Icehawk78
-
Posts
30 -
Joined
-
Last visited
Content Type
Profiles
Pokédex
Portal
Technical Documentation
Pages
Tutorials
Forums
Events
Downloads
Gallery
Blogs
Posts posted by Icehawk78
-
-
And they're for the same items/etc ?
And if you got many of them you might want to put them on pastebin.
I'll need to verify if I can find out what the codes actually get - the only QR codes released were for the japanese release, but I found a collection that was QR code+Password that I'm able to parse with a QR reader, so I'll need to correlate the passwords to the items.
-
Well, I guess crypto key was not the right term on second thought.. ^^;
Maybe, its really a checksum/hash, or some kind of validity seal ?
There seems to be some similarities between those two examples. It would be nice if you had more of them though.
I can post at least 15 of them, if it'd help. They all appear identical except for those two sections.
-
Why would they need another checksum though ? Doesn't QR codes use redundancy to deal with error checking ?
Maybe its some kind of crypto key ?
The odd part is that it doesn't appear to actually be encrypted whatsoever - the password is sitting there in plaintext. I'm going to try just dropping in a US password to see how it responds, but my assumption is that it won't make much difference.
-
So I was looking through the japanese QR Codes for Mystery Gifts, and found these:
Code: 8PH790HJ
Decoded QR bytes:
43 00 01 95 92 23 31 20 41 10 00 40 16 51 00 03
a2 00 fd ed b4 88 6a c2 7c ad 45 6d 8d a6 00 b2
70 81 8f f3 0f f2 8f f1 7f f1 9f f1 0f f2 8f f2
af f0 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11
Code: Y75FXY3R
Decoded QR Bytes:
43 00 01 95 92 23 31 20 41 10 00 40 16 51 00 03
a2 00 fd ed b4 88 6a c2 7c a0 36 1d f7 66 00 b2
70 83 9f f1 7f f1 5f f2 6f f3 8f f3 9f f1 3f f3
2f f0 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11
ec 11 ec 11 ec 11 ec 11
They strangely seem to be offset by one digit, and then starting around the 34th byte, the code matches in the QR, slightly shifted (11 = 1, 39 = Y, etc). The only part I haven't been able to verify is the chunk of 4 bytes around the 26th byte, which I'm assuming is likely a checksum of some kind.
I figured I'd ask here to see if this is a known encoding already, in which case, I'll be able to see if I can generate QR codes for the existing known Mystery Gifts in the US version.
-
Well yes obviously lol. But the main thing is that there won't be any 6th gen PokeGen pokemon....at least for a while.
Well, for a week or so, at least.
-
Thanks for the helpful explanation. I'm assuming the most efficient way to do that would be to connect my DS directly to my computer, with a wireless card or adapter, though I don't have the hardware for that right now. I'm more likely to try catching it through my router's LAN first.
With the GTS, what we did was set the DS's DNS to your local machine, and then run a DNS Spoofer on that machine, so you can view the requests coming and going. You might be able to capture that through your router, but remember that you'll have to sift through every other computer on your network's traffic, as well.
-
Btw, we don't have fake GTS servers. Only hacks on the real one. Try hosting a GTS hack without your computer having access to the real one, and it won't work.Correct. The spoofed GTS only changes a small aspect of data, the remainder of requested data comes from the official GTS servers.
While this is technically true, we *could* actually have a full-on fake GTS server. It's just that spoofing the entirety of the GTS communications, including the initial handshakes and the like would add a lot more code, be a lot more complex to test and make work, for not much actual extra benefit, since we can just piggyback the official servers and skip all that work.
I've actually used it a few times, but I never knew!Anyway, they're just shutting down DW, and claimed will support GTS support, so any of the alternatives I suggested for obtaining DW probably won't be affected...
While true, I'm actually still interested in seeing if we can figure out what protocols the DW is using to communicate with the game, since sending up to 10 pkm and seemingly unlimited numbers of items all at once seems like a much faster solution for transferring pokemon than sending 1 pokemon+1 item at a time.
