CK20XX Posted December 9, 2016 Posted December 9, 2016 I'm in an awkward position. I do want to mod my 3DS and run homebrew but... not now. The homebrew scene is still an arms race, to the point where Nintendo is not only banning offenders, but also offering to pay out bounties to people who help it find and close vulnerabilities in its software. The smart thing to do seems to be to wait until the Switch kills the 3DS, then go hog wild and mod it however I like. But... pokemon, that accursed series. I've skipped every 3rd generation, so Sun and Moon have been a perfect point for jumping back in, and I have loved them. I enjoyed Pokemon the most though when I was using PokeGen to mod my saves in Gen 4 and 5. If I want to do that again, all the signs say I must mod my 3DS first, which is the one thing I'm not yet willing to do. So I downloaded Citra and I've been experimenting with emulating a modded 3DS. I have a legit version of Pokemon Moon that I bought on the eShop, so I copied that over to my computer and strapped it to an operating table. There has to be a way to extract the save from it so I can edit it in PKHex, but, unfortunately, the emulator doesn't even seem to recognize where the save for the game is. I can run the Homebrew Channel just fine, but JK's Save Manager can't find a target to select, and what really blows my mind is that it gives me the same problem when I use a ROM of Pokemon Moon instead of the real deal. I'm so close. Surely this must be a situation where I merely don't know the correct file paths to use or something. Or maybe I'm going about this all wrong and need to scrap everything and start over? Research seems to suggest that JK's Save Manager can only target cartridges, not digital versions.
suloku Posted December 9, 2016 Posted December 9, 2016 You can install cfw (or emunand) and still keep everything between legal boundaries. An emunand after downgrading would also be an option if you don't want to install A9lH (I totally recommend installing it nowadays though). Your best option for your position would be getting a primary or secondary (preinstalled) entrypoint. A secondary entrypoint will alwais work, and if you just want homebrew the only requirement would be to wait until payloads are updated to the latest firmware. OOT is a good game for that purpose, if you can install the exploit before updating. ORAS would also be an option. That being said... I don't seem to understand what you want. You want to extract the savegame citra uses? In any case, you need an XML file for target selection, it is included in the latest release: https://github.com/J-D-K/JKSM/releases
CK20XX Posted December 10, 2016 Author Posted December 10, 2016 I am attempting something somewhat convoluted. I'm trying to extract a save from a copy of Pokemon Moon I legally purchased from Nintendo's eshop, BUT... I'm trying to do it without modding my 3DS. Instead of modding my 3DS, I'm using Citra, a 3DS emulator. I figure if I copy the contents of my SD card to my computer, I should be able to use Citra or some sort of PC utility to extract the save, edit it with PKHex, then import it back so the purchased game can use it. I do have both Ocarina of Time and Paper Mario: Sticker Star so I can mod my 3DS whenever the time comes. I'm not yet comfortable with the idea though. I tend to be a slow, deliberate person who doesn't make a move until all his ducks are in a row. My firmware version is 11.2.0-35U though. I already got the .xml file for JK's Save Manager. It looks practically empty in Notepad++. I probably need to add something to it to make it recognize Pokemon Moon. Dang do acronyms ever confound me, but I know cfw is "custom firmware" and I know what you mean by entrypoints and payloads. This is a brave new world I'm exploring though, and of course I have to start by attempting something out of the ordinary. I just can't keep things easy for myself. Thanks for putting up with me so far.
Guest Posted December 10, 2016 Posted December 10, 2016 You can't do that. To extract the save file requires decrypting it and that can only be done on your 3DS, which requires you to mod it. You will not get banned and you don't risk anything by just using basic homebrew entry points. You might get banned from Pokemon Global Link if you edit stuff in your save file and they detect changes that shouldn't have happened, but that's probably the extent of it. @suloku, there are no entry points that can/that are guaranteed to always work (and for all intents and purposes, there is no difference between a primary entry point and a secondary entry point aside from the installation method.) However, as far as I'm aware, Nintendo hasn't come up with a way to block ctr-httpwn yet, so it may be possible to remain on your current firmware with a working entry point and just avoid updating altogether.
suloku Posted December 10, 2016 Posted December 10, 2016 I'm pretty sure Nintendo can't fix secondary entrypoints like OOT, because that needs a game update, and they "can't" enforce you to connect to internet to download one and private you from playing the game, at least not for physical carts. I don't think nintendo can fix OOT crashing, nor can they remove permisions from the game, which is what the payload uses. That's the impresion I have with my limited knowledge at least. What I understand is that primary entrypoints work in a different way, because it's not a modified savegame installed to the game what triggers the exploit, but a bug in the game that grants code execution, and that can be prevented to some extent via firmware updates (as they have done, but has been bypassed already).
Guest Posted December 10, 2016 Posted December 10, 2016 They very much can fix entry points such as OoT. Physical space randomization (PASLR) rendered the exploit useless for a while, and even though that was bypassed, no doubt they can figure out another way to block it. And no, primary or secondary is the same. The only difference is that primary entry points can be installed without the need of another existing entry point. ninjhax has an option to run without installing to the save file, true, but the concept is the same. In both cases it's a vulnerability in the game that grants code execution, and the exploit triggers it. In OoT it's a specially-crafted save file, for ninjhax the exploit runs from a QR scanner exploit but you can exploit the QR scanner via save file as well. Every other entry point is also from specially-crafted save files for exploiting the game's vulnerabilities. Also, as far as I'm aware, they removed Cubic Ninja's permissions to access the camera. Smea said something about that but I would still have to find the tweets.
CK20XX Posted December 10, 2016 Author Posted December 10, 2016 Dangnabbit, I knew it. In my heart, I knew Ammako was right. But I had to give it a shot anyway. Well... what the hey. Maybe it's time I experiment with actual modding then, though I'll probably have to roll back my firmware first or wait for the latest mod tool releases. I went and updated to the latest firmware revision because Nintendo Badge Arcade required it, but that's more of a cute toy than a game I really want to invest it. I can do without it.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now