Jump to content

Recommended Posts

  • 2 weeks later...
Posted

So I did all the steps for partially decrypting my save file, but when I finished using xorfiles with the keystream and the backup and then I used hxd to get a rid of the bytes that were above 0x9c, I opened it in Pkhex and all the boxes were blank, including the party and battle box, too. What did I do wrong?

Edit: Also, do you need to have a specific destination for xorfiles?

Posted
So I did all the steps for partially decrypting my save file, but when I finished using xorfiles with the keystream and the backup and then I used hxd to get a rid of the bytes that were above 0x9c, I opened it in Pkhex and all the boxes were blank, including the party and battle box, too. What did I do wrong?

Edit: Also, do you need to have a specific destination for xorfiles?

Can anyone help with this?

Posted
Can anyone help with this?

It'd kinda hard to figure out your problem with just that.. clearly there was an error in the process. After you make the blank file with the correct xorpad, you xor it with any of your recent save files and then the output is partially decrypted (0x5400 - 0x6AFFF to be exact).. so just delete the powersaves header from that output file (first 0x9C bytes). You can add in the DISA/DIFI headers and all that crap if you want, but not necessary to load the file.

  • 2 months later...
Posted

I have a problem with my keystream, I deleted the header up to 9C, and then, I opened PKHex and it said it was an unsupported file type or size. I looked it up, and found I was supposed to remove the header, but I already had, please help.

Posted

Thanks for the help, this isn't 100% decryption, so can I not inject these back? Because I've been trying to do that, and it's fail after re-trying 4 times. I did get at least this working though

Posted
Thanks for the help, this isn't 100% decryption, so can I not inject these back? Because I've been trying to do that, and it's fail after re-trying 4 times. I did get at least this working though

Unless you can take care of the AES MAC at the top of the save, there is no 100% decryption or re-injection.

These tricks in the thread allow decryption of the savedata; insertion is not possible.

Posted
Unless you can take care of the AES MAC at the top of the save, there is no 100% decryption or re-injection.

These tricks in the thread allow decryption of the savedata; insertion is not possible.

So then is there a known way to "take care" of the AES MAC or any way to fully decrypt the game. In PKHeX it shows a button saying "Export SAV" but it is blanked out and doesn't work, on the PKHeX thread it says "Saving changes to a SAV is only available if you can dump your own XORpad and have a 100% decrypted save."

Posted
So then is there a known way to "take care" of the AES MAC or any way to fully decrypt the game. In PKHeX it shows a button saying "Export SAV" but it is blanked out and doesn't work, on the PKHeX thread it says "Saving changes to a SAV is only available if you can dump your own XORpad and have a 100% decrypted save."

In order for anyone to 100% decrypt a save, they would have to do either of the following:

1. dump the specific AES Key for their savegame, feed it to a hacked 3DS to generate the XORpad, and re-sign/xor when edits are applied.

2. dump the decrypted save in the RAM, then piece back together the save and have the 3DS ignore the bad AES MAC (or re-sign it with custom code).

PKHeX can detect if a save is 100% decrypted or not; if you can't do either of the above methods yourself, then you can't 100%decrypt or inject. You need more than just a Powersaves device... it's not a simple thing.

  • 1 month later...
Posted

Im a but stuck aswell

You can now use this to open a save in PKHeX! If you want to open a save, XOR save1keystream.bin with the powersaves backup of whatever save you want to check out (I recommend*http://www.nirsoft.net/utils/xorfiles.html*), and then delete the first 0x9C bytes in a hex editor (I use HxD). Save the file with the 0x9C header removed, and you can open it in PKHeX totally fine:*http://i.snag.gy/x2jJ8.jpg

Deos this mean i need to use xorfiles.exe and put save1keystream.bin in sav box one and the modded save in save box 2? Or is it the other way round or do you use another file in 1 of there save boxes and also deos it matter what the destination file is? I do know to remove 0x9c from the final powersaves save file can be edited on pkhex so it can read it

Posted
Im a but stuck aswell

You can now use this to open a save in PKHeX! If you want to open a save, XOR save1keystream.bin with the powersaves backup of whatever save you want to check out (I recommend*http://www.nirsoft.net/utils/xorfiles.html*), and then delete the first 0x9C bytes in a hex editor (I use HxD). Save the file with the 0x9C header removed, and you can open it in PKHeX totally fine:*http://i.snag.gy/x2jJ8.jpg

Deos this mean i need to use xorfiles.exe and put save1keystream.bin in sav box one and the modded save in save box 2? Or is it the other way round or do you use another file in 1 of there save boxes and also deos it matter what the destination file is? I do know to remove 0x9c from the final powersaves save file can be edited on pkhex so it can read it

never mind im way past this point, im now unable to get the brute forcer the work, im got everything else working perfect, I also emailed the guy who made the brute forcer as the application said to do so in the failed message

Posted

as far as I know all I need is the save1key.bin file, the file the brute forcer is meant to give you when you combined the save1keystream.bin a powersaved new game file and a masted balled edited powersaves new game file 2gether, I don't really need the app to work, is anybody got that file who is willing to upload a copy to the internet for me please?

Posted
as far as I know all I need is the save1key.bin file, the file the brute forcer is meant to give you when you combined the save1keystream.bin a powersaved new game file and a masted balled edited powersaves new game file 2gether, I don't really need the app to work, is anybody got that file who is willing to upload a copy to the internet for me please?

Are you asking for someone elses xorpad and save? I dont get it.. for what purpose?

Posted

When i was trying to parshaly (spelling) decript my sav the morning following sciresM's guide, one of the instuctions was to use save1keystream.bin with your current save file using xorfiles.exe, then just trim the header of the newly make file to access pkhex, the file that the brute force app was supost to make is called savekey1.bin and it sounded like it was a better version of save1keystream.bin and can be used in the same way, so if i can't get the brute force app working, but can at least get the file it creates then it should still be possible to use that with my save on xorfiles.exe just the same as before where i trim it and if im right that will create a 100% decrypted powersaves bin file, ofcouse i know nothing about any of this stuff and may just be talking gabage

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...