I tried tethering my DS to my phone and running Wireshark this morning to capture the traffic, only to find that that's a really terrible way of doing things because the output format is crap, so I'm going to look into it later tonight on my desktop at home and see if I can figure out what's happening. My initial test was a bit confusing, showing both unencrypted communications and SSL communications. If it's the latter case, then it's highly unlikely that it'll work (for the same reason the Wonder Card distribution servers haven't been spoofed).
I'll update this thread with more information, but if anyone is interested in helping, I'm also lurking in the IRC.
-
http://projectpokemon.org/wiki/GTS_protocol
That's a start on how the GTS works. To do what you want to do, you'd want to set up a man-in-the-middle attack, specifically looking to see if it communicates over HTTP, HTTPS, or a direct socket connection. If it's the former, then you should post what you intercepted if you need help decrypting it, because that's easy to work with. If it's HTTPS or a direct socket connection, while still possible, the additional effort involved would likely preclude serious development, since you can't easily distribute anything you find, even if you *can* find something.
-
Alright, I've fixed the error. The issue is that I don't have enough sanity checking in my code, and at times, the highest traffic sql table 'crashes'. It's a temporary data table, so I just flush it when it happens.
Sounds like you need a better database than MySQL
-
and have pessimistically decided the 3DS will never be hacked or emulated, meaning there can’t exist things like Pokesav/Pokegen
Citation needed.
Every video game system to date has been hacked/emulated, the only reason the 3DS would be an exception would be because not enough people are interested enough to care. Given that the 3DS, unlike the normal DS, has an SD card slot (which may or may not be able to back up your save games like on the Wii, but I wouldn't be surprised), if/when they release a 3DS pokemon game, I would imagine the creation of save-file editors will be easier, not more difficult.
-
Today I went on the irc looking for help for Pokemon white and the entree. I had mentioned that I was playing on an emulator and was promptly banned and given the message "piracy is a big no no"
Yes I did ban you. No, it was not unfair.
1. emulation≠piracy Everyone on this forum who knows about emulators should know this.Nope, mate. As far as I or almost any other moderator on the IRC cares, unless you explicitly state that you manually ripped your own legal game, it's assumed that talking about "playing on an emulator" is an admission of piracy. Because in 99.9% of the cases, that's exactly what it is.
2. I live in a small town so no one I know has a copy of either Black or White.I couldn't care less about that.
3. I don't get out very often so I don't see the need to run my DS battery down and I prefer being on my computer.That's lovely.
4. I feel all forum and irc staff should assume, (at least if there is no mention of downloading a given rom during a conversation) that the person seeking help legally owns the game.Your feelings have been acknowledged, and dismissed as wrong. We get tons of people who assume because we work with tools that deal with game data modification (which is easiest to do when you've got the files already on your computer from your pirated copy of the game) that we endorse piracy, and as such it is instead the default assumption on IRC (and presumably also on the forum) to assume that if it looks like piracy and smells like piracy, that it's begging for a banhammer.
-
To everyone using .pkm files - ensure that the actual party .pkm file that is created is not actually 236 bytes. It should actually be 220 bytes. If it is 236 bytes, then you've not set PokeGen to run in B/W mode.
-
Strange. I know on my network, I've done testing from DS <=> Server, and both of those are on the same network.
Try seeing if, instead of spoofing a 192.* address, you spoof your public IP while forwarding 80 and 53 onto your computer, and see if that works?
-
i hope this gets figured out asap stuck at the elite 4
thats the feature I'm really waiting for because otherwise I have to ask someone to send my the .pkm file via e-mail rather than me doing it myself.Thanks for your extremely helpful and useful contribution to the research here.
-
Dunno. Ask the peoples who made those. The info in this post should be more than enough for them to update their software for 5th gen. I think Ceol may be working on something like that too, not sure.
-
Keep dreaming. I've been working on a fully working 4th gen GTS for over a year and it still doesn't work.
-
First post updated with new info.
-
any ETA given the progress so far sorry if i sound impatient
Go look at the other thread.
-
Wow, that's a lot bigger than I expected. 444 bytes.
Attached is the updated deposit data.
What. No. Why...?
Extract the .pkm from your save file using Pokegen or somesuch, and then post that.
