Jump to content


  • Posts

  • Joined

  • Last visited


10 Good

About OmegaDonut

  • Birthday 07/24/1987

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I have a 4.5 3DS I've been setting aside for this very reason.
  2. xfr became unexpectedly busy in academic circles after he and his colleagues published the discovery of a new exploit in a certain commonly-used internet security protocol. No idea if this was something he discovered in the course of working on Pokecheck. But it would be amazing if it were.
  3. Let me rephrase - they are no different from regular saves, format-wise. They are encrypted with by XORing with a constant keystream, and the keystreams are generated by the same procedure. The only difference is the data that goes into generating the keystream; emuNAND does not initialize part of the data properly. But that makes no difference to KeySAV.
  4. They are no different from the saves ripped with Powersaves. And this tool could've been used with old Gateway Pokemon saves all along.
  5. Nope. It is also just as likely to give you an impossible ID\SID combo for Gen 4.
  6. Nintendo created the Save Data Transfer tool that lets you copy a save from a physical cart to a digital save, if you own the corresponding eShop game. Look for it in the eShop. But it deletes the data of the cart afterwards.
  7. It's not actually the old encryption. It's the new encryption done wrong, because emuNAND does not boot the new firmware properly (it skips initializing one of the necessary encryption keyslots). Which likely actually makes it easier to decrypt, but there are still some unknowns we have to figure out first.
  8. It seems you are confusing the SID with the SV, or shiny value (the clue was when you said SIDs became 4 digits; they are still ranging from 0-65535). If you got your information from KeyBV and KeySAV, those programs do not display the SID directly. Nothing short of hacking changes the SID of a Pokemon.
  9. I don't know much about the history of the PSP AR, but from what I can tell the AR was broken several times by firmware updates, which indicates that Datel found ways to fool the PSP into loading unsigned code that were patched, not that they were able to break encryption keys. And by the end of the PSP's lifetime, the security had more holes than Swiss cheese anyway. Actually, it doesn't. I have a 3DS that can run unsigned code, and I can have it use its internal AES engine to encrypt\decrypt any data I want. I can even instruct it to use the same keys used in savefile encryption\decryption. But I can't ask it to tell me what the keys are, as they are in write-only registers, and initialized by the firmware at boot. The most realistic possibility is Datel does not know the keys, and have to use the same AES engine to encrypt\decrypt savefiles. The fact that Datel chooses to encrypt regions never edited by the game is sloppiness on their part, not an indication of superior knowledge.
  10. There are a few barriers -- a) there is a checksum in the header that Datel adds to the save file. If the checksum fails to match the data, Powersaves will not recognize it. I haven't gotten around to figuring out how the checksum is calculated, but I've been able to get around it by using Cheat Engine to edit the loaded save file in RAM, and having Powersaves write the "backup" to a file with the correct checksum. b) data in the save file is hashed with SHA-256, if the hash doesn't match the data the game will not load it. If the game can't load it, Datel's servers can't edit it. If we had a completely decrypted save file, we *might* be able to figure it out, but we don't. We only have partially decrypted data - but not the constants in the save file. c) Save files are signed with an AES-256 MAC at the very start of the save file, using a key hidden in the 3DS (in a write-only register, cannot be read). Datel's servers uses modded 3DSes to sign save files. The good news here is that if you have a save file that isn't signed properly and ask Datel's servers to apply cheats, they will send you a save file with a fixed signature - but ONLY if the hashes in b) are correct. They need to be able to load the save files to apply the RAM edits for cheats. d) Without having a fully decrypted save file, we don't have the encryption keystream on top of the hashes and the AES MAC.
  11. Only the 2nd stage forms could be caught in different balls. The Chikorita\Totodile\Cyndaquil only came in Poké Balls. So the OP's observation is correct. But stuff like this should be reported in this thread.
  12. It does work for Mac, using either Wine or Mono.
  13. Actually, no. A friend has a Japanese Y but Powersaves says it is an "unsupported game". Even using the Japanese version of the software.
  14. Aside from obvious hacks (Xerneas, Yveltal, Celebi etc. are all shiny-locked), there is no way to differentiate them. Trash bytes are not involved.
  15. Powersaves doesn't actually use codes in the sense that Action Replay did. The program simply gives you a list of cheats that their servers can apply by editing their save file, using specialized equipment (a farm of modded RAM-hacking 3DSes). If their servers don't offer the cheats, they won't apply them. As for your property, all you own is a device that can send and receive data to the cartridge. It is Datel and their servers that do all the work, and they are well within their rights to decide what work they want to do with them.
  • Create New...