't be true to its feelings"

13 is "it felt proud"

15 is "it got angry"

17 is "it got sleepy".

That is all i have at the moment that doesn't overlap with yours.

Edited by randomdice101

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...