-
Lbjy2R9RdBOwAQAAisQmBgAAW6Yb-A6J74cJBJEaKxOPb5bV2c-PWBJQNyaVt-EjdUeHRgv0ukl6kUOwCasux1dvAr_-oVFBhCXTi8jv_yVK2dZ3XlRkWlKZjrC0PPAG1HjSJnmhfXsto3qJl29_XirXGvBDEVKbYvJmbd8prcTo_6ZwrA0bwRbxyvfg0sa3GCDA8CB79LSSVhC9nzXsr9SeNjl0linLJBKJNJQ2mBhzcyqwXaRTHpkLn9mTbKYEud2TdkswI00t8qe9IOVgU_C93HwCq-tsBFhebBguK--6YR1rgve6QQAAAAAAAAAAAAAAAAAAAAD4AQEDEwIDAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAJDVvB1DAGUAbwBsAP__AAAAAP__3BQBABQCCAAAAAAAdFB3VUbTZZlJgHUICsST66dZInwPBhTE7dtp14CDiHd6CaccqxncUrZSZrNVZjvyKymDTWEAthBr8KVSaZMOzBvSy6ohlk8dnN6wBWo-rwrss2yR6gwEkNOXscZtmtkqEIjbFS2Qlu57K1d3XOQ0C5yVkhE_Gd1Oz7bwGb0GDnaAAAAA
-
Further updates:
The response hash is generated entirely by the response code itself. Two separate pages (info.asp and post.asp) that were requested and previously responded with response code of 0x0001 both had a consistent response of "\x01\x00729abc61b2d89c9b4ed122265c827524a032cb42"
-
Apparently the old default return values don't work. 0x0001 for webexchange/info.asp issues an error 13247.
Right, that was what I mentioned above, with the bit about the "response hash".
For example, instead of 0x0001, the response needs to be "\x01\x00729abc61b2d89c9b4ed122265c827524a032cb42' (Note: that's a hex value of 01 00 32 27 29 ...)
Ceolceol: If you're doing research or want to help, feel free to join the IRC, I'm much more active there.
-
The following string was found in the game's code:
HZEd GCzc GGLv guqU EKQN
0001 d935 0000 2dd5 0000 0008
2db8 42b2
All together in one long thing. The first line is the salt used for request hashes. The last line is "what the checksum is XORed with" (though I'm unsure exactly of what that means, since the GRNG is no longer used).
I'm not certain what, exactly, the characters in the middle line are used for, nor am I certain now that the appended junk in the response is necessarily a new hash (though it appears to be - same length and character set used in SHA1).
-
I've also created a simple Ruby script for making requests to the real GTS server on the fly, that anyone else can feel free to use. This requires the Mechanize rubygem, which is fairly simple to install.
require 'mechanize' require 'digest' agent = WWW::Mechanize.new url = "http://gamestats2.gs.nintendowifi.net/syachi2ds/web/worldexchange/result.asp?pid=289086352" data = "&data=LbhNapAbOxGwAQAAFQIAAGR0NfQr_1X_Uv9U____AAAAAP__AAAAAAAk83_MmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" secret = "HZEdGCzcGGLvguqUEKQN" page = agent.get(url + '&hash=' + Digest::SHA1.hexdigest(secret + agent.get(url).content) + data).content
-----
The requested URL and requested data can be altered (I've just been using requests that my own game specifically made so that I knew everything would be properly formatted), and the last line will always get the correct response from Ninty's GTS.
pk3DS: Pokémon 3DS ROM Editor and Randomizer
in ROM - 3DS Research and Development
Posted
This isn't actually related to the post you were referring to, but do you have any idea how difficult modifying the PersonalInfo to have the Evolutions info accessible (for use with supporting a "make all/most species have matching randomized types/abilities" type of functionality) would be? I've not dug too deep into the codebase yet, but figured it couldn't hurt to check and see if my idea had either already been considered and passed over, or just not attempted yet due to lack of interest, rather than complexity?
(Ultimately what I'd really want is to have all of the randomizable things dumped to json files, which I could then modify with an external script, and then re-import into the project, but I'm assuming that's more than a little out of scope/improbably difficult to